ssh-mcp-pro 1.1.2 → 1.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. package/CHANGELOG.md +20 -0
  2. package/README.md +23 -1
  3. package/dist/config-parsers.d.ts +17 -0
  4. package/dist/config-parsers.d.ts.map +1 -0
  5. package/dist/config-parsers.js +86 -0
  6. package/dist/config-parsers.js.map +1 -0
  7. package/dist/config.d.ts +3 -2
  8. package/dist/config.d.ts.map +1 -1
  9. package/dist/config.js +5 -58
  10. package/dist/config.js.map +1 -1
  11. package/dist/ensure-pkg.d.ts +9 -0
  12. package/dist/ensure-pkg.d.ts.map +1 -0
  13. package/dist/ensure-pkg.js +105 -0
  14. package/dist/ensure-pkg.js.map +1 -0
  15. package/dist/ensure.d.ts.map +1 -1
  16. package/dist/ensure.js +5 -106
  17. package/dist/ensure.js.map +1 -1
  18. package/dist/fs-sftp.d.ts +58 -0
  19. package/dist/fs-sftp.d.ts.map +1 -0
  20. package/dist/fs-sftp.js +184 -0
  21. package/dist/fs-sftp.js.map +1 -0
  22. package/dist/fs-tools.d.ts.map +1 -1
  23. package/dist/fs-tools.js +2 -144
  24. package/dist/fs-tools.js.map +1 -1
  25. package/dist/mcp.d.ts +1 -1
  26. package/dist/mcp.js +1 -1
  27. package/dist/remote/agent-handler.d.ts +36 -0
  28. package/dist/remote/agent-handler.d.ts.map +1 -0
  29. package/dist/remote/agent-handler.js +255 -0
  30. package/dist/remote/agent-handler.js.map +1 -0
  31. package/dist/remote/control-plane.d.ts +4 -17
  32. package/dist/remote/control-plane.d.ts.map +1 -1
  33. package/dist/remote/control-plane.js +23 -657
  34. package/dist/remote/control-plane.js.map +1 -1
  35. package/dist/remote/http-util.d.ts +29 -0
  36. package/dist/remote/http-util.d.ts.map +1 -0
  37. package/dist/remote/http-util.js +159 -0
  38. package/dist/remote/http-util.js.map +1 -0
  39. package/dist/remote/oauth-handler.d.ts +47 -0
  40. package/dist/remote/oauth-handler.d.ts.map +1 -0
  41. package/dist/remote/oauth-handler.js +296 -0
  42. package/dist/remote/oauth-handler.js.map +1 -0
  43. package/dist/session-auth.d.ts +39 -0
  44. package/dist/session-auth.d.ts.map +1 -0
  45. package/dist/session-auth.js +148 -0
  46. package/dist/session-auth.js.map +1 -0
  47. package/dist/session.d.ts +25 -20
  48. package/dist/session.d.ts.map +1 -1
  49. package/dist/session.js +88 -159
  50. package/dist/session.js.map +1 -1
  51. package/dist/tunnel.d.ts.map +1 -1
  52. package/dist/tunnel.js +46 -9
  53. package/dist/tunnel.js.map +1 -1
  54. package/docs/audit/2026-06-05-ecosystem-audit.md +1 -1
  55. package/docs/governance/issue-taxonomy.json +5 -0
  56. package/mcp.json +1 -1
  57. package/package.json +21 -15
  58. package/registry/ssh-mcp-pro/mcp.json +1 -1
  59. package/server.json +3 -3
package/dist/remote/oauth-handler.js ADDED
@@ -0,0 +1,296 @@
1
+ import { URL } from "node:url";
2
+ import { hashSecret, id, issueAccessToken, nowIso, publicJwkFromPem, randomToken, } from "./crypto.js";
3
+ import { asString, asStringArray, addNoStore, isSafeRedirectUri, pkceChallenge, readJson, readJsonOrForm, redirect, safeError, scopeList, } from "./http-util.js";
4
+ import { REMOTE_SCOPES } from "./types.js";
5
+ import { jsonResponse } from "./util.js";
6
+ /** Handles OAuth 2.0 authorization code flow with PKCE and GitHub identity. */
7
+ export class OAuthHandler {
8
+ config;
9
+ store;
10
+ authorizeTransactions;
11
+ getJwtKeyPair;
12
+ audit;
13
+ constructor(config, store, authorizeTransactions, getJwtKeyPair, audit) {
14
+ this.config = config;
15
+ this.store = store;
16
+ this.authorizeTransactions = authorizeTransactions;
17
+ this.getJwtKeyPair = getJwtKeyPair;
18
+ this.audit = audit;
19
+ }
20
+ /** GET /.well-known/oauth-protected-resource */
21
+ protectedResourceMetadata() {
22
+ return {
23
+ resource: this.config.mcpResourceUrl,
24
+ resource_name: "SshAutomator MCP",
25
+ authorization_servers: [this.config.publicBaseUrl],
26
+ bearer_methods_supported: ["header"],
27
+ scopes_supported: REMOTE_SCOPES,
28
+ };
29
+ }
30
+ /** GET /.well-known/oauth-authorization-server */
31
+ authorizationServerMetadata() {
32
+ return {
33
+ issuer: this.config.publicBaseUrl,
34
+ authorization_endpoint: `${this.config.publicBaseUrl}/oauth/authorize`,
35
+ token_endpoint: `${this.config.publicBaseUrl}/oauth/token`,
36
+ registration_endpoint: `${this.config.publicBaseUrl}/oauth/register`,
37
+ jwks_uri: `${this.config.publicBaseUrl}/oauth/jwks.json`,
38
+ response_types_supported: ["code"],
39
+ grant_types_supported: ["authorization_code"],
40
+ code_challenge_methods_supported: ["S256"],
41
+ token_endpoint_auth_methods_supported: ["none"],
42
+ scopes_supported: REMOTE_SCOPES,
43
+ };
44
+ }
45
+ /** POST /oauth/register */
46
+ async handleRegister(req, res) {
47
+ const body = await readJson(req);
48
+ const redirectUris = asStringArray(body.redirect_uris);
49
+ if (redirectUris.length === 0 || redirectUris.some((uri) => !isSafeRedirectUri(uri))) {
50
+ throw safeError("INVALID_REDIRECT_URI", "redirect_uris must contain HTTPS URLs or localhost HTTP URLs");
51
+ }
52
+ if (this.store.countOAuthClients() >= this.config.maxOAuthClients) {
53
+ throw safeError("FORBIDDEN", "OAuth client registration limit reached", 429);
54
+ }
55
+ const now = nowIso();
56
+ const client = {
57
+ id: id("clirow"),
58
+ clientId: id("cli"),
59
+ clientName: asString(body.client_name) ?? "ChatGPT Connector",
60
+ redirectUris,
61
+ grantTypes: ["authorization_code"],
62
+ responseTypes: ["code"],
63
+ tokenEndpointAuthMethod: "none",
64
+ createdAt: now,
65
+ };
66
+ this.store.insertClient(client);
67
+ this.audit({
68
+ eventType: "oauth_client_registered",
69
+ severity: "info",
70
+ metadata: { client_id: client.clientId, redirect_uri_count: redirectUris.length },
71
+ });
72
+ jsonResponse(res, 201, {
73
+ client_id: client.clientId,
74
+ client_name: client.clientName,
75
+ redirect_uris: client.redirectUris,
76
+ grant_types: client.grantTypes,
