@dupecom/botcha-cloudflare 0.20.2 → 0.23.0

package/dist/tap-a2a-routes.d.ts

@@ -0,0 +1,355 @@
+/**
+ * A2A Agent Card Attestation — Route Handlers
+ *
+ * Routes:
+ *   GET  /.well-known/agent.json   — BOTCHA's own A2A Agent Card
+ *   POST /v1/a2a/attest            — Attest an A2A Agent Card
+ *   POST /v1/a2a/verify-card       — Verify an attested A2A Agent Card
+ *   GET  /v1/a2a/cards             — List BOTCHA-verified Agent Cards
+ *   GET  /v1/a2a/cards/:id         — Get a specific A2A attestation record
+ */
+import type { Context } from 'hono';
+/**
+ * GET /.well-known/agent.json
+ *
+ * BOTCHA's own A2A Agent Card. Serves the standard A2A discovery document
+ * so any A2A-compatible agent can discover BOTCHA's skills and auth requirements.
+ *
+ * No auth required — this is a public discovery endpoint.
+ */
+export declare function agentCardRoute(c: Context): Promise<Response & import("hono").TypedResponse<{
+    [x: string]: import("hono/utils/types").JSONValue;
+    name: string;
+    description?: string | undefined;
+    url: string;
+    version?: string | undefined;
+    documentationUrl?: string | undefined;
+    capabilities?: {
+        streaming?: boolean | undefined;
+        pushNotifications?: boolean | undefined;
+        stateTransitionHistory?: boolean | undefined;
+    } | undefined;
+    authentication?: {
+        schemes: string[];
+        description?: string | undefined;
+        credentials?: {
+            [x: string]: string;
+        } | undefined;
+    }[] | undefined;
+    defaultInputModes?: string[] | undefined;
+    defaultOutputModes?: string[] | undefined;
+    skills?: {
+        id: string;
+        name: string;
+        description?: string | undefined;
+        tags?: string[] | undefined;
+        examples?: string[] | undefined;
+        inputModes?: string[] | undefined;
+        outputModes?: string[] | undefined;
+    }[] | undefined;
+    extensions?: {
+        [x: string]: import("hono/utils/types").JSONValue;
+        botcha_attestation?: {
+            token: string;
+            verified_at: string;
+            trust_level: string;
+            issuer: string;
+            card_hash: string;
+            expires_at: string;
+        } | undefined;
+    } | undefined;
+}, 200, "json">>;
+/**
+ * POST /v1/a2a/attest
+ *
+ * Attest an A2A Agent Card. BOTCHA verifies the card structure, hashes its
+ * content, signs a JWT attestation, and embeds it in extensions.botcha_attestation.
+ *
+ * Request body:
+ *   card             — A2A Agent Card JSON (required)
+ *   duration_seconds — TTL for attestation (default 86400, max 2592000)
+ *   trust_level      — 'basic' | 'verified' | 'enterprise' (default 'verified')
+ *
+ * Auth: BOTCHA Bearer token (app_id required)
+ */
+export declare function attestCardRoute(c: Context): Promise<(Response & import("hono").TypedResponse<{
+    success: false;
+    error: string | undefined;
+    message: string;
+    hint: string;
+}, 401 | 403, "json">) | (Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string | undefined;
+}, 400 | 500, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    message: string;
+    attestation: {
+        attestation_id: string;
+        agent_url: string;
+        agent_name: string;
+        app_id: string;
+        card_hash: string;
+        trust_level: string;
+        token: string;
+        created_at: string;
+        expires_at: string;
+    };
+    attested_card: {
+        [x: string]: import("hono/utils/types").JSONValue;
+        name: string;
+        description?: string | undefined;
+        url: string;
+        version?: string | undefined;
+        documentationUrl?: string | undefined;
+        capabilities?: {
+            streaming?: boolean | undefined;
+            pushNotifications?: boolean | undefined;
+            stateTransitionHistory?: boolean | undefined;
+        } | undefined;
+        authentication?: {
+            schemes: string[];
+            description?: string | undefined;
+            credentials?: {
+                [x: string]: string;
+            } | undefined;
+        }[] | undefined;
+        defaultInputModes?: string[] | undefined;
