palaryn 0.1.0 → 0.3.0

package/dist/src/executor/websocket-executor.d.ts

@@ -0,0 +1,26 @@
+import { ToolCall } from '../types/tool-call';
+import { ToolOutput } from '../types/tool-result';
+import { ToolExecutor } from './interfaces';
+import { WebSocketExecutorConfig } from '../types/config';
+/**
+ * WebSocket executor for managed WebSocket connections.
+ * Handles tool calls with tool name `ws.*` (e.g., ws.connect, ws.send, ws.close).
+ * Manages a connection pool by connection_id with URL allowlisting.
+ */
+export declare class WebSocketExecutor implements ToolExecutor {
+    private config;
+    private connections;
+    constructor(config: WebSocketExecutorConfig);
+    execute(toolCall: ToolCall): Promise<ToolOutput>;
+    private resolveAction;
+    /**
+     * Check if a URL matches any of the allowed URL patterns.
+     */
+    private isUrlAllowed;
+    private connect;
+    private send;
+    private wsClose;
+    /** Close all managed connections. */
+    closeAll(): Promise<void>;
+}
+//# sourceMappingURL=websocket-executor.d.ts.map

package/dist/src/executor/websocket-executor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"websocket-executor.d.ts","sourceRoot":"","sources":["../../../src/executor/websocket-executor.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAQ1D;;;;GAIG;AACH,qBAAa,iBAAkB,YAAW,YAAY;IACpD,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,WAAW,CAA6C;gBAEpD,MAAM,EAAE,uBAAuB;IAIrC,OAAO,CAAC,QAAQ,EAAE,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC;IAetD,OAAO,CAAC,aAAa;IAcrB;;OAEG;IACH,OAAO,CAAC,YAAY;YAiBN,OAAO;YA6CP,IAAI;YA8DJ,OAAO;IAqBrB,qCAAqC;IAC/B,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAMhC"}

package/dist/src/executor/websocket-executor.js

@@ -0,0 +1,205 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.WebSocketExecutor = void 0;
+const ws_1 = __importDefault(require("ws"));
+const crypto = __importStar(require("crypto"));
+/**
+ * WebSocket executor for managed WebSocket connections.
+ * Handles tool calls with tool name `ws.*` (e.g., ws.connect, ws.send, ws.close).
+ * Manages a connection pool by connection_id with URL allowlisting.
+ */
+class WebSocketExecutor {
+    constructor(config) {
+        this.connections = new Map();
+        this.config = config;
+    }
+    async execute(toolCall) {
+        const action = this.resolveAction(toolCall);
+        switch (action) {
+            case 'connect':
+                return this.connect(toolCall);
+            case 'send':
+                return this.send(toolCall);
+            case 'close':
+                return this.wsClose(toolCall);
+            default:
+                throw new Error(`Unsupported WebSocket action: ${action}`);
+        }
+    }
+    resolveAction(toolCall) {
+        if (toolCall.args.action && typeof toolCall.args.action === 'string') {
+            return toolCall.args.action;
+        }
+        const toolName = toolCall.tool.name;
+        const dotIndex = toolName.indexOf('.');
+        if (dotIndex !== -1) {
+            return toolName.substring(dotIndex + 1);
+        }
+        throw new Error(`Unsupported WebSocket action: ${toolName}`);
+    }
+    /**
+     * Check if a URL matches any of the allowed URL patterns.
+     */
+    isUrlAllowed(url) {
+        if (!this.config.allowed_urls || this.config.allowed_urls.length === 0) {
+            return false;
+        }
+        for (const pattern of this.config.allowed_urls) {
+            // Convert glob-like pattern to regex
+            const escaped = pattern.replace(/[.+?^${}()|[\]\\]/g, '\\$&').replace(/\*/g, '.*');
+            const regex = new RegExp(`^${escaped}$`);
+            if (regex.test(url)) {
+                return true;
+            }
+        }
+        return false;
+    }
+    async connect(toolCall) {
+        const { url, connection_id: providedId } = toolCall.args;
+        if (!url || typeof url !== 'string') {
+            throw new Error('Missing or invalid "url" argument for ws.connect');
+        }
+        if (!this.isUrlAllowed(url)) {
+            throw new Error(`URL "${url}" is not in the allowed URLs list`);
+        }
+        const connectionId = (typeof providedId === 'string' ? providedId : null)
+            || crypto.randomUUID();
+        return new Promise((resolve, reject) => {
+            const timeout = setTimeout(() => {
+                ws.close();
+                reject(new Error(`WebSocket connection timeout after ${this.config.connect_timeout_ms}ms`));
+            }, this.config.connect_timeout_ms);
+            const ws = new ws_1.default(url, {
+                maxPayload: this.config.max_message_size_bytes,
+            });
+            ws.on('open', () => {
+                clearTimeout(timeout);
+                this.connections.set(connectionId, {
+                    ws,
+                    url,
+                    createdAt: Date.now(),
+                });
+                resolve({
+                    body: { connected: true, connection_id: connectionId },
+                    metadata: { url },
+                });
+            });
+            ws.on('error', (err) => {
+                clearTimeout(timeout);
+                reject(new Error(`WebSocket connection failed: ${err.message}`));
+            });
+        });
+    }
+    async send(toolCall) {
+        const { connection_id, message, wait_for_response } = toolCall.args;
+        if (!connection_id || typeof connection_id !== 'string') {
+            throw new Error('Missing or invalid "connection_id" argument for ws.send');
+        }
+        if (message === undefined || message === null) {
+            throw new Error('Missing "message" argument for ws.send');
+        }
+        const conn = this.connections.get(connection_id);
+        if (!conn) {
+            throw new Error(`No connection found with id "${connection_id}"`);
+        }
+        if (conn.ws.readyState !== ws_1.default.OPEN) {
+            this.connections.delete(connection_id);
+            throw new Error(`Connection "${connection_id}" is no longer open`);
+        }
+        const data = typeof message === 'string' ? message : JSON.stringify(message);
+        if (Buffer.byteLength(data) > this.config.max_message_size_bytes) {
+            throw new Error(`Message size exceeds max allowed ${this.config.max_message_size_bytes} bytes`);
+        }
+        return new Promise((resolve, reject) => {
+            if (wait_for_response) {
+                const responseTimeout = setTimeout(() => {
+                    conn.ws.removeAllListeners('message');
+                    resolve({
+                        body: null,
+                        metadata: { connection_id, timeout: true },
+                    });
+                }, this.config.connect_timeout_ms);
+                conn.ws.once('message', (responseData) => {
+                    clearTimeout(responseTimeout);
+                    resolve({
+                        body: responseData.toString(),
+                        metadata: { connection_id },
+                    });
+                });
+            }
+            conn.ws.send(data, (err) => {
+                if (err) {
+                    reject(new Error(`Failed to send message: ${err.message}`));
+                    return;
+                }
+                if (!wait_for_response) {
+                    resolve({
+                        body: { sent: true },
+                        metadata: { connection_id },
+                    });
+                }
+            });
+        });
+    }
+    async wsClose(toolCall) {
+        const { connection_id } = toolCall.args;
+        if (!connection_id || typeof connection_id !== 'string') {
+            throw new Error('Missing or invalid "connection_id" argument for ws.close');
+        }
+        const conn = this.connections.get(connection_id);
+        if (!conn) {
+            throw new Error(`No connection found with id "${connection_id}"`);
+        }
+        conn.ws.close();
+        this.connections.delete(connection_id);
+        return {
+            body: { closed: true },
+            metadata: { connection_id },
+        };
+    }
+    /** Close all managed connections. */
+    async closeAll() {
+        for (const [id, conn] of this.connections) {
+            conn.ws.close();
+            this.connections.delete(id);
+        }
+    }
+}
+exports.WebSocketExecutor = WebSocketExecutor;
+//# sourceMappingURL=websocket-executor.js.map

