@agent-score/commerce 1.8.1 → 2.0.0

package/dist/identity/web.d.mts

@@ -1,5 +1,5 @@
-export { F as FIXABLE_DENIAL_REASONS, b as buildContactSupportNextSteps, a as buildSignerMismatchBody, d as denialReasonStatus, c as denialReasonToBody, i as isFixableDenial, v as verificationAgentInstructions } from '../_response-9yp6Fit2.mjs';
-export { r as readX402PaymentHeader } from '../signer-CFVQsWjL.mjs';
+export { F as FIXABLE_DENIAL_REASONS, b as buildContactSupportNextSteps, a as buildSignerMismatchBody, d as denialReasonStatus, c as denialReasonToBody, i as isFixableDenial, v as verificationAgentInstructions } from '../_response-BFYN3b6i.mjs';
+export { r as readX402PaymentHeader } from '../signer-3FAit11j.mjs';
 import { AgentScoreCoreOptions, AgentIdentity, DenialReason, CreateSessionOnMissing, AssessResult, SignerVerdict, FailOpenInfraReason, GateQuotaInfo } from '../core.mjs';
 
 interface AgentScoreGateOptions extends Omit<AgentScoreCoreOptions, 'createSessionOnMissing'> {
@@ -91,4 +91,4 @@ declare function withAgentScoreGate<TCtx = unknown>(options: AgentScoreGateOptio
     quota?: GateQuotaInfo;
 }, ctx?: TCtx) => Response | Promise<Response>): (req: Request, ctx?: TCtx) => Promise<Response>;
 
-export { type AgentScoreGateOptions, type GuardResult, createAgentScoreGate, withAgentScoreGate };
+export { type GuardResult, createAgentScoreGate, withAgentScoreGate };

package/dist/identity/web.d.ts

@@ -1,5 +1,5 @@
-export { F as FIXABLE_DENIAL_REASONS, b as buildContactSupportNextSteps, a as buildSignerMismatchBody, d as denialReasonStatus, c as denialReasonToBody, i as isFixableDenial, v as verificationAgentInstructions } from '../_response-CC6jNb8q.js';
-export { r as readX402PaymentHeader } from '../signer-CFVQsWjL.js';
+export { F as FIXABLE_DENIAL_REASONS, b as buildContactSupportNextSteps, a as buildSignerMismatchBody, d as denialReasonStatus, c as denialReasonToBody, i as isFixableDenial, v as verificationAgentInstructions } from '../_response-_iPD5AIj.js';
+export { r as readX402PaymentHeader } from '../signer-3FAit11j.js';
 import { AgentScoreCoreOptions, AgentIdentity, DenialReason, CreateSessionOnMissing, AssessResult, SignerVerdict, FailOpenInfraReason, GateQuotaInfo } from '../core.js';
 
 interface AgentScoreGateOptions extends Omit<AgentScoreCoreOptions, 'createSessionOnMissing'> {
@@ -91,4 +91,4 @@ declare function withAgentScoreGate<TCtx = unknown>(options: AgentScoreGateOptio
     quota?: GateQuotaInfo;
 }, ctx?: TCtx) => Response | Promise<Response>): (req: Request, ctx?: TCtx) => Promise<Response>;
 
-export { type AgentScoreGateOptions, type GuardResult, createAgentScoreGate, withAgentScoreGate };
+export { type GuardResult, createAgentScoreGate, withAgentScoreGate };

