@astrasyncai/verification-gateway 2.4.9 → 2.4.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/express.js +35 -13
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +35 -13
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.js +35 -13
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +35 -13
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.js +35 -13
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +35 -13
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.js +35 -13
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +35 -13
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/browser/background.js +36 -14
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +36 -14
- package/dist/browser/background.mjs.map +1 -1
- package/dist/cursor/extension.js +36 -14
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +36 -14
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/gateway/gateway.js +36 -14
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +36 -14
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/index.js +36 -14
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +36 -14
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/dist/adapters/mcp.js
CHANGED
|
@@ -51,7 +51,7 @@ function hasMinimumAccess(actual, required) {
|
|
|
51
51
|
}
|
|
52
52
|
|
|
53
53
|
// src/version.ts
|
|
54
|
-
var SDK_VERSION = "2.4.
|
|
54
|
+
var SDK_VERSION = "2.4.11";
|
|
55
55
|
|
|
56
56
|
// src/verify.ts
|
|
57
57
|
var DEFAULT_CONFIG = {
|
|
@@ -62,8 +62,10 @@ var DEFAULT_CONFIG = {
|
|
|
62
62
|
// through (`hasMinimumAccess('guidance', 'guidance') === true`).
|
|
63
63
|
defaultAccessLevel: "none",
|
|
64
64
|
// minTrustScore + minTrustScoreForFull deprecated in v2.3.0 — server decides.
|
|
65
|
-
|
|
66
|
-
//
|
|
65
|
+
// Round-18.5 F4: cacheTtl deliberately unset. When undefined, cacheResult
|
|
66
|
+
// applies the split default (60s autonomous / 300s step-up). When the
|
|
67
|
+
// caller sets cacheTtl explicitly, that value is honoured uniformly.
|
|
68
|
+
// Set cacheTtl: 0 to disable caching entirely.
|
|
67
69
|
debug: false
|
|
68
70
|
};
|
|
69
71
|
var initCheckPerformed = false;
|
|
@@ -90,11 +92,28 @@ async function performInitCheck(apiBaseUrl, debug) {
|
|
|
90
92
|
}
|
|
91
93
|
}
|
|
92
94
|
var verificationCache = /* @__PURE__ */ new Map();
|
|
93
|
-
function getCacheKey(
|
|
94
|
-
|
|
95
|
+
function getCacheKey(request) {
|
|
96
|
+
const c = request.credentials;
|
|
97
|
+
return [
|
|
98
|
+
c.astraId || "",
|
|
99
|
+
c.apiKey || "",
|
|
100
|
+
c.jwt || "",
|
|
101
|
+
request.purpose || "",
|
|
102
|
+
request.action || "",
|
|
103
|
+
request.resourceType || "",
|
|
104
|
+
request.resource || "",
|
|
105
|
+
request.jurisdiction || "",
|
|
106
|
+
request.transactionValue ?? "",
|
|
107
|
+
request.currency || "",
|
|
108
|
+
request.counterpartyUrl || "",
|
|
109
|
+
request.counterpartyType || "",
|
|
110
|
+
request.isSubAgentRequest ? "1" : "0",
|
|
111
|
+
request.parentAgentId || "",
|
|
112
|
+
request.subAgentDepth ?? ""
|
|
113
|
+
].join("|");
|
|
95
114
|
}
|
|
96
|
-
function getCachedResult(
|
|
97
|
-
const key = getCacheKey(
|
|
115
|
+
function getCachedResult(request) {
|
|
116
|
+
const key = getCacheKey(request);
|
|
98
117
|
const cached = verificationCache.get(key);
|
|
99
118
|
if (cached && cached.expiresAt > Date.now()) {
|
|
100
119
|
return cached.result;
|
|
@@ -104,8 +123,11 @@ function getCachedResult(credentials) {
|
|
|
104
123
|
}
|
|
105
124
|
return null;
|
|
106
125
|
}
|
|
107
|
-
|
|
108
|
-
|
|
126
|
+
var DEFAULT_AUTONOMOUS_TTL_SECONDS = 60;
|
|
127
|
+
var DEFAULT_STEP_UP_TTL_SECONDS = 300;
|
|
128
|
+
function cacheResult(request, result, configuredTtl) {
|
|
129
|
+
const ttlSeconds = configuredTtl && configuredTtl > 0 ? configuredTtl : result.requiresStepUp ? DEFAULT_STEP_UP_TTL_SECONDS : DEFAULT_AUTONOMOUS_TTL_SECONDS;
|
|
130
|
+
const key = getCacheKey(request);
|
|
109
131
|
verificationCache.set(key, {
|
|
110
132
|
result,
|
|
111
133
|
expiresAt: Date.now() + ttlSeconds * 1e3
|
|
@@ -288,8 +310,8 @@ async function verify(config, request) {
|
|
|
288
310
|
"[VerificationGateway] minTrustScore / minTrustScoreForFull are deprecated in v2.3.0 and have no effect. Server is now the single source of truth for access-level decisions (the SDK reads access.accessLevel from the verify-access response). To gate access to an endpoint, configure the endpoint's trust_score_requirement server-side."
|
|
289
311
|
);
|
|
290
312
|
}
|
|
291
|
-
if (mergedConfig.cacheTtl
|
|
292
|
-
const cached = getCachedResult(request
|
|
313
|
+
if (mergedConfig.cacheTtl !== 0) {
|
|
314
|
+
const cached = getCachedResult(request);
|
|
293
315
|
if (cached) {
|
|
294
316
|
if (mergedConfig.debug) {
|
|
295
317
|
console.log("[VerificationGateway] Returning cached result");
|
|
@@ -418,8 +440,8 @@ async function verify(config, request) {
|
|
|
418
440
|
}
|
|
419
441
|
result.denialReasons = result.recommendationReasons || ["Step-up verification required"];
|
|
420
442
|
}
|
|
421
|
-
if (mergedConfig.cacheTtl
|
|
422
|
-
cacheResult(request
|
|
443
|
+
if (mergedConfig.cacheTtl !== 0 && result.recommendation !== "deny") {
|
|
444
|
+
cacheResult(request, result, mergedConfig.cacheTtl);
|
|
423
445
|
}
|
|
424
446
|
return result;
|
|
425
447
|
}
|