@id-wispera/core 0.1.0

package/dist/integrations/openai-agents.js

@@ -0,0 +1,95 @@
+/**
+ * ID Wispera OpenAI Agents SDK Integration
+ * Credential provider for the OpenAI Agents SDK
+ *
+ * Manages API keys for agent initialization, tool credential injection,
+ * and multi-agent handoffs with scoped credentials.
+ *
+ * Usage:
+ *   import { WisperaOpenAIAgentProvider } from '@id-wispera/core';
+ *
+ *   const provider = new WisperaOpenAIAgentProvider({ vault });
+ *   const apiKey = await provider.getAgentKey('coding-agent');
+ */
+import { WisperaCredentialProvider } from './base.js';
+/**
+ * OpenAI Agents SDK credential provider.
+ * Manages governed credentials for OpenAI agents, tools, and handoffs.
+ */
+export class WisperaOpenAIAgentProvider extends WisperaCredentialProvider {
+    constructor(config) {
+        super({ ...config, actor: config.actor ?? 'openai-agents' });
+    }
+    /**
+     * Get an API key for agent initialization.
+     * Looks up a passport by name and returns the key for use with the Agents SDK.
+     */
+    async getAgentKey(passportName = 'openai') {
+        return this.getValue(passportName, {
+            platform: 'openai',
+            purpose: 'Agent initialization',
+        });
+    }
+    /**
+     * Get OpenAI-specific agent configuration.
+     * Returns model and API key for agent setup.
+     */
+    async getAgentConfig(passportName = 'openai', model) {
+        const config = await this.getLLMConfig(passportName, model);
+        if (!config.model) {
+            config.model = 'gpt-4';
+        }
+        config.provider = 'openai';
+        return config;
+    }
+    /**
+     * Get credentials for a tool that the agent will use.
+     * Returns auth details formatted for tool configuration.
+     */
+    async getToolAuth(toolPassportName, options) {
+        const result = await this.get(toolPassportName, {
+            purpose: `Tool authentication for ${toolPassportName}`,
+        });
+        return {
+            tool: toolPassportName,
+            credential: result.value,
+            headerName: options?.headerName ?? 'Authorization',
+            headerTemplate: options?.headerTemplate ?? `Bearer ${result.value}`,
+        };
+    }
+    /**
+     * Get scoped credentials for an agent handoff.
+     * Validates that the target agent is permitted in the delegation chain
+     * and returns the credential if the scope is allowed.
+     */
+    async getHandoffCredential(passportName, handoff) {
+        const result = await this.get(passportName, {
+            purpose: `Handoff to agent: ${handoff.targetAgent}`,
+        });
+        // Validate scope if specified
+        if (handoff.allowedScopes && handoff.allowedScopes.length > 0) {
+            const passportScopes = result.passport.scope;
+            const permitted = handoff.allowedScopes.every((s) => passportScopes.includes(s));
+            if (!permitted) {
+                throw new Error(`Scope not permitted for handoff to ${handoff.targetAgent}. ` +
+                    `Requested: [${handoff.allowedScopes.join(', ')}], ` +
+                    `Available: [${passportScopes.join(', ')}]`);
+            }
+        }
+        return result;
+    }
+    /**
+     * Get multiple tool credentials at once for agent setup.
+     * Returns a map of tool name to credential value.
+     */
+    async getToolCredentials(toolPassportMap) {
+        const results = {};
+        for (const [toolName, passportName] of Object.entries(toolPassportMap)) {
+            results[toolName] = await this.getValue(passportName, {
+                purpose: `Tool credential for ${toolName}`,
+            });
+        }
+        return results;
+    }
+}
+//# sourceMappingURL=openai-agents.js.map

