@vorim/sdk 2.2.0 → 3.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/index.cjs +62 -0
  2. package/dist/index.cjs.map +1 -1
  3. package/dist/index.d.cts +77 -0
  4. package/dist/index.d.ts +77 -0
  5. package/dist/index.js +62 -0
  6. package/dist/index.js.map +1 -1
  7. package/dist/integrations/anthropic.cjs +199 -0
  8. package/dist/integrations/anthropic.cjs.map +1 -0
  9. package/dist/integrations/anthropic.d.cts +183 -0
  10. package/dist/integrations/anthropic.d.ts +183 -0
  11. package/dist/integrations/anthropic.js +172 -0
  12. package/dist/integrations/anthropic.js.map +1 -0
  13. package/package.json +11 -1
package/dist/index.cjs CHANGED
@@ -160,6 +160,68 @@ var VorimSDK = class {
160
160
  async deleteApiKey(keyId) {
161
161
  return this.delete(`/api-keys/${keyId}`);
162
162
  }
163
+ // ─── Ephemeral Agents ──────────────────────────────────────────────
164
+ /**
165
+ * Register an ephemeral agent with W3C did:key identity.
166
+ * The agent auto-expires after the specified TTL.
167
+ */
168
+ async registerEphemeral(input) {
169
+ return this.post("/agents/ephemeral", input);
170
+ }
171
+ // ─── Credential Delegation ──────────────────────────────────────────
172
+ /**
173
+ * Register an OAuth provider for credential delegation.
174
+ */
175
+ async registerProvider(input) {
176
+ return this.post("/credentials/providers", input);
177
+ }
178
+ /**
179
+ * List registered OAuth providers.
180
+ */
181
+ async listProviders() {
182
+ return this.get("/credentials/providers");
183
+ }
184
+ /**
185
+ * Store an OAuth connection (user's authorized tokens).
186
+ */
187
+ async storeConnection(input) {
188
+ return this.post("/credentials/connections", input);
189
+ }
190
+ /**
191
+ * List OAuth connections.
192
+ */
193
+ async listConnections() {
194
+ return this.get("/credentials/connections");
195
+ }
196
+ /**
197
+ * Delegate a credential to an agent.
198
+ * The agent will be able to request short-lived access tokens
199
+ * for the delegated scopes without ever seeing the refresh token.
200
+ */
201
+ async delegateCredential(input) {
202
+ return this.post("/credentials/delegations", input);
203
+ }
204
+ /**
205
+ * List credential delegations for the organisation or a specific agent.
206
+ */
207
+ async listDelegations(agentId) {
208
+ const params = agentId ? `?agent_id=${agentId}` : "";
209
+ return this.get(`/credentials/delegations${params}`);
210
+ }
211
+ /**
212
+ * Revoke a credential delegation (cascades to delegation chains).
213
+ */
214
+ async revokeDelegation(delegationId) {
215
+ return this.delete(`/credentials/delegations/${delegationId}`);
216
+ }
217
+ /**
218
+ * Request a short-lived access token for an agent.
219
+ * The agent must have an active credential delegation.
220
+ * The refresh token is never exposed — the platform proxies the request.
221
+ */
222
+ async requestToken(input) {
223
+ return this.post("/credentials/token", input);
224
+ }
163
225
  // ─── Signing ──────────────────────────────────────────────────────
164
226
  /**
165
227
  * Sign a payload with an Ed25519 private key (client-side).
package/dist/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — TypeScript\n// Thin client wrapping the Vorim AI REST API\n// ============================================================================\n\nimport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, PermissionScope, PermissionCheckResult,\n} from './types.js';\n\nexport interface VorimConfig {\n apiKey: string;\n baseUrl?: string;\n timeout?: number;\n}\n\nexport class VorimSDK {\n private apiKey: string;\n private baseUrl: string;\n private timeout: number;\n\n constructor(config: VorimConfig) {\n this.apiKey = config.apiKey;\n this.baseUrl = (config.baseUrl || 'https://api.vorim.ai').replace(/\\/$/, '') + '/v1';\n this.timeout = config.timeout || 10000;\n }\n\n // ─── Health Check ────────────────────────────────────────────────\n\n /**\n * Ping the Vorim API to verify connectivity and API key validity.\n * Returns { status, timestamp } on success, throws VorimError on failure.\n */\n async ping(): Promise<{ status: string; timestamp: string }> {\n const response = await fetch(`${this.baseUrl.replace('/v1', '')}/health`, {\n headers: { 'User-Agent': 'vorim-sdk/2.1.0' },\n signal: AbortSignal.timeout(this.timeout),\n });\n if (!response.ok) throw new VorimError(response.status, 'UNREACHABLE', 'Vorim API is not reachable');\n return response.json() as Promise<{ status: string; timestamp: string }>;\n }\n\n // ─── Agent Identity ────────────────────────────────────────────────\n\n /**\n * Register a new agent with Vorim AI.\n * Returns the agent identity and a private key (shown once).\n */\n async register(input: AgentRegistrationInput): Promise<AgentRegistrationResult> {\n return this.post('/agents', input);\n }\n\n /**\n * Verify an agent's identity via the public Trust API.