@agent-score/commerce 1.5.1 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +27 -15
- package/dist/challenge/index.js.map +1 -1
- package/dist/challenge/index.mjs.map +1 -1
- package/dist/core.d.mts +36 -27
- package/dist/core.d.ts +36 -27
- package/dist/core.js +1 -1
- package/dist/core.js.map +1 -1
- package/dist/core.mjs +1 -1
- package/dist/core.mjs.map +1 -1
- package/dist/identity/express.d.mts +2 -2
- package/dist/identity/express.d.ts +2 -2
- package/dist/identity/express.js +1 -1
- package/dist/identity/express.js.map +1 -1
- package/dist/identity/express.mjs +1 -1
- package/dist/identity/express.mjs.map +1 -1
- package/dist/identity/fastify.d.mts +2 -2
- package/dist/identity/fastify.d.ts +2 -2
- package/dist/identity/fastify.js +1 -1
- package/dist/identity/fastify.js.map +1 -1
- package/dist/identity/fastify.mjs +1 -1
- package/dist/identity/fastify.mjs.map +1 -1
- package/dist/identity/hono.d.mts +2 -2
- package/dist/identity/hono.d.ts +2 -2
- package/dist/identity/hono.js +1 -1
- package/dist/identity/hono.js.map +1 -1
- package/dist/identity/hono.mjs +1 -1
- package/dist/identity/hono.mjs.map +1 -1
- package/dist/identity/nextjs.d.mts +2 -2
- package/dist/identity/nextjs.d.ts +2 -2
- package/dist/identity/nextjs.js +1 -1
- package/dist/identity/nextjs.js.map +1 -1
- package/dist/identity/nextjs.mjs +1 -1
- package/dist/identity/nextjs.mjs.map +1 -1
- package/dist/identity/policy.d.mts +3 -3
- package/dist/identity/policy.d.ts +3 -3
- package/dist/identity/policy.js +3 -3
- package/dist/identity/policy.js.map +1 -1
- package/dist/identity/policy.mjs +2 -2
- package/dist/identity/policy.mjs.map +1 -1
- package/dist/identity/web.d.mts +3 -3
- package/dist/identity/web.d.ts +3 -3
- package/dist/identity/web.js +1 -1
- package/dist/identity/web.js.map +1 -1
- package/dist/identity/web.mjs +1 -1
- package/dist/identity/web.mjs.map +1 -1
- package/dist/index.d.mts +286 -130
- package/dist/index.d.ts +286 -130
- package/dist/index.js +130 -72
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +124 -69
- package/dist/index.mjs.map +1 -1
- package/package.json +2 -2
|
@@ -18,7 +18,7 @@ import { DenialReason, AgentScoreCoreOptions } from '../core.js';
|
|
|
18
18
|
* This module ships three primitives:
|
|
19
19
|
*
|
|
20
20
|
* 1. {@link PolicyBlock} — the typed shape.
|
|
21
|
-
* 2. {@link
|
|
21
|
+
* 2. {@link buildGateOptionsFromPolicy} — translate a block into the options object the
|
|
22
22
|
* per-framework `agentscoreGate(...)` accepts. Returns `null` when the policy
|
|
23
23
|
* has no enforcement (treat as "no gate; anonymous OK").
|
|
24
24
|
* 3. {@link runGateWithEnforcement} — wrap a per-framework middleware in the
|
|
@@ -71,7 +71,7 @@ interface GateResult {
|
|
|
71
71
|
* when the policy varies per resource (e.g. per product). Each adapter's gate
|
|
72
72
|
* is cheap to instantiate.
