@astrasyncai/verification-gateway 3.0.0 → 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter-interface/interface.d.mts +2 -2
- package/dist/adapter-interface/interface.d.ts +2 -2
- package/dist/adapters/express.d.mts +2 -2
- package/dist/adapters/express.d.ts +2 -2
- package/dist/adapters/express.js +123 -33
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +123 -33
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.d.mts +20 -7
- package/dist/adapters/mcp.d.ts +20 -7
- package/dist/adapters/mcp.js +6 -3
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +6 -3
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.d.mts +2 -2
- package/dist/adapters/nextjs.d.ts +2 -2
- package/dist/adapters/nextjs.js +107 -28
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +107 -28
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.d.mts +2 -2
- package/dist/adapters/sdk.d.ts +2 -2
- package/dist/adapters/sdk.js +1 -1
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +1 -1
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/agent/index.d.mts +2 -2
- package/dist/agent/index.d.ts +2 -2
- package/dist/agent/index.js +3 -0
- package/dist/agent/index.js.map +1 -1
- package/dist/agent/index.mjs +3 -0
- package/dist/agent/index.mjs.map +1 -1
- package/dist/browser/background.js +1 -1
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +1 -1
- package/dist/browser/background.mjs.map +1 -1
- package/dist/browser/browser-adapter.d.mts +2 -2
- package/dist/browser/browser-adapter.d.ts +2 -2
- package/dist/cli/index.d.mts +2 -2
- package/dist/cli/index.d.ts +2 -2
- package/dist/cursor/cursor-adapter.d.mts +2 -2
- package/dist/cursor/cursor-adapter.d.ts +2 -2
- package/dist/cursor/extension.d.mts +2 -2
- package/dist/cursor/extension.d.ts +2 -2
- package/dist/cursor/extension.js +1 -1
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +1 -1
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/{express-ienhAXps.d.mts → express-DFVBlXr_.d.mts} +1 -1
- package/dist/{express-CrfwoNAR.d.ts → express-DavQ76oF.d.ts} +1 -1
- package/dist/gateway/gateway.d.mts +2 -2
- package/dist/gateway/gateway.d.ts +2 -2
- package/dist/gateway/gateway.js +1 -1
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +1 -1
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/git-trigger/git-hooks.d.mts +2 -2
- package/dist/git-trigger/git-hooks.d.ts +2 -2
- package/dist/{index-B5e2IDWU.d.mts → index-BVxantdv.d.mts} +1 -1
- package/dist/{index-DC5f8eoQ.d.ts → index-BhEgEiJL.d.ts} +1 -1
- package/dist/{index-CEg_WG6y.d.mts → index-BhL2R65s.d.mts} +1 -1
- package/dist/{index-CCdZxvAr.d.ts → index-Dk2nIA4w.d.ts} +1 -1
- package/dist/index.d.mts +7 -7
- package/dist/index.d.ts +7 -7
- package/dist/index.js +160 -71
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +160 -71
- package/dist/index.mjs.map +1 -1
- package/dist/local-evaluator/evaluator.d.mts +2 -2
- package/dist/local-evaluator/evaluator.d.ts +2 -2
- package/dist/{nextjs-66R1KW8e.d.ts → nextjs-BXLH1hJj.d.ts} +1 -1
- package/dist/{nextjs-DSpisQst.d.mts → nextjs-D-maqrNz.d.mts} +1 -1
- package/dist/{sdk-5U_CBRpr.d.mts → sdk-767LaEP8.d.mts} +1 -1
- package/dist/{sdk-Bm8np66n.d.ts → sdk-K8IgssHI.d.ts} +1 -1
- package/dist/transport/index.d.mts +2 -2
- package/dist/transport/index.d.ts +2 -2
- package/dist/transport/index.js +10 -0
- package/dist/transport/index.js.map +1 -1
- package/dist/transport/index.mjs +10 -0
- package/dist/transport/index.mjs.map +1 -1
- package/dist/{types-B3USs-Kx.d.mts → types-Cuh7ELfr.d.mts} +25 -0
- package/dist/{types-B3USs-Kx.d.ts → types-Cuh7ELfr.d.ts} +25 -0
- package/dist/{types-CgDCUfo8.d.mts → types-CyFwZ_Yu.d.mts} +1 -1
- package/dist/{types-R5N4ET6x.d.ts → types-WIRp_BP_.d.ts} +1 -1
- package/dist/ui/index.d.mts +1 -1
- package/dist/ui/index.d.ts +1 -1
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -126,7 +126,7 @@ function getCapabilities(accessLevel) {
|
|
|
126
126
|
}
|
|
127
127
|
|
|
128
128
|
// src/version.ts
|
|
129
|
-
var SDK_VERSION = "3.
