paygate-mcp 8.89.0 → 8.90.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +30 -16
- package/dist/server.js.map +1 -1
- package/package.json +1 -1
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAgB,eAAe,EAA0B,MAAM,MAAM,CAAC;AAI7E,OAAO,EAAE,aAAa,EAAkB,mBAAmB,EAAkB,MAAM,SAAS,CAAC;AAE7F,OAAO,EAAE,MAAM,EAAiC,MAAM,UAAU,CAAC;AASjE,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAE9B,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAE7C,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,cAAc,EAAqD,MAAM,WAAW,CAAC;AAC9F,OAAO,EAAE,WAAW,EAAmB,MAAM,SAAS,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAS,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEtC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,eAAe,EAA6B,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAE,aAAa,EAAE,aAAa,EAAqB,MAAM,UAAU,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAG3C,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAgB,eAAe,EAA0B,MAAM,MAAM,CAAC;AAI7E,OAAO,EAAE,aAAa,EAAkB,mBAAmB,EAAkB,MAAM,SAAS,CAAC;AAE7F,OAAO,EAAE,MAAM,EAAiC,MAAM,UAAU,CAAC;AASjE,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAE9B,OAAO,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAC;AAE7C,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,cAAc,EAAqD,MAAM,WAAW,CAAC;AAC9F,OAAO,EAAE,WAAW,EAAmB,MAAM,SAAS,CAAC;AACvD,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAC1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAE7C,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAS,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAEtC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAC9C,OAAO,EAAE,eAAe,EAA6B,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAE,aAAa,EAAE,aAAa,EAAqB,MAAM,UAAU,CAAC;AAC3E,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAG3C,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AA6DrD,0EAA0E;AAC1E,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAED,sFAAsF;AACtF,wBAAgB,YAAY,CAAC,GAAG,EAAE,eAAe,GAAG,MAAM,GAAG,SAAS,CAErE;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAAC,GAAG,EAAE,eAAe,EAAE,cAAc,CAAC,EAAE,MAAM,EAAE,GAAG,MAAM,CAsBvF;AAyCD,yCAAyC;AACzC,KAAK,YAAY,GAAG,QAAQ,GAAG,YAAY,CAAC;AAa5C,qBAAa,aAAa;IACxB,iDAAiD;IACjD,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC;IACpB,0DAA0D;IAC1D,QAAQ,CAAC,KAAK,EAAE,YAAY,GAAG,IAAI,CAAC;IACpC,8DAA8D;IAC9D,QAAQ,CAAC,MAAM,EAAE,iBAAiB,GAAG,IAAI,CAAC;IAC1C,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;IACvC,oEAAoE;IACpE,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