77
+ response_types: client.responseTypes,
78
+ token_endpoint_auth_method: client.tokenEndpointAuthMethod,
79
+ }, addNoStore());
80
+ }
81
+ /** GET /oauth/authorize */
82
+ async handleAuthorize(req, res) {
83
+ const url = new URL(req.url ?? "/oauth/authorize", this.config.publicBaseUrl);
84
+ const clientId = url.searchParams.get("client_id") ?? "";
85
+ const redirectUri = url.searchParams.get("redirect_uri") ?? "";
86
+ const responseType = url.searchParams.get("response_type") ?? "";
87
+ const codeChallenge = url.searchParams.get("code_challenge") ?? "";
88
+ const codeChallengeMethod = url.searchParams.get("code_challenge_method") ?? "";
89
+ const state = url.searchParams.get("state") ?? "";
90
+ const resource = url.searchParams.get("resource") ?? this.config.mcpResourceUrl;
91
+ const scope = url.searchParams.get("scope") ?? "hosts:read agents:read status:read logs:read";
92
+ this.validateAuthorizeParams(clientId, redirectUri, responseType, codeChallenge, codeChallengeMethod, resource, scope);
93
+ const pending = {
94
+ clientId,
95
+ redirectUri,
96
+ codeChallenge,
97
+ resource,
98
+ scope,
99
+ state,
100
+ expiresAt: Date.now() + this.config.authCodeTtlSeconds * 1000,
101
+ };
102
+ const testUser = this.testGitHubUser();
103
+ if (testUser) {
104
+ const user = this.upsertGitHubUser(testUser);
105
+ const code = this.issueAuthorizationCode(pending, user.id);
106
+ const destination = new URL(redirectUri);
107
+ destination.searchParams.set("code", code);
108
+ if (state) {
109
+ destination.searchParams.set("state", state);
110
+ }
111
+ redirect(res, destination.toString());
112
+ return;
113
+ }
114
+ if (!this.config.githubClientId || !this.config.githubClientSecret) {
115
+ throw safeError("FORBIDDEN", "GitHub OAuth is not configured", 503);
116
+ }
117
+ const transactionId = id("code");
118
+ this.authorizeTransactions.set(transactionId, pending);
119
+ const githubUrl = new URL("https://github.com/login/oauth/authorize");
120
+ githubUrl.searchParams.set("client_id", this.config.githubClientId);
121
+ githubUrl.searchParams.set("redirect_uri", this.config.githubCallbackUrl);
122
+ githubUrl.searchParams.set("scope", "read:user");
123
+ githubUrl.searchParams.set("state", transactionId);
124
+ redirect(res, githubUrl.toString());
125
+ }
126
+ validateAuthorizeParams(clientId, redirectUri, responseType, codeChallenge, codeChallengeMethod, resource, scope) {
127
+ const client = this.store.getClient(clientId);
128
+ if (!client) {
129
+ throw safeError("INVALID_CLIENT", "Unknown client_id");
130
+ }
131
+ if (!client.redirectUris.includes(redirectUri) || !isSafeRedirectUri(redirectUri)) {
132
+ throw safeError("INVALID_REDIRECT_URI", "redirect_uri is not registered");
133
+ }
134
+ if (responseType !== "code") {
135
+ throw safeError("INVALID_CLIENT", "response_type must be code");
136
+ }
137
+ if (!codeChallenge || codeChallengeMethod !== "S256") {
138
+ throw safeError("PKCE_VALIDATION_FAILED", "PKCE S256 is required");
139
+ }
140
+ if (resource !== this.config.mcpResourceUrl) {
141
+ throw safeError("INVALID_TOKEN", "resource must match MCP resource URL");
142
+ }
143
+ scopeList(scope);
144
+ }
145
+ /** GET /oauth/callback/github */
146
+ async handleGitHubCallback(req, res) {
147
+ const url = new URL(req.url ?? "/oauth/callback/github", this.config.publicBaseUrl);
148
+ const code = url.searchParams.get("code") ?? "";
149
+ const state = url.searchParams.get("state") ?? "";
150
+ const pending = this.authorizeTransactions.get(state);
151
+ this.authorizeTransactions.delete(state);
152
+ if (!code || !pending || pending.expiresAt < Date.now()) {
153
+ throw safeError("INVALID_TOKEN", "OAuth transaction is missing or expired");
154
+ }
155
+ const githubUser = await this.fetchGitHubUser(code);
156
+ const user = this.upsertGitHubUser(githubUser);
157
+ const authCode = this.issueAuthorizationCode(pending, user.id);
158
+ const destination = new URL(pending.redirectUri);
159
+ destination.searchParams.set("code", authCode);
160
+ if (pending.state) {
161
+ destination.searchParams.set("state", pending.state);
162
+ }
163
+ redirect(res, destination.toString());
164
+ }
165
+ async fetchGitHubUser(code) {
166
+ const tokenResponse = await fetch("https://github.com/login/oauth/access_token", {
167
+ method: "POST",
168
+ headers: { Accept: "application/json", "Content-Type": "application/json" },
169
+ body: JSON.stringify({
170
+ client_id: this.config.githubClientId,
171
+ client_secret: this.config.githubClientSecret,
172
+ code,
173
+ redirect_uri: this.config.githubCallbackUrl,
174
+ }),
175
+ });
176
+ const tokenPayload = (await tokenResponse.json());
177
+ const accessToken = asString(tokenPayload.access_token);
178
+ if (!accessToken) {
179
+ throw safeError("INVALID_TOKEN", "GitHub OAuth token exchange failed", 502);
180
+ }
181
+ const userResponse = await fetch("https://api.github.com/user", {
182
+ headers: { Authorization: `Bearer ${accessToken}`, Accept: "application/vnd.github+json" },
183
+ });
184
+ const userPayload = (await userResponse.json());
185
+ return { id: String(userPayload.id ?? ""), login: String(userPayload.login ?? "") };
186
+ }
187
+ testGitHubUser() {
188
+ const idValue = process.env.SSHAUTOMATOR_TEST_GITHUB_ID;
189
+ const login = process.env.SSHAUTOMATOR_TEST_GITHUB_LOGIN;
190
+ return idValue && login ? { id: idValue, login } : undefined;
191
+ }
192
+ upsertGitHubUser(githubUser) {
193
+ if (!this.isGitHubUserAllowed(githubUser)) {
194
+ throw safeError("FORBIDDEN", "GitHub user is not allowed");
195
+ }
196
+ const existing = this.store.getUserByGitHubId(githubUser.id);
197
+ const internalId = existing?.id ?? `github:${githubUser.id}`;
198
+ this.store.upsertUser({ ...githubUser, internalId, now: nowIso() });
199
+ this.audit({
200
+ userId: internalId,
201
