@agent-id/nextjs 0.1.0 → 0.1.2

package/README.md

@@ -1,6 +1,6 @@
 # @agent-id/nextjs
 
-Next.js middleware that automatically detects AI-agent traffic and requires a valid [AgentPass](https://agentpass.vercel.app) JWT. Human browser traffic always passes through untouched.
+Next.js proxy that automatically detects AI-agent traffic and requires a valid [AgentID](https://agentidapp.vercel.app) JWT. Human browser traffic always passes through untouched.
 
 ## Install
 
@@ -8,22 +8,22 @@ Next.js middleware that automatically detects AI-agent traffic and requires a va
 npm install @agent-id/nextjs
 ```
 
-Requires `next >= 14`.
+Requires `next >= 16`.
 
 ## Setup — 2 steps
 
-### 1. Add the middleware
+### 1. Add the proxy
 
-Create (or update) `middleware.ts` in your project root:
+Create `proxy.ts` in your project root (same level as `app/`):
 
 ```ts
-import { createAgentPassMiddleware } from '@agent-id/nextjs';
+import { createAgentIDMiddleware } from '@agent-id/nextjs';
 import type { NextRequest } from 'next/server';
 
-const agentPass = createAgentPassMiddleware();
+const agentID = createAgentIDMiddleware();
 
-export function middleware(request: NextRequest) {
-  return agentPass(request);
+export function proxy(request: NextRequest) {
+  return agentID(request);
 }
 
 // Protect your API routes
@@ -32,20 +32,20 @@ export const config = {
 };
 ```
 
-That's it. The middleware now:
+That's it. The proxy now:
 - Lets all human browser traffic through unchanged
-- Requires a valid AgentPass JWT from any AI agent / bot
+- Requires a valid AgentID JWT from any AI agent / bot
 - Returns `403 AGENT_UNAUTHORIZED` when the JWT is missing or invalid
 
 ### 2. Read the verified identity in your route handlers (optional)
 
 ```ts
 // app/api/anything/route.ts
-import { getAgentPassResult } from '@agent-id/nextjs';
+import { getAgentIDResult } from '@agent-id/nextjs';
 import type { NextRequest } from 'next/server';
 
 export async function GET(request: NextRequest) {
-  const agent = getAgentPassResult(request);
+  const agent = getAgentIDResult(request);
 
   if (agent.verified) {
     // Verified AI agent — claims are fully typed
@@ -63,41 +63,41 @@ export async function GET(request: NextRequest) {
 Agents add one header to every request:
 
 ```
-Authorization: Bearer <agentpass-jwt>
+Authorization: Bearer <agentid-jwt>
 ```
 
-The JWT is obtained by completing a BankID flow at [agentpass.vercel.app](https://agentpass.vercel.app). Tokens are valid for 1 hour.
+The JWT is obtained by completing a BankID flow at [agentidapp.vercel.app](https://agentidapp.vercel.app). Tokens are valid for 1 hour.
 
 ## Options
 
-All options are optional — `createAgentPassMiddleware()` with no arguments works out of the box.
+All options are optional — `createAgentIDMiddleware()` with no arguments works out of the box.
 
 ```ts
-createAgentPassMiddleware({
+createAgentIDMiddleware({
   // Return 403 when an agent has no valid token (default: true).
   // Set to false to let unverified agents through (useful for logging / gradual rollout).
   blockUnauthorizedAgents: true,
 
-  // Override the JWKS endpoint — only needed if you self-host AgentPass.
-  jwksUrl: 'https://your-agentpass.example.com/api/jwks',
+  // Override the JWKS endpoint — only needed if you self-host AgentID.
+  jwksUrl: 'https://your-agentid.example.com/api/jwks',
 
   // Clock skew tolerance in seconds (default: 30).
   clockTolerance: 30,
 
   // Fully custom response when an agent is rejected.
   onUnauthorizedAgent: (request, reason) =>
-    NextResponse.json({ error: 'No AgentPass token', reason }, { status: 403 }),
+    NextResponse.json({ error: 'No AgentID token', reason }, { status: 403 }),
 })
 ```
 
 ## What gets verified
 
-Verification is **fully offline** after the first request. The public key is fetched once from the AgentPass JWKS endpoint and cached for 1 hour — no per-request network call.
+Verification is **fully offline** after the first request. The public key is fetched once from the AgentID JWKS endpoint and cached for 1 hour — no per-request network call.
 
 | Check | Requirement |
 |---|---|
 | Signature | RS256 — `alg:none` and HS256 are explicitly rejected |
-| Issuer (`iss`) | Must equal `"agentpass"` |
+| Issuer (`iss`) | Must equal `"agentid"` |
 | Expiry (`exp`) | Must be in the future |
 | `auth_method` | Must equal `"bankid"` |
 
@@ -107,7 +107,7 @@ Verification is **fully offline** after the first request. The public key is fet
 |---|---|
 | `sub` | Pseudonymous stable user ID (HMAC-SHA256 of BankID personal number — non-reversible, same person always gets the same ID) |
 | `auth_method` | Always `"bankid"` |
-| `iss` | `"agentpass"` |
+| `iss` | `"agentid"` |
 | `exp` | Unix timestamp — 1 hour from issue |
 | `iat` | Unix timestamp — when issued |
 | `jti` | Unique token ID |

package/dist/index.d.mts

@@ -1,16 +1,16 @@
 import { NextRequest, NextResponse } from 'next/server';
 
 /**
- * JWT claims present in every AgentPass token.
+ * JWT claims present in every AgentID token.
  *
  * The `sub` field is a pseudonymous identifier derived via HMAC-SHA256 of the
  * user's BankID personal number. It is stable per person but non-reversible —
  * organisations cannot extract the personal number from it.
  */
-interface AgentPassClaims {
+interface AgentIDClaims {
     /** Pseudonymous, stable per-user identifier (HMAC-SHA256 of personal number). */
     sub: string;
-    /** Issuer — always "agentpass". */
+    /** Issuer — always "agentid". */
     iss: string;
     /** Issued-at Unix timestamp. */
     iat: number;
@@ -21,27 +21,27 @@ interface AgentPassClaims {
     /** Authentication method — always "bankid" in this version. */
     auth_method: "bankid";
 }
-interface AgentPassVerified {
+interface AgentIDVerified {
     verified: true;
-    claims: AgentPassClaims;
+    claims: AgentIDClaims;
 }
-interface AgentPassUnverified {
+interface AgentIDUnverified {
     verified: false;
     /** Why verification was skipped or failed. */
     reason: "not_agent" | "no_token" | "invalid_token";
 }
-/** Result attached to every request processed by the AgentPass middleware. */
-type AgentPassResult = AgentPassVerified | AgentPassUnverified;
+/** Result attached to every request processed by the AgentID middleware. */
+type AgentIDResult = AgentIDVerified | AgentIDUnverified;
 interface VerifierOptions {
     /**
-     * URL of the AgentPass JWKS endpoint.
+     * URL of the AgentID JWKS endpoint.
      * Must use HTTPS (except `localhost` / `127.0.0.1` in development).
      *
-     * @default 'https://agentpass.vercel.app/api/jwks'
+     * @default 'https://agentidapp.vercel.app/api/jwks'
      */
     jwksUrl?: string;
     /**
-     * Block agent requests that carry no valid AgentPass token.
+     * Block agent requests that carry no valid AgentID token.
      * When `false` the middleware still runs but sets an unverified result
      * on the request instead of returning 403.
      *
@@ -57,7 +57,7 @@ interface VerifierOptions {
     clockTolerance?: number;
 }
 
-type AgentPassMiddlewareOptions = VerifierOptions & {
+type AgentIDMiddlewareOptions = VerifierOptions & {
     /**
      * Optional callback invoked when an agent is detected but carries no
      * valid token. Return a `NextResponse` to override the default 403.
@@ -65,47 +65,47 @@ type AgentPassMiddlewareOptions = VerifierOptions & {
     onUnauthorizedAgent?: (request: NextRequest, reason: string) => NextResponse | void;
 };
 /**
- * Factory that returns a Next.js middleware function which detects AI-agent
- * traffic and enforces AgentPass JWT authentication.
+ * Factory that returns a Next.js proxy function which detects AI-agent
+ * traffic and enforces AgentID JWT authentication.
  *
  * @example
  * ```ts
- * // middleware.ts (project root)
- * import { createAgentPassMiddleware } from '@agent-id/nextjs';
+ * // proxy.ts (project root)
+ * import { createAgentIDMiddleware } from '@agent-id/nextjs';
  *
- * const agentPass = createAgentPassMiddleware({
+ * const agentID = createAgentIDMiddleware({
  *   blockUnauthorizedAgents: true,
  * });
  *
- * export function middleware(request: NextRequest) {
- *   return agentPass(request);
+ * export function proxy(request: NextRequest) {
+ *   return agentID(request);
  * }
  *
  * export const config = { matcher: '/api/:path*' };
  * ```
  */
-declare function createAgentPassMiddleware(options?: AgentPassMiddlewareOptions): (request: NextRequest) => Promise<NextResponse>;
+declare function createAgentIDMiddleware(options?: AgentIDMiddlewareOptions): (request: NextRequest) => Promise<NextResponse>;
 
 interface VerifyTokenOptions {
     jwksUrl?: string;
     clockTolerance?: number;
 }
 /**
- * Verify an AgentPass JWT and return its decoded claims.
+ * Verify an AgentID JWT and return its decoded claims.
  *
  * Security guarantees
  * ───────────────────
  * • Signature   — RS256, verified against the live JWKS public key.
  * • Algorithm   — strict allowlist `['RS256']`; alg:none and HS256 are
  *                 rejected before signature verification even begins.
- * • Issuer      — must be exactly "agentpass".
+ * • Issuer      — must be exactly "agentid".
  * • Expiry      — enforced; configurable clock tolerance (default 30 s).
  * • kid         — jose matches the JWT `kid` header to the JWKS automatically.
  * • auth_method — validated at runtime; must equal "bankid".
  *
  * @throws if the token is invalid, expired, or fails any check.
  */
-declare function verifyAgentPassToken(token: string, options?: VerifyTokenOptions): Promise<AgentPassClaims>;
+declare function verifyAgentIDToken(token: string, options?: VerifyTokenOptions): Promise<AgentIDClaims>;
 
 /**
  * Bot / AI-agent detection for Next.js (Edge Runtime compatible).
@@ -128,36 +128,36 @@ declare function verifyAgentPassToken(token: string, options?: VerifyTokenOption
  */
 declare function isAgentRequest(headers: Headers): boolean;
 /**
- * Extract the AgentPass JWT from request headers.
+ * Extract the AgentID JWT from request headers.
  *
  * Checks in order:
  *  1. `Authorization: Bearer <token>` (preferred)
- *  2. `X-AgentPass-Token` (fallback when Authorization is stripped by proxies)
+ *  2. `X-AgentID-Token` (fallback when Authorization is stripped by proxies)
  *
  * @returns The raw JWT string, or `null` if absent.
  */
 declare function extractToken(headers: Headers): string | null;
 
 /**
- * Extract the verified AgentPass identity from a Next.js App Router request.
+ * Extract the verified AgentID identity from a Next.js App Router request.
  *
- * This function reads the headers set by `createAgentPassMiddleware`. It must
- * only be called from route handlers that sit behind the middleware.
+ * This function reads the headers set by `createAgentIDMiddleware`. It must
+ * only be called from route handlers that sit behind the proxy.
  *
  * @example
  * ```ts
  * // app/api/data/route.ts
- * import { getAgentPassResult } from '@agent-id/nextjs';
+ * import { getAgentIDResult } from '@agent-id/nextjs';
  *
  * export async function GET(request: NextRequest) {
- *   const agentPass = getAgentPassResult(request);
- *   if (!agentPass.verified) {
+ *   const agent = getAgentIDResult(request);
+ *   if (!agent.verified) {
  *     return Response.json({ error: 'Unauthorized' }, { status: 403 });
  *   }
- *   return Response.json({ sub: agentPass.claims.sub });
+ *   return Response.json({ sub: agent.claims.sub });
  * }
  * ```
  */
-declare function getAgentPassResult(request: NextRequest): AgentPassResult;
+declare function getAgentIDResult(request: NextRequest): AgentIDResult;
 
-export { type AgentPassClaims, type AgentPassMiddlewareOptions, type AgentPassResult, type AgentPassUnverified, type AgentPassVerified, type VerifierOptions, type VerifyTokenOptions, createAgentPassMiddleware, extractToken, getAgentPassResult, isAgentRequest, verifyAgentPassToken };
+export { type AgentIDClaims, type AgentIDMiddlewareOptions, type AgentIDResult, type AgentIDUnverified, type AgentIDVerified, type VerifierOptions, type VerifyTokenOptions, createAgentIDMiddleware, extractToken, getAgentIDResult, isAgentRequest, verifyAgentIDToken };

package/dist/index.d.ts

@@ -1,16 +1,16 @@
 import { NextRequest, NextResponse } from 'next/server';
 
 /**
- * JWT claims present in every AgentPass token.
+ * JWT claims present in every AgentID token.
  *
  * The `sub` field is a pseudonymous identifier derived via HMAC-SHA256 of the
  * user's BankID personal number. It is stable per person but non-reversible —
  * organisations cannot extract the personal number from it.
  */
-interface AgentPassClaims {
+interface AgentIDClaims {
     /** Pseudonymous, stable per-user identifier (HMAC-SHA256 of personal number). */
     sub: string;
-    /** Issuer — always "agentpass". */
+    /** Issuer — always "agentid". */
     iss: string;
     /** Issued-at Unix timestamp. */
     iat: number;
@@ -21,27 +21,27 @@ interface AgentPassClaims {
     /** Authentication method — always "bankid" in this version. */
     auth_method: "bankid";
 }
-interface AgentPassVerified {
+interface AgentIDVerified {
     verified: true;
-    claims: AgentPassClaims;
+    claims: AgentIDClaims;
 }
-interface AgentPassUnverified {
+interface AgentIDUnverified {
     verified: false;
     /** Why verification was skipped or failed. */
     reason: "not_agent" | "no_token" | "invalid_token";
 }
-/** Result attached to every request processed by the AgentPass middleware. */
-type AgentPassResult = AgentPassVerified | AgentPassUnverified;
+/** Result attached to every request processed by the AgentID middleware. */
+type AgentIDResult = AgentIDVerified | AgentIDUnverified;
 interface VerifierOptions {
     /**
-     * URL of the AgentPass JWKS endpoint.
+     * URL of the AgentID JWKS endpoint.
      * Must use HTTPS (except `localhost` / `127.0.0.1` in development).
      *
-     * @default 'https://agentpass.vercel.app/api/jwks'
+     * @default 'https://agentidapp.vercel.app/api/jwks'
      */
     jwksUrl?: string;
     /**
-     * Block agent requests that carry no valid AgentPass token.
+     * Block agent requests that carry no valid AgentID token.
      * When `false` the middleware still runs but sets an unverified result
      * on the request instead of returning 403.
      *
@@ -57,7 +57,7 @@ interface VerifierOptions {
     clockTolerance?: number;
 }
 
