@mastra/client-js 1.17.2-alpha.2 → 1.18.0-alpha.4

package/dist/index.d.ts

@@ -2,6 +2,7 @@ export * from './client.js';
 export * from './types.js';
 export * from './tools.js';
 export type { ChannelPlatformInfo, ChannelInstallationInfo, ChannelConnectOAuth, ChannelConnectDeepLink, ChannelConnectImmediate, ChannelConnectResult, } from './resources/channels.js';
+export type { AgentCardSignatureKeyProviderInput, AgentCardVerificationKey, GetAgentCardOptions, VerifyAgentCardSignatureOptions, } from './resources/a2a.js';
 export { RequestContext } from '@mastra/core/request-context';
 export type { UIMessageWithMetadata } from '@mastra/core/agent';
 export type { Body, Client, ClientMethod, ClientPath, ClientRequest, ClientResponse, ClientResponseKind, ClientRoute, PathParams, QueryParams, RouteKey, RouteRequest, RouteResponse, RouteResponseType, RouteTypes, } from './route-types.generated.js';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,YAAY,EACV,mBAAmB,EACnB,uBAAuB,EACvB,mBAAmB,EACnB,sBAAsB,EACtB,uBAAuB,EACvB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,YAAY,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAChE,YAAY,EACV,IAAI,EACJ,MAAM,EACN,YAAY,EACZ,UAAU,EACV,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,WAAW,EACX,UAAU,EACV,WAAW,EACX,QAAQ,EACR,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,UAAU,GACX,MAAM,4BAA4B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,UAAU,CAAC;AACzB,cAAc,SAAS,CAAC;AACxB,cAAc,SAAS,CAAC;AACxB,YAAY,EACV,mBAAmB,EACnB,uBAAuB,EACvB,mBAAmB,EACnB,sBAAsB,EACtB,uBAAuB,EACvB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EACV,kCAAkC,EAClC,wBAAwB,EACxB,mBAAmB,EACnB,+BAA+B,GAChC,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,YAAY,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAChE,YAAY,EACV,IAAI,EACJ,MAAM,EACN,YAAY,EACZ,UAAU,EACV,aAAa,EACb,cAAc,EACd,kBAAkB,EAClB,WAAW,EACX,UAAU,EACV,WAAW,EACX,QAAQ,EACR,YAAY,EACZ,aAAa,EACb,iBAAiB,EACjB,UAAU,GACX,MAAM,4BAA4B,CAAC"}

package/dist/index.js

@@ -6,6 +6,8 @@ import { RequestContext } from '@mastra/core/request-context';
 export { RequestContext } from '@mastra/core/request-context';
 import { zodToJsonSchema as zodToJsonSchema$1 } from '@mastra/schema-compat/zod-to-json';
 import { MastraA2AError } from '@mastra/core/a2a';
+import canonicalize from 'canonicalize';
+import { base64url, decodeProtectedHeader, compactVerify, importX509, importSPKI, importJWK } from 'jose';
 
