paygate-mcp 8.12.0 → 8.14.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +56 -0
- package/dist/server.d.ts +2 -0
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +188 -0
- package/dist/server.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -119,6 +119,8 @@ Agent → PayGate (auth + billing) → Your MCP Server (stdio or HTTP)
|
|
|
119
119
|
- **Revenue Analysis** — `GET /admin/revenue` revenue metrics with per-tool revenue breakdown, per-key spending, hourly revenue trends, credit flow summary (allocated/spent/remaining), and average revenue per call
|
|
120
120
|
- **Key Portfolio Health** — `GET /admin/key-portfolio` portfolio-wide key health with active/inactive/suspended counts, stale keys, expiring-soon keys, age distribution, credit utilization, and namespace breakdown
|
|
121
121
|
- **Anomaly Detection** — `GET /admin/anomalies` identifies unusual patterns: keys with high denial rates, rapid credit depletion, low remaining credits, with severity ratings and detailed descriptions
|
|
122
|
+
- **Usage Forecasting** — `GET /admin/forecast` predicts future credit consumption with per-key depletion estimates, calls remaining, at-risk key identification, system-wide consumption aggregates, and per-tool cost breakdown
|
|
123
|
+
- **Compliance Report** — `GET /admin/compliance` generates compliance-ready report with key governance (expiry coverage), access control (ACL/IP/spending limit coverage), audit trail completeness, weighted overall score, and actionable recommendations
|
|
122
124
|
- **Config Hot Reload** — `POST /config/reload` reloads pricing, rate limits, webhooks, quotas, and behavior flags from config file without server restart
|
|
123
125
|
- **Webhook Events** — POST batched usage events to any URL for external billing/alerting
|
|
124
126
|
- **Config File Mode** — Load all settings from a JSON file (`--config`)
|
|
@@ -2735,6 +2737,60 @@ curl http://localhost:3000/admin/anomalies -H "X-Admin-Key: YOUR_ADMIN_KEY"
|
|
|
2735
2737
|
|
|
2736
2738
|
Scans all active keys for anomalous patterns: keys with >50% denial rates (3+ calls minimum), rapid credit depletion (>=75% spent), and low remaining credits (<=10 credits or <=10% remaining). Each anomaly includes type, severity, affected key name, and human-readable description. Read-only.
|
|
2737
2739
|
|
|
2740
|
+
### Usage Forecasting
|
|
2741
|
+
|
|
2742
|
+
```bash
|
|
2743
|
+
curl http://localhost:3000/admin/forecast -H "X-Admin-Key: YOUR_ADMIN_KEY"
|
|
2744
|
+
```
|
|
2745
|
+
|
|
2746
|
+
```json
|
|
2747
|
+
{
|
|
2748
|
+
"summary": { "totalActiveKeys": 3, "keysAtRisk": 1 },
|
|
2749
|
+
"keyForecasts": [
|
|
2750
|
+
{ "keyName": "heavy-user", "creditsRemaining": 50, "totalSpent": 950, "callCount": 95, "avgCreditsPerCall": 10, "estimatedCallsRemaining": 5, "atRisk": true },
|
|
2751
|
+
{ "keyName": "light-user", "creditsRemaining": 900, "totalSpent": 100, "callCount": 20, "avgCreditsPerCall": 5, "estimatedCallsRemaining": 180, "atRisk": false }
|
|
2752
|
+
],
|
|
2753
|
+
"systemForecast": {
|
|
2754
|
+
"totalCreditsRemaining": 950,
|
|
2755
|
+
"totalCreditsSpent": 1050,
|
|
2756
|
+
"totalCalls": 115,
|
|
2757
|
+
"byTool": [
|
|
2758
|
+
{ "tool": "expensive_tool", "calls": 50, "totalCredits": 500, "avgCreditsPerCall": 10 },
|
|
2759
|
+
{ "tool": "cheap_tool", "calls": 65, "totalCredits": 325, "avgCreditsPerCall": 5 }
|
|
2760
|
+
]
|
|
2761
|
+
},
|
|
2762
|
+
"generatedAt": "2025-01-15T14:30:00Z"
|
|
2763
|
+
}
|
|
2764
|
+
```
|
|
2765
|
+
|
|
2766
|
+
Forecasts credit consumption for all active keys: per-key depletion estimates with calls remaining, at-risk identification (<=5 estimated calls), system-wide credit aggregates, and per-tool cost breakdown sorted by revenue. Keys with no usage history show `estimatedCallsRemaining: null`. Read-only.
