@agentix-security/nextjs 0.1.9 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/index.cjs +42 -14
  2. package/dist/index.js +42 -14
  3. package/package.json +1 -1
package/dist/index.cjs CHANGED
@@ -471,7 +471,10 @@ function agentixMiddleware(sdk) {
471
471
  if (req.method === "GET" && pathname === "/.well-known/ai-agent.json") {
472
472
  const registry = sdk.getIntentRegistry();
473
473
  const tools = Object.fromEntries(
474
- [...registry.entries()].map(([intent, entry]) => [intent, { routes: [...entry.routes] }])
474
+ [...registry.entries()].map(([intent, entry]) => [
475
+ intent,
476
+ { routes: [...entry.routes], token_url: `${baseUrl}/agent/v1/declare_intent?intent=${encodeURIComponent(intent)}` }
477
+ ])
475
478
  );
476
479
  void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 200, fp, {
477
480
  trust_mode: "unknown",
@@ -486,19 +489,33 @@ function agentixMiddleware(sdk) {
486
489
  version: "0.2.0",
487
490
  tenant_id: sdk.getResolvedTenantId(),
488
491
  deployment_id: sdk.getDeploymentId(),
489
- discovery: { well_known: `${baseUrl}/.well-known/ai-agent.json`, token_endpoint: `${baseUrl}/agent/v1/declare_intent` },
492
+ discovery: {
493
+ well_known: `${baseUrl}/.well-known/ai-agent.json`,
494
+ token_endpoint: `${baseUrl}/agent/v1/declare_intent`,
495
+ note: "GET /agent/v1/declare_intent?intent=<intent> also supported for non-POST clients"
496
+ },
490
497
  intents: [...registry.keys()],
491
498
  tools
492
499
  }, { headers: { "cache-control": "no-store" } });
493
500
  }
494
- if (req.method === "POST" && pathname === "/agent/v1/declare_intent") {
495
- let body = {};
496
- try {
497
- body = await req.json();
498
- } catch {
501
+ if (pathname === "/agent/v1/declare_intent" && (req.method === "POST" || req.method === "GET")) {
502
+ let intentVal;
503
+ let subject = null;
504
+ let constraints = null;
505
+ if (req.method === "GET") {
506
+ intentVal = req.nextUrl.searchParams.get("intent") ?? void 0;
507
+ } else {
508
+ let body = {};
509
+ try {
510
+ body = await req.json();
511
+ } catch {
512
+ }
513
+ intentVal = body.intent;
514
+ subject = body.subject ?? null;
515
+ constraints = body.constraints ?? null;
499
516
  }
500
517
  const validIntents = [...sdk.getIntentRegistry().keys()];
501
- if (!body.intent || !isValidIntent(body.intent, validIntents)) {
518
+ if (!intentVal || !isValidIntent(intentVal, validIntents)) {
502
519
  void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 400, fp, {
503
520
  trust_mode: "unmanaged_automation",
504
521
  intent_scope: "none",
@@ -506,11 +523,11 @@ function agentixMiddleware(sdk) {
506
523
  decision: "deny",
507
524
  decision_reason: "invalid_intent",
508
525
  policy_id: "intent-validation",
509
- metadata: { supplied_intent: body.intent ?? null }
526
+ metadata: { supplied_intent: intentVal ?? null }
510
527
  }));
511
528
  return server_js.NextResponse.json({ error: "invalid_intent", valid_intents: validIntents }, { status: 400 });
512
529
  }
513
- const intent = body.intent;
530
+ const intent = intentVal;
514
531
  const ttl = sdk.config.tokenTtlMs ?? 15 * 60 * 1e3;
515
532
  const iat = Math.floor(Date.now() / 1e3);
516
533
  const exp = iat + Math.floor(ttl / 1e3);
@@ -523,7 +540,7 @@ function agentixMiddleware(sdk) {
523
540
  decision: "allow",
524
541
  decision_reason: "intent_token_issued",
525
542
  policy_id: "intent-token-issuer",
526
- metadata: { subject: body.subject ?? null, constraints: body.constraints ?? null }
