@agentix-security/nextjs 0.1.1 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/index.cjs +23 -12
  2. package/dist/index.d.cts +10 -2
  3. package/dist/index.d.ts +10 -2
  4. package/dist/index.js +23 -12
  5. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -302,7 +302,13 @@ var AgentixSDK = class {
302
302
  return this.engine;
303
303
  }
304
304
  registerIntent(intent, mode = "enforce") {
305
- this.intentRegistry.set(intent, mode);
305
+ if (!this.intentRegistry.has(intent)) {
306
+ this.intentRegistry.set(intent, { mode, routes: /* @__PURE__ */ new Set() });
307
+ }
308
+ }
309
+ registerIntentRoute(intent, route) {
310
+ const entry = this.intentRegistry.get(intent);
311
+ if (entry) entry.routes.add(route);
306
312
  }
307
313
  getIntentRegistry() {
308
314
  return this.intentRegistry;
@@ -411,13 +417,13 @@ function bearer(req) {
411
417
  if (!auth?.startsWith("Bearer ")) return null;
412
418
  return auth.slice("Bearer ".length).trim();
413
419
  }
414
- async function shipAudit2(url, key, row) {
415
- if (!key) return;
420
+ async function shipAudit2(url, licenseKey, row) {
421
+ if (!licenseKey || !url) return;
416
422
  try {
417
- await fetch(`${url}/v1/audit/decisions`, {
423
+ await fetch(`${url}/v1/audit/events`, {
418
424
  method: "POST",
419
- headers: { authorization: `Bearer ${key}`, "content-type": "application/json" },
420
- body: JSON.stringify(row)
425
+ headers: { "content-type": "application/json" },
426
+ body: JSON.stringify({ license_key: licenseKey, rows: [row] })
421
427
  });
422
428
  } catch {
423
429
  }
@@ -443,11 +449,14 @@ function agentixMiddleware(sdk) {
443
449
  const fp = await fingerprint2(req);
444
450
  const baseUrl = req.nextUrl.origin;
445
451
  const cp = (sdk.config.controlPlaneUrl ?? "https://agentix-control-plane.onrender.com").replace(/\/$/, "");
446
- const adminKey = sdk.config.controlPlaneAdminKey;
452
+ const licenseKey = sdk.config.licenseKey;
447
453
  const tokenSecret = sdk.getResolvedTokenSecret();
448
454
  if (req.method === "GET" && pathname === "/.well-known/ai-agent.json") {
449
- const allIntents = [...sdk.getIntentRegistry().keys()];
450
- void shipAudit2(cp, adminKey, auditRow(sdk, req, pathname, 200, fp, {
455
+ const registry = sdk.getIntentRegistry();
456
+ const tools = Object.fromEntries(
457
+ [...registry.entries()].map(([intent, entry]) => [intent, { routes: [...entry.routes] }])
458
+ );
459
+ void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 200, fp, {
451
460
  trust_mode: "unknown",
452
461
  intent_scope: "none",
453
462
  token_id: null,
@@ -461,7 +470,8 @@ function agentixMiddleware(sdk) {
461
470
  tenant_id: sdk.getResolvedTenantId(),
462
471
  deployment_id: sdk.getDeploymentId(),
463
472
  discovery: { well_known: `${baseUrl}/.well-known/ai-agent.json`, token_endpoint: `${baseUrl}/agent/v1/declare_intent` },
464
- intents: allIntents
473
+ intents: [...registry.keys()],
474
+ tools
465
475
  }, { headers: { "cache-control": "no-store" } });
466
476
  }
467
477
  if (req.method === "POST" && pathname === "/agent/v1/declare_intent") {
@@ -472,7 +482,7 @@ function agentixMiddleware(sdk) {
472
482
  }
473
483
  const validIntents = [...sdk.getIntentRegistry().keys()];
474
484
  if (!body.intent || !isValidIntent(body.intent, validIntents)) {
475
- void shipAudit2(cp, adminKey, auditRow(sdk, req, pathname, 400, fp, {
485
+ void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 400, fp, {
476
486
  trust_mode: "unmanaged_automation",
477
487
  intent_scope: "none",
478
488
  token_id: null,
@@ -489,7 +499,7 @@ function agentixMiddleware(sdk) {
489
499
  const exp = iat + Math.floor(ttl / 1e3);
490
500
  const raw = await issueTokenWeb(tokenSecret, { intent, domain: sdk.getResolvedDomain(), binding: fp, iat, exp });
491
501
  const jti = tokenIdWeb(raw);
492
- void shipAudit2(cp, adminKey, auditRow(sdk, req, pathname, 200, fp, {
502
+ void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 200, fp, {
