@truealter/sdk 0.5.0 → 0.5.1

package/dist/index.js

@@ -4,16 +4,22 @@ import { randomBytes, bytesToHex as bytesToHex$1, hexToBytes } from '@noble/hash
 import { createPrivateKey, createHash } from 'crypto';
 import * as ed25519 from '@noble/ed25519';
 import { sha512 } from '@noble/hashes/sha512';
-import { spawnSync } from 'child_process';
-import { homedir, platform } from 'os';
+import { existsSync, readFileSync, mkdirSync, writeFileSync, copyFileSync, renameSync, unlinkSync } from 'fs';
 import { join, resolve, dirname } from 'path';
+import { homedir, platform } from 'os';
+import { spawnSync } from 'child_process';
 import { env } from 'process';
-import { existsSync, readFileSync, mkdirSync, writeFileSync, copyFileSync, renameSync, unlinkSync } from 'fs';
 
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require : typeof Proxy !== "undefined" ? new Proxy(x, {
+  get: (a, b) => (typeof require !== "undefined" ? require : a)[b]
+}) : x)(function(x) {
+  if (typeof require !== "undefined") return require.apply(this, arguments);
+  throw Error('Dynamic require of "' + x + '" is not supported');
+});
 var __esm = (fn, res) => function __init() {
   return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
 };
@@ -400,18 +406,24 @@ function ensureMcpPath(url) {
     return url;
   }
 }
-
-// src/x402.ts
 var X402Client = class {
   signer;
   maxPerQuery;
   networks;
   assets;
+  // undefined = allowlist check disabled (backward-compatible default).
+  // Non-null = active allowlist; reject any recipient not in the set.
+  recipientAllowlist;
   constructor(opts = {}) {
     this.signer = opts.signer;
     this.maxPerQuery = opts.maxPerQuery !== void 0 ? Number(opts.maxPerQuery) : void 0;
     this.networks = new Set(opts.networks ?? ["base", "base-sepolia"]);
     this.assets = new Set(opts.assets ?? ["USDC"]);
+    if (opts.recipientAllowlist !== void 0) {
+      this.recipientAllowlist = opts.recipientAllowlist.length === 0 ? void 0 : new Set(opts.recipientAllowlist.map((a) => a.toLowerCase()));
+    } else {
+      this.recipientAllowlist = void 0;
+    }
   }
   /**
    * Validate the envelope against this client's policy and, if a signer
@@ -437,6 +449,15 @@ var X402Client = class {
         );
       }
     }
+    if (this.recipientAllowlist !== void 0) {
+      const recipientNorm = (envelope.recipient ?? "").toLowerCase();
+      if (!recipientNorm || !this.recipientAllowlist.has(recipientNorm)) {
+        throw new AlterError(
+          "PAYMENT_REQUIRED",
+          `recipient "${envelope.recipient}" is not on the known-recipient allowlist`
+        );
+      }
+    }
     if (!this.signer) {
       throw new AlterPaymentRequired(envelope.resource ?? "unknown", envelope);
     }
@@ -903,9 +924,46 @@ async function verifyProvenance(envelope, opts = {}) {
       kid: header.kid
     };
   }
+  if (opts.expectedAud !== void 0 && opts.expectedAud !== "") {
+    const tokenAud = payload.aud;
+    const audList = tokenAud === void 0 ? [] : Array.isArray(tokenAud) ? tokenAud : [tokenAud];
+    if (!audList.includes(opts.expectedAud)) {
+      return {
+        valid: false,
+        reason: `aud mismatch: expected "${opts.expectedAud}", got ${JSON.stringify(tokenAud ?? null)}`,
+        payload,
+        kid: header.kid
+      };
+    }
+  }
   return { valid: true, payload, kid: header.kid };
 }
-async function verifyToolSignatures(tools, signatures) {
+async function verifyToolSignatures(tools, signatures, opts = {}) {
+  const jwksUrl = opts.jwksUrl ?? "https://api.truealter.com/.well-known/alter-keys.json";
