@grantex/sdk 0.1.0

package/dist/types.d.ts

@@ -0,0 +1,440 @@
+export interface GrantexClientOptions {
+    /** Grantex API key. Defaults to GRANTEX_API_KEY env variable. */
+    apiKey?: string;
+    /** Base URL for the Grantex API. Defaults to https://api.grantex.dev */
+    baseUrl?: string;
+    /** Request timeout in milliseconds. Defaults to 30000. */
+    timeout?: number;
+}
+export interface RegisterAgentParams {
+    name: string;
+    description: string;
+    scopes: string[];
+}
+export interface UpdateAgentParams {
+    name?: string;
+    description?: string;
+    scopes?: string[];
+}
+export interface Agent {
+    id: string;
+    did: string;
+    name: string;
+    description: string;
+    scopes: string[];
+    status: 'active' | 'suspended' | 'revoked';
+    developerId: string;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface ListAgentsResponse {
+    agents: Agent[];
+    total: number;
+    page: number;
+    pageSize: number;
+}
+export interface AuthorizeParams {
+    agentId: string;
+    /** Your app's user identifier — mapped to principalId in the request body. */
+    userId: string;
+    scopes: string[];
+    expiresIn?: string;
+    redirectUri?: string;
+}
+export interface AuthorizationRequest {
+    authRequestId: string;
+    consentUrl: string;
+    agentId: string;
+    principalId: string;
+    scopes: string[];
+    expiresIn: string;
+    expiresAt: string;
+    status: 'pending' | 'approved' | 'denied' | 'expired';
+    createdAt: string;
+}
+export interface Grant {
+    id: string;
+    agentId: string;
+    agentDid: string;
+    principalId: string;
+    developerId: string;
+    scopes: string[];
+    status: 'active' | 'revoked' | 'expired';
+    issuedAt: string;
+    expiresAt: string;
+    revokedAt?: string;
+}
+export interface ListGrantsParams {
+    agentId?: string;
+    principalId?: string;
+    status?: 'active' | 'revoked' | 'expired';
+    page?: number;
+    pageSize?: number;
+}
+export interface ListGrantsResponse {
+    grants: Grant[];
+    total: number;
+    page: number;
+    pageSize: number;
+}
+export interface VerifiedGrant {
+    /** Grant/token unique ID (jti claim) */
+    tokenId: string;
+    /** Grant record ID */
+    grantId: string;
+    /** The end-user who authorized this agent (sub claim) */
+    principalId: string;
+    /** The agent's DID (agt claim) */
+    agentDid: string;
+    /** Developer org (dev claim) */
+    developerId: string;
+    /** Granted scopes (scp claim) */
+    scopes: string[];
+    /** Token issued-at timestamp (seconds since epoch) */
+    issuedAt: number;
+    /** Token expiry timestamp (seconds since epoch) */
+    expiresAt: number;
+    /** Parent agent DID (delegated grants only) */
+    parentAgentDid?: string;
+    /** Parent grant ID (delegated grants only) */
+    parentGrantId?: string;
+    /** Delegation depth (0 = root, n = nth-level delegation) */
+    delegationDepth?: number;
+}
+export interface DelegateParams {
+    parentGrantToken: string;
+    subAgentId: string;
+    scopes: string[];
+    expiresIn?: string;
+}
+export interface VerifyTokenResponse {
+    valid: boolean;
+    grantId?: string;
+    scopes?: string[];
+    principal?: string;
+    agent?: string;
+    expiresAt?: string;
+}
+export interface LogAuditParams {
+    agentId: string;
+    grantId: string;
+    action: string;
+    metadata?: Record<string, unknown>;
+    status?: 'success' | 'failure' | 'blocked';
+}
+export interface AuditEntry {
+    entryId: string;
+    agentId: string;
+    agentDid: string;
+    grantId: string;
+    principalId: string;
+    action: string;
+    metadata: Record<string, unknown>;
+    hash: string;
+    prevHash: string | null;
+    timestamp: string;
+    status: 'success' | 'failure' | 'blocked';
+}
+export interface ListAuditParams {
+    agentId?: string;
+    grantId?: string;
+    principalId?: string;
+    action?: string;
+    since?: string;
+    until?: string;
+    page?: number;
+    pageSize?: number;
+}
+export interface ListAuditResponse {
+    entries: AuditEntry[];
+    total: number;
+    page: number;
+    pageSize: number;
+}
+export type WebhookEventType = 'grant.created' | 'grant.revoked' | 'token.issued';
+export interface CreateWebhookParams {
+    url: string;
+    events: WebhookEventType[];
+}
+export interface WebhookEndpoint {
+    id: string;
+    url: string;
+    events: WebhookEventType[];
+    createdAt: string;
+}
+export interface WebhookEndpointWithSecret extends WebhookEndpoint {
+    secret: string;
+}
+export interface ListWebhooksResponse {
+    webhooks: WebhookEndpoint[];
+}
+export interface VerifyGrantTokenOptions {
+    jwksUri: string;
+    requiredScopes?: string[];
+    audience?: string;
+    /** @internal override clock for testing */
+    clockTolerance?: number;
+}
+export interface GrantTokenPayload {
+    iss: string;
+    sub: string;
+    agt: string;
+    dev: string;
+    scp: string[];
+    iat: number;
+    exp: number;
+    jti: string;
+    /** Grant record ID embedded as a custom claim */
+    grnt?: string;
+    parentAgt?: string;
+    parentGrnt?: string;
+    delegationDepth?: number;
+}
+export interface SubscriptionStatus {
+    plan: 'free' | 'pro' | 'enterprise';
+    status: 'active' | 'past_due' | 'canceled';
+    currentPeriodEnd: string | null;
+}
+export interface CreateCheckoutParams {
+    plan: 'pro' | 'enterprise';
+    successUrl: string;
+    cancelUrl: string;
+}
+export interface CheckoutResponse {
+    checkoutUrl: string;
+}
+export interface CreatePortalParams {
+    returnUrl: string;
+}
+export interface PortalResponse {
+    portalUrl: string;
+}
+export interface Policy {
+    id: string;
+    name: string;
+    effect: 'allow' | 'deny';
+    priority: number;
+    agentId: string | null;
+    principalId: string | null;
