npm - @passport-agent/sdk - Versions diffs - 0.0.1 - Mend

@passport-agent/sdk 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/dist/__tests__/agent-passport.test.d.ts +2 -0
package/dist/__tests__/agent-passport.test.d.ts.map +1 -0
package/dist/__tests__/agent-passport.test.js +109 -0
package/dist/__tests__/agent-passport.test.js.map +1 -0
package/dist/agent-passport.d.ts +57 -0
package/dist/agent-passport.d.ts.map +1 -0
package/dist/agent-passport.js +103 -0
package/dist/agent-passport.js.map +1 -0
package/dist/authority.d.ts +7 -0
package/dist/authority.d.ts.map +1 -0
package/dist/authority.js +16 -0
package/dist/authority.js.map +1 -0
package/dist/index.d.ts +5 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +3 -0
package/dist/index.js.map +1 -0
package/package.json +32 -0

package/dist/__tests__/agent-passport.test.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=agent-passport.test.d.ts.map

package/dist/__tests__/agent-passport.test.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"agent-passport.test.d.ts","sourceRoot":"","sources":["../../src/__tests__/agent-passport.test.ts"],"names":[],"mappings":""}

package/dist/__tests__/agent-passport.test.js ADDED Viewed

@@ -0,0 +1,109 @@
+import { describe, it, expect } from 'vitest';
+import { AgentPassport } from '../agent-passport.js';
+import { PassportIssuer } from '@passport-agent/core';
+describe('AgentPassport SDK', () => {
+    function createWithIssuer() {
+        const issuer = new PassportIssuer();
+        const passport = AgentPassport.issue({
+            principal: 'user:alice@test.com',
+            agent: 'agent:booking-bot',
+            permissions: ['calendar:read', 'calendar:write', 'email:send'],
+            limits: { maxSpend: 500 },
+            expiresIn: 3600_000,
+        }, issuer);
+        return { passport, issuer };
+    }
+    describe('issue', () => {
+        it('creates a passport with correct properties', () => {
+            const { passport } = createWithIssuer();
+            expect(passport.principal).toBe('user:alice@test.com');
+            expect(passport.agent).toBe('agent:booking-bot');
+            expect(passport.permissions).toEqual(['calendar:read', 'calendar:write', 'email:send']);
+            expect(passport.parentId).toBeNull();
+            expect(passport.id).toBeTruthy();
+        });
+        it('serializes to JSON', () => {
+            const { passport } = createWithIssuer();
+            const json = passport.toJSON();
+            expect(json.principal).toBe('user:alice@test.com');
+            expect(json.agent).toBe('agent:booking-bot');
+            expect(json.expiresAt).toBeTruthy();
+        });
+    });
+    describe('authorize', () => {
+        it('allows permitted actions', () => {
+            const { passport } = createWithIssuer();
+            const result = passport.authorize('calendar:read');
+            expect(result.allowed).toBe(true);
+        });
+        it('throws PassportDeniedError for unpermitted actions', () => {
+            const { passport } = createWithIssuer();
+            expect(() => passport.authorize('admin:delete')).toThrow('denied');
+        });
+        it('tryAuthorize returns result without throwing', () => {
+            const { passport } = createWithIssuer();
+            const result = passport.tryAuthorize('admin:delete');
+            expect(result.allowed).toBe(false);
+        });
+        it('tracks spend across calls', () => {
+            const { passport } = createWithIssuer();
+            passport.authorize('calendar:write', 200);
+            passport.authorize('calendar:write', 200);
+            expect(() => passport.authorize('calendar:write', 200)).toThrow('exceeds');
+        });
+    });
+    describe('delegate', () => {
+        it('creates narrowed child passport', () => {
+            const { passport } = createWithIssuer();
+            const child = passport.delegate({
+                agent: 'agent:email-helper',
+                permissions: ['email:send'],
+                limits: { maxSpend: 50 },
+            });
+            expect(child.agent).toBe('agent:email-helper');
+            expect(child.permissions).toEqual(['email:send']);
+            expect(child.parentId).toBe(passport.id);
+            expect(child.principal).toBe('user:alice@test.com');
+        });
+        it('throws PassportDelegationError on escalation', () => {
+            const { passport } = createWithIssuer();
+            expect(() => passport.delegate({
+                agent: 'agent:evil',
+                permissions: ['admin:nuke'],
+            })).toThrow('subset');
+        });
+        it('child can authorize within its scope', () => {
+            const { passport } = createWithIssuer();
+            const child = passport.delegate({
+                agent: 'agent:email-helper',
+                permissions: ['email:send'],
+            });
+            expect(child.tryAuthorize('email:send').allowed).toBe(true);
+            expect(child.tryAuthorize('calendar:read').allowed).toBe(false);
+        });
+    });
+    describe('revoke', () => {
+        it('revokes passport and all children', () => {
+            const { passport } = createWithIssuer();
+            const child = passport.delegate({
+                agent: 'agent:helper',
+                permissions: ['email:send'],
+            });
+            const revoked = passport.revoke();
+            expect(revoked).toHaveLength(2);
+            expect(child.tryAuthorize('email:send').allowed).toBe(false);
+        });
+    });
+    describe('audit', () => {
+        it('records all authorize calls', () => {
+            const { passport } = createWithIssuer();
+            passport.authorize('calendar:read');
+            passport.tryAuthorize('admin:delete');
+            const log = passport.auditLog;
+            expect(log).toHaveLength(2);
+            expect(log[0].allowed).toBe(true);
+            expect(log[1].allowed).toBe(false);
+        });
+    });
+});
+//# sourceMappingURL=agent-passport.test.js.map