+  const fetchImpl = opts.fetch ?? fetch;
+  if (!jwksUrl.startsWith("https://")) {
+    return tools.map((t) => ({
+      tool: t.name,
+      valid: false,
+      reason: `jwksUrl must be https: got ${jwksUrl}`
+    }));
+  }
+  const needsJwks = tools.some((t) => {
+    const sig = signatures[t.name];
+    return sig && sig.signature;
+  });
+  let jwks = null;
+  if (needsJwks) {
+    try {
+      jwks = await fetchJwks(jwksUrl, fetchImpl);
+    } catch (err) {
+      return tools.map((t) => ({
+        tool: t.name,
+        valid: false,
+        reason: `jwks fetch failed: ${err.message}`
+      }));
+    }
+  }
   const out = [];
   for (const tool of tools) {
     const sig = signatures[tool.name];
@@ -918,6 +976,63 @@ async function verifyToolSignatures(tools, signatures) {
       out.push({ tool: tool.name, valid: false, reason: "schema hash mismatch" });
       continue;
     }
+    const jwsToken = sig.signature;
+    if (!jwsToken) {
+      out.push({ tool: tool.name, valid: true, warn_no_signature: true });
+      continue;
+    }
+    const jwksDoc = jwks;
+    let jHeader;
+    let jPayloadRaw;
+    let jSigBytes;
+    try {
+      const parts2 = jwsToken.split(".");
+      if (parts2.length !== 3) throw new Error("JWS must have three segments");
+      jHeader = JSON.parse(new TextDecoder().decode(base64urlDecode(parts2[0])));
+      jPayloadRaw = new TextDecoder().decode(base64urlDecode(parts2[1]));
+      jSigBytes = base64urlDecode(parts2[2]);
+    } catch (err) {
+      out.push({ tool: tool.name, valid: false, reason: `malformed tool JWS: ${err.message}` });
+      continue;
+    }
+    if (jHeader.alg !== "ES256") {
+      out.push({ tool: tool.name, valid: false, reason: `unsupported tool sig alg: ${jHeader.alg}` });
+      continue;
+    }
+    if (jPayloadRaw !== sig.schema_hash) {
+      out.push({ tool: tool.name, valid: false, reason: "tool JWS payload does not match schema_hash" });
+      continue;
+    }
+    const jwk = jwksDoc.keys.find((k) => jHeader.kid ? k.kid === jHeader.kid : true);
+    if (!jwk) {
+      out.push({ tool: tool.name, valid: false, reason: `no JWK for kid=${jHeader.kid}` });
+      continue;
+    }
+    let publicKey;
+    try {
+      publicKey = await importEs256JwkAsPublicKey(jwk);
+    } catch (err) {
+      out.push({ tool: tool.name, valid: false, reason: `jwk import: ${err.message}` });
+      continue;
+    }
+    const parts = jwsToken.split(".");
+    const signedInput = new TextEncoder().encode(`${parts[0]}.${parts[1]}`);
+    let sigValid = false;
+    try {
+      sigValid = await crypto.subtle.verify(
+        { name: "ECDSA", hash: "SHA-256" },
+        publicKey,
+        toArrayBuffer(jSigBytes),
+        toArrayBuffer(signedInput)
+      );
+    } catch (err) {
+      out.push({ tool: tool.name, valid: false, reason: `sig verify error: ${err.message}` });
+      continue;
+    }
+    if (!sigValid) {
+      out.push({ tool: tool.name, valid: false, reason: "tool signature mismatch" });
+      continue;
+    }
     out.push({ tool: tool.name, valid: true });
   }
   return out;
@@ -1552,6 +1667,26 @@ function restoreFromBackup(path, backupPath) {
 // src/wire/index.ts
 var TIMESTAMP = () => String(Math.floor(Date.now() / 1e3));
 var ISO_NOW = () => (/* @__PURE__ */ new Date()).toISOString();
+function readCfAccessEnv() {
+  const envPath = join(homedir(), ".config", "alter", "cf-access.env");
+  try {
+    const content = readFileSync(envPath, "utf8");
+    let clientId = "";
+    let clientSecret = "";
+    for (const line of content.split("\n")) {
