/** * DCR Router - OAuth 2.0 Authorization Server * * Implements OAuth 2.0 Dynamic Client Registration Protocol (RFC 7591) * and OAuth 2.0 Authorization Server endpoints (RFC 6749, RFC 8414, RFC 9728). * * Endpoints: * - GET /.well-known/oauth-authorization-server (RFC 8414 metadata) * - GET /.well-known/oauth-protected-resource (RFC 9728 metadata - root) * - GET /.well-known/oauth-protected-resource/mcp (RFC 9728 metadata - sub-path) * - POST /oauth/register (RFC 7591 client registration) * - GET /oauth/authorize (RFC 6749 authorization endpoint) * - POST /oauth/token (RFC 6749 token endpoint) * - POST /oauth/revoke (RFC 7009 token revocation) * - GET /oauth/verify (token verification for Resource Server) */ import express from 'express'; import type { Keyv } from 'keyv'; import type { OAuthClientConfig } from '../types.js'; /** * Configuration for DCR Router (self-hosted mode only) */ export interface DcrRouterConfig { /** Single Keyv store for all DCR data */ store: Keyv; /** Authorization Server issuer URL */ issuerUrl: string; /** Base URL for OAuth endpoints */ baseUrl: string; /** Supported OAuth scopes */ scopesSupported: string[]; /** OAuth client configuration for upstream provider */ clientConfig: OAuthClientConfig; } /** * Create DCR Router with OAuth 2.0 endpoints (self-hosted mode) * * For external mode (Auth0/Stitch), don't call this function - no router needed. * The server code should check DcrConfig.mode and only call this for 'self-hosted'. * * @param config - Router configuration * @returns Express router with OAuth endpoints */ export declare function createDcrRouter(config: DcrRouterConfig): express.Router;