@adcp/sdk 7.6.0 → 7.7.0

package/dist/lib/signing/errors.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.SigningProviderAlgorithmMismatchError = exports.WebhookSignatureError = exports.RequestSignatureError = void 0;
+exports.SigningProviderAlgorithmMismatchError = exports.ResponseSignatureError = exports.WebhookSignatureError = exports.RequestSignatureError = void 0;
 const errors_1 = require("../errors");
 class RequestSignatureError extends errors_1.ADCPError {
     code;
@@ -22,6 +22,16 @@ class WebhookSignatureError extends errors_1.ADCPError {
     }
 }
 exports.WebhookSignatureError = WebhookSignatureError;
+class ResponseSignatureError extends errors_1.ADCPError {
+    code;
+    failedStep;
+    constructor(code, failedStep, message, details) {
+        super(message, details);
+        this.code = code;
+        this.failedStep = failedStep;
+    }
+}
+exports.ResponseSignatureError = ResponseSignatureError;
 /**
  * Adapter-side error thrown when a `SigningProvider`'s declared `algorithm`
  * doesn't match the algorithm of the underlying key material.

package/dist/lib/signing/errors.js.map

@@ -1 +1 @@
-{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../src/lib/signing/errors.ts"],"names":[],"mappings":";;;AAAA,sCAAsC;AAoBtC,MAAa,qBAAsB,SAAQ,kBAAS;IACzC,IAAI,CAA4B;IAChC,UAAU,CAAS;IAE5B,YAAY,IAA+B,EAAE,UAAkB,EAAE,OAAe,EAAE,OAAiB;QACjG,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;CACF;AATD,sDASC;AA2CD,MAAa,qBAAsB,SAAQ,kBAAS;IACzC,IAAI,CAA4B;IAChC,UAAU,CAAS;IAE5B,YAAY,IAA+B,EAAE,UAAkB,EAAE,OAAe,EAAE,OAAiB;QACjG,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;CACF;AATD,sDASC;AAUD;;;;;;;;GAQG;AACH,MAAa,qCAAsC,SAAQ,kBAAS;IACzD,IAAI,GAA6B,qCAAqC,CAAC;IACvE,QAAQ,CAAS;IACjB,MAAM,CAAS;IACf,WAAW,CAAS;IAE7B,YAAY,QAAgB,EAAE,MAAc,EAAE,WAAmB;QAC/D,KAAK,CACH,uCAAuC,QAAQ,4BAA4B,MAAM,WAAW,WAAW,MAAM;YAC3G,wGAAwG,CAC3G,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;CACF;AAfD,sFAeC"}
+{"version":3,"file":"errors.js","sourceRoot":"","sources":["../../../src/lib/signing/errors.ts"],"names":[],"mappings":";;;AAAA,sCAAsC;AAoBtC,MAAa,qBAAsB,SAAQ,kBAAS;IACzC,IAAI,CAA4B;IAChC,UAAU,CAAS;IAE5B,YAAY,IAA+B,EAAE,UAAkB,EAAE,OAAe,EAAE,OAAiB;QACjG,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;CACF;AATD,sDASC;AA2CD,MAAa,qBAAsB,SAAQ,kBAAS;IACzC,IAAI,CAA4B;IAChC,UAAU,CAAS;IAE5B,YAAY,IAA+B,EAAE,UAAkB,EAAE,OAAe,EAAE,OAAiB;QACjG,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;CACF;AATD,sDASC;AAoCD,MAAa,sBAAuB,SAAQ,kBAAS;IAC1C,IAAI,CAA6B;IACjC,UAAU,CAAS;IAE5B,YAAY,IAAgC,EAAE,UAAkB,EAAE,OAAe,EAAE,OAAiB;QAClG,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;CACF;AATD,wDASC;AAUD;;;;;;;;GAQG;AACH,MAAa,qCAAsC,SAAQ,kBAAS;IACzD,IAAI,GAA6B,qCAAqC,CAAC;IACvE,QAAQ,CAAS;IACjB,MAAM,CAAS;IACf,WAAW,CAAS;IAE7B,YAAY,QAAgB,EAAE,MAAc,EAAE,WAAmB;QAC/D,KAAK,CACH,uCAAuC,QAAQ,4BAA4B,MAAM,WAAW,WAAW,MAAM;YAC3G,wGAAwG,CAC3G,CAAC;QACF,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;IACjC,CAAC;CACF;AAfD,sFAeC"}

package/dist/lib/signing/jwks-helpers.d.ts

@@ -1,5 +1,5 @@
 import type { AdcpJsonWebKey, AdcpSignAlg } from './types';
-export type AdcpUse = 'request-signing' | 'webhook-signing';
+export type AdcpUse = 'request-signing' | 'webhook-signing' | 'response-signing';
 export interface PemToAdcpJwkOptions {
     /** `kid` to embed in the JWK — must match the value published in `Signature-Input`. */
     kid: string;
@@ -9,6 +9,9 @@ export interface PemToAdcpJwkOptions {
      * Purpose binding, enforced by AdCP verifiers at step 8.
      * - `'request-signing'` — for JWKs published at the buyer's `jwks_uri`.
      * - `'webhook-signing'` — for JWKs used to sign outbound webhook callbacks.
+     * - `'response-signing'` — for JWKs used to sign outbound responses
+     *   (RFC 9421 §2.2.9 response signing). Verifier surface is a follow-up;
+     *   the value is reserved here so signer-side JWKs can declare it now.
      */
     adcp_use: AdcpUse;
 }

package/dist/lib/signing/jwks-helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"jwks-helpers.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/jwks-helpers.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAkB3D,MAAM,MAAM,OAAO,GAAG,iBAAiB,GAAG,iBAAiB,CAAC;AAE5D,MAAM,WAAW,mBAAmB;IAClC,uFAAuF;IACvF,GAAG,EAAE,MAAM,CAAC;IACZ,6EAA6E;IAC7E,SAAS,EAAE,WAAW,CAAC;IACvB;;;;OAIG;IACH,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,GAAG,cAAc,CA2CtF"}
+{"version":3,"file":"jwks-helpers.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/jwks-helpers.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAkB3D,MAAM,MAAM,OAAO,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,kBAAkB,CAAC;AAEjF,MAAM,WAAW,mBAAmB;IAClC,uFAAuF;IACvF,GAAG,EAAE,MAAM,CAAC;IACZ,6EAA6E;IAC7E,SAAS,EAAE,WAAW,CAAC;IACvB;;;;;;;OAOG;IACH,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,GAAG,cAAc,CA2CtF"}

