@astrasyncai/verification-gateway 3.0.0 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (87) hide show
  1. package/dist/adapter-interface/interface.d.mts +2 -2
  2. package/dist/adapter-interface/interface.d.ts +2 -2
  3. package/dist/adapters/express.d.mts +2 -2
  4. package/dist/adapters/express.d.ts +2 -2
  5. package/dist/adapters/express.js +145 -93
  6. package/dist/adapters/express.js.map +1 -1
  7. package/dist/adapters/express.mjs +145 -93
  8. package/dist/adapters/express.mjs.map +1 -1
  9. package/dist/adapters/mcp.d.mts +29 -11
  10. package/dist/adapters/mcp.d.ts +29 -11
  11. package/dist/adapters/mcp.js +43 -102
  12. package/dist/adapters/mcp.js.map +1 -1
  13. package/dist/adapters/mcp.mjs +43 -102
  14. package/dist/adapters/mcp.mjs.map +1 -1
  15. package/dist/adapters/nextjs.d.mts +2 -2
  16. package/dist/adapters/nextjs.d.ts +2 -2
  17. package/dist/adapters/nextjs.js +126 -56
  18. package/dist/adapters/nextjs.js.map +1 -1
  19. package/dist/adapters/nextjs.mjs +126 -56
  20. package/dist/adapters/nextjs.mjs.map +1 -1
  21. package/dist/adapters/sdk.d.mts +2 -2
  22. package/dist/adapters/sdk.d.ts +2 -2
  23. package/dist/adapters/sdk.js +25 -14
  24. package/dist/adapters/sdk.js.map +1 -1
  25. package/dist/adapters/sdk.mjs +25 -14
  26. package/dist/adapters/sdk.mjs.map +1 -1
  27. package/dist/agent/index.d.mts +2 -2
  28. package/dist/agent/index.d.ts +2 -2
  29. package/dist/agent/index.js +3 -0
  30. package/dist/agent/index.js.map +1 -1
  31. package/dist/agent/index.mjs +3 -0
  32. package/dist/agent/index.mjs.map +1 -1
  33. package/dist/browser/background.js +18 -21
  34. package/dist/browser/background.js.map +1 -1
  35. package/dist/browser/background.mjs +18 -21
  36. package/dist/browser/background.mjs.map +1 -1
  37. package/dist/browser/browser-adapter.d.mts +2 -2
  38. package/dist/browser/browser-adapter.d.ts +2 -2
  39. package/dist/cli/index.d.mts +2 -2
  40. package/dist/cli/index.d.ts +2 -2
  41. package/dist/cursor/cursor-adapter.d.mts +2 -2
  42. package/dist/cursor/cursor-adapter.d.ts +2 -2
  43. package/dist/cursor/extension.d.mts +2 -2
  44. package/dist/cursor/extension.d.ts +2 -2
  45. package/dist/cursor/extension.js +18 -21
  46. package/dist/cursor/extension.js.map +1 -1
  47. package/dist/cursor/extension.mjs +18 -21
  48. package/dist/cursor/extension.mjs.map +1 -1
  49. package/dist/{express-CrfwoNAR.d.ts → express-BowlMHQF.d.ts} +1 -1
  50. package/dist/{express-ienhAXps.d.mts → express-CeoSdOAZ.d.mts} +1 -1
  51. package/dist/gateway/gateway.d.mts +2 -2
  52. package/dist/gateway/gateway.d.ts +2 -2
  53. package/dist/gateway/gateway.js +18 -21
  54. package/dist/gateway/gateway.js.map +1 -1
  55. package/dist/gateway/gateway.mjs +18 -21
  56. package/dist/gateway/gateway.mjs.map +1 -1
  57. package/dist/git-trigger/git-hooks.d.mts +2 -2
  58. package/dist/git-trigger/git-hooks.d.ts +2 -2
  59. package/dist/{index-CEg_WG6y.d.mts → index-B51W8gn8.d.mts} +1 -1
