@nextera.one/axis-server-sdk 2.2.6 → 2.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{axis-sensor-GBEI3Fab.d.mts → axis-sensor-DMW4rfRg.d.mts} +9 -9
- package/dist/{axis-sensor-GBEI3Fab.d.ts → axis-sensor-DMW4rfRg.d.ts} +9 -9
- package/dist/cce/index.d.mts +10 -10
- package/dist/cce/index.d.ts +10 -10
- package/dist/cce/index.js +43 -14
- package/dist/cce/index.js.map +1 -1
- package/dist/cce/index.mjs +43 -14
- package/dist/cce/index.mjs.map +1 -1
- package/dist/{cce-pipeline-B-zUBHo3.d.mts → cce-pipeline-BJ-F1isr.d.ts} +2 -1
- package/dist/{cce-pipeline-DbGBSsCG.d.ts → cce-pipeline-CBt56guN.d.mts} +2 -1
- package/dist/{index-CwXlBXJf.d.ts → index-BAoKsEOu.d.ts} +22 -22
- package/dist/{index-ldPtIocV.d.mts → index-BLK3AtRm.d.mts} +22 -22
- package/dist/{index-l3Hhirqb.d.ts → index-DMjzq8YO.d.ts} +1 -1
- package/dist/{index-_S4fmVUJ.d.mts → index-DiuKGnQw.d.mts} +1 -1
- package/dist/index.d.mts +7 -7
- package/dist/index.d.ts +7 -7
- package/dist/index.js +125 -42
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +125 -42
- package/dist/index.mjs.map +1 -1
- package/dist/needle/index.d.mts +2 -2
- package/dist/needle/index.d.ts +2 -2
- package/dist/needle/index.js.map +1 -1
- package/dist/needle/index.mjs.map +1 -1
- package/dist/sensors/index.d.mts +3 -3
- package/dist/sensors/index.d.ts +3 -3
- package/dist/sensors/index.js +125 -42
- package/dist/sensors/index.js.map +1 -1
- package/dist/sensors/index.mjs +125 -42
- package/dist/sensors/index.mjs.map +1 -1
- package/package.json +2 -2
package/dist/sensors/index.mjs
CHANGED
|
@@ -104,8 +104,9 @@ var require_access_profile_resolver_sensor = __commonJS({
|
|
|
104
104
|
this.name = "AccessProfileResolverSensor";
|
|
105
105
|
this.order = sensor_bands_1.BAND.IDENTITY + 10;
|
|
106
106
|
}
|
|
107
|
-
supports() {
|
|
108
|
-
|
|
107
|
+
async supports(input) {
|
|
108
|
+
void input;
|
|
109
|
+
return { action: "ALLOW" };
|
|
109
110
|
}
|
|
110
111
|
async run(input) {
|
|
111
112
|
const hasCapsule = !!input.metadata?.capsuleId;
|
|
@@ -317,8 +318,12 @@ var require_body_budget_sensor = __commonJS({
|
|
|
317
318
|
this.name = "BodyBudgetSensor";
|
|
318
319
|
this.order = sensor_bands_1.BAND.CONTENT + 10;
|
|
319
320
|
}
|
|
320
|
-
supports(input) {
|
|
321
|
-
return !!input.peek && input.peek.length >= 8
|
|
321
|
+
async supports(input) {
|
|
322
|
+
return !!input.peek && input.peek.length >= 8 ? { action: "ALLOW" } : {
|
|
323
|
+
action: "DENY",
|
|
324
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
325
|
+
reason: "Insufficient peek data to read headers"
|
|
326
|
+
};
|
|
322
327
|
}
|
|
323
328
|
async run(input) {
|
|
324
329
|
const { peek } = input;
|
|
@@ -1645,6 +1650,7 @@ var init_cce_types = __esm({
|
|
|
1645
1650
|
CAPSULE_NOT_YET_VALID: "CCE_CAPSULE_NOT_YET_VALID",
|
|
1646
1651
|
CAPSULE_REVOKED: "CCE_CAPSULE_REVOKED",
|
|
1647
1652
|
CAPSULE_CONSUMED: "CCE_CAPSULE_CONSUMED",
|
|
1653
|
+
CAPSULE_NOT_VERIFIED: "CCE_CAPSULE_NOT_VERIFIED",
|
|
1648
1654
|
// Binding errors
|
|
1649
1655
|
AUDIENCE_MISMATCH: "CCE_AUDIENCE_MISMATCH",
|
|
1650
1656
|
INTENT_MISMATCH: "CCE_INTENT_MISMATCH",
|
|
@@ -8622,9 +8628,37 @@ var init_axis_sensor_chain_service = __esm({
|
|
|
8622
