@kya-os/contracts 1.7.14 → 1.7.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agentshield-api/schemas.d.ts +267 -183
- package/dist/agentshield-api/schemas.js +8 -1
- package/dist/agentshield-api/types.d.ts +5 -1
- package/dist/dashboard-config/schemas.d.ts +2966 -1918
- package/dist/delegation/schemas.d.ts +790 -244
- package/dist/delegation/schemas.js +68 -3
- package/dist/tool-protection/index.d.ts +180 -6
- package/dist/tool-protection/index.js +26 -0
- package/package.json +1 -1
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
* Python Reference: Delegation-Documentation.md, Delegation-Service.md
|
|
16
16
|
*/
|
|
17
17
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
18
|
-
exports.DelegationCredentialSchema = exports.DelegationCredentialSubjectSchema = exports.DELEGATION_CREDENTIAL_CONTEXT = exports.DELEGATION_STATUSES = exports.DEFAULT_DELEGATION_STATUS = exports.MAX_DELEGATION_CHAIN_DEPTH = exports.DelegationVerificationResultSchema = exports.DelegationCreationRequestSchema = exports.DelegationChainSchema = exports.DelegationChainEntrySchema = exports.DelegationRecordSchema = exports.DelegationStatusSchema = void 0;
|
|
18
|
+
exports.DelegationCredentialSchema = exports.DelegationCredentialSubjectSchema = exports.DELEGATION_CREDENTIAL_CONTEXT = exports.DELEGATION_STATUSES = exports.DEFAULT_DELEGATION_STATUS = exports.MAX_DELEGATION_CHAIN_DEPTH = exports.DelegationVerificationResultSchema = exports.DelegationVerificationDetailsSchema = exports.AuthorizationInfoSchema = exports.DelegationCreationRequestSchema = exports.DelegationChainSchema = exports.DelegationChainEntrySchema = exports.DelegationRecordSchema = exports.DelegationStatusSchema = void 0;
|
|
19
19
|
exports.validateDelegationRecord = validateDelegationRecord;
|
|
20
20
|
exports.validateDelegationChain = validateDelegationChain;
|
|
21
21
|
exports.isDelegationExpired = isDelegationExpired;
|
|
@@ -136,6 +136,71 @@ exports.DelegationCreationRequestSchema = zod_1.z.object({
|
|
|
136
136
|
/** Optional VC ID (if not provided, will be created) */
|
|
137
137
|
vcId: zod_1.z.string().optional(),
|
|
138
138
|
});
|
|
139
|
+
/**
|
|
140
|
+
* Authorization Info Schema
|
|
141
|
+
*
|
|
142
|
+
* Captures HOW the user verified their identity during consent.
|
|
143
|
+
* This is runtime verification metadata, separate from tool requirements.
|
|
144
|
+
*
|
|
145
|
+
* Note: This schema describes authorization info in verification results,
|
|
146
|
+
* not tool protection requirements (which use AuthorizationRequirementSchema).
