@astrasyncai/verification-gateway 3.3.0 → 3.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +86 -0
- package/dist/adapter-interface/interface.d.mts +2 -2
- package/dist/adapter-interface/interface.d.ts +2 -2
- package/dist/adapters/express.d.mts +2 -2
- package/dist/adapters/express.d.ts +2 -2
- package/dist/adapters/express.js +27 -5
- package/dist/adapters/express.js.map +1 -1
- package/dist/adapters/express.mjs +27 -5
- package/dist/adapters/express.mjs.map +1 -1
- package/dist/adapters/mcp.d.mts +1 -1
- package/dist/adapters/mcp.d.ts +1 -1
- package/dist/adapters/mcp.js +10 -5
- package/dist/adapters/mcp.js.map +1 -1
- package/dist/adapters/mcp.mjs +10 -5
- package/dist/adapters/mcp.mjs.map +1 -1
- package/dist/adapters/nextjs.d.mts +2 -2
- package/dist/adapters/nextjs.d.ts +2 -2
- package/dist/adapters/nextjs.js +10 -5
- package/dist/adapters/nextjs.js.map +1 -1
- package/dist/adapters/nextjs.mjs +10 -5
- package/dist/adapters/nextjs.mjs.map +1 -1
- package/dist/adapters/sdk.d.mts +2 -2
- package/dist/adapters/sdk.d.ts +2 -2
- package/dist/adapters/sdk.js +7 -3
- package/dist/adapters/sdk.js.map +1 -1
- package/dist/adapters/sdk.mjs +7 -3
- package/dist/adapters/sdk.mjs.map +1 -1
- package/dist/agent/index.d.mts +2 -2
- package/dist/agent/index.d.ts +2 -2
- package/dist/browser/background.js +2814 -2343
- package/dist/browser/background.js.map +1 -1
- package/dist/browser/background.mjs +2814 -2343
- package/dist/browser/background.mjs.map +1 -1
- package/dist/browser/browser-adapter.d.mts +2 -2
- package/dist/browser/browser-adapter.d.ts +2 -2
- package/dist/cli/index.d.mts +2 -2
- package/dist/cli/index.d.ts +2 -2
- package/dist/cli/index.js +2813 -2346
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/index.mjs +2813 -2346
- package/dist/cli/index.mjs.map +1 -1
- package/dist/cursor/cursor-adapter.d.mts +2 -2
- package/dist/cursor/cursor-adapter.d.ts +2 -2
- package/dist/cursor/extension.d.mts +2 -2
- package/dist/cursor/extension.d.ts +2 -2
- package/dist/cursor/extension.js +2815 -2344
- package/dist/cursor/extension.js.map +1 -1
- package/dist/cursor/extension.mjs +2817 -2346
- package/dist/cursor/extension.mjs.map +1 -1
- package/dist/{express-DAOTESQo.d.mts → express-BH5ADAyb.d.mts} +1 -1
- package/dist/{express-Lb8-Ybio.d.ts → express-jUzLIoep.d.ts} +1 -1
- package/dist/gateway/gateway.d.mts +2 -2
- package/dist/gateway/gateway.d.ts +2 -2
- package/dist/gateway/gateway.js +2814 -2343
- package/dist/gateway/gateway.js.map +1 -1
- package/dist/gateway/gateway.mjs +2816 -2345
- package/dist/gateway/gateway.mjs.map +1 -1
- package/dist/git-trigger/git-hooks.d.mts +2 -2
- package/dist/git-trigger/git-hooks.d.ts +2 -2
- package/dist/{index-kxLJ873R.d.mts → index-BR2nmxBU.d.mts} +5 -1
- package/dist/{index-E3fAidVt.d.ts → index-DEixUCu0.d.ts} +5 -1
- package/dist/{index-DFwfHOGj.d.ts → index-DlCnmpJH.d.ts} +1 -1
- package/dist/{index-BLeiWFLu.d.mts → index-aZHAWujT.d.mts} +1 -1
- package/dist/index.d.mts +11 -9
- package/dist/index.d.ts +11 -9
- package/dist/index.js +56 -13
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +56 -13