package/dist/__tests__/agent-passport.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"agent-passport.test.js","sourceRoot":"","sources":["../../src/__tests__/agent-passport.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,SAAS,gBAAgB;QACvB,MAAM,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAG,aAAa,CAAC,KAAK,CAClC;YACE,SAAS,EAAE,qBAAqB;YAChC,KAAK,EAAE,mBAAmB;YAC1B,WAAW,EAAE,CAAC,eAAe,EAAE,gBAAgB,EAAE,YAAY,CAAC;YAC9D,MAAM,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE;YACzB,SAAS,EAAE,QAAQ;SACpB,EACD,MAAM,CACP,CAAC;QACF,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC;IAC9B,CAAC;IAED,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE;QACrB,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;YACpD,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;YACvD,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACjD,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,eAAe,EAAE,gBAAgB,EAAE,YAAY,CAAC,CAAC,CAAC;YACxF,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;YACrC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC;QACnC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;YAC5B,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YAC7C,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,UAAU,EAAE,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;QACzB,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,MAAM,GAAG,QAAQ,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;YACnD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;YAC5D,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACrE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,MAAM,GAAG,QAAQ,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;YACrD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;YACnC,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,QAAQ,CAAC,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;YAC1C,QAAQ,CAAC,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;YAC1C,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAC7E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;QACxB,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC;gBAC9B,KAAK,EAAE,oBAAoB;gBAC3B,WAAW,EAAE,CAAC,YAAY,CAAC;gBAC3B,MAAM,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;aACzB,CAAC,CAAC;YAEH,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YAC/C,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;YAClD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;YACzC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,CAAC,GAAG,EAAE,CACV,QAAQ,CAAC,QAAQ,CAAC;gBAChB,KAAK,EAAE,YAAY;gBACnB,WAAW,EAAE,CAAC,YAAY,CAAC;aAC5B,CAAC,CACH,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACtB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC;gBAC9B,KAAK,EAAE,oBAAoB;gBAC3B,WAAW,EAAE,CAAC,YAAY,CAAC;aAC5B,CAAC,CAAC;YAEH,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5D,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE;QACtB,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC;gBAC9B,KAAK,EAAE,cAAc;gBACrB,WAAW,EAAE,CAAC,YAAY,CAAC;aAC5B,CAAC,CAAC;YAEH,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC;YAClC,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAChC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,OAAO,EAAE,GAAG,EAAE;QACrB,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,EAAE,QAAQ,EAAE,GAAG,gBAAgB,EAAE,CAAC;YACxC,QAAQ,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;YACpC,QAAQ,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;YAEtC,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC;YAC9B,MAAM,CAAC,GAAG,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAC5B,MAAM,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/agent-passport.d.ts ADDED Viewed