|
|
73
73
|
*/
|
|
74
|
-
declare function
|
|
74
|
+
declare function buildGateOptionsFromPolicy(policy: PolicyBlock | null | undefined, base: {
|
|
75
75
|
apiKey: string;
|
|
76
76
|
baseUrl?: string;
|
|
77
77
|
}): AgentScoreCoreOptions | null;
|
|
@@ -111,4 +111,4 @@ declare function shippingCountryAllowed(country: string, policy: PolicyBlock | n
|
|
|
111
111
|
*/
|
|
112
112
|
declare function shippingStateAllowed(state: string, country: string, policy: PolicyBlock | null | undefined): boolean;
|
|
113
113
|
|
|
114
|
-
export { type EnforcementMode, type GateResult, type IdentityStatus, type PolicyBlock,
|
|
114
|
+
export { type EnforcementMode, type GateResult, type IdentityStatus, type PolicyBlock, buildGateOptionsFromPolicy, runGateWithEnforcement, shippingCountryAllowed, shippingStateAllowed };
|
package/dist/identity/policy.js
CHANGED
|
@@ -20,13 +20,13 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
|
|
|
20
20
|
// src/identity/policy.ts
|
|
21
21
|
var policy_exports = {};
|
|
22
22
|
__export(policy_exports, {
|
|
23
|
-
|
|
23
|
+
buildGateOptionsFromPolicy: () => buildGateOptionsFromPolicy,
|
|
24
24
|
runGateWithEnforcement: () => runGateWithEnforcement,
|
|
25
25
|
shippingCountryAllowed: () => shippingCountryAllowed,
|
|
26
26
|
shippingStateAllowed: () => shippingStateAllowed
|
|
27
27
|
});
|
|
28
28
|
module.exports = __toCommonJS(policy_exports);
|
|
29
|
-
function
|
|
29
|
+
function buildGateOptionsFromPolicy(policy, base) {
|
|
30
30
|
if (!policy || !policy.enforcement) return null;
|
|
31
31
|
return {
|
|
32
32
|
apiKey: base.apiKey,
|
|
@@ -73,7 +73,7 @@ function shippingStateAllowed(state, country, policy) {
|
|
|
73
73
|
}
|
|
74
74
|
// Annotate the CommonJS export names for ESM import in node:
|
|
75
75
|
0 && (module.exports = {
|
|
76
|
-
|
|
76
|
+
buildGateOptionsFromPolicy,
|
|
77
77
|
runGateWithEnforcement,
|
|
78
78
|
shippingCountryAllowed,
|
|
79
79
|
shippingStateAllowed
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/identity/policy.ts"],"sourcesContent":["/**\n * Per-product / per-tier compliance policy helpers.\n *\n * A *policy* is a small bag of fields describing what identity the merchant wants\n * verified for a given resource:\n *\n * - `enforcement`: `\"hard\"` (today's wine path — 403 on miss) or `\"soft\"` (gate\n * denial is swallowed; the order completes with a degraded `identity_status`).\n * `null` / absent = no gate at all.\n * - `requireKyc` / `requireSanctionsClear` / `minAge`: passed through to the\n * per-framework `agentscoreGate(...)` factory.\n * - `allowedJurisdictions`: buyer-verified country list (`[\"US\", \"CA\", ...]`).\n * - `allowedShippingCountries` / `allowedShippingStates`: optional shipping\n * allowlists. State list is only enforced for US shipments.\n *\n * This module ships three primitives:\n *\n * 1. {@link PolicyBlock} — the typed shape.\n * 2. {@link
|
|
1
|
+
{"version":3,"sources":["../../src/identity/policy.ts"],"sourcesContent":["/**\n * Per-product / per-tier compliance policy helpers.\n *\n * A *policy* is a small bag of fields describing what identity the merchant wants\n * verified for a given resource:\n *\n * - `enforcement`: `\"hard\"` (today's wine path — 403 on miss) or `\"soft\"` (gate\n * denial is swallowed; the order completes with a degraded `identity_status`).\n * `null` / absent = no gate at all.\n * - `requireKyc` / `requireSanctionsClear` / `minAge`: passed through to the\n * per-framework `agentscoreGate(...)` factory.\n * - `allowedJurisdictions`: buyer-verified country list (`[\"US\", \"CA\", ...]