  60. package/dist/{index-DC5f8eoQ.d.ts → index-DBmlycVm.d.ts} +1 -1
  61. package/dist/{index-B5e2IDWU.d.mts → index-DtGziFEm.d.mts} +1 -1
  62. package/dist/{index-CCdZxvAr.d.ts → index-DzXXBuLm.d.ts} +1 -1
  63. package/dist/index.d.mts +7 -7
  64. package/dist/index.d.ts +7 -7
  65. package/dist/index.js +209 -191
  66. package/dist/index.js.map +1 -1
  67. package/dist/index.mjs +209 -191
  68. package/dist/index.mjs.map +1 -1
  69. package/dist/local-evaluator/evaluator.d.mts +2 -2
  70. package/dist/local-evaluator/evaluator.d.ts +2 -2
  71. package/dist/{nextjs-DSpisQst.d.mts → nextjs-BW1rzr1I.d.mts} +1 -1
  72. package/dist/{nextjs-66R1KW8e.d.ts → nextjs-V_K0qlAQ.d.ts} +1 -1
  73. package/dist/{sdk-5U_CBRpr.d.mts → sdk-ZYgI7G9f.d.ts} +14 -3
  74. package/dist/{sdk-Bm8np66n.d.ts → sdk-e5jg7sqW.d.mts} +14 -3
  75. package/dist/transport/index.d.mts +2 -2
  76. package/dist/transport/index.d.ts +2 -2
  77. package/dist/transport/index.js +10 -0
  78. package/dist/transport/index.js.map +1 -1
  79. package/dist/transport/index.mjs +10 -0
  80. package/dist/transport/index.mjs.map +1 -1
  81. package/dist/{types-CgDCUfo8.d.mts → types-BNiLZY0i.d.mts} +1 -1
  82. package/dist/{types-R5N4ET6x.d.ts → types-DJi-u3fz.d.ts} +1 -1
  83. package/dist/{types-B3USs-Kx.d.mts → types-rFh4VMH4.d.mts} +30 -2
  84. package/dist/{types-B3USs-Kx.d.ts → types-rFh4VMH4.d.ts} +30 -2
  85. package/dist/ui/index.d.mts +1 -1
  86. package/dist/ui/index.d.ts +1 -1
  87. package/package.json +1 -1
@@ -1,5 +1,5 @@
1
- import { L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, b as LocalPurposeRule } from '../types-CgDCUfo8.mjs';
2
- import '../types-B3USs-Kx.mjs';
1
+ import { L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, b as LocalPurposeRule } from '../types-BNiLZY0i.mjs';
2
+ import '../types-rFh4VMH4.mjs';
3
3
 
4
4
  /**
5
5
  * Local PDLSS Evaluator
@@ -1,5 +1,5 @@
1
- import { L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, b as LocalPurposeRule } from '../types-R5N4ET6x.js';
2
- import '../types-B3USs-Kx.js';
1
+ import { L as LocalPolicy, P as PDLSSContext, V as VerificationDecision, b as LocalPurposeRule } from '../types-DJi-u3fz.js';
2
+ import '../types-rFh4VMH4.js';
3
3
 
4
4
  /**
5
5
  * Local PDLSS Evaluator
@@ -1,6 +1,6 @@
1
1
  import * as next_server from 'next/server';
2
2
  import { NextRequest } from 'next/server';
3
- import { N as NextJsMiddlewareOptions } from './types-B3USs-Kx.mjs';
3
+ import { N as NextJsMiddlewareOptions } from './types-rFh4VMH4.mjs';
4
4
 
5
5
  /**
6
6
  * Create Next.js middleware for agent verification.
@@ -1,6 +1,6 @@
1
1
  import * as next_server from 'next/server';
2
2
  import { NextRequest } from 'next/server';
3
- import { N as NextJsMiddlewareOptions } from './types-B3USs-Kx.js';
3
+ import { N as NextJsMiddlewareOptions } from './types-rFh4VMH4.js';
4
4
 
5
5
  /**
6
6
  * Create Next.js middleware for agent verification.
