@fedify/fedify 2.1.0-dev.503 → 2.1.0-dev.523

package/dist/{middleware-BelSJK7m.js → middleware-Dn9UDJZP.js}

@@ -3,24 +3,24 @@
       import { URLPattern } from "urlpattern-polyfill";
       globalThis.addEventListener = () => {};
     
-import { deno_default } from "./deno-BYerLnry.js";
+import { deno_default } from "./deno-CQdJQjC5.js";
 import { getNodeInfo } from "./client-Dg7OfUDA.js";
 import { RouterError } from "./router-D9eI0s4b.js";
 import { nodeInfoToJson } from "./types-CPz01LGH.js";
-import { exportJwk, importJwk, validateCryptoKey } from "./key-DCdTVZiK.js";
-import { verifyRequest } from "./http-S2U3qDwN.js";
-import { detachSignature, hasSignature, signJsonLd, verifyJsonLd } from "./ld-CrX7pQda.js";
-import { doesActorOwnKey, getKeyOwner } from "./owner-BAlnLKMO.js";
-import { signObject, verifyObject } from "./proof-DMgHaXNJ.js";
-import { getAuthenticatedDocumentLoader } from "./docloader-MSkogD2T.js";
+import { exportJwk, importJwk, validateCryptoKey } from "./key-DRgvVevp.js";
+import { verifyRequest, verifyRequestDetailed } from "./http-DK0CTomU.js";
+import { detachSignature, hasSignature, signJsonLd, verifyJsonLd } from "./ld-s9_8WfBc.js";
+import { doesActorOwnKey, getKeyOwner } from "./owner-Cx8gV-j4.js";
+import { signObject, verifyObject } from "./proof-CDr3NP3R.js";
+import { getAuthenticatedDocumentLoader } from "./docloader-Cyl0-S8m.js";
 import { kvCache } from "./kv-cache-B__dHl7g.js";
-import { routeActivity } from "./inbox-BaA0g5I_.js";
-import { FederationBuilderImpl } from "./builder-BHUnSQtB.js";
+import { routeActivity } from "./inbox-CWa6sqsk.js";
+import { FederationBuilderImpl } from "./builder-CJkMYxxc.js";
 import { buildCollectionSynchronizationHeader } from "./collection-CcnIw1qY.js";
-import { KvKeyCache } from "./keycache-DRxpZ5r9.js";
+import { KvKeyCache } from "./keycache-C7k8s1Bk.js";
 import { acceptsJsonLd } from "./negotiation-5NPJL6zp.js";
 import { createExponentialBackoffPolicy } from "./retry-D4GJ670a.js";
-import { SendActivityError, extractInboxes, sendActivity } from "./send-B2aZYf9A.js";
+import { SendActivityError, extractInboxes, sendActivity } from "./send-DreBSY1U.js";
 import { getLogger, withContext } from "@logtape/logtape";
 import { Activity, Collection, CollectionPage, CryptographicKey, Link, Multikey, Object as Object$1, OrderedCollection, OrderedCollectionPage, getTypeId, lookupObject, traverseCollection } from "@fedify/vocab";
 import { FetchError, getDocumentLoader } from "@fedify/vocab-runtime";
@@ -410,7 +410,7 @@ async function handleInbox(request, options) {
 * @returns A promise that resolves to an HTTP response.
 */
 async function handleInboxInternal(request, parameters, span) {
-	const { recipient, context: ctx, inboxContextFactory, kv, kvPrefixes, queue, actorDispatcher, inboxListeners, inboxErrorHandler, onNotFound, signatureTimeWindow, skipSignatureVerification, tracerProvider } = parameters;
+	const { recipient, context: ctx, inboxContextFactory, kv, kvPrefixes, queue, actorDispatcher, inboxListeners, inboxErrorHandler, unverifiedActivityHandler, onNotFound, signatureTimeWindow, skipSignatureVerification, tracerProvider } = parameters;
 	const logger$2 = getLogger([
 		"fedify",
 		"federation",
@@ -505,12 +505,14 @@ async function handleInboxInternal(request, parameters, span) {
 	}
 	const jsonWithoutSig = detachSignature(json);
 	let activity = null;
+	let activityVerified = false;
 	if (ldSigVerified) {
 		logger$2.debug("Linked Data Signatures are verified.", {
 			recipient,
 			json
 		});
 		activity = await Activity.fromJsonLd(jsonWithoutSig, ctx);
+		activityVerified = true;
 	} else {
 		logger$2.debug("Linked Data Signatures are not verified.", {
 			recipient,
@@ -551,34 +553,107 @@ async function handleInboxInternal(request, parameters, span) {
 			recipient,
 			activity: json
 		});
-		else logger$2.debug("Object Integrity Proofs are verified.", {
-			recipient,
-			activity: json
-		});
+		else {
+			logger$2.debug("Object Integrity Proofs are verified.", {
+				recipient,
+				activity: json
+			});
+			activityVerified = true;
+		}
 	}
 	let httpSigKey = null;
 	if (activity == null) {
 		if (!skipSignatureVerification) {
-			const key = await verifyRequest(request, {
+			const verification = await verifyRequestDetailed(request, {
 				contextLoader: ctx.contextLoader,
 				documentLoader: ctx.documentLoader,
 				timeWindow: signatureTimeWindow,
 				keyCache,
 				tracerProvider
 			});
-			if (key == null) {