493
503
  trust_mode: "managed_agent",
494
504
  intent_scope: intent,
495
505
  token_id: jti,
@@ -514,6 +524,7 @@ function agentixMiddleware(sdk) {
514
524
  function secure(sdk, intent, handler, opts = {}) {
515
525
  const mode = opts.mode ?? "enforce";
516
526
  sdk.registerIntent(intent, mode);
527
+ if (opts.path) sdk.registerIntentRoute(intent, opts.path);
517
528
  return async (req, ctx) => {
518
529
  await sdk.ensureInitialized();
519
530
  const fp = await fingerprint2(req);
package/dist/index.d.cts CHANGED
@@ -41,7 +41,10 @@ interface EngineOptions {
41
41
  controlPlaneUrl: string;
42
42
  controlPlaneAdminKey?: string;
43
43
  getLease: () => LicenseLease | null;
44
- getRegisteredIntents?: () => ReadonlyMap<string, 'enforce' | 'shadow'>;
44
+ getRegisteredIntents?: () => ReadonlyMap<string, {
45
+ mode: 'enforce' | 'shadow';
46
+ routes: Set<string>;
47
+ }>;
45
48
  devMode?: boolean;
46
49
  }
47
50
  declare class Engine {
@@ -86,7 +89,11 @@ declare class AgentixSDK {
86
89
  private _init;
87
90
  getEngine(): Engine;
88
91
  registerIntent(intent: string, mode?: 'enforce' | 'shadow'): void;
89
- getIntentRegistry(): ReadonlyMap<string, 'enforce' | 'shadow'>;
92
+ registerIntentRoute(intent: string, route: string): void;
93
+ getIntentRegistry(): ReadonlyMap<string, {
94
+ mode: 'enforce' | 'shadow';
95
+ routes: Set<string>;
96
+ }>;
90
97
  getResolvedDomain(): string;
91
98
  getResolvedTenantId(): string;
92
99
  getResolvedTokenSecret(): string;
@@ -109,6 +116,7 @@ declare function agentixMiddleware(sdk: AgentixSDK): NextMiddleware;
109
116
  */
110
117
  declare function secure(sdk: AgentixSDK, intent: string, handler: (req: NextRequest, ctx?: unknown) => Promise<Response> | Response, opts?: {
111
118
  mode?: 'enforce' | 'shadow';
119
+ path?: string;
112
120
  }): (req: NextRequest, ctx?: unknown) => Promise<Response>;
113
121
  interface PagesRes {
114
122
  status(code: number): PagesRes;
package/dist/index.d.ts CHANGED
@@ -41,7 +41,10 @@ interface EngineOptions {
41
41
  controlPlaneUrl: string;
42
42
  controlPlaneAdminKey?: string;
43
43
  getLease: () => LicenseLease | null;
44
- getRegisteredIntents?: () => ReadonlyMap<string, 'enforce' | 'shadow'>;
44
+ getRegisteredIntents?: () => ReadonlyMap<string, {
45
+ mode: 'enforce' | 'shadow';
46
+ routes: Set<string>;
47
+ }>;
45
48
  devMode?: boolean;
46
49
  }
47
50
  declare class Engine {
@@ -86,7 +89,11 @@ declare class AgentixSDK {
86
89
  private _init;
87
90
  getEngine(): Engine;
88
91
  registerIntent(intent: string, mode?: 'enforce' | 'shadow'): void;
89
- getIntentRegistry(): ReadonlyMap<string, 'enforce' | 'shadow'>;
92
+ registerIntentRoute(intent: string, route: string): void;
93
+ getIntentRegistry(): ReadonlyMap<string, {
94
+ mode: 'enforce' | 'shadow';
95
+ routes: Set<string>;
96
+ }>;
90
97
  getResolvedDomain(): string;
91
98
  getResolvedTenantId(): string;
92
99
  getResolvedTokenSecret(): string;
@@ -109,6 +116,7 @@ declare function agentixMiddleware(sdk: AgentixSDK): NextMiddleware;
109
116
  */
110
117
  declare function secure(sdk: AgentixSDK, intent: string, handler: (req: NextRequest, ctx?: unknown) => Promise<Response> | Response, opts?: {
111
118
  mode?: 'enforce' | 'shadow';
119
+ path?: string;
112
120
  }): (req: NextRequest, ctx?: unknown) => Promise<Response>;
113
121
  interface PagesRes {
114
122
  status(code: number): PagesRes;
package/dist/index.js CHANGED
@@ -300,7 +300,13 @@ var AgentixSDK = class {
300
300
  return this.engine;
301
301
  }
302
302
  registerIntent(intent, mode = "enforce") {
303
- this.intentRegistry.set(intent, mode);
303
+ if (!this.intentRegistry.has(intent)) {
304
+ this.intentRegistry.set(intent, { mode, routes: /* @__PURE__ */ new Set() });
305
+ }
306
+ }
307
+ registerIntentRoute(intent, route) {
308
+ const entry = this.intentRegistry.get(intent);
309
+ if (entry) entry.routes.add(route);
304
310
  }
305
311
  getIntentRegistry() {
306
312