@@ -1,4 +1,4 @@
1
- import { A as AccessLevel, h as TrustLevel, S as SDKOptions, i as VerificationResult } from './types-B3USs-Kx.mjs';
1
+ import { A as AccessLevel, h as TrustLevel, S as SDKOptions, i as VerificationResult } from './types-rFh4VMH4.js';
2
2
 
3
3
  /**
4
4
  * AstraSync Universal Verification Gateway - Access Level Definitions
@@ -34,7 +34,12 @@ declare const TRUST_LEVEL_RANGES: Record<TrustLevel, {
34
34
  */
35
35
  declare function getTrustLevel(score: number): TrustLevel;
36
36
  /**
37
- * Check if access level A is greater than or equal to access level B
37
+ * Check if access level A is greater than or equal to access level B.
38
+ *
39
+ * @deprecated 3.2.0 — the access-level band is informational only and no
40
+ * longer gates in the middleware adapters (post-3.1.0 feedback #1). Retained
41
+ * for explicit opt-in queries and back-compat. Prefer the server-side policy
42
+ * decision (identity + policy + trust) or per-route `minTrustScore`.
38
43
  */
39
44
  declare function hasMinimumAccess(actual: AccessLevel, required: AccessLevel): boolean;
40
45
  /**
@@ -137,7 +142,13 @@ declare class VerificationGatewayClient {
137
142
  reason?: string;
138
143
  }>;
139
144
  /**
140
- * Check if an agent has a specific access level
145
+ * Check if an agent has a specific access level.
146
+ *
147
+ * @deprecated 3.2.0 — the access-level band is informational only; it no
148
+ * longer gates in the middleware adapters (post-3.1.0 feedback #1). This
149
+ * explicit opt-in query still works, but prefer gating on the server-side
150
+ * policy decision (identity + policy + trust) or per-route `minTrustScore`.
151
+ * Explicit per-route condition→constraint rules are the Phase-2 successor.
141
152
  */
142
153
  hasAccess(credentials: {
143
154
  astraId?: string;
@@ -1,4 +1,4 @@
1
- import { A as AccessLevel, h as TrustLevel, S as SDKOptions, i as VerificationResult } from './types-B3USs-Kx.js';
1
+ import { A as AccessLevel, h as TrustLevel, S as SDKOptions, i as VerificationResult } from './types-rFh4VMH4.mjs';
2
2
 
3
3
  /**
4
4
  * AstraSync Universal Verification Gateway - Access Level Definitions
@@ -34,7 +34,12 @@ declare const TRUST_LEVEL_RANGES: Record<TrustLevel, {
34
34
  */
35
35
  declare function getTrustLevel(score: number): TrustLevel;
36
36
  /**
37
- * Check if access level A is greater than or equal to access level B
37
+ * Check if access level A is greater than or equal to access level B.
38
+ *
39
+ * @deprecated 3.2.0 — the access-level band is informational only and no
40
+ * longer gates in the middleware adapters (post-3.1.0 feedback #1). Retained
41
+ * for explicit opt-in queries and back-compat. Prefer the server-side policy
42
+ * decision (identity + policy + trust) or per-route `minTrustScore`.
38
43
  */
39
44
  declare function hasMinimumAccess(actual: AccessLevel, required: AccessLevel): boolean;
40
45
  /**
@@ -137,7 +142,13 @@ declare class VerificationGatewayClient {
137
142
  reason?: string;
138
143
  }>;
139
144
  /**
140
- * Check if an agent has a specific access level
145
+ * Check if an agent has a specific access level.
146
+ *
147
+ * @deprecated 3.2.0 — the access-level band is informational only; it no
148
+ * longer gates in the middleware adapters (post-3.1.0 feedback #1). This
149
+ * explicit opt-in query still works, but prefer gating on the server-side
150
+ * policy decision (identity + policy + trust) or per-route `minTrustScore`.
151
+ * Explicit per-route condition→constraint rules are the Phase-2 successor.