package/dist/lib/signing/jwks-helpers.js.map

@@ -1 +1 @@
-{"version":3,"file":"jwks-helpers.js","sourceRoot":"","sources":["../../../src/lib/signing/jwks-helpers.ts"],"names":[],"mappings":";;AAkEA,oCA2CC;AA7GD,6CAA8C;AAG9C;;;;;;;;;;GAUG;AACH,MAAM,gBAAgB,GAAgC;IACpD,OAAO,EAAE,OAAO;IAChB,mBAAmB,EAAE,OAAO;CAC7B,CAAC;AAiBF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,SAAgB,YAAY,CAAC,GAAW,EAAE,OAA4B;IACpE,wEAAwE;IACxE,uEAAuE;IACvE,sEAAsE;IACtE,uEAAuE;IACvE,iBAAiB;IACjB,IAAI,kCAAkC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CACjB,2CAA2C;YACzC,gEAAgE;YAChE,wDAAwD,CAC3D,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,IAAA,6BAAe,EAAC,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACxD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CACjB,sDAAsD;YACpD,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI;YACvD,4CAA4C,CAC/C,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACpD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CACjB,wCAAwC,OAAO,CAAC,SAAS,KAAK;YAC5D,cAAc,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC5D,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAA4B,CAAC;IAE7E,OAAO;QACL,GAAG,QAAQ;QACX,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,KAAK;QACV,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,OAAO,EAAE,CAAC,QAAQ,CAAC;KACF,CAAC;AACtB,CAAC"}
+{"version":3,"file":"jwks-helpers.js","sourceRoot":"","sources":["../../../src/lib/signing/jwks-helpers.ts"],"names":[],"mappings":";;AAqEA,oCA2CC;AAhHD,6CAA8C;AAG9C;;;;;;;;;;GAUG;AACH,MAAM,gBAAgB,GAAgC;IACpD,OAAO,EAAE,OAAO;IAChB,mBAAmB,EAAE,OAAO;CAC7B,CAAC;AAoBF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,SAAgB,YAAY,CAAC,GAAW,EAAE,OAA4B;IACpE,wEAAwE;IACxE,uEAAuE;IACvE,sEAAsE;IACtE,uEAAuE;IACvE,iBAAiB;IACjB,IAAI,kCAAkC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,SAAS,CACjB,2CAA2C;YACzC,gEAAgE;YAChE,wDAAwD,CAC3D,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,IAAA,6BAAe,EAAC,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;IACxD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CACjB,sDAAsD;YACpD,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI;YACvD,4CAA4C,CAC/C,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACpD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,IAAI,SAAS,CACjB,wCAAwC,OAAO,CAAC,SAAS,KAAK;YAC5D,cAAc,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC5D,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,CAA4B,CAAC;IAE7E,OAAO;QACL,GAAG,QAAQ;QACX,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,KAAK;QACV,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,OAAO,EAAE,CAAC,QAAQ,CAAC;KACF,CAAC;AACtB,CAAC"}

package/dist/lib/signing/provider.d.ts

@@ -1,3 +1,4 @@
+import type { AdcpUse } from './jwks-helpers';
 import type { AdcpSignAlg } from './types';
 /**
  * Pluggable signer that the AdCP request- and webhook-signing paths route
@@ -51,6 +52,22 @@ export interface SigningProvider {
      * Wire-format algorithm identifier. Same vocabulary as `ALLOWED_ALGS`.
      */
     readonly algorithm: AdcpSignAlg;
+    /**
+     * Purpose binding for the underlying key, parallel to the sync-path
+     * `SignerKey.privateKey.adcp_use` gate. When set, the async helpers
+     * (`signRequestAsync`, `signWebhookAsync`, `signResponseAsync`) refuse
+     * keys whose `adcpUse` doesn't match the helper, with the same error
+     * codes the verifier raises at step 8.
+     *
+     * **Optional and backward-compatible.** Existing providers that omit
+     * `adcpUse` skip the gate (no breakage, but no defense-in-depth either).
+     * Adapter authors who care about catching IAM misconfig at the signer
+     * rather than the verifier should set this — KMS is exactly where one
+     * IAM mistake silently grants a single key cross-purpose access, and
+     * `request-signing` / `webhook-signing` / `response-signing` keys MUST
+     * stay distinct per AdCP step-8 purpose-binding.
+     */
+    readonly adcpUse?: AdcpUse;
     /**
      * Stable opaque identifier disambiguating this signer from others
      * advertising the same `kid`. Used as input to the SDK's transport- and

package/dist/lib/signing/provider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,MAAM,WAAW,eAAe;IAC9B;;;;OAIG;IACH,IAAI,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAE/C;;;OAGG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,QAAQ,CAAC,SAAS,EAAE,WAAW,CAAC;IAEhC;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;CAC9B"}
+{"version":3,"file":"provider.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/provider.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,SAAS,CAAC;AAE3C;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAmCG;AACH,MAAM,WAAW,eAAe;IAC9B;;;;OAIG;IACH,IAAI,CAAC,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAE/C;;;OAGG;IACH,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IAEvB;;OAEG;IACH,QAAQ,CAAC,SAAS,EAAE,WAAW,CAAC;IAEhC;;;;;;;;;;;;;;OAcG;IACH,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAE3B;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;CAC9B"}

