@vess-id/ai-identity 0.10.0 → 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +0 -16
- package/dist/client.d.ts +0 -14
- package/dist/client.d.ts.map +1 -1
- package/dist/index.d.mts +456 -153
- package/dist/index.d.ts +2 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +172 -206
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +158 -205
- package/dist/index.mjs.map +1 -1
- package/dist/internal-signature/__tests__/canonical.spec.d.ts +2 -0
- package/dist/internal-signature/__tests__/canonical.spec.d.ts.map +1 -0
- package/dist/internal-signature/__tests__/signer-roundtrip.spec.d.ts +2 -0
- package/dist/internal-signature/__tests__/signer-roundtrip.spec.d.ts.map +1 -0
- package/dist/internal-signature/__tests__/signer.spec.d.ts +2 -0
- package/dist/internal-signature/__tests__/signer.spec.d.ts.map +1 -0
- package/dist/internal-signature/canonical.d.ts +80 -0
- package/dist/internal-signature/canonical.d.ts.map +1 -0
- package/dist/internal-signature/index.d.ts +17 -0
- package/dist/internal-signature/index.d.ts.map +1 -0
- package/dist/internal-signature/signer.d.ts +76 -0
- package/dist/internal-signature/signer.d.ts.map +1 -0
- package/dist/registry/action-registry-json.d.ts +114 -0
- package/dist/registry/action-registry-json.d.ts.map +1 -1
- package/dist/registry/index.d.ts +2 -0
- package/dist/registry/index.d.ts.map +1 -1
- package/dist/registry/reauth-constants.d.ts +33 -0
- package/dist/registry/reauth-constants.d.ts.map +1 -0
- package/dist/vp/kb-jwt-builder.d.ts +89 -0
- package/dist/vp/kb-jwt-builder.d.ts.map +1 -0
- package/dist/vp/vp-manager.d.ts.map +1 -1
- package/package.json +20 -26
- package/dist/memory/memory-manager.d.ts +0 -77
- package/dist/memory/memory-manager.d.ts.map +0 -1
package/dist/index.d.mts
CHANGED
|
@@ -4,6 +4,31 @@ import Ajv from 'ajv';
|
|
|
4
4
|
import { SDJwtVcInstance } from '@sd-jwt/sd-jwt-vc';
|
|
5
5
|
import { DisclosureFrame } from '@sd-jwt/types';
|
|
6
6
|
|
|
7
|
+
interface AIdentityConfig {
|
|
8
|
+
didApi?: {
|
|
9
|
+
baseUrl: string;
|
|
10
|
+
apiKey?: string;
|
|
11
|
+
bearerToken?: string;
|
|
12
|
+
};
|
|
13
|
+
issuerApi?: {
|
|
14
|
+
baseUrl: string;
|
|
15
|
+
apiKey?: string;
|
|
16
|
+
bearerToken?: string;
|
|
17
|
+
};
|
|
18
|
+
verifierApi?: {
|
|
19
|
+
baseUrl: string;
|
|
20
|
+
apiKey?: string;
|
|
21
|
+
bearerToken?: string;
|
|
22
|
+
};
|
|
23
|
+
proxyApi?: {
|
|
24
|
+
baseUrl: string;
|
|
25
|
+
};
|
|
26
|
+
storage?: {
|
|
27
|
+
keyStorePath?: string;
|
|
28
|
+
};
|
|
29
|
+
}
|
|
30
|
+
declare function configure(config: AIdentityConfig): void;
|
|
31
|
+
|
|
7
32
|
interface DIDDocument {
|
|
8
33
|
'@context': string | string[];
|
|
9
34
|
id: string;
|
|
@@ -2803,145 +2828,6 @@ declare class KeyManager {
|
|
|
2803
2828
|
private decrypt;
|
|
2804
2829
|
}
|
|
2805
2830
|
|
|
2806
|
-
declare class VPManager {
|
|
2807
|
-
private keyManager;
|
|
2808
|
-
constructor(keyManager?: KeyManager);
|
|
2809
|
-
/**
|
|
2810
|
-
* Create a SD-JWT presentation using the present() method
|
|
2811
|
-
* This properly binds the holder's key to the SD-JWT VC
|
|
2812
|
-
*/
|
|
2813
|
-
create(vcs: string[], // Array of SD-JWT VC strings
|
|
2814
|
-
options: {
|
|
2815
|
-
holderDid: string;
|
|
2816
|
-
challenge: string;
|
|
2817
|
-
domain: string;
|
|
2818
|
-
purpose?: string;
|
|
2819
|
-
}): Promise<string>;
|
|
2820
|
-
/**
|
|
2821
|
-
* Verify a Verifiable Presentation
|
|
2822
|
-
*/
|
|
2823
|
-
verify(vpJwt: string, options: {
|
|
2824
|
-
expectedChallenge: string;
|
|
2825
|
-
expectedDomain: string;
|
|
2826
|
-
expectedHolder?: string;
|
|
2827
|
-
}): Promise<VerifiablePresentation>;
|
|
2828
|
-
/**
|
|
2829
|
-
* Create a VP request
|
|
2830
|
-
*/
|
|
2831
|
-
createRequest(domain: string, query?: {
|
|
2832
|
-
type?: string;
|
|
2833
|
-
credentialQuery?: any;
|
|
2834
|
-
}): VPRequest;
|
|
2835
|
-
/**
|
|
2836
|
-
* Submit VP to a verifier
|
|
2837
|
-
*/
|
|
2838
|
-
submit(vpJwt: string, verifierEndpoint: string): Promise<{
|
|
2839
|
-
verified: boolean;
|
|
2840
|
-
result?: any;
|
|
2841
|
-
}>;
|
|
2842
|
-
}
|
|
2843
|
-
|
|
2844
|
-
/**
|
|
2845
|
-
* NOTE: MemoryManager is currently DORMANT (as of 2026-03-29).
|
|
2846
|
-
* The API memory endpoints exist but are not actively called in production.
|
|
2847
|
-
* The server-side implementation (InMemoryProvider) is volatile and not shared across instances.
|
|
2848
|
-
* Do not rely on this in production until a persistent backend is introduced.