-				logger$2.error("Failed to verify the request's HTTP Signatures.", { recipient });
+			if (verification.verified === false) {
+				const reason = verification.reason;
+				logger$2.error("Failed to verify the request's HTTP Signatures.", {
+					recipient,
+					reason: reason.type,
+					keyId: "keyId" in reason ? reason.keyId?.href : void 0
+				});
 				span.setStatus({
 					code: SpanStatusCode.ERROR,
 					message: `Failed to verify the request's HTTP Signatures.`
 				});
-				const response = new Response("Failed to verify the request signature.", {
+				if (unverifiedActivityHandler == null) return new Response("Failed to verify the request signature.", {
+					status: 401,
+					headers: { "Content-Type": "text/plain; charset=utf-8" }
+				});
+				try {
+					activity = await Activity.fromJsonLd(jsonWithoutSig, ctx);
+				} catch (error) {
+					logger$2.error("Failed to parse activity:\n{error}", {
+						recipient,
+						activity: json,
+						error
+					});
+					try {
+						await inboxErrorHandler?.(ctx, error);
+					} catch (error$1) {
+						logger$2.error("An unexpected error occurred in inbox error handler:\n{error}", {
+							error: error$1,
+							activity: json,
+							recipient
+						});
+					}
+					return new Response("Invalid activity.", {
+						status: 400,
+						headers: { "Content-Type": "text/plain; charset=utf-8" }
+					});
+				}
+				if (activity.id != null) span.setAttribute("activitypub.activity.id", activity.id.href);
+				span.setAttribute("activitypub.activity.type", getTypeId(activity).href);
+				const eventAttributes = {
+					"activitypub.activity.json": JSON.stringify(json),
+					"activitypub.activity.verified": false,
+					"ld_signatures.verified": ldSigVerified,
+					"http_signatures.verified": false,
+					"http_signatures.key_id": "keyId" in reason ? reason.keyId?.href ?? "" : "",
+					"http_signatures.failure_reason": reason.type
+				};
+				if (reason.type === "keyFetchError") if ("status" in reason.result) eventAttributes["http_signatures.key_fetch_status"] = reason.result.status;
+				else eventAttributes["http_signatures.key_fetch_error"] = reason.result.error.name || reason.result.error.constructor.name || "Error";
+				span.addEvent("activitypub.activity.received", eventAttributes);
+				let response;
+				try {
+					response = await unverifiedActivityHandler(ctx, activity, reason);
+				} catch (error) {
+					logger$2.error("An unexpected error occurred in unverified activity handler:\n{error}", {
+						error,
+						activity: json,
+						recipient
+					});
+					try {
+						await inboxErrorHandler?.(ctx, error);
+					} catch (error$1) {
+						logger$2.error("An unexpected error occurred in inbox error handler:\n{error}", {
+							error: error$1,
+							activity: json,
+							recipient
+						});
+					}
+					return new Response("Failed to verify the request signature.", {
+						status: 401,
+						headers: { "Content-Type": "text/plain; charset=utf-8" }
+					});
+				}
+				if (response instanceof Response) return response;
+				return new Response("Failed to verify the request signature.", {
 					status: 401,
 					headers: { "Content-Type": "text/plain; charset=utf-8" }
 				});
-				return response;
-			} else logger$2.debug("HTTP Signatures are verified.", { recipient });
-			httpSigKey = key;
+			} else {
+				logger$2.debug("HTTP Signatures are verified.", { recipient });
+				activityVerified = true;
+			}
+			httpSigKey = verification.key;
 		}
 		activity = await Activity.fromJsonLd(jsonWithoutSig, ctx);
 	}
@@ -586,7 +661,7 @@ async function handleInboxInternal(request, parameters, span) {
 	span.setAttribute("activitypub.activity.type", getTypeId(activity).href);
 	span.addEvent("activitypub.activity.received", {
 		"activitypub.activity.json": JSON.stringify(json),
-		"activitypub.activity.verified": activity != null,
+		"activitypub.activity.verified": activityVerified,
 		"ld_signatures.verified": ldSigVerified,
 		"http_signatures.verified": httpSigKey != null,
 		"http_signatures.key_id": httpSigKey?.id?.href ?? ""
@@ -2055,6 +2130,7 @@ var FederationImpl = class extends FederationBuilderImpl {
 					actorDispatcher: this.actorCallbacks?.dispatcher,
 					inboxListeners: this.inboxListeners,
 					inboxErrorHandler: this.inboxErrorHandler,
+					unverifiedActivityHandler: this.unverifiedActivityHandler,
 					onNotFound,
 					signatureTimeWindow: this.signatureTimeWindow,
 					skipSignatureVerification: this.skipSignatureVerification,