`).\n * - `allowedShippingCountries` / `allowedShippingStates`: optional shipping\n * allowlists. State list is only enforced for US shipments.\n *\n * This module ships three primitives:\n *\n * 1. {@link PolicyBlock} — the typed shape.\n * 2. {@link buildGateOptionsFromPolicy} — translate a block into the options object the\n * per-framework `agentscoreGate(...)` accepts. Returns `null` when the policy\n * has no enforcement (treat as \"no gate; anonymous OK\").\n * 3. {@link runGateWithEnforcement} — wrap a per-framework middleware in the\n * hard/soft enforcement runner. The middleware is given an `onDenied` shim\n * that captures the denial body and status; the runner returns a structured\n * {@link GateResult} so the vendor decides how to surface it.\n *\n * All three are additive — vendors using `agentscoreGate(...)` directly are\n * unaffected.\n */\n\nimport type { AgentScoreCoreOptions, DenialReason } from '../core.js';\n\n/** Hard = 403 propagates; soft = swallowed + identity_status=\"unverified\". */\nexport type EnforcementMode = 'hard' | 'soft';\n\n/** Per-order trust level captured at settle time. */\nexport type IdentityStatus = 'verified' | 'unverified' | 'anonymous' | 'denied';\n\n/** Compliance fields a merchant attaches per product / per tier. All optional. */\nexport interface PolicyBlock {\n enforcement?: EnforcementMode;\n requireKyc?: boolean;\n requireSanctionsClear?: boolean;\n minAge?: number;\n allowedJurisdictions?: readonly string[];\n allowedShippingCountries?: readonly string[];\n allowedShippingStates?: readonly string[];\n}\n\n/**\n * Outcome of running a gate under an enforcement mode.\n *\n * - `verified`: gate accepted; identity is fully verified for the policy.\n * - `unverified`: soft mode swallowed a gate denial; the agent had *some*\n * identity but didn't meet the policy. Stamp this on the order so\n * ops/analytics can tell apart soft passes from hard passes.\n * - `anonymous`: no gate ran (policy was null / no enforcement).\n * - `denied`: hard mode rejected; the caller must propagate the 403. The\n * `denialBody` and `denialStatus` carry the original gate response so the\n * caller can return it as-is.\n */\nexport interface GateResult {\n status: IdentityStatus;\n denialStatus?: number;\n denialBody?: Record<string, unknown>;\n denialReason?: DenialReason;\n}\n\n/**\n * Translate a {@link PolicyBlock} into the options the per-framework\n * `agentscoreGate(...)` expects. Returns `null` when the block has no\n * `enforcement` set — the caller should treat that as \"no gate; anonymous OK\".\n *\n * Use a fresh gate per request rather than constructing once at module scope\n * when the policy varies per resource (e.g. per product). Each adapter's gate\n * is cheap to instantiate.\n */\nexport function buildGateOptionsFromPolicy(\n policy: PolicyBlock | null | undefined,\n base: { apiKey: string; baseUrl?: string },\n): AgentScoreCoreOptions | null {\n if (!policy || !policy.enforcement) return null;\n return {\n apiKey: base.apiKey,\n ...(base.baseUrl !== undefined && { baseUrl: base.baseUrl }),\n ...(policy.requireKyc !== undefined && { requireKyc: policy.requireKyc }),\n ...(policy.requireSanctionsClear !== undefined && {\n requireSanctionsClear: policy.requireSanctionsClear,\n }),\n ...(policy.minAge !== undefined && { minAge: policy.minAge }),\n ...(policy.allowedJurisdictions !== undefined && {\n allowedJurisdictions: [...policy.allowedJurisdictions],\n }),\n };\n}\n\n/**\n * Run a per-framework gate middleware respecting the enforcement mode.