@@ -0,0 +1,57 @@
+import type { AuthorizeResult, AuditEntry } from '@passport-agent/core';
+import { PassportIssuer } from '@passport-agent/core';
+export interface IssueConfig {
+    principal: string;
+    agent: string;
+    permissions: string[];
+    limits?: {
+        maxSpend: number;
+        currency?: string;
+    };
+    expiresIn?: number;
+}
+export interface DelegateConfig {
+    agent: string;
+    permissions: string[];
+    limits?: {
+        maxSpend: number;
+        currency?: string;
+    };
+    expiresIn?: number;
+}
+export declare class AgentPassport {
+    private signed;
+    private issuer;
+    private constructor();
+    static issue(config: IssueConfig, issuer?: PassportIssuer): AgentPassport;
+    authorize(action: string, spendAmount?: number): AuthorizeResult;
+    tryAuthorize(action: string, spendAmount?: number): AuthorizeResult;
+    delegate(config: DelegateConfig): AgentPassport;
+    revoke(): string[];
+    get id(): string;
+    get principal(): string;
+    get agent(): string;
+    get permissions(): string[];
+    get expiresAt(): Date;
+    get parentId(): string | null;
+    get auditLog(): AuditEntry[];
+    toJSON(): {
+        id: string;
+        principal: string;
+        agent: string;
+        permissions: string[];
+        expiresAt: string;
+        parentId: string | null;
+    };
+}
+export declare class PassportDeniedError extends Error {
+    readonly action: string;
+    readonly passportId: string;
+    constructor(action: string, reason: string, passportId: string);
+}
+export declare class PassportDelegationError extends Error {
+    readonly targetAgent: string;
+    readonly passportId: string;
+    constructor(targetAgent: string, reason: string, passportId: string);
+}
+//# sourceMappingURL=agent-passport.d.ts.map

package/dist/agent-passport.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"agent-passport.d.ts","sourceRoot":"","sources":["../src/agent-passport.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAkB,eAAe,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACxF,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAGtD,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,CAAC,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,CAAC,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IACjD,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAiB;IAC/B,OAAO,CAAC,MAAM,CAAiB;IAE/B,OAAO;IAKP,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,MAAM,CAAC,EAAE,cAAc,GAAG,aAAa;IAYzE,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,SAAI,GAAG,eAAe;IAS3D,YAAY,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,SAAI,GAAG,eAAe;IAI9D,QAAQ,CAAC,MAAM,EAAE,cAAc,GAAG,aAAa;IAe/C,MAAM,IAAI,MAAM,EAAE;IAIlB,IAAI,EAAE,IAAI,MAAM,CAEf;IAED,IAAI,SAAS,IAAI,MAAM,CAEtB;IAED,IAAI,KAAK,IAAI,MAAM,CAElB;IAED,IAAI,WAAW,IAAI,MAAM,EAAE,CAE1B;IAED,IAAI,SAAS,IAAI,IAAI,CAEpB;IAED,IAAI,QAAQ,IAAI,MAAM,GAAG,IAAI,CAE5B;IAED,IAAI,QAAQ,IAAI,UAAU,EAAE,CAE3B;IAED,MAAM;;;;;;;;CAUP;AAED,qBAAa,mBAAoB,SAAQ,KAAK;IAC5C,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;gBAEhB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM;CAS/D;AAED,qBAAa,uBAAwB,SAAQ,KAAK;IAChD,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;gBAEhB,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM;CASpE"}

