@aithos/sdk 0.1.0-alpha.44 → 0.1.0-alpha.47
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/auth-api.d.ts +81 -0
- package/dist/src/auth-api.js +80 -0
- package/dist/src/auth.d.ts +84 -0
- package/dist/src/auth.js +133 -1
- package/dist/src/data.d.ts +184 -1
- package/dist/src/data.js +377 -29
- package/dist/src/index.d.ts +2 -2
- package/dist/src/index.js +1 -1
- package/dist/src/internal/envelope.d.ts +16 -0
- package/dist/src/internal/envelope.js +6 -0
- package/dist/src/mandates.d.ts +35 -1
- package/dist/src/mandates.js +45 -3
- package/package.json +1 -1
package/dist/src/mandates.js
CHANGED
|
@@ -64,6 +64,17 @@ export class MandatesNamespace {
|
|
|
64
64
|
`not by adding "${COMPUTE_INVOKE_SCOPE}" to scopes[]. The namespace forces ` +
|
|
65
65
|
`an explicit budget and is what a consent UI reviews.`);
|
|
66
66
|
}
|
|
67
|
+
// Fail fast on malformed data scopes so the misuse surfaces at the SDK
|
|
68
|
+
// boundary, not as an opaque server rejection at first delegate call.
|
|
69
|
+
// Accepts `data.<collection>.<action>` and the wildcard `data.*.<action>`.
|
|
70
|
+
for (const s of input.scopes) {
|
|
71
|
+
if (s.startsWith("data.") &&
|
|
72
|
+
!isWellFormedDataScope(s)) {
|
|
73
|
+
throw new AithosSDKError("mandates_invalid_scopes", `Malformed data scope "${s}". Expected data.<collection>.<action> ` +
|
|
74
|
+
`(action = read | write | admin), e.g. "data.contacts.read" or ` +
|
|
75
|
+
`"data.*.read". Collection names must not contain ".".`);
|
|
76
|
+
}
|
|
77
|
+
}
|
|
67
78
|
// Validate + project the compute namespace if present, then derive
|
|
68
79
|
// the final scopes/constraints to send to the protocol layer.
|
|
69
80
|
const computeProjection = projectCompute(input.compute);
|
|
@@ -207,11 +218,42 @@ export class MandatesNamespace {
|
|
|
207
218
|
/* Helpers */
|
|
208
219
|
/* -------------------------------------------------------------------------- */
|
|
209
220
|
function defaultSphereFromScopes(scopes) {
|
|
210
|
-
|
|
221
|
+
// Data scopes are sphere-NEUTRAL: they're permitted under self & circle (and
|
|
222
|
+
// public once the allowlist includes them), and the data access axis is the
|
|
223
|
+
// collection, not the sphere (the sphere is informative — see {@link DataScope}).
|
|
224
|
+
// So the actor_sphere of a combined Ethos+data mandate is decided by the
|
|
225
|
+
// ETHOS scopes alone; data scopes neither raise nor lower it. This makes
|
|
226
|
+
// `ethos.read.public + data.X.read` default to `public`, `ethos.read.circle
|
|
227
|
+
// + data.X.read` to `circle`, etc. A caller can always override via
|
|
228
|
+
// `actorSphere`.
|
|
229
|
+
const ethos = scopes.filter((s) => !s.startsWith("data."));
|
|
230
|
+
// Ethos write scopes pin the sphere EXACTLY (a write mandate must be signed
|
|
231
|
+
// by the sphere it writes to — `validateScopesAgainstSphere`).
|
|
232
|
+
if (ethos.some((s) => s === "ethos.write.public"))
|
|
233
|
+
return "public";
|
|
234
|
+
if (ethos.some((s) => s === "ethos.write.circle"))
|
|
235
|
+
return "circle";
|
|
236
|
+
if (ethos.some((s) => s === "ethos.write.self"))
|
|
211
237
|
return "self";
|
|
212
|
-
|
|
238
|
+
// Ethos read scopes: narrowest sphere that permits them.
|
|
239
|
+
if (ethos.some((s) => s.endsWith(".self")))
|
|
240
|
+
return "self";
|
|
241
|
+
if (ethos.some((s) => s.endsWith(".circle")))
|
|
213
242
|
return "circle";
|
|
214
|
-
|
|
243
|
+
// Remaining Ethos scopes (ethos.read.public / .all / gamma.read) → public.
|
|
244
|
+
if (ethos.length > 0)
|
|
245
|
+
return "public";
|
|
246
|
+
// Data-only mandate: sign under `self`. self is the owner's highest-trust
|
|
247
|
+
// sphere, always permits the scope at mint time (no dependency on the
|
|
248
|
+
// public-sphere allowlist), and keeps the data grant off the most-exposed
|
|
249
|
+
// #public key. (Override with `actorSphere` for a public/circle label.)
|
|
250
|
+
return "self";
|
|
251
|
+
}
|
|
252
|
+
/** `true` iff `s` is a well-formed data scope `data.<collection>.<action>`
|
|
253
|
+
* with no filter suffix and a non-empty, dot-free collection name. The
|
|
254
|
+
* lateral `append` action is accepted alongside read/write/admin. */
|
|
255
|
+
function isWellFormedDataScope(s) {
|
|
256
|
+
return /^data\.[^.]+\.(read|write|admin|append)$/.test(s);
|
|
215
257
|
}
|
|
216
258
|
/**
|
|
217
259
|
* Validate the SDK-side `compute` namespace and project it onto the
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aithos/sdk",
|
|
3
|
-
"version": "0.1.0-alpha.
|
|
3
|
+
"version": "0.1.0-alpha.47",
|
|
4
4
|
"description": "Aithos SDK — high-level TypeScript developer kit for building agentic apps on the Aithos protocol. Wraps @aithos/protocol-client and exposes the Aithos compute proxy and wallet (Stripe top-up) endpoints.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"aithos",
|