package/dist/src/executor/websocket-executor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"websocket-executor.js","sourceRoot":"","sources":["../../../src/executor/websocket-executor.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,4CAA2B;AAC3B,+CAAiC;AAYjC;;;;GAIG;AACH,MAAa,iBAAiB;IAI5B,YAAY,MAA+B;QAFnC,gBAAW,GAAmC,IAAI,GAAG,EAAE,CAAC;QAG9D,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,QAAkB;QAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QAE5C,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,SAAS;gBACZ,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAChC,KAAK,MAAM;gBACT,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC7B,KAAK,OAAO;gBACV,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAChC;gBACE,MAAM,IAAI,KAAK,CAAC,iCAAiC,MAAM,EAAE,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,QAAkB;QACtC,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,IAAI,OAAO,QAAQ,CAAC,IAAI,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YACrE,OAAO,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC;QAC9B,CAAC;QAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;QACpC,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACvC,IAAI,QAAQ,KAAK,CAAC,CAAC,EAAE,CAAC;YACpB,OAAO,QAAQ,CAAC,SAAS,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;QAC1C,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,iCAAiC,QAAQ,EAAE,CAAC,CAAC;IAC/D,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,GAAW;QAC9B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvE,OAAO,KAAK,CAAC;QACf,CAAC;QAED,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC/C,qCAAqC;YACrC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;YACnF,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,IAAI,OAAO,GAAG,CAAC,CAAC;YACzC,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpB,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,KAAK,CAAC,OAAO,CAAC,QAAkB;QACtC,MAAM,EAAE,GAAG,EAAE,aAAa,EAAE,UAAU,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC;QAEzD,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACtE,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,QAAQ,GAAG,mCAAmC,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,YAAY,GAAG,CAAC,OAAO,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC;eACpE,MAAM,CAAC,UAAU,EAAE,CAAC;QAEzB,OAAO,IAAI,OAAO,CAAa,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACjD,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;gBAC9B,EAAE,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,KAAK,CAAC,sCAAsC,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,CAAC,CAAC,CAAC;YAC9F,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;YAEnC,MAAM,EAAE,GAAG,IAAI,YAAS,CAAC,GAAG,EAAE;gBAC5B,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,sBAAsB;aAC/C,CAAC,CAAC;YAEH,EAAE,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;gBACjB,YAAY,CAAC,OAAO,CAAC,CAAC;gBACtB,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,YAAY,EAAE;oBACjC,EAAE;oBACF,GAAG;oBACH,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;iBACtB,CAAC,CAAC;gBAEH,OAAO,CAAC;oBACN,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE;oBACtD,QAAQ,EAAE,EAAE,GAAG,EAAE;iBAClB,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;gBAC5B,YAAY,CAAC,OAAO,CAAC,CAAC;gBACtB,MAAM,CAAC,IAAI,KAAK,CAAC,gCAAgC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACnE,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,IAAI,CAAC,QAAkB;QACnC,MAAM,EAAE,aAAa,EAAE,OAAO,EAAE,iBAAiB,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC;QAEpE,IAAI,CAAC,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;YACxD,MAAM,IAAI,KAAK,CAAC,yDAAyD,CAAC,CAAC;QAC7E,CAAC;QAED,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,wCAAwC,CAAC,CAAC;QAC5D,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACjD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,gCAAgC,aAAa,GAAG,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,IAAI,CAAC,EAAE,CAAC,UAAU,KAAK,YAAS,CAAC,IAAI,EAAE,CAAC;YAC1C,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,eAAe,aAAa,qBAAqB,CAAC,CAAC;QACrE,CAAC;QAED,MAAM,IAAI,GAAG,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAE7E,IAAI,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACjE,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,CAAC,MAAM,CAAC,sBAAsB,QAAQ,CAAC,CAAC;QAClG,CAAC;QAED,OAAO,IAAI,OAAO,CAAa,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACjD,IAAI,iBAAiB,EAAE,CAAC;gBACtB,MAAM,eAAe,GAAG,UAAU,CAAC,GAAG,EAAE;oBACtC,IAAI,CAAC,EAAE,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;oBACtC,OAAO,CAAC;wBACN,IAAI,EAAE,IAAI;wBACV,QAAQ,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,IAAI,EAAE;qBAC3C,CAAC,CAAC;gBACL,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;gBAEnC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,YAA4B,EAAE,EAAE;oBACvD,YAAY,CAAC,eAAe,CAAC,CAAC;oBAC9B,OAAO,CAAC;wBACN,IAAI,EAAE,YAAY,CAAC,QAAQ,EAAE;wBAC7B,QAAQ,EAAE,EAAE,aAAa,EAAE;qBAC5B,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;YACL,CAAC;YAED,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAW,EAAE,EAAE;gBACjC,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;oBAC5D,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBACvB,OAAO,CAAC;wBACN,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE;wBACpB,QAAQ,EAAE,EAAE,aAAa,EAAE;qBAC5B,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,KAAK,CAAC,OAAO,CAAC,QAAkB;QACtC,MAAM,EAAE,aAAa,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC;QAExC,IAAI,CAAC,aAAa,IAAI,OAAO,aAAa,KAAK,QAAQ,EAAE,CAAC;YACxD,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;QAC9E,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACjD,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,MAAM,IAAI,KAAK,CAAC,gCAAgC,aAAa,GAAG,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;QAChB,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAEvC,OAAO;YACL,IAAI,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE;YACtB,QAAQ,EAAE,EAAE,aAAa,EAAE;SAC5B,CAAC;IACJ,CAAC;IAED,qCAAqC;IACrC,KAAK,CAAC,QAAQ;QACZ,KAAK,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YAC1C,IAAI,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;YAChB,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;CACF;AAhMD,8CAgMC"}

