@astrasyncai/verification-gateway 1.1.0 → 2.0.1

package/dist/index-B1ThcGZl.d.mts

@@ -0,0 +1,89 @@
+import { A as AstraSyncCredentials, g as ProtocolTransport } from './types-CxQwJKbd.mjs';
+
+/**
+ * HTTP Transport Adapter
+ *
+ * Maps AstraSync credentials to/from HTTP headers (X-Astra-* convention).
+ */
+
+/**
+ * Inject AstraSync credentials into HTTP headers.
+ */
+declare function setHttpHeaders(headers: Record<string, string>, credentials: AstraSyncCredentials): Record<string, string>;
+/**
+ * Extract AstraSync credentials from HTTP headers.
+ */
+declare function extractHttpCredentials(headers: Record<string, string | string[] | undefined>): AstraSyncCredentials | null;
+
+/**
+ * A2A (Agent-to-Agent) Transport Adapter
+ *
+ * Maps AstraSync credentials to/from A2A task metadata.astrasync block.
+ */
+
+interface A2ATask {
+    metadata?: Record<string, unknown>;
+    [key: string]: unknown;
+}
+/**
+ * Add AstraSync credentials to an A2A task's metadata block.
+ */
+declare function setA2AMetadata(task: A2ATask, credentials: AstraSyncCredentials): A2ATask;
+/**
+ * Extract AstraSync credentials from an A2A task's metadata block.
+ */
+declare function extractA2ACredentials(task: A2ATask): AstraSyncCredentials | null;
+
+/**
+ * MCP (Model Context Protocol) Transport Adapter
+ *
+ * Maps AstraSync credentials to/from MCP params._meta.astrasync block.
+ */
+
+interface McpParams {
+    _meta?: Record<string, unknown>;
+    [key: string]: unknown;
+}
+/**
+ * Add AstraSync credentials to MCP params' _meta block.
+ */
+declare function setMcpMeta(params: McpParams, credentials: AstraSyncCredentials): McpParams;
+/**
+ * Extract AstraSync credentials from MCP params' _meta block.
+ */
+declare function extractMcpCredentials(params: McpParams): AstraSyncCredentials | null;
+
+/**
+ * Cross-Protocol Transport Module
+ *
+ * Provides adapters for injecting/extracting AstraSync credentials
+ * across HTTP, A2A, and MCP protocols.
+ */
+
+/**
+ * Auto-detect protocol from request/context shape.
+ */
+declare function detectProtocol(context: Record<string, unknown>): ProtocolTransport;
+/**
+ * Apply credentials to any protocol target.
+ */
+declare function applyCredentials(protocol: ProtocolTransport, target: Record<string, unknown>, credentials: AstraSyncCredentials): Record<string, unknown>;
+/**
+ * Extract credentials from any protocol context.
+ */
+declare function extractCredentialsFromProtocol(protocol: ProtocolTransport, context: Record<string, unknown>): AstraSyncCredentials | null;
+
+declare const index_applyCredentials: typeof applyCredentials;
+declare const index_detectProtocol: typeof detectProtocol;
+declare const index_extractA2ACredentials: typeof extractA2ACredentials;
+declare const index_extractCredentialsFromProtocol: typeof extractCredentialsFromProtocol;
+declare const index_extractHttpCredentials: typeof extractHttpCredentials;
+declare const index_extractMcpCredentials: typeof extractMcpCredentials;
+declare const index_setA2AMetadata: typeof setA2AMetadata;
+declare const index_setHttpHeaders: typeof setHttpHeaders;
+declare const index_setMcpMeta: typeof setMcpMeta;
+declare namespace index {
+  export { index_applyCredentials as applyCredentials, index_detectProtocol as detectProtocol, index_extractA2ACredentials as extractA2ACredentials, index_extractCredentialsFromProtocol as extractCredentialsFromProtocol, index_extractHttpCredentials as extractHttpCredentials, index_extractMcpCredentials as extractMcpCredentials, index_setA2AMetadata as setA2AMetadata, index_setHttpHeaders as setHttpHeaders, index_setMcpMeta as setMcpMeta };
+}
+
+export { applyCredentials as a, extractCredentialsFromProtocol as b, extractHttpCredentials as c, detectProtocol as d, extractA2ACredentials as e, extractMcpCredentials as f, setHttpHeaders as g, setMcpMeta as h, index as i, setA2AMetadata as s };

package/dist/index-BY8yQ8N8.d.mts

@@ -0,0 +1,206 @@
+import { A as AstraSyncCredentials, g as ProtocolTransport, G as GatewayConfig } from './types-CxQwJKbd.mjs';
+
+/**
+ * AgentClient — Credential Presentation
+ *
+ * Agent-side SDK for automatically injecting AstraSync credentials
+ * into outgoing requests across all supported protocols.