-type AgentPassMiddlewareOptions = VerifierOptions & {
+type AgentIDMiddlewareOptions = VerifierOptions & {
     /**
      * Optional callback invoked when an agent is detected but carries no
      * valid token. Return a `NextResponse` to override the default 403.
@@ -65,47 +65,47 @@ type AgentPassMiddlewareOptions = VerifierOptions & {
     onUnauthorizedAgent?: (request: NextRequest, reason: string) => NextResponse | void;
 };
 /**
- * Factory that returns a Next.js middleware function which detects AI-agent
- * traffic and enforces AgentPass JWT authentication.
+ * Factory that returns a Next.js proxy function which detects AI-agent
+ * traffic and enforces AgentID JWT authentication.
  *
  * @example
  * ```ts
- * // middleware.ts (project root)
- * import { createAgentPassMiddleware } from '@agent-id/nextjs';
+ * // proxy.ts (project root)
+ * import { createAgentIDMiddleware } from '@agent-id/nextjs';
  *
- * const agentPass = createAgentPassMiddleware({
+ * const agentID = createAgentIDMiddleware({
  *   blockUnauthorizedAgents: true,
  * });
  *
- * export function middleware(request: NextRequest) {
- *   return agentPass(request);
+ * export function proxy(request: NextRequest) {
+ *   return agentID(request);
  * }
  *
  * export const config = { matcher: '/api/:path*' };
  * ```
  */
-declare function createAgentPassMiddleware(options?: AgentPassMiddlewareOptions): (request: NextRequest) => Promise<NextResponse>;
+declare function createAgentIDMiddleware(options?: AgentIDMiddlewareOptions): (request: NextRequest) => Promise<NextResponse>;
 
 interface VerifyTokenOptions {
     jwksUrl?: string;
     clockTolerance?: number;
 }
 /**
- * Verify an AgentPass JWT and return its decoded claims.
+ * Verify an AgentID JWT and return its decoded claims.
  *
  * Security guarantees
  * ───────────────────
  * • Signature   — RS256, verified against the live JWKS public key.
  * • Algorithm   — strict allowlist `['RS256']`; alg:none and HS256 are
  *                 rejected before signature verification even begins.
- * • Issuer      — must be exactly "agentpass".
+ * • Issuer      — must be exactly "agentid".
  * • Expiry      — enforced; configurable clock tolerance (default 30 s).
  * • kid         — jose matches the JWT `kid` header to the JWKS automatically.
  * • auth_method — validated at runtime; must equal "bankid".
  *
  * @throws if the token is invalid, expired, or fails any check.
  */
-declare function verifyAgentPassToken(token: string, options?: VerifyTokenOptions): Promise<AgentPassClaims>;
+declare function verifyAgentIDToken(token: string, options?: VerifyTokenOptions): Promise<AgentIDClaims>;
 
 /**
  * Bot / AI-agent detection for Next.js (Edge Runtime compatible).
@@ -128,36 +128,36 @@ declare function verifyAgentPassToken(token: string, options?: VerifyTokenOption
  */
 declare function isAgentRequest(headers: Headers): boolean;
 /**
- * Extract the AgentPass JWT from request headers.
+ * Extract the AgentID JWT from request headers.
  *
  * Checks in order:
  *  1. `Authorization: Bearer <token>` (preferred)
- *  2. `X-AgentPass-Token` (fallback when Authorization is stripped by proxies)
+ *  2. `X-AgentID-Token` (fallback when Authorization is stripped by proxies)
  *
  * @returns The raw JWT string, or `null` if absent.
  */
 declare function extractToken(headers: Headers): string | null;
 
 /**
- * Extract the verified AgentPass identity from a Next.js App Router request.
+ * Extract the verified AgentID identity from a Next.js App Router request.
  *
- * This function reads the headers set by `createAgentPassMiddleware`. It must
- * only be called from route handlers that sit behind the middleware.
+ * This function reads the headers set by `createAgentIDMiddleware`. It must
+ * only be called from route handlers that sit behind the proxy.
  *
  * @example
  * ```ts
  * // app/api/data/route.ts
- * import { getAgentPassResult } from '@agent-id/nextjs';
+ * import { getAgentIDResult } from '@agent-id/nextjs';
  *
  * export async function GET(request: NextRequest) {
- *   const agentPass = getAgentPassResult(request);
- *   if (!agentPass.verified) {
+ *   const agent = getAgentIDResult(request);
+ *   if (!agent.verified) {
  *     return Response.json({ error: 'Unauthorized' }, { status: 403 });
  *   }
- *   return Response.json({ sub: agentPass.claims.sub });
+ *   return Response.json({ sub: agent.claims.sub });
  * }
  * ```
  */
-declare function getAgentPassResult(request: NextRequest): AgentPassResult;
+declare function getAgentIDResult(request: NextRequest): AgentIDResult;
 
-export { type AgentPassClaims, type AgentPassMiddlewareOptions, type AgentPassResult, type AgentPassUnverified, type AgentPassVerified, type VerifierOptions, type VerifyTokenOptions, createAgentPassMiddleware, extractToken, getAgentPassResult, isAgentRequest, verifyAgentPassToken };
+export { type AgentIDClaims, type AgentIDMiddlewareOptions, type AgentIDResult, type AgentIDUnverified, type AgentIDVerified, type VerifierOptions, type VerifyTokenOptions, createAgentIDMiddleware, extractToken, getAgentIDResult, isAgentRequest, verifyAgentIDToken };

package/dist/index.js

@@ -20,11 +20,11 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/index.ts
 var index_exports = {};
 __export(index_exports, {
-  createAgentPassMiddleware: () => createAgentPassMiddleware,
+  createAgentIDMiddleware: () => createAgentIDMiddleware,
   extractToken: () => extractToken,
-  getAgentPassResult: () => getAgentPassResult,
+  getAgentIDResult: () => getAgentIDResult,
   isAgentRequest: () => isAgentRequest,
-  verifyAgentPassToken: () => verifyAgentPassToken
+  verifyAgentIDToken: () => verifyAgentIDToken
 });
 module.exports = __toCommonJS(index_exports);
 
@@ -41,6 +41,7 @@ var BOT_UA_PATTERNS = [
   /ClaudeBot/i,
   /Claude-Web/i,
   /anthropic-ai/i,
+  /Claude-User/i,
   // Google
   /Googlebot/i,
   /Google-Extended/i,
@@ -66,9 +67,9 @@ var BOT_UA_PATTERNS = [
   /\bspider\b/i,
   /\bscraper\b/i,
   /\bfetcher\b/i,
-  // MCP / AgentPass clients
+  // MCP / AgentID clients
   /mcp-client/i,
-  /agentpass-client/i
+  /agentid-client/i
 ];
 var BROWSER_UA_RE = /Mozilla\/5\.0/i;
 function isAgentRequest(headers) {
@@ -92,14 +93,14 @@ function extractToken(headers) {
     const token = auth.slice(7).trim();
     if (token) return token;
   }
-  const custom = headers.get("x-agentpass-token")?.trim();
+  const custom = headers.get("x-agentid-token")?.trim();
   if (custom) return custom;
   return null;
 }
 
 // src/verify.ts
 var import_jose = require("jose");
-var DEFAULT_JWKS_URL = "https://agentpass.vercel.app/api/jwks";
+var DEFAULT_JWKS_URL = "https://agentidapp.vercel.app/api/jwks";
 var jwksSets = /* @__PURE__ */ new Map();
 function getJwks(rawUrl) {
   if (!jwksSets.has(rawUrl)) {
@@ -120,11 +121,11 @@ function getJwks(rawUrl) {
   }
   return jwksSets.get(rawUrl);
 }
-async function verifyAgentPassToken(token, options = {}) {
+async function verifyAgentIDToken(token, options = {}) {
   const jwksUrl = options.jwksUrl ?? DEFAULT_JWKS_URL;
   const JWKS = getJwks(jwksUrl);
   const { payload } = await (0, import_jose.jwtVerify)(token, JWKS, {
-    issuer: "agentpass",
+    issuer: "agentid",
     // ↓ Critical — explicit allowlist prevents algorithm-confusion attacks.
     //   Any token claiming alg:"none", alg:"HS256", or anything else is
     //   rejected before signature verification.
@@ -144,18 +145,18 @@ async function verifyAgentPassToken(token, options = {}) {
 
 // src/middleware.ts
 var MANAGED_HEADERS = [
-  "x-agentpass-verified",
-  "x-agentpass-sub",
-  "x-agentpass-claims"
+  "x-agentid-verified",
+  "x-agentid-sub",
+  "x-agentid-claims"
 ];
-function createAgentPassMiddleware(options = {}) {
+function createAgentIDMiddleware(options = {}) {
   const {
     jwksUrl,
     blockUnauthorizedAgents = true,
     clockTolerance = 30,
     onUnauthorizedAgent
   } = options;
-  return async function agentPassMiddleware(request) {
+  return async function agentIDMiddleware(request) {
     const requestHeaders = new Headers(request.headers);
     for (const name of MANAGED_HEADERS) {
       requestHeaders.delete(name);
@@ -168,14 +169,14 @@ function createAgentPassMiddleware(options = {}) {
       return unauthorized(
         request,
         requestHeaders,
-        'Agent request missing AgentPass token. Provide "Authorization: Bearer <token>".',
+        'Agent request missing AgentID token. Provide "Authorization: Bearer <token>".',
         blockUnauthorizedAgents,
         onUnauthorizedAgent
       );
     }
     let claims;
     try {
-      claims = await verifyAgentPassToken(token, {
+      claims = await verifyAgentIDToken(token, {
         ...jwksUrl !== void 0 && { jwksUrl },
         clockTolerance
       });
@@ -187,14 +188,14 @@ function createAgentPassMiddleware(options = {}) {
       return unauthorized(
         request,
         requestHeaders,
-        "Invalid or expired AgentPass token.",
+        "Invalid or expired AgentID token.",
         blockUnauthorizedAgents,
         onUnauthorizedAgent
       );
     }
-    requestHeaders.set("x-agentpass-verified", "true");
-    requestHeaders.set("x-agentpass-sub", claims.sub);
-    requestHeaders.set("x-agentpass-claims", JSON.stringify(claims));
+    requestHeaders.set("x-agentid-verified", "true");
+    requestHeaders.set("x-agentid-sub", claims.sub);
+    requestHeaders.set("x-agentid-claims", JSON.stringify(claims));
     return import_server.NextResponse.next({ request: { headers: requestHeaders } });
   };
 }
@@ -209,20 +210,20 @@ function unauthorized(request, requestHeaders, message, block, onUnauthorized) {
       { status: 403 }
     );
   }
-  requestHeaders.set("x-agentpass-verified", "false");
+  requestHeaders.set("x-agentid-verified", "false");
   return import_server.NextResponse.next({ request: { headers: requestHeaders } });
 }
 