+ eventType: "user_login",
202
+ severity: "info",
203
+ metadata: { github_id: githubUser.id, github_login: githubUser.login },
204
+ });
205
+ return { id: internalId, githubId: githubUser.id, githubLogin: githubUser.login };
206
+ }
207
+ isGitHubUserAllowed(user) {
208
+ return (this.config.allowAllUsers ||
209
+ this.config.allowedGitHubIds.includes(user.id) ||
210
+ this.config.allowedGitHubLogins.includes(user.login));
211
+ }
212
+ issueAuthorizationCode(pending, userId) {
213
+ const code = randomToken(32);
214
+ const now = nowIso();
215
+ const record = {
216
+ id: id("code"),
217
+ codeHash: hashSecret(code),
218
+ clientId: pending.clientId,
219
+ userId,
220
+ redirectUri: pending.redirectUri,
221
+ codeChallenge: pending.codeChallenge,
222
+ codeChallengeMethod: "S256",
223
+ resource: pending.resource,
224
+ scope: pending.scope,
225
+ expiresAt: new Date(Date.now() + this.config.authCodeTtlSeconds * 1000).toISOString(),
226
+ createdAt: now,
227
+ };
228
+ this.store.insertAuthorizationCode(record);
229
+ return code;
230
+ }
231
+ /** POST /oauth/token */
232
+ async handleToken(req, res) {
233
+ const body = await readJsonOrForm(req);
234
+ if (body.grant_type !== "authorization_code") {
235
+ throw safeError("INVALID_CLIENT", "grant_type must be authorization_code");
236
+ }
237
+ const clientId = body.client_id ?? "";
238
+ const client = this.store.getClient(clientId);
239
+ if (!client) {
240
+ throw safeError("INVALID_CLIENT", "Unknown client_id");
241
+ }
242
+ const code = body.code ?? "";
243
+ const redirectUri = body.redirect_uri ?? "";
244
+ const verifier = body.code_verifier ?? "";
245
+ const codeRecord = this.store.getAuthorizationCodeByHash(hashSecret(code));
246
+ if (codeRecord?.clientId !== clientId || codeRecord?.redirectUri !== redirectUri) {
247
+ throw safeError("INVALID_TOKEN", "Invalid authorization code");
248
+ }
249
+ if (codeRecord.usedAt || new Date(codeRecord.expiresAt).getTime() < Date.now()) {
250
+ throw safeError("INVALID_TOKEN", "Authorization code is expired or already used");
251
+ }
252
+ if (!verifier || pkceChallenge(verifier) !== codeRecord.codeChallenge) {
253
+ throw safeError("PKCE_VALIDATION_FAILED", "Invalid PKCE code_verifier");
254
+ }
255
+ const jwtKeyPair = this.getJwtKeyPair();
256
+ const user = this.userFromId(codeRecord.userId);
257
+ const scopes = scopeList(codeRecord.scope);
258
+ try {
259
+ this.store.markAuthorizationCodeUsed(codeRecord.codeHash, nowIso());
260
+ }
261
+ catch {
262
+ throw safeError("INVALID_TOKEN", "Authorization code is expired or already used");
263
+ }
264
+ const token = await issueAccessToken(this.config, jwtKeyPair, user, scopes);
265
+ jsonResponse(res, 200, {
266
+ access_token: token.token,
267
+ token_type: "Bearer",
268
+ expires_in: this.config.accessTokenTtlSeconds,
269
+ scope: scopes.join(" "),
270
+ }, addNoStore());
271
+ }
272
+ userFromId(userId) {
273
+ if (userId.startsWith("github:")) {
274
+ const githubId = userId.slice("github:".length);
275
+ const user = this.store.getUserByGitHubId(githubId);
276
+ if (user) {
277
+ return user;
278
+ }
279
+ }
280
+ throw safeError("UNAUTHORIZED", "User no longer exists", 401);
281
+ }
282
+ /** Remove expired pending authorization transactions. */
283
+ cleanupExpired(now = Date.now()) {
284
+ for (const [transactionId, transaction] of this.authorizeTransactions.entries()) {
285
+ if (transaction.expiresAt <= now) {
286
+ this.authorizeTransactions.delete(transactionId);
287
+ }
288
+ }
289
+ }
290
+ /** GET /oauth/jwks.json */
291
+ async handleJwks(res) {
292
+ const jwtKeyPair = this.getJwtKeyPair();
293
+ jsonResponse(res, 200, { keys: [await publicJwkFromPem(jwtKeyPair.publicKeyPem)] }, addNoStore());
294
+ }
295
+ }
296
+ //# sourceMappingURL=oauth-handler.js.map
package/dist/remote/oauth-handler.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"oauth-handler.js","sourceRoot":"","sources":["../../src/remote/oauth-handler.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,GAAG,EAAE,MAAM,UAAU,CAAC;AAC/B,OAAO,EACL,UAAU,EACV,EAAE,EACF,gBAAgB,EAChB,MAAM,EACN,gBAAgB,EAChB,WAAW,GAEZ,MAAM,aAAa,CAAC;AACrB,OAAO,EACL,QAAQ,EACR,aAAa,EACb,UAAU,EACV,iBAAiB,EACjB,aAAa,EACb,QAAQ,EACR,cAAc,EACd,QAAQ,EACR,SAAS,EACT,SAAS,GACV,MAAM,gBAAgB,CAAC;AASxB,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAazC,+EAA+E;AAC/E,MAAM,OAAO,YAAY;IAEJ;IACA;IACA;IACA;IACA;IALnB,YACmB,MAAoB,EACpB,KAAkB,EAClB,qBAAoD,EACpD,aAA+B,EAC/B,KAA4D;QAJ5D,WAAM,GAAN,MAAM,CAAc;QACpB,UAAK,GAAL,KAAK,CAAa;QAClB,0BAAqB,GAArB,qBAAqB,CAA+B;QACpD,kBAAa,GAAb,aAAa,CAAkB;QAC/B,UAAK,GAAL,KAAK,CAAuD;IAC5E,CAAC;IAEJ,gDAAgD;IAChD,yBAAyB;QACvB,OAAO;YACL,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc;YACpC,aAAa,EAAE,kBAAkB;YACjC,qBAAqB,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;YAClD,wBAAwB,EAAE,CAAC,QAAQ,CAAC;YACpC,gBAAgB,EAAE,aAAa;SAChC,CAAC;IACJ,CAAC;IAED,kDAAkD;IAClD,2BAA2B;QACzB,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;YACjC,sBAAsB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,kBAAkB;YACtE,cAAc,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,cAAc;YAC1D,qBAAqB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,iBAAiB;YACpE,QAAQ,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,kBAAkB;YACxD,wBAAwB,EAAE,CAAC,MAAM,CAAC;YAClC,qBAAqB,EAAE,CAAC,oBAAoB,CAAC;YAC7C,gCAAgC,EAAE,CAAC,MAAM,CAAC;YAC1C,qCAAqC,EAAE,CAAC,MAAM,CAAC;YAC/C,gBAAgB,EAAE,aAAa;SAChC,CAAC;IACJ,CAAC;IAED,2BAA2B;IAC3B,KAAK,CAAC,cAAc,CAAC,GAAoB,EAAE,GAAmB;QAC5D,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACvD,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;YACrF,MAAM,SAAS,CACb,sBAAsB,EACtB,8DAA8D,CAC/D,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,KAAK,CAAC,iBAAiB,EAAE,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YAClE,MAAM,SAAS,CAAC,WAAW,EAAE,yCAAyC,EAAE,GAAG,CAAC,CAAC;QAC/E,