package/dist/integrations/openai-agents.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"openai-agents.js","sourceRoot":"","sources":["../../src/integrations/openai-agents.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,yBAAyB,EAAE,MAAM,WAAW,CAAC;AA6BtD;;;GAGG;AACH,MAAM,OAAO,0BAA2B,SAAQ,yBAAyB;IACvE,YAAY,MAAyB;QACnC,KAAK,CAAC,EAAE,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,eAAe,EAAE,CAAC,CAAC;IAC/D,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAW,CAAC,eAAuB,QAAQ;QAC/C,OAAO,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE;YACjC,QAAQ,EAAE,QAAQ;YAClB,OAAO,EAAE,sBAAsB;SAChC,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,cAAc,CAClB,eAAuB,QAAQ,EAC/B,KAAc;QAEd,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QAC5D,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YAClB,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC;QACzB,CAAC;QACD,MAAM,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAC3B,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,WAAW,CACf,gBAAwB,EACxB,OAA0D;QAE1D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,gBAAgB,EAAE;YAC9C,OAAO,EAAE,2BAA2B,gBAAgB,EAAE;SACvD,CAAC,CAAC;QAEH,OAAO;YACL,IAAI,EAAE,gBAAgB;YACtB,UAAU,EAAE,MAAM,CAAC,KAAK;YACxB,UAAU,EAAE,OAAO,EAAE,UAAU,IAAI,eAAe;YAClD,cAAc,EAAE,OAAO,EAAE,cAAc,IAAI,UAAU,MAAM,CAAC,KAAK,EAAE;SACpE,CAAC;IACJ,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,oBAAoB,CACxB,YAAoB,EACpB,OAAqB;QAErB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE;YAC1C,OAAO,EAAE,qBAAqB,OAAO,CAAC,WAAW,EAAE;SACpD,CAAC,CAAC;QAEH,8BAA8B;QAC9B,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC7C,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAClD,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,CAC3B,CAAC;YACF,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,MAAM,IAAI,KAAK,CACb,sCAAsC,OAAO,CAAC,WAAW,IAAI;oBAC7D,eAAe,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK;oBACpD,eAAe,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAC5C,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,kBAAkB,CACtB,eAAuC;QAEvC,MAAM,OAAO,GAA2B,EAAE,CAAC;QAE3C,KAAK,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,EAAE,CAAC;YACvE,OAAO,CAAC,QAAQ,CAAC,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE;gBACpD,OAAO,EAAE,uBAAuB,QAAQ,EAAE;aAC3C,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;CACF"}

package/dist/integrations/slack.d.ts

@@ -0,0 +1,59 @@
+/**
+ * ID Wispera Slack Integration
+ * Manages Slack bot tokens, webhook URLs, and app-level tokens as governed passports
+ *
+ * Usage:
+ *   import { WisperaSlackProvider } from '@id-wispera/core';
+ *
+ *   const provider = new WisperaSlackProvider({ vault });
+ *   const botToken = await provider.getBotToken('my-slack-bot');
+ */
+import { WisperaCredentialProvider } from './base.js';
+import type { IntegrationConfig, SlackCredentialResult, AvailableCredential } from './types.js';
+/**
+ * Slack credential provider.
+ * Manages bot tokens, user tokens, app-level tokens, and webhook URLs.
+ */
+export declare class WisperaSlackProvider extends WisperaCredentialProvider {
+    constructor(config: IntegrationConfig);
+    /**
+     * Get a Slack bot token (xoxb-...)
+     */
+    getBotToken(passportName?: string): Promise<string>;
+    /**
+     * Get a Slack app-level token (xapp-...)
+     */
+    getAppToken(passportName?: string): Promise<string>;
+    /**
+     * Get a Slack user token (xoxp-...)
+     */
+    getUserToken(passportName?: string): Promise<string>;
+    /**
+     * Get a Slack webhook URL
+     */
+    getWebhookUrl(passportName?: string): Promise<string>;
+    /**
+     * Get a typed Slack credential with token type detection
+     */
+    getSlackCredential(passportName: string): Promise<SlackCredentialResult>;
+    /**
+     * List all available Slack credentials
+     */
+    listSlackCredentials(): Promise<AvailableCredential[]>;
+    /**
+     * Get multiple Slack tokens at once (e.g., bot + app tokens for Socket Mode)
+     */
+    getSocketModeTokens(botPassportName?: string, appPassportName?: string): Promise<{
+        botToken: string;
+        appToken: string;
+    }>;
+    /**
+     * Detect the type of a Slack token from its prefix
+     */
+    private detectTokenType;
+    /**
+     * Extract team/workspace ID from passport tags
+     */
+    private extractTeamId;
+}
+//# sourceMappingURL=slack.d.ts.map