package/dist/src/interceptor/index.d.ts

@@ -0,0 +1,2 @@
+export { ProviderInterceptor, ProviderToolBlock } from './provider-interceptor';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/interceptor/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/interceptor/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC"}

package/dist/src/interceptor/index.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProviderInterceptor = void 0;
+var provider_interceptor_1 = require("./provider-interceptor");
+Object.defineProperty(exports, "ProviderInterceptor", { enumerable: true, get: function () { return provider_interceptor_1.ProviderInterceptor; } });
+//# sourceMappingURL=index.js.map

package/dist/src/interceptor/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/interceptor/index.ts"],"names":[],"mappings":";;;AAAA,+DAAgF;AAAvE,2HAAA,mBAAmB,OAAA"}

package/dist/src/interceptor/provider-interceptor.d.ts

@@ -0,0 +1,36 @@
+import { ProviderInterceptConfig } from '../types/config';
+export interface ProviderToolBlock {
+    provider: 'claude' | 'openai' | 'gemini' | 'unknown';
+    tool_name: string;
+    tool_type: string;
+    inputs: Record<string, unknown>;
+    outputs?: unknown;
+    block_index: number;
+}
+type Provider = ProviderToolBlock['provider'];
+export declare class ProviderInterceptor {
+    private urlPatterns;
+    private scanInputs;
+    private scanOutputs;
+    constructor(config: ProviderInterceptConfig);
+    /** Check if a URL matches any provider pattern */
+    matchesProvider(url: string): boolean;
+    /** Detect which provider a URL belongs to */
+    detectProvider(url: string): Provider;
+    /** Extract tool blocks from a request body (pre-execution) */
+    extractFromRequest(body: unknown, provider: string): ProviderToolBlock[];
+    /** Extract tool blocks from a response body (post-execution) */
+    extractFromResponse(body: unknown, provider: string): ProviderToolBlock[];
+    /** Get all inputs as a flat object for DLP scanning */
+    flattenInputsForDLP(blocks: ProviderToolBlock[]): Record<string, unknown>;
+    /** Get all outputs as a flat object for DLP scanning */
+    flattenOutputsForDLP(blocks: ProviderToolBlock[]): Record<string, unknown>;
+    private extractClaudeRequest;
+    private extractClaudeResponse;
+    private extractOpenAIRequest;
+    private extractOpenAIResponse;
+    private extractGeminiRequest;
+    private extractGeminiResponse;
+}
+export {};
+//# sourceMappingURL=provider-interceptor.d.ts.map