|
|
2767
|
+
|
|
2768
|
+
### Compliance Report
|
|
2769
|
+
|
|
2770
|
+
```bash
|
|
2771
|
+
curl http://localhost:3000/admin/compliance -H "X-Admin-Key: YOUR_ADMIN_KEY"
|
|
2772
|
+
```
|
|
2773
|
+
|
|
2774
|
+
```json
|
|
2775
|
+
{
|
|
2776
|
+
"keyGovernance": { "totalKeys": 5, "keysWithExpiry": 3, "keysWithoutExpiry": 2 },
|
|
2777
|
+
"accessControl": {
|
|
2778
|
+
"keysWithAcl": 3, "keysWithoutAcl": 2,
|
|
2779
|
+
"keysWithIpRestriction": 2, "keysWithoutIpRestriction": 3,
|
|
2780
|
+
"keysWithSpendingLimit": 4, "keysWithoutSpendingLimit": 1
|
|
2781
|
+
},
|
|
2782
|
+
"auditTrail": { "totalEvents": 150, "uniqueTools": 5, "uniqueKeys": 4 },
|
|
2783
|
+
"overallScore": 72,
|
|
2784
|
+
"recommendations": [
|
|
2785
|
+
"Set expiry dates on 2 key(s) without time-limited access",
|
|
2786
|
+
"Add tool ACL restrictions to 2 key(s) with unrestricted tool access"
|
|
2787
|
+
],
|
|
2788
|
+
"generatedAt": "2025-01-15T14:30:00Z"
|
|
2789
|
+
}
|
|
2790
|
+
```
|
|
2791
|
+
|
|
2792
|
+
Compliance-ready report scoring key governance (expiry 25%), access control (ACL 25%, IP 20%, spending limits 15%), and audit trail (15%). Actionable recommendations for each gap. Read-only.
|
|
2793
|
+
|
|
2738
2794
|
### IP Allowlisting
|
|
2739
2795
|
|
|
2740
2796
|
Restrict API keys to specific IP addresses or CIDR ranges:
|
package/dist/server.d.ts
CHANGED
|
@@ -254,6 +254,8 @@ export declare class PayGateServer {
|
|
|
254
254
|
private handleRevenueAnalysis;
|
|
255
255
|
private handleLifecycleAnalysis;
|
|
256
256
|
private handleAnomalyDetection;
|
|
257
|
+
private handleUsageForecasting;
|
|
258
|
+
private handleComplianceReport;
|
|
257
259
|
private handleGetNotes;
|
|
258
260
|
private handleAddNote;
|
|
259
261
|
private handleDeleteNote;
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAgB,eAAe,EAA0B,MAAM,MAAM,CAAC;AAI7E,OAAO,EAAE,aAAa,EAAkB,mBAAmB,EAAkB,MAAM,SAAS,CAAC;AAU7F,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAC9B,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAE7C,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,cAAc,EAAqD,MAAM,WAAW,CAAC;AAC9F,OAAO,EAAE,WAAW,EAAmB,MAAM,SAAS,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAS,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEtC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,eAAe,EAA6B,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAE,aAAa,EAAE,aAAa,EAAqB,MAAM,UAAU,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE3C,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAKrD,0EAA0E;AAC1E,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAED,sFAAsF;AACtF,wBAAgB,YAAY,CAAC,GAAG,EAAE,eAAe,GAAG,MAAM,GAAG,SAAS,CAErE;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,eAAe,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,CAsBvF;AAyCD,yCAAyC;AACzC,KAAK,YAAY,GAAG,QAAQ,GAAG,YAAY,CAAC;AAa5C,qBAAa,aAAa;IACxB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,0DAA0D;IAC1D,QAAQ,CAAC,KAAK,EAAE,YAAY,GAAG,IAAI,CAAC;IACpC,8DAA8D;IAC9D,QAAQ,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAAC;IAC1C,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;IACvC,oEAAoE;IACpE,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,mEAAmE;IACnE,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