package/dist/agent-passport.js ADDED Viewed

@@ -0,0 +1,103 @@
+import { getDefaultAuthority } from './authority.js';
+export class AgentPassport {
+    signed;
+    issuer;
+    constructor(signed, issuer) {
+        this.signed = signed;
+        this.issuer = issuer;
+    }
+    static issue(config, issuer) {
+        const authority = issuer ?? getDefaultAuthority();
+        const signed = authority.issue({
+            principal: config.principal,
+            agent: config.agent,
+            permissions: config.permissions,
+            limits: config.limits,
+            expiresIn: config.expiresIn,
+        });
+        return new AgentPassport(signed, authority);
+    }
+    authorize(action, spendAmount = 0) {
+        const result = this.issuer.authorize(this.signed, action, spendAmount);
+        if (!result.allowed) {
+            const err = new PassportDeniedError(action, result.reason ?? 'Unknown reason', this.id);
+            throw err;
+        }
+        return result;
+    }
+    tryAuthorize(action, spendAmount = 0) {
+        return this.issuer.authorize(this.signed, action, spendAmount);
+    }
+    delegate(config) {
+        try {
+            const childSigned = this.issuer.delegate(this.signed, {
+                agent: config.agent,
+                permissions: config.permissions,
+                limits: config.limits,
+                expiresIn: config.expiresIn,
+            });
+            return new AgentPassport(childSigned, this.issuer);
+        }
+        catch (e) {
+            const msg = e instanceof Error ? e.message : String(e);
+            throw new PassportDelegationError(config.agent, msg, this.id);
+        }
+    }
+    revoke() {
+        return this.issuer.revoke(this.id);
+    }
+    get id() {
+        return this.signed.payload.id;
+    }
+    get principal() {
+        return this.signed.payload.principal;
+    }
+    get agent() {
+        return this.signed.payload.sub;
+    }
+    get permissions() {
+        return this.signed.payload.permissions.map((p) => p.action);
+    }
+    get expiresAt() {
+        return new Date(this.signed.payload.exp);
+    }
+    get parentId() {
+        return this.signed.payload.parentId;
+    }
+    get auditLog() {
+        return this.issuer.audit.getByPassport(this.id);
+    }
+    toJSON() {
+        return {
+            id: this.id,
+            principal: this.principal,
+            agent: this.agent,
+            permissions: this.permissions,
+            expiresAt: this.expiresAt.toISOString(),
+            parentId: this.parentId,
+        };
+    }
+}
+export class PassportDeniedError extends Error {
+    action;
+    passportId;
+    constructor(action, reason, passportId) {
+        super(`Action "${action}" denied for passport ${passportId.slice(0, 8)}...: ${reason}\n` +
+            `  Fix: Check that the passport includes permission for "${action}".`);
+        this.name = 'PassportDeniedError';
+        this.action = action;
+        this.passportId = passportId;
+    }
+}
+export class PassportDelegationError extends Error {
+    targetAgent;
+    passportId;
+    constructor(targetAgent, reason, passportId) {
+        super(`Cannot delegate to "${targetAgent}" from passport ${passportId.slice(0, 8)}...: ${reason}\n` +
+            `  Fix: Ensure child permissions are a subset of parent, and spend limits don't exceed parent's remaining budget.`);
+        this.name = 'PassportDelegationError';
+        this.targetAgent = targetAgent;
+        this.passportId = passportId;
+    }
+}
+//# sourceMappingURL=agent-passport.js.map

package/dist/agent-passport.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"agent-passport.js","sourceRoot":"","sources":["../src/agent-passport.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAiBrD,MAAM,OAAO,aAAa;IAChB,MAAM,CAAiB;IACvB,MAAM,CAAiB;IAE/B,YAAoB,MAAsB,EAAE,MAAsB;QAChE,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,MAAmB,EAAE,MAAuB;QACvD,MAAM,SAAS,GAAG,MAAM,IAAI,mBAAmB,EAAE,CAAC;QAClD,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC;YAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B,CAAC,CAAC;QACH,OAAO,IAAI,aAAa,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC9C,CAAC;IAED,SAAS,CAAC,MAAc,EAAE,WAAW,GAAG,CAAC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;QACvE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,GAAG,GAAG,IAAI,mBAAmB,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,gBAAgB,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;YACxF,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,YAAY,CAAC,MAAc,EAAE,WAAW,GAAG,CAAC;QAC1C,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;IACjE,CAAC;IAED,QAAQ,CAAC,MAAsB;QAC7B,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE;gBACpD,KAAK,EAAE,MAAM,CAAC,KAAK;gBACnB,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,SAAS,EAAE,MAAM,CAAC,SAAS;aAC5B,CAAC,CAAC;YACH,OAAO,IAAI,aAAa,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACrD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACvD,MAAM,IAAI,uBAAuB,CAAC,MAAM,CAAC,KAAK,EAAE,GAAG,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED,MAAM;QACJ,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACrC,CAAC;IAED,IAAI,EAAE;QACJ,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;IAChC,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;IACvC,CAAC;IAED,IAAI,KAAK;QACP,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC;IACjC,CAAC;IAED,IAAI,WAAW;QACb,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IAC9D,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC;IACtC,CAAC;IAED,IAAI,QAAQ;QACV,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,MAAM;QACJ,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE;YACvC,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC;IACJ,CAAC;CACF;AAED,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IACnC,MAAM,CAAS;IACf,UAAU,CAAS;IAE5B,YAAY,MAAc,EAAE,MAAc,EAAE,UAAkB;QAC5D,KAAK,CACH,WAAW,MAAM,yBAAyB,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,QAAQ,MAAM,IAAI;YAClF,2DAA2D,MAAM,IAAI,CACtE,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;QAClC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;CACF;AAED,MAAM,OAAO,uBAAwB,SAAQ,KAAK;IACvC,WAAW,CAAS;IACpB,UAAU,CAAS;IAE5B,YAAY,WAAmB,EAAE,MAAc,EAAE,UAAkB;QACjE,KAAK,CACH,uBAAuB,WAAW,mBAAmB,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,QAAQ,MAAM,IAAI;YAC7F,kHAAkH,CACnH,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,yBAAyB,CAAC;QACtC,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;IAC/B,CAAC;CACF"}