package/dist/{mod-CwZXZJ9d.d.ts → mod-BugwI0JN.d.ts}

@@ -1,6 +1,6 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
-import { HttpMessageSignaturesSpecDeterminer } from "./http-DkHdFfrc.js";
+import { HttpMessageSignaturesSpecDeterminer } from "./http-BbfOqHGG.js";
 import { KvKey, KvStore } from "./kv-DXEUEP6z.js";
 import { TracerProvider } from "@opentelemetry/api";
 import { DocumentLoader, DocumentLoaderFactoryOptions } from "@fedify/vocab-runtime";

package/dist/{mod-DPkRU3EK.d.cts → mod-CFBU2OT3.d.cts}

@@ -1,4 +1,4 @@
-import { KeyCache } from "./http-Cz3MlXAZ.cjs";
+import { KeyCache } from "./http-DsqqmkXi.cjs";
 import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "@fedify/vocab";
 import { DocumentLoader } from "@fedify/vocab-runtime";
 import { TracerProvider } from "@opentelemetry/api";

package/dist/{mod-DUWcVv49.d.ts → mod-CvxylbuV.d.ts}

@@ -1,6 +1,6 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
-import { KeyCache } from "./http-DkHdFfrc.js";
+import { KeyCache } from "./http-BbfOqHGG.js";
 import { CryptographicKey, DataIntegrityProof, Multikey, Object as Object$1 } from "@fedify/vocab";
 import { TracerProvider } from "@opentelemetry/api";
 import { DocumentLoader } from "@fedify/vocab-runtime";

package/dist/{mod-DVwHUI_x.d.cts → mod-DE8MYisy.d.cts}

@@ -1,4 +1,4 @@
-import { ActivityTransformer, Context } from "./context-D3QkEtZd.cjs";
+import { ActivityTransformer, Context } from "./context-DL0cPpPV.cjs";
 import { Activity } from "@fedify/vocab";
 
 //#region src/compat/transformers.d.ts

package/dist/{mod-DXsQakeS.d.cts → mod-DKG0ovjR.d.cts}

@@ -1,4 +1,4 @@
-import { HttpMessageSignaturesSpecDeterminer } from "./http-Cz3MlXAZ.cjs";
+import { HttpMessageSignaturesSpecDeterminer } from "./http-DsqqmkXi.cjs";
 import { KvKey, KvStore } from "./kv-BL4nlICN.cjs";
 import { DocumentLoader, DocumentLoaderFactoryOptions } from "@fedify/vocab-runtime";
 import { TracerProvider } from "@opentelemetry/api";

package/dist/{mod-DnSsduJF.d.ts → mod-DcfFNgYf.d.ts}

@@ -1,6 +1,6 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
-import { ActorAliasMapper, ActorDispatcher, ActorHandleMapper, RequestContext, WebFingerLinksDispatcher } from "./context-DZJhUmzF.js";
+import { ActorAliasMapper, ActorDispatcher, ActorHandleMapper, RequestContext, WebFingerLinksDispatcher } from "./context--RwChtri.js";
 import { Span, Tracer } from "@opentelemetry/api";
 
 //#region src/federation/webfinger.d.ts

package/dist/{mod-Di3W5OdP.d.cts → mod-Dp0kK0hO.d.cts}

@@ -1,4 +1,4 @@
-import { ActorAliasMapper, ActorDispatcher, ActorHandleMapper, RequestContext, WebFingerLinksDispatcher } from "./context-D3QkEtZd.cjs";
+import { ActorAliasMapper, ActorDispatcher, ActorHandleMapper, RequestContext, WebFingerLinksDispatcher } from "./context-DL0cPpPV.cjs";
 import { Span, Tracer } from "@opentelemetry/api";
 
 //#region src/federation/webfinger.d.ts

package/dist/{mod-DosD6NsG.d.ts → mod-Z7lIaCfo.d.ts}

@@ -1,6 +1,6 @@
 import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
-import { ActivityTransformer, Context } from "./context-DZJhUmzF.js";
+import { ActivityTransformer, Context } from "./context--RwChtri.js";
 import { Activity } from "@fedify/vocab";
 
 //#region src/compat/transformers.d.ts

package/dist/mod.cjs

@@ -5,12 +5,12 @@
 const require_chunk = require('./chunk-CGaQZ11T.cjs');
 const require_transformers = require('./transformers-3g8GZwkZ.cjs');
 require('./compat-DmDDELst.cjs');
-const require_http = require('./http-DJT6NciB.cjs');
-const require_middleware = require('./middleware-D4S6i4A_.cjs');
-const require_proof = require('./proof-CR5RUAmy.cjs');
+const require_http = require('./http-D6a6mMc0.cjs');
+const require_middleware = require('./middleware-BoCzk7-G.cjs');
+const require_proof = require('./proof-qHcNgE5i.cjs');
 const require_federation = require('./federation-Bp3HI26G.cjs');
 const require_types = require('./types-Cd_hszr_.cjs');
-const require_kv_cache = require('./kv-cache-Vtxhbo1W.cjs');
+const require_kv_cache = require('./kv-cache-DPtsJ1sL.cjs');
 require('./nodeinfo-DuMYTpbZ.cjs');
 const require_runtime = require('./runtime-c2Njxsry.cjs');
 require('./sig-vX39WyWI.cjs');
@@ -39,6 +39,7 @@ require_chunk.__export(src_exports, {
 	doesActorOwnKey: () => require_proof.doesActorOwnKey,
 	exportJwk: () => require_http.exportJwk,
 	fetchKey: () => require_http.fetchKey,
+	fetchKeyDetailed: () => require_http.fetchKeyDetailed,
 	generateCryptoKeyPair: () => require_http.generateCryptoKeyPair,
 	getAuthenticatedDocumentLoader: () => require_kv_cache.getAuthenticatedDocumentLoader,
 	getDefaultActivityTransformers: () => require_transformers.getDefaultActivityTransformers,
@@ -58,6 +59,7 @@ require_chunk.__export(src_exports, {
 	verifyObject: () => require_proof.verifyObject,
 	verifyProof: () => require_proof.verifyProof,
 	verifyRequest: () => require_http.verifyRequest,
+	verifyRequestDetailed: () => require_http.verifyRequestDetailed,
 	verifySignature: () => require_proof.verifySignature
 });
 require_chunk.__reExport(src_exports, require_runtime.runtime_exports);
@@ -83,6 +85,7 @@ exports.digest = require_middleware.digest;
 exports.doesActorOwnKey = require_proof.doesActorOwnKey;
 exports.exportJwk = require_http.exportJwk;
 exports.fetchKey = require_http.fetchKey;
+exports.fetchKeyDetailed = require_http.fetchKeyDetailed;
 exports.generateCryptoKeyPair = require_http.generateCryptoKeyPair;
 exports.getAuthenticatedDocumentLoader = require_kv_cache.getAuthenticatedDocumentLoader;
 exports.getDefaultActivityTransformers = require_transformers.getDefaultActivityTransformers;
@@ -102,4 +105,5 @@ exports.verifyJsonLd = require_proof.verifyJsonLd;
 exports.verifyObject = require_proof.verifyObject;
 exports.verifyProof = require_proof.verifyProof;
 exports.verifyRequest = require_http.verifyRequest;
+exports.verifyRequestDetailed = require_http.verifyRequestDetailed;
 exports.verifySignature = require_proof.verifySignature;

