@astrasyncai/verification-gateway 2.3.7 → 2.3.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter-interface/interface.d.mts +2 -2
- package/dist/adapter-interface/interface.d.ts +2 -2
- package/dist/adapters/express.d.mts +2 -2
- package/dist/adapters/express.d.ts +2 -2
- package/dist/adapters/express.js +42 -1
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +42 -1
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.d.mts +1 -1
- package/dist/adapters/mcp.d.ts +1 -1
- package/dist/adapters/mcp.js +31 -1
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +31 -1
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.d.mts +2 -2
- package/dist/adapters/nextjs.d.ts +2 -2
- package/dist/adapters/nextjs.js +19 -1
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +19 -1
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.d.mts +2 -2
- package/dist/adapters/sdk.d.ts +2 -2
- package/dist/adapters/sdk.js +19 -1
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +19 -1
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/agent/index.d.mts +2 -2
- package/dist/agent/index.d.ts +2 -2
- package/dist/browser/background.js +19 -1
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +19 -1
- package/dist/browser/background.mjs.map +1 -1
- package/dist/browser/browser-adapter.d.mts +2 -2
- package/dist/browser/browser-adapter.d.ts +2 -2
- package/dist/cli/index.d.mts +2 -2
- package/dist/cli/index.d.ts +2 -2
- package/dist/cursor/cursor-adapter.d.mts +2 -2
- package/dist/cursor/cursor-adapter.d.ts +2 -2
- package/dist/cursor/extension.d.mts +2 -2
- package/dist/cursor/extension.d.ts +2 -2
- package/dist/cursor/extension.js +19 -1
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +19 -1
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/{express-D9oRsseg.d.mts → express-BNWqDVIz.d.mts} +1 -1
- package/dist/{express-DMSIl20m.d.ts → express-BYup_4Jg.d.ts} +1 -1
- package/dist/gateway/gateway.d.mts +2 -2
- package/dist/gateway/gateway.d.ts +2 -2
- package/dist/gateway/gateway.js +19 -1
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +19 -1
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/git-trigger/git-hooks.d.mts +2 -2
- package/dist/git-trigger/git-hooks.d.ts +2 -2
- package/dist/{index-YNPs800Z.d.mts → index-BHXa2WTO.d.mts} +1 -1
- package/dist/{index-Bn_7eGjb.d.mts → index-CK4lNLVn.d.mts} +1 -1
- package/dist/{index-BtU9yFda.d.ts → index-CSMpOcxV.d.ts} +1 -1
- package/dist/{index-EwUWXC5T.d.ts → index-DN3ztP2d.d.ts} +1 -1
- package/dist/index.d.mts +7 -7
- package/dist/index.d.ts +7 -7
- package/dist/index.js +42 -1
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +42 -1
- package/dist/index.mjs.map +1 -1
- package/dist/local-evaluator/evaluator.d.mts +2 -2
- package/dist/local-evaluator/evaluator.d.ts +2 -2
- package/dist/{nextjs-BLtjRbc-.d.mts → nextjs-Bzdfu8Eg.d.mts} +1 -1
- package/dist/{nextjs-B5ZBpHra.d.ts → nextjs-C4h_MpgK.d.ts} +1 -1
- package/dist/{sdk-BhkxvqnK.d.mts → sdk-CDdD7EcJ.d.mts} +1 -1
- package/dist/{sdk-YmE3RG8n.d.ts → sdk-Tzsn6s-O.d.ts} +1 -1
- package/dist/transport/index.d.mts +2 -2
- package/dist/transport/index.d.ts +2 -2
- package/dist/{types-BecRpozv.d.ts → types-Bzp1SMaD.d.ts} +1 -1
- package/dist/{types-Bxqj1sKY.d.mts → types-D_tmbDA_.d.mts} +27 -1
- package/dist/{types-Bxqj1sKY.d.ts → types-D_tmbDA_.d.ts} +27 -1
- package/dist/{types-DxY5zt4z.d.mts → types-z-QVnG4b.d.mts} +1 -1
- package/dist/ui/index.d.mts +1 -1
- package/dist/ui/index.d.ts +1 -1
- package/package.json +1 -1
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { AstraSyncGateway } from '../gateway/gateway.mjs';
|
|
2
|
-
import { V as VerificationDecision, P as PDLSSContext } from '../types-
|
|
3
|
-
import '../types-
|
|
2
|
+
import { V as VerificationDecision, P as PDLSSContext } from '../types-z-QVnG4b.mjs';
|
|
3
|
+
import '../types-D_tmbDA_.mjs';
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Git Trigger — Enterprise git push / PR verification
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { AstraSyncGateway } from '../gateway/gateway.js';
|
|
2
|
-
import { V as VerificationDecision, P as PDLSSContext } from '../types-
|
|
3
|
-
import '../types-
|
|
2
|
+
import { V as VerificationDecision, P as PDLSSContext } from '../types-Bzp1SMaD.js';
|
|
3
|
+
import '../types-D_tmbDA_.js';
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Git Trigger — Enterprise git push / PR verification
|
package/dist/index.d.mts