|
|
2849
|
-
*/
|
|
2850
|
-
interface MemoryDocument {
|
|
2851
|
-
id: string;
|
|
2852
|
-
namespace: string;
|
|
2853
|
-
content: string;
|
|
2854
|
-
metadata?: Record<string, any>;
|
|
2855
|
-
embedding?: number[];
|
|
2856
|
-
createdAt: string;
|
|
2857
|
-
updatedAt: string;
|
|
2858
|
-
}
|
|
2859
|
-
interface MemoryQuery {
|
|
2860
|
-
query: string;
|
|
2861
|
-
namespace?: string;
|
|
2862
|
-
limit?: number;
|
|
2863
|
-
filter?: Record<string, any>;
|
|
2864
|
-
includeEmbedding?: boolean;
|
|
2865
|
-
}
|
|
2866
|
-
interface MemoryQueryResult {
|
|
2867
|
-
documents: MemoryDocument[];
|
|
2868
|
-
scores?: number[];
|
|
2869
|
-
total: number;
|
|
2870
|
-
}
|
|
2871
|
-
declare class MemoryManager {
|
|
2872
|
-
private vpManager;
|
|
2873
|
-
private proxyApiUrl;
|
|
2874
|
-
constructor(vpManager?: VPManager);
|
|
2875
|
-
/**
|
|
2876
|
-
* Write a document to memory
|
|
2877
|
-
*/
|
|
2878
|
-
write(content: string, options: {
|
|
2879
|
-
namespace: string;
|
|
2880
|
-
metadata?: Record<string, any>;
|
|
2881
|
-
vcs: string[];
|
|
2882
|
-
holderDid: string;
|
|
2883
|
-
}): Promise<MemoryDocument>;
|
|
2884
|
-
/**
|
|
2885
|
-
* Query memory with vector search
|
|
2886
|
-
*/
|
|
2887
|
-
query(query: string, options: {
|
|
2888
|
-
namespace?: string;
|
|
2889
|
-
limit?: number;
|
|
2890
|
-
filter?: Record<string, any>;
|
|
2891
|
-
vcs: string[];
|
|
2892
|
-
holderDid: string;
|
|
2893
|
-
}): Promise<MemoryQueryResult>;
|
|
2894
|
-
/**
|
|
2895
|
-
* Delete a document from memory
|
|
2896
|
-
*/
|
|
2897
|
-
delete(documentId: string, options: {
|
|
2898
|
-
namespace: string;
|
|
2899
|
-
vcs: string[];
|
|
2900
|
-
holderDid: string;
|
|
2901
|
-
}): Promise<void>;
|
|
2902
|
-
/**
|
|
2903
|
-
* List documents in a namespace
|
|
2904
|
-
*/
|
|
2905
|
-
list(options: {
|
|
2906
|
-
namespace: string;
|
|
2907
|
-
limit?: number;
|
|
2908
|
-
offset?: number;
|
|
2909
|
-
vcs: string[];
|
|
2910
|
-
holderDid: string;
|
|
2911
|
-
}): Promise<MemoryQueryResult>;
|
|
2912
|
-
/**
|
|
2913
|
-
* Check if VCs authorize memory access
|
|
2914
|
-
*/
|
|
2915
|
-
checkAuthorization(vcs: string[], action: 'read' | 'write' | 'delete', resource: string): Promise<boolean>;
|
|
2916
|
-
private matchResource;
|
|
2917
|
-
private generateChallenge;
|
|
2918
|
-
}
|
|
2919
|
-
|
|
2920
|
-
interface AIdentityConfig {
|
|
2921
|
-
didApi?: {
|
|
2922
|
-
baseUrl: string;
|
|
2923
|
-
apiKey?: string;
|
|
2924
|
-
bearerToken?: string;
|
|
2925
|
-
};
|
|
2926
|
-
issuerApi?: {
|
|
2927
|
-
baseUrl: string;
|
|
2928
|
-
apiKey?: string;
|
|
2929
|
-
bearerToken?: string;
|
|
2930
|
-
};
|
|
2931
|
-
verifierApi?: {
|
|
2932
|
-
baseUrl: string;
|
|
2933
|
-
apiKey?: string;
|
|
2934
|
-
bearerToken?: string;
|
|
2935
|
-
};
|
|
2936
|
-
proxyApi?: {
|
|
2937
|
-
baseUrl: string;
|
|
2938
|
-
};
|
|
2939
|
-
storage?: {
|
|
2940
|
-
keyStorePath?: string;
|
|
2941
|
-
};
|
|
2942
|
-
}
|
|
2943
|
-
declare function configure(config: AIdentityConfig): void;
|
|
2944
|
-
|
|
2945
2831
|
declare class AgentManager {
|
|
2946
2832
|
private keyManager;
|
|
2947
2833
|
private agentDIDManager;
|
|
@@ -3110,6 +2996,44 @@ declare class VCManager {
|
|
|
3110
2996
|
private calculateExpirationDate;
|
|
3111
2997
|
}
|
|
3112
2998
|
|
|
2999
|
+
declare class VPManager {
|
|
3000
|
+
private keyManager;
|
|
3001
|
+
constructor(keyManager?: KeyManager);
|
|
3002
|
+
/**
|
|
3003
|
+
* Create a SD-JWT presentation using the present() method
|
|
3004
|
+
* This properly binds the holder's key to the SD-JWT VC
|
|
3005
|
+
*/
|
|
3006
|
+
create(vcs: string[], // Array of SD-JWT VC strings
|
|
3007
|
+
options: {
|
|
3008
|
+
holderDid: string;
|
|
3009
|
+
challenge: string;
|
|
3010
|
+
domain: string;
|
|
3011
|
+
purpose?: string;
|
|
3012
|
+
}): Promise<string>;
|
|
3013
|
+
/**
|
|
3014
|
+
* Verify a Verifiable Presentation
|
|
3015
|
+
*/
|
|
3016
|
+
verify(vpJwt: string, options: {
|
|
3017
|
+
expectedChallenge: string;
|
|
3018
|
+
expectedDomain: string;
|
|
3019
|
+
expectedHolder?: string;
|
|
3020
|
+
}): Promise<VerifiablePresentation>;
|
|
3021
|
+
/**
|
|
3022
|
+
* Create a VP request
|
|
3023
|
+
*/
|
|
3024
|
+
createRequest(domain: string, query?: {
|
|
3025
|
+
type?: string;
|
|
3026
|
+
credentialQuery?: any;
|
|
3027
|
+
}): VPRequest;
|
|
3028
|
+
/**
|
|
3029
|
+
* Submit VP to a verifier
|
|
3030
|
+
*/
|
|
3031
|
+
submit(vpJwt: string, verifierEndpoint: string): Promise<{
|
|
3032
|
+
verified: boolean;
|
|
3033
|
+
result?: any;
|
|
3034
|
+
}>;
|
|
3035
|
+
}
|
|
3036
|
+
|
|
3113
3037
|
interface ToolDefinition {
|
|
3114
3038
|
name: string;
|
|
3115
3039
|
description: string;
|
|
@@ -3296,7 +3220,6 @@ declare class AIdentityClient {
|
|
|
3296
3220
|
readonly vc: VCManager;
|
|
3297
3221
|
readonly vp: VPManager;
|
|
3298
3222
|
readonly tool: ToolManager;
|
|
3299
|
-
readonly memory: MemoryManager;
|
|
3300
3223
|
readonly grant: GrantManager;
|
|
3301
3224
|
private keyManager;
|
|
3302
3225
|
private currentAgent?;
|
|
@@ -3342,18 +3265,6 @@ declare class AIdentityClient {
|
|
|
3342
3265
|
* Invoke a tool with automatic VP creation
|
|
3343
3266
|
*/
|
|
3344
3267
|
invokeTool<T = any>(tool: string, action: string, params: Record<string, any>, vcs: string[]): Promise<ConnectorResponse<T>>;
|
|
3345
|
-
/**
|
|
3346
|
-
* Write to memory with automatic VP creation
|
|
3347
|
-
*/
|
|
3348
|
-
writeMemory(content: string, namespace: string, vcs: string[], metadata?: Record<string, any>): Promise<MemoryDocument>;
|
|
3349
|
-
/**
|
|
3350
|
-
* Query memory with automatic VP creation
|
|
3351
|
-
*/
|
|
3352
|
-
queryMemory(query: string, vcs: string[], options?: {
|
|
3353
|
-
namespace?: string;
|
|
3354
|
-
limit?: number;
|
|
3355
|
-
filter?: Record<string, any>;
|
|
3356
|
-
}): Promise<MemoryQueryResult>;
|
|
3357
3268
|
}
|
|
3358
3269
|
declare function getClient(config?: AIdentityConfig, password?: string): AIdentityClient;
|
|
3359
3270
|
|
|
@@ -3580,6 +3491,95 @@ declare class APIVCManager {
|
|
|
3580
3491
|
issueAdminCredential(agentDid: string, scope: 'project' | 'global', projectId: string | undefined, issuerDid: string, expirationHours?: number): Promise<IssueSDJWTVCResult>;
|
|
3581
3492
|
}
|
|
3582
3493
|
|
|
3494
|
+
/**
|
|
3495
|
+
* Single source of truth for Key Binding JWT (KB-JWT) issuance shared across
|
|
3496
|
+
* the AIdentity stack. Four production code paths build KB-JWTs and they
|
|
3497
|
+
* MUST stay byte-for-byte equivalent so a presentation built on one side is
|
|
3498
|
+
* accepted by the verifier on the other:
|
|
3499
|
+
*
|
|
3500
|
+
* - SDK clients via `VPManager.create()` (this package)
|
|
3501
|
+
* - API service via `packages/api/src/vp/vp-creation.service.ts`
|
|
3502
|
+
* - Remote MCP via `packages/remote-mcp/src/services/vp-creation.service.ts`
|
|
3503
|
+
* - agentd (`@vess-id/vess`) via `VPBuilder.buildVP()`
|
|
3504
|
+
* (`packages/agentd/src/wallet/vp-builder.ts`)
|
|
3505
|
+
*
|
|
3506
|
+
* Historically each path had its own copy of this logic. PR #391 (the
|
|
3507
|
+
* commit that made `exp` REQUIRED on the verifier side) updated only two of
|
|
3508
|
+
* the three issuer paths known at the time; the SDK was missed and every
|
|
3509
|
+
* SDK-built VP started failing at verification time. The follow-up
|
|
3510
|
+
* consolidation (commit 02b169aa) brought the SDK in line, but agentd —
|
|
3511
|
+
* which had its own KB-JWT literal in `wallet/vp-builder.ts` — was not
|
|
3512
|
+
* recognized as a fourth issuer. Staging then rejected every VP from
|
|
3513
|
+
* `@vess-id/vess` agentd alpha builds with `KB-JWT missing exp` until the
|
|
3514
|
+
* agentd hotfix (this commit's cohort) wired its VPBuilder through
|
|
3515
|
+
* `buildKbJwtPayload()`. This module exists so that a future verifier
|
|
3516
|
+
* change cannot drift from the issuer side: any update lands in one place
|
|
3517
|
+
* and all four paths inherit it.
