@astrasyncai/verification-gateway 2.0.1 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter-interface/interface.d.mts +2 -2
- package/dist/adapter-interface/interface.d.ts +2 -2
- package/dist/adapters/express.d.mts +2 -2
- package/dist/adapters/express.d.ts +2 -2
- package/dist/adapters/express.js +42 -20
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +42 -20
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/nextjs.d.mts +2 -2
- package/dist/adapters/nextjs.d.ts +2 -2
- package/dist/adapters/nextjs.js +43 -20
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +43 -20
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.d.mts +2 -2
- package/dist/adapters/sdk.d.ts +2 -2
- package/dist/adapters/sdk.js +25 -16
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +25 -16
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/agent/index.d.mts +2 -2
- package/dist/agent/index.d.ts +2 -2
- package/dist/agent/index.js +100 -1
- package/dist/agent/index.js.map +1 -1
- package/dist/agent/index.mjs +101 -1
- package/dist/agent/index.mjs.map +1 -1
- package/dist/browser/background.js +58 -16
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +61 -16
- package/dist/browser/background.mjs.map +1 -1
- package/dist/browser/browser-adapter.d.mts +2 -2
- package/dist/browser/browser-adapter.d.ts +2 -2
- package/dist/cli/index.d.mts +2 -2
- package/dist/cli/index.d.ts +2 -2
- package/dist/cursor/cursor-adapter.d.mts +2 -2
- package/dist/cursor/cursor-adapter.d.ts +2 -2
- package/dist/cursor/extension.d.mts +2 -2
- package/dist/cursor/extension.d.ts +2 -2
- package/dist/cursor/extension.js +58 -16
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +61 -16
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/{express-CtwDIZyF.d.mts → express-C9KqJNWV.d.mts} +1 -1
- package/dist/{express-Bcl-uBUE.d.ts → express-DpwYW08E.d.ts} +1 -1
- package/dist/gateway/gateway.d.mts +2 -2
- package/dist/gateway/gateway.d.ts +2 -2
- package/dist/gateway/gateway.js +58 -16
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +61 -16
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/git-trigger/git-hooks.d.mts +2 -2
- package/dist/git-trigger/git-hooks.d.ts +2 -2
- package/dist/{index-BY8yQ8N8.d.mts → index-BMZdjGT4.d.mts} +46 -3
- package/dist/index-DlsYN3Et.d.mts +1397 -0
- package/dist/{index-CtYSYwn3.d.ts → index-Dm2xA6j1.d.ts} +46 -3
- package/dist/index-gM-lgX_X.d.ts +1397 -0
- package/dist/index.d.mts +8 -7
- package/dist/index.d.ts +8 -7
- package/dist/index.js +2489 -66
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +2492 -66
- package/dist/index.mjs.map +1 -1
- package/dist/local-evaluator/evaluator.d.mts +2 -2
- package/dist/local-evaluator/evaluator.d.ts +2 -2
- package/dist/{nextjs-BQyMCSx_.d.mts → nextjs-BEqidT0U.d.mts} +1 -1
- package/dist/{nextjs-CEldnIJ9.d.ts → nextjs-yNzimC3a.d.ts} +1 -1
- package/dist/{sdk-BhvuJSrH.d.mts → sdk-7fa9H0qa.d.mts} +1 -1
- package/dist/{sdk-BlyVSC_S.d.ts → sdk-CP9C9Qu0.d.ts} +1 -1
- package/dist/transport/index.d.mts +3 -2
- package/dist/transport/index.d.ts +3 -2
