@astrasyncai/verification-gateway 3.0.0 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter-interface/interface.d.mts +2 -2
- package/dist/adapter-interface/interface.d.ts +2 -2
- package/dist/adapters/express.d.mts +2 -2
- package/dist/adapters/express.d.ts +2 -2
- package/dist/adapters/express.js +123 -33
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +123 -33
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.d.mts +20 -7
- package/dist/adapters/mcp.d.ts +20 -7
- package/dist/adapters/mcp.js +6 -3
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +6 -3
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.d.mts +2 -2
- package/dist/adapters/nextjs.d.ts +2 -2
- package/dist/adapters/nextjs.js +107 -28
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +107 -28
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.d.mts +2 -2
- package/dist/adapters/sdk.d.ts +2 -2
- package/dist/adapters/sdk.js +1 -1
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +1 -1
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/agent/index.d.mts +2 -2
- package/dist/agent/index.d.ts +2 -2
- package/dist/agent/index.js +3 -0
- package/dist/agent/index.js.map +1 -1
- package/dist/agent/index.mjs +3 -0
- package/dist/agent/index.mjs.map +1 -1
- package/dist/browser/background.js +1 -1
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +1 -1
- package/dist/browser/background.mjs.map +1 -1
- package/dist/browser/browser-adapter.d.mts +2 -2
- package/dist/browser/browser-adapter.d.ts +2 -2
- package/dist/cli/index.d.mts +2 -2
- package/dist/cli/index.d.ts +2 -2
- package/dist/cursor/cursor-adapter.d.mts +2 -2
- package/dist/cursor/cursor-adapter.d.ts +2 -2
- package/dist/cursor/extension.d.mts +2 -2
- package/dist/cursor/extension.d.ts +2 -2
- package/dist/cursor/extension.js +1 -1
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +1 -1
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/{express-ienhAXps.d.mts → express-DFVBlXr_.d.mts} +1 -1
- package/dist/{express-CrfwoNAR.d.ts → express-DavQ76oF.d.ts} +1 -1
- package/dist/gateway/gateway.d.mts +2 -2
- package/dist/gateway/gateway.d.ts +2 -2
- package/dist/gateway/gateway.js +1 -1
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +1 -1
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/git-trigger/git-hooks.d.mts +2 -2
- package/dist/git-trigger/git-hooks.d.ts +2 -2
- package/dist/{index-B5e2IDWU.d.mts → index-BVxantdv.d.mts} +1 -1
- package/dist/{index-DC5f8eoQ.d.ts → index-BhEgEiJL.d.ts} +1 -1
- package/dist/{index-CEg_WG6y.d.mts → index-BhL2R65s.d.mts} +1 -1
- package/dist/{index-CCdZxvAr.d.ts → index-Dk2nIA4w.d.ts} +1 -1
- package/dist/index.d.mts +7 -7
- package/dist/index.d.ts +7 -7
- package/dist/index.js +160 -71
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +160 -71
- package/dist/index.mjs.map +1 -1
- package/dist/local-evaluator/evaluator.d.mts +2 -2
- package/dist/local-evaluator/evaluator.d.ts +2 -2
- package/dist/{nextjs-66R1KW8e.d.ts → nextjs-BXLH1hJj.d.ts} +1 -1
- package/dist/{nextjs-DSpisQst.d.mts → nextjs-D-maqrNz.d.mts} +1 -1
- package/dist/{sdk-5U_CBRpr.d.mts → sdk-767LaEP8.d.mts} +1 -1
- package/dist/{sdk-Bm8np66n.d.ts → sdk-K8IgssHI.d.ts} +1 -1
- package/dist/transport/index.d.mts +2 -2
- package/dist/transport/index.d.ts +2 -2
- package/dist/transport/index.js +10 -0
- package/dist/transport/index.js.map +1 -1
- package/dist/transport/index.mjs +10 -0
- package/dist/transport/index.mjs.map +1 -1
- package/dist/{types-B3USs-Kx.d.mts → types-Cuh7ELfr.d.mts} +25 -0
- package/dist/{types-B3USs-Kx.d.ts → types-Cuh7ELfr.d.ts} +25 -0
- package/dist/{types-CgDCUfo8.d.mts → types-CyFwZ_Yu.d.mts} +1 -1
- package/dist/{types-R5N4ET6x.d.ts → types-WIRp_BP_.d.ts} +1 -1
- package/dist/ui/index.d.mts +1 -1
- package/dist/ui/index.d.ts +1 -1
- package/package.json +1 -1
package/dist/adapters/nextjs.mjs
CHANGED
|
@@ -18,7 +18,7 @@ function hasMinimumAccess(actual, required) {
|
|
|
18
18
|
}
|
|
19
19
|
|
|
20
20
|
// src/version.ts
|
|
21
|
-
var SDK_VERSION = "3.
