@kya-os/checkpoint-nextjs 1.0.0

package/dist/index.js

@@ -0,0 +1,1019 @@
+'use strict';
+
+var orchestrator = require('@kya-os/checkpoint-wasm-runtime/orchestrator');
+var adapters = require('@kya-os/checkpoint-wasm-runtime/adapters');
+var server = require('next/server');
+var checkpointShared = require('@kya-os/checkpoint-shared');
+
+// src/middleware-node.ts
+function adaptToNextResponse(rendered, req) {
+  const clientAcceptsHtml = checkpointShared.acceptsHtml(req.headers);
+  const verdictCookie = checkpointShared.encodeVerdictCookie(rendered);
+  const shape = checkpointShared.classifyResponseShape(rendered, clientAcceptsHtml);
+  switch (shape) {
+    case "pass-through": {
+      const res = server.NextResponse.next();
+      applyHeaders(res, rendered.headers);
+      setVerdictCookie(res, verdictCookie);
+      return res;
+    }
+    case "redirect": {
+      const target = new URL(rendered.headers.Location);
+      const res = server.NextResponse.redirect(target);
+      applyHeaders(res, rendered.headers);
+      setVerdictCookie(res, verdictCookie);
+      return res;
+    }
+    case "html-block": {
+      const blockedUrl = new URL(checkpointShared.BLOCKED_PATH, req.url);
+      const res = server.NextResponse.rewrite(blockedUrl, { status: 200 });
+      applyHeaders(res, rendered.headers);
+      setVerdictCookie(res, verdictCookie);
+      return res;
+    }
+    case "json-block": {
+      const body = rendered.body ?? {};
+      const res = server.NextResponse.json(body, { status: rendered.status });
+      applyHeaders(res, rendered.headers);
+      setVerdictCookie(res, verdictCookie);
+      return res;
+    }
+  }
+}
+function setVerdictCookie(res, value) {
+  res.cookies.set({
+    name: checkpointShared.VERDICT_COOKIE_NAME,
+    value,
+    path: "/",
+    sameSite: "lax",
+    httpOnly: false
+  });
+}
+function applyHeaders(res, headers) {
+  for (const [key, value] of Object.entries(headers)) {
+    res.headers.set(key, value);
+  }
+}
+
+// src/translate.ts
+function nextRequestToHttpLike(req) {
+  const url = new URL(req.url);
+  return {
+    method: req.method,
+    // Path + query only — orchestrator's URL parsing expects no scheme/host.
+    url: url.pathname + url.search,
+    headers: headersToRecord(req.headers),
+    // NextRequest.body is a ReadableStream; we don't drain it here.
+    // The orchestrator routes to PlainHttp when body is falsy, which
+    // is the right call for streaming middlewares that don't want to
+    // buffer the request body just to detect agents.
+    body: null,
+    remoteAddress: extractRemoteAddress(req)
+  };
+}
+function headersToRecord(headers) {
+  const out = {};
+  headers.forEach((value, key) => {
+    out[key.toLowerCase()] = value;
+  });
+  return out;
+}
+function extractRemoteAddress(req) {
+  const xff = req.headers.get("x-forwarded-for");
+  if (xff) {
+    const first = xff.split(",")[0]?.trim();
+    if (first) return first;
+  }
+  const maybeIp = req.ip;
+  return maybeIp;
+}
+
+// src/middleware-node.ts
+function withCheckpoint(config) {
+  const opts = buildVerifyOpts(config);
+  return async function checkpointMiddleware(req) {
+    const httpLike = nextRequestToHttpLike(req);
+    const result = await orchestrator.verifyRequest(httpLike, opts);
+    await dispatchOnResult(config, result, req);
+    const rendered = orchestrator.renderDecisionAsResponse(result);
+    return adaptToNextResponse(rendered, req);
+  };
+}
+function buildVerifyOpts(config) {
+  const overrides = config.adapters ?? {};
+  return {
+    didResolver: overrides.didResolver ?? adapters.makeDidResolver(),
+    statusListCache: overrides.statusListCache ?? adapters.makeStatusListCache(),
+    reputationOracle: overrides.reputationOracle ?? adapters.makeReputationOracle({ argusUrl: config.argusUrl }),
+    policyEvaluator: overrides.policyEvaluator ?? adapters.makePolicyEvaluator({ dashboardUrl: config.dashboardUrl }),
+    clock: adapters.makeSystemClock(),
+    tenantHost: config.tenantHost,
+    enforcementMode: config.enforcementMode ?? "enforce",
+    reputationBaseline: config.reputationBaseline,
+    argusUrl: config.argusUrl
+  };
+}
+async function dispatchOnResult(config, result, req) {
+  if (!config.onResult) return;
+  try {
+    await config.onResult(result, req);
+  } catch {
+  }
+}
+
+// src/middleware.ts