package/dist/integrations/slack.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"slack.d.ts","sourceRoot":"","sources":["../../src/integrations/slack.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,yBAAyB,EAAE,MAAM,WAAW,CAAC;AACtD,OAAO,KAAK,EACV,iBAAiB,EACjB,qBAAqB,EAErB,mBAAmB,EACpB,MAAM,YAAY,CAAC;AAEpB;;;GAGG;AACH,qBAAa,oBAAqB,SAAQ,yBAAyB;gBACrD,MAAM,EAAE,iBAAiB;IAIrC;;OAEG;IACG,WAAW,CAAC,YAAY,GAAE,MAAoB,GAAG,OAAO,CAAC,MAAM,CAAC;IAMtE;;OAEG;IACG,WAAW,CAAC,YAAY,GAAE,MAAoB,GAAG,OAAO,CAAC,MAAM,CAAC;IAMtE;;OAEG;IACG,YAAY,CAAC,YAAY,GAAE,MAAqB,GAAG,OAAO,CAAC,MAAM,CAAC;IAMxE;;OAEG;IACG,aAAa,CAAC,YAAY,GAAE,MAAwB,GAAG,OAAO,CAAC,MAAM,CAAC;IAM5E;;OAEG;IACG,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAe9E;;OAEG;IACG,oBAAoB,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;IAU5D;;OAEG;IACG,mBAAmB,CACvB,eAAe,GAAE,MAAoB,EACrC,eAAe,GAAE,MAAoB,GACpC,OAAO,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IASlD;;OAEG;IACH,OAAO,CAAC,eAAe;IAQvB;;OAEG;IACH,OAAO,CAAC,aAAa;CAOtB"}

package/dist/integrations/slack.js

@@ -0,0 +1,113 @@
+/**
+ * ID Wispera Slack Integration
+ * Manages Slack bot tokens, webhook URLs, and app-level tokens as governed passports
+ *
+ * Usage:
+ *   import { WisperaSlackProvider } from '@id-wispera/core';
+ *
+ *   const provider = new WisperaSlackProvider({ vault });
+ *   const botToken = await provider.getBotToken('my-slack-bot');
+ */
+import { WisperaCredentialProvider } from './base.js';
+/**
+ * Slack credential provider.
+ * Manages bot tokens, user tokens, app-level tokens, and webhook URLs.
+ */
+export class WisperaSlackProvider extends WisperaCredentialProvider {
+    constructor(config) {
+        super({ ...config, actor: config.actor ?? 'slack' });
+    }
+    /**
+     * Get a Slack bot token (xoxb-...)
+     */
+    async getBotToken(passportName = 'slack-bot') {
+        return this.getValue(passportName, {
+            purpose: 'Slack bot token access',
+        });
+    }
+    /**
+     * Get a Slack app-level token (xapp-...)
+     */
+    async getAppToken(passportName = 'slack-app') {
+        return this.getValue(passportName, {
+            purpose: 'Slack app-level token access',
+        });
+    }
+    /**
+     * Get a Slack user token (xoxp-...)
+     */
+    async getUserToken(passportName = 'slack-user') {
+        return this.getValue(passportName, {
+            purpose: 'Slack user token access',
+        });
+    }
+    /**
+     * Get a Slack webhook URL
+     */
+    async getWebhookUrl(passportName = 'slack-webhook') {
+        return this.getValue(passportName, {
+            purpose: 'Slack webhook URL access',
+        });
+    }
+    /**
+     * Get a typed Slack credential with token type detection
+     */
+    async getSlackCredential(passportName) {
+        const result = await this.get(passportName, {
+            purpose: 'Slack credential access',
+        });
+        const tokenType = this.detectTokenType(result.value);
+        const teamId = this.extractTeamId(result.passport.tags);
+        return {
+            ...result,
+            tokenType,
+            teamId,
+        };
+    }
+    /**
+     * List all available Slack credentials
+     */
+    async listSlackCredentials() {
+        const all = await this.listAvailable();
+        return all.filter((cred) => cred.tags.includes('slack') ||
+            cred.credentialType === 'bot-token' ||
+            cred.name.toLowerCase().includes('slack'));
+    }
+    /**
+     * Get multiple Slack tokens at once (e.g., bot + app tokens for Socket Mode)
+     */
+    async getSocketModeTokens(botPassportName = 'slack-bot', appPassportName = 'slack-app') {
+        const [botToken, appToken] = await Promise.all([
+            this.getBotToken(botPassportName),
+            this.getAppToken(appPassportName),
+        ]);
+        return { botToken, appToken };
+    }
+    /**
+     * Detect the type of a Slack token from its prefix
+     */
+    detectTokenType(value) {
+        if (value.startsWith('xoxb-'))
+            return 'bot';
+        if (value.startsWith('xoxp-'))
+            return 'user';
+        if (value.startsWith('xapp-'))
+            return 'app-level';
+        if (value.startsWith('https://hooks.slack.com/'))
+            return 'webhook';
+        return 'bot'; // Default assumption
+    }
+    /**
+     * Extract team/workspace ID from passport tags
+     */
+    extractTeamId(tags) {
+        for (const tag of tags) {
+            if (tag.startsWith('team:'))
+                return tag.slice(5);
+            if (tag.startsWith('workspace:'))
+                return tag.slice(10);
+        }
+        return undefined;
+    }
+}
+//# sourceMappingURL=slack.js.map