+    scopes: string[] | null;
+    timeOfDayStart: string | null;
+    timeOfDayEnd: string | null;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface CreatePolicyParams {
+    name: string;
+    effect: 'allow' | 'deny';
+    priority?: number;
+    agentId?: string;
+    principalId?: string;
+    scopes?: string[];
+    timeOfDayStart?: string;
+    timeOfDayEnd?: string;
+}
+export interface UpdatePolicyParams {
+    name?: string;
+    effect?: 'allow' | 'deny';
+    priority?: number;
+    agentId?: string | null;
+    principalId?: string | null;
+    scopes?: string[] | null;
+    timeOfDayStart?: string | null;
+    timeOfDayEnd?: string | null;
+}
+export interface ListPoliciesResponse {
+    policies: Policy[];
+    total: number;
+}
+export interface ComplianceSummary {
+    generatedAt: string;
+    since?: string;
+    until?: string;
+    agents: {
+        total: number;
+        active: number;
+        suspended: number;
+        revoked: number;
+    };
+    grants: {
+        total: number;
+        active: number;
+        revoked: number;
+        expired: number;
+    };
+    auditEntries: {
+        total: number;
+        success: number;
+        failure: number;
+        blocked: number;
+    };
+    policies: {
+        total: number;
+    };
+    plan: string;
+}
+export interface ComplianceExportGrantsParams {
+    since?: string;
+    until?: string;
+    status?: 'active' | 'revoked' | 'expired';
+}
+export interface ComplianceExportAuditParams {
+    since?: string;
+    until?: string;
+    agentId?: string;
+    status?: 'success' | 'failure' | 'blocked';
+}
+export interface ComplianceGrantsExport {
+    generatedAt: string;
+    total: number;
+    grants: Grant[];
+}
+export interface ComplianceAuditExport {
+    generatedAt: string;
+    total: number;
+    entries: AuditEntry[];
+}
+export interface EvidencePackParams {
+    since?: string;
+    until?: string;
+    framework?: 'soc2' | 'gdpr' | 'all';
+}
+export interface ChainIntegrity {
+    valid: boolean;
+    checkedEntries: number;
+    firstBrokenAt: string | null;
+}
+export interface EvidencePack {
+    meta: {
+        schemaVersion: '1.0';
+        generatedAt: string;
+        since?: string;
+        until?: string;
+        framework: 'soc2' | 'gdpr' | 'all';
+    };
+    summary: {
+        agents: {
+            total: number;
+            active: number;
+            suspended: number;
+            revoked: number;
+        };
+        grants: {
+            total: number;
+            active: number;
+            revoked: number;
+            expired: number;
+        };
+        auditEntries: {
+            total: number;
+            success: number;
+            failure: number;
+            blocked: number;
+        };
+        policies: {
+            total: number;
+        };
+        plan: string;
+    };
+    grants: Grant[];
+    auditEntries: AuditEntry[];
+    policies: Policy[];
+    chainIntegrity: ChainIntegrity;
+}
+export type AnomalyType = 'rate_spike' | 'high_failure_rate' | 'new_principal' | 'off_hours_activity';
+export type AnomalySeverity = 'low' | 'medium' | 'high';
+export interface Anomaly {
+    id: string;
+    type: AnomalyType;
+    severity: AnomalySeverity;
+    agentId: string | null;
+    principalId: string | null;
+    description: string;
+    metadata: Record<string, unknown>;
+    detectedAt: string;
+    acknowledgedAt: string | null;
+}
+export interface DetectAnomaliesResponse {
+    detectedAt: string;
+    total: number;
+    anomalies: Anomaly[];
+}
+export interface ListAnomaliesResponse {
+    anomalies: Anomaly[];
+    total: number;
+}
+export interface ScimEmail {
+    value: string;
+    primary?: boolean;
+}
+export interface ScimUserMeta {
+    resourceType: string;
+    created: string;
+    lastModified: string;
+}
+export interface ScimUser {
+    id: string;
+    externalId?: string;
+    userName: string;
+    displayName?: string;
+    active: boolean;
+    emails: ScimEmail[];
+    meta: ScimUserMeta;
+}
+export interface ScimListResponse {
+    totalResults: number;
+    startIndex: number;
+    itemsPerPage: number;
+    Resources: ScimUser[];
+}
+export interface CreateScimUserParams {
+    userName: string;
+    displayName?: string;
+    externalId?: string;
+    emails?: ScimEmail[];
+    active?: boolean;
+}
+export interface UpdateScimUserParams {
+    userName?: string;
+    displayName?: string;
+    active?: boolean;
+    emails?: ScimEmail[];
+}
+export interface ScimToken {
+    id: string;
+    label: string;
+    createdAt: string;
+    lastUsedAt: string | null;
+}
+export interface ScimTokenWithSecret extends ScimToken {
+    token: string;
+}
+export interface CreateScimTokenParams {
+    label: string;
+}
+export interface ListScimTokensResponse {
+    tokens: ScimToken[];
+}
+export interface SsoConfig {
+    issuerUrl: string;
+    clientId: string;
+    redirectUri: string;
+    createdAt: string;
+    updatedAt: string;
+}
+export interface CreateSsoConfigParams {
+    issuerUrl: string;
+    clientId: string;
+    clientSecret: string;
+    redirectUri: string;
+}
+export interface SsoLoginResponse {
+    authorizeUrl: string;
+}
+export interface SsoCallbackResponse {
+    email: string | null;
+    name: string | null;
+    sub: string | null;