|
|
147
|
+
*/
|
|
148
|
+
exports.AuthorizationInfoSchema = zod_1.z.object({
|
|
149
|
+
/**
|
|
150
|
+
* The authorization method used during consent
|
|
151
|
+
*
|
|
152
|
+
* - 'oauth2': OAuth 2.0 provider authentication (canonical)
|
|
153
|
+
* - 'oauth': Deprecated, use 'oauth2' (will be removed in v2.0.0)
|
|
154
|
+
* - 'password': Password/credential authentication
|
|
155
|
+
* - 'credential': Deprecated, use 'verifiable_credential' (will be removed in v2.0.0)
|
|
156
|
+
* - 'verifiable_credential': W3C Verifiable Credential
|
|
157
|
+
* - 'mdl': Mobile Driver's License
|
|
158
|
+
* - 'idv': Identity Verification
|
|
159
|
+
* - 'webauthn': WebAuthn/Passkey authentication
|
|
160
|
+
* - 'siwe': Sign-In with Ethereum (EIP-4361)
|
|
161
|
+
* - 'none': Consent-only (no authentication)
|
|
162
|
+
*/
|
|
163
|
+
type: zod_1.z.enum([
|
|
164
|
+
'oauth',
|
|
165
|
+
'oauth2',
|
|
166
|
+
'password',
|
|
167
|
+
'credential',
|
|
168
|
+
'verifiable_credential',
|
|
169
|
+
'mdl',
|
|
170
|
+
'idv',
|
|
171
|
+
'webauthn',
|
|
172
|
+
'siwe',
|
|
173
|
+
'none',
|
|
174
|
+
]),
|
|
175
|
+
/** OAuth/Password/IDV provider name (e.g., 'github', 'google', 'credentials') */
|
|
176
|
+
provider: zod_1.z.string().optional(),
|
|
177
|
+
/** Credential type for verifiable_credential or mdl auth */
|
|
178
|
+
credentialType: zod_1.z.string().optional(),
|
|
179
|
+
/** MDL issuer DID or identifier */
|
|
180
|
+
issuer: zod_1.z.string().optional(),
|
|
181
|
+
/** IDV verification level */
|
|
182
|
+
verificationLevel: zod_1.z.enum(['basic', 'enhanced', 'loa3']).optional(),
|
|
183
|
+
/** WebAuthn Relying Party ID */
|
|
184
|
+
rpId: zod_1.z.string().optional(),
|
|
185
|
+
/** WebAuthn user verification level */
|
|
186
|
+
userVerification: zod_1.z.enum(['required', 'preferred', 'discouraged']).optional(),
|
|
187
|
+
/** SIWE Ethereum chain ID */
|
|
188
|
+
chainId: zod_1.z.number().optional(),
|
|
189
|
+
/** SIWE domain */
|
|
190
|
+
domain: zod_1.z.string().optional(),
|
|
191
|
+
/** Timestamp when authorization was verified (milliseconds since epoch) */
|
|
192
|
+
verifiedAt: zod_1.z.number().int().positive().optional(),
|
|
193
|
+
});
|
|
194
|
+
/**
|
|
195
|
+
* Delegation Verification Details Schema
|
|
196
|
+
*
|
|
197
|
+
* Typed details object for verification results
|
|
198
|
+
*/
|
|
199
|
+
exports.DelegationVerificationDetailsSchema = zod_1.z.object({
|
|
200
|
+
/** Authorization info - how identity was verified during consent */
|
|
201
|
+
authorization: exports.AuthorizationInfoSchema.optional(),
|
|
202
|
+
/** Additional metadata fields (extensible) */
|
|
203
|
+
}).passthrough();
|
|
139
204
|
/**
|
|
140
205
|
* Delegation Verification Result
|
|
141
206
|
*
|
|
@@ -156,8 +221,8 @@ exports.DelegationVerificationResultSchema = zod_1.z.object({
|
|
|
156
221
|
chainValid: zod_1.z.boolean().optional(),
|
|
157
222
|
/** Timestamp of verification */
|
|
158
223
|
verifiedAt: zod_1.z.number().int().positive(),
|
|
159
|
-
/**
|
|
160
|
-
details:
|
|
224
|
+
/** Verification details including authorization info */
|
|
225
|
+
details: exports.DelegationVerificationDetailsSchema.optional(),