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC;QACrB,MAAM,MAAM,GAAgB;YAC1B,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC;YAChB,QAAQ,EAAE,EAAE,CAAC,KAAK,CAAC;YACnB,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,mBAAmB;YAC7D,YAAY;YACZ,UAAU,EAAE,CAAC,oBAAoB,CAAC;YAClC,aAAa,EAAE,CAAC,MAAM,CAAC;YACvB,uBAAuB,EAAE,MAAM;YAC/B,SAAS,EAAE,GAAG;SACf,CAAC;QACF,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAChC,IAAI,CAAC,KAAK,CAAC;YACT,SAAS,EAAE,yBAAyB;YACpC,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,EAAE,SAAS,EAAE,MAAM,CAAC,QAAQ,EAAE,kBAAkB,EAAE,YAAY,CAAC,MAAM,EAAE;SAClF,CAAC,CAAC;QACH,YAAY,CACV,GAAG,EACH,GAAG,EACH;YACE,SAAS,EAAE,MAAM,CAAC,QAAQ;YAC1B,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,aAAa,EAAE,MAAM,CAAC,YAAY;YAClC,WAAW,EAAE,MAAM,CAAC,UAAU;YAC9B,cAAc,EAAE,MAAM,CAAC,aAAa;YACpC,0BAA0B,EAAE,MAAM,CAAC,uBAAuB;SAC3D,EACD,UAAU,EAAE,CACb,CAAC;IACJ,CAAC;IAED,2BAA2B;IAC3B,KAAK,CAAC,eAAe,CAAC,GAAoB,EAAE,GAAmB;QAC7D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAC9E,MAAM,QAAQ,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;QACzD,MAAM,WAAW,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;QAC/D,MAAM,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;QACjE,MAAM,aAAa,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC;QACnE,MAAM,mBAAmB,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,uBAAuB,CAAC,IAAI,EAAE,CAAC;QAChF,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAClD,MAAM,QAAQ,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;QAChF,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,8CAA8C,CAAC;QAE9F,IAAI,CAAC,uBAAuB,CAC1B,QAAQ,EACR,WAAW,EACX,YAAY,EACZ,aAAa,EACb,mBAAmB,EACnB,QAAQ,EACR,KAAK,CACN,CAAC;QAEF,MAAM,OAAO,GAAqB;YAChC,QAAQ;YACR,WAAW;YACX,aAAa;YACb,QAAQ;YACR,KAAK;YACL,KAAK;YACL,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,GAAG,IAAI;SAC9D,CAAC;QAEF,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;QACvC,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;YAC7C,MAAM,IAAI,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;YAC3D,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;YACzC,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;YAC3C,IAAI,KAAK,EAAE,CAAC;gBACV,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAC/C,CAAC;YACD,QAAQ,CAAC,GAAG,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;YACtC,OAAO;QACT,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACnE,MAAM,SAAS,CAAC,WAAW,EAAE,gCAAgC,EAAE,GAAG,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,aAAa,GAAG,EAAE,CAAC,MAAM,CAAC,CAAC;QACjC,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC;QACvD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACtE,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;QACpE,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC1E,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QACjD,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;QACnD,QAAQ,CAAC,GAAG,EAAE,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC;IACtC,CAAC;IAEO,uBAAuB,CAC7B,QAAgB,EAChB,WAAmB,EACnB,YAAoB,EACpB,aAAqB,EACrB,mBAA2B,EAC3B,QAAgB,EAChB,KAAa;QAEb,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,SAAS,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,CAAC;QACzD,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,iBAAiB,CAAC,WAAW,CAAC,EAAE,CAAC;YAClF,MAAM,SAAS,CAAC,sBAAsB,EAAE,gCAAgC,CAAC,CAAC;QAC5E,CAAC;QACD,IAAI,YAAY,KAAK,MAAM,EAAE,CAAC;YAC5B,MAAM,SAAS,CAAC,gBAAgB,EAAE,4BAA4B,CAAC,CAAC;QAClE,CAAC;QACD,IAAI,CAAC,aAAa,IAAI,mBAAmB,KAAK,MAAM,EAAE,CAAC;YACrD,MAAM,SAAS,CAAC,wBAAwB,EAAE,uBAAuB,CAAC,CAAC;QACrE,CAAC;QACD,IAAI,QAAQ,KAAK,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YAC5C,MAAM,SAAS,CAAC,eAAe,EAAE,sCAAsC,CAAC,CAAC;QAC3E,CAAC;QACD,SAAS,CAAC,KAAK,CAAC,CAAC;IACnB,CAAC;IAED,iCAAiC;IACjC,KAAK,CAAC,oBAAoB,CAAC,GAAoB,EAAE,GAAmB;QAClE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,wBAAwB,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QACpF,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QAChD,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC,IAAI,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YACxD,MAAM,SAAS,CAAC,eAAe,EAAE,yCAAyC,CAAC,CAAC;QAC9E,CAAC;QACD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;QACpD,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC/D,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACjD,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAC/C,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QACvD,CAAC;QACD,QAAQ,CAAC,GAAG,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;IACxC,CAAC;IAEO,KAAK,CAAC,eAAe,CAAC,IAAY;QACxC,MAAM,aAAa,GAAG,MAAM,KAAK,CAAC,6CAA6C,EAAE;YAC/E,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,MAAM,EAAE,kBAAkB,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC3E,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc;gBACrC,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBAC7C,IAAI;gBACJ,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aAC5C,CAAC;SACH,CAAC,CAAC;QACH,MAAM,YAAY,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,CAA4B,CAAC;QAC7E,MAAM,WAAW,GAAG,QAAQ,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC;QACxD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,SAAS,CAAC,eAAe,EAAE,oCAAoC,EAAE,GAAG,CAAC,CAAC;QAC9E,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,6BAA6B,EAAE;YAC9D,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,WAAW,EAAE,EAAE,MAAM,EAAE,6BAA6B,EAAE;SAC3F,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,CAAC,MAAM,YAAY,CAAC,IAAI,EAAE,CAA4B,CAAC;QAC3E,OAAO,EAAE,EAAE,EAAE,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,WAAW,CAAC,KAAK,IAAI,EAAE,CAAC,EAAE,CAAC;IACtF,CAAC;IAEO,cAAc;QACpB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC;QACxD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC;QACzD,OAAO,OAAO,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;IAC/D,CAAC;IAEO,gBAAgB,CAAC,UAAsB;