+    developerId: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,oBAAoB;IACnC,iEAAiE;IACjE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,wEAAwE;IACxE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,0DAA0D;IAC1D,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAID,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,iBAAiB;IAChC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,MAAM,EAAE,QAAQ,GAAG,WAAW,GAAG,SAAS,CAAC;IAC3C,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,KAAK,EAAE,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;CAClB;AAID,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,8EAA8E;IAC9E,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,oBAAoB;IACnC,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,SAAS,GAAG,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAC;IACtD,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,WAAW,KAAK;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,MAAM,EAAE,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;IAC1C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,KAAK,EAAE,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,wCAAwC;IACxC,OAAO,EAAE,MAAM,CAAC;IAChB,sBAAsB;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,yDAAyD;IACzD,WAAW,EAAE,MAAM,CAAC;IACpB,kCAAkC;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,gCAAgC;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,iCAAiC;IACjC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,sDAAsD;IACtD,QAAQ,EAAE,MAAM,CAAC;IACjB,mDAAmD;IACnD,SAAS,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,8CAA8C;IAC9C,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,4DAA4D;IAC5D,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,cAAc;IAC7B,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAID,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,OAAO,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAID,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnC,MAAM,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;CAC5C;AAED,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;CAC3C;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,UAAU,EAAE,CAAC;IACtB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;CAClB;AAID,MAAM,MAAM,gBAAgB,GAAG,eAAe,GAAG,eAAe,GAAG,cAAc,CAAC;AAElF,MAAM,WAAW,mBAAmB;IAClC,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,gBAAgB,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,yBAA0B,SAAQ,eAAe;IAChE,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,eAAe,EAAE,CAAC;CAC7B;AAID,MAAM,WAAW,uBAAuB;IACtC,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,2CAA2C;IAC3C,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAID,MAAM,WAAW,iBAAiB;IAChC,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,EAAE,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,iDAAiD;IACjD,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAID,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,GAAG,KAAK,GAAG,YAAY,CAAC;IACpC,MAAM,EAAE,QAAQ,GAAG,UAAU,GAAG,UAAU,CAAC;IAC3C,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;CACjC;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,KAAK,GAAG,YAAY,CAAC;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,WAAW,MAAM;IACrB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,OAAO,GAAG,MAAM,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACxB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IAC9B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,OAAO,GAAG,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,OAAO,GAAG,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,MAAM,CAAC,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACzB,cAAc,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CAC9B;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;CACf;AAID,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAC9E,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IAC5E,YAAY,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC;IACnF,QAAQ,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAC5B,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,4BAA4B;IAC3C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;CAC3C;AAED,MAAM,WAAW,2BAA2B;IAC1C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;CAC5C;AAED,MAAM,WAAW,sBAAsB;IACrC,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,KAAK,EAAE,CAAC;CACjB;AAED,MAAM,WAAW,qBAAqB;IACpC,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,UAAU,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,KAAK,CAAC;CACrC;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,OAAO,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;CAC9B;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE;QACJ,aAAa,EAAE,KAAK,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,KAAK,CAAC;KACpC,CAAC;IACF,OAAO,EAAE;QACP,MAAM,EAAE;YAAE,KAAK,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC;QAC9E,MAAM,EAAE;YAAE,KAAK,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC;QAC5E,YAAY,EAAE;YAAE,KAAK,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC;QACnF,QAAQ,EAAE;YAAE,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QAC5B,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,MAAM,EAAE,KAAK,EAAE,CAAC;IAChB,YAAY,EAAE,UAAU,EAAE,CAAC;IAC3B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,cAAc,EAAE,cAAc,CAAC;CAChC;AAID,MAAM,MAAM,WAAW,GAAG,YAAY,GAAG,mBAAmB,GAAG,eAAe,GAAG,oBAAoB,CAAC;AACtG,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;AAExD,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,WAAW,CAAC;IAClB,QAAQ,EAAE,eAAe,CAAC;IAC1B,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;CAC/B;AAED,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,OAAO,EAAE,CAAC;CACtB;AAED,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,OAAO,EAAE,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf;AAID,MAAM,WAAW,SAAS;IACxB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,OAAO,CAAC;IAChB,MAAM,EAAE,SAAS,EAAE,CAAC;IACpB,IAAI,EAAE,YAAY,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,SAAS,EAAE,QAAQ,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,SAAS,EAAE,CAAC;IACrB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,SAAS,EAAE,CAAC;CACtB;AAED,MAAM,WAAW,SAAS;IACxB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED,MAAM,WAAW,mBAAoB,SAAQ,SAAS;IACpD,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,SAAS,EAAE,CAAC;CACrB;AAID,MAAM,WAAW,SAAS;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB"}