\n */\n async verify(agentId: string): Promise<TrustRecord> {\n return this.get(`/trust/verify/${agentId}`);\n }\n\n /**\n * Get agent details.\n */\n async getAgent(agentId: string): Promise<Agent> {\n return this.get(`/agents/${agentId}`);\n }\n\n /**\n * List all agents in the organisation.\n */\n async listAgents(params?: { page?: number; per_page?: number; status?: string }): Promise<{ agents: Agent[]; meta: any }> {\n const qs = new URLSearchParams(params as any).toString();\n return this.get(`/agents${qs ? '?' + qs : ''}`);\n }\n\n /**\n * Update an agent's metadata.\n */\n async updateAgent(agentId: string, updates: Partial<Pick<Agent, 'name' | 'description' | 'status' | 'capabilities'>>): Promise<Agent> {\n return this.patch(`/agents/${agentId}`, updates);\n }\n\n /**\n * Revoke an agent (permanent deactivation).\n */\n async revoke(agentId: string): Promise<void> {\n await this.delete(`/agents/${agentId}`);\n }\n\n // ─── Permissions ──────────────────────────────────────────────────\n\n /**\n * Check if an agent has a specific permission scope.\n * Target: < 5ms response via Redis cache.\n */\n async check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult> {\n return this.post(`/agents/${agentId}/permissions/verify`, { scope });\n }\n\n /**\n * Grant a permission scope to an agent.\n */\n async grant(agentId: string, scope: PermissionScope, options?: {\n valid_until?: string;\n rate_limit?: { max: number; window: string };\n }): Promise<any> {\n return this.post(`/agents/${agentId}/permissions`, { scope, ...options });\n }\n\n /**\n * List all active permissions for an agent.\n */\n async listPermissions(agentId: string): Promise<any[]> {\n return this.get(`/agents/${agentId}/permissions`);\n }\n\n /**\n * Revoke a specific permission scope from an agent.\n */\n async revokePermission(agentId: string, scope: PermissionScope): Promise<any> {\n return this.delete(`/agents/${agentId}/permissions/${scope}`);\n }\n\n // ─── Audit ────────────────────────────────────────────────────────\n\n /**\n * Emit an audit event for an agent action.\n */\n async emit(event: AuditEventInput): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events: [event] });\n }\n\n /**\n * Emit a batch of audit events (up to 1,000).\n */\n async emitBatch(events: AuditEventInput[]): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events });\n }\n\n /**\n * Export a signed audit bundle for a date range.\n */\n async exportAudit(from: string, to: string, format: string = 'json'): Promise<any> {\n return this.post('/audit/export', { from, to, format });\n }\n\n // ─── API Keys ──────────────────────────────────────────────────────\n\n /**\n * List all API keys for the organisation.\n */\n async listApiKeys(): Promise<any[]> {\n return this.get('/api-keys');\n }\n\n /**\n * Create a new API key.\n */\n async createApiKey(name: string, options?: { scopes?: string[]; expires_at?: string }): Promise<any> {\n return this.post('/api-keys', { name, ...options });\n }\n\n /**\n * Revoke an API key.\n */\n async deleteApiKey(keyId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/api-keys/${keyId}`);\n }\n\n // ─── Signing ──────────────────────────────────────────────────────\n\n /**\n * Sign a payload with an Ed25519 private key (client-side).\n * Uses the Web Crypto API or Node.js crypto.\n */\n async sign(payload: string, privateKeyPem: string): Promise<string> {\n if (typeof globalThis.crypto?.subtle !== 'undefined') {\n // Web Crypto API\n const keyData = this.pemToArrayBuffer(privateKeyPem);\n const key = await globalThis.crypto.subtle.importKey(\n 'pkcs8', keyData, { name: 'Ed25519' }, false, ['sign']\n );\n const signature = await globalThis.crypto.subtle.sign(\n 'Ed25519', key, new TextEncoder().encode(payload)\n );\n return `ed25519:${this.arrayBufferToBase64(signature)}`;\n } else {\n // Node.js crypto fallback\n const crypto = await import('node:crypto');\n const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);\n return `ed25519:${sign.toString('base64')}`;\n }\n }\n\n // ─── HTTP Client ──────────────────────────────────────────────────\n\n private async get(path: string): Promise<any> {\n return this.request('GET', path);\n }\n\n private async post(path: string, body: any): Promise<any> {\n return this.request('POST', path, body);\n }\n\n private async patch(path: string, body: any): Promise<any> {\n return this.request('PATCH', path, body);\n }\n\n private async delete(path: string): Promise<any> {\n return this.request('DELETE', path);\n }\n\n private async request(method: string, path: string, body?: any): Promise<any> {\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.apiKey}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'vorim-sdk/2.0.0',\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n