package/dist/mod.d.cts

@@ -1,20 +1,20 @@
 import { __export, __reExport, mod_d_exports } from "./mod-Bh8mqlYw.cjs";
 import { GetNodeInfoOptions, InboundService, JsonValue, NodeInfo, OutboundService, ParseNodeInfoOptions, Protocol, Services, Software, Usage, getNodeInfo, nodeInfoToJson, parseNodeInfo } from "./client-C97KOq3x.cjs";
-import { FetchKeyOptions, FetchKeyResult, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, KeyCache, SignRequestOptions, VerifyRequestOptions, exportJwk, fetchKey, generateCryptoKeyPair, importJwk, signRequest, verifyRequest } from "./http-Cz3MlXAZ.cjs";
+import { FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, KeyCache, SignRequestOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, exportJwk, fetchKey, fetchKeyDetailed, generateCryptoKeyPair, importJwk, signRequest, verifyRequest, verifyRequestDetailed } from "./http-DsqqmkXi.cjs";
 import { DoesActorOwnKeyOptions, GetKeyOwnerOptions, doesActorOwnKey, getKeyOwner } from "./owner-1AbPBOOZ.cjs";
-import { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, ForwardActivityOptions, GetSignedKeyOptions, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseUriResult, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, SharedInboxKeyDispatcher, WebFingerLinksDispatcher, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, respondWithObject, respondWithObjectIfAcceptable } from "./context-D3QkEtZd.cjs";
+import { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, ForwardActivityOptions, GetSignedKeyOptions, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseUriResult, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, SharedInboxKeyDispatcher, UnverifiedActivityHandler, UnverifiedActivityReason, WebFingerLinksDispatcher, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, respondWithObject, respondWithObjectIfAcceptable } from "./context-DL0cPpPV.cjs";
 import { KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore } from "./kv-BL4nlICN.cjs";
-import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "./mod-DVwHUI_x.cjs";
-import { WebFingerHandlerParameters, handleWebFinger } from "./mod-Di3W5OdP.cjs";
+import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "./mod-DE8MYisy.cjs";
+import { WebFingerHandlerParameters, handleWebFinger } from "./mod-Dp0kK0hO.cjs";
 import "./mod-gq_Xfdz8.cjs";
-import { CreateProofOptions, CreateSignatureOptions, SignJsonLdOptions, SignObjectOptions, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature } from "./mod-DPkRU3EK.cjs";
-import { getAuthenticatedDocumentLoader, kvCache } from "./mod-DXsQakeS.cjs";
+import { CreateProofOptions, CreateSignatureOptions, SignJsonLdOptions, SignObjectOptions, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature } from "./mod-CFBU2OT3.cjs";
+import { getAuthenticatedDocumentLoader, kvCache } from "./mod-DKG0ovjR.cjs";
 
 //#region src/mod.d.ts
 declare namespace mod_d_exports$1 {
-  export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CreateProofOptions, CreateSignatureOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, DoesActorOwnKeyOptions, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, FetchKeyOptions, FetchKeyResult, ForwardActivityOptions, GetKeyOwnerOptions, GetNodeInfoOptions, GetSignedKeyOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboundService, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, JsonValue, KeyCache, KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfo, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboundService, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseNodeInfoOptions, ParseUriResult, Protocol, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, Services, SharedInboxKeyDispatcher, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, Software, Usage, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestOptions, VerifySignatureOptions, WebFingerHandlerParameters, WebFingerLinksDispatcher, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifySignature };
+  export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CreateProofOptions, CreateSignatureOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, DoesActorOwnKeyOptions, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, ForwardActivityOptions, GetKeyOwnerOptions, GetNodeInfoOptions, GetSignedKeyOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboundService, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, JsonValue, KeyCache, KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfo, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboundService, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseNodeInfoOptions, ParseUriResult, Protocol, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, Services, SharedInboxKeyDispatcher, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, Software, UnverifiedActivityHandler, UnverifiedActivityReason, Usage, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, VerifySignatureOptions, WebFingerHandlerParameters, WebFingerLinksDispatcher, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };
 }
 __reExport(mod_d_exports$1, mod_d_exports);
 