 // src/index.ts
-function getAgentPassResult(request) {
-  const verified = request.headers.get("x-agentpass-verified");
+function getAgentIDResult(request) {
+  const verified = request.headers.get("x-agentid-verified");
   if (verified !== "true") {
     return {
       verified: false,
       reason: verified === "false" ? "no_token" : "not_agent"
     };
   }
-  const claimsJson = request.headers.get("x-agentpass-claims");
+  const claimsJson = request.headers.get("x-agentid-claims");
   if (!claimsJson) {
     return { verified: false, reason: "invalid_token" };
   }
@@ -235,10 +236,10 @@ function getAgentPassResult(request) {
 }
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
-  createAgentPassMiddleware,
+  createAgentIDMiddleware,
   extractToken,
-  getAgentPassResult,
+  getAgentIDResult,
   isAgentRequest,
-  verifyAgentPassToken
+  verifyAgentIDToken
 });
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/index.ts","../src/middleware.ts","../src/detect.ts","../src/verify.ts"],"sourcesContent":["export { createAgentPassMiddleware } from \"./middleware.js\";\nexport type { AgentPassMiddlewareOptions } from \"./middleware.js\";\n\nexport { verifyAgentPassToken } from \"./verify.js\";\nexport type { VerifyTokenOptions } from \"./verify.js\";\n\nexport { isAgentRequest, extractToken } from \"./detect.js\";\n\nexport type {\n  AgentPassClaims,\n  AgentPassResult,\n  AgentPassVerified,\n  AgentPassUnverified,\n  VerifierOptions,\n} from \"./types.js\";\n\n// ── App Router helper ────────────────────────────────────────────────────────\n\nimport type { NextRequest } from \"next/server\";\nimport type { AgentPassResult, AgentPassClaims } from \"./types.js\";\n\n/**\n * Extract the verified AgentPass identity from a Next.js App Router request.\n *\n * This function reads the headers set by `createAgentPassMiddleware`. It must\n * only be called from route handlers that sit behind the middleware.\n *\n * @example\n * ```ts\n * // app/api/data/route.ts\n * import { getAgentPassResult } from '@agent-id/nextjs';\n *\n * export async function GET(request: NextRequest) {\n *   const agentPass = getAgentPassResult(request);\n *   if (!agentPass.verified) {\n *     return Response.json({ error: 'Unauthorized' }, { status: 403 });\n *   }\n *   return Response.json({ sub: agentPass.claims.sub });\n * }\n * ```\n */\nexport function getAgentPassResult(request: NextRequest): AgentPassResult {\n  const verified = request.headers.get(\"x-agentpass-verified\");\n\n  if (verified !== \"true\") {\n    return {\n      verified: false,\n      reason: verified === \"false\" ? \"no_token\" : \"not_agent\",\n    };\n  }\n\n  const claimsJson = request.headers.get(\"x-agentpass-claims\");\n  if (!claimsJson) {\n    return { verified: false, reason: \"invalid_token\" };\n  }\n\n  try {\n    const claims = JSON.parse(claimsJson) as AgentPassClaims;\n    return { verified: true, claims };\n  } catch {\n    return { verified: false, reason: \"invalid_token\" };\n  }\n}\n","import { NextRequest, NextResponse } from \"next/server\";\nimport { isAgentRequest, extractToken } from \"./detect.js\";\nimport { verifyAgentPassToken } from \"./verify.js\";\nimport type { VerifierOptions, AgentPassClaims } from \"./types.js\";\n\nexport type AgentPassMiddlewareOptions = VerifierOptions & {\n  /**\n   * Optional callback invoked when an agent is detected but carries no\n   * valid token. Return a `NextResponse` to override the default 403.\n   */\n  onUnauthorizedAgent?: (\n    request: NextRequest,\n    reason: string\n  ) => NextResponse | void;\n};\n\n/**\n * Headers injected by this middleware into downstream route handlers.\n * They are stripped from the *incoming* request first to prevent spoofing.\n */\nconst MANAGED_HEADERS = [\n  \"x-agentpass-verified\",\n  \"x-agentpass-sub\",\n  \"x-agentpass-claims\",\n] as const;\n\n/**\n * Factory that returns a Next.js middleware function which detects AI-agent\n * traffic and enforces AgentPass JWT authentication.\n *\n * @example\n * ```ts\n * // middleware.ts (project root)\n * import { createAgentPassMiddleware } from '@agent-id/nextjs';\n *\n * const agentPass = createAgentPassMiddleware({\n *   blockUnauthorizedAgents: true,\n * });\n *\n * export function middleware(request: NextRequest) {\n *   return agentPass(request);\n * }\n *\n * export const config = { matcher: '/api/:path*' };\n * ```\n */\nexport function createAgentPassMiddleware(\n  options: AgentPassMiddlewareOptions = {}\n) {\n  const {\n    jwksUrl,\n    blockUnauthorizedAgents = true,\n    clockTolerance = 30,\n    onUnauthorizedAgent,\n  } = options;\n\n  return async function agentPassMiddleware(\n    request: NextRequest\n  ): Promise<NextResponse> {\n    // Clone incoming headers so we can safely mutate them.\n    const requestHeaders = new Headers(request.headers);\n\n    // ── Security: strip client-supplied AgentPass headers ──────────────────\n    // Without this, a malicious agent could send x-agentpass-verified: true\n    // and bypass the check in route handlers.\n    for (const name of MANAGED_HEADERS) {\n      requestHeaders.delete(name);\n    }\n\n    // ── Non-agent traffic ──────────────────────────────────────────────────\n    if (!isAgentRequest(requestHeaders)) {\n      return NextResponse.next({ request: { headers: requestHeaders } });\n    }\n\n    // ── Agent detected — require a valid JWT ───────────────────────────────\n    const token = extractToken(requestHeaders);\n\n    if (!token) {\n      return unauthorized(\n        request,\n        requestHeaders,\n        'Agent request missing AgentPass token. Provide \"Authorization: Bearer <token>\".',\n        blockUnauthorizedAgents,\n        onUnauthorizedAgent\n      );\n    }\n\n    // ── Verify the JWT ─────────────────────────────────────────────────────\n    let claims: AgentPassClaims;\n    try {\n      claims = await verifyAgentPassToken(token, {\n        ...(jwksUrl !== undefined && { jwksUrl }),\n        clockTolerance,\n      });\n    } catch (err) {\n      // Never surface the raw error to the caller — it might leak internals.\n      console.warn(\n        \"[agent-id] Token verification failed:\",\n        err instanceof Error ? err.message : String(err)\n      );\n      return unauthorized(\n        request,\n        requestHeaders,\n        \"Invalid or expired AgentPass token.\",\n        blockUnauthorizedAgents,\n        onUnauthorizedAgent\n      );\n    }\n\n    // ── Verified — inject identity into request headers ────────────────────\n    // Route handlers read these via getAgentPassResult(request).\n    requestHeaders.set(\"x-agentpass-verified\", \"true\");\n    requestHeaders.set(\"x-agentpass-sub\", claims.sub);\n    // Full claims encoded as JSON for type-safe extraction by helpers.\n    requestHeaders.set(\"x-agentpass-claims\", JSON.stringify(claims));\n\n    return NextResponse.next({ request: { headers: requestHeaders } });\n  };\n}\n\n// ── Internal helper ──────────────────────────────────────────────────────────\n\nfunction unauthorized(\n  request: NextRequest,\n  requestHeaders: Headers,\n  message: string,\n  block: boolean,\n  onUnauthorized: AgentPassMiddlewareOptions[\"onUnauthorizedAgent\"]\n): NextResponse {\n  if (onUnauthorized) {\n    const custom = onUnauthorized(request, message);\n    if (custom) return custom;\n  }\n\n  if (block) {\n    return NextResponse.json(\n      { error: \"AGENT_UNAUTHORIZED\", message },\n      { status: 403 }\n    );\n  }\n\n  // Pass through with a \"not verified\" marker so route handlers can still\n  // distinguish agent traffic from human traffic.\n  requestHeaders.set(\"x-agentpass-verified\", \"false\");\n  return NextResponse.next({ request: { headers: requestHeaders } });\n}\n","/**\n * Bot / AI-agent detection for Next.js (Edge Runtime compatible).\n *\n * Uses layered heuristics:\n *  1. Explicit bot / AI-agent User-Agent strings\n *  2. Cloudflare Bot Management score (if header is present)\n *  3. Absence of browser signals (no Accept-Language + non-browser UA)\n *\n * The detector is intentionally conservative — when in doubt it lets the\n * request through (fail open). A false negative (undetected bot) means the\n * request passes without a JWT check. A false positive (human flagged as bot)\n * would block legitimate traffic, which is much worse.\n */\n\nconst BOT_UA_PATTERNS: RegExp[] = [\n  // OpenAI\n  /GPTBot/i,\n  /ChatGPT-User/i,\n  /OAI-SearchBot/i,\n  // Anthropic / Claude\n  /ClaudeBot/i,\n  /Claude-Web/i,\n  /anthropic-ai/i,\n  // Google\n  /Googlebot/i,\n  /Google-Extended/i,\n  /AdsBot-Google/i,\n  // Microsoft / Bing\n  /bingbot/i,\n  /msnbot/i,\n  // AI search engines\n  /PerplexityBot/i,\n  /YouBot/i,\n  // Common HTTP automation libraries\n  /python-requests/i,\n  /node-fetch/i,\n  /\\baxios\\b/i,\n  /\\bgot\\b\\//i,\n  /\\bundici\\b/i,\n  /\\bcurl\\b/i,\n  /\\bwget\\b/i,\n  /\\bhttpie\\b/i,\n  // Generic crawler signals (word-boundary matched to reduce false positives)\n  /\\bbot\\b/i,\n  /\\bcrawler\\b/i,\n  /\\bspider\\b/i,\n  /\\bscraper\\b/i,\n  /\\bfetcher\\b/i,\n  // MCP / AgentPass clients\n  /mcp-client/i,\n  /agentpass-client/i,\n];\n\n// Every major browser includes \"Mozilla/5.0\" — its absence is a strong signal\nconst BROWSER_UA_RE = /Mozilla\\/5\\.0/i;\n\n/**\n * Returns `true` if the request appears to originate from an automated\n * agent or bot rather than a human browser.\n *\n * @param headers - The `Headers` object from a Next.js `NextRequest`\n */\nexport function isAgentRequest(headers: Headers): boolean {\n  const ua = headers.get(\"user-agent\") ?? \"\";\n\n  // No User-Agent → definitely automated\n  if (!ua) return true;\n\n  // Explicit bot / agent UA match\n  if (BOT_UA_PATTERNS.some((p) => p.test(ua))) return true;\n\n  // Cloudflare Bot Management: the `cf-bot-management` header contains a\n  // JSON blob with a `score` field (0–100). Score < 30 → highly likely bot.\n  const cfRaw = headers.get(\"cf-bot-management\");\n  if (cfRaw) {\n    try {\n      const parsed = JSON.parse(cfRaw) as { score?: unknown };\n      if (typeof parsed.score === \"number\" && parsed.score < 30) return true;\n    } catch {\n      // Malformed header — fail open (pass through)\n    }\n  }\n\n  // Heuristic: non-browser UA + no Accept-Language → likely automated\n  if (!BROWSER_UA_RE.test(ua) && !headers.get(\"accept-language\")) return true;\n\n  return false;\n}\n\n/**\n * Extract the AgentPass JWT from request headers.\n *\n * Checks in order:\n *  1. `Authorization: Bearer <token>` (preferred)\n *  2. `X-AgentPass-Token` (fallback when Authorization is stripped by proxies)\n *\n * @returns The raw JWT string, or `null` if absent.\n */\nexport function extractToken(headers: Headers): string | null {\n  // Primary: standard Authorization header\n  const auth = headers.get(\"authorization\") ?? \"\";\n  if (auth.startsWith(\"Bearer \")) {\n    const token = auth.slice(7).trim();\n    if (token) return token;\n  }\n\n  // Fallback: custom header\n  const custom = headers.get(\"x-agentpass-token\")?.trim();\n  if (custom) return custom;\n\n  return null;\n}\n","import { createRemoteJWKSet, jwtVerify } from \"jose\";\nimport type { AgentPassClaims } from \"./types.js\";\n\nconst DEFAULT_JWKS_URL = \"https://agentpass.vercel.app/api/jwks\";\n\n/**\n * Module-level JWKS cache — one RemoteJWKSet instance per unique URL.\n * jose caches the fetched key material internally; re-fetches when the\n * cache TTL (1 h) expires or a new `kid` is seen.\n */\nconst jwksSets = new Map<string, ReturnType<typeof createRemoteJWKSet>>();\n\nfunction getJwks(rawUrl: string): ReturnType<typeof createRemoteJWKSet> {\n  if (!jwksSets.has(rawUrl)) {\n    const url = new URL(rawUrl); // throws on malformed URL\n\n    // Security: HTTPS is mandatory to prevent MITM on the public-key fetch.\n    // Localhost is whitelisted for local development / CI.\n    const isLocal =\n      url.hostname === \"localhost\" ||\n      url.hostname === \"127.0.0.1\" ||\n      url.hostname === \"::1\";\n\n    if (url.protocol !== \"https:\" && !isLocal) {\n      throw new Error(\n        `[agent-id] jwksUrl must use HTTPS, received: ${rawUrl}`\n      );\n    }\n\n    jwksSets.set(\n      rawUrl,\n      createRemoteJWKSet(url, {\n        cacheMaxAge: 60 * 60 * 1_000, // 1 hour in ms\n      })\n    );\n  }\n\n  return jwksSets.get(rawUrl)!;\n}\n\nexport interface VerifyTokenOptions {\n  jwksUrl?: string;\n  clockTolerance?: number;\n}\n\n/**\n * Verify an AgentPass JWT and return its decoded claims.\n *\n * Security guarantees\n * ───────────────────\n * • Signature   — RS256, verified against the live JWKS public key.\n * • Algorithm   — strict allowlist `['RS256']`; alg:none and HS256 are\n *                 rejected before signature verification even begins.\n * • Issuer      — must be exactly \"agentpass\".\n * • Expiry      — enforced; configurable clock tolerance (default 30 s).\n * • kid         — jose matches the JWT `kid` header to the JWKS automatically.\n * • auth_method — validated at runtime; must equal \"bankid\".\n *\n * @throws if the token is invalid, expired, or fails any check.\n */\nexport async function verifyAgentPassToken(\n  token: string,\n  options: VerifyTokenOptions = {}\n): Promise<AgentPassClaims> {\n  const jwksUrl = options.jwksUrl ?? DEFAULT_JWKS_URL;\n  const JWKS = getJwks(jwksUrl);\n\n  const { payload } = await jwtVerify(token, JWKS, {\n    issuer: \"agentpass\",\n    // ↓ Critical — explicit allowlist prevents algorithm-confusion attacks.\n    //   Any token claiming alg:\"none\", alg:\"HS256\", or anything else is\n    //   rejected before signature verification.\n    algorithms: [\"RS256\"],\n    clockTolerance: options.clockTolerance ?? 30,\n  });\n\n  // Runtime validation of AgentPass-specific claims.\n  if (payload.auth_method !== \"bankid\") {\n    throw new Error(\n      `[agent-id] JWT has invalid auth_method: expected \"bankid\", got \"${\n        payload.auth_method ?? \"undefined\"\n      }\"`\n    );\n  }\n  if (typeof payload.sub !== \"string\" || payload.sub.length === 0) {\n    throw new Error(\"[agent-id] JWT is missing the sub claim\");\n  }\n\n  return payload as unknown as AgentPassClaims;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oBAA0C;;;ACc1C,IAAM,kBAA4B;AAAA;AAAA,EAEhC;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AACF;AAGA,IAAM,gBAAgB;AAQf,SAAS,eAAe,SAA2B;AACxD,QAAM,KAAK,QAAQ,IAAI,YAAY,KAAK;AAGxC,MAAI,CAAC,GAAI,QAAO;AAGhB,MAAI,gBAAgB,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAG,QAAO;AAIpD,QAAM,QAAQ,QAAQ,IAAI,mBAAmB;AAC7C,MAAI,OAAO;AACT,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,KAAK;AAC/B,UAAI,OAAO,OAAO,UAAU,YAAY,OAAO,QAAQ,GAAI,QAAO;AAAA,IACpE,QAAQ;AAAA,IAER;AAAA,EACF;AAGA,MAAI,CAAC,cAAc,KAAK,EAAE,KAAK,CAAC,QAAQ,IAAI,iBAAiB,EAAG,QAAO;AAEvE,SAAO;AACT;AAWO,SAAS,aAAa,SAAiC;AAE5D,QAAM,OAAO,QAAQ,IAAI,eAAe,KAAK;AAC7C,MAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,UAAM,QAAQ,KAAK,MAAM,CAAC,EAAE,KAAK;AACjC,QAAI,MAAO,QAAO;AAAA,EACpB;AAGA,QAAM,SAAS,QAAQ,IAAI,mBAAmB,GAAG,KAAK;AACtD,MAAI,OAAQ,QAAO;AAEnB,SAAO;AACT;;;AC/GA,kBAA8C;AAG9C,IAAM,mBAAmB;AAOzB,IAAM,WAAW,oBAAI,IAAmD;AAExE,SAAS,QAAQ,QAAuD;AACtE,MAAI,CAAC,SAAS,IAAI,MAAM,GAAG;AACzB,UAAM,MAAM,IAAI,IAAI,MAAM;AAI1B,UAAM,UACJ,IAAI,aAAa,eACjB,IAAI,aAAa,eACjB,IAAI,aAAa;AAEnB,QAAI,IAAI,aAAa,YAAY,CAAC,SAAS;AACzC,YAAM,IAAI;AAAA,QACR,gDAAgD,MAAM;AAAA,MACxD;AAAA,IACF;AAEA,aAAS;AAAA,MACP;AAAA,UACA,gCAAmB,KAAK;AAAA,QACtB,aAAa,KAAK,KAAK;AAAA;AAAA,MACzB,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO,SAAS,IAAI,MAAM;AAC5B;AAsBA,eAAsB,qBACpB,OACA,UAA8B,CAAC,GACL;AAC1B,QAAM,UAAU,QAAQ,WAAW;AACnC,QAAM,OAAO,QAAQ,OAAO;AAE5B,QAAM,EAAE,QAAQ,IAAI,UAAM,uBAAU,OAAO,MAAM;AAAA,IAC/C,QAAQ;AAAA;AAAA;AAAA;AAAA,IAIR,YAAY,CAAC,OAAO;AAAA,IACpB,gBAAgB,QAAQ,kBAAkB;AAAA,EAC5C,CAAC;AAGD,MAAI,QAAQ,gBAAgB,UAAU;AACpC,UAAM,IAAI;AAAA,MACR,mEACE,QAAQ,eAAe,WACzB;AAAA,IACF;AAAA,EACF;AACA,MAAI,OAAO,QAAQ,QAAQ,YAAY,QAAQ,IAAI,WAAW,GAAG;AAC/D,UAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AAEA,SAAO;AACT;;;AFrEA,IAAM,kBAAkB;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AACF;AAsBO,SAAS,0BACd,UAAsC,CAAC,GACvC;AACA,QAAM;AAAA,IACJ;AAAA,IACA,0BAA0B;AAAA,IAC1B,iBAAiB;AAAA,IACjB;AAAA,EACF,IAAI;AAEJ,SAAO,eAAe,oBACpB,SACuB;AAEvB,UAAM,iBAAiB,IAAI,QAAQ,QAAQ,OAAO;AAKlD,eAAW,QAAQ,iBAAiB;AAClC,qBAAe,OAAO,IAAI;AAAA,IAC5B;AAGA,QAAI,CAAC,eAAe,cAAc,GAAG;AACnC,aAAO,2BAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AAAA,IACnE;AAGA,UAAM,QAAQ,aAAa,cAAc;AAEzC,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAGA,QAAI;AACJ,QAAI;AACF,eAAS,MAAM,qBAAqB,OAAO;AAAA,QACzC,GAAI,YAAY,UAAa,EAAE,QAAQ;AAAA,QACvC;AAAA,MACF,CAAC;AAAA,IACH,SAAS,KAAK;AAEZ,cAAQ;AAAA,QACN;AAAA,QACA,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MACjD;AACA,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAIA,mBAAe,IAAI,wBAAwB,MAAM;AACjD,mBAAe,IAAI,mBAAmB,OAAO,GAAG;AAEhD,mBAAe,IAAI,sBAAsB,KAAK,UAAU,MAAM,CAAC;AAE/D,WAAO,2BAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AAAA,EACnE;AACF;AAIA,SAAS,aACP,SACA,gBACA,SACA,OACA,gBACc;AACd,MAAI,gBAAgB;AAClB,UAAM,SAAS,eAAe,SAAS,OAAO;AAC9C,QAAI,OAAQ,QAAO;AAAA,EACrB;AAEA,MAAI,OAAO;AACT,WAAO,2BAAa;AAAA,MAClB,EAAE,OAAO,sBAAsB,QAAQ;AAAA,MACvC,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AAIA,iBAAe,IAAI,wBAAwB,OAAO;AAClD,SAAO,2BAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AACnE;;;ADxGO,SAAS,mBAAmB,SAAuC;AACxE,QAAM,WAAW,QAAQ,QAAQ,IAAI,sBAAsB;AAE3D,MAAI,aAAa,QAAQ;AACvB,WAAO;AAAA,MACL,UAAU;AAAA,MACV,QAAQ,aAAa,UAAU,aAAa;AAAA,IAC9C;AAAA,EACF;AAEA,QAAM,aAAa,QAAQ,QAAQ,IAAI,oBAAoB;AAC3D,MAAI,CAAC,YAAY;AACf,WAAO,EAAE,UAAU,OAAO,QAAQ,gBAAgB;AAAA,EACpD;AAEA,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,UAAU;AACpC,WAAO,EAAE,UAAU,MAAM,OAAO;AAAA,EAClC,QAAQ;AACN,WAAO,EAAE,UAAU,OAAO,QAAQ,gBAAgB;AAAA,EACpD;AACF;","names":[]}