\n *\n * The vendor passes:\n * - `gate`: their framework's middleware (Hono `MiddlewareHandler`, Express\n * `(req, res, next) => void`, etc.) — anything that resolves on accept and\n * throws or returns a `Response` on deny.\n * - `runGate`: a thin adapter that calls the middleware with the framework\n * context and returns either `{ ok: true }` (gate accepted) or\n * `{ ok: false, status, body, reason? }` (gate denied with details).\n *\n * `runGateWithEnforcement` wraps that in the hard/soft split:\n *\n * - `gate=null` or `enforcement=null`: no gate fires; status=\"anonymous\".\n * - `enforcement=\"hard\"` + denied: status=\"denied\"; caller propagates denialStatus + denialBody.\n * - `enforcement=\"soft\"` + denied: swallow; status=\"unverified\".\n * - accepted: status=\"verified\".\n */\nexport async function runGateWithEnforcement(\n enforcement: EnforcementMode | undefined,\n runGate: (() => Promise<{ ok: true } | { ok: false; status: number; body: Record<string, unknown>; reason?: DenialReason }>) | null,\n): Promise<GateResult> {\n if (!runGate || !enforcement) return { status: 'anonymous' };\n\n const outcome = await runGate();\n if (outcome.ok) return { status: 'verified' };\n\n if (enforcement === 'hard') {\n return {\n status: 'denied',\n denialStatus: outcome.status,\n denialBody: outcome.body,\n ...(outcome.reason !== undefined && { denialReason: outcome.reason }),\n };\n }\n return {\n status: 'unverified',\n denialStatus: outcome.status,\n denialBody: outcome.body,\n ...(outcome.reason !== undefined && { denialReason: outcome.reason }),\n };\n}\n\n/** NULL policy / NULL allowlist → ship anywhere. Otherwise country must be in the list. */\nexport function shippingCountryAllowed(country: string, policy: PolicyBlock | null | undefined): boolean {\n if (!policy?.allowedShippingCountries || policy.allowedShippingCountries.length === 0) return true;\n const allowed = new Set(policy.allowedShippingCountries.map((c) => c.toUpperCase()));\n return allowed.has(country.toUpperCase());\n}\n\n/**\n * US-state allowlist (e.g. wine).\n *\n * Only enforced for US shipments — non-US shipments are governed by\n * {@link shippingCountryAllowed} independently.\n */\nexport function shippingStateAllowed(\n state: string,\n country: string,\n policy: PolicyBlock | null | undefined,\n): boolean {\n if (!policy?.allowedShippingStates || policy.allowedShippingStates.length === 0) return true;\n if (country.toUpperCase() !== 'US') return true;\n const allowed = new Set(policy.allowedShippingStates.map((s) => s.toUpperCase()));\n return allowed.has(state.toUpperCase());\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA6EO,SAAS,2BACd,QACA,MAC8B;AAC9B,MAAI,CAAC,UAAU,CAAC,OAAO,YAAa,QAAO;AAC3C,SAAO;AAAA,IACL,QAAQ,KAAK;AAAA,IACb,GAAI,KAAK,YAAY,UAAa,EAAE,SAAS,KAAK,QAAQ;AAAA,IAC1D,GAAI,OAAO,eAAe,UAAa,EAAE,YAAY,OAAO,WAAW;AAAA,IACvE,GAAI,OAAO,0BAA0B,UAAa;AAAA,MAChD,uBAAuB,OAAO;AAAA,IAChC;AAAA,IACA,GAAI,OAAO,WAAW,UAAa,EAAE,QAAQ,OAAO,OAAO;AAAA,IAC3D,GAAI,OAAO,yBAAyB,UAAa;AAAA,MAC/C,sBAAsB,CAAC,GAAG,OAAO,oBAAoB;AAAA,IACvD;AAAA,EACF;AACF;AAoBA,eAAsB,uBACpB,aACA,SACqB;AACrB,MAAI,CAAC,WAAW,CAAC,YAAa,QAAO,EAAE,QAAQ,YAAY;AAE3D,QAAM,UAAU,MAAM,QAAQ;AAC9B,MAAI,QAAQ,GAAI,QAAO,EAAE,QAAQ,WAAW;AAE5C,MAAI,gBAAgB,QAAQ;AAC1B,WAAO;AAAA,MACL,QAAQ;AAAA,MACR,cAAc,QAAQ;AAAA,MACtB,YAAY,QAAQ;AAAA,MACpB,GAAI,QAAQ,WAAW,UAAa,EAAE,cAAc,QAAQ,OAAO;AAAA,IACrE;AAAA,EACF;AACA,SAAO;AAAA,IACL,QAAQ;AAAA,IACR,cAAc,QAAQ;AAAA,IACtB,YAAY,QAAQ;AAAA,IACpB,GAAI,QAAQ,WAAW,UAAa,EAAE,cAAc,QAAQ,OAAO;AAAA,EACrE;AACF;AAGO,SAAS,uBAAuB,SAAiB,QAAiD;AACvG,MAAI,CAAC,QAAQ,4BAA4B,OAAO,yBAAyB,WAAW,EAAG,QAAO;AAC9F,QAAM,UAAU,IAAI,IAAI,OAAO,yBAAyB,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;AACnF,SAAO,QAAQ,IAAI,QAAQ,YAAY,CAAC;AAC1C;AAQO,SAAS,qBACd,OACA,SACA,QACS;AACT,MAAI,CAAC,QAAQ,yBAAyB,OAAO,sBAAsB,WAAW,EAAG,QAAO;AACxF,MAAI,QAAQ,YAAY,MAAM,KAAM,QAAO;AAC3C,QAAM,UAAU,IAAI,IAAI,OAAO,sBAAsB,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;AAChF,SAAO,QAAQ,IAAI,MAAM,YAAY,CAAC;AACxC;","names":[]}