+      const trimmed = line.trim();
+      if (trimmed.startsWith("#") || !trimmed.includes("=")) continue;
+      const eqIdx = trimmed.indexOf("=");
+      const key = trimmed.slice(0, eqIdx).replace(/^export\s+/, "").trim();
+      const val = trimmed.slice(eqIdx + 1).trim().replace(/^["']|["']$/g, "");
+      if (key === "CF_ACCESS_CLIENT_ID") clientId = val;
+      if (key === "CF_ACCESS_CLIENT_SECRET") clientSecret = val;
+    }
+    if (clientId && clientSecret) return { clientId, clientSecret };
+  } catch {
+  }
+  return void 0;
+}
 function clientById(id) {
   const hit = ALL_CLIENTS.find((c) => c.id === id);
   if (!hit) throw new Error(`unknown client id: ${id}`);
@@ -1560,6 +1695,7 @@ function clientById(id) {
 function wire(opts = {}) {
   const endpoint = opts.endpoint ?? DEFAULT_ENDPOINT;
   const apiKey = opts.apiKey;
+  const cfAccess = opts.cfAccess ?? readCfAccessEnv();
   const probes = probeAll();
   const selection = opts.only ?? probes.filter((p) => p.installed).map((p) => p.client.id);
   const ts = TIMESTAMP();
@@ -1578,9 +1714,9 @@ function wire(opts = {}) {
     }
     try {
       if (id === "claude-code") {
-        targets.push(wireClaudeCode({ endpoint, apiKey }));
+        targets.push(wireClaudeCode({ endpoint, apiKey, cfAccess }));
       } else {
-        targets.push(wireFileTarget({ id, endpoint, apiKey, timestamp: ts }));
+        targets.push(wireFileTarget({ id, endpoint, apiKey, cfAccess, timestamp: ts }));
       }
     } catch (err) {
       const message = err.message;
@@ -1614,7 +1750,12 @@ function wireFileTarget(args) {
       `refusing to wire ${client.label}: config path ${sync.resolvedPath} lives under ${sync.matchedPrefix}. Synced volumes propagate credentials across devices \u2014 move the config off the sync root, or run wire on the device you want to target.`
     );
   }
-  const entry = args.id === "claude-desktop" ? generateClaudeDesktopConfig({ endpoint: args.endpoint, apiKey: args.apiKey }) : generateGenericMcpConfig({ endpoint: args.endpoint, apiKey: args.apiKey });
+  const cfHeaders = {};
+  if (args.cfAccess) {
+    cfHeaders["CF-Access-Client-Id"] = args.cfAccess.clientId;
+    cfHeaders["CF-Access-Client-Secret"] = args.cfAccess.clientSecret;
+  }
+  const entry = args.id === "claude-desktop" ? generateClaudeDesktopConfig({ endpoint: args.endpoint, apiKey: args.apiKey }) : generateGenericMcpConfig({ endpoint: args.endpoint, apiKey: args.apiKey, headers: cfHeaders });
   const rootKey = client.rootKey;
   const serverName = "alter";
   const result = atomicJsonMerge({
@@ -1646,7 +1787,8 @@ function wireFileTarget(args) {
 }
 function wireClaudeCode(args) {
   const cmd = "claude";
-  const argList = [
+  const bridgePath = resolveBridgeScript();
+  const argList = bridgePath ? ["mcp", "add", "--scope", "user", "alter", "--", "node", bridgePath] : [
     "mcp",
     "add",
     "--scope",
@@ -1654,16 +1796,15 @@ function wireClaudeCode(args) {
     "--transport",
     "http",
     "alter",
-    args.endpoint
+    args.endpoint,
+    ...args.apiKey ? ["--header", `X-ALTER-API-Key:${args.apiKey}`] : []
   ];
-  if (args.apiKey) {
-    argList.push("--header", `X-ALTER-API-Key:${args.apiKey}`);
-  }
   const full = `${cmd} ${argList.join(" ")}`;
   const run = spawnSync(cmd, argList, {
     encoding: "utf8",
     shell: process.platform === "win32",
-    timeout: 1e4
+    timeout: 1e4,
+    env: bridgePath ? { ...process.env, ALTER_PUBLIC_MCP_ENDPOINT: args.endpoint, ...args.apiKey ? { ALTER_API_KEY: args.apiKey } : {} } : void 0
   });
