@astrasyncai/verification-gateway 3.2.1 → 3.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter-interface/interface.d.mts +2 -2
- package/dist/adapter-interface/interface.d.ts +2 -2
- package/dist/adapters/express.d.mts +2 -2
- package/dist/adapters/express.d.ts +2 -2
- package/dist/adapters/express.js +10 -5
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +10 -5
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.d.mts +1 -1
- package/dist/adapters/mcp.d.ts +1 -1
- package/dist/adapters/mcp.js +10 -5
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +10 -5
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.d.mts +2 -2
- package/dist/adapters/nextjs.d.ts +2 -2
- package/dist/adapters/nextjs.js +10 -5
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +10 -5
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.d.mts +2 -2
- package/dist/adapters/sdk.d.ts +2 -2
- package/dist/adapters/sdk.js +7 -3
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +7 -3
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/agent/index.d.mts +2 -2
- package/dist/agent/index.d.ts +2 -2
- package/dist/browser/background.js +2814 -2343
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +2814 -2343
- package/dist/browser/background.mjs.map +1 -1
- package/dist/browser/browser-adapter.d.mts +2 -2
- package/dist/browser/browser-adapter.d.ts +2 -2
- package/dist/cli/index.d.mts +2 -2
- package/dist/cli/index.d.ts +2 -2
- package/dist/cli/index.js +2813 -2346
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/index.mjs +2813 -2346
- package/dist/cli/index.mjs.map +1 -1
- package/dist/cursor/cursor-adapter.d.mts +2 -2
- package/dist/cursor/cursor-adapter.d.ts +2 -2
- package/dist/cursor/extension.d.mts +2 -2
- package/dist/cursor/extension.d.ts +2 -2
- package/dist/cursor/extension.js +2815 -2344
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +2817 -2346
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/{express-CeoSdOAZ.d.mts → express-CeFvNWDD.d.mts} +1 -1
- package/dist/{express-BowlMHQF.d.ts → express-RIh05wW2.d.ts} +1 -1
- package/dist/gateway/gateway.d.mts +2 -2
- package/dist/gateway/gateway.d.ts +2 -2
- package/dist/gateway/gateway.js +2814 -2343
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +2816 -2345
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/git-trigger/git-hooks.d.mts +2 -2
- package/dist/git-trigger/git-hooks.d.ts +2 -2
- package/dist/{index-DBmlycVm.d.ts → index-BYu1FKMy.d.ts} +1 -1
- package/dist/{index-B51W8gn8.d.mts → index-Bw4FeHMY.d.mts} +1 -1
- package/dist/{index-DzXXBuLm.d.ts → index-C-K0WCrk.d.ts} +1 -1
- package/dist/{index-DtGziFEm.d.mts → index-DgVBEiwI.d.mts} +1 -1
- package/dist/index.d.mts +58 -9
- package/dist/index.d.ts +58 -9
- package/dist/index.js +78 -20
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +77 -20
- package/dist/index.mjs.map +1 -1
- package/dist/local-evaluator/evaluator.d.mts +2 -2
- package/dist/local-evaluator/evaluator.d.ts +2 -2
- package/dist/{nextjs-V_K0qlAQ.d.ts → nextjs--xR9zbSJ.d.ts} +1 -1
- package/dist/{nextjs-BW1rzr1I.d.mts → nextjs-xciaMpsZ.d.mts} +1 -1
- package/dist/{sdk-e5jg7sqW.d.mts → sdk-CJYCLMI0.d.mts} +1 -1
- package/dist/{sdk-ZYgI7G9f.d.ts → sdk-FP7xT9F8.d.ts} +1 -1
- package/dist/transport/index.d.mts +2 -2
- package/dist/transport/index.d.ts +2 -2
- package/dist/{types-BNiLZY0i.d.mts → types-Cj92yKeA.d.mts} +1 -1
- package/dist/{types-rFh4VMH4.d.mts → types-Cwrvo30g.d.mts} +30 -1
- package/dist/{types-rFh4VMH4.d.ts → types-Cwrvo30g.d.ts} +30 -1
- package/dist/{types-DJi-u3fz.d.ts → types-DOeL-dIw.d.ts} +1 -1
- package/dist/ui/index.d.mts +1 -1
- package/dist/ui/index.d.ts +1 -1
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -126,7 +126,7 @@ function getCapabilities(accessLevel) {
|
|
|
126
126
|
}
|
|
127
127
|
|
|
128
128
|
// src/version.ts
|
|
129
|
-
var SDK_VERSION = "3.
|
|
129
|
+
var SDK_VERSION = "3.3.0";
|
|
130
130
|
|
|
131
131
|
// src/well-known.ts
|
|
132
132
|
var CACHE_TTL_MS = 60 * 60 * 1e3;
|
|
@@ -544,7 +544,9 @@ async function verify(config, request) {
|
|
|
544
544
|
// linking key (the sessionId-equivalent for anonymous callers).