|
package/dist/identity/policy.mjs
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
// src/identity/policy.ts
|
|
2
|
-
function
|
|
2
|
+
function buildGateOptionsFromPolicy(policy, base) {
|
|
3
3
|
if (!policy || !policy.enforcement) return null;
|
|
4
4
|
return {
|
|
5
5
|
apiKey: base.apiKey,
|
|
@@ -45,7 +45,7 @@ function shippingStateAllowed(state, country, policy) {
|
|
|
45
45
|
return allowed.has(state.toUpperCase());
|
|
46
46
|
}
|
|
47
47
|
export {
|
|
48
|
-
|
|
48
|
+
buildGateOptionsFromPolicy,
|
|
49
49
|
runGateWithEnforcement,
|
|
50
50
|
shippingCountryAllowed,
|
|
51
51
|
shippingStateAllowed
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/identity/policy.ts"],"sourcesContent":["/**\n * Per-product / per-tier compliance policy helpers.\n *\n * A *policy* is a small bag of fields describing what identity the merchant wants\n * verified for a given resource:\n *\n * - `enforcement`: `\"hard\"` (today's wine path — 403 on miss) or `\"soft\"` (gate\n * denial is swallowed; the order completes with a degraded `identity_status`).\n * `null` / absent = no gate at all.\n * - `requireKyc` / `requireSanctionsClear` / `minAge`: passed through to the\n * per-framework `agentscoreGate(...)` factory.\n * - `allowedJurisdictions`: buyer-verified country list (`[\"US\", \"CA\", ...]`).\n * - `allowedShippingCountries` / `allowedShippingStates`: optional shipping\n * allowlists. State list is only enforced for US shipments.\n *\n * This module ships three primitives:\n *\n * 1. {@link PolicyBlock} — the typed shape.\n * 2. {@link
|
|
1
|
+
{"version":3,"sources":["../../src/identity/policy.ts"],"sourcesContent":["/**\n * Per-product / per-tier compliance policy helpers.\n *\n * A *policy* is a small bag of fields describing what identity the merchant wants\n * verified for a given resource:\n *\n * - `enforcement`: `\"hard\"` (today's wine path — 403 on miss) or `\"soft\"` (gate\n * denial is swallowed; the order completes with a degraded `identity_status`).\n * `null` / absent = no gate at all.\n * - `requireKyc` / `requireSanctionsClear` / `minAge`: passed through to the\n * per-framework `agentscoreGate(...)` factory.\n * - `allowedJurisdictions`: buyer-verified country list (`[\"US\", \"CA\", ...]`).\n * - `allowedShippingCountries` / `allowedShippingStates`: optional shipping\n * allowlists. State list is only enforced for US shipments.\n *\n * This module ships three primitives:\n *\n * 1. {@link PolicyBlock} — the typed shape.\n * 2. {@link buildGateOptionsFromPolicy} — translate a block into the options object the\n * per-framework `agentscoreGate(...)` accepts. Returns `null` when the policy\n * has no enforcement (treat as \"no gate; anonymous OK\").\n * 3. {@link runGateWithEnforcement} — wrap a per-framework middleware in the\n * hard/soft enforcement runner. The middleware is given an `onDenied` shim\n * that captures the denial body and status; the runner returns a structured\n * {@link GateResult} so the vendor decides how to surface it.\n *\n * All three are additive — vendors using `agentscoreGate(...)