@lelu-auth/lelu 0.1.0

package/dist/react/index.js

@@ -0,0 +1,670 @@
+'use strict';
+
+var react = require('react');
+var zod = require('zod');
+var jsxRuntime = require('react/jsx-runtime');
+
+var AuthRequestSchema = zod.z.object({
+  userId: zod.z.string().min(1, "userId is required"),
+  action: zod.z.string().min(1, "action is required"),
+  resource: zod.z.record(zod.z.string()).optional()
+});
+var AgentContextSchema = zod.z.object({
+  /** LLM confidence score — 0.0 to 1.0 */
+  confidence: zod.z.number().min(0).max(1),
+  /** User the agent is acting on behalf of */
+  actingFor: zod.z.string().optional(),
+  /** Requested agent scope */
+  scope: zod.z.string().optional()
+});
+var AgentAuthRequestSchema = zod.z.object({
+  actor: zod.z.string().min(1, "actor is required"),
+  action: zod.z.string().min(1, "action is required"),
+  resource: zod.z.record(zod.z.string()).optional(),
+  context: AgentContextSchema
+});
+var MintTokenRequestSchema = zod.z.object({
+  scope: zod.z.string().min(1),
+  actingFor: zod.z.string().optional(),
+  ttlSeconds: zod.z.number().int().positive().optional()
+});
+var DelegateScopeRequestSchema = zod.z.object({
+  delegator: zod.z.string().min(1, "delegator is required"),
+  delegatee: zod.z.string().min(1, "delegatee is required"),
+  scopedTo: zod.z.array(zod.z.string().min(1)).optional(),
+  ttlSeconds: zod.z.number().int().positive().optional(),
+  confidence: zod.z.number().min(0).max(1).optional(),
+  actingFor: zod.z.string().optional(),
+  tenantId: zod.z.string().optional()
+});
+var AuthEngineError = class extends Error {
+  constructor(message, status, details) {
+    super(message);
+    this.status = status;
+    this.details = details;
+    this.name = "AuthEngineError";
+  }
+};
+
+// src/client.ts
+var LeluClient = class {
+  baseUrl;
+  timeoutMs;
+  apiKey;
+  constructor(cfg = {}) {
+    this.baseUrl = (cfg.baseUrl ?? "http://localhost:8080").replace(/\/$/, "");
+    this.timeoutMs = cfg.timeoutMs ?? 5e3;
+    this.apiKey = cfg.apiKey;
+  }
+  // ── Human authorization ────────────────────────────────────────────────────
+  /**
+   * Checks whether a human user is permitted to perform an action.
+   */
+  async authorize(req) {
+    const validated = AuthRequestSchema.parse(req);
+    const body = {
+      user_id: validated.userId,
+      action: validated.action,
+      resource: validated.resource
+    };
+    const data = await this.post("/v1/authorize", body);
+    return {
+      allowed: data.allowed,
+      reason: data.reason,
+      traceId: data.trace_id
+    };
+  }
+  // ── Agent authorization ────────────────────────────────────────────────────
+  /**
+   * Checks whether an AI agent is permitted to perform an action, taking the
+   * confidence score into account (Confidence-Aware Auth ★).
+   */
+  async agentAuthorize(req) {
+    const validated = AgentAuthRequestSchema.parse(req);
+    const body = {
+      actor: validated.actor,
+      action: validated.action,
+      resource: validated.resource,
+      confidence: validated.context.confidence,
+      acting_for: validated.context.actingFor,
+      scope: validated.context.scope
+    };
+    const data = await this.post("/v1/agent/authorize", body);
+    return {
+      allowed: data.allowed,
+      reason: data.reason,
+      traceId: data.trace_id,
+      downgradedScope: data.downgraded_scope,
+      requiresHumanReview: data.requires_human_review,
+      confidenceUsed: data.confidence_used
+    };
+  }
+  // ── JIT Token minting ──────────────────────────────────────────────────────
+  /**
+   * Mints a scoped JWT for an agent with an optional TTL.
+   * Default TTL is 60 seconds.
+   */
+  async mintToken(req) {
+    const validated = MintTokenRequestSchema.parse(req);
+    const body = {
+      scope: validated.scope,
+      acting_for: validated.actingFor,
+      ttl_seconds: validated.ttlSeconds ?? 60
+    };
+    const data = await this.post("/v1/tokens/mint", body);
+    return {
+      token: data.token,
+      tokenId: data.token_id,
+      expiresAt: new Date(data.expires_at * 1e3)
+    };
+  }
+  // ── Token revocation ───────────────────────────────────────────────────────
+  /**
+   * Immediately revokes a JIT token by its ID.
+   */
+  async revokeToken(tokenId) {
+    const data = await this.delete(
+      `/v1/tokens/${encodeURIComponent(tokenId)}`
+    );
+    return { success: data.success };
+  }
+  // ── Multi-agent delegation ─────────────────────────────────────────────────
+  /**
+   * Delegates a constrained sub-scope from one agent to another.