8628
|
);
|
|
8623
8629
|
}
|
|
8624
8630
|
async evaluateSensors(sensors, input, baseDecision) {
|
|
8625
|
-
const relevantSensors =
|
|
8626
|
-
|
|
8627
|
-
|
|
8631
|
+
const relevantSensors = [];
|
|
8632
|
+
for (const sensor of sensors) {
|
|
8633
|
+
if (!sensor.supports) {
|
|
8634
|
+
relevantSensors.push(sensor);
|
|
8635
|
+
continue;
|
|
8636
|
+
}
|
|
8637
|
+
try {
|
|
8638
|
+
const supportsDecision = normalizeSensorDecision(
|
|
8639
|
+
await sensor.supports(input)
|
|
8640
|
+
);
|
|
8641
|
+
if (supportsDecision.allow) {
|
|
8642
|
+
relevantSensors.push(sensor);
|
|
8643
|
+
}
|
|
8644
|
+
} catch (error) {
|
|
8645
|
+
console.error(
|
|
8646
|
+
`[AXIS][SENSOR] ${sensor.name} supports() failed:`,
|
|
8647
|
+
error
|
|
8648
|
+
);
|
|
8649
|
+
const obs = input.metadata?.observation;
|
|
8650
|
+
if (obs) {
|
|
8651
|
+
recordSensor(obs, sensor.name, false, 100, 0, [
|
|
8652
|
+
`sensor_support_error:${sensor.name}`
|
|
8653
|
+
]);
|
|
8654
|
+
}
|
|
8655
|
+
return {
|
|
8656
|
+
allow: false,
|
|
8657
|
+
riskScore: 100,
|
|
8658
|
+
reasons: [`sensor_support_error:${sensor.name}`]
|
|
8659
|
+
};
|
|
8660
|
+
}
|
|
8661
|
+
}
|
|
8628
8662
|
const normalizedBase = baseDecision ? normalizeSensorDecision(baseDecision) : void 0;
|
|
8629
8663
|
let riskScore = normalizedBase?.riskScore ?? 0;
|
|
8630
8664
|
const reasons = normalizedBase?.reasons ? [...normalizedBase.reasons] : [];
|
|
@@ -10966,8 +11000,9 @@ var require_capability_enforcement_sensor = __commonJS({
|
|
|
10966
11000
|
this.name = "CapabilityEnforcementSensor";
|
|
10967
11001
|
this.order = sensor_bands_1.BAND.POLICY + 10;
|
|
10968
11002
|
}
|
|
10969
|
-
supports(input) {
|
|
10970
|
-
|
|
11003
|
+
async supports(input) {
|
|
11004
|
+
void input;
|
|
11005
|
+
return { action: "ALLOW" };
|
|
10971
11006
|
}
|
|
10972
11007
|
async run(input) {
|
|
10973
11008
|
const { intent, packet } = input;
|
|
@@ -11033,8 +11068,12 @@ var require_chunk_hash_sensor = __commonJS({
|
|
|
11033
11068
|
this.name = "ChunkHashSensor";
|
|
11034
11069
|
this.order = sensor_bands_1.BAND.CONTENT + 50;
|
|
11035
11070
|
}
|
|
11036
|
-
supports(input) {
|
|
11037
|
-
return input.intent === "file.chunk"
|
|
11071
|
+
async supports(input) {
|
|
11072
|
+
return input.intent === "file.chunk" ? { action: "ALLOW" } : {
|
|
11073
|
+
action: "DENY",
|
|
11074
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
11075
|
+
reason: "Only file.chunk intent is supported"
|
|
11076
|
+
};
|
|
11038
11077
|
}
|
|
11039
11078
|
async run(input) {
|
|
11040
11079
|
const headerTLVs = input.headerTLVs;
|
|
@@ -11224,8 +11263,8 @@ var require_execution_timeout_sensor = __commonJS({
|
|
|
11224
11263
|
this.name = "ExecutionTimeoutSensor";
|
|
11225
11264
|
this.order = sensor_bands_1.BAND.BUSINESS + 10;
|
|
11226
11265
|
}
|
|
11227
|
-
supports(
|
|
11228
|
-
return
|
|
11266
|
+
async supports() {
|
|
11267
|
+
return Promise.resolve({ action: "ALLOW" });
|
|
11229
11268
|
}
|
|
11230
11269
|
async run(input) {
|
|
11231
11270
|
const { intent, context } = input;
|
|
@@ -11278,8 +11317,12 @@ var require_frame_budget_sensor = __commonJS({
|
|
|
11278
11317
|
this.name = "FrameBudgetSensor";
|
|