` directly are\n * unaffected.\n */\n\nimport type { AgentScoreCoreOptions, DenialReason } from '../core.js';\n\n/** Hard = 403 propagates; soft = swallowed + identity_status=\"unverified\". */\nexport type EnforcementMode = 'hard' | 'soft';\n\n/** Per-order trust level captured at settle time. */\nexport type IdentityStatus = 'verified' | 'unverified' | 'anonymous' | 'denied';\n\n/** Compliance fields a merchant attaches per product / per tier. All optional. */\nexport interface PolicyBlock {\n enforcement?: EnforcementMode;\n requireKyc?: boolean;\n requireSanctionsClear?: boolean;\n minAge?: number;\n allowedJurisdictions?: readonly string[];\n allowedShippingCountries?: readonly string[];\n allowedShippingStates?: readonly string[];\n}\n\n/**\n * Outcome of running a gate under an enforcement mode.\n *\n * - `verified`: gate accepted; identity is fully verified for the policy.\n * - `unverified`: soft mode swallowed a gate denial; the agent had *some*\n * identity but didn't meet the policy. Stamp this on the order so\n * ops/analytics can tell apart soft passes from hard passes.\n * - `anonymous`: no gate ran (policy was null / no enforcement).\n * - `denied`: hard mode rejected; the caller must propagate the 403. The\n * `denialBody` and `denialStatus` carry the original gate response so the\n * caller can return it as-is.\n */\nexport interface GateResult {\n status: IdentityStatus;\n denialStatus?: number;\n denialBody?: Record<string, unknown>;\n denialReason?: DenialReason;\n}\n\n/**\n * Translate a {@link PolicyBlock} into the options the per-framework\n * `agentscoreGate(...)` expects. Returns `null` when the block has no\n * `enforcement` set — the caller should treat that as \"no gate; anonymous OK\".\n *\n * Use a fresh gate per request rather than constructing once at module scope\n * when the policy varies per resource (e.g. per product). Each adapter's gate\n * is cheap to instantiate.\n */\nexport function buildGateOptionsFromPolicy(\n policy: PolicyBlock | null | undefined,\n base: { apiKey: string; baseUrl?: string },\n): AgentScoreCoreOptions | null {\n if (!policy || !policy.enforcement) return null;\n return {\n apiKey: base.apiKey,\n ...(base.baseUrl !== undefined && { baseUrl: base.baseUrl }),\n ...(policy.requireKyc !== undefined && { requireKyc: policy.requireKyc }),\n ...(policy.requireSanctionsClear !== undefined && {\n requireSanctionsClear: policy.requireSanctionsClear,\n }),\n ...(policy.minAge !== undefined && { minAge: policy.minAge }),\n ...(policy.allowedJurisdictions !== undefined && {\n allowedJurisdictions: [...policy.allowedJurisdictions],\n }),\n };\n}\n\n/**\n * Run a per-framework gate middleware respecting the enforcement mode.\n *\n * The vendor passes:\n * - `gate`: their framework's middleware (Hono `MiddlewareHandler`, Express\n * `(req, res, next) => void`, etc.) — anything that resolves on accept and\n * throws or returns a `Response` on deny.\n * - `runGate`: a thin adapter that calls the middleware with the framework\n * context and returns either `{ ok: true }` (gate accepted) or\n * `{ ok: false, status, body, reason? }` (gate denied with details).\n *\n * `runGateWithEnforcement` wraps that in the hard/soft split:\n *\n * - `gate=null` or `enforcement=null`: no gate fires; status=\"anonymous\".\n * - `enforcement=\"hard\"` + denied: status=\"denied\"; caller propagates denialStatus + denialBody.\n * - `enforcement=\"soft\"` + denied: swallow; status=\"unverified\".\n * - accepted: status=\"verified\".