@clampd/sdk 0.4.0

package/dist/interceptor.d.ts

@@ -0,0 +1,174 @@
+/**
+ * Generic interceptor for Clampd — wraps ANY tool or function call
+ * through the Clampd security proxy pipeline.
+ *
+ * Three interception patterns:
+ *
+ *   A. `wrapFunction`    — wrap any async function
+ *   B. `wrapOpenAITools`  — wrap OpenAI / Vercel AI SDK tool definitions
+ *   C. `ClampdGuard`     — middleware for any framework (check + execute)
+ *
+ * No external dependencies — pure TypeScript.
+ */
+import { ClampdClient, type ProxyResponse } from "./client.js";
+/**
+ * OpenAI-compatible tool definition.
+ *
+ * Matches the shape used by the OpenAI Node SDK, Vercel AI SDK, and
+ * most LLM tool-calling libraries:
+ *
+ * ```ts
+ * {
+ *   type: "function",
+ *   function: {
+ *     name: "get_weather",
+ *     description: "Looks up current weather for a city",
+ *     parameters: { ... },       // JSON Schema
+ *     execute: async (args) => { ... },
+ *   },
+ * }
+ * ```
+ *
+ * The `execute` field is optional in the OpenAI spec but required for
+ * interception — if a tool has no `execute` it is passed through as-is.
+ */
+export interface OpenAIToolFunction {
+    name: string;
+    description?: string;
+    parameters?: Record<string, unknown>;
+    execute?: (args: Record<string, unknown>) => Promise<unknown>;
+    [key: string]: unknown;
+}
+export interface OpenAITool {
+    type: "function";
+    function: OpenAIToolFunction;
+    [key: string]: unknown;
+}
+/**
+ * Thrown when the Clampd proxy denies a tool call and `blockOnDeny`
+ * is enabled (the default).
+ */
+export declare class ClampdBlockedError extends Error {
+    readonly response: ProxyResponse;
+    readonly matchedRules: string[];
+    readonly sessionFlags: string[];
+    constructor(response: ProxyResponse);
+}
+export interface WrapFunctionOptions<TArgs extends unknown[]> {
+    /** ClampdClient instance for proxy calls. */
+    client: ClampdClient;
+    /** Tool name sent to the Clampd pipeline (e.g. "http.fetch"). */
+    toolName: string;
+    /**
+     * Upstream tool URL. If omitted the proxy call uses an empty string
+     * which tells the gateway to skip forwarding (verify-only mode).
+     */
+    targetUrl?: string;
+    /**
+     * Converts the original function arguments into a flat params dict
+     * for the Clampd proxy request.
+     *
+     * If not provided the interceptor applies a default strategy:
+     *   - 0 args  => `{}`
+     *   - 1 arg that is a plain object => pass it through
+     *   - otherwise => `{ args: [...] }`
+     */
+    paramExtractor?: (...args: TArgs) => Record<string, unknown>;
+    /**
+     * When `true` (default), a denied proxy response throws
+     * `ClampdBlockedError` instead of executing the wrapped function.
+     */
+    blockOnDeny?: boolean;
+    /** Optional prompt context forwarded to the gateway. */
+    promptContext?: string;
+}
+/**
+ * Wrap any async function so every invocation first passes through the
+ * Clampd security pipeline.
+ *
+ * ```ts
+ * const guardedFetch = wrapFunction(myFetchFn, {
+ *   client,
+ *   toolName: "http.fetch",
+ *   targetUrl: "http://tool:5555",
+ *   paramExtractor: (url, opts) => ({ url, method: opts?.method ?? "GET" }),
+ * });
+ * const result = await guardedFetch("https://api.example.com", { method: "GET" });
+ * ```
+ */
+export declare function wrapFunction<TArgs extends unknown[], TReturn>(fn: (...args: TArgs) => Promise<TReturn>, opts: WrapFunctionOptions<TArgs>): (...args: TArgs) => Promise<TReturn>;
+export interface WrapOpenAIToolsOptions {
+    /** ClampdClient instance for proxy calls. */
+    client: ClampdClient;
+    /**
+     * Upstream tool URL forwarded to the Clampd pipeline.
+     * Defaults to "" (verify-only).
+     */
+    targetUrl?: string;
+    /**
+     * When `true` (default), a denied proxy response throws
+     * `ClampdBlockedError` instead of executing the tool function.
+     */
+    blockOnDeny?: boolean;
+}
+/**
+ * Wrap an array of OpenAI-style tool definitions so that each tool's
+ * `execute` function is intercepted through the Clampd proxy.
+ *
+ * Tools without an `execute` function are returned unchanged.
+ *
+ * ```ts
+ * const guardedTools = wrapOpenAITools(tools, { client, targetUrl: "http://tool:5555" });
+ * ```
+ */
+export declare function wrapOpenAITools(tools: OpenAITool[], opts: WrapOpenAIToolsOptions): OpenAITool[];
+export interface ClampdGuardOptions {
+    /**
+     * Default target URL for proxy calls. Individual `execute()` calls
+     * can override this.