+var MIGRATION_ERROR = "@kya-os/checkpoint-nextjs's `createAgentShieldMiddleware` / `agentShield` were deleted in Phase D (engine consolidation). The 600-line TS pattern matcher that backed them is gone. Migrate to `withCheckpoint` from `@kya-os/checkpoint-nextjs` (Node runtime) or `@kya-os/checkpoint-nextjs/edge` (Edge runtime). See packages/checkpoint-nextjs/CHANGELOG.md (1.0.0) for the recipe.";
+function createAgentShieldMiddleware(_config = {}) {
+  throw new Error(MIGRATION_ERROR);
+}
+
+// src/create-middleware.ts
+var middlewareInstance = null;
+var isInitializing = false;
+var initPromise = null;
+function createAgentShieldMiddleware2(config) {
+  return async function agentShieldMiddleware2(request) {
+    if (!middlewareInstance) {
+      if (!isInitializing) {
+        isInitializing = true;
+        initPromise = (async () => {
+          middlewareInstance = createAgentShieldMiddleware(config);
+          return middlewareInstance;
+        })();
+      }
+      if (initPromise) {
+        middlewareInstance = await initPromise;
+      }
+    }
+    return middlewareInstance ? middlewareInstance(request) : server.NextResponse.next();
+  };
+}
+
+// src/api-client.ts
+var DEFAULT_BASE_URL = "https://kya.vouched.id";
+var EDGE_DETECT_URL = "https://detect.checkpoint-gateway.ai";
+var DEFAULT_TIMEOUT = 5e3;
+var CheckpointApiClient = class {
+  apiKey;
+  baseUrl;
+  useEdge;
+  timeout;
+  debug;
+  constructor(config) {
+    if (!config.apiKey) {
+      throw new Error("AgentShield API key is required");
+    }
+    this.apiKey = config.apiKey;
+    this.useEdge = config.useEdge !== false;
+    this.baseUrl = config.baseUrl || (this.useEdge ? EDGE_DETECT_URL : DEFAULT_BASE_URL);
+    this.timeout = config.timeout || DEFAULT_TIMEOUT;
+    this.debug = config.debug || false;
+  }
+  /**
+   * Call the enforce API to check if a request should be allowed
+   */
+  async enforce(input) {
+    const startTime = Date.now();
+    try {
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+      try {
+        const endpoint = this.useEdge ? `${this.baseUrl}/__detect/enforce` : `${this.baseUrl}/api/v1/enforce`;
+        const response = await fetch(endpoint, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${this.apiKey}`,
+            "X-Request-ID": input.requestId || crypto.randomUUID()
+          },
+          body: JSON.stringify(input),
+          signal: controller.signal
+        });
+        clearTimeout(timeoutId);
+        const data = await response.json();
+        if (this.debug) {
+          console.log("[AgentShield] Enforce response:", {
+            status: response.status,
+            action: data.data?.decision.action,
+            processingTimeMs: Date.now() - startTime
+          });
+        }
+        if (!response.ok) {
+          return {
+            success: false,
+            error: {
+              code: `HTTP_${response.status}`,
+              message: data.error?.message || `HTTP error: ${response.status}`
+            }
+          };
+        }
+        return data;
+      } catch (error) {
+        clearTimeout(timeoutId);
+        throw error;
+      }
+    } catch (error) {
+      if (error instanceof Error && error.name === "AbortError") {
+        if (this.debug) {
+          console.warn("[AgentShield] Request timed out");
+        }
+        return {
+          success: false,
+          error: {
+            code: "TIMEOUT",
+            message: `Request timed out after ${this.timeout}ms`
+          }
+        };
+      }
+      if (this.debug) {
+        console.error("[AgentShield] Request failed:", error);
+      }
+      return {
+        success: false,
+        error: {
+          code: "NETWORK_ERROR",
+          message: error instanceof Error ? error.message : "Network request failed"
+        }
+      };
+    }
+  }
+  /**
+   * Quick check - returns just the action without full response parsing
+   * Useful for very fast middleware that just needs allow/block
+   */
+  async quickCheck(input) {
+    const result = await this.enforce(input);
+    if (!result.success || !result.data) {
+      return {
+        action: "allow",
+        error: result.error?.message
+      };
+    }
+    return {
+      action: result.data.decision.action
+    };
+  }
+  /**
+   * Check if this client is using edge detection (Gateway Worker)
+   */
+  isUsingEdge() {
+    return this.useEdge;
+  }
+  /**
+   * Log a detection result to AgentShield database.
+   * Use after Gateway Worker detection to persist results.
+   * Fire-and-forget - returns immediately without waiting for DB write.