|
|
161
226
|
});
|
|
162
227
|
/**
|
|
163
228
|
* Validation Helpers
|
|
@@ -51,6 +51,16 @@ export type AuthorizationRequirement = {
|
|
|
51
51
|
type: 'credential';
|
|
52
52
|
credentialType: string;
|
|
53
53
|
issuer?: string;
|
|
54
|
+
} | {
|
|
55
|
+
/** WebAuthn/Passkey authentication */
|
|
56
|
+
type: 'webauthn';
|
|
57
|
+
rpId?: string;
|
|
58
|
+
userVerification?: 'required' | 'preferred' | 'discouraged';
|
|
59
|
+
} | {
|
|
60
|
+
/** Sign-In with Ethereum (EIP-4361) */
|
|
61
|
+
type: 'siwe';
|
|
62
|
+
chainId?: number;
|
|
63
|
+
domain?: string;
|
|
54
64
|
} | {
|
|
55
65
|
type: 'none';
|
|
56
66
|
};
|
|
@@ -64,6 +74,10 @@ export declare const AUTHORIZATION_TYPES: {
|
|
|
64
74
|
readonly MDL: "mdl";
|
|
65
75
|
readonly IDV: "idv";
|
|
66
76
|
readonly VERIFIABLE_CREDENTIAL: "verifiable_credential";
|
|
77
|
+
/** WebAuthn/Passkey authentication */
|
|
78
|
+
readonly WEBAUTHN: "webauthn";
|
|
79
|
+
/** Sign-In with Ethereum (EIP-4361) */
|
|
80
|
+
readonly SIWE: "siwe";
|
|
67
81
|
readonly NONE: "none";
|
|
68
82
|
};
|
|
69
83
|
export type AuthorizationType = (typeof AUTHORIZATION_TYPES)[keyof typeof AUTHORIZATION_TYPES];
|
|
@@ -279,6 +293,30 @@ export declare const AuthorizationRequirementSchema: z.ZodDiscriminatedUnion<"ty
|
|
|
279
293
|
type: "credential";
|
|
280
294
|
credentialType: string;
|
|
281
295
|
issuer?: string | undefined;
|
|
296
|
+
}>, z.ZodObject<{
|
|
297
|
+
type: z.ZodLiteral<"webauthn">;
|
|
298
|
+
rpId: z.ZodOptional<z.ZodString>;
|
|
299
|
+
userVerification: z.ZodOptional<z.ZodEnum<["required", "preferred", "discouraged"]>>;
|
|
300
|
+
}, "strip", z.ZodTypeAny, {
|
|
301
|
+
type: "webauthn";
|
|
302
|
+
rpId?: string | undefined;
|
|
303
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
304
|
+
}, {
|
|
305
|
+
type: "webauthn";
|
|
306
|
+
rpId?: string | undefined;
|
|
307
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
308
|
+
}>, z.ZodObject<{
|
|
309
|
+
type: z.ZodLiteral<"siwe">;
|
|
310
|
+
chainId: z.ZodOptional<z.ZodNumber>;
|
|
311
|
+
domain: z.ZodOptional<z.ZodString>;
|
|
312
|
+
}, "strip", z.ZodTypeAny, {
|
|
313
|
+
type: "siwe";
|
|
314
|
+
chainId?: number | undefined;
|
|
315
|
+
domain?: string | undefined;
|
|
316
|
+
}, {
|
|
317
|
+
type: "siwe";
|
|
318
|
+
chainId?: number | undefined;
|
|
319
|
+
domain?: string | undefined;
|
|
282
320
|
}>, z.ZodObject<{
|
|
283
321
|
type: z.ZodLiteral<"none">;
|
|
284
322
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -372,6 +410,30 @@ export declare const ToolProtectionSchema: z.ZodObject<{
|
|
|
372
410
|
type: "credential";
|
|
373
411
|
credentialType: string;
|
|
374
412
|
issuer?: string | undefined;
|
|
413
|
+
}>, z.ZodObject<{
|
|
414
|
+
type: z.ZodLiteral<"webauthn">;
|
|
415
|
+
rpId: z.ZodOptional<z.ZodString>;
|
|
416
|
+
userVerification: z.ZodOptional<z.ZodEnum<["required", "preferred", "discouraged"]>>;
|
|
417
|
+
}, "strip", z.ZodTypeAny, {
|
|
418
|
+
type: "webauthn";
|
|
419
|
+
rpId?: string | undefined;
|
|
420
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
421
|
+
}, {
|
|
422
|
+
type: "webauthn";
|
|
423
|
+