141
152
  */
142
153
  hasAccess(credentials: {
143
154
  astraId?: string;
@@ -1,3 +1,3 @@
1
- import '../types-B3USs-Kx.mjs';
2
- export { A as ACPEndpoint, a as ACPPaymentTokenType, b as ACPRequestContext, c as ACPRequestLike, d as ACPSignatureAlgorithm, e as ACPTotal, f as ACPVerifyInput, g as ACPVerifyResult, h as AP2CartMandateClaims, i as AP2ChainResult, j as AP2IntentMandateClaims, k as AP2MandateClaims, l as AP2MandateTriple, m as AP2MandateTripleInput, n as AP2MandateType, o as AP2PaymentDetailsTotal, p as AP2PaymentMandateClaims, q as AP2PaymentMandateForValue, r as AP2VerifyInput, C as CommerceContext, s as CommercePipelineInput, t as CommerceProtocol, u as CommercePurpose, v as CommerceSignatureStack, w as ConstraintEvalResult, x as ConstraintKey, y as ConstraintResult, E as ExtractorRequestLike, I as IdentityBindingResult, z as IdentityClaim, B as IdentityResolver, M as MPPChallengeForValue, D as MPPChallengeSummary, F as MPPCredentialSummary, G as MPPIntent, H as MPPKind, J as MPPReceiptSummary, K as MPPRequestContext, L as MPPRequestLike, N as MPPResponseLike, O as MPPVerifyInput, P as MPPVerifyResult, Q as ParsedRFC9421, R as PaymentMethodAllowlistInput, S as RFC9421SignatureParams, T as RFC9421Tag, U as RFC9421VerifyOptions, V as RFC9421VerifyRequest, W as RFC9421VerifyResult, X as RegistryName, Y as RegistryResolver, Z as ResolveContext, _ as STRIPE_WEBHOOK_INFORMATIONAL_EVENTS, $ as SpendingLimitInput, a0 as StripeWebhookInformationalEvent, a1 as TransactionContext, a2 as TransactionValueContext, a3 as TransportExtractor, a4 as UCPCheckoutContext, a5 as UCPManifestValidationResult, a6 as UCPRequestLike, a7 as UCPTotal, a8 as VIAllowedParty, a9 as VIBudgetLimit, aa as VIClaimsForValue, ab as VIConstraintEvalInput, ac as VIConstraints, ad as VIExecutionMode, ae as VIExtractedClaims, af as VILayer, ag as VILineItem, ah as VIMandateType, ai as VIPaymentAmount, aj as VIRecurrence, ak as VIVerifyInput, al as VIVerifyResult, am as VerifyStripeWebhookOptions, an as VerifyStripeWebhookResult, ao as X402Kind, ap as X402RequestContext, aq as X402RequestForValue, ar as X402RequestLike, as as X402RequirementsSummary, at as X402ResponseLike, au as applyCredentials, av as bindIdentity, aw as claim, ax as clearTransportExtractors, ay as createMastercardRegistry, az as createVisaRegistry, aA as createWebBotAuthRegistry, aB as detectProtocol, aC as evaluatePaymentMethodAllowlist, aD as evaluateSpendingLimit, aE as evaluateVIConstraints, aF as extractA2ACredentials, aG as extractACPContext, aH as extractACPTransactionValue, aI as extractAP2Mandate, aJ as extractAP2Mandates, aK as extractAP2TransactionValue, aL as extractCredentialsFromProtocol, aM as extractHttpCredentials, aN as extractMPPContext, aO as extractMPPFromRequest, aP as extractMPPFromResponse, aQ as extractMPPTransactionValue, aR as extractMcpCredentials, aS as extractUCPContext, aT as extractUCPTransactionValue, aU as extractVIClaims, aV as extractVITransactionValue, aW as extractX402Context, aX as extractX402FromRequest, aY as extractX402FromResponse, aZ as extractX402TransactionValue, a_ as fetchUCPManifest, a$ as getTransportExtractor, b0 as getTransportExtractors, b2 as isStripeWebhookInformational, b3 as