+   *
+   * Validates the delegation rule in the loaded policy, caps the TTL to the
+   * policy maximum, and mints a child JIT token scoped to the granted actions.
+   *
+   * The delegator's `confidence` score is checked against the policy's
+   * `require_confidence_above` before delegation is granted.
+   */
+  async delegateScope(req) {
+    const validated = DelegateScopeRequestSchema.parse(req);
+    const body = {
+      delegator: validated.delegator,
+      delegatee: validated.delegatee,
+      scoped_to: validated.scopedTo ?? [],
+      ttl_seconds: validated.ttlSeconds ?? 60,
+      confidence: validated.confidence ?? 1,
+      acting_for: validated.actingFor ?? "",
+      tenant_id: validated.tenantId ?? ""
+    };
+    const data = await this.post("/v1/agent/delegate", body);
+    return {
+      token: data.token,
+      tokenId: data.token_id,
+      expiresAt: new Date(data.expires_at * 1e3),
+      delegator: data.delegator,
+      delegatee: data.delegatee,
+      grantedScopes: data.granted_scopes,
+      traceId: data.trace_id
+    };
+  }
+  // ── Health check ───────────────────────────────────────────────────────────
+  /**
+   * Returns true if the engine is reachable and healthy.
+   */
+  async isHealthy() {
+    try {
+      const data = await this.get("/healthz");
+      return data.status === "ok";
+    } catch {
+      return false;
+    }
+  }
+  // ── HTTP helpers ───────────────────────────────────────────────────────────
+  headers() {
+    const h = { "Content-Type": "application/json" };
+    if (this.apiKey) {
+      h["Authorization"] = `Bearer ${this.apiKey}`;
+    }
+    return h;
+  }
+  async post(path, body) {
+    const ctrl = new AbortController();
+    const timer = setTimeout(() => ctrl.abort(), this.timeoutMs);
+    try {
+      const res = await fetch(`${this.baseUrl}${path}`, {
+        method: "POST",
+        headers: this.headers(),
+        body: JSON.stringify(body),
+        signal: ctrl.signal
+      });
+      return this.parseResponse(res);
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+  async delete(path) {
+    const ctrl = new AbortController();
+    const timer = setTimeout(() => ctrl.abort(), this.timeoutMs);
+    try {
+      const res = await fetch(`${this.baseUrl}${path}`, {
+        method: "DELETE",
+        headers: this.headers(),
+        signal: ctrl.signal
+      });
+      return this.parseResponse(res);
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+  async get(path) {
+    const ctrl = new AbortController();
+    const timer = setTimeout(() => ctrl.abort(), this.timeoutMs);
+    try {
+      const res = await fetch(`${this.baseUrl}${path}`, {
+        method: "GET",
+        headers: this.headers(),
+        signal: ctrl.signal
+      });
+      return this.parseResponse(res);
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+  async parseResponse(res) {
+    const json = await res.json();
+    if (!res.ok) {
+      throw new AuthEngineError(
+        json["error"] ?? "engine error",
+        res.status,
+        json
+      );
+    }
+    return json;
+  }
+};
+var SearchIcon = () => /* @__PURE__ */ jsxRuntime.jsxs("svg", { xmlns: "http://www.w3.org/2000/svg", width: "16", height: "16", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", children: [
+  /* @__PURE__ */ jsxRuntime.jsx("circle", { cx: "11", cy: "11", r: "8" }),
+  /* @__PURE__ */ jsxRuntime.jsx("line", { x1: "21", y1: "21", x2: "16.65", y2: "16.65" })
+] });
+var CheckIcon = () => /* @__PURE__ */ jsxRuntime.jsx("svg", { xmlns: "http://www.w3.org/2000/svg", width: "16", height: "16", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", children: /* @__PURE__ */ jsxRuntime.jsx("polyline", { points: "20 6 9 17 4 12" }) });
+var XIcon = () => /* @__PURE__ */ jsxRuntime.jsxs("svg", { xmlns: "http://www.w3.org/2000/svg", width: "16", height: "16", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", children: [
+  /* @__PURE__ */ jsxRuntime.jsx("line", { x1: "18", y1: "6", x2: "6", y2: "18" }),
+  /* @__PURE__ */ jsxRuntime.jsx("line", { x1: "6", y1: "6", x2: "18", y2: "18" })
+] });
+var ChevronDownIcon = () => /* @__PURE__ */ jsxRuntime.jsx("svg", { xmlns: "http://www.w3.org/2000/svg", width: "16", height: "16", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", children: /* @__PURE__ */ jsxRuntime.jsx("polyline", { points: "6 9 12 15 18 9" }) });
+var ChevronUpIcon = () => /* @__PURE__ */ jsxRuntime.jsx("svg", { xmlns: "http://www.w3.org/2000/svg", width: "16", height: "16", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", children: /* @__PURE__ */ jsxRuntime.jsx("polyline", { points: "18 15 12 9 6 15" }) });
