@astrasyncai/verification-gateway 2.4.14 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/express.js +107 -15
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +107 -15
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.d.mts +75 -53
- package/dist/adapters/mcp.d.ts +75 -53
- package/dist/adapters/mcp.js +128 -23
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +128 -23
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.js +23 -13
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +23 -13
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.js +23 -13
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +23 -13
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/browser/background.js +23 -13
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +23 -13
- package/dist/browser/background.mjs.map +1 -1
- package/dist/cursor/extension.js +23 -13
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +23 -13
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/gateway/gateway.js +23 -13
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +23 -13
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/index.d.mts +32 -2
- package/dist/index.d.ts +32 -2
- package/dist/index.js +172 -31
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +169 -31
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/dist/gateway/gateway.js
CHANGED
|
@@ -3067,6 +3067,13 @@ function getTrustLevel(score) {
|
|
|
3067
3067
|
// src/version.ts
|
|
3068
3068
|
var SDK_VERSION = "2.4.13";
|
|
3069
3069
|
|
|
3070
|
+
// src/well-known.ts
|
|
3071
|
+
var CACHE_TTL_MS = 60 * 60 * 1e3;
|
|
3072
|
+
var cache = /* @__PURE__ */ new Map();
|
|
3073
|
+
function getCachedWellKnownUrls(apiBaseUrl) {
|
|
3074
|
+
return cache.get(apiBaseUrl)?.data;
|
|
3075
|
+
}
|
|
3076
|
+
|
|
3070
3077
|
// src/verify.ts
|
|
3071
3078
|
var DEFAULT_CONFIG = {
|
|
3072
3079
|
apiBaseUrl: "https://astrasync.ai/api",
|
|
@@ -3168,21 +3175,22 @@ function cacheResult(request, result, configuredTtl) {
|
|
|
3168
3175
|
expiresAt: Date.now() + ttlSeconds * 1e3
|
|
3169
3176
|
});
|
|
3170
3177
|
}
|
|
3171
|
-
function createGuidanceResponse(
|
|
3178
|
+
function createGuidanceResponse(_config, reason, options = {}) {
|
|
3172
3179
|
const source = options.source ?? "no_credentials";
|
|
3173
3180
|
const isApiError = source === "api_error";
|
|
3181
|
+
const urls = options.urls;
|
|
3174
3182
|
const guidance = isApiError ? {
|
|
3175
3183
|
message: "Verification is temporarily unavailable. Retry with exponential backoff; if the issue persists, contact support with the correlationId.",
|
|
3176
|
-
registrationUrl:
|
|
3177
|
-
documentationUrl:
|
|
3184
|
+
registrationUrl: urls?.registrationUrl ?? "",
|
|
3185
|
+
documentationUrl: urls?.documentationUrl ?? "",
|
|
3178
3186
|
steps: [
|
|
3179
3187
|
"Retry the request with exponential backoff",
|
|
3180
3188
|
"If failures persist, share the correlationId with support"
|
|
3181
3189
|
]
|
|
3182
3190
|
} : {
|
|
3183
3191
|
message: "This service verifies AI agents before granting access. Please register your agent with AstraSync.",
|
|
3184
|
-
registrationUrl:
|
|
3185
|
-
documentationUrl:
|
|
3192
|
+
registrationUrl: urls?.registrationUrl ?? "",
|
|
3193
|
+
documentationUrl: urls?.documentationUrl ?? "",
|
|
3186
3194
|
steps: [
|
|
3187
3195
|
"Register for an AstraSync account",
|
|
3188
3196
|
"Create and register your agent",
|
|
@@ -3224,7 +3232,7 @@ async function callVerifyAccessAPI(config, request) {
|
|
|
3224
3232
|
const { credentials, ...requestData } = request;
|
|
3225
3233
|
const body = {
|
|
3226
3234
|
...credentials.astraId && { agentId: credentials.astraId },
|
|
3227
|
-
purpose: requestData.purpose
|
|
3235
|
+
...requestData.purpose && { purpose: requestData.purpose }
|
|
3228
3236
|
};
|
|
3229
3237
|
if (requestData.action) body.action = requestData.action;
|
|
3230
3238
|
if (requestData.resourceType) body.resourceType = requestData.resourceType;
|
|
@@ -3304,6 +3312,7 @@ async function callVerifyAccessAPI(config, request) {
|
|
|
3304
3312
|
}
|
|
3305
3313
|
async function verify(config, request) {
|
|
3306
3314
|
const mergedConfig = { ...DEFAULT_CONFIG, ...config };
|
|
3315
|
+
const urls = mergedConfig.apiBaseUrl ? getCachedWellKnownUrls(mergedConfig.apiBaseUrl) : void 0;
|
|
3307
3316
|
if (!initCheckPerformed && !mergedConfig.disableInitChecks && mergedConfig.apiBaseUrl) {
|
|
3308
3317
|
if (mergedConfig.strictInit) {
|
|
3309
3318
|
await performInitCheck(mergedConfig.apiBaseUrl, mergedConfig.debug, true);
|
|
@@ -3340,7 +3349,8 @@ async function verify(config, request) {
|
|
|
3340
3349
|
if (!apiResponse.success) {
|
|
3341
3350
|
return createGuidanceResponse(mergedConfig, apiResponse.error, {
|
|
3342
3351
|
source: "api_error",
|
|
3343
|
-
correlationId: apiResponse.correlationId
|
|
3352
|
+
correlationId: apiResponse.correlationId,
|
|
3353
|
+
urls
|
|
3344
3354
|
});
|
|
3345
3355
|
}
|
|
3346
3356
|
if (!apiResponse.access?.allowed) {
|
|
@@ -3363,8 +3373,8 @@ async function verify(config, request) {
|
|
|
3363
3373
|
requiresApproval: apiResponse.access?.requiresApproval,
|
|
3364
3374
|
guidance: {
|
|
3365
3375
|
message: apiResponse.access?.reason || "Access denied by PDLSS policy",
|
|
3366
|
-
registrationUrl:
|
|
3367
|
-
documentationUrl:
|
|
3376
|
+
registrationUrl: urls?.registrationUrl ?? "",
|
|
3377
|
+
documentationUrl: urls?.documentationUrl ?? ""
|
|
3368
3378
|
},
|
|
3369
3379
|
verifiedAt: /* @__PURE__ */ new Date(),
|
|
3370
3380
|
// Extract sessionId so decisions can be recorded for denials too
|
|
@@ -3435,12 +3445,12 @@ async function verify(config, request) {
|
|
|
3435
3445
|
];
|
|
3436
3446
|
result.guidance = result.runtimeChallenge ? {
|
|
3437
3447
|
message: `Verification failed: ${result.runtimeChallenge.reason || "runtime challenge failed"}`,
|
|
3438
|
-
registrationUrl:
|
|
3439
|
-
documentationUrl:
|
|
3448
|
+
registrationUrl: urls?.registrationUrl ?? "",
|
|
3449
|
+
documentationUrl: urls?.documentationUrl ?? ""
|
|
3440
3450
|
} : {
|
|
3441
3451
|
message: result.recommendationReasons?.[0] || "Access denied by AstraSync recommendation",
|
|
3442
|
-
registrationUrl:
|
|
3443
|
-
documentationUrl:
|
|
3452
|
+
registrationUrl: urls?.registrationUrl ?? "",
|
|
3453
|
+
documentationUrl: urls?.documentationUrl ?? ""
|
|
3444
3454
|
};
|
|
3445
3455
|
} else if (result.recommendation === "step_up_required") {
|
|
3446
3456
|
result.requiresStepUp = true;
|