if (!response.ok) {\n const errBody = await response.json().catch(() => ({})) as Record<string, any>;\n throw new VorimError(\n response.status,\n errBody.error?.code || 'UNKNOWN_ERROR',\n errBody.error?.message || `HTTP ${response.status}`,\n errBody.error?.details\n );\n }\n\n const json = await response.json() as Record<string, any>;\n return json.data;\n } finally {\n clearTimeout(timeoutId);\n }\n }\n\n private pemToArrayBuffer(pem: string): ArrayBuffer {\n const b64 = pem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, '');\n const binary = atob(b64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n }\n\n private arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary);\n }\n}\n\nexport class VorimError extends Error {\n constructor(\n public status: number,\n public code: string,\n message: string,\n public details?: Record<string, unknown>\n ) {\n super(message);\n this.name = 'VorimError';\n }\n}\n\n// ─── Convenience export ──────────────────────────────────────────────\n\nexport default function createVorim(config: VorimConfig): VorimSDK {\n return new VorimSDK(config);\n}\n\n// Re-export types for consumers\nexport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, AuditEventType, AuditResult,\n PermissionScope, PermissionCheckResult, AgentStatus,\n} from './types.js';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAgBO,IAAM,WAAN,MAAe;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,SAAS,OAAO;AACrB,SAAK,WAAW,OAAO,WAAW,wBAAwB,QAAQ,OAAO,EAAE,IAAI;AAC/E,SAAK,UAAU,OAAO,WAAW;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAuD;AAC3D,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,QAAQ,QAAQ,OAAO,EAAE,CAAC,WAAW;AAAA,MACxE,SAAS,EAAE,cAAc,kBAAkB;AAAA,MAC3C,QAAQ,YAAY,QAAQ,KAAK,OAAO;AAAA,IAC1C,CAAC;AACD,QAAI,CAAC,SAAS,GAAI,OAAM,IAAI,WAAW,SAAS,QAAQ,eAAe,4BAA4B;AACnG,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SAAS,OAAiE;AAC9E,WAAO,KAAK,KAAK,WAAW,KAAK;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAuC;AAClD,WAAO,KAAK,IAAI,iBAAiB,OAAO,EAAE;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAiC;AAC9C,WAAO,KAAK,IAAI,WAAW,OAAO,EAAE;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAW,QAAyG;AACxH,UAAM,KAAK,IAAI,gBAAgB,MAAa,EAAE,SAAS;AACvD,WAAO,KAAK,IAAI,UAAU,KAAK,MAAM,KAAK,EAAE,EAAE;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAiB,SAAmG;AACpI,WAAO,KAAK,MAAM,WAAW,OAAO,IAAI,OAAO;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAgC;AAC3C,UAAM,KAAK,OAAO,WAAW,OAAO,EAAE;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,MAAM,SAAiB,OAAwD;AACnF,WAAO,KAAK,KAAK,WAAW,OAAO,uBAAuB,EAAE,MAAM,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,SAAiB,OAAwB,SAGpC;AACf,WAAO,KAAK,KAAK,WAAW,OAAO,gBAAgB,EAAE,OAAO,GAAG,QAAQ,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAiC;AACrD,WAAO,KAAK,IAAI,WAAW,OAAO,cAAc;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,SAAiB,OAAsC;AAC5E,WAAO,KAAK,OAAO,WAAW,OAAO,gBAAgB,KAAK,EAAE;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,KAAK,OAAuD;AAChE,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,QAA0D;AACxE,WAAO,KAAK,KAAK,iBAAiB,EAAE,OAAO,CAAC;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,MAAc,IAAY,SAAiB,QAAsB;AACjF,WAAO,KAAK,KAAK,iBAAiB,EAAE,MAAM,IAAI,OAAO,CAAC;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAA8B;AAClC,WAAO,KAAK,IAAI,WAAW;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,MAAc,SAAoE;AACnG,WAAO,KAAK,KAAK,aAAa,EAAE,MAAM,GAAG,QAAQ,CAAC;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,OAA8C;AAC/D,WAAO,KAAK,OAAO,aAAa,KAAK,EAAE;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAK,SAAiB,eAAwC;AAClE,QAAI,OAAO,WAAW,QAAQ,WAAW,aAAa;AAEpD,YAAM,UAAU,KAAK,iBAAiB,aAAa;AACnD,YAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,QACzC;AAAA,QAAS;AAAA,QAAS,EAAE,MAAM,UAAU;AAAA,QAAG;AAAA,QAAO,CAAC,MAAM;AAAA,MACvD;AACA,YAAM,YAAY,MAAM,WAAW,OAAO,OAAO;AAAA,QAC/C;AAAA,QAAW;AAAA,QAAK,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,MAClD;AACA,aAAO,WAAW,KAAK,oBAAoB,SAAS,CAAC;AAAA,IACvD,OAAO;AAEL,YAAM,SAAS,MAAM,OAAO,QAAa;AACzC,YAAM,OAAO,OAAO,KAAK,MAAM,OAAO,KAAK,OAAO,GAAG,aAAa;AAClE,aAAO,WAAW,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA,EAIA,MAAc,IAAI,MAA4B;AAC5C,WAAO,KAAK,QAAQ,OAAO,IAAI;AAAA,EACjC;AAAA,EAEA,MAAc,KAAK,MAAc,MAAyB;AACxD,WAAO,KAAK,QAAQ,QAAQ,MAAM,IAAI;AAAA,EACxC;AAAA,EAEA,MAAc,MAAM,MAAc,MAAyB;AACzD,WAAO,KAAK,QAAQ,SAAS,MAAM,IAAI;AAAA,EACzC;AAAA,EAEA,MAAc,OAAO,MAA4B;AAC/C,WAAO,KAAK,QAAQ,UAAU,IAAI;AAAA,EACpC;AAAA,EAEA,MAAc,QAAQ,QAAgB,MAAc,MAA0B;AAC5E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,QACrD;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,UACtC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,IAAI;AAAA,UACR,SAAS;AAAA,UACT,QAAQ,OAAO,QAAQ;AAAA,UACvB,QAAQ,OAAO,WAAW,QAAQ,SAAS,MAAM;AAAA,UACjD,QAAQ,OAAO;AAAA,QACjB;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,UAAE;AACA,mBAAa,SAAS;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,MAAM,IAAI,QAAQ,oBAAoB,EAAE,EAAE,QAAQ,OAAO,EAAE;AACjE,UAAM,SAAS,KAAK,GAAG;AACvB,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,IAChC;AACA,WAAO,MAAM;AAAA,EACf;AAAA,EAEQ,oBAAoB,QAA6B;AACvD,UAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,QAAI,SAAS;AACb,eAAW,QAAQ,OAAO;AACxB,gBAAU,OAAO,aAAa,IAAI;AAAA,IACpC;AACA,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,MAAM;AAAA,EACpC,YACS,QACA,MACP,SACO,SACP;AACA,UAAM,OAAO;AALN;AACA;AAEA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAIe,SAAR,YAA6B,QAA+B;AACjE,SAAO,IAAI,SAAS,MAAM;AAC5B;","names":[]}
