@kya-os/agentshield-nextjs 0.1.25 → 0.1.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +24 -36
- package/dist/create-middleware.d.mts +1 -1
- package/dist/create-middleware.d.ts +1 -1
- package/dist/create-middleware.js +171 -2
- package/dist/create-middleware.js.map +1 -1
- package/dist/create-middleware.mjs +171 -2
- package/dist/create-middleware.mjs.map +1 -1
- package/dist/edge-detector-wrapper.js +8 -1
- package/dist/edge-detector-wrapper.js.map +1 -1
- package/dist/edge-detector-wrapper.mjs +8 -1
- package/dist/edge-detector-wrapper.mjs.map +1 -1
- package/dist/index.d.mts +2 -1
- package/dist/index.d.ts +2 -1
- package/dist/index.js +226 -2
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +225 -3
- package/dist/index.mjs.map +1 -1
- package/dist/middleware.d.mts +1 -1
- package/dist/middleware.d.ts +1 -1
- package/dist/middleware.js +171 -2
- package/dist/middleware.js.map +1 -1
- package/dist/middleware.mjs +171 -2
- package/dist/middleware.mjs.map +1 -1
- package/dist/session-tracker.d.mts +55 -0
- package/dist/session-tracker.d.ts +55 -0
- package/dist/session-tracker.js +176 -0
- package/dist/session-tracker.js.map +1 -0
- package/dist/session-tracker.mjs +173 -0
- package/dist/session-tracker.mjs.map +1 -0
- package/dist/{types-Hsgc8Gry.d.mts → types-BJTEUa4T.d.mts} +28 -0
- package/dist/{types-Hsgc8Gry.d.ts → types-BJTEUa4T.d.ts} +28 -0
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -47,7 +47,14 @@ var EdgeAgentDetector = class {
|
|
|
47
47
|
if (userAgent) {
|
|
48
48
|
for (const { pattern, type, name } of AI_AGENT_PATTERNS) {
|
|
49
49
|
if (pattern.test(userAgent)) {
|
|
50
|
-
|
|
50
|
+
const highConfidenceAgents = [
|
|
51
|
+
"chatgpt",
|
|
52
|
+
"claude",
|
|
53
|
+
"perplexity",
|
|
54
|
+
"anthropic"
|
|
55
|
+
];
|
|
56
|
+
const patternConfidence = highConfidenceAgents.includes(type) ? 0.85 : 0.5;
|
|
57
|
+
confidence = Math.max(confidence, patternConfidence);
|
|
51
58
|
reasons.push(`known_pattern:${type}`);
|
|
52
59
|
if (!detectedAgent) {
|
|
53
60
|
detectedAgent = { type, name };
|
|
@@ -124,9 +131,183 @@ var EdgeAgentDetectorWrapper = class {
|
|
|
124
131
|
}
|
|
125
132
|
};
|
|
126
133
|
|
|
134
|
+
// src/session-tracker.ts
|
|
135
|
+
var EdgeSessionTracker = class {
|
|
136
|
+
config;
|
|
137
|
+
constructor(config) {
|
|
138
|
+
this.config = {
|
|
139
|
+
enabled: config.enabled,
|
|
140
|
+
cookieName: config.cookieName || "__agentshield_session",
|
|
141
|
+
cookieMaxAge: config.cookieMaxAge || 3600,
|
|
142
|
+
// 1 hour default
|
|
143
|
+
encryptionKey: config.encryptionKey || process.env.AGENTSHIELD_SECRET || "agentshield-default-key"
|
|
144
|
+
};
|
|
145
|
+
}
|
|
146
|
+
/**
|
|
147
|
+
* Track a new AI agent session
|
|
148
|
+
*/
|
|
149
|
+
async track(_request, response, result) {
|
|
150
|
+
try {
|
|
151
|
+
if (!this.config.enabled || !result.isAgent) {
|
|
152
|
+
return response;
|
|
153
|
+
}
|
|
154
|
+
const sessionData = {
|
|
155
|
+
id: crypto.randomUUID(),
|
|
156
|
+
agent: result.detectedAgent?.name || "unknown",
|
|
157
|
+
confidence: result.confidence,
|
|
158
|
+
detectedAt: Date.now(),
|
|
159
|
+
expires: Date.now() + this.config.cookieMaxAge * 1e3
|
|
160
|
+
};
|
|
161
|
+
const encrypted = await this.encrypt(JSON.stringify(sessionData));
|
|
162
|
+
response.cookies.set(this.config.cookieName, encrypted, {
|
|
163
|
+
httpOnly: true,
|
|
164
|
+
secure: process.env.NODE_ENV === "production",
|
|
165
|
+
sameSite: "lax",
|
|
166
|
+
maxAge: this.config.cookieMaxAge,
|
|
167
|
+
path: "/"
|
|
168
|
+
});
|
|
169
|
+
return response;
|
|
170
|
+
} catch (error) {
|
|
171
|
+
if (process.env.DEBUG_AGENTSHIELD) {
|
|
172
|
+
console.warn("AgentShield: Failed to track session:", error);
|
|
173
|
+
}
|
|
174
|
+
return response;
|
|
175
|
+
}
|
|
176
|
+
}
|
|
177
|
+
/**
|
|
178
|
+
* Check for existing AI agent session
|
|
179
|
+
*/
|
|
180
|
+
async check(request) {
|
|
181
|
+
try {
|
|
182
|
+
if (!this.config.enabled) {
|
|
183
|
+
return null;
|
|
184
|
+
}
|
|
185
|
+
const cookie = request.cookies.get(this.config.cookieName);
|
|
186
|
+
if (!cookie?.value) {
|
|
187
|
+
return null;
|
|
188
|
+
}
|
|
189
|
+
const decrypted = await this.decrypt(cookie.value);
|
|
190
|
+
const session = JSON.parse(decrypted);
|
|
191
|
+
if (session.expires < Date.now()) {
|
|
192
|
+
return null;
|
|
193
|
+
}
|
|
194
|
+
return session;
|
|
195
|
+
} catch (error) {
|
|
196
|
+
if (process.env.DEBUG_AGENTSHIELD) {
|
|
197
|
+
console.warn("AgentShield: Failed to check session:", error);
|
|
198
|
+
}
|
|
199
|
+
return null;
|
|
200
|
+
}
|
|
201
|
+
}
|
|
202
|
+
/**
|
|
203
|
+
* Clear an existing session
|
|
204
|
+
*/
|
|
205
|
+
clear(response) {
|
|
206
|
+
try {
|
|
207
|
+
response.cookies.delete(this.config.cookieName);
|
|
208
|
+
} catch (error) {
|
|
209
|
+
if (process.env.DEBUG_AGENTSHIELD) {
|
|
210
|
+
console.warn("AgentShield: Failed to clear session:", error);
|
|
211
|
+
}
|
|
212
|
+
}
|
|
213
|
+
return response;
|
|
214
|
+
}
|
|
215
|
+
/**
|
|
216
|
+
* Simple encryption using Web Crypto API (Edge-compatible)
|
|
217
|
+
*/
|
|
218
|
+
async encrypt(data) {
|
|
219
|
+
try {
|
|
220
|
+
const key = this.config.encryptionKey;
|
|
221
|
+
const encoded = new TextEncoder().encode(data);
|
|
222
|
+
const obfuscated = new Uint8Array(encoded.length);
|
|
223
|
+
for (let i = 0; i < encoded.length; i++) {
|
|
224
|
+
obfuscated[i] = (encoded[i] || 0) ^ key.charCodeAt(i % key.length);
|
|
225
|
+
}
|
|
226
|
+
return btoa(
|
|
227
|
+
Array.from(obfuscated, (byte) => String.fromCharCode(byte)).join("")
|
|
228
|
+
);
|
|
229
|
+
} catch (error) {
|
|
230
|
+
return btoa(data);
|
|
231
|
+
}
|
|
232
|
+
}
|
|
233
|
+
/**
|
|
234
|
+
* Simple decryption (Edge-compatible)
|
|
235
|
+
*/
|
|
236
|
+
async decrypt(data) {
|
|
237
|
+
try {
|
|
238
|
+
const key = this.config.encryptionKey;
|
|
239
|
+
const decoded = Uint8Array.from(atob(data), (c) => c.charCodeAt(0));
|
|
240
|
+
const deobfuscated = new Uint8Array(decoded.length);
|
|
241
|
+
for (let i = 0; i < decoded.length; i++) {
|
|
242
|
+
deobfuscated[i] = (decoded[i] || 0) ^ key.charCodeAt(i % key.length);
|
|
243
|
+
}
|
|
244
|
+
return new TextDecoder().decode(deobfuscated);
|
|
245
|
+
} catch (error) {
|
|
246
|
+
return atob(data);
|
|
247
|
+
}
|
|
248
|
+
}
|
|
249
|
+
};
|
|
250
|
+
var StatelessSessionChecker = class {
|
|
251
|
+
static check(headers) {
|
|
252
|
+
try {
|
|
253
|
+
const agent = headers["x-agentshield-session-agent"];
|
|
254
|
+
const confidence = headers["x-agentshield-session-confidence"];
|
|
255
|
+
const sessionId = headers["x-agentshield-session-id"];
|
|
256
|
+
if (agent && confidence && sessionId) {
|
|
257
|
+
return {
|
|
258
|
+
id: sessionId,
|
|
259
|
+
agent,
|
|
260
|
+
confidence: parseFloat(confidence),
|
|
261
|
+
detectedAt: Date.now(),
|
|
262
|
+
expires: Date.now() + 36e5
|
|
263
|
+
// 1 hour
|
|
264
|
+
};
|
|
265
|
+
}
|
|
266
|
+
const cookieHeader = headers["cookie"];
|
|
267
|
+
if (cookieHeader && cookieHeader.includes("__agentshield_session=")) {
|
|
268
|
+
const match = cookieHeader.match(/__agentshield_session=([^;]+)/);
|
|
269
|
+
if (match && match[1]) {
|
|
270
|
+
try {
|
|
271
|
+
const decoded = atob(match[1]);
|
|
272
|
+
return JSON.parse(decoded);
|
|
273
|
+
} catch {
|
|
274
|
+
}
|
|
275
|
+
}
|
|
276
|
+
}
|
|
277
|
+
return null;
|
|
278
|
+
} catch {
|
|
279
|
+
return null;
|
|
280
|
+
}
|
|
281
|
+
}
|
|
282
|
+
static setHeaders(response, session) {
|
|
283
|
+
try {
|
|
284
|
+
if (response.setHeader) {
|
|
285
|
+
response.setHeader("X-AgentShield-Session-Agent", session.agent);
|
|
286
|
+
response.setHeader(
|
|
287
|
+
"X-AgentShield-Session-Confidence",
|
|
288
|
+
session.confidence.toString()
|
|
289
|
+
);
|
|
290
|
+
response.setHeader("X-AgentShield-Session-Id", session.id);
|
|
291
|
+
} else if (response.headers && response.headers.set) {
|
|
292
|
+
response.headers.set("x-agentshield-session-agent", session.agent);
|
|
293
|
+
response.headers.set(
|
|
294
|
+
"x-agentshield-session-confidence",
|
|
295
|
+
session.confidence.toString()
|
|
296
|
+
);
|
|
297
|
+
response.headers.set("x-agentshield-session-id", session.id);
|
|
298
|
+
}
|
|
299
|
+
} catch {
|
|
300
|
+
}
|
|
301
|
+
}
|
|
302
|
+
};
|
|
303
|
+
|
|
127
304
|
// src/middleware.ts
|
|
128
305
|
function createAgentShieldMiddleware(config = {}) {
|
|
129
306
|
const detector = new EdgeAgentDetectorWrapper(config);
|
|
307
|
+
const sessionTracker = config.sessionTracking?.enabled || config.enableWasm ? new EdgeSessionTracker({
|
|
308
|
+
enabled: true,
|
|
309
|
+
...config.sessionTracking
|
|
310
|
+
}) : null;
|
|
130
311
|
if (config.events) {
|
|
131
312
|
Object.entries(config.events).forEach(([event, handler]) => {
|
|
132
313
|
detector.on(event, handler);
|
|
@@ -156,6 +337,39 @@ function createAgentShieldMiddleware(config = {}) {