|
|
545
545
|
correlationId: apiResponse.correlationId,
|
|
546
546
|
recommendation: apiResponse.recommendation,
|
|
547
|
-
recommendationReasons: apiResponse.recommendationReasons
|
|
547
|
+
recommendationReasons: apiResponse.recommendationReasons,
|
|
548
|
+
stepUpApproval: apiResponse.stepUpApproval,
|
|
549
|
+
settlement: apiResponse.settlement
|
|
548
550
|
};
|
|
549
551
|
return result2;
|
|
550
552
|
}
|
|
@@ -596,7 +598,9 @@ async function verify(config, request) {
|
|
|
596
598
|
tokenGuidance: apiResponse.tokenGuidance,
|
|
597
599
|
recommendation: apiResponse.recommendation,
|
|
598
600
|
recommendationReasons: apiResponse.recommendationReasons,
|
|
599
|
-
warningHeader: apiResponse.warningHeader
|
|
601
|
+
warningHeader: apiResponse.warningHeader,
|
|
602
|
+
stepUpApproval: apiResponse.stepUpApproval,
|
|
603
|
+
settlement: apiResponse.settlement
|
|
600
604
|
};
|
|
601
605
|
if (result.recommendation === "deny") {
|
|
602
606
|
result.policyAllowed = false;
|
|
@@ -676,6 +680,68 @@ async function quickVerify(config, credentials) {
|
|
|
676
680
|
};
|
|
677
681
|
}
|
|
678
682
|
|
|
683
|
+
// src/adapters/approval-gate.ts
|
|
684
|
+
var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval. The agent owner can approve or deny this transaction in the AstraSync dashboard.";
|
|
685
|
+
function requiresHumanApproval(result) {
|
|
686
|
+
return result.requiresStepUp === true || result.requiresApproval === true;
|
|
687
|
+
}
|
|
688
|
+
function annotateApprovalRequired(result) {
|
|
689
|
+
result.failures = [
|
|
690
|
+
...result.failures ?? [],
|
|
691
|
+
{ dimension: "commerce.intent.approval_required", message: APPROVAL_REASON }
|
|
692
|
+
];
|
|
693
|
+
result.denialReasons = [APPROVAL_REASON, ...result.denialReasons ?? []];
|
|
694
|
+
}
|
|
695
|
+
|
|
696
|
+
// src/settlement.ts
|
|
697
|
+
async function authorizeSettlement(config, req) {
|
|
698
|
+
if (typeof req.value !== "number" || !Number.isFinite(req.value) || req.value <= 0) {
|
|
699
|
+
return {
|
|
700
|
+
authorized: false,
|
|
701
|
+
recommendation: "deny",
|
|
702
|
+
reason: "No valid transaction value supplied to authorizeSettlement; settlement refused (fail-closed). Pass the merchant-priced cart total as `value`.",
|
|
703
|
+
failures: [
|
|
704
|
+
{
|
|
705
|
+
dimension: "commerce.settlement.value_missing",
|
|
706
|
+
message: "A positive, authoritative transaction value is required to authorize settlement."
|
|
707
|
+
}
|
|
708
|
+
]
|
|
709
|
+
};
|
|
710
|
+
}
|
|
711
|
+
let result;
|
|
712
|
+
try {
|
|
713
|
+
result = await verify(config, {
|
|
714
|
+
credentials: { astraId: req.agentId },
|
|
715
|
+
purpose: req.purpose ?? "shopping",
|
|
716
|
+
action: req.action ?? "shopping.purchase",
|
|
717
|
+
transactionValue: req.value,
|
|
718
|
+
currency: req.currency
|
|
719
|
+
});
|
|
720
|
+
} catch (err) {
|
|
721
|
+
return {
|
|
722
|
+
authorized: false,
|
|
723
|
+
recommendation: "deny",
|
|
724
|
+
reason: `Settlement verification failed (${err instanceof Error ? err.message : String(err)}); settlement refused (fail-closed).`,
|
|
725
|
+
failures: [
|
|
726
|
+
{
|
|
727
|
+
dimension: "commerce.settlement.verify_error",
|
|
728
|
+
message: "verify-access could not be reached or returned an error; settlement is refused."