- package/dist/index.mjs.map +1 -1
- package/dist/local-evaluator/evaluator.d.mts +2 -2
- package/dist/local-evaluator/evaluator.d.ts +2 -2
- package/dist/{nextjs-BXK0nD73.d.ts → nextjs-DfXOd0Au.d.ts} +1 -1
- package/dist/{nextjs-CFQ_KDFf.d.mts → nextjs-LTeoPqMH.d.mts} +1 -1
- package/dist/{sdk-D1MuiiNz.d.mts → sdk-DKhwVL9X.d.mts} +1 -1
- package/dist/{sdk-C7qAfpGB.d.ts → sdk-LmvyDVpL.d.ts} +1 -1
- package/dist/transport/index.d.mts +2 -2
- package/dist/transport/index.d.ts +2 -2
- package/dist/transport/index.js +22 -4
- package/dist/transport/index.js.map +1 -1
- package/dist/transport/index.mjs +22 -4
- package/dist/transport/index.mjs.map +1 -1
- package/dist/{types-ClvUqrEm.d.mts → types-C8HyQEaz.d.mts} +1 -1
- package/dist/{types-B_wnd7ZX.d.mts → types-DrDIouvO.d.mts} +54 -3
- package/dist/{types-B_wnd7ZX.d.ts → types-DrDIouvO.d.ts} +54 -3
- package/dist/{types-B6uD4jAI.d.ts → types-xofemo0G.d.ts} +1 -1
- package/dist/ui/index.d.mts +1 -1
- package/dist/ui/index.d.ts +1 -1
- package/package.json +1 -1
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { AstraSyncGateway } from '../gateway/gateway.mjs';
|
|
2
|
-
import { V as VerificationDecision, P as PDLSSContext } from '../types-
|
|
3
|
-
import '../types-
|
|
2
|
+
import { V as VerificationDecision, P as PDLSSContext } from '../types-C8HyQEaz.mjs';
|
|
3
|
+
import '../types-DrDIouvO.mjs';
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Git Trigger — Enterprise git push / PR verification
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { AstraSyncGateway } from '../gateway/gateway.js';
|
|
2
|
-
import { V as VerificationDecision, P as PDLSSContext } from '../types-
|
|
3
|
-
import '../types-
|
|
2
|
+
import { V as VerificationDecision, P as PDLSSContext } from '../types-xofemo0G.js';
|
|
3
|
+
import '../types-DrDIouvO.js';
|
|
4
4
|
|
|
5
5
|
/**
|
|
6
6
|
* Git Trigger — Enterprise git push / PR verification
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { c as AstraSyncCredentials, g as ProtocolTransport } from './types-
|
|
1
|
+
import { c as AstraSyncCredentials, g as ProtocolTransport } from './types-DrDIouvO.mjs';
|
|
2
2
|
import { JWK } from 'jose';
|
|
3
3
|
|
|
4
4
|
/**
|
|
@@ -96,6 +96,10 @@ interface TransactionValueContext {
|
|
|
96
96
|
amount: number;
|
|
97
97
|
currency: string;
|
|
98
98
|
source: string;
|
|
99
|
+
/** When true, the amount is in raw atomic/minor units and could NOT be
|
|
100
|
+
* converted to major units (unknown token decimals). The limit engine
|
|
101
|
+
* must fail-closed — never compare raw units against major-unit limits. */
|
|
102
|
+
rawUnits?: boolean;
|
|
99
103
|
}
|
|
100
104
|
declare function extractUCPTransactionValue(input: {
|
|
101
105
|
totals?: Array<{
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { c as AstraSyncCredentials, g as ProtocolTransport } from './types-
|
|
1
|
+
import { c as AstraSyncCredentials, g as ProtocolTransport } from './types-DrDIouvO.js';
|
|
2
2
|
import { JWK } from 'jose';
|
|
3
3
|
|
|
4
4
|
/**
|
|
@@ -96,6 +96,10 @@ interface TransactionValueContext {
|
|
|
96
96
|
amount: number;
|