+{"version":3,"sources":["../src/index.ts","../src/middleware.ts","../src/detect.ts","../src/verify.ts"],"sourcesContent":["export { createAgentIDMiddleware } from \"./middleware.js\";\nexport type { AgentIDMiddlewareOptions } from \"./middleware.js\";\n\nexport { verifyAgentIDToken } from \"./verify.js\";\nexport type { VerifyTokenOptions } from \"./verify.js\";\n\nexport { isAgentRequest, extractToken } from \"./detect.js\";\n\nexport type {\n  AgentIDClaims,\n  AgentIDResult,\n  AgentIDVerified,\n  AgentIDUnverified,\n  VerifierOptions,\n} from \"./types.js\";\n\n// ── App Router helper ────────────────────────────────────────────────────────\n\nimport type { NextRequest } from \"next/server\";\nimport type { AgentIDResult, AgentIDClaims } from \"./types.js\";\n\n/**\n * Extract the verified AgentID identity from a Next.js App Router request.\n *\n * This function reads the headers set by `createAgentIDMiddleware`. It must\n * only be called from route handlers that sit behind the proxy.\n *\n * @example\n * ```ts\n * // app/api/data/route.ts\n * import { getAgentIDResult } from '@agent-id/nextjs';\n *\n * export async function GET(request: NextRequest) {\n *   const agent = getAgentIDResult(request);\n *   if (!agent.verified) {\n *     return Response.json({ error: 'Unauthorized' }, { status: 403 });\n *   }\n *   return Response.json({ sub: agent.claims.sub });\n * }\n * ```\n */\nexport function getAgentIDResult(request: NextRequest): AgentIDResult {\n  const verified = request.headers.get(\"x-agentid-verified\");\n\n  if (verified !== \"true\") {\n    return {\n      verified: false,\n      reason: verified === \"false\" ? \"no_token\" : \"not_agent\",\n    };\n  }\n\n  const claimsJson = request.headers.get(\"x-agentid-claims\");\n  if (!claimsJson) {\n    return { verified: false, reason: \"invalid_token\" };\n  }\n\n  try {\n    const claims = JSON.parse(claimsJson) as AgentIDClaims;\n    return { verified: true, claims };\n  } catch {\n    return { verified: false, reason: \"invalid_token\" };\n  }\n}\n","import { NextRequest, NextResponse } from \"next/server\";\nimport { isAgentRequest, extractToken } from \"./detect.js\";\nimport { verifyAgentIDToken } from \"./verify.js\";\nimport type { VerifierOptions, AgentIDClaims } from \"./types.js\";\n\nexport type AgentIDMiddlewareOptions = VerifierOptions & {\n  /**\n   * Optional callback invoked when an agent is detected but carries no\n   * valid token. Return a `NextResponse` to override the default 403.\n   */\n  onUnauthorizedAgent?: (\n    request: NextRequest,\n    reason: string\n  ) => NextResponse | void;\n};\n\n/**\n * Headers injected by this proxy into downstream route handlers.\n * They are stripped from the *incoming* request first to prevent spoofing.\n */\nconst MANAGED_HEADERS = [\n  \"x-agentid-verified\",\n  \"x-agentid-sub\",\n  \"x-agentid-claims\",\n] as const;\n\n/**\n * Factory that returns a Next.js proxy function which detects AI-agent\n * traffic and enforces AgentID JWT authentication.\n *\n * @example\n * ```ts\n * // proxy.ts (project root)\n * import { createAgentIDMiddleware } from '@agent-id/nextjs';\n *\n * const agentID = createAgentIDMiddleware({\n *   blockUnauthorizedAgents: true,\n * });\n *\n * export function proxy(request: NextRequest) {\n *   return agentID(request);\n * }\n *\n * export const config = { matcher: '/api/:path*' };\n * ```\n */\nexport function createAgentIDMiddleware(\n  options: AgentIDMiddlewareOptions = {}\n) {\n  const {\n    jwksUrl,\n    blockUnauthorizedAgents = true,\n    clockTolerance = 30,\n    onUnauthorizedAgent,\n  } = options;\n\n  return async function agentIDMiddleware(\n    request: NextRequest\n  ): Promise<NextResponse> {\n    // Clone incoming headers so we can safely mutate them.\n    const requestHeaders = new Headers(request.headers);\n\n    // ── Security: strip client-supplied AgentID headers ──────────────────\n    // Without this, a malicious agent could send x-agentid-verified: true\n    // and bypass the check in route handlers.\n    for (const name of MANAGED_HEADERS) {\n      requestHeaders.delete(name);\n    }\n\n    // ── Non-agent traffic ──────────────────────────────────────────────────\n    if (!isAgentRequest(requestHeaders)) {\n      return NextResponse.next({ request: { headers: requestHeaders } });\n    }\n\n    // ── Agent detected — require a valid JWT ───────────────────────────────\n    const token = extractToken(requestHeaders);\n\n    if (!token) {\n      return unauthorized(\n        request,\n        requestHeaders,\n        'Agent request missing AgentID token. Provide \"Authorization: Bearer <token>\".',\n        blockUnauthorizedAgents,\n        onUnauthorizedAgent\n      );\n    }\n\n    // ── Verify the JWT ─────────────────────────────────────────────────────\n    let claims: AgentIDClaims;\n    try {\n      claims = await verifyAgentIDToken(token, {\n        ...(jwksUrl !== undefined && { jwksUrl }),\n        clockTolerance,\n      });\n    } catch (err) {\n      // Never surface the raw error to the caller — it might leak internals.\n      console.warn(\n        \"[agent-id] Token verification failed:\",\n        err instanceof Error ? err.message : String(err)\n      );\n      return unauthorized(\n        request,\n        requestHeaders,\n        \"Invalid or expired AgentID token.\",\n        blockUnauthorizedAgents,\n        onUnauthorizedAgent\n      );\n    }\n\n    // ── Verified — inject identity into request headers ────────────────────\n    // Route handlers read these via getAgentIDResult(request).\n    requestHeaders.set(\"x-agentid-verified\", \"true\");\n    requestHeaders.set(\"x-agentid-sub\", claims.sub);\n    // Full claims encoded as JSON for type-safe extraction by helpers.\n    requestHeaders.set(\"x-agentid-claims\", JSON.stringify(claims));\n\n    return NextResponse.next({ request: { headers: requestHeaders } });\n  };\n}\n\n// ── Internal helper ──────────────────────────────────────────────────────────\n\nfunction unauthorized(\n  request: NextRequest,\n  requestHeaders: Headers,\n  message: string,\n  block: boolean,\n  onUnauthorized: AgentIDMiddlewareOptions[\"onUnauthorizedAgent\"]\n): NextResponse {\n  if (onUnauthorized) {\n    const custom = onUnauthorized(request, message);\n    if (custom) return custom;\n  }\n\n  if (block) {\n    return NextResponse.json(\n      { error: \"AGENT_UNAUTHORIZED\", message },\n      { status: 403 }\n    );\n  }\n\n  // Pass through with a \"not verified\" marker so route handlers can still\n  // distinguish agent traffic from human traffic.\n  requestHeaders.set(\"x-agentid-verified\", \"false\");\n  return NextResponse.next({ request: { headers: requestHeaders } });\n}\n","/**\n * Bot / AI-agent detection for Next.js (Edge Runtime compatible).\n *\n * Uses layered heuristics:\n *  1. Explicit bot / AI-agent User-Agent strings\n *  2. Cloudflare Bot Management score (if header is present)\n *  3. Absence of browser signals (no Accept-Language + non-browser UA)\n *\n * The detector is intentionally conservative — when in doubt it lets the\n * request through (fail open). A false negative (undetected bot) means the\n * request passes without a JWT check. A false positive (human flagged as bot)\n * would block legitimate traffic, which is much worse.\n */\n\nconst BOT_UA_PATTERNS: RegExp[] = [\n  // OpenAI\n  /GPTBot/i,\n  /ChatGPT-User/i,\n  /OAI-SearchBot/i,\n  // Anthropic / Claude\n  /ClaudeBot/i,\n  /Claude-Web/i,\n  /anthropic-ai/i,\n  /Claude-User/i,\n  // Google\n  /Googlebot/i,\n  /Google-Extended/i,\n  /AdsBot-Google/i,\n  // Microsoft / Bing\n  /bingbot/i,\n  /msnbot/i,\n  // AI search engines\n  /PerplexityBot/i,\n  /YouBot/i,\n  // Common HTTP automation libraries\n  /python-requests/i,\n  /node-fetch/i,\n  /\\baxios\\b/i,\n  /\\bgot\\b\\//i,\n  /\\bundici\\b/i,\n  /\\bcurl\\b/i,\n  /\\bwget\\b/i,\n  /\\bhttpie\\b/i,\n  // Generic crawler signals (word-boundary matched to reduce false positives)\n  /\\bbot\\b/i,\n  /\\bcrawler\\b/i,\n  /\\bspider\\b/i,\n  /\\bscraper\\b/i,\n  /\\bfetcher\\b/i,\n  // MCP / AgentID clients\n  /mcp-client/i,\n  /agentid-client/i,\n];\n\n// Every major browser includes \"Mozilla/5.0\" — its absence is a strong signal\nconst BROWSER_UA_RE = /Mozilla\\/5\\.0/i;\n\n/**\n * Returns `true` if the request appears to originate from an automated\n * agent or bot rather than a human browser.\n *\n * @param headers - The `Headers` object from a Next.js `NextRequest`\n */\nexport function isAgentRequest(headers: Headers): boolean {\n  const ua = headers.get(\"user-agent\") ?? \"\";\n\n  // No User-Agent → definitely automated\n  if (!ua) return true;\n\n  // Explicit bot / agent UA match\n  if (BOT_UA_PATTERNS.some((p) => p.test(ua))) return true;\n\n  // Cloudflare Bot Management: the `cf-bot-management` header contains a\n  // JSON blob with a `score` field (0–100). Score < 30 → highly likely bot.\n  const cfRaw = headers.get(\"cf-bot-management\");\n  if (cfRaw) {\n    try {\n      const parsed = JSON.parse(cfRaw) as { score?: unknown };\n      if (typeof parsed.score === \"number\" && parsed.score < 30) return true;\n    } catch {\n      // Malformed header — fail open (pass through)\n    }\n  }\n\n  // Heuristic: non-browser UA + no Accept-Language → likely automated\n  if (!BROWSER_UA_RE.test(ua) && !headers.get(\"accept-language\")) return true;\n\n  return false;\n}\n\n/**\n * Extract the AgentID JWT from request headers.\n *\n * Checks in order:\n *  1. `Authorization: Bearer <token>` (preferred)\n *  2. `X-AgentID-Token` (fallback when Authorization is stripped by proxies)\n *\n * @returns The raw JWT string, or `null` if absent.\n */\nexport function extractToken(headers: Headers): string | null {\n  // Primary: standard Authorization header\n  const auth = headers.get(\"authorization\") ?? \"\";\n  if (auth.startsWith(\"Bearer \")) {\n    const token = auth.slice(7).trim();\n    if (token) return token;\n  }\n\n  // Fallback: custom header\n  const custom = headers.get(\"x-agentid-token\")?.trim();\n  if (custom) return custom;\n\n  return null;\n}\n","import { createRemoteJWKSet, jwtVerify } from \"jose\";\nimport type { AgentIDClaims } from \"./types.js\";\n\nconst DEFAULT_JWKS_URL = \"https://agentidapp.vercel.app/api/jwks\";\n\n/**\n * Module-level JWKS cache — one RemoteJWKSet instance per unique URL.\n * jose caches the fetched key material internally; re-fetches when the\n * cache TTL (1 h) expires or a new `kid` is seen.\n */\nconst jwksSets = new Map<string, ReturnType<typeof createRemoteJWKSet>>();\n\nfunction getJwks(rawUrl: string): ReturnType<typeof createRemoteJWKSet> {\n  if (!jwksSets.has(rawUrl)) {\n    const url = new URL(rawUrl); // throws on malformed URL\n\n    // Security: HTTPS is mandatory to prevent MITM on the public-key fetch.\n    // Localhost is whitelisted for local development / CI.\n    const isLocal =\n      url.hostname === \"localhost\" ||\n      url.hostname === \"127.0.0.1\" ||\n      url.hostname === \"::1\";\n\n    if (url.protocol !== \"https:\" && !isLocal) {\n      throw new Error(\n        `[agent-id] jwksUrl must use HTTPS, received: ${rawUrl}`\n      );\n    }\n\n    jwksSets.set(\n      rawUrl,\n      createRemoteJWKSet(url, {\n        cacheMaxAge: 60 * 60 * 1_000, // 1 hour in ms\n      })\n    );\n  }\n\n  return jwksSets.get(rawUrl)!;\n}\n\nexport interface VerifyTokenOptions {\n  jwksUrl?: string;\n  clockTolerance?: number;\n}\n\n/**\n * Verify an AgentID JWT and return its decoded claims.\n *\n * Security guarantees\n * ───────────────────\n * • Signature   — RS256, verified against the live JWKS public key.\n * • Algorithm   — strict allowlist `['RS256']`; alg:none and HS256 are\n *                 rejected before signature verification even begins.\n * • Issuer      — must be exactly \"agentid\".\n * • Expiry      — enforced; configurable clock tolerance (default 30 s).\n * • kid         — jose matches the JWT `kid` header to the JWKS automatically.\n * • auth_method — validated at runtime; must equal \"bankid\".\n *\n * @throws if the token is invalid, expired, or fails any check.\n */\nexport async function verifyAgentIDToken(\n  token: string,\n  options: VerifyTokenOptions = {}\n): Promise<AgentIDClaims> {\n  const jwksUrl = options.jwksUrl ?? DEFAULT_JWKS_URL;\n  const JWKS = getJwks(jwksUrl);\n\n  const { payload } = await jwtVerify(token, JWKS, {\n    issuer: \"agentid\",\n    // ↓ Critical — explicit allowlist prevents algorithm-confusion attacks.\n    //   Any token claiming alg:\"none\", alg:\"HS256\", or anything else is\n    //   rejected before signature verification.\n    algorithms: [\"RS256\"],\n    clockTolerance: options.clockTolerance ?? 30,\n  });\n\n  // Runtime validation of AgentID-specific claims.\n  if (payload.auth_method !== \"bankid\") {\n    throw new Error(\n      `[agent-id] JWT has invalid auth_method: expected \"bankid\", got \"${\n        payload.auth_method ?? \"undefined\"\n      }\"`\n    );\n  }\n  if (typeof payload.sub !== \"string\" || payload.sub.length === 0) {\n    throw new Error(\"[agent-id] JWT is missing the sub claim\");\n  }\n\n  return payload as unknown as AgentIDClaims;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,oBAA0C;;;ACc1C,IAAM,kBAA4B;AAAA;AAAA,EAEhC;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AACF;AAGA,IAAM,gBAAgB;AAQf,SAAS,eAAe,SAA2B;AACxD,QAAM,KAAK,QAAQ,IAAI,YAAY,KAAK;AAGxC,MAAI,CAAC,GAAI,QAAO;AAGhB,MAAI,gBAAgB,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAG,QAAO;AAIpD,QAAM,QAAQ,QAAQ,IAAI,mBAAmB;AAC7C,MAAI,OAAO;AACT,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,KAAK;AAC/B,UAAI,OAAO,OAAO,UAAU,YAAY,OAAO,QAAQ,GAAI,QAAO;AAAA,IACpE,QAAQ;AAAA,IAER;AAAA,EACF;AAGA,MAAI,CAAC,cAAc,KAAK,EAAE,KAAK,CAAC,QAAQ,IAAI,iBAAiB,EAAG,QAAO;AAEvE,SAAO;AACT;AAWO,SAAS,aAAa,SAAiC;AAE5D,QAAM,OAAO,QAAQ,IAAI,eAAe,KAAK;AAC7C,MAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,UAAM,QAAQ,KAAK,MAAM,CAAC,EAAE,KAAK;AACjC,QAAI,MAAO,QAAO;AAAA,EACpB;AAGA,QAAM,SAAS,QAAQ,IAAI,iBAAiB,GAAG,KAAK;AACpD,MAAI,OAAQ,QAAO;AAEnB,SAAO;AACT;;;AChHA,kBAA8C;AAG9C,IAAM,mBAAmB;AAOzB,IAAM,WAAW,oBAAI,IAAmD;AAExE,SAAS,QAAQ,QAAuD;AACtE,MAAI,CAAC,SAAS,IAAI,MAAM,GAAG;AACzB,UAAM,MAAM,IAAI,IAAI,MAAM;AAI1B,UAAM,UACJ,IAAI,aAAa,eACjB,IAAI,aAAa,eACjB,IAAI,aAAa;AAEnB,QAAI,IAAI,aAAa,YAAY,CAAC,SAAS;AACzC,YAAM,IAAI;AAAA,QACR,gDAAgD,MAAM;AAAA,MACxD;AAAA,IACF;AAEA,aAAS;AAAA,MACP;AAAA,UACA,gCAAmB,KAAK;AAAA,QACtB,aAAa,KAAK,KAAK;AAAA;AAAA,MACzB,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO,SAAS,IAAI,MAAM;AAC5B;AAsBA,eAAsB,mBACpB,OACA,UAA8B,CAAC,GACP;AACxB,QAAM,UAAU,QAAQ,WAAW;AACnC,QAAM,OAAO,QAAQ,OAAO;AAE5B,QAAM,EAAE,QAAQ,IAAI,UAAM,uBAAU,OAAO,MAAM;AAAA,IAC/C,QAAQ;AAAA;AAAA;AAAA;AAAA,IAIR,YAAY,CAAC,OAAO;AAAA,IACpB,gBAAgB,QAAQ,kBAAkB;AAAA,EAC5C,CAAC;AAGD,MAAI,QAAQ,gBAAgB,UAAU;AACpC,UAAM,IAAI;AAAA,MACR,mEACE,QAAQ,eAAe,WACzB;AAAA,IACF;AAAA,EACF;AACA,MAAI,OAAO,QAAQ,QAAQ,YAAY,QAAQ,IAAI,WAAW,GAAG;AAC/D,UAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AAEA,SAAO;AACT;;;AFrEA,IAAM,kBAAkB;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AACF;AAsBO,SAAS,wBACd,UAAoC,CAAC,GACrC;AACA,QAAM;AAAA,IACJ;AAAA,IACA,0BAA0B;AAAA,IAC1B,iBAAiB;AAAA,IACjB;AAAA,EACF,IAAI;AAEJ,SAAO,eAAe,kBACpB,SACuB;AAEvB,UAAM,iBAAiB,IAAI,QAAQ,QAAQ,OAAO;AAKlD,eAAW,QAAQ,iBAAiB;AAClC,qBAAe,OAAO,IAAI;AAAA,IAC5B;AAGA,QAAI,CAAC,eAAe,cAAc,GAAG;AACnC,aAAO,2BAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AAAA,IACnE;AAGA,UAAM,QAAQ,aAAa,cAAc;AAEzC,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAGA,QAAI;AACJ,QAAI;AACF,eAAS,MAAM,mBAAmB,OAAO;AAAA,QACvC,GAAI,YAAY,UAAa,EAAE,QAAQ;AAAA,QACvC;AAAA,MACF,CAAC;AAAA,IACH,SAAS,KAAK;AAEZ,cAAQ;AAAA,QACN;AAAA,QACA,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MACjD;AACA,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAIA,mBAAe,IAAI,sBAAsB,MAAM;AAC/C,mBAAe,IAAI,iBAAiB,OAAO,GAAG;AAE9C,mBAAe,IAAI,oBAAoB,KAAK,UAAU,MAAM,CAAC;AAE7D,WAAO,2BAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AAAA,EACnE;AACF;AAIA,SAAS,aACP,SACA,gBACA,SACA,OACA,gBACc;AACd,MAAI,gBAAgB;AAClB,UAAM,SAAS,eAAe,SAAS,OAAO;AAC9C,QAAI,OAAQ,QAAO;AAAA,EACrB;AAEA,MAAI,OAAO;AACT,WAAO,2BAAa;AAAA,MAClB,EAAE,OAAO,sBAAsB,QAAQ;AAAA,MACvC,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AAIA,iBAAe,IAAI,sBAAsB,OAAO;AAChD,SAAO,2BAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AACnE;;;ADxGO,SAAS,iBAAiB,SAAqC;AACpE,QAAM,WAAW,QAAQ,QAAQ,IAAI,oBAAoB;AAEzD,MAAI,aAAa,QAAQ;AACvB,WAAO;AAAA,MACL,UAAU;AAAA,MACV,QAAQ,aAAa,UAAU,aAAa;AAAA,IAC9C;AAAA,EACF;AAEA,QAAM,aAAa,QAAQ,QAAQ,IAAI,kBAAkB;AACzD,MAAI,CAAC,YAAY;AACf,WAAO,EAAE,UAAU,OAAO,QAAQ,gBAAgB;AAAA,EACpD;AAEA,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,UAAU;AACpC,WAAO,EAAE,UAAU,MAAM,OAAO;AAAA,EAClC,QAAQ;AACN,WAAO,EAAE,UAAU,OAAO,QAAQ,gBAAgB;AAAA,EACpD;AACF;","names":[]}