|
|
21
|
+
var SDK_VERSION = "3.1.0";
|
|
22
22
|
|
|
23
23
|
// src/well-known.ts
|
|
24
24
|
var CACHE_TTL_MS = 60 * 60 * 1e3;
|
|
@@ -468,6 +468,13 @@ function extractHttpCredentials(headers) {
|
|
|
468
468
|
purpose: { category, action }
|
|
469
469
|
};
|
|
470
470
|
}
|
|
471
|
+
const astraAction = getValue(`${HEADER_PREFIX}Action`) ?? getValue("x-astra-action");
|
|
472
|
+
if (astraAction) {
|
|
473
|
+
credentials.pdlss = {
|
|
474
|
+
...credentials.pdlss,
|
|
475
|
+
purpose: { category: credentials.pdlss?.purpose?.category ?? "", action: astraAction }
|
|
476
|
+
};
|
|
477
|
+
}
|
|
471
478
|
const duration = getValue(`${HEADER_PREFIX}Duration`) ?? getValue("x-astra-duration");
|
|
472
479
|
if (duration) {
|
|
473
480
|
credentials.pdlss = {
|
|
@@ -533,6 +540,85 @@ function performCounterpartyPreCheck(routeConfig, astraCreds, purpose) {
|
|
|
533
540
|
return failures;
|
|
534
541
|
}
|
|
535
542
|
|
|
543
|
+
// src/adapters/http-pdlss.ts
|
|
544
|
+
var HTTP_METHOD_ACTION_TABLE = {
|
|
545
|
+
GET: "data.read",
|
|
546
|
+
HEAD: "data.read",
|
|
547
|
+
OPTIONS: "data.read",
|
|
548
|
+
POST: "data.write",
|
|
549
|
+
PUT: "data.write",
|
|
550
|
+
PATCH: "data.write",
|
|
551
|
+
DELETE: "data.delete"
|
|
552
|
+
};
|
|
553
|
+
var DEFAULT_HTTP_ACTION = "data.write";
|
|
554
|
+
var DEFAULT_HTTP_PURPOSE = "data";
|
|
555
|
+
function actionForHttpMethod(method) {
|
|
556
|
+
return HTTP_METHOD_ACTION_TABLE[method.toUpperCase()] ?? DEFAULT_HTTP_ACTION;
|
|
557
|
+
}
|
|
558
|
+
function normalizePurposeHeader(value) {
|
|
559
|
+
const colon = value.indexOf(":");
|
|
560
|
+
if (colon >= 0) {
|
|
561
|
+
return { purpose: value.slice(0, colon) };
|
|
562
|
+
}
|
|
563
|
+
const dot = value.indexOf(".");
|
|
564
|
+
if (dot > 0 && dot < value.length - 1) {
|
|
565
|
+
return { purpose: value.slice(0, dot), actionCandidate: value };
|
|
566
|
+
}
|
|
567
|
+
return { purpose: value };
|
|
568
|
+
}
|
|
569
|
+
function resolveHttpPdlss(input) {
|
|
570
|
+
const fromHeader = input.astraPurpose ? normalizePurposeHeader(input.astraPurpose) : void 0;
|
|
571
|
+
let action;
|
|
572
|
+
let actionSource;
|
|
573
|
+
if (input.routeAction) {
|
|
574
|
+
action = input.routeAction;
|
|
575
|
+
actionSource = "route_config";
|
|
576
|
+
} else if (input.hasCustomActionExtractor && input.customAction) {
|
|
577
|
+
action = input.customAction;
|
|
578
|
+
actionSource = "custom_extractor";
|
|
579
|
+
} else if (!input.hasCustomActionExtractor && input.astraAction) {
|
|
580
|
+
action = input.astraAction;
|
|
581
|
+
actionSource = "header";
|
|
582
|
+
} else if (!input.hasCustomActionExtractor && fromHeader?.actionCandidate) {
|
|
583
|
+
action = fromHeader.actionCandidate;
|
|
584
|
+
actionSource = "purpose_header_derived";
|
|
585
|
+
} else {
|
|
586
|
+
action = actionForHttpMethod(input.method);
|
|
587
|
+
actionSource = "method_table";
|
|
588
|
+
}
|
|
589
|
+
let purpose;
|
|
590
|
+
let purposeSource;
|
|
591
|
+
if (input.routePurpose) {
|
|
592
|
+
purpose = input.routePurpose;
|
|
593
|
+
purposeSource = "route_config";
|
|
594
|
+
} else if (input.hasCustomPurposeExtractor) {
|
|
595
|
+
if (input.customPurpose) {
|
|
596
|
+
purpose = input.customPurpose;
|
|
597
|
+
purposeSource = "custom_extractor";
|
|
598
|
+
}
|
|
599
|
+
} else if (fromHeader) {
|
|
600
|
+
purpose = fromHeader.purpose;
|
|
601
|
+
purposeSource = "header";
|
|
602
|
+
} else if (input.legacyPurpose) {
|
|
603
|
+
purpose = input.legacyPurpose;
|
|
604
|
+
purposeSource = "legacy_header";
|
|
605
|
+
