@kya-os/contracts 1.7.17 → 1.7.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/agentshield-api/schemas.d.ts +144 -144
- package/dist/audit/index.d.ts +21 -21
- package/dist/consent/schemas.d.ts +30 -8
- package/dist/consent/schemas.js +20 -0
- package/dist/delegation/schemas.d.ts +336 -336
- package/dist/handshake.d.ts +30 -30
- package/dist/tool-protection/index.js +10 -7
- package/dist/verifier.d.ts +6 -6
- package/package.json +2 -2
package/dist/audit/index.d.ts
CHANGED
|
@@ -65,38 +65,38 @@ export declare const AuditContextSchema: z.ZodObject<{
|
|
|
65
65
|
*/
|
|
66
66
|
scopeId: z.ZodOptional<z.ZodString>;
|
|
67
67
|
}, "strip", z.ZodTypeAny, {
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
kid: string;
|
|
71
|
-
} & {
|
|
72
|
-
[k: string]: unknown;
|
|
73
|
-
};
|
|
68
|
+
requestHash: string;
|
|
69
|
+
responseHash: string;
|
|
74
70
|
session: {
|
|
75
71
|
audience: string;
|
|
76
72
|
sessionId: string;
|
|
77
73
|
} & {
|
|
78
74
|
[k: string]: unknown;
|
|
79
75
|
};
|
|
80
|
-
requestHash: string;
|
|
81
|
-
responseHash: string;
|
|
82
76
|
verified: "yes" | "no";
|
|
83
|
-
scopeId?: string | undefined;
|
|
84
|
-
}, {
|
|
85
77
|
identity: {
|
|
86
78
|
did: string;
|
|
87
79
|
kid: string;
|
|
88
80
|
} & {
|
|
89
81
|
[k: string]: unknown;
|
|
90
82
|
};
|
|
83
|
+
scopeId?: string | undefined;
|
|
84
|
+
}, {
|
|
85
|
+
requestHash: string;
|
|
86
|
+
responseHash: string;
|
|
91
87
|
session: {
|
|
92
88
|
audience: string;
|
|
93
89
|
sessionId: string;
|
|
94
90
|
} & {
|
|
95
91
|
[k: string]: unknown;
|
|
96
92
|
};
|
|
97
|
-
requestHash: string;
|
|
98
|
-
responseHash: string;
|
|
99
93
|
verified: "yes" | "no";
|
|
94
|
+
identity: {
|
|
95
|
+
did: string;
|
|
96
|
+
kid: string;
|
|
97
|
+
} & {
|
|
98
|
+
[k: string]: unknown;
|
|
99
|
+
};
|
|
100
100
|
scopeId?: string | undefined;
|
|
101
101
|
}>;
|
|
102
102
|
export type AuditContext = {
|
|
@@ -153,33 +153,33 @@ export declare const AuditEventContextSchema: z.ZodObject<{
|
|
|
153
153
|
*/
|
|
154
154
|
eventData: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
|
|
155
155
|
}, "strip", z.ZodTypeAny, {
|
|
156
|
-
identity: {
|
|
157
|
-
did: string;
|
|
158
|
-
kid: string;
|
|
159
|
-
} & {
|
|
160
|
-
[k: string]: unknown;
|
|
161
|
-
};
|
|
162
156
|
session: {
|
|
163
157
|
audience: string;
|
|
164
158
|
sessionId: string;
|
|
165
159
|
} & {
|
|
166
160
|
[k: string]: unknown;
|
|
167
161
|
};
|
|
168
|
-
eventType: string;
|
|
169
|
-
eventData?: Record<string, unknown> | undefined;
|
|
170
|
-
}, {
|
|
171
162
|
identity: {
|
|
172
163
|
did: string;
|
|
173
164
|
