@agent-score/commerce 2.0.1 → 2.1.0

package/dist/identity/nextjs.js

@@ -20,19 +20,37 @@ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: tru
 // src/identity/nextjs.ts
 var nextjs_exports = {};
 __export(nextjs_exports, {
-  FIXABLE_DENIAL_REASONS: () => FIXABLE_DENIAL_REASONS,
   agentscoreMiddleware: () => agentscoreMiddleware,
-  buildContactSupportNextSteps: () => buildContactSupportNextSteps,
-  buildSignerMismatchBody: () => buildSignerMismatchBody,
-  denialReasonStatus: () => denialReasonStatus,
-  denialReasonToBody: () => denialReasonToBody,
-  isFixableDenial: () => isFixableDenial,
-  readX402PaymentHeader: () => readX402PaymentHeader,
-  verificationAgentInstructions: () => verificationAgentInstructions,
-  withAgentScoreGate: () => withAgentScoreGate
+  conditionalAgentscoreMiddleware: () => conditionalAgentscoreMiddleware,
+  withAgentScoreGate: () => withAgentScoreGate,
+  withConditionalAgentScoreGate: () => withConditionalAgentScoreGate
 });
 module.exports = __toCommonJS(nextjs_exports);
 
+// src/payment/payment_header.ts
+function toTitleCase(name) {
+  return name.replace(/(^|-)([a-z])/g, (_m, sep, c) => sep + c.toUpperCase());
+}
+function readHeader(headers, name) {
+  if (typeof headers.get === "function") {
+    return headers.get(name);
+  }
+  const rec = headers;
+  const v = rec[name] ?? rec[name.toLowerCase()] ?? rec[toTitleCase(name)];
+  if (typeof v === "string") return v;
+  if (Array.isArray(v) && typeof v[0] === "string") return v[0];
+  return null;
+}
+function asHeaders(input) {
+  return typeof input.headers === "object" && input instanceof Request ? input.headers : input;
+}
+function hasPaymentHeader(input) {
+  const headers = asHeaders(input);
+  return Boolean(
+    readHeader(headers, "payment-signature") || readHeader(headers, "x-payment") || readHeader(headers, "authorization")?.startsWith("Payment ")
+  );
+}
+
 // src/_denial.ts
 var FIXABLE_DENIAL_REASONS = /* @__PURE__ */ new Set([
   "kyc_required",
@@ -48,80 +66,6 @@ function denialReasonStatus(reason) {
   if (reason.code === "api_error") return 503;
   return 403;
 }
-function buildSignerMismatchBody({
-  result,
-  userMessage,
-  learnMoreUrl
-}) {
-  if (result.kind === "pass") return null;
-  const learnMoreUrlResolved = learnMoreUrl ?? "https://docs.agentscore.sh/guides/agent-identity";
-  if (result.kind === "wallet_signer_mismatch") {
-    const linkedWallets = result.linkedWallets ?? [];
-    const userMessageResolved = userMessage ?? (linkedWallets.length > 0 ? `Sign the payment with one of the wallets linked to this operator: ${linkedWallets.join(", ")}. Then retry.` : "Sign the payment with the same wallet you claimed via X-Wallet-Address, or switch to X-Operator-Token for rail-independent identity.");
-    return {
-      error: {
-        code: "wallet_signer_mismatch",
-        message: "Payment signer does not match the wallet claimed via X-Wallet-Address. The signer and the claimed wallet must both resolve to the same AgentScore operator."
-      },
-      claimed_operator: result.claimedOperator,
-      actual_signer_operator: result.actualSignerOperator ?? null,
-      expected_signer: result.expectedSigner,
-      actual_signer: result.actualSigner,
-      linked_wallets: linkedWallets,
-      next_steps: {
-        action: "regenerate_payment_from_linked_wallet",
-        user_message: userMessageResolved,
-        learn_more_url: learnMoreUrlResolved
-      }
-    };
-  }
-  return {
-    error: {
-      code: "wallet_auth_requires_wallet_signing",
-      message: "Wallet-auth requires a payment rail that carries a wallet signature (Tempo MPP, x402). Stripe SPT and card rails have no wallet signer; switch to X-Operator-Token to use those."
-    },
-    next_steps: {
-      action: "switch_to_operator_token",
-      user_message: userMessage ?? "Drop the X-Wallet-Address header and retry with X-Operator-Token (works on every payment rail).",
-      learn_more_url: learnMoreUrlResolved
-    }
-  };
-}
-function buildContactSupportNextSteps(supportEmail, message) {
-  return {
-    action: "contact_support",
-    support_email: supportEmail,
-    user_message: message ?? `If you believe this denial is in error, contact support at ${supportEmail} with the details of your request.`
-  };
-}
-function verificationAgentInstructions({
-  userAction,
-  retryStep,
-  extraSteps,
-  pollIntervalSeconds = 5,
-  timeoutSeconds = 3600,
-  orderTtl,
-  extra
-} = {}) {
-  const baseSteps = [
-    "Present the verify_url directly to the user \u2014 it is a complete, ready-to-open URL with the session token already embedded (e.g. https://agentscore.sh/verify?session=sess_...). Do NOT modify or construct the URL yourself.",
-    `Immediately begin polling poll_url every ${pollIntervalSeconds} seconds with header X-Poll-Secret set to poll_secret. The user will complete verification in their browser while you poll in the background.`,
-    "The user visits the URL, signs in, completes identity verification (photo ID + selfie via Stripe Identity), and closes the tab. They do NOT need to copy or paste anything back to you.",
-    'When your poll returns status "verified", extract operator_token from the response. This is a one-time value \u2014 save it immediately. Subsequent polls return status "consumed" without the token.',
-    retryStep ?? "Retry the original merchant request with header X-Operator-Token set to the operator_token value."
-  ];
-  return {
-    action: "poll_for_credential",
-    user_action: userAction ?? "The user must visit verify_url to complete identity verification before this request can proceed",
-    steps: extraSteps ? [...baseSteps, ...extraSteps] : baseSteps,
-    poll_interval_seconds: pollIntervalSeconds,
-    poll_secret_header: "X-Poll-Secret",
-    retry_token_header: "X-Operator-Token",
-    timeout_seconds: timeoutSeconds,
-    ...orderTtl ? { order_ttl: orderTtl } : {},
-    ...extra ?? {}
-  };
-}
 
