@astrasyncai/verification-gateway 2.0.1 → 2.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter-interface/interface.d.mts +2 -2
- package/dist/adapter-interface/interface.d.ts +2 -2
- package/dist/adapters/express.d.mts +2 -2
- package/dist/adapters/express.d.ts +2 -2
- package/dist/adapters/express.js +42 -20
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +42 -20
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/nextjs.d.mts +2 -2
- package/dist/adapters/nextjs.d.ts +2 -2
- package/dist/adapters/nextjs.js +43 -20
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +43 -20
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.d.mts +2 -2
- package/dist/adapters/sdk.d.ts +2 -2
- package/dist/adapters/sdk.js +25 -16
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +25 -16
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/agent/index.d.mts +2 -2
- package/dist/agent/index.d.ts +2 -2
- package/dist/agent/index.js +100 -1
- package/dist/agent/index.js.map +1 -1
- package/dist/agent/index.mjs +101 -1
- package/dist/agent/index.mjs.map +1 -1
- package/dist/browser/background.js +58 -16
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +61 -16
- package/dist/browser/background.mjs.map +1 -1
- package/dist/browser/browser-adapter.d.mts +2 -2
- package/dist/browser/browser-adapter.d.ts +2 -2
- package/dist/cli/index.d.mts +2 -2
- package/dist/cli/index.d.ts +2 -2
- package/dist/cursor/cursor-adapter.d.mts +2 -2
- package/dist/cursor/cursor-adapter.d.ts +2 -2
- package/dist/cursor/extension.d.mts +2 -2
- package/dist/cursor/extension.d.ts +2 -2
- package/dist/cursor/extension.js +58 -16
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +61 -16
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/{express-CtwDIZyF.d.mts → express-C9KqJNWV.d.mts} +1 -1
- package/dist/{express-Bcl-uBUE.d.ts → express-DpwYW08E.d.ts} +1 -1
- package/dist/gateway/gateway.d.mts +2 -2
- package/dist/gateway/gateway.d.ts +2 -2
- package/dist/gateway/gateway.js +58 -16
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +61 -16
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/git-trigger/git-hooks.d.mts +2 -2
- package/dist/git-trigger/git-hooks.d.ts +2 -2
- package/dist/{index-BY8yQ8N8.d.mts → index-BMZdjGT4.d.mts} +46 -3
- package/dist/index-DlsYN3Et.d.mts +1397 -0
- package/dist/{index-CtYSYwn3.d.ts → index-Dm2xA6j1.d.ts} +46 -3
- package/dist/index-gM-lgX_X.d.ts +1397 -0
- package/dist/index.d.mts +8 -7
- package/dist/index.d.ts +8 -7
- package/dist/index.js +2489 -66
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +2492 -66
- package/dist/index.mjs.map +1 -1
- package/dist/local-evaluator/evaluator.d.mts +2 -2
- package/dist/local-evaluator/evaluator.d.ts +2 -2
- package/dist/{nextjs-BQyMCSx_.d.mts → nextjs-BEqidT0U.d.mts} +1 -1
- package/dist/{nextjs-CEldnIJ9.d.ts → nextjs-yNzimC3a.d.ts} +1 -1
- package/dist/{sdk-BhvuJSrH.d.mts → sdk-7fa9H0qa.d.mts} +1 -1
- package/dist/{sdk-BlyVSC_S.d.ts → sdk-CP9C9Qu0.d.ts} +1 -1
- package/dist/transport/index.d.mts +3 -2
- package/dist/transport/index.d.ts +3 -2