+ */
+
+interface AgentClientConfig {
+    agentId: string;
+    verifyUrl?: string;
+    challengeUrl?: string;
+    pdlss?: AstraSyncCredentials['pdlss'];
+}
+interface FetchOptions extends RequestInit {
+    purpose?: string;
+    action?: string;
+}
+declare class AgentClient {
+    private credentials;
+    constructor(config: AgentClientConfig);
+    /**
+     * Make an HTTP request with AstraSync headers automatically injected.
+     */
+    fetch(url: string, options?: FetchOptions): Promise<Response>;
+    /**
+     * Prepare A2A task metadata with AstraSync credentials.
+     */
+    prepareA2AMetadata(task: Record<string, unknown>, overrides?: {
+        purpose?: string;
+        action?: string;
+    }): Record<string, unknown>;
+    /**
+     * Prepare MCP params with AstraSync _meta.
+     */
+    prepareMcpMeta(params: Record<string, unknown>, overrides?: {
+        purpose?: string;
+        action?: string;
+    }): Record<string, unknown>;
+    /**
+     * Generic: apply credentials to any protocol.
+     */
+    applyCredentials(protocol: ProtocolTransport, target: Record<string, unknown>, overrides?: {
+        purpose?: string;
+        action?: string;
+    }): Record<string, unknown>;
+    private buildCredentials;
+}
+
+/**
+ * ChallengeHandler — Agent-Side Runtime Challenge Responder
+ *
+ * Handles incoming runtime challenges from AstraSync's verification service.
+ * Agents register pending counterparties before initiating contact,
+ * then this handler validates and responds to challenges.
+ */
+interface ChallengeResponse {
+    status: number;
+    body: {
+        challengeId: string;
+        acknowledged: boolean;
+        pendingCounterparties: string[];
+        respondedAt: string;
+        error?: string;
+    };
+}
+interface ChallengeHandlerConfig {
+    agentId: string;
+}
+declare class ChallengeHandler {
+    private agentId;
+    private pendingCounterparties;
+    constructor(config: ChallengeHandlerConfig);
+    /**
+     * Register a counterparty as pending (before initiating contact).
+     */
+    registerPending(counterpartyId: string): void;
+    /**
+     * Remove a counterparty from pending list (after interaction complete).
+     */
+    removePending(counterpartyId: string): void;
+    /**
+     * Get current pending counterparties list.
+     */
+    getPendingList(): string[];
+    /**
+     * Express middleware for the challenge endpoint.
+     * Mount at: app.post('/astrasync/challenge', handler.expressMiddleware())
+     */
+    expressMiddleware(): (req: {
+        body: unknown;
+    }, res: {
+        status: (code: number) => {
+            json: (body: unknown) => void;
+        };
+    }) => void;
+    /**
+     * Generic handler (framework-agnostic).
+     * Returns { status, body } for the caller to send.
+     */
+    handleChallenge(body: unknown): ChallengeResponse;
+}
+
+/**
+ * PDLSS Formatter — Transport Format Conversion
+ *
+ * Converts between full PDLSS boundaries and compact transport format
+ * used in HTTP headers, A2A metadata, and MCP _meta blocks.
+ */
+
+/**
+ * Full PDLSS configuration (as returned by the backend).
+ */
+interface PDLSSConfig {
+    purpose?: {
+        categories?: string[];
+        allowedActions?: string[];
+        deniedActions?: string[];
+    };
+    duration?: {
+        maxSessionDuration?: number;
+        ttl?: number;
+        allowedDays?: number[];
+        allowedHours?: {
+            start: number;
+            end: number;
+        };
+    };
+    limits?: {
+        autonomousThreshold?: number;
+        stepUpThreshold?: number;
+        approvalThreshold?: number;
+        currency?: string;
+    };
+    scope?: {
+        jurisdictions?: string[];
+        resources?: string[];
+        resourceTypes?: string[];
+    };
+    selfInstantiation?: {
+        allowed: boolean;
+        maxDepth?: number;
+        maxSubAgents?: number;
+    };
+}
+/**
+ * Compact transport format (embedded in headers/metadata).
+ */
+type TransportPDLSS = NonNullable<AstraSyncCredentials['pdlss']>;
+/**
+ * Convert full PDLSS boundaries into compact transport format.
+ * Used by AgentClient when building credential headers/metadata.
+ */
+declare function formatPDLSSForTransport(pdlss: PDLSSConfig): TransportPDLSS;
+/**
+ * Parse transport format back into full PDLSS config.
