@agent-score/commerce 1.8.1 → 2.0.0

package/dist/identity/express.mjs

@@ -13,13 +13,16 @@ function denialReasonStatus(reason) {
   if (reason.code === "api_error") return 503;
   return 403;
 }
-function buildSignerMismatchBody(input) {
-  const { result } = input;
+function buildSignerMismatchBody({
+  result,
+  userMessage,
+  learnMoreUrl
+}) {
   if (result.kind === "pass") return null;
-  const learnMoreUrl = input.learnMoreUrl ?? "https://docs.agentscore.sh/guides/agent-identity";
+  const learnMoreUrlResolved = learnMoreUrl ?? "https://docs.agentscore.sh/guides/agent-identity";
   if (result.kind === "wallet_signer_mismatch") {
     const linkedWallets = result.linkedWallets ?? [];
-    const userMessage = input.userMessage ?? (linkedWallets.length > 0 ? `Sign the payment with one of the wallets linked to this operator: ${linkedWallets.join(", ")}. Then retry.` : "Sign the payment with the same wallet you claimed via X-Wallet-Address, or switch to X-Operator-Token for rail-independent identity.");
+    const userMessageResolved = userMessage ?? (linkedWallets.length > 0 ? `Sign the payment with one of the wallets linked to this operator: ${linkedWallets.join(", ")}. Then retry.` : "Sign the payment with the same wallet you claimed via X-Wallet-Address, or switch to X-Operator-Token for rail-independent identity.");
     return {
       error: {
         code: "wallet_signer_mismatch",
@@ -32,8 +35,8 @@ function buildSignerMismatchBody(input) {
       linked_wallets: linkedWallets,
       next_steps: {
         action: "regenerate_payment_from_linked_wallet",
-        user_message: userMessage,
-        learn_more_url: learnMoreUrl
+        user_message: userMessageResolved,
+        learn_more_url: learnMoreUrlResolved
       }
     };
   }
@@ -44,8 +47,8 @@ function buildSignerMismatchBody(input) {
     },
     next_steps: {
       action: "switch_to_operator_token",
-      user_message: input.userMessage ?? "Drop the X-Wallet-Address header and retry with X-Operator-Token (works on every payment rail).",
-      learn_more_url: learnMoreUrl
+      user_message: userMessage ?? "Drop the X-Wallet-Address header and retry with X-Operator-Token (works on every payment rail).",
+      learn_more_url: learnMoreUrlResolved
     }
   };
 }
@@ -53,27 +56,35 @@ function buildContactSupportNextSteps(supportEmail, message) {
   return {
     action: "contact_support",
     support_email: supportEmail,
-    user_message: message ?? `If you believe this denial is in error, contact support at ${supportEmail} with your order details.`
+    user_message: message ?? `If you believe this denial is in error, contact support at ${supportEmail} with the details of your request.`
   };
 }
-function verificationAgentInstructions(input = {}) {
+function verificationAgentInstructions({
+  userAction,
+  retryStep,
+  extraSteps,
+  pollIntervalSeconds = 5,
+  timeoutSeconds = 3600,
+  orderTtl,
+  extra
+} = {}) {
   const baseSteps = [
     "Present the verify_url directly to the user \u2014 it is a complete, ready-to-open URL with the session token already embedded (e.g. https://agentscore.sh/verify?session=sess_...). Do NOT modify or construct the URL yourself.",
-    `Immediately begin polling poll_url every ${input.pollIntervalSeconds ?? 5} seconds with header X-Poll-Secret set to poll_secret. The user will complete verification in their browser while you poll in the background.`,
+    `Immediately begin polling poll_url every ${pollIntervalSeconds} seconds with header X-Poll-Secret set to poll_secret. The user will complete verification in their browser while you poll in the background.`,
     "The user visits the URL, signs in, completes identity verification (photo ID + selfie via Stripe Identity), and closes the tab. They do NOT need to copy or paste anything back to you.",
     'When your poll returns status "verified", extract operator_token from the response. This is a one-time value \u2014 save it immediately. Subsequent polls return status "consumed" without the token.',
-    input.retryStep ?? "Retry the original merchant request with header X-Operator-Token set to the operator_token value."
+    retryStep ?? "Retry the original merchant request with header X-Operator-Token set to the operator_token value."
   ];
   return {
     action: "poll_for_credential",
-    user_action: input.userAction ?? "The user must visit verify_url to complete identity verification before this request can proceed",
-    steps: input.extraSteps ? [...baseSteps, ...input.extraSteps] : baseSteps,
-    poll_interval_seconds: input.pollIntervalSeconds ?? 5,
+    user_action: userAction ?? "The user must visit verify_url to complete identity verification before this request can proceed",
+    steps: extraSteps ? [...baseSteps, ...extraSteps] : baseSteps,
+    poll_interval_seconds: pollIntervalSeconds,
     poll_secret_header: "X-Poll-Secret",
     retry_token_header: "X-Operator-Token",
-    timeout_seconds: input.timeoutSeconds ?? 3600,
-    ...input.orderTtl ? { order_ttl: input.orderTtl } : {},
-    ...input.extra ?? {}
+    timeout_seconds: timeoutSeconds,
+    ...orderTtl ? { order_ttl: orderTtl } : {},
+    ...extra ?? {}
   };
 }
 
@@ -332,7 +343,7 @@ function createAgentScoreCore(options) {
   } = options;
   const baseUrl = stripTrailingSlashes(rawBaseUrl);
   const agentMemoryHint = buildAgentMemoryHint();
-  const defaultUa = `@agent-score/commerce@${"1.8.1"}`;
+  const defaultUa = `@agent-score/commerce@${"2.0.0"}`;
   const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
   const sdk = new AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
   const sessionSdkCache = /* @__PURE__ */ new Map();