@astrasyncai/verification-gateway 2.4.9 → 2.4.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/express.js +35 -13
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +35 -13
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.js +35 -13
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +35 -13
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.js +35 -13
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +35 -13
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.js +35 -13
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +35 -13
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/browser/background.js +36 -14
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +36 -14
- package/dist/browser/background.mjs.map +1 -1
- package/dist/cursor/extension.js +36 -14
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +36 -14
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/gateway/gateway.js +36 -14
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +36 -14
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/index.js +36 -14
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +36 -14
- package/dist/index.mjs.map +1 -1
- package/package.json +1 -1
package/dist/adapters/mcp.mjs
CHANGED
|
@@ -18,7 +18,7 @@ function hasMinimumAccess(actual, required) {
|
|
|
18
18
|
}
|
|
19
19
|
|
|
20
20
|
// src/version.ts
|
|
21
|
-
var SDK_VERSION = "2.4.
|
|
21
|
+
var SDK_VERSION = "2.4.11";
|
|
22
22
|
|
|
23
23
|
// src/verify.ts
|
|
24
24
|
var DEFAULT_CONFIG = {
|
|
@@ -29,8 +29,10 @@ var DEFAULT_CONFIG = {
|
|
|
29
29
|
// through (`hasMinimumAccess('guidance', 'guidance') === true`).
|
|
30
30
|
defaultAccessLevel: "none",
|
|
31
31
|
// minTrustScore + minTrustScoreForFull deprecated in v2.3.0 — server decides.
|
|
32
|
-
|
|
33
|
-
//
|
|
32
|
+
// Round-18.5 F4: cacheTtl deliberately unset. When undefined, cacheResult
|
|
33
|
+
// applies the split default (60s autonomous / 300s step-up). When the
|
|
34
|
+
// caller sets cacheTtl explicitly, that value is honoured uniformly.
|
|
35
|
+
// Set cacheTtl: 0 to disable caching entirely.
|
|
34
36
|
debug: false
|
|
35
37
|
};
|
|
36
38
|
var initCheckPerformed = false;
|
|
@@ -57,11 +59,28 @@ async function performInitCheck(apiBaseUrl, debug) {
|
|
|
57
59
|
}
|
|
58
60
|
}
|
|
59
61
|
var verificationCache = /* @__PURE__ */ new Map();
|
|
60
|
-
function getCacheKey(
|
|
61
|
-
|
|
62
|
+
function getCacheKey(request) {
|
|
63
|
+
const c = request.credentials;
|
|
64
|
+
return [
|
|
65
|
+
c.astraId || "",
|
|
66
|
+
c.apiKey || "",
|
|
67
|
+
c.jwt || "",
|
|
68
|
+
request.purpose || "",
|
|
69
|
+
request.action || "",
|
|
70
|
+
request.resourceType || "",
|
|
71
|
+
request.resource || "",
|
|
72
|
+
request.jurisdiction || "",
|
|
73
|
+
request.transactionValue ?? "",
|
|
74
|
+
request.currency || "",
|
|
75
|
+
request.counterpartyUrl || "",
|
|
76
|
+
request.counterpartyType || "",
|
|
77
|
+
request.isSubAgentRequest ? "1" : "0",
|
|
78
|
+
request.parentAgentId || "",
|
|
79
|
+
request.subAgentDepth ?? ""
|
|
80
|
+
].join("|");
|
|
62
81
|
}
|
|
63
|
-
function getCachedResult(
|
|
64
|
-
const key = getCacheKey(
|
|
82
|
+
function getCachedResult(request) {
|
|
83
|
+
const key = getCacheKey(request);
|
|
65
84
|
const cached = verificationCache.get(key);
|
|
66
85
|
if (cached && cached.expiresAt > Date.now()) {
|
|
67
86
|
return cached.result;
|
|
@@ -71,8 +90,11 @@ function getCachedResult(credentials) {
|
|
|
71
90
|
}
|
|
72
91
|
return null;
|
|
73
92
|
}
|
|
74
|
-
|
|
75
|
-
|
|
93
|
+
var DEFAULT_AUTONOMOUS_TTL_SECONDS = 60;
|
|
94
|
+
var DEFAULT_STEP_UP_TTL_SECONDS = 300;
|
|
95
|
+
function cacheResult(request, result, configuredTtl) {
|
|
96
|
+
const ttlSeconds = configuredTtl && configuredTtl > 0 ? configuredTtl : result.requiresStepUp ? DEFAULT_STEP_UP_TTL_SECONDS : DEFAULT_AUTONOMOUS_TTL_SECONDS;
|
|
97
|
+
const key = getCacheKey(request);
|
|
76
98
|
verificationCache.set(key, {
|
|
77
99
|
result,
|
|
78
100
|
expiresAt: Date.now() + ttlSeconds * 1e3
|
|
@@ -255,8 +277,8 @@ async function verify(config, request) {
|
|
|
255
277
|
"[VerificationGateway] minTrustScore / minTrustScoreForFull are deprecated in v2.3.0 and have no effect. Server is now the single source of truth for access-level decisions (the SDK reads access.accessLevel from the verify-access response). To gate access to an endpoint, configure the endpoint's trust_score_requirement server-side."
|
|
256
278
|
);
|
|
257
279
|
}
|
|
258
|
-
if (mergedConfig.cacheTtl
|
|
259
|
-
const cached = getCachedResult(request
|
|
280
|
+
if (mergedConfig.cacheTtl !== 0) {
|
|
281
|
+
const cached = getCachedResult(request);
|
|
260
282
|
if (cached) {
|
|
261
283
|
if (mergedConfig.debug) {
|
|
262
284
|
console.log("[VerificationGateway] Returning cached result");
|
|
@@ -385,8 +407,8 @@ async function verify(config, request) {
|
|
|
385
407
|
}
|
|
386
408
|
result.denialReasons = result.recommendationReasons || ["Step-up verification required"];
|
|
387
409
|
}
|
|
388
|
-
if (mergedConfig.cacheTtl
|
|
389
|
-
cacheResult(request
|
|
410
|
+
if (mergedConfig.cacheTtl !== 0 && result.recommendation !== "deny") {
|
|
411
|
+
cacheResult(request, result, mergedConfig.cacheTtl);
|
|
390
412
|
}
|
|
391
413
|
return result;
|
|
392
414
|
}
|