543
+ metadata: { subject, constraints }
527
544
  }));
528
545
  return server_js.NextResponse.json({
529
546
  access_token: raw,
@@ -534,10 +551,14 @@ function agentixMiddleware(sdk) {
534
551
  });
535
552
  }
536
553
  const isHumanPage = !pathname.startsWith("/api/") && !pathname.startsWith("/agent/") && !pathname.startsWith("/_next/") && !pathname.startsWith("/favicon");
537
- if (isHumanPage && agentScore(req) >= 0.5) {
554
+ const score = agentScore(req);
555
+ if (isHumanPage && score >= 0.5) {
538
556
  const registry = sdk.getIntentRegistry();
539
557
  const tools = Object.fromEntries(
540
- [...registry.entries()].map(([intent, entry]) => [intent, { routes: [...entry.routes] }])
558
+ [...registry.entries()].map(([intent, entry]) => [
559
+ intent,
560
+ { routes: [...entry.routes], token_url: `${baseUrl}/agent/v1/declare_intent?intent=${encodeURIComponent(intent)}` }
561
+ ])
541
562
  );
542
563
  void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 200, fp, {
543
564
  trust_mode: "unmanaged_automation",
@@ -545,7 +566,14 @@ function agentixMiddleware(sdk) {
545
566
  token_id: null,
546
567
  decision: "allow",
547
568
  decision_reason: "agent_redirected_to_lane",
548
- policy_id: "agent-detection"
569
+ policy_id: "agent-detection",
570
+ metadata: {
571
+ user_agent: req.headers.get("user-agent") ?? "",
572
+ agent_score: score,
573
+ has_sec_fetch: !!req.headers.get("sec-fetch-site"),
574
+ has_sec_ch_ua: !!req.headers.get("sec-ch-ua"),
575
+ accept: req.headers.get("accept") ?? ""
576
+ }
549
577
  }));
550
578
  return server_js.NextResponse.json({
551
579
  service: "agentix-intent-sdk",
package/dist/index.js CHANGED
@@ -469,7 +469,10 @@ function agentixMiddleware(sdk) {
469
469
  if (req.method === "GET" && pathname === "/.well-known/ai-agent.json") {
470
470
  const registry = sdk.getIntentRegistry();
471
471
  const tools = Object.fromEntries(
472
- [...registry.entries()].map(([intent, entry]) => [intent, { routes: [...entry.routes] }])
472
+ [...registry.entries()].map(([intent, entry]) => [
473
+ intent,
474
+ { routes: [...entry.routes], token_url: `${baseUrl}/agent/v1/declare_intent?intent=${encodeURIComponent(intent)}` }
475
+ ])
473
476
  );
474
477
  void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 200, fp, {
475
478
  trust_mode: "unknown",
@@ -484,19 +487,33 @@ function agentixMiddleware(sdk) {
484
487
  version: "0.2.0",
485
488
  tenant_id: sdk.getResolvedTenantId(),
486
489
  deployment_id: sdk.getDeploymentId(),
487
- discovery: { well_known: `${baseUrl}/.well-known/ai-agent.json`, token_endpoint: `${baseUrl}/agent/v1/declare_intent` },
490
+ discovery: {
491
+ well_known: `${baseUrl}/.well-known/ai-agent.json`,
492
+ token_endpoint: `${baseUrl}/agent/v1/declare_intent`,
493
+ note: "GET /agent/v1/declare_intent?intent=<intent> also supported for non-POST clients"
494
+ },
488
495
  intents: [...registry.keys()],
489
496
  tools
490
497
  }, { headers: { "cache-control": "no-store" } });
491
498
  }
492
- if (req.method === "POST" && pathname === "/agent/v1/declare_intent") {
493
- let body = {};
494
- try {
495
- body = await req.json();
496
- } catch {
499
+ if (pathname === "/agent/v1/declare_intent" && (req.method === "POST" || req.method === "GET")) {
500
+ let intentVal;
501
+ let subject = null;
502
+ let constraints = null;
503
+ if (req.method === "GET") {
504
+ intentVal = req.nextUrl.searchParams.get("intent") ?? void 0;