,mEAAmE;IACnE,OAAO,CAAC,iBAAiB,CAAS;IAClC,OAAO,CAAC,aAAa,CAAqC;IAC1D,wDAAwD;IACxD,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,IAAI,CAAQ;IAC5C,oDAAoD;IACpD,QAAQ,CAAC,QAAQ,EAAE,cAAc,CAAC;IAClC,2BAA2B;IAC3B,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,0CAA0C;IAC1C,QAAQ,CAAC,QAAQ,EAAE,YAAY,CAAC;IAChC,8CAA8C;IAC9C,QAAQ,CAAC,OAAO,EAAE,gBAAgB,CAAC;IACnC,mCAAmC;IACnC,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,4CAA4C;IAC5C,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC;IAC7B,gCAAgC;IAChC,QAAQ,CAAC,KAAK,EAAE,WAAW,CAAC;IAC5B,yEAAyE;IACzE,QAAQ,CAAC,SAAS,EAAE,SAAS,GAAG,IAAI,CAAQ;IAC5C,4DAA4D;IAC5D,QAAQ,CAAC,MAAM,EAAE,kBAAkB,CAAC;IACpC,qDAAqD;IACrD,QAAQ,CAAC,OAAO,EAAE,aAAa,CAAC;IAChC,QAAQ,CAAC,MAAM,EAAE,eAAe,CAAC;IACjC,oCAAoC;IACpC,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,oDAAoD;IACpD,QAAQ,CAAC,SAAS,EAAE,kBAAkB,CAAC;IACvC,sCAAsC;IACtC,QAAQ,CAAC,YAAY,EAAE,YAAY,CAAC;IACpC,oEAAoE;IACpE,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAc;IAC/C,yCAAyC;IACzC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAsB;IAChD,gEAAgE;IAChE,OAAO,CAAC,QAAQ,CAAS;IACzB,wEAAwE;IACxE,OAAO,CAAC,eAAe,CAAS;IAChC,mDAAmD;IACnD,OAAO,CAAC,kBAAkB,CAAiC;IAC3D,kDAAkD;IAClD,OAAO,CAAC,gBAAgB,CAAuB;IAC/C,gDAAgD;IAChD,OAAO,CAAC,iBAAiB,CAAqF;IAC9G,8CAA8C;IAC9C,OAAO,CAAC,wBAAwB,CAA+C;IAC/E,8BAA8B;IAC9B,OAAO,CAAC,gBAAgB,CAOhB;IACR,2CAA2C;IAC3C,OAAO,CAAC,aAAa,CAA+C;IACpE,4CAA4C;IAC5C,OAAO,CAAC,cAAc,CAAK;IAC3B,kCAAkC;IAClC,OAAO,CAAC,kBAAkB,CAOX;IACf,+CAA+C;IAC/C,OAAO,CAAC,iBAAiB,CAAK;IAC9B,qDAAqD;IACrD,OAAO,CAAC,UAAU,CAUV;IACR,gCAAgC;IAChC,OAAO,CAAC,gBAAgB,CAAK;IAC7B,4CAA4C;IAC5C,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAQ;IAC7C,wCAAwC;IACxC,OAAO,CAAC,QAAQ,CAAK;IACrB,sEAAsE;IACtE,OAAO,CAAC,UAAU,CAAuB;IAEzC,0DAA0D;IAC1D,OAAO,KAAK,OAAO,GAElB;gBAGC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,GAAG;QAAE,aAAa,EAAE,MAAM,CAAA;KAAE,EAC1D,QAAQ,CAAC,EAAE,MAAM,EACjB,SAAS,CAAC,EAAE,MAAM,EAClB,SAAS,CAAC,EAAE,MAAM,EAClB,mBAAmB,CAAC,EAAE,MAAM,EAC5B,OAAO,CAAC,EAAE,mBAAmB,EAAE,EAC/B,QAAQ,CAAC,EAAE,MAAM;IAkNnB;;;OAGG;IACH,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAIjC;;;;;;;;;;;OAWG;IACH,GAAG,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI;IAK1B,KAAK,IAAI,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IAiF1D,0EAA0E;IAC1E,OAAO,CAAC,iBAAiB;IA4BzB,uDAAuD;IACvD,OAAO,CAAC,QAAQ;IAKhB,wDAAwD;IACxD,OAAO,CAAC,SAAS;YAWH,aAAa;YA8kBb,SAAS;IA0RvB;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IA6C1B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAsB9B;;;;OAIG;IACH,OAAO,CAAC,aAAa;IAyCrB;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IAuC7B,OAAO,CAAC,UAAU;IAgLlB,OAAO,CAAC,YAAY;IAepB,OAAO,CAAC,YAAY;IAwCpB,OAAO,CAAC,UAAU;IA4ElB,OAAO,CAAC,kBAAkB;IAwD1B,kEAAkE;IAClE,OAAO,CAAC,OAAO;YAWD,eAAe;IAyH7B,OAAO,CAAC,cAAc;YA0DR,WAAW;YAkEX,oBAAoB;YA6GpB,oBAAoB;IAwIlC,OAAO,CAAC,eAAe;YA4DT,eAAe;YAiEf,eAAe;YAiDf,gBAAgB;YA2DhB,eAAe;YAwDf,cAAc;YAgFd,cAAc;YA8Dd,eAAe;YAqDf,YAAY;YAiDZ,eAAe;YA6Df,cAAc;YAwDd,aAAa;YAgDb,oBAAoB;YAgDpB,qBAAqB;IA4BnC,OAAO,CAAC,cAAc;IAwCtB,OAAO,CAAC,kBAAkB;IA+B1B,OAAO,CAAC,cAAc;IAuEtB,OAAO,CAAC,qBAAqB;IAkD7B,OAAO,CAAC,iBAAiB;IAmEzB,OAAO,CAAC,mBAAmB;IA2C3B,OAAO,CAAC,sBAAsB;IAoD9B,OAAO,CAAC,mBAAmB;IA+F3B,OAAO,CAAC,eAAe;IA6IvB,OAAO,CAAC,kBAAkB;YAyLZ,kBAAkB;IA4EhC,OAAO,CAAC,aAAa;YAmDP,YAAY;IA6C1B,OAAO,CAAC,WAAW;YA8CL,mBAAmB;IAgCjC,OAAO,CAAC,eAAe;IAcvB,+EAA+E;IAC/E,OAAO,CAAC,mBAAmB;IAS3B,oEAAoE;YACtD,mBAAmB;IAwDjC,yDAAyD;YAC3C,oBAAoB;IAoFlC,yCAAyC;YAC3B,gBAAgB;IA2E9B,uDAAuD;YACzC,iBAAiB;IA8B/B,sEAAsE;IACtE,OAAO,CAAC,kBAAkB;IAmB1B,OAAO,CAAC,qBAAqB;IAO7B,OAAO,CAAC,aAAa;IAOrB,OAAO,CAAC,aAAa;IAOrB,OAAO,CAAC,eAAe;IAyBvB,OAAO,CAAC,eAAe;YAWT,qBAAqB;IA8CnC,OAAO,CAAC,oBAAoB;IAe5B,OAAO,CAAC,sBAAsB;YAsBhB,mBAAmB;IA+CjC,OAAO,CAAC,oBAAoB;YAcd,oBAAoB;IA0DlC,OAAO,CAAC,sBAAsB;IA2D9B,OAAO,CAAC,wBAAwB;IAuJhC,OAAO,CAAC,qBAAqB;IA6G7B,OAAO,CAAC,wBAAwB;IAuGhC,OAAO,CAAC,kBAAkB;IAqH1B,OAAO,CAAC,uBAAuB;IAkH/B,OAAO,CAAC,mBAAmB;IAgH3B,OAAO,CAAC,oBAAoB;IA4H5B,OAAO,CAAC,qBAAqB;IAkI7B,OAAO,CAAC,mBAAmB;IAuH3B,OAAO,CAAC,qBAAqB;IAgF7B,OAAO,CAAC,uBAAuB;IAuF/B,OAAO,CAAC,sBAAsB;IAqG9B,OAAO,CAAC,sBAAsB;IAsF9B,OAAO,CAAC,sBAAsB;IA2G9B,OAAO,CAAC,mBAAmB;IA8E3B,OAAO,CAAC,sBAAsB;IA6F9B,OAAO,CAAC,mBAAmB;IAmE3B,OAAO,CAAC,qBAAqB;IAqF7B,OAAO,CAAC,iBAAiB;IAwEzB,OAAO,CAAC,gBAAgB;IAqExB,OAAO,CAAC,YAAY;IAiEpB,OAAO,CAAC,oBAAoB;IAiD5B,OAAO,CAAC,kBAAkB;IAiD1B,OAAO,CAAC,sBAAsB;IAmE9B,OAAO,CAAC,mBAAmB;IAgF3B,OAAO,CAAC,eAAe;IAiEvB,OAAO,CAAC,mBAAmB;IAoD3B,OAAO,CAAC,sBAAsB;IA4E9B,OAAO,CAAC,kBAAkB;IAoF1B,OAAO,CAAC,kBAAkB;IA0D1B,OAAO,CAAC,sBAAsB;IA+E9B,OAAO,CAAC,mBAAmB;IA2D3B,OAAO,CAAC,cAAc;IAqDtB,OAAO,CAAC,qBAAqB;IAwD7B,OAAO,CAAC,0BAA0B;IA+DlC,OAAO,CAAC,wBAAwB;IAyEhC,OAAO,CAAC,8BAA8B;IAiFtC,OAAO,CAAC,2BAA2B;IAsEnC,OAAO,CAAC,iBAAiB;IAqDzB,OAAO,CAAC,uBAAuB;IA4D/B,OAAO,CAAC,oBAAoB;IA+C5B,OAAO,CAAC,uBAAuB;IAoE/B,OAAO,CAAC,sBAAsB;IAsD9B,OAAO,CAAC,kBAAkB;IA6D1B,OAAO,CAAC,eAAe;IA4DvB,OAAO,CAAC,sBAAsB;IA8D9B,OAAO,CAAC,oBAAoB;IAmD5B,OAAO,CAAC,oBAAoB;IAqD5B,OAAO,CAAC,uBAAuB;IA0D/B,OAAO,CAAC,yBAAyB;IAuDjC,OAAO,CAAC,oBAAoB;IAqD5B,OAAO,CAAC,uBAAuB;IAmD/B,OAAO,CAAC,iBAAiB;IA+CzB,OAAO,CAAC,mBAAmB;IA8D3B,OAAO,CAAC,qBAAqB;IA0D7B,OAAO,CAAC,uBAAuB;IAkE/B,OAAO,CAAC,oBAAoB;IAoE5B,OAAO,CAAC,uBAAuB;IAwD/B,OAAO,CAAC,2BAA2B;IAyDnC,OAAO,CAAC,mBAAmB;IAwE3B,OAAO,CAAC,mBAAmB;IAsF3B,OAAO,CAAC,gBAAgB;IAsDxB,OAAO,CAAC,kBAAkB;IAsF1B,OAAO,CAAC,sBAAsB;IAiF9B,OAAO,CAAC,cAAc;YAsBR,aAAa;IA8D3B,OAAO,CAAC,gBAAgB;IA6CxB,OAAO,CAAC,kBAAkB;YA2BZ,oBAAoB;IA4FlC,OAAO,CAAC,oBAAoB;IAgC5B,gFAAgF;IAChF,OAAO,CAAC,uBAAuB;IAiD/B,OAAO,CAAC,iBAAiB;IAgGzB,OAAO,CAAC,sBAAsB;YA8BhB,uBAAuB;YAiGvB,uBAAuB;YAmEvB,wBAAwB;IA+CtC,uEAAuE;IACvE,OAAO,CAAC,cAAc;IAQtB,mCAAmC;IACnC,OAAO,CAAC,0BAA0B;YAWpB,kBAAkB;IAiIhC,OAAO,CAAC,kBAAkB;IA2B1B,OAAO,CAAC,gBAAgB;IAyCxB,OAAO,CAAC,kBAAkB;IA4B1B,OAAO,CAAC,mBAAmB;YA6Bb,iBAAiB;IA6H/B,OAAO,CAAC,wBAAwB;YAYlB,yBAAyB;YA0CzB,yBAAyB;YAoDzB,yBAAyB;IAsCvC,OAAO,CAAC,WAAW;IAyBnB,OAAO,CAAC,iBAAiB;IA2CzB,OAAO,CAAC,gBAAgB;IAaxB,OAAO,CAAC,UAAU;IA2ClB,OAAO,CAAC,eAAe;YAeT,gBAAgB;YAwChB,gBAAgB;YAwChB,gBAAgB;YAiChB,mBAAmB;YA+CnB,mBAAmB;IAwCjC,OAAO,CAAC,eAAe;IA2BvB,OAAO,CAAC,oBAAoB;YAed,iBAAiB;YAsDjB,iBAAiB;IA2D/B,OAAO,CAAC,uBAAuB;IAuB/B,OAAO,CAAC,iBAAiB;IAazB,OAAO,CAAC,gBAAgB;YAMV,iBAAiB;YAwCjB,iBAAiB;YAkDjB,iBAAiB;YAoCjB,sBAAsB;YAgDtB,wBAAwB;IA4CtC,OAAO,CAAC,mBAAmB;YAoBb,oBAAoB;YAoDpB,oBAAoB;YAgDpB,wBAAwB;IAqCtC,OAAO,CAAC,mBAAmB;YAOb,oBAAoB;YAoCpB,oBAAoB;IAmClC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,eAAe;IAUvB,iFAAiF;IACjF,OAAO,CAAC,iBAAiB;IAuBzB,OAAO,CAAC,QAAQ;IA0DV,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAqC3B;;;;;;;OAOG;IACG,YAAY,CAAC,SAAS,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;IAiErD,OAAO,CAAC,gBAAgB;IAsExB,OAAO,CAAC,eAAe;YA6GT,mBAAmB;YAoInB,wBAAwB;IA0ItC,OAAO,CAAC,sBAAsB;IA8F9B,OAAO,CAAC,sBAAsB;IA0E9B,qDAAqD;IACrD,OAAO,CAAC,UAAU;CAMnB"}
|
package/dist/server.js
CHANGED
|
@@ -122,6 +122,19 @@ const MAX_SPENDING_LIMIT = 1_000_000_000; // 1 billion credits lifetime cap
|
|
|
122
122
|
const MAX_TOPUP_AMOUNT = 100_000_000; // 100 million credits per auto-topup
|
|
123
123
|
const MAX_TOPUP_THRESHOLD = 100_000_000; // 100 million credits threshold
|
|
124
124
|
const MAX_RATE_LIMIT = 100_000; // 100k requests per window
|
|
125
|
+
/**
|
|
126
|
+
* Upper bounds for array-type admin inputs.
|
|
127
|
+
* Prevents memory exhaustion from unbounded lists and O(n) validation overhead.
|
|
128
|
+
*/
|
|
129
|
+
const MAX_ACL_ITEMS = 1_000; // Max tools in allowedTools/deniedTools per key/group
|
|
130
|
+
const MAX_IP_ALLOWLIST = 200; // Max IPs per key/group allowlist
|
|
131
|
+
const MAX_ALERT_RULES = 100; // Max alert rules