package/dist/lib/signing/replay.d.ts

@@ -14,6 +14,22 @@ export type ReplayInsertResult = 'ok' | 'replayed' | 'rate_abuse';
 export interface ReplayStore {
     has(keyid: string, scope: string, nonce: string, now: number): Promise<boolean>;
     isCapHit(keyid: string, scope: string, now: number): Promise<boolean>;
+    /**
+     * Atomically check-and-insert. MUST return `'replayed'` if the nonce was
+     * already present for `(keyid, scope)`, otherwise insert and return `'ok'`
+     * (or `'rate_abuse'` if the cap is hit). The check and the insert MUST be
+     * a single uninterruptable operation — concurrent verifier calls racing
+     * the same nonce must see exactly one `'ok'` and the rest `'replayed'`.
+     *
+     * For in-memory stores Node's single-threaded event loop provides the
+     * atomicity for free. **Multi-replica adopters writing Redis / Postgres
+     * stores MUST implement this as a single atomic operation** (e.g. Redis
+     * `SET NX EX`, Postgres `INSERT ... ON CONFLICT DO NOTHING RETURNING`,
+     * a `WATCH/MULTI/EXEC` transaction). Implementing as `await has(...)`
+     * then `await write(...)` opens a TOCTOU window where two replicas both
+     * see "not replayed" and both insert — silently accepting the same
+     * signature twice within the window.
+     */
     insert(keyid: string, scope: string, nonce: string, ttlSeconds: number, now: number): Promise<ReplayInsertResult>;
 }
 export interface InMemoryReplayStoreOptions {

package/dist/lib/signing/replay.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"replay.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/replay.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,kBAAkB,GAAG,IAAI,GAAG,UAAU,GAAG,YAAY,CAAC;AAElE;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAChF,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACtE,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;CACnH;AAED,MAAM,WAAW,0BAA0B;IACzC;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAoBD,qBAAa,mBAAoB,YAAW,WAAW;IACrD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA+B;IACrD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC;;;;;OAKG;IACH,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAqB;gBAEtC,OAAO,GAAE,0BAA+B;IAKpD;;;;;OAKG;IACH,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IAIlD,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAO/E,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IASrE,MAAM,CACV,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,kBAAkB,CAAC;IAY9B,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAI3F,OAAO,CAAC,WAAW;IASnB,OAAO,CAAC,WAAW;IAanB,OAAO,CAAC,KAAK;CAcd"}
+{"version":3,"file":"replay.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/replay.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,kBAAkB,GAAG,IAAI,GAAG,UAAU,GAAG,YAAY,CAAC;AAElE;;;;;;;;;;;GAWG;AACH,MAAM,WAAW,WAAW;IAC1B,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAChF,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IACtE;;;;;;;;;;;;;;;OAeG;IACH,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;CACnH;AAED,MAAM,WAAW,0BAA0B;IACzC;;;;;OAKG;IACH,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAoBD,qBAAa,mBAAoB,YAAW,WAAW;IACrD,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA+B;IACrD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAS;IACrC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAS;IACpC;;;;;OAKG;IACH,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAqB;gBAEtC,OAAO,GAAE,0BAA+B;IAKpD;;;;;OAKG;IACH,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI;IAIlD,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAO/E,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IASrE,MAAM,CACV,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,EACb,UAAU,EAAE,MAAM,EAClB,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,kBAAkB,CAAC;IAY9B,OAAO,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI;IAI3F,OAAO,CAAC,WAAW;IASnB,OAAO,CAAC,WAAW;IAanB,OAAO,CAAC,KAAK;CAcd"}