11279
11318
|
this.order = sensor_bands_1.BAND.WIRE + 20;
|
|
11280
11319
|
}
|
|
11281
|
-
supports(input) {
|
|
11282
|
-
return typeof input.contentLength === "number"
|
|
11320
|
+
async supports(input) {
|
|
11321
|
+
return typeof input.contentLength === "number" ? { action: "ALLOW" } : {
|
|
11322
|
+
action: "DENY",
|
|
11323
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
11324
|
+
reason: "Content-Length not available"
|
|
11325
|
+
};
|
|
11283
11326
|
}
|
|
11284
11327
|
async run(input) {
|
|
11285
11328
|
const maxBytes = Number(process.env["AXIS_MAX_FRAME_SIZE"]) || 50 * 1024 * 1024;
|
|
@@ -11324,8 +11367,12 @@ var require_frame_header_sanity_sensor = __commonJS({
|
|
|
11324
11367
|
this.name = "FrameHeaderSanitySensor";
|
|
11325
11368
|
this.order = sensor_bands_1.BAND.WIRE + 30;
|
|
11326
11369
|
}
|
|
11327
|
-
supports(input) {
|
|
11328
|
-
return !!input.peek && input.peek.length >= 7
|
|
11370
|
+
async supports(input) {
|
|
11371
|
+
return !!input.peek && input.peek.length >= 7 ? { action: "ALLOW" } : {
|
|
11372
|
+
action: "DENY",
|
|
11373
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
11374
|
+
reason: "Insufficient peek data for header sanity checks"
|
|
11375
|
+
};
|
|
11329
11376
|
}
|
|
11330
11377
|
async run(input) {
|
|
11331
11378
|
const peek = input.peek;
|
|
@@ -11391,8 +11438,12 @@ var require_header_tlv_limit_sensor = __commonJS({
|
|
|
11391
11438
|
this.order = sensor_bands_1.BAND.CONTENT + 0;
|
|
11392
11439
|
this.MAX_TLVS = 64;
|
|
11393
11440
|
}
|
|
11394
|
-
supports(input) {
|
|
11395
|
-
return !!input.headerTLVs || !!input.packet
|
|
11441
|
+
async supports(input) {
|
|
11442
|
+
return !!input.headerTLVs || !!input.packet ? { action: "ALLOW" } : {
|
|
11443
|
+
action: "DENY",
|
|
11444
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
11445
|
+
reason: "Header TLV context is not available"
|
|
11446
|
+
};
|
|
11396
11447
|
}
|
|
11397
11448
|
async run(input) {
|
|
11398
11449
|
if (input.headerTLVs && input.headerTLVs.size > this.MAX_TLVS) {
|
|
@@ -11448,8 +11499,12 @@ var require_intent_allowlist_sensor = __commonJS({
|
|
|
11448
11499
|
this.name = "IntentAllowlistSensor";
|
|
11449
11500
|
this.order = sensor_bands_1.BAND.IDENTITY + 20;
|
|
11450
11501
|
}
|
|
11451
|
-
supports(input) {
|
|
11452
|
-
return !!input.intent
|
|
11502
|
+
async supports(input) {
|
|
11503
|
+
return !!input.intent ? { action: "ALLOW" } : {
|
|
11504
|
+
action: "DENY",
|
|
11505
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
11506
|
+
reason: "Intent is not available"
|
|
11507
|
+
};
|
|
11453
11508
|
}
|
|
11454
11509
|
async run(input) {
|
|
11455
11510
|
const profile = input.metadata?.profile || "PUBLIC";
|
|
@@ -11499,8 +11554,8 @@ var require_intent_registry_sensor = __commonJS({
|
|
|
11499
11554
|
this.name = "IntentRegistrySensor";
|
|
11500
11555
|
this.order = sensor_bands_1.BAND.IDENTITY + 25;
|
|
11501
11556
|
}
|
|
11502
|
-
supports(
|
|
11503
|
-
return
|
|
11557
|
+
async supports() {
|
|
11558
|
+
return Promise.resolve({ action: "ALLOW" });
|
|
11504
11559
|
}
|
|
11505
11560
|
async run(input) {
|
|
11506
11561
|
const intent = input.intent;
|
|