|
|
129
|
+
var SDK_VERSION = "3.1.0";
|
|
130
130
|
|
|
131
131
|
// src/well-known.ts
|
|
132
132
|
var CACHE_TTL_MS = 60 * 60 * 1e3;
|
|
@@ -721,6 +721,9 @@ function setHttpHeaders(headers, credentials) {
|
|
|
721
721
|
if (credentials.pdlss?.purpose) {
|
|
722
722
|
const purposeValue = credentials.pdlss.purpose.action ? `${credentials.pdlss.purpose.category}:${credentials.pdlss.purpose.action}` : credentials.pdlss.purpose.category;
|
|
723
723
|
result[`${HEADER_PREFIX}Purpose`] = purposeValue;
|
|
724
|
+
if (credentials.pdlss.purpose.action) {
|
|
725
|
+
result[`${HEADER_PREFIX}Action`] = credentials.pdlss.purpose.action;
|
|
726
|
+
}
|
|
724
727
|
}
|
|
725
728
|
if (credentials.pdlss?.duration?.maxSessionDuration) {
|
|
726
729
|
result[`${HEADER_PREFIX}Duration`] = String(credentials.pdlss.duration.maxSessionDuration);
|
|
@@ -750,6 +753,13 @@ function extractHttpCredentials(headers) {
|
|
|
750
753
|
purpose: { category, action }
|
|
751
754
|
};
|
|
752
755
|
}
|
|
756
|
+
const astraAction = getValue(`${HEADER_PREFIX}Action`) ?? getValue("x-astra-action");
|
|
757
|
+
if (astraAction) {
|
|
758
|
+
credentials.pdlss = {
|
|
759
|
+
...credentials.pdlss,
|
|
760
|
+
purpose: { category: credentials.pdlss?.purpose?.category ?? "", action: astraAction }
|
|
761
|
+
};
|
|
762
|
+
}
|
|
753
763
|
const duration = getValue(`${HEADER_PREFIX}Duration`) ?? getValue("x-astra-duration");
|
|
754
764
|
if (duration) {
|
|
755
765
|
credentials.pdlss = {
|
|
@@ -767,6 +777,85 @@ function extractHttpCredentials(headers) {
|
|
|
767
777
|
return credentials;
|
|
768
778
|
}
|
|
769
779
|
|
|
780
|
+
// src/adapters/http-pdlss.ts
|
|
781
|
+
var HTTP_METHOD_ACTION_TABLE = {
|
|
782
|
+
GET: "data.read",
|
|
783
|
+
HEAD: "data.read",
|
|
784
|
+
OPTIONS: "data.read",
|
|
785
|
+
POST: "data.write",
|
|
786
|
+
PUT: "data.write",
|
|
787
|
+
PATCH: "data.write",
|
|
788
|
+
DELETE: "data.delete"
|
|
789
|
+
};
|
|
790
|
+
var DEFAULT_HTTP_ACTION = "data.write";
|
|
791
|
+
var DEFAULT_HTTP_PURPOSE = "data";
|
|
792
|
+
function actionForHttpMethod(method) {
|
|
793
|
+
return HTTP_METHOD_ACTION_TABLE[method.toUpperCase()] ?? DEFAULT_HTTP_ACTION;
|
|
794
|
+
}
|
|
795
|
+
function normalizePurposeHeader(value) {
|
|
796
|
+
const colon = value.indexOf(":");
|
|
797
|
+
if (colon >= 0) {
|
|
798
|
+
return { purpose: value.slice(0, colon) };
|
|
799
|
+
}
|
|
800
|
+
const dot = value.indexOf(".");
|
|
801
|
+
if (dot > 0 && dot < value.length - 1) {
|
|
802
|
+
return { purpose: value.slice(0, dot), actionCandidate: value };
|
|
803
|
+
}
|
|
804
|
+
return { purpose: value };
|
|
805
|
+
}
|
|
806
|
+
function resolveHttpPdlss(input) {
|
|
807
|
+
const fromHeader = input.astraPurpose ? normalizePurposeHeader(input.astraPurpose) : void 0;
|
|
808
|
+
let action;
|
|
809
|
+