+ * Used by counterparty-side when receiving credentials.
+ */
+declare function parsePDLSSFromTransport(transport: TransportPDLSS): PDLSSConfig;
+
+/**
+ * Decision Client — Counterparty-Side Decision Recording
+ *
+ * Helper for counterparties to record their grant/deny decisions
+ * back to AstraSync after receiving a verification result.
+ */
+
+interface RecordDecisionParams {
+    sessionId: string;
+    decision: 'granted' | 'denied';
+    reason?: string;
+    tokenIssued?: boolean;
+    auditId?: string;
+}
+interface RecordDecisionResult {
+    recorded: boolean;
+    blockchainTxHash?: string;
+}
+/**
+ * Record a counterparty's grant/deny decision for a verification session.
+ * POST to /agents/verify-access/:sessionId/decision
+ */
+declare function recordDecision(config: GatewayConfig, params: RecordDecisionParams): Promise<RecordDecisionResult>;
+
+/**
+ * Agent-Side SDK Module
+ *
+ * Tools for AI agents to present credentials, handle challenges,
+ * and interact with the AstraSync verification protocol.
+ */
+
+type index_AgentClient = AgentClient;
+declare const index_AgentClient: typeof AgentClient;
+type index_ChallengeHandler = ChallengeHandler;
+declare const index_ChallengeHandler: typeof ChallengeHandler;
+type index_PDLSSConfig = PDLSSConfig;
+type index_TransportPDLSS = TransportPDLSS;
+declare const index_formatPDLSSForTransport: typeof formatPDLSSForTransport;
+declare const index_parsePDLSSFromTransport: typeof parsePDLSSFromTransport;
+declare const index_recordDecision: typeof recordDecision;
+declare namespace index {
+  export { index_AgentClient as AgentClient, index_ChallengeHandler as ChallengeHandler, type index_PDLSSConfig as PDLSSConfig, type index_TransportPDLSS as TransportPDLSS, index_formatPDLSSForTransport as formatPDLSSForTransport, index_parsePDLSSFromTransport as parsePDLSSFromTransport, index_recordDecision as recordDecision };
+}
+
+export { AgentClient as A, ChallengeHandler as C, type PDLSSConfig as P, type TransportPDLSS as T, formatPDLSSForTransport as f, index as i, parsePDLSSFromTransport as p, recordDecision as r };

package/dist/index-CtYSYwn3.d.ts

@@ -0,0 +1,206 @@
+import { A as AstraSyncCredentials, g as ProtocolTransport, G as GatewayConfig } from './types-CxQwJKbd.js';
+
+/**
+ * AgentClient — Credential Presentation
+ *
+ * Agent-side SDK for automatically injecting AstraSync credentials
+ * into outgoing requests across all supported protocols.
+ */
+
+interface AgentClientConfig {
+    agentId: string;
+    verifyUrl?: string;
+    challengeUrl?: string;
+    pdlss?: AstraSyncCredentials['pdlss'];
+}
+interface FetchOptions extends RequestInit {
+    purpose?: string;
+    action?: string;
+}
+declare class AgentClient {
+    private credentials;
+    constructor(config: AgentClientConfig);
+    /**
+     * Make an HTTP request with AstraSync headers automatically injected.
+     */
+    fetch(url: string, options?: FetchOptions): Promise<Response>;
+    /**
+     * Prepare A2A task metadata with AstraSync credentials.
+     */
+    prepareA2AMetadata(task: Record<string, unknown>, overrides?: {
+        purpose?: string;
+        action?: string;
+    }): Record<string, unknown>;
+    /**
+     * Prepare MCP params with AstraSync _meta.
+     */
+    prepareMcpMeta(params: Record<string, unknown>, overrides?: {
+        purpose?: string;
+        action?: string;
+    }): Record<string, unknown>;
+    /**
+     * Generic: apply credentials to any protocol.
+     */
+    applyCredentials(protocol: ProtocolTransport, target: Record<string, unknown>, overrides?: {
+        purpose?: string;
+        action?: string;
+    }): Record<string, unknown>;
+    private buildCredentials;
+}
+
+/**
+ * ChallengeHandler — Agent-Side Runtime Challenge Responder
+ *
+ * Handles incoming runtime challenges from AstraSync's verification service.
+ * Agents register pending counterparties before initiating contact,
+ * then this handler validates and responds to challenges.