@@ -11549,8 +11604,12 @@ var require_law_evaluation_sensor = __commonJS({
|
|
|
11549
11604
|
this.name = "LawEvaluationSensor";
|
|
11550
11605
|
this.order = sensor_bands_1.BAND.POLICY + 5;
|
|
11551
11606
|
}
|
|
11552
|
-
supports(input) {
|
|
11553
|
-
return !!this.options.evaluator && !!input.intent
|
|
11607
|
+
async supports(input) {
|
|
11608
|
+
return !!this.options.evaluator && !!input.intent ? { action: "ALLOW" } : {
|
|
11609
|
+
action: "DENY",
|
|
11610
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
11611
|
+
reason: "Law evaluator or intent missing"
|
|
11612
|
+
};
|
|
11554
11613
|
}
|
|
11555
11614
|
async run(input) {
|
|
11556
11615
|
const evaluator = this.options.evaluator;
|
|
@@ -11616,7 +11675,9 @@ var require_law_evaluation_sensor = __commonJS({
|
|
|
11616
11675
|
return {
|
|
11617
11676
|
action: "FLAG",
|
|
11618
11677
|
scoreDelta: 25,
|
|
11619
|
-
reasons: reasons.length > 0 ? reasons : [
|
|
11678
|
+
reasons: reasons.length > 0 ? reasons : [
|
|
11679
|
+
"Execution is conditionally permitted pending additional requirements"
|
|
11680
|
+
],
|
|
11620
11681
|
meta: result
|
|
11621
11682
|
};
|
|
11622
11683
|
}
|
|
@@ -12007,8 +12068,11 @@ var require_proof_presence_sensor = __commonJS({
|
|
|
12007
12068
|
this.name = "ProofPresenceSensor";
|
|
12008
12069
|
this.order = sensor_bands_1.BAND.IDENTITY + 30;
|
|
12009
12070
|
}
|
|
12010
|
-
supports(input) {
|
|
12011
|
-
|
|
12071
|
+
async supports(input) {
|
|
12072
|
+
if (!!input.profile && !!input.visibility) {
|
|
12073
|
+
return { action: "ALLOW" };
|
|
12074
|
+
}
|
|
12075
|
+
return { action: "DENY", code: "MISSING_REQUIRED_FIELDS" };
|
|
12012
12076
|
}
|
|
12013
12077
|
async run(input) {
|
|
12014
12078
|
const validatedInput = axis_schemas_1.ProofPresenceInputZ.safeParse(input);
|
|
@@ -12302,8 +12366,8 @@ var require_receipt_policy_sensor = __commonJS({
|
|
|
12302
12366
|
this.name = "ReceiptPolicySensor";
|
|
12303
12367
|
this.order = sensor_bands_1.BAND.BUSINESS + 20;
|
|
12304
12368
|
}
|
|
12305
|
-
supports() {
|
|
12306
|
-
return
|
|
12369
|
+
async supports() {
|
|
12370
|
+
return { action: "ALLOW" };
|
|
12307
12371
|
}
|
|
12308
12372
|
async run() {
|
|
12309
12373
|
return { action: "ALLOW" };
|
|
@@ -12463,8 +12527,11 @@ var require_schema_validation_sensor = __commonJS({
|
|
|
12463
12527
|
this.name = "SchemaValidationSensor";
|
|
12464
12528
|
this.order = sensor_bands_1.BAND.CONTENT + 35;
|
|
12465
12529
|
}
|
|
12466
|
-
supports(input) {
|
|
12467
|
-
|
|
12530
|
+
async supports(input) {
|
|
12531
|
+
if (input.metadata?.schema) {
|
|
12532
|
+
return { action: "ALLOW" };
|
|
12533
|
+
}
|
|
12534
|
+
return { action: "DENY", code: "SCHEMA_NOT_CONFIGURED" };
|
|
12468
12535
|
}
|
|
12469
12536
|
async run(input) {
|
|
12470
12537
|
const schema = input.metadata?.schema;
|
|
@@ -12589,8 +12656,8 @@ var require_stream_scope_sensor = __commonJS({
|
|
|
12589
12656
|
this.name = "StreamScopeSensor";
|
|
12590
12657
|
this.order = sensor_bands_1.BAND.BUSINESS + 0;
|
|
12591
12658
|
}
|
|
12592
|
-
supports() {
|
|
12593
|
-
return
|
|
12659
|
+
async supports() {
|
|
12660
|
+
return { action: "ALLOW" };
|
|
12594
12661
|
}
|
|
12595
12662
|
async run() {