package/dist/src/interceptor/provider-interceptor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider-interceptor.d.ts","sourceRoot":"","sources":["../../../src/interceptor/provider-interceptor.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,uBAAuB,EAAE,MAAM,iBAAiB,CAAC;AAE1D,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,QAAQ,GAAG,QAAQ,GAAG,QAAQ,GAAG,SAAS,CAAC;IACrD,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,KAAK,QAAQ,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;AAyB9C,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,WAAW,CAAW;IAC9B,OAAO,CAAC,UAAU,CAAU;IAC5B,OAAO,CAAC,WAAW,CAAU;gBAEjB,MAAM,EAAE,uBAAuB;IAS3C,kDAAkD;IAClD,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO;IAIrC,6CAA6C;IAC7C,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,QAAQ;IAOrC,8DAA8D;IAC9D,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,iBAAiB,EAAE;IAcxE,gEAAgE;IAChE,mBAAmB,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,GAAG,iBAAiB,EAAE;IAczE,uDAAuD;IACvD,mBAAmB,CAAC,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAUzE,wDAAwD;IACxD,oBAAoB,CAAC,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAY1E,OAAO,CAAC,oBAAoB;IAkC5B,OAAO,CAAC,qBAAqB;IAsB7B,OAAO,CAAC,oBAAoB;IAwB5B,OAAO,CAAC,qBAAqB;IA6B7B,OAAO,CAAC,oBAAoB;IAwB5B,OAAO,CAAC,qBAAqB;CAyB9B"}