QAK7C,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,UAAU,CAAC,EAAE,CAAC;YAC1C,MAAM,SAAS,CAAC,WAAW,EAAE,4BAA4B,CAAC,CAAC;QAC7D,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;QAC7D,MAAM,UAAU,GAAG,QAAQ,EAAE,EAAE,IAAI,UAAU,UAAU,CAAC,EAAE,EAAE,CAAC;QAC7D,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,GAAG,UAAU,EAAE,UAAU,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,KAAK,CAAC;YACT,MAAM,EAAE,UAAU;YAClB,SAAS,EAAE,YAAY;YACvB,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE,EAAE,YAAY,EAAE,UAAU,CAAC,KAAK,EAAE;SACvE,CAAC,CAAC;QACH,OAAO,EAAE,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,CAAC,EAAE,EAAE,WAAW,EAAE,UAAU,CAAC,KAAK,EAAE,CAAC;IACpF,CAAC;IAEO,mBAAmB,CAAC,IAAgB;QAC1C,OAAO,CACL,IAAI,CAAC,MAAM,CAAC,aAAa;YACzB,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC,MAAM,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CACrD,CAAC;IACJ,CAAC;IAEO,sBAAsB,CAAC,OAAyB,EAAE,MAAc;QACtE,MAAM,IAAI,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAC7B,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC;QACrB,MAAM,MAAM,GAA2B;YACrC,EAAE,EAAE,EAAE,CAAC,MAAM,CAAC;YACd,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,MAAM;YACN,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,mBAAmB,EAAE,MAAM;YAC3B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,SAAS,EAAE,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE;YACrF,SAAS,EAAE,GAAG;SACf,CAAC;QACF,IAAI,CAAC,KAAK,CAAC,uBAAuB,CAAC,MAAM,CAAC,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,wBAAwB;IACxB,KAAK,CAAC,WAAW,CAAC,GAAoB,EAAE,GAAmB;QACzD,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,GAAG,CAAC,CAAC;QACvC,IAAI,IAAI,CAAC,UAAU,KAAK,oBAAoB,EAAE,CAAC;YAC7C,MAAM,SAAS,CAAC,gBAAgB,EAAE,uCAAuC,CAAC,CAAC;QAC7E,CAAC;QACD,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,IAAI,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,SAAS,CAAC,gBAAgB,EAAE,mBAAmB,CAAC,CAAC;QACzD,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAG,IAAI,CAAC,YAAY,IAAI,EAAE,CAAC;QAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,IAAI,EAAE,CAAC;QAC1C,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,0BAA0B,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3E,IAAI,UAAU,EAAE,QAAQ,KAAK,QAAQ,IAAI,UAAU,EAAE,WAAW,KAAK,WAAW,EAAE,CAAC;YACjF,MAAM,SAAS,CAAC,eAAe,EAAE,4BAA4B,CAAC,CAAC;QACjE,CAAC;QACD,IAAI,UAAU,CAAC,MAAM,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAC/E,MAAM,SAAS,CAAC,eAAe,EAAE,+CAA+C,CAAC,CAAC;QACpF,CAAC;QACD,IAAI,CAAC,QAAQ,IAAI,aAAa,CAAC,QAAQ,CAAC,KAAK,UAAU,CAAC,aAAa,EAAE,CAAC;YACtE,MAAM,SAAS,CAAC,wBAAwB,EAAE,4BAA4B,CAAC,CAAC;QAC1E,CAAC;QACD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACxC,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,SAAS,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAC3C,IAAI,CAAC;YACH,IAAI,CAAC,KAAK,CAAC,yBAAyB,CAAC,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACtE,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,SAAS,CAAC,eAAe,EAAE,+CAA+C,CAAC,CAAC;QACpF,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAC5E,YAAY,CACV,GAAG,EACH,GAAG,EACH;YACE,YAAY,EAAE,KAAK,CAAC,KAAK;YACzB,UAAU,EAAE,QAAQ;YACpB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,qBAAqB;YAC7C,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC;SACxB,EACD,UAAU,EAAE,CACb,CAAC;IACJ,CAAC;IAEO,UAAU,CAAC,MAAc;QAC/B,IAAI,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACjC,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YAChD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;YACpD,IAAI,IAAI,EAAE,CAAC;gBACT,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QACD,MAAM,SAAS,CAAC,cAAc,EAAE,uBAAuB,EAAE,GAAG,CAAC,CAAC;IAChE,CAAC;IAED,yDAAyD;IACzD,cAAc,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE;QAC7B,KAAK,MAAM,CAAC,aAAa,EAAE,WAAW,CAAC,IAAI,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,EAAE,CAAC;YAChF,IAAI,WAAW,CAAC,SAAS,IAAI,GAAG,EAAE,CAAC;gBACjC,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;YACnD,CAAC;QACH,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,KAAK,CAAC,UAAU,CAAC,GAAmB;QAClC,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;QACxC,YAAY,CACV,GAAG,EACH,GAAG,EACH,EAAE,IAAI,EAAE,CAAC,MAAM,gBAAgB,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,EAAE,EAC3D,UAAU,EAAE,CACb,CAAC;IACJ,CAAC;CACF"}
package/dist/session-auth.d.ts ADDED
@@ -0,0 +1,39 @@
1
+ import type { Config } from "node-ssh";
2
+ import type { Logger } from "./logging.js";
3
+ /**
4
+ * SSH authentication configuration
5
+ */
6
+ export interface SSHAuthConfig {
7
+ password?: string;
8
+ privateKey?: string;
9
+ passphrase?: string;
10
+ agent?: string;
11
+ }
12
+ export type SSHConnectConfig = Config & {
13
+ knownHosts?: string;
14
+ hostHash?: "md5" | "sha1" | "sha256";
15
+ };
16
+ export declare const KNOWN_HOST_KEY_TYPES: Set<string>;
17
+ /** Normalize a SHA256 fingerprint by stripping the SHA256: prefix. */
18
+ export declare function normalizeSha256Fingerprint(fingerprint: string): string;
19
+ /** Compute SHA256 fingerprint(s) from a base64 key blob. */
20
+ export declare function knownHostKeyFingerprints(keyBlob: string): string[];
21
+ /** Generate a unique session ID. */
22
+ export declare function generateSessionId(): string;
23
+ /** Build SSH agent authentication config. */
24
+ export declare function buildAgentAuth(): SSHAuthConfig;
25
+ /** Load a private key from a file path. */
26
+ export declare function loadPrivateKeyFromPath(keyPath: string, passphrase?: string): Promise<SSHAuthConfig>;
27
+ /** Auto-discover private keys in standard SSH locations. */
28
+ export declare function discoverPrivateKeys(passphrase: string | undefined, logger?: Logger): Promise<SSHAuthConfig>;
29
+ /** Parse a single known_hosts line into its components. */
30
+ export declare function parseKnownHostLine(line: string): {
31
+ marker?: string;
32
+ hosts: string;
33
+ keyBlob: string;
34