+     */
+    defaultTargetUrl?: string;
+}
+/**
+ * Framework-agnostic guard that can pre-check or fully execute any
+ * tool call through the Clampd pipeline.
+ *
+ * ```ts
+ * const guard = new ClampdGuard(client, { defaultTargetUrl: "http://tool:5555" });
+ *
+ * // Dry-run check only
+ * const res = await guard.check("http.fetch", { url: "https://evil.com" });
+ * if (!res.allowed) console.log("Denied:", res.denial_reason);
+ *
+ * // Full pipeline: check + execute
+ * const { result, proxyResponse } = await guard.execute(
+ *   "http.fetch",
+ *   { url: "https://api.example.com" },
+ *   () => fetch("https://api.example.com").then(r => r.json()),
+ * );
+ * ```
+ */
+export declare class ClampdGuard {
+    private readonly client;
+    private readonly defaultTargetUrl;
+    constructor(client: ClampdClient, opts?: ClampdGuardOptions);
+    /**
+     * Dry-run policy check via the gateway's `/v1/verify` endpoint.
+     * No token exchange or upstream forwarding occurs.
+     */
+    check(tool: string, params: Record<string, unknown>): Promise<ProxyResponse>;
+    /**
+     * Full security pipeline: send the call through `/v1/proxy` and, if
+     * allowed, execute the provided function.
+     *
+     * Throws `ClampdBlockedError` when the proxy denies the call.
+     *
+     * @returns An object containing both the function result and the raw
+     *          `ProxyResponse` from the gateway.
+     */
+    execute<T>(tool: string, params: Record<string, unknown>, fn: () => Promise<T>, targetUrl?: string): Promise<{
+        result: T;
+        proxyResponse: ProxyResponse;
+    }>;
+}
+//# sourceMappingURL=interceptor.d.ts.map

package/dist/interceptor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interceptor.d.ts","sourceRoot":"","sources":["../src/interceptor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,KAAK,aAAa,EAAE,MAAM,aAAa,CAAC;AAI/D;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACrC,OAAO,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9D,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,UAAU,CAAC;IACjB,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAID;;;GAGG;AACH,qBAAa,kBAAmB,SAAQ,KAAK;IAC3C,SAAgB,QAAQ,EAAE,aAAa,CAAC;IACxC,SAAgB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvC,SAAgB,YAAY,EAAE,MAAM,EAAE,CAAC;gBAE3B,QAAQ,EAAE,aAAa;CAgBpC;AAID,MAAM,WAAW,mBAAmB,CAAC,KAAK,SAAS,OAAO,EAAE;IAC1D,6CAA6C;IAC7C,MAAM,EAAE,YAAY,CAAC;IAErB,iEAAiE;IACjE,QAAQ,EAAE,MAAM,CAAC;IAEjB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;;;;;;OAQG;IACH,cAAc,CAAC,EAAE,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAE7D;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IAEtB,wDAAwD;IACxD,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AA0BD;;;;;;;;;;;;;GAaG;AACH,wBAAgB,YAAY,CAAC,KAAK,SAAS,OAAO,EAAE,EAAE,OAAO,EAC3D,EAAE,EAAE,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,EACxC,IAAI,EAAE,mBAAmB,CAAC,KAAK,CAAC,GAC/B,CAAC,GAAG,IAAI,EAAE,KAAK,KAAK,OAAO,CAAC,OAAO,CAAC,CA6BtC;AAID,MAAM,WAAW,sBAAsB;IACrC,6CAA6C;IAC7C,MAAM,EAAE,YAAY,CAAC;IAErB;;;OAGG;IACH,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED;;;;;;;;;GASG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE,UAAU,EAAE,EACnB,IAAI,EAAE,sBAAsB,GAC3B,UAAU,EAAE,CAoCd;AAID,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;;;;;;;;;;;;;;;;;GAkBG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAe;IACtC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;gBAE9B,MAAM,EAAE,YAAY,EAAE,IAAI,CAAC,EAAE,kBAAkB;IAK3D;;;OAGG;IACG,KAAK,CACT,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC9B,OAAO,CAAC,aAAa,CAAC;IAIzB;;;;;;;;OAQG;IACG,OAAO,CAAC,CAAC,EACb,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC/B,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EACpB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC;QAAE,MAAM,EAAE,CAAC,CAAC;QAAC,aAAa,EAAE,aAAa,CAAA;KAAE,CAAC;CAYxD"}

package/dist/interceptor.js

@@ -0,0 +1,173 @@
+/**
+ * Generic interceptor for Clampd — wraps ANY tool or function call
+ * through the Clampd security proxy pipeline.
+ *
+ * Three interception patterns:
+ *
+ *   A. `wrapFunction`    — wrap any async function
+ *   B. `wrapOpenAITools`  — wrap OpenAI / Vercel AI SDK tool definitions
+ *   C. `ClampdGuard`     — middleware for any framework (check + execute)
+ *
+ * No external dependencies — pure TypeScript.
+ */
+// ── Error ─────────────────────────────────────────────────────────
+/**
+ * Thrown when the Clampd proxy denies a tool call and `blockOnDeny`
+ * is enabled (the default).