|
97
97
|
currency: string;
|
|
98
98
|
source: string;
|
|
99
|
+
/** When true, the amount is in raw atomic/minor units and could NOT be
|
|
100
|
+
* converted to major units (unknown token decimals). The limit engine
|
|
101
|
+
* must fail-closed — never compare raw units against major-unit limits. */
|
|
102
|
+
rawUnits?: boolean;
|
|
99
103
|
}
|
|
100
104
|
declare function extractUCPTransactionValue(input: {
|
|
101
105
|
totals?: Array<{
|
package/dist/index.d.mts
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, V as VerificationRequest,
|
|
2
|
-
export { c as AstraSyncCredentials, C as CommerceShieldProps, d as CounterpartyType, e as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, T as TokenGuidance,
|
|
3
|
-
export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, e as getCapabilities, f as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-
|
|
4
|
-
export { e as express } from './express-
|
|
5
|
-
export { n as nextjs } from './nextjs-
|
|
6
|
-
export { aR as extractMcpCredentials, bg as setMcpMeta, b1 as transport } from './index-
|
|
1
|
+
import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, V as VerificationRequest, l as VerificationResult, E as EnhancedVerificationResult, A as AccessFailure, j as StepUpApprovalInfo } from './types-DrDIouvO.mjs';
|
|
2
|
+
export { c as AstraSyncCredentials, C as CommerceShieldProps, d as CounterpartyType, e as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, i as SettlementArtifact, T as TokenGuidance, k as TrustLevel, m as VerifiedAgent, n as VerifiedDeveloper, o as VerifiedOrganization } from './types-DrDIouvO.mjs';
|
|
3
|
+
export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, e as getCapabilities, f as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-DKhwVL9X.mjs';
|
|
4
|
+
export { e as express } from './express-BH5ADAyb.mjs';
|
|
5
|
+
export { n as nextjs } from './nextjs-LTeoPqMH.mjs';
|
|
6
|
+
export { aR as extractMcpCredentials, bg as setMcpMeta, b1 as transport } from './index-BR2nmxBU.mjs';
|
|
7
7
|
export { McpMiddlewareOptions, ToolGateConfig, createMcpMiddleware } from './adapters/mcp.mjs';
|
|
8
8
|
export { AgentProtocol, AgentRecord, AstraSync, AstraSyncConfig, AstraSyncError, AuthenticationError, BuildGuidanceParams, FrameworkConfig, GuidanceEnvelope, HealthResponse, KYDRequiredError, ModelConfig, PDLSSConfig, PDLSSDuration, PDLSSLimits, PDLSSPurpose, PDLSSScope, PDLSSSelfInstantiation, PendingRegistrationResponse, PollRegistrationResult, RegisterOptions, RegisterResult, RegistrationDeniedError, RegistrationExpiredError, RegistrationResponse, RegistrationTimeoutError, VerifyResponse, WaitForApprovalOptions, buildGuidance } from './registration/index.mjs';
|
|
9
|
-
export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-
|
|
9
|
+
export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-aZHAWujT.mjs';
|
|
10
10
|
import 'express';
|
|
11
11
|
import 'next/server';
|
|
12
12
|
import 'jose';
|
|
@@ -87,6 +87,8 @@ interface SettlementDecision {
|
|
|
87
87
|
reason?: string;
|
|
88
88
|
failures?: AccessFailure[];
|
|
89
89
|