;IAC3C,OAAO,CAAC,aAAa,CAAqC;IAC1D,wDAAwD;IACxD,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI,CAAQ;IAC5C,oDAAoD;IACpD,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,2BAA2B;IAC3B,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,0CAA0C;IAC1C,QAAQ,CAAC,QAAQ,EAAE,YAAY,CAAC;IAChC,8CAA8C;IAC9C,QAAQ,CAAC,OAAO,EAAE,gBAAgB,CAAC;IACnC,mCAAmC;IACnC,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,4CAA4C;IAC5C,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC;IAC7B,gCAAgC;IAChC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,yEAAyE;IACzE,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,IAAI,CAAQ;IAC5C,4DAA4D;IAC5D,QAAQ,CAAC,MAAM,EAAE,kBAAkB,CAAC;IACpC,qDAAqD;IACrD,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,MAAM,EAAE,eAAe,CAAC;IACjC,oCAAoC;IACpC,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,oDAAoD;IACpD,QAAQ,CAAC,SAAS,EAAE,kBAAkB,CAAC;IACvC,sCAAsC;IACtC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,yCAAyC;IACzC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAsB;IAChD,gEAAgE;IAChE,OAAO,CAAC,QAAQ,CAAS;IACzB,wEAAwE;IACxE,OAAO,CAAC,eAAe,CAAS;IAChC,mDAAmD;IACnD,OAAO,CAAC,kBAAkB,CAAiC;IAC3D,kDAAkD;IAClD,OAAO,CAAC,gBAAgB,CAAuB;IAC/C,gDAAgD;IAChD,OAAO,CAAC,iBAAiB,CAAqF;IAC9G,8CAA8C;IAC9C,OAAO,CAAC,wBAAwB,CAA+C;IAC/E,8BAA8B;IAC9B,OAAO,CAAC,gBAAgB,CAOhB;IACR,2CAA2C;IAC3C,OAAO,CAAC,aAAa,CAA+C;IACpE,4CAA4C;IAC5C,OAAO,CAAC,cAAc,CAAK;IAC3B,kCAAkC;IAClC,OAAO,CAAC,kBAAkB,CAOX;IACf,+CAA+C;IAC/C,OAAO,CAAC,iBAAiB,CAAK;IAC9B,qDAAqD;IACrD,OAAO,CAAC,UAAU,CAUV;IACR,gCAAgC;IAChC,OAAO,CAAC,gBAAgB,CAAK;IAC7B,4CAA4C;IAC5C,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAQ;IAC7C,wCAAwC;IACxC,OAAO,CAAC,QAAQ,CAAK;IACrB,sEAAsE;IACtE,OAAO,CAAC,UAAU,CAAuB;IAEzC,0DAA0D;IAC1D,OAAO,KAAK,OAAO,GAElB;gBAGC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,GAAG;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,EAC1D,QAAQ,CAAC,EAAE,MAAM,EACjB,SAAS,CAAC,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,EAClB,mBAAmB,CAAC,EAAE,MAAM,EAC5B,OAAO,CAAC,EAAE,mBAAmB,EAAE,EAC/B,QAAQ,CAAC,EAAE,MAAM;IAsMnB;;;OAGG;IACH,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAIjC;;;;;;;;;;;OAWG;IACH,GAAG,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI;IAK1B,KAAK,IAAI,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;YA0C5C,aAAa;
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAgB,eAAe,EAA0B,MAAM,MAAM,CAAC;AAI7E,OAAO,EAAE,aAAa,EAAkB,mBAAmB,EAAkB,MAAM,SAAS,CAAC;AAU7F,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAC9B,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAE7C,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,cAAc,EAAqD,MAAM,WAAW,CAAC;AAC9F,OAAO,EAAE,WAAW,EAAmB,MAAM,SAAS,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAS,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEtC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,eAAe,EAA6B,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAE,aAAa,EAAE,aAAa,EAAqB,MAAM,UAAU,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAE3C,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAKrD,0EAA0E;AAC1E,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAED,sFAAsF;AACtF,wBAAgB,YAAY,CAAC,GAAG,EAAE,eAAe,GAAG,MAAM,GAAG,SAAS,CAErE;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