+ */
+export class ClampdBlockedError extends Error {
+    response;
+    matchedRules;
+    sessionFlags;
+    constructor(response) {
+        const parts = [
+            `Blocked: ${response.denial_reason ?? "unknown reason"} (risk=${response.risk_score.toFixed(2)})`,
+        ];
+        if (response.matched_rules?.length) {
+            parts.push(`rules: ${response.matched_rules.join(", ")}`);
+        }
+        if (response.session_flags?.length) {
+            parts.push(`session: ${response.session_flags.join(", ")}`);
+        }
+        super(parts.join(" | "));
+        this.name = "ClampdBlockedError";
+        this.response = response;
+        this.matchedRules = response.matched_rules ?? [];
+        this.sessionFlags = response.session_flags ?? [];
+    }
+}
+/**
+ * Extract params from arbitrary function arguments using the default
+ * heuristic when no `paramExtractor` is supplied.
+ */
+function defaultExtractParams(args) {
+    if (args.length === 0) {
+        return {};
+    }
+    if (args.length === 1) {
+        const single = args[0];
+        if (single !== null &&
+            typeof single === "object" &&
+            !Array.isArray(single)) {
+            return single;
+        }
+        return { arg: single };
+    }
+    return { args };
+}
+/**
+ * Wrap any async function so every invocation first passes through the
+ * Clampd security pipeline.
+ *
+ * ```ts
+ * const guardedFetch = wrapFunction(myFetchFn, {
+ *   client,
+ *   toolName: "http.fetch",
+ *   targetUrl: "http://tool:5555",
+ *   paramExtractor: (url, opts) => ({ url, method: opts?.method ?? "GET" }),
+ * });
+ * const result = await guardedFetch("https://api.example.com", { method: "GET" });
+ * ```
+ */
+export function wrapFunction(fn, opts) {
+    const { client, toolName, targetUrl = "", paramExtractor, blockOnDeny = true, promptContext, } = opts;
+    return async (...args) => {
+        const params = paramExtractor
+            ? paramExtractor(...args)
+            : defaultExtractParams(args);
+        const proxyRes = await client.proxy(toolName, params, targetUrl, promptContext);
+        if (!proxyRes.allowed && blockOnDeny) {
+            throw new ClampdBlockedError(proxyRes);
+        }
+        // Allowed (or blockOnDeny=false) — execute the original function.
+        return fn(...args);
+    };
+}
+/**
+ * Wrap an array of OpenAI-style tool definitions so that each tool's
+ * `execute` function is intercepted through the Clampd proxy.
+ *
+ * Tools without an `execute` function are returned unchanged.
+ *
+ * ```ts
+ * const guardedTools = wrapOpenAITools(tools, { client, targetUrl: "http://tool:5555" });
+ * ```
+ */
+export function wrapOpenAITools(tools, opts) {
+    const { client, targetUrl = "", blockOnDeny = true } = opts;
+    return tools.map((tool) => {
+        const originalExecute = tool.function.execute;
+        // If the tool has no execute handler there is nothing to intercept.
+        if (typeof originalExecute !== "function") {
+            return tool;
+        }
+        const wrappedExecute = async (args) => {
+            const proxyRes = await client.proxy(tool.function.name, args, targetUrl);
+            if (!proxyRes.allowed && blockOnDeny) {
+                throw new ClampdBlockedError(proxyRes);
+            }
+            return originalExecute(args);
+        };
+        // Return a shallow copy so we do not mutate the caller's array.
+        return {
+            ...tool,
+            function: {
+                ...tool.function,
+                execute: wrappedExecute,
+            },
+        };
+    });
+}
+/**
+ * Framework-agnostic guard that can pre-check or fully execute any
+ * tool call through the Clampd pipeline.
+ *
+ * ```ts
+ * const guard = new ClampdGuard(client, { defaultTargetUrl: "http://tool:5555" });
+ *
+ * // Dry-run check only
+ * const res = await guard.check("http.fetch", { url: "https://evil.com" });
+ * if (!res.allowed) console.log("Denied:", res.denial_reason);
+ *
+ * // Full pipeline: check + execute
+ * const { result, proxyResponse } = await guard.execute(
+ *   "http.fetch",
+ *   { url: "https://api.example.com" },
+ *   () => fetch("https://api.example.com").then(r => r.json()),
+ * );
+ * ```
+ */
+export class ClampdGuard {
+    client;
+    defaultTargetUrl;
+    constructor(client, opts) {
+        this.client = client;
+        this.defaultTargetUrl = opts?.defaultTargetUrl ?? "";
+    }
+    /**
+     * Dry-run policy check via the gateway's `/v1/verify` endpoint.
+     * No token exchange or upstream forwarding occurs.
+     */
+    async check(tool, params) {
+        return this.client.verify(tool, params);
+    }
+    /**
+     * Full security pipeline: send the call through `/v1/proxy` and, if
+     * allowed, execute the provided function.
+     *
+     * Throws `ClampdBlockedError` when the proxy denies the call.
+     *
+     * @returns An object containing both the function result and the raw
+     *          `ProxyResponse` from the gateway.