|
|
12596
12663
|
return { action: "ALLOW" };
|
|
@@ -12628,8 +12695,12 @@ var require_tickauth_sensor = __commonJS({
|
|
|
12628
12695
|
this.matchIntent = options.matchIntent ?? true;
|
|
12629
12696
|
this.acceptTypes = options.acceptTypes?.length ? new Set(options.acceptTypes) : null;
|
|
12630
12697
|
}
|
|
12631
|
-
supports(input) {
|
|
12632
|
-
return !!(input.metadata?.capsule || input.metadata?.tickauthCapsule || input.metadata?.cceEnvelope?.capsule)
|
|
12698
|
+
async supports(input) {
|
|
12699
|
+
return !!(input.metadata?.capsule || input.metadata?.tickauthCapsule || input.metadata?.cceEnvelope?.capsule) ? { action: "ALLOW" } : {
|
|
12700
|
+
action: "DENY",
|
|
12701
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
12702
|
+
reason: "TickAuth capsule not found"
|
|
12703
|
+
};
|
|
12633
12704
|
}
|
|
12634
12705
|
async run(input) {
|
|
12635
12706
|
const capsule = input.metadata?.capsule ?? input.metadata?.tickauthCapsule ?? input.metadata?.cceEnvelope?.capsule;
|
|
@@ -12735,8 +12806,12 @@ var require_tlv_parse_sensor = __commonJS({
|
|
|
12735
12806
|
this.name = "TLVParseSensor";
|
|
12736
12807
|
this.order = sensor_bands_1.BAND.CONTENT + 20;
|
|
12737
12808
|
}
|
|
12738
|
-
supports(input) {
|
|
12739
|
-
return !!input.packet
|
|
12809
|
+
async supports(input) {
|
|
12810
|
+
return !!input.packet ? { action: "ALLOW" } : {
|
|
12811
|
+
action: "DENY",
|
|
12812
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
12813
|
+
reason: "Packet is not available"
|
|
12814
|
+
};
|
|
12740
12815
|
}
|
|
12741
12816
|
async run(input) {
|
|
12742
12817
|
const packet = input.packet;
|
|
@@ -12868,9 +12943,13 @@ var require_tps_sensor = __commonJS({
|
|
|
12868
12943
|
this.maxDriftMs = options.maxDriftMs ?? 3e4;
|
|
12869
12944
|
this.resolver = options.resolver ?? parseINotation;
|
|
12870
12945
|
}
|
|
12871
|
-
supports(input) {
|
|
12946
|
+
async supports(input) {
|
|
12872
12947
|
const tps = input.metadata?.tps_coordinate ?? input.metadata?.tps ?? input.packet?.tps;
|
|
12873
|
-
return typeof tps === "string" && tps.length > 0
|
|
12948
|
+
return typeof tps === "string" && tps.length > 0 ? { action: "ALLOW" } : {
|
|
12949
|
+
action: "DENY",
|
|
12950
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
12951
|
+
reason: "TPS coordinate not available"
|
|
12952
|
+
};
|
|
12874
12953
|
}
|
|
12875
12954
|
async run(input) {
|
|
12876
12955
|
const tps = input.metadata?.tps_coordinate ?? input.metadata?.tps ?? input.packet?.tps;
|
|
@@ -12936,8 +13015,12 @@ var require_varint_hardening_sensor = __commonJS({
|
|
|
12936
13015
|
this.order = sensor_bands_1.BAND.WIRE + 35;
|
|
12937
13016
|
this.MAX_VARINT_BYTES = 5;
|
|
12938
13017
|
}
|
|
12939
|
-
supports(input) {
|
|
12940
|
-
return !!input.peek && input.peek.length >= 7
|
|
13018
|
+
async supports(input) {
|
|
13019
|
+
return !!input.peek && input.peek.length >= 7 ? { action: "ALLOW" } : {
|
|
13020
|
+
action: "DENY",
|
|
13021
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
13022
|
+
reason: "Insufficient peek data for varint hardening"
|
|
13023
|
+
};
|
|
12941
13024
|
}
|
|
12942
13025
|
async run(input) {
|
|
12943
13026
|
const peek = input.peek;
|