,eAAe,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,CAsBvF;AAyCD,yCAAyC;AACzC,KAAK,YAAY,GAAG,QAAQ,GAAG,YAAY,CAAC;AAa5C,qBAAa,aAAa;IACxB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,0DAA0D;IAC1D,QAAQ,CAAC,KAAK,EAAE,YAAY,GAAG,IAAI,CAAC;IACpC,8DAA8D;IAC9D,QAAQ,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAAC;IAC1C,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;IACvC,oEAAoE;IACpE,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,mEAAmE;IACnE,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAS;IAC3C,OAAO,CAAC,aAAa,CAAqC;IAC1D,wDAAwD;IACxD,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI,CAAQ;IAC5C,oDAAoD;IACpD,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,2BAA2B;IAC3B,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,0CAA0C;IAC1C,QAAQ,CAAC,QAAQ,EAAE,YAAY,CAAC;IAChC,8CAA8C;IAC9C,QAAQ,CAAC,OAAO,EAAE,gBAAgB,CAAC;IACnC,mCAAmC;IACnC,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,4CAA4C;IAC5C,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC;IAC7B,gCAAgC;IAChC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,yEAAyE;IACzE,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,IAAI,CAAQ;IAC5C,4DAA4D;IAC5D,QAAQ,CAAC,MAAM,EAAE,kBAAkB,CAAC;IACpC,qDAAqD;IACrD,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,MAAM,EAAE,eAAe,CAAC;IACjC,oCAAoC;IACpC,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,oDAAoD;IACpD,QAAQ,CAAC,SAAS,EAAE,kBAAkB,CAAC;IACvC,sCAAsC;IACtC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,yCAAyC;IACzC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAsB;IAChD,gEAAgE;IAChE,OAAO,CAAC,QAAQ,CAAS;IACzB,wEAAwE;IACxE,OAAO,CAAC,eAAe,CAAS;IAChC,mDAAmD;IACnD,OAAO,CAAC,kBAAkB,CAAiC;IAC3D,kDAAkD;IAClD,OAAO,CAAC,gBAAgB,CAAuB;IAC/C,gDAAgD;IAChD,OAAO,CAAC,iBAAiB,CAAqF;IAC9G,8CAA8C;IAC9C,OAAO,CAAC,wBAAwB,CAA+C;IAC/E,8BAA8B;IAC9B,OAAO,CAAC,gBAAgB,CAOhB;IACR,2CAA2C;IAC3C,OAAO,CAAC,aAAa,CAA+C;IACpE,4CAA4C;IAC5C,OAAO,CAAC,cAAc,CAAK;IAC3B,kCAAkC;IAClC,OAAO,CAAC,kBAAkB,CAOX;IACf,+CAA+C;IAC/C,OAAO,CAAC,iBAAiB,CAAK;IAC9B,qDAAqD;IACrD,OAAO,CAAC,UAAU,CAUV;IACR,gCAAgC;IAChC,OAAO,CAAC,gBAAgB,CAAK;IAC7B,4CAA4C;IAC5C,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAQ;IAC7C,wCAAwC;IACxC,OAAO,CAAC,QAAQ,CAAK;IACrB,sEAAsE;IACtE,OAAO,CAAC,UAAU,CAAuB;IAEzC,0DAA0D;IAC1D,OAAO,KAAK,OAAO,GAElB;gBAGC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,GAAG;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,EAC1D,QAAQ,CAAC,EAAE,MAAM,EACjB,SAAS,CAAC,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,EAClB,mBAAmB,CAAC,EAAE,MAAM,EAC5B,OAAO,CAAC,EAAE,mBAAmB,EAAE,EAC/B,QAAQ,CAAC,EAAE,MAAM;IAsMnB;;;OAGG;IACH,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAIjC;;;;;;;;;;;OAWG;IACH,GAAG,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI;IAK1B,KAAK,IAAI,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;YA0C5C,aAAa;YAyZb,SAAS;IAmQvB;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IA+C1B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;;;OAIG;IACH,OAAO,CAAC,aAAa;IAyCrB;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IAuC7B,OAAO,CAAC,UAAU;IA+HlB,OAAO,CAAC,YAAY;IAepB,OAAO,CAAC,YAAY;IAyCpB,OAAO,CAAC,UAAU;IAuElB,OAAO,CAAC,kBAAkB;IA0D1B,kEAAkE;IAClE,OAAO,CAAC,OAAO;YAWD,eAAe;IAqH7B,OAAO,CAAC,cAAc;YA0CR,WAAW;YAuEX,oBAAoB;YAwHpB,oBAAoB;IA4IlC,OAAO,CAAC,eAAe;YAoDT,eAAe;YAsEf,eAAe;YAsDf,gBAAgB;YAkEhB,eAAe;YAgEf,cAAc;YAuFd,cAAc;YAoEd,eAAe;YA0Df,YAAY;YAkDZ,eAAe;YAwDf,cAAc;YA+Dd,aAAa;YAsDb,oBAAoB;YAsDpB,qBAAqB;IAgCnC,OAAO,CAAC,cAAc;IA2CtB,OAAO,CAAC,kBAAkB;IAiC1B,OAAO,CAAC,cAAc;IAyEtB,OAAO,CAAC,qBAAqB;IAsD7B,OAAO,CAAC,iBAAiB;IAuEzB,OAAO,CAAC,mBAAmB;IA8C3B,OAAO,CAAC,sBAAsB;IAwD9B,OAAO,CAAC,mBAAmB;IAoG3B,OAAO,CAAC,eAAe;IAiJvB,OAAO,CAAC,kBAAkB;YA4LZ,kBAAkB;IAoFhC,OAAO,CAAC,aAAa;YAuDP,YAAY;IAkD1B,OAAO,CAAC,WAAW;YA+CL,mBAAmB;IAmCjC,OAAO,CAAC,eAAe;IAYvB,+EAA+E;IAC/E,OAAO,CAAC,mBAAmB;IAU3B,oEAAoE;YACtD,mBAAmB;IA4DjC,yDAAyD;YAC3C,oBAAoB;IAuFlC,yCAAyC;YAC3B,gBAAgB;IA8E9B,uDAAuD;YACzC,iBAAiB;IAiC/B,sEAAsE;IACtE,OAAO,CAAC,kBAAkB;IAqB1B,OAAO,CAAC,qBAAqB;IAO7B,OAAO,CAAC,aAAa;IAOrB,OAAO,CAAC,aAAa;IAOrB,OAAO,CAAC,eAAe;IA0BvB,OAAO,CAAC,eAAe;YAYT,qBAAqB;IAmDnC,OAAO,CAAC,oBAAoB;IAiB5B,OAAO,CAAC,sBAAsB;YAwBhB,mBAAmB;IAoDjC,OAAO,CAAC,oBAAoB;IAgB5B,OAAO,CAAC,oBAAoB;IA0D5B,OAAO,CAAC,sBAAsB;IA2D9B,OAAO,CAAC,wBAAwB;IAwJhC,OAAO,CAAC,qBAAqB;IA8G7B,OAAO,CAAC,wBAAwB;IAwGhC,OAAO,CAAC,kBAAkB;IAsH1B,OAAO,CAAC,uBAAuB;IAmH/B,OAAO,CAAC,mBAAmB;IAiH3B,OAAO,CAAC,oBAAoB;IA6H5B,OAAO,CAAC,qBAAqB;IAmI7B,OAAO,CAAC,mBAAmB;IAwH3B,OAAO,CAAC,qBAAqB;IAiF7B,OAAO,CAAC,uBAAuB;IAwF/B,OAAO,CAAC,sBAAsB;IAsG9B,OAAO,CAAC,sBAAsB;IAuF9B,OAAO,CAAC,sBAAsB;IA4G9B,OAAO,CAAC,cAAc;IAyBtB,OAAO,CAAC,aAAa;IAiErB,OAAO,CAAC,gBAAgB;IAkDxB,OAAO,CAAC,kBAAkB;IA6B1B,OAAO,CAAC,oBAAoB;IAiG5B,OAAO,CAAC,oBAAoB;IAmC5B,gFAAgF;IAChF,OAAO,CAAC,uBAAuB;IAiD/B,OAAO,CAAC,iBAAiB;IAmGzB,OAAO,CAAC,sBAAsB;IAgC9B,OAAO,CAAC,uBAAuB;IAqG/B,OAAO,CAAC,uBAAuB;IAqE/B,OAAO,CAAC,wBAAwB;IA+ChC,uEAAuE;IACvE,OAAO,CAAC,cAAc;IAQtB,mCAAmC;IACnC,OAAO,CAAC,0BAA0B;YAWpB,kBAAkB;IA4IhC,OAAO,CAAC,kBAAkB;IA8B1B,OAAO,CAAC,gBAAgB;IA6CxB,OAAO,CAAC,kBAAkB;IAgC1B,OAAO,CAAC,mBAAmB;YAiCb,iBAAiB;IA6H/B,OAAO,CAAC,wBAAwB;YAclB,yBAAyB;YAsCzB,yBAAyB;YAiDzB,yBAAyB;IA4CvC,OAAO,CAAC,WAAW;IA0BnB,OAAO,CAAC,iBAAiB;IAgCzB,OAAO,CAAC,gBAAgB;IAcxB,OAAO,CAAC,UAAU;IAiClB,OAAO,CAAC,eAAe;YAiBT,gBAAgB;YA4ChB,gBAAgB;YA6ChB,gBAAgB;YAsChB,mBAAmB;YAsDnB,mBAAmB;IA8CjC,OAAO,CAAC,eAAe;IA8BvB,OAAO,CAAC,oBAAoB;YAgBd,iBAAiB;YAyDjB,iBAAiB;IAiE/B,OAAO,CAAC,uBAAuB;IAyB/B,OAAO,CAAC,iBAAiB;IAezB,OAAO,CAAC,gBAAgB;YAOV,iBAAiB;YA2CjB,iBAAiB;YAuDjB,iBAAiB;YAyCjB,sBAAsB;YAsDtB,wBAAwB;IAiDtC,OAAO,CAAC,mBAAmB;YAsBb,oBAAoB;YAwDpB,oBAAoB;IAwDlC,OAAO,CAAC,mBAAmB;YAQb,oBAAoB;YAsCpB,oBAAoB;IAuClC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,eAAe;IAUvB,iFAAiF;IACjF,OAAO,CAAC,iBAAiB;IAuBzB,OAAO,CAAC,QAAQ;IAkBV,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqC3B;;;;;;;OAOG;IACG,YAAY,CAAC,SAAS,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAgDrD,OAAO,CAAC,gBAAgB;IAuExB,OAAO,CAAC,eAAe;YA+GT,mBAAmB;YAgJnB,wBAAwB;IAoJtC,OAAO,CAAC,sBAAsB;IA0F9B,OAAO,CAAC,sBAAsB;IA6E9B,qDAAqD;IACrD,OAAO,CAAC,UAAU;CAMnB"}
|
package/dist/server.js
CHANGED
|
@@ -870,6 +870,18 @@ class PayGateServer {
|
|
|
870
870
|
res.writeHead(405, { 'Content-Type': 'application/json' });
|
|
871
871
|
res.end(JSON.stringify({ error: 'Method not allowed. Use GET.' }));
|
|
872
872
|
return;
|
|
873
|
+
case '/admin/forecast':
|
|
874
|
+
if (req.method === 'GET')
|
|
875
|
+
return this.handleUsageForecasting(req, res);
|
|
876
|
+
res.writeHead(405, { 'Content-Type': 'application/json' });
|
|
877
|
+
