@kya-os/contracts 1.5.2-canary.2 → 1.5.2-canary.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/agentshield-api/schemas.d.ts +230 -4348
  2. package/dist/agentshield-api/schemas.js +54 -11
  3. package/dist/agentshield-api/types.d.ts +30 -5
  4. package/dist/agentshield-api/types.js +1 -1
  5. package/dist/config/builder.js +1 -2
  6. package/package.json +1 -1
package/dist/agentshield-api/schemas.js CHANGED
@@ -26,10 +26,12 @@ exports.agentShieldAPIErrorSchema = zod_1.z.object({
26
26
  const agentShieldAPIResponseSchema = (dataSchema) => zod_1.z.object({
27
27
  success: zod_1.z.boolean(),
28
28
  data: dataSchema,
29
- metadata: zod_1.z.object({
29
+ metadata: zod_1.z
30
+ .object({
30
31
  requestId: zod_1.z.string(),
31
32
  timestamp: zod_1.z.string(),
32
- }).optional(),
33
+ })
34
+ .optional(),
33
35
  });
34
36
  exports.agentShieldAPIResponseSchema = agentShieldAPIResponseSchema;
35
37
  // ============================================================================
@@ -50,10 +52,12 @@ exports.proofSubmissionResponseSchema = zod_1.z.object({
50
52
  success: zod_1.z.boolean(),
51
53
  received: zod_1.z.number().int().min(0),
52
54
  processed: zod_1.z.number().int().min(0),
53
- errors: zod_1.z.array(zod_1.z.object({
55
+ errors: zod_1.z
56
+ .array(zod_1.z.object({
54
57
  proofId: zod_1.z.string(),
55
58
  error: zod_1.z.string(),
56
- })).optional(),
59
+ }))
60
+ .optional(),
57
61
  });
58
62
  // ============================================================================
59
63
  // Delegation Verification Schemas
@@ -77,11 +81,13 @@ exports.verifyDelegationRequestSchema = zod_1.z.object({
77
81
  agent_did: zod_1.z.string(),
78
82
  scopes: zod_1.z.array(zod_1.z.string()).min(1),
79
83
  timestamp: zod_1.z.number().int().positive().optional(),
80
- client_info: zod_1.z.object({
84
+ client_info: zod_1.z
85
+ .object({
81
86
  ip_address: zod_1.z.string().ip().optional(),
82
87
  origin: zod_1.z.string().url().optional(),
83
88
  user_agent: zod_1.z.string().optional(),
84
- }).optional(),
89
+ })
90
+ .optional(),
85
91
  });
86
92
  /**
87
93
  * Delegation verification response schema
@@ -105,12 +111,14 @@ exports.verifyDelegationAPIResponseSchema = (0, exports.agentShieldAPIResponseSc
105
111
  * AgentShield tool protection schema (supports both snake_case and camelCase)
106
112
  * This is the API-specific format, not the MCP-I spec schema
107
113
  */
108
- exports.agentShieldToolProtectionSchema = zod_1.z.object({
114
+ exports.agentShieldToolProtectionSchema = zod_1.z
115
+ .object({
109
116
  scopes: zod_1.z.array(zod_1.z.string()),
110
117
  requires_delegation: zod_1.z.boolean().optional(),
111
118
  requiresDelegation: zod_1.z.boolean().optional(),
112
119
  required_scopes: zod_1.z.array(zod_1.z.string()).optional(),
113
- }).passthrough(); // Allow additional properties
120
+ })
121
+ .passthrough(); // Allow additional properties
114
122
  /**
115
123
  * Tool protection config response schema
116
124
  */
@@ -129,16 +137,51 @@ exports.toolProtectionConfigAPIResponseSchema = (0, exports.agentShieldAPIRespon
129
137
  // ============================================================================
130
138
  /**
131
139
  * Create delegation request schema
140
+ *
141
+ * Note: AgentShield API accepts a simplified format, not the full DelegationRecord.
142
+ * The API accepts: agent_did, scopes, expires_in_days, expires_at, session_id, project_id, custom_fields
143
+ *
144
+ * IMPORTANT: expires_in_days and expires_at are mutually exclusive - use one or the other, not both.
132
145
  */
133
- exports.createDelegationRequestSchema = zod_1.z.object({
134
- delegation: index_js_1.DelegationRecordSchema,
146
+ exports.createDelegationRequestSchema = zod_1.z
147
+ .object({
148
+ agent_did: zod_1.z.string().min(1),
149
+ scopes: zod_1.z.array(zod_1.z.string()).min(1),
150
+ expires_in_days: zod_1.z.number().int().positive().optional(),
151
+ expires_at: zod_1.z.string().datetime().optional(),
152
+ session_id: zod_1.z.string().optional(),
153
+ project_id: zod_1.z.string().uuid().optional(),
154
+ custom_fields: zod_1.z.record(zod_1.z.unknown()).optional(),
155
+ })
156
+ .passthrough()
157
+ .refine((data) => {
158
+ // expires_in_days and expires_at are mutually exclusive
159
+ const hasExpiresInDays = data.expires_in_days !== undefined;
160
+ const hasExpiresAt = data.expires_at !== undefined;
161
+ return !(hasExpiresInDays && hasExpiresAt);
162
+ }, {
163
+ message: "expires_in_days and expires_at are mutually exclusive - use one or the other, not both",
164
+ path: ["expires_in_days", "expires_at"],
135
165
  });
136
166
  /**
137
167
  * Create delegation response schema
168
+ *
169
+ * Canonical format returned by POST /api/v1/bouncer/delegations
170
+ *
171
+ * IMPORTANT: delegation_token is NOT returned by this endpoint.