+   *
+   * @example
+   * ```typescript
+   * // After receiving Gateway response
+   * if (client.isUsingEdge() && response.data?.detection) {
+   *   client.logDetection({
+   *     detection: response.data.detection,
+   *     context: { userAgent, ipAddress, path, url, method }
+   *   }).catch(err => console.error('Log failed:', err));
+   * }
+   * ```
+   */
+  async logDetection(input) {
+    const logEndpoint = this.useEdge ? `${DEFAULT_BASE_URL}/api/v1/log-detection` : `${this.baseUrl}/api/v1/log-detection`;
+    try {
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), this.timeout);
+      try {
+        const response = await fetch(logEndpoint, {
+          method: "POST",
+          headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${this.apiKey}`
+          },
+          body: JSON.stringify({
+            detection: {
+              isAgent: input.detection.isAgent,
+              confidence: input.detection.confidence,
+              agentName: input.detection.agentName,
+              agentType: input.detection.agentType,
+              detectionClass: input.detection.detectionClass,
+              verificationMethod: input.detection.verificationMethod,
+              reasons: input.detection.reasons
+            },
+            context: input.context,
+            source: input.source || "gateway"
+          }),
+          signal: controller.signal
+        });
+        clearTimeout(timeoutId);
+        if (!response.ok && this.debug) {
+          console.warn("[AgentShield] Log detection returned non-2xx:", response.status);
+        }
+      } catch (error) {
+        clearTimeout(timeoutId);
+        throw error;
+      }
+    } catch (error) {
+      if (this.debug) {
+        console.error("[AgentShield] Log detection failed:", error);
+      }
+      throw error;
+    }
+  }
+};
+var clientInstance = null;
+function getCheckpointApiClient(config) {
+  if (!clientInstance) {
+    const apiKey = config?.apiKey || process.env.CHECKPOINT_API_KEY;
+    if (!apiKey) {
+      throw new Error(
+        "AgentShield API key is required. Set CHECKPOINT_API_KEY environment variable or pass apiKey in config."
+      );
+    }
+    clientInstance = new CheckpointApiClient({
+      apiKey,
+      baseUrl: config?.baseUrl || process.env.AGENTSHIELD_API_URL,
+      // Default to edge detection unless explicitly disabled
+      useEdge: config?.useEdge ?? process.env.AGENTSHIELD_USE_EDGE !== "false",
+      timeout: config?.timeout,
+      debug: config?.debug || process.env.AGENTSHIELD_DEBUG === "true"
+    });
+  }
+  return clientInstance;
+}
+function resetCheckpointApiClient() {
+  clientInstance = null;
+}
+var AgentShieldClient = CheckpointApiClient;
+var getAgentShieldClient = getCheckpointApiClient;
+var resetAgentShieldClient = resetCheckpointApiClient;
+
+// src/utils.ts
+function getClientIp(request) {
+  const forwardedFor = request.headers.get("x-forwarded-for");
+  if (forwardedFor) {
+    const ip = forwardedFor.split(",")[0]?.trim();
+    if (ip) return ip;
+  }
+  const realIp = request.headers.get("x-real-ip");
+  if (realIp) return realIp;
+  const cfIp = request.headers.get("cf-connecting-ip");
+  if (cfIp) return cfIp;
+  const clientIp = request.headers.get("x-client-ip");
+  if (clientIp) return clientIp;
+  return void 0;
+}
+function safeHostname(url) {
+  try {
+    return new URL(url).hostname;
+  } catch {
+    return "this site";
+  }
+}
+
+// src/responses/agent-instruction.ts
+var MCP_I_DOCS_URL = "https://docs.knowthat.ai/mcp-i/getting-started";
+var DEFAULT_CONNECT_PATH = "/connect";
+function buildAgentInstructionResponse(request, decision, redirectUrl) {
+  const resolved = resolveUrl(redirectUrl ?? DEFAULT_CONNECT_PATH, request.url);
+  const agentName = decision.agentName || decision.agentType || "unknown";
+  if (!resolved.searchParams.has("agent")) {
+    resolved.searchParams.set("agent", agentName.toLowerCase());
+  }
+  const authUrl = resolved.toString();
+  const hostname = safeHostname(request.url);
+  const body = {
+    // Markdown-formatted so clients that render markdown (Claude Desktop,
+    // ChatGPT web) surface the URL as a clickable link. Tone mirrors the
+    // gateway response so messaging stays consistent across platforms.
+    message: `I can't access ${hostname} yet \u2014 this site checks AI assistants at the front door.
