@astrasyncai/verification-gateway 2.4.9 → 2.4.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/express.js +35 -13
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +35 -13
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.js +35 -13
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +35 -13
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.js +35 -13
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +35 -13
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.js +35 -13
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +35 -13
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/browser/background.js +36 -14
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +36 -14
- package/dist/browser/background.mjs.map +1 -1
- package/dist/cursor/extension.js +36 -14
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +36 -14
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/gateway/gateway.js +36 -14
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +36 -14
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/index.js +36 -14
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +36 -14
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/dist/gateway/gateway.mjs
CHANGED
|
@@ -3029,7 +3029,7 @@ function getTrustLevel(score) {
|
|
|
3029
3029
|
}
|
|
3030
3030
|
|
|
3031
3031
|
// src/version.ts
|
|
3032
|
-
var SDK_VERSION = "2.4.
|
|
3032
|
+
var SDK_VERSION = "2.4.11";
|
|
3033
3033
|
|
|
3034
3034
|
// src/verify.ts
|
|
3035
3035
|
var DEFAULT_CONFIG = {
|
|
@@ -3040,8 +3040,10 @@ var DEFAULT_CONFIG = {
|
|
|
3040
3040
|
// through (`hasMinimumAccess('guidance', 'guidance') === true`).
|
|
3041
3041
|
defaultAccessLevel: "none",
|
|
3042
3042
|
// minTrustScore + minTrustScoreForFull deprecated in v2.3.0 — server decides.
|
|
3043
|
-
|
|
3044
|
-
//
|
|
3043
|
+
// Round-18.5 F4: cacheTtl deliberately unset. When undefined, cacheResult
|
|
3044
|
+
// applies the split default (60s autonomous / 300s step-up). When the
|
|
3045
|
+
// caller sets cacheTtl explicitly, that value is honoured uniformly.
|
|
3046
|
+
// Set cacheTtl: 0 to disable caching entirely.
|
|
3045
3047
|
debug: false
|
|
3046
3048
|
};
|
|
3047
3049
|
var initCheckPerformed = false;
|
|
@@ -3068,11 +3070,28 @@ async function performInitCheck(apiBaseUrl, debug) {
|
|
|
3068
3070
|
}
|
|
3069
3071
|
}
|
|
3070
3072
|
var verificationCache = /* @__PURE__ */ new Map();
|
|
3071
|
-
function getCacheKey(
|
|
3072
|
-
|
|
3073
|
-
|
|
3074
|
-
|
|
3075
|
-
|
|
3073
|
+
function getCacheKey(request) {
|
|
3074
|
+
const c = request.credentials;
|
|
3075
|
+
return [
|
|
3076
|
+
c.astraId || "",
|
|
3077
|
+
c.apiKey || "",
|
|
3078
|
+
c.jwt || "",
|
|
3079
|
+
request.purpose || "",
|
|
3080
|
+
request.action || "",
|
|
3081
|
+
request.resourceType || "",
|
|
3082
|
+
request.resource || "",
|
|
3083
|
+
request.jurisdiction || "",
|
|
3084
|
+
request.transactionValue ?? "",
|
|
3085
|
+
request.currency || "",
|
|
3086
|
+
request.counterpartyUrl || "",
|
|
3087
|
+
request.counterpartyType || "",
|
|
3088
|
+
request.isSubAgentRequest ? "1" : "0",
|
|
3089
|
+
request.parentAgentId || "",
|
|
3090
|
+
request.subAgentDepth ?? ""
|
|
3091
|
+
].join("|");
|
|
3092
|
+
}
|
|
3093
|
+
function getCachedResult(request) {
|
|
3094
|
+
const key = getCacheKey(request);
|
|
3076
3095
|
const cached = verificationCache.get(key);
|
|
3077
3096
|
if (cached && cached.expiresAt > Date.now()) {
|
|
3078
3097
|
return cached.result;
|
|
@@ -3082,8 +3101,11 @@ function getCachedResult(credentials) {
|
|
|
3082
3101
|
}
|
|
3083
3102
|
return null;
|
|
3084
3103
|
}
|
|
3085
|
-
|
|
3086
|
-
|
|
3104
|
+
var DEFAULT_AUTONOMOUS_TTL_SECONDS = 60;
|
|
3105
|
+
var DEFAULT_STEP_UP_TTL_SECONDS = 300;
|
|
3106
|
+
function cacheResult(request, result, configuredTtl) {
|
|
3107
|
+
const ttlSeconds = configuredTtl && configuredTtl > 0 ? configuredTtl : result.requiresStepUp ? DEFAULT_STEP_UP_TTL_SECONDS : DEFAULT_AUTONOMOUS_TTL_SECONDS;
|
|
3108
|
+
const key = getCacheKey(request);
|
|
3087
3109
|
verificationCache.set(key, {
|
|
3088
3110
|
result,
|
|
3089
3111
|
expiresAt: Date.now() + ttlSeconds * 1e3
|
|
@@ -3238,8 +3260,8 @@ async function verify(config, request) {
|
|
|
3238
3260
|
"[VerificationGateway] minTrustScore / minTrustScoreForFull are deprecated in v2.3.0 and have no effect. Server is now the single source of truth for access-level decisions (the SDK reads access.accessLevel from the verify-access response). To gate access to an endpoint, configure the endpoint's trust_score_requirement server-side."
|
|
3239
3261
|
);
|
|
3240
3262
|
}
|
|
3241
|
-
if (mergedConfig.cacheTtl
|
|
3242
|
-
const cached = getCachedResult(request
|
|
3263
|
+
if (mergedConfig.cacheTtl !== 0) {
|
|
3264
|
+
const cached = getCachedResult(request);
|
|
3243
3265
|
if (cached) {
|
|
3244
3266
|
if (mergedConfig.debug) {
|
|
3245
3267
|
console.log("[VerificationGateway] Returning cached result");
|
|
@@ -3368,8 +3390,8 @@ async function verify(config, request) {
|
|
|
3368
3390
|
}
|
|
3369
3391
|
result.denialReasons = result.recommendationReasons || ["Step-up verification required"];
|
|
3370
3392
|
}
|
|
3371
|
-
if (mergedConfig.cacheTtl
|
|
3372
|
-
cacheResult(request
|
|
3393
|
+
if (mergedConfig.cacheTtl !== 0 && result.recommendation !== "deny") {
|
|
3394
|
+
cacheResult(request, result, mergedConfig.cacheTtl);
|
|
3373
3395
|
}
|
|
3374
3396
|
return result;
|
|
3375
3397
|
}
|