rpId?: string | undefined;
|
|
424
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
425
|
+
}>, z.ZodObject<{
|
|
426
|
+
type: z.ZodLiteral<"siwe">;
|
|
427
|
+
chainId: z.ZodOptional<z.ZodNumber>;
|
|
428
|
+
domain: z.ZodOptional<z.ZodString>;
|
|
429
|
+
}, "strip", z.ZodTypeAny, {
|
|
430
|
+
type: "siwe";
|
|
431
|
+
chainId?: number | undefined;
|
|
432
|
+
domain?: string | undefined;
|
|
433
|
+
}, {
|
|
434
|
+
type: "siwe";
|
|
435
|
+
chainId?: number | undefined;
|
|
436
|
+
domain?: string | undefined;
|
|
375
437
|
}>, z.ZodObject<{
|
|
376
438
|
type: z.ZodLiteral<"none">;
|
|
377
439
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -409,6 +471,14 @@ export declare const ToolProtectionSchema: z.ZodObject<{
|
|
|
409
471
|
type: "credential";
|
|
410
472
|
credentialType: string;
|
|
411
473
|
issuer?: string | undefined;
|
|
474
|
+
} | {
|
|
475
|
+
type: "webauthn";
|
|
476
|
+
rpId?: string | undefined;
|
|
477
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
478
|
+
} | {
|
|
479
|
+
type: "siwe";
|
|
480
|
+
chainId?: number | undefined;
|
|
481
|
+
domain?: string | undefined;
|
|
412
482
|
} | {
|
|
413
483
|
type: "none";
|
|
414
484
|
} | undefined;
|
|
@@ -444,6 +514,14 @@ export declare const ToolProtectionSchema: z.ZodObject<{
|
|
|
444
514
|
type: "credential";
|
|
445
515
|
credentialType: string;
|
|
446
516
|
issuer?: string | undefined;
|
|
517
|
+
} | {
|
|
518
|
+
type: "webauthn";
|
|
519
|
+
rpId?: string | undefined;
|
|
520
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
521
|
+
} | {
|
|
522
|
+
type: "siwe";
|
|
523
|
+
chainId?: number | undefined;
|
|
524
|
+
domain?: string | undefined;
|
|
447
525
|
} | {
|
|
448
526
|
type: "none";
|
|
449
527
|
} | undefined;
|
|
@@ -536,6 +614,30 @@ export declare const ToolProtectionMapSchema: z.ZodRecord<z.ZodString, z.ZodObje
|
|
|
536
614
|
type: "credential";
|
|
537
615
|
credentialType: string;
|
|
538
616
|
issuer?: string | undefined;
|
|
617
|
+
}>, z.ZodObject<{
|
|
618
|
+
type: z.ZodLiteral<"webauthn">;
|
|
619
|
+
rpId: z.ZodOptional<z.ZodString>;
|
|
620
|
+
userVerification: z.ZodOptional<z.ZodEnum<["required", "preferred", "discouraged"]>>;
|
|
621
|
+
}, "strip", z.ZodTypeAny, {
|
|
622
|
+
type: "webauthn";
|
|
623
|
+
rpId?: string | undefined;
|
|
624
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
625
|
+
}, {
|
|
626
|
+
type: "webauthn";
|
|
627
|
+
rpId?: string | undefined;
|
|
628
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
629
|
+
}>, z.ZodObject<{
|
|
630
|
+
type: z.ZodLiteral<"siwe">;
|
|
631
|
+
chainId: z.ZodOptional<z.ZodNumber>;
|
|
632
|
+
domain: z.ZodOptional<z.ZodString>;
|
|
633
|
+
}, "strip", z.ZodTypeAny, {
|
|
634
|
+
type: "siwe";
|
|
635
|
+
chainId?: number | undefined;
|
|
636
|
+
domain?: string | undefined;
|
|
637
|
+
}, {
|
|
638
|
+
type: "siwe";
|
|
639
|
+
chainId?: number | undefined;
|
|
640
|
+
domain?: string | undefined;
|
|
539
641
|
}>, z.ZodObject<{
|
|
540
642
|
type: z.ZodLiteral<"none">;
|
|
541
643
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -573,6 +675,14 @@ export declare const ToolProtectionMapSchema: z.ZodRecord<z.ZodString, z.ZodObje