+
+**To give me access, open this link:**
+[Connect securely to ${hostname}](${authUrl})
+
+It only takes a moment and you won't need to do it again. Once you're done, ask me to try again and I'll connect through the verified channel automatically.`,
+    user_action_required: {
+      action: `Connect securely to ${hostname}`,
+      url: authUrl,
+      reason: `${hostname} checks AI assistants before they connect. Open the link to give your assistant a verified key.`
+    },
+    mcp_i: {
+      version: "1.0",
+      action: "authenticate",
+      authorization_url: authUrl,
+      flow: {
+        type: "oauth2_delegation",
+        steps: [
+          "1. Direct your user to the authorization_url",
+          "2. User reviews requested scopes and grants consent",
+          "3. Receive delegation credential (JWT)",
+          "4. Include credential in KYA-Delegation header",
+          "5. Retry this request with the proof"
+        ]
+      },
+      retry_instructions: {
+        header: "KYA-Delegation",
+        format: "JWT delegation credential from authorization flow"
+      },
+      documentation: MCP_I_DOCS_URL
+    },
+    error: "mcp_authentication_required",
+    code: "AGENT_REQUIRES_DELEGATION",
+    detection: {
+      agent_type: decision.agentType || "ai_agent",
+      agent_name: decision.agentName || "Unknown Agent",
+      confidence: decision.confidence
+    }
+  };
+  const response = server.NextResponse.json(body, { status: 401 });
+  response.headers.set("WWW-Authenticate", `KYA realm="api", authorization_uri="${authUrl}"`);
+  response.headers.set(
+    "Link",
+    `<${authUrl}>; rel="kya-authorize", <${MCP_I_DOCS_URL}>; rel="help"`
+  );
+  response.headers.set("KYA-Auth-Required", "true");
+  response.headers.set("KYA-Auth-Url", authUrl);
+  response.headers.set("KYA-Action", "instruct");
+  response.headers.set("KYA-Detected-Agent", agentName);
+  response.headers.set("KYA-Confidence", decision.confidence.toString());
+  response.headers.set("Cache-Control", "no-store");
+  return response;
+}
+function resolveUrl(target, baseUrl) {
+  try {
+    return new URL(target, baseUrl);
+  } catch {
+    return new URL(DEFAULT_CONNECT_PATH, baseUrl);
+  }
+}
+
+// src/api-middleware.ts
+function shouldSkipPath(path, skipPaths) {
+  return skipPaths.some((pattern) => checkpointShared.matchPath(path, pattern));
+}
+function shouldIncludePath(path, includePaths) {
+  if (!includePaths || includePaths.length === 0) return true;
+  return includePaths.some((pattern) => checkpointShared.matchPath(path, pattern));
+}
+function buildBlockedResponse(request, decision, config) {
+  const status = config.blockedResponse?.status ?? 403;
+  const message = config.blockedResponse?.message ?? decision.message ?? "Access denied";
+  const recoveryUrl = resolveRecoveryUrl(request, config.redirectUrl || decision.redirectUrl);
+  const body = {
+    error: message,
+    code: "AGENT_BLOCKED",
+    reason: decision.reason,
+    agentType: decision.agentType
+  };
+  if (recoveryUrl) {
+    const hostname = safeHostname(request.url);
+    body.user_action_required = {
+      action: `Connect securely to ${hostname}`,
+      url: recoveryUrl,
+      reason: `${hostname} blocks unverified AI assistants. Open the link to give your assistant a verified key and try again.`
+    };
+    body.message = `I can't access ${hostname} \u2014 this site blocks unverified AI assistants.
+
+**To give me access, open this link:**
+[Connect securely to ${hostname}](${recoveryUrl})
+
+Once you're done, ask me to try again.`;
+  }
+  const response = server.NextResponse.json(body, { status });
+  if (config.blockedResponse?.headers) {
+    for (const [key, value] of Object.entries(config.blockedResponse.headers)) {
+      response.headers.set(key, value);
+    }
+  }
+  if (recoveryUrl) {
+    response.headers.set("Link", `<${recoveryUrl}>; rel="kya-authorize"`);
+    response.headers.set("KYA-Auth-Url", recoveryUrl);
+  }
+  response.headers.set("KYA-Action", decision.action);
+  response.headers.set("KYA-Reason", decision.reason);
+  return response;
+}
+function resolveRecoveryUrl(request, target) {
+  if (!target) return void 0;
+  try {
+    return new URL(target, request.url).toString();
+  } catch {
+    return void 0;
+  }
+}
+function buildRedirectResponse(request, decision, config) {
+  const redirectUrl = config.redirectUrl || decision.redirectUrl || "/blocked";
+  const url = new URL(redirectUrl, request.url);
+  url.searchParams.set("reason", decision.reason);
+  if (decision.agentType) {
+    url.searchParams.set("agent", decision.agentType);