package/dist/types.js

@@ -0,0 +1,3 @@
+// ─── Client configuration ────────────────────────────────────────────────────
+export {};
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,gFAAgF"}

package/dist/verify.d.ts

@@ -0,0 +1,17 @@
+import type { VerifiedGrant, VerifyGrantTokenOptions } from './types.js';
+/**
+ * Verify a Grantex grant token offline using the published JWKS.
+ * Algorithm is fixed to RS256 per SPEC §11 and cannot be overridden.
+ *
+ * @throws {GrantexTokenError} if the token is invalid, expired, or missing required scopes.
+ */
+export declare function verifyGrantToken(token: string, options: VerifyGrantTokenOptions): Promise<VerifiedGrant>;
+/**
+ * Decode a grant token (without re-verifying the signature) and map it to
+ * a VerifiedGrant shape. Used by GrantsClient.verify() to fill fields the
+ * API summary response may omit.
+ *
+ * @internal
+ */
+export declare function mapOnlineVerifyToVerifiedGrant(token: string): VerifiedGrant;
+//# sourceMappingURL=verify.d.ts.map

package/dist/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,aAAa,EAAE,uBAAuB,EAAqB,MAAM,YAAY,CAAC;AAE5F;;;;;GAKG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,uBAAuB,GAC/B,OAAO,CAAC,aAAa,CAAC,CAiCxB;AAED;;;;;;GAMG;AACH,wBAAgB,8BAA8B,CAAC,KAAK,EAAE,MAAM,GAAG,aAAa,CAS3E"}