|
|
|
573
675
|
type: "credential";
|
|
574
676
|
credentialType: string;
|
|
575
677
|
issuer?: string | undefined;
|
|
678
|
+
} | {
|
|
679
|
+
type: "webauthn";
|
|
680
|
+
rpId?: string | undefined;
|
|
681
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
682
|
+
} | {
|
|
683
|
+
type: "siwe";
|
|
684
|
+
chainId?: number | undefined;
|
|
685
|
+
domain?: string | undefined;
|
|
576
686
|
} | {
|
|
577
687
|
type: "none";
|
|
578
688
|
} | undefined;
|
|
@@ -608,6 +718,14 @@ export declare const ToolProtectionMapSchema: z.ZodRecord<z.ZodString, z.ZodObje
|
|
|
608
718
|
type: "credential";
|
|
609
719
|
credentialType: string;
|
|
610
720
|
issuer?: string | undefined;
|
|
721
|
+
} | {
|
|
722
|
+
type: "webauthn";
|
|
723
|
+
rpId?: string | undefined;
|
|
724
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
725
|
+
} | {
|
|
726
|
+
type: "siwe";
|
|
727
|
+
chainId?: number | undefined;
|
|
728
|
+
domain?: string | undefined;
|
|
611
729
|
} | {
|
|
612
730
|
type: "none";
|
|
613
731
|
} | undefined;
|
|
@@ -701,6 +819,30 @@ export declare const ToolProtectionResponseSchema: z.ZodObject<{
|
|
|
701
819
|
type: "credential";
|
|
702
820
|
credentialType: string;
|
|
703
821
|
issuer?: string | undefined;
|
|
822
|
+
}>, z.ZodObject<{
|
|
823
|
+
type: z.ZodLiteral<"webauthn">;
|
|
824
|
+
rpId: z.ZodOptional<z.ZodString>;
|
|
825
|
+
userVerification: z.ZodOptional<z.ZodEnum<["required", "preferred", "discouraged"]>>;
|
|
826
|
+
}, "strip", z.ZodTypeAny, {
|
|
827
|
+
type: "webauthn";
|
|
828
|
+
rpId?: string | undefined;
|
|
829
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
830
|
+
}, {
|
|
831
|
+
type: "webauthn";
|
|
832
|
+
rpId?: string | undefined;
|
|
833
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
834
|
+
}>, z.ZodObject<{
|
|
835
|
+
type: z.ZodLiteral<"siwe">;
|
|
836
|
+
chainId: z.ZodOptional<z.ZodNumber>;
|
|
837
|
+
domain: z.ZodOptional<z.ZodString>;
|
|
838
|
+
}, "strip", z.ZodTypeAny, {
|
|
839
|
+
type: "siwe";
|
|
840
|
+
chainId?: number | undefined;
|
|
841
|
+
domain?: string | undefined;
|
|
842
|
+
}, {
|
|
843
|
+
type: "siwe";
|
|
844
|
+
chainId?: number | undefined;
|
|
845
|
+
domain?: string | undefined;
|
|
704
846
|
}>, z.ZodObject<{
|
|
705
847
|
type: z.ZodLiteral<"none">;
|
|
706
848
|
}, "strip", z.ZodTypeAny, {
|
|
@@ -738,6 +880,14 @@ export declare const ToolProtectionResponseSchema: z.ZodObject<{
|
|
|
738
880
|
type: "credential";
|
|
739
881
|
credentialType: string;
|
|
740
882
|
issuer?: string | undefined;
|
|
883
|
+
} | {
|
|
884
|
+
type: "webauthn";
|
|
885
|
+
rpId?: string | undefined;
|
|
886
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
887
|
+
} | {
|
|
888
|
+
type: "siwe";
|
|
889
|
+
chainId?: number | undefined;
|
|
890
|
+
domain?: string | undefined;
|
|
741
891
|
} | {
|
|
742
892
|
type: "none";
|
|
743
893
|
} | undefined;
|
|
@@ -773,6 +923,14 @@ export declare const ToolProtectionResponseSchema: z.ZodObject<{
|
|
|
773
923
|
type: "credential";
|
|
774
924
|
credentialType: string;
|
|
775
925
|
issuer?: string | undefined;
|
|
926
|
+
} | {
|
|
927
|
+
type: "webauthn";
|
|
928
|
+