let actionSource;
|
|
810
|
+
if (input.routeAction) {
|
|
811
|
+
action = input.routeAction;
|
|
812
|
+
actionSource = "route_config";
|
|
813
|
+
} else if (input.hasCustomActionExtractor && input.customAction) {
|
|
814
|
+
action = input.customAction;
|
|
815
|
+
actionSource = "custom_extractor";
|
|
816
|
+
} else if (!input.hasCustomActionExtractor && input.astraAction) {
|
|
817
|
+
action = input.astraAction;
|
|
818
|
+
actionSource = "header";
|
|
819
|
+
} else if (!input.hasCustomActionExtractor && fromHeader?.actionCandidate) {
|
|
820
|
+
action = fromHeader.actionCandidate;
|
|
821
|
+
actionSource = "purpose_header_derived";
|
|
822
|
+
} else {
|
|
823
|
+
action = actionForHttpMethod(input.method);
|
|
824
|
+
actionSource = "method_table";
|
|
825
|
+
}
|
|
826
|
+
let purpose;
|
|
827
|
+
let purposeSource;
|
|
828
|
+
if (input.routePurpose) {
|
|
829
|
+
purpose = input.routePurpose;
|
|
830
|
+
purposeSource = "route_config";
|
|
831
|
+
} else if (input.hasCustomPurposeExtractor) {
|
|
832
|
+
if (input.customPurpose) {
|
|
833
|
+
purpose = input.customPurpose;
|
|
834
|
+
purposeSource = "custom_extractor";
|
|
835
|
+
}
|
|
836
|
+
} else if (fromHeader) {
|
|
837
|
+
purpose = fromHeader.purpose;
|
|
838
|
+
purposeSource = "header";
|
|
839
|
+
} else if (input.legacyPurpose) {
|
|
840
|
+
purpose = input.legacyPurpose;
|
|
841
|
+
purposeSource = "legacy_header";
|
|
842
|
+
} else if (input.queryPurpose) {
|
|
843
|
+
purpose = input.queryPurpose;
|
|
844
|
+
purposeSource = "query";
|
|
845
|
+
}
|
|
846
|
+
if (!purpose) {
|
|
847
|
+
const dot = action.indexOf(".");
|
|
848
|
+
if (dot > 0) {
|
|
849
|
+
purpose = action.slice(0, dot);
|
|
850
|
+
purposeSource = "action_derived";
|
|
851
|
+
} else {
|
|
852
|
+
purpose = DEFAULT_HTTP_PURPOSE;
|
|
853
|
+
purposeSource = "transport_default";
|
|
854
|
+
}
|
|
855
|
+
}
|
|
856
|
+
return { purpose, action, purposeSource, actionSource };
|
|
857
|
+
}
|
|
858
|
+
|
|
770
859
|
// src/pdlss-pre-check.ts
|
|
771
860
|
function performCounterpartyPreCheck(routeConfig, astraCreds, purpose) {
|
|
772
861
|
const failures = [];
|
|
@@ -825,33 +914,25 @@ function defaultExtractCredentials(req) {
|
|
|
825
914
|
function extractAstraSyncCredentials(req) {
|
|
826
915
|
return extractHttpCredentials(req.headers);
|
|
827
916
|
}
|
|
828
|
-
function
|
|
829
|
-
|
|
830
|
-
if (
|
|
831
|
-
|
|
832
|
-
|
|
833
|
-
|
|
834
|
-
|
|
835
|
-
|
|
836
|
-
|
|
837
|
-
|
|
838
|
-
|
|
839
|
-
|
|
840
|
-
|
|
841
|
-
|
|
842
|
-
|
|
843
|
-
|
|
844
|
-
|
|
845
|
-
|
|
846
|
-
|
|
847
|
-
case "PUT":
|
|
848
|
-
case "PATCH":
|
|
849
|
-
return "write_data";
|
|
850
|
-
case "DELETE":
|
|
851
|
-
return "delete_data";
|
|
852
|
-
default:
|
|
853
|
-
return "general";
|
|
854
|
-
}
|
|
917
|
+
function headerValue(value) {