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, c as VerificationRequest, V as VerificationResult } from './types-
|
|
2
|
-
export { A as AstraSyncCredentials, d as CommerceShieldProps, C as CounterpartyType, e as EnhancedVerificationResult, E as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, T as TokenGuidance, i as TrustLevel, j as VerifiedAgent, k as VerifiedDeveloper, l as VerifiedOrganization } from './types-
|
|
3
|
-
export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, c as getCapabilities, e as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-
|
|
4
|
-
export { e as express } from './express-
|
|
5
|
-
export { n as nextjs } from './nextjs-
|
|
6
|
-
export { i as transport } from './index-
|
|
7
|
-
export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-
|
|
1
|
+
import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, c as VerificationRequest, V as VerificationResult } from './types-D_tmbDA_.mjs';
|
|
2
|
+
export { A as AstraSyncCredentials, d as CommerceShieldProps, C as CounterpartyType, e as EnhancedVerificationResult, E as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, T as TokenGuidance, i as TrustLevel, j as VerifiedAgent, k as VerifiedDeveloper, l as VerifiedOrganization } from './types-D_tmbDA_.mjs';
|
|
3
|
+
export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, c as getCapabilities, e as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-CDdD7EcJ.mjs';
|
|
4
|
+
export { e as express } from './express-BNWqDVIz.mjs';
|
|
5
|
+
export { n as nextjs } from './nextjs-Bzdfu8Eg.mjs';
|
|
6
|
+
export { i as transport } from './index-BHXa2WTO.mjs';
|
|
7
|
+
export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-CK4lNLVn.mjs';
|
|
8
8
|
import 'express';
|
|
9
9
|
import 'next/server';
|
|
10
10
|
import 'jose';
|
package/dist/index.d.ts
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, c as VerificationRequest, V as VerificationResult } from './types-
|
|
2
|
-
export { A as AstraSyncCredentials, d as CommerceShieldProps, C as CounterpartyType, e as EnhancedVerificationResult, E as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, T as TokenGuidance, i as TrustLevel, j as VerifiedAgent, k as VerifiedDeveloper, l as VerifiedOrganization } from './types-
|
|
3
|
-
export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, c as getCapabilities, e as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-
|
|
4
|
-
export { e as express } from './express-
|
|
5
|
-
export { n as nextjs } from './nextjs-
|
|
6
|
-
export { i as transport } from './index-
|
|
7
|
-
export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-
|
|
1
|
+
import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, c as VerificationRequest, V as VerificationResult } from './types-D_tmbDA_.js';
|
|
2
|
+
export { A as AstraSyncCredentials, d as CommerceShieldProps, C as CounterpartyType, e as EnhancedVerificationResult, E as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, T as TokenGuidance, i as TrustLevel, j as VerifiedAgent, k as VerifiedDeveloper, l as VerifiedOrganization } from './types-D_tmbDA_.js';
|
|
3
|
+
export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, c as getCapabilities, e as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-Tzsn6s-O.js';
|
|
4
|
+
export { e as express } from './express-BYup_4Jg.js';
|
|
5
|
+
export { n as nextjs } from './nextjs-C4h_MpgK.js';
|
|
6
|
+
export { i as transport } from './index-CSMpOcxV.js';
|
|
7
|
+
export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-DN3ztP2d.js';
|
|
8
8
|
import 'express';
|
|
9
9
|
import 'next/server';
|
|
10
10
|
import 'jose';
|
package/dist/index.js
CHANGED
|
@@ -336,6 +336,23 @@ async function callVerifyAccessAPI(config, request) {
|
|
|
336
336
|
body: JSON.stringify(body)
|
|
337
337
|
});
|
|
338
338
|
const data = await response.json();
|
|
339
|
+
if (response.status === 410) {
|
|
340
|
+
return {
|
|
341
|
+
success: true,
|
|
342
|
+
access: {
|
|
343
|
+
allowed: false,
|
|
344
|
+
accessLevel: "none",
|
|
345
|
+
reason: "endpoint_deactivated",
|
|
346
|
+
failures: [
|
|
347
|
+
{
|
|
348
|
+
dimension: "endpoint.deactivated",
|
|
349
|
+
message: typeof data?.message === "string" ? data.message : "Endpoint has been deactivated",
|
|
350
|
+
guidance: typeof data?.guidance === "string" ? data.guidance : "Reactivate via POST /api/endpoints/{id}/reactivate, or update the URL on the calling agent."