package/dist/integrations/slack.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"slack.js","sourceRoot":"","sources":["../../src/integrations/slack.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,yBAAyB,EAAE,MAAM,WAAW,CAAC;AAQtD;;;GAGG;AACH,MAAM,OAAO,oBAAqB,SAAQ,yBAAyB;IACjE,YAAY,MAAyB;QACnC,KAAK,CAAC,EAAE,GAAG,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,IAAI,OAAO,EAAE,CAAC,CAAC;IACvD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,eAAuB,WAAW;QAClD,OAAO,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE;YACjC,OAAO,EAAE,wBAAwB;SAClC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,eAAuB,WAAW;QAClD,OAAO,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE;YACjC,OAAO,EAAE,8BAA8B;SACxC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,eAAuB,YAAY;QACpD,OAAO,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE;YACjC,OAAO,EAAE,yBAAyB;SACnC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CAAC,eAAuB,eAAe;QACxD,OAAO,IAAI,CAAC,QAAQ,CAAC,YAAY,EAAE;YACjC,OAAO,EAAE,0BAA0B;SACpC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CAAC,YAAoB;QAC3C,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,EAAE;YAC1C,OAAO,EAAE,yBAAyB;SACnC,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrD,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAExD,OAAO;YACL,GAAG,MAAM;YACT,SAAS;YACT,MAAM;SACP,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,oBAAoB;QACxB,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,aAAa,EAAE,CAAC;QACvC,OAAO,GAAG,CAAC,MAAM,CACf,CAAC,IAAI,EAAE,EAAE,CACP,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YAC3B,IAAI,CAAC,cAAc,KAAK,WAAW;YACnC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAC5C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,mBAAmB,CACvB,kBAA0B,WAAW,EACrC,kBAA0B,WAAW;QAErC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YAC7C,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC;YACjC,IAAI,CAAC,WAAW,CAAC,eAAe,CAAC;SAClC,CAAC,CAAC;QAEH,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;IAChC,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,KAAa;QACnC,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC;YAAE,OAAO,KAAK,CAAC;QAC5C,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC;YAAE,OAAO,MAAM,CAAC;QAC7C,IAAI,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC;YAAE,OAAO,WAAW,CAAC;QAClD,IAAI,KAAK,CAAC,UAAU,CAAC,0BAA0B,CAAC;YAAE,OAAO,SAAS,CAAC;QACnE,OAAO,KAAK,CAAC,CAAC,qBAAqB;IACrC,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,IAAc;QAClC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC;gBAAE,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACjD,IAAI,GAAG,CAAC,UAAU,CAAC,YAAY,CAAC;gBAAE,OAAO,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACzD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}