correlationId?: string;
|
|
90
|
+
/** Present when the transaction is in the human-approval band — the owner can approve via the poll URL. */
|
|
91
|
+
stepUpApproval?: StepUpApprovalInfo;
|
|
90
92
|
}
|
|
91
93
|
/**
|
|
92
94
|
* Authorize a settlement of `value` for `agentId` against the agent's PDLSS
|
|
@@ -152,6 +154,6 @@ declare function getCachedWellKnownUrls(apiBaseUrl: string): WellKnownAgenticCom
|
|
|
152
154
|
* @packageDocumentation
|
|
153
155
|
*/
|
|
154
156
|
|
|
155
|
-
declare const VERSION = "
|
|
157
|
+
declare const VERSION = "3.4.0";
|
|
156
158
|
|
|
157
|
-
export { AccessLevel, AgentCredentials, EnhancedVerificationResult, GatewayConfig, type SettlementDecision, type SettlementRequest, VERSION, VerificationRequest, VerificationResult, type WellKnownAgenticCommerce, authorizeSettlement, clearCache, extractCredentials, getCachedWellKnownUrls, getWellKnownUrls, hasCredentials, prefetchWellKnown, quickVerify, verify };
|
|
159
|
+
export { AccessLevel, AgentCredentials, EnhancedVerificationResult, GatewayConfig, type SettlementDecision, type SettlementRequest, StepUpApprovalInfo, VERSION, VerificationRequest, VerificationResult, type WellKnownAgenticCommerce, authorizeSettlement, clearCache, extractCredentials, getCachedWellKnownUrls, getWellKnownUrls, hasCredentials, prefetchWellKnown, quickVerify, verify };
|
package/dist/index.d.ts
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
|
-
import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, V as VerificationRequest,
|
|
2
|
-
export { c as AstraSyncCredentials, C as CommerceShieldProps, d as CounterpartyType, e as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, T as TokenGuidance,
|
|
3
|
-
export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, e as getCapabilities, f as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-
|
|
4
|
-
export { e as express } from './express-
|
|
5
|
-
export { n as nextjs } from './nextjs-
|
|
6
|
-
export { aR as extractMcpCredentials, bg as setMcpMeta, b1 as transport } from './index-
|
|
1
|
+
import { b as AgentCredentials, G as GatewayConfig, a as AccessLevel, V as VerificationRequest, l as VerificationResult, E as EnhancedVerificationResult, A as AccessFailure, j as StepUpApprovalInfo } from './types-DrDIouvO.js';
|
|
2
|
+
export { c as AstraSyncCredentials, C as CommerceShieldProps, d as CounterpartyType, e as ExpressMiddlewareOptions, f as GuidanceInfo, N as NextJsMiddlewareOptions, P as PDLSSInfo, g as ProtocolTransport, R as RouteAccessConfig, h as RuntimeChallengeResult, S as SDKOptions, i as SettlementArtifact, T as TokenGuidance, k as TrustLevel, m as VerifiedAgent, n as VerifiedDeveloper, o as VerifiedOrganization } from './types-DrDIouvO.js';
|
|
3
|
+
export { A as ACCESS_LEVEL_DESCRIPTIONS, a as ACCESS_LEVEL_HIERARCHY, b as AccessCapabilities, D as DEFAULT_TRUST_THRESHOLDS, T as TRUST_LEVEL_RANGES, d as determineAccessLevel, g as getAccessLevelForScore, e as getCapabilities, f as getTrustLevel, h as hasMinimumAccess, s as sdk } from './sdk-LmvyDVpL.js';
|
|
4
|
+
export { e as express } from './express-jUzLIoep.js';