+  }
+  return server.NextResponse.redirect(url);
+}
+function withCheckpointApi(config = {}) {
+  let client = null;
+  const getClient = () => {
+    if (!client) {
+      client = getCheckpointApiClient({
+        apiKey: config.apiKey,
+        baseUrl: config.apiUrl,
+        useEdge: config.useEdge,
+        timeout: config.timeout,
+        debug: config.debug
+      });
+    }
+    return client;
+  };
+  const defaultSkipPaths = [
+    "/_next/static/**",
+    "/_next/image/**",
+    "/favicon.ico",
+    "/robots.txt",
+    "/sitemap.xml"
+  ];
+  const skipPaths = [...defaultSkipPaths, ...config.skipPaths || []];
+  const failOpen = config.failOpen ?? true;
+  return async function middleware(request) {
+    const path = request.nextUrl.pathname;
+    const startTime = Date.now();
+    if (shouldSkipPath(path, skipPaths)) {
+      return server.NextResponse.next();
+    }
+    if (!shouldIncludePath(path, config.includePaths)) {
+      return server.NextResponse.next();
+    }
+    try {
+      const client2 = getClient();
+      const userAgent = request.headers.get("user-agent") || void 0;
+      const ipAddress = getClientIp(request);
+      const result = await client2.enforce({
+        headers: Object.fromEntries(request.headers.entries()),
+        userAgent,
+        ipAddress,
+        path,
+        url: request.url,
+        method: request.method,
+        requestId: request.headers.get("x-request-id") || void 0,
+        options: {
+          // Always include detection results for logging (needed when using edge)
+          includeDetectionResult: true
+        }
+      });
+      if (!result.success || !result.data) {
+        if (config.debug) {
+          console.warn("[AgentShield] API error:", result.error);
+        }
+        if (failOpen) {
+          return server.NextResponse.next();
+        }
+        return server.NextResponse.json(
+          { error: "Security check failed", code: "API_ERROR" },
+          { status: 503 }
+        );
+      }
+      const decision = result.data.decision;
+      if (config.debug) {
+        console.log("[AgentShield] Decision:", {
+          path,
+          action: decision.action,
+          isAgent: decision.isAgent,
+          confidence: decision.confidence,
+          agentName: decision.agentName,
+          detectionMethod: result.data.detection?.detectionMethod || "not-included",
+          processingTimeMs: Date.now() - startTime
+        });
+      }
+      if (client2.isUsingEdge() && result.data.detection) {
+        client2.logDetection({
+          detection: result.data.detection,
+          context: { userAgent, ipAddress, path, url: request.url, method: request.method }
+        }).catch((err) => {
+          if (config.debug) {
+            console.error("[AgentShield] Log detection failed:", err);
+          }
+        });
+      }
+      if (decision.isAgent && config.onAgentDetected) {
+        await config.onAgentDetected(request, decision);
+      }
+      const redirectMode = config.redirectMode ?? "instruct";
+      switch (decision.action) {
+        case "block": {
+          if (config.customBlockedResponse) {
+            return await config.customBlockedResponse(request, decision);
+          }
+          if (config.onBlock === "redirect") {
+            return buildRedirectResponse(request, decision, config);
+          }
+          return buildBlockedResponse(request, decision, config);
+        }
+        case "redirect":
+        case "instruct": {
+          if (redirectMode === "http" && decision.action === "redirect") {
+            return buildRedirectResponse(request, decision, config);
+          }
+          const targetUrl = config.redirectUrl || decision.redirectUrl;
+          return buildAgentInstructionResponse(request, decision, targetUrl);
+        }
+        case "challenge": {
+          return buildRedirectResponse(request, decision, config);
+        }
+        case "log":
+        case "allow":
+        default: {
+          const response = server.NextResponse.next();
+          if (decision.isAgent) {
+            response.headers.set("KYA-Detected", "true");
+            response.headers.set("KYA-Confidence", decision.confidence.toString());
+            if (decision.agentName) {
+              response.headers.set("KYA-Agent", decision.agentName);
+            }
+          }
+          return response;
+        }
+      }
+    } catch (error) {
+      if (config.debug) {
+        console.error("[AgentShield] Middleware error:", error);
+      }
+      if (failOpen) {
+        return server.NextResponse.next();