|
|
351
|
+
}
|
|
352
|
+
]
|
|
353
|
+
}
|
|
354
|
+
};
|
|
355
|
+
}
|
|
339
356
|
if (!response.ok) {
|
|
340
357
|
return {
|
|
341
358
|
success: false,
|
|
@@ -445,7 +462,8 @@ async function verify(config, request) {
|
|
|
445
462
|
runtimeChallenge: apiResponse.runtimeChallenge,
|
|
446
463
|
tokenGuidance: apiResponse.tokenGuidance,
|
|
447
464
|
recommendation: apiResponse.recommendation,
|
|
448
|
-
recommendationReasons: apiResponse.recommendationReasons
|
|
465
|
+
recommendationReasons: apiResponse.recommendationReasons,
|
|
466
|
+
warningHeader: apiResponse.warningHeader
|
|
449
467
|
};
|
|
450
468
|
if (result.recommendation === "deny") {
|
|
451
469
|
result.verified = false;
|
|
@@ -718,6 +736,7 @@ function createMiddleware(options) {
|
|
|
718
736
|
let lastFetchAt = 0;
|
|
719
737
|
let refreshing = null;
|
|
720
738
|
let warnedNoCounterparty = false;
|
|
739
|
+
let warnedEmptyRoutes = false;
|
|
721
740
|
async function refreshRoutes() {
|
|
722
741
|
if (!config.counterpartyId) {
|
|
723
742
|
if (!warnedNoCounterparty) {
|
|
@@ -732,6 +751,13 @@ function createMiddleware(options) {
|
|
|
732
751
|
if (fetched) {
|
|
733
752
|
cachedRoutes = fetched;
|
|
734
753
|
lastFetchAt = Date.now();
|
|
754
|
+
if (cachedRoutes.length === 0 && !warnedEmptyRoutes) {
|
|
755
|
+
const dashboard = config.dashboardUrl ?? "https://app.astrasync.ai";
|
|
756
|
+
console.warn(
|
|
757
|
+
`[VerificationGateway] No route policy configured for ${config.counterpartyId}. Gateway is in pass-through mode for ALL traffic until you add at least one route. Configure at ${dashboard}/dashboard/endpoints/${config.counterpartyId}/routes`
|
|
758
|
+
);
|
|
759
|
+
warnedEmptyRoutes = true;
|
|
760
|
+
}
|
|
735
761
|
}
|
|
736
762
|
}
|
|
737
763
|
refreshing = refreshRoutes().finally(() => {
|
|
@@ -754,9 +780,20 @@ function createMiddleware(options) {
|
|
|
754
780
|
}
|
|
755
781
|
const routeConfig = findRouteConfig(cachedRoutes, req.path, req.method);
|
|
756
782
|
if (!routeConfig) {
|
|
783
|
+
if (config.setPassThroughHeader) {
|
|
784
|
+
res.setHeader("X-Astra-Gateway-Mode", "pass-through");
|
|
785
|
+
res.setHeader(
|
|
786
|
+
"X-Astra-Gateway-Reason",
|
|
787
|
+
cachedRoutes.length === 0 ? "no-policy" : "no-match"
|
|
788
|
+
);
|
|
789
|
+
}
|
|
757
790
|
return next();
|
|
758
791
|
}
|
|
759
792
|
if (routeConfig.minAccessLevel === "none") {
|
|
793
|
+
if (config.setPassThroughHeader) {
|
|
794
|
+
res.setHeader("X-Astra-Gateway-Mode", "pass-through");
|
|
795
|
+
res.setHeader("X-Astra-Gateway-Reason", "route-none");
|
|
796
|
+
}
|
|
760
797
|
return next();
|
|
761
798
|
}
|
|
762
799
|
const credentials = customExtractCredentials ? customExtractCredentials(req) : defaultExtractCredentials(req);
|
|
@@ -840,6 +877,10 @@ function createMiddleware(options) {
|
|
|
840
877
|
recordDecision(config, sessionId, "granted").catch(() => {
|
|
841
878
|
});
|
|
842
879
|
}
|
|
880
|
+
const enhancedResult = result;
|
|
881
|
+
if (enhancedResult.warningHeader) {
|
|
882
|
+
res.setHeader(enhancedResult.warningHeader.name, enhancedResult.warningHeader.value);
|
|
883
|
+
}
|
|
843
884
|
next();
|
|
844
885
|
} catch (error) {
|
|
845
886
|
console.error("[VerificationGateway] Middleware error:", error);
|