|
|
5
|
+
export { n as nextjs } from './nextjs-DfXOd0Au.js';
|
|
6
|
+
export { aR as extractMcpCredentials, bg as setMcpMeta, b1 as transport } from './index-DEixUCu0.js';
|
|
7
7
|
export { McpMiddlewareOptions, ToolGateConfig, createMcpMiddleware } from './adapters/mcp.js';
|
|
8
8
|
export { AgentProtocol, AgentRecord, AstraSync, AstraSyncConfig, AstraSyncError, AuthenticationError, BuildGuidanceParams, FrameworkConfig, GuidanceEnvelope, HealthResponse, KYDRequiredError, ModelConfig, PDLSSConfig, PDLSSDuration, PDLSSLimits, PDLSSPurpose, PDLSSScope, PDLSSSelfInstantiation, PendingRegistrationResponse, PollRegistrationResult, RegisterOptions, RegisterResult, RegistrationDeniedError, RegistrationExpiredError, RegistrationResponse, RegistrationTimeoutError, VerifyResponse, WaitForApprovalOptions, buildGuidance } from './registration/index.js';
|
|
9
|
-
export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-
|
|
9
|
+
export { A as AgentClient, C as ChallengeHandler, i as agent, r as recordDecision } from './index-DlCnmpJH.js';
|
|
10
10
|
import 'express';
|
|
11
11
|
import 'next/server';
|
|
12
12
|
import 'jose';
|
|
@@ -87,6 +87,8 @@ interface SettlementDecision {
|
|
|
87
87
|
reason?: string;
|
|
88
88
|
failures?: AccessFailure[];
|
|
89
89
|
correlationId?: string;
|
|
90
|
+
/** Present when the transaction is in the human-approval band — the owner can approve via the poll URL. */
|
|
91
|
+
stepUpApproval?: StepUpApprovalInfo;
|
|
90
92
|
}
|
|
91
93
|
/**
|
|
92
94
|
* Authorize a settlement of `value` for `agentId` against the agent's PDLSS
|
|
@@ -152,6 +154,6 @@ declare function getCachedWellKnownUrls(apiBaseUrl: string): WellKnownAgenticCom
|
|
|
152
154
|
* @packageDocumentation
|
|
153
155
|
*/
|
|
154
156
|
|
|
155
|
-
declare const VERSION = "
|
|
157
|
+
declare const VERSION = "3.4.0";
|
|
156
158
|
|
|
157
|
-
export { AccessLevel, AgentCredentials, EnhancedVerificationResult, GatewayConfig, type SettlementDecision, type SettlementRequest, VERSION, VerificationRequest, VerificationResult, type WellKnownAgenticCommerce, authorizeSettlement, clearCache, extractCredentials, getCachedWellKnownUrls, getWellKnownUrls, hasCredentials, prefetchWellKnown, quickVerify, verify };
|
|
159
|
+
export { AccessLevel, AgentCredentials, EnhancedVerificationResult, GatewayConfig, type SettlementDecision, type SettlementRequest, StepUpApprovalInfo, VERSION, VerificationRequest, VerificationResult, type WellKnownAgenticCommerce, authorizeSettlement, clearCache, extractCredentials, getCachedWellKnownUrls, getWellKnownUrls, hasCredentials, prefetchWellKnown, quickVerify, verify };
|
package/dist/index.js
CHANGED
|
@@ -193,7 +193,7 @@ function getCapabilities(accessLevel) {
|
|
|
193
193
|
}
|
|
194
194
|
|
|
195
195
|
// src/version.ts
|
|
196
|
-
var SDK_VERSION = "3.
|
|
196
|
+
var SDK_VERSION = "3.5.0";
|
|
197
197
|
|
|
198
198
|
// src/well-known.ts
|
|
199
199
|
var CACHE_TTL_MS = 60 * 60 * 1e3;
|
|
@@ -611,7 +611,9 @@ async function verify(config, request) {
|
|
|
611
611
|
// linking key (the sessionId-equivalent for anonymous callers).