package/dist/src/interceptor/provider-interceptor.js

@@ -0,0 +1,302 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ProviderInterceptor = void 0;
+const DEFAULT_URL_PATTERNS = [
+    'api\\.anthropic\\.com',
+    'api\\.openai\\.com',
+    'generativelanguage\\.googleapis\\.com',
+];
+const CLAUDE_TOOL_TYPES = {
+    computer_20241022: 'computer_use',
+    str_replace_editor: 'text_editor',
+    bash_20241022: 'bash',
+};
+const OPENAI_TOOL_TYPES = new Set([
+    'code_interpreter',
+    'file_search',
+    'web_search',
+]);
+const GEMINI_TOOL_TYPES = new Set([
+    'code_execution',
+    'google_search',
+]);
+class ProviderInterceptor {
+    constructor(config) {
+        const patterns = config.provider_url_patterns?.length
+            ? config.provider_url_patterns
+            : DEFAULT_URL_PATTERNS;
+        this.urlPatterns = patterns.map((p) => new RegExp(p));
+        this.scanInputs = config.scan_inputs;
+        this.scanOutputs = config.scan_outputs;
+    }
+    /** Check if a URL matches any provider pattern */
+    matchesProvider(url) {
+        return this.urlPatterns.some((re) => re.test(url));
+    }
+    /** Detect which provider a URL belongs to */
+    detectProvider(url) {
+        if (/api\.anthropic\.com/.test(url))
+            return 'claude';
+        if (/api\.openai\.com/.test(url))
+            return 'openai';
+        if (/generativelanguage\.googleapis\.com/.test(url))
+            return 'gemini';
+        return 'unknown';
+    }
+    /** Extract tool blocks from a request body (pre-execution) */
+    extractFromRequest(body, provider) {
+        if (!this.scanInputs || !body || typeof body !== 'object')
+            return [];
+        try {
+            switch (provider) {
+                case 'claude': return this.extractClaudeRequest(body);
+                case 'openai': return this.extractOpenAIRequest(body);
+                case 'gemini': return this.extractGeminiRequest(body);
+                default: return [];
+            }
+        }
+        catch {
+            return [];
+        }
+    }
+    /** Extract tool blocks from a response body (post-execution) */
+    extractFromResponse(body, provider) {
+        if (!this.scanOutputs || !body || typeof body !== 'object')
+            return [];
+        try {
+            switch (provider) {
+                case 'claude': return this.extractClaudeResponse(body);
+                case 'openai': return this.extractOpenAIResponse(body);
+                case 'gemini': return this.extractGeminiResponse(body);
+                default: return [];
+            }
+        }
+        catch {
+            return [];
+        }
+    }
+    /** Get all inputs as a flat object for DLP scanning */
+    flattenInputsForDLP(blocks) {
+        const result = {};
+        for (const block of blocks) {
+            for (const [key, value] of Object.entries(block.inputs)) {
+                result[`${block.tool_name}.${key}`] = value;
+            }
+        }
+        return result;
+    }
+    /** Get all outputs as a flat object for DLP scanning */
+    flattenOutputsForDLP(blocks) {
+        const result = {};
+        for (const block of blocks) {
+            if (block.outputs !== undefined) {
+                result[`${block.tool_name}.output`] = block.outputs;
+            }
+        }
+        return result;
+    }
+    // --- Claude extraction ---
+    extractClaudeRequest(body) {
+        const blocks = [];
+        const messages = getArray(body, 'messages');
+        let index = 0;
+        for (const msg of messages) {
+            const content = getArray(msg, 'content');
+            for (const part of content) {
+                if (!isObject(part))
+                    continue;
+                const type = getString(part, 'type');
+                if (type === 'tool_use') {
+                    const name = getString(part, 'name') || 'unknown';
+                    blocks.push({
+                        provider: 'claude',
+                        tool_name: name,
+                        tool_type: resolveClaudeToolType(name),
+                        inputs: isObject(part.input) ? part.input : {},
+                        block_index: index++,
+                    });
+                }
+                else if (type === 'tool_result') {
+                    const toolUseId = getString(part, 'tool_use_id') || 'unknown';
+                    blocks.push({
+                        provider: 'claude',
+                        tool_name: `tool_result:${toolUseId}`,
+                        tool_type: 'tool_result',
+                        inputs: {},
+                        outputs: part.content,
+                        block_index: index++,
+                    });
+                }
+            }
+        }
+        return blocks;
+    }
+    extractClaudeResponse(body) {
+        const blocks = [];
+        const content = getArray(body, 'content');
+        let index = 0;
+        for (const part of content) {
+            if (!isObject(part))
+                continue;
+            if (getString(part, 'type') === 'tool_use') {
+                const name = getString(part, 'name') || 'unknown';
+                blocks.push({
+                    provider: 'claude',
+                    tool_name: name,
+                    tool_type: resolveClaudeToolType(name),
+                    inputs: isObject(part.input) ? part.input : {},
+                    block_index: index++,
+                });
+            }
+        }
+        return blocks;
+    }
+    // --- OpenAI extraction ---
+    extractOpenAIRequest(body) {
+        const blocks = [];
+        const messages = getArray(body, 'messages');
+        let index = 0;
+        for (const msg of messages) {
+            const toolCalls = getArray(msg, 'tool_calls');
+            for (const tc of toolCalls) {
+                if (!isObject(tc))
+                    continue;
+                const fn = isObject(tc.function) ? tc.function : null;
+                if (!fn)
+                    continue;
+                const name = getString(fn, 'name') || 'unknown';
+                const args = parseJsonString(getString(fn, 'arguments'));
+                blocks.push({
+                    provider: 'openai',
+                    tool_name: name,
+                    tool_type: resolveOpenAIToolType(name),
+                    inputs: args,
+                    block_index: index++,
+                });
+            }
+        }
+        return blocks;
+    }
+    extractOpenAIResponse(body) {
+        const blocks = [];
+        const choices = getArray(body, 'choices');
+        let index = 0;
+        for (const choice of choices) {
+            if (!isObject(choice))
+                continue;
+            const message = isObject(choice.message) ? choice.message : null;
+            if (!message)
+                continue;
+            const toolCalls = getArray(message, 'tool_calls');
+            for (const tc of toolCalls) {
+                if (!isObject(tc))
+                    continue;
+                const fn = isObject(tc.function) ? tc.function : null;
+                if (!fn)
+                    continue;
+                const name = getString(fn, 'name') || 'unknown';
+                const args = parseJsonString(getString(fn, 'arguments'));
+                blocks.push({
+                    provider: 'openai',
+                    tool_name: name,
+                    tool_type: resolveOpenAIToolType(name),
+                    inputs: args,
+                    block_index: index++,
+                });
+            }
+        }
+        return blocks;
+    }
+    // --- Gemini extraction ---
+    extractGeminiRequest(body) {
+        const blocks = [];
+        const contents = getArray(body, 'contents');
+        let index = 0;
+        for (const content of contents) {
+            if (!isObject(content))
+                continue;
+            const parts = getArray(content, 'parts');
+            for (const part of parts) {
+                if (!isObject(part))
+                    continue;
+                const fc = isObject(part.functionCall) ? part.functionCall : null;
+                if (!fc)
+                    continue;
+                const name = getString(fc, 'name') || 'unknown';
+                blocks.push({
+                    provider: 'gemini',
+                    tool_name: name,
+                    tool_type: resolveGeminiToolType(name),
+                    inputs: isObject(fc.args) ? fc.args : {},
+                    block_index: index++,
+                });
+            }
+        }
+        return blocks;
+    }
+    extractGeminiResponse(body) {
+        const blocks = [];
+        const candidates = getArray(body, 'candidates');
+        let index = 0;
+        for (const candidate of candidates) {
+            if (!isObject(candidate))
+                continue;
+            const content = isObject(candidate.content) ? candidate.content : null;
+            if (!content)
+                continue;
+            const parts = getArray(content, 'parts');
+            for (const part of parts) {
+                if (!isObject(part))
+                    continue;
+                const fc = isObject(part.functionCall) ? part.functionCall : null;
+                if (!fc)
+                    continue;
+                const name = getString(fc, 'name') || 'unknown';
+                blocks.push({
+                    provider: 'gemini',
+                    tool_name: name,
+                    tool_type: resolveGeminiToolType(name),
+                    inputs: isObject(fc.args) ? fc.args : {},
+                    block_index: index++,
+                });
+            }
+        }
+        return blocks;
+    }
+}
+exports.ProviderInterceptor = ProviderInterceptor;
+// --- Helpers ---
+function isObject(val) {
+    return val !== null && typeof val === 'object' && !Array.isArray(val);
+}
+function getArray(obj, key) {
+    if (!isObject(obj))
+        return [];
+    const val = obj[key];
+    return Array.isArray(val) ? val : [];
+}
+function getString(obj, key) {
+    const val = obj[key];
+    return typeof val === 'string' ? val : '';
+}
+function parseJsonString(str) {
+    if (!str)
+        return {};
+    try {
+        const parsed = JSON.parse(str);
+        return isObject(parsed) ? parsed : {};
+    }
+    catch {
+        return {};
+    }
+}
+function resolveClaudeToolType(name) {
+    return CLAUDE_TOOL_TYPES[name] || 'function';
+}
+function resolveOpenAIToolType(name) {
+    return OPENAI_TOOL_TYPES.has(name) ? name : 'function';
+}
+function resolveGeminiToolType(name) {
+    return GEMINI_TOOL_TYPES.has(name) ? name : 'function';
+}
+//# sourceMappingURL=provider-interceptor.js.map