mapACPRequestToPurpose, b4 as mapAP2MandateToPurpose, b5 as mapMPPRequestToPurpose, b6 as mapRFC9421TagToPurpose, b7 as mapUCPRequestToPurpose, b8 as mapVIMandateToPurpose, b9 as mapX402RequestToPurpose, ba as parseRFC9421, bb as registerTransportExtractor, bc as runCommercePipeline, bd as runMatchingExtractors, be as setA2AMetadata, bf as setHttpHeaders, bg as setMcpMeta, bh as validateUCPManifest, bi as verifyACPSignature, bj as verifyAP2Chain, bk as verifyMPP, bl as verifyRFC9421, bm as verifyStripeWebhook, bn as verifyVIChain } from '../index-CEg_WG6y.mjs';
1
+ import '../types-rFh4VMH4.mjs';
2
+ export { A as ACPEndpoint, a as ACPPaymentTokenType, b as ACPRequestContext, c as ACPRequestLike, d as ACPSignatureAlgorithm, e as ACPTotal, f as ACPVerifyInput, g as ACPVerifyResult, h as AP2CartMandateClaims, i as AP2ChainResult, j as AP2IntentMandateClaims, k as AP2MandateClaims, l as AP2MandateTriple, m as AP2MandateTripleInput, n as AP2MandateType, o as AP2PaymentDetailsTotal, p as AP2PaymentMandateClaims, q as AP2PaymentMandateForValue, r as AP2VerifyInput, C as CommerceContext, s as CommercePipelineInput, t as CommerceProtocol, u as CommercePurpose, v as CommerceSignatureStack, w as ConstraintEvalResult, x as ConstraintKey, y as ConstraintResult, E as ExtractorRequestLike, I as IdentityBindingResult, z as IdentityClaim, B as IdentityResolver, M as MPPChallengeForValue, D as MPPChallengeSummary, F as MPPCredentialSummary, G as MPPIntent, H as MPPKind, J as MPPReceiptSummary, K as MPPRequestContext, L as MPPRequestLike, N as MPPResponseLike, O as MPPVerifyInput, P as MPPVerifyResult, Q as ParsedRFC9421, R as PaymentMethodAllowlistInput, S as RFC9421SignatureParams, T as RFC9421Tag, U as RFC9421VerifyOptions, V as RFC9421VerifyRequest, W as RFC9421VerifyResult, X as RegistryName, Y as RegistryResolver, Z as ResolveContext, _ as STRIPE_WEBHOOK_INFORMATIONAL_EVENTS, $ as SpendingLimitInput, a0 as StripeWebhookInformationalEvent, a1 as TransactionContext, a2 as TransactionValueContext, a3 as TransportExtractor, a4 as UCPCheckoutContext, a5 as UCPManifestValidationResult, a6 as UCPRequestLike, a7 as UCPTotal, a8 as VIAllowedParty, a9 as VIBudgetLimit, aa as VIClaimsForValue, ab as VIConstraintEvalInput, ac as VIConstraints, ad as VIExecutionMode, ae as VIExtractedClaims, af as VILayer, ag as VILineItem, ah as VIMandateType, ai as VIPaymentAmount, aj as VIRecurrence, ak as VIVerifyInput, al as VIVerifyResult, am as VerifyStripeWebhookOptions, an as VerifyStripeWebhookResult, ao as X402Kind, ap as X402RequestContext, aq as X402RequestForValue, ar as X402RequestLike, as as X402RequirementsSummary, at as X402ResponseLike, au as applyCredentials, av as bindIdentity, aw as claim, ax as clearTransportExtractors, ay as createMastercardRegistry, az as createVisaRegistry, aA as createWebBotAuthRegistry, aB as detectProtocol, aC as evaluatePaymentMethodAllowlist, aD as evaluateSpendingLimit, aE as evaluateVIConstraints, aF as extractA2ACredentials, aG as extractACPContext, aH as extractACPTransactionValue, aI as extractAP2Mandate, aJ as extractAP2Mandates, aK as extractAP2TransactionValue, aL as extractCredentialsFromProtocol, aM as extractHttpCredentials, aN as extractMPPContext, aO as extractMPPFromRequest, aP