rpId?: string | undefined;
|
|
929
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
930
|
+
} | {
|
|
931
|
+
type: "siwe";
|
|
932
|
+
chainId?: number | undefined;
|
|
933
|
+
domain?: string | undefined;
|
|
776
934
|
} | {
|
|
777
935
|
type: "none";
|
|
778
936
|
} | undefined;
|
|
@@ -785,12 +943,12 @@ export declare const ToolProtectionResponseSchema: z.ZodObject<{
|
|
|
785
943
|
source: z.ZodOptional<z.ZodString>;
|
|
786
944
|
}, "strip", z.ZodTypeAny, {
|
|
787
945
|
version?: string | undefined;
|
|
788
|
-
lastUpdated?: string | undefined;
|
|
789
946
|
source?: string | undefined;
|
|
947
|
+
lastUpdated?: string | undefined;
|
|
790
948
|
}, {
|
|
791
949
|
version?: string | undefined;
|
|
792
|
-
lastUpdated?: string | undefined;
|
|
793
950
|
source?: string | undefined;
|
|
951
|
+
lastUpdated?: string | undefined;
|
|
794
952
|
}>>;
|
|
795
953
|
}, "strip", z.ZodTypeAny, {
|
|
796
954
|
toolProtections: Record<string, {
|
|
@@ -823,6 +981,14 @@ export declare const ToolProtectionResponseSchema: z.ZodObject<{
|
|
|
823
981
|
type: "credential";
|
|
824
982
|
credentialType: string;
|
|
825
983
|
issuer?: string | undefined;
|
|
984
|
+
} | {
|
|
985
|
+
type: "webauthn";
|
|
986
|
+
rpId?: string | undefined;
|
|
987
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
988
|
+
} | {
|
|
989
|
+
type: "siwe";
|
|
990
|
+
chainId?: number | undefined;
|
|
991
|
+
domain?: string | undefined;
|
|
826
992
|
} | {
|
|
827
993
|
type: "none";
|
|
828
994
|
} | undefined;
|
|
@@ -831,8 +997,8 @@ export declare const ToolProtectionResponseSchema: z.ZodObject<{
|
|
|
831
997
|
}>;
|
|
832
998
|
metadata?: {
|
|
833
999
|
version?: string | undefined;
|
|
834
|
-
lastUpdated?: string | undefined;
|
|
835
1000
|
source?: string | undefined;
|
|
1001
|
+
lastUpdated?: string | undefined;
|
|
836
1002
|
} | undefined;
|
|
837
1003
|
}, {
|
|
838
1004
|
toolProtections: Record<string, {
|
|
@@ -865,6 +1031,14 @@ export declare const ToolProtectionResponseSchema: z.ZodObject<{
|
|
|
865
1031
|
type: "credential";
|
|
866
1032
|
credentialType: string;
|
|
867
1033
|
issuer?: string | undefined;
|
|
1034
|
+
} | {
|
|
1035
|
+
type: "webauthn";
|
|
1036
|
+
rpId?: string | undefined;
|
|
1037
|
+
userVerification?: "required" | "preferred" | "discouraged" | undefined;
|
|
1038
|
+
} | {
|
|
1039
|
+
type: "siwe";
|
|
1040
|
+
chainId?: number | undefined;
|
|
1041
|
+
domain?: string | undefined;
|
|
868
1042
|
} | {
|
|
869
1043
|
type: "none";
|
|
870
1044
|
} | undefined;
|
|
@@ -873,8 +1047,8 @@ export declare const ToolProtectionResponseSchema: z.ZodObject<{
|
|
|
873
1047
|
}>;
|
|
874
1048
|
metadata?: {
|
|
875
1049
|
version?: string | undefined;
|
|
876
|
-
lastUpdated?: string | undefined;
|
|
877
1050
|
source?: string | undefined;
|
|
1051
|
+
lastUpdated?: string | undefined;
|
|
878
1052
|
} | undefined;
|
|
879
1053
|
}>;
|
|
880
1054
|
export declare const DelegationRequiredErrorDataSchema: z.ZodObject<{
|
|
@@ -886,15 +1060,15 @@ export declare const DelegationRequiredErrorDataSchema: z.ZodObject<{
|
|
|
886
1060
|
}, "strip", z.ZodTypeAny, {
|
|
887
1061
|
requiredScopes: string[];
|
|