1
+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — TypeScript\n// Thin client wrapping the Vorim AI REST API\n// ============================================================================\n\nimport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, PermissionScope, PermissionCheckResult,\n} from './types.js';\n\nexport interface VorimConfig {\n apiKey: string;\n baseUrl?: string;\n timeout?: number;\n}\n\nexport class VorimSDK {\n private apiKey: string;\n private baseUrl: string;\n private timeout: number;\n\n constructor(config: VorimConfig) {\n this.apiKey = config.apiKey;\n this.baseUrl = (config.baseUrl || 'https://api.vorim.ai').replace(/\\/$/, '') + '/v1';\n this.timeout = config.timeout || 10000;\n }\n\n // ─── Health Check ────────────────────────────────────────────────\n\n /**\n * Ping the Vorim API to verify connectivity and API key validity.\n * Returns { status, timestamp } on success, throws VorimError on failure.\n */\n async ping(): Promise<{ status: string; timestamp: string }> {\n const response = await fetch(`${this.baseUrl.replace('/v1', '')}/health`, {\n headers: { 'User-Agent': 'vorim-sdk/2.1.0' },\n signal: AbortSignal.timeout(this.timeout),\n });\n if (!response.ok) throw new VorimError(response.status, 'UNREACHABLE', 'Vorim API is not reachable');\n return response.json() as Promise<{ status: string; timestamp: string }>;\n }\n\n // ─── Agent Identity ────────────────────────────────────────────────\n\n /**\n * Register a new agent with Vorim AI.\n * Returns the agent identity and a private key (shown once).\n */\n async register(input: AgentRegistrationInput): Promise<AgentRegistrationResult> {\n return this.post('/agents', input);\n }\n\n /**\n * Verify an agent's identity via the public Trust API.\n */\n async verify(agentId: string): Promise<TrustRecord> {\n return this.get(`/trust/verify/${agentId}`);\n }\n\n /**\n * Get agent details.\n */\n async getAgent(agentId: string): Promise<Agent> {\n return this.get(`/agents/${agentId}`);\n }\n\n /**\n * List all agents in the organisation.\n */\n async listAgents(params?: { page?: number; per_page?: number; status?: string }): Promise<{ agents: Agent[]; meta: any }> {\n const qs = new URLSearchParams(params as any).toString();\n return this.get(`/agents${qs ? '?' + qs : ''}`);\n }\n\n /**\n * Update an agent's metadata.\n */\n async updateAgent(agentId: string, updates: Partial<Pick<Agent, 'name' | 'description' | 'status' | 'capabilities'>>): Promise<Agent> {\n return this.patch(`/agents/${agentId}`, updates);\n }\n\n /**\n * Revoke an agent (permanent deactivation).\n */\n async revoke(agentId: string): Promise<void> {\n await this.delete(`/agents/${agentId}`);\n }\n\n // ─── Permissions ──────────────────────────────────────────────────\n\n /**\n * Check if an agent has a specific permission scope.\n * Target: < 5ms response via Redis cache.\n */\n async check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult> {\n return this.post(`/agents/${agentId}/permissions/verify`, { scope });\n }\n\n /**\n * Grant a permission scope to an agent.\n */\n async grant(agentId: string, scope: PermissionScope, options?: {\n valid_until?: string;\n rate_limit?: { max: number; window: string };\n }): Promise<any> {\n return this.post(`/agents/${agentId}/permissions`, { scope, ...options });\n }\n\n /**\n * List all active permissions for an agent.\n */\n async listPermissions(agentId: string): Promise<any[]> {\n return this.get(`/agents/${agentId}/permissions`);\n }\n\n /**\n * Revoke a specific permission scope from an agent.\n */\n async revokePermission(agentId: string, scope: PermissionScope): Promise<any> {\n return this.delete(`/agents/${agentId}/permissions/${scope}`);\n }\n\n // ─── Audit ────────────────────────────────────────────────────────\n\n /**\n * Emit an audit event for an agent action.\n */\n async emit(event: AuditEventInput): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events: [event] });\n }\n\n /**\n * Emit a batch of audit events (up to 1,000).