|
|
132
|
+
/** Truncate user-supplied arrays to a maximum length, returning the sliced array. */
|
|
133
|
+
function clampArray(arr, maxLen) {
|
|
134
|
+
if (!arr || !Array.isArray(arr))
|
|
135
|
+
return arr;
|
|
136
|
+
return arr.slice(0, maxLen);
|
|
137
|
+
}
|
|
125
138
|
/** Truncate user-supplied strings to MAX_STRING_FIELD to prevent log injection and memory abuse. */
|
|
126
139
|
function sanitizeString(value, maxLen = MAX_STRING_FIELD) {
|
|
127
140
|
if (!value)
|
|
@@ -2128,12 +2141,12 @@ class PayGateServer {
|
|
|
2128
2141
|
quota = { ...tpl.quota };
|
|
2129
2142
|
}
|
|
2130
2143
|
const record = this.gate.store.createKey(name, credits, {
|
|
2131
|
-
allowedTools: params.allowedTools || (tpl ? [...tpl.allowedTools] : undefined),
|
|
2132
|
-
deniedTools: params.deniedTools || (tpl ? [...tpl.deniedTools] : undefined),
|
|
2144
|
+
allowedTools: clampArray(params.allowedTools, MAX_ACL_ITEMS) || (tpl ? [...tpl.allowedTools] : undefined),
|
|
2145
|
+
deniedTools: clampArray(params.deniedTools, MAX_ACL_ITEMS) || (tpl ? [...tpl.deniedTools] : undefined),
|
|
2133
2146
|
expiresAt,
|
|
2134
2147
|
quota,
|
|
2135
2148
|
tags: params.tags || (tpl ? { ...tpl.tags } : undefined),
|
|
2136
|
-
ipAllowlist: params.ipAllowlist || (tpl ? [...tpl.ipAllowlist] : undefined),
|
|
2149
|
+
ipAllowlist: clampArray(params.ipAllowlist, MAX_IP_ALLOWLIST) || (tpl ? [...tpl.ipAllowlist] : undefined),
|
|
2137
2150
|
namespace: params.namespace || tpl?.namespace,
|
|
2138
2151
|
});
|
|
2139
2152
|
// Apply template spending limit if not explicitly set
|
|
@@ -2423,8 +2436,8 @@ class PayGateServer {
|
|
|
2423
2436
|
break;
|
|
2424
2437
|
}
|
|
2425
2438
|
const record = this.gate.store.createKey(name, credits, {
|
|
2426
|
-
allowedTools: op.allowedTools,
|
|
2427
|
-
deniedTools: op.deniedTools,
|
|
2439
|
+
allowedTools: clampArray(op.allowedTools, MAX_ACL_ITEMS),
|
|
2440
|
+
deniedTools: clampArray(op.deniedTools, MAX_ACL_ITEMS),
|
|
2428
2441
|
tags: op.tags,
|
|
2429
2442
|
namespace: op.namespace,
|
|
2430
2443
|
});
|
|
@@ -2965,7 +2978,7 @@ class PayGateServer {
|
|
|
2965
2978
|
this.sendError(res, 400, 'Missing key');
|
|
2966
2979
|
return;
|
|
2967
2980
|
}
|
|
2968
|
-
const success = this.gate.store.setAcl(params.key, params.allowedTools, params.deniedTools);
|
|
2981
|
+
const success = this.gate.store.setAcl(params.key, clampArray(params.allowedTools, MAX_ACL_ITEMS), clampArray(params.deniedTools, MAX_ACL_ITEMS));
|
|
2969