   if (run.error) {
     return {
@@ -1694,6 +1835,17 @@ function wireClaudeCode(args) {
     reason: `claude mcp add exited ${String(run.status)}`
   };
 }
+function resolveBridgeScript() {
+  const { existsSync: existsSync4 } = __require("fs");
+  const { join: join3, dirname: dirname3 } = __require("path");
+  const siblingBridge = join3(dirname3(__filename), "..", "dist", "mcp-bridge.js");
+  if (existsSync4(siblingBridge)) return siblingBridge;
+  const srcBridge = join3(dirname3(__filename), "..", "mcp-bridge.js");
+  if (existsSync4(srcBridge)) return srcBridge;
+  const npmGlobalBridge = join3(dirname3(__filename), "mcp-bridge.js");
+  if (existsSync4(npmGlobalBridge)) return npmGlobalBridge;
+  return null;
+}
 function unwire() {
   const state = readWireState();
   const undone = [];

package/dist/mcp-bridge.js

@@ -0,0 +1,166 @@
+#!/usr/bin/env node
+import * as fs from 'fs';
+import * as path from 'path';
+import * as os from 'os';
+import * as https from 'https';
+import * as http from 'http';
+import * as crypto from 'crypto';
+import * as readline from 'readline';
+
+var DEFAULT_ENDPOINT = "https://mcp.truealter.com/api/v1/mcp";
+var BRIDGE_VERSION = "0.4.0";
+var xdgConfig = process.env.XDG_CONFIG_HOME ?? path.join(os.homedir(), ".config");
+var SESSION_FILE = process.env.ALTER_SESSION_FILE ?? path.join(xdgConfig, "alter", "session.json");
+var CF_ENV_FILE = process.env.ALTER_CF_ACCESS_ENV ?? path.join(xdgConfig, "alter", "cf-access.env");
+var ENDPOINT = process.env.ALTER_PUBLIC_MCP_ENDPOINT ?? DEFAULT_ENDPOINT;
+function readSession() {
+  try {
+    const raw = fs.readFileSync(SESSION_FILE, "utf8");
+    const clean = raw.charCodeAt(0) === 65279 ? raw.slice(1) : raw;
+    return JSON.parse(clean);
+  } catch {
+    return {};
+  }
+}
+function readCfAccess() {
+  try {
+    const raw = fs.readFileSync(CF_ENV_FILE, "utf8");
+    const idMatch = raw.match(/CF_ACCESS_(?:MCP_ORG_ALTER_)?CLIENT_ID=['"](.*?)['"]/);
+    const secretMatch = raw.match(/CF_ACCESS_(?:MCP_ORG_ALTER_)?CLIENT_SECRET=['"](.*?)['"]/);
+    return {
+      id: idMatch?.[1] ?? "",
+      secret: secretMatch?.[1] ?? ""
+    };
+  } catch {
+    return { id: "", secret: "" };
+  }
+}
+function versionHash() {
+  const digest = crypto.createHash("sha256").update(`@truealter/sdk-bridge@${BRIDGE_VERSION}`).digest("hex").slice(0, 32);
+  return `sha256:${digest}`;
+}
+function b64url(buf) {
+  return buf.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+function canonicalJson(v) {
+  if (v === null || typeof v !== "object") return JSON.stringify(v);
+  if (Array.isArray(v)) return "[" + v.map(canonicalJson).join(",") + "]";
+  const obj = v;
+  const keys = Object.keys(obj).sort();
+  return "{" + keys.map((k) => JSON.stringify(k) + ":" + canonicalJson(obj[k])).join(",") + "}";
+}
+function loadSigningKey(session) {
+  const kid = session.signing_kid;
+  if (!kid) return null;
+  const candidates = [];
+  if (process.env.ALTER_SIGNING_KEY_FILE) candidates.push(process.env.ALTER_SIGNING_KEY_FILE);
+  candidates.push(path.join(xdgConfig, "alter", "signing-keys", `${kid}.pem`));
+  candidates.push(path.join(xdgConfig, "alter", "signing-key.pem"));
+  for (const p of candidates) {
+    try {
+      const pem = fs.readFileSync(p, "utf8");
+      return { kid, key: crypto.createPrivateKey(pem) };
+    } catch {
+    }
+  }
+  return null;
+}
+function signInvocation(signer, toolName, toolArgs, handle) {
+  const header = b64url(Buffer.from(JSON.stringify({ alg: "ES256", kid: signer.kid })));
+  const claims = {
+    tool: toolName,
