@kya-os/contracts 1.5.3-canary.3 → 1.5.3-canary.5

package/dist/consent/schemas.d.ts

@@ -6,7 +6,7 @@
  *
  * Related Spec: MCP-I Phase 0 Implementation Plan
  */
-import { z } from 'zod';
+import { z } from "zod";
 /**
  * Consent Branding Schema
  */
@@ -357,8 +357,11 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
     /**
      * OAuth provider identity information (optional)
      * Used to link OAuth accounts to persistent User DIDs
+     *
+     * CRITICAL: Uses .nullish() to accept null, undefined, or OAuthIdentity
+     * This matches JSON parsing behavior where missing fields become null
      */
-    oauth_identity: z.ZodOptional<z.ZodObject<{
+    oauth_identity: z.ZodOptional<z.ZodNullable<z.ZodObject<{
         /**
          * OAuth provider name (e.g., "google", "github", "microsoft")
          */
@@ -386,7 +389,7 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
         subject: string;
         name?: string | undefined;
         email?: string | undefined;
-    }>>;
+    }>>>;
     /**
      * User DID (optional)
      * If provided, represents the persistent User DID for this user
@@ -394,11 +397,11 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
      */
     user_did: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
-    agent_did: string;
-    project_id: string;
     tool: string;
     scopes: string[];
+    agent_did: string;
     session_id: string;
+    project_id: string;
     termsAccepted: boolean;
     customFields?: Record<string, string | boolean> | undefined;
     termsVersion?: string | undefined;
@@ -407,14 +410,14 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
         subject: string;
         name?: string | undefined;
         email?: string | undefined;
-    } | undefined;
+    } | null | undefined;
     user_did?: string | undefined;
 }, {
-    agent_did: string;
-    project_id: string;
     tool: string;
     scopes: string[];
+    agent_did: string;
     session_id: string;
+    project_id: string;
     termsAccepted: boolean;
     customFields?: Record<string, string | boolean> | undefined;
     termsVersion?: string | undefined;
@@ -423,7 +426,7 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
         subject: string;
         name?: string | undefined;
         email?: string | undefined;
-    } | undefined;
+    } | null | undefined;
     user_did?: string | undefined;
 }>;
 export type ConsentApprovalRequest = z.infer<typeof consentApprovalRequestSchema>;
@@ -723,11 +726,11 @@ export declare function validateConsentPageConfig(config: unknown): z.SafeParseR
  * @returns Validation result
  */
 export declare function validateConsentApprovalRequest(request: unknown): z.SafeParseReturnType<{
-    agent_did: string;
-    project_id: string;
     tool: string;
     scopes: string[];
+    agent_did: string;
     session_id: string;
+    project_id: string;
     termsAccepted: boolean;
     customFields?: Record<string, string | boolean> | undefined;
     termsVersion?: string | undefined;
@@ -736,14 +739,14 @@ export declare function validateConsentApprovalRequest(request: unknown): z.Safe
         subject: string;
         name?: string | undefined;
         email?: string | undefined;
-    } | undefined;
+    } | null | undefined;
     user_did?: string | undefined;
 }, {
-    agent_did: string;
-    project_id: string;
     tool: string;
     scopes: string[];
+    agent_did: string;
     session_id: string;
+    project_id: string;
     termsAccepted: boolean;
     customFields?: Record<string, string | boolean> | undefined;
     termsVersion?: string | undefined;
@@ -752,7 +755,7 @@ export declare function validateConsentApprovalRequest(request: unknown): z.Safe
         subject: string;
         name?: string | undefined;
         email?: string | undefined;
-    } | undefined;
+    } | null | undefined;
     user_did?: string | undefined;
 }>;
 /**

package/dist/consent/schemas.js

@@ -20,58 +20,79 @@ const zod_1 = require("zod");
 exports.consentBrandingSchema = zod_1.z.object({
     primaryColor: zod_1.z