package/dist/lib/signing/replay.js.map

@@ -1 +1 @@
-{"version":3,"file":"replay.js","sourceRoot":"","sources":["../../../src/lib/signing/replay.ts"],"names":[],"mappings":";;;AAgDA;;wCAEwC;AACxC,SAAS,YAAY,CAAC,KAAa,EAAE,KAAa;IAChD,OAAO,GAAG,KAAK,OAAO,KAAK,EAAE,CAAC;AAChC,CAAC;AAED,MAAa,mBAAmB;IACb,KAAK,GAAG,IAAI,GAAG,EAAoB,CAAC;IACpC,WAAW,CAAS;IACpB,UAAU,CAAS;IACpC;;;;;OAKG;IACc,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;IAElD,YAAY,UAAsC,EAAE;QAClD,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,kBAAkB,IAAI,OAAO,CAAC;QACzD,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,iBAAiB,IAAI,EAAE,CAAC;IACpD,CAAC;IAED;;;;;OAKG;IACH,mBAAmB,CAAC,KAAa,EAAE,KAAc;QAC/C,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;IAClF,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,KAAa,EAAE,KAAa,EAAE,KAAa,EAAE,GAAW;QAChE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QACzD,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QACzB,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACvB,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,KAAa,EAAE,KAAa,EAAE,GAAW;QACtD,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAC9C,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QACnE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QACzD,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QACzB,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACvB,OAAO,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,MAAM,CACV,KAAa,EACb,KAAa,EACb,KAAa,EACb,UAAkB,EAClB,GAAW;QAEX,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAC1C,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACvB,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,UAAU,CAAC;QAC/C,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YAC9G,OAAO,YAAY,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,GAAG,UAAU,CAAC,CAAC;QACjD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,KAAa,EAAE,KAAa,EAAE,KAAa,EAAE,UAAkB,EAAE,GAAW;QAClF,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,GAAG,UAAU,CAAC,CAAC;IAC1F,CAAC;IAEO,WAAW,CAAC,SAAiB;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,EAAE,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,GAAG,EAAE,EAAE,gBAAgB,EAAE,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAC9F,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACnC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,WAAW,CAAC,KAAe,EAAE,KAAa,EAAE,SAAiB;QACnE,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;QACnD,IAAI,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,EAAE,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;YACxD,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;QAChC,CAAC;aAAM,IAAI,SAAS,GAAG,MAAM,CAAC,YAAY,EAAE,CAAC;YAC3C,MAAM,CAAC,YAAY,GAAG,SAAS,CAAC;QAClC,CAAC;QACD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACzB,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,KAAe,EAAE,GAAW;QACxC,wEAAwE;QACxE,wEAAwE;QACxE,2DAA2D;QAC3D,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;QACxD,IAAI,aAAa,KAAK,KAAK,CAAC,gBAAgB;YAAE,OAAO;QACrD,KAAK,CAAC,gBAAgB,GAAG,aAAa,CAAC;QACvC,KAAK,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;YACzC,IAAI,MAAM,CAAC,YAAY,IAAI,GAAG,EAAE,CAAC;gBAC/B,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM;oBAAE,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC9D,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;CACF;AArGD,kDAqGC"}
+{"version":3,"file":"replay.js","sourceRoot":"","sources":["../../../src/lib/signing/replay.ts"],"names":[],"mappings":";;;AAgEA;;wCAEwC;AACxC,SAAS,YAAY,CAAC,KAAa,EAAE,KAAa;IAChD,OAAO,GAAG,KAAK,OAAO,KAAK,EAAE,CAAC;AAChC,CAAC;AAED,MAAa,mBAAmB;IACb,KAAK,GAAG,IAAI,GAAG,EAAoB,CAAC;IACpC,WAAW,CAAS;IACpB,UAAU,CAAS;IACpC;;;;;OAKG;IACc,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;IAElD,YAAY,UAAsC,EAAE;QAClD,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,kBAAkB,IAAI,OAAO,CAAC;QACzD,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,iBAAiB,IAAI,EAAE,CAAC;IACpD,CAAC;IAED;;;;;OAKG;IACH,mBAAmB,CAAC,KAAa,EAAE,KAAc;QAC/C,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;IAClF,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,KAAa,EAAE,KAAa,EAAE,KAAa,EAAE,GAAW;QAChE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QACzD,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QACzB,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACvB,OAAO,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,KAAa,EAAE,KAAa,EAAE,GAAW;QACtD,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAC9C,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QACnE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;QACzD,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QACzB,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACvB,OAAO,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,MAAM,CACV,KAAa,EACb,KAAa,EACb,KAAa,EACb,UAAkB,EAClB,GAAW;QAEX,MAAM,SAAS,GAAG,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAC1C,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACvB,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,UAAU,CAAC;QAC/C,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YAC9G,OAAO,YAAY,CAAC;QACtB,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,GAAG,UAAU,CAAC,CAAC;QACjD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,KAAa,EAAE,KAAa,EAAE,KAAa,EAAE,UAAkB,EAAE,GAAW;QAClF,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,GAAG,UAAU,CAAC,CAAC;IAC1F,CAAC;IAEO,WAAW,CAAC,SAAiB;QACnC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACtC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,KAAK,GAAG,EAAE,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,OAAO,EAAE,IAAI,GAAG,EAAE,EAAE,gBAAgB,EAAE,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAC9F,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACnC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,WAAW,CAAC,KAAe,EAAE,KAAa,EAAE,SAAiB;QACnE,MAAM,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;QACnD,IAAI,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,EAAE,MAAM,EAAE,IAAI,GAAG,EAAE,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;YACxD,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;QAChC,CAAC;aAAM,IAAI,SAAS,GAAG,MAAM,CAAC,YAAY,EAAE,CAAC;YAC3C,MAAM,CAAC,YAAY,GAAG,SAAS,CAAC;QAClC,CAAC;QACD,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACzB,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,KAAe,EAAE,GAAW;QACxC,wEAAwE;QACxE,wEAAwE;QACxE,2DAA2D;QAC3D,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;QACxD,IAAI,aAAa,KAAK,KAAK,CAAC,gBAAgB;YAAE,OAAO;QACrD,KAAK,CAAC,gBAAgB,GAAG,aAAa,CAAC;QACvC,KAAK,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;YACzC,IAAI,MAAM,CAAC,YAAY,IAAI,GAAG,EAAE,CAAC;gBAC/B,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM;oBAAE,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC9D,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;CACF;AArGD,kDAqGC"}