package/dist/integrations/types.d.ts

@@ -0,0 +1,107 @@
+/**
+ * ID Wispera Integration Types
+ * Shared types for all framework integrations
+ */
+import type { Passport, Platform } from '../types.js';
+import type { Vault } from '../vault.js';
+/**
+ * Configuration for initializing an integration provider
+ */
+export interface IntegrationConfig {
+    /** Vault instance to use for credential access */
+    vault: Vault;
+    /** Actor name for audit logging (e.g., "langchain", "openai-agents") */
+    actor?: string;
+    /** Whether to cache credentials in memory (default: true) */
+    enableCache?: boolean;
+    /** Whether to log credential access to audit trail (default: true) */
+    logAccess?: boolean;
+}
+/**
+ * Options for retrieving a credential
+ */
+export interface CredentialAccessOptions {
+    /** Optional platform filter */
+    platform?: Platform;
+    /** Whether to log this access (overrides provider default) */
+    logAccess?: boolean;
+    /** Purpose of access (recorded in audit log) */
+    purpose?: string;
+}
+/**
+ * A credential result returned by integrations
+ */
+export interface CredentialResult {
+    /** The raw credential value */
+    value: string;
+    /** The passport that contains this credential */
+    passport: Passport;
+}
+/**
+ * Summary of an available credential (no sensitive data)
+ */
+export interface AvailableCredential {
+    /** Passport name */
+    name: string;
+    /** Passport ID */
+    id: string;
+    /** Credential type */
+    credentialType: string;
+    /** Platforms this credential is valid for */
+    platforms: Platform[];
+    /** Current status */
+    status: string;
+    /** Tags */
+    tags: string[];
+}
+/**
+ * LLM provider configuration returned by integrations
+ */
+export interface LLMConfig {
+    /** The API key */
+    apiKey: string;
+    /** The provider name (openai, anthropic, azure, google) */
+    provider: string;
+    /** The model to use */
+    model?: string;
+    /** Additional provider-specific config */
+    [key: string]: unknown;
+}
+/**
+ * Slack credential types
+ */
+export type SlackTokenType = 'bot' | 'user' | 'app-level' | 'webhook';
+/**
+ * Slack credential result with typed metadata
+ */
+export interface SlackCredentialResult extends CredentialResult {
+    /** The type of Slack token */
+    tokenType: SlackTokenType;
+    /** Slack workspace/team ID if known */
+    teamId?: string;
+}
+/**
+ * Google A2A Agent Card credential fields
+ */
+export interface A2AAgentCredentials {
+    /** Agent authentication token */
+    authToken: string;
+    /** Agent identity (from passport name) */
+    agentId: string;
+    /** Scopes the agent is authorized for */
+    scopes: string[];
+    /** When the credential expires */
+    expiresAt?: string;
+}
+/**
+ * Google A2A task credential scoping
+ */
+export interface A2ATaskCredentials {
+    /** Credentials scoped for this task */
+    credentials: Map<string, CredentialResult>;
+    /** Task ID */
+    taskId: string;
+    /** Scopes permitted for this task */
+    scopes: string[];
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/integrations/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/integrations/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AAEzC;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,kDAAkD;IAClD,KAAK,EAAE,KAAK,CAAC;IACb,wEAAwE;IACxE,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,6DAA6D;IAC7D,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,sEAAsE;IACtE,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,+BAA+B;IAC/B,QAAQ,CAAC,EAAE,QAAQ,CAAC;IACpB,8DAA8D;IAC9D,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,gDAAgD;IAChD,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,+BAA+B;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,iDAAiD;IACjD,QAAQ,EAAE,QAAQ,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,oBAAoB;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,kBAAkB;IAClB,EAAE,EAAE,MAAM,CAAC;IACX,sBAAsB;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,6CAA6C;IAC7C,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,qBAAqB;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,WAAW;IACX,IAAI,EAAE,MAAM,EAAE,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,kBAAkB;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,2DAA2D;IAC3D,QAAQ,EAAE,MAAM,CAAC;IACjB,uBAAuB;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,0CAA0C;IAC1C,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,MAAM,cAAc,GAAG,KAAK,GAAG,MAAM,GAAG,WAAW,GAAG,SAAS,CAAC;AAEtE;;GAEG;AACH,MAAM,WAAW,qBAAsB,SAAQ,gBAAgB;IAC7D,8BAA8B;IAC9B,SAAS,EAAE,cAAc,CAAC;IAC1B,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,iCAAiC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,0CAA0C;IAC1C,OAAO,EAAE,MAAM,CAAC;IAChB,yCAAyC;IACzC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,kCAAkC;IAClC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,uCAAuC;IACvC,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC;IAC3C,cAAc;IACd,MAAM,EAAE,MAAM,CAAC;IACf,qCAAqC;IACrC,MAAM,EAAE,MAAM,EAAE,CAAC;CAClB"}