 // src/resources/agent.ts
 function normalizeRoutePath(path) {
@@ -1639,6 +1641,43 @@ var Agent = class extends BaseResource {
     };
     return streamResponse;
   }
+  /**
+   * Resumes a suspended agent stream until idle with custom resume data.
+   * Used to continue execution after a suspension point (e.g., workflow suspend within an agent).
+   */
+  async resumeStreamUntilIdle(resumeData, options) {
+    const processedParams = {
+      ...options,
+      resumeData,
+      requestContext: parseClientRequestContext(options.requestContext),
+      clientTools: processClientTools(options.clientTools),
+      structuredOutput: options.structuredOutput ? {
+        ...options.structuredOutput,
+        schema: standardSchemaToJSONSchema(toStandardSchema(options.structuredOutput.schema))
+      } : void 0
+    };
+    let readableController;
+    const readable = new ReadableStream({
+      start(controller) {
+        readableController = controller;
+      }
+    });
+    const response = await this.processStreamResponse(processedParams, readableController, "resume-stream-until-idle");
+    const streamResponse = new Response(readable, {
+      status: response.status,
+      statusText: response.statusText,
+      headers: response.headers
+    });
+    streamResponse.processDataStream = async ({
+      onChunk
+    }) => {
+      await processMastraStream({
+        stream: streamResponse.body,
+        onChunk
+      });
+    };
+    return streamResponse;
+  }
   /**
    * Approves a pending tool call and returns the complete response (non-streaming).
    * Used when `requireToolApproval` is enabled with generate() to allow the agent to proceed.
@@ -2774,6 +2813,102 @@ async function* processA2AStream(stream) {
     reader.releaseLock();
   }
 }
+var DEFAULT_AGENT_CARD_SIGNATURE_ALGORITHMS = [
+  "ES256",
+  "ES384",
+  "ES512",
+  "RS256",
+  "RS384",
+  "RS512",
+  "PS256",
+  "PS384",
+  "PS512"
+];
+function stripAgentCardSignatures(agentCard) {
+  const unsignedCard = structuredClone(agentCard);
+  delete unsignedCard.signatures;
+  return unsignedCard;
+}
+function isCryptoKey(value) {
+  const cryptoKeyConstructor = globalThis.CryptoKey;
+  return typeof cryptoKeyConstructor !== "undefined" && value instanceof cryptoKeyConstructor;
+}
+function isPem(value) {
+  return value.includes("-----BEGIN ");
+}
+function isCertificate(value) {
+  return value.includes("-----BEGIN CERTIFICATE-----");
+}
+async function importVerificationKey(key, algorithm) {
+  if (isCryptoKey(key) || key instanceof Uint8Array) {
+    return key;
+  }
+  if (key instanceof ArrayBuffer) {
+    return new Uint8Array(key);
+  }
+  if (typeof key === "string") {
+    if (algorithm.startsWith("HS")) {
+      return new TextEncoder().encode(key);
+    }
+    if (!isPem(key)) {
+      throw new Error("Expected a PEM-encoded public key or certificate string for Agent Card verification");
+    }
+    if (isCertificate(key)) {
+      return importX509(key, algorithm);
+    }
+    return importSPKI(key, algorithm);
+  }
+  return importJWK(key, algorithm);
+}
+async function verifyAgentCardSignatureIfPresent(agentCard, options) {
+  const signatures = agentCard.signatures ?? [];
+  if (signatures.length === 0) {
+    return agentCard;
+  }
+  const canonicalPayload = canonicalize(stripAgentCardSignatures(agentCard));
+  if (!canonicalPayload) {
+    throw new MastraClientError(200, "OK", "Failed to canonicalize A2A Agent Card for signature verification");
+  }
+  const allowedAlgorithms = options.algorithms ?? [...DEFAULT_AGENT_CARD_SIGNATURE_ALGORITHMS];
+  const encodedPayload = base64url.encode(canonicalPayload);
+  const verificationErrors = [];
+  for (const [index, signature] of signatures.entries()) {
+    try {
+      const compactJws = `${signature.protected}.${encodedPayload}.${signature.signature}`;
+      const protectedHeader = decodeProtectedHeader(compactJws);
+      if (typeof protectedHeader.alg !== "string") {
+        throw new Error('Agent Card signature is missing a protected "alg" header');
+      }
+      if (!allowedAlgorithms.includes(protectedHeader.alg)) {
+        throw new Error(`Agent Card signature algorithm "${protectedHeader.alg}" is not allowed`);
+      }
+      const verificationKey = await options.keyProvider({
+        agentCard,
+        signature,
+        protectedHeader,
+        alg: protectedHeader.alg,
+        kid: typeof protectedHeader.kid === "string" ? protectedHeader.kid : void 0,
+        jku: typeof protectedHeader.jku === "string" ? protectedHeader.jku : void 0,
+        index
+      });
+      if (!verificationKey) {
+        throw new Error("No verification key was provided for Agent Card signature verification");
+      }
+      const importedKey = await importVerificationKey(verificationKey, protectedHeader.alg);
+      await compactVerify(compactJws, importedKey, {
+        algorithms: allowedAlgorithms
+      });
+      return agentCard;
+    } catch (error) {
+      verificationErrors.push(error instanceof Error ? error.message : "Unknown verification failure");
+    }
+  }
+  throw new MastraClientError(
+    200,
+    "OK",
+    `A2A Agent Card signature verification failed: ${verificationErrors.join("; ")}`
+  );
+}
 
 // src/resources/a2a.ts
 function createA2AJsonRpcError(response) {
@@ -2816,16 +2951,21 @@ var A2A = class extends BaseResource {
   agentId;
   /**
    * Get the agent card with metadata about the agent.
+   * @param options - Optional Agent Card verification settings
    * @returns Promise containing the agent card information
    */
-  async getAgentCard() {
-    return this.request(`/.well-known/${this.agentId}/agent-card.json`);
+  async getAgentCard(options) {
+    const agentCard = await this.request(`/.well-known/${this.agentId}/agent-card.json`);
+    if (!options?.verifySignature) {
+      return agentCard;
+    }
+    return verifyAgentCardSignatureIfPresent(agentCard, options.verifySignature);
   }
   /**
    * @deprecated Use getAgentCard() instead.
    */
-  async getCard() {
-    return this.getAgentCard();
+  async getCard(options) {
+    return this.getAgentCard(options);
   }
   /**
    * Get the authenticated extended agent card.
@@ -6213,6 +6353,8 @@ var MastraClient = class extends BaseResource {
     if (params.runId) searchParams.set("runId", params.runId);
     if (params.threadId) searchParams.set("threadId", params.threadId);
     if (params.resourceId) searchParams.set("resourceId", params.resourceId);
+    if (params.toolName) searchParams.set("toolName", params.toolName);
+    if (params.toolCallId) searchParams.set("toolCallId", params.toolCallId);
     if (params.fromDate) searchParams.set("fromDate", params.fromDate.toISOString());
     if (params.toDate) searchParams.set("toDate", params.toDate.toISOString());
     if (params.dateFilterBy) searchParams.set("dateFilterBy", params.dateFilterBy);