2982
|
if (!success) {
|
|
2970
2983
|
this.sendError(res, 404, 'Key not found or inactive');
|
|
2971
2984
|
return;
|
|
@@ -3154,7 +3167,7 @@ class PayGateServer {
|
|
|
3154
3167
|
this.sendError(res, 400, 'Missing or invalid ips array');
|
|
3155
3168
|
return;
|
|
3156
3169
|
}
|
|
3157
|
-
const success = this.gate.store.setIpAllowlist(params.key, params.ips);
|
|
3170
|
+
const success = this.gate.store.setIpAllowlist(params.key, params.ips.slice(0, MAX_IP_ALLOWLIST));
|
|
3158
3171
|
if (!success) {
|
|
3159
3172
|
this.sendError(res, 404, 'Key not found');
|
|
3160
3173
|
return;
|
|
@@ -10429,16 +10442,17 @@ class PayGateServer {
|
|
|
10429
10442
|
return;
|
|
10430
10443
|
}
|
|
10431
10444
|
const ttl = Math.max(1, Math.min(86400, Math.floor(Number(params.ttl) || 3600)));
|
|
10445
|
+
const clampedTokenTools = clampArray(params.allowedTools, MAX_ACL_ITEMS);
|
|
10432
10446
|
const token = this.tokens.create({
|
|
10433
10447
|
apiKey: params.key,
|
|
10434
10448
|
ttlSeconds: ttl,
|
|
10435
|
-
allowedTools:
|
|
10449
|
+
allowedTools: clampedTokenTools,
|
|
10436
10450
|
label: params.label,
|
|
10437
10451
|
});
|
|
10438
10452
|
this.audit.log('token.created', 'admin', `Scoped token created for key: ${keyRecord.name}`, {
|
|
10439
10453
|
keyMasked: (0, audit_1.maskKeyForAudit)(params.key),
|
|
10440
10454
|
ttl,
|
|
10441
|
-
allowedTools:
|
|
10455
|
+
allowedTools: clampedTokenTools,
|
|
10442
10456
|
label: params.label,
|
|
10443
10457
|
});
|
|
10444
10458
|
this.sendJson(res, 201, {
|
|
@@ -10446,7 +10460,7 @@ class PayGateServer {
|
|
|
10446
10460
|
expiresAt: new Date(Date.now() + ttl * 1000).toISOString(),
|
|
10447
10461
|
ttl,
|
|
10448
10462
|
parentKey: keyRecord.name,
|
|
10449
|
-
allowedTools:
|
|
10463
|
+
allowedTools: clampedTokenTools || [],
|
|
10450
10464
|
label: params.label || null,
|
|
10451
10465
|
message: 'Use this token as X-API-Key or Bearer token. It will expire automatically.',
|
|
10452
10466
|
});
|
|
@@ -10557,8 +10571,8 @@ class PayGateServer {
|
|
|
10557
10571
|
const group = this.groups.createGroup({
|
|
10558
10572
|
name: sanitizeString(params.name) || '',
|
|
10559
10573
|
description: sanitizeString(params.description) || undefined,
|
|
10560
|
-
allowedTools: params.allowedTools,
|
|
10561
|
-
deniedTools: params.deniedTools,
|
|
10574
|
+
allowedTools: clampArray(params.allowedTools, MAX_ACL_ITEMS),
|
|
10575
|
+
deniedTools: clampArray(params.deniedTools, MAX_ACL_ITEMS),
|
|
10562
10576
|
