/** * Secure Credential Management for MCP * * Handles secure storage, rotation, and access control for LLM provider credentials */ import { EventEmitter } from 'events'; import { CredentialConfig } from '../types'; import { MemoryStorageProvider } from '../../storage/providers/memory-storage-provider'; /** * Credential data structure */ export interface Credential { id: string; providerId: string; type: 'api_key' | 'oauth_token' | 'certificate' | 'custom'; value: string; encryptedValue?: string; metadata: { createdAt: Date; updatedAt: Date; expiresAt?: Date; rotatedAt?: Date; lastUsedAt?: Date; usageCount: number; description?: string; tags?: string[]; }; validation?: { validated: boolean; validatedAt?: Date; validationError?: string; }; } /** * Credential validation result */ export interface CredentialValidationResult { valid: boolean; error?: string; details?: any; } /** * Credential rotation result */ export interface CredentialRotationResult { rotated: boolean; oldCredentialId: string; newCredentialId?: string; error?: string; } /** * Secure Credential Manager */ export declare class CredentialManager extends EventEmitter { private config; private credentials; private encryptionKey; private encryptionConfig; private rotationTimers; private validationCache; private storageProvider; constructor(config: CredentialConfig, storageProvider?: MemoryStorageProvider); /** * Initialize encryption */ private initializeEncryption; /** * Load credentials from storage */ private loadCredentials; /** * Save credentials to storage */ private saveCredentials; /** * Add credential */ addCredential(providerId: string, type: Credential['type'], value: string, metadata?: Partial): Promise; /** * Get credential for provider */ getCredential(providerId: string): Promise; /** * Update credential */ updateCredential(credentialId: string, updates: Partial>): Promise; /** * Delete credential */ deleteCredential(credentialId: string): Promise; /** * Rotate credential */ rotateCredential(credentialId: string, newValue: string): Promise; /** * Validate credential */ private validateCredential; /** * Schedule credential rotation */ private scheduleRotation; /** * Encrypt value */ private encrypt; /** * Decrypt value */ private decrypt; /** * Get credential statistics */ getStatistics(): { total: number; byProvider: Record; byType: Record; expired: number; rotating: number; validated: number; failed: number; }; /** * Export credentials (for backup) */ exportCredentials(includeValues?: boolean): Promise; /** * Import credentials */ importCredentials(data: string, overwrite?: boolean): Promise; /** * Shutdown credential manager */ shutdown(): Promise; } export default CredentialManager; //# sourceMappingURL=credential-manager.d.ts.map