paygate-mcp 2.9.0 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +155 -0
- package/dist/audit.d.ts +1 -1
- package/dist/audit.d.ts.map +1 -1
- package/dist/audit.js.map +1 -1
- package/dist/gate.d.ts +3 -3
- package/dist/gate.d.ts.map +1 -1
- package/dist/gate.js +40 -4
- package/dist/gate.js.map +1 -1
- package/dist/http-proxy.d.ts +2 -2
- package/dist/http-proxy.d.ts.map +1 -1
- package/dist/http-proxy.js +5 -5
- package/dist/http-proxy.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +4 -1
- package/dist/index.js.map +1 -1
- package/dist/proxy.d.ts +2 -2
- package/dist/proxy.d.ts.map +1 -1
- package/dist/proxy.js +5 -5
- package/dist/proxy.js.map +1 -1
- package/dist/redis-sync.d.ts +6 -1
- package/dist/redis-sync.d.ts.map +1 -1
- package/dist/redis-sync.js +10 -0
- package/dist/redis-sync.js.map +1 -1
- package/dist/router.d.ts +2 -2
- package/dist/router.d.ts.map +1 -1
- package/dist/router.js +9 -9
- package/dist/router.js.map +1 -1
- package/dist/server.d.ts +9 -1
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +189 -7
- package/dist/server.js.map +1 -1
- package/dist/tokens.d.ts +123 -0
- package/dist/tokens.d.ts.map +1 -0
- package/dist/tokens.js +244 -0
- package/dist/tokens.js.map +1 -0
- package/package.json +1 -1
package/dist/tokens.js
ADDED
|
@@ -0,0 +1,244 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* ScopedTokenManager — Issue and validate short-lived scoped tokens
|
|
4
|
+
* derived from API keys.
|
|
5
|
+
*
|
|
6
|
+
* Tokens are self-contained (no server-side state): the payload is
|
|
7
|
+
* HMAC-SHA256 signed and base64url-encoded. Validation is a pure
|
|
8
|
+
* crypto check — no DB lookup needed.
|
|
9
|
+
*
|
|
10
|
+
* Format: pgt_<base64url(JSON payload)>.<base64url(HMAC signature)>
|
|
11
|
+
*
|
|
12
|
+
* Use cases:
|
|
13
|
+
* - Browser-based agents that shouldn't hold long-lived API keys
|
|
14
|
+
* - Temporary scoped access (e.g., only allow specific tools)
|
|
15
|
+
* - Token delegation from a master key to a downstream agent
|
|
16
|
+
*/
|
|
17
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
18
|
+
exports.ScopedTokenManager = exports.TokenRevocationList = void 0;
|
|
19
|
+
const crypto_1 = require("crypto");
|
|
20
|
+
const TOKEN_PREFIX = 'pgt_';
|
|
21
|
+
const MAX_TTL_SECONDS = 86400; // 24 hours
|
|
22
|
+
const DEFAULT_TTL_SECONDS = 3600; // 1 hour
|
|
23
|
+
const MAX_TOKEN_AGE_CHECK_MS = MAX_TTL_SECONDS * 1000;
|
|
24
|
+
const CLEANUP_INTERVAL_MS = 60_000; // Clean expired entries every 60s
|
|
25
|
+
// ─── Revocation List ──────────────────────────────────────────────────────────
|
|
26
|
+
/**
|
|
27
|
+
* In-memory revocation list for scoped tokens.
|
|
28
|
+
*
|
|
29
|
+
* Stores SHA-256 fingerprints of revoked tokens with their natural expiry.
|
|
30
|
+
* Entries auto-purge once the original token would have expired anyway
|
|
31
|
+
* (max 24h), so the list never grows unbounded.
|
|
32
|
+
*
|
|
33
|
+
* O(1) lookup via Map. Periodic cleanup via timer.
