npm - @kya-os/verifier - Versions diffs - 1.3.3-canary.0 → 1.3.3 - Mend

@kya-os/verifier 1.3.3-canary.0 → 1.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/worker.d.ts +160 -0
package/package.json +2 -2

package/dist/worker.d.ts ADDED Viewed

@@ -0,0 +1,160 @@
+import type { VerifierResult } from "@kya-os/contracts/verifier";
+import { type VerifierConfig } from "./core.js";
+/**
+ * Cloudflare Worker environment bindings
+ * Extend this interface in your Worker to add custom bindings
+ */
+export interface WorkerEnv {
+    NONCE_CACHE?: KVNamespace;
+    KYA_API_URL?: string;
+    KYA_API_KEY?: string;
+    XMCP_I_TS_SKEW_SEC?: string;
+    XMCP_I_SESSION_TTL?: string;
+    KYA_VOUCHED_API_KEY?: string;
+}
+/**
+ * Cloudflare KV Namespace interface
+ */
+export interface KVNamespace {
+    get(key: string, options?: {
+        type?: "text" | "json" | "arrayBuffer" | "stream";
+    }): Promise<any>;
+    put(key: string, value: string | ArrayBuffer | ReadableStream, options?: {
+        expiration?: number;
+        expirationTtl?: number;
+    }): Promise<void>;
+    delete(key: string): Promise<void>;
+}
+/**
+ * Worker-specific verifier configuration
+ */
+export interface WorkerVerifierConfig extends VerifierConfig {
+    /**
+     * KV namespace for nonce caching (prevents replay attacks)
+     * Bind in wrangler.toml: [[kv_namespaces]] binding = "NONCE_CACHE"
+     */
+    kvNamespace?: KVNamespace;
+    /**
+     * Nonce cache TTL in seconds
+     * @default 1800 (30 minutes)
+     */
+    nonceTtl?: number;
+    /**
+     * Allow mock data for testing (NEVER use in production)
+     * @default false
+     */
+    allowMockData?: boolean;
+}
+/**
+ * Create verifier config from Worker environment
+ *
+ * @param env - Worker environment bindings
+ * @param overrides - Optional config overrides
+ * @returns WorkerVerifierConfig
+ */
+export declare function createConfigFromEnv(env: WorkerEnv, overrides?: Partial<WorkerVerifierConfig>): WorkerVerifierConfig;
+/**
+ * Cloudflare Worker verifier function
+ *
+ * Usage with environment bindings:
+ * ```typescript
+ * export default {
+ *   async fetch(request: Request, env: WorkerEnv): Promise<Response> {
+ *     const config = createConfigFromEnv(env);
+ *     const result = await verifyWorker(request, config);
+ *
+ *     if (!result.success) {
+ *       return applyVerificationToResponse(result);
+ *     }
+ *
+ *     // Continue with verified request...
+ *   }
+ * }
+ * ```
+ *
+ * @param request - The incoming request
+ * @param config - Optional verifier configuration
+ * @returns Promise<VerifierResult> - Verification result with headers or error
+ */
+export declare function verifyWorker(request: Request, config?: WorkerVerifierConfig): Promise<VerifierResult>;
+/**
+ * Cloudflare Worker middleware factory
+ *
+ * Creates a middleware function that can be used in Worker request handlers
+ *
+ * @param config - Optional verifier configuration
+ * @returns Middleware function
+ */
+export declare function createWorkerMiddleware(config?: VerifierConfig): (request: Request) => Promise<VerifierResult>;
+/**
+ * Helper to apply verification result to a Response
+ *
+ * @param result - Verification result
+ * @param response - Response to modify
+ * @returns Modified response with headers or error response
+ */
+export declare function applyVerificationToResponse(result: VerifierResult, response?: Response): Response;
+/**
+ * Complete example with environment bindings and KV nonce cache
+ *
+ * wrangler.toml:
+ * ```toml
+ * name = "my-mcp-verifier"
+ * main = "src/index.ts"
+ * compatibility_date = "2024-01-01"
+ *
+ * [[kv_namespaces]]
+ * binding = "NONCE_CACHE"
+ * id = "your-kv-namespace-id"
+ *
+ * [vars]
+ * KYA_API_URL = "https://knowthat.ai"
+ * ```
+ *
+ * src/index.ts:
+ * ```typescript
+ * import { verifyWorker, applyVerificationToResponse, createConfigFromEnv, type WorkerEnv } from "@kya-os/verifier/worker";
+ *
+ * export default {
+ *   async fetch(request: Request, env: WorkerEnv): Promise<Response> {
+ *     // Create config from environment
+ *     const config = createConfigFromEnv(env);
+ *
+ *     // Verify the request
+ *     const result = await verifyWorker(request, config);
+ *
+ *     if (!result.success) {
+ *       return applyVerificationToResponse(result);
+ *     }
+ *
+ *     // Access verified agent context
+ *     const agentDID = result.agentContext?.did;
+ *     const agentScopes = result.agentContext?.scopes || [];
+ *
+ *     // Continue with verified request
+ *     const response = new Response(JSON.stringify({
+ *       message: "Verified!",
+ *       agent: result.agentContext
+ *     }), {
+ *       headers: { "Content-Type": "application/json" }
+ *     });
+ *
+ *     // Add verification headers to response
+ *     return applyVerificationToResponse(result, response);
+ *   }
+ * }
+ * ```
+ *
+ * Deploy:
+ * ```bash
+ * # Create KV namespace
+ * wrangler kv:namespace create NONCE_CACHE
+ *
+ * # Add secrets
+ * wrangler secret put KYA_VOUCHED_API_KEY
+ *
+ * # Deploy
+ * wrangler deploy
+ * ```
+ */
+//# sourceMappingURL=worker.d.ts.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@kya-os/verifier",
-  "version": "1.3.3-canary.0",
+  "version": "1.3.3",
   "description": "Isomorphic verifier middleware for XMCP-I proof validation",
   "type": "module",
   "main": "./dist/index.js",
@@ -32,7 +32,7 @@
     "clean": "rm -rf dist"
   },
   "dependencies": {
-    "@kya-os/contracts": "^1.5.2-canary.5",
+    "@kya-os/contracts": "^1.5.2",
     "jose": "^5.2.0",
     "json-canonicalize": "^2.0.0"
   },