package/dist/index.mjs

@@ -11,6 +11,7 @@ var BOT_UA_PATTERNS = [
   /ClaudeBot/i,
   /Claude-Web/i,
   /anthropic-ai/i,
+  /Claude-User/i,
   // Google
   /Googlebot/i,
   /Google-Extended/i,
@@ -36,9 +37,9 @@ var BOT_UA_PATTERNS = [
   /\bspider\b/i,
   /\bscraper\b/i,
   /\bfetcher\b/i,
-  // MCP / AgentPass clients
+  // MCP / AgentID clients
   /mcp-client/i,
-  /agentpass-client/i
+  /agentid-client/i
 ];
 var BROWSER_UA_RE = /Mozilla\/5\.0/i;
 function isAgentRequest(headers) {
@@ -62,14 +63,14 @@ function extractToken(headers) {
     const token = auth.slice(7).trim();
     if (token) return token;
   }
-  const custom = headers.get("x-agentpass-token")?.trim();
+  const custom = headers.get("x-agentid-token")?.trim();
   if (custom) return custom;
   return null;
 }
 
 // src/verify.ts
 import { createRemoteJWKSet, jwtVerify } from "jose";
-var DEFAULT_JWKS_URL = "https://agentpass.vercel.app/api/jwks";
+var DEFAULT_JWKS_URL = "https://agentidapp.vercel.app/api/jwks";
 var jwksSets = /* @__PURE__ */ new Map();
 function getJwks(rawUrl) {
   if (!jwksSets.has(rawUrl)) {
@@ -90,11 +91,11 @@ function getJwks(rawUrl) {
   }
   return jwksSets.get(rawUrl);
 }
-async function verifyAgentPassToken(token, options = {}) {
+async function verifyAgentIDToken(token, options = {}) {
   const jwksUrl = options.jwksUrl ?? DEFAULT_JWKS_URL;
   const JWKS = getJwks(jwksUrl);
   const { payload } = await jwtVerify(token, JWKS, {
-    issuer: "agentpass",
+    issuer: "agentid",
     // ↓ Critical — explicit allowlist prevents algorithm-confusion attacks.
     //   Any token claiming alg:"none", alg:"HS256", or anything else is
     //   rejected before signature verification.
@@ -114,18 +115,18 @@ async function verifyAgentPassToken(token, options = {}) {
 
 // src/middleware.ts
 var MANAGED_HEADERS = [
-  "x-agentpass-verified",
-  "x-agentpass-sub",
-  "x-agentpass-claims"
+  "x-agentid-verified",
+  "x-agentid-sub",
+  "x-agentid-claims"
 ];
-function createAgentPassMiddleware(options = {}) {
+function createAgentIDMiddleware(options = {}) {
   const {
     jwksUrl,
     blockUnauthorizedAgents = true,
     clockTolerance = 30,
     onUnauthorizedAgent
   } = options;
-  return async function agentPassMiddleware(request) {
+  return async function agentIDMiddleware(request) {
     const requestHeaders = new Headers(request.headers);
     for (const name of MANAGED_HEADERS) {
       requestHeaders.delete(name);
@@ -138,14 +139,14 @@ function createAgentPassMiddleware(options = {}) {
       return unauthorized(
         request,
         requestHeaders,
-        'Agent request missing AgentPass token. Provide "Authorization: Bearer <token>".',
+        'Agent request missing AgentID token. Provide "Authorization: Bearer <token>".',
         blockUnauthorizedAgents,
         onUnauthorizedAgent
       );
     }
     let claims;
     try {
-      claims = await verifyAgentPassToken(token, {
+      claims = await verifyAgentIDToken(token, {
         ...jwksUrl !== void 0 && { jwksUrl },
         clockTolerance
       });
@@ -157,14 +158,14 @@ function createAgentPassMiddleware(options = {}) {
       return unauthorized(
         request,
         requestHeaders,
-        "Invalid or expired AgentPass token.",
+        "Invalid or expired AgentID token.",
         blockUnauthorizedAgents,
         onUnauthorizedAgent
       );
     }
-    requestHeaders.set("x-agentpass-verified", "true");
-    requestHeaders.set("x-agentpass-sub", claims.sub);
-    requestHeaders.set("x-agentpass-claims", JSON.stringify(claims));
+    requestHeaders.set("x-agentid-verified", "true");
+    requestHeaders.set("x-agentid-sub", claims.sub);
+    requestHeaders.set("x-agentid-claims", JSON.stringify(claims));
     return NextResponse.next({ request: { headers: requestHeaders } });
   };
 }
@@ -179,20 +180,20 @@ function unauthorized(request, requestHeaders, message, block, onUnauthorized) {
       { status: 403 }
     );
   }
-  requestHeaders.set("x-agentpass-verified", "false");
+  requestHeaders.set("x-agentid-verified", "false");
   return NextResponse.next({ request: { headers: requestHeaders } });
 }
 