as extractMPPFromResponse, aQ as extractMPPTransactionValue, aR as extractMcpCredentials, aS as extractUCPContext, aT as extractUCPTransactionValue, aU as extractVIClaims, aV as extractVITransactionValue, aW as extractX402Context, aX as extractX402FromRequest, aY as extractX402FromResponse, aZ as extractX402TransactionValue, a_ as fetchUCPManifest, a$ as getTransportExtractor, b0 as getTransportExtractors, b2 as isStripeWebhookInformational, b3 as mapACPRequestToPurpose, b4 as mapAP2MandateToPurpose, b5 as mapMPPRequestToPurpose, b6 as mapRFC9421TagToPurpose, b7 as mapUCPRequestToPurpose, b8 as mapVIMandateToPurpose, b9 as mapX402RequestToPurpose, ba as parseRFC9421, bb as registerTransportExtractor, bc as runCommercePipeline, bd as runMatchingExtractors, be as setA2AMetadata, bf as setHttpHeaders, bg as setMcpMeta, bh as validateUCPManifest, bi as verifyACPSignature, bj as verifyAP2Chain, bk as verifyMPP, bl as verifyRFC9421, bm as verifyStripeWebhook, bn as verifyVIChain } from '../index-B51W8gn8.mjs';
3
3
  import 'jose';
@@ -1,3 +1,3 @@
1
- import '../types-B3USs-Kx.js';
2
- export { A as ACPEndpoint, a as ACPPaymentTokenType, b as ACPRequestContext, c as ACPRequestLike, d as ACPSignatureAlgorithm, e as ACPTotal, f as ACPVerifyInput, g as ACPVerifyResult, h as AP2CartMandateClaims, i as AP2ChainResult, j as AP2IntentMandateClaims, k as AP2MandateClaims, l as AP2MandateTriple, m as AP2MandateTripleInput, n as AP2MandateType, o as AP2PaymentDetailsTotal, p as AP2PaymentMandateClaims, q as AP2PaymentMandateForValue, r as AP2VerifyInput, C as CommerceContext, s as CommercePipelineInput, t as CommerceProtocol, u as CommercePurpose, v as CommerceSignatureStack, w as ConstraintEvalResult, x as ConstraintKey, y as ConstraintResult, E as ExtractorRequestLike, I as IdentityBindingResult, z as IdentityClaim, B as IdentityResolver, M as MPPChallengeForValue, D as MPPChallengeSummary, F as MPPCredentialSummary, G as MPPIntent, H as MPPKind, J as MPPReceiptSummary, K as MPPRequestContext, L as MPPRequestLike, N as MPPResponseLike, O as MPPVerifyInput, P as MPPVerifyResult, Q as ParsedRFC9421, R as PaymentMethodAllowlistInput, S as RFC9421SignatureParams, T as RFC9421Tag, U as RFC9421VerifyOptions, V as RFC9421VerifyRequest, W as RFC9421VerifyResult, X as RegistryName, Y as RegistryResolver, Z as ResolveContext, _ as STRIPE_WEBHOOK_INFORMATIONAL_EVENTS, $ as SpendingLimitInput, a0 as StripeWebhookInformationalEvent, a1 as TransactionContext, a2 as TransactionValueContext, a3 as TransportExtractor, a4 as UCPCheckoutContext, a5 as UCPManifestValidationResult, a6 as UCPRequestLike, a7 as UCPTotal, a8 as VIAllowedParty, a9 as VIBudgetLimit, aa as VIClaimsForValue, ab as VIConstraintEvalInput, ac as VIConstraints, ad as VIExecutionMode, ae as VIExtractedClaims, af as VILayer, ag as VILineItem, ah as VIMandateType, ai as VIPaymentAmount, aj as VIRecurrence, ak as VIVerifyInput, al as VIVerifyResult, am as VerifyStripeWebhookOptions, an as VerifyStripeWebhookResult, ao as X402Kind, ap as X402RequestContext, aq as X402RequestForValue, ar as X402RequestLike, as as X402RequirementsSummary, at as X402ResponseLike, au as applyCredentials, av as bindIdentity, aw as claim, ax as clearTransportExtractors, ay