package/dist/lib/signing/request-context.d.ts

@@ -0,0 +1,140 @@
+/**
+ * Adapter helpers that construct the `{ method, url }` shape that
+ * `ResponseLike.request` (and any other caller binding RFC 9421 derived
+ * components back to an originating request) requires.
+ *
+ * Why this exists: `ResponseLike.request.url` MUST be an absolute URL —
+ * `canonicalAuthority` / `canonicalTargetUri` parse via `new URL(...)` and
+ * throw on a relative path. Express handlers ship `req.url` / `req.originalUrl`
+ * as path-only, so adopters reconstruct via
+ * `${req.protocol}://${req.get('host')}${req.originalUrl}`. But `req.protocol`
+ * lies behind a TLS-terminating proxy unless `trust proxy` is set, and
+ * `req.get('host')` is attacker-controllable absent a Host allowlist. A
+ * hostile peer that controls these headers can rebind a signature to
+ * `attacker.example.com` while the operator believes they're signing for
+ * `seller.example.com`.
+ *
+ * The library can warn (JSDoc on `ResponseLike.request`) but can't enforce.
+ * These helpers make the safe path the default path — pass them an inbound
+ * request handle from your platform and they emit a hardened
+ * `{ method, url }` shape.
+ */
+/**
+ * Minimal Express request shape this helper consumes. Kept narrow so
+ * `@adcp/sdk` doesn't pull in `@types/express`; importing Express's own
+ * `Request` type is safe in adopter code, since structural typing accepts
+ * the wider shape anywhere this narrower one is expected.
+ */
+export interface ExpressRequestLike {
+    readonly method: string;
+    readonly protocol: string;
+    readonly originalUrl: string;
+    /** Express's typed `Request.get('host')` overload. */
+    get(name: 'host'): string | undefined;
+}
+export interface RequestContextFromExpressOptions {
+    /**
+     * Allowed `Host` header values. When set, the helper throws if the
+     * inbound `Host` doesn't match. Strongly recommended in production —
+     * absent this, a hostile peer controlling the `Host` header can rebind
+     * the signature origin (see file header).
+     *
+     * Each entry is compared verbatim against `req.get('host')` after
+     * trimming and lowercasing. Include port suffixes where applicable
+     * (`api.example.com:8080`).
+     */
+    hostAllowlist?: ReadonlyArray<string>;
+    /**
+     * When `true` (default), the helper throws if the reconstructed URL
+     * scheme is not `https`. AdCP response / webhook signatures bound to
+     * `http://` will fail strict-HTTPS verifier profiles, so this catches
+     * the misconfig at construction time. Disable only for local dev /
+     * loopback mock servers.
+     */
+    forceHttps?: boolean;
+}
+/**
+ * Construct a hardened `{ method, url }` from an Express request.
+ *
+ * **You MUST configure `app.set('trust proxy', ...)`** with the IPs of
+ * your trusted reverse proxies before relying on this helper. Without
+ * `trust proxy`, Express returns the literal `req.connection.remoteAddress`
+ * for `req.protocol` and `req.ip` — which a TLS-terminating proxy will
+ * always set to the proxy's address, leaving you blind to whether the
+ * original request actually arrived over HTTPS. This helper trusts what
+ * Express tells it; the operator is responsible for telling Express what
+ * to trust.
+ *
+ * Throws when the `Host` header is missing, doesn't match `hostAllowlist`,
+ * or when the scheme is not `https` (unless `forceHttps: false`).
+ */
+export declare function requestContextFromExpress(req: ExpressRequestLike, options?: RequestContextFromExpressOptions): {
+    method: string;
+    url: string;
+};
+/**
+ * Fetch / Workers / Deno / Bun `Request` shape. `request.url` is already
+ * an absolute URL per WHATWG spec, so there's no host-spoofing surface
+ * here — the runtime owns URL construction, not the caller.
+ */
+export interface FetchRequestLike {
+    readonly method: string;
+    readonly url: string;
+}
+/**
+ * Construct `{ method, url }` from a Fetch / WHATWG `Request`. Trivial
+ * passthrough; included for API symmetry with the Express / Lambda
+ * helpers. No proxy hardening needed — `request.url` is the absolute URL
+ * the runtime constructed from the wire, and Workers / Deno / Bun all
+ * terminate TLS at the edge so `https` is honest.
+ */
+export declare function requestContextFromFetch(request: FetchRequestLike): {
+    method: string;
+    url: string;
+};
+/**
+ * AWS Lambda API Gateway v2 / ALB event shape. Narrow rather than
+ * importing `@types/aws-lambda` — adopter code that ships against the
+ * full Lambda types can pass the wider object verbatim.
+ */
+export interface LambdaRequestEvent {
+    readonly requestContext: {
+        readonly domainName?: string;
+        readonly http?: {
+            readonly method?: string;
+        };
+        readonly httpMethod?: string;
+    };
+    readonly rawPath?: string;
+    readonly rawQueryString?: string;
+    readonly path?: string;
+    readonly httpMethod?: string;
+    readonly queryStringParameters?: {
+        readonly [key: string]: string | undefined;
+    };
+}
+export interface RequestContextFromLambdaOptions {
+    /**
+     * Same semantics as the Express helper — allowed `domainName` values.
+     * Lambda's `event.requestContext.domainName` is set by API Gateway from
+     * the matched custom-domain configuration; it's not attacker-controllable
+     * the way Express's `req.get('host')` is, but pinning it still catches
+     * misrouted traffic (e.g. one tenant's Lambda receiving another tenant's
+     * domain via a misconfigured shared API Gateway).
+     */
+    hostAllowlist?: ReadonlyArray<string>;
+}
+/**
+ * Construct `{ method, url }` from an AWS Lambda API Gateway v2 / ALB
+ * event. Reads `requestContext.domainName` for the authority, `rawPath` +
+ * `rawQueryString` for the target (v2 / ALB), falling back to `path` +
+ * `queryStringParameters` reconstruction (v1).
+ *
+ * Always emits `https://` — Lambda is not addressable over plain HTTP
+ * through API Gateway / ALB in any documented configuration.
+ */
+export declare function requestContextFromLambda(event: LambdaRequestEvent, options?: RequestContextFromLambdaOptions): {
+    method: string;
+    url: string;
+};
+//# sourceMappingURL=request-context.d.ts.map

package/dist/lib/signing/request-context.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-context.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/request-context.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH;;;;;GAKG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,sDAAsD;IACtD,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;CACvC;AAED,MAAM,WAAW,gCAAgC;IAC/C;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtC;;;;;;OAMG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,yBAAyB,CACvC,GAAG,EAAE,kBAAkB,EACvB,OAAO,GAAE,gCAAqC,GAC7C;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAgCjC;AAED;;;;GAIG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;CACtB;AAED;;;;;;GAMG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,gBAAgB,GAAG;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAoBlG;AAED;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,cAAc,EAAE;QACvB,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC,EAAE;YAAE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAA;SAAE,CAAC;QAC7C,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;KAC9B,CAAC;IACF,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,cAAc,CAAC,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,qBAAqB,CAAC,EAAE;QAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAA;KAAE,CAAC;CACjF;AAED,MAAM,WAAW,+BAA+B;IAC9C;;;;;;;OAOG;IACH,aAAa,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CACvC;AAED;;;;;;;;GAQG;AACH,wBAAgB,wBAAwB,CACtC,KAAK,EAAE,kBAAkB,EACzB,OAAO,GAAE,+BAAoC,GAC5C;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAoCjC"}