 // src/_response.ts
 var WALLET_NOT_TRUSTED_INSTRUCTIONS = JSON.stringify({
@@ -371,7 +315,7 @@ function createAgentScoreCore(options) {
   } = options;
   const baseUrl = stripTrailingSlashes(rawBaseUrl);
   const agentMemoryHint = buildAgentMemoryHint();
-  const defaultUa = `@agent-score/commerce@${"2.0.1"}`;
+  const defaultUa = `@agent-score/commerce@${"2.1.0"}`;
   const userAgentHeader = userAgent ? `${userAgent} (${defaultUa})` : defaultUa;
   const sdk = new import_sdk.AgentScore({ apiKey, baseUrl, userAgent: userAgentHeader });
   const sessionSdkCache = /* @__PURE__ */ new Map();
@@ -806,17 +750,29 @@ function agentscoreMiddleware(options) {
     return result.allowed ? void 0 : result.response;
   };
 }
+function withConditionalAgentScoreGate(options, handler) {
+  const wrapped = withAgentScoreGate(options, handler);
+  return async (req, ctx) => {
+    if (!hasPaymentHeader(req)) {
+      const result = handler(req, {}, ctx);
+      return result instanceof Promise ? result : Promise.resolve(result);
+    }
+    return wrapped(req, ctx);
+  };
+}
+function conditionalAgentscoreMiddleware(options) {
+  const guard = createAgentScoreGate(options);
+  return async (req) => {
+    if (!hasPaymentHeader(req)) return void 0;
+    const result = await guard(req);
+    return result.allowed ? void 0 : result.response;
+  };
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
-  FIXABLE_DENIAL_REASONS,
   agentscoreMiddleware,
-  buildContactSupportNextSteps,
-  buildSignerMismatchBody,
-  denialReasonStatus,
-  denialReasonToBody,
-  isFixableDenial,
-  readX402PaymentHeader,
-  verificationAgentInstructions,
-  withAgentScoreGate
+  conditionalAgentscoreMiddleware,
+  withAgentScoreGate,
+  withConditionalAgentScoreGate
 });
 //# sourceMappingURL=nextjs.js.map