package/dist/integrations/types.js

@@ -0,0 +1,6 @@
+/**
+ * ID Wispera Integration Types
+ * Shared types for all framework integrations
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/integrations/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/integrations/types.ts"],"names":[],"mappings":"AAAA;;;GAGG"}

package/dist/locations.d.ts

@@ -0,0 +1,157 @@
+/**
+ * ID Wispera Credential Locations Registry
+ * Defines well-known credential storage paths for various providers
+ */
+import { VisaType, CredentialType } from './types.js';
+/**
+ * Risk level for credentials
+ */
+export type RiskLevel = 'critical' | 'high' | 'medium' | 'low';
+/**
+ * Credential classification from scan
+ */
+export interface CredentialClassification {
+    /** Human-readable name */
+    name: string;
+    /** Credential type */
+    credentialType: CredentialType;
+    /** Recommended visa type */
+    visaType: VisaType;
+    /** Risk level */
+    riskLevel: RiskLevel;
+    /** Platform tags */
+    platforms: string[];
+    /** Auto-generated tags */
+    tags: string[];
+    /** Issuing authority */
+    issuingAuthority: string;
+    /** Additional context */
+    context?: Record<string, unknown>;
+}
+/**
+ * A discovered credential from scanning
+ */
+export interface DiscoveredCredential {
+    /** Provider that owns this credential */
+    provider: string;
+    /** File path where credential was found */
+    filePath: string;
+    /** Classification details */
+    classification: CredentialClassification;
+    /** The raw credential value (for import) */
+    rawValue: string;
+    /** Extracted metadata */
+    metadata: Record<string, unknown>;
+    /** Expiry date if known */
+    expiresAt?: Date;
+    /** Whether the file has insecure permissions */
+    insecurePermissions?: boolean;
+}
+/**
+ * Result of scanning a location
+ */
+export interface LocationScanResult {
+    /** Path that was scanned */
+    path: string;
+    /** Whether the path exists */
+    exists: boolean;
+    /** Whether the path is readable */
+    readable: boolean;
+    /** Error message if not readable */
+    error?: string;
+    /** Discovered credentials */
+    credentials: DiscoveredCredential[];
+    /** Permission warning if applicable */
+    permissionWarning?: string;
+}
+/**
+ * Provider definition with credential locations
+ */
+export interface ProviderDefinition {
+    /** Provider identifier */
+    id: string;
+    /** Human-readable name */
+    name: string;
+    /** Description */
+    description: string;
+    /** Detection function - returns true if provider is installed */
+    detect: () => Promise<boolean>;
+    /** Credential locations to scan */
+    locations: ProviderLocation[];
+}
+/**
+ * A location where credentials are stored
+ */
+export interface ProviderLocation {
+    /** Location identifier */
+    id: string;
+    /** Human-readable name */
+    name: string;
+    /** Path pattern (supports {home}, {accountId}, {agentId}, etc.) */
+    pathPattern: string;
+    /** File pattern to match (glob) */
+    filePattern?: string;
+    /** Parser function for this location */
+    parse: (filePath: string, content: string) => DiscoveredCredential[];
+}
+/**
+ * Expand path patterns like {home} to actual paths
+ */
+export declare function expandPath(pattern: string, vars?: Record<string, string>): string;
+/**
+ * Get the home directory
+ */
+export declare function getHomeDir(): string;
+/**
+ * OpenClaw provider definition
+ */
+export declare const openclawProvider: ProviderDefinition;
+/**
+ * AWS provider definition
+ */
+export declare const awsProvider: ProviderDefinition;
+/**
+ * SSH provider definition
+ */
+export declare const sshProvider: ProviderDefinition;
+/**
+ * Docker provider definition
+ */
+export declare const dockerProvider: ProviderDefinition;
+/**
+ * npm provider definition
+ */
+export declare const npmProvider: ProviderDefinition;
+/**
+ * Kubernetes provider definition
+ */
+export declare const kubernetesProvider: ProviderDefinition;
+/**
+ * All registered providers
+ */
+export declare const providers: ProviderDefinition[];
+/**
+ * Get provider by ID
+ */
+export declare function getProvider(id: string): ProviderDefinition | undefined;
+/**
+ * Get all provider IDs
+ */
+export declare function getProviderIds(): string[];
+/**
+ * Detect which providers are installed
+ */
+export declare function detectInstalledProviders(): Promise<ProviderDefinition[]>;
+/**
+ * Get risk level emoji
+ */
+export declare function getRiskEmoji(level: RiskLevel): string;
+/**
+ * Get risk level label
+ */
+export declare function getRiskLabel(level: RiskLevel): string;
+/**
+ * Sort credentials by risk level (critical first)
+ */
+export declare function sortByRisk(credentials: DiscoveredCredential[]): DiscoveredCredential[];
+//# sourceMappingURL=locations.d.ts.map