+var LeluApprovalUI = ({
+  apiBaseUrl = "http://localhost:8080",
+  onApprove,
+  onDeny,
+  pollIntervalMs = 5e3
+}) => {
+  const [requests, setRequests] = react.useState([]);
+  const [loading, setLoading] = react.useState(true);
+  const [error, setError] = react.useState(null);
+  const [searchQuery, setSearchQuery] = react.useState("");
+  const [expandedId, setExpandedId] = react.useState(null);
+  const [processingId, setProcessingId] = react.useState(null);
+  const fetchRequests = async () => {
+    try {
+      const response = await fetch(`${apiBaseUrl}/v1/reviews/pending`);
+      if (!response.ok) throw new Error("Failed to fetch pending reviews");
+      const data = await response.json();
+      setRequests(data.requests || []);
+      setError(null);
+    } catch (err) {
+      setError(err.message);
+    } finally {
+      setLoading(false);
+    }
+  };
+  react.useEffect(() => {
+    fetchRequests();
+    const interval = setInterval(fetchRequests, pollIntervalMs);
+    return () => clearInterval(interval);
+  }, [apiBaseUrl, pollIntervalMs]);
+  const handleAction = async (request, approved) => {
+    setProcessingId(request.id);
+    try {
+      const response = await fetch(`${apiBaseUrl}/v1/reviews/${request.id}/resolve`, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({ approved })
+      });
+      if (!response.ok) throw new Error("Failed to resolve review");
+      setRequests((prev) => prev.filter((r) => r.id !== request.id));
+      if (approved && onApprove) onApprove(request);
+      if (!approved && onDeny) onDeny(request);
+    } catch (err) {
+      setError(err.message);
+    } finally {
+      setProcessingId(null);
+    }
+  };
+  const filteredRequests = react.useMemo(() => {
+    if (!searchQuery) return requests;
+    const lowerQuery = searchQuery.toLowerCase();
+    return requests.filter(
+      (req) => req.agentId.toLowerCase().includes(lowerQuery) || req.action.toLowerCase().includes(lowerQuery)
+    );
+  }, [requests, searchQuery]);
+  if (loading && requests.length === 0) {
+    return /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "animate-pulse space-y-4 p-6 bg-white rounded-xl shadow-sm border border-gray-200", children: [
+      /* @__PURE__ */ jsxRuntime.jsx("div", { className: "h-8 bg-gray-200 rounded w-1/3 mb-6" }),
+      /* @__PURE__ */ jsxRuntime.jsx("div", { className: "h-32 bg-gray-100 rounded-lg border border-gray-200" }),
+      /* @__PURE__ */ jsxRuntime.jsx("div", { className: "h-32 bg-gray-100 rounded-lg border border-gray-200" })
+    ] });
+  }
+  return /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "bg-white rounded-xl shadow-sm border border-gray-200 overflow-hidden flex flex-col max-h-[800px] font-sans", children: [
+    /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "px-6 py-5 border-b border-gray-200 bg-gray-50/50 flex flex-col sm:flex-row sm:items-center justify-between gap-4", children: [
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { children: [
+        /* @__PURE__ */ jsxRuntime.jsxs("h2", { className: "text-xl font-semibold text-gray-900 flex items-center gap-2", children: [
+          "Human-in-the-Loop Review",
+          requests.length > 0 && /* @__PURE__ */ jsxRuntime.jsxs("span", { className: "bg-blue-100 text-blue-700 text-xs font-bold px-2.5 py-0.5 rounded-full", children: [
+            requests.length,
+            " Pending"
+          ] })
+        ] }),
+        /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-sm text-gray-500 mt-1", children: "Review and authorize agent actions that fell below confidence thresholds." })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "relative", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none text-gray-400", children: /* @__PURE__ */ jsxRuntime.jsx(SearchIcon, {}) }),
+        /* @__PURE__ */ jsxRuntime.jsx(
+          "input",
+          {
+            type: "text",
+            placeholder: "Search agents or actions...",
+            className: "pl-10 pr-4 py-2 border border-gray-300 rounded-lg text-sm focus:ring-2 focus:ring-blue-500 focus:border-blue-500 w-full sm:w-64 transition-shadow",
+            value: searchQuery,
+            onChange: (e) => setSearchQuery(e.target.value)
+          }
+        )
+      ] })
+    ] }),
+    error && /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "mx-6 mt-4 p-3 bg-red-50 border border-red-200 text-red-700 rounded-lg text-sm flex items-center gap-2", children: [
+      /* @__PURE__ */ jsxRuntime.jsx(XIcon, {}),
+      " ",
+      error
+    ] }),