|
|
3518
|
+
*/
|
|
3519
|
+
/**
|
|
3520
|
+
* Default KB-JWT lifetime in seconds. Mirrors the cap enforced by the API's
|
|
3521
|
+
* `KeyBindingVerifierService.MAX_KB_JWT_LIFETIME_SECONDS` (also 300).
|
|
3522
|
+
*
|
|
3523
|
+
* The KB-JWT `exp` is the smaller of:
|
|
3524
|
+
* - `iat + KB_JWT_DEFAULT_LIFETIME_SECONDS`
|
|
3525
|
+
* - the parent VC's `exp` (so the bearer's freshness window cannot outlive
|
|
3526
|
+
* the underlying credential's validity, which is itself bounded by
|
|
3527
|
+
* `grant.expiresAt` at issuance time).
|
|
3528
|
+
*/
|
|
3529
|
+
declare const KB_JWT_DEFAULT_LIFETIME_SECONDS = 300;
|
|
3530
|
+
interface KbJwtPayload {
|
|
3531
|
+
iss: string;
|
|
3532
|
+
aud: string;
|
|
3533
|
+
nonce: string;
|
|
3534
|
+
iat: number;
|
|
3535
|
+
exp: number;
|
|
3536
|
+
}
|
|
3537
|
+
interface BuildKbJwtPayloadArgs {
|
|
3538
|
+
/** Holder DID — becomes the KB-JWT `iss` claim. */
|
|
3539
|
+
holderDid: string;
|
|
3540
|
+
/** Verifier audience (URL or hostname). Will be normalized via {@link normalizeDomain}. */
|
|
3541
|
+
audience: string;
|
|
3542
|
+
/** Verifier-supplied nonce / challenge. */
|
|
3543
|
+
nonce: string;
|
|
3544
|
+
/** The parent SD-JWT VC string. Its `exp` (if any) caps the KB-JWT lifetime. */
|
|
3545
|
+
vcCredential: string;
|
|
3546
|
+
}
|
|
3547
|
+
interface BuildKbJwtPayloadDeps {
|
|
3548
|
+
/** Returns the current time in milliseconds. Defaults to `Date.now`. */
|
|
3549
|
+
now?: () => number;
|
|
3550
|
+
}
|
|
3551
|
+
/**
|
|
3552
|
+
* Build a Key Binding JWT payload for an SD-JWT VC presentation.
|
|
3553
|
+
*
|
|
3554
|
+
* Throws when the parent VC is already expired (`vc.exp <= now`). The error
|
|
3555
|
+
* message intentionally contains the substring `"VC has expired"` so that
|
|
3556
|
+
* downstream catchers (notably remote-mcp's `isCredentialInvalidError`) can
|
|
3557
|
+
* detect a stale-credential condition and trigger a re-approval flow rather
|
|
3558
|
+
* than surface an opaque issuance failure to the user.
|
|
3559
|
+
*/
|
|
3560
|
+
declare function buildKbJwtPayload(args: BuildKbJwtPayloadArgs, deps?: BuildKbJwtPayloadDeps): KbJwtPayload;
|
|
3561
|
+
/**
|
|
3562
|
+
* Best-effort read of the VC's `exp` claim from the SD-JWT outer payload.
|
|
3563
|
+
* Returns undefined when the VC is malformed, missing exp, or the field is
|
|
3564
|
+
* not a number — callers fall back to {@link KB_JWT_DEFAULT_LIFETIME_SECONDS}
|
|
3565
|
+
* in that case so issuance does not break for VCs without an explicit expiry.
|
|
3566
|
+
*/
|
|
3567
|
+
declare function readVcExpSeconds(sdJwtVc: string): number | undefined;
|
|
3568
|
+
/**
|
|
3569
|
+
* Normalize a domain string for consistent use as a JWT `aud` claim.
|
|
3570
|
+
*
|
|
3571
|
+
* The API verifier compares the KB-JWT `aud` against the expected domain by
|
|
3572
|
+
* exact string match, so issuer and verifier must agree on the canonical
|
|
3573
|
+
* form. We delegate to the URL parser, which strips paths and lowercases
|
|
3574
|
+
* the host, then return the resulting `origin`.
|
|
3575
|
+
*
|
|
3576
|
+
* Inputs without a scheme are assumed to be hostnames; `localhost` (with or
|
|
3577
|
+
* without a port) defaults to `http://`, everything else to `https://`. If
|
|
3578
|
+
* URL parsing fails, the input is returned unchanged so a caller can still
|
|
3579
|
+
* detect the mismatch downstream rather than silently swallowing a typo.
|
|
3580
|
+
*/
|
|
3581
|
+
declare function normalizeDomain(domain: string): string;
|
|
3582
|
+
|
|
3583
3583
|
interface DisclosureFields {
|
|
3584
3584
|
selectiveFields: string[];
|
|
3585
3585
|
mandatoryFields: string[];
|
|
@@ -4249,6 +4249,9 @@ declare const ACTION_REGISTRY: {
|
|
|
4249
4249
|
subject?: undefined;
|
|
4250
4250
|
cc?: undefined;
|
|
4251
4251
|
bcc?: undefined;
|
|
4252
|
+
threadId?: undefined;
|
|
4253
|
+
inReplyTo?: undefined;
|
|
4254
|
+
references?: undefined;
|
|
4252
4255
|
messageIds?: undefined;
|
|
4253
4256
|
calendarId?: undefined;
|
|
4254
4257
|
timeMin?: undefined;
|
|
@@ -4342,6 +4345,9 @@ declare const ACTION_REGISTRY: {
|
|
|
4342
4345
|
subject?: undefined;
|
|
4343
4346
|
cc?: undefined;
|
|
4344
4347
|
bcc?: undefined;
|
|
4348
|
+
threadId?: undefined;
|
|
4349
|
+
inReplyTo?: undefined;
|
|
4350
|
+
references?: undefined;
|
|
4345
4351
|
messageIds?: undefined;
|
|
4346
4352
|
calendarId?: undefined;
|
|
4347
4353
|
timeMin?: undefined;
|
|
@@ -4438,6 +4444,9 @@ declare const ACTION_REGISTRY: {
|
|
|
4438
4444
|
subject?: undefined;
|
|
4439
4445
|
cc?: undefined;
|
|
4440
4446
|
bcc?: undefined;
|
|
4447
|
+
threadId?: undefined;
|
|
4448
|
+
inReplyTo?: undefined;
|
|
4449
|
+
references?: undefined;
|
|
4441
4450
|
messageIds?: undefined;
|
|
4442
4451
|
calendarId?: undefined;
|
|
4443
4452
|
timeMin?: undefined;
|
|
@@ -4544,6 +4553,9 @@ declare const ACTION_REGISTRY: {
|
|
|
4544
4553
|
subject?: undefined;
|
|
4545
4554
|
cc?: undefined;
|
|
4546
4555
|
bcc?: undefined;
|
|
4556
|
+
threadId?: undefined;
|
|
4557
|
+
inReplyTo?: undefined;
|
|
4558
|
+
references?: undefined;
|
|
4547
4559
|
messageIds?: undefined;
|
|
4548
4560
|
calendarId?: undefined;
|
|
4549
4561
|
timeMin?: undefined;
|
|
@@ -4647,6 +4659,9 @@ declare const ACTION_REGISTRY: {
|
|
|
4647
4659
|
subject?: undefined;
|
|
4648
4660
|
cc?: undefined;
|
|
4649
4661
|
bcc?: undefined;
|
|
4662
|
+
threadId?: undefined;
|
|
4663
|
+
inReplyTo?: undefined;
|
|
4664
|
+
references?: undefined;
|
|
4650
4665
|
messageIds?: undefined;
|
|
4651
4666
|
calendarId?: undefined;
|
|
4652
4667
|
timeMin?: undefined;
|
|
@@ -4747,6 +4762,9 @@ declare const ACTION_REGISTRY: {
|
|
|
4747
4762
|
subject?: undefined;
|
|
4748
4763
|
cc?: undefined;
|
|
4749
4764
|
bcc?: undefined;
|
|
4765
|
+
threadId?: undefined;
|
|
4766
|
+
inReplyTo?: undefined;
|
|
4767
|
+
references?: undefined;
|
|
4750
4768
|
messageIds?: undefined;
|
|
4751
4769
|
calendarId?: undefined;
|
|
4752
4770
|
timeMin?: undefined;
|
|
@@ -4850,6 +4868,9 @@ declare const ACTION_REGISTRY: {