res.end(JSON.stringify({ error: 'Method not allowed. Use GET.' }));
|
|
878
|
+
return;
|
|
879
|
+
case '/admin/compliance':
|
|
880
|
+
if (req.method === 'GET')
|
|
881
|
+
return this.handleComplianceReport(req, res);
|
|
882
|
+
res.writeHead(405, { 'Content-Type': 'application/json' });
|
|
883
|
+
res.end(JSON.stringify({ error: 'Method not allowed. Use GET.' }));
|
|
884
|
+
return;
|
|
873
885
|
// ─── Plugin endpoints ──────────────────────────────────────────────
|
|
874
886
|
case '/plugins':
|
|
875
887
|
return this.handleListPlugins(req, res);
|
|
@@ -1422,6 +1434,8 @@ class PayGateServer {
|
|
|
1422
1434
|
revenueAnalysis: 'GET /admin/revenue — Revenue metrics with per-tool revenue, per-key spending, hourly revenue trends, credit flow summary, and average revenue per call (requires X-Admin-Key)',
|
|
1423
1435
|
keyPortfolio: 'GET /admin/key-portfolio — Key portfolio health with active/inactive/suspended counts, stale keys, expiring-soon keys, age distribution, credit utilization, and namespace breakdown (requires X-Admin-Key)',
|
|
1424
1436
|
anomalyDetection: 'GET /admin/anomalies — Anomaly detection identifying high denial rates, rapid credit depletion, low credit balances, and other unusual patterns (requires X-Admin-Key)',
|
|
1437
|
+
usageForecasting: 'GET /admin/forecast — Usage forecasting with per-key depletion estimates, system-wide consumption trends, per-tool breakdown, and at-risk key identification (requires X-Admin-Key)',
|
|
1438
|
+
complianceReport: 'GET /admin/compliance — Compliance report with key governance, access control coverage, audit trail completeness, recommendations, and overall compliance score (requires X-Admin-Key)',
|
|
1425
1439
|
...(this.oauth ? {
|
|
1426
1440
|
oauthMetadata: 'GET /.well-known/oauth-authorization-server — OAuth 2.1 server metadata',
|
|
1427
1441
|
oauthRegister: 'POST /oauth/register — Register OAuth client',
|
|
@@ -5670,6 +5684,180 @@ class PayGateServer {
|
|
|
5670
5684
|
analyzedAt: new Date().toISOString(),
|
|
5671
5685
|
}));
|
|
5672
5686
|
}
|
|
5687
|
+
// ─── /admin/forecast — Usage Forecasting ─────────────────────────────────
|
|
5688
|
+
handleUsageForecasting(req, res) {
|
|
5689
|
+
if (!this.checkAdmin(req, res))
|
|
5690
|
+
return;
|
|
5691
|
+
const events = this.gate.meter.getEvents();
|
|
5692
|
+
const allRecords = this.gate.store.getAllRecords();
|
|
5693
|
+
const activeRecords = allRecords.filter(r => r.active);
|
|
5694
|
+
// ── Per-key forecasts ──
|
|
5695
|
+
const keyForecasts = [];
|
|
5696
|
+
for (const record of activeRecords) {
|
|
5697
|
+
const keyName = record.name;
|
|
5698
|
+
const creditsRemaining = record.credits;
|
|
5699
|
+
const totalSpent = record.totalSpent || 0;
|
|
5700
|
+
const callCount = record.totalCalls || 0;
|
|
5701
|
+
const avgCreditsPerCall = callCount > 0 ? totalSpent / callCount : 0;
|
|
5702
|
+
const estimatedCallsRemaining = callCount > 0 && avgCreditsPerCall > 0
|
|
5703
|
+
? Math.floor(creditsRemaining / avgCreditsPerCall)
|
|
5704
|
+
: null;
|
|
5705
|
+
// At risk: has usage history and <= 5 estimated calls remaining
|
|
5706
|
+
const atRisk = estimatedCallsRemaining !== null && estimatedCallsRemaining <= 5;
|
|
5707
|
+
keyForecasts.push({
|
|