+    /* @__PURE__ */ jsxRuntime.jsx("div", { className: "p-6 overflow-y-auto flex-1 bg-gray-50/30", children: filteredRequests.length === 0 ? /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex flex-col items-center justify-center py-12 text-center", children: [
+      /* @__PURE__ */ jsxRuntime.jsx("div", { className: "w-16 h-16 bg-green-50 rounded-full flex items-center justify-center mb-4 text-green-600", children: /* @__PURE__ */ jsxRuntime.jsx(CheckIcon, {}) }),
+      /* @__PURE__ */ jsxRuntime.jsx("h3", { className: "text-lg font-medium text-gray-900", children: "All caught up!" }),
+      /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-gray-500 mt-1 max-w-sm", children: searchQuery ? "No requests match your search criteria." : "There are no pending agent actions requiring human approval at this time." })
+    ] }) : /* @__PURE__ */ jsxRuntime.jsx("div", { className: "space-y-4", children: filteredRequests.map((req) => {
+      const isExpanded = expandedId === req.id;
+      const isProcessing = processingId === req.id;
+      const confidenceColor = req.confidence < 0.5 ? "text-red-700 bg-red-50 border-red-200" : req.confidence < 0.8 ? "text-yellow-700 bg-yellow-50 border-yellow-200" : "text-green-700 bg-green-50 border-green-200";
+      return /* @__PURE__ */ jsxRuntime.jsxs(
+        "div",
+        {
+          className: `bg-white border rounded-xl shadow-sm transition-all duration-200 ${isProcessing ? "opacity-50 pointer-events-none" : "hover:shadow-md border-gray-200"}`,
+          children: [
+            /* @__PURE__ */ jsxRuntime.jsx("div", { className: "p-5", children: /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex flex-col md:flex-row md:items-start justify-between gap-4", children: [
+              /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex-1", children: [
+                /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex items-center gap-2 flex-wrap mb-2", children: [
+                  /* @__PURE__ */ jsxRuntime.jsx("span", { className: "font-semibold text-gray-900 text-base", children: req.agentId }),
+                  /* @__PURE__ */ jsxRuntime.jsx("span", { className: "text-gray-400 text-sm", children: "requested" }),
+                  /* @__PURE__ */ jsxRuntime.jsx("span", { className: "px-2.5 py-1 bg-gray-100 text-gray-800 text-xs font-mono font-medium rounded-md border border-gray-200", children: req.action })
+                ] }),
+                /* @__PURE__ */ jsxRuntime.jsxs("p", { className: "text-sm text-gray-600 leading-relaxed", children: [
+                  /* @__PURE__ */ jsxRuntime.jsx("span", { className: "font-medium text-gray-700", children: "Reason:" }),
+                  " ",
+                  req.reason
+                ] }),
+                /* @__PURE__ */ jsxRuntime.jsx("div", { className: "mt-3 flex items-center gap-4 text-xs text-gray-500", children: /* @__PURE__ */ jsxRuntime.jsxs("span", { className: "flex items-center gap-1", children: [
+                  /* @__PURE__ */ jsxRuntime.jsx("svg", { className: "w-3.5 h-3.5", fill: "none", stroke: "currentColor", viewBox: "0 0 24 24", children: /* @__PURE__ */ jsxRuntime.jsx("path", { strokeLinecap: "round", strokeLinejoin: "round", strokeWidth: "2", d: "M12 8v4l3 3m6-3a9 9 0 11-18 0 9 9 0 0118 0z" }) }),
+                  new Date(req.timestamp).toLocaleString()
+                ] }) })
+              ] }),
+              /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex flex-col items-end gap-3 min-w-[140px]", children: [
+                /* @__PURE__ */ jsxRuntime.jsxs("div", { className: `px-3 py-1.5 rounded-full border text-xs font-bold flex items-center gap-1.5 ${confidenceColor}`, children: [
+                  /* @__PURE__ */ jsxRuntime.jsx("svg", { className: "w-3.5 h-3.5", fill: "none", stroke: "currentColor", viewBox: "0 0 24 24", children: /* @__PURE__ */ jsxRuntime.jsx("path", { strokeLinecap: "round", strokeLinejoin: "round", strokeWidth: "2", d: "M13 10V3L4 14h7v7l9-11h-7z" }) }),
+                  (req.confidence * 100).toFixed(1),
+                  "% Confidence"
+                ] }),
+                /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex gap-2 w-full", children: [
+                  /* @__PURE__ */ jsxRuntime.jsxs(
+                    "button",
+                    {
+                      onClick: () => handleAction(req, false),
+                      disabled: isProcessing,
+                      className: "flex-1 flex justify-center items-center gap-1 bg-white border border-gray-300 hover:bg-red-50 hover:text-red-700 hover:border-red-200 text-gray-700 px-3 py-2 rounded-lg text-sm font-medium transition-colors",