|
|
918
|
+
if (typeof value === "string") return value;
|
|
919
|
+
if (Array.isArray(value)) return value[0];
|
|
920
|
+
return void 0;
|
|
921
|
+
}
|
|
922
|
+
function resolveRequestPdlss(req, routeConfig, customExtractPurpose, customExtractAction) {
|
|
923
|
+
return resolveHttpPdlss({
|
|
924
|
+
method: req.method,
|
|
925
|
+
astraPurpose: headerValue(req.headers["x-astra-purpose"]),
|
|
926
|
+
astraAction: headerValue(req.headers["x-astra-action"]),
|
|
927
|
+
legacyPurpose: headerValue(req.headers["x-purpose"] ?? req.headers["X-Purpose"]),
|
|
928
|
+
queryPurpose: typeof req.query.purpose === "string" ? req.query.purpose : void 0,
|
|
929
|
+
routePurpose: routeConfig?.purpose,
|
|
930
|
+
routeAction: routeConfig?.action,
|
|
931
|
+
hasCustomPurposeExtractor: !!customExtractPurpose,
|
|
932
|
+
customPurpose: customExtractPurpose?.(req),
|
|
933
|
+
hasCustomActionExtractor: !!customExtractAction,
|
|
934
|
+
customAction: customExtractAction?.(req)
|
|
935
|
+
});
|
|
855
936
|
}
|
|
856
937
|
function matchRoute(pattern, path, opts) {
|
|
857
938
|
const regexPattern = pattern.replace(/\*/g, ".*").replace(/\//g, "\\/");
|
|
@@ -911,6 +992,7 @@ function createMiddleware(options) {
|
|
|
911
992
|
const {
|
|
912
993
|
extractCredentials: customExtractCredentials,
|
|
913
994
|
extractPurpose: customExtractPurpose,
|
|
995
|
+
extractAction: customExtractAction,
|
|
914
996
|
skipPaths = [],
|
|
915
997
|
onDenied = defaultOnDenied,
|
|
916
998
|
recordDecisions,
|
|
@@ -996,7 +1078,21 @@ function createMiddleware(options) {
|
|
|
996
1078
|
}
|
|
997
1079
|
return next();
|
|
998
1080
|
}
|
|
999
|
-
const
|
|
1081
|
+
const pdlssPair = resolveRequestPdlss(
|
|
1082
|
+
req,
|
|
1083
|
+
routeConfig,
|
|
1084
|
+
customExtractPurpose,
|
|
1085
|
+
customExtractAction
|
|
1086
|
+
);
|
|
1087
|
+
const purpose = pdlssPair.purpose;
|
|
1088
|
+
if (config.debug) {
|
|
1089
|
+
console.debug("[express-middleware] pdlss resolved", {
|
|
1090
|
+
purpose_source: pdlssPair.purposeSource,
|
|
1091
|
+
resolved_purpose: pdlssPair.purpose,
|
|
1092
|
+
action_source: pdlssPair.actionSource,
|
|
1093
|
+
resolved_action: pdlssPair.action
|
|
1094
|
+
});
|
|
1095
|
+
}
|
|
1000
1096
|
const astraCreds = extractAstraSyncCredentials(req);
|
|
1001
1097
|
const counterpartyUrl = config.counterpartyUrl || `${req.protocol}://${req.get("host")}`;
|
|
1002
1098
|
const preCheckFailures = performCounterpartyPreCheck(routeConfig, astraCreds, purpose);
|
|
@@ -1040,10 +1136,7 @@ function createMiddleware(options) {
|
|
|
1040
1136
|
const result = await verify(config, {
|
|
1041
1137
|
credentials,
|
|
1042
1138
|
purpose,
|
|
1043
|
-
|
|
1044
|
-
// Backend evaluator tolerates either case as defense-in-depth
|
|
1045
|
-
// (round-18.6 batch 2); SDK emits canonical form.
