@nextera.one/axis-server-sdk 2.2.6 → 2.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{axis-sensor-GBEI3Fab.d.mts → axis-sensor-DMW4rfRg.d.mts} +9 -9
- package/dist/{axis-sensor-GBEI3Fab.d.ts → axis-sensor-DMW4rfRg.d.ts} +9 -9
- package/dist/cce/index.d.mts +10 -10
- package/dist/cce/index.d.ts +10 -10
- package/dist/cce/index.js +43 -14
- package/dist/cce/index.js.map +1 -1
- package/dist/cce/index.mjs +43 -14
- package/dist/cce/index.mjs.map +1 -1
- package/dist/{cce-pipeline-B-zUBHo3.d.mts → cce-pipeline-BJ-F1isr.d.ts} +2 -1
- package/dist/{cce-pipeline-DbGBSsCG.d.ts → cce-pipeline-CBt56guN.d.mts} +2 -1
- package/dist/{index-CwXlBXJf.d.ts → index-BAoKsEOu.d.ts} +22 -22
- package/dist/{index-ldPtIocV.d.mts → index-BLK3AtRm.d.mts} +22 -22
- package/dist/{index-l3Hhirqb.d.ts → index-DMjzq8YO.d.ts} +1 -1
- package/dist/{index-_S4fmVUJ.d.mts → index-DiuKGnQw.d.mts} +1 -1
- package/dist/index.d.mts +7 -7
- package/dist/index.d.ts +7 -7
- package/dist/index.js +125 -42
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +125 -42
- package/dist/index.mjs.map +1 -1
- package/dist/needle/index.d.mts +2 -2
- package/dist/needle/index.d.ts +2 -2
- package/dist/needle/index.js.map +1 -1
- package/dist/needle/index.mjs.map +1 -1
- package/dist/sensors/index.d.mts +3 -3
- package/dist/sensors/index.d.ts +3 -3
- package/dist/sensors/index.js +125 -42
- package/dist/sensors/index.js.map +1 -1
- package/dist/sensors/index.mjs +125 -42
- package/dist/sensors/index.mjs.map +1 -1
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -1427,6 +1427,7 @@ var init_cce_types = __esm({
|
|
|
1427
1427
|
CAPSULE_NOT_YET_VALID: "CCE_CAPSULE_NOT_YET_VALID",
|
|
1428
1428
|
CAPSULE_REVOKED: "CCE_CAPSULE_REVOKED",
|
|
1429
1429
|
CAPSULE_CONSUMED: "CCE_CAPSULE_CONSUMED",
|
|
1430
|
+
CAPSULE_NOT_VERIFIED: "CCE_CAPSULE_NOT_VERIFIED",
|
|
1430
1431
|
// Binding errors
|
|
1431
1432
|
AUDIENCE_MISMATCH: "CCE_AUDIENCE_MISMATCH",
|
|
1432
1433
|
INTENT_MISMATCH: "CCE_INTENT_MISMATCH",
|
|
@@ -8447,9 +8448,37 @@ var init_axis_sensor_chain_service = __esm({
|
|
|
8447
8448
|
);
|
|
8448
8449
|
}
|
|
8449
8450
|
async evaluateSensors(sensors, input, baseDecision) {
|
|
8450
|
-
const relevantSensors =
|
|
8451
|
-
|
|
8452
|
-
|
|
8451
|
+
const relevantSensors = [];
|
|
8452
|
+
for (const sensor of sensors) {
|
|
8453
|
+
if (!sensor.supports) {
|
|
8454
|
+
relevantSensors.push(sensor);
|
|
8455
|
+
continue;
|
|
8456
|
+
}
|
|
8457
|
+
try {
|
|
8458
|
+
const supportsDecision = normalizeSensorDecision(
|
|
8459
|
+
await sensor.supports(input)
|
|
8460
|
+
);
|
|
8461
|
+
if (supportsDecision.allow) {
|
|
8462
|
+
relevantSensors.push(sensor);
|
|
8463
|
+
}
|
|
8464
|
+
} catch (error) {
|
|
8465
|
+
console.error(
|
|
8466
|
+
`[AXIS][SENSOR] ${sensor.name} supports() failed:`,
|
|
8467
|
+
error
|
|
8468
|
+
);
|
|
8469
|
+
const obs = input.metadata?.observation;
|
|
8470
|
+
if (obs) {
|
|
8471
|
+
recordSensor(obs, sensor.name, false, 100, 0, [
|
|
8472
|
+
`sensor_support_error:${sensor.name}`
|
|
8473
|
+
]);
|
|
8474
|
+
}
|
|
8475
|
+
return {
|
|
8476
|
+
allow: false,
|
|
8477
|
+
riskScore: 100,
|
|
8478
|
+
reasons: [`sensor_support_error:${sensor.name}`]
|
|
8479
|
+
};
|
|
8480