|
|
|
4850
4868
|
subject?: undefined;
|
|
4851
4869
|
cc?: undefined;
|
|
4852
4870
|
bcc?: undefined;
|
|
4871
|
+
threadId?: undefined;
|
|
4872
|
+
inReplyTo?: undefined;
|
|
4873
|
+
references?: undefined;
|
|
4853
4874
|
messageIds?: undefined;
|
|
4854
4875
|
calendarId?: undefined;
|
|
4855
4876
|
timeMin?: undefined;
|
|
@@ -4949,6 +4970,9 @@ declare const ACTION_REGISTRY: {
|
|
|
4949
4970
|
subject?: undefined;
|
|
4950
4971
|
cc?: undefined;
|
|
4951
4972
|
bcc?: undefined;
|
|
4973
|
+
threadId?: undefined;
|
|
4974
|
+
inReplyTo?: undefined;
|
|
4975
|
+
references?: undefined;
|
|
4952
4976
|
messageIds?: undefined;
|
|
4953
4977
|
calendarId?: undefined;
|
|
4954
4978
|
timeMin?: undefined;
|
|
@@ -5058,6 +5082,9 @@ declare const ACTION_REGISTRY: {
|
|
|
5058
5082
|
subject?: undefined;
|
|
5059
5083
|
cc?: undefined;
|
|
5060
5084
|
bcc?: undefined;
|
|
5085
|
+
threadId?: undefined;
|
|
5086
|
+
inReplyTo?: undefined;
|
|
5087
|
+
references?: undefined;
|
|
5061
5088
|
messageIds?: undefined;
|
|
5062
5089
|
calendarId?: undefined;
|
|
5063
5090
|
timeMin?: undefined;
|
|
@@ -5170,6 +5197,9 @@ declare const ACTION_REGISTRY: {
|
|
|
5170
5197
|
subject?: undefined;
|
|
5171
5198
|
cc?: undefined;
|
|
5172
5199
|
bcc?: undefined;
|
|
5200
|
+
threadId?: undefined;
|
|
5201
|
+
inReplyTo?: undefined;
|
|
5202
|
+
references?: undefined;
|
|
5173
5203
|
messageIds?: undefined;
|
|
5174
5204
|
calendarId?: undefined;
|
|
5175
5205
|
timeMin?: undefined;
|
|
@@ -5266,6 +5296,9 @@ declare const ACTION_REGISTRY: {
|
|
|
5266
5296
|
subject?: undefined;
|
|
5267
5297
|
cc?: undefined;
|
|
5268
5298
|
bcc?: undefined;
|
|
5299
|
+
threadId?: undefined;
|
|
5300
|
+
inReplyTo?: undefined;
|
|
5301
|
+
references?: undefined;
|
|
5269
5302
|
messageIds?: undefined;
|
|
5270
5303
|
calendarId?: undefined;
|
|
5271
5304
|
timeMin?: undefined;
|
|
@@ -5381,6 +5414,9 @@ declare const ACTION_REGISTRY: {
|
|
|
5381
5414
|
subject?: undefined;
|
|
5382
5415
|
cc?: undefined;
|
|
5383
5416
|
bcc?: undefined;
|
|
5417
|
+
threadId?: undefined;
|
|
5418
|
+
inReplyTo?: undefined;
|
|
5419
|
+
references?: undefined;
|
|
5384
5420
|
messageIds?: undefined;
|
|
5385
5421
|
calendarId?: undefined;
|
|
5386
5422
|
timeMin?: undefined;
|
|
@@ -5482,6 +5518,9 @@ declare const ACTION_REGISTRY: {
|
|
|
5482
5518
|
subject?: undefined;
|
|
5483
5519
|
cc?: undefined;
|
|
5484
5520
|
bcc?: undefined;
|
|
5521
|
+
threadId?: undefined;
|
|
5522
|
+
inReplyTo?: undefined;
|
|
5523
|
+
references?: undefined;
|
|
5485
5524
|
messageIds?: undefined;
|
|
5486
5525
|
calendarId?: undefined;
|
|
5487
5526
|
timeMin?: undefined;
|
|
@@ -5578,6 +5617,9 @@ declare const ACTION_REGISTRY: {
|
|
|
5578
5617
|
subject?: undefined;
|
|
5579
5618
|
cc?: undefined;
|
|
5580
5619
|
bcc?: undefined;
|
|
5620
|
+
threadId?: undefined;
|
|
5621
|
+
inReplyTo?: undefined;
|
|
5622
|
+
references?: undefined;
|
|
5581
5623
|
messageIds?: undefined;
|
|
5582
5624
|
calendarId?: undefined;
|
|
5583
5625
|
timeMin?: undefined;
|
|
@@ -5659,6 +5701,15 @@ declare const ACTION_REGISTRY: {
|
|
|
5659
5701
|
bcc: {
|
|
5660
5702
|
type: string;
|
|
5661
5703
|
};
|
|
5704
|
+
threadId: {
|
|
5705
|
+
type: string;
|
|
5706
|
+
};
|
|
5707
|
+
inReplyTo: {
|
|
5708
|
+
type: string;
|
|
5709
|
+
};
|
|
5710
|
+
references: {
|
|
5711
|
+
type: string;
|
|
5712
|
+
};
|
|
5662
5713
|
channel?: undefined;
|
|
5663
5714
|
text?: undefined;
|
|
5664
5715
|
thread_ts?: undefined;
|
|
@@ -5793,6 +5844,9 @@ declare const ACTION_REGISTRY: {
|
|
|
5793
5844
|
subject?: undefined;
|
|
5794
5845
|
cc?: undefined;
|
|
5795
5846
|
bcc?: undefined;
|
|
5847
|
+
threadId?: undefined;
|
|
5848
|
+
inReplyTo?: undefined;
|
|
5849
|
+
references?: undefined;
|
|
5796
5850
|
calendarId?: undefined;
|
|
5797
5851
|
timeMin?: undefined;
|
|
5798
5852
|
timeMax?: undefined;
|
|
@@ -5902,6 +5956,9 @@ declare const ACTION_REGISTRY: {
|
|
|
5902
5956
|
subject?: undefined;
|
|
5903
5957
|
cc?: undefined;
|
|
5904
5958
|
bcc?: undefined;
|
|
5959
|
+
threadId?: undefined;
|
|
5960
|
+
inReplyTo?: undefined;
|
|
5961
|
+
references?: undefined;
|
|
5905
5962
|
messageIds?: undefined;
|
|
5906
5963
|
eventId?: undefined;
|
|
5907
5964
|
summary?: undefined;
|
|
@@ -6001,6 +6058,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6001
6058
|
subject?: undefined;
|
|
6002
6059
|
cc?: undefined;
|
|
6003
6060
|
bcc?: undefined;
|
|
6061
|
+
threadId?: undefined;
|
|
6062
|
+
inReplyTo?: undefined;
|
|
6063
|
+
references?: undefined;
|
|
6004
6064
|
messageIds?: undefined;
|
|
6005
6065
|
timeMin?: undefined;
|
|
6006
6066
|
timeMax?: undefined;
|
|
@@ -6157,6 +6217,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6157
6217
|
subject?: undefined;
|
|
6158
6218
|
cc?: undefined;
|
|
6159
6219
|
bcc?: undefined;
|
|
6220
|
+
threadId?: undefined;
|
|
6221
|
+
inReplyTo?: undefined;
|
|
6222
|
+
references?: undefined;
|
|
6160
6223
|
messageIds?: undefined;
|
|
6161
6224
|
timeMin?: undefined;
|
|
6162
6225
|
timeMax?: undefined;
|
|
@@ -6320,6 +6383,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6320
6383
|
subject?: undefined;
|
|
6321
6384
|
cc?: undefined;
|
|
6322
6385
|
bcc?: undefined;
|
|
6386
|
+
threadId?: undefined;
|
|
6387
|
+
inReplyTo?: undefined;
|
|
6388
|
+
references?: undefined;
|
|
6323
6389
|
messageIds?: undefined;
|
|
6324
6390
|
timeMin?: undefined;
|
|
6325
6391
|
timeMax?: undefined;
|
|
@@ -6421,6 +6487,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6421
6487
|
subject?: undefined;
|
|
6422
6488
|
cc?: undefined;
|
|
6423
6489
|
bcc?: undefined;
|
|
6490
|
+
threadId?: undefined;
|
|
6491
|
+
inReplyTo?: undefined;
|
|
6492
|
+
references?: undefined;
|
|
6424
6493
|
messageIds?: undefined;
|
|
6425
6494
|
timeMin?: undefined;
|
|
6426
6495
|
timeMax?: undefined;
|
|
@@ -6515,6 +6584,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6515
6584
|
subject?: undefined;
|
|
6516
6585
|
cc?: undefined;
|
|
6517
6586
|
bcc?: undefined;
|
|
6587
|
+
threadId?: undefined;