+    args_sha256: crypto.createHash("sha256").update(canonicalJson(toolArgs ?? {}), "utf8").digest("hex"),
+    nonce: b64url(crypto.randomBytes(24)),
+    iat: Math.floor(Date.now() / 1e3),
+    iss: handle
+  };
+  const payload = b64url(Buffer.from(JSON.stringify(claims)));
+  const signingInput = `${header}.${payload}`;
+  const sig = crypto.createSign("SHA256").update(signingInput).sign({ key: signer.key, dsaEncoding: "ieee-p1363" });
+  return `${signingInput}.${b64url(sig)}`;
+}
+function proxyRequest(body, msg) {
+  return new Promise((resolve, reject) => {
+    const session = readSession();
+    const cfAccess = readCfAccess();
+    const apiKey = process.env.ALTER_API_KEY ?? session.member_api_key ?? "";
+    const url = new URL(ENDPOINT);
+    const isHttps = url.protocol === "https:";
+    const transport = isHttps ? https : http;
+    const headers = {
+      "Content-Type": "application/json",
+      "Content-Length": String(Buffer.byteLength(body)),
+      "X-Agent-Version-Hash": versionHash()
+    };
+    if (apiKey) headers["X-ALTER-API-Key"] = apiKey;
+    if (cfAccess.id) headers["CF-Access-Client-Id"] = cfAccess.id;
+    if (cfAccess.secret) headers["CF-Access-Client-Secret"] = cfAccess.secret;
+    if (apiKey && msg.method === "tools/call" && msg.params?.name) {
+      const signer = loadSigningKey(session);
+      if (signer) {
+        try {
+          headers["Mcp-Invocation-Signature"] = signInvocation(
+            signer,
+            msg.params.name,
+            msg.params.arguments ?? {},
+            session.handle ?? ""
+          );
+        } catch (e) {
+          process.stderr.write(`bridge sign error: ${e.message}
+`);
+        }
+      } else {
+        process.stderr.write(
+          `bridge: no signing key for kid ${session.signing_kid ?? "(unset)"} \u2014 run 'alter login' to provision one
+`
+        );
+      }
+    }
+    const req = transport.request(
+      {
+        hostname: url.hostname,
+        port: url.port || (isHttps ? 443 : 80),
+        path: url.pathname,
+        method: "POST",
+        headers
+      },
+      (res) => {
+        let data = "";
+        res.on("data", (chunk) => data += chunk.toString());
+        res.on("end", () => resolve(data));
+      }
+    );
+    req.on("error", (err) => reject(err));
+    req.write(body);
+    req.end();
+  });
+}
+async function main() {
+  const rl = readline.createInterface({ input: process.stdin });
+  for await (const line of rl) {
+    const trimmed = line.trim();
+    if (!trimmed) continue;
+    let msg;
+    try {
+      msg = JSON.parse(trimmed);
+    } catch {
+      continue;
+    }
+    try {
+      const response = await proxyRequest(trimmed, msg);
+      process.stdout.write(response + "\n");
+    } catch (err) {
+      const errResponse = JSON.stringify({
+        jsonrpc: "2.0",
+        id: msg.id ?? null,
+        error: { code: -32e3, message: err.message }
+      });
+      process.stdout.write(errResponse + "\n");
+    }
+  }
+}
+main().catch((err) => {
+  process.stderr.write(`bridge fatal: ${err.message}
+`);
+  process.exit(1);
+});

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@truealter/sdk",
-  "version": "0.5.0",
+  "version": "0.5.1",
   "description": "ALTER Identity SDK — query the continuous identity field from any JavaScript/TypeScript environment",
   "license": "Apache-2.0",
   "type": "module",
@@ -46,6 +46,9 @@
     "typescript": "^5.4.5",
     "vitest": "^4.1.3"
   },
+  "overrides": {
+    "postcss": ">=8.5.10"
+  },
   "keywords": [
     "alter",
     "identity",