+     */
+    async execute(tool, params, fn, targetUrl) {
+        const url = targetUrl ?? this.defaultTargetUrl;
+        const proxyResponse = await this.client.proxy(tool, params, url);
+        if (!proxyResponse.allowed) {
+            throw new ClampdBlockedError(proxyResponse);
+        }
+        const result = await fn();
+        return { result, proxyResponse };
+    }
+}
+//# sourceMappingURL=interceptor.js.map

package/dist/interceptor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"interceptor.js","sourceRoot":"","sources":["../src/interceptor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAyCH,qEAAqE;AAErE;;;GAGG;AACH,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAC3B,QAAQ,CAAgB;IACxB,YAAY,CAAW;IACvB,YAAY,CAAW;IAEvC,YAAY,QAAuB;QACjC,MAAM,KAAK,GAAG;YACZ,YAAY,QAAQ,CAAC,aAAa,IAAI,gBAAgB,UAAU,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;SAClG,CAAC;QACF,IAAI,QAAQ,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,UAAU,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5D,CAAC;QACD,IAAI,QAAQ,CAAC,aAAa,EAAE,MAAM,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;QACjC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,YAAY,GAAG,QAAQ,CAAC,aAAa,IAAI,EAAE,CAAC;QACjD,IAAI,CAAC,YAAY,GAAG,QAAQ,CAAC,aAAa,IAAI,EAAE,CAAC;IACnD,CAAC;CACF;AAsCD;;;GAGG;AACH,SAAS,oBAAoB,CAAC,IAAe;IAC3C,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,IACE,MAAM,KAAK,IAAI;YACf,OAAO,MAAM,KAAK,QAAQ;YAC1B,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EACtB,CAAC;YACD,OAAO,MAAiC,CAAC;QAC3C,CAAC;QACD,OAAO,EAAE,GAAG,EAAE,MAAM,EAAE,CAAC;IACzB,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,CAAC;AAClB,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,YAAY,CAC1B,EAAwC,EACxC,IAAgC;IAEhC,MAAM,EACJ,MAAM,EACN,QAAQ,EACR,SAAS,GAAG,EAAE,EACd,cAAc,EACd,WAAW,GAAG,IAAI,EAClB,aAAa,GACd,GAAG,IAAI,CAAC;IAET,OAAO,KAAK,EAAE,GAAG,IAAW,EAAoB,EAAE;QAChD,MAAM,MAAM,GAAG,cAAc;YAC3B,CAAC,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC;YACzB,CAAC,CAAC,oBAAoB,CAAC,IAAiB,CAAC,CAAC;QAE5C,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CACjC,QAAQ,EACR,MAAM,EACN,SAAS,EACT,aAAa,CACd,CAAC;QAEF,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,WAAW,EAAE,CAAC;YACrC,MAAM,IAAI,kBAAkB,CAAC,QAAQ,CAAC,CAAC;QACzC,CAAC;QAED,kEAAkE;QAClE,OAAO,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IACrB,CAAC,CAAC;AACJ,CAAC;AAqBD;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAC7B,KAAmB,EACnB,IAA4B;IAE5B,MAAM,EAAE,MAAM,EAAE,SAAS,GAAG,EAAE,EAAE,WAAW,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC;IAE5D,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACxB,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;QAE9C,oEAAoE;QACpE,IAAI,OAAO,eAAe,KAAK,UAAU,EAAE,CAAC;YAC1C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,cAAc,GAAG,KAAK,EAC1B,IAA6B,EACX,EAAE;YACpB,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,KAAK,CACjC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAClB,IAAI,EACJ,SAAS,CACV,CAAC;YAEF,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,WAAW,EAAE,CAAC;gBACrC,MAAM,IAAI,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACzC,CAAC;YAED,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC,CAAC;QAEF,gEAAgE;QAChE,OAAO;YACL,GAAG,IAAI;YACP,QAAQ,EAAE;gBACR,GAAG,IAAI,CAAC,QAAQ;gBAChB,OAAO,EAAE,cAAc;aACxB;SACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAYD;;;;;;;;;;;;;;;;;;GAkBG;AACH,MAAM,OAAO,WAAW;IACL,MAAM,CAAe;IACrB,gBAAgB,CAAS;IAE1C,YAAY,MAAoB,EAAE,IAAyB;QACzD,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,gBAAgB,GAAG,IAAI,EAAE,gBAAgB,IAAI,EAAE,CAAC;IACvD,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,KAAK,CACT,IAAY,EACZ,MAA+B;QAE/B,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC1C,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,OAAO,CACX,IAAY,EACZ,MAA+B,EAC/B,EAAoB,EACpB,SAAkB;QAElB,MAAM,GAAG,GAAG,SAAS,IAAI,IAAI,CAAC,gBAAgB,CAAC;QAE/C,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,CAAC,CAAC;QAEjE,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;YAC3B,MAAM,IAAI,kBAAkB,CAAC,aAAa,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,EAAE,EAAE,CAAC;QAC1B,OAAO,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IACnC,CAAC;CACF"}

package/dist/tool-verify.d.ts

@@ -0,0 +1,99 @@
+/**
+ * Tool-side scope token verification (Ed25519).