172
+ * delegation_token is only available via OAuth callback flow (/api/v1/bouncer/oauth/callback)
173
+ * and is passed as a URL parameter, not in the API response body.
138
174
  */
139
175
  exports.createDelegationResponseSchema = zod_1.z.object({
140
176
  delegation_id: zod_1.z.string().uuid(),
141
- delegation: index_js_1.DelegationRecordSchema,
177
+ agent_did: zod_1.z.string().min(1),
178
+ user_id: zod_1.z.string().optional(),
179
+ user_identifier: zod_1.z.string().optional(),
180
+ scopes: zod_1.z.array(zod_1.z.string()),
181
+ status: zod_1.z.literal("active"),
182
+ issued_at: zod_1.z.string().datetime(),
183
+ expires_at: zod_1.z.string().datetime().optional(),
184
+ created_at: zod_1.z.string().datetime(),
142
185
  });
143
186
  /**
144
187
  * Wrapped creation response schema
package/dist/agentshield-api/types.d.ts CHANGED
@@ -6,8 +6,8 @@
6
6
  *
7
7
  * @package @kya-os/contracts/agentshield-api
8
8
  */
9
- import type { DetachedProof } from '../proof.js';
10
- import type { DelegationRecord } from '../delegation/index.js';
9
+ import type { DetachedProof } from "../proof.js";
10
+ import type { DelegationRecord } from "../delegation/index.js";
11
11
  /**
12
12
  * Standard AgentShield API response wrapper
13
13
  */
@@ -124,16 +124,42 @@ export type ToolProtectionConfigAPIResponse = AgentShieldAPIResponse<ToolProtect
124
124
  /**
125
125
  * Request body for creating a delegation
126
126
  * POST /api/v1/bouncer/delegations
127
+ *
128
+ * Note: AgentShield API accepts a simplified format, not the full DelegationRecord.
129
+ * The API accepts: agent_did, scopes, expires_in_days, expires_at, session_id, project_id, custom_fields
130
+ *
131
+ * IMPORTANT: expires_in_days and expires_at are mutually exclusive - use one or the other, not both.
127
132
  */
128
133
  export interface CreateDelegationRequest {
129
- delegation: DelegationRecord;
134
+ agent_did: string;
135
+ scopes: string[];
136
+ /** Number of days until expiration (1-365). Mutually exclusive with expires_at. */
137
+ expires_in_days?: number;
138
+ /** ISO 8601 datetime when delegation expires. Mutually exclusive with expires_in_days. */
139
+ expires_at?: string;
140
+ session_id?: string;
141
+ project_id?: string;
142
+ custom_fields?: Record<string, unknown>;
130
143
  }
131
144
  /**
132
145
  * Response from delegation creation endpoint
146
+ *
147
+ * Canonical format returned by POST /api/v1/bouncer/delegations
148
+ *
149
+ * IMPORTANT: delegation_token is NOT returned by this endpoint.
150
+ * delegation_token is only available via OAuth callback flow (/api/v1/bouncer/oauth/callback)
151
+ * and is passed as a URL parameter, not in the API response body.
133
152
  */
134
153
  export interface CreateDelegationResponse {
135
154
  delegation_id: string;
136
- delegation: DelegationRecord;
155
+ agent_did: string;
156
+ user_id?: string;
157
+ user_identifier?: string;
158
+ scopes: string[];
159
+ status: "active";
160
+ issued_at: string;
161
+ expires_at?: string;
162
+ created_at: string;
137
163
  }
138
164
  /**
139
165
  * Wrapped creation response
@@ -166,4 +192,3 @@ export declare class AgentShieldAPIError extends Error {
166
192
  readonly details?: Record<string, unknown> | undefined;
167
193
  constructor(code: string, message: string, details?: Record<string, unknown> | undefined);
168
194
  }
169
- //# sourceMappingURL=types.d.ts.map
package/dist/agentshield-api/types.js CHANGED
@@ -20,7 +20,7 @@ class AgentShieldAPIError extends Error {
20
20
  super(message);
21
21
  this.code = code;
22
22
  this.details = details;
23
- this.name = 'AgentShieldAPIError';
23
+ this.name = "AgentShieldAPIError";
24
24
  }
25
25
  }
26
26
  exports.AgentShieldAPIError = AgentShieldAPIError;
package/dist/config/builder.js CHANGED
@@ -35,7 +35,7 @@ function buildBaseConfig(env) {
35
35
  {
36
36
  type: 'agentshield',
37
37
  apiUrl: env.AGENTSHIELD_API_URL || 'https://kya.vouched.id',
38
- apiKey: env.AGENTSHIELD_API_KEY || ''
38
+ apiKey: env.AGENTSHIELD_API_KEY
39
39
  }
40
40
  ],
41
41
  maxBatchSize: 10,
@@ -72,4 +72,3 @@ function buildBaseConfig(env) {
72
72
  };
73
73
  return baseConfig;
74
74
  }
75
- //# sourceMappingURL=builder.js.map
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@kya-os/contracts",
3
- "version": "1.5.2-canary.2",
3
+ "version": "1.5.2-canary.3",
4
4
  "description": "Shared types and schemas for XMCP-I ecosystem",
5
5
  "type": "commonjs",
6
6
  "sideEffects": false,