package/dist/authority.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+import { PassportIssuer } from '@passport-agent/core';
+export interface AuthorityConfig {
+    issuer?: string;
+}
+export declare function createPassportAuthority(config?: AuthorityConfig): PassportIssuer;
+export declare function getDefaultAuthority(): PassportIssuer;
+//# sourceMappingURL=authority.d.ts.map

package/dist/authority.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"authority.d.ts","sourceRoot":"","sources":["../src/authority.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,MAAM,WAAW,eAAe;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAID,wBAAgB,uBAAuB,CAAC,MAAM,CAAC,EAAE,eAAe,GAAG,cAAc,CAMhF;AAED,wBAAgB,mBAAmB,IAAI,cAAc,CAKpD"}

package/dist/authority.js ADDED Viewed

@@ -0,0 +1,16 @@
+import { PassportIssuer } from '@passport-agent/core';
+let defaultAuthority = null;
+export function createPassportAuthority(config) {
+    const authority = new PassportIssuer();
+    if (!defaultAuthority) {
+        defaultAuthority = authority;
+    }
+    return authority;
+}
+export function getDefaultAuthority() {
+    if (!defaultAuthority) {
+        defaultAuthority = new PassportIssuer();
+    }
+    return defaultAuthority;
+}
+//# sourceMappingURL=authority.js.map

package/dist/authority.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"authority.js","sourceRoot":"","sources":["../src/authority.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAMtD,IAAI,gBAAgB,GAA0B,IAAI,CAAC;AAEnD,MAAM,UAAU,uBAAuB,CAAC,MAAwB;IAC9D,MAAM,SAAS,GAAG,IAAI,cAAc,EAAE,CAAC;IACvC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,gBAAgB,GAAG,SAAS,CAAC;IAC/B,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,mBAAmB;IACjC,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,gBAAgB,GAAG,IAAI,cAAc,EAAE,CAAC;IAC1C,CAAC;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC"}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export { AgentPassport } from './agent-passport.js';
+export { createPassportAuthority } from './authority.js';
+export type { AuthorityConfig } from './authority.js';
+export type { Permission, SpendLimit, PassportPayload, SignedPassport, AuthorizeResult, AuditEntry, } from '@passport-agent/core';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,uBAAuB,EAAE,MAAM,gBAAgB,CAAC;AACzD,YAAY,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACtD,YAAY,EACV,UAAU,EACV,UAAU,EACV,eAAe,EACf,cAAc,EACd,eAAe,EACf,UAAU,GACX,MAAM,sBAAsB,CAAC"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,3 @@
+export { AgentPassport } from './agent-passport.js';
+export { createPassportAuthority } from './authority.js';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,uBAAuB,EAAE,MAAM,gBAAgB,CAAC"}

package/package.json ADDED Viewed

@@ -0,0 +1,32 @@
+{
+  "name": "@passport-agent/sdk",
+  "version": "0.0.1",
+  "description": "The Stripe for agent authorization — give every AI agent a cryptographically verifiable passport",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
+  },
+  "scripts": {
+    "build": "tsc",
+    "test": "vitest run",
+    "lint": "tsc --noEmit"
+  },
+  "files": ["dist"],
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/priyansh-x/passport-agent",
+    "directory": "packages/sdk"
+  },
+  "dependencies": {
+    "@passport-agent/core": "workspace:*"
+  },
+  "devDependencies": {
+    "vitest": "^3.0.0"
+  }
+}