+ } | undefined;
35
+ /** Check whether a known_hosts pattern matches the given host and port. */
36
+ export declare function knownHostPatternMatches(hosts: string, host: string, port: number): boolean;
37
+ /** Match a hashed known_hosts entry against a set of candidate host strings. */
38
+ export declare function hashedKnownHostPatternMatches(pattern: string, candidates: Set<string>): boolean;
39
+ //# sourceMappingURL=session-auth.d.ts.map
package/dist/session-auth.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"session-auth.d.ts","sourceRoot":"","sources":["../src/session-auth.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC;AAEvC,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAE3C;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,MAAM,gBAAgB,GAAG,MAAM,GAAG;IACtC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,KAAK,GAAG,MAAM,GAAG,QAAQ,CAAC;CACtC,CAAC;AAEF,eAAO,MAAM,oBAAoB,aAmB/B,CAAC;AAEH,sEAAsE;AACtE,wBAAgB,0BAA0B,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,CAEtE;AAED,4DAA4D;AAC5D,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,EAAE,CAKlE;AAED,oCAAoC;AACpC,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C;AAED,6CAA6C;AAC7C,wBAAgB,cAAc,IAAI,aAAa,CAU9C;AAED,2CAA2C;AAC3C,wBAAsB,sBAAsB,CAC1C,OAAO,EAAE,MAAM,EACf,UAAU,CAAC,EAAE,MAAM,GAClB,OAAO,CAAC,aAAa,CAAC,CAaxB;AAED,4DAA4D;AAC5D,wBAAsB,mBAAmB,CACvC,UAAU,EAAE,MAAM,GAAG,SAAS,EAC9B,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,aAAa,CAAC,CAsBxB;AAED,2DAA2D;AAC3D,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,GACX;IAAE,MAAM,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,SAAS,CAyBjE;AAED,2EAA2E;AAC3E,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CA2B1F;AAED,gFAAgF;AAChF,wBAAgB,6BAA6B,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,OAAO,CAoB/F"}
package/dist/session-auth.js ADDED
@@ -0,0 +1,148 @@
1
+ import { createHash, createHmac, randomUUID } from "node:crypto";
2
+ import * as fs from "fs";
3
+ import * as path from "path";
4
+ import * as os from "os";
5
+ import { createAuthError } from "./errors.js";
6
+ export const KNOWN_HOST_KEY_TYPES = new Set([
7
+ "ssh-ed25519",
8
+ "ssh-ed25519-cert-v01@openssh.com",
9
+ "ssh-rsa",
10
+ "ssh-rsa-cert-v01@openssh.com",
11
+ "rsa-sha2-256",
12
+ "rsa-sha2-256-cert-v01@openssh.com",
13
+ "rsa-sha2-512",
14
+ "rsa-sha2-512-cert-v01@openssh.com",
15
+ "ecdsa-sha2-nistp256",
16
+ "ecdsa-sha2-nistp256-cert-v01@openssh.com",
17
+ "ecdsa-sha2-nistp384",
18
+ "ecdsa-sha2-nistp384-cert-v01@openssh.com",
19
+ "ecdsa-sha2-nistp521",
20
+ "ecdsa-sha2-nistp521-cert-v01@openssh.com",
21
+ "sk-ssh-ed25519@openssh.com",
22
+ "sk-ssh-ed25519-cert-v01@openssh.com",
23
+ "sk-ecdsa-sha2-nistp256@openssh.com",
24
+ "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com",
25
+ ]);
26
+ /** Normalize a SHA256 fingerprint by stripping the SHA256: prefix. */
27
+ export function normalizeSha256Fingerprint(fingerprint) {
28
+ return fingerprint.replace(/^SHA256:/i, "").trim();
29
+ }
30
+ /** Compute SHA256 fingerprint(s) from a base64 key blob. */
31
+ export function knownHostKeyFingerprints(keyBlob) {
32
+ const key = Buffer.from(keyBlob, "base64");
33
+ const base64 = createHash("sha256").update(key).digest("base64").replace(/=+$/, "");
34
+ const hex = createHash("sha256").update(key).digest("hex");
35
+ return [base64, hex];
36
+ }
37
+ /** Generate a unique session ID. */
38
+ export function generateSessionId() {
39
+ return `ssh-${randomUUID()}`;
40
+ }
41
+ /** Build SSH agent authentication config. */
42
+ export function buildAgentAuth() {
43
+ const authSock = process.env.SSH_AUTH_SOCK;
44
+ if (!authSock) {
45
+ throw createAuthError("SSH agent not available", "Set SSH_AUTH_SOCK environment variable or use a different auth method");
46
+ }
47
+ return { agent: authSock };
48
+ }
49
+ /** Load a private key from a file path. */
50
+ export async function loadPrivateKeyFromPath(keyPath, passphrase) {
51
+ try {
52
+ const privateKey = await fs.promises.readFile(keyPath, "utf8");
53
+ return {
54
+ privateKey,
55
+ ...(passphrase !== undefined ? { passphrase } : {}),
56
+ };
57
+ }
58
+ catch {
59
+ throw createAuthError(`Failed to load private key from ${keyPath}`, "Check if the file exists and is readable");
60
+ }
61
+ }
62
+ /** Auto-discover private keys in standard SSH locations. */
63
+ export async function discoverPrivateKeys(passphrase, logger) {
64
+ const homeDir = os.homedir();
65
+ const keyDir = process.env.SSH_DEFAULT_KEY_DIR ?? path.join(homeDir, ".ssh");
66
+ const keyFiles = ["id_ed25519", "id_ecdsa", "id_ed25519_sk", "id_ecdsa_sk", "id_rsa"];
67
+ for (const keyFile of keyFiles) {
68
+ const keyPath = path.join(keyDir, keyFile);
69
+ try {
70
+ await fs.promises.access(keyPath, fs.constants.R_OK);
71
+ logger?.debug?.("Found SSH key", { path: keyPath });
72
+ return await loadPrivateKeyFromPath(keyPath, passphrase);
73
+ }
74
+ catch {
75
+ logger?.debug?.("SSH key not found or not readable", { path: keyPath });
76
+ }
77
+ }
78
+ throw createAuthError("No SSH private keys found in standard locations", `Checked: ${keyFiles.map((f) => path.join(keyDir, f)).join(", ")}`);
79
+ }
80
+ /** Parse a single known_hosts line into its components. */
81
+ export function parseKnownHostLine(line) {
82
+ const trimmed = line.trim();
83
+ if (!trimmed || trimmed.startsWith("#")) {
84
+ return undefined;
85
+ }
86
+ const parts = trimmed.split(/\s+/);
87
+ if (parts[0]?.startsWith("@")) {
88
+ if (parts.length < 4) {
89
+ return undefined;
90
+ }
91
+ if (!KNOWN_HOST_KEY_TYPES.has(parts[2] ?? "")) {
92
+ return undefined;
93
+ }
94
+ return { marker: parts[0], hosts: parts[1] ?? "", keyBlob: parts[3] ?? "" };
95
+ }
96
+ if (parts.length < 3) {
97
+ return undefined;
98
+ }
99
+ if (!KNOWN_HOST_KEY_TYPES.has(parts[1] ?? "")) {
100
+ return undefined;
101
+ }
102