|
|
|
156
337
|
request.agentShield = { skipped: true };
|
|
157
338
|
return server.NextResponse.next();
|
|
158
339
|
}
|
|
340
|
+
const existingSession = sessionTracker ? await sessionTracker.check(request) : null;
|
|
341
|
+
if (existingSession) {
|
|
342
|
+
const response2 = server.NextResponse.next();
|
|
343
|
+
response2.headers.set("x-agentshield-detected", "true");
|
|
344
|
+
response2.headers.set("x-agentshield-agent", existingSession.agent);
|
|
345
|
+
response2.headers.set(
|
|
346
|
+
"x-agentshield-confidence",
|
|
347
|
+
existingSession.confidence.toString()
|
|
348
|
+
);
|
|
349
|
+
response2.headers.set("x-agentshield-session", "continued");
|
|
350
|
+
response2.headers.set("x-agentshield-session-id", existingSession.id);
|
|
351
|
+
request.agentShield = {
|
|
352
|
+
result: {
|
|
353
|
+
isAgent: true,
|
|
354
|
+
confidence: existingSession.confidence,
|
|
355
|
+
detectedAgent: { name: existingSession.agent },
|
|
356
|
+
timestamp: /* @__PURE__ */ new Date(),
|
|
357
|
+
verificationMethod: "session"
|
|
358
|
+
},
|
|
359
|
+
session: existingSession,
|
|
360
|
+
skipped: false
|
|
361
|
+
};
|
|
362
|
+
const context2 = {
|
|
363
|
+
userAgent: request.headers.get("user-agent") || "",
|
|
364
|
+
ipAddress: (request.ip ?? request.headers.get("x-forwarded-for")) || "",
|
|
365
|
+
headers: Object.fromEntries(request.headers.entries()),
|
|
366
|
+
url: request.url,
|
|
367
|
+
method: request.method,
|
|
368
|
+
timestamp: /* @__PURE__ */ new Date()
|
|
369
|
+
};
|
|
370
|
+
detector.emit("agent.session.continued", existingSession, context2);
|
|
371
|
+
return response2;
|
|
372
|
+
}
|
|
159
373
|
const userAgent = request.headers.get("user-agent");
|
|
160
374
|
const ipAddress = request.ip ?? request.headers.get("x-forwarded-for");
|
|
161
375
|
const context = {
|
|
@@ -220,12 +434,20 @@ function createAgentShieldMiddleware(config = {}) {
|
|
|
220
434
|
result,
|
|
221
435
|
skipped: false
|
|
222
436
|
};
|
|
223
|
-
|
|
437
|
+
let response = server.NextResponse.next();
|
|
224
438
|
response.headers.set("x-agentshield-detected", result.isAgent.toString());
|
|
225
439
|
response.headers.set(
|
|
226
440
|
"x-agentshield-confidence",
|
|
227
441
|
result.confidence.toString()
|
|
228
442
|
);
|
|
443
|
+
if (result.detectedAgent?.name) {
|
|
444
|
+
response.headers.set("x-agentshield-agent", result.detectedAgent.name);
|
|
445
|
+
}
|
|
446
|
+
if (sessionTracker && result.isAgent && result.confidence >= (config.confidenceThreshold ?? 0.7)) {
|
|
447
|
+
response = await sessionTracker.track(request, response, result);
|
|
448
|
+
response.headers.set("x-agentshield-session", "new");
|
|
449
|
+
detector.emit("agent.session.started", result, context);
|
|
450
|
+
}
|
|
229
451
|
return response;
|
|
230
452
|
} catch (error) {
|
|
231
453
|
console.error("AgentShield middleware error:", error);
|
|
@@ -264,6 +486,8 @@ var VERSION = "0.1.0";
|
|
|
264
486
|
* @license MIT OR Apache-2.0
|
|
265
487
|
*/
|
|
266
488
|
|
|
489
|
+
exports.EdgeSessionTracker = EdgeSessionTracker;
|
|
490
|
+
exports.StatelessSessionChecker = StatelessSessionChecker;
|
|
267
491
|
exports.VERSION = VERSION;
|
|
268
492
|
exports.createAgentShieldMiddleware = createAgentShieldMiddleware2;
|
|
269
493
|
exports.createAgentShieldMiddlewareBase = createAgentShieldMiddleware;
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/edge-detector-wrapper.ts","../src/middleware.ts","../src/create-middleware.ts","../src/index.ts"],"names":["NextResponse","response","createAgentShieldMiddleware"],"mappings":";;;;;;;AAiCA,IAAM,iBAAA,GAAoB;AAAA,EACxB,EAAE,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,EAC7D,EAAE,OAAA,EAAS,aAAA,EAAe,IAAA,EAAM,QAAA,EAAU,MAAM,QAAA,EAAS;AAAA,EACzD,EAAE,OAAA,EAAS,gBAAA,EAAkB,IAAA,EAAM,YAAA,EAAc,MAAM,YAAA,EAAa;AAAA,EACpE,EAAE,OAAA,EAAS,kBAAA,EAAoB,IAAA,EAAM,YAAA,EAAc,MAAM,YAAA,EAAa;AAAA,EACtE,EAAE,OAAA,EAAS,gBAAA,EAAkB,IAAA,EAAM,YAAA,EAAc,MAAM,YAAA,EAAa;AAAA,EACpE,EAAE,OAAA,EAAS,aAAA,EAAe,IAAA,EAAM,YAAA,EAAc,MAAM,YAAA,EAAa;AAAA;AAAA,EACjE,EAAE,OAAA,EAAS,UAAA,EAAY,IAAA,EAAM,MAAA,EAAQ,MAAM,SAAA,EAAU;AAAA,EACrD,EAAE,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,WAAA,EAAa,MAAM,WAAA;AACvD,CAAA;AAGA,IAAM,eAAA,GAAkB;AAAA,EACtB,KAAK,CAAC,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,OAAO,IAAI,CAAA;AAAA,EACtC,KAAK,CAAC,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,QAAQ,MAAM,CAAA;AAAA,EAC1C,OAAO,CAAC,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,OAAO,MAAM;AAC5C,CAAA;AAKA,IAAM,oBAAN,MAAwB;AAAA,EACtB,MAAM,QAAQ,KAAA,EAAiD;AAC7D,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,IAAI,aAAA;AACJ,IAAA,IAAI,kBAAA;AACJ,IAAA,IAAI,UAAA,GAAa,CAAA;AAEjB,IAAA,MAAM,OAAA,GAAU,KAAA,CAAM,OAAA,IAAW,EAAC;AAClC,IAAA,MAAM,oBAA4C,EAAC;AAGnD,IAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,OAAO,CAAA,EAAG;AAClD,MAAA,iBAAA,CAAkB,GAAA,CAAI,WAAA,EAAa,CAAA,GAAI,KAAA;AAAA,IACzC;AAGA,IAAA,MAAM,mBAAmB,CAAC,EACxB,kBAAkB,WAAW,CAAA,IAAK,kBAAkB,iBAAiB,CAAA,CAAA;AAEvE,IAAA,MAAM,cAAA,GAAiB,kBAAkB,iBAAiB,CAAA;AAE1D,IAAA,IAAI,cAAA,EAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC3C,MAAA,UAAA,GAAa,IAAA;AACb,MAAA,OAAA,CAAQ,KAAK,yBAAyB,CAAA;AACtC,MAAA,aAAA,GAAgB,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAU;AACnD,MAAA,kBAAA,GAAqB,WAAA;AAAA,IACvB,WAAW,gBAAA,EAAkB;AAC3B,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,GAAG,CAAA;AACrC,MAAA,OAAA,CAAQ,KAAK,mBAAmB,CAAA;AAAA,IAClC;AAGA,IAAA,MAAM,YAAY,KAAA,CAAM,SAAA,IAAa,KAAA,CAAM,OAAA,GAAU,YAAY,CAAA,IAAK,EAAA;AACtE,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,KAAA,MAAW,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,MAAU,iBAAA,EAAmB;AACvD,QAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,SAAS,CAAA,EAAG;AAC3B,UAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,GAAG,CAAA;AACrC,UAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,cAAA,EAAiB,IAAI,CAAA,CAAE,CAAA;AACpC,UAAA,IAAI,CAAC,aAAA,EAAe;AAClB,YAAA,aAAA,GAAgB,EAAE,MAAM,IAAA,EAAK;AAC7B,YAAA,kBAAA,GAAqB,SAAA;AAAA,UACvB;AACA,UAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAGA,IAAA,MAAM,SAAA,GAAY;AAAA,MAChB,wBAAA;AAAA,MACA,0BAAA;AAAA,MACA,qBAAA;AAAA,MACA,mBAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,MAAM,iBAAiB,SAAA,CAAU,MAAA;AAAA,MAC/B,CAAA,MAAA,KAAU,kBAAkB,MAAM;AAAA,KACpC;AACA,IAAA,IAAI,cAAA,CAAe,SAAS,CAAA,EAAG;AAC7B,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,GAAG,CAAA;AACrC,MAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,WAAA,EAAc,cAAA,CAAe,MAAM,CAAA,CAAE,CAAA;AAAA,IACpD;AAGA,IAAA,MAAM,EAAA,GAAK,KAAA,CAAM,EAAA,IAAM,KAAA,CAAM,SAAA;AAC7B,IAAA,IACE,EAAA,IACA,CAAC,iBAAA,CAAkB,iBAAiB,KACpC,CAAC,iBAAA,CAAkB,WAAW,CAAA,EAC9B;AACA,MAAA,KAAA,MAAW,CAAC,QAAA,EAAU,QAAQ,KAAK,MAAA,CAAO,OAAA,CAAQ,eAAe,CAAA,EAAG;AAClE,QAAA,IAAI,SAAS,IAAA,CAAK,CAAA,MAAA,KAAU,GAAG,UAAA,CAAW,MAAM,CAAC,CAAA,EAAG;AAClD,UAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,GAAG,CAAA;AACrC,UAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,eAAA,EAAkB,QAAQ,CAAA,CAAE,CAAA;AACzC,UAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAGA,IAAA,IAAI,OAAA,CAAQ,SAAS,CAAA,EAAG;AACtB,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,GAAa,GAAA,EAAK,IAAI,CAAA;AAAA,IAC9C;AAEA,IAAA,OAAO;AAAA,MACL,SAAS,UAAA,GAAa,GAAA;AAAA,MACtB,UAAA;AAAA,MACA,GAAI,aAAA,IAAiB,EAAE,aAAA,EAAc;AAAA,MACrC,OAAA;AAAA,MACA,GAAI,kBAAA,IAAsB,EAAE,kBAAA,EAAmB;AAAA,MAC/C,gBAAA,EAAkB,UAAA,GAAa,GAAA,GAAM,QAAA,GAAW,MAAA;AAAA,MAChD,SAAA,sBAAe,IAAA;AAAK,KACtB;AAAA,EACF;AACF,CAAA;AAKO,IAAM,2BAAN,MAA+B;AAAA,EAC5B,QAAA;AAAA,EACA,MAAA,uBAA0C,GAAA,EAAI;AAAA,EAEtD,YAAY,OAAA,EAAe;AAEzB,IAAA,IAAA,CAAK,QAAA,GAAW,IAAI,iBAAA,EAAkB;AAAA,EACxC;AAAA,EAEA,MAAM,QAAQ,KAAA,EAAiD;AAC7D,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,QAAA,CAAS,QAAQ,KAAK,CAAA;AAGhD,IAAA,IAAI,OAAO,OAAA,IAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,EAAG;AACvD,MAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,gBAAgB,KAAK,EAAC;AACvD,MAAA,QAAA,CAAS,OAAA,CAAQ,CAAA,OAAA,KAAW,OAAA,CAAQ,MAAA,EAAQ,KAAK,CAAC,CAAA;AAAA,IACpD;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA,EAEA,EAAA,CAAG,OAAe,OAAA,EAA6B;AAC7C,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,CAAA,EAAG;AAC3B,MAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAA,EAAO,EAAE,CAAA;AAAA,IAC3B;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,CAAA,CAAG,KAAK,OAAO,CAAA;AAAA,EACtC;AAAA,EAEA,IAAA,CAAK,UAAkB,IAAA,EAAmB;AACxC,IAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,KAAK,EAAC;AAC5C,IAAA,QAAA,CAAS,OAAA,CAAQ,CAAA,OAAA,KAAW,OAAA,CAAQ,GAAG,IAAI,CAAC,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,IAAA,GAAsB;AAE1B,IAAA;AAAA,EACF;AACF,CAAA;;;ACjLO,SAAS,2BAAA,CACd,MAAA,GAA0C,EAAC,EAC3C;AACA,EAAA,MAAM,QAAA,GAAW,IAAI,wBAAA,CAAc,MAAM,CAAA;AAGzC,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,MAAA,CAAO,OAAA,CAAQ,OAAO,MAAM,CAAA,CAAE,QAAQ,CAAC,CAAC,KAAA,EAAO,OAAO,CAAA,KAAM;AAC1D,MAAA,QAAA,CAAS,EAAA,CAAG,OAAc,OAAc,CAAA