 // src/index.ts
-function getAgentPassResult(request) {
-  const verified = request.headers.get("x-agentpass-verified");
+function getAgentIDResult(request) {
+  const verified = request.headers.get("x-agentid-verified");
   if (verified !== "true") {
     return {
       verified: false,
       reason: verified === "false" ? "no_token" : "not_agent"
     };
   }
-  const claimsJson = request.headers.get("x-agentpass-claims");
+  const claimsJson = request.headers.get("x-agentid-claims");
   if (!claimsJson) {
     return { verified: false, reason: "invalid_token" };
   }
@@ -204,10 +205,10 @@ function getAgentPassResult(request) {
   }
 }
 export {
-  createAgentPassMiddleware,
+  createAgentIDMiddleware,
   extractToken,
-  getAgentPassResult,
+  getAgentIDResult,
   isAgentRequest,
-  verifyAgentPassToken
+  verifyAgentIDToken
 };
 //# sourceMappingURL=index.mjs.map

package/dist/index.mjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/middleware.ts","../src/detect.ts","../src/verify.ts","../src/index.ts"],"sourcesContent":["import { NextRequest, NextResponse } from \"next/server\";\nimport { isAgentRequest, extractToken } from \"./detect.js\";\nimport { verifyAgentPassToken } from \"./verify.js\";\nimport type { VerifierOptions, AgentPassClaims } from \"./types.js\";\n\nexport type AgentPassMiddlewareOptions = VerifierOptions & {\n  /**\n   * Optional callback invoked when an agent is detected but carries no\n   * valid token. Return a `NextResponse` to override the default 403.\n   */\n  onUnauthorizedAgent?: (\n    request: NextRequest,\n    reason: string\n  ) => NextResponse | void;\n};\n\n/**\n * Headers injected by this middleware into downstream route handlers.\n * They are stripped from the *incoming* request first to prevent spoofing.\n */\nconst MANAGED_HEADERS = [\n  \"x-agentpass-verified\",\n  \"x-agentpass-sub\",\n  \"x-agentpass-claims\",\n] as const;\n\n/**\n * Factory that returns a Next.js middleware function which detects AI-agent\n * traffic and enforces AgentPass JWT authentication.\n *\n * @example\n * ```ts\n * // middleware.ts (project root)\n * import { createAgentPassMiddleware } from '@agent-id/nextjs';\n *\n * const agentPass = createAgentPassMiddleware({\n *   blockUnauthorizedAgents: true,\n * });\n *\n * export function middleware(request: NextRequest) {\n *   return agentPass(request);\n * }\n *\n * export const config = { matcher: '/api/:path*' };\n * ```\n */\nexport function createAgentPassMiddleware(\n  options: AgentPassMiddlewareOptions = {}\n) {\n  const {\n    jwksUrl,\n    blockUnauthorizedAgents = true,\n    clockTolerance = 30,\n    onUnauthorizedAgent,\n  } = options;\n\n  return async function agentPassMiddleware(\n    request: NextRequest\n  ): Promise<NextResponse> {\n    // Clone incoming headers so we can safely mutate them.\n    const requestHeaders = new Headers(request.headers);\n\n    // ── Security: strip client-supplied AgentPass headers ──────────────────\n    // Without this, a malicious agent could send x-agentpass-verified: true\n    // and bypass the check in route handlers.\n    for (const name of MANAGED_HEADERS) {\n      requestHeaders.delete(name);\n    }\n\n    // ── Non-agent traffic ──────────────────────────────────────────────────\n    if (!isAgentRequest(requestHeaders)) {\n      return NextResponse.next({ request: { headers: requestHeaders } });\n    }\n\n    // ── Agent detected — require a valid JWT ───────────────────────────────\n    const token = extractToken(requestHeaders);\n\n    if (!token) {\n      return unauthorized(\n        request,\n        requestHeaders,\n        'Agent request missing AgentPass token. Provide \"Authorization: Bearer <token>\".',\n        blockUnauthorizedAgents,\n        onUnauthorizedAgent\n      );\n    }\n\n    // ── Verify the JWT ─────────────────────────────────────────────────────\n    let claims: AgentPassClaims;\n    try {\n      claims = await verifyAgentPassToken(token, {\n        ...(jwksUrl !== undefined && { jwksUrl }),\n        clockTolerance,\n      });\n    } catch (err) {\n      // Never surface the raw error to the caller — it might leak internals.\n      console.warn(\n        \"[agent-id] Token verification failed:\",\n        err instanceof Error ? err.message : String(err)\n      );\n      return unauthorized(\n        request,\n        requestHeaders,\n        \"Invalid or expired AgentPass token.\",\n        blockUnauthorizedAgents,\n        onUnauthorizedAgent\n      );\n    }\n\n    // ── Verified — inject identity into request headers ────────────────────\n    // Route handlers read these via getAgentPassResult(request).\n    requestHeaders.set(\"x-agentpass-verified\", \"true\");\n    requestHeaders.set(\"x-agentpass-sub\", claims.sub);\n    // Full claims encoded as JSON for type-safe extraction by helpers.\n    requestHeaders.set(\"x-agentpass-claims\", JSON.stringify(claims));\n\n    return NextResponse.next({ request: { headers: requestHeaders } });\n  };\n}\n\n// ── Internal helper ──────────────────────────────────────────────────────────\n\nfunction unauthorized(\n  request: NextRequest,\n  requestHeaders: Headers,\n  message: string,\n  block: boolean,\n  onUnauthorized: AgentPassMiddlewareOptions[\"onUnauthorizedAgent\"]\n): NextResponse {\n  if (onUnauthorized) {\n    const custom = onUnauthorized(request, message);\n    if (custom) return custom;\n  }\n\n  if (block) {\n    return NextResponse.json(\n      { error: \"AGENT_UNAUTHORIZED\", message },\n      { status: 403 }\n    );\n  }\n\n  // Pass through with a \"not verified\" marker so route handlers can still\n  // distinguish agent traffic from human traffic.\n  requestHeaders.set(\"x-agentpass-verified\", \"false\");\n  return NextResponse.next({ request: { headers: requestHeaders } });\n}\n","/**\n * Bot / AI-agent detection for Next.js (Edge Runtime compatible).\n *\n * Uses layered heuristics:\n *  1. Explicit bot / AI-agent User-Agent strings\n *  2. Cloudflare Bot Management score (if header is present)\n *  3. Absence of browser signals (no Accept-Language + non-browser UA)\n *\n * The detector is intentionally conservative — when in doubt it lets the\n * request through (fail open). A false negative (undetected bot) means the\n * request passes without a JWT check. A false positive (human flagged as bot)\n * would block legitimate traffic, which is much worse.\n */\n\nconst BOT_UA_PATTERNS: RegExp[] = [\n  // OpenAI\n  /GPTBot/i,\n  /ChatGPT-User/i,\n  /OAI-SearchBot/i,\n  // Anthropic / Claude\n  /ClaudeBot/i,\n  /Claude-Web/i,\n  /anthropic-ai/i,\n  // Google\n  /Googlebot/i,\n  /Google-Extended/i,\n  /AdsBot-Google/i,\n  // Microsoft / Bing\n  /bingbot/i,\n  /msnbot/i,\n  // AI search engines\n  /PerplexityBot/i,\n  /YouBot/i,\n  // Common HTTP automation libraries\n  /python-requests/i,\n  /node-fetch/i,\n  /\\baxios\\b/i,\n  /\\bgot\\b\\//i,\n  /\\bundici\\b/i,\n  /\\bcurl\\b/i,\n  /\\bwget\\b/i,\n  /\\bhttpie\\b/i,\n  // Generic crawler signals (word-boundary matched to reduce false positives)\n  /\\bbot\\b/i,\n  /\\bcrawler\\b/i,\n  /\\bspider\\b/i,\n  /\\bscraper\\b/i,\n  /\\bfetcher\\b/i,\n  // MCP / AgentPass clients\n  /mcp-client/i,\n  /agentpass-client/i,\n];\n\n// Every major browser includes \"Mozilla/5.0\" — its absence is a strong signal\nconst BROWSER_UA_RE = /Mozilla\\/5\\.0/i;\n\n/**\n * Returns `true` if the request appears to originate from an automated\n * agent or bot rather than a human browser.\n *\n * @param headers - The `Headers` object from a Next.js `NextRequest`\n */\nexport function isAgentRequest(headers: Headers): boolean {\n  const ua = headers.get(\"user-agent\") ?? \"\";\n\n  // No User-Agent → definitely automated\n  if (!ua) return true;\n\n  // Explicit bot / agent UA match\n  if (BOT_UA_PATTERNS.some((p) => p.test(ua))) return true;\n\n  // Cloudflare Bot Management: the `cf-bot-management` header contains a\n  // JSON blob with a `score` field (0–100). Score < 30 → highly likely bot.\n  const cfRaw = headers.get(\"cf-bot-management\");\n  if (cfRaw) {\n    try {\n      const parsed = JSON.parse(cfRaw) as { score?: unknown };\n      if (typeof parsed.score === \"number\" && parsed.score < 30) return true;\n    } catch {\n      // Malformed header — fail open (pass through)\n    }\n  }\n\n  // Heuristic: non-browser UA + no Accept-Language → likely automated\n  if (!BROWSER_UA_RE.test(ua) && !headers.get(\"accept-language\")) return true;\n\n  return false;\n}\n\n/**\n * Extract the AgentPass JWT from request headers.\n *\n * Checks in order:\n *  1. `Authorization: Bearer <token>` (preferred)\n *  2. `X-AgentPass-Token` (fallback when Authorization is stripped by proxies)\n *\n * @returns The raw JWT string, or `null` if absent.\n */\nexport function extractToken(headers: Headers): string | null {\n  // Primary: standard Authorization header\n  const auth = headers.get(\"authorization\") ?? \"\";\n  if (auth.startsWith(\"Bearer \")) {\n    const token = auth.slice(7).trim();\n    if (token) return token;\n  }\n\n  // Fallback: custom header\n  const custom = headers.get(\"x-agentpass-token\")?.trim();\n  if (custom) return custom;\n\n  return null;\n}\n","import { createRemoteJWKSet, jwtVerify } from \"jose\";\nimport type { AgentPassClaims } from \"./types.js\";\n\nconst DEFAULT_JWKS_URL = \"https://agentpass.vercel.app/api/jwks\";\n\n/**\n * Module-level JWKS cache — one RemoteJWKSet instance per unique URL.\n * jose caches the fetched key material internally; re-fetches when the\n * cache TTL (1 h) expires or a new `kid` is seen.\n */\nconst jwksSets = new Map<string, ReturnType<typeof createRemoteJWKSet>>();\n\nfunction getJwks(rawUrl: string): ReturnType<typeof createRemoteJWKSet> {\n  if (!jwksSets.has(rawUrl)) {\n    const url = new URL(rawUrl); // throws on malformed URL\n\n    // Security: HTTPS is mandatory to prevent MITM on the public-key fetch.\n    // Localhost is whitelisted for local development / CI.\n    const isLocal =\n      url.hostname === \"localhost\" ||\n      url.hostname === \"127.0.0.1\" ||\n      url.hostname === \"::1\";\n\n    if (url.protocol !== \"https:\" && !isLocal) {\n      throw new Error(\n        `[agent-id] jwksUrl must use HTTPS, received: ${rawUrl}`\n      );\n    }\n\n    jwksSets.set(\n      rawUrl,\n      createRemoteJWKSet(url, {\n        cacheMaxAge: 60 * 60 * 1_000, // 1 hour in ms\n      })\n    );\n  }\n\n  return jwksSets.get(rawUrl)!;\n}\n\nexport interface VerifyTokenOptions {\n  jwksUrl?: string;\n  clockTolerance?: number;\n}\n\n/**\n * Verify an AgentPass JWT and return its decoded claims.\n *\n * Security guarantees\n * ───────────────────\n * • Signature   — RS256, verified against the live JWKS public key.\n * • Algorithm   — strict allowlist `['RS256']`; alg:none and HS256 are\n *                 rejected before signature verification even begins.\n * • Issuer      — must be exactly \"agentpass\".\n * • Expiry      — enforced; configurable clock tolerance (default 30 s).\n * • kid         — jose matches the JWT `kid` header to the JWKS automatically.\n * • auth_method — validated at runtime; must equal \"bankid\".\n *\n * @throws if the token is invalid, expired, or fails any check.\n */\nexport async function verifyAgentPassToken(\n  token: string,\n  options: VerifyTokenOptions = {}\n): Promise<AgentPassClaims> {\n  const jwksUrl = options.jwksUrl ?? DEFAULT_JWKS_URL;\n  const JWKS = getJwks(jwksUrl);\n\n  const { payload } = await jwtVerify(token, JWKS, {\n    issuer: \"agentpass\",\n    // ↓ Critical — explicit allowlist prevents algorithm-confusion attacks.\n    //   Any token claiming alg:\"none\", alg:\"HS256\", or anything else is\n    //   rejected before signature verification.