package/dist/src/interceptor/provider-interceptor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"provider-interceptor.js","sourceRoot":"","sources":["../../../src/interceptor/provider-interceptor.ts"],"names":[],"mappings":";;;AAaA,MAAM,oBAAoB,GAAG;IAC3B,uBAAuB;IACvB,oBAAoB;IACpB,uCAAuC;CACxC,CAAC;AAEF,MAAM,iBAAiB,GAA2B;IAChD,iBAAiB,EAAE,cAAc;IACjC,kBAAkB,EAAE,aAAa;IACjC,aAAa,EAAE,MAAM;CACtB,CAAC;AAEF,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,kBAAkB;IAClB,aAAa;IACb,YAAY;CACb,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,gBAAgB;IAChB,eAAe;CAChB,CAAC,CAAC;AAEH,MAAa,mBAAmB;IAK9B,YAAY,MAA+B;QACzC,MAAM,QAAQ,GAAG,MAAM,CAAC,qBAAqB,EAAE,MAAM;YACnD,CAAC,CAAC,MAAM,CAAC,qBAAqB;YAC9B,CAAC,CAAC,oBAAoB,CAAC;QACzB,IAAI,CAAC,WAAW,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QACtD,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,WAAW,CAAC;QACrC,IAAI,CAAC,WAAW,GAAG,MAAM,CAAC,YAAY,CAAC;IACzC,CAAC;IAED,kDAAkD;IAClD,eAAe,CAAC,GAAW;QACzB,OAAO,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,6CAA6C;IAC7C,cAAc,CAAC,GAAW;QACxB,IAAI,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,QAAQ,CAAC;QACrD,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,QAAQ,CAAC;QAClD,IAAI,qCAAqC,CAAC,IAAI,CAAC,GAAG,CAAC;YAAE,OAAO,QAAQ,CAAC;QACrE,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,8DAA8D;IAC9D,kBAAkB,CAAC,IAAa,EAAE,QAAgB;QAChD,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,EAAE,CAAC;QACrE,IAAI,CAAC;YACH,QAAQ,QAAQ,EAAE,CAAC;gBACjB,KAAK,QAAQ,CAAC,CAAC,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;gBACtD,KAAK,QAAQ,CAAC,CAAC,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;gBACtD,KAAK,QAAQ,CAAC,CAAC,OAAO,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;gBACtD,OAAO,CAAC,CAAC,OAAO,EAAE,CAAC;YACrB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED,gEAAgE;IAChE,mBAAmB,CAAC,IAAa,EAAE,QAAgB;QACjD,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ;YAAE,OAAO,EAAE,CAAC;QACtE,IAAI,CAAC;YACH,QAAQ,QAAQ,EAAE,CAAC;gBACjB,KAAK,QAAQ,CAAC,CAAC,OAAO,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;gBACvD,KAAK,QAAQ,CAAC,CAAC,OAAO,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;gBACvD,KAAK,QAAQ,CAAC,CAAC,OAAO,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;gBACvD,OAAO,CAAC,CAAC,OAAO,EAAE,CAAC;YACrB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED,uDAAuD;IACvD,mBAAmB,CAAC,MAA2B;QAC7C,MAAM,MAAM,GAA4B,EAAE,CAAC;QAC3C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxD,MAAM,CAAC,GAAG,KAAK,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC,GAAG,KAAK,CAAC;YAC9C,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,wDAAwD;IACxD,oBAAoB,CAAC,MAA2B;QAC9C,MAAM,MAAM,GAA4B,EAAE,CAAC;QAC3C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,CAAC,GAAG,KAAK,CAAC,SAAS,SAAS,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;YACtD,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,4BAA4B;IAEpB,oBAAoB,CAAC,IAAa;QACxC,MAAM,MAAM,GAAwB,EAAE,CAAC;QACvC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC5C,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YACzC,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;gBAC3B,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAAE,SAAS;gBAC9B,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;gBACrC,IAAI,IAAI,KAAK,UAAU,EAAE,CAAC;oBACxB,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,SAAS,CAAC;oBAClD,MAAM,CAAC,IAAI,CAAC;wBACV,QAAQ,EAAE,QAAQ;wBAClB,SAAS,EAAE,IAAI;wBACf,SAAS,EAAE,qBAAqB,CAAC,IAAI,CAAC;wBACtC,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAgC,CAAC,CAAC,CAAC,EAAE;wBACzE,WAAW,EAAE,KAAK,EAAE;qBACrB,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;oBAClC,MAAM,SAAS,GAAG,SAAS,CAAC,IAAI,EAAE,aAAa,CAAC,IAAI,SAAS,CAAC;oBAC9D,MAAM,CAAC,IAAI,CAAC;wBACV,QAAQ,EAAE,QAAQ;wBAClB,SAAS,EAAE,eAAe,SAAS,EAAE;wBACrC,SAAS,EAAE,aAAa;wBACxB,MAAM,EAAE,EAAE;wBACV,OAAO,EAAE,IAAI,CAAC,OAAO;wBACrB,WAAW,EAAE,KAAK,EAAE;qBACrB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,qBAAqB,CAAC,IAAa;QACzC,MAAM,MAAM,GAAwB,EAAE,CAAC;QACvC,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC1C,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;YAC3B,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAAE,SAAS;YAC9B,IAAI,SAAS,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,UAAU,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,SAAS,CAAC;gBAClD,MAAM,CAAC,IAAI,CAAC;oBACV,QAAQ,EAAE,QAAQ;oBAClB,SAAS,EAAE,IAAI;oBACf,SAAS,EAAE,qBAAqB,CAAC,IAAI,CAAC;oBACtC,MAAM,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAgC,CAAC,CAAC,CAAC,EAAE;oBACzE,WAAW,EAAE,KAAK,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