|
|
6588
|
+
inReplyTo?: undefined;
|
|
6589
|
+
references?: undefined;
|
|
6518
6590
|
messageIds?: undefined;
|
|
6519
6591
|
calendarId?: undefined;
|
|
6520
6592
|
timeMin?: undefined;
|
|
@@ -6613,6 +6685,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6613
6685
|
subject?: undefined;
|
|
6614
6686
|
cc?: undefined;
|
|
6615
6687
|
bcc?: undefined;
|
|
6688
|
+
threadId?: undefined;
|
|
6689
|
+
inReplyTo?: undefined;
|
|
6690
|
+
references?: undefined;
|
|
6616
6691
|
messageIds?: undefined;
|
|
6617
6692
|
calendarId?: undefined;
|
|
6618
6693
|
timeMin?: undefined;
|
|
@@ -6711,6 +6786,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6711
6786
|
subject?: undefined;
|
|
6712
6787
|
cc?: undefined;
|
|
6713
6788
|
bcc?: undefined;
|
|
6789
|
+
threadId?: undefined;
|
|
6790
|
+
inReplyTo?: undefined;
|
|
6791
|
+
references?: undefined;
|
|
6714
6792
|
messageIds?: undefined;
|
|
6715
6793
|
calendarId?: undefined;
|
|
6716
6794
|
timeMin?: undefined;
|
|
@@ -6812,6 +6890,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6812
6890
|
subject?: undefined;
|
|
6813
6891
|
cc?: undefined;
|
|
6814
6892
|
bcc?: undefined;
|
|
6893
|
+
threadId?: undefined;
|
|
6894
|
+
inReplyTo?: undefined;
|
|
6895
|
+
references?: undefined;
|
|
6815
6896
|
messageIds?: undefined;
|
|
6816
6897
|
calendarId?: undefined;
|
|
6817
6898
|
timeMin?: undefined;
|
|
@@ -6917,6 +6998,9 @@ declare const ACTION_REGISTRY: {
|
|
|
6917
6998
|
subject?: undefined;
|
|
6918
6999
|
cc?: undefined;
|
|
6919
7000
|
bcc?: undefined;
|
|
7001
|
+
threadId?: undefined;
|
|
7002
|
+
inReplyTo?: undefined;
|
|
7003
|
+
references?: undefined;
|
|
6920
7004
|
messageIds?: undefined;
|
|
6921
7005
|
calendarId?: undefined;
|
|
6922
7006
|
timeMin?: undefined;
|
|
@@ -7012,6 +7096,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7012
7096
|
subject?: undefined;
|
|
7013
7097
|
cc?: undefined;
|
|
7014
7098
|
bcc?: undefined;
|
|
7099
|
+
threadId?: undefined;
|
|
7100
|
+
inReplyTo?: undefined;
|
|
7101
|
+
references?: undefined;
|
|
7015
7102
|
messageIds?: undefined;
|
|
7016
7103
|
calendarId?: undefined;
|
|
7017
7104
|
timeMin?: undefined;
|
|
@@ -7133,6 +7220,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7133
7220
|
subject?: undefined;
|
|
7134
7221
|
cc?: undefined;
|
|
7135
7222
|
bcc?: undefined;
|
|
7223
|
+
threadId?: undefined;
|
|
7224
|
+
inReplyTo?: undefined;
|
|
7225
|
+
references?: undefined;
|
|
7136
7226
|
messageIds?: undefined;
|
|
7137
7227
|
calendarId?: undefined;
|
|
7138
7228
|
timeMin?: undefined;
|
|
@@ -7244,6 +7334,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7244
7334
|
subject?: undefined;
|
|
7245
7335
|
cc?: undefined;
|
|
7246
7336
|
bcc?: undefined;
|
|
7337
|
+
threadId?: undefined;
|
|
7338
|
+
inReplyTo?: undefined;
|
|
7339
|
+
references?: undefined;
|
|
7247
7340
|
messageIds?: undefined;
|
|
7248
7341
|
calendarId?: undefined;
|
|
7249
7342
|
timeMin?: undefined;
|
|
@@ -7336,6 +7429,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7336
7429
|
subject?: undefined;
|
|
7337
7430
|
cc?: undefined;
|
|
7338
7431
|
bcc?: undefined;
|
|
7432
|
+
threadId?: undefined;
|
|
7433
|
+
inReplyTo?: undefined;
|
|
7434
|
+
references?: undefined;
|
|
7339
7435
|
messageIds?: undefined;
|
|
7340
7436
|
calendarId?: undefined;
|
|
7341
7437
|
timeMin?: undefined;
|
|
@@ -7435,6 +7531,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7435
7531
|
subject?: undefined;
|
|
7436
7532
|
cc?: undefined;
|
|
7437
7533
|
bcc?: undefined;
|
|
7534
|
+
threadId?: undefined;
|
|
7535
|
+
inReplyTo?: undefined;
|
|
7536
|
+
references?: undefined;
|
|
7438
7537
|
messageIds?: undefined;
|
|
7439
7538
|
calendarId?: undefined;
|
|
7440
7539
|
timeMin?: undefined;
|
|
@@ -7535,6 +7634,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7535
7634
|
subject?: undefined;
|
|
7536
7635
|
cc?: undefined;
|
|
7537
7636
|
bcc?: undefined;
|
|
7637
|
+
threadId?: undefined;
|
|
7638
|
+
inReplyTo?: undefined;
|
|
7639
|
+
references?: undefined;
|
|
7538
7640
|
messageIds?: undefined;
|
|
7539
7641
|
calendarId?: undefined;
|
|
7540
7642
|
timeMin?: undefined;
|
|
@@ -7641,6 +7743,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7641
7743
|
subject?: undefined;
|
|
7642
7744
|
cc?: undefined;
|
|
7643
7745
|
bcc?: undefined;
|
|
7746
|
+
threadId?: undefined;
|
|
7747
|
+
inReplyTo?: undefined;
|
|
7748
|
+
references?: undefined;
|
|
7644
7749
|
messageIds?: undefined;
|
|
7645
7750
|
calendarId?: undefined;
|
|
7646
7751
|
timeMin?: undefined;
|
|
@@ -7733,6 +7838,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7733
7838
|
subject?: undefined;
|
|
7734
7839
|
cc?: undefined;
|
|
7735
7840
|
bcc?: undefined;
|
|
7841
|
+
threadId?: undefined;
|
|
7842
|
+
inReplyTo?: undefined;
|
|
7843
|
+
references?: undefined;
|
|
7736
7844
|
messageIds?: undefined;
|
|
7737
7845
|
calendarId?: undefined;
|
|
7738
7846
|
timeMin?: undefined;
|
|
@@ -7831,6 +7939,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7831
7939
|
subject?: undefined;
|
|
7832
7940
|
cc?: undefined;
|
|
7833
7941
|
bcc?: undefined;
|
|
7942
|
+
threadId?: undefined;
|
|
7943
|
+
inReplyTo?: undefined;
|
|
7944
|
+
references?: undefined;
|
|
7834
7945
|
messageIds?: undefined;
|
|
7835
7946
|
calendarId?: undefined;
|
|
7836
7947
|
timeMin?: undefined;
|
|
@@ -7939,6 +8050,9 @@ declare const ACTION_REGISTRY: {
|
|
|
7939
8050
|
subject?: undefined;
|
|
7940
8051
|
cc?: undefined;
|
|
7941
8052
|
bcc?: undefined;
|
|
8053
|
+
threadId?: undefined;
|
|
8054
|
+
inReplyTo?: undefined;
|
|
8055
|
+
references?: undefined;
|
|
7942
8056
|
messageIds?: undefined;
|
|
7943
8057
|
calendarId?: undefined;
|
|
7944
8058
|
timeMin?: undefined;
|
|
@@ -8121,6 +8235,39 @@ declare function getValidMcpActionNames(toolName: string): string[];
|
|
|
8121
8235
|
*/
|
|
8122
8236
|
declare function normalizeMcpActionName(toolName: string, actionName: string): string;
|
|
8123
8237
|
|
|
8238
|
+
/**
|
|
8239
|
+
* Cross-package constants for the reauth pipeline.