 //#endregion
-export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CreateProofOptions, CreateSignatureOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, DoesActorOwnKeyOptions, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, FetchKeyOptions, FetchKeyResult, ForwardActivityOptions, GetKeyOwnerOptions, GetNodeInfoOptions, GetSignedKeyOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboundService, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, JsonValue, KeyCache, KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfo, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboundService, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseNodeInfoOptions, ParseUriResult, Protocol, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, Services, SharedInboxKeyDispatcher, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, Software, Usage, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestOptions, VerifySignatureOptions, WebFingerHandlerParameters, WebFingerLinksDispatcher, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifySignature };
+export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CreateProofOptions, CreateSignatureOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, DoesActorOwnKeyOptions, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, ForwardActivityOptions, GetKeyOwnerOptions, GetNodeInfoOptions, GetSignedKeyOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboundService, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, JsonValue, KeyCache, KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfo, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboundService, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseNodeInfoOptions, ParseUriResult, Protocol, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, Services, SharedInboxKeyDispatcher, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, Software, UnverifiedActivityHandler, UnverifiedActivityReason, Usage, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, VerifySignatureOptions, WebFingerHandlerParameters, WebFingerLinksDispatcher, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };

package/dist/mod.d.ts

@@ -2,22 +2,22 @@ import { Temporal } from "@js-temporal/polyfill";
 import { URLPattern } from "urlpattern-polyfill";
 import { __export, __reExport } from "./chunk-DJNbSFdH.js";
 import { GetNodeInfoOptions, InboundService, JsonValue, NodeInfo, OutboundService, ParseNodeInfoOptions, Protocol, Services, Software, Usage, getNodeInfo, nodeInfoToJson, parseNodeInfo } from "./client-BxMZiQaD.js";
-import { FetchKeyOptions, FetchKeyResult, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, KeyCache, SignRequestOptions, VerifyRequestOptions, exportJwk, fetchKey, generateCryptoKeyPair, importJwk, signRequest, verifyRequest } from "./http-DkHdFfrc.js";
+import { FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, KeyCache, SignRequestOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, exportJwk, fetchKey, fetchKeyDetailed, generateCryptoKeyPair, importJwk, signRequest, verifyRequest, verifyRequestDetailed } from "./http-BbfOqHGG.js";
 import { DoesActorOwnKeyOptions, GetKeyOwnerOptions, doesActorOwnKey, getKeyOwner } from "./owner-gd0Q9FuU.js";
-import { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, ForwardActivityOptions, GetSignedKeyOptions, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseUriResult, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, SharedInboxKeyDispatcher, WebFingerLinksDispatcher, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, respondWithObject, respondWithObjectIfAcceptable } from "./context-DZJhUmzF.js";
+import { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, ForwardActivityOptions, GetSignedKeyOptions, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseUriResult, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, SharedInboxKeyDispatcher, UnverifiedActivityHandler, UnverifiedActivityReason, WebFingerLinksDispatcher, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, respondWithObject, respondWithObjectIfAcceptable } from "./context--RwChtri.js";
 import { KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore } from "./kv-DXEUEP6z.js";
-import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "./mod-DosD6NsG.js";
-import { WebFingerHandlerParameters, handleWebFinger } from "./mod-DnSsduJF.js";
+import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "./mod-Z7lIaCfo.js";
+import { WebFingerHandlerParameters, handleWebFinger } from "./mod-DcfFNgYf.js";
 import "./mod-AGjRfPjT.js";
 import { mod_d_exports } from "./mod-D6HodEq7.js";
-import { CreateProofOptions, CreateSignatureOptions, SignJsonLdOptions, SignObjectOptions, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature } from "./mod-DUWcVv49.js";
-import { getAuthenticatedDocumentLoader, kvCache } from "./mod-CwZXZJ9d.js";
+import { CreateProofOptions, CreateSignatureOptions, SignJsonLdOptions, SignObjectOptions, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifySignatureOptions, attachSignature, createProof, createSignature, detachSignature, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature } from "./mod-CvxylbuV.js";
+import { getAuthenticatedDocumentLoader, kvCache } from "./mod-BugwI0JN.js";
 
 //#region src/mod.d.ts
 declare namespace mod_d_exports$1 {
-  export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CreateProofOptions, CreateSignatureOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, DoesActorOwnKeyOptions, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, FetchKeyOptions, FetchKeyResult, ForwardActivityOptions, GetKeyOwnerOptions, GetNodeInfoOptions, GetSignedKeyOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboundService, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, JsonValue, KeyCache, KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfo, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboundService, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseNodeInfoOptions, ParseUriResult, Protocol, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, Services, SharedInboxKeyDispatcher, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, Software, Usage, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestOptions, VerifySignatureOptions, WebFingerHandlerParameters, WebFingerLinksDispatcher, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifySignature };
+  export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CreateProofOptions, CreateSignatureOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, DoesActorOwnKeyOptions, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, ForwardActivityOptions, GetKeyOwnerOptions, GetNodeInfoOptions, GetSignedKeyOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboundService, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, JsonValue, KeyCache, KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfo, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboundService, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseNodeInfoOptions, ParseUriResult, Protocol, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, Services, SharedInboxKeyDispatcher, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, Software, UnverifiedActivityHandler, UnverifiedActivityReason, Usage, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, VerifySignatureOptions, WebFingerHandlerParameters, WebFingerLinksDispatcher, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };
 }
 __reExport(mod_d_exports$1, mod_d_exports);
 