package/dist/lib/signing/request-context.js

@@ -0,0 +1,160 @@
+"use strict";
+/**
+ * Adapter helpers that construct the `{ method, url }` shape that
+ * `ResponseLike.request` (and any other caller binding RFC 9421 derived
+ * components back to an originating request) requires.
+ *
+ * Why this exists: `ResponseLike.request.url` MUST be an absolute URL —
+ * `canonicalAuthority` / `canonicalTargetUri` parse via `new URL(...)` and
+ * throw on a relative path. Express handlers ship `req.url` / `req.originalUrl`
+ * as path-only, so adopters reconstruct via
+ * `${req.protocol}://${req.get('host')}${req.originalUrl}`. But `req.protocol`
+ * lies behind a TLS-terminating proxy unless `trust proxy` is set, and
+ * `req.get('host')` is attacker-controllable absent a Host allowlist. A
+ * hostile peer that controls these headers can rebind a signature to
+ * `attacker.example.com` while the operator believes they're signing for
+ * `seller.example.com`.
+ *
+ * The library can warn (JSDoc on `ResponseLike.request`) but can't enforce.
+ * These helpers make the safe path the default path — pass them an inbound
+ * request handle from your platform and they emit a hardened
+ * `{ method, url }` shape.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.requestContextFromExpress = requestContextFromExpress;
+exports.requestContextFromFetch = requestContextFromFetch;
+exports.requestContextFromLambda = requestContextFromLambda;
+/**
+ * Construct a hardened `{ method, url }` from an Express request.
+ *
+ * **You MUST configure `app.set('trust proxy', ...)`** with the IPs of
+ * your trusted reverse proxies before relying on this helper. Without
+ * `trust proxy`, Express returns the literal `req.connection.remoteAddress`
+ * for `req.protocol` and `req.ip` — which a TLS-terminating proxy will
+ * always set to the proxy's address, leaving you blind to whether the
+ * original request actually arrived over HTTPS. This helper trusts what
+ * Express tells it; the operator is responsible for telling Express what
+ * to trust.
+ *
+ * Throws when the `Host` header is missing, doesn't match `hostAllowlist`,
+ * or when the scheme is not `https` (unless `forceHttps: false`).
+ */
+function requestContextFromExpress(req, options = {}) {
+    const host = normalizeHost(req.get('host'));
+    if (!host) {
+        throw new TypeError('requestContextFromExpress: Host header is missing. ' +
+            'Express returned no `host` — either the inbound request omitted it, or your reverse proxy stripped it.');
+    }
+    if (options.hostAllowlist && !hostMatchesAllowlist(host, options.hostAllowlist)) {
+        throw new TypeError(`requestContextFromExpress: Host "${host}" is not in hostAllowlist. ` +
+            `A hostile peer may be trying to rebind your signature origin via Host-header injection. ` +
+            `Add the legitimate value to hostAllowlist, or fix your proxy's Host handling.`);
+    }
+    const protocol = req.protocol;
+    const forceHttps = options.forceHttps !== false;
+    if (forceHttps && protocol !== 'https') {
+        throw new TypeError(`requestContextFromExpress: protocol is "${protocol}", not "https". ` +
+            `Set app.set('trust proxy', ...) so Express sees the X-Forwarded-Proto header, ` +
+            `or pass forceHttps: false for local dev (loopback / mock-server testing).`);
+    }
+    // Defense-in-depth: reject userinfo in originalUrl. A malicious middleware
+    // could mutate req.originalUrl to inject `user@` between host and path —
+    // canonicalAuthority would then sign the userinfo-bearing variant. Express
+    // doesn't normally carry userinfo here but we check rather than trust.
+    if (/[@]/.test(req.originalUrl.split('?')[0] ?? '')) {
+        throw new TypeError('requestContextFromExpress: originalUrl path must not embed userinfo (@).');
+    }
+    return { method: req.method, url: `${protocol}://${host}${req.originalUrl}` };
+}
+/**
+ * Construct `{ method, url }` from a Fetch / WHATWG `Request`. Trivial
+ * passthrough; included for API symmetry with the Express / Lambda
+ * helpers. No proxy hardening needed — `request.url` is the absolute URL
+ * the runtime constructed from the wire, and Workers / Deno / Bun all
+ * terminate TLS at the edge so `https` is honest.
+ */
+function requestContextFromFetch(request) {
+    // WHATWG accepts `https://user:pw@host/path` as a valid Request URL and
+    // echoes it back verbatim. `canonicalAuthority` would then sign the
+    // userinfo-bearing form, splitting the signature namespace between
+    // userinfo and userinfo-stripped variants of the same logical origin.
+    // Reject at construction time — userinfo never belongs in a signed
+    // `@authority` / `@target-uri`.
+    let parsed;
+    try {
+        parsed = new URL(request.url);
+    }
+    catch {
+        throw new TypeError(`requestContextFromFetch: request.url "${request.url}" is not a parseable URL.`);
+    }
+    if (parsed.username || parsed.password) {
+        throw new TypeError('requestContextFromFetch: request.url must not embed userinfo. ' +
+            'A signed @authority component with userinfo creates a verifier-splitting confusion vector.');
+    }
+    return { method: request.method, url: request.url };
+}
+/**
+ * Construct `{ method, url }` from an AWS Lambda API Gateway v2 / ALB
+ * event. Reads `requestContext.domainName` for the authority, `rawPath` +
+ * `rawQueryString` for the target (v2 / ALB), falling back to `path` +
+ * `queryStringParameters` reconstruction (v1).
+ *
+ * Always emits `https://` — Lambda is not addressable over plain HTTP
+ * through API Gateway / ALB in any documented configuration.
+ */
+function requestContextFromLambda(event, options = {}) {
+    const domainName = event.requestContext.domainName;
+    if (!domainName) {
+        throw new TypeError('requestContextFromLambda: event.requestContext.domainName is missing. ' +
+            'API Gateway v2 / ALB events should always carry this; ' +
+            'is this event shaped like something else?');
+    }
+    const host = normalizeHost(domainName);
+    if (!host) {
+        throw new TypeError('requestContextFromLambda: domainName is empty after normalization.');
+    }
+    if (options.hostAllowlist && !hostMatchesAllowlist(host, options.hostAllowlist)) {
+        throw new TypeError(`requestContextFromLambda: domainName "${host}" is not in hostAllowlist. ` +
+            `Multi-tenant API Gateway misroute? Add the legitimate value, or fix the API mapping.`);
+    }
+    const method = event.requestContext.http?.method ?? event.requestContext.httpMethod ?? event.httpMethod;
+    if (!method) {
+        throw new TypeError('requestContextFromLambda: HTTP method is missing from the event.');
+    }
+    const path = event.rawPath ?? event.path ?? '/';
+    // Lambda's domainName won't carry a trailing dot in supported configs but
+    // we normalize here so a future shape change can't bypass the allowlist.
+    let url = `https://${host}${path}`;
+    if (event.rawQueryString) {
+        url += `?${event.rawQueryString}`;
+    }
+    else if (event.queryStringParameters) {
+        const params = Object.entries(event.queryStringParameters)
+            .filter(([, v]) => v !== undefined)
+            .map(([k, v]) => `${encodeURIComponent(k)}=${encodeURIComponent(v)}`);
+        if (params.length)
+            url += `?${params.join('&')}`;
+    }
+    return { method, url };
+}
+/**
+ * Normalize a Host / domainName value for allowlist comparison. Lowercase
+ * + trim handle the obvious cases; trailing-dot stripping closes a
+ * documented Host-header bypass where `example.com.` is a distinct string
+ * from `example.com` on some stacks. IPv6 brackets are preserved so the
+ * allowlist entry and the inbound value agree on bracket presence.
+ */
+function normalizeHost(raw) {
+    if (!raw)
+        return '';
+    let h = raw.trim().toLowerCase();
+    // Strip trailing dot from FQDN. Bracketed IPv6 cannot legitimately
+    // carry a trailing dot, so this only fires on hostnames.
+    if (h.endsWith('.') && !h.endsWith(']'))
+        h = h.slice(0, -1);
+    return h;
+}
+function hostMatchesAllowlist(host, allowlist) {
+    return allowlist.some(entry => normalizeHost(entry) === host);
+}
+//# sourceMappingURL=request-context.js.map