5708
|
+
keyName,
|
|
5709
|
+
creditsRemaining,
|
|
5710
|
+
totalSpent,
|
|
5711
|
+
callCount,
|
|
5712
|
+
avgCreditsPerCall: Math.round(avgCreditsPerCall * 100) / 100,
|
|
5713
|
+
estimatedCallsRemaining,
|
|
5714
|
+
atRisk,
|
|
5715
|
+
});
|
|
5716
|
+
}
|
|
5717
|
+
// ── System-wide forecast ──
|
|
5718
|
+
const totalCreditsRemaining = activeRecords.reduce((sum, r) => sum + r.credits, 0);
|
|
5719
|
+
const totalCreditsSpent = activeRecords.reduce((sum, r) => sum + (r.totalSpent || 0), 0);
|
|
5720
|
+
const totalCalls = activeRecords.reduce((sum, r) => sum + (r.totalCalls || 0), 0);
|
|
5721
|
+
// Per-tool breakdown from events
|
|
5722
|
+
const toolMap = new Map();
|
|
5723
|
+
const allowedEvents = events.filter(e => e.allowed);
|
|
5724
|
+
for (const e of allowedEvents) {
|
|
5725
|
+
const tool = e.tool || 'unknown';
|
|
5726
|
+
if (!toolMap.has(tool))
|
|
5727
|
+
toolMap.set(tool, { calls: 0, totalCredits: 0 });
|
|
5728
|
+
const t = toolMap.get(tool);
|
|
5729
|
+
t.calls++;
|
|
5730
|
+
t.totalCredits += e.creditsCharged || 0;
|
|
5731
|
+
}
|
|
5732
|
+
const byTool = Array.from(toolMap.entries())
|
|
5733
|
+
.map(([tool, stats]) => ({
|
|
5734
|
+
tool,
|
|
5735
|
+
calls: stats.calls,
|
|
5736
|
+
totalCredits: stats.totalCredits,
|
|
5737
|
+
avgCreditsPerCall: stats.calls > 0 ? Math.round(stats.totalCredits / stats.calls * 100) / 100 : 0,
|
|
5738
|
+
}))
|
|
5739
|
+
.sort((a, b) => b.totalCredits - a.totalCredits);
|
|
5740
|
+
const keysAtRisk = keyForecasts.filter(f => f.atRisk).length;
|
|
5741
|
+
res.writeHead(200, { 'Content-Type': 'application/json' });
|
|
5742
|
+
res.end(JSON.stringify({
|
|
5743
|
+
summary: {
|
|
5744
|
+
totalActiveKeys: activeRecords.length,
|
|
5745
|
+
keysAtRisk,
|
|
5746
|
+
},
|
|
5747
|
+
keyForecasts,
|
|
5748
|
+
systemForecast: {
|
|
5749
|
+
totalCreditsRemaining,
|
|
5750
|
+
totalCreditsSpent,
|
|
5751
|
+
totalCalls,
|
|
5752
|
+
byTool,
|
|
5753
|
+
},
|
|
5754
|
+
generatedAt: new Date().toISOString(),
|
|
5755
|
+
}));
|
|
5756
|
+
}
|
|
5757
|
+
// ─── /admin/compliance — Compliance Report ──────────────────────────────
|
|
5758
|
+
handleComplianceReport(req, res) {
|
|
5759
|
+
if (!this.checkAdmin(req, res))
|
|
5760
|
+
return;
|
|
5761
|
+
const events = this.gate.meter.getEvents();
|
|
5762
|
+
const allRecords = this.gate.store.getAllRecords();
|
|
5763
|
+
const activeRecords = allRecords.filter(r => r.active);
|
|
5764
|
+
// ── Key Governance ──
|
|
5765
|
+
const totalKeys = activeRecords.length;
|
|
5766
|
+
let keysWithExpiry = 0;
|
|
5767
|
+
let keysWithoutExpiry = 0;
|
|
5768
|
+
for (const r of activeRecords) {
|
|
5769
|
+
if (r.expiresAt)
|
|
5770
|
+
keysWithExpiry++;
|
|
5771
|
+
else
|
|
5772
|
+
keysWithoutExpiry++;
|
|
5773
|
+
}
|
|
5774
|
+
// ── Access Control ──
|
|
5775
|
+
let keysWithAcl = 0;
|
|
5776
|
+
let keysWithoutAcl = 0;
|
|
5777
|
+
let keysWithIpRestriction = 0;
|
|
5778
|
+
let keysWithoutIpRestriction = 0;
|
|
5779
|
+
let keysWithSpendingLimit = 0;
|
|
5780
|
+
let keysWithoutSpendingLimit = 0;
|
|
5781
|
+
for (const r of activeRecords) {
|
|
5782
|
+
if (r.allowedTools && r.allowedTools.length > 0)
|
|
5783
|
+
keysWithAcl++;
|
|
5784
|
+
else
|
|
5785
|
+
keysWithoutAcl++;