 //#endregion
-export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CreateProofOptions, CreateSignatureOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, DoesActorOwnKeyOptions, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, FetchKeyOptions, FetchKeyResult, ForwardActivityOptions, GetKeyOwnerOptions, GetNodeInfoOptions, GetSignedKeyOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboundService, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, JsonValue, KeyCache, KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfo, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboundService, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseNodeInfoOptions, ParseUriResult, Protocol, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, Services, SharedInboxKeyDispatcher, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, Software, Usage, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestOptions, VerifySignatureOptions, WebFingerHandlerParameters, WebFingerLinksDispatcher, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifySignature };
+export { ActivityTransformer, ActorAliasMapper, ActorCallbackSetters, ActorDispatcher, ActorHandleMapper, ActorKeyPair, ActorKeyPairsDispatcher, AuthorizePredicate, CollectionCallbackSetters, CollectionCounter, CollectionCursor, CollectionDispatcher, ConstructorWithTypeId, Context, CreateExponentialBackoffPolicyOptions, CreateProofOptions, CreateSignatureOptions, CustomCollectionCallbackSetters, CustomCollectionCounter, CustomCollectionCursor, CustomCollectionDispatcher, DoesActorOwnKeyOptions, Federatable, Federation, FederationBuilder, FederationFetchOptions, FederationKvPrefixes, FederationOptions, FederationOrigin, FederationQueueOptions, FederationStartQueueOptions, FetchKeyDetailedResult, FetchKeyErrorResult, FetchKeyOptions, FetchKeyResult, ForwardActivityOptions, GetKeyOwnerOptions, GetNodeInfoOptions, GetSignedKeyOptions, HttpMessageSignaturesSpec, HttpMessageSignaturesSpecDeterminer, IdempotencyKeyCallback, IdempotencyStrategy, InProcessMessageQueue, InProcessMessageQueueOptions, InboundService, InboxContext, InboxErrorHandler, InboxListener, InboxListenerSetters, JsonValue, KeyCache, KvKey, KvStore, KvStoreListEntry, KvStoreSetOptions, MemoryKvStore, Message, MessageQueue, MessageQueueEnqueueOptions, MessageQueueListenOptions, NodeInfo, NodeInfoDispatcher, ObjectAuthorizePredicate, ObjectCallbackSetters, ObjectDispatcher, OutboundService, OutboxErrorHandler, OutboxPermanentFailureHandler, PageItems, ParallelMessageQueue, ParseNodeInfoOptions, ParseUriResult, Protocol, RequestContext, RespondWithObjectOptions, RetryContext, RetryPolicy, Rfc6570Expression, RouteActivityOptions, Router, RouterError, RouterOptions, RouterRouteResult, SendActivityError, SendActivityOptions, SendActivityOptionsForCollection, SenderKeyPair, Services, SharedInboxKeyDispatcher, SignJsonLdOptions, SignObjectOptions, SignRequestOptions, Software, UnverifiedActivityHandler, UnverifiedActivityReason, Usage, VerifyJsonLdOptions, VerifyObjectOptions, VerifyProofOptions, VerifyRequestDetailedResult, VerifyRequestFailureReason, VerifyRequestOptions, VerifySignatureOptions, WebFingerHandlerParameters, WebFingerLinksDispatcher, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };

package/dist/mod.js

@@ -5,12 +5,12 @@
 import { __export, __reExport } from "./chunk-DJNbSFdH.js";
 import { actorDehydrator, autoIdAssigner, getDefaultActivityTransformers } from "./transformers-C3FLHUd6.js";
 import "./compat-Bb4NuTUO.js";
-import { exportJwk, fetchKey, generateCryptoKeyPair, importJwk, signRequest, verifyRequest } from "./http-CSX1-Mgi.js";
-import { Router, RouterError, SendActivityError, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, handleWebFinger, respondWithObject, respondWithObjectIfAcceptable } from "./middleware-MlO5iUeZ.js";
-import { attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, getKeyOwner, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature } from "./proof-BgUVmaJz.js";
+import { exportJwk, fetchKey, fetchKeyDetailed, generateCryptoKeyPair, importJwk, signRequest, verifyRequest, verifyRequestDetailed } from "./http-DJmytoC2.js";
+import { Router, RouterError, SendActivityError, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, digest, handleWebFinger, respondWithObject, respondWithObjectIfAcceptable } from "./middleware-Ajnk9qHB.js";
+import { attachSignature, createProof, createSignature, detachSignature, doesActorOwnKey, getKeyOwner, signJsonLd, signObject, verifyJsonLd, verifyObject, verifyProof, verifySignature } from "./proof-Le4DAkqb.js";
 import { InProcessMessageQueue, MemoryKvStore, ParallelMessageQueue } from "./federation-DaMfqRm4.js";
 import { getNodeInfo, nodeInfoToJson, parseNodeInfo } from "./types-C93Ob9cU.js";
-import { getAuthenticatedDocumentLoader, kvCache } from "./kv-cache-CQPL_aGY.js";
+import { getAuthenticatedDocumentLoader, kvCache } from "./kv-cache-MPcS_mGG.js";
 import "./nodeinfo-DoESQxq5.js";
 import { runtime_exports } from "./runtime-poamPCMb.js";
 import "./sig-BNhspNOf.js";
@@ -39,6 +39,7 @@ __export(src_exports, {
 	doesActorOwnKey: () => doesActorOwnKey,
 	exportJwk: () => exportJwk,
 	fetchKey: () => fetchKey,
+	fetchKeyDetailed: () => fetchKeyDetailed,
 	generateCryptoKeyPair: () => generateCryptoKeyPair,
 	getAuthenticatedDocumentLoader: () => getAuthenticatedDocumentLoader,
 	getDefaultActivityTransformers: () => getDefaultActivityTransformers,
@@ -58,9 +59,10 @@ __export(src_exports, {
 	verifyObject: () => verifyObject,
 	verifyProof: () => verifyProof,
 	verifyRequest: () => verifyRequest,
+	verifyRequestDetailed: () => verifyRequestDetailed,
 	verifySignature: () => verifySignature
 });
 __reExport(src_exports, runtime_exports);
 