|
|
34
|
+
*/
|
|
35
|
+
class TokenRevocationList {
|
|
36
|
+
entries = new Map();
|
|
37
|
+
cleanupTimer = null;
|
|
38
|
+
constructor() {
|
|
39
|
+
this.cleanupTimer = setInterval(() => this.purgeExpired(), CLEANUP_INTERVAL_MS);
|
|
40
|
+
if (this.cleanupTimer.unref)
|
|
41
|
+
this.cleanupTimer.unref();
|
|
42
|
+
}
|
|
43
|
+
/** Compute fingerprint for a token string. */
|
|
44
|
+
static fingerprint(token) {
|
|
45
|
+
return (0, crypto_1.createHash)('sha256').update(token).digest('hex');
|
|
46
|
+
}
|
|
47
|
+
/** Revoke a token. Returns the entry created, or null if already revoked. */
|
|
48
|
+
revoke(token, expiresAt, reason) {
|
|
49
|
+
const fp = TokenRevocationList.fingerprint(token);
|
|
50
|
+
if (this.entries.has(fp))
|
|
51
|
+
return null; // Already revoked
|
|
52
|
+
const entry = {
|
|
53
|
+
fingerprint: fp,
|
|
54
|
+
expiresAt,
|
|
55
|
+
revokedAt: new Date().toISOString(),
|
|
56
|
+
...(reason ? { reason } : {}),
|
|
57
|
+
};
|
|
58
|
+
this.entries.set(fp, entry);
|
|
59
|
+
return entry;
|
|
60
|
+
}
|
|
61
|
+
/** Add a pre-built entry (e.g., from Redis sync). */
|
|
62
|
+
addEntry(entry) {
|
|
63
|
+
this.entries.set(entry.fingerprint, entry);
|
|
64
|
+
}
|
|
65
|
+
/** Check if a token is revoked. O(1). */
|
|
66
|
+
isRevoked(token) {
|
|
67
|
+
return this.entries.has(TokenRevocationList.fingerprint(token));
|
|
68
|
+
}
|
|
69
|
+
/** Check by fingerprint directly. O(1). */
|
|
70
|
+
isRevokedByFingerprint(fingerprint) {
|
|
71
|
+
return this.entries.has(fingerprint);
|
|
72
|
+
}
|
|
73
|
+
/** Number of active revocation entries. */
|
|
74
|
+
get size() {
|
|
75
|
+
return this.entries.size;
|
|
76
|
+
}
|
|
77
|
+
/** List all current revocation entries. */
|
|
78
|
+
list() {
|
|
79
|
+
return Array.from(this.entries.values());
|
|
80
|
+
}
|
|
81
|
+
/** Remove expired entries (token has naturally expired, no need to track). */
|
|
82
|
+
purgeExpired() {
|
|
83
|
+
const now = Date.now();
|
|
84
|
+
let purged = 0;
|
|
85
|
+
for (const [fp, entry] of this.entries) {
|
|
86
|
+
if (new Date(entry.expiresAt).getTime() <= now) {
|
|
87
|
+
this.entries.delete(fp);
|
|
88
|
+
purged++;
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
return purged;
|
|
92
|
+
}
|
|
93
|
+
/** Destroy the cleanup timer. */
|
|
94
|
+
destroy() {
|
|
95
|
+
if (this.cleanupTimer) {
|
|
96
|
+
clearInterval(this.cleanupTimer);
|
|
97
|
+
this.cleanupTimer = null;
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
/** Clear all entries. */
|
|
101
|
+
clear() {
|
|
102
|
+
this.entries.clear();
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
exports.TokenRevocationList = TokenRevocationList;
|
|
106
|
+
// ─── Manager ──────────────────────────────────────────────────────────────────
|
|
107
|
+
class ScopedTokenManager {
|
|
108
|
+
secret;
|
|
109
|
+
revocationList;
|
|
110
|
+
/**
|
|
111
|
+
* @param secret — Signing secret (the admin key is used by default)
|
|
112
|
+
*/
|
|
113
|
+
constructor(secret) {
|
|
114
|
+
if (!secret || secret.length < 8) {
|
|
115
|
+
throw new Error('Token signing secret must be at least 8 characters');
|
|
116
|
+
}
|
|
117
|
+
this.secret = secret;
|
|
118
|
+
this.revocationList = new TokenRevocationList();
|
|
119
|
+
}
|
|
120
|
+
/**
|
|
121
|
+
* Issue a new scoped token.
|
|
122
|
+
*/
|
|
123
|
+
create(options) {
|
|
124
|
+
const ttl = Math.min(Math.max(1, options.ttlSeconds || DEFAULT_TTL_SECONDS), MAX_TTL_SECONDS);
|
|
125
|
+
const expiresAt = options.expiresAt || new Date(Date.now() + ttl * 1000).toISOString();
|
|
126
|
+
const payload = {
|
|
127
|
+
apiKey: options.apiKey,
|
|
128
|
+
expiresAt,
|
|
129
|
+
issuedAt: new Date().toISOString(),
|
|
130
|
+
...(options.allowedTools?.length ? { allowedTools: options.allowedTools } : {}),
|
|
131
|
+
...(options.label ? { label: options.label } : {}),
|
|
132
|
+
};
|
|
133
|
+
const payloadB64 = this.base64urlEncode(JSON.stringify(payload));
|
|
134
|
+
const signature = this.sign(payloadB64);
|
|
135
|
+
return `${TOKEN_PREFIX}${payloadB64}.${signature}`;
|
|
136
|
+
}
|
|
137
|
+
/**
|
|
138
|
+
* Validate a scoped token. Returns the payload if valid.