- package/dist/transport/index.js +2384 -2
- package/dist/transport/index.js.map +1 -1
- package/dist/transport/index.mjs +2327 -1
- package/dist/transport/index.mjs.map +1 -1
- package/dist/{types-CxQwJKbd.d.mts → types-CrVMq_Td.d.mts} +30 -3
- package/dist/{types-CxQwJKbd.d.ts → types-CrVMq_Td.d.ts} +30 -3
- package/dist/{types-jJnPXStc.d.mts → types-DE0ooQJ6.d.mts} +1 -1
- package/dist/{types-79qS7aON.d.ts → types-rigu2bH3.d.ts} +1 -1
- package/dist/ui/index.d.mts +1 -1
- package/dist/ui/index.d.ts +1 -1
- package/package.json +17 -3
- package/dist/index-B1ThcGZl.d.mts +0 -89
- package/dist/index-DnoXfdFd.d.ts +0 -89
package/dist/gateway/gateway.mjs
CHANGED
|
@@ -3126,21 +3126,33 @@ async function callVerifyAccessAPI(config, request) {
|
|
|
3126
3126
|
if (requestData.isSubAgentRequest) body.isSubAgentRequest = requestData.isSubAgentRequest;
|
|
3127
3127
|
if (requestData.parentAgentId) body.parentAgentId = requestData.parentAgentId;
|
|
3128
3128
|
if (requestData.subAgentDepth !== void 0) body.subAgentDepth = requestData.subAgentDepth;
|
|
3129
|
-
if (requestData.enableRuntimeChallenge)
|
|
3129
|
+
if (requestData.enableRuntimeChallenge)
|
|
3130
|
+
body.enableRuntimeChallenge = requestData.enableRuntimeChallenge;
|
|
3130
3131
|
if (requestData.createSession) body.createSession = requestData.createSession;
|
|
3131
3132
|
if (requestData.durationRequired) body.durationRequired = requestData.durationRequired;
|
|
3132
3133
|
if (requestData.counterpartyType) body.counterpartyType = requestData.counterpartyType;
|
|
3133
3134
|
if (requestData.counterpartyUrl) body.counterpartyUrl = requestData.counterpartyUrl;
|
|
3134
|
-
if (requestData.runtimeChallengeOptions)
|
|
3135
|
+
if (requestData.runtimeChallengeOptions)
|
|
3136
|
+
body.runtimeChallengeOptions = requestData.runtimeChallengeOptions;
|
|
3137
|
+
if (requestData.callerMetadata || requestData.clientIp || requestData.userAgent) {
|
|
3138
|
+
const meta = {
|
|
3139
|
+
...requestData.clientIp && { sourceIp: requestData.clientIp },
|
|
3140
|
+
...requestData.userAgent && { userAgent: requestData.userAgent },
|
|
3141
|
+
...requestData.callerMetadata
|
|
3142
|
+
};
|
|
3143
|
+
if (Object.keys(meta).length > 0) body.callerMetadata = meta;
|
|
3144
|
+
}
|
|
3135
3145
|
const headers = {
|
|
3136
3146
|
"Content-Type": "application/json",
|
|
3137
3147
|
...config.customHeaders
|
|
3138
3148
|
};
|
|
3139
|
-
if (config.apiKey) {
|
|
3140
|
-
headers["X-API-Key"] = config.apiKey;
|
|
3141
|
-
}
|
|
3142
3149
|
if (credentials.authorizationHeader) {
|
|
3143
3150
|
headers["Authorization"] = credentials.authorizationHeader;
|
|
3151
|
+
} else if (config.apiKey) {
|
|
3152
|
+
headers["Authorization"] = `Bearer ${config.apiKey}`;
|
|
3153
|
+
}
|
|
3154
|
+
if (config.apiKey) {
|
|
3155
|
+
headers["X-API-Key"] = config.apiKey;
|
|
3144
3156
|
}
|
|
3145
3157
|
try {
|
|
3146
3158
|
const response = await fetch(`${config.apiBaseUrl}/agents/verify-access`, {
|
|
@@ -3241,16 +3253,11 @@ async function verify(config, request) {
|
|
|
3241
3253
|
} : void 0;
|
|