\n    algorithms: [\"RS256\"],\n    clockTolerance: options.clockTolerance ?? 30,\n  });\n\n  // Runtime validation of AgentPass-specific claims.\n  if (payload.auth_method !== \"bankid\") {\n    throw new Error(\n      `[agent-id] JWT has invalid auth_method: expected \"bankid\", got \"${\n        payload.auth_method ?? \"undefined\"\n      }\"`\n    );\n  }\n  if (typeof payload.sub !== \"string\" || payload.sub.length === 0) {\n    throw new Error(\"[agent-id] JWT is missing the sub claim\");\n  }\n\n  return payload as unknown as AgentPassClaims;\n}\n","export { createAgentPassMiddleware } from \"./middleware.js\";\nexport type { AgentPassMiddlewareOptions } from \"./middleware.js\";\n\nexport { verifyAgentPassToken } from \"./verify.js\";\nexport type { VerifyTokenOptions } from \"./verify.js\";\n\nexport { isAgentRequest, extractToken } from \"./detect.js\";\n\nexport type {\n  AgentPassClaims,\n  AgentPassResult,\n  AgentPassVerified,\n  AgentPassUnverified,\n  VerifierOptions,\n} from \"./types.js\";\n\n// ── App Router helper ────────────────────────────────────────────────────────\n\nimport type { NextRequest } from \"next/server\";\nimport type { AgentPassResult, AgentPassClaims } from \"./types.js\";\n\n/**\n * Extract the verified AgentPass identity from a Next.js App Router request.\n *\n * This function reads the headers set by `createAgentPassMiddleware`. It must\n * only be called from route handlers that sit behind the middleware.\n *\n * @example\n * ```ts\n * // app/api/data/route.ts\n * import { getAgentPassResult } from '@agent-id/nextjs';\n *\n * export async function GET(request: NextRequest) {\n *   const agentPass = getAgentPassResult(request);\n *   if (!agentPass.verified) {\n *     return Response.json({ error: 'Unauthorized' }, { status: 403 });\n *   }\n *   return Response.json({ sub: agentPass.claims.sub });\n * }\n * ```\n */\nexport function getAgentPassResult(request: NextRequest): AgentPassResult {\n  const verified = request.headers.get(\"x-agentpass-verified\");\n\n  if (verified !== \"true\") {\n    return {\n      verified: false,\n      reason: verified === \"false\" ? \"no_token\" : \"not_agent\",\n    };\n  }\n\n  const claimsJson = request.headers.get(\"x-agentpass-claims\");\n  if (!claimsJson) {\n    return { verified: false, reason: \"invalid_token\" };\n  }\n\n  try {\n    const claims = JSON.parse(claimsJson) as AgentPassClaims;\n    return { verified: true, claims };\n  } catch {\n    return { verified: false, reason: \"invalid_token\" };\n  }\n}\n"],"mappings":";AAAA,SAAsB,oBAAoB;;;ACc1C,IAAM,kBAA4B;AAAA;AAAA,EAEhC;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AACF;AAGA,IAAM,gBAAgB;AAQf,SAAS,eAAe,SAA2B;AACxD,QAAM,KAAK,QAAQ,IAAI,YAAY,KAAK;AAGxC,MAAI,CAAC,GAAI,QAAO;AAGhB,MAAI,gBAAgB,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAG,QAAO;AAIpD,QAAM,QAAQ,QAAQ,IAAI,mBAAmB;AAC7C,MAAI,OAAO;AACT,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,KAAK;AAC/B,UAAI,OAAO,OAAO,UAAU,YAAY,OAAO,QAAQ,GAAI,QAAO;AAAA,IACpE,QAAQ;AAAA,IAER;AAAA,EACF;AAGA,MAAI,CAAC,cAAc,KAAK,EAAE,KAAK,CAAC,QAAQ,IAAI,iBAAiB,EAAG,QAAO;AAEvE,SAAO;AACT;AAWO,SAAS,aAAa,SAAiC;AAE5D,QAAM,OAAO,QAAQ,IAAI,eAAe,KAAK;AAC7C,MAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,UAAM,QAAQ,KAAK,MAAM,CAAC,EAAE,KAAK;AACjC,QAAI,MAAO,QAAO;AAAA,EACpB;AAGA,QAAM,SAAS,QAAQ,IAAI,mBAAmB,GAAG,KAAK;AACtD,MAAI,OAAQ,QAAO;AAEnB,SAAO;AACT;;;AC/GA,SAAS,oBAAoB,iBAAiB;AAG9C,IAAM,mBAAmB;AAOzB,IAAM,WAAW,oBAAI,IAAmD;AAExE,SAAS,QAAQ,QAAuD;AACtE,MAAI,CAAC,SAAS,IAAI,MAAM,GAAG;AACzB,UAAM,MAAM,IAAI,IAAI,MAAM;AAI1B,UAAM,UACJ,IAAI,aAAa,eACjB,IAAI,aAAa,eACjB,IAAI,aAAa;AAEnB,QAAI,IAAI,aAAa,YAAY,CAAC,SAAS;AACzC,YAAM,IAAI;AAAA,QACR,gDAAgD,MAAM;AAAA,MACxD;AAAA,IACF;AAEA,aAAS;AAAA,MACP;AAAA,MACA,mBAAmB,KAAK;AAAA,QACtB,aAAa,KAAK,KAAK;AAAA;AAAA,MACzB,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO,SAAS,IAAI,MAAM;AAC5B;AAsBA,eAAsB,qBACpB,OACA,UAA8B,CAAC,GACL;AAC1B,QAAM,UAAU,QAAQ,WAAW;AACnC,QAAM,OAAO,QAAQ,OAAO;AAE5B,QAAM,EAAE,QAAQ,IAAI,MAAM,UAAU,OAAO,MAAM;AAAA,IAC/C,QAAQ;AAAA;AAAA;AAAA;AAAA,IAIR,YAAY,CAAC,OAAO;AAAA,IACpB,gBAAgB,QAAQ,kBAAkB;AAAA,EAC5C,CAAC;AAGD,MAAI,QAAQ,gBAAgB,UAAU;AACpC,UAAM,IAAI;AAAA,MACR,mEACE,QAAQ,eAAe,WACzB;AAAA,IACF;AAAA,EACF;AACA,MAAI,OAAO,QAAQ,QAAQ,YAAY,QAAQ,IAAI,WAAW,GAAG;AAC/D,UAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AAEA,SAAO;AACT;;;AFrEA,IAAM,kBAAkB;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AACF;AAsBO,SAAS,0BACd,UAAsC,CAAC,GACvC;AACA,QAAM;AAAA,IACJ;AAAA,IACA,0BAA0B;AAAA,IAC1B,iBAAiB;AAAA,IACjB;AAAA,EACF,IAAI;AAEJ,SAAO,eAAe,oBACpB,SACuB;AAEvB,UAAM,iBAAiB,IAAI,QAAQ,QAAQ,OAAO;AAKlD,eAAW,QAAQ,iBAAiB;AAClC,qBAAe,OAAO,IAAI;AAAA,IAC5B;AAGA,QAAI,CAAC,eAAe,cAAc,GAAG;AACnC,aAAO,aAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AAAA,IACnE;AAGA,UAAM,QAAQ,aAAa,cAAc;AAEzC,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAGA,QAAI;AACJ,QAAI;AACF,eAAS,MAAM,qBAAqB,OAAO;AAAA,QACzC,GAAI,YAAY,UAAa,EAAE,QAAQ;AAAA,QACvC;AAAA,MACF,CAAC;AAAA,IACH,SAAS,KAAK;AAEZ,cAAQ;AAAA,QACN;AAAA,QACA,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MACjD;AACA,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAIA,mBAAe,IAAI,wBAAwB,MAAM;AACjD,mBAAe,IAAI,mBAAmB,OAAO,GAAG;AAEhD,mBAAe,IAAI,sBAAsB,KAAK,UAAU,MAAM,CAAC;AAE/D,WAAO,aAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AAAA,EACnE;AACF;AAIA,SAAS,aACP,SACA,gBACA,SACA,OACA,gBACc;AACd,MAAI,gBAAgB;AAClB,UAAM,SAAS,eAAe,SAAS,OAAO;AAC9C,QAAI,OAAQ,QAAO;AAAA,EACrB;AAEA,MAAI,OAAO;AACT,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,sBAAsB,QAAQ;AAAA,MACvC,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AAIA,iBAAe,IAAI,wBAAwB,OAAO;AAClD,SAAO,aAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AACnE;;;AGxGO,SAAS,mBAAmB,SAAuC;AACxE,QAAM,WAAW,QAAQ,QAAQ,IAAI,sBAAsB;AAE3D,MAAI,aAAa,QAAQ;AACvB,WAAO;AAAA,MACL,UAAU;AAAA,MACV,QAAQ,aAAa,UAAU,aAAa;AAAA,IAC9C;AAAA,EACF;AAEA,QAAM,aAAa,QAAQ,QAAQ,IAAI,oBAAoB;AAC3D,MAAI,CAAC,YAAY;AACf,WAAO,EAAE,UAAU,OAAO,QAAQ,gBAAgB;AAAA,EACpD;AAEA,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,UAAU;AACpC,WAAO,EAAE,UAAU,MAAM,OAAO;AAAA,EAClC,QAAQ;AACN,WAAO,EAAE,UAAU,OAAO,QAAQ,gBAAgB;AAAA,EACpD;AACF;","names":[]}
+{"version":3,"sources":["../src/middleware.ts","../src/detect.ts","../src/verify.ts","../src/index.ts"],"sourcesContent":["import { NextRequest, NextResponse } from \"next/server\";\nimport { isAgentRequest, extractToken } from \"./detect.js\";\nimport { verifyAgentIDToken } from \"./verify.js\";\nimport type { VerifierOptions, AgentIDClaims } from \"./types.js\";\n\nexport type AgentIDMiddlewareOptions = VerifierOptions & {\n  /**\n   * Optional callback invoked when an agent is detected but carries no\n   * valid token. Return a `NextResponse` to override the default 403.\n   */\n  onUnauthorizedAgent?: (\n    request: NextRequest,\n    reason: string\n  ) => NextResponse | void;\n};\n\n/**\n * Headers injected by this proxy into downstream route handlers.\n * They are stripped from the *incoming* request first to prevent spoofing.\n */\nconst MANAGED_HEADERS = [\n  \"x-agentid-verified\",\n  \"x-agentid-sub\",\n  \"x-agentid-claims\",\n] as const;\n\n/**\n * Factory that returns a Next.js proxy function which detects AI-agent\n * traffic and enforces AgentID JWT authentication.\n *\n * @example\n * ```ts\n * // proxy.ts (project root)\n * import { createAgentIDMiddleware } from '@agent-id/nextjs';\n *\n * const agentID = createAgentIDMiddleware({\n *   blockUnauthorizedAgents: true,\n * });\n *\n * export function proxy(request: NextRequest) {\n *   return agentID(request);\n * }\n *\n * export const config = { matcher: '/api/:path*' };\n * ```\n */\nexport function createAgentIDMiddleware(\n  options: AgentIDMiddlewareOptions = {}\n) {\n  const {\n    jwksUrl,\n    blockUnauthorizedAgents = true,\n    clockTolerance = 30,\n    onUnauthorizedAgent,\n  } = options;\n\n  return async function agentIDMiddleware(\n    request: NextRequest\n  ): Promise<NextResponse> {\n    // Clone incoming headers so we can safely mutate them.\n    const requestHeaders = new Headers(request.headers);\n\n    // ── Security: strip client-supplied AgentID headers ──────────────────\n    // Without this, a malicious agent could send x-agentid-verified: true\n    // and bypass the check in route handlers.\n    for (const name of MANAGED_HEADERS) {\n      requestHeaders.delete(name);\n    }\n\n    // ── Non-agent traffic ──────────────────────────────────────────────────\n    if (!isAgentRequest(requestHeaders)) {\n      return NextResponse.next({ request: { headers: requestHeaders } });\n    }\n\n    // ── Agent detected — require a valid JWT ───────────────────────────────\n    const token = extractToken(requestHeaders);\n\n    if (!token) {\n      return unauthorized(\n        request,\n        requestHeaders,\n        'Agent request missing AgentID token. Provide \"Authorization: Bearer <token>\".',\n        blockUnauthorizedAgents,\n        onUnauthorizedAgent\n      );\n    }\n\n    // ── Verify the JWT ─────────────────────────────────────────────────────\n    let claims: AgentIDClaims;\n    try {\n      claims = await verifyAgentIDToken(token, {\n        ...(jwksUrl !== undefined && { jwksUrl }),\n        clockTolerance,\n      });\n    } catch (err) {\n      // Never surface the raw error to the caller — it might leak internals.\n      console.warn(\n        \"[agent-id] Token verification failed:\",\n        err instanceof Error ? err.message : String(err)\n      );\n      return unauthorized(\n        request,\n        requestHeaders,\n        \"Invalid or expired AgentID token.\",\n        blockUnauthorizedAgents,\n        onUnauthorizedAgent\n      );\n    }\n\n    // ── Verified — inject identity into request headers ────────────────────\n    // Route handlers read these via getAgentIDResult(request).\n    requestHeaders.set(\"x-agentid-verified\", \"true\");\n    requestHeaders.set(\"x-agentid-sub\", claims.sub);\n    // Full claims encoded as JSON for type-safe extraction by helpers.\n    requestHeaders.set(\"x-agentid-claims\", JSON.stringify(claims));\n\n    return NextResponse.next({ request: { headers: requestHeaders } });\n  };\n}\n\n// ── Internal helper ──────────────────────────────────────────────────────────\n\nfunction unauthorized(\n  request: NextRequest,\n  requestHeaders: Headers,\n  message: string,\n  block: boolean,\n  onUnauthorized: AgentIDMiddlewareOptions[\"onUnauthorizedAgent\"]\n): NextResponse {\n  if (onUnauthorized) {\n    const custom = onUnauthorized(request, message);\n    if (custom) return custom;\n  }\n\n  if (block) {\n    return NextResponse.json(\n      { error: \"AGENT_UNAUTHORIZED\", message },\n      { status: 403 }\n    );\n  }\n\n  // Pass through with a \"not verified\" marker so route handlers can still\n  // distinguish agent traffic from human traffic.\n  requestHeaders.set(\"x-agentid-verified\", \"false\");\n  return NextResponse.next({ request: { headers: requestHeaders } });\n}\n","/**\n * Bot / AI-agent detection for Next.js (Edge Runtime compatible).\n *\n * Uses layered heuristics:\n *  1. Explicit bot / AI-agent User-Agent strings\n *  2. Cloudflare Bot Management score (if header is present)\n *  3. Absence of browser signals (no Accept-Language + non-browser UA)\n *\n * The detector is intentionally conservative — when in doubt it lets the\n * request through (fail open). A false negative (undetected bot) means the\n * request passes without a JWT check. A false positive (human flagged as bot)\n * would block legitimate traffic, which is much worse.