package/dist/lib/signing/request-context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"request-context.js","sourceRoot":"","sources":["../../../src/lib/signing/request-context.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;AAsDH,8DAmCC;AAmBD,0DAoBC;AAyCD,4DAuCC;AAzKD;;;;;;;;;;;;;;GAcG;AACH,SAAgB,yBAAyB,CACvC,GAAuB,EACvB,UAA4C,EAAE;IAE9C,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;IAC5C,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,SAAS,CACjB,qDAAqD;YACnD,wGAAwG,CAC3G,CAAC;IACJ,CAAC;IACD,IAAI,OAAO,CAAC,aAAa,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;QAChF,MAAM,IAAI,SAAS,CACjB,oCAAoC,IAAI,6BAA6B;YACnE,0FAA0F;YAC1F,+EAA+E,CAClF,CAAC;IACJ,CAAC;IACD,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC;IAC9B,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,KAAK,KAAK,CAAC;IAChD,IAAI,UAAU,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CACjB,2CAA2C,QAAQ,kBAAkB;YACnE,gFAAgF;YAChF,2EAA2E,CAC9E,CAAC;IACJ,CAAC;IACD,2EAA2E;IAC3E,yEAAyE;IACzE,2EAA2E;IAC3E,uEAAuE;IACvE,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;QACpD,MAAM,IAAI,SAAS,CAAC,0EAA0E,CAAC,CAAC;IAClG,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,GAAG,QAAQ,MAAM,IAAI,GAAG,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC;AAChF,CAAC;AAYD;;;;;;GAMG;AACH,SAAgB,uBAAuB,CAAC,OAAyB;IAC/D,wEAAwE;IACxE,oEAAoE;IACpE,mEAAmE;IACnE,sEAAsE;IACtE,mEAAmE;IACnE,gCAAgC;IAChC,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,SAAS,CAAC,yCAAyC,OAAO,CAAC,GAAG,2BAA2B,CAAC,CAAC;IACvG,CAAC;IACD,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACvC,MAAM,IAAI,SAAS,CACjB,gEAAgE;YAC9D,4FAA4F,CAC/F,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;AACtD,CAAC;AAgCD;;;;;;;;GAQG;AACH,SAAgB,wBAAwB,CACtC,KAAyB,EACzB,UAA2C,EAAE;IAE7C,MAAM,UAAU,GAAG,KAAK,CAAC,cAAc,CAAC,UAAU,CAAC;IACnD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,SAAS,CACjB,wEAAwE;YACtE,wDAAwD;YACxD,2CAA2C,CAC9C,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IACvC,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,IAAI,SAAS,CAAC,oEAAoE,CAAC,CAAC;IAC5F,CAAC;IACD,IAAI,OAAO,CAAC,aAAa,IAAI,CAAC,oBAAoB,CAAC,IAAI,EAAE,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;QAChF,MAAM,IAAI,SAAS,CACjB,yCAAyC,IAAI,6BAA6B;YACxE,sFAAsF,CACzF,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC,IAAI,EAAE,MAAM,IAAI,KAAK,CAAC,cAAc,CAAC,UAAU,IAAI,KAAK,CAAC,UAAU,CAAC;IACxG,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,SAAS,CAAC,kEAAkE,CAAC,CAAC;IAC1F,CAAC;IACD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,IAAI,IAAI,GAAG,CAAC;IAChD,0EAA0E;IAC1E,yEAAyE;IACzE,IAAI,GAAG,GAAG,WAAW,IAAI,GAAG,IAAI,EAAE,CAAC;IACnC,IAAI,KAAK,CAAC,cAAc,EAAE,CAAC;QACzB,GAAG,IAAI,IAAI,KAAK,CAAC,cAAc,EAAE,CAAC;IACpC,CAAC;SAAM,IAAI,KAAK,CAAC,qBAAqB,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC;aACvD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC;aAClC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,kBAAkB,CAAC,CAAC,CAAC,IAAI,kBAAkB,CAAC,CAAW,CAAC,EAAE,CAAC,CAAC;QAClF,IAAI,MAAM,CAAC,MAAM;YAAE,GAAG,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;IACnD,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;AACzB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,aAAa,CAAC,GAAuB;IAC5C,IAAI,CAAC,GAAG;QAAE,OAAO,EAAE,CAAC;IACpB,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACjC,mEAAmE;IACnE,yDAAyD;IACzD,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IAC5D,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAY,EAAE,SAAgC;IAC1E,OAAO,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,aAAa,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC;AAChE,CAAC"}