|
+
}
|
|
8481
|
+
}
|
|
8453
8482
|
const normalizedBase = baseDecision ? normalizeSensorDecision(baseDecision) : void 0;
|
|
8454
8483
|
let riskScore = normalizedBase?.riskScore ?? 0;
|
|
8455
8484
|
const reasons = normalizedBase?.reasons ? [...normalizedBase.reasons] : [];
|
|
@@ -10404,8 +10433,9 @@ var require_access_profile_resolver_sensor = __commonJS({
|
|
|
10404
10433
|
this.name = "AccessProfileResolverSensor";
|
|
10405
10434
|
this.order = sensor_bands_1.BAND.IDENTITY + 10;
|
|
10406
10435
|
}
|
|
10407
|
-
supports() {
|
|
10408
|
-
|
|
10436
|
+
async supports(input) {
|
|
10437
|
+
void input;
|
|
10438
|
+
return { action: "ALLOW" };
|
|
10409
10439
|
}
|
|
10410
10440
|
async run(input) {
|
|
10411
10441
|
const hasCapsule = !!input.metadata?.capsuleId;
|
|
@@ -10446,8 +10476,12 @@ var require_body_budget_sensor = __commonJS({
|
|
|
10446
10476
|
this.name = "BodyBudgetSensor";
|
|
10447
10477
|
this.order = sensor_bands_1.BAND.CONTENT + 10;
|
|
10448
10478
|
}
|
|
10449
|
-
supports(input) {
|
|
10450
|
-
return !!input.peek && input.peek.length >= 8
|
|
10479
|
+
async supports(input) {
|
|
10480
|
+
return !!input.peek && input.peek.length >= 8 ? { action: "ALLOW" } : {
|
|
10481
|
+
action: "DENY",
|
|
10482
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
10483
|
+
reason: "Insufficient peek data to read headers"
|
|
10484
|
+
};
|
|
10451
10485
|
}
|
|
10452
10486
|
async run(input) {
|
|
10453
10487
|
const { peek } = input;
|
|
@@ -10511,8 +10545,9 @@ var require_capability_enforcement_sensor = __commonJS({
|
|
|
10511
10545
|
this.name = "CapabilityEnforcementSensor";
|
|
10512
10546
|
this.order = sensor_bands_1.BAND.POLICY + 10;
|
|
10513
10547
|
}
|
|
10514
|
-
supports(input) {
|
|
10515
|
-
|
|
10548
|
+
async supports(input) {
|
|
10549
|
+
void input;
|
|
10550
|
+
return { action: "ALLOW" };
|
|
10516
10551
|
}
|
|
10517
10552
|
async run(input) {
|
|
10518
10553
|
const { intent, packet } = input;
|
|
@@ -10578,8 +10613,12 @@ var require_chunk_hash_sensor = __commonJS({
|
|
|
10578
10613
|
this.name = "ChunkHashSensor";
|
|
10579
10614
|
this.order = sensor_bands_1.BAND.CONTENT + 50;
|
|
10580
10615
|
}
|
|
10581
|
-
supports(input) {
|
|
10582
|
-
return input.intent === "file.chunk"
|
|
10616
|
+
async supports(input) {
|
|
10617
|
+
return input.intent === "file.chunk" ? { action: "ALLOW" } : {
|
|
10618
|
+
action: "DENY",
|
|
10619
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
10620
|
+
reason: "Only file.chunk intent is supported"
|
|
10621
|
+
};
|
|
10583
10622
|
}
|
|
10584
10623
|
async run(input) {
|
|
10585
10624
|
const headerTLVs = input.headerTLVs;
|
|
@@ -10769,8 +10808,8 @@ var require_execution_timeout_sensor = __commonJS({
|
|
|
10769
10808
|
this.name = "ExecutionTimeoutSensor";
|
|
10770
10809
|
this.order = sensor_bands_1.BAND.BUSINESS + 10;
|
|
10771
10810
|
}
|
|
10772
|
-
supports(
|
|
10773
|
-
return
|
|
10811
|
+
async supports() {
|
|
10812
|
+
return Promise.resolve({ action: "ALLOW" });
|
|
10774
10813
|
}
|
|
10775
10814
|
async run(input) {
|
|
10776
10815
|
const { intent, context } = input;
|
|
@@ -10823,8 +10862,12 @@ var require_frame_budget_sensor = __commonJS({
|
|
|
10823
10862