|
|
8240
|
+
*
|
|
8241
|
+
* These string literals are contract-level identifiers shared between:
|
|
8242
|
+
* - api (`tool-auth.service.ts`, `token-refresh.service.ts`)
|
|
8243
|
+
* - remote-mcp (`mcp-format-result.ts`)
|
|
8244
|
+
* - agentd (`gateway-client.ts`, `credential-errors.ts`, `execution-engine.ts`)
|
|
8245
|
+
*
|
|
8246
|
+
* Hard-coding them at each site made typo bugs silent. Centralizing here
|
|
8247
|
+
* means any renames surface as a compile error on every import site.
|
|
8248
|
+
*/
|
|
8249
|
+
/**
|
|
8250
|
+
* Value for `ToolInvokeResponse.metadata.action` when the api signals a
|
|
8251
|
+
* revoked/expired OAuth token. Consumers branch on this to render a reauth
|
|
8252
|
+
* prompt (Slack DM card, CLI authUrl, etc.) instead of treating the response
|
|
8253
|
+
* as a normal error.
|
|
8254
|
+
*/
|
|
8255
|
+
declare const REAUTH_REQUIRED_ACTION: "reauth_required";
|
|
8256
|
+
/**
|
|
8257
|
+
* Error codes emitted by agentd's `gateway-client.invokeTool` to classify
|
|
8258
|
+
* failure modes for the ExecutionEngine to branch on. Kept as a const object
|
|
8259
|
+
* rather than an enum so it serializes cleanly across the wire and in logs.
|
|
8260
|
+
*/
|
|
8261
|
+
declare const GATEWAY_ERROR_CODE: {
|
|
8262
|
+
/** Upstream OAuth token is revoked — the user must re-auth at the SaaS provider. */
|
|
8263
|
+
readonly REAUTH_REQUIRED: "REAUTH_REQUIRED";
|
|
8264
|
+
/** Local VC/VP is invalid (expired, malformed, signature mismatch). Try VC reissuance. */
|
|
8265
|
+
readonly CREDENTIAL_INVALID: "CREDENTIAL_INVALID";
|
|
8266
|
+
/** VC allowed a different resource than the request targeted. Try a new approval. */
|
|
8267
|
+
readonly RESOURCE_MISMATCH: "RESOURCE_MISMATCH";
|
|
8268
|
+
};
|
|
8269
|
+
type GatewayErrorCode = (typeof GATEWAY_ERROR_CODE)[keyof typeof GATEWAY_ERROR_CODE];
|
|
8270
|
+
|
|
8124
8271
|
interface ActionParamDisplay {
|
|
8125
8272
|
label: string;
|
|
8126
8273
|
value: string;
|
|
@@ -8458,6 +8605,162 @@ declare function resolveUserTier(tier: string | undefined | null): UserTier;
|
|
|
8458
8605
|
*/
|
|
8459
8606
|
declare function getTierLimits(tier: string | undefined | null): TierLimits;
|
|
8460
8607
|
|
|
8608
|
+
/**
|
|
8609
|
+
* P1-A14a-1 / Threat Model S4 — canonical-string + signature-header
|
|
8610
|
+
* helpers for HMAC body signing of internal HTTP requests.
|
|
8611
|
+
*
|
|
8612
|
+
* Pure module: no NestJS, no I/O, no side effects. SDK is the
|
|
8613
|
+
* single source of truth (P1-A14a-2d) — api / remote-mcp /
|
|
8614
|
+
* slack-bot all import from `@vess-id/ai-identity`.
|
|
8615
|
+
*
|
|
8616
|
+
* Header format (Q1 = A, Stripe-style versioned):
|
|
8617
|
+
* X-Internal-Signature: v1=<keyId>:<unixSeconds>:<base64(hmac)>
|
|
8618
|
+
*
|
|
8619
|
+
* Canonical string (Q2 = A, no header inclusion):
|
|
8620
|
+
* ${METHOD.toUpperCase()}\n${path}\n${unixSeconds}\n${sha256Hex(rawBody)}
|
|
8621
|
+
*
|
|
8622
|
+
* Replay window (Q3 = A): 300 seconds — enforced by the api guard,
|
|
8623
|
+
* not here. This module is responsible for *constructing* the
|
|
8624
|
+
* canonical string and *parsing* the header; freshness is policy.
|
|
8625
|
+
*/
|
|
8626
|
+
declare const SIGNATURE_HEADER = "x-internal-signature";
|
|
8627
|
+
declare const SIGNATURE_VERSION_PREFIX = "v1=";
|
|
8628
|
+
/**
|
|
8629
|
+
* SHA-256 hex digest of an arbitrary buffer or string. Hex (not
|
|
8630
|
+
* base64) so the canonical string is URL-safe and grep-friendly in
|
|
8631
|
+
* logs if a future debug session ever needs to reconstruct it
|
|
8632
|
+
* server-side.
|
|
8633
|
+
*/
|
|
8634
|
+
declare function sha256Hex(input: Buffer | string): string;
|
|
8635
|
+
/**
|
|
8636
|
+
* Build the canonical string that gets HMAC'd. The components are
|
|
8637
|
+
* separated by `\n` because no legitimate input contains `\n` (the
|
|
8638
|
+
* method is uppercase ASCII, the path is URL-encoded by the caller,
|
|
8639
|
+
* the timestamp is digits, the body hash is hex). Using `\n` as
|
|
8640
|
+
* separator avoids ambiguity that delimiters like `:` would
|
|
8641
|
+
* introduce when the path contains a colon.
|
|
8642
|
+
*
|
|
8643
|
+
* Whitespace is NOT trimmed — input must be exactly what will land
|
|
8644
|
+
* on the wire. Caller controls case and encoding.
|
|
8645
|
+
*/
|
|
8646
|
+
declare function buildCanonicalString(args: {
|
|
8647
|
+
method: string;
|
|
8648
|
+
path: string;
|
|
8649
|
+
unixSeconds: number;
|
|
8650
|
+
rawBody: Buffer | string;
|
|
8651
|
+
}): string;
|
|
8652
|
+
/** Shape of a parsed `X-Internal-Signature` header. */
|
|
8653
|
+
interface ParsedSignature {
|
|
8654
|
+
/** Identifier of the signing key (e.g. `'mcp-v2'`). */
|
|
8655
|
+
keyId: string;
|
|
8656
|
+
/** Unix epoch seconds at signing time. */
|
|
8657
|
+
unixSeconds: number;
|
|
8658
|
+
/** Base64-encoded HMAC-SHA256 digest. */
|
|
8659
|
+
signature: string;
|
|
8660
|
+
}
|
|
8661
|
+
/**
|
|
8662
|
+
* Parse a `X-Internal-Signature` header value. Returns `null` for
|
|
8663
|
+
* any malformed shape rather than throwing — the api guard converts
|
|
8664
|
+
* `null` to a `401 Unauthorized` so a malformed header never
|
|
8665
|
+
* triggers a `500`.