+ *
+ * Lets tool developers verify that a Clampd-approved scope token is present
+ * before executing sensitive operations. The gateway mints these tokens on
+ * approved proxy() calls; this module validates them on the tool side.
+ *
+ * Scope tokens are signed with Ed25519 (asymmetric). The public key is fetched
+ * from the gateway's JWKS endpoint (GET /.well-known/jwks.json) and cached
+ * locally for 1 hour. No shared secret is needed.
+ *
+ * @example
+ * ```ts
+ * import { requireScope, verifyScopeToken, getCurrentScopeToken } from "@clampd/sdk";
+ *
+ * // Option A: Explicit verification
+ * const claims = await verifyScopeToken(getCurrentScopeToken());
+ * if (!claims.scope.split(" ").includes("data:pii:query")) {
+ *   throw new Error("Insufficient scope");
+ * }
+ *
+ * // Option B: Declarative (throws if scope missing)
+ * await requireScope("data:pii:query");
+ * ```
+ */
+import { KeyObject } from "node:crypto";
+export interface ScopeTokenClaims {
+    /** Agent ID */
+    sub: string;
+    /** Space-separated granted scopes */
+    scope: string;
+    /** Tool name */
+    tool: string;
+    /** SHA-256(tool + params) binding */
+    binding: string;
+    /** Expiry unix timestamp */
+    exp: number;
+    /** Request ID */
+    rid: string;
+}
+export declare class ScopeVerificationError extends Error {
+    readonly reason: string;
+    readonly claims?: ScopeTokenClaims | undefined;
+    constructor(reason: string, claims?: ScopeTokenClaims | undefined);
+}
+/**
+ * Run a function with a scope token set in async context.
+ * Used internally by guard()/openai()/anthropic() wrappers.
+ */
+export declare function withScopeToken<T>(token: string, fn: () => T): T;
+export declare function setScopeToken(token: string): void;
+interface JwksKey {
+    kty: string;
+    crv: string;
+    use?: string;
+    kid: string;
+    x: string;
+}
+interface JwksResponse {
+    keys: JwksKey[];
+}
+/**
+ * Fetch JWKS from the gateway. Results are cached for 1 hour.
+ */
+export declare function fetchJwks(gatewayUrl?: string): Promise<JwksResponse>;
+/**
+ * Invalidate the JWKS cache so the next verification re-fetches.
+ */
+export declare function invalidateJwksCache(): void;
+/**
+ * Verify a Clampd scope token and return its claims.
+ *
+ * @param token - The scope token (format: base64url_payload.base64url_signature)
+ * @param publicKey - Optional Ed25519 public key (Node.js KeyObject). If not provided, fetches JWKS.
+ * @param gatewayUrl - Gateway URL for JWKS fetch. Falls back to env vars.
+ * @throws {ScopeVerificationError} On invalid/expired/missing token.
+ */
+export declare function verifyScopeToken(token: string, publicKey?: KeyObject, gatewayUrl?: string): Promise<ScopeTokenClaims>;
+/**
+ * Read the current scope token from async context.
+ *
+ * Returns the token set by the guard/openai/anthropic wrappers during the
+ * current tool call, or empty string if no token is available.
+ */
+export declare function getCurrentScopeToken(): string;
+/**
+ * Verify scope token and check that a specific scope is granted.
+ *
+ * Combines getCurrentScopeToken(), verifyScopeToken(), and scope checking.
+ *
+ * @param requiredScope - The scope to check (e.g. "data:pii:query").
+ * @param token - Optional explicit token. If not provided, reads from context.
+ * @param publicKey - Optional Ed25519 public key.
+ * @param gatewayUrl - Gateway URL for JWKS fetch.
+ * @throws {ScopeVerificationError} If token is invalid or scope not granted.
+ */
+export declare function requireScope(requiredScope: string, token?: string, publicKey?: KeyObject, gatewayUrl?: string): Promise<ScopeTokenClaims>;
+export {};
+//# sourceMappingURL=tool-verify.d.ts.map

package/dist/tool-verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-verify.d.ts","sourceRoot":"","sources":["../src/tool-verify.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,EAA2B,SAAS,EAAE,MAAM,aAAa,CAAC;AAKjE,MAAM,WAAW,gBAAgB;IAC/B,eAAe;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,qCAAqC;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,qCAAqC;IACrC,OAAO,EAAE,MAAM,CAAC;IAChB,4BAA4B;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,iBAAiB;IACjB,GAAG,EAAE,MAAM,CAAC;CACb;AAID,qBAAa,sBAAuB,SAAQ,KAAK;aAE7B,MAAM,EAAE,MAAM;aACd,MAAM,CAAC,EAAE,gBAAgB;gBADzB,MAAM,EAAE,MAAM,EACd,MAAM,CAAC,EAAE,gBAAgB,YAAA;CAK5C;AAMD;;;GAGG;AACH,wBAAgB,cAAc,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,CAAC,GAAG,CAAC,CAE/D;AAQD,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAEjD;AAID,UAAU,OAAO;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,EAAE,MAAM,CAAC;IACZ,CAAC,EAAE,MAAM,CAAC;CACX;AAED,UAAU,YAAY;IACpB,IAAI,EAAE,OAAO,EAAE,CAAC;CACjB;AAcD;;GAEG;AACH,wBAAsB,SAAS,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAoB1E;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAG1C;AA6BD;;;;;;;GAOG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,EACb,SAAS,CAAC,EAAE,SAAS,EACrB,UAAU,CAAC,EAAE,MAAM,GAClB,OAAO,CAAC,gBAAgB,CAAC,CAmE3B;AAID;;;;;GAKG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,CAE7C;AAID;;;;;;;;;;GAUG;AACH,wBAAsB,YAAY,CAChC,aAAa,EAAE,MAAM,EACrB,KAAK,CAAC,EAAE,MAAM,EACd,SAAS,CAAC,EAAE,SAAS,EACrB,UAAU,CAAC,EAAE,MAAM,GAClB,OAAO,CAAC,gBAAgB,CAAC,CAiB3B"}

package/dist/tool-verify.js

@@ -0,0 +1,205 @@
+/**
+ * Tool-side scope token verification (Ed25519).