  return this.intentRegistry;
@@ -409,13 +415,13 @@ function bearer(req) {
409
415
  if (!auth?.startsWith("Bearer ")) return null;
410
416
  return auth.slice("Bearer ".length).trim();
411
417
  }
412
- async function shipAudit2(url, key, row) {
413
- if (!key) return;
418
+ async function shipAudit2(url, licenseKey, row) {
419
+ if (!licenseKey || !url) return;
414
420
  try {
415
- await fetch(`${url}/v1/audit/decisions`, {
421
+ await fetch(`${url}/v1/audit/events`, {
416
422
  method: "POST",
417
- headers: { authorization: `Bearer ${key}`, "content-type": "application/json" },
418
- body: JSON.stringify(row)
423
+ headers: { "content-type": "application/json" },
424
+ body: JSON.stringify({ license_key: licenseKey, rows: [row] })
419
425
  });
420
426
  } catch {
421
427
  }
@@ -441,11 +447,14 @@ function agentixMiddleware(sdk) {
441
447
  const fp = await fingerprint2(req);
442
448
  const baseUrl = req.nextUrl.origin;
443
449
  const cp = (sdk.config.controlPlaneUrl ?? "https://agentix-control-plane.onrender.com").replace(/\/$/, "");
444
- const adminKey = sdk.config.controlPlaneAdminKey;
450
+ const licenseKey = sdk.config.licenseKey;
445
451
  const tokenSecret = sdk.getResolvedTokenSecret();
446
452
  if (req.method === "GET" && pathname === "/.well-known/ai-agent.json") {
447
- const allIntents = [...sdk.getIntentRegistry().keys()];
448
- void shipAudit2(cp, adminKey, auditRow(sdk, req, pathname, 200, fp, {
453
+ const registry = sdk.getIntentRegistry();
454
+ const tools = Object.fromEntries(
455
+ [...registry.entries()].map(([intent, entry]) => [intent, { routes: [...entry.routes] }])
456
+ );
457
+ void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 200, fp, {
449
458
  trust_mode: "unknown",
450
459
  intent_scope: "none",
451
460
  token_id: null,
@@ -459,7 +468,8 @@ function agentixMiddleware(sdk) {
459
468
  tenant_id: sdk.getResolvedTenantId(),
460
469
  deployment_id: sdk.getDeploymentId(),
461
470
  discovery: { well_known: `${baseUrl}/.well-known/ai-agent.json`, token_endpoint: `${baseUrl}/agent/v1/declare_intent` },
462
- intents: allIntents
471
+ intents: [...registry.keys()],
472
+ tools
463
473
  }, { headers: { "cache-control": "no-store" } });
464
474
  }
465
475
  if (req.method === "POST" && pathname === "/agent/v1/declare_intent") {
@@ -470,7 +480,7 @@ function agentixMiddleware(sdk) {
470
480
  }
471
481
  const validIntents = [...sdk.getIntentRegistry().keys()];
472
482
  if (!body.intent || !isValidIntent(body.intent, validIntents)) {
473
- void shipAudit2(cp, adminKey, auditRow(sdk, req, pathname, 400, fp, {
483
+ void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 400, fp, {
474
484
  trust_mode: "unmanaged_automation",
475
485
  intent_scope: "none",
476
486
  token_id: null,
@@ -487,7 +497,7 @@ function agentixMiddleware(sdk) {
487
497
  const exp = iat + Math.floor(ttl / 1e3);
488
498
  const raw = await issueTokenWeb(tokenSecret, { intent, domain: sdk.getResolvedDomain(), binding: fp, iat, exp });
489
499
  const jti = tokenIdWeb(raw);
490
- void shipAudit2(cp, adminKey, auditRow(sdk, req, pathname, 200, fp, {
500
+ void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 200, fp, {
491
501
  trust_mode: "managed_agent",
492
502
  intent_scope: intent,
493
503
  token_id: jti,
@@ -512,6 +522,7 @@ function agentixMiddleware(sdk) {
512
522
  function secure(sdk, intent, handler, opts = {}) {
513
523
  const mode = opts.mode ?? "enforce";
514
524
  sdk.registerIntent(intent, mode);
525
+ if (opts.path) sdk.registerIntentRoute(intent, opts.path);
515
526
  return async (req, ctx) => {
516
527
  await sdk.ensureInitialized();
517
528
  const fp = await fingerprint2(req);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@agentix-security/nextjs",
3
- "version": "0.1.1",
3
+ "version": "0.1.2",
4
4
  "description": "Agentix Next.js adapter — AI agent intent-based authorization for Next.js apps",
5
5
  "type": "module",
6
6
  "main": "./dist/index.cjs",