@kya-os/mcp-i-core 1.3.17 → 1.3.19-canary.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/runtime/base.d.ts +1 -0
- package/dist/runtime/base.js +29 -2
- package/package.json +2 -2
package/dist/runtime/base.d.ts
CHANGED
|
@@ -116,6 +116,7 @@ export declare class MCPIRuntimeBase {
|
|
|
116
116
|
* - session_id (not sessionId)
|
|
117
117
|
* - agent_did (not agentDid)
|
|
118
118
|
* - resume_token (not resumeToken)
|
|
119
|
+
* - agent_name (human-readable agent name for dashboard display)
|
|
119
120
|
*
|
|
120
121
|
* @param toolName - Tool that requires delegation
|
|
121
122
|
* @param scopes - Required scopes for the tool
|
package/dist/runtime/base.js
CHANGED
|
@@ -393,9 +393,20 @@ class MCPIRuntimeBase {
|
|
|
393
393
|
// This ensures delegations are user-specific and prevents user isolation bypass
|
|
394
394
|
const credential = verificationResult.data.credential;
|
|
395
395
|
const delegationUserIdentifier = credential?.user_identifier;
|
|
396
|
+
// Also check for user_id field (AgentShield may return DID or ID directly)
|
|
397
|
+
const delegationUserId = credential?.user_id;
|
|
396
398
|
const sessionUserDid = session?.userDid;
|
|
397
399
|
if (delegationUserIdentifier && sessionUserDid) {
|
|
398
|
-
if (
|
|
400
|
+
// Check if identifiers match (direct match or via user_id field)
|
|
401
|
+
const identifiersMatch = delegationUserIdentifier === sessionUserDid ||
|
|
402
|
+
delegationUserId === sessionUserDid;
|
|
403
|
+
// Special case: If delegationUserIdentifier is NOT a DID (e.g., email),
|
|
404
|
+
// but AgentShield verified the delegation, trust it.
|
|
405
|
+
// AgentShield internally links email → DID, so the verification is valid.
|
|
406
|
+
// Only fail if BOTH are DIDs and they don't match.
|
|
407
|
+
const isDelegationIdentifierDid = delegationUserIdentifier.startsWith("did:");
|
|
408
|
+
const shouldEnforceMatch = isDelegationIdentifierDid || delegationUserId;
|
|
409
|
+
if (shouldEnforceMatch && !identifiersMatch) {
|
|
399
410
|
// User identifier mismatch - potential security issue
|
|
400
411
|
const securityError = `Delegation user_identifier mismatch: delegation has "${delegationUserIdentifier.substring(0, 20)}..." but session has "${sessionUserDid.substring(0, 20)}..."`;
|
|
401
412
|
if (this.config.audit?.enabled) {
|
|
@@ -403,6 +414,9 @@ class MCPIRuntimeBase {
|
|
|
403
414
|
tool: toolName,
|
|
404
415
|
agentDid: identity.did.slice(0, 20) + "...",
|
|
405
416
|
delegationUserIdentifier: delegationUserIdentifier.substring(0, 20) + "...",
|
|
417
|
+
delegationUserId: delegationUserId
|
|
418
|
+
? delegationUserId.substring(0, 20) + "..."
|
|
419
|
+
: "N/A",
|
|
406
420
|
sessionUserDid: sessionUserDid.substring(0, 20) + "...",
|
|
407
421
|
sessionId: session?.id?.substring(0, 20) + "...",
|
|
408
422
|
reason: "user_identifier_mismatch",
|
|
@@ -425,13 +439,19 @@ class MCPIRuntimeBase {
|
|
|
425
439
|
this.cleanupExpiredInterceptedCalls();
|
|
426
440
|
throw new tool_protection_js_1.DelegationRequiredError(toolName, protection.requiredScopes, consentUrl, interceptedCall, resumeToken);
|
|
427
441
|
}
|
|
428
|
-
// User identifier
|
|
442
|
+
// User identifier validation passed (direct match or trusted AgentShield verification)
|
|
429
443
|
if (this.config.audit?.enabled) {
|
|
430
444
|
console.log("[MCP-I] ✅ User identifier validation PASSED", {
|
|
431
445
|
tool: toolName,
|
|
432
446
|
agentDid: identity.did.slice(0, 20) + "...",
|
|
433
447
|
userDid: sessionUserDid.substring(0, 20) + "...",
|
|
434
448
|
sessionId: session?.id?.substring(0, 20) + "...",
|
|
449
|
+
matchType: identifiersMatch
|
|
450
|
+
? "direct"
|
|
451
|
+
: "trusted_agentshield_verification",
|
|
452
|
+
delegationIdentifierFormat: isDelegationIdentifierDid
|
|
453
|
+
? "did"
|
|
454
|
+
: "email_or_other",
|
|
435
455
|
});
|
|
436
456
|
}
|
|
437
457
|
}
|
|
@@ -621,6 +641,7 @@ class MCPIRuntimeBase {
|
|
|
621
641
|
* - session_id (not sessionId)
|
|
622
642
|
* - agent_did (not agentDid)
|
|
623
643
|
* - resume_token (not resumeToken)
|
|
644
|
+
* - agent_name (human-readable agent name for dashboard display)
|
|
624
645
|
*
|
|
625
646
|
* @param toolName - Tool that requires delegation
|
|
626
647
|
* @param scopes - Required scopes for the tool
|
|
@@ -640,6 +661,12 @@ class MCPIRuntimeBase {
|
|
|
640
661
|
session_id: session?.id || "",
|
|
641
662
|
agent_did: session?.agentDid || "",
|
|
642
663
|
});
|
|
664
|
+
// Add agent_name for AgentShield dashboard display
|
|
665
|
+
// Priority: session.agentName > "Unknown Agent"
|
|
666
|
+
const agentName = session?.agentName;
|
|
667
|
+
if (agentName) {
|
|
668
|
+
params.set("agent_name", agentName);
|
|
669
|
+
}
|
|
643
670
|
// Add project_id if provided (required for AgentShield consent endpoint)
|
|
644
671
|
if (projectId) {
|
|
645
672
|
params.set("project_id", projectId);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@kya-os/mcp-i-core",
|
|
3
|
-
"version": "1.3.
|
|
3
|
+
"version": "1.3.19-canary.0",
|
|
4
4
|
"description": "Core runtime and types for MCP-I framework",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -28,7 +28,7 @@
|
|
|
28
28
|
"prepublishOnly": "npm run build && node ../create-mcpi-app/scripts/validate-no-workspace.js"
|
|
29
29
|
},
|
|
30
30
|
"dependencies": {
|
|
31
|
-
"@kya-os/contracts": "^1.6.
|
|
31
|
+
"@kya-os/contracts": "^1.6.12",
|
|
32
32
|
"jose": "^5.6.3",
|
|
33
33
|
"json-canonicalize": "^2.0.0",
|
|
34
34
|
"zod": "^3.25.76"
|