Class: KairosMcp::Tools::TokenManage

Inherits:

BaseTool

• Object
• BaseTool
• KairosMcp::Tools::TokenManage

Defined in:

lib/kairos_mcp/tools/token_manage.rb

Overview

TokenManage: MCP tool for managing Bearer tokens

Commands:

create  - Create a new token for a user
revoke  - Revoke a user's active tokens
list    - List all tokens (without showing token values)
rotate  - Revoke old token and create new one for a user

Phase 1: All authenticated users can manage tokens. Phase 2: Only ‘owner’ role can manage tokens (enforced by Safety).

Instance Method Summary

• #call(arguments) ⇒ Object
• #category ⇒ Object
• #description ⇒ Object
• #examples ⇒ Object
• #input_schema ⇒ Object
• #name ⇒ Object
• #related_tools ⇒ Object
• #usecase_tags ⇒ Object

Methods inherited from BaseTool

#initialize, #invoke_tool, #to_full_schema, #to_schema

Constructor Details

This class inherits a constructor from KairosMcp::Tools::BaseTool

Instance Method Details

#call(arguments) ⇒ Object

# File 'lib/kairos_mcp/tools/token_manage.rb', line 92

def call(arguments)
  command = arguments['command']
  user = arguments['user']
  role = arguments['role'] || 'member'
  expires_in = arguments['expires_in']

  # Get current user context from safety (set by Protocol in HTTP mode)
  current_user = @safety&.current_user

  case command
  when 'create'
    handle_create(user, role, expires_in, current_user)
  when 'revoke'
    handle_revoke(user, current_user)
  when 'list'
    handle_list
  when 'rotate'
    handle_rotate(user, current_user)
  else
    text_content("Unknown command: #{command}")
  end
rescue ArgumentError => e
  text_content("Error: #{e.message}")
rescue StandardError => e
  text_content("Error: #{e.message}")
end

#category ⇒ Object

# File 'lib/kairos_mcp/tools/token_manage.rb', line 28

def category
  :utility
end

#description ⇒ Object

# File 'lib/kairos_mcp/tools/token_manage.rb', line 24

def description
  'Manage Bearer tokens for HTTP authentication. Create, revoke, list, or rotate tokens for team members.'
end

#examples ⇒ Object

# File 'lib/kairos_mcp/tools/token_manage.rb', line 36

def examples
  [
    {
      title: 'Create a member token',
      code: 'token_manage(command: "create", user: "alice", role: "member")'
    },
    {
      title: 'Create a short-lived token',
      code: 'token_manage(command: "create", user: "ci_bot", role: "guest", expires_in: "24h")'
    },
    {
      title: 'List active tokens',
      code: 'token_manage(command: "list")'
    },
    {
      title: 'Rotate a token',
      code: 'token_manage(command: "rotate", user: "alice")'
    },
    {
      title: 'Revoke a token',
      code: 'token_manage(command: "revoke", user: "alice")'
    }
  ]
end

#input_schema ⇒ Object

# File 'lib/kairos_mcp/tools/token_manage.rb', line 65

def input_schema
  {
    type: 'object',
    properties: {
      command: {
        type: 'string',
        description: 'Command: "create", "revoke", "list", or "rotate"',
        enum: %w[create revoke list rotate]
      },
      user: {
        type: 'string',
        description: 'Target username (required for create, revoke, rotate)'
      },
      role: {
        type: 'string',
        description: 'Role for new token: "owner", "member", or "guest" (default: "member")',
        enum: %w[owner member guest]
      },
      expires_in: {
        type: 'string',
        description: 'Token expiry: "90d" (default), "24h", "7d", "never"'
      }
    },
    required: ['command']
  }
end

#name ⇒ Object

# File 'lib/kairos_mcp/tools/token_manage.rb', line 20

def name
  'token_manage'
end

#related_tools ⇒ Object

# File 'lib/kairos_mcp/tools/token_manage.rb', line 61

def related_tools
  %w[chain_history chain_status]
end

#usecase_tags ⇒ Object

# File 'lib/kairos_mcp/tools/token_manage.rb', line 32

def usecase_tags
  %w[auth token security HTTP team management]
end