;AAAA,IAC1C,CAAC,CAAA;AAAA,EACH;AAEA,EAAA,MAAM;AAAA,IACJ,eAAA,GAAkB,KAAA;AAAA,IAClB,WAAA;AAAA,IACA,YAAY,EAAC;AAAA,IACb,eAAA,GAAkB;AAAA,MAChB,MAAA,EAAQ,GAAA;AAAA,MACR,OAAA,EAAS,yCAAA;AAAA,MACT,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,KAChD;AAAA,IACA,WAAA,GAAc,UAAA;AAAA,IACd,UAAA,GAAa;AAAA,GACf,GAAI,MAAA;AAEJ,EAAA,OAAO,OAAO,OAAA,KAAgD;AAC5D,IAAA,IAAI;AAEF,MAAA,MAAM,UAAA,GAAa,SAAA,CAAU,IAAA,CAAK,CAAA,OAAA,KAAW;AAC3C,QAAA,IAAI,OAAO,YAAY,QAAA,EAAU;AAC/B,UAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,QAAA,CAAS,UAAA,CAAW,OAAO,CAAA;AAAA,QACpD;AACA,QAAA,OAAO,OAAA,CAAQ,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,QAAQ,CAAA;AAAA,MAC9C,CAAC,CAAA;AAED,MAAA,IAAI,UAAA,EAAY;AAEd,QAAC,OAAA,CAAgB,WAAA,GAAc,EAAE,OAAA,EAAS,IAAA,EAAK;AAC/C,QAAA,OAAOA,oBAAa,IAAA,EAAK;AAAA,MAC3B;AAGA,MAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AAClD,MAAA,MAAM,YAAY,OAAA,CAAQ,EAAA,IAAM,OAAA,CAAQ,OAAA,CAAQ,IAAI,iBAAiB,CAAA;AAErE,MAAA,MAAM,OAAA,GAAU;AAAA,QACd,GAAI,SAAA,IAAa,EAAE,SAAA,EAAU;AAAA,QAC7B,GAAI,SAAA,IAAa,EAAE,SAAA,EAAU;AAAA,QAC7B,SAAS,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA;AAAA,QACrD,KAAK,OAAA,CAAQ,GAAA;AAAA,QACb,QAAQ,OAAA,CAAQ,MAAA;AAAA,QAChB,SAAA,sBAAe,IAAA;AAAK,OACtB;AAGA,MAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,OAAA,CAAQ,OAAO,CAAA;AAG7C,MAAA,IACE,OAAO,OAAA,IACP,MAAA,CAAO,UAAA,KAAe,MAAA,CAAO,uBAAuB,GAAA,CAAA,EACpD;AAEA,QAAA,IAAI,WAAA,EAAa;AACf,UAAA,MAAM,cAAA,GAAiB,MAAM,WAAA,CAAY,OAAA,EAAS,MAAM,CAAA;AACxD,UAAA,IAAI,cAAA,EAAgB;AAClB,YAAA,OAAO,cAAA;AAAA,UACT;AAAA,QACF;AAGA,QAAA,QAAQ,eAAA;AAAiB,UACvB,KAAK,OAAA,EAAS;AACZ,YAAA,MAAMC,YAAWD,mBAAA,CAAa,IAAA;AAAA,cAC5B;AAAA,gBACE,OAAO,eAAA,CAAgB,OAAA;AAAA,gBACvB,QAAA,EAAU,IAAA;AAAA,gBACV,YAAY,MAAA,CAAO,UAAA;AAAA,gBACnB,WAAW,MAAA,CAAO;AAAA,eACpB;AAAA,cACA,EAAE,MAAA,EAAQ,eAAA,CAAgB,MAAA;AAAO,aACnC;AAEA,YAAA,IAAI,gBAAgB,OAAA,EAAS;AAC3B,cAAA,MAAA,CAAO,OAAA,CAAQ,eAAA,CAAgB,OAAO,CAAA,CAAE,OAAA;AAAA,gBACtC,CAAC,CAAC,GAAA,EAAK,KAAK,CAAA,KAAM;AAChB,kBAAAC,SAAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,gBACjC;AAAA,eACF;AAAA,YACF;AAGA,YAAA,QAAA,CAAS,IAAA,CAAK,eAAA,EAAiB,MAAA,EAAQ,OAAO,CAAA;AAE9C,YAAA,OAAOA,SAAAA;AAAA,UACT;AAAA,UAEA,KAAK,UAAA;AACH,YAAA,OAAOD,oBAAa,QAAA,CAAS,IAAI,IAAI,WAAA,EAAa,OAAA,CAAQ,GAAG,CAAC,CAAA;AAAA,UAEhE,KAAK,SAAA;AACH,YAAA,OAAOA,oBAAa,OAAA,CAAQ,IAAI,IAAI,UAAA,EAAY,OAAA,CAAQ,GAAG,CAAC,CAAA;AAAA,UAE9D,KAAK,KAAA;AACH,YAAA,OAAA,CAAQ,KAAK,6BAAA,EAA+B;AAAA,cAC1C,WAAW,OAAA,CAAQ,SAAA;AAAA,cACnB,WAAW,OAAA,CAAQ,SAAA;AAAA,cACnB,YAAY,MAAA,CAAO,UAAA;AAAA,cACnB,SAAS,MAAA,CAAO,OAAA;AAAA,cAChB,QAAA,EAAU,QAAQ,OAAA,CAAQ;AAAA,aAC3B,CAAA;AACD,YAAA;AAAA,UAEF,KAAK,OAAA;AAAA,UACL;AAEE,YAAA,IAAI,OAAO,OAAA,IAAW,MAAA,CAAO,UAAA,KAAe,MAAA,CAAO,uBAAuB,GAAA,CAAA,EAAM;AAC9E,cAAA,QAAA,CAAS,IAAA,CAAK,eAAA,EAAiB,MAAA,EAAQ,OAAO,CAAA;AAAA,YAChD;AAEA,YAAA;AAAA;AACJ,MACF;AAGA,MAAC,QAAgB,WAAA,GAAc;AAAA,QAC7B,MAAA;AAAA,QACA,OAAA,EAAS;AAAA,OACX;AAGA,MAAA,MAAM,QAAA,GAAWA,oBAAa,IAAA,EAAK;AACnC,MAAA,QAAA,CAAS,QAAQ,GAAA,CAAI,wBAAA,EAA0B,MAAA,CAAO,OAAA,CAAQ,UAAU,CAAA;AACxE,MAAA,QAAA,CAAS,OAAA,CAAQ,GAAA;AAAA,QACf,0BAAA;AAAA,QACA,MAAA,CAAO,WAAW,QAAA;AAAS,OAC7B;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,iCAAiC,KAAK,CAAA;AACpD,MAAA,OAAOA,oBAAa,IAAA,EAAK;AAAA,IAC3B;AAAA,EACF,CAAA;AACF;;;ACpJA,IAAI,kBAAA,GAA0B,IAAA;AAC9B,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAI,WAAA,GAAmC,IAAA;AAMhC,SAASE,6BAA4B,MAAA,EAAgC;AAC1E,EAAA,OAAO,eAAe,sBACpB,OAAA,EACuB;AAEvB,IAAA,IAAI,CAAC,kBAAA,EAAoB;AACvB,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,cAAA,GAAiB,IAAA;AACjB,QAAA,WAAA,GAAA,CAAe,YAAY;AAIzB,UAAA,kBAAA,GAAqB,4BAAqB,MAAM,CAAA;AAChD,UAAA,OAAO,kBAAA;AAAA,QACT,CAAA,GAAG;AAAA,MACL;AAGA,MAAA,IAAI,WAAA,EAAa;AACf,QAAA,kBAAA,GAAqB,MAAM,WAAA;AAAA,MAC7B;AAAA,IACF;AAGA,IAAA,OAAO,kBAAA,GACH,kBAAA,CAAmB,OAAO,CAAA,GAC1BF,oBAAa,IAAA,EAAK;AAAA,EACxB,CAAA;AACF;;;AC3BO,IAAM,OAAA,GAAU","file":"index.js","sourcesContent":["/**\n * Wrapper for EdgeAgentDetector to match AgentDetector interface\n * This allows the middleware to work with EdgeAgentDetector in Edge Runtime\n *\n * This is a self-contained implementation to avoid import resolution issues\n */\n\ntype DetectionInput = {\n userAgent?: string;\n ip?: string;\n ipAddress?: string;\n headers?: Record<string, string>;\n url?: string;\n method?: string;\n timestamp?: Date;\n};\n\ntype DetectionResult = {\n isAgent: boolean;\n confidence: number;\n detectedAgent?: {\n type: string;\n name: string;\n };\n reasons: string[];\n verificationMethod?: string;\n forgeabilityRisk?: 'low' | 'medium' | 'high';\n timestamp: Date;\n};\n\ntype EventHandler = (...args: any[]) => void;\n\n// Known AI agent patterns\nconst AI_AGENT_PATTERNS = [\n { pattern: /chatgpt-user/i, type: 'chatgpt', name: 'ChatGPT' },\n { pattern: /claude-web/i, type: 'claude', name: 'Claude' },\n { pattern: /perplexitybot/i, type: 'perplexity', name: 'Perplexity' },\n { pattern: /perplexity-user/i, type: 'perplexity', name: 'Perplexity' },\n { pattern: /perplexity-ai/i, type: 'perplexity', name: 'Perplexity' },\n { pattern: /perplexity/i, type: 'perplexity', name: 'Perplexity' }, // Fallback\n { pattern: /bingbot/i, type: 'bing', name: 'Bing AI' },\n { pattern: /anthropic-ai/i, type: 'anthropic', name: 'Anthropic' },\n];\n\n// Known cloud provider IP ranges (simplified)\nconst CLOUD_PROVIDERS = {\n aws: ['54.', '52.', '35.', '18.', '3.'],\n gcp: ['35.', '34.', '104.', '107.', '108.'],\n azure: ['13.', '20.', '40.', '52.', '104.'],\n};\n\n/**\n * Self-contained EdgeAgentDetector implementation\n */\nclass EdgeAgentDetector {\n async analyze(input: DetectionInput): Promise<DetectionResult> {\n const reasons: string[] = [];\n let detectedAgent: { type: string; name: string } | undefined;\n let verificationMethod: string | undefined;\n let confidence = 0;\n\n const headers = input.headers || {};\n const normalizedHeaders: Record<string, string> = {};\n\n // Normalize header names to lowercase\n for (const [key, value] of Object.entries(headers)) {\n normalizedHeaders[key.toLowerCase()] = value;\n }\n\n // Check for HTTP Message Signatures (highest confidence)\n const signaturePresent = !!(\n normalizedHeaders['signature'] || normalizedHeaders['signature-input']\n );\n const signatureAgent = normalizedHeaders['signature-agent'];\n\n if (signatureAgent?.includes('chatgpt.com')) {\n confidence = 0.85;\n reasons.push('signature_agent:chatgpt');\n detectedAgent = { type: 'chatgpt', name: 'ChatGPT' };\n verificationMethod = 'signature';\n } else if (signaturePresent) {\n confidence = Math.max(confidence, 0.4);\n reasons.push('signature_present');\n }\n\n // Check User-Agent patterns\n const userAgent = input.userAgent || input.headers?.['user-agent'] || '';\n if (userAgent) {\n for (const { pattern, type, name } of AI_AGENT_PATTERNS) {\n if (pattern.test(userAgent)) {\n confidence = Math.max(confidence, 0.5);\n reasons.push(`known_pattern:${type}`);\n if (!detectedAgent) {\n detectedAgent = { type, name };\n verificationMethod = 'pattern';\n }\n break;\n }\n }\n }\n\n // Check AI-specific headers\n const aiHeaders = [\n 'openai-conversation-id',\n 'openai-ephemeral-user-id',\n 'anthropic-client-id',\n 'x-goog-api-client',\n 'x-ms-copilot-id',\n ];\n\n const foundAiHeaders = aiHeaders.filter(\n header => normalizedHeaders[header]\n );\n if (foundAiHeaders.length > 0) {\n confidence = Math.max(confidence, 0.6);\n reasons.push(`ai_headers:${foundAiHeaders.length}`);\n }\n\n // Check cloud provider IPs\n const ip = input.ip || input.ipAddress;\n if (\n ip &&\n !normalizedHeaders['x-forwarded-for'] &&\n !normalizedHeaders['x-real-ip']\n ) {\n for (const [provider, prefixes] of Object.entries(CLOUD_PROVIDERS)) {\n if (prefixes.some(prefix => ip.startsWith(prefix))) {\n confidence = Math.max(confidence, 0.4);\n reasons.push(`cloud_provider:${provider}`);\n break;\n }\n }\n }\n\n // Boost confidence for combinations\n if (reasons.length > 2) {\n confidence = Math.min(confidence * 1.2, 0.95);\n }\n\n return {\n isAgent: confidence > 0.3,\n confidence,\n ...(detectedAgent && { detectedAgent }),\n reasons,\n ...(verificationMethod && { verificationMethod }),\n forgeabilityRisk: confidence > 0.8 ? 