package/dist/lib/signing/response-verifier.d.ts

@@ -0,0 +1,105 @@
+/**
+ * RFC 9421 response-signing verifier (§2.2.9).
+ *
+ * Companion to `verifier.ts` (request signatures) and `webhook-verifier.ts`
+ * (webhook callbacks). This verifier runs on the buyer / receiver side of
+ * a signed response: a client receives a response from a seller agent and
+ * hands it here, with the originating request URL the client sent, for
+ * signature validation before parsing the body.
+ *
+ * Distinct from request / webhook signing:
+ *   - Tag: `adcp/response-signing/v1`.
+ *   - Key purpose: `adcp_use: "response-signing"`.
+ *   - Default covered components: `@status`, `@authority`, `@target-uri`,
+ *     plus `content-type` + `content-digest` when the body is non-empty.
+ *   - The originating request URL is carried explicitly on `ResponseLike.request`
+ *     because RFC 9421 §2.2 binds response signatures to their request
+ *     context via `@authority` and `@target-uri`. The client supplies the URL
+ *     it actually sent — a malformed reconstruction (e.g. `req.protocol`
+ *     lying behind a proxy) will trip step 6a or fail the crypto check.
+ *
+ * Checklist steps below mirror the 13-step shape in `webhook-verifier.ts`
+ * so failures point at the same step numbers the request and webhook
+ * verifiers use. Numbers are 1-based.
+ */
+import { type ResponseLike } from './canonicalize';
+import type { JwksResolver } from './jwks';
+import { type ReplayStore } from './replay';
+import { type RevocationStore } from './revocation';
+export interface VerifyResponseOptions {
+    jwks: JwksResolver;
+    replayStore: ReplayStore;
+    revocationStore: RevocationStore;
+    /** Now in seconds since epoch. Defaults to `Date.now() / 1000`. */
+    now?: () => number;
+    /**
+     * Optional tag override — spec currently defines exactly
+     * `adcp/response-signing/v1`; the override lets test vectors pin a
+     * version.
+     */
+    requiredTag?: string;
+    /** Optional reverse-lookup (kid → publisher URL) for result attribution. */
+    agentUrlForKeyid?: (keyid: string) => string | undefined;
+}
+export interface VerifyResponseResult {
+    status: 'verified';
+    keyid: string;
+    agent_url?: string;
+    verified_at: number;
+}
+/**
+ * Verify an inbound response's RFC 9421 signature.
+ *
+ * Ordering invariant matches the webhook verifier: cheap invariant checks
+ * (tag, alg, window, components) run before JWKS resolution; revocation and
+ * rate-abuse run before cryptographic verify so an attacker can't amplify
+ * Ed25519/ECDSA work. Replay insert commits only after every earlier check
+ * passes — any signature failing crypto verify never consumes a cap entry.
+ *
+ * The replay scope is `(keyid, @target-uri-of-originating-request)`. Two
+ * responses to two different request URLs under the same keyid use
+ * independent replay budgets — same shape as webhook verification.
+ *
+ * Throws {@link ResponseSignatureError} on the first failed step.
+ */
+export declare function verifyResponseSignature(response: ResponseLike, options: VerifyResponseOptions): Promise<VerifyResponseResult>;
+/**
+ * Options for {@link createResponseVerifier}. Identical to
+ * {@link VerifyResponseOptions} except `replayStore` and `revocationStore`
+ * are optional — the factory defaults them once at creation time so replay
+ * state is shared across every response the returned verifier handles.
+ */
+export interface CreateResponseVerifierOptions extends Omit<VerifyResponseOptions, 'replayStore' | 'revocationStore'> {
+    /**
+     * Stores `(keyid, scope, nonce)` tuples for replay detection. Defaults to
+     * a fresh {@link InMemoryReplayStore} — suitable for single-process
+     * deployments only. **Multi-replica deployments MUST pass an explicit
+     * shared store** (Redis, Postgres, etc.); the default in-memory store
+     * does not survive process boundaries, so a signature accepted on
+     * replica A is invisible to replica B and can be replayed there within
+     * the signature window.
+     */
+    replayStore?: ReplayStore;
+    /**
+     * Consulted for revoked `kid` before accepting a signature. Defaults to a
+     * fresh {@link InMemoryRevocationStore}, which starts empty and does not
+     * poll for updates. Pass a store backed by your secrets manager or admin
+     * tooling when you revoke keys at runtime.
+     */
+    revocationStore?: RevocationStore;
+}
+/**
+ * Create a bound response-signature verifier with shared replay and
+ * revocation stores. Mirrors {@link createWebhookVerifier} for the response
+ * profile.
+ *
+ * **Why a factory?** Replay detection requires the same store instance to
+ * be consulted across every response. Constructing stores inside a
+ * per-response call would silently defeat replay dedup. The factory pattern
+ * captures stores in closure scope at wire-up time.
+ *
+ * **Multi-replica deployments MUST pass an explicit `replayStore`** backed
+ * by a shared persistence layer.
+ */
+export declare function createResponseVerifier(options: CreateResponseVerifierOptions): (response: ResponseLike) => Promise<VerifyResponseResult>;
+//# sourceMappingURL=response-verifier.d.ts.map

package/dist/lib/signing/response-verifier.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"response-verifier.d.ts","sourceRoot":"","sources":["../../../src/lib/signing/response-verifier.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,EAAkE,KAAK,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAKnH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAC3C,OAAO,EAAuB,KAAK,WAAW,EAAE,MAAM,UAAU,CAAC;AACjE,OAAO,EAA2B,KAAK,eAAe,EAAE,MAAM,cAAc,CAAC;AAS7E,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,YAAY,CAAC;IACnB,WAAW,EAAE,WAAW,CAAC;IACzB,eAAe,EAAE,eAAe,CAAC;IACjC,mEAAmE;IACnE,GAAG,CAAC,EAAE,MAAM,MAAM,CAAC;IACnB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,4EAA4E;IAC5E,gBAAgB,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,GAAG,SAAS,CAAC;CAC1D;AAED,MAAM,WAAW,oBAAoB;IACnC,MAAM,EAAE,UAAU,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,uBAAuB,CAC3C,QAAQ,EAAE,YAAY,EACtB,OAAO,EAAE,qBAAqB,GAC7B,OAAO,CAAC,oBAAoB,CAAC,CAuM/B;AAkHD;;;;;GAKG;AACH,MAAM,WAAW,6BAA8B,SAAQ,IAAI,CAAC,qBAAqB,EAAE,aAAa,GAAG,iBAAiB,CAAC;IACnH;;;;;;;;OAQG;IACH,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B;;;;;OAKG;IACH,eAAe,CAAC,EAAE,eAAe,CAAC;CACnC;AAED;;;;;;;;;;;;GAYG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,6BAA6B,GACrC,CAAC,QAAQ,EAAE,YAAY,KAAK,OAAO,CAAC,oBAAoB,CAAC,CAI3D"}