|
|
1046
|
-
action: req.method.toUpperCase(),
|
|
1139
|
+
action: pdlssPair.action,
|
|
1047
1140
|
resource: req.path,
|
|
1048
1141
|
createSession: shouldRecordDecisions,
|
|
1049
1142
|
counterpartyUrl,
|
|
@@ -1241,28 +1334,15 @@ function extractAstraSyncCredentialsFromNextRequest(request) {
|
|
|
1241
1334
|
});
|
|
1242
1335
|
return extractHttpCredentials(headers);
|
|
1243
1336
|
}
|
|
1244
|
-
function
|
|
1245
|
-
|
|
1246
|
-
|
|
1247
|
-
|
|
1248
|
-
|
|
1249
|
-
|
|
1250
|
-
|
|
1251
|
-
|
|
1252
|
-
}
|
|
1253
|
-
switch (request.method.toUpperCase()) {
|
|
1254
|
-
case "GET":
|
|
1255
|
-
return "read_data";
|
|
1256
|
-
case "POST":
|
|
1257
|
-
return "write_data";
|
|
1258
|
-
case "PUT":
|
|
1259
|
-
case "PATCH":
|
|
1260
|
-
return "write_data";
|
|
1261
|
-
case "DELETE":
|
|
1262
|
-
return "delete_data";
|
|
1263
|
-
default:
|
|
1264
|
-
return "general";
|
|
1265
|
-
}
|
|
1337
|
+
function resolveNextPdlss(request, routeConfig) {
|
|
1338
|
+
return resolveHttpPdlss({
|
|
1339
|
+
method: request.method,
|
|
1340
|
+
astraPurpose: request.headers.get("x-astra-purpose") ?? void 0,
|
|
1341
|
+
astraAction: request.headers.get("x-astra-action") ?? void 0,
|
|
1342
|
+
legacyPurpose: request.headers.get("x-purpose") ?? void 0,
|
|
1343
|
+
routePurpose: routeConfig?.purpose,
|
|
1344
|
+
routeAction: routeConfig?.action
|
|
1345
|
+
});
|
|
1266
1346
|
}
|
|
1267
1347
|
function generateCommerceShieldHtml(result, options) {
|
|
1268
1348
|
const title = escapeHtml(options.commerceShield?.title || "AstraSync Agent Verification");
|
|
@@ -1475,7 +1555,16 @@ function createMiddleware2(options) {
|
|
|
1475
1555
|
}
|
|
1476
1556
|
const credentials = extractCredentialsFromNextRequest(request);
|
|
1477
1557
|
const counterpartyUrl = config.counterpartyUrl || request.nextUrl.origin;
|
|
1478
|
-
const
|
|
1558
|
+
const pdlssPair = resolveNextPdlss(request, routeConfig);
|
|
1559
|
+
const purpose = pdlssPair.purpose;
|
|
1560
|
+
if (config.debug) {
|
|
1561
|
+
console.debug("[nextjs-middleware] pdlss resolved", {
|
|
1562
|
+
purpose_source: pdlssPair.purposeSource,
|
|
1563
|
+
resolved_purpose: pdlssPair.purpose,
|
|
1564
|
+
action_source: pdlssPair.actionSource,
|
|
1565
|
+
resolved_action: pdlssPair.action
|
|
1566
|
+
});
|
|
1567
|
+
}
|
|
1479
1568
|
const astraCreds = extractAstraSyncCredentialsFromNextRequest(request);
|
|
1480
1569
|
const preCheckFailures = performCounterpartyPreCheck(routeConfig, astraCreds, purpose);
|
|
1481
1570
|
if (preCheckFailures.length > 0) {
|
|
@@ -1529,10 +1618,7 @@ function createMiddleware2(options) {
|
|
|
1529
1618
|
const result = await verify(config, {
|
|
1530
1619
|
credentials,
|
|
1531
1620
|
purpose,
|
|
1532
|
-
|
|
1533
|
-
// Backend evaluator tolerates either case as defense-in-depth
|
|
1534
|
-
// (round-18.6 batch 2); SDK emits canonical form.
|
|
1535
|
-
action: request.method.toUpperCase(),
|
|
1621
|
+
action: pdlssPair.action,
|
|
1536
1622
|
resource: pathname,
|
|
1537
1623
|
counterpartyUrl,
|
|
1538
1624
|
counterpartyType: config.counterpartyType || "website",
|
|
@@ -3287,9 +3373,9 @@ function toBuf(bytes) {
|
|
|
3287
3373
|
new Uint8Array(out).set(bytes);
|
|
3288
3374
|
return out;
|
|
3289
3375
|
}
|
|
3290
|
-
function checkTimestamp(
|
|
3291
|
-
if (!