+                      children: [
+                        /* @__PURE__ */ jsxRuntime.jsx(XIcon, {}),
+                        " Deny"
+                      ]
+                    }
+                  ),
+                  /* @__PURE__ */ jsxRuntime.jsxs(
+                    "button",
+                    {
+                      onClick: () => handleAction(req, true),
+                      disabled: isProcessing,
+                      className: "flex-1 flex justify-center items-center gap-1 bg-blue-600 hover:bg-blue-700 text-white px-3 py-2 rounded-lg text-sm font-medium transition-colors shadow-sm",
+                      children: [
+                        /* @__PURE__ */ jsxRuntime.jsx(CheckIcon, {}),
+                        " Approve"
+                      ]
+                    }
+                  )
+                ] })
+              ] })
+            ] }) }),
+            /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "border-t border-gray-100 bg-gray-50/50 rounded-b-xl", children: [
+              /* @__PURE__ */ jsxRuntime.jsxs(
+                "button",
+                {
+                  onClick: () => setExpandedId(isExpanded ? null : req.id),
+                  className: "w-full px-5 py-2.5 flex items-center justify-between text-xs font-medium text-gray-500 hover:text-gray-700 transition-colors",
+                  children: [
+                    /* @__PURE__ */ jsxRuntime.jsx("span", { children: "View Resource Payload" }),
+                    isExpanded ? /* @__PURE__ */ jsxRuntime.jsx(ChevronUpIcon, {}) : /* @__PURE__ */ jsxRuntime.jsx(ChevronDownIcon, {})
+                  ]
+                }
+              ),
+              isExpanded && /* @__PURE__ */ jsxRuntime.jsx("div", { className: "px-5 pb-5 pt-1", children: /* @__PURE__ */ jsxRuntime.jsx("div", { className: "bg-gray-900 rounded-lg p-4 overflow-x-auto shadow-inner", children: /* @__PURE__ */ jsxRuntime.jsx("pre", { className: "text-xs text-green-400 font-mono leading-relaxed", children: JSON.stringify(req.resource, null, 2) }) }) })
+            ] })
+          ]
+        },
+        req.id
+      );
+    }) }) })
+  ] });
+};
+var RefreshIcon = ({ className = "" }) => /* @__PURE__ */ jsxRuntime.jsx("svg", { xmlns: "http://www.w3.org/2000/svg", width: "16", height: "16", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", className, children: /* @__PURE__ */ jsxRuntime.jsx("path", { d: "M21.5 2v6h-6M21.34 15.57a10 10 0 1 1-.59-9.21l5.25 4.24" }) });
+var ShieldIcon = () => /* @__PURE__ */ jsxRuntime.jsx("svg", { xmlns: "http://www.w3.org/2000/svg", width: "20", height: "20", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", children: /* @__PURE__ */ jsxRuntime.jsx("path", { d: "M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z" }) });
+var AlertTriangleIcon = () => /* @__PURE__ */ jsxRuntime.jsxs("svg", { xmlns: "http://www.w3.org/2000/svg", width: "16", height: "16", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", children: [
+  /* @__PURE__ */ jsxRuntime.jsx("path", { d: "M10.29 3.86L1.82 18a2 2 0 0 0 1.71 3h16.94a2 2 0 0 0 1.71-3L13.71 3.86a2 2 0 0 0-3.42 0z" }),
+  /* @__PURE__ */ jsxRuntime.jsx("line", { x1: "12", y1: "9", x2: "12", y2: "13" }),
+  /* @__PURE__ */ jsxRuntime.jsx("line", { x1: "12", y1: "17", x2: "12.01", y2: "17" })
+] });
+var SearchIcon2 = () => /* @__PURE__ */ jsxRuntime.jsxs("svg", { xmlns: "http://www.w3.org/2000/svg", width: "16", height: "16", viewBox: "0 0 24 24", fill: "none", stroke: "currentColor", strokeWidth: "2", strokeLinecap: "round", strokeLinejoin: "round", children: [
+  /* @__PURE__ */ jsxRuntime.jsx("circle", { cx: "11", cy: "11", r: "8" }),
+  /* @__PURE__ */ jsxRuntime.jsx("line", { x1: "21", y1: "21", x2: "16.65", y2: "16.65" })
+] });
+var AgentReputationDashboard = ({
+  apiBaseUrl = "http://localhost:8080",
+  refreshIntervalMs = 1e4
+}) => {
+  const [stats, setStats] = react.useState([]);
+  const [loading, setLoading] = react.useState(true);
+  const [isRefreshing, setIsRefreshing] = react.useState(false);
+  const [error, setError] = react.useState(null);
+  const [searchQuery, setSearchQuery] = react.useState("");
+  const [sortConfig, setSortConfig] = react.useState({
+    key: "hallucinationScore",
+    direction: "desc"
+  });
+  const fetchStats = async (showRefreshState = false) => {
+    if (showRefreshState) setIsRefreshing(true);
+    try {
+      const response = await fetch(`${apiBaseUrl}/v1/analytics/agents`);
+      if (!response.ok) throw new Error("Failed to fetch agent analytics");
+      const data = await response.json();