'medium' : 'high',\n timestamp: new Date(),\n };\n }\n}\n\n/**\n * Wrapper that provides event emitter functionality\n */\nexport class EdgeAgentDetectorWrapper {\n private detector: EdgeAgentDetector;\n private events: Map<string, EventHandler[]> = new Map();\n\n constructor(_config?: any) {\n // Config is accepted but not used by EdgeAgentDetector\n this.detector = new EdgeAgentDetector();\n }\n\n async analyze(input: DetectionInput): Promise<DetectionResult> {\n const result = await this.detector.analyze(input);\n\n // Emit events if there are listeners\n if (result.isAgent && this.events.has('agent.detected')) {\n const handlers = this.events.get('agent.detected') || [];\n handlers.forEach(handler => handler(result, input));\n }\n\n return result;\n }\n\n on(event: string, handler: EventHandler): void {\n if (!this.events.has(event)) {\n this.events.set(event, []);\n }\n this.events.get(event)!.push(handler);\n }\n\n emit(event: string, ...args: any[]): void {\n const handlers = this.events.get(event) || [];\n handlers.forEach(handler => handler(...args));\n }\n\n async init(): Promise<void> {\n // EdgeAgentDetector doesn't need initialization\n return;\n }\n}\n","/**\n * Next.js middleware for AgentShield\n * \n * Uses edge-safe imports to avoid WASM in Edge Runtime\n */\n\nimport { NextRequest, NextResponse } from 'next/server';\n// Use wrapper for EdgeAgentDetector to match expected interface\nimport { EdgeAgentDetectorWrapper as AgentDetector } from './edge-detector-wrapper';\nimport type { NextJSMiddlewareConfig } from './types';\n\n/**\n * Create AgentShield middleware for Next.js\n */\nexport function createAgentShieldMiddleware(\n config: Partial<NextJSMiddlewareConfig> = {}\n) {\n const detector = new AgentDetector(config);\n \n // Wire up event handlers if provided\n if (config.events) {\n Object.entries(config.events).forEach(([event, handler]) => {\n detector.on(event as any, handler as any);\n });\n }\n\n const {\n onAgentDetected = 'log',\n onDetection,\n skipPaths = [],\n blockedResponse = {\n status: 403,\n message: 'Access denied: Automated agent detected',\n headers: { 'Content-Type': 'application/json' },\n },\n redirectUrl = '/blocked',\n rewriteUrl = '/blocked',\n } = config;\n\n return async (request: NextRequest): Promise<NextResponse> => {\n try {\n // Check if path should be skipped\n const shouldSkip = skipPaths.some(pattern => {\n if (typeof pattern === 'string') {\n return request.nextUrl.pathname.startsWith(pattern);\n }\n return pattern.test(request.nextUrl.pathname);\n });\n\n if (shouldSkip) {\n // Mark as skipped in request\n (request as any).agentShield = { skipped: true };\n return NextResponse.next();\n }\n\n // Prepare request context - ensure all optional fields are properly typed\n const userAgent = request.headers.get('user-agent');\n const ipAddress = request.ip ?? request.headers.get('x-forwarded-for');\n \n const context = {\n ...(userAgent && { userAgent }),\n ...(ipAddress && { ipAddress }),\n headers: Object.fromEntries(request.headers.entries()),\n url: request.url,\n method: request.method,\n timestamp: new Date(),\n };\n\n // Analyze request\n const result = await detector.analyze(context);\n\n // Handle detection result\n if (\n result.isAgent &&\n result.confidence >= (config.confidenceThreshold ?? 0.7)\n ) {\n // Call custom detection handler if provided\n if (onDetection) {\n const customResponse = await onDetection(request, result);\n if (customResponse) {\n return customResponse;\n }\n }\n\n // Handle based on configuration\n switch (onAgentDetected) {\n case 'block': {\n const response = NextResponse.json(\n {\n error: blockedResponse.message,\n detected: true,\n confidence: result.confidence,\n timestamp: result.timestamp,\n },\n { status: blockedResponse.status }\n );\n\n if (blockedResponse.headers) {\n Object.entries(blockedResponse.headers).forEach(\n ([key, value]) => {\n response.headers.set(key, value);\n }\n );\n }\n \n // Emit blocked event\n detector.emit('agent.blocked', result, context);\n\n return response;\n }\n\n case 'redirect':\n return NextResponse.redirect(new URL(redirectUrl, request.url));\n\n case 'rewrite':\n return NextResponse.rewrite(new URL(rewriteUrl, request.url));\n\n case 'log':\n console.warn('AgentShield: Agent detected', {\n ipAddress: context.ipAddress,\n userAgent: context.userAgent,\n confidence: result.confidence,\n reasons: result.reasons,\n pathname: request.nextUrl.pathname,\n });\n break;\n\n case 'allow':\n default:\n // Emit allowed event for high-confidence agents\n if (result.isAgent && result.confidence >= (config.confidenceThreshold ?? 0.7)) {\n detector.emit('agent.allowed', result, context);\n }\n // Continue processing\n break;\n }\n }\n\n // Add detection result to request for API routes\n (request as any).agentShield = {\n result,\n skipped: false,\n };\n\n // Add detection result to response headers for debugging\n const response = NextResponse.next();\n response.headers.set('x-agentshield-detected', result.isAgent.toString());\n response.headers.set(\n 'x-agentshield-confidence',\n result.confidence.toString()\n );\n\n return response;\n } catch (error) {\n console.error('AgentShield middleware error:', error);\n return NextResponse.next(); // Continue on error\n }\n };\n}\n\n/**\n * Convenience function for basic setup\n */\nexport function agentShield(config: Partial<NextJSMiddlewareConfig> = {}) {\n return createAgentShieldMiddleware(config);\n}\n","/**\n * Enhanced middleware creator for Edge Runtime\n * Uses EdgeAgentDetector which doesn't require WASM\n */\n\nimport { NextResponse } from 'next/server';\nimport type { NextRequest } from 'next/server';\nimport { createAgentShieldMiddleware as createBaseMiddleware } from './middleware';\nimport type { NextJSMiddlewareConfig } from './types';\n\nlet middlewareInstance: any = null;\nlet isInitializing = false;\nlet initPromise: Promise<any> | null = null;\n\n/**\n * Create an AgentShield middleware with automatic WASM initialization\n * This version handles initialization internally to avoid top-level await\n */\nexport function createAgentShieldMiddleware(config: NextJSMiddlewareConfig) {\n return async function agentShieldMiddleware(\n request: NextRequest\n ): Promise<NextResponse> {\n // Initialize middleware on first request (no WASM needed in Edge Runtime)\n if (!middlewareInstance) {\n if (!isInitializing) {\n isInitializing = true;\n initPromise = (async () => {\n // No WASM initialization needed - EdgeAgentDetector works without it\n\n // Create the actual middleware instance\n middlewareInstance = createBaseMiddleware(config);\n return middlewareInstance;\n })();\n }\n\n // Wait for initialization to complete\n if (initPromise) {\n middlewareInstance = await initPromise;\n }\n }\n\n // Run the middleware\n return middlewareInstance\n ? middlewareInstance(request)\n : NextResponse.next();\n };\n}\n\n/**\n * Export the original function as well for backward compatibility\n */\nexport { createAgentShieldMiddleware as createMiddleware };\n","/**\n * @fileoverview AgentShield Next.js Integration\n * @version 0.1.0\n * @license MIT OR Apache-2.0\n */\n\n// Export the enhanced middleware that handles initialization internally\nexport { createAgentShieldMiddleware, createMiddleware } from './create-middleware';\n\n// Also export original middleware for advanced users\nexport { createAgentShieldMiddleware as createAgentShieldMiddlewareBase } from './middleware';\n\nexport * from './types';\n// Hooks are not exported from main entry - they're client-only\n// If someone needs hooks, they should import from '@kya-os/agentshield-nextjs/hooks'\n\n/**\n * Library version\n */\nexport const VERSION = '0.1.0';\n"]}
|
|
1
|
+
{"version":3,"sources":["../src/edge-detector-wrapper.ts","../src/session-tracker.ts","../src/middleware.ts","../src/create-middleware.ts","../src/index.ts"],"names":["NextResponse","response","context","createAgentShieldMiddleware"],"mappings":";;;;;;;AAiCA,IAAM,iBAAA,GAAoB;AAAA,EACxB,EAAE,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,SAAA,EAAW,MAAM,SAAA,EAAU;AAAA,EAC7D,EAAE,OAAA,EAAS,aAAA,EAAe,IAAA,EAAM,QAAA,EAAU,MAAM,QAAA,EAAS;AAAA,EACzD,EAAE,OAAA,EAAS,gBAAA,EAAkB,IAAA,EAAM,YAAA,EAAc,MAAM,YAAA,EAAa;AAAA,EACpE,EAAE,OAAA,EAAS,kBAAA,EAAoB,IAAA,EAAM,YAAA,EAAc,MAAM,YAAA,EAAa;AAAA,EACtE,EAAE,OAAA,EAAS,gBAAA,EAAkB,IAAA,EAAM,YAAA,EAAc,MAAM,YAAA,EAAa;AAAA,EACpE,EAAE,OAAA,EAAS,aAAA,EAAe,IAAA,EAAM,YAAA,EAAc,MAAM,YAAA,EAAa;AAAA;AAAA,EACjE,EAAE,OAAA,EAAS,UAAA,EAAY,IAAA,EAAM,MAAA,EAAQ,MAAM,SAAA,EAAU;AAAA,EACrD,EAAE,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,WAAA,EAAa,MAAM,WAAA;AACvD,CAAA;AAGA,IAAM,eAAA,GAAkB;AAAA,EACtB,KAAK,CAAC,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,OAAO,IAAI,CAAA;AAAA,EACtC,KAAK,CAAC,KAAA,EAAO,KAAA,EAAO,MAAA,EAAQ,QAAQ,MAAM,CAAA;AAAA,EAC1C,OAAO,CAAC,KAAA,EAAO,KAAA,EAAO,KAAA,EAAO,OAAO,MAAM;AAC5C,CAAA;AAKA,IAAM,oBAAN,MAAwB;AAAA,EACtB,MAAM,QAAQ,KAAA,EAAiD;AAC7D,IAAA,MAAM,UAAoB,EAAC;AAC3B,IAAA,IAAI,aAAA;AACJ,IAAA,IAAI,kBAAA;AACJ,IAAA,IAAI,UAAA,GAAa,CAAA;AAEjB,IAAA,MAAM,OAAA,GAAU,KAAA,CAAM,OAAA,IAAW,EAAC;AAClC,IAAA,MAAM,oBAA4C,EAAC;AAGnD,IAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,OAAO,CAAA,EAAG;AAClD,MAAA,iBAAA,CAAkB,GAAA,CAAI,WAAA,EAAa,CAAA,GAAI,KAAA;AAAA,IACzC;AAGA,IAAA,MAAM,mBAAmB,CAAC,EACxB,kBAAkB,WAAW,CAAA,IAAK,kBAAkB,iBAAiB,CAAA,CAAA;AAEvE,IAAA,MAAM,cAAA,GAAiB,kBAAkB,iBAAiB,CAAA;AAE1D,IAAA,IAAI,cAAA,EAAgB,QAAA,CAAS,aAAa,CAAA,EAAG;AAC3C,MAAA,UAAA,GAAa,IAAA;AACb,MAAA,OAAA,CAAQ,KAAK,yBAAyB,CAAA;AACtC,MAAA,aAAA,GAAgB,EAAE,IAAA,EAAM,SAAA,EAAW,IAAA,EAAM,SAAA,EAAU;AACnD,MAAA,kBAAA,GAAqB,WAAA;AAAA,IACvB,WAAW,gBAAA,EAAkB;AAC3B,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,GAAG,CAAA;AACrC,MAAA,OAAA,CAAQ,KAAK,mBAAmB,CAAA;AAAA,IAClC;AAGA,IAAA,MAAM,YAAY,KAAA,CAAM,SAAA,IAAa,KAAA,CAAM,OAAA,GAAU,YAAY,CAAA,IAAK,EAAA;AACtE,IAAA,IAAI,SAAA,EAAW;AACb,MAAA,KAAA,MAAW,EAAE,OAAA,EAAS,IAAA,EAAM,IAAA,MAAU,iBAAA,EAAmB;AACvD,QAAA,IAAI,OAAA,CAAQ,IAAA,CAAK,SAAS,CAAA,EAAG;AAE3B,UAAA,MAAM,oBAAA,GAAuB;AAAA,YAC3B,SAAA;AAAA,YACA,QAAA;AAAA,YACA,YAAA;AAAA,YACA;AAAA,WACF;AACA,UAAA,MAAM,iBAAA,GAAoB,oBAAA,CAAqB,QAAA,CAAS,IAAI,IACxD,IAAA,GACA,GAAA;AAEJ,UAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,iBAAiB,CAAA;AACnD,UAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,cAAA,EAAiB,IAAI,CAAA,CAAE,CAAA;AACpC,UAAA,IAAI,CAAC,aAAA,EAAe;AAClB,YAAA,aAAA,GAAgB,EAAE,MAAM,IAAA,EAAK;AAC7B,YAAA,kBAAA,GAAqB,SAAA;AAAA,UACvB;AACA,UAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAGA,IAAA,MAAM,SAAA,GAAY;AAAA,MAChB,wBAAA;AAAA,MACA,0BAAA;AAAA,MACA,qBAAA;AAAA,MACA,mBAAA;AAAA,MACA;AAAA,KACF;AAEA,IAAA,MAAM,iBAAiB,SAAA,CAAU,MAAA;AAAA,MAC/B,CAAA,MAAA,KAAU,kBAAkB,MAAM;AAAA,KACpC;AACA,IAAA,IAAI,cAAA,CAAe,SAAS,CAAA,EAAG;AAC7B,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,GAAG,CAAA;AACrC,MAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,WAAA,EAAc,cAAA,CAAe,MAAM,CAAA,CAAE,CAAA;AAAA,IACpD;AAGA,IAAA,MAAM,EAAA,GAAK,KAAA,CAAM,EAAA,IAAM,KAAA,CAAM,SAAA;AAC7B,IAAA,IACE,EAAA,IACA,CAAC,iBAAA,CAAkB,iBAAiB,KACpC,CAAC,iBAAA,CAAkB,WAAW,CAAA,EAC9B;AACA,MAAA,KAAA,MAAW,CAAC,QAAA,EAAU,QAAQ,KAAK,MAAA,CAAO,OAAA,CAAQ,eAAe,CAAA,EAAG;AAClE,QAAA,IAAI,SAAS,IAAA,CAAK,CAAA,MAAA,KAAU,GAAG,UAAA,CAAW,MAAM,CAAC,CAAA,EAAG;AAClD,UAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,EAAY,GAAG,CAAA;AACrC,UAAA,OAAA,CAAQ,IAAA,CAAK,CAAA,eAAA,EAAkB,QAAQ,CAAA,CAAE,CAAA;AACzC,UAAA;AAAA,QACF;AAAA,MACF;AAAA,IACF;AAGA,IAAA,IAAI,OAAA,CAAQ,SAAS,CAAA,EAAG;AACtB,MAAA,UAAA,GAAa,IAAA,CAAK,GAAA,CAAI,UAAA,GAAa,GAAA,EAAK,IAAI,CAAA;AAAA,IAC9C;AAEA,IAAA,OAAO;AAAA,MACL,SAAS,UAAA,GAAa,GAAA;AAAA,MACtB,UAAA;AAAA,MACA,GAAI,aAAA,IAAiB,EAAE,aAAA,EAAc;AAAA,MACrC,OAAA;AAAA,MACA,GAAI,kBAAA,IAAsB,EAAE,kBAAA,EAAmB;AAAA,MAC/C,gBAAA,EAAkB,UAAA,GAAa,GAAA,GAAM,QAAA,GAAW,MAAA;AAAA,MAChD,SAAA,sBAAe,IAAA;AAAK,KACtB;AAAA,EACF;AACF,CAAA;AAKO,IAAM,2BAAN,MAA+B;AAAA,EAC5B,QAAA;AAAA,EACA,MAAA,uBAA0C,GAAA,EAAI;AAAA,EAEtD,YAAY,OAAA,EAAe;AAEzB,IAAA,IAAA,CAAK,QAAA,GAAW,IAAI,iBAAA,EAAkB;AAAA,EACxC;AAAA,EAEA,MAAM,QAAQ,KAAA,EAAiD;AAC7D,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,QAAA,CAAS,QAAQ,KAAK,CAAA;AAGhD,IAAA,IAAI,OAAO,OAAA,IAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,gBAAgB,CAAA,EAAG;AACvD,MAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,gBAAgB,KAAK,EAAC;AACvD,MAAA,QAAA,CAAS,OAAA,CAAQ,CAAA,OAAA,KAAW,OAAA,CAAQ,MAAA,EAAQ,KAAK,CAAC,CAAA;AAAA,IACpD;AAEA,IAAA,OAAO,MAAA;AAAA,EACT;AAAA,EAEA,EAAA,CAAG,OAAe,OAAA,EAA6B;AAC7C,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,CAAA,EAAG;AAC3B,MAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAA,EAAO,EAAE,CAAA;AAAA,IAC3B;AACA,IAAA,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,CAAA,CAAG,KAAK,OAAO,CAAA;AAAA,EACtC;AAAA,EAEA,IAAA,CAAK,UAAkB,IAAA,EAAmB;AACxC,IAAA,MAAM,WAAW,IAAA,CAAK,MAAA,CAAO,GAAA,CAAI,KAAK,KAAK,EAAC;AAC5C,IAAA,QAAA,CAAS,OAAA,CAAQ,CAAA,OAAA,KAAW,OAAA,CAAQ,GAAG,IAAI,CAAC,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,IAAA,GAAsB;AAE1B,IAAA;AAAA,EACF;AACF,CAAA;;;ACnLO,IAAM,qBAAN,MAAyB;AAAA,EACb,MAAA;AAAA,EAEjB,YAAY,MAAA,EAA+B;AACzC,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,UAAA,EAAY,OAAO,UAAA,IAAc,uBAAA;AAAA,MACjC,YAAA,EAAc,OAAO,YAAA,IAAgB,IAAA;AAAA;AAAA,MACrC,aAAA,EACE,MAAA,CAAO,aAAA,IACP,OAAA,CAAQ,IAAI,kBAAA,IACZ;AAAA,KACJ;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,KAAA,CACJ,QAAA,EACA,QAAA,EACA,MAAA,EACuB;AACvB,IAAA,IAAI;AACF,MAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,OAAA,IAAW,CAAC,OAAO,OAAA,EAAS;AAC3C,QAAA,OAAO,QAAA;AAAA,MACT;AAEA,MAAA,MAAM,WAAA,GAA2B;AAAA,QAC/B,EAAA,EAAI,OAAO,UAAA,EAAW;AAAA,QACtB,KAAA,EAAO,MAAA,CAAO,aAAA,EAAe,IAAA,IAAQ,SAAA;AAAA,QACrC,YAAY,MAAA,CAAO,UAAA;AAAA,QACnB,UAAA,EAAY,KAAK,GAAA,EAAI;AAAA,QACrB,SAAS,IAAA,CAAK,GAAA,EAAI,GAAI,IAAA,CAAK,OAAO,YAAA,GAAe;AAAA,OACnD;AAGA,MAAA,MAAM,YAAY,MAAM,IAAA,CAAK,QAAQ,IAAA,CAAK,SAAA,CAAU,WAAW,CAAC,CAAA;AAGhE,MAAA,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,MAAA,CAAO,YAAY,SAAA,EAAW;AAAA,QACtD,QAAA,EAAU,IAAA;AAAA,QACV,MAAA,EAAQ,OAAA,CAAQ,GAAA,CAAI,QAAA,KAAa,YAAA;AAAA,QACjC,QAAA,EAAU,KAAA;AAAA,QACV,MAAA,EAAQ,KAAK,MAAA,CAAO,YAAA;AAAA,QACpB,IAAA,EAAM;AAAA,OACP,CAAA;AAED,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AAEd,MAAA,IAAI,OAAA,CAAQ,IAAI,iBAAA,EAAmB;AACjC,QAAA,OAAA,CAAQ,IAAA,CAAK,yCAAyC,KAAK,CAAA;AAAA,MAC7D;AACA,MAAA,OAAO,QAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,OAAA,EAAmD;AAC7D,IAAA,IAAI;AACF,MAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,OAAA,EAAS;AACxB,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,SAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,IAAA,CAAK,OAAO,UAAU,CAAA;AACzD,MAAA,IAAI,CAAC,QAAQ,KAAA,EAAO;AAClB,QAAA,OAAO,IAAA;AAAA,MACT;AAGA,MAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,OAAA,CAAQ,OAAO,KAAK,CAAA;AACjD,MAAA,MAAM,OAAA,GAAuB,IAAA,CAAK,KAAA,CAAM,SAAS,CAAA;AAGjD,MAAA,IAAI,OAAA,CAAQ,OAAA,GAAU,IAAA,CAAK,GAAA,EAAI,EAAG;AAChC,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,OAAO,OAAA;AAAA,IACT,SAAS,KAAA,EAAO;AAEd,MAAA,IAAI,OAAA,CAAQ,IAAI,iBAAA,EAAmB;AACjC,QAAA,OAAA,CAAQ,IAAA,CAAK,yCAAyC,KAAK,CAAA;AAAA,MAC7D;AACA,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,QAAA,EAAsC;AAC1C,IAAA,IAAI;AACF,MAAA,QAAA,CAAS,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,MAAA,CAAO,UAAU,CAAA;AAAA,IAChD,SAAS,KAAA,EAAO;AAEd,MAAA,IAAI,OAAA,CAAQ,IAAI,iBAAA,EAAmB;AACjC,QAAA,OAAA,CAAQ,IAAA,CAAK,yCAAyC,KAAK,CAAA;AAAA,MAC7D;AAAA,IACF;AACA,IAAA,OAAO,QAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,QAAQ,IAAA,EAA+B;AACnD,IAAA,IAAI;AAGF,MAAA,MAAM,GAAA,GAAM,KAAK,MAAA,CAAO,aAAA;AACxB,MAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY,CAAE,OAAO,IAAI,CAAA;AAG7C,MAAA,MAAM,UAAA,GAAa,IAAI,UAAA,CAAW,OAAA,CAAQ,MAAM,CAAA;AAChD,MAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,OAAA,CAAQ,QAAQ,CAAA,EAAA,EAAK;AACvC,QAAA,UAAA,CAAW,CAAC,CAAA,GAAA,CAAK,OAAA,CAAQ,CAAC,CAAA,IAAK,KAAK,GAAA,CAAI,UAAA,CAAW,CAAA,GAAI,GAAA,CAAI,MAAM,CAAA;AAAA,MACnE;AAGA,MAAA,OAAO,IAAA;AAAA,QACL,KAAA,CAAM,IAAA,CAAK,UAAA,EAAY,CAAA,IAAA,KAAQ,MAAA,CAAO,aAAa,IAAI,CAAC,CAAA,CAAE,IAAA,CAAK,EAAE;AAAA,OACnE;AAAA,IACF,SAAS,KAAA,EAAO;AAEd,MAAA,OAAO,KAAK,IAAI,CAAA;AAAA,IAClB;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,MAAc,QAAQ,IAAA,EAA+B;AACnD,IAAA,IAAI;AACF,MAAA,MAAM,GAAA,GAAM,KAAK,MAAA,CAAO,aAAA;AACxB,MAAA,MAAM,OAAA,GAAU,UAAA,CAAW,IAAA,CAAK,IAAA,CAAK,IAAI,GAAG,CAAA,CAAA,KAAK,CAAA,CAAE,UAAA,CAAW,CAAC,CAAC,CAAA;AAGhE,MAAA,MAAM,YAAA,GAAe,IAAI,UAAA,CAAW,OAAA,CAAQ,MAAM,CAAA;AAClD,MAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,OAAA,CAAQ,QAAQ,CAAA,EAAA,EAAK;AACvC,QAAA,YAAA,CAAa,CAAC,CAAA,GAAA,CAAK,OAAA,CAAQ,CAAC,CAAA,IAAK,KAAK,GAAA,CAAI,UAAA,CAAW,CAAA,GAAI,GAAA,CAAI,MAAM,CAAA;AAAA,MACrE;AAEA,MAAA,OAAO,IAAI,WAAA,EAAY,CAAE,MAAA,CAAO,YAAY,CAAA;AAAA,IAC9C,SAAS,KAAA,EAAO;AAEd,MAAA,OAAO,KAAK,IAAI,CAAA;AAAA,IAClB;AAAA,EACF;AACF;AAMO,IAAM,0BAAN,MAA8B;AAAA,EACnC,OAAO,MAAM,OAAA,EAAqD;AAChE,IAAA,IAAI;AAEF,MAAA,MAAM,KAAA,GAAQ,QAAQ,6BAA6B,CAAA;AACnD,MAAA,MAAM,UAAA,GAAa,QAAQ,kCAAkC,CAAA;AAC7D,MAAA,MAAM,SAAA,GAAY,QAAQ,0BAA0B,CAAA;AAEpD,MAAA,IAAI,KAAA,IAAS,cAAc,SAAA,EAAW;AACpC,QAAA,OAAO;AAAA,UACL,EAAA,EAAI,SAAA;AAAA,UACJ,KAAA;AAAA,UACA,UAAA,EAAY,WAAW,UAAU,CAAA;AAAA,UACjC,UAAA,EAAY,KAAK,GAAA,EAAI;AAAA,UACrB,OAAA,EAAS,IAAA,CAAK,GAAA,EAAI,GAAI;AAAA;AAAA,SACxB;AAAA,MACF;AAGA,MAAA,MAAM,YAAA,GAAe,QAAQ,QAAQ,CAAA;AACrC,MAAA,IAAI,YAAA,IAAgB,YAAA,CAAa,QAAA,CAAS,wBAAwB,CAAA,EAAG;AAEnE,QAAA,MAAM,KAAA,GAAQ,YAAA,CAAa,KAAA,CAAM,+BAA+B,CAAA;AAChE,QAAA,IAAI,KAAA,IAAS,KAAA,CAAM,CAAC,CAAA,EAAG;AACrB,UAAA,IAAI;AACF,YAAA,MAAM,OAAA,GAAU,IAAA,CAAK,KAAA,CAAM,CAAC,CAAC,CAAA;AAC7B,YAAA,OAAO,IAAA,CAAK,MAAM,OAAO,CAAA;AAAA,UAC3B,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,OAAO,UAAA,CAAW,QAAA,EAAe,OAAA,EAA4B;AAC3D,IAAA,IAAI;AAEF,MAAA,IAAI,SAAS,SAAA,EAAW;AACtB,QAAA,QAAA,CAAS,SAAA,CAAU,6BAAA,EAA+B,OAAA,CAAQ,KAAK,CAAA;AAC/D,QAAA,QAAA,CAAS,SAAA;AAAA,UACP,kCAAA;AAAA,UACA,OAAA,CAAQ,WAAW,QAAA;AAAS,SAC9B;AACA,QAAA,QAAA,CAAS,SAAA,CAAU,0BAAA,EAA4B,OAAA,CAAQ,EAAE,CAAA;AAAA,MAC3D,CAAA,MAAA,IAAW,QAAA,CAAS,OAAA,IAAW,QAAA,CAAS,QAAQ,GAAA,EAAK;AACnD,QAAA,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,6BAAA,EAA+B,OAAA,CAAQ,KAAK,CAAA;AACjE,QAAA,QAAA,CAAS,OAAA,CAAQ,GAAA;AAAA,UACf,kCAAA;AAAA,UACA,OAAA,CAAQ,WAAW,QAAA;AAAS,SAC9B;AACA,QAAA,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,0BAAA,EAA4B,OAAA,CAAQ,EAAE,CAAA;AAAA,MAC7D;AAAA,IACF,CAAA,CAAA,MAAQ;AAAA,IAER;AAAA,EACF;AACF;;;ACnOO,SAAS,2BAAA,CACd,MAAA,GAA0C,EAAC,EAC3C;AACA,EAAA,MAAM,QAAA,GAAW,IAAI,wBAAA,CAAc,MAAM,CAAA;AAGzC,EAAA,MAAM,iBACJ,MAAA,CAAO,eAAA,EAAiB,WAAW,MAAA,CAAO,UAAA,GACtC,IAAI,kBAAA,CAAmB;AAAA,IACrB,OAAA,EAAS,IAAA;AAAA,IACT,GAAG,MAAA,CAAO;AAAA,GACX,CAAA,GACD,IAAA;AAGN,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,MAAA,CAAO,OAAA,CAAQ,OAAO,MAAM,CAAA,CAAE,QAAQ,CAAC,CAAC,KAAA,EAAO,OAAO,CAAA,KAAM;AAC1D,MAAA,QAAA,CAAS,EAAA,CAAG,OAAc,OAAc,CAAA;AAAA,IAC1C,CAAC,CAAA;AAAA,EACH;AAEA,EAAA,MAAM;AAAA,IACJ,eAAA,GAAkB,KAAA;AAAA,IAClB,WAAA;AAAA,IACA,YAAY,EAAC;AAAA,IACb,eAAA,GAAkB;AAAA,MAChB,MAAA,EAAQ,GAAA;AAAA,MACR,OAAA,EAAS,yCAAA;AAAA,MACT,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,KAChD;AAAA,IACA,WAAA,GAAc,UAAA;AAAA,IACd,UAAA,GAAa;AAAA,GACf,GAAI,MAAA;AAEJ,EAAA,OAAO,OAAO,OAAA,KAAgD;AAC5D,IAAA,IAAI;AAEF,MAAA,MAAM,UAAA,GAAa,SAAA,CAAU,IAAA,CAAK,CAAA,OAAA,KAAW;AAC3C,QAAA,IAAI,OAAO,YAAY,QAAA,EAAU;AAC/B,UAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,QAAA,CAAS,UAAA,CAAW,OAAO,CAAA;AAAA,QACpD;AACA,QAAA,OAAO,OAAA,CAAQ,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,QAAQ,CAAA;AAAA,MAC9C,CAAC,CAAA;AAED,MAAA,IAAI,UAAA,EAAY;AAEd,QAAC,OAAA,CAAgB,WAAA,GAAc,EAAE,OAAA,EAAS,IAAA,EAAK;AAC/C,QAAA,OAAOA,oBAAa,IAAA,EAAK;AAAA,MAC3B;AAGA,MAAA,MAAM,kBAAkB,cAAA,GACpB,MAAM,cAAA,CAAe,KAAA,CAAM,OAAO,CAAA,GAClC,IAAA;AAEJ,MAAA,IAAI,eAAA,EAAiB;AAEnB,QAAA,MAAMC,SAAAA,GAAWD,oBAAa,IAAA,EAAK;AAGnC,QAAAC,SAAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,wBAAA,EAA0B,MAAM,CAAA;AACrD,QAAAA,SAAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,qBAAA,EAAuB,gBAAgB,KAAK,CAAA;AACjE,QAAAA,UAAS,OAAA,CAAQ,GAAA;AAAA,UACf,0BAAA;AAAA,UACA,eAAA,CAAgB,WAAW,QAAA;AAAS,SACtC;AACA,QAAAA,SAAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,uBAAA,EAAyB,WAAW,CAAA;AACzD,QAAAA,SAAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,0BAAA,EAA4B,gBAAgB,EAAE,CAAA;AAGnE,QAAC,QAAgB,WAAA,GAAc;AAAA,UAC7B,MAAA,EAAQ;AAAA,YACN,OAAA,EAAS,IAAA;AAAA,YACT,YAAY,eAAA,CAAgB,UAAA;AAAA,YAC5B,aAAA,EAAe,EAAE,IAAA,EAAM,eAAA,CAAgB,KAAA,EAAM;AAAA,YAC7C,SAAA,sBAAe,IAAA,EAAK;AAAA,YACpB,kBAAA,EAAoB;AAAA,WACtB;AAAA,UACA,OAAA,EAAS,eAAA;AAAA,UACT,OAAA,EAAS;AAAA,SACX;AAGA,QAAA,MAAMC,QAAAA,GAAU;AAAA,UACd,SAAA,EAAW,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA,IAAK,EAAA;AAAA,UAChD,YACG,OAAA,CAAQ,EAAA,IAAM,QAAQ,OAAA,CAAQ,GAAA,CAAI,iBAAiB,CAAA,KAAM,EAAA;AAAA,UAC5D,SAAS,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA;AAAA,UACrD,KAAK,OAAA,CAAQ,GAAA;AAAA,UACb,QAAQ,OAAA,CAAQ,MAAA;AAAA,UAChB,SAAA,sBAAe,IAAA;AAAK,SACtB;AAEA,QAAA,QAAA,CAAS,IAAA,CAAK,yBAAA,EAA2B,eAAA,EAAiBA,QAAO,CAAA;AAEjE,QAAA,OAAOD,SAAAA;AAAA,MACT;AAGA,MAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,YAAY,CAAA;AAClD,MAAA,MAAM,YAAY,OAAA,CAAQ,EAAA,IAAM,OAAA,CAAQ,OAAA,CAAQ,IAAI,iBAAiB,CAAA;AAErE,MAAA,MAAM,OAAA,GAAU;AAAA,QACd,GAAI,SAAA,IAAa,EAAE,SAAA,EAAU;AAAA,QAC7B,GAAI,SAAA,IAAa,EAAE,SAAA,EAAU;AAAA,QAC7B,SAAS,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA;AAAA,QACrD,KAAK,OAAA,CAAQ,GAAA;AAAA,QACb,QAAQ,OAAA,CAAQ,MAAA;AAAA,QAChB,SAAA,sBAAe,IAAA;AAAK,OACtB;AAGA,MAAA,MAAM,MAAA,GAAS,MAAM,QAAA,CAAS,OAAA,CAAQ,OAAO,CAAA;AAG7C,MAAA,IACE,OAAO,OAAA,IACP,MAAA,CAAO,UAAA,KAAe,MAAA,CAAO,uBAAuB,GAAA,CAAA,EACpD;AAEA,QAAA,IAAI,WAAA,EAAa;AACf,UAAA,MAAM,cAAA,GAAiB,MAAM,WAAA,CAAY,OAAA,EAAS,MAAM,CAAA;AACxD,UAAA,IAAI,cAAA,EAAgB;AAClB,YAAA,OAAO,cAAA;AAAA,UACT;AAAA,QACF;AAGA,QAAA,QAAQ,eAAA;AAAiB,UACvB,KAAK,OAAA,EAAS;AACZ,YAAA,MAAMA,YAAWD,mBAAA,CAAa,IAAA;AAAA,cAC5B;AAAA,gBACE,OAAO,eAAA,CAAgB,OAAA;AAAA,gBACvB,QAAA,EAAU,IAAA;AAAA,gBACV,YAAY,MAAA,CAAO,UAAA;AAAA,gBACnB,WAAW,MAAA,CAAO;AAAA,eACpB;AAAA,cACA,EAAE,MAAA,EAAQ,eAAA,CAAgB,MAAA;AAAO,aACnC;AAEA,YAAA,IAAI,gBAAgB,OAAA,EAAS;AAC3B,cAAA,MAAA,CAAO,OAAA,CAAQ,eAAA,CAAgB,OAAO,CAAA,CAAE,OAAA;AAAA,gBACtC,CAAC,CAAC,GAAA,EAAK,KAAK,CAAA,KAAM;AAChB,kBAAAC,SAAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,gBACjC;AAAA,eACF;AAAA,YACF;AAGA,YAAA,QAAA,CAAS,IAAA,CAAK,eAAA,EAAiB,MAAA,EAAQ,OAAO,CAAA;AAE9C,YAAA,OAAOA,SAAAA;AAAA,UACT;AAAA,UAEA,KAAK,UAAA;AACH,YAAA,OAAOD,oBAAa,QAAA,CAAS,IAAI,IAAI,WAAA,EAAa,OAAA,CAAQ,GAAG,CAAC,CAAA;AAAA,UAEhE,KAAK,SAAA;AACH,YAAA,OAAOA,oBAAa,OAAA,CAAQ,IAAI,IAAI,UAAA,EAAY,OAAA,CAAQ,GAAG,CAAC,CAAA;AAAA,UAE9D,KAAK,KAAA;AACH,YAAA,OAAA,CAAQ,KAAK,6BAAA,EAA+B;AAAA,cAC1C,WAAW,OAAA,CAAQ,SAAA;AAAA,cACnB,WAAW,OAAA,CAAQ,SAAA;AAAA,cACnB,YAAY,MAAA,CAAO,UAAA;AAAA,cACnB,SAAS,MAAA,CAAO,OAAA;AAAA,cAChB,QAAA,EAAU,QAAQ,OAAA,CAAQ;AAAA,aAC3B,CAAA;AACD,YAAA;AAAA,UAEF,KAAK,OAAA;AAAA,UACL;AAEE,YAAA,IACE,OAAO,OAAA,IACP,MAAA,CAAO,UAAA,KAAe,MAAA,CAAO,uBAAuB,GAAA,CAAA,EACpD;AACA,cAAA,QAAA,CAAS,IAAA,CAAK,eAAA,EAAiB,MAAA,EAAQ,OAAO,CAAA;AAAA,YAChD;AAEA,YAAA;AAAA;AACJ,MACF;AAGA,MAAC,QAAgB,WAAA,GAAc;AAAA,QAC7B,MAAA;AAAA,QACA,OAAA,EAAS;AAAA,OACX;AAGA,MAAA,IAAI,QAAA,GAAWA,oBAAa,IAAA,EAAK;AACjC,MAAA,QAAA,CAAS,QAAQ,GAAA,CAAI,wBAAA,EAA0B,MAAA,CAAO,OAAA,CAAQ,UAAU,CAAA;AACxE,MAAA,QAAA,CAAS,OAAA,CAAQ,GAAA;AAAA,QACf,0BAAA;AAAA,QACA,MAAA,CAAO,WAAW,QAAA;AAAS,OAC7B;AAGA,MAAA,IAAI,MAAA,CAAO,eAAe,IAAA,EAAM;AAC9B,QAAA,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,qBAAA,EAAuB,MAAA,CAAO,cAAc,IAAI,CAAA;AAAA,MACvE;AAGA,MAAA,IACE,kBACA,MAAA,CAAO,OAAA,IACP,OAAO,UAAA,KAAe,MAAA,CAAO,uBAAuB,GAAA,CAAA,EACpD;AACA,QAAA,QAAA,GAAW,MAAM,cAAA,CAAe,KAAA,CAAM,OAAA,EAAS,UAAU,MAAM,CAAA;AAC/D,QAAA,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,uBAAA,EAAyB,KAAK,CAAA;AAGnD,QAAA,QAAA,CAAS,IAAA,CAAK,uBAAA,EAAyB,MAAA,EAAQ,OAAO,CAAA;AAAA,MACxD;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,iCAAiC,KAAK,CAAA;AACpD,MAAA,OAAOA,oBAAa,IAAA,EAAK;AAAA,IAC3B;AAAA,EACF,CAAA;AACF;;;ACnOA,IAAI,kBAAA,GAA0B,IAAA;AAC9B,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAI,WAAA,GAAmC,IAAA;AAMhC,SAASG,6BAA4B,MAAA,EAAgC;AAC1E,EAAA,OAAO,eAAe,sBACpB,OAAA,EACuB;AAEvB,IAAA,IAAI,CAAC,kBAAA,EAAoB;AACvB,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,cAAA,GAAiB,IAAA;AACjB,QAAA,WAAA,GAAA,CAAe,YAAY;AAIzB,UAAA,kBAAA,GAAqB,4BAAqB,MAAM,CAAA;AAChD,UAAA,OAAO,kBAAA;AAAA,QACT,CAAA,GAAG;AAAA,MACL;AAGA,MAAA,IAAI,WAAA,EAAa;AACf,QAAA,kBAAA,GAAqB,MAAM,WAAA;AAAA,MAC7B;AAAA,IACF;AAGA,IAAA,OAAO,kBAAA,GACH,kBAAA,CAAmB,OAAO,CAAA,GAC1BH,oBAAa,IAAA,EAAK;AAAA,EACxB,CAAA;AACF;;;ACpBO,IAAM,OAAA,GAAU","file":"index.js","sourcesContent":["/**\n * Wrapper for EdgeAgentDetector to match AgentDetector interface\n * This allows the middleware to work with EdgeAgentDetector in Edge Runtime\n *\n * This is a self-contained implementation to avoid import resolution issues\n */\n\ntype DetectionInput = {\n userAgent?: string;\n ip?: string;\n ipAddress?: string;\n headers?: Record<string, string>;\n url?: string;\n method?: string;\n timestamp?: Date;\n};\n\ntype DetectionResult = {\n isAgent: boolean;\n confidence: number;\n detectedAgent?: {\n type: string;\n name: string;\n };\n reasons: string[];\n verificationMethod?: string;\n forgeabilityRisk?: 'low' | 'medium' | 'high';\n timestamp: Date;\n};\n\ntype EventHandler = (...args: any[]) => void;\n\n// Known AI agent patterns\nconst AI_AGENT_PATTERNS = [\n { pattern: /chatgpt-user/i, type: 'chatgpt', name: 'ChatGPT' },\n { pattern: /claude-web/i, type: 'claude', name: 'Claude' },\n { pattern: /perplexitybot/i, type: 'perplexity', name: 'Perplexity' },\n { pattern: /perplexity-user/i, type: 'perplexity', name: 'Perplexity' },\n { pattern: /perplexity-ai/i, type: 'perplexity', name: 'Perplexity' },\n { pattern: /perplexity/i, type: 'perplexity', name: 'Perplexity' }, // Fallback\n { pattern: /bingbot/i, type: 'bing', name: 'Bing AI' },\n { pattern: /anthropic-ai/i, type: 'anthropic', name: 'Anthropic' },\n];\n\n// Known cloud provider IP ranges (simplified)\nconst CLOUD_PROVIDERS = {\n aws: ['54.', '52.', '35.', '18.', '3.'],\n gcp: ['35.', '34.', '104.', '107.', '108.'],\n azure: ['13.', '20.', '40.', '52.', '104.'],\n};\n\n/**\n * Self-contained EdgeAgentDetector implementation\n */\nclass EdgeAgentDetector {\n async analyze(input: DetectionInput): Promise<DetectionResult> {\n const reasons: string[] = [];\n let detectedAgent: { type: string; name: string } | undefined;\n let verificationMethod: string | undefined;\n let confidence = 0;\n\n const headers = input.headers || {};\n const normalizedHeaders: Record<string, string> = {};\n\n // Normalize header names to lowercase\n for (const [key, value] of Object.entries(headers)) {\n normalizedHeaders[key.toLowerCase()] = value;\n }\n\n // Check for HTTP Message Signatures (highest confidence)\n const signaturePresent = !!(\n normalizedHeaders['signature'] || normalizedHeaders['signature-input']\n );\n const signatureAgent = normalizedHeaders['signature-agent'];\n\n if (signatureAgent?.includes('chatgpt.com')) {\n confidence = 0.85;\n reasons.push('signature_agent:chatgpt');\n detectedAgent = { type: 'chatgpt', name: 'ChatGPT' };\n verificationMethod = 'signature';\n } else if (signaturePresent) {\n confidence = Math.max(confidence, 0.4);\n reasons.push('signature_present');\n }\n\n // Check User-Agent patterns\n const userAgent = input.userAgent || input.headers?.['user-agent'] || '';\n if (userAgent) {\n for (const { pattern, type, name } of AI_AGENT_PATTERNS) {\n if (pattern.test(userAgent)) {\n // Give higher confidence to well-known AI agents that properly identify themselves\n const highConfidenceAgents = [\n 'chatgpt',\n 'claude',\n 'perplexity',\n 'anthropic',\n ];\n const patternConfidence = highConfidenceAgents.includes(type)\n ? 