+ */
+interface ChallengeResponse {
+    status: number;
+    body: {
+        challengeId: string;
+        acknowledged: boolean;
+        pendingCounterparties: string[];
+        respondedAt: string;
+        error?: string;
+    };
+}
+interface ChallengeHandlerConfig {
+    agentId: string;
+}
+declare class ChallengeHandler {
+    private agentId;
+    private pendingCounterparties;
+    constructor(config: ChallengeHandlerConfig);
+    /**
+     * Register a counterparty as pending (before initiating contact).
+     */
+    registerPending(counterpartyId: string): void;
+    /**
+     * Remove a counterparty from pending list (after interaction complete).
+     */
+    removePending(counterpartyId: string): void;
+    /**
+     * Get current pending counterparties list.
+     */
+    getPendingList(): string[];
+    /**
+     * Express middleware for the challenge endpoint.
+     * Mount at: app.post('/astrasync/challenge', handler.expressMiddleware())
+     */
+    expressMiddleware(): (req: {
+        body: unknown;
+    }, res: {
+        status: (code: number) => {
+            json: (body: unknown) => void;
+        };
+    }) => void;
+    /**
+     * Generic handler (framework-agnostic).
+     * Returns { status, body } for the caller to send.
+     */
+    handleChallenge(body: unknown): ChallengeResponse;
+}
+
+/**
+ * PDLSS Formatter — Transport Format Conversion
+ *
+ * Converts between full PDLSS boundaries and compact transport format
+ * used in HTTP headers, A2A metadata, and MCP _meta blocks.
+ */
+
+/**
+ * Full PDLSS configuration (as returned by the backend).
+ */
+interface PDLSSConfig {
+    purpose?: {
+        categories?: string[];
+        allowedActions?: string[];
+        deniedActions?: string[];
+    };
+    duration?: {
+        maxSessionDuration?: number;
+        ttl?: number;
+        allowedDays?: number[];
+        allowedHours?: {
+            start: number;
+            end: number;
+        };
+    };
+    limits?: {
+        autonomousThreshold?: number;
+        stepUpThreshold?: number;
+        approvalThreshold?: number;
+        currency?: string;
+    };
+    scope?: {
+        jurisdictions?: string[];
+        resources?: string[];
+        resourceTypes?: string[];
+    };
+    selfInstantiation?: {
+        allowed: boolean;
+        maxDepth?: number;
+        maxSubAgents?: number;
+    };
+}
+/**
+ * Compact transport format (embedded in headers/metadata).
+ */
+type TransportPDLSS = NonNullable<AstraSyncCredentials['pdlss']>;
+/**
+ * Convert full PDLSS boundaries into compact transport format.
+ * Used by AgentClient when building credential headers/metadata.
+ */
+declare function formatPDLSSForTransport(pdlss: PDLSSConfig): TransportPDLSS;
+/**
+ * Parse transport format back into full PDLSS config.
+ * Used by counterparty-side when receiving credentials.
+ */
+declare function parsePDLSSFromTransport(transport: TransportPDLSS): PDLSSConfig;
+
+/**
+ * Decision Client — Counterparty-Side Decision Recording
+ *
+ * Helper for counterparties to record their grant/deny decisions
+ * back to AstraSync after receiving a verification result.
+ */
+
+interface RecordDecisionParams {
+    sessionId: string;
+    decision: 'granted' | 'denied';
+    reason?: string;
+    tokenIssued?: boolean;
+    auditId?: string;
+}
+interface RecordDecisionResult {
+    recorded: boolean;
+    blockchainTxHash?: string;
+}
+/**
+ * Record a counterparty's grant/deny decision for a verification session.
+ * POST to /agents/verify-access/:sessionId/decision
+ */
+declare function recordDecision(config: GatewayConfig, params: RecordDecisionParams): Promise<RecordDecisionResult>;
+
+/**
+ * Agent-Side SDK Module
+ *
+ * Tools for AI agents to present credentials, handle challenges,
+ * and interact with the AstraSync verification protocol.
+ */
+
+type index_AgentClient = AgentClient;
+declare const index_AgentClient: typeof AgentClient;
+type index_ChallengeHandler = ChallengeHandler;
+declare const index_ChallengeHandler: typeof ChallengeHandler;
+type index_PDLSSConfig = PDLSSConfig;
+type index_TransportPDLSS = TransportPDLSS;
+declare const index_formatPDLSSForTransport: typeof formatPDLSSForTransport;
+declare const index_parsePDLSSFromTransport: typeof parsePDLSSFromTransport;
+declare const index_recordDecision: typeof recordDecision;
+declare namespace index {
+  export { index_AgentClient as AgentClient, index_ChallengeHandler as ChallengeHandler, type index_PDLSSConfig as PDLSSConfig, type index_TransportPDLSS as TransportPDLSS, index_formatPDLSSForTransport as formatPDLSSForTransport, index_parsePDLSSFromTransport as parsePDLSSFromTransport, index_recordDecision as recordDecision };
+}
+
+export { AgentClient as A, ChallengeHandler as C, type PDLSSConfig as P, type TransportPDLSS as T, formatPDLSSForTransport as f, index as i, parsePDLSSFromTransport as p, recordDecision as r };

package/dist/index-DnoXfdFd.d.ts

@@ -0,0 +1,89 @@
+import { A as AstraSyncCredentials, g as ProtocolTransport } from './types-CxQwJKbd.js';
+
+/**
+ * HTTP Transport Adapter
+ *
+ * Maps AstraSync credentials to/from HTTP headers (X-Astra-* convention).