|
|
3292
|
-
const ts = parseTimestamp(
|
|
3376
|
+
function checkTimestamp(headerValue2, toleranceSec, nowFn) {
|
|
3377
|
+
if (!headerValue2) return { ok: false, error: "missing Timestamp header" };
|
|
3378
|
+
const ts = parseTimestamp(headerValue2);
|
|
3293
3379
|
if (ts === null) return { ok: false, error: "unparseable Timestamp header" };
|
|
3294
3380
|
const now = nowFn ? nowFn() : Math.floor(Date.now() / 1e3);
|
|
3295
3381
|
if (Math.abs(now - ts) > toleranceSec) {
|
|
@@ -3524,14 +3610,14 @@ import {
|
|
|
3524
3610
|
} from "@x402/core/schemas";
|
|
3525
3611
|
import { safeBase64Decode } from "@x402/core/utils";
|
|
3526
3612
|
function extractX402FromRequest(request) {
|
|
3527
|
-
const
|
|
3613
|
+
const headerValue2 = readHeader4(request.headers, "x-payment");
|
|
3528
3614
|
if (request.body && typeof request.body === "object") {
|
|
3529
3615
|
const parsed = tryParsePayload(request.body);
|
|
3530
3616
|
if (parsed) return buildPayloadContext(parsed, "body");
|
|
3531
3617
|
}
|
|
3532
|
-
if (
|
|
3618
|
+
if (headerValue2) {
|
|
3533
3619
|
try {
|
|
3534
|
-
const decoded = safeBase64Decode(
|
|
3620
|
+
const decoded = safeBase64Decode(headerValue2);
|
|
3535
3621
|
if (decoded) {
|
|
3536
3622
|
const json = JSON.parse(decoded);
|
|
3537
3623
|
const parsed = tryParsePayload(json);
|
|
@@ -3554,10 +3640,10 @@ function extractX402FromResponse(response) {
|
|
|
3554
3640
|
const parsed = tryParseRequired(response.body);
|
|
3555
3641
|
if (parsed) return buildRequiredContext(parsed, "body");
|
|
3556
3642
|
}
|
|
3557
|
-
const
|
|
3558
|
-
if (
|
|
3643
|
+
const headerValue2 = readHeader4(response.headers, "x-payment-required");
|
|
3644
|
+
if (headerValue2) {
|
|
3559
3645
|
try {
|
|
3560
|
-
const decoded = safeBase64Decode(
|
|
3646
|
+
const decoded = safeBase64Decode(headerValue2);
|
|
3561
3647
|
if (decoded) {
|
|
3562
3648
|
const json = JSON.parse(decoded);
|
|
3563
3649
|
const parsed = tryParseRequired(json);
|
|
@@ -4393,7 +4479,10 @@ function mcpToPdlss(parsed, requestPath, headerPurpose, headerAction, toolGate)
|
|
|
4393
4479
|
}
|
|
4394
4480
|
let action;
|
|
4395
4481
|
let actionSource;
|
|
4396
|
-
if (
|
|
4482
|
+
if (toolGate?.action !== void 0) {
|
|
4483
|
+
action = toolGate.action;
|
|
4484
|
+
actionSource = "tool_gate";
|
|
4485
|
+
} else if (headerAction) {
|
|
4397
4486
|
action = headerAction;
|
|
4398
4487
|
actionSource = "header";
|
|
4399
4488
|
} else if (parsed.actionFromBody && parsed.actionSourceFromBody) {
|
|
@@ -4567,7 +4656,7 @@ function createMcpMiddleware(options) {
|
|
|
4567
4656
|
req.path,
|
|
4568
4657
|
headerPurpose,
|
|
4569
4658
|
headerAction,
|
|
4570
|
-
gate ? { purpose: gate.purpose, resource: gate.resource } : void 0
|
|
4659
|
+
gate ? { purpose: gate.purpose, action: gate.action, resource: gate.resource } : void 0
|
|
4571
4660
|
);
|
|
4572
4661
|
if (config.debug) {
|
|
4573
4662
|
console.debug("[mcp-middleware] pdlss resolved", {
|