package/dist/verify.js

@@ -0,0 +1,80 @@
+import { createRemoteJWKSet, jwtVerify, decodeJwt } from 'jose';
+import { GrantexTokenError } from './errors.js';
+/**
+ * Verify a Grantex grant token offline using the published JWKS.
+ * Algorithm is fixed to RS256 per SPEC §11 and cannot be overridden.
+ *
+ * @throws {GrantexTokenError} if the token is invalid, expired, or missing required scopes.
+ */
+export async function verifyGrantToken(token, options) {
+    const jwks = createRemoteJWKSet(new URL(options.jwksUri));
+    let payload;
+    try {
+        const jwtOptions = {
+            algorithms: ['RS256'],
+            ...(options.clockTolerance !== undefined
+                ? { clockTolerance: options.clockTolerance }
+                : {}),
+            ...(options.audience !== undefined
+                ? { audience: options.audience }
+                : {}),
+        };
+        const result = await jwtVerify(token, jwks, jwtOptions);
+        payload = result.payload;
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        throw new GrantexTokenError(`Grant token verification failed: ${message}`);
+    }
+    const requiredScopes = options.requiredScopes ?? [];
+    if (requiredScopes.length > 0) {
+        const missing = requiredScopes.filter((s) => !payload.scp.includes(s));
+        if (missing.length > 0) {
+            throw new GrantexTokenError(`Grant token is missing required scopes: ${missing.join(', ')}`);
+        }
+    }
+    return payloadToVerifiedGrant(payload);
+}
+/**
+ * Decode a grant token (without re-verifying the signature) and map it to
+ * a VerifiedGrant shape. Used by GrantsClient.verify() to fill fields the
+ * API summary response may omit.
+ *
+ * @internal
+ */
+export function mapOnlineVerifyToVerifiedGrant(token) {
+    let payload;
+    try {
+        payload = decodeJwt(token);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        throw new GrantexTokenError(`Failed to decode grant token: ${message}`);
+    }
+    return payloadToVerifiedGrant(payload);
+}
+function payloadToVerifiedGrant(payload) {
+    if (typeof payload.jti !== 'string' ||
+        typeof payload.sub !== 'string' ||
+        typeof payload.agt !== 'string' ||
+        typeof payload.dev !== 'string' ||
+        !Array.isArray(payload.scp) ||
+        typeof payload.iat !== 'number' ||
+        typeof payload.exp !== 'number') {
+        throw new GrantexTokenError('Grant token is missing required claims (jti, sub, agt, dev, scp, iat, exp)');
+    }
+    return {
+        tokenId: payload.jti,
+        grantId: payload.grnt ?? payload.jti,
+        principalId: payload.sub,
+        agentDid: payload.agt,
+        developerId: payload.dev,
+        scopes: payload.scp,
+        issuedAt: payload.iat,
+        expiresAt: payload.exp,
+        ...(payload.parentAgt !== undefined ? { parentAgentDid: payload.parentAgt } : {}),
+        ...(payload.parentGrnt !== undefined ? { parentGrantId: payload.parentGrnt } : {}),
+        ...(payload.delegationDepth !== undefined ? { delegationDepth: payload.delegationDepth } : {}),
+    };
+}
+//# sourceMappingURL=verify.js.map