|
|
612
612
|
correlationId: apiResponse.correlationId,
|
|
613
613
|
recommendation: apiResponse.recommendation,
|
|
614
|
-
recommendationReasons: apiResponse.recommendationReasons
|
|
614
|
+
recommendationReasons: apiResponse.recommendationReasons,
|
|
615
|
+
stepUpApproval: apiResponse.stepUpApproval,
|
|
616
|
+
settlement: apiResponse.settlement
|
|
615
617
|
};
|
|
616
618
|
return result2;
|
|
617
619
|
}
|
|
@@ -663,7 +665,9 @@ async function verify(config, request) {
|
|
|
663
665
|
tokenGuidance: apiResponse.tokenGuidance,
|
|
664
666
|
recommendation: apiResponse.recommendation,
|
|
665
667
|
recommendationReasons: apiResponse.recommendationReasons,
|
|
666
|
-
warningHeader: apiResponse.warningHeader
|
|
668
|
+
warningHeader: apiResponse.warningHeader,
|
|
669
|
+
stepUpApproval: apiResponse.stepUpApproval,
|
|
670
|
+
settlement: apiResponse.settlement
|
|
667
671
|
};
|
|
668
672
|
if (result.recommendation === "deny") {
|
|
669
673
|
result.policyAllowed = false;
|
|
@@ -744,7 +748,7 @@ async function quickVerify(config, credentials) {
|
|
|
744
748
|
}
|
|
745
749
|
|
|
746
750
|
// src/adapters/approval-gate.ts
|
|
747
|
-
var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval
|
|
751
|
+
var APPROVAL_REASON = "Transaction is above the autonomous limit and requires human approval. The agent owner can approve or deny this transaction in the AstraSync dashboard.";
|
|
748
752
|
function requiresHumanApproval(result) {
|
|
749
753
|
return result.requiresStepUp === true || result.requiresApproval === true;
|
|
750
754
|
}
|
|
@@ -800,7 +804,8 @@ async function authorizeSettlement(config, req) {
|
|
|
800
804
|
recommendation,
|
|
801
805
|
reason: authorized ? void 0 : result.denialReasons?.[0] ?? (requiresHumanApproval(result) ? "Transaction is above the autonomous limit and requires human approval; settlement cannot be authorized automatically." : "Settlement not authorized by the agent's PDLSS limits."),
|
|
802
806
|
failures: result.failures,
|
|
803
|
-
correlationId: result.correlationId
|
|
807
|
+
correlationId: result.correlationId,
|
|
808
|
+
stepUpApproval: requiresHumanApproval(result) ? result.stepUpApproval : void 0
|
|
804
809
|
};
|
|
805
810
|
}
|
|
806
811
|
|
|
@@ -1087,7 +1092,8 @@ function defaultOnDenied(result, _req, res) {
|
|
|
1087
1092
|
guidance: result.guidance,
|
|
1088
1093
|
// Round-10: aggregated per-dimension detail + correlation handle.
|
|
1089
1094
|
failures: result.failures,
|
|
1090
|
-
correlationId: result.correlationId
|
|
1095
|
+
correlationId: result.correlationId,
|
|
1096
|
+
stepUpApproval: result.stepUpApproval
|
|
1091
1097
|
}
|
|
1092
1098
|
});
|
|
1093
1099
|
}
|
|
@@ -1237,6 +1243,21 @@ function createMiddleware(options) {
|
|
|
1237
1243
|
);
|
|
1238
1244
|
}
|
|
1239
1245
|
const agentCardUrl = typeof req.headers["x-astrasync-agent-card"] === "string" ? req.headers["x-astrasync-agent-card"] : void 0;
|
|
1246
|
+
let txValue;
|
|
1247
|
+
let txCurrency;
|
|
1248
|
+
if (config.extractTransactionValue) {
|
|
1249
|
+
try {
|
|
1250
|
+
const extracted = config.extractTransactionValue(req);
|
|
1251
|
+
if (extracted) {
|
|
1252
|
+
txValue = extracted.value;
|
|
1253
|
+
txCurrency = extracted.currency;
|
|
1254
|
+
}
|
|
1255
|
+
} catch (e) {
|
|
1256
|
+
if (config.debug) {
|
|
1257
|
+