3242
3254
|
const trustScore = agent?.trustScore || 0;
|
|
3243
3255
|
const isOrgMember = false;
|
|
3244
|
-
const accessLevel = determineAccessLevel(
|
|
3245
|
-
|
|
3246
|
-
|
|
3247
|
-
|
|
3248
|
-
|
|
3249
|
-
"read-only": 20,
|
|
3250
|
-
standard: mergedConfig.minTrustScore || 40,
|
|
3251
|
-
full: mergedConfig.minTrustScoreForFull || 70
|
|
3252
|
-
}
|
|
3253
|
-
);
|
|
3256
|
+
const accessLevel = determineAccessLevel(true, trustScore, isOrgMember, {
|
|
3257
|
+
"read-only": 20,
|
|
3258
|
+
standard: mergedConfig.minTrustScore || 40,
|
|
3259
|
+
full: mergedConfig.minTrustScoreForFull || 70
|
|
3260
|
+
});
|
|
3254
3261
|
const result = {
|
|
3255
3262
|
verified: true,
|
|
3256
3263
|
accessLevel,
|
|
@@ -3272,7 +3279,9 @@ async function verify(config, request) {
|
|
|
3272
3279
|
if (result.recommendation === "deny") {
|
|
3273
3280
|
result.verified = false;
|
|
3274
3281
|
result.accessLevel = "none";
|
|
3275
|
-
result.denialReasons = result.recommendationReasons || [
|
|
3282
|
+
result.denialReasons = result.recommendationReasons || [
|
|
3283
|
+
"Access denied by AstraSync recommendation"
|
|
3284
|
+
];
|
|
3276
3285
|
if (result.runtimeChallenge) {
|
|
3277
3286
|
result.guidance = {
|
|
3278
3287
|
message: `Verification failed: ${result.runtimeChallenge.reason || "runtime challenge failed"}`,
|
|
@@ -3293,6 +3302,42 @@ async function verify(config, request) {
|
|
|
3293
3302
|
return result;
|
|
3294
3303
|
}
|
|
3295
3304
|
|
|
3305
|
+
// src/transport/rfc9421.ts
|
|
3306
|
+
import { parseDictionary } from "structured-headers";
|
|
3307
|
+
|
|
3308
|
+
// src/transport/rfc9421-verify.ts
|
|
3309
|
+
import { httpbis } from "http-message-signatures";
|
|
3310
|
+
|
|
3311
|
+
// src/transport/vi.ts
|
|
3312
|
+
import { splitSdJwt, decodeSdJwtSync } from "@sd-jwt/decode";
|
|
3313
|
+
import { createHash } from "crypto";
|
|
3314
|
+
|
|
3315
|
+
// src/transport/stripe-webhook.ts
|
|
3316
|
+
import { createHmac, timingSafeEqual } from "crypto";
|
|
3317
|
+
|
|
3318
|
+
// src/transport/ap2.ts
|
|
3319
|
+
import { decodeSdJwtSync as decodeSdJwtSync2 } from "@sd-jwt/decode";
|
|
3320
|
+
import { createHash as createHash2 } from "crypto";
|
|
3321
|
+
|
|
3322
|
+
// src/transport/mpp.ts
|
|
3323
|
+
import { Challenge, Credential, Receipt } from "mppx";
|
|
3324
|
+
|
|
3325
|
+
// src/transport/mpp-verify.ts
|
|
3326
|
+
import { BodyDigest } from "mppx";
|
|
3327
|
+
|
|
3328
|
+
// src/transport/x402.ts
|
|
3329
|
+
import {
|
|
3330
|
+
validatePaymentRequired,
|
|
3331
|
+
validatePaymentPayload
|
|
3332
|
+
} from "@x402/core/schemas";
|
|
3333
|
+
import { safeBase64Decode } from "@x402/core/utils";
|
|
3334
|
+
|
|
3335
|
+
// src/transport/vi-verify.ts
|
|
3336
|
+
import { createHash as createHash3, webcrypto } from "crypto";
|
|
3337
|
+
|
|
3338
|
+
// src/transport/registry/visa.ts
|
|
3339
|
+
import { createRemoteJWKSet } from "jose";
|
|
3340
|
+
|
|
3296
3341
|
// src/gateway/modes/online.ts
|
|
3297
3342
|
function toGatewayConfig(config) {
|
|
3298
3343
|
return {
|