+      setStats(data.stats || []);
+      setError(null);
+    } catch (err) {
+      setError(err.message);
+    } finally {
+      setLoading(false);
+      setIsRefreshing(false);
+    }
+  };
+  react.useEffect(() => {
+    fetchStats();
+    const interval = setInterval(() => fetchStats(false), refreshIntervalMs);
+    return () => clearInterval(interval);
+  }, [apiBaseUrl, refreshIntervalMs]);
+  const handleSort = (key) => {
+    setSortConfig((prev) => ({
+      key,
+      direction: prev.key === key && prev.direction === "desc" ? "asc" : "desc"
+    }));
+  };
+  const processedStats = react.useMemo(() => {
+    let result = [...stats];
+    if (searchQuery) {
+      const lowerQuery = searchQuery.toLowerCase();
+      result = result.filter((agent) => agent.agentId.toLowerCase().includes(lowerQuery));
+    }
+    result.sort((a, b) => {
+      if (a[sortConfig.key] < b[sortConfig.key]) return sortConfig.direction === "asc" ? -1 : 1;
+      if (a[sortConfig.key] > b[sortConfig.key]) return sortConfig.direction === "asc" ? 1 : -1;
+      return 0;
+    });
+    return result;
+  }, [stats, searchQuery, sortConfig]);
+  const totalAgents = stats.length;
+  const totalActions = stats.reduce((sum, a) => sum + a.totalActions, 0);
+  const avgHallucination = stats.length ? stats.reduce((sum, a) => sum + a.hallucinationScore, 0) / stats.length : 0;
+  const highRiskAgents = stats.filter((a) => a.hallucinationScore > 50).length;
+  if (loading && stats.length === 0) {
+    return /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "animate-pulse space-y-4 p-6 bg-white rounded-xl shadow-sm border border-gray-200", children: [
+      /* @__PURE__ */ jsxRuntime.jsx("div", { className: "h-8 bg-gray-200 rounded w-1/4 mb-6" }),
+      /* @__PURE__ */ jsxRuntime.jsx("div", { className: "grid grid-cols-4 gap-4 mb-6", children: [1, 2, 3, 4].map((i) => /* @__PURE__ */ jsxRuntime.jsx("div", { className: "h-24 bg-gray-100 rounded-lg" }, i)) }),
+      /* @__PURE__ */ jsxRuntime.jsx("div", { className: "h-64 bg-gray-100 rounded-lg" })
+    ] });
+  }
+  return /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "bg-white rounded-xl shadow-sm border border-gray-200 overflow-hidden font-sans", children: [
+    /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "px-6 py-5 border-b border-gray-200 bg-gray-50/50 flex flex-col sm:flex-row sm:items-center justify-between gap-4", children: [
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { children: [
+        /* @__PURE__ */ jsxRuntime.jsxs("h2", { className: "text-xl font-semibold text-gray-900 flex items-center gap-2", children: [
+          /* @__PURE__ */ jsxRuntime.jsx("span", { className: "text-blue-600", children: /* @__PURE__ */ jsxRuntime.jsx(ShieldIcon, {}) }),
+          "Agent Reputation & Hallucination Index"
+        ] }),
+        /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-sm text-gray-500 mt-1", children: "Real-time monitoring of autonomous agent behavior and policy compliance." })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex items-center gap-3", children: [
+        /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "relative", children: [
+          /* @__PURE__ */ jsxRuntime.jsx("div", { className: "absolute inset-y-0 left-0 pl-3 flex items-center pointer-events-none text-gray-400", children: /* @__PURE__ */ jsxRuntime.jsx(SearchIcon2, {}) }),
+          /* @__PURE__ */ jsxRuntime.jsx(
+            "input",
+            {
+              type: "text",
+              placeholder: "Search agents...",
+              className: "pl-10 pr-4 py-2 border border-gray-300 rounded-lg text-sm focus:ring-2 focus:ring-blue-500 focus:border-blue-500 w-full sm:w-48 transition-shadow",
+              value: searchQuery,
+              onChange: (e) => setSearchQuery(e.target.value)
+            }
+          )
+        ] }),
+        /* @__PURE__ */ jsxRuntime.jsx(
+          "button",
+          {
+            onClick: () => fetchStats(true),
+            className: "p-2 text-gray-500 hover:text-gray-700 hover:bg-gray-100 rounded-lg transition-colors border border-gray-200 bg-white",
+            title: "Refresh data",
+            children: /* @__PURE__ */ jsxRuntime.jsx(RefreshIcon, { className: isRefreshing ? "animate-spin" : "" })
+          }
+        )
+      ] })
+    ] }),
+    error && /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "mx-6 mt-4 p-3 bg-red-50 border border-red-200 text-red-700 rounded-lg text-sm flex items-center gap-2", children: [
+      /* @__PURE__ */ jsxRuntime.jsx(AlertTriangleIcon, {}),
+      " ",
+      error
+    ] }),