\n */\nexport async function runGateWithEnforcement(\n enforcement: EnforcementMode | undefined,\n runGate: (() => Promise<{ ok: true } | { ok: false; status: number; body: Record<string, unknown>; reason?: DenialReason }>) | null,\n): Promise<GateResult> {\n if (!runGate || !enforcement) return { status: 'anonymous' };\n\n const outcome = await runGate();\n if (outcome.ok) return { status: 'verified' };\n\n if (enforcement === 'hard') {\n return {\n status: 'denied',\n denialStatus: outcome.status,\n denialBody: outcome.body,\n ...(outcome.reason !== undefined && { denialReason: outcome.reason }),\n };\n }\n return {\n status: 'unverified',\n denialStatus: outcome.status,\n denialBody: outcome.body,\n ...(outcome.reason !== undefined && { denialReason: outcome.reason }),\n };\n}\n\n/** NULL policy / NULL allowlist → ship anywhere. Otherwise country must be in the list. */\nexport function shippingCountryAllowed(country: string, policy: PolicyBlock | null | undefined): boolean {\n if (!policy?.allowedShippingCountries || policy.allowedShippingCountries.length === 0) return true;\n const allowed = new Set(policy.allowedShippingCountries.map((c) => c.toUpperCase()));\n return allowed.has(country.toUpperCase());\n}\n\n/**\n * US-state allowlist (e.g. wine).\n *\n * Only enforced for US shipments — non-US shipments are governed by\n * {@link shippingCountryAllowed} independently.\n */\nexport function shippingStateAllowed(\n state: string,\n country: string,\n policy: PolicyBlock | null | undefined,\n): boolean {\n if (!policy?.allowedShippingStates || policy.allowedShippingStates.length === 0) return true;\n if (country.toUpperCase() !== 'US') return true;\n const allowed = new Set(policy.allowedShippingStates.map((s) => s.toUpperCase()));\n return allowed.has(state.toUpperCase());\n}\n"],"mappings":";AA6EO,SAAS,2BACd,QACA,MAC8B;AAC9B,MAAI,CAAC,UAAU,CAAC,OAAO,YAAa,QAAO;AAC3C,SAAO;AAAA,IACL,QAAQ,KAAK;AAAA,IACb,GAAI,KAAK,YAAY,UAAa,EAAE,SAAS,KAAK,QAAQ;AAAA,IAC1D,GAAI,OAAO,eAAe,UAAa,EAAE,YAAY,OAAO,WAAW;AAAA,IACvE,GAAI,OAAO,0BAA0B,UAAa;AAAA,MAChD,uBAAuB,OAAO;AAAA,IAChC;AAAA,IACA,GAAI,OAAO,WAAW,UAAa,EAAE,QAAQ,OAAO,OAAO;AAAA,IAC3D,GAAI,OAAO,yBAAyB,UAAa;AAAA,MAC/C,sBAAsB,CAAC,GAAG,OAAO,oBAAoB;AAAA,IACvD;AAAA,EACF;AACF;AAoBA,eAAsB,uBACpB,aACA,SACqB;AACrB,MAAI,CAAC,WAAW,CAAC,YAAa,QAAO,EAAE,QAAQ,YAAY;AAE3D,QAAM,UAAU,MAAM,QAAQ;AAC9B,MAAI,QAAQ,GAAI,QAAO,EAAE,QAAQ,WAAW;AAE5C,MAAI,gBAAgB,QAAQ;AAC1B,WAAO;AAAA,MACL,QAAQ;AAAA,MACR,cAAc,QAAQ;AAAA,MACtB,YAAY,QAAQ;AAAA,MACpB,GAAI,QAAQ,WAAW,UAAa,EAAE,cAAc,QAAQ,OAAO;AAAA,IACrE;AAAA,EACF;AACA,SAAO;AAAA,IACL,QAAQ;AAAA,IACR,cAAc,QAAQ;AAAA,IACtB,YAAY,QAAQ;AAAA,IACpB,GAAI,QAAQ,WAAW,UAAa,EAAE,cAAc,QAAQ,OAAO;AAAA,EACrE;AACF;AAGO,SAAS,uBAAuB,SAAiB,QAAiD;AACvG,MAAI,CAAC,QAAQ,4BAA4B,OAAO,yBAAyB,WAAW,EAAG,QAAO;AAC9F,QAAM,UAAU,IAAI,IAAI,OAAO,yBAAyB,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;AACnF,SAAO,QAAQ,IAAI,QAAQ,YAAY,CAAC;AAC1C;AAQO,SAAS,qBACd,OACA,SACA,QACS;AACT,MAAI,CAAC,QAAQ,yBAAyB,OAAO,sBAAsB,WAAW,EAAG,QAAO;AACxF,MAAI,QAAQ,YAAY,MAAM,KAAM,QAAO;AAC3C,QAAM,UAAU,IAAI,IAAI,OAAO,sBAAsB,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;AAChF,SAAO,QAAQ,IAAI,MAAM,YAAY,CAAC;AACxC;","names":[]}
|
package/dist/identity/web.d.mts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export { F as FIXABLE_DENIAL_REASONS, b as buildContactSupportNextSteps, a as buildSignerMismatchBody, d as denialReasonStatus, c as denialReasonToBody, i as isFixableDenial, v as verificationAgentInstructions } from '../_response-DpB-cm2c.mjs';
|
|
2
2
|
export { e as extractPaymentSignerAddress, r as readX402PaymentHeader } from '../signer-kCAJUZwp.mjs';