         .string()
-        .regex(/^#[0-9A-Fa-f]{6}$/, 'Must be a valid hex color (e.g., #0066CC)')
+        .regex(/^#[0-9A-Fa-f]{6}$/, "Must be a valid hex color (e.g., #0066CC)")
         .optional(),
-    logoUrl: zod_1.z.string().url('Must be a valid URL').optional(),
-    companyName: zod_1.z.string().max(100, 'Company name must be 100 characters or less').optional(),
-    theme: zod_1.z.enum(['light', 'dark', 'auto']).optional(),
+    logoUrl: zod_1.z.string().url("Must be a valid URL").optional(),
+    companyName: zod_1.z
+        .string()
+        .max(100, "Company name must be 100 characters or less")
+        .optional(),
+    theme: zod_1.z.enum(["light", "dark", "auto"]).optional(),
 });
 /**
  * Consent Terms Schema
  */
 exports.consentTermsSchema = zod_1.z.object({
-    text: zod_1.z.string().max(10000, 'Terms text must be 10000 characters or less').optional(),
-    url: zod_1.z.string().url('Must be a valid URL').optional(),
-    version: zod_1.z.string().max(50, 'Version must be 50 characters or less').optional(),
+    text: zod_1.z
+        .string()
+        .max(10000, "Terms text must be 10000 characters or less")
+        .optional(),
+    url: zod_1.z.string().url("Must be a valid URL").optional(),
+    version: zod_1.z
+        .string()
+        .max(50, "Version must be 50 characters or less")
+        .optional(),
     required: zod_1.z.boolean().default(true),
 });
 /**
  * Consent Custom Field Option Schema
  */
 exports.consentCustomFieldOptionSchema = zod_1.z.object({
-    value: zod_1.z.string().max(100, 'Option value must be 100 characters or less'),
-    label: zod_1.z.string().max(100, 'Option label must be 100 characters or less'),
+    value: zod_1.z.string().max(100, "Option value must be 100 characters or less"),
+    label: zod_1.z.string().max(100, "Option label must be 100 characters or less"),
 });
 /**
  * Consent Custom Field Schema
  */
-exports.consentCustomFieldSchema = zod_1.z.object({
+exports.consentCustomFieldSchema = zod_1.z
+    .object({
     name: zod_1.z
         .string()
-        .min(1, 'Field name is required')
-        .max(50, 'Field name must be 50 characters or less')
-        .regex(/^[a-zA-Z0-9_]+$/, 'Field name must contain only letters, numbers, and underscores'),
-    label: zod_1.z.string().min(1, 'Field label is required').max(100, 'Field label must be 100 characters or less'),
-    type: zod_1.z.enum(['text', 'textarea', 'checkbox', 'select']),
+        .min(1, "Field name is required")
+        .max(50, "Field name must be 50 characters or less")
+        .regex(/^[a-zA-Z0-9_]+$/, "Field name must contain only letters, numbers, and underscores"),
+    label: zod_1.z
+        .string()
+        .min(1, "Field label is required")
+        .max(100, "Field label must be 100 characters or less"),
+    type: zod_1.z.enum(["text", "textarea", "checkbox", "select"]),
     required: zod_1.z.boolean(),
-    placeholder: zod_1.z.string().max(200, 'Placeholder must be 200 characters or less').optional(),
+    placeholder: zod_1.z
+        .string()
+        .max(200, "Placeholder must be 200 characters or less")
+        .optional(),
     options: zod_1.z
         .array(exports.consentCustomFieldOptionSchema)
-        .min(1, 'Select fields must have at least one option')
+        .min(1, "Select fields must have at least one option")
+        .optional(),
+    pattern: zod_1.z
+        .string()
+        .max(500, "Pattern must be 500 characters or less")
         .optional(),
-    pattern: zod_1.z.string().max(500, 'Pattern must be 500 characters or less').optional(),
-}).refine((data) => {
+})
+    .refine((data) => {
     // Select fields must have options
-    if (data.type === 'select' && (!data.options || data.options.length === 0)) {
+    if (data.type === "select" &&
+        (!data.options || data.options.length === 0)) {
         return false;
     }
     // Non-select fields should not have options
-    if (data.type !== 'select' && data.options) {
+    if (data.type !== "select" && data.options) {