+        defaultOutputModes?: string[] | undefined;
+        skills?: {
+            id: string;
+            name: string;
+            description?: string | undefined;
+            tags?: string[] | undefined;
+            examples?: string[] | undefined;
+            inputModes?: string[] | undefined;
+            outputModes?: string[] | undefined;
+        }[] | undefined;
+        extensions?: {
+            [x: string]: import("hono/utils/types").JSONValue;
+            botcha_attestation?: {
+                token: string;
+                verified_at: string;
+                trust_level: string;
+                issuer: string;
+                card_hash: string;
+                expires_at: string;
+            } | undefined;
+        } | undefined;
+    } | undefined;
+    usage: {
+        note: string;
+        verify: string;
+        registry: string;
+    };
+}, 201, "json">)>;
+/**
+ * POST /v1/a2a/verify-card
+ *
+ * Verify a BOTCHA-attested A2A Agent Card. Any agent can call this endpoint
+ * to check whether a card's attestation is valid. No auth required.
+ *
+ * Request body:
+ *   card  — A2A Agent Card JSON including extensions.botcha_attestation (required)
+ *
+ * Returns:
+ *   valid: true  → card is verified, claims decoded
+ *   valid: false → reason for failure (expired, tampered, revoked, missing)
+ */
+export declare function verifyCardRoute(c: Context): Promise<(Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string;
+}, 400, "json">) | (Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string | undefined;
+}, 500, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    valid: false;
+    verified: false;
+    error: string | undefined;
+    reason: string | undefined;
+    attestation_id: string | null;
+    card_hash: string | null;
+}, 200, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    valid: true;
+    verified: true;
+    attestation_id: string | undefined;
+    agent_url: string | undefined;
+    agent_name: string | undefined;
+    card_hash: string | undefined;
+    trust_level: string | undefined;
+    app_id: string | undefined;
+    issued_at: string | undefined;
+    expires_at: string | undefined;
+    issuer: string;
+    message: string;
+}, 200, "json">)>;
+/**
+ * GET /v1/a2a/cards
+ *
+ * List BOTCHA-verified A2A Agent Cards from the public registry.
+ *
+ * Query params:
+ *   verified=true   — only non-revoked (default true)
+ *   agent_url=      — filter by agent URL
+ *   limit=          — max results (default 50, max 200)
+ *
+ * No auth required — this is a public discovery endpoint.
+ */
+export declare function listCardsRoute(c: Context): Promise<(Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string | undefined;
+}, 500, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    count: number;
+    verified_only: boolean;
+    agent_url_filter: string | null;
+    cards: {
+        attestation_id: string;
+        agent_url: string;
+        agent_name: string;
+        app_id: string;
+        card_hash: string;
+        trust_level: string;
+        created_at: string;
+        expires_at: string;
+        revoked: boolean;
+    }[];
+    meta: {
+        note: string;
+        verify: string;
+        attest: string;
+    };
+}, 200, "json">)>;
+/**
+ * GET /v1/a2a/cards/:id
+ *
+ * Get a specific A2A attestation record by attestation ID.
+ * No auth required — public registry lookup.
+ */
+export declare function getCardAttestationRoute(c: Context): Promise<(Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string;
+}, 400, "json">) | (Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string;
+}, 404, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    attestation_id: string;
+    agent_url: string;
+    agent_name: string;
+    app_id: string;
+    card_hash: string;
+    trust_level: string;
+    created_at: string;
+    expires_at: string;
+    revoked: boolean;
+    revoked_at: string | null;
+}, 200, "json">) | (Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string;
+}, 500, "json">)>;
+/**
+ * POST /v1/a2a/verify-agent
+ *
+ * Verify an agent by agent_card (with embedded attestation) or by agent_url.