|
|
8666
|
+
*
|
|
8667
|
+
* Accepted: `v1=<keyId>:<digits>:<base64>`
|
|
8668
|
+
*
|
|
8669
|
+
* Defensive checks:
|
|
8670
|
+
* - Must start with `v1=` (Q1: explicit version prefix)
|
|
8671
|
+
* - keyId / signature must be non-empty after split
|
|
8672
|
+
* - timestamp must parse to a finite, non-negative integer
|
|
8673
|
+
* - keyId must be ASCII identifier-safe ([A-Za-z0-9_-]+) so a
|
|
8674
|
+
* malicious header cannot smuggle control chars or whitespace
|
|
8675
|
+
* into log lines / metric labels
|
|
8676
|
+
* - signature must be valid base64 (only base64 alphabet chars)
|
|
8677
|
+
*/
|
|
8678
|
+
declare function parseSignatureHeader(headerValue: string | undefined): ParsedSignature | null;
|
|
8679
|
+
/**
|
|
8680
|
+
* Format a ParsedSignature back into a header string. Round-trips
|
|
8681
|
+
* with `parseSignatureHeader` for any validly-shaped input.
|
|
8682
|
+
*
|
|
8683
|
+
* Used by the signing side (HTTP client). Keeping it next to the
|
|
8684
|
+
* parser pins the format in one place.
|
|
8685
|
+
*/
|
|
8686
|
+
declare function formatSignatureHeader(parsed: ParsedSignature): string;
|
|
8687
|
+
|
|
8688
|
+
/**
|
|
8689
|
+
* P1-A14a-2d — pure HMAC signer for outbound /api/internal/**
|
|
8690
|
+
* requests. Lives in SDK so remote-mcp and slack-bot (both of which
|
|
8691
|
+
* already depend on `@vess-id/ai-identity`) can attach
|
|
8692
|
+
* `X-Internal-Signature` to every request without dragging the
|
|
8693
|
+
* api package into their dependency graph.
|
|
8694
|
+
*
|
|
8695
|
+
* Pure (no I/O, no Nest). Mirrors the `utils/crypto.ts` profile:
|
|
8696
|
+
* the only Node-builtin used is `crypto.createHmac`.
|
|
8697
|
+
*
|
|
8698
|
+
* Pairing with the verifier
|
|
8699
|
+
* -------------------------
|
|
8700
|
+
* The verifier (api side, `HmacKeyset.verify` →
|
|
8701
|
+
* `buildCanonicalString` → constant-time compare) reads the same
|
|
8702
|
+
* `buildCanonicalString` from this module by construction. As long
|
|
8703
|
+
* as both sides pass the same `(method, path, unixSeconds, rawBody)`
|
|
8704
|
+
* the HMACs match by definition.
|
|
8705
|
+
*
|
|
8706
|
+
* Body bytes
|
|
8707
|
+
* ----------
|
|
8708
|
+
* The caller MUST pass the exact bytes that go on the wire as
|
|
8709
|
+
* `rawBody`. Re-running `JSON.stringify(...)` on each side would
|
|
8710
|
+
* risk a byte mismatch (object key order is implementation-defined
|
|
8711
|
+
* in spec, even though V8 preserves insertion order in practice).
|
|
8712
|
+
* The api-client `makeRequest` helper computes `JSON.stringify`
|
|
8713
|
+
* once, hands the same string to both `signRequest` and `fetch`.
|
|
8714
|
+
*/
|
|
8715
|
+
/**
|
|
8716
|
+
* Minimum signer key length in raw bytes. 32 bytes = 256 bits
|
|
8717
|
+
* matches HMAC-SHA256's natural block size and the verifier's
|
|
8718
|
+
* `MIN_KEY_BYTES`. A truncated env var (accidental newline,
|
|
8719
|
+
* copy-paste error) is the realistic failure mode this guards
|
|
8720
|
+
* against.
|
|
8721
|
+
*/
|
|
8722
|
+
declare const MIN_SIGNER_KEY_BYTES = 32;
|
|
8723
|
+
interface InternalHmacSignerKey {
|
|
8724
|
+
/** Stable identifier for the key, e.g. `'mcp-v1'`. Embedded in
|
|
8725
|
+
* the X-Internal-Signature header so the verifier can pick the
|
|
8726
|
+
* right key. Must match `/^[A-Za-z0-9_-]+$/`. */
|
|
8727
|
+
keyId: string;
|
|
8728
|
+
/** Raw HMAC secret. >= MIN_SIGNER_KEY_BYTES bytes. */
|
|
8729
|
+
secret: Buffer;
|
|
8730
|
+
}
|
|
8731
|
+
interface SignRequestArgs {
|
|
8732
|
+
/** HTTP method. Will be upper-cased by `buildCanonicalString`,
|
|
8733
|
+
* but callers should pass the uppercase form they use on the
|
|
8734
|
+
* wire so signer and `fetch()` stay in lockstep. */
|
|
8735
|
+
method: string;
|
|
8736
|
+
/** URL path with query string already stripped (verifier does
|
|
8737
|
+
* `request.originalUrl?.split('?')[0]`; signer must mirror).
|
|
8738
|
+
* Path encoding (e.g. `%2F` vs `/`) is caller's responsibility
|
|
8739
|
+
* — the canonical string treats them as different bytes. */
|
|
8740
|
+
path: string;
|
|
8741
|
+
/** Wire bytes. The same string/buffer passed to `fetch({body})`
|
|
8742
|
+
* must be passed here — `JSON.stringify` runs ONCE per request
|
|
8743
|
+
* in the caller. */
|
|
8744
|
+
rawBody: Buffer | string;
|
|
8745
|
+
/** Optional fixed timestamp for testing. Defaults to
|
|
8746
|
+
* `Math.floor(Date.now() / 1000)`. */
|
|
8747
|
+
unixSeconds?: number;
|
|
8748
|
+
}
|
|
8749
|
+
/**
|
|
8750
|
+
* Sign an outbound request and return a fully-formatted
|
|
8751
|
+
* `X-Internal-Signature` header value. The caller sets the header
|
|
8752
|
+
* on the outbound request directly:
|
|
8753
|
+
*
|
|
8754
|
+
* ```ts
|
|
8755
|
+
* headers[SIGNATURE_HEADER] = signRequest(key, { method, path, rawBody })
|
|
8756
|
+
* ```
|
|
8757
|
+
*
|
|
8758
|
+
* Throws if key material is invalid (bad keyId or short secret) —
|
|
8759
|
+
* surfacing misconfiguration loudly at request time rather than
|
|
8760
|
+
* silently producing a header the verifier will reject.