         return false;
     }
     return true;
 }, {
-    message: 'Select fields must have options, and non-select fields must not have options',
+    message: "Select fields must have options, and non-select fields must not have options",
 });
 /**
  * OAuth Identity Schema
@@ -83,47 +104,50 @@ exports.oauthIdentitySchema = zod_1.z.object({
     /**
      * OAuth provider name (e.g., "google", "github", "microsoft")
      */
-    provider: zod_1.z.string()
-        .min(1, 'Provider is required')
-        .max(50, 'Provider name must be 50 characters or less'),
+    provider: zod_1.z
+        .string()
+        .min(1, "Provider is required")
+        .max(50, "Provider name must be 50 characters or less"),
     /**
      * OAuth subject identifier (unique user ID from provider)
      * @example "123456789" (Google), "github-user-id" (GitHub)
      */
-    subject: zod_1.z.string()
-        .min(1, 'Subject is required')
-        .max(255, 'Subject must be 255 characters or less'),
+    subject: zod_1.z
+        .string()
+        .min(1, "Subject is required")
+        .max(255, "Subject must be 255 characters or less"),
     /**
      * User's email address from OAuth provider (optional)
      */
-    email: zod_1.z.string()
-        .email('Must be a valid email address')
-        .max(255, 'Email must be 255 characters or less')
+    email: zod_1.z
+        .string()
+        .email("Must be a valid email address")
+        .max(255, "Email must be 255 characters or less")
         .optional(),
     /**
      * User's display name from OAuth provider (optional)
      */
-    name: zod_1.z.string()
-        .max(255, 'Name must be 255 characters or less')
-        .optional(),
+    name: zod_1.z.string().max(255, "Name must be 255 characters or less").optional(),
 });
 /**
  * Consent Page Config Schema
  */
 exports.consentPageConfigSchema = zod_1.z.object({
-    tool: zod_1.z.string().min(1, 'Tool name is required'),
-    toolDescription: zod_1.z.string().max(500, 'Tool description must be 500 characters or less'),
-    scopes: zod_1.z.array(zod_1.z.string()).min(0, 'Scopes array cannot be negative'),
-    agentDid: zod_1.z.string().min(1, 'Agent DID is required'),
-    sessionId: zod_1.z.string().min(1, 'Session ID is required'),
-    projectId: zod_1.z.string().min(1, 'Project ID is required'),
+    tool: zod_1.z.string().min(1, "Tool name is required"),
+    toolDescription: zod_1.z
+        .string()
+        .max(500, "Tool description must be 500 characters or less"),
+    scopes: zod_1.z.array(zod_1.z.string()).min(0, "Scopes array cannot be negative"),
+    agentDid: zod_1.z.string().min(1, "Agent DID is required"),
+    sessionId: zod_1.z.string().min(1, "Session ID is required"),
+    projectId: zod_1.z.string().min(1, "Project ID is required"),
     branding: exports.consentBrandingSchema.optional(),
     terms: exports.consentTermsSchema.optional(),
     customFields: zod_1.z
         .array(exports.consentCustomFieldSchema)
-        .max(10, 'Maximum 10 custom fields allowed')
+        .max(10, "Maximum 10 custom fields allowed")
         .optional(),
-    serverUrl: zod_1.z.string().url('Server URL must be a valid URL'),
+    serverUrl: zod_1.z.string().url("Server URL must be a valid URL"),
     autoClose: zod_1.z.boolean().optional(),
 });
 /**
@@ -136,44 +160,49 @@ exports.consentPageConfigSchema = zod_1.z.object({
  * - user_did: Optional User DID for persistent identity (if already known)
  */
 exports.consentApprovalRequestSchema = zod_1.z.object({
-    tool: zod_1.z.string().min(1, 'Tool name is required'),
-    scopes: zod_1.z.array(zod_1.z.string()).min(0, 'Scopes array cannot be negative'),
-    agent_did: zod_1.z.string().min(1, 'Agent DID is required'),
-    session_id: zod_1.z.string().min(1, 'Session ID is required'),
-    project_id: zod_1.z.string().min(1, 'Project ID is required'),
+    tool: zod_1.z.string().min(1, "Tool name is required"),
+    scopes: zod_1.z.array(zod_1.z.string()).min(0, "Scopes array cannot be negative"),