package/dist/verify.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.js","sourceRoot":"","sources":["../src/verify.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAChE,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAGhD;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAa,EACb,OAAgC;IAEhC,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;IAE1D,IAAI,OAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,MAAM,UAAU,GAAG;YACjB,UAAU,EAAE,CAAC,OAAO,CAAa;YACjC,GAAG,CAAC,OAAO,CAAC,cAAc,KAAK,SAAS;gBACtC,CAAC,CAAC,EAAE,cAAc,EAAE,OAAO,CAAC,cAAc,EAAE;gBAC5C,CAAC,CAAC,EAAE,CAAC;YACP,GAAG,CAAC,OAAO,CAAC,QAAQ,KAAK,SAAS;gBAChC,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE;gBAChC,CAAC,CAAC,EAAE,CAAC;SACR,CAAC;QACF,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;QACxD,OAAO,GAAG,MAAM,CAAC,OAAuC,CAAC;IAC3D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GACX,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACnD,MAAM,IAAI,iBAAiB,CAAC,oCAAoC,OAAO,EAAE,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,cAAc,GAAG,OAAO,CAAC,cAAc,IAAI,EAAE,CAAC;IACpD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACvE,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,iBAAiB,CACzB,2CAA2C,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAChE,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,sBAAsB,CAAC,OAAO,CAAC,CAAC;AACzC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,8BAA8B,CAAC,KAAa;IAC1D,IAAI,OAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,OAAO,GAAG,SAAS,CAAC,KAAK,CAAiC,CAAC;IAC7D,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,IAAI,iBAAiB,CAAC,iCAAiC,OAAO,EAAE,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,sBAAsB,CAAC,OAAO,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,sBAAsB,CAAC,OAA0B;IACxD,IACE,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC/B,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC/B,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC/B,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC/B,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC;QAC3B,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ;QAC/B,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,EAC/B,CAAC;QACD,MAAM,IAAI,iBAAiB,CACzB,4EAA4E,CAC7E,CAAC;IACJ,CAAC;IAED,OAAO;QACL,OAAO,EAAE,OAAO,CAAC,GAAG;QACpB,OAAO,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG;QACpC,WAAW,EAAE,OAAO,CAAC,GAAG;QACxB,QAAQ,EAAE,OAAO,CAAC,GAAG;QACrB,WAAW,EAAE,OAAO,CAAC,GAAG;QACxB,MAAM,EAAE,OAAO,CAAC,GAAG;QACnB,QAAQ,EAAE,OAAO,CAAC,GAAG;QACrB,SAAS,EAAE,OAAO,CAAC,GAAG;QACtB,GAAG,CAAC,OAAO,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjF,GAAG,CAAC,OAAO,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAClF,GAAG,CAAC,OAAO,CAAC,eAAe,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,OAAO,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC/F,CAAC;AACJ,CAAC"}

package/dist/webhook.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Verify that a webhook payload was sent by Grantex.
+ *
+ * @param payload   - The raw request body string (or Buffer) received from Grantex.
+ * @param signature - The value of the `X-Grantex-Signature` header.
+ * @param secret    - The webhook secret returned when the endpoint was created.
+ * @returns `true` if the signature is valid, `false` otherwise.
+ */
+export declare function verifyWebhookSignature(payload: string | Buffer, signature: string, secret: string): boolean;
+//# sourceMappingURL=webhook.d.ts.map

package/dist/webhook.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../src/webhook.ts"],"names":[],"mappings":"AAEA;;;;;;;GAOG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,MAAM,GAAG,MAAM,EACxB,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,GACb,OAAO,CAQT"}

package/dist/webhook.js

@@ -0,0 +1,19 @@
+import { createHmac, timingSafeEqual } from 'node:crypto';
+/**
+ * Verify that a webhook payload was sent by Grantex.
+ *
+ * @param payload   - The raw request body string (or Buffer) received from Grantex.
+ * @param signature - The value of the `X-Grantex-Signature` header.
+ * @param secret    - The webhook secret returned when the endpoint was created.
+ * @returns `true` if the signature is valid, `false` otherwise.
+ */
+export function verifyWebhookSignature(payload, signature, secret) {
+    const expected = 'sha256=' + createHmac('sha256', secret).update(payload).digest('hex');
+    try {
+        return timingSafeEqual(Buffer.from(signature), Buffer.from(expected));
+    }
+    catch {
+        return false;
+    }
+}
+//# sourceMappingURL=webhook.js.map

package/dist/webhook.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhook.js","sourceRoot":"","sources":["../src/webhook.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE1D;;;;;;;GAOG;AACH,MAAM,UAAU,sBAAsB,CACpC,OAAwB,EACxB,SAAiB,EACjB,MAAc;IAEd,MAAM,QAAQ,GACZ,SAAS,GAAG,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACzE,IAAI,CAAC;QACH,OAAO,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACxE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}

package/package.json

@@ -0,0 +1,42 @@
+{
+  "name": "@grantex/sdk",
+  "version": "0.1.0",
+  "description": "TypeScript SDK for the Grantex delegated authorization protocol",
+  "type": "module",
+  "exports": {
+    ".": {
+      "import": "./dist/index.js",
+      "types": "./dist/index.d.ts"
+    }
+  },
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "files": [
+    "dist"
+  ],
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "typecheck": "tsc --noEmit",
+    "test": "vitest run",
+    "test:watch": "vitest"
+  },
+  "dependencies": {
+    "jose": "^5.2.4"
+  },
+  "overrides": {
+    "esbuild": ">=0.25.0"
+  },
+  "devDependencies": {
+    "@types/node": "^20.11.0",
+    "typescript": "^5.3.3",
+    "vitest": "^1.3.1"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mishrasanjeev/grantex"
+  }
+}