+ */
+
+/**
+ * Inject AstraSync credentials into HTTP headers.
+ */
+declare function setHttpHeaders(headers: Record<string, string>, credentials: AstraSyncCredentials): Record<string, string>;
+/**
+ * Extract AstraSync credentials from HTTP headers.
+ */
+declare function extractHttpCredentials(headers: Record<string, string | string[] | undefined>): AstraSyncCredentials | null;
+
+/**
+ * A2A (Agent-to-Agent) Transport Adapter
+ *
+ * Maps AstraSync credentials to/from A2A task metadata.astrasync block.
+ */
+
+interface A2ATask {
+    metadata?: Record<string, unknown>;
+    [key: string]: unknown;
+}
+/**
+ * Add AstraSync credentials to an A2A task's metadata block.
+ */
+declare function setA2AMetadata(task: A2ATask, credentials: AstraSyncCredentials): A2ATask;
+/**
+ * Extract AstraSync credentials from an A2A task's metadata block.
+ */
+declare function extractA2ACredentials(task: A2ATask): AstraSyncCredentials | null;
+
+/**
+ * MCP (Model Context Protocol) Transport Adapter
+ *
+ * Maps AstraSync credentials to/from MCP params._meta.astrasync block.
+ */
+
+interface McpParams {
+    _meta?: Record<string, unknown>;
+    [key: string]: unknown;
+}
+/**
+ * Add AstraSync credentials to MCP params' _meta block.
+ */
+declare function setMcpMeta(params: McpParams, credentials: AstraSyncCredentials): McpParams;
+/**
+ * Extract AstraSync credentials from MCP params' _meta block.
+ */
+declare function extractMcpCredentials(params: McpParams): AstraSyncCredentials | null;
+
+/**
+ * Cross-Protocol Transport Module
+ *
+ * Provides adapters for injecting/extracting AstraSync credentials
+ * across HTTP, A2A, and MCP protocols.
+ */
+
+/**
+ * Auto-detect protocol from request/context shape.
+ */
+declare function detectProtocol(context: Record<string, unknown>): ProtocolTransport;
+/**
+ * Apply credentials to any protocol target.
+ */
+declare function applyCredentials(protocol: ProtocolTransport, target: Record<string, unknown>, credentials: AstraSyncCredentials): Record<string, unknown>;
+/**
+ * Extract credentials from any protocol context.
+ */
+declare function extractCredentialsFromProtocol(protocol: ProtocolTransport, context: Record<string, unknown>): AstraSyncCredentials | null;
+
+declare const index_applyCredentials: typeof applyCredentials;
+declare const index_detectProtocol: typeof detectProtocol;
+declare const index_extractA2ACredentials: typeof extractA2ACredentials;
+declare const index_extractCredentialsFromProtocol: typeof extractCredentialsFromProtocol;
+declare const index_extractHttpCredentials: typeof extractHttpCredentials;
+declare const index_extractMcpCredentials: typeof extractMcpCredentials;
+declare const index_setA2AMetadata: typeof setA2AMetadata;
+declare const index_setHttpHeaders: typeof setHttpHeaders;
+declare const index_setMcpMeta: typeof setMcpMeta;
+declare namespace index {
+  export { index_applyCredentials as applyCredentials, index_detectProtocol as detectProtocol, index_extractA2ACredentials as extractA2ACredentials, index_extractCredentialsFromProtocol as extractCredentialsFromProtocol, index_extractHttpCredentials as extractHttpCredentials, index_extractMcpCredentials as extractMcpCredentials, index_setA2AMetadata as setA2AMetadata, index_setHttpHeaders as setHttpHeaders, index_setMcpMeta as setMcpMeta };
+}
+
+export { applyCredentials as a, extractCredentialsFromProtocol as b, extractHttpCredentials as c, detectProtocol as d, extractA2ACredentials as e, extractMcpCredentials as f, setHttpHeaders as g, setMcpMeta as h, index as i, setA2AMetadata as s };