kid: string;
|
|
174
165
|
} & {
|
|
175
166
|
[k: string]: unknown;
|
|
176
167
|
};
|
|
168
|
+
eventType: string;
|
|
169
|
+
eventData?: Record<string, unknown> | undefined;
|
|
170
|
+
}, {
|
|
177
171
|
session: {
|
|
178
172
|
audience: string;
|
|
179
173
|
sessionId: string;
|
|
180
174
|
} & {
|
|
181
175
|
[k: string]: unknown;
|
|
182
176
|
};
|
|
177
|
+
identity: {
|
|
178
|
+
did: string;
|
|
179
|
+
kid: string;
|
|
180
|
+
} & {
|
|
181
|
+
[k: string]: unknown;
|
|
182
|
+
};
|
|
183
183
|
eventType: string;
|
|
184
184
|
eventData?: Record<string, unknown> | undefined;
|
|
185
185
|
}>;
|
|
@@ -151,13 +151,13 @@ export declare const oauthIdentitySchema: z.ZodObject<{
|
|
|
151
151
|
*/
|
|
152
152
|
name: z.ZodOptional<z.ZodString>;
|
|
153
153
|
}, "strip", z.ZodTypeAny, {
|
|
154
|
-
subject: string;
|
|
155
154
|
provider: string;
|
|
155
|
+
subject: string;
|
|
156
156
|
email?: string | undefined;
|
|
157
157
|
name?: string | undefined;
|
|
158
158
|
}, {
|
|
159
|
-
subject: string;
|
|
160
159
|
provider: string;
|
|
160
|
+
subject: string;
|
|
161
161
|
email?: string | undefined;
|
|
162
162
|
name?: string | undefined;
|
|
163
163
|
}>;
|
|
@@ -469,13 +469,13 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
|
|
|
469
469
|
*/
|
|
470
470
|
name: z.ZodOptional<z.ZodString>;
|
|
471
471
|
}, "strip", z.ZodTypeAny, {
|
|
472
|
-
subject: string;
|
|
473
472
|
provider: string;
|
|
473
|
+
subject: string;
|
|
474
474
|
email?: string | undefined;
|
|
475
475
|
name?: string | undefined;
|
|
476
476
|
}, {
|
|
477
|
-
subject: string;
|
|
478
477
|
provider: string;
|
|
478
|
+
subject: string;
|
|
479
479
|
email?: string | undefined;
|
|
480
480
|
name?: string | undefined;
|
|
481
481
|
}>>>;
|
|
@@ -485,6 +485,20 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
|
|
|
485
485
|
* Format: did:key:... or did:web:...
|
|
486
486
|
*/
|
|
487
487
|
user_did: z.ZodOptional<z.ZodString>;
|
|
488
|
+
/**
|
|
489
|
+
* Human-readable user identifier from credential authentication (email/username).
|
|
490
|
+
* Used for display in AgentShield dashboard.
|
|
491
|
+
* This comes from the credential provider response (e.g., customer.email from Hardware World).
|
|
492
|
+
* Maps to: user_identifier in delegation metadata
|
|
493
|
+
*/
|
|
494
|
+
credential_user_email: z.ZodOptional<z.ZodString>;
|
|
495
|
+
/**
|
|
496
|
+
* Provider's internal user ID from credential authentication.
|
|
497
|
+
* This is the provider-specific identifier (e.g., customer ID 696395 from Hardware World).
|
|
498
|
+
* Used for business reference and linking to provider systems.