rateLimitPerMin: params.rateLimitPerMin ? clampInt(Number(params.rateLimitPerMin), 0, MAX_RATE_LIMIT) : undefined,
|
|
10563
10577
|
toolPricing: params.toolPricing,
|
|
10564
10578
|
quota: params.quota ? {
|
|
@@ -10567,7 +10581,7 @@ class PayGateServer {
|
|
|
10567
10581
|
dailyCreditLimit: clampInt(Number(params.quota.dailyCreditLimit) || 0, 0, MAX_QUOTA_LIMIT),
|
|
10568
10582
|
monthlyCreditLimit: clampInt(Number(params.quota.monthlyCreditLimit) || 0, 0, MAX_QUOTA_LIMIT),
|
|
10569
10583
|
} : undefined,
|
|
10570
|
-
ipAllowlist: params.ipAllowlist,
|
|
10584
|
+
ipAllowlist: clampArray(params.ipAllowlist, MAX_IP_ALLOWLIST),
|
|
10571
10585
|
defaultCredits: params.defaultCredits ? clampInt(Number(params.defaultCredits), 0, MAX_CREDITS) : undefined,
|
|
10572
10586
|
maxSpendingLimit: params.maxSpendingLimit ? clampInt(Number(params.maxSpendingLimit), 0, MAX_SPENDING_LIMIT) : undefined,
|
|
10573
10587
|
tags: params.tags,
|
|
@@ -10607,8 +10621,8 @@ class PayGateServer {
|
|
|
10607
10621
|
const group = this.groups.updateGroup(groupId, {
|
|
10608
10622
|
name: params.name ? sanitizeString(params.name) : undefined,
|
|
10609
10623
|
description: params.description !== undefined ? (sanitizeString(params.description) || undefined) : undefined,
|
|
10610
|
-
allowedTools: params.allowedTools,
|
|
10611
|
-
deniedTools: params.deniedTools,
|
|
10624
|
+
allowedTools: clampArray(params.allowedTools, MAX_ACL_ITEMS),
|
|
10625
|
+
deniedTools: clampArray(params.deniedTools, MAX_ACL_ITEMS),
|
|
10612
10626
|
rateLimitPerMin: params.rateLimitPerMin ? clampInt(Number(params.rateLimitPerMin), 0, MAX_RATE_LIMIT) : undefined,
|
|
10613
10627
|
toolPricing: params.toolPricing,
|
|
10614
10628
|
quota: params.quota === null ? null : params.quota ? {
|
|
@@ -10617,7 +10631,7 @@ class PayGateServer {
|
|
|
10617
10631
|
dailyCreditLimit: clampInt(Number(params.quota.dailyCreditLimit) || 0, 0, MAX_QUOTA_LIMIT),
|
|
10618
10632
|
monthlyCreditLimit: clampInt(Number(params.quota.monthlyCreditLimit) || 0, 0, MAX_QUOTA_LIMIT),
|
|
10619
10633
|
} : undefined,
|
|
10620
|
-
ipAllowlist: params.ipAllowlist,
|
|
10634
|
+
ipAllowlist: clampArray(params.ipAllowlist, MAX_IP_ALLOWLIST),
|
|
10621
10635
|
defaultCredits: params.defaultCredits ? clampInt(Number(params.defaultCredits), 0, MAX_CREDITS) : undefined,
|
|
10622
10636
|
maxSpendingLimit: params.maxSpendingLimit ? clampInt(Number(params.maxSpendingLimit), 0, MAX_SPENDING_LIMIT) : undefined,
|
|
10623
10637
|
tags: params.tags,
|