|
|
729
|
+
}
|
|
730
|
+
]
|
|
731
|
+
};
|
|
732
|
+
}
|
|
733
|
+
const recommendation = result.recommendation;
|
|
734
|
+
const authorized = result.identityVerified === true && result.policyAllowed === true && !requiresHumanApproval(result) && (recommendation === void 0 || recommendation === "grant");
|
|
735
|
+
return {
|
|
736
|
+
authorized,
|
|
737
|
+
recommendation,
|
|
738
|
+
reason: authorized ? void 0 : result.denialReasons?.[0] ?? (requiresHumanApproval(result) ? "Transaction is above the autonomous limit and requires human approval; settlement cannot be authorized automatically." : "Settlement not authorized by the agent's PDLSS limits."),
|
|
739
|
+
failures: result.failures,
|
|
740
|
+
correlationId: result.correlationId,
|
|
741
|
+
stepUpApproval: requiresHumanApproval(result) ? result.stepUpApproval : void 0
|
|
742
|
+
};
|
|
743
|
+
}
|
|
744
|
+
|
|
679
745
|
// src/adapters/express.ts
|
|
680
746
|
var express_exports = {};
|
|
681
747
|
__export(express_exports, {
|
|
@@ -832,19 +898,6 @@ function resolveHttpPdlss(input) {
|
|
|
832
898
|
return { purpose, action, purposeSource, actionSource };
|
|
833
899
|
}
|
|
834
900
|
|
|
835
|
-
// src/adapters/approval-gate.ts
|
|
836
|
-
var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval, which is not yet available \u2014 it cannot be completed automatically.";
|
|
837
|
-
function requiresHumanApproval(result) {
|
|
838
|
-
return result.requiresStepUp === true || result.requiresApproval === true;
|
|
839
|
-
}
|
|
840
|
-
function annotateApprovalRequired(result) {
|
|
841
|
-
result.failures = [
|
|
842
|
-
...result.failures ?? [],
|
|
843
|
-
{ dimension: "commerce.intent.approval_required", message: APPROVAL_REASON }
|
|
844
|
-
];
|
|
845
|
-
result.denialReasons = [APPROVAL_REASON, ...result.denialReasons ?? []];
|
|
846
|
-
}
|
|
847
|
-
|
|
848
901
|
// src/pdlss-pre-check.ts
|
|
849
902
|
function performCounterpartyPreCheck(routeConfig, astraCreds, purpose) {
|
|
850
903
|
const failures = [];
|
|
@@ -972,7 +1025,8 @@ function defaultOnDenied(result, _req, res) {
|
|
|
972
1025
|
guidance: result.guidance,
|
|
973
1026
|
// Round-10: aggregated per-dimension detail + correlation handle.
|
|
974
1027
|
failures: result.failures,
|
|
975
|
-
correlationId: result.correlationId
|
|
1028
|
+
correlationId: result.correlationId,
|
|
1029
|
+
stepUpApproval: result.stepUpApproval
|
|
976
1030
|
}
|
|
977
1031
|
});
|
|
978
1032
|
}
|
|
@@ -1622,7 +1676,8 @@ function createMiddleware2(options) {
|
|
|
1622
1676
|
code: !result.identityVerified ? "UNAUTHORIZED" : "POLICY_DENIED",
|
|
1623
1677
|
message: result.denialReasons?.[0] || "Access denied",
|
|
1624
1678
|
guidance: result.guidance,
|
|
1625
|
-
failures: result.failures
|
|
1679
|
+
failures: result.failures,
|
|
1680
|
+
stepUpApproval: result.stepUpApproval
|
|
1626
1681
|
}
|
|
1627
1682
|
},
|
|
1628
1683
|
{ status: !result.identityVerified ? 401 : 403 }
|
|
@@ -4525,7 +4580,8 @@ function defaultMcpDenied(result, req, res) {
|
|
|
4525
4580
|
guidance: result.guidance,
|
|
4526
4581
|
// Round-10: aggregated per-dimension detail + correlation handle.
|
|
4527
4582
|
failures: result.failures,
|
|
4528
|
-
correlationId: result.correlationId
|
|
4583
|
+
correlationId: result.correlationId,
|
|
4584
|
+
stepUpApproval: result.stepUpApproval
|
|
4529
4585
|
}
|
|
4530
4586
|
}
|
|
4531
4587
|
});
|
|
@@ -5453,7 +5509,7 @@ async function recordDecision2(config, params) {
|
|
|
5453
5509
|
}
|
|
5454
5510
|
|
|
5455
5511
|
// src/index.ts
|
|
5456
|
-
var VERSION = "
|
|
5512
|
+
var VERSION = "3.4.0";
|
|
5457
5513
|
export {
|
|
5458
5514
|
ACCESS_LEVEL_DESCRIPTIONS,
|
|
5459
5515
|
ACCESS_LEVEL_HIERARCHY,
|
|
@@ -5470,6 +5526,7 @@ export {
|
|
|
5470
5526
|
TRUST_LEVEL_RANGES,
|
|
5471
5527
|
VERSION,
|
|
5472
5528
|
agent_exports as agent,
|
|
5529
|
+
authorizeSettlement,
|
|
5473
5530
|
buildGuidance,
|
|
5474
5531
|
clearCache,
|
|
5475
5532
|
createMcpMiddleware,
|