,4BAA4B;IAEpB,oBAAoB,CAAC,IAAa;QACxC,MAAM,MAAM,GAAwB,EAAE,CAAC;QACvC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC5C,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;YAC9C,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;gBAC3B,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAAE,SAAS;gBAC5B,MAAM,EAAE,GAAG,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,QAAmC,CAAC,CAAC,CAAC,IAAI,CAAC;gBACjF,IAAI,CAAC,EAAE;oBAAE,SAAS;gBAClB,MAAM,IAAI,GAAG,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,SAAS,CAAC;gBAChD,MAAM,IAAI,GAAG,eAAe,CAAC,SAAS,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC;gBACzD,MAAM,CAAC,IAAI,CAAC;oBACV,QAAQ,EAAE,QAAQ;oBAClB,SAAS,EAAE,IAAI;oBACf,SAAS,EAAE,qBAAqB,CAAC,IAAI,CAAC;oBACtC,MAAM,EAAE,IAAI;oBACZ,WAAW,EAAE,KAAK,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,qBAAqB,CAAC,IAAa;QACzC,MAAM,MAAM,GAAwB,EAAE,CAAC;QACvC,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC1C,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAAE,SAAS;YAChC,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAkC,CAAC,CAAC,CAAC,IAAI,CAAC;YAC5F,IAAI,CAAC,OAAO;gBAAE,SAAS;YACvB,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAClD,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;gBAC3B,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAAE,SAAS;gBAC5B,MAAM,EAAE,GAAG,QAAQ,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,QAAmC,CAAC,CAAC,CAAC,IAAI,CAAC;gBACjF,IAAI,CAAC,EAAE;oBAAE,SAAS;gBAClB,MAAM,IAAI,GAAG,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,SAAS,CAAC;gBAChD,MAAM,IAAI,GAAG,eAAe,CAAC,SAAS,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC,CAAC;gBACzD,MAAM,CAAC,IAAI,CAAC;oBACV,QAAQ,EAAE,QAAQ;oBAClB,SAAS,EAAE,IAAI;oBACf,SAAS,EAAE,qBAAqB,CAAC,IAAI,CAAC;oBACtC,MAAM,EAAE,IAAI;oBACZ,WAAW,EAAE,KAAK,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,4BAA4B;IAEpB,oBAAoB,CAAC,IAAa;QACxC,MAAM,MAAM,GAAwB,EAAE,CAAC;QACvC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QAC5C,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAAE,SAAS;YACjC,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACzC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAAE,SAAS;gBAC9B,MAAM,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,YAAuC,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC7F,IAAI,CAAC,EAAE;oBAAE,SAAS;gBAClB,MAAM,IAAI,GAAG,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,SAAS,CAAC;gBAChD,MAAM,CAAC,IAAI,CAAC;oBACV,QAAQ,EAAE,QAAQ;oBAClB,SAAS,EAAE,IAAI;oBACf,SAAS,EAAE,qBAAqB,CAAC,IAAI,CAAC;oBACtC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAA+B,CAAC,CAAC,CAAC,EAAE;oBACnE,WAAW,EAAE,KAAK,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,qBAAqB,CAAC,IAAa;QACzC,MAAM,MAAM,GAAwB,EAAE,CAAC;QACvC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;QAChD,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;YACnC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;gBAAE,SAAS;YACnC,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,OAAkC,CAAC,CAAC,CAAC,IAAI,CAAC;YAClG,IAAI,CAAC,OAAO;gBAAE,SAAS;YACvB,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACzC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;oBAAE,SAAS;gBAC9B,MAAM,EAAE,GAAG,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,YAAuC,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC7F,IAAI,CAAC,EAAE;oBAAE,SAAS;gBAClB,MAAM,IAAI,GAAG,SAAS,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,SAAS,CAAC;gBAChD,MAAM,CAAC,IAAI,CAAC;oBACV,QAAQ,EAAE,QAAQ;oBAClB,SAAS,EAAE,IAAI;oBACf,SAAS,EAAE,qBAAqB,CAAC,IAAI,CAAC;oBACtC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,IAA+B,CAAC,CAAC,CAAC,EAAE;oBACnE,WAAW,EAAE,KAAK,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AA/OD,kDA+OC;AAED,kBAAkB;AAElB,SAAS,QAAQ,CAAC,GAAY;IAC5B,OAAO,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,QAAQ,CAAC,GAAY,EAAE,GAAW;IACzC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,EAAE,CAAC;IAC9B,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AACvC,CAAC;AAED,SAAS,SAAS,CAAC,GAA4B,EAAE,GAAW;IAC1D,MAAM,GAAG,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACrB,OAAO,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;AAC5C,CAAC;AAED,SAAS,eAAe,CAAC,GAAW;IAClC,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAY;IACzC,OAAO,iBAAiB,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC;AAC/C,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAY;IACzC,OAAO,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC;AACzD,CAAC;AAED,SAAS,qBAAqB,CAAC,IAAY;IACzC,OAAO,iBAAiB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC;AACzD,CAAC"}