|
|
139
|
+
*/
|
|
140
|
+
validate(token) {
|
|
141
|
+
if (!token.startsWith(TOKEN_PREFIX)) {
|
|
142
|
+
return { valid: false, reason: 'not_a_scoped_token' };
|
|
143
|
+
}
|
|
144
|
+
const body = token.slice(TOKEN_PREFIX.length);
|
|
145
|
+
const dotIdx = body.lastIndexOf('.');
|
|
146
|
+
if (dotIdx === -1) {
|
|
147
|
+
return { valid: false, reason: 'malformed_token' };
|
|
148
|
+
}
|
|
149
|
+
const payloadB64 = body.slice(0, dotIdx);
|
|
150
|
+
const signatureB64 = body.slice(dotIdx + 1);
|
|
151
|
+
// Verify HMAC
|
|
152
|
+
const expectedSig = this.sign(payloadB64);
|
|
153
|
+
if (!this.timingSafeCompare(signatureB64, expectedSig)) {
|
|
154
|
+
return { valid: false, reason: 'invalid_signature' };
|
|
155
|
+
}
|
|
156
|
+
// Check revocation list (before decoding payload — O(1) hash lookup)
|
|
157
|
+
if (this.revocationList.isRevoked(token)) {
|
|
158
|
+
return { valid: false, reason: 'token_revoked' };
|
|
159
|
+
}
|
|
160
|
+
// Decode payload
|
|
161
|
+
let payload;
|
|
162
|
+
try {
|
|
163
|
+
payload = JSON.parse(this.base64urlDecode(payloadB64));
|
|
164
|
+
}
|
|
165
|
+
catch {
|
|
166
|
+
return { valid: false, reason: 'malformed_payload' };
|
|
167
|
+
}
|
|
168
|
+
// Check required fields
|
|
169
|
+
if (!payload.apiKey || !payload.expiresAt || !payload.issuedAt) {
|
|
170
|
+
return { valid: false, reason: 'missing_required_fields' };
|
|
171
|
+
}
|
|
172
|
+
// Check expiry
|
|
173
|
+
const now = Date.now();
|
|
174
|
+
const expiresAtMs = new Date(payload.expiresAt).getTime();
|
|
175
|
+
if (isNaN(expiresAtMs) || expiresAtMs <= now) {
|
|
176
|
+
return { valid: false, reason: 'token_expired' };
|
|
177
|
+
}
|
|
178
|
+
// Sanity: token can't be valid for more than MAX_TTL
|
|
179
|
+
const issuedAtMs = new Date(payload.issuedAt).getTime();
|
|
180
|
+
if (expiresAtMs - issuedAtMs > MAX_TOKEN_AGE_CHECK_MS) {
|
|
181
|
+
return { valid: false, reason: 'token_ttl_exceeded' };
|
|
182
|
+
}
|
|
183
|
+
return { valid: true, payload };
|
|
184
|
+
}
|
|
185
|
+
/**
|
|
186
|
+
* Revoke a token so it can no longer be used, even before expiry.
|
|
187
|
+
* Returns the revocation entry, or null if already revoked or invalid.
|
|
188
|
+
*/
|
|
189
|
+
revokeToken(token, reason) {
|
|
190
|
+
// First validate to extract the expiresAt
|
|
191
|
+
// Temporarily skip revocation check for this validation
|
|
192
|
+
if (!token.startsWith(TOKEN_PREFIX))
|
|
193
|
+
return null;
|
|
194
|
+
const body = token.slice(TOKEN_PREFIX.length);
|
|
195
|
+
const dotIdx = body.lastIndexOf('.');
|
|
196
|
+
if (dotIdx === -1)
|
|
197
|
+
return null;
|
|
198
|
+
const payloadB64 = body.slice(0, dotIdx);
|
|
199
|
+
const signatureB64 = body.slice(dotIdx + 1);
|
|
200
|
+
const expectedSig = this.sign(payloadB64);
|
|
201
|
+
if (!this.timingSafeCompare(signatureB64, expectedSig))
|
|
202
|
+
return null;
|
|
203
|
+
let payload;
|
|
204
|
+
try {
|
|
205
|
+
payload = JSON.parse(this.base64urlDecode(payloadB64));
|
|
206
|
+
}
|
|
207
|
+
catch {
|
|
208
|
+
return null;
|
|
209
|
+
}
|
|
210
|
+
return this.revocationList.revoke(token, payload.expiresAt, reason);
|
|
211
|
+
}
|
|
212
|
+
/**
|
|
213
|
+
* Check if a string looks like a scoped token (prefix check only).