 //#endregion
-export { InProcessMessageQueue, MemoryKvStore, ParallelMessageQueue, Router, RouterError, SendActivityError, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifySignature };
+export { InProcessMessageQueue, MemoryKvStore, ParallelMessageQueue, Router, RouterError, SendActivityError, actorDehydrator, attachSignature, autoIdAssigner, buildCollectionSynchronizationHeader, createExponentialBackoffPolicy, createFederation, createFederationBuilder, createProof, createSignature, detachSignature, digest, doesActorOwnKey, exportJwk, fetchKey, fetchKeyDetailed, generateCryptoKeyPair, getAuthenticatedDocumentLoader, getDefaultActivityTransformers, getKeyOwner, getNodeInfo, handleWebFinger, importJwk, kvCache, nodeInfoToJson, parseNodeInfo, respondWithObject, respondWithObjectIfAcceptable, signJsonLd, signObject, signRequest, verifyJsonLd, verifyObject, verifyProof, verifyRequest, verifyRequestDetailed, verifySignature };

package/dist/nodeinfo/handler.test.js

@@ -8,25 +8,25 @@ import { assertEquals } from "../assert_equals-DSbWqCm3.js";
 import "../assert-MZs1qjMx.js";
 import "../assert_instance_of-DHz7EHNU.js";
 import { MemoryKvStore } from "../kv-QzKcOQgP.js";
-import "../deno-BYerLnry.js";
-import { createFederation, handleNodeInfo, handleNodeInfoJrd } from "../middleware-BelSJK7m.js";
+import "../deno-CQdJQjC5.js";
+import { createFederation, handleNodeInfo, handleNodeInfoJrd } from "../middleware-Dn9UDJZP.js";
 import "../client-Dg7OfUDA.js";
 import "../router-D9eI0s4b.js";
 import "../types-CPz01LGH.js";
-import "../key-DCdTVZiK.js";
-import "../http-S2U3qDwN.js";
-import "../ld-CrX7pQda.js";
-import "../owner-BAlnLKMO.js";
-import "../proof-DMgHaXNJ.js";
-import "../docloader-MSkogD2T.js";
+import "../key-DRgvVevp.js";
+import "../http-DK0CTomU.js";
+import "../ld-s9_8WfBc.js";
+import "../owner-Cx8gV-j4.js";
+import "../proof-CDr3NP3R.js";
+import "../docloader-Cyl0-S8m.js";
 import "../kv-cache-B__dHl7g.js";
-import "../inbox-BaA0g5I_.js";
-import "../builder-BHUnSQtB.js";
+import "../inbox-CWa6sqsk.js";
+import "../builder-CJkMYxxc.js";
 import "../collection-CcnIw1qY.js";
-import "../keycache-DRxpZ5r9.js";
+import "../keycache-C7k8s1Bk.js";
 import "../negotiation-5NPJL6zp.js";
 import "../retry-D4GJ670a.js";
-import "../send-B2aZYf9A.js";
+import "../send-DreBSY1U.js";
 import "../std__assert-DWivtrGR.js";
 import "../assert_rejects-Ce45JcFg.js";
 import "../assert_throws-BNXdRGWP.js";