|
this.name = "FrameBudgetSensor";
|
|
10824
10863
|
this.order = sensor_bands_1.BAND.WIRE + 20;
|
|
10825
10864
|
}
|
|
10826
|
-
supports(input) {
|
|
10827
|
-
return typeof input.contentLength === "number"
|
|
10865
|
+
async supports(input) {
|
|
10866
|
+
return typeof input.contentLength === "number" ? { action: "ALLOW" } : {
|
|
10867
|
+
action: "DENY",
|
|
10868
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
10869
|
+
reason: "Content-Length not available"
|
|
10870
|
+
};
|
|
10828
10871
|
}
|
|
10829
10872
|
async run(input) {
|
|
10830
10873
|
const maxBytes = Number(process.env["AXIS_MAX_FRAME_SIZE"]) || 50 * 1024 * 1024;
|
|
@@ -10869,8 +10912,12 @@ var require_frame_header_sanity_sensor = __commonJS({
|
|
|
10869
10912
|
this.name = "FrameHeaderSanitySensor";
|
|
10870
10913
|
this.order = sensor_bands_1.BAND.WIRE + 30;
|
|
10871
10914
|
}
|
|
10872
|
-
supports(input) {
|
|
10873
|
-
return !!input.peek && input.peek.length >= 7
|
|
10915
|
+
async supports(input) {
|
|
10916
|
+
return !!input.peek && input.peek.length >= 7 ? { action: "ALLOW" } : {
|
|
10917
|
+
action: "DENY",
|
|
10918
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
10919
|
+
reason: "Insufficient peek data for header sanity checks"
|
|
10920
|
+
};
|
|
10874
10921
|
}
|
|
10875
10922
|
async run(input) {
|
|
10876
10923
|
const peek = input.peek;
|
|
@@ -10936,8 +10983,12 @@ var require_header_tlv_limit_sensor = __commonJS({
|
|
|
10936
10983
|
this.order = sensor_bands_1.BAND.CONTENT + 0;
|
|
10937
10984
|
this.MAX_TLVS = 64;
|
|
10938
10985
|
}
|
|
10939
|
-
supports(input) {
|
|
10940
|
-
return !!input.headerTLVs || !!input.packet
|
|
10986
|
+
async supports(input) {
|
|
10987
|
+
return !!input.headerTLVs || !!input.packet ? { action: "ALLOW" } : {
|
|
10988
|
+
action: "DENY",
|
|
10989
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
10990
|
+
reason: "Header TLV context is not available"
|
|
10991
|
+
};
|
|
10941
10992
|
}
|
|
10942
10993
|
async run(input) {
|
|
10943
10994
|
if (input.headerTLVs && input.headerTLVs.size > this.MAX_TLVS) {
|
|
@@ -10993,8 +11044,12 @@ var require_intent_allowlist_sensor = __commonJS({
|
|
|
10993
11044
|
this.name = "IntentAllowlistSensor";
|
|
10994
11045
|
this.order = sensor_bands_1.BAND.IDENTITY + 20;
|
|
10995
11046
|
}
|
|
10996
|
-
supports(input) {
|
|
10997
|
-
return !!input.intent
|
|
11047
|
+
async supports(input) {
|
|
11048
|
+
return !!input.intent ? { action: "ALLOW" } : {
|
|
11049
|
+
action: "DENY",
|
|
11050
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
11051
|
+
reason: "Intent is not available"
|
|
11052
|
+
};
|
|
10998
11053
|
}
|
|
10999
11054
|
async run(input) {
|
|
11000
11055
|
const profile = input.metadata?.profile || "PUBLIC";
|
|
@@ -11044,8 +11099,8 @@ var require_intent_registry_sensor = __commonJS({
|
|
|
11044
11099
|
this.name = "IntentRegistrySensor";
|
|
11045
11100
|
this.order = sensor_bands_1.BAND.IDENTITY + 25;
|
|
11046
11101
|
}
|
|
11047
|
-
supports(
|
|
11048
|
-
return
|
|
11102
|
+
async supports() {
|
|
11103
|
+
return Promise.resolve({ action: "ALLOW" });
|
|
11049
11104
|
}
|
|
11050
11105
|
async run(input) {
|
|
11051
11106
|
const intent = input.intent;