+ *
+ * Lets tool developers verify that a Clampd-approved scope token is present
+ * before executing sensitive operations. The gateway mints these tokens on
+ * approved proxy() calls; this module validates them on the tool side.
+ *
+ * Scope tokens are signed with Ed25519 (asymmetric). The public key is fetched
+ * from the gateway's JWKS endpoint (GET /.well-known/jwks.json) and cached
+ * locally for 1 hour. No shared secret is needed.
+ *
+ * @example
+ * ```ts
+ * import { requireScope, verifyScopeToken, getCurrentScopeToken } from "@clampd/sdk";
+ *
+ * // Option A: Explicit verification
+ * const claims = await verifyScopeToken(getCurrentScopeToken());
+ * if (!claims.scope.split(" ").includes("data:pii:query")) {
+ *   throw new Error("Insufficient scope");
+ * }
+ *
+ * // Option B: Declarative (throws if scope missing)
+ * await requireScope("data:pii:query");
+ * ```
+ */
+import { verify, createPublicKey } from "node:crypto";
+import { AsyncLocalStorage } from "node:async_hooks";
+// ── Error class ───────────────────────────────────────────────────────
+export class ScopeVerificationError extends Error {
+    reason;
+    claims;
+    constructor(reason, claims) {
+        super(`Scope verification failed: ${reason}`);
+        this.reason = reason;
+        this.claims = claims;
+        this.name = "ScopeVerificationError";
+    }
+}
+// ── Scope token storage (AsyncLocalStorage) ───────────────────────────
+const scopeTokenStore = new AsyncLocalStorage();
+/**
+ * Run a function with a scope token set in async context.
+ * Used internally by guard()/openai()/anthropic() wrappers.
+ */
+export function withScopeToken(token, fn) {
+    return scopeTokenStore.run(token, fn);
+}
+/**
+ * Set the scope token for the current async context.
+ * Falls back to module-level variable when not inside AsyncLocalStorage.
+ */
+let _fallbackScopeToken = "";
+export function setScopeToken(token) {
+    _fallbackScopeToken = token;
+}
+let _cachedJwks = null;
+let _jwksFetchedAt = 0;
+const _JWKS_CACHE_TTL = 3600 * 1000; // 1 hour in ms
+function getGatewayUrl() {
+    return (process.env.CLAMPD_GATEWAY_URL ||
+        process.env.AG_GATEWAY_URL ||
+        "http://localhost:8080");
+}
+/**
+ * Fetch JWKS from the gateway. Results are cached for 1 hour.
+ */
+export async function fetchJwks(gatewayUrl) {
+    const now = Date.now();
+    if (_cachedJwks && now - _jwksFetchedAt < _JWKS_CACHE_TTL) {
+        return _cachedJwks;
+    }
+    const base = (gatewayUrl || getGatewayUrl()).replace(/\/$/, "");
+    const url = `${base}/.well-known/jwks.json`;
+    const resp = await fetch(url, { signal: AbortSignal.timeout(10_000) });
+    if (!resp.ok) {
+        throw new ScopeVerificationError(`JWKS fetch failed: ${resp.status} ${resp.statusText}`);
+    }
+    const jwks = (await resp.json());
+    _cachedJwks = jwks;
+    _jwksFetchedAt = now;
+    return jwks;
+}
+/**
+ * Invalidate the JWKS cache so the next verification re-fetches.
+ */
+export function invalidateJwksCache() {
+    _cachedJwks = null;
+    _jwksFetchedAt = 0;
+}
+/**
+ * Extract the Ed25519 public key from JWKS as a Node.js KeyObject.
+ */
+async function getEd25519PublicKey(gatewayUrl) {
+    const jwks = await fetchJwks(gatewayUrl);
+    const key = jwks.keys.find((k) => k.crv === "Ed25519" && k.kid === "scope-v1");
+    if (!key) {
+        throw new ScopeVerificationError("No Ed25519 scope key found in JWKS");
+    }
+    // Convert JWK to a Node.js KeyObject
+    return createPublicKey({
+        key: {
+            kty: "OKP",
+            crv: "Ed25519",
+            x: key.x,
+        },
+        format: "jwk",
+    });
+}
+// ── Token verification ────────────────────────────────────────────────
+/**
+ * Verify a Clampd scope token and return its claims.