+ * Convenience wrapper: accepts the same payload as /v1/a2a/verify-card
+ * plus an `agent_url` shorthand to look up the latest active attestation.
+ */
+export declare function verifyAgentRoute(c: Context): Promise<(Response & import("hono").TypedResponse<{
+    success: false;
+    verified: false;
+    error: string;
+    message: string;
+}, 404, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    verified: true;
+    agent_url: string;
+    agent_name: string;
+    attestation_id: string;
+    trust_level: string;
+    issued_at: string;
+    expires_at: string;
+    issuer: string;
+}, import("hono/utils/http-status").ContentfulStatusCode, "json">) | (Response & import("hono").TypedResponse<{
+    success: false;
+    verified: false;
+    error: string;
+    message: string;
+    example: {
+        agent_card: {
+            name: string;
+            url: string;
+            extensions: {
+                botcha_attestation: string;
+            };
+        };
+    };
+}, 400, "json">) | (Response & import("hono").TypedResponse<{
+    success: false;
+    verified: false;
+    error: string;
+    valid: false;
+}, 400 | 200, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    verified: boolean | undefined;
+    valid: boolean | undefined;
+    attestation_id: string | undefined;
+    trust_level: string | undefined;
+    card_hash: string | undefined;
+    issued_at: string | undefined;
+    expires_at: string | undefined;
+    issuer: string;
+}, import("hono/utils/http-status").ContentfulStatusCode, "json">) | (Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string;
+}, 500, "json">)>;
+/**
+ * GET /v1/a2a/trust-level/:agent_url
+ *
+ * Returns the current trust level for an agent identified by URL.
+ * The :agent_url path param should be URL-encoded.
+ */
+export declare function agentTrustLevelRoute(c: Context): Promise<(Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string;
+}, 400, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    agent_url: string;
+    trust_level: string;
+    attestation_count: number;
+    message: string;
+}, import("hono/utils/http-status").ContentfulStatusCode, "json">) | (Response & import("hono").TypedResponse<{
+    success: true;
+    agent_url: string;
+    agent_name: string;
+    trust_level: string;
+    attestation_id: string;
+    issued_at: string;
+    expires_at: string;
+    verified: boolean;
+}, import("hono/utils/http-status").ContentfulStatusCode, "json">) | (Response & import("hono").TypedResponse<{
+    success: false;
+    error: string;
+    message: string;
+}, 500, "json">)>;
+declare const _default: {
+    agentCardRoute: typeof agentCardRoute;
+    attestCardRoute: typeof attestCardRoute;
+    verifyCardRoute: typeof verifyCardRoute;
+    listCardsRoute: typeof listCardsRoute;
+    getCardAttestationRoute: typeof getCardAttestationRoute;
+    verifyAgentRoute: typeof verifyAgentRoute;
+    agentTrustLevelRoute: typeof agentTrustLevelRoute;
+};
+export default _default;
+//# sourceMappingURL=tap-a2a-routes.d.ts.map

package/dist/tap-a2a-routes.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tap-a2a-routes.d.ts","sourceRoot":"","sources":["../src/tap-a2a-routes.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AA6DpC;;;;;;;GAOG;AACH,wBAAsB,cAAc,CAAC,CAAC,EAAE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAS9C;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,eAAe,CAAC,CAAC,EAAE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAsF/C;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,eAAe,CAAC,CAAC,EAAE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBA4D/C;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,cAAc,CAAC,CAAC,EAAE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;kBA0D9C;AAED;;;;;GAKG;AACH,wBAAsB,uBAAuB,CAAC,CAAC,EAAE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;kBA6CvD;AAED;;;;;;GAMG;AACH,wBAAsB,gBAAgB,CAAC,CAAC,EAAE,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBA4EhD;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CAAC,CAAC,EAAE,OAAO;;;;;;;;;;;;;;;;;;;;;;;kBA4CpD;;;;;;;;;;AAED,wBAQE"}