888
1062
|
toolName: string;
|
|
889
|
-
authorizationUrl?: string | undefined;
|
|
890
1063
|
reason?: string | undefined;
|
|
891
1064
|
consentUrl?: string | undefined;
|
|
1065
|
+
authorizationUrl?: string | undefined;
|
|
892
1066
|
}, {
|
|
893
1067
|
requiredScopes: string[];
|
|
894
1068
|
toolName: string;
|
|
895
|
-
authorizationUrl?: string | undefined;
|
|
896
1069
|
reason?: string | undefined;
|
|
897
1070
|
consentUrl?: string | undefined;
|
|
1071
|
+
authorizationUrl?: string | undefined;
|
|
898
1072
|
}>;
|
|
899
1073
|
/**
|
|
900
1074
|
* Type Guards
|
|
@@ -43,6 +43,10 @@ exports.AUTHORIZATION_TYPES = {
|
|
|
43
43
|
MDL: 'mdl',
|
|
44
44
|
IDV: 'idv',
|
|
45
45
|
VERIFIABLE_CREDENTIAL: 'verifiable_credential',
|
|
46
|
+
/** WebAuthn/Passkey authentication */
|
|
47
|
+
WEBAUTHN: 'webauthn',
|
|
48
|
+
/** Sign-In with Ethereum (EIP-4361) */
|
|
49
|
+
SIWE: 'siwe',
|
|
46
50
|
NONE: 'none',
|
|
47
51
|
};
|
|
48
52
|
/**
|
|
@@ -88,6 +92,18 @@ exports.AuthorizationRequirementSchema = zod_1.z.discriminatedUnion('type', [
|
|
|
88
92
|
credentialType: zod_1.z.string(),
|
|
89
93
|
issuer: zod_1.z.string().optional(),
|
|
90
94
|
}),
|
|
95
|
+
// WebAuthn/Passkey authentication
|
|
96
|
+
zod_1.z.object({
|
|
97
|
+
type: zod_1.z.literal('webauthn'),
|
|
98
|
+
rpId: zod_1.z.string().optional(),
|
|
99
|
+
userVerification: zod_1.z.enum(['required', 'preferred', 'discouraged']).optional(),
|
|
100
|
+
}),
|
|
101
|
+
// Sign-In with Ethereum (EIP-4361)
|
|
102
|
+
zod_1.z.object({
|
|
103
|
+
type: zod_1.z.literal('siwe'),
|
|
104
|
+
chainId: zod_1.z.number().optional(),
|
|
105
|
+
domain: zod_1.z.string().optional(),
|
|
106
|
+
}),
|
|
91
107
|
zod_1.z.object({
|
|
92
108
|
type: zod_1.z.literal('none'),
|
|
93
109
|
}),
|
|
@@ -317,6 +333,10 @@ function getAuthorizationTypeLabel(auth) {
|
|
|
317
333
|
case 'credential':
|
|
318
334
|
// Deprecated: treat as verifiable_credential
|
|
319
335
|
return auth.credentialType || 'Verifiable Credential';
|
|
336
|
+
case 'webauthn':
|
|
337
|
+
return 'Passkey / WebAuthn';
|
|
338
|
+
case 'siwe':
|
|
339
|
+
return 'Sign-In with Ethereum';
|
|
320
340
|
case 'none':
|
|
321
341
|
return 'Consent Only';
|
|
322
342
|
default:
|
|
@@ -331,6 +351,8 @@ function getAuthorizationTypeLabel(auth) {
|
|
|
331
351
|
function getAuthorizationTypeKey(auth) {
|
|
332
352
|
switch (auth.type) {
|
|
333
353
|
case 'oauth':
|
|
354
|
+
// Keep original key format for backward compatibility with existing cache entries
|
|
355
|
+
return `oauth:${auth.provider}`;
|
|
334
356
|
case 'oauth2':
|
|
335
357
|
return `oauth2:${auth.provider}`;
|
|
336
358
|
case 'password':
|
|
@@ -344,6 +366,10 @@ function getAuthorizationTypeKey(auth) {
|
|
|
344
366
|
case 'credential':
|
|
345
367
|
// Deprecated: treat as verifiable_credential
|
|
346
368
|
return `vc:${auth.issuer || 'any'}:${auth.credentialType}`;
|
|
369
|
+
case 'webauthn':
|
|
370
|
+
return `webauthn:${auth.rpId || 'default'}`;
|
|
371
|
+
case 'siwe':
|
|
372
|
+
return `siwe:${auth.chainId || 1}:${auth.domain || 'any'}`;
|
|
347
373
|
case 'none':
|
|
348
374
|
return 'none';
|
|
349
375
|
default:
|