\n */\n async emitBatch(events: AuditEventInput[]): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events });\n }\n\n /**\n * Export a signed audit bundle for a date range.\n */\n async exportAudit(from: string, to: string, format: string = 'json'): Promise<any> {\n return this.post('/audit/export', { from, to, format });\n }\n\n // ─── API Keys ──────────────────────────────────────────────────────\n\n /**\n * List all API keys for the organisation.\n */\n async listApiKeys(): Promise<any[]> {\n return this.get('/api-keys');\n }\n\n /**\n * Create a new API key.\n */\n async createApiKey(name: string, options?: { scopes?: string[]; expires_at?: string }): Promise<any> {\n return this.post('/api-keys', { name, ...options });\n }\n\n /**\n * Revoke an API key.\n */\n async deleteApiKey(keyId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/api-keys/${keyId}`);\n }\n\n // ─── Ephemeral Agents ──────────────────────────────────────────────\n\n /**\n * Register an ephemeral agent with W3C did:key identity.\n * The agent auto-expires after the specified TTL.\n */\n async registerEphemeral(input: {\n capabilities: string[];\n scopes: string[];\n ttl_seconds?: number;\n }): Promise<any> {\n return this.post('/agents/ephemeral', input);\n }\n\n // ─── Credential Delegation ──────────────────────────────────────────\n\n /**\n * Register an OAuth provider for credential delegation.\n */\n async registerProvider(input: {\n provider_key: string;\n display_name?: string;\n client_id: string;\n client_secret: string;\n auth_url: string;\n token_url: string;\n revoke_url?: string;\n scopes_available?: string[];\n }): Promise<any> {\n return this.post('/credentials/providers', input);\n }\n\n /**\n * List registered OAuth providers.\n */\n async listProviders(): Promise<any[]> {\n return this.get('/credentials/providers');\n }\n\n /**\n * Store an OAuth connection (user's authorized tokens).\n */\n async storeConnection(input: {\n provider_id: string;\n refresh_token: string;\n scopes_granted: string[];\n external_account_id?: string;\n }): Promise<any> {\n return this.post('/credentials/connections', input);\n }\n\n /**\n * List OAuth connections.\n */\n async listConnections(): Promise<any[]> {\n return this.get('/credentials/connections');\n }\n\n /**\n * Delegate a credential to an agent.\n * The agent will be able to request short-lived access tokens\n * for the delegated scopes without ever seeing the refresh token.\n */\n async delegateCredential(input: {\n connection_id: string;\n agent_id: string;\n scopes_delegated: string[];\n max_requests_per_hr?: number;\n valid_until?: string;\n }): Promise<any> {\n return this.post('/credentials/delegations', input);\n }\n\n /**\n * List credential delegations for the organisation or a specific agent.\n */\n async listDelegations(agentId?: string): Promise<any[]> {\n const params = agentId ? `?agent_id=${agentId}` : '';\n return this.get(`/credentials/delegations${params}`);\n }\n\n /**\n * Revoke a credential delegation (cascades to delegation chains).\n */\n async revokeDelegation(delegationId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/credentials/delegations/${delegationId}`);\n }\n\n /**\n * Request a short-lived access token for an agent.\n * The agent must have an active credential delegation.\n * The refresh token is never exposed — the platform proxies the request.\n */\n async requestToken(input: {\n agent_id: string;\n scope: string;\n provider_id?: string;\n }): Promise<{\n access_token: string;\n token_type: string;\n expires_in: number;\n scope: string;\n delegation_id: string;\n }> {\n return this.post('/credentials/token', input);\n }\n\n // ─── Signing ──────────────────────────────────────────────────────\n\n /**\n * Sign a payload with an Ed25519 private key (client-side).\n * Uses the Web Crypto API or Node.js crypto.\n */\n async sign(payload: string, privateKeyPem: string): Promise<string> {\n if (typeof globalThis.crypto?.subtle !== 'undefined') {\n // Web Crypto API\n const keyData = this.pemToArrayBuffer(privateKeyPem);\n const key = await globalThis.crypto.subtle.importKey(\n 'pkcs8', keyData, { name: 'Ed25519' }, false, ['sign']\n );\n const signature = await globalThis.crypto.subtle.sign(\n 'Ed25519', key, new TextEncoder().encode(payload)\n );\n return `ed25519:${this.arrayBufferToBase64(signature)}`;\n } else {\n // Node.js crypto fallback\n const crypto = await import('node:crypto');\n const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);\n return `ed25519:${sign.toString('base64')}`;\n }\n }\n\n // ─── HTTP Client ──────────────────────────────────────────────────\n\n private async get(path: string): Promise<any> {\n return this.request('GET', path);\n }\n\n private async post(path: string, body: any): Promise<any> {\n return this.request('POST', path, body);\n }\n\n private async patch(path: string, body: any): Promise<any> {\n return this.request('PATCH', path, body);\n }\n\n private async delete(path: string): Promise<any> {\n return this.request('DELETE', path);\n }\n\n private async request(method: string, path: string, body?: any): Promise<any> {\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.apiKey}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'vorim-sdk/2.0.0',\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n if (!response.ok) {\n const errBody = await response.json().catch(() => ({})) as Record<string, any>;\n throw new VorimError(\n response.status,\n errBody.error?.code || 'UNKNOWN_ERROR',\n errBody.error?.message || `HTTP ${response.status}`,\n errBody.error?.details\n );\n }\n\n const json = await response.json() as Record<string, any>;\n return json.data;\n } finally {\n clearTimeout(timeoutId);\n }\n }\n\n private pemToArrayBuffer(pem: string): ArrayBuffer {\n const b64 = pem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, '');\n const binary = atob(b64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n }\n\n private arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary);\n }\n}\n\nexport class VorimError extends Error {\n constructor(\n public status: number,\n public code: string,\n message: string,\n public details?: Record<string, unknown>\n ) {\n super(message);\n this.name = 'VorimError';\n }\n}\n\n// ─── Convenience export ──────────────────────────────────────────────\n\nexport default function createVorim(config: VorimConfig): VorimSDK {\n return new VorimSDK(config);\n}\n\n// Re-export types for consumers\nexport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, AuditEventType, AuditResult,\n PermissionScope, PermissionCheckResult, AgentStatus,\n} from './types.js';\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAgBO,IAAM,WAAN,MAAe;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,SAAS,OAAO;AACrB,SAAK,WAAW,OAAO,WAAW,wBAAwB,QAAQ,OAAO,EAAE,IAAI;AAC/E,SAAK,UAAU,OAAO,WAAW;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAuD;AAC3D,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,QAAQ,QAAQ,OAAO,EAAE,CAAC,WAAW;AAAA,MACxE,SAAS,EAAE,cAAc,kBAAkB;AAAA,MAC3C,QAAQ,YAAY,QAAQ,KAAK,OAAO;AAAA,IAC1C,CAAC;AACD,QAAI,CAAC,SAAS,GAAI,OAAM,IAAI,WAAW,SAAS,QAAQ,eAAe,4BAA4B;AACnG,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SAAS,OAAiE;AAC9E,WAAO,KAAK,KAAK,WAAW,KAAK;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAuC;AAClD,WAAO,KAAK,IAAI,iBAAiB,OAAO,EAAE;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAiC;AAC9C,WAAO,KAAK,IAAI,WAAW,OAAO,EAAE;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAW,QAAyG;AACxH,UAAM,KAAK,IAAI,gBAAgB,MAAa,EAAE,SAAS;AACvD,WAAO,KAAK,IAAI,UAAU,KAAK,MAAM,KAAK,EAAE,EAAE;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAiB,SAAmG;AACpI,WAAO,KAAK,MAAM,WAAW,OAAO,IAAI,OAAO;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAgC;AAC3C,UAAM,KAAK,OAAO,WAAW,OAAO,EAAE;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,MAAM,SAAiB,OAAwD;AACnF,WAAO,KAAK,KAAK,WAAW,OAAO,uBAAuB,EAAE,MAAM,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,SAAiB,OAAwB,SAGpC;AACf,WAAO,KAAK,KAAK,WAAW,OAAO,gBAAgB,EAAE,OAAO,GAAG,QAAQ,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAiC;AACrD,WAAO,KAAK,IAAI,WAAW,OAAO,cAAc;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,SAAiB,OAAsC;AAC5E,WAAO,KAAK,OAAO,WAAW,OAAO,gBAAgB,KAAK,EAAE;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,KAAK,OAAuD;AAChE,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,QAA0D;AACxE,WAAO,KAAK,KAAK,iBAAiB,EAAE,OAAO,CAAC;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,MAAc,IAAY,SAAiB,QAAsB;AACjF,WAAO,KAAK,KAAK,iBAAiB,EAAE,MAAM,IAAI,OAAO,CAAC;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAA8B;AAClC,WAAO,KAAK,IAAI,WAAW;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,MAAc,SAAoE;AACnG,WAAO,KAAK,KAAK,aAAa,EAAE,MAAM,GAAG,QAAQ,CAAC;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,OAA8C;AAC/D,WAAO,KAAK,OAAO,aAAa,KAAK,EAAE;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,kBAAkB,OAIP;AACf,WAAO,KAAK,KAAK,qBAAqB,KAAK;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,iBAAiB,OASN;AACf,WAAO,KAAK,KAAK,0BAA0B,KAAK;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgC;AACpC,WAAO,KAAK,IAAI,wBAAwB;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,OAKL;AACf,WAAO,KAAK,KAAK,4BAA4B,KAAK;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,kBAAkC;AACtC,WAAO,KAAK,IAAI,0BAA0B;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,mBAAmB,OAMR;AACf,WAAO,KAAK,KAAK,4BAA4B,KAAK;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAkC;AACtD,UAAM,SAAS,UAAU,aAAa,OAAO,KAAK;AAClD,WAAO,KAAK,IAAI,2BAA2B,MAAM,EAAE;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,cAAqD;AAC1E,WAAO,KAAK,OAAO,4BAA4B,YAAY,EAAE;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa,OAUhB;AACD,WAAO,