package/dist/identity/web.js

@@ -48,13 +48,16 @@ function denialReasonStatus(reason) {
   if (reason.code === "api_error") return 503;
   return 403;
 }
-function buildSignerMismatchBody(input) {
-  const { result } = input;
+function buildSignerMismatchBody({
+  result,
+  userMessage,
+  learnMoreUrl
+}) {
   if (result.kind === "pass") return null;
-  const learnMoreUrl = input.learnMoreUrl ?? "https://docs.agentscore.sh/guides/agent-identity";
+  const learnMoreUrlResolved = learnMoreUrl ?? "https://docs.agentscore.sh/guides/agent-identity";
   if (result.kind === "wallet_signer_mismatch") {
     const linkedWallets = result.linkedWallets ?? [];
-    const userMessage = input.userMessage ?? (linkedWallets.length > 0 ? `Sign the payment with one of the wallets linked to this operator: ${linkedWallets.join(", ")}. Then retry.` : "Sign the payment with the same wallet you claimed via X-Wallet-Address, or switch to X-Operator-Token for rail-independent identity.");
+    const userMessageResolved = userMessage ?? (linkedWallets.length > 0 ? `Sign the payment with one of the wallets linked to this operator: ${linkedWallets.join(", ")}. Then retry.` : "Sign the payment with the same wallet you claimed via X-Wallet-Address, or switch to X-Operator-Token for rail-independent identity.");
     return {
       error: {
         code: "wallet_signer_mismatch",
@@ -67,8 +70,8 @@ function buildSignerMismatchBody(input) {
       linked_wallets: linkedWallets,
       next_steps: {
         action: "regenerate_payment_from_linked_wallet",
-        user_message: userMessage,
-        learn_more_url: learnMoreUrl
+        user_message: userMessageResolved,
+        learn_more_url: learnMoreUrlResolved
       }
     };
   }
@@ -79,8 +82,8 @@ function buildSignerMismatchBody(input) {
     },
     next_steps: {
       action: "switch_to_operator_token",
-      user_message: input.userMessage ?? "Drop the X-Wallet-Address header and retry with X-Operator-Token (works on every payment rail).",
-      learn_more_url: learnMoreUrl
+      user_message: userMessage ?? "Drop the X-Wallet-Address header and retry with X-Operator-Token (works on every payment rail).",
+      learn_more_url: learnMoreUrlResolved
     }
   };
 }
@@ -88,27 +91,35 @@ function buildContactSupportNextSteps(supportEmail, message) {
   return {
     action: "contact_support",
     support_email: supportEmail,
-    user_message: message ?? `If you believe this denial is in error, contact support at ${supportEmail} with your order details.`
+    user_message: message ?? `If you believe this denial is in error, contact support at ${supportEmail} with the details of your request.`
   };
 }
-function verificationAgentInstructions(input = {}) {
+function verificationAgentInstructions({
+  userAction,
+  retryStep,
+  extraSteps,
+  pollIntervalSeconds = 5,
+  timeoutSeconds = 3600,
+  orderTtl,
+  extra
+} = {}) {
   const baseSteps = [
     "Present the verify_url directly to the user \u2014 it is a complete, ready-to-open URL with the session token already embedded (e.g. https://agentscore.sh/verify?session=sess_...). Do NOT modify or construct the URL yourself.",
-    `Immediately begin polling poll_url every ${input.pollIntervalSeconds ?? 5} seconds with header X-Poll-Secret set to poll_secret. The user will complete verification in their browser while you poll in the background.`,
+    `Immediately begin polling poll_url every ${pollIntervalSeconds} seconds with header X-Poll-Secret set to poll_secret. The user will complete verification in their browser while you poll in the background.`,
     "The user visits the URL, signs in, completes identity verification (photo ID + selfie via Stripe Identity), and closes the tab. They do NOT need to copy or paste anything back to you.",
     'When your poll returns status "verified", extract operator_token from the response. This is a one-time value \u2014 save it immediately. Subsequent polls return status "consumed" without the token.',
-    input.retryStep ?? "Retry the original merchant request with header X-Operator-Token set to the operator_token value."
+    retryStep ?? "Retry the original merchant request with header X-Operator-Token set to the operator_token value."
   ];
   return {
     action: "poll_for_credential",
-    user_action: input.userAction ?? "The user must visit verify_url to complete identity verification before this request can proceed",
-    steps: input.extraSteps ? [...baseSteps, ...input.extraSteps] : baseSteps,
-    poll_interval_seconds: input.pollIntervalSeconds ?? 5,
+    user_action: userAction ?? "The user must visit verify_url to complete identity verification before this request can proceed",
+    steps: extraSteps ? [...baseSteps, ...extraSteps] : baseSteps,
+    poll_interval_seconds: pollIntervalSeconds,
     poll_secret_header: "X-Poll-Secret",
     retry_token_header: "X-Operator-Token",
-    timeout_seconds: input.timeoutSeconds ?? 3600,
-    ...input.orderTtl ? { order_ttl: input.orderTtl } : {},
-    ...input.extra ?? {}
+    timeout_seconds: timeoutSeconds,
+    ...orderTtl ? { order_ttl: orderTtl } : {},
+    ...extra ?? {}
   };
 }
 
@@ -360,7 +371,7 @@ function createAgentScoreCore(options) {
   } = options;
   const baseUrl = stripTrailingSlashes(rawBaseUrl);
   const agentMemoryHint = buildAgentMemoryHint();
-  const defaultUa = `@agent-score/commerce@${"1.8.1"}`;
+  const defaultUa = `@agent-score/commerce@${"2.0.0"}`;
   const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
   const sdk = new import_sdk.AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
   const sessionSdkCache = /* @__PURE__ */ new Map();