+ *
+ * @param token - The scope token (format: base64url_payload.base64url_signature)
+ * @param publicKey - Optional Ed25519 public key (Node.js KeyObject). If not provided, fetches JWKS.
+ * @param gatewayUrl - Gateway URL for JWKS fetch. Falls back to env vars.
+ * @throws {ScopeVerificationError} On invalid/expired/missing token.
+ */
+export async function verifyScopeToken(token, publicKey, gatewayUrl) {
+    if (!token) {
+        throw new ScopeVerificationError("No scope token provided");
+    }
+    // Split token: base64url_payload.base64url_signature
+    const parts = token.split(".");
+    if (parts.length !== 2) {
+        throw new ScopeVerificationError(`Malformed token: expected 2 parts, got ${parts.length}`);
+    }
+    const [payloadB64, sigB64] = parts;
+    // Get public key
+    const pubKey = publicKey || (await getEd25519PublicKey(gatewayUrl));
+    // Decode signature
+    let sigBytes;
+    try {
+        sigBytes = Buffer.from(sigB64, "base64url");
+    }
+    catch (e) {
+        throw new ScopeVerificationError(`Signature decode error: ${e}`);
+    }
+    // Verify Ed25519 signature
+    const isValid = verify("ed25519", Buffer.from(payloadB64), pubKey, sigBytes);
+    if (!isValid) {
+        invalidateJwksCache();
+        throw new ScopeVerificationError("Invalid signature");
+    }
+    // Decode payload
+    let payload;
+    try {
+        const payloadStr = Buffer.from(payloadB64, "base64url").toString("utf-8");
+        payload = JSON.parse(payloadStr);
+    }
+    catch (e) {
+        throw new ScopeVerificationError(`Invalid payload: ${e}`);
+    }
+    // Extract claims
+    if (typeof payload.sub !== "string" || typeof payload.exp !== "number") {
+        throw new ScopeVerificationError("Missing required claim: sub or exp");
+    }
+    const claims = {
+        sub: payload.sub,
+        scope: payload.scope ?? "",
+        tool: payload.tool ?? "",
+        binding: payload.binding ?? "",
+        exp: payload.exp,
+        rid: payload.rid ?? "",
+    };
+    // Check expiry
+    if (Date.now() / 1000 > claims.exp) {
+        throw new ScopeVerificationError("Token expired", claims);
+    }
+    return claims;
+}
+// ── Context helpers ───────────────────────────────────────────────────
+/**
+ * Read the current scope token from async context.
+ *
+ * Returns the token set by the guard/openai/anthropic wrappers during the
+ * current tool call, or empty string if no token is available.
+ */
+export function getCurrentScopeToken() {
+    return scopeTokenStore.getStore() ?? _fallbackScopeToken ?? "";
+}
+// ── Convenience function ──────────────────────────────────────────────
+/**
+ * Verify scope token and check that a specific scope is granted.
+ *
+ * Combines getCurrentScopeToken(), verifyScopeToken(), and scope checking.
+ *
+ * @param requiredScope - The scope to check (e.g. "data:pii:query").
+ * @param token - Optional explicit token. If not provided, reads from context.
+ * @param publicKey - Optional Ed25519 public key.
+ * @param gatewayUrl - Gateway URL for JWKS fetch.
+ * @throws {ScopeVerificationError} If token is invalid or scope not granted.
+ */
+export async function requireScope(requiredScope, token, publicKey, gatewayUrl) {
+    const resolvedToken = token || getCurrentScopeToken();
+    if (!resolvedToken) {
+        throw new ScopeVerificationError("No scope token available in context");
+    }
+    const claims = await verifyScopeToken(resolvedToken, publicKey, gatewayUrl);
+    const grantedScopes = claims.scope.split(" ");
+    if (!grantedScopes.includes(requiredScope)) {
+        throw new ScopeVerificationError(`Scope '${requiredScope}' not granted (have: ${claims.scope})`, claims);
+    }
+    return claims;
+}
+//# sourceMappingURL=tool-verify.js.map

package/dist/tool-verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-verify.js","sourceRoot":"","sources":["../src/tool-verify.