KAAK,KAAK,sBAAsB,KAAK;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAK,SAAiB,eAAwC;AAClE,QAAI,OAAO,WAAW,QAAQ,WAAW,aAAa;AAEpD,YAAM,UAAU,KAAK,iBAAiB,aAAa;AACnD,YAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,QACzC;AAAA,QAAS;AAAA,QAAS,EAAE,MAAM,UAAU;AAAA,QAAG;AAAA,QAAO,CAAC,MAAM;AAAA,MACvD;AACA,YAAM,YAAY,MAAM,WAAW,OAAO,OAAO;AAAA,QAC/C;AAAA,QAAW;AAAA,QAAK,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,MAClD;AACA,aAAO,WAAW,KAAK,oBAAoB,SAAS,CAAC;AAAA,IACvD,OAAO;AAEL,YAAM,SAAS,MAAM,OAAO,QAAa;AACzC,YAAM,OAAO,OAAO,KAAK,MAAM,OAAO,KAAK,OAAO,GAAG,aAAa;AAClE,aAAO,WAAW,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA,EAIA,MAAc,IAAI,MAA4B;AAC5C,WAAO,KAAK,QAAQ,OAAO,IAAI;AAAA,EACjC;AAAA,EAEA,MAAc,KAAK,MAAc,MAAyB;AACxD,WAAO,KAAK,QAAQ,QAAQ,MAAM,IAAI;AAAA,EACxC;AAAA,EAEA,MAAc,MAAM,MAAc,MAAyB;AACzD,WAAO,KAAK,QAAQ,SAAS,MAAM,IAAI;AAAA,EACzC;AAAA,EAEA,MAAc,OAAO,MAA4B;AAC/C,WAAO,KAAK,QAAQ,UAAU,IAAI;AAAA,EACpC;AAAA,EAEA,MAAc,QAAQ,QAAgB,MAAc,MAA0B;AAC5E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,QACrD;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,UACtC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,IAAI;AAAA,UACR,SAAS;AAAA,UACT,QAAQ,OAAO,QAAQ;AAAA,UACvB,QAAQ,OAAO,WAAW,QAAQ,SAAS,MAAM;AAAA,UACjD,QAAQ,OAAO;AAAA,QACjB;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,UAAE;AACA,mBAAa,SAAS;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,MAAM,IAAI,QAAQ,oBAAoB,EAAE,EAAE,QAAQ,OAAO,EAAE;AACjE,UAAM,SAAS,KAAK,GAAG;AACvB,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,IAChC;AACA,WAAO,MAAM;AAAA,EACf;AAAA,EAEQ,oBAAoB,QAA6B;AACvD,UAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,QAAI,SAAS;AACb,eAAW,QAAQ,OAAO;AACxB,gBAAU,OAAO,aAAa,IAAI;AAAA,IACpC;AACA,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,MAAM;AAAA,EACpC,YACS,QACA,MACP,SACO,SACP;AACA,UAAM,OAAO;AALN;AACA;AAEA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAIe,SAAR,YAA6B,QAA+B;AACjE,SAAO,IAAI,SAAS,MAAM;AAC5B;","names":[]}
package/dist/index.d.cts CHANGED
@@ -174,6 +174,83 @@ declare class VorimSDK {
174
174
  deleteApiKey(keyId: string): Promise<{
175
175
  revoked: boolean;
176
176
  }>;
177
+ /**
178
+ * Register an ephemeral agent with W3C did:key identity.
179
+ * The agent auto-expires after the specified TTL.
180
+ */
181
+ registerEphemeral(input: {
182
+ capabilities: string[];
183
+ scopes: string[];
184
+ ttl_seconds?: number;
185
+ }): Promise<any>;
186
+ /**
187
+ * Register an OAuth provider for credential delegation.
188
+ */
189
+ registerProvider(input: {
190
+ provider_key: string;
191
+ display_name?: string;
192
+ client_id: string;
193
+ client_secret: string;
194
+ auth_url: string;
195
+ token_url: string;
196
+ revoke_url?: string;
197
+ scopes_available?: string[];
198
+ }): Promise<any>;
199
+ /**
200
+ * List registered OAuth providers.
201
+ */
202
+ listProviders(): Promise<any[]>;
203
+ /**
204
+ * Store an OAuth connection (user's authorized tokens).
205
+ */
206
+ storeConnection(input: {
207
+ provider_id: string;
208
+ refresh_token: string;
209
+ scopes_granted: string[];
210
+ external_account_id?: string;
211
+ }): Promise<any>;
212
+ /**
213
+ * List OAuth connections.
214
+ */
215
+ listConnections(): Promise<any[]>;
216
+ /**
217
+ * Delegate a credential to an agent.
218
+ * The agent will be able to request short-lived access tokens
219
+ * for the delegated scopes without ever seeing the refresh token.
220
+ */
221
+ delegateCredential(input: {
222
+ connection_id: string;
223
+ agent_id: string;
224
+ scopes_delegated: string[];
225
+ max_requests_per_hr?: number;
226
+ valid_until?: string;
227
+ }): Promise<any>;
228
+ /**
229
+ * List credential delegations for the organisation or a specific agent.
230
+ */
231
+ listDelegations(agentId?: string): Promise<any[]>;
232
+ /**
233
+ * Revoke a credential delegation (cascades to delegation chains).
234
+ */
235
+ revokeDelegation(delegationId: string): Promise<{
236
+ revoked: boolean;
237
+ }>;
238
+ /**
239
+ * Request a short-lived access token for an agent.
240
+ * The agent must have an active credential delegation.
241
+ * The refresh token is never exposed — the platform proxies the request.
242
+ */
243
+ requestToken(input: {
244
+ agent_id: string;
245
+ scope: string;
246
+ provider_id?: string;
247
+ }): Promise<{
248
+ access_token: string;
249
+ token_type: string;
250
+ expires_in: number;
251
+ scope: string;
252
+ delegation_id: string;
253
+ }>;
177
254
  /**
178
255
  * Sign a payload with an Ed25519 private key (client-side).
179
256
  * Uses the Web Crypto API or Node.js crypto.
package/dist/index.d.ts CHANGED
@@ -174,6 +174,83 @@ declare class VorimSDK {
174
174
  deleteApiKey(keyId: string): Promise<{
175
175
  revoked: boolean;
176
176
  }>;
177
+ /**
178
+ * Register an ephemeral agent with W3C did:key identity.