} else if (input.queryPurpose) {
|
|
606
|
+
purpose = input.queryPurpose;
|
|
607
|
+
purposeSource = "query";
|
|
608
|
+
}
|
|
609
|
+
if (!purpose) {
|
|
610
|
+
const dot = action.indexOf(".");
|
|
611
|
+
if (dot > 0) {
|
|
612
|
+
purpose = action.slice(0, dot);
|
|
613
|
+
purposeSource = "action_derived";
|
|
614
|
+
} else {
|
|
615
|
+
purpose = DEFAULT_HTTP_PURPOSE;
|
|
616
|
+
purposeSource = "transport_default";
|
|
617
|
+
}
|
|
618
|
+
}
|
|
619
|
+
return { purpose, action, purposeSource, actionSource };
|
|
620
|
+
}
|
|
621
|
+
|
|
536
622
|
// src/adapters/nextjs.ts
|
|
537
623
|
function escapeHtml(value) {
|
|
538
624
|
return value.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">").replace(/"/g, """).replace(/'/g, "'");
|
|
@@ -593,28 +679,15 @@ function extractAstraSyncCredentialsFromNextRequest(request) {
|
|
|
593
679
|
});
|
|
594
680
|
return extractHttpCredentials(headers);
|
|
595
681
|
}
|
|
596
|
-
function
|
|
597
|
-
|
|
598
|
-
|
|
599
|
-
|
|
600
|
-
|
|
601
|
-
|
|
602
|
-
|
|
603
|
-
|
|
604
|
-
}
|
|
605
|
-
switch (request.method.toUpperCase()) {
|
|
606
|
-
case "GET":
|
|
607
|
-
return "read_data";
|
|
608
|
-
case "POST":
|
|
609
|
-
return "write_data";
|
|
610
|
-
case "PUT":
|
|
611
|
-
case "PATCH":
|
|
612
|
-
return "write_data";
|
|
613
|
-
case "DELETE":
|
|
614
|
-
return "delete_data";
|
|
615
|
-
default:
|
|
616
|
-
return "general";
|
|
617
|
-
}
|
|
682
|
+
function resolveNextPdlss(request, routeConfig) {
|
|
683
|
+
return resolveHttpPdlss({
|
|
684
|
+
method: request.method,
|
|
685
|
+
astraPurpose: request.headers.get("x-astra-purpose") ?? void 0,
|
|
686
|
+
astraAction: request.headers.get("x-astra-action") ?? void 0,
|
|
687
|
+
legacyPurpose: request.headers.get("x-purpose") ?? void 0,
|
|
688
|
+
routePurpose: routeConfig?.purpose,
|
|
689
|
+
routeAction: routeConfig?.action
|
|
690
|
+
});
|
|
618
691
|
}
|
|
619
692
|
function generateCommerceShieldHtml(result, options) {
|
|
620
693
|
const title = escapeHtml(options.commerceShield?.title || "AstraSync Agent Verification");
|
|
@@ -827,7 +900,16 @@ function createMiddleware(options) {
|
|
|
827
900
|
}
|
|
828
901
|
const credentials = extractCredentialsFromNextRequest(request);
|
|
829
902
|
const counterpartyUrl = config.counterpartyUrl || request.nextUrl.origin;
|
|
830
|
-
const
|
|
903
|
+
const pdlssPair = resolveNextPdlss(request, routeConfig);
|
|
904
|
+
const purpose = pdlssPair.purpose;
|
|
905
|
+
if (config.debug) {
|
|
906
|
+
console.debug("[nextjs-middleware] pdlss resolved", {
|
|
907
|
+
purpose_source: pdlssPair.purposeSource,
|
|
908
|
+
resolved_purpose: pdlssPair.purpose,
|
|
909
|
+
action_source: pdlssPair.actionSource,
|
|
910
|
+
resolved_action: pdlssPair.action
|
|
911
|
+
});
|
|
912
|
+
}
|
|
831
913
|
const astraCreds = extractAstraSyncCredentialsFromNextRequest(request);
|
|
832
914
|
const preCheckFailures = performCounterpartyPreCheck(routeConfig, astraCreds, purpose);
|
|
833
915
|
if (preCheckFailures.length > 0) {
|
|
@@ -881,10 +963,7 @@ function createMiddleware(options) {
|
|
|
881
963
|
const result = await verify(config, {
|
|
882
964
|
credentials,
|
|
883
965
|
purpose,
|
|
884
|
-
|
|
885
|
-
// Backend evaluator tolerates either case as defense-in-depth
|
|
886
|
-
// (round-18.6 batch 2); SDK emits canonical form.
|
|
887
|
-
action: request.method.toUpperCase(),
|
|
966
|
+
action: pdlssPair.action,
|
|
888
967
|
resource: pathname,
|
|
889
968
|
counterpartyUrl,
|
|
890
969
|
counterpartyType: config.counterpartyType || "website",
|