|
|
214
|
+
*/
|
|
215
|
+
static isToken(value) {
|
|
216
|
+
return value.startsWith(TOKEN_PREFIX);
|
|
217
|
+
}
|
|
218
|
+
/** Destroy timers. Call on server shutdown. */
|
|
219
|
+
destroy() {
|
|
220
|
+
this.revocationList.destroy();
|
|
221
|
+
}
|
|
222
|
+
// ─── Crypto helpers ───────────────────────────────────────────────────────
|
|
223
|
+
sign(data) {
|
|
224
|
+
const hmac = (0, crypto_1.createHmac)('sha256', this.secret);
|
|
225
|
+
hmac.update(data);
|
|
226
|
+
return this.base64urlEncode(hmac.digest());
|
|
227
|
+
}
|
|
228
|
+
timingSafeCompare(a, b) {
|
|
229
|
+
if (a.length !== b.length)
|
|
230
|
+
return false;
|
|
231
|
+
const bufA = Buffer.from(a);
|
|
232
|
+
const bufB = Buffer.from(b);
|
|
233
|
+
return (0, crypto_1.timingSafeEqual)(bufA, bufB);
|
|
234
|
+
}
|
|
235
|
+
base64urlEncode(input) {
|
|
236
|
+
const buf = typeof input === 'string' ? Buffer.from(input) : input;
|
|
237
|
+
return buf.toString('base64url');
|
|
238
|
+
}
|
|
239
|
+
base64urlDecode(input) {
|
|
240
|
+
return Buffer.from(input, 'base64url').toString('utf-8');
|
|
241
|
+
}
|
|
242
|
+
}
|
|
243
|
+
exports.ScopedTokenManager = ScopedTokenManager;
|
|
244
|
+
//# sourceMappingURL=tokens.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../src/tokens.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;AAEH,mCAAiE;AAoDjE,MAAM,YAAY,GAAG,MAAM,CAAC;AAC5B,MAAM,eAAe,GAAG,KAAK,CAAC,CAAC,WAAW;AAC1C,MAAM,mBAAmB,GAAG,IAAI,CAAC,CAAC,SAAS;AAC3C,MAAM,sBAAsB,GAAG,eAAe,GAAG,IAAI,CAAC;AACtD,MAAM,mBAAmB,GAAG,MAAM,CAAC,CAAC,kCAAkC;AAEtE,iFAAiF;AAEjF;;;;;;;;GAQG;AACH,MAAa,mBAAmB;IACb,OAAO,GAAG,IAAI,GAAG,EAA6B,CAAC;IACxD,YAAY,GAA0C,IAAI,CAAC;IAEnE;QACE,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,mBAAmB,CAAC,CAAC;QAChF,IAAI,IAAI,CAAC,YAAY,CAAC,KAAK;YAAE,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;IACzD,CAAC;IAED,8CAA8C;IAC9C,MAAM,CAAC,WAAW,CAAC,KAAa;QAC9B,OAAO,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC1D,CAAC;IAED,6EAA6E;IAC7E,MAAM,CAAC,KAAa,EAAE,SAAiB,EAAE,MAAe;QACtD,MAAM,EAAE,GAAG,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QAClD,IAAI,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YAAE,OAAO,IAAI,CAAC,CAAC,kBAAkB;QAEzD,MAAM,KAAK,GAAsB;YAC/B,WAAW,EAAE,EAAE;YACf,SAAS;YACT,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9B,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,qDAAqD;IACrD,QAAQ,CAAC,KAAwB;QAC/B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;IAC7C,CAAC;IAED,yCAAyC;IACzC,SAAS,CAAC,KAAa;QACrB,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC;IAClE,CAAC;IAED,2CAA2C;IAC3C,sBAAsB,CAAC,WAAmB;QACxC,OAAO,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACvC,CAAC;IAED,2CAA2C;IAC3C,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IAC3B,CAAC;IAED,2CAA2C;IAC3C,IAAI;QACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC3C,CAAC;IAED,8EAA8E;IAC9E,YAAY;QACV,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,KAAK,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACvC,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,IAAI,GAAG,EAAE,CAAC;gBAC/C,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBACxB,MAAM,EAAE,CAAC;YACX,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,iCAAiC;IACjC,OAAO;QACL,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;YACtB,aAAa,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACjC,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,yBAAyB;IACzB,KAAK;QACH,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;IACvB,CAAC;CACF;AA/ED,kDA+EC;AAED,iFAAiF;AAEjF,MAAa,kBAAkB;IACZ,MAAM,CAAS;IACvB,cAAc,CAAsB;IAE7C;;OAEG;IACH,YAAY,MAAc;QACxB,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,cAAc,GAAG,IAAI,mBAAmB,EAAE,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,OAA2B;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAClB,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,UAAU,IAAI,mBAAmB,CAAC,EACtD,eAAe,CAChB,CAAC;QAEF,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAEvF,MAAM,OAAO,GAAiB;YAC5B,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,SAAS;YACT,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YAClC,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,YAAY,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/E,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACnD,CAAC;QAEF,MAAM,UAAU,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QACjE,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAExC,OAAO,GAAG,YAAY,GAAG,UAAU,IAAI,SAAS,EAAE,CAAC;IACrD,CAAC;IAED;;OAEG;IACH,QAAQ,CAAC,KAAa;QACpB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YACpC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;QACxD,CAAC;QAED,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;YAClB,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,EAAE,CAAC;QACrD,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QACzC,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAE5C,cAAc;QACd,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,WAAW,CAAC,EAAE,CAAC;YACvD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;QACvD,CAAC;QAED,qEAAqE;QACrE,IAAI,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;QACnD,CAAC;QAED,iBAAiB;QACjB,IAAI,OAAqB,CAAC;QAC1B,IAAI,CAAC;YACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,mBAAmB,EAAE,CAAC;QACvD,CAAC;QAED,wBAAwB;QACxB,IAAI,CAAC,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;YAC/D,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,EAAE,CAAC;QAC7D,CAAC;QAED,eAAe;QACf,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,WAAW,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;QAC1D,IAAI,KAAK,CAAC,WAAW,CAAC,IAAI,WAAW,IAAI,GAAG,EAAE,CAAC;YAC7C,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;QACnD,CAAC;QAED,qDAAqD;QACrD,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE,CAAC;QACxD,IAAI,WAAW,GAAG,UAAU,GAAG,sBAAsB,EAAE,CAAC;YACtD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,oBAAoB,EAAE,CAAC;QACxD,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;IAClC,CAAC;IAED;;;OAGG;IACH,WAAW,CAAC,KAAa,EAAE,MAAe;QACxC,0CAA0C;QAC1C,wDAAwD;QACxD,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC;YAAE,OAAO,IAAI,CAAC;QAEjD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,MAAM,KAAK,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QAE/B,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;QACzC,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC5C,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC1C,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,WAAW,CAAC;YAAE,OAAO,IAAI,CAAC;QAEpE,IAAI,OAAqB,CAAC;QAC1B,IAAI,CAAC;YACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACtE,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,OAAO,CAAC,KAAa;QAC1B,OAAO,KAAK,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;IACxC,CAAC;IAED,+CAA+C;IAC/C,OAAO;QACL,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;IAChC,CAAC;IAED,6EAA6E;IAErE,IAAI,CAAC,IAAY;QACvB,MAAM,IAAI,GAAG,IAAA,mBAAU,EAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAC/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAClB,OAAO,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC7C,CAAC;IAEO,iBAAiB,CAAC,CAAS,EAAE,CAAS;QAC5C,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QACxC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC5B,OAAO,IAAA,wBAAe,EAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACrC,CAAC;IAEO,eAAe,CAAC,KAAsB;QAC5C,MAAM,GAAG,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QACnE,OAAO,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACnC,CAAC;IAEO,eAAe,CAAC,KAAa;QACnC,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC3D,CAAC;CACF;AAhKD,gDAgKC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "paygate-mcp",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "3.1.0",
|
|
4
4
|
"description": "Pay-per-tool-call gating proxy for MCP servers. Wrap any MCP server with API key auth, per-tool pricing, rate limiting, and usage metering.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|