+      }
+      return server.NextResponse.json(
+        { error: "Security check failed", code: "MIDDLEWARE_ERROR" },
+        { status: 503 }
+      );
+    }
+  };
+}
+var withAgentShield = withCheckpointApi;
+var LEGACY_MIGRATION_ERROR = "This export was removed in Phase D. Migrate to `withCheckpoint` (local-engine deployment) or `withCheckpointApi` (SaaS-gateway deployment) from `@kya-os/checkpoint-nextjs`. See packages/checkpoint-nextjs/README.md (Two deployment shapes) for which one fits your runtime.";
+function agentShieldMiddleware(_request) {
+  throw new Error(LEGACY_MIGRATION_ERROR);
+}
+function createEnhancedAgentShieldMiddleware(_config = {}) {
+  throw new Error(LEGACY_MIGRATION_ERROR);
+}
+var EdgeSessionTracker = class {
+  config;
+  constructor(config) {
+    this.config = {
+      enabled: config.enabled,
+      cookieName: config.cookieName || "__agentshield_session",
+      cookieMaxAge: config.cookieMaxAge || 3600,
+      // 1 hour default
+      encryptionKey: config.encryptionKey || process.env.AGENTSHIELD_SECRET || "agentshield-default-key"
+    };
+  }
+  /**
+   * Track a new AI agent session
+   */
+  async track(_request, response, result) {
+    try {
+      if (!this.config.enabled || !checkpointShared.shouldEnforce(result)) {
+        return response;
+      }
+      const sessionData = {
+        id: crypto.randomUUID(),
+        agent: result.detectedAgent?.name || "unknown",
+        confidence: result.confidence,
+        detectedAt: Date.now(),
+        expires: Date.now() + this.config.cookieMaxAge * 1e3
+      };
+      const encrypted = await this.encrypt(JSON.stringify(sessionData));
+      response.cookies.set(this.config.cookieName, encrypted, {
+        httpOnly: true,
+        secure: process.env.NODE_ENV === "production",
+        sameSite: "lax",
+        maxAge: this.config.cookieMaxAge,
+        path: "/"
+      });
+      return response;
+    } catch (error) {
+      if (process.env.DEBUG_AGENTSHIELD) {
+        console.warn("AgentShield: Failed to track session:", error);
+      }
+      return response;
+    }
+  }
+  /**
+   * Check for existing AI agent session
+   */
+  async check(request) {
+    try {
+      if (!this.config.enabled) {
+        return null;
+      }
+      const cookie = request.cookies.get(this.config.cookieName);
+      if (!cookie?.value) {
+        return null;
+      }
+      const decrypted = await this.decrypt(cookie.value);
+      const session = JSON.parse(decrypted);
+      if (session.expires < Date.now()) {
+        return null;
+      }
+      return session;
+    } catch (error) {
+      if (process.env.DEBUG_AGENTSHIELD) {
+        console.warn("AgentShield: Failed to check session:", error);
+      }
+      return null;
+    }
+  }
+  /**
+   * Clear an existing session
+   */
+  clear(response) {
+    try {
+      response.cookies.delete(this.config.cookieName);
+    } catch (error) {
+      if (process.env.DEBUG_AGENTSHIELD) {
+        console.warn("AgentShield: Failed to clear session:", error);
+      }
+    }
+    return response;
+  }
+  /**
+   * Simple encryption using Web Crypto API (Edge-compatible)
+   */
+  async encrypt(data) {
+    try {
+      const key = this.config.encryptionKey;
+      const encoded = new TextEncoder().encode(data);
+      const obfuscated = new Uint8Array(encoded.length);
+      for (let i = 0; i < encoded.length; i++) {
+        obfuscated[i] = (encoded[i] || 0) ^ key.charCodeAt(i % key.length);
+      }
+      return btoa(Array.from(obfuscated, (byte) => String.fromCharCode(byte)).join(""));
+    } catch (error) {
+      return btoa(data);
+    }
+  }
+  /**
+   * Simple decryption (Edge-compatible)
+   */
+  async decrypt(data) {
+    try {
+      const key = this.config.encryptionKey;
+      const decoded = Uint8Array.from(atob(data), (c) => c.charCodeAt(0));
+      const deobfuscated = new Uint8Array(decoded.length);
+      for (let i = 0; i < decoded.length; i++) {
+        deobfuscated[i] = (decoded[i] || 0) ^ key.charCodeAt(i % key.length);
+      }
+      return new TextDecoder().decode(deobfuscated);
+    } catch (error) {
+      return atob(data);
+    }
+  }
+};
+var StatelessSessionChecker = class {
+  static check(headers) {
+    try {
+      const agent = headers["kya-session-agent"];
+      const confidence = headers["kya-session-confidence"];
+      const sessionId = headers["kya-session-id"];
+      if (agent && confidence && sessionId) {
+        return {
+          id: sessionId,
+          agent,
+          confidence: parseFloat(confidence),
+          detectedAt: Date.now(),