|
|
8761
|
+
*/
|
|
8762
|
+
declare function signRequest(key: InternalHmacSignerKey, args: SignRequestArgs): string;
|
|
8763
|
+
|
|
8461
8764
|
declare const version = "0.0.1";
|
|
8462
8765
|
|
|
8463
|
-
export { type ABACPolicyEngine, ACTION_PARAMS_MAX_SIZE, ACTION_PREFIXES, ACTION_REGISTRY, AIdentityClient, type AIdentityConfig, AIdentityError, type APIAgent, type APICredential, APIVCManager, type AbacDecision, type AbacInput, type AcceptInvitationRequest, type AckEventResponse, type ActionInputSchema, type ActionMapping, type ActionMeta, type ActionParamDisplay, type ActionRegistry, type ActionRiskLevel, type Agent, type AgentCreateOptions, type AgentDIDConfig, AgentDIDManager, AgentManager, AgentStatus, AgentType, type AgentWithId, AllowAllAbac, type AnyProvider, type ApiKeyValidationResult, type AuditEvent, type AuditQuery, AuthProvider, type AuthState, AuthenticationError, type AutoApproveConfig, type BindingSource, CANONICAL_PROVIDERS, type CanonicalProvider, type CapabilityMeta, type CheckGrantPermissionRequest, type CheckGrantPermissionResult, type CheckPermissionInput, type CheckPermissionResult, type CollectContextRequest, type ConfirmGrantSuggestionRequest, type ConnectorAction, type ConnectorConfig, type ConnectorExecutionContext, type ConnectorResponse, type ConnectorResponseMetadata, type ConnectorTokenConfig, type ConstraintEvaluationResult, ConstraintEvaluator, type ConstraintEvaluatorOptions, type ConstraintViolation, type ConstraintWarning, type ContextBindingSource, type ContextProvider, type CreateGrantRequest, type CreateInvitationRequest, type CreateReceiptRequest, type CredentialRef, CredentialStatus, type CredentialStore, CredentialType, DEFAULT_CONSTRAINTS_BY_RISK, type DIDDocument, type DataAccessVC, type DecisionTrace, type DelegationVC, DeviceEnrollManager, type DeviceEnrollPollResult, type DeviceEnrollServerSideParams, type DeviceEnrollStartParams, type DeviceEnrollStartResult, type DisclosureFields, DummyCreds, DummyVpVerifier, type EmployeeVPRequest, type EvaluationContext, type ExternalActionRequest, FilesystemKeyStorage, GatewayClient, GatewayError, type GatewayEvent, type GetEventsOptions, type GetEventsResponse, type GitHubConfig, type GoogleConfig, type Grant, type GrantConstraints, type GrantResource, GrantResourceType, GrantScope, GrantStatus, type GrantUsage, type IConnectorService, type IStateStore, type Intent, type IntentEvaluationResult, type IntentObligation, type IntentResource, InvalidVPError, type Invitation, type InvitationRole, InvitationStatus, type IssueSDJWTVCRequest, type IssueSDJWTVCResult, type JiraBoard, type JiraConfig, type JiraIssue, type JiraIssueType, type JiraProject, type JiraSprint, type JiraStatus, type JiraUser, type JiraWorklog, type JsonSchema, JsonStateStore, KeyManager, type KeyPairGenerationResult, type KeyStorageConfig, type KeyStorageProvider, LEGACY_RESOURCE_TYPE_MAP,
|
|
8766
|
+
export { type ABACPolicyEngine, ACTION_PARAMS_MAX_SIZE, ACTION_PREFIXES, ACTION_REGISTRY, AIdentityClient, type AIdentityConfig, AIdentityError, type APIAgent, type APICredential, APIVCManager, type AbacDecision, type AbacInput, type AcceptInvitationRequest, type AckEventResponse, type ActionInputSchema, type ActionMapping, type ActionMeta, type ActionParamDisplay, type ActionRegistry, type ActionRiskLevel, type Agent, type AgentCreateOptions, type AgentDIDConfig, AgentDIDManager, AgentManager, AgentStatus, AgentType, type AgentWithId, AllowAllAbac, type AnyProvider, type ApiKeyValidationResult, type AuditEvent, type AuditQuery, AuthProvider, type AuthState, AuthenticationError, type AutoApproveConfig, type BindingSource, type BuildKbJwtPayloadArgs, type BuildKbJwtPayloadDeps, CANONICAL_PROVIDERS, type CanonicalProvider, type CapabilityMeta, type CheckGrantPermissionRequest, type CheckGrantPermissionResult, type CheckPermissionInput, type CheckPermissionResult, type CollectContextRequest, type ConfirmGrantSuggestionRequest, type ConnectorAction, type ConnectorConfig, type ConnectorExecutionContext, type ConnectorResponse, type ConnectorResponseMetadata, type ConnectorTokenConfig, type ConstraintEvaluationResult, ConstraintEvaluator, type ConstraintEvaluatorOptions, type ConstraintViolation, type ConstraintWarning, type ContextBindingSource, type ContextProvider, type CreateGrantRequest, type CreateInvitationRequest, type CreateReceiptRequest, type CredentialRef, CredentialStatus, type CredentialStore, CredentialType, DEFAULT_CONSTRAINTS_BY_RISK, type DIDDocument, type DataAccessVC, type DecisionTrace, type DelegationVC, DeviceEnrollManager, type DeviceEnrollPollResult, type DeviceEnrollServerSideParams, type DeviceEnrollStartParams, type DeviceEnrollStartResult, type DisclosureFields, DummyCreds, DummyVpVerifier, type EmployeeVPRequest, type EvaluationContext, type ExternalActionRequest, FilesystemKeyStorage, GATEWAY_ERROR_CODE, GatewayClient, GatewayError, type GatewayErrorCode, type GatewayEvent, type GetEventsOptions, type GetEventsResponse, type GitHubConfig, type GoogleConfig, type Grant, type GrantConstraints, type GrantResource, GrantResourceType, GrantScope, GrantStatus, type GrantUsage, type IConnectorService, type IStateStore, type Intent, type IntentEvaluationResult, type IntentObligation, type IntentResource, type InternalHmacSignerKey, InvalidVPError, type Invitation, type InvitationRole, InvitationStatus, type IssueSDJWTVCRequest, type IssueSDJWTVCResult, type JiraBoard, type JiraConfig, type JiraIssue, type JiraIssueType, type JiraProject, type JiraSprint, type JiraStatus, type JiraUser, type JiraWorklog, type JsonSchema, JsonStateStore, KB_JWT_DEFAULT_LIFETIME_SECONDS, type KbJwtPayload, KeyManager, type KeyPairGenerationResult, type KeyStorageConfig, type KeyStorageProvider, LEGACY_RESOURCE_TYPE_MAP, MIN_SIGNER_KEY_BYTES, MemoryKeyStorage, NetworkError, type NormalizeIntentRequest, type NormalizedIntent, type OAuthAuthorizeRequest, type OAuthCallbackParams, type OAuthConnection, OAuthProvider, type OAuthToken, type OrganizationConfig, type OrganizationPermission, type OrganizationPolicy, type OrganizationVC, PROVIDER_ALIASES, type ParamBindingSource, type ParsedResourceType, type ParsedSignature, type PermissionConstraints, type PermissionMode, type PermissionResource, type PermissionRule, type PermissionTimeConstraint, type PermissionVcClaims, type PlanDelegationInput, type PlanDelegationResult, type PolicyCondition, type PolicyEvaluationResult, type PolicyInput, type PolicyRule, type PolicyTarget, type Provider, REAUTH_REQUIRED_ACTION, RESOURCE_TYPES, type ReBACChecker, type Receipt, type ReceiptListResult, type ReceiptOutcome, type ReceiptSearchQuery, ReceiptStatus, type Relation, type ResolvedTargets, type ResourceIdBinding, type ResourceRef, type ResourceScope, type ResourceType, type RiskAssessmentResult, type RiskFactor, type RiskLevel, SDJwtClient, SIGNATURE_HEADER, SIGNATURE_VERSION_PREFIX, ScopeUnmatchedError, type SecondaryBinding, type SignRequestArgs, SimpleRebac, type SlackConfig, StandardActionCategory, type SuggestGrantRequest, type SuggestedAction, type SuggestedConstraints, type SuggestedGrant, type SuggestedResource, type SuggestionRiskLevel, TIER_LIMITS, type TargetBindings, type TargetConstraint, TargetResolver, type TierLimits, type TimeWindowCheckResult, type TimeWindowConstraint, type ToolDefinition, type ToolInvocation, ToolManager, type ToolPermissionRequest, type ToolPermissionVC, type UnifiedResourceType, type UpdateGrantRequest, type UserIdentity, type UserIdentityConfig, type UserIdentityCreateOptions, UserIdentityManager, UserKeyPairManager, type UserTier, VALID_MCP_ACTIONS, VALID_MCP_TOOLS, VCExpiredError, VCManager, VCRevokedError, VCStatus, type VCTemplate, VCType, VPManager, type VPRequest, type VerifiablePresentation, type VerificationMethod, type VerifiedVcClaims, type VerifyInvitationResponse, type VerifyReceiptRequest, type VerifyReceiptResult, type VerifySDJWTVCResult, type VpVerifier, WRITE_ACTION_NAMES, type WeeklyReportData, type WeeklyReportSummary, buildCanonicalString, buildGrantIdFields, buildKbJwtPayload, canonicalizeAction, checkPermissionWithVP, configure, createAjv, createDidJwk, credentialStatusToVCStatus, defaultConstraintEvaluator, evaluateConstraints, extractProjectKey, extractPublicKey, extractPublicKeyFromDid, formatSignatureHeader, generateActionParamsDisplay, generateActionSummary, generateKeyPair, generateNonce, getActionAliases, getAllActionForms, getAllValidMcpActionNames, getClient, getDefaultDisclosureFields, getKeyIdFromDid, getRequiredRelations, getRequiredScopes, getTierLimits, getValidMcpActionNames, grantConstraintsToPermissionConstraints, grantToPermissionRules, indexActions, indexCapabilities, isActionEquivalent, isCanonicalProvider, isUnlimited, isValidDidJwk, isValidProvider, isWriteAction, loadActionRegistryFromFile, loadActionRegistryFromObject, normalizeDomain, normalizeMcpActionName, parseGrantAction, parseGrantResourceType, parseSignatureHeader, planDelegationForVC, publicKeysMatch, readVcExpSeconds, resolveActionsFromSelection, resolveProvider, resolveResourceType, resolveUserTier, sha256Hex, signJWT, signRequest, validateRegistryObject, vcStatusToCredentialStatus, verifyJWT, version };
|