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,EAAE,MAAM,EAAE,eAAe,EAAa,MAAM,aAAa,CAAC;AACjE,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAmBrD,yEAAyE;AAEzE,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IAE7B;IACA;IAFlB,YACkB,MAAc,EACd,MAAyB;QAEzC,KAAK,CAAC,8BAA8B,MAAM,EAAE,CAAC,CAAC;QAH9B,WAAM,GAAN,MAAM,CAAQ;QACd,WAAM,GAAN,MAAM,CAAmB;QAGzC,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;IACvC,CAAC;CACF;AAED,yEAAyE;AAEzE,MAAM,eAAe,GAAG,IAAI,iBAAiB,EAAU,CAAC;AAExD;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAI,KAAa,EAAE,EAAW;IAC1D,OAAO,eAAe,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACxC,CAAC;AAED;;;GAGG;AACH,IAAI,mBAAmB,GAAG,EAAE,CAAC;AAE7B,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,mBAAmB,GAAG,KAAK,CAAC;AAC9B,CAAC;AAgBD,IAAI,WAAW,GAAwB,IAAI,CAAC;AAC5C,IAAI,cAAc,GAAG,CAAC,CAAC;AACvB,MAAM,eAAe,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,eAAe;AAEpD,SAAS,aAAa;IACpB,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,kBAAkB;QAC9B,OAAO,CAAC,GAAG,CAAC,cAAc;QAC1B,uBAAuB,CACxB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,UAAmB;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,IAAI,WAAW,IAAI,GAAG,GAAG,cAAc,GAAG,eAAe,EAAE,CAAC;QAC1D,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,UAAU,IAAI,aAAa,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAChE,MAAM,GAAG,GAAG,GAAG,IAAI,wBAAwB,CAAC;IAE5C,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACvE,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,MAAM,IAAI,sBAAsB,CAC9B,sBAAsB,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,UAAU,EAAE,CACvD,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,CAAiB,CAAC;IACjD,WAAW,GAAG,IAAI,CAAC;IACnB,cAAc,GAAG,GAAG,CAAC;IACrB,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB;IACjC,WAAW,GAAG,IAAI,CAAC;IACnB,cAAc,GAAG,CAAC,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,mBAAmB,CAChC,UAAmB;IAEnB,MAAM,IAAI,GAAG,MAAM,SAAS,CAAC,UAAU,CAAC,CAAC;IACzC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CACxB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,CAAC,GAAG,KAAK,UAAU,CACnD,CAAC;IACF,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,sBAAsB,CAAC,oCAAoC,CAAC,CAAC;IACzE,CAAC;IAED,qCAAqC;IACrC,OAAO,eAAe,CAAC;QACrB,GAAG,EAAE;YACH,GAAG,EAAE,KAAK;YACV,GAAG,EAAE,SAAS;YACd,CAAC,EAAE,GAAG,CAAC,CAAC;SACT;QACD,MAAM,EAAE,KAAK;KACd,CAAC,CAAC;AACL,CAAC;AAED,yEAAyE;AAEzE;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAa,EACb,SAAqB,EACrB,UAAmB;IAEnB,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,sBAAsB,CAAC,yBAAyB,CAAC,CAAC;IAC9D,CAAC;IAED,qDAAqD;IACrD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,sBAAsB,CAC9B,0CAA0C,KAAK,CAAC,MAAM,EAAE,CACzD,CAAC;IACJ,CAAC;IAED,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC;IAEnC,iBAAiB;IACjB,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,MAAM,mBAAmB,CAAC,UAAU,CAAC,CAAC,CAAC;IAEpE,mBAAmB;IACnB,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;IAC9C,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,sBAAsB,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,2BAA2B;IAC3B,MAAM,OAAO,GAAG,MAAM,CACpB,SAAS,EACT,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EACvB,MAAM,EACN,QAAQ,CACT,CAAC;IACF,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,mBAAmB,EAAE,CAAC;QACtB,MAAM,IAAI,sBAAsB,CAAC,mBAAmB,CAAC,CAAC;IACxD,CAAC;IAED,iBAAiB;IACjB,IAAI,OAAgC,CAAC;IACrC,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC1E,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IACnC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,sBAAsB,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC;IAC5D,CAAC;IAED,iBAAiB;IACjB,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,IAAI,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;QACvE,MAAM,IAAI,sBAAsB,CAAC,oCAAoC,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,MAAM,GAAqB;QAC/B,GAAG,EAAE,OAAO,CAAC,GAAa;QAC1B,KAAK,EAAG,OAAO,CAAC,KAAgB,IAAI,EAAE;QACtC,IAAI,EAAG,OAAO,CAAC,IAAe,IAAI,EAAE;QACpC,OAAO,EAAG,OAAO,CAAC,OAAkB,IAAI,EAAE;QAC1C,GAAG,EAAE,OAAO,CAAC,GAAa;QAC1B,GAAG,EAAG,OAAO,CAAC,GAAc,IAAI,EAAE;KACnC,CAAC;IAEF,eAAe;IACf,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC;QACnC,MAAM,IAAI,sBAAsB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC5D,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,yEAAyE;AAEzE;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB;IAClC,OAAO,eAAe,CAAC,QAAQ,EAAE,IAAI,mBAAmB,IAAI,EAAE,CAAC;AACjE,CAAC;AAED,yEAAyE;AAEzE;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,aAAqB,EACrB,KAAc,EACd,SAAqB,EACrB,UAAmB;IAEnB,MAAM,aAAa,GAAG,KAAK,IAAI,oBAAoB,EAAE,CAAC;IACtD,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,sBAAsB,CAAC,qCAAqC,CAAC,CAAC;IAC1E,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,aAAa,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAE5E,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9C,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,sBAAsB,CAC9B,UAAU,aAAa,wBAAwB,MAAM,CAAC,KAAK,GAAG,EAC9D,MAAM,CACP,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}