UNPKG

@builder.io/dev-tools

Version:

Builder.io Visual CMS Devtools

builder.io

71 lines (70 loc) 3.14 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
/** * File-backed implementation of the runtime-neutral {@link MCPOAuthStore} * defined in `vcp-common/mcp-oauth.ts`. * * Persists discovered OAuth metadata, registered DCR client info, and * obtained tokens under `~/.builder/config/mcp/`: * * ~/.builder/config/mcp/ * servers.json # discovered metadata + DCR client info per serverUrl * tokens.json # access/refresh tokens per serverUrl * * Path resolution priority: * 1. The `BUILDER_DEV_TOOLS_CREDS_DIR` env var (override for tests / * sandboxed envs). When set, files live directly under that dir. * 2. The `baseDir` constructor option (used by tests). * 3. `~/.builder/config/mcp/` — same `homedir()` pattern that * `getUserScopedCredentialsPath` (cli/credentials.ts:115-117) uses for * `~/.builder/config/data.json`. * * Server URL is the canonical key. We do NOT normalize the URL — different * paths under the same host can be different OAuth realms (e.g. v1 vs v2), * and case-folding the host is risky for IdPs that include case-sensitive * tokens in the path. * * PKCE state rows live in-memory: the loopback redirect runs in-process and * the state is short-lived (typically <60s between the SDK's `state()` call * and the user finishing browser auth). Persisting them buys nothing for * the local provider. */ import type { MCPOAuthMetadata, MCPOAuthState, MCPOAuthStore, MCPOAuthTokens } from "#vcp-common/mcp-oauth.js"; /** * Resolve the directory that holds `servers.json` / `tokens.json`. See the * module-level docstring for priority order. */ export declare function resolveMCPCredentialsDir(baseDir?: string): string; export interface FileMCPOAuthStoreOptions { /** OAuth-scoped server URL. Used verbatim as the canonical store key. */ serverUrl: string; /** * Override for the credentials directory. Mostly for tests — production * callers should rely on the env var or default * (`~/.builder/config/mcp/`). */ baseDir?: string; } /** * File-backed {@link MCPOAuthStore}. Each instance is bound to a single * `serverUrl`; the JSON files on disk hold many entries keyed by server URL, * so multiple instances coexist safely. */ export declare class FileMCPOAuthStore implements MCPOAuthStore { private readonly serverUrl; private readonly dir; private readonly serversPath; private readonly tokensPath; private readonly pkceStates; constructor(opts: FileMCPOAuthStoreOptions); getMetadata(): Promise<MCPOAuthMetadata | undefined>; saveMetadata(metadata: MCPOAuthMetadata): Promise<void>; markDiscoveryFailed(reason: string): Promise<void>; isDiscoveryFailed(): Promise<boolean>; getTokens(): Promise<MCPOAuthTokens | undefined>; saveTokens(tokens: MCPOAuthTokens): Promise<void>; invalidateCredentials(scope: "all" | "client" | "tokens" | "verifier" | "discovery"): Promise<void>; saveOAuthState(state: MCPOAuthState): Promise<void>; consumeOAuthState(stateValue: string): Promise<MCPOAuthState | undefined>; private ensureDir; private removeTokenEntry; private updateServerEntry; }