package/dist/locations.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"locations.d.ts","sourceRoot":"","sources":["../src/locations.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAQtD;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE/D;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,0BAA0B;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,sBAAsB;IACtB,cAAc,EAAE,cAAc,CAAC;IAC/B,4BAA4B;IAC5B,QAAQ,EAAE,QAAQ,CAAC;IACnB,iBAAiB;IACjB,SAAS,EAAE,SAAS,CAAC;IACrB,oBAAoB;IACpB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,0BAA0B;IAC1B,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,wBAAwB;IACxB,gBAAgB,EAAE,MAAM,CAAC;IACzB,yBAAyB;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,yCAAyC;IACzC,QAAQ,EAAE,MAAM,CAAC;IACjB,2CAA2C;IAC3C,QAAQ,EAAE,MAAM,CAAC;IACjB,6BAA6B;IAC7B,cAAc,EAAE,wBAAwB,CAAC;IACzC,4CAA4C;IAC5C,QAAQ,EAAE,MAAM,CAAC;IACjB,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,2BAA2B;IAC3B,SAAS,CAAC,EAAE,IAAI,CAAC;IACjB,gDAAgD;IAChD,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,4BAA4B;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,8BAA8B;IAC9B,MAAM,EAAE,OAAO,CAAC;IAChB,mCAAmC;IACnC,QAAQ,EAAE,OAAO,CAAC;IAClB,oCAAoC;IACpC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,6BAA6B;IAC7B,WAAW,EAAE,oBAAoB,EAAE,CAAC;IACpC,uCAAuC;IACvC,iBAAiB,CAAC,EAAE,MAAM,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,0BAA0B;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,0BAA0B;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,iEAAiE;IACjE,MAAM,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;IAC/B,mCAAmC;IACnC,SAAS,EAAE,gBAAgB,EAAE,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,0BAA0B;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,0BAA0B;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,mEAAmE;IACnE,WAAW,EAAE,MAAM,CAAC;IACpB,mCAAmC;IACnC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,wCAAwC;IACxC,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,KAAK,oBAAoB,EAAE,CAAC;CACtE;AAMD;;GAEG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,GAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAM,GAAG,MAAM,CAOrF;AAED;;GAEG;AACH,wBAAgB,UAAU,IAAI,MAAM,CAEnC;AA8TD;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,kBAmD9B,CAAC;AAMF;;GAEG;AACH,eAAO,MAAM,WAAW,EAAE,kBA0DzB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,WAAW,EAAE,kBAyDzB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,cAAc,EAAE,kBAuD5B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,WAAW,EAAE,kBA+CzB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,kBAAkB,EAAE,kBAoDhC,CAAC;AAMF;;GAEG;AACH,eAAO,MAAM,SAAS,EAAE,kBAAkB,EAOzC,CAAC;AAEF;;GAEG;AACH,wBAAgB,WAAW,CAAC,EAAE,EAAE,MAAM,GAAG,kBAAkB,GAAG,SAAS,CAEtE;AAED;;GAEG;AACH,wBAAgB,cAAc,IAAI,MAAM,EAAE,CAEzC;AAED;;GAEG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC,CAU9E;AAMD;;GAEG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,SAAS,GAAG,MAAM,CAOrD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,SAAS,GAAG,MAAM,CAErD;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,WAAW,EAAE,oBAAoB,EAAE,GAAG,oBAAoB,EAAE,CAWtF"}