as createMastercardRegistry, az as createVisaRegistry, aA as createWebBotAuthRegistry, aB as detectProtocol, aC as evaluatePaymentMethodAllowlist, aD as evaluateSpendingLimit, aE as evaluateVIConstraints, aF as extractA2ACredentials, aG as extractACPContext, aH as extractACPTransactionValue, aI as extractAP2Mandate, aJ as extractAP2Mandates, aK as extractAP2TransactionValue, aL as extractCredentialsFromProtocol, aM as extractHttpCredentials, aN as extractMPPContext, aO as extractMPPFromRequest, aP as extractMPPFromResponse, aQ as extractMPPTransactionValue, aR as extractMcpCredentials, aS as extractUCPContext, aT as extractUCPTransactionValue, aU as extractVIClaims, aV as extractVITransactionValue, aW as extractX402Context, aX as extractX402FromRequest, aY as extractX402FromResponse, aZ as extractX402TransactionValue, a_ as fetchUCPManifest, a$ as getTransportExtractor, b0 as getTransportExtractors, b2 as isStripeWebhookInformational, b3 as mapACPRequestToPurpose, b4 as mapAP2MandateToPurpose, b5 as mapMPPRequestToPurpose, b6 as mapRFC9421TagToPurpose, b7 as mapUCPRequestToPurpose, b8 as mapVIMandateToPurpose, b9 as mapX402RequestToPurpose, ba as parseRFC9421, bb as registerTransportExtractor, bc as runCommercePipeline, bd as runMatchingExtractors, be as setA2AMetadata, bf as setHttpHeaders, bg as setMcpMeta, bh as validateUCPManifest, bi as verifyACPSignature, bj as verifyAP2Chain, bk as verifyMPP, bl as verifyRFC9421, bm as verifyStripeWebhook, bn as verifyVIChain } from '../index-CCdZxvAr.js';
1
+ import '../types-rFh4VMH4.js';
2
+ export { A as ACPEndpoint, a as ACPPaymentTokenType, b as ACPRequestContext, c as ACPRequestLike, d as ACPSignatureAlgorithm, e as ACPTotal, f as ACPVerifyInput, g as ACPVerifyResult, h as AP2CartMandateClaims, i as AP2ChainResult, j as AP2IntentMandateClaims, k as AP2MandateClaims, l as AP2MandateTriple, m as AP2MandateTripleInput, n as AP2MandateType, o as AP2PaymentDetailsTotal, p as AP2PaymentMandateClaims, q as AP2PaymentMandateForValue, r as AP2VerifyInput, C as CommerceContext, s as CommercePipelineInput, t as CommerceProtocol, u as CommercePurpose, v as CommerceSignatureStack, w as ConstraintEvalResult, x as ConstraintKey, y as ConstraintResult, E as ExtractorRequestLike, I as IdentityBindingResult, z as IdentityClaim, B as IdentityResolver, M as MPPChallengeForValue, D as MPPChallengeSummary, F as MPPCredentialSummary, G as MPPIntent, H as MPPKind, J as MPPReceiptSummary, K as MPPRequestContext, L as MPPRequestLike, N as MPPResponseLike, O as MPPVerifyInput, P as MPPVerifyResult, Q as ParsedRFC9421, R as PaymentMethodAllowlistInput, S as RFC9421SignatureParams, T as RFC9421Tag, U as RFC9421VerifyOptions, V as RFC9421VerifyRequest, W as RFC9421VerifyResult, X as RegistryName, Y as RegistryResolver, Z as ResolveContext, _ as STRIPE_WEBHOOK_INFORMATIONAL_EVENTS, $ as SpendingLimitInput, a0 as StripeWebhookInformationalEvent, a1 as TransactionContext, a2 as TransactionValueContext, a3 as TransportExtractor, a4 as UCPCheckoutContext, a5 as UCPManifestValidationResult, a6 as UCPRequestLike, a7 as UCPTotal, a8 as VIAllowedParty, a9 as VIBudgetLimit, aa as VIClaimsForValue, ab as VIConstraintEvalInput, ac as VIConstraints, ad as VIExecutionMode, ae