505
+ } else {
506
+ let body = {};
507
+ try {
508
+ body = await req.json();
509
+ } catch {
510
+ }
511
+ intentVal = body.intent;
512
+ subject = body.subject ?? null;
513
+ constraints = body.constraints ?? null;
497
514
  }
498
515
  const validIntents = [...sdk.getIntentRegistry().keys()];
499
- if (!body.intent || !isValidIntent(body.intent, validIntents)) {
516
+ if (!intentVal || !isValidIntent(intentVal, validIntents)) {
500
517
  void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 400, fp, {
501
518
  trust_mode: "unmanaged_automation",
502
519
  intent_scope: "none",
@@ -504,11 +521,11 @@ function agentixMiddleware(sdk) {
504
521
  decision: "deny",
505
522
  decision_reason: "invalid_intent",
506
523
  policy_id: "intent-validation",
507
- metadata: { supplied_intent: body.intent ?? null }
524
+ metadata: { supplied_intent: intentVal ?? null }
508
525
  }));
509
526
  return NextResponse.json({ error: "invalid_intent", valid_intents: validIntents }, { status: 400 });
510
527
  }
511
- const intent = body.intent;
528
+ const intent = intentVal;
512
529
  const ttl = sdk.config.tokenTtlMs ?? 15 * 60 * 1e3;
513
530
  const iat = Math.floor(Date.now() / 1e3);
514
531
  const exp = iat + Math.floor(ttl / 1e3);
@@ -521,7 +538,7 @@ function agentixMiddleware(sdk) {
521
538
  decision: "allow",
522
539
  decision_reason: "intent_token_issued",
523
540
  policy_id: "intent-token-issuer",
524
- metadata: { subject: body.subject ?? null, constraints: body.constraints ?? null }
541
+ metadata: { subject, constraints }
525
542
  }));
526
543
  return NextResponse.json({
527
544
  access_token: raw,
@@ -532,10 +549,14 @@ function agentixMiddleware(sdk) {
532
549
  });
533
550
  }
534
551
  const isHumanPage = !pathname.startsWith("/api/") && !pathname.startsWith("/agent/") && !pathname.startsWith("/_next/") && !pathname.startsWith("/favicon");
535
- if (isHumanPage && agentScore(req) >= 0.5) {
552
+ const score = agentScore(req);
553
+ if (isHumanPage && score >= 0.5) {
536
554
  const registry = sdk.getIntentRegistry();
537
555
  const tools = Object.fromEntries(
538
- [...registry.entries()].map(([intent, entry]) => [intent, { routes: [...entry.routes] }])
556
+ [...registry.entries()].map(([intent, entry]) => [
557
+ intent,
558
+ { routes: [...entry.routes], token_url: `${baseUrl}/agent/v1/declare_intent?intent=${encodeURIComponent(intent)}` }
559
+ ])
539
560
  );
540
561
  void shipAudit2(cp, licenseKey, auditRow(sdk, req, pathname, 200, fp, {
541
562
  trust_mode: "unmanaged_automation",
@@ -543,7 +564,14 @@ function agentixMiddleware(sdk) {
543
564
  token_id: null,
544
565
  decision: "allow",
545
566
  decision_reason: "agent_redirected_to_lane",
546
- policy_id: "agent-detection"
567
+ policy_id: "agent-detection",
568
+ metadata: {
569
+ user_agent: req.headers.get("user-agent") ?? "",
570
+ agent_score: score,
571
+ has_sec_fetch: !!req.headers.get("sec-fetch-site"),
572
+ has_sec_ch_ua: !!req.headers.get("sec-ch-ua"),
573
+ accept: req.headers.get("accept") ?? ""
574
+ }
547
575
  }));
548
576
  return NextResponse.json({
549
577
  service: "agentix-intent-sdk",
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@agentix-security/nextjs",
3
- "version": "0.1.9",
3
+ "version": "0.1.11",
4
4
  "description": "Agentix Next.js adapter — AI agent intent-based authorization for Next.js apps",
5
5
  "type": "module",
6
6
  "main": "./dist/index.cjs",