|
|
499
|
+
* Maps to: user_id in delegation metadata
|
|
500
|
+
*/
|
|
501
|
+
credential_provider_user_id: z.ZodOptional<z.ZodString>;
|
|
488
502
|
}, "strip", z.ZodTypeAny, {
|
|
489
503
|
scopes: string[];
|
|
490
504
|
tool: string;
|
|
@@ -496,11 +510,13 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
|
|
|
496
510
|
customFields?: Record<string, string | boolean> | undefined;
|
|
497
511
|
termsVersion?: string | undefined;
|
|
498
512
|
oauth_identity?: {
|
|
499
|
-
subject: string;
|
|
500
513
|
provider: string;
|
|
514
|
+
subject: string;
|
|
501
515
|
email?: string | undefined;
|
|
502
516
|
name?: string | undefined;
|
|
503
517
|
} | null | undefined;
|
|
518
|
+
credential_user_email?: string | undefined;
|
|
519
|
+
credential_provider_user_id?: string | undefined;
|
|
504
520
|
}, {
|
|
505
521
|
scopes: string[];
|
|
506
522
|
tool: string;
|
|
@@ -512,11 +528,13 @@ export declare const consentApprovalRequestSchema: z.ZodObject<{
|
|
|
512
528
|
customFields?: Record<string, string | boolean> | undefined;
|
|
513
529
|
termsVersion?: string | undefined;
|
|
514
530
|
oauth_identity?: {
|
|
515
|
-
subject: string;
|
|
516
531
|
provider: string;
|
|
532
|
+
subject: string;
|
|
517
533
|
email?: string | undefined;
|
|
518
534
|
name?: string | undefined;
|
|
519
535
|
} | null | undefined;
|
|
536
|
+
credential_user_email?: string | undefined;
|
|
537
|
+
credential_provider_user_id?: string | undefined;
|
|
520
538
|
}>;
|
|
521
539
|
export type ConsentApprovalRequest = z.infer<typeof consentApprovalRequestSchema>;
|
|
522
540
|
/**
|
|
@@ -831,11 +849,13 @@ export declare function validateConsentApprovalRequest(request: unknown): z.Safe
|
|
|
831
849
|
customFields?: Record<string, string | boolean> | undefined;
|
|
832
850
|
termsVersion?: string | undefined;
|
|
833
851
|
oauth_identity?: {
|
|
834
|
-
subject: string;
|
|
835
852
|
provider: string;
|
|
853
|
+
subject: string;
|
|
836
854
|
email?: string | undefined;
|
|
837
855
|
name?: string | undefined;
|
|
838
856
|
} | null | undefined;
|
|
857
|
+
credential_user_email?: string | undefined;
|
|
858
|
+
credential_provider_user_id?: string | undefined;
|
|
839
859
|
}, {
|
|
840
860
|
scopes: string[];
|
|
841
861
|
tool: string;
|
|
@@ -847,11 +867,13 @@ export declare function validateConsentApprovalRequest(request: unknown): z.Safe
|
|
|
847
867
|
customFields?: Record<string, string | boolean> | undefined;
|
|
848
868
|
termsVersion?: string | undefined;
|
|
849
869
|
oauth_identity?: {
|
|
850
|
-
subject: string;
|
|
851
870
|
provider: string;
|
|
871
|
+
subject: string;
|
|
852
872
|
email?: string | undefined;
|
|
853
873
|
name?: string | undefined;
|
|
854
874
|
} | null | undefined;
|
|
875
|
+
credential_user_email?: string | undefined;
|
|
876
|
+
credential_provider_user_id?: string | undefined;
|
|
855
877
|
}>;
|
|
856
878
|
/**
|
|
857
879
|
* Validate a consent approval response
|
package/dist/consent/schemas.js
CHANGED
|
@@ -228,6 +228,26 @@ exports.consentApprovalRequestSchema = zod_1.z.object({
|
|
|
228
228
|
.regex(/^did:/, "Must be a valid DID format (starting with did:)")
|
|
229
229
|
.max(500, "DID must be 500 characters or less")
|
|
230
230
|
.optional(),
|
|
231
|
+
/**
|
|
232
|
+
* Human-readable user identifier from credential authentication (email/username).
|
|
233
|
+
* Used for display in AgentShield dashboard.
|
|
234
|
+
* This comes from the credential provider response (e.g., customer.email from Hardware World).
|
|
235
|
+
* Maps to: user_identifier in delegation metadata
|
|
236
|
+
*/
|
|
237
|
+
credential_user_email: zod_1.z
|
|
238
|
+
.string()
|
|
239
|
+
.max(200, "User email must be 200 characters or less")
|
|
240
|
+
.optional(),
|
|
241
|
+
/**
|
|
242
|
+
* Provider's internal user ID from credential authentication.
|
|
243
|
+
* This is the provider-specific identifier (e.g., customer ID 696395 from Hardware World).
|
|
244
|
+
* Used for business reference and linking to provider systems.
|
|
245
|
+
* Maps to: user_id in delegation metadata
|
|
246
|
+
*/
|
|
247
|
+
credential_provider_user_id: zod_1.z
|
|
248
|
+
.string()
|
|
249
|
+
.max(200, "Provider user ID must be 200 characters or less")
|
|
250
|
+
.optional(),
|
|
231
251
|
});
|
|
232
252
|
/**
|
|
233
253
|
* Consent Approval Response Schema
|