+    /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "grid grid-cols-1 sm:grid-cols-2 lg:grid-cols-4 gap-4 p-6 bg-gray-50/30 border-b border-gray-200", children: [
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "bg-white p-4 rounded-xl border border-gray-200 shadow-sm", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "text-sm font-medium text-gray-500 mb-1", children: "Active Agents" }),
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "text-2xl font-bold text-gray-900", children: totalAgents })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "bg-white p-4 rounded-xl border border-gray-200 shadow-sm", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "text-sm font-medium text-gray-500 mb-1", children: "Total Actions Evaluated" }),
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "text-2xl font-bold text-gray-900", children: totalActions.toLocaleString() })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "bg-white p-4 rounded-xl border border-gray-200 shadow-sm", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "text-sm font-medium text-gray-500 mb-1", children: "Avg Hallucination Score" }),
+        /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "text-2xl font-bold text-gray-900 flex items-baseline gap-2", children: [
+          avgHallucination.toFixed(1),
+          /* @__PURE__ */ jsxRuntime.jsx("span", { className: "text-xs font-normal text-gray-500", children: "/ 100" })
+        ] })
+      ] }),
+      /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "bg-white p-4 rounded-xl border border-gray-200 shadow-sm", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "text-sm font-medium text-gray-500 mb-1", children: "High Risk Agents" }),
+        /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "text-2xl font-bold text-red-600 flex items-center gap-2", children: [
+          highRiskAgents,
+          highRiskAgents > 0 && /* @__PURE__ */ jsxRuntime.jsx(AlertTriangleIcon, {})
+        ] })
+      ] })
+    ] }),
+    /* @__PURE__ */ jsxRuntime.jsx("div", { className: "overflow-x-auto", children: /* @__PURE__ */ jsxRuntime.jsxs("table", { className: "min-w-full divide-y divide-gray-200", children: [
+      /* @__PURE__ */ jsxRuntime.jsx("thead", { className: "bg-gray-50", children: /* @__PURE__ */ jsxRuntime.jsx("tr", { children: [
+        { key: "agentId", label: "Agent ID" },
+        { key: "totalActions", label: "Total Actions" },
+        { key: "allowedActions", label: "Allowed" },
+        { key: "deniedActions", label: "Denied" },
+        { key: "averageConfidence", label: "Avg Confidence" },
+        { key: "hallucinationScore", label: "Hallucination Risk" }
+      ].map((col) => /* @__PURE__ */ jsxRuntime.jsx(
+        "th",
+        {
+          onClick: () => handleSort(col.key),
+          className: "px-6 py-3 text-left text-xs font-semibold text-gray-600 uppercase tracking-wider cursor-pointer hover:bg-gray-100 select-none group",
+          children: /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex items-center gap-1", children: [
+            col.label,
+            /* @__PURE__ */ jsxRuntime.jsx("span", { className: `text-gray-400 opacity-0 group-hover:opacity-100 transition-opacity ${sortConfig.key === col.key ? "opacity-100 text-blue-600" : ""}`, children: sortConfig.key === col.key ? sortConfig.direction === "asc" ? "\u2191" : "\u2193" : "\u2195" })
+          ] })
+        },
+        col.key
+      )) }) }),
+      /* @__PURE__ */ jsxRuntime.jsx("tbody", { className: "bg-white divide-y divide-gray-200", children: processedStats.length === 0 ? /* @__PURE__ */ jsxRuntime.jsx("tr", { children: /* @__PURE__ */ jsxRuntime.jsxs("td", { colSpan: 6, className: "px-6 py-12 text-center", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("div", { className: "inline-flex items-center justify-center w-12 h-12 rounded-full bg-gray-100 mb-3", children: /* @__PURE__ */ jsxRuntime.jsx(ShieldIcon, {}) }),
+        /* @__PURE__ */ jsxRuntime.jsx("h3", { className: "text-sm font-medium text-gray-900", children: "No agents found" }),
+        /* @__PURE__ */ jsxRuntime.jsx("p", { className: "text-sm text-gray-500 mt-1", children: searchQuery ? "Try adjusting your search query." : "No agent activity has been recorded yet." })
+      ] }) }) : processedStats.map((agent) => /* @__PURE__ */ jsxRuntime.jsxs("tr", { className: "hover:bg-gray-50/80 transition-colors", children: [
+        /* @__PURE__ */ jsxRuntime.jsx("td", { className: "px-6 py-4 whitespace-nowrap", children: /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex items-center", children: [