- package/dist/transport/index.js +2384 -2
- package/dist/transport/index.js.map +1 -1
- package/dist/transport/index.mjs +2327 -1
- package/dist/transport/index.mjs.map +1 -1
- package/dist/{types-CxQwJKbd.d.mts → types-CrVMq_Td.d.mts} +30 -3
- package/dist/{types-CxQwJKbd.d.ts → types-CrVMq_Td.d.ts} +30 -3
- package/dist/{types-jJnPXStc.d.mts → types-DE0ooQJ6.d.mts} +1 -1
- package/dist/{types-79qS7aON.d.ts → types-rigu2bH3.d.ts} +1 -1
- package/dist/ui/index.d.mts +1 -1
- package/dist/ui/index.d.ts +1 -1
- package/package.json +17 -3
- package/dist/index-B1ThcGZl.d.mts +0 -89
- package/dist/index-DnoXfdFd.d.ts +0 -89
|
@@ -3369,21 +3369,33 @@ async function callVerifyAccessAPI(config, request) {
|
|
|
3369
3369
|
if (requestData.isSubAgentRequest) body.isSubAgentRequest = requestData.isSubAgentRequest;
|
|
3370
3370
|
if (requestData.parentAgentId) body.parentAgentId = requestData.parentAgentId;
|
|
3371
3371
|
if (requestData.subAgentDepth !== void 0) body.subAgentDepth = requestData.subAgentDepth;
|
|
3372
|
-
if (requestData.enableRuntimeChallenge)
|
|
3372
|
+
if (requestData.enableRuntimeChallenge)
|
|
3373
|
+
body.enableRuntimeChallenge = requestData.enableRuntimeChallenge;
|
|
3373
3374
|
if (requestData.createSession) body.createSession = requestData.createSession;
|
|
3374
3375
|
if (requestData.durationRequired) body.durationRequired = requestData.durationRequired;
|
|
3375
3376
|
if (requestData.counterpartyType) body.counterpartyType = requestData.counterpartyType;
|
|
3376
3377
|
if (requestData.counterpartyUrl) body.counterpartyUrl = requestData.counterpartyUrl;
|
|
3377
|
-
if (requestData.runtimeChallengeOptions)
|
|
3378
|
+
if (requestData.runtimeChallengeOptions)
|
|
3379
|
+
body.runtimeChallengeOptions = requestData.runtimeChallengeOptions;
|
|
3380
|
+
if (requestData.callerMetadata || requestData.clientIp || requestData.userAgent) {
|
|
3381
|
+
const meta = {
|
|
3382
|
+
...requestData.clientIp && { sourceIp: requestData.clientIp },
|
|
3383
|
+
...requestData.userAgent && { userAgent: requestData.userAgent },
|
|
3384
|
+
...requestData.callerMetadata
|
|
3385
|
+
};
|
|
3386
|
+
if (Object.keys(meta).length > 0) body.callerMetadata = meta;
|
|
3387
|
+
}
|
|
3378
3388
|
const headers = {
|
|
3379
3389
|
"Content-Type": "application/json",
|
|
3380
3390
|
...config.customHeaders
|
|
3381
3391
|
};
|
|
3382
|
-
if (config.apiKey) {
|
|
3383
|
-
headers["X-API-Key"] = config.apiKey;
|
|
3384
|
-
}
|
|
3385
3392
|
if (credentials.authorizationHeader) {
|
|
3386
3393
|
headers["Authorization"] = credentials.authorizationHeader;
|
|
3394
|
+
} else if (config.apiKey) {
|
|
3395
|
+
headers["Authorization"] = `Bearer ${config.apiKey}`;
|
|
3396
|
+
}
|
|
3397
|
+
if (config.apiKey) {
|
|
3398
|
+
headers["X-API-Key"] = config.apiKey;
|
|
3387
3399
|
}
|
|
3388
3400
|
try {
|
|
3389
3401
|
const response = await fetch(`${config.apiBaseUrl}/agents/verify-access`, {
|
|
@@ -3484,16 +3496,11 @@ async function verify(config, request) {
|
|
|
3484
3496
|
} : void 0;
|
|
3485
3497
|