0.85\n : 0.5;\n\n confidence = Math.max(confidence, patternConfidence);\n reasons.push(`known_pattern:${type}`);\n if (!detectedAgent) {\n detectedAgent = { type, name };\n verificationMethod = 'pattern';\n }\n break;\n }\n }\n }\n\n // Check AI-specific headers\n const aiHeaders = [\n 'openai-conversation-id',\n 'openai-ephemeral-user-id',\n 'anthropic-client-id',\n 'x-goog-api-client',\n 'x-ms-copilot-id',\n ];\n\n const foundAiHeaders = aiHeaders.filter(\n header => normalizedHeaders[header]\n );\n if (foundAiHeaders.length > 0) {\n confidence = Math.max(confidence, 0.6);\n reasons.push(`ai_headers:${foundAiHeaders.length}`);\n }\n\n // Check cloud provider IPs\n const ip = input.ip || input.ipAddress;\n if (\n ip &&\n !normalizedHeaders['x-forwarded-for'] &&\n !normalizedHeaders['x-real-ip']\n ) {\n for (const [provider, prefixes] of Object.entries(CLOUD_PROVIDERS)) {\n if (prefixes.some(prefix => ip.startsWith(prefix))) {\n confidence = Math.max(confidence, 0.4);\n reasons.push(`cloud_provider:${provider}`);\n break;\n }\n }\n }\n\n // Boost confidence for combinations\n if (reasons.length > 2) {\n confidence = Math.min(confidence * 1.2, 0.95);\n }\n\n return {\n isAgent: confidence > 0.3,\n confidence,\n ...(detectedAgent && { detectedAgent }),\n reasons,\n ...(verificationMethod && { verificationMethod }),\n forgeabilityRisk: confidence > 0.8 ? 'medium' : 'high',\n timestamp: new Date(),\n };\n }\n}\n\n/**\n * Wrapper that provides event emitter functionality\n */\nexport class EdgeAgentDetectorWrapper {\n private detector: EdgeAgentDetector;\n private events: Map<string, EventHandler[]> = new Map();\n\n constructor(_config?: any) {\n // Config is accepted but not used by EdgeAgentDetector\n this.detector = new EdgeAgentDetector();\n }\n\n async analyze(input: DetectionInput): Promise<DetectionResult> {\n const result = await this.detector.analyze(input);\n\n // Emit events if there are listeners\n if (result.isAgent && this.events.has('agent.detected')) {\n const handlers = this.events.get('agent.detected') || [];\n handlers.forEach(handler => handler(result, input));\n }\n\n return result;\n }\n\n on(event: string, handler: EventHandler): void {\n if (!this.events.has(event)) {\n this.events.set(event, []);\n }\n this.events.get(event)!.push(handler);\n }\n\n emit(event: string, ...args: any[]): void {\n const handlers = this.events.get(event) || [];\n handlers.forEach(handler => handler(...args));\n }\n\n async init(): Promise<void> {\n // EdgeAgentDetector doesn't need initialization\n return;\n }\n}\n","/**\n * Edge-compatible session tracking for AI agents\n * Uses cookie-based storage to work in Edge Runtime\n */\n\nimport type { NextRequest, NextResponse } from 'next/server';\nimport type { DetectionResult } from '@kya-os/agentshield';\n\nexport interface SessionData {\n id: string;\n agent: string;\n confidence: number;\n detectedAt: number;\n expires: number;\n}\n\nexport interface SessionTrackingConfig {\n enabled: boolean;\n cookieName?: string;\n cookieMaxAge?: number; // in seconds\n encryptionKey?: string;\n}\n\nexport class EdgeSessionTracker {\n private readonly config: Required<SessionTrackingConfig>;\n\n constructor(config: SessionTrackingConfig) {\n this.config = {\n enabled: config.enabled,\n cookieName: config.cookieName || '__agentshield_session',\n cookieMaxAge: config.cookieMaxAge || 3600, // 1 hour default\n encryptionKey:\n config.encryptionKey ||\n process.env.AGENTSHIELD_SECRET ||\n 'agentshield-default-key',\n };\n }\n\n /**\n * Track a new AI agent session\n */\n async track(\n _request: NextRequest,\n response: NextResponse,\n result: DetectionResult\n ): Promise<NextResponse> {\n try {\n if (!this.config.enabled || !result.isAgent) {\n return response;\n }\n\n const sessionData: SessionData = {\n id: crypto.randomUUID(),\n agent: result.detectedAgent?.name || 'unknown',\n confidence: result.confidence,\n detectedAt: Date.now(),\n expires: Date.now() + this.config.cookieMaxAge * 1000,\n };\n\n // Encrypt session data for security\n const encrypted = await this.encrypt(JSON.stringify(sessionData));\n\n // Set secure httpOnly cookie\n response.cookies.set(this.config.cookieName, encrypted, {\n httpOnly: true,\n secure: process.env.NODE_ENV === 'production',\n sameSite: 'lax',\n maxAge: this.config.cookieMaxAge,\n path: '/',\n });\n\n return response;\n } catch (error) {\n // Fail gracefully - log error but don't break request\n if (process.env.DEBUG_AGENTSHIELD) {\n console.warn('AgentShield: Failed to track session:', error);\n }\n return response;\n }\n }\n\n /**\n * Check for existing AI agent session\n */\n async check(request: NextRequest): Promise<SessionData | null> {\n try {\n if (!this.config.enabled) {\n return null;\n }\n\n const cookie = request.cookies.get(this.config.cookieName);\n if (!cookie?.value) {\n return null;\n }\n\n // Decrypt and parse session data\n const decrypted = await this.decrypt(cookie.value);\n const session: SessionData = JSON.parse(decrypted);\n\n // Check if session is expired\n if (session.expires < Date.now()) {\n return null;\n }\n\n return session;\n } catch (error) {\n // Fail gracefully - invalid or corrupted session\n if (process.env.DEBUG_AGENTSHIELD) {\n console.warn('AgentShield: Failed to check session:', error);\n }\n return null;\n }\n }\n\n /**\n * Clear an existing session\n */\n clear(response: NextResponse): NextResponse {\n try {\n response.cookies.delete(this.config.cookieName);\n } catch (error) {\n // Fail gracefully\n if (process.env.DEBUG_AGENTSHIELD) {\n console.warn('AgentShield: Failed to clear session:', error);\n }\n }\n return response;\n }\n\n /**\n * Simple encryption using Web Crypto API (Edge-compatible)\n */\n private async encrypt(data: string): Promise<string> {\n try {\n // For Edge Runtime, use simple base64 encoding with obfuscation\n // In production, consider using Web Crypto API subtle.encrypt()\n const key = this.config.encryptionKey;\n const encoded = new TextEncoder().encode(data);\n\n // Simple XOR obfuscation\n const obfuscated = new Uint8Array(encoded.length);\n for (let i = 0; i < encoded.length; i++) {\n obfuscated[i] = (encoded[i] || 0) ^ key.charCodeAt(i % key.length);\n }\n\n // Convert to base64\n return btoa(\n Array.from(obfuscated, byte => String.fromCharCode(byte)).join('')\n );\n } catch (error) {\n // Fallback to simple base64 if encryption fails\n return btoa(data);\n }\n }\n\n /**\n * Simple decryption (Edge-compatible)\n */\n private async decrypt(data: string): Promise<string> {\n try {\n const key = this.config.encryptionKey;\n const decoded = Uint8Array.from(atob(data), c => c.charCodeAt(0));\n\n // Reverse XOR obfuscation\n const deobfuscated = new Uint8Array(decoded.length);\n for (let i = 0; i < decoded.length; i++) {\n deobfuscated[i] = (decoded[i] || 0) ^ key.charCodeAt(i % key.length);\n }\n\n return new TextDecoder().decode(deobfuscated);\n } catch (error) {\n // Fallback to simple base64 if decryption fails\n return atob(data);\n }\n }\n}\n\n/**\n * Stateless session checker for non-Next.js environments (Express, etc.)\n * Uses a combination of headers to identify continued sessions\n */\nexport class StatelessSessionChecker {\n static check(headers: Record<string, string>): SessionData | null {\n try {\n // Check for session headers (set by previous response)\n const agent = headers['x-agentshield-session-agent'];\n const confidence = headers['x-agentshield-session-confidence'];\n const sessionId = headers['x-agentshield-session-id'];\n\n if (agent && confidence && sessionId) {\n return {\n id: sessionId,\n agent,\n confidence: parseFloat(confidence),\n detectedAt: Date.now(),\n expires: Date.now() + 3600000, // 1 hour\n };\n }\n\n // Check for cookie-based session (if cookies are parsed)\n const cookieHeader = headers['cookie'];\n if (cookieHeader && cookieHeader.includes('__agentshield_session=')) {\n // Simple cookie parsing\n const match = cookieHeader.match(/__agentshield_session=([^;]+)/);\n if (match && match[1]) {\n try {\n const decoded = atob(match[1]);\n return JSON.parse(decoded);\n } catch {\n // Invalid session data\n }\n }\n }\n\n return null;\n } catch {\n return null;\n }\n }\n\n static setHeaders(response: any, session: SessionData): void {\n try {\n // Set session headers for stateless tracking\n if (response.setHeader) {\n response.setHeader('X-AgentShield-Session-Agent', session.agent);\n response.setHeader(\n 'X-AgentShield-Session-Confidence',\n session.confidence.toString()\n );\n response.setHeader('X-AgentShield-Session-Id', session.id);\n } else if (response.headers && response.headers.set) {\n response.headers.set('x-agentshield-session-agent', session.agent);\n response.headers.set(\n 'x-agentshield-session-confidence',\n session.confidence.toString()\n );\n response.headers.set('x-agentshield-session-id', session.id);\n }\n } catch {\n // Fail gracefully\n }\n }\n}\n","/**\n * Next.js middleware for AgentShield\n *\n * Uses edge-safe imports to avoid WASM in Edge Runtime\n */\n\nimport { NextRequest, NextResponse } from 'next/server';\n// Use wrapper for EdgeAgentDetector to match expected interface\nimport { EdgeAgentDetectorWrapper as AgentDetector } from './edge-detector-wrapper';\nimport { EdgeSessionTracker } from './session-tracker';\nimport type { NextJSMiddlewareConfig } from './types';\n\n/**\n * Create AgentShield middleware for Next.js\n */\nexport function createAgentShieldMiddleware(\n config: Partial<NextJSMiddlewareConfig> = {}\n) {\n const detector = new AgentDetector(config);\n\n // Initialize session tracker if enabled (or if WASM is enabled)\n const sessionTracker =\n config.sessionTracking?.enabled || config.enableWasm\n ? new EdgeSessionTracker({\n enabled: true,\n ...config.sessionTracking,\n })\n : null;\n\n // Wire up event handlers if provided\n if (config.events) {\n Object.entries(config.events).forEach(([event, handler]) => {\n detector.on(event as any, handler as any);\n });\n }\n\n const {\n onAgentDetected = 'log',\n onDetection,\n skipPaths = [],\n blockedResponse = {\n status: 403,\n message: 'Access denied: Automated agent detected',\n headers: { 'Content-Type': 'application/json' },\n },\n redirectUrl = '/blocked',\n rewriteUrl = '/blocked',\n } = config;\n\n return async (request: NextRequest): Promise<NextResponse> => {\n try {\n // Check if path should be skipped\n const shouldSkip = skipPaths.some(pattern => {\n if (typeof pattern === 'string') {\n return request.nextUrl.pathname.startsWith(pattern);\n }\n return pattern.test(request.nextUrl.pathname);\n });\n\n if (shouldSkip) {\n // Mark as skipped in request\n (request as any).agentShield = { skipped: true };\n return NextResponse.next();\n }\n\n // Check for existing session first\n const existingSession = sessionTracker\n ? await sessionTracker.check(request)\n : null;\n\n if (existingSession) {\n // This is a continued AI agent session\n const response = NextResponse.next();\n\n // Set headers to indicate continued session\n response.headers.set('x-agentshield-detected', 'true');\n response.headers.set('x-agentshield-agent', existingSession.agent);\n response.headers.set(\n 'x-agentshield-confidence',\n existingSession.confidence.toString()\n );\n response.headers.set('x-agentshield-session', 'continued');\n response.headers.set('x-agentshield-session-id', existingSession.id);\n\n // Mark request with session info\n (request as any).agentShield = {\n result: {\n isAgent: true,\n confidence: existingSession.confidence,\n detectedAgent: { name: existingSession.agent },\n timestamp: new Date(),\n verificationMethod: 'session',\n },\n session: existingSession,\n skipped: false,\n };\n\n // Emit session continued event\n const context = {\n userAgent: request.headers.get('user-agent') || '',\n ipAddress:\n (request.ip ?? request.headers.get('x-forwarded-for')) || '',\n headers: Object.fromEntries(request.headers.entries()),\n url: request.url,\n method: request.method,\n timestamp: new Date(),\n };\n\n detector.emit('agent.session.continued', existingSession, context);\n\n return response;\n }\n\n // Prepare request context for new detection\n const userAgent = request.headers.get('user-agent');\n const ipAddress = request.ip ?? request.headers.get('x-forwarded-for');\n\n const context = {\n ...(userAgent && { userAgent }),\n ...(ipAddress && { ipAddress }),\n headers: Object.fromEntries(request.headers.entries()),\n url: request.url,\n method: request.method,\n timestamp: new Date(),\n };\n\n // Analyze request\n const result = await detector.analyze(context);\n\n // Handle detection result\n if (\n result.isAgent &&\n result.confidence >= (config.confidenceThreshold ?? 0.7)\n ) {\n // Call custom detection handler if provided\n if (onDetection) {\n const customResponse = await onDetection(request, result);\n if (customResponse) {\n return customResponse;\n }\n }\n\n // Handle based on configuration\n switch (onAgentDetected) {\n case 'block': {\n const response = NextResponse.json(\n {\n error: blockedResponse.message,\n detected: true,\n confidence: result.confidence,\n timestamp: result.timestamp,\n },\n { status: blockedResponse.status }\n );\n\n if (blockedResponse.headers) {\n Object.entries(blockedResponse.headers).forEach(\n ([key, value]) => {\n response.headers.set(key, value);\n }\n );\n }\n\n // Emit blocked event\n detector.emit('agent.blocked', result, context);\n\n return response;\n }\n\n case 'redirect':\n return NextResponse.redirect(new URL(redirectUrl, request.url));\n\n case 'rewrite':\n return NextResponse.rewrite(new URL(rewriteUrl, request.url));\n\n case 'log':\n console.warn('AgentShield: Agent detected', {\n ipAddress: context.ipAddress,\n userAgent: context.userAgent,\n confidence: result.confidence,\n reasons: result.reasons,\n pathname: request.nextUrl.pathname,\n });\n break;\n\n case 'allow':\n default:\n // Emit allowed event for high-confidence agents\n if (\n result.isAgent &&\n result.confidence >= (config.confidenceThreshold ?? 0.7)\n ) {\n detector.emit('agent.allowed', result, context);\n }\n // Continue processing\n break;\n }\n }\n\n // Add detection result to request for API routes\n (request as any).agentShield = {\n result,\n skipped: false,\n };\n\n // Add detection result to response headers for debugging\n let response = NextResponse.next();\n response.headers.set('x-agentshield-detected', result.isAgent.toString());\n response.headers.set(\n 'x-agentshield-confidence',\n result.confidence.toString()\n );\n\n // Add agent name if detected\n if (result.detectedAgent?.name) {\n response.headers.set('x-agentshield-agent', result.detectedAgent.name);\n }\n\n // Track new AI agent sessions\n if (\n sessionTracker &&\n result.isAgent &&\n result.confidence >= (config.confidenceThreshold ?? 0.7)\n ) {\n response = await sessionTracker.track(request, response, result);\n response.headers.set('x-agentshield-session', 'new');\n\n // Emit new session event\n detector.emit('agent.session.started', result, context);\n }\n\n return response;\n } catch (error) {\n console.error('AgentShield middleware error:', error);\n return NextResponse.next(); // Continue on error\n }\n };\n}\n\n/**\n * Convenience function for basic setup\n */\nexport function agentShield(config: Partial<NextJSMiddlewareConfig> = {}) {\n return createAgentShieldMiddleware(config);\n}\n","/**\n * Enhanced middleware creator for Edge Runtime\n * Uses EdgeAgentDetector which doesn't require WASM\n */\n\nimport { NextResponse } from 'next/server';\nimport type { NextRequest } from 'next/server';\nimport { createAgentShieldMiddleware as createBaseMiddleware } from './middleware';\nimport type { NextJSMiddlewareConfig } from './types';\n\nlet middlewareInstance: any = null;\nlet isInitializing = false;\nlet initPromise: Promise<any> | null = null;\n\n/**\n * Create an AgentShield middleware with automatic WASM initialization\n * This version handles initialization internally to avoid top-level await\n */\nexport function createAgentShieldMiddleware(config: NextJSMiddlewareConfig) {\n return async function agentShieldMiddleware(\n request: NextRequest\n ): Promise<NextResponse> {\n // Initialize middleware on first request (no WASM needed in Edge Runtime)\n if (!middlewareInstance) {\n if (!isInitializing) {\n isInitializing = true;\n initPromise = (async () => {\n // No WASM initialization needed - EdgeAgentDetector works without it\n\n // Create the actual middleware instance\n middlewareInstance = createBaseMiddleware(config);\n return middlewareInstance;\n })();\n }\n\n // Wait for initialization to complete\n if (initPromise) {\n middlewareInstance = await initPromise;\n }\n }\n\n // Run the middleware\n return middlewareInstance\n ? middlewareInstance(request)\n : NextResponse.next();\n };\n}\n\n/**\n * Export the original function as well for backward compatibility\n */\nexport { createAgentShieldMiddleware as createMiddleware };\n","/**\n * @fileoverview AgentShield Next.js Integration\n * @version 0.1.0\n * @license MIT OR Apache-2.0\n */\n\n// Export the enhanced middleware that handles initialization internally\nexport {\n createAgentShieldMiddleware,\n createMiddleware,\n} from './create-middleware';\n\n// Also export original middleware for advanced users\nexport { createAgentShieldMiddleware as createAgentShieldMiddlewareBase } from './middleware';\n\n// Export session tracking utilities\nexport { EdgeSessionTracker, StatelessSessionChecker } from './session-tracker';\nexport type { SessionData, SessionTrackingConfig } from './session-tracker';\n\nexport * from './types';\n// Hooks are not exported from main entry - they're client-only\n// If someone needs hooks, they should import from '@kya-os/agentshield-nextjs/hooks'\n\n/**\n * Library version\n */\nexport const VERSION = '0.1.0';\n"]}
|