+          expires: Date.now() + 36e5
+          // 1 hour
+        };
+      }
+      const cookieHeader = headers["cookie"];
+      if (cookieHeader && cookieHeader.includes("__agentshield_session=")) {
+        const match = cookieHeader.match(/__agentshield_session=([^;]+)/);
+        if (match && match[1]) {
+          try {
+            const decoded = atob(match[1]);
+            return JSON.parse(decoded);
+          } catch {
+          }
+        }
+      }
+      return null;
+    } catch {
+      return null;
+    }
+  }
+  static setHeaders(response, session) {
+    try {
+      if (response.setHeader) {
+        response.setHeader("KYA-Session-Agent", session.agent);
+        response.setHeader("KYA-Session-Confidence", session.confidence.toString());
+        response.setHeader("KYA-Session-Id", session.id);
+      } else if (response.headers && response.headers.set) {
+        response.headers.set("kya-session-agent", session.agent);
+        response.headers.set("kya-session-confidence", session.confidence.toString());
+        response.headers.set("kya-session-id", session.id);
+      }
+    } catch {
+    }
+  }
+};
+function createContextFromDetection(detection, request) {
+  return checkpointShared.createEvaluationContext({
+    agentType: detection.detectedAgent?.type,
+    agentName: detection.detectedAgent?.name,
+    agentVendor: detection.detectedAgent?.vendor,
+    confidence: detection.confidence,
+    riskLevel: detection.riskLevel,
+    path: request.nextUrl.pathname,
+    method: request.method,
+    signatureVerified: detection.verificationMethod === "signature",
+    isAuthenticated: false,
+    // TODO: integrate with auth
+    userAgent: request.headers.get("user-agent") || void 0
+  });
+}
+function evaluatePolicyForDetection(detection, request, policy) {
+  const context = createContextFromDetection(detection, request);
+  return checkpointShared.evaluatePolicy(policy, context);
+}
+function buildBlockedResponse2(decision, config) {
+  const status = config.blockedResponse?.status ?? 403;
+  const message = config.blockedResponse?.message ?? decision.message ?? "Access denied";
+  const response = server.NextResponse.json(
+    {
+      error: message,
+      code: "POLICY_BLOCKED",
+      reason: decision.reason,
+      ruleId: decision.ruleId,
+      matchType: decision.matchType
+    },
+    { status }
+  );
+  if (config.blockedResponse?.headers) {
+    for (const [key, value] of Object.entries(config.blockedResponse.headers)) {
+      response.headers.set(key, value);
+    }
+  }
+  response.headers.set("KYA-Action", decision.action);
+  response.headers.set("KYA-Reason", decision.reason);
+  response.headers.set("KYA-Match-Type", decision.matchType);
+  return response;
+}
+function buildRedirectResponse2(request, decision, config, detection) {
+  const redirectUrl = decision.redirectUrl || config.redirectUrl || "/blocked";
+  const url = new URL(redirectUrl, request.url);
+  url.searchParams.set("reason", decision.reason);
+  if (decision.ruleId) {
+    url.searchParams.set("ruleId", decision.ruleId);
+  }
+  const agentName = detection?.detectedAgent?.name;
+  if (agentName && !url.searchParams.has("agent")) {
+    url.searchParams.set("agent", agentName.toLowerCase());
+  }
+  return server.NextResponse.redirect(url);
+}
+function buildChallengeResponse(request, decision, config, detection) {
+  return buildRedirectResponse2(request, decision, config, detection);
+}
+async function handlePolicyDecision(request, decision, config, detection) {
+  switch (decision.action) {
+    case checkpointShared.ENFORCEMENT_ACTIONS.BLOCK:
+      if (config.customBlockedResponse) {
+        return await config.customBlockedResponse(request, decision);
+      }
+      return buildBlockedResponse2(decision, config);
+    case checkpointShared.ENFORCEMENT_ACTIONS.REDIRECT:
+      return buildRedirectResponse2(request, decision, config, detection);
+    case checkpointShared.ENFORCEMENT_ACTIONS.CHALLENGE:
+      return buildChallengeResponse(request, decision, config, detection);
+    case checkpointShared.ENFORCEMENT_ACTIONS.LOG:
+      console.log("[AgentShield] Policy decision (log):", {
+        path: request.nextUrl.pathname,
+        action: decision.action,
+        reason: decision.reason,
+        matchType: decision.matchType,
+        ruleId: decision.ruleId
+      });
+      return null;
+    // Continue to allow
+    case checkpointShared.ENFORCEMENT_ACTIONS.ALLOW:
+    default:
+      return null;
+  }
+}
+var fetcherCache = /* @__PURE__ */ new Map();
+function getFetcherCacheKey(config) {