as VIExtractedClaims, af as VILayer, ag as VILineItem, ah as VIMandateType, ai as VIPaymentAmount, aj as VIRecurrence, ak as VIVerifyInput, al as VIVerifyResult, am as VerifyStripeWebhookOptions, an as VerifyStripeWebhookResult, ao as X402Kind, ap as X402RequestContext, aq as X402RequestForValue, ar as X402RequestLike, as as X402RequirementsSummary, at as X402ResponseLike, au as applyCredentials, av as bindIdentity, aw as claim, ax as clearTransportExtractors, ay as createMastercardRegistry, az as createVisaRegistry, aA as createWebBotAuthRegistry, aB as detectProtocol, aC as evaluatePaymentMethodAllowlist, aD as evaluateSpendingLimit, aE as evaluateVIConstraints, aF as extractA2ACredentials, aG as extractACPContext, aH as extractACPTransactionValue, aI as extractAP2Mandate, aJ as extractAP2Mandates, aK as extractAP2TransactionValue, aL as extractCredentialsFromProtocol, aM as extractHttpCredentials, aN as extractMPPContext, aO as extractMPPFromRequest, aP as extractMPPFromResponse, aQ as extractMPPTransactionValue, aR as extractMcpCredentials, aS as extractUCPContext, aT as extractUCPTransactionValue, aU as extractVIClaims, aV as extractVITransactionValue, aW as extractX402Context, aX as extractX402FromRequest, aY as extractX402FromResponse, aZ as extractX402TransactionValue, a_ as fetchUCPManifest, a$ as getTransportExtractor, b0 as getTransportExtractors, b2 as isStripeWebhookInformational, b3 as mapACPRequestToPurpose, b4 as mapAP2MandateToPurpose, b5 as mapMPPRequestToPurpose, b6 as mapRFC9421TagToPurpose, b7 as mapUCPRequestToPurpose, b8 as mapVIMandateToPurpose, b9 as mapX402RequestToPurpose, ba as parseRFC9421, bb as registerTransportExtractor, bc as runCommercePipeline, bd as runMatchingExtractors, be as setA2AMetadata, bf as setHttpHeaders, bg as setMcpMeta, bh as validateUCPManifest, bi as verifyACPSignature, bj as verifyAP2Chain, bk as verifyMPP, bl as verifyRFC9421, bm as verifyStripeWebhook, bn as verifyVIChain } from '../index-DzXXBuLm.js';
3
3
  import 'jose';
@@ -105,6 +105,9 @@ function setHttpHeaders(headers, credentials) {
105
105
  if (credentials.pdlss?.purpose) {
106
106
  const purposeValue = credentials.pdlss.purpose.action ? `${credentials.pdlss.purpose.category}:${credentials.pdlss.purpose.action}` : credentials.pdlss.purpose.category;
107
107
  result[`${HEADER_PREFIX}Purpose`] = purposeValue;
108
+ if (credentials.pdlss.purpose.action) {
109
+ result[`${HEADER_PREFIX}Action`] = credentials.pdlss.purpose.action;
110
+ }
108
111
  }
109
112
  if (credentials.pdlss?.duration?.maxSessionDuration) {
110
113
  result[`${HEADER_PREFIX}Duration`] = String(credentials.pdlss.duration.maxSessionDuration);
@@ -134,6 +137,13 @@ function extractHttpCredentials(headers) {
134
137
  purpose: { category, action }
135
138
  };
136
139
  }
140
+ const astraAction = getValue(`${HEADER_PREFIX}Action`) ?? getValue("x-astra-action");
141
+ if (astraAction) {
142
+ credentials.pdlss = {
143
+ ...credentials.pdlss,
144
+ purpose: { category: credentials.pdlss?.purpose?.category ?? "", action: astraAction }
145
+ };
146
+ }
137
147
  const duration = getValue(`${HEADER_PREFIX}Duration`) ?? getValue("x-astra-duration");
138
148
  if (duration) {
139
149
  credentials.pdlss = {