|
|
3
|
-
import { AgentScoreCoreOptions, AgentIdentity, DenialReason, CreateSessionOnMissing,
|
|
3
|
+
import { AgentScoreCoreOptions, AgentIdentity, DenialReason, CreateSessionOnMissing, AssessResult, VerifyWalletSignerResult, FailOpenInfraReason, GateQuotaInfo } from '../core.mjs';
|
|
4
4
|
|
|
5
5
|
interface AgentScoreGateOptions extends Omit<AgentScoreCoreOptions, 'createSessionOnMissing'> {
|
|
6
6
|
/** Custom function to extract agent identity from a Request. */
|
|
@@ -21,7 +21,7 @@ interface AgentScoreGateOptions extends Omit<AgentScoreCoreOptions, 'createSessi
|
|
|
21
21
|
*/
|
|
22
22
|
type GuardResult = {
|
|
23
23
|
allowed: true;
|
|
24
|
-
data?:
|
|
24
|
+
data?: AssessResult;
|
|
25
25
|
captureWallet?: (opts: {
|
|
26
26
|
walletAddress: string;
|
|
27
27
|
network: 'evm' | 'solana';
|
|
@@ -74,7 +74,7 @@ declare function createAgentScoreGate(options: AgentScoreGateOptions): (req: Req
|
|
|
74
74
|
* ```
|
|
75
75
|
*/
|
|
76
76
|
declare function withAgentScoreGate<TCtx = unknown>(options: AgentScoreGateOptions, handler: (req: Request, gate: {
|
|
77
|
-
data?:
|
|
77
|
+
data?: AssessResult;
|
|
78
78
|
captureWallet?: (opts: {
|
|
79
79
|
walletAddress: string;
|
|
80
80
|
network: 'evm' | 'solana';
|
package/dist/identity/web.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export { F as FIXABLE_DENIAL_REASONS, b as buildContactSupportNextSteps, a as buildSignerMismatchBody, d as denialReasonStatus, c as denialReasonToBody, i as isFixableDenial, v as verificationAgentInstructions } from '../_response-C2yFQoIA.js';
|
|
2
2
|
export { e as extractPaymentSignerAddress, r as readX402PaymentHeader } from '../signer-kCAJUZwp.js';
|
|
3
|
-
import { AgentScoreCoreOptions, AgentIdentity, DenialReason, CreateSessionOnMissing,
|
|
3
|
+
import { AgentScoreCoreOptions, AgentIdentity, DenialReason, CreateSessionOnMissing, AssessResult, VerifyWalletSignerResult, FailOpenInfraReason, GateQuotaInfo } from '../core.js';
|
|
4
4
|
|
|
5
5
|
interface AgentScoreGateOptions extends Omit<AgentScoreCoreOptions, 'createSessionOnMissing'> {
|
|
6
6
|
/** Custom function to extract agent identity from a Request. */
|
|
@@ -21,7 +21,7 @@ interface AgentScoreGateOptions extends Omit<AgentScoreCoreOptions, 'createSessi
|
|
|
21
21
|
*/
|
|
22
22
|
type GuardResult = {
|
|
23
23
|
allowed: true;
|
|
24
|
-
data?:
|
|
24
|
+
data?: AssessResult;
|
|
25
25
|
captureWallet?: (opts: {
|
|
26
26
|
walletAddress: string;
|
|
27
27
|
network: 'evm' | 'solana';
|
|
@@ -74,7 +74,7 @@ declare function createAgentScoreGate(options: AgentScoreGateOptions): (req: Req
|
|
|
74
74
|
* ```
|
|
75
75
|
*/
|
|
76
76
|
declare function withAgentScoreGate<TCtx = unknown>(options: AgentScoreGateOptions, handler: (req: Request, gate: {
|
|
77
|
-
data?:
|
|
77
|
+
data?: AssessResult;
|
|
78
78
|
captureWallet?: (opts: {
|
|
79
79
|
walletAddress: string;
|
|
80
80
|
network: 'evm' | 'solana';
|
package/dist/identity/web.js
CHANGED
|
@@ -361,7 +361,7 @@ function createAgentScoreCore(options) {
|
|
|
361
361
|
} = options;
|
|
362
362
|
const baseUrl = stripTrailingSlashes(rawBaseUrl);
|
|
363
363
|
const agentMemoryHint = buildAgentMemoryHint();
|
|
364
|
-
const defaultUa = `@agent-score/commerce@${"1.
|
|
364
|
+
const defaultUa = `@agent-score/commerce@${"1.7.0"}`;
|
|
365
365
|
const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
|
|
366
366
|
const sdk = new import_sdk.AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
|
|
367
367
|
const sessionSdkCache = /* @__PURE__ */ new Map();
|