|
|
@@ -11094,8 +11149,12 @@ var require_law_evaluation_sensor = __commonJS({
|
|
|
11094
11149
|
this.name = "LawEvaluationSensor";
|
|
11095
11150
|
this.order = sensor_bands_1.BAND.POLICY + 5;
|
|
11096
11151
|
}
|
|
11097
|
-
supports(input) {
|
|
11098
|
-
return !!this.options.evaluator && !!input.intent
|
|
11152
|
+
async supports(input) {
|
|
11153
|
+
return !!this.options.evaluator && !!input.intent ? { action: "ALLOW" } : {
|
|
11154
|
+
action: "DENY",
|
|
11155
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
11156
|
+
reason: "Law evaluator or intent missing"
|
|
11157
|
+
};
|
|
11099
11158
|
}
|
|
11100
11159
|
async run(input) {
|
|
11101
11160
|
const evaluator = this.options.evaluator;
|
|
@@ -11161,7 +11220,9 @@ var require_law_evaluation_sensor = __commonJS({
|
|
|
11161
11220
|
return {
|
|
11162
11221
|
action: "FLAG",
|
|
11163
11222
|
scoreDelta: 25,
|
|
11164
|
-
reasons: reasons.length > 0 ? reasons : [
|
|
11223
|
+
reasons: reasons.length > 0 ? reasons : [
|
|
11224
|
+
"Execution is conditionally permitted pending additional requirements"
|
|
11225
|
+
],
|
|
11165
11226
|
meta: result
|
|
11166
11227
|
};
|
|
11167
11228
|
}
|
|
@@ -11552,8 +11613,11 @@ var require_proof_presence_sensor = __commonJS({
|
|
|
11552
11613
|
this.name = "ProofPresenceSensor";
|
|
11553
11614
|
this.order = sensor_bands_1.BAND.IDENTITY + 30;
|
|
11554
11615
|
}
|
|
11555
|
-
supports(input) {
|
|
11556
|
-
|
|
11616
|
+
async supports(input) {
|
|
11617
|
+
if (!!input.profile && !!input.visibility) {
|
|
11618
|
+
return { action: "ALLOW" };
|
|
11619
|
+
}
|
|
11620
|
+
return { action: "DENY", code: "MISSING_REQUIRED_FIELDS" };
|
|
11557
11621
|
}
|
|
11558
11622
|
async run(input) {
|
|
11559
11623
|
const validatedInput = axis_schemas_1.ProofPresenceInputZ.safeParse(input);
|
|
@@ -11847,8 +11911,8 @@ var require_receipt_policy_sensor = __commonJS({
|
|
|
11847
11911
|
this.name = "ReceiptPolicySensor";
|
|
11848
11912
|
this.order = sensor_bands_1.BAND.BUSINESS + 20;
|
|
11849
11913
|
}
|
|
11850
|
-
supports() {
|
|
11851
|
-
return
|
|
11914
|
+
async supports() {
|
|
11915
|
+
return { action: "ALLOW" };
|
|
11852
11916
|
}
|
|
11853
11917
|
async run() {
|
|
11854
11918
|
return { action: "ALLOW" };
|
|
@@ -12008,8 +12072,11 @@ var require_schema_validation_sensor = __commonJS({
|
|
|
12008
12072
|
this.name = "SchemaValidationSensor";
|
|
12009
12073
|
this.order = sensor_bands_1.BAND.CONTENT + 35;
|
|
12010
12074
|
}
|
|
12011
|
-
supports(input) {
|
|
12012
|
-
|
|
12075
|
+
async supports(input) {
|
|
12076
|
+
if (input.metadata?.schema) {
|
|
12077
|
+
return { action: "ALLOW" };
|
|
12078
|
+
}
|
|
12079
|
+
return { action: "DENY", code: "SCHEMA_NOT_CONFIGURED" };
|
|
12013
12080
|
}
|
|
12014
12081
|
async run(input) {
|
|
12015
12082
|
const schema = input.metadata?.schema;
|
|
@@ -12134,8 +12201,8 @@ var require_stream_scope_sensor = __commonJS({
|
|
|
12134
12201
|
this.name = "StreamScopeSensor";
|
|
12135
12202
|
this.order = sensor_bands_1.BAND.BUSINESS + 0;
|
|
12136
12203
|
}
|
|
12137
|
-
supports() {
|
|
12138
|
-
return
|
|
12204
|
+
async supports() {
|
|
12205
|
+
return { action: "ALLOW" };
|
|
12139
12206
|
}
|
|