+ return { hosts: parts[0] ?? "", keyBlob: parts[2] ?? "" };
103
+ }
104
+ /** Check whether a known_hosts pattern matches the given host and port. */
105
+ export function knownHostPatternMatches(hosts, host, port) {
106
+ const candidates = new Set([host, `[${host}]:${port}`]);
107
+ for (const pattern of hosts.split(",")) {
108
+ if (pattern.startsWith("|")) {
109
+ if (hashedKnownHostPatternMatches(pattern, candidates)) {
110
+ return true;
111
+ }
112
+ continue;
113
+ }
114
+ if (candidates.has(pattern)) {
115
+ return true;
116
+ }
117
+ const regex = new RegExp(`^${pattern
118
+ .replace(/[.+^${}()|[\]\\]/g, "\\$&")
119
+ .replace(/\*/g, ".*")
120
+ .replace(/\?/g, ".")}$`);
121
+ if (regex.test(host)) {
122
+ return true;
123
+ }
124
+ }
125
+ return false;
126
+ }
127
+ /** Match a hashed known_hosts entry against a set of candidate host strings. */
128
+ export function hashedKnownHostPatternMatches(pattern, candidates) {
129
+ const match = /^\|1\|([^|]+)\|([^|]+)$/u.exec(pattern);
130
+ if (!match) {
131
+ return false;
132
+ }
133
+ try {
134
+ const salt = Buffer.from(match[1] ?? "", "base64");
135
+ const expected = match[2] ?? "";
136
+ for (const candidate of candidates) {
137
+ const digest = createHmac("sha1", salt).update(candidate).digest("base64");
138
+ if (digest === expected) {
139
+ return true;
140
+ }
141
+ }
142
+ }
143
+ catch {
144
+ return false;
145
+ }
146
+ return false;
147
+ }
148
+ //# sourceMappingURL=session-auth.js.map
package/dist/session-auth.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"session-auth.js","sourceRoot":"","sources":["../src/session-auth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AAEzB,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAkB9C,MAAM,CAAC,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IAC1C,aAAa;IACb,kCAAkC;IAClC,SAAS;IACT,8BAA8B;IAC9B,cAAc;IACd,mCAAmC;IACnC,cAAc;IACd,mCAAmC;IACnC,qBAAqB;IACrB,0CAA0C;IAC1C,qBAAqB;IACrB,0CAA0C;IAC1C,qBAAqB;IACrB,0CAA0C;IAC1C,4BAA4B;IAC5B,qCAAqC;IACrC,oCAAoC;IACpC,6CAA6C;CAC9C,CAAC,CAAC;AAEH,sEAAsE;AACtE,MAAM,UAAU,0BAA0B,CAAC,WAAmB;IAC5D,OAAO,WAAW,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AACrD,CAAC;AAED,4DAA4D;AAC5D,MAAM,UAAU,wBAAwB,CAAC,OAAe;IACtD,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACpF,MAAM,GAAG,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3D,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;AACvB,CAAC;AAED,oCAAoC;AACpC,MAAM,UAAU,iBAAiB;IAC/B,OAAO,OAAO,UAAU,EAAE,EAAE,CAAC;AAC/B,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,cAAc;IAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC;IAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,eAAe,CACnB,yBAAyB,EACzB,uEAAuE,CACxE,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AAC7B,CAAC;AAED,2CAA2C;AAC3C,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,OAAe,EACf,UAAmB;IAEnB,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC/D,OAAO;YACL,UAAU;YACV,GAAG,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACpD,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,eAAe,CACnB,mCAAmC,OAAO,EAAE,EAC5C,0CAA0C,CAC3C,CAAC;IACJ,CAAC;AACH,CAAC;AAED,4DAA4D;AAC5D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,UAA8B,EAC9B,MAAe;IAEf,MAAM,OAAO,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;IAC7B,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,CAAC,YAAY,EAAE,UAAU,EAAE,eAAe,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;IAEtF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAE3C,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YACrD,MAAM,EAAE,KAAK,EAAE,CAAC,eAAe,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;YACpD,OAAO,MAAM,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC3D,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,EAAE,KAAK,EAAE,CAAC,mCAAmC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;IAED,MAAM,eAAe,CACnB,iDAAiD,EACjD,YAAY,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACnE,CAAC;AACJ,CAAC;AAED,2DAA2D;AAC3D,MAAM,UAAU,kBAAkB,CAChC,IAAY;IAEZ,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACnC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC9C,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;IAC9E,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;QAC9C,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;AAC5D,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,uBAAuB,CAAC,KAAa,EAAE,IAAY,EAAE,IAAY;IAC/E,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC;IAExD,KAAK,MAAM,OAAO,IAAI,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,IAAI,6BAA6B,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,CAAC;gBACvD,OAAO,IAAI,CAAC;YACd,CAAC;YACD,SAAS;QACX,CAAC;QAED,IAAI,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,MAAM,CACtB,IAAI,OAAO;aACR,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC;aACpC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC;aACpB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,GAAG,CAC1B,CAAC;QACF,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,gFAAgF;AAChF,MAAM,UAAU,6BAA6B,CAAC,OAAe,EAAE,UAAuB;IACpF,MAAM,KAAK,GAAG,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACvD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,QAAQ,CAAC,CAAC;QACnD,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC3E,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;gBACxB,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}
package/dist/session.d.ts CHANGED
@@ -27,6 +27,16 @@ export declare class SessionManager {
27
27
  private cleanupInterval;
28
28
  private readonly acceptedHostKeys;
29
29
  private readonly closeListeners;
30
+ /**
31
+ * Tracks sessions that are currently being closed.
32
+ * Used to exclude them from active-session reporting.
33
+ */
34
+ private readonly closingSessions;
35
+ /**
36
+ * Tracks in-flight operations per session.
37
+ * Cleanup and eviction skip sessions with a non-zero count.