\n */\n\nconst BOT_UA_PATTERNS: RegExp[] = [\n  // OpenAI\n  /GPTBot/i,\n  /ChatGPT-User/i,\n  /OAI-SearchBot/i,\n  // Anthropic / Claude\n  /ClaudeBot/i,\n  /Claude-Web/i,\n  /anthropic-ai/i,\n  /Claude-User/i,\n  // Google\n  /Googlebot/i,\n  /Google-Extended/i,\n  /AdsBot-Google/i,\n  // Microsoft / Bing\n  /bingbot/i,\n  /msnbot/i,\n  // AI search engines\n  /PerplexityBot/i,\n  /YouBot/i,\n  // Common HTTP automation libraries\n  /python-requests/i,\n  /node-fetch/i,\n  /\\baxios\\b/i,\n  /\\bgot\\b\\//i,\n  /\\bundici\\b/i,\n  /\\bcurl\\b/i,\n  /\\bwget\\b/i,\n  /\\bhttpie\\b/i,\n  // Generic crawler signals (word-boundary matched to reduce false positives)\n  /\\bbot\\b/i,\n  /\\bcrawler\\b/i,\n  /\\bspider\\b/i,\n  /\\bscraper\\b/i,\n  /\\bfetcher\\b/i,\n  // MCP / AgentID clients\n  /mcp-client/i,\n  /agentid-client/i,\n];\n\n// Every major browser includes \"Mozilla/5.0\" — its absence is a strong signal\nconst BROWSER_UA_RE = /Mozilla\\/5\\.0/i;\n\n/**\n * Returns `true` if the request appears to originate from an automated\n * agent or bot rather than a human browser.\n *\n * @param headers - The `Headers` object from a Next.js `NextRequest`\n */\nexport function isAgentRequest(headers: Headers): boolean {\n  const ua = headers.get(\"user-agent\") ?? \"\";\n\n  // No User-Agent → definitely automated\n  if (!ua) return true;\n\n  // Explicit bot / agent UA match\n  if (BOT_UA_PATTERNS.some((p) => p.test(ua))) return true;\n\n  // Cloudflare Bot Management: the `cf-bot-management` header contains a\n  // JSON blob with a `score` field (0–100). Score < 30 → highly likely bot.\n  const cfRaw = headers.get(\"cf-bot-management\");\n  if (cfRaw) {\n    try {\n      const parsed = JSON.parse(cfRaw) as { score?: unknown };\n      if (typeof parsed.score === \"number\" && parsed.score < 30) return true;\n    } catch {\n      // Malformed header — fail open (pass through)\n    }\n  }\n\n  // Heuristic: non-browser UA + no Accept-Language → likely automated\n  if (!BROWSER_UA_RE.test(ua) && !headers.get(\"accept-language\")) return true;\n\n  return false;\n}\n\n/**\n * Extract the AgentID JWT from request headers.\n *\n * Checks in order:\n *  1. `Authorization: Bearer <token>` (preferred)\n *  2. `X-AgentID-Token` (fallback when Authorization is stripped by proxies)\n *\n * @returns The raw JWT string, or `null` if absent.\n */\nexport function extractToken(headers: Headers): string | null {\n  // Primary: standard Authorization header\n  const auth = headers.get(\"authorization\") ?? \"\";\n  if (auth.startsWith(\"Bearer \")) {\n    const token = auth.slice(7).trim();\n    if (token) return token;\n  }\n\n  // Fallback: custom header\n  const custom = headers.get(\"x-agentid-token\")?.trim();\n  if (custom) return custom;\n\n  return null;\n}\n","import { createRemoteJWKSet, jwtVerify } from \"jose\";\nimport type { AgentIDClaims } from \"./types.js\";\n\nconst DEFAULT_JWKS_URL = \"https://agentidapp.vercel.app/api/jwks\";\n\n/**\n * Module-level JWKS cache — one RemoteJWKSet instance per unique URL.\n * jose caches the fetched key material internally; re-fetches when the\n * cache TTL (1 h) expires or a new `kid` is seen.\n */\nconst jwksSets = new Map<string, ReturnType<typeof createRemoteJWKSet>>();\n\nfunction getJwks(rawUrl: string): ReturnType<typeof createRemoteJWKSet> {\n  if (!jwksSets.has(rawUrl)) {\n    const url = new URL(rawUrl); // throws on malformed URL\n\n    // Security: HTTPS is mandatory to prevent MITM on the public-key fetch.\n    // Localhost is whitelisted for local development / CI.\n    const isLocal =\n      url.hostname === \"localhost\" ||\n      url.hostname === \"127.0.0.1\" ||\n      url.hostname === \"::1\";\n\n    if (url.protocol !== \"https:\" && !isLocal) {\n      throw new Error(\n        `[agent-id] jwksUrl must use HTTPS, received: ${rawUrl}`\n      );\n    }\n\n    jwksSets.set(\n      rawUrl,\n      createRemoteJWKSet(url, {\n        cacheMaxAge: 60 * 60 * 1_000, // 1 hour in ms\n      })\n    );\n  }\n\n  return jwksSets.get(rawUrl)!;\n}\n\nexport interface VerifyTokenOptions {\n  jwksUrl?: string;\n  clockTolerance?: number;\n}\n\n/**\n * Verify an AgentID JWT and return its decoded claims.\n *\n * Security guarantees\n * ───────────────────\n * • Signature   — RS256, verified against the live JWKS public key.\n * • Algorithm   — strict allowlist `['RS256']`; alg:none and HS256 are\n *                 rejected before signature verification even begins.\n * • Issuer      — must be exactly \"agentid\".\n * • Expiry      — enforced; configurable clock tolerance (default 30 s).\n * • kid         — jose matches the JWT `kid` header to the JWKS automatically.\n * • auth_method — validated at runtime; must equal \"bankid\".\n *\n * @throws if the token is invalid, expired, or fails any check.\n */\nexport async function verifyAgentIDToken(\n  token: string,\n  options: VerifyTokenOptions = {}\n): Promise<AgentIDClaims> {\n  const jwksUrl = options.jwksUrl ?? DEFAULT_JWKS_URL;\n  const JWKS = getJwks(jwksUrl);\n\n  const { payload } = await jwtVerify(token, JWKS, {\n    issuer: \"agentid\",\n    // ↓ Critical — explicit allowlist prevents algorithm-confusion attacks.\n    //   Any token claiming alg:\"none\", alg:\"HS256\", or anything else is\n    //   rejected before signature verification.\n    algorithms: [\"RS256\"],\n    clockTolerance: options.clockTolerance ?? 30,\n  });\n\n  // Runtime validation of AgentID-specific claims.\n  if (payload.auth_method !== \"bankid\") {\n    throw new Error(\n      `[agent-id] JWT has invalid auth_method: expected \"bankid\", got \"${\n        payload.auth_method ?? \"undefined\"\n      }\"`\n    );\n  }\n  if (typeof payload.sub !== \"string\" || payload.sub.length === 0) {\n    throw new Error(\"[agent-id] JWT is missing the sub claim\");\n  }\n\n  return payload as unknown as AgentIDClaims;\n}\n","export { createAgentIDMiddleware } from \"./middleware.js\";\nexport type { AgentIDMiddlewareOptions } from \"./middleware.js\";\n\nexport { verifyAgentIDToken } from \"./verify.js\";\nexport type { VerifyTokenOptions } from \"./verify.js\";\n\nexport { isAgentRequest, extractToken } from \"./detect.js\";\n\nexport type {\n  AgentIDClaims,\n  AgentIDResult,\n  AgentIDVerified,\n  AgentIDUnverified,\n  VerifierOptions,\n} from \"./types.js\";\n\n// ── App Router helper ────────────────────────────────────────────────────────\n\nimport type { NextRequest } from \"next/server\";\nimport type { AgentIDResult, AgentIDClaims } from \"./types.js\";\n\n/**\n * Extract the verified AgentID identity from a Next.js App Router request.\n *\n * This function reads the headers set by `createAgentIDMiddleware`. It must\n * only be called from route handlers that sit behind the proxy.\n *\n * @example\n * ```ts\n * // app/api/data/route.ts\n * import { getAgentIDResult } from '@agent-id/nextjs';\n *\n * export async function GET(request: NextRequest) {\n *   const agent = getAgentIDResult(request);\n *   if (!agent.verified) {\n *     return Response.json({ error: 'Unauthorized' }, { status: 403 });\n *   }\n *   return Response.json({ sub: agent.claims.sub });\n * }\n * ```\n */\nexport function getAgentIDResult(request: NextRequest): AgentIDResult {\n  const verified = request.headers.get(\"x-agentid-verified\");\n\n  if (verified !== \"true\") {\n    return {\n      verified: false,\n      reason: verified === \"false\" ? \"no_token\" : \"not_agent\",\n    };\n  }\n\n  const claimsJson = request.headers.get(\"x-agentid-claims\");\n  if (!claimsJson) {\n    return { verified: false, reason: \"invalid_token\" };\n  }\n\n  try {\n    const claims = JSON.parse(claimsJson) as AgentIDClaims;\n    return { verified: true, claims };\n  } catch {\n    return { verified: false, reason: \"invalid_token\" };\n  }\n}\n"],"mappings":";AAAA,SAAsB,oBAAoB;;;ACc1C,IAAM,kBAA4B;AAAA;AAAA,EAEhC;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA;AAAA,EAEA;AAAA,EACA;AACF;AAGA,IAAM,gBAAgB;AAQf,SAAS,eAAe,SAA2B;AACxD,QAAM,KAAK,QAAQ,IAAI,YAAY,KAAK;AAGxC,MAAI,CAAC,GAAI,QAAO;AAGhB,MAAI,gBAAgB,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAG,QAAO;AAIpD,QAAM,QAAQ,QAAQ,IAAI,mBAAmB;AAC7C,MAAI,OAAO;AACT,QAAI;AACF,YAAM,SAAS,KAAK,MAAM,KAAK;AAC/B,UAAI,OAAO,OAAO,UAAU,YAAY,OAAO,QAAQ,GAAI,QAAO;AAAA,IACpE,QAAQ;AAAA,IAER;AAAA,EACF;AAGA,MAAI,CAAC,cAAc,KAAK,EAAE,KAAK,CAAC,QAAQ,IAAI,iBAAiB,EAAG,QAAO;AAEvE,SAAO;AACT;AAWO,SAAS,aAAa,SAAiC;AAE5D,QAAM,OAAO,QAAQ,IAAI,eAAe,KAAK;AAC7C,MAAI,KAAK,WAAW,SAAS,GAAG;AAC9B,UAAM,QAAQ,KAAK,MAAM,CAAC,EAAE,KAAK;AACjC,QAAI,MAAO,QAAO;AAAA,EACpB;AAGA,QAAM,SAAS,QAAQ,IAAI,iBAAiB,GAAG,KAAK;AACpD,MAAI,OAAQ,QAAO;AAEnB,SAAO;AACT;;;AChHA,SAAS,oBAAoB,iBAAiB;AAG9C,IAAM,mBAAmB;AAOzB,IAAM,WAAW,oBAAI,IAAmD;AAExE,SAAS,QAAQ,QAAuD;AACtE,MAAI,CAAC,SAAS,IAAI,MAAM,GAAG;AACzB,UAAM,MAAM,IAAI,IAAI,MAAM;AAI1B,UAAM,UACJ,IAAI,aAAa,eACjB,IAAI,aAAa,eACjB,IAAI,aAAa;AAEnB,QAAI,IAAI,aAAa,YAAY,CAAC,SAAS;AACzC,YAAM,IAAI;AAAA,QACR,gDAAgD,MAAM;AAAA,MACxD;AAAA,IACF;AAEA,aAAS;AAAA,MACP;AAAA,MACA,mBAAmB,KAAK;AAAA,QACtB,aAAa,KAAK,KAAK;AAAA;AAAA,MACzB,CAAC;AAAA,IACH;AAAA,EACF;AAEA,SAAO,SAAS,IAAI,MAAM;AAC5B;AAsBA,eAAsB,mBACpB,OACA,UAA8B,CAAC,GACP;AACxB,QAAM,UAAU,QAAQ,WAAW;AACnC,QAAM,OAAO,QAAQ,OAAO;AAE5B,QAAM,EAAE,QAAQ,IAAI,MAAM,UAAU,OAAO,MAAM;AAAA,IAC/C,QAAQ;AAAA;AAAA;AAAA;AAAA,IAIR,YAAY,CAAC,OAAO;AAAA,IACpB,gBAAgB,QAAQ,kBAAkB;AAAA,EAC5C,CAAC;AAGD,MAAI,QAAQ,gBAAgB,UAAU;AACpC,UAAM,IAAI;AAAA,MACR,mEACE,QAAQ,eAAe,WACzB;AAAA,IACF;AAAA,EACF;AACA,MAAI,OAAO,QAAQ,QAAQ,YAAY,QAAQ,IAAI,WAAW,GAAG;AAC/D,UAAM,IAAI,MAAM,yCAAyC;AAAA,EAC3D;AAEA,SAAO;AACT;;;AFrEA,IAAM,kBAAkB;AAAA,EACtB;AAAA,EACA;AAAA,EACA;AACF;AAsBO,SAAS,wBACd,UAAoC,CAAC,GACrC;AACA,QAAM;AAAA,IACJ;AAAA,IACA,0BAA0B;AAAA,IAC1B,iBAAiB;AAAA,IACjB;AAAA,EACF,IAAI;AAEJ,SAAO,eAAe,kBACpB,SACuB;AAEvB,UAAM,iBAAiB,IAAI,QAAQ,QAAQ,OAAO;AAKlD,eAAW,QAAQ,iBAAiB;AAClC,qBAAe,OAAO,IAAI;AAAA,IAC5B;AAGA,QAAI,CAAC,eAAe,cAAc,GAAG;AACnC,aAAO,aAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AAAA,IACnE;AAGA,UAAM,QAAQ,aAAa,cAAc;AAEzC,QAAI,CAAC,OAAO;AACV,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAGA,QAAI;AACJ,QAAI;AACF,eAAS,MAAM,mBAAmB,OAAO;AAAA,QACvC,GAAI,YAAY,UAAa,EAAE,QAAQ;AAAA,QACvC;AAAA,MACF,CAAC;AAAA,IACH,SAAS,KAAK;AAEZ,cAAQ;AAAA,QACN;AAAA,QACA,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAAA,MACjD;AACA,aAAO;AAAA,QACL;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,IACF;AAIA,mBAAe,IAAI,sBAAsB,MAAM;AAC/C,mBAAe,IAAI,iBAAiB,OAAO,GAAG;AAE9C,mBAAe,IAAI,oBAAoB,KAAK,UAAU,MAAM,CAAC;AAE7D,WAAO,aAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AAAA,EACnE;AACF;AAIA,SAAS,aACP,SACA,gBACA,SACA,OACA,gBACc;AACd,MAAI,gBAAgB;AAClB,UAAM,SAAS,eAAe,SAAS,OAAO;AAC9C,QAAI,OAAQ,QAAO;AAAA,EACrB;AAEA,MAAI,OAAO;AACT,WAAO,aAAa;AAAA,MAClB,EAAE,OAAO,sBAAsB,QAAQ;AAAA,MACvC,EAAE,QAAQ,IAAI;AAAA,IAChB;AAAA,EACF;AAIA,iBAAe,IAAI,sBAAsB,OAAO;AAChD,SAAO,aAAa,KAAK,EAAE,SAAS,EAAE,SAAS,eAAe,EAAE,CAAC;AACnE;;;AGxGO,SAAS,iBAAiB,SAAqC;AACpE,QAAM,WAAW,QAAQ,QAAQ,IAAI,oBAAoB;AAEzD,MAAI,aAAa,QAAQ;AACvB,WAAO;AAAA,MACL,UAAU;AAAA,MACV,QAAQ,aAAa,UAAU,aAAa;AAAA,IAC9C;AAAA,EACF;AAEA,QAAM,aAAa,QAAQ,QAAQ,IAAI,kBAAkB;AACzD,MAAI,CAAC,YAAY;AACf,WAAO,EAAE,UAAU,OAAO,QAAQ,gBAAgB;AAAA,EACpD;AAEA,MAAI;AACF,UAAM,SAAS,KAAK,MAAM,UAAU;AACpC,WAAO,EAAE,UAAU,MAAM,OAAO;AAAA,EAClC,QAAQ;AACN,WAAO,EAAE,UAAU,OAAO,QAAQ,gBAAgB;AAAA,EACpD;AACF;","names":[]}

package/package.json

@@ -1,8 +1,8 @@
 {
   "name": "@agent-id/nextjs",
-  "version": "0.1.0",
+  "version": "0.1.2",
   "description": "Agent-ID verifier middleware for Next.js — blocks unauthorized AI agents from your API routes",
-  "keywords": ["agent-id", "agentpass", "bankid", "jwt", "nextjs", "middleware", "ai-agent", "mcp", "bot-detection"],
+  "keywords": ["agent-id", "bankid", "jwt", "nextjs", "middleware", "ai-agent", "mcp", "bot-detection"],
   "license": "MIT",
   "main": "./dist/index.cjs",
   "module": "./dist/index.js",