+  return `${config.apiUrl ?? "default"}:${config.apiKey ?? ""}:${config.cacheTtlSeconds ?? "default"}`;
+}
+function getPolicyFetcher(config) {
+  if (!config) {
+    throw new Error("fetchPolicy config required");
+  }
+  const cacheKey = getFetcherCacheKey(config);
+  let fetcher = fetcherCache.get(cacheKey);
+  if (!fetcher) {
+    const fetcherConfig = {
+      apiBaseUrl: config.apiUrl || "https://kya.vouched.id",
+      apiKey: config.apiKey,
+      cacheTtlSeconds: config.cacheTtlSeconds
+    };
+    fetcher = checkpointShared.createPolicyFetcher(fetcherConfig);
+    fetcherCache.set(cacheKey, fetcher);
+  }
+  return fetcher;
+}
+async function getPolicy(config) {
+  if (config.policy) {
+    return checkpointShared.PolicyConfigSchema.parse({ ...checkpointShared.DEFAULT_POLICY, ...config.policy });
+  }
+  if (config.fetchPolicy) {
+    try {
+      const fetcher = getPolicyFetcher(config.fetchPolicy);
+      return await fetcher.getPolicy(config.fetchPolicy.projectId);
+    } catch (error) {
+      if (config.debug) {
+        console.warn("[AgentShield] Policy fetch failed, using fallback:", error);
+      }
+      return checkpointShared.PolicyConfigSchema.parse({
+        ...checkpointShared.DEFAULT_POLICY,
+        ...config.fallbackPolicy || {}
+      });
+    }
+  }
+  return checkpointShared.PolicyConfigSchema.parse(checkpointShared.DEFAULT_POLICY);
+}
+async function applyPolicy(request, detection, config) {
+  try {
+    const path = request.nextUrl.pathname;
+    if (config.skipPaths?.some((pattern) => checkpointShared.matchPath(path, pattern))) {
+      return null;
+    }
+    if (config.includePaths && config.includePaths.length > 0) {
+      if (!config.includePaths.some((pattern) => checkpointShared.matchPath(path, pattern))) {
+        return null;
+      }
+    }
+    const policy = await getPolicy(config);
+    const context = createContextFromDetection(detection, request);
+    const decision = checkpointShared.evaluatePolicy(policy, context);
+    if (config.onPolicyDecision) {
+      await config.onPolicyDecision(request, decision, context);
+    }
+    return await handlePolicyDecision(request, decision, config, detection);
+  } catch (error) {
+    if (config.debug) {
+      console.error("[AgentShield] Policy evaluation error:", error);
+    }
+    if (config.failOpen !== false) {
+      return null;
+    }
+    return server.NextResponse.json(
+      { error: "Security check failed", code: "POLICY_ERROR" },
+      { status: 503 }
+    );
+  }
+}
+
+// src/index.ts
+var VERSION = "0.1.0";
+/**
+ * @fileoverview Checkpoint Next.js Integration
+ * @license MIT OR Apache-2.0
+ */
+
+Object.defineProperty(exports, "DEFAULT_POLICY", {
+  enumerable: true,
+  get: function () { return checkpointShared.DEFAULT_POLICY; }
+});
+Object.defineProperty(exports, "ENFORCEMENT_ACTIONS", {
+  enumerable: true,
+  get: function () { return checkpointShared.ENFORCEMENT_ACTIONS; }
+});
+Object.defineProperty(exports, "createEvaluationContext", {
+  enumerable: true,
+  get: function () { return checkpointShared.createEvaluationContext; }
+});
+Object.defineProperty(exports, "evaluatePolicy", {
+  enumerable: true,
+  get: function () { return checkpointShared.evaluatePolicy; }
+});
+exports.AgentShieldClient = AgentShieldClient;
+exports.CheckpointApiClient = CheckpointApiClient;
+exports.EdgeSessionTracker = EdgeSessionTracker;
+exports.StatelessSessionChecker = StatelessSessionChecker;
+exports.VERSION = VERSION;
+exports.agentShieldMiddleware = agentShieldMiddleware;
+exports.applyPolicy = applyPolicy;
+exports.buildPolicyBlockedResponse = buildBlockedResponse2;
+exports.buildPolicyRedirectResponse = buildRedirectResponse2;
+exports.createAgentShieldMiddleware = createAgentShieldMiddleware2;
+exports.createAgentShieldMiddlewareBase = createAgentShieldMiddleware;
+exports.createContextFromDetection = createContextFromDetection;
+exports.createEnhancedAgentShieldMiddleware = createEnhancedAgentShieldMiddleware;
+exports.createMiddleware = createAgentShieldMiddleware2;
+exports.evaluatePolicyForDetection = evaluatePolicyForDetection;
+exports.getAgentShieldClient = getAgentShieldClient;
+exports.getCheckpointApiClient = getCheckpointApiClient;
+exports.getPolicy = getPolicy;
+exports.handlePolicyDecision = handlePolicyDecision;
+exports.resetAgentShieldClient = resetAgentShieldClient;
+exports.resetCheckpointApiClient = resetCheckpointApiClient;
+exports.withAgentShield = withAgentShield;
+exports.withCheckpoint = withCheckpoint;
+exports.withCheckpointApi = withCheckpointApi;
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map