38
+ */
39
+ private readonly activeOperations;
30
40
  constructor(maxSessions?: number, defaultTtlMs?: number, cleanupIntervalMs?: number, security?: ServerConfig["security"], policy?: Pick<PolicyEngine, "assertAllowed"> | undefined);
31
41
  /**
32
42
  * Destroys the session manager, cleaning up all sessions and intervals
@@ -57,33 +67,14 @@ export declare class SessionManager {
57
67
  * Builds key-based authentication
58
68
  */
59
69
  private buildKeyAuth;
60
- /**
61
- * Builds SSH agent authentication
62
- */
63
- private buildAgentAuth;
64
70
  /**
65
71
  * Builds automatic authentication (tries password, then key, then agent)
66
72
  */
67
73
  private buildAutoAuth;
68
- /**
69
- * Loads private key from file path
70
- */
71
- private loadPrivateKeyFromPath;
72
- /**
73
- * Auto-discovers private keys in standard locations
74
- */
75
- private discoverPrivateKeys;
76
- /**
77
- * Generates a unique session ID
78
- */
79
- private generateSessionId;
80
74
  private notifySessionClose;
81
75
  private resolveHostKeyPolicy;
82
76
  private verifyAcceptNewHostKey;
83
77
  private verifyKnownHostKey;
84
- private parseKnownHostLine;
85
- private knownHostPatternMatches;
86
- private hashedKnownHostPatternMatches;
87
78
  /**
88
79
  * Evicts the oldest (least recently used) session
89
80
  */
@@ -93,7 +84,21 @@ export declare class SessionManager {
93
84
  */
94
85
  private cleanupExpiredSessions;
95
86
  /**
96
- * Gets information about all active sessions
87
+ * Records that an operation is starting on a session.
88
+ * Prevents cleanup/eviction from removing the session while busy.
89
+ */
90
+ beginOperation(sessionId: string): void;
91
+ /**
92
+ * Records that an operation on a session has completed.
93
+ * Must be called in a finally block paired with beginOperation.
94
+ */
95
+ endOperation(sessionId: string): void;
96
+ /**
97
+ * Returns whether a session has in-flight operations.
98
+ */
99
+ private hasActiveOperations;
100
+ /**
101
+ * Returns information about all active non-expired non-closing sessions.
97
102
  */
98
103
  getActiveSessions(): SessionInfo[];
99
104
  /**
package/dist/session.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAe,MAAM,UAAU,CAAC;AAChD,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAKxC,OAAO,EACL,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,MAAM,EAGP,MAAM,YAAY,CAAC;AAUpB,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAEhD;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,OAAO,CAAC;IACb,IAAI,CAAC,EAAE,WAAW,CAAC;IACnB,IAAI,EAAE,WAAW,CAAC;IAClB,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,oBAAoB,GAAG,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AA8C/E;;GAEG;AACH,qBAAa,cAAc;IAYvB,OAAO,CAAC,QAAQ,CAAC,QAAQ;IAMzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;IAjB1B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiC;IAC1D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,eAAe,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAA6B;IAC9D,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAmC;gBAGhE,WAAW,SAAK,EAChB,YAAY,SAAU,EACtB,iBAAiB,SAAS,EACT,QAAQ,GAAE,YAAY,CAAC,UAAU,CAKjD,EACgB,MAAM,CAAC,EAAE,IAAI,CAAC,YAAY,EAAE,eAAe,CAAC,YAAA;IAW/D;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ9B,cAAc,CAAC,QAAQ,EAAE,oBAAoB,GAAG,MAAM,IAAI;IAO1D;;OAEG;IACG,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAenD;;OAEG;IACG,WAAW,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,aAAa,CAAC;IA+LnE;;OAEG;IACG,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAwBvD;;OAEG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,UAAU,GAAG,SAAS;IAerD;;OAEG;YACW,eAAe;IAqB7B;;OAEG;YACW,YAAY;IAmB1B;;OAEG;YACW,cAAc;IAa5B;;OAEG;YACW,aAAa;IAuB3B;;OAEG;YACW,sBAAsB;IAkBpC;;OAEG;YACW,mBAAmB;IAwBjC;;OAEG;IACH,OAAO,CAAC,iBAAiB;YAIX,kBAAkB;IAgChC,OAAO,CAAC,oBAAoB;IAU5B,OAAO,CAAC,sBAAsB;IAc9B,OAAO,CAAC,kBAAkB;IA2C1B,OAAO,CAAC,kBAAkB;IA6B1B,OAAO,CAAC,uBAAuB;IA6B/B,OAAO,CAAC,6BAA6B;IAsBrC;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAiB1B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAgB9B;;OAEG;IACH,iBAAiB,IAAI,WAAW,EAAE;IAMlC;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC;IAKvC;;OAEG;IACG,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAgCxE;;OAEG;IACG,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAezD;;OAEG;IACG,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,SAAS,CAAC;CAsBlF"}
1
+ {"version":3,"file":"session.d.ts","sourceRoot":"","sources":["../src/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,UAAU,CAAC;AACnC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,MAAM,CAAC;AAgBxC,OAAO,EACL,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,MAAM,EAGP,MAAM,YAAY,CAAC;AAUpB,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAChD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAEhD;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,OAAO,CAAC;IACb,IAAI,CAAC,EAAE,WAAW,CAAC;IACnB,IAAI,EAAE,WAAW,CAAC;IAClB,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,MAAM,oBAAoB,GAAG,CAAC,SAAS,EAAE,MAAM,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE/E;;GAEG;AACH,qBAAa,cAAc;IAwBvB,OAAO,CAAC,QAAQ,CAAC,QAAQ;IAMzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;IA7B1B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAiC;IAC1D,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAS;IACtC,OAAO,CAAC,eAAe,CAA6B;IACpD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAA6B;IAC9D,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAmC;IAElE;;;OAGG;IACH,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAqB;IAErD;;;OAGG;IACH,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAA6B;gBAG5D,WAAW,SAAK,EAChB,YAAY,SAAU,EACtB,iBAAiB,SAAS,EACT,QAAQ,GAAE,YAAY,CAAC,UAAU,CAKjD,EACgB,MAAM,CAAC,EAAE,IAAI,CAAC,YAAY,EAAE,eAAe,CAAC,YAAA;IAW/D;;OAEG;IACG,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ9B,cAAc,CAAC,QAAQ,EAAE,oBAAoB,GAAG,MAAM,IAAI;IAO1D;;OAEG;IACG,SAAS,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAenD;;OAEG;IACG,WAAW,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,aAAa,CAAC;IA+LnE;;OAEG;IACG,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAiCvD;;OAEG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,UAAU,GAAG,SAAS;IAkBrD;;OAEG;YACW,eAAe;IAqB7B;;OAEG;YACW,YAAY;IAmB1B;;OAEG;YACW,aAAa;YAuBb,kBAAkB;IAgChC,OAAO,CAAC,oBAAoB;IAU5B,OAAO,CAAC,sBAAsB;IAc9B,OAAO,CAAC,kBAAkB;IA2C1B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAuB1B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAsB9B;;;OAGG;IACH,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAKvC;;;OAGG;IACH,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAarC;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAI3B;;OAEG;IACH,iBAAiB,IAAI,WAAW,EAAE;IAkBlC;;OAEG;IACG,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC;IAKvC;;OAEG;IACG,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAgCxE;;OAEG;IACG,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAezD;;OAEG;IACG,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG,SAAS,CAAC;CAsBlF"}