+          /* @__PURE__ */ jsxRuntime.jsx("div", { className: "h-8 w-8 rounded-full bg-blue-100 text-blue-700 flex items-center justify-center font-bold text-xs mr-3", children: agent.agentId.substring(0, 2).toUpperCase() }),
+          /* @__PURE__ */ jsxRuntime.jsxs("div", { children: [
+            /* @__PURE__ */ jsxRuntime.jsx("div", { className: "text-sm font-semibold text-gray-900", children: agent.agentId }),
+            /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "text-xs text-gray-500", children: [
+              "Last active: ",
+              new Date(agent.lastActive || Date.now()).toLocaleTimeString()
+            ] })
+          ] })
+        ] }) }),
+        /* @__PURE__ */ jsxRuntime.jsx("td", { className: "px-6 py-4 whitespace-nowrap text-sm text-gray-600 font-medium", children: agent.totalActions.toLocaleString() }),
+        /* @__PURE__ */ jsxRuntime.jsx("td", { className: "px-6 py-4 whitespace-nowrap", children: /* @__PURE__ */ jsxRuntime.jsx("span", { className: "inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-green-100 text-green-800", children: agent.allowedActions.toLocaleString() }) }),
+        /* @__PURE__ */ jsxRuntime.jsx("td", { className: "px-6 py-4 whitespace-nowrap", children: /* @__PURE__ */ jsxRuntime.jsx("span", { className: `inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium ${agent.deniedActions > 0 ? "bg-red-100 text-red-800" : "bg-gray-100 text-gray-800"}`, children: agent.deniedActions.toLocaleString() }) }),
+        /* @__PURE__ */ jsxRuntime.jsx("td", { className: "px-6 py-4 whitespace-nowrap text-sm text-gray-600", children: /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex items-center gap-2", children: [
+          /* @__PURE__ */ jsxRuntime.jsx("div", { className: "w-16 bg-gray-200 rounded-full h-1.5", children: /* @__PURE__ */ jsxRuntime.jsx(
+            "div",
+            {
+              className: "bg-blue-500 h-1.5 rounded-full",
+              style: { width: `${agent.averageConfidence * 100}%` }
+            }
+          ) }),
+          (agent.averageConfidence * 100).toFixed(1),
+          "%"
+        ] }) }),
+        /* @__PURE__ */ jsxRuntime.jsx("td", { className: "px-6 py-4 whitespace-nowrap", children: /* @__PURE__ */ jsxRuntime.jsxs("div", { className: "flex items-center gap-3", children: [
+          /* @__PURE__ */ jsxRuntime.jsx("div", { className: "w-24 bg-gray-200 rounded-full h-2.5 overflow-hidden", children: /* @__PURE__ */ jsxRuntime.jsx(
+            "div",
+            {
+              className: `h-full transition-all duration-500 ${agent.hallucinationScore > 50 ? "bg-red-500" : agent.hallucinationScore > 20 ? "bg-yellow-400" : "bg-green-500"}`,
+              style: { width: `${agent.hallucinationScore}%` }
+            }
+          ) }),
+          /* @__PURE__ */ jsxRuntime.jsx("span", { className: `text-sm font-bold ${agent.hallucinationScore > 50 ? "text-red-600" : agent.hallucinationScore > 20 ? "text-yellow-600" : "text-green-600"}`, children: agent.hallucinationScore.toFixed(0) })
+        ] }) })
+      ] }, agent.agentId)) })
+    ] }) })
+  ] });
+};
+
+// src/react/index.ts
+function useAgentPermission(actor, action, confidence = 1, opts = {}) {
+  const [state, setState] = react.useState({
+    canExecute: false,
+    loading: true,
+    reason: "",
+    decision: ""
+  });
+  react.useEffect(() => {
+    let cancelled = false;
+    setState({ canExecute: false, loading: true, reason: "", decision: "" });
+    const clientConfig = {
+      baseUrl: opts.baseUrl ?? "http://localhost:8080"
+    };
+    if (opts.apiKey !== void 0) {
+      clientConfig.apiKey = opts.apiKey;
+    }
+    const client = new LeluClient(clientConfig);
+    client.agentAuthorize({ actor, action, context: { confidence, scope: opts.scope } }).then((res) => {
+      if (cancelled) return;
+      setState({
+        canExecute: res.allowed,
+        loading: false,
+        reason: res.reason ?? (res.allowed ? "allowed" : "denied"),
+        decision: res.allowed ? "allowed" : res.requiresHumanReview ? "human_review" : "denied"
+      });
+    }).catch((err) => {
+      if (cancelled) return;
+      const msg = err instanceof Error ? err.message : String(err);
+      setState({ canExecute: false, loading: false, reason: msg, decision: "denied" });
+    });
+    return () => {
+      cancelled = true;
+    };
+  }, [actor, action, confidence, opts.baseUrl, opts.apiKey, opts.scope]);
+  return state;
+}
+
+exports.AgentReputationDashboard = AgentReputationDashboard;
+exports.LeluApprovalUI = LeluApprovalUI;
+exports.useAgentPermission = useAgentPermission;
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map