package/dist/src/mcp/auth-verifier.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"auth-verifier.d.ts","sourceRoot":"","sources":["../../../src/mcp/auth-verifier.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,kBAAkB,EAAE,MAAM,mDAAmD,CAAC;AACvF,OAAO,EAAE,QAAQ,EAAE,MAAM,gDAAgD,CAAC;AAC1E,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAExD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAExD,MAAM,WAAW,kBAAkB;IACjC,aAAa,CAAC,EAAE,oBAAoB,CAAC;IACrC,UAAU,EAAE,UAAU,CAAC;IACvB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC;AAED,qBAAa,mBAAoB,YAAW,kBAAkB;IAC5D,OAAO,CAAC,aAAa,CAAC,CAAuB;IAC7C,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,eAAe,CAAC,CAAkB;gBAE9B,IAAI,EAAE,kBAAkB;IAMpC;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAcpB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;CAmG1D"}
+{"version":3,"file":"auth-verifier.d.ts","sourceRoot":"","sources":["../../../src/mcp/auth-verifier.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,kBAAkB,EAAE,MAAM,mDAAmD,CAAC;AACvF,OAAO,EAAE,QAAQ,EAAE,MAAM,gDAAgD,CAAC;AAE1E,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAExD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAExD,MAAM,WAAW,kBAAkB;IACjC,aAAa,CAAC,EAAE,oBAAoB,CAAC;IACrC,UAAU,EAAE,UAAU,CAAC;IACvB,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC;AAED,qBAAa,mBAAoB,YAAW,kBAAkB;IAC5D,OAAO,CAAC,aAAa,CAAC,CAAuB;IAC7C,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,eAAe,CAAC,CAAkB;gBAE9B,IAAI,EAAE,kBAAkB;IAMpC;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAcpB,iBAAiB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;CAmG1D"}

package/dist/src/mcp/auth-verifier.js

@@ -43,6 +43,7 @@ exports.HybridTokenVerifier = void 0;
  * `--header "Authorization: Bearer <api-key>"` usage still works.
  */
 const crypto = __importStar(require("crypto"));
+const errors_js_1 = require("@modelcontextprotocol/sdk/server/auth/errors.js");
 const auth_1 = require("../middleware/auth");
 class HybridTokenVerifier {
     constructor(deps) {
@@ -83,7 +84,7 @@ class HybridTokenVerifier {
                 if (keyConfig.expires_at) {
                     const expiresAt = new Date(keyConfig.expires_at);
                     if (expiresAt.getTime() <= Date.now()) {
-                        throw new Error('API key has expired');
+                        throw new errors_js_1.InvalidTokenError('API key has expired');
                     }
                 }
                 // Fire-and-forget: update last_used_at
@@ -155,7 +156,7 @@ class HybridTokenVerifier {
                 },
             };
         }
-        throw new Error('Invalid access token');
+        throw new errors_js_1.InvalidTokenError('Invalid access token');
     }
 }
 exports.HybridTokenVerifier = HybridTokenVerifier;