12140
12207
|
async run() {
|
|
12141
12208
|
return { action: "ALLOW" };
|
|
@@ -12173,8 +12240,12 @@ var require_tickauth_sensor = __commonJS({
|
|
|
12173
12240
|
this.matchIntent = options.matchIntent ?? true;
|
|
12174
12241
|
this.acceptTypes = options.acceptTypes?.length ? new Set(options.acceptTypes) : null;
|
|
12175
12242
|
}
|
|
12176
|
-
supports(input) {
|
|
12177
|
-
return !!(input.metadata?.capsule || input.metadata?.tickauthCapsule || input.metadata?.cceEnvelope?.capsule)
|
|
12243
|
+
async supports(input) {
|
|
12244
|
+
return !!(input.metadata?.capsule || input.metadata?.tickauthCapsule || input.metadata?.cceEnvelope?.capsule) ? { action: "ALLOW" } : {
|
|
12245
|
+
action: "DENY",
|
|
12246
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
12247
|
+
reason: "TickAuth capsule not found"
|
|
12248
|
+
};
|
|
12178
12249
|
}
|
|
12179
12250
|
async run(input) {
|
|
12180
12251
|
const capsule = input.metadata?.capsule ?? input.metadata?.tickauthCapsule ?? input.metadata?.cceEnvelope?.capsule;
|
|
@@ -12280,8 +12351,12 @@ var require_tlv_parse_sensor = __commonJS({
|
|
|
12280
12351
|
this.name = "TLVParseSensor";
|
|
12281
12352
|
this.order = sensor_bands_1.BAND.CONTENT + 20;
|
|
12282
12353
|
}
|
|
12283
|
-
supports(input) {
|
|
12284
|
-
return !!input.packet
|
|
12354
|
+
async supports(input) {
|
|
12355
|
+
return !!input.packet ? { action: "ALLOW" } : {
|
|
12356
|
+
action: "DENY",
|
|
12357
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
12358
|
+
reason: "Packet is not available"
|
|
12359
|
+
};
|
|
12285
12360
|
}
|
|
12286
12361
|
async run(input) {
|
|
12287
12362
|
const packet = input.packet;
|
|
@@ -12413,9 +12488,13 @@ var require_tps_sensor = __commonJS({
|
|
|
12413
12488
|
this.maxDriftMs = options.maxDriftMs ?? 3e4;
|
|
12414
12489
|
this.resolver = options.resolver ?? parseINotation;
|
|
12415
12490
|
}
|
|
12416
|
-
supports(input) {
|
|
12491
|
+
async supports(input) {
|
|
12417
12492
|
const tps = input.metadata?.tps_coordinate ?? input.metadata?.tps ?? input.packet?.tps;
|
|
12418
|
-
return typeof tps === "string" && tps.length > 0
|
|
12493
|
+
return typeof tps === "string" && tps.length > 0 ? { action: "ALLOW" } : {
|
|
12494
|
+
action: "DENY",
|
|
12495
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
12496
|
+
reason: "TPS coordinate not available"
|
|
12497
|
+
};
|
|
12419
12498
|
}
|
|
12420
12499
|
async run(input) {
|
|
12421
12500
|
const tps = input.metadata?.tps_coordinate ?? input.metadata?.tps ?? input.packet?.tps;
|
|
@@ -12481,8 +12560,12 @@ var require_varint_hardening_sensor = __commonJS({
|
|
|
12481
12560
|
this.order = sensor_bands_1.BAND.WIRE + 35;
|
|
12482
12561
|
this.MAX_VARINT_BYTES = 5;
|
|
12483
12562
|
}
|
|
12484
|
-
supports(input) {
|
|
12485
|
-
return !!input.peek && input.peek.length >= 7
|
|
12563
|
+
async supports(input) {
|
|
12564
|
+
return !!input.peek && input.peek.length >= 7 ? { action: "ALLOW" } : {
|
|
12565
|
+
action: "DENY",
|
|
12566
|
+
code: "SENSOR_NOT_APPLICABLE",
|
|
12567
|
+
reason: "Insufficient peek data for varint hardening"
|
|
12568
|
+
};
|
|
12486
12569
|
}
|
|
12487
12570
|
async run(input) {
|
|
12488
12571
|
const peek = input.peek;
|