|
|
5786
|
+
if (r.ipAllowlist && r.ipAllowlist.length > 0)
|
|
5787
|
+
keysWithIpRestriction++;
|
|
5788
|
+
else
|
|
5789
|
+
keysWithoutIpRestriction++;
|
|
5790
|
+
if (r.spendingLimit && r.spendingLimit > 0)
|
|
5791
|
+
keysWithSpendingLimit++;
|
|
5792
|
+
else
|
|
5793
|
+
keysWithoutSpendingLimit++;
|
|
5794
|
+
}
|
|
5795
|
+
// ── Audit Trail ──
|
|
5796
|
+
const totalEvents = events.length;
|
|
5797
|
+
const tools = new Set();
|
|
5798
|
+
const keys = new Set();
|
|
5799
|
+
for (const e of events) {
|
|
5800
|
+
if (e.tool)
|
|
5801
|
+
tools.add(e.tool);
|
|
5802
|
+
if (e.keyName || e.apiKey)
|
|
5803
|
+
keys.add(e.keyName || e.apiKey);
|
|
5804
|
+
}
|
|
5805
|
+
// ── Overall Score (0-100) ──
|
|
5806
|
+
// Weighted: expiry 25%, ACL 25%, IP 20%, spending limit 15%, audit trail 15%
|
|
5807
|
+
let score = 100;
|
|
5808
|
+
if (totalKeys > 0) {
|
|
5809
|
+
const expiryPct = keysWithExpiry / totalKeys;
|
|
5810
|
+
const aclPct = keysWithAcl / totalKeys;
|
|
5811
|
+
const ipPct = keysWithIpRestriction / totalKeys;
|
|
5812
|
+
const spendPct = keysWithSpendingLimit / totalKeys;
|
|
5813
|
+
score = Math.round(expiryPct * 25 +
|
|
5814
|
+
aclPct * 25 +
|
|
5815
|
+
ipPct * 20 +
|
|
5816
|
+
spendPct * 15 +
|
|
5817
|
+
(totalEvents > 0 ? 15 : 0));
|
|
5818
|
+
}
|
|
5819
|
+
// ── Recommendations ──
|
|
5820
|
+
const recommendations = [];
|
|
5821
|
+
if (keysWithoutExpiry > 0) {
|
|
5822
|
+
recommendations.push(`Set expiry dates on ${keysWithoutExpiry} key(s) without time-limited access`);
|
|
5823
|
+
}
|
|
5824
|
+
if (keysWithoutAcl > 0) {
|
|
5825
|
+
recommendations.push(`Add tool ACL restrictions to ${keysWithoutAcl} key(s) with unrestricted tool access`);
|
|
5826
|
+
}
|
|
5827
|
+
if (keysWithoutIpRestriction > 0) {
|
|
5828
|
+
recommendations.push(`Add IP allowlists to ${keysWithoutIpRestriction} key(s) accessible from any IP`);
|
|
5829
|
+
}
|
|
5830
|
+
if (keysWithoutSpendingLimit > 0) {
|
|
5831
|
+
recommendations.push(`Set spending limits on ${keysWithoutSpendingLimit} key(s) without cost controls`);
|
|
5832
|
+
}
|
|
5833
|
+
if (totalEvents === 0 && totalKeys > 0) {
|
|
5834
|
+
recommendations.push('No usage events recorded — ensure audit trail is capturing tool calls');
|
|
5835
|
+
}
|
|
5836
|
+
res.writeHead(200, { 'Content-Type': 'application/json' });
|
|
5837
|
+
res.end(JSON.stringify({
|
|
5838
|
+
keyGovernance: {
|
|
5839
|
+
totalKeys,
|
|
5840
|
+
keysWithExpiry,
|
|
5841
|
+
keysWithoutExpiry,
|
|
5842
|
+
},
|
|
5843
|
+
accessControl: {
|
|
5844
|
+
keysWithAcl,
|
|
5845
|
+
keysWithoutAcl,
|
|
5846
|
+
keysWithIpRestriction,
|
|
5847
|
+
keysWithoutIpRestriction,
|
|
5848
|
+
keysWithSpendingLimit,
|
|
5849
|
+
keysWithoutSpendingLimit,
|
|
5850
|
+
},
|
|
5851
|
+
auditTrail: {
|
|
5852
|
+
totalEvents,
|
|
5853
|
+
uniqueTools: tools.size,
|
|
5854
|
+
uniqueKeys: keys.size,
|
|
5855
|
+
},
|
|
5856
|
+
overallScore: score,
|
|
5857
|
+
recommendations,
|
|
5858
|
+
generatedAt: new Date().toISOString(),
|
|
5859
|
+
}));
|
|
5860
|
+
}
|
|
5673
5861
|
// ─── /keys/notes — Timestamped notes on API keys ─────────────────────────
|
|
5674
5862
|
handleGetNotes(req, res) {
|
|
5675
5863
|
if (!this.checkAdmin(req, res))
|