+    agent_did: zod_1.z.string().min(1, "Agent DID is required"),
+    session_id: zod_1.z.string().min(1, "Session ID is required"),
+    project_id: zod_1.z.string().min(1, "Project ID is required"),
     termsAccepted: zod_1.z.boolean(),
-    termsVersion: zod_1.z.string()
-        .max(50, 'Terms version must be 50 characters or less')
-        .optional(),
-    customFields: zod_1.z
-        .record(zod_1.z.union([zod_1.z.string(), zod_1.z.boolean()]))
+    termsVersion: zod_1.z
+        .string()
+        .max(50, "Terms version must be 50 characters or less")
         .optional(),
+    customFields: zod_1.z.record(zod_1.z.union([zod_1.z.string(), zod_1.z.boolean()])).optional(),
     // Phase 4: OAuth identity linking
     /**
      * OAuth provider identity information (optional)
      * Used to link OAuth accounts to persistent User DIDs
+     *
+     * CRITICAL: Uses .nullish() to accept null, undefined, or OAuthIdentity
+     * This matches JSON parsing behavior where missing fields become null
      */
-    oauth_identity: exports.oauthIdentitySchema.optional(),
+    oauth_identity: exports.oauthIdentitySchema.nullish(),
     /**
      * User DID (optional)
      * If provided, represents the persistent User DID for this user
      * Format: did:key:... or did:web:...
      */
-    user_did: zod_1.z.string()
-        .regex(/^did:/, 'Must be a valid DID format (starting with did:)')
-        .max(500, 'DID must be 500 characters or less')
+    user_did: zod_1.z
+        .string()
+        .regex(/^did:/, "Must be a valid DID format (starting with did:)")
+        .max(500, "DID must be 500 characters or less")
         .optional(),
 });
 /**
  * Consent Approval Response Schema
  */
-exports.consentApprovalResponseSchema = zod_1.z.object({
+exports.consentApprovalResponseSchema = zod_1.z
+    .object({
     success: zod_1.z.boolean(),
     delegation_id: zod_1.z.string().min(1).optional(),
     delegation_token: zod_1.z.string().min(1).optional(),
     error: zod_1.z.string().optional(),
     error_code: zod_1.z.string().optional(),
-}).refine((data) => {
+})
+    .refine((data) => {
     // If success is true, must have delegation_id and delegation_token
     if (data.success) {
         return !!data.delegation_id && !!data.delegation_token;
@@ -181,7 +210,7 @@ exports.consentApprovalResponseSchema = zod_1.z.object({
     // If success is false, must have error or error_code
     return !!data.error || !!data.error_code;
 }, {
-    message: 'Successful responses must include delegation_id and delegation_token. Failed responses must include error or error_code',
+    message: "Successful responses must include delegation_id and delegation_token. Failed responses must include error or error_code",
 });
 /**
  * Consent Config Schema
@@ -191,14 +220,21 @@ exports.consentConfigSchema = zod_1.z.object({
     terms: exports.consentTermsSchema.optional(),
     customFields: zod_1.z
         .array(exports.consentCustomFieldSchema)
-        .max(10, 'Maximum 10 custom fields allowed')
+        .max(10, "Maximum 10 custom fields allowed")
         .optional(),
-    ui: zod_1.z.object({
-        theme: zod_1.z.enum(['light', 'dark', 'auto']).optional(),
+    ui: zod_1.z
+        .object({
+        theme: zod_1.z.enum(["light", "dark", "auto"]).optional(),
         popupEnabled: zod_1.z.boolean().optional(),
         autoClose: zod_1.z.boolean().optional(),
-        autoCloseDelay: zod_1.z.number().int().positive().max(60000, 'Auto-close delay must be 60000ms or less').optional(),
-    }).optional(),
+        autoCloseDelay: zod_1.z
+            .number()
+            .int()
+            .positive()
+            .max(60000, "Auto-close delay must be 60000ms or less")
+            .optional(),
+    })
+        .optional(),
 });
 /**
  * Validation Helpers

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kya-os/contracts",
-  "version": "1.5.3-canary.3",
+  "version": "1.5.3-canary.5",
   "description": "Shared types and schemas for XMCP-I ecosystem",
   "type": "commonjs",
   "sideEffects": false,