const trustScore = agent?.trustScore || 0;
|
|
3486
3498
|
const isOrgMember = false;
|
|
3487
|
-
const accessLevel = determineAccessLevel(
|
|
3488
|
-
|
|
3489
|
-
|
|
3490
|
-
|
|
3491
|
-
|
|
3492
|
-
"read-only": 20,
|
|
3493
|
-
standard: mergedConfig.minTrustScore || 40,
|
|
3494
|
-
full: mergedConfig.minTrustScoreForFull || 70
|
|
3495
|
-
}
|
|
3496
|
-
);
|
|
3499
|
+
const accessLevel = determineAccessLevel(true, trustScore, isOrgMember, {
|
|
3500
|
+
"read-only": 20,
|
|
3501
|
+
standard: mergedConfig.minTrustScore || 40,
|
|
3502
|
+
full: mergedConfig.minTrustScoreForFull || 70
|
|
3503
|
+
});
|
|
3497
3504
|
const result = {
|
|
3498
3505
|
verified: true,
|
|
3499
3506
|
accessLevel,
|
|
@@ -3515,7 +3522,9 @@ async function verify(config, request) {
|
|
|
3515
3522
|
if (result.recommendation === "deny") {
|
|
3516
3523
|
result.verified = false;
|
|
3517
3524
|
result.accessLevel = "none";
|
|
3518
|
-
result.denialReasons = result.recommendationReasons || [
|
|
3525
|
+
result.denialReasons = result.recommendationReasons || [
|
|
3526
|
+
"Access denied by AstraSync recommendation"
|
|
3527
|
+
];
|
|
3519
3528
|
if (result.runtimeChallenge) {
|
|
3520
3529
|
result.guidance = {
|
|
3521
3530
|
message: `Verification failed: ${result.runtimeChallenge.reason || "runtime challenge failed"}`,
|
|
@@ -3536,6 +3545,42 @@ async function verify(config, request) {
|
|
|
3536
3545
|
return result;
|
|
3537
3546
|
}
|
|
3538
3547
|
|
|
3548
|
+
// src/transport/rfc9421.ts
|
|
3549
|
+
import { parseDictionary } from "structured-headers";
|
|
3550
|
+
|
|
3551
|
+
// src/transport/rfc9421-verify.ts
|
|
3552
|
+
import { httpbis } from "http-message-signatures";
|
|
3553
|
+
|
|
3554
|
+
// src/transport/vi.ts
|
|
3555
|
+
import { splitSdJwt, decodeSdJwtSync } from "@sd-jwt/decode";
|
|
3556
|
+
import { createHash } from "crypto";
|
|
3557
|
+
|
|
3558
|
+
// src/transport/stripe-webhook.ts
|
|
3559
|
+
import { createHmac, timingSafeEqual } from "crypto";
|
|
3560
|
+
|
|
3561
|
+
// src/transport/ap2.ts
|
|
3562
|
+
import { decodeSdJwtSync as decodeSdJwtSync2 } from "@sd-jwt/decode";
|
|
3563
|
+
import { createHash as createHash2 } from "crypto";
|
|
3564
|
+
|
|
3565
|
+
// src/transport/mpp.ts
|
|
3566
|
+
import { Challenge, Credential, Receipt } from "mppx";
|
|
3567
|
+
|
|
3568
|
+
// src/transport/mpp-verify.ts
|
|
3569
|
+
import { BodyDigest } from "mppx";
|
|
3570
|
+
|
|
3571
|
+
// src/transport/x402.ts
|
|
3572
|
+
import {
|
|
3573
|
+
validatePaymentRequired,
|
|
3574
|
+
validatePaymentPayload
|
|
3575
|
+
} from "@x402/core/schemas";
|
|
3576
|
+
import { safeBase64Decode } from "@x402/core/utils";
|
|
3577
|
+
|
|
3578
|
+
// src/transport/vi-verify.ts
|
|
3579
|
+
import { createHash as createHash3, webcrypto } from "crypto";
|
|
3580
|
+
|
|
3581
|
+
// src/transport/registry/visa.ts
|
|
3582
|
+
import { createRemoteJWKSet } from "jose";
|
|
3583
|
+
|
|
3539
3584
|
// src/gateway/modes/online.ts
|
|
3540
3585
|
function toGatewayConfig(config) {
|
|
3541
3586
|
return {
|