console.warn("[VerificationGateway] extractTransactionValue threw:", e);
|
|
1258
|
+
}
|
|
1259
|
+
}
|
|
1260
|
+
}
|
|
1240
1261
|
const result = await verify(config, {
|
|
1241
1262
|
credentials,
|
|
1242
1263
|
purpose,
|
|
@@ -1247,6 +1268,8 @@ function createMiddleware(options) {
|
|
|
1247
1268
|
counterpartyType: config.counterpartyType || "api",
|
|
1248
1269
|
enableRuntimeChallenge,
|
|
1249
1270
|
durationRequired: astraCreds?.pdlss?.duration?.maxSessionDuration,
|
|
1271
|
+
...txValue !== void 0 && { transactionValue: txValue },
|
|
1272
|
+
...txCurrency && { currency: txCurrency },
|
|
1250
1273
|
callerMetadata: {
|
|
1251
1274
|
sourceIp: originalClientIp,
|
|
1252
1275
|
userAgent: req.headers["user-agent"],
|
|
@@ -1737,7 +1760,8 @@ function createMiddleware2(options) {
|
|
|
1737
1760
|
code: !result.identityVerified ? "UNAUTHORIZED" : "POLICY_DENIED",
|
|
1738
1761
|
message: result.denialReasons?.[0] || "Access denied",
|
|
1739
1762
|
guidance: result.guidance,
|
|
1740
|
-
failures: result.failures
|
|
1763
|
+
failures: result.failures,
|
|
1764
|
+
stepUpApproval: result.stepUpApproval
|
|
1741
1765
|
}
|
|
1742
1766
|
},
|
|
1743
1767
|
{ status: !result.identityVerified ? 401 : 403 }
|
|
@@ -2226,15 +2250,33 @@ function extractMPPTransactionValue(challenge) {
|
|
|
2226
2250
|
source: `challenge.request.amount (method=${challenge.method ?? "unknown"})`
|
|
2227
2251
|
};
|
|
2228
2252
|
}
|
|
2253
|
+
var KNOWN_TOKEN_DECIMALS = {
|
|
2254
|
+
USDC: 6,
|
|
2255
|
+
USDT: 6,
|
|
2256
|
+
DAI: 18,
|
|
2257
|
+
ETH: 18,
|
|
2258
|
+
WETH: 18
|
|
2259
|
+
};
|
|
2229
2260
|
function extractX402TransactionValue(req) {
|
|
2230
|
-
const
|
|
2261
|
+
const rawAmount = req.maxAmountRequired ?? req.amount;
|
|
2231
2262
|
const currency = req.currency ?? req.asset;
|
|
2232
|
-
if (typeof
|
|
2263
|
+
if (typeof rawAmount !== "number" || !currency) return null;
|
|
2264
|
+
const source = req.maxAmountRequired !== void 0 ? "maxAmountRequired" : "amount";
|
|
2265
|
+
const decimals = KNOWN_TOKEN_DECIMALS[currency.toUpperCase()];
|
|
2266
|
+
if (decimals !== void 0) {
|
|
2267
|
+
return {
|
|
2268
|
+
protocol: "x402",
|
|
2269
|
+
amount: rawAmount / Math.pow(10, decimals),
|
|
2270
|
+
currency,
|
|
2271
|
+
source
|
|
2272
|
+
};
|
|
2273
|
+
}
|
|
2233
2274
|
return {
|
|
2234
2275
|
protocol: "x402",
|
|
2235
|
-
amount,
|
|
2276
|
+
amount: rawAmount,
|
|
2236
2277
|
currency,
|
|
2237
|
-
source
|
|
2278
|
+
source,
|
|
2279
|
+
rawUnits: true
|
|
2238
2280
|
};
|
|
2239
2281
|
}
|
|
2240
2282
|
|
|
@@ -4637,7 +4679,8 @@ function defaultMcpDenied(result, req, res) {
|
|
|
4637
4679
|
guidance: result.guidance,
|
|
4638
4680
|
// Round-10: aggregated per-dimension detail + correlation handle.
|
|
4639
4681
|
failures: result.failures,
|
|
4640
|
-
correlationId: result.correlationId
|
|
4682
|
+
correlationId: result.correlationId,
|
|
4683
|
+
stepUpApproval: result.stepUpApproval
|
|
4641
4684
|
}
|
|
4642
4685
|
}
|
|
4643
4686
|
});
|
|
@@ -5565,7 +5608,7 @@ async function recordDecision2(config, params) {
|
|
|
5565
5608
|
}
|
|
5566
5609
|
|
|
5567
5610
|
// src/index.ts
|
|
5568
|
-
var VERSION = "
|
|
5611
|
+
var VERSION = "3.4.0";
|
|
5569
5612
|
// Annotate the CommonJS export names for ESM import in node:
|
|
5570
5613
|
0 && (module.exports = {
|
|
5571
5614
|
ACCESS_LEVEL_DESCRIPTIONS,
|