package/dist/otel/exporter.test.js

@@ -137,11 +137,17 @@ var FedifySpanExporter = class {
 		const verified = attrs["activitypub.activity.verified"];
 		const httpSigVerified = attrs["http_signatures.verified"];
 		const httpSigKeyId = attrs["http_signatures.key_id"];
+		const httpSigFailureReason = attrs["http_signatures.failure_reason"];
+		const httpSigKeyFetchStatus = attrs["http_signatures.key_fetch_status"];
+		const httpSigKeyFetchError = attrs["http_signatures.key_fetch_error"];
 		const ldSigVerified = attrs["ld_signatures.verified"];
 		let signatureDetails;
-		if (typeof httpSigVerified === "boolean" || typeof ldSigVerified === "boolean") signatureDetails = {
+		if (typeof httpSigVerified === "boolean" || typeof ldSigVerified === "boolean" || typeof httpSigFailureReason === "string") signatureDetails = {
 			httpSignaturesVerified: httpSigVerified === true,
 			httpSignaturesKeyId: typeof httpSigKeyId === "string" && httpSigKeyId !== "" ? httpSigKeyId : void 0,
+			httpSignaturesFailureReason: typeof httpSigFailureReason === "string" && httpSigFailureReason !== "" ? httpSigFailureReason : void 0,
+			httpSignaturesKeyFetchStatus: typeof httpSigKeyFetchStatus === "number" ? httpSigKeyFetchStatus : void 0,
+			httpSignaturesKeyFetchError: typeof httpSigKeyFetchError === "string" && httpSigKeyFetchError !== "" ? httpSigKeyFetchError : void 0,
 			ldSignaturesVerified: ldSigVerified === true
 		};
 		return {
@@ -314,7 +320,10 @@ function createActivityReceivedEvent(options) {
 			"activitypub.activity.verified": options.verified ?? true,
 			"ld_signatures.verified": options.ldSigVerified ?? false,
 			"http_signatures.verified": options.httpSigVerified ?? true,
-			"http_signatures.key_id": options.httpSigKeyId ?? ""
+			"http_signatures.key_id": options.httpSigKeyId ?? "",
+			"http_signatures.failure_reason": options.httpSigFailureReason ?? "",
+			"http_signatures.key_fetch_status": options.httpSigKeyFetchStatus,
+			"http_signatures.key_fetch_error": options.httpSigKeyFetchError ?? ""
 		}
 	};
 }
@@ -866,6 +875,38 @@ test("FedifySpanExporter", async (t) => {
 		assertEquals(activities[0].signatureDetails?.httpSignaturesVerified, false);
 		assertEquals(activities[0].signatureDetails?.ldSignaturesVerified, true);
 	});
+	await t.step("extracts HTTP signature failure details for inbound activity", async () => {
+		const kv = new MemoryKvStore();
+		const exporter = new FedifySpanExporter(kv);
+		const activityJson = JSON.stringify({
+			"@context": "https://www.w3.org/ns/activitystreams",
+			type: "Delete",
+			id: "https://example.com/activities/unverified",
+			actor: "https://example.com/users/alice"
+		});
+		const span = createMockSpan({
+			traceId: "sig-failure-trace",
+			spanId: "span1",
+			name: "activitypub.inbox",
+			events: [createActivityReceivedEvent({
+				activityJson,
+				verified: false,
+				httpSigVerified: false,
+				httpSigKeyId: "https://example.com/users/alice#main-key",
+				httpSigFailureReason: "keyFetchError",
+				httpSigKeyFetchStatus: 410,
+				ldSigVerified: false
+			})]
+		});
+		await new Promise((resolve) => {
+			exporter.export([span], () => resolve());
+		});
+		const activities = await exporter.getActivitiesByTraceId("sig-failure-trace");
+		assertEquals(activities.length, 1);
+		assertEquals(activities[0].signatureDetails?.httpSignaturesFailureReason, "keyFetchError");
+		assertEquals(activities[0].signatureDetails?.httpSignaturesKeyFetchStatus, 410);
+		assertEquals(activities[0].signatureDetails?.httpSignaturesKeyFetchError, void 0);
+	});
 	await t.step("handles activity without actor field", async () => {
 		const kv = new MemoryKvStore();
 		const exporter = new FedifySpanExporter(kv);

package/dist/otel/mod.cjs

@@ -127,11 +127,17 @@ var FedifySpanExporter = class {
 		const verified = attrs["activitypub.activity.verified"];
 		const httpSigVerified = attrs["http_signatures.verified"];
 		const httpSigKeyId = attrs["http_signatures.key_id"];
+		const httpSigFailureReason = attrs["http_signatures.failure_reason"];
+		const httpSigKeyFetchStatus = attrs["http_signatures.key_fetch_status"];
+		const httpSigKeyFetchError = attrs["http_signatures.key_fetch_error"];
 		const ldSigVerified = attrs["ld_signatures.verified"];
 		let signatureDetails;
-		if (typeof httpSigVerified === "boolean" || typeof ldSigVerified === "boolean") signatureDetails = {
+		if (typeof httpSigVerified === "boolean" || typeof ldSigVerified === "boolean" || typeof httpSigFailureReason === "string") signatureDetails = {
 			httpSignaturesVerified: httpSigVerified === true,
 			httpSignaturesKeyId: typeof httpSigKeyId === "string" && httpSigKeyId !== "" ? httpSigKeyId : void 0,
+			httpSignaturesFailureReason: typeof httpSigFailureReason === "string" && httpSigFailureReason !== "" ? httpSigFailureReason : void 0,
+			httpSignaturesKeyFetchStatus: typeof httpSigKeyFetchStatus === "number" ? httpSigKeyFetchStatus : void 0,
+			httpSignaturesKeyFetchError: typeof httpSigKeyFetchError === "string" && httpSigKeyFetchError !== "" ? httpSigKeyFetchError : void 0,
 			ldSignaturesVerified: ldSigVerified === true
 		};
 		return {

package/dist/otel/mod.d.cts

@@ -24,6 +24,18 @@ interface SignatureVerificationDetails {
   */
   readonly httpSignaturesKeyId?: string;
   /**
+  * The reason why HTTP signature verification failed, if available.
+  */
+  readonly httpSignaturesFailureReason?: string;
+  /**
+  * The HTTP status code from a failed key fetch, if available.
+  */
+  readonly httpSignaturesKeyFetchStatus?: number;
+  /**
+  * The error type from a non-HTTP key fetch failure, if available.
+  */
+  readonly httpSignaturesKeyFetchError?: string;
+  /**
   * Whether Linked Data Signatures were verified.
   */
   readonly ldSignaturesVerified: boolean;