179
+ * The agent auto-expires after the specified TTL.
180
+ */
181
+ registerEphemeral(input: {
182
+ capabilities: string[];
183
+ scopes: string[];
184
+ ttl_seconds?: number;
185
+ }): Promise<any>;
186
+ /**
187
+ * Register an OAuth provider for credential delegation.
188
+ */
189
+ registerProvider(input: {
190
+ provider_key: string;
191
+ display_name?: string;
192
+ client_id: string;
193
+ client_secret: string;
194
+ auth_url: string;
195
+ token_url: string;
196
+ revoke_url?: string;
197
+ scopes_available?: string[];
198
+ }): Promise<any>;
199
+ /**
200
+ * List registered OAuth providers.
201
+ */
202
+ listProviders(): Promise<any[]>;
203
+ /**
204
+ * Store an OAuth connection (user's authorized tokens).
205
+ */
206
+ storeConnection(input: {
207
+ provider_id: string;
208
+ refresh_token: string;
209
+ scopes_granted: string[];
210
+ external_account_id?: string;
211
+ }): Promise<any>;
212
+ /**
213
+ * List OAuth connections.
214
+ */
215
+ listConnections(): Promise<any[]>;
216
+ /**
217
+ * Delegate a credential to an agent.
218
+ * The agent will be able to request short-lived access tokens
219
+ * for the delegated scopes without ever seeing the refresh token.
220
+ */
221
+ delegateCredential(input: {
222
+ connection_id: string;
223
+ agent_id: string;
224
+ scopes_delegated: string[];
225
+ max_requests_per_hr?: number;
226
+ valid_until?: string;
227
+ }): Promise<any>;
228
+ /**
229
+ * List credential delegations for the organisation or a specific agent.
230
+ */
231
+ listDelegations(agentId?: string): Promise<any[]>;
232
+ /**
233
+ * Revoke a credential delegation (cascades to delegation chains).
234
+ */
235
+ revokeDelegation(delegationId: string): Promise<{
236
+ revoked: boolean;
237
+ }>;
238
+ /**
239
+ * Request a short-lived access token for an agent.
240
+ * The agent must have an active credential delegation.
241
+ * The refresh token is never exposed — the platform proxies the request.
242
+ */
243
+ requestToken(input: {
244
+ agent_id: string;
245
+ scope: string;
246
+ provider_id?: string;
247
+ }): Promise<{
248
+ access_token: string;
249
+ token_type: string;
250
+ expires_in: number;
251
+ scope: string;
252
+ delegation_id: string;
253
+ }>;
177
254
  /**
178
255
  * Sign a payload with an Ed25519 private key (client-side).
179
256
  * Uses the Web Crypto API or Node.js crypto.
package/dist/index.js CHANGED
@@ -124,6 +124,68 @@ var VorimSDK = class {
124
124
  async deleteApiKey(keyId) {
125
125
  return this.delete(`/api-keys/${keyId}`);
126
126
  }
127
+ // ─── Ephemeral Agents ──────────────────────────────────────────────
128
+ /**
129
+ * Register an ephemeral agent with W3C did:key identity.
130
+ * The agent auto-expires after the specified TTL.
131
+ */
132
+ async registerEphemeral(input) {
133
+ return this.post("/agents/ephemeral", input);
134
+ }
135
+ // ─── Credential Delegation ──────────────────────────────────────────
136
+ /**
137
+ * Register an OAuth provider for credential delegation.
138
+ */
139
+ async registerProvider(input) {
140
+ return this.post("/credentials/providers", input);
141
+ }
142
+ /**
143
+ * List registered OAuth providers.
144
+ */
145
+ async listProviders() {
146
+ return this.get("/credentials/providers");
147
+ }
148
+ /**
149
+ * Store an OAuth connection (user's authorized tokens).
150
+ */
151
+ async storeConnection(input) {
152
+ return this.post("/credentials/connections", input);
153
+ }
154
+ /**
155
+ * List OAuth connections.
156
+ */
157
+ async listConnections() {
158
+ return this.get("/credentials/connections");
159
+ }
160
+ /**
161
+ * Delegate a credential to an agent.
162
+ * The agent will be able to request short-lived access tokens
163
+ * for the delegated scopes without ever seeing the refresh token.
164
+ */
165
+ async delegateCredential(input) {
166
+ return this.post("/credentials/delegations", input);
167
+ }
168
+ /**
169
+ * List credential delegations for the organisation or a specific agent.
170
+ */
171
+ async listDelegations(agentId) {
172
+ const params = agentId ? `?agent_id=${agentId}` : "";
173
+ return this.get(`/credentials/delegations${params}`);
174
+ }
175
+ /**
176
+ * Revoke a credential delegation (cascades to delegation chains).
177
+ */
178
+ async revokeDelegation(delegationId) {
179
+ return this.delete(`/credentials/delegations/${delegationId}`);
180
+ }
181
+ /**
182
+ * Request a short-lived access token for an agent.
183
+ * The agent must have an active credential delegation.
184
+ * The refresh token is never exposed — the platform proxies the request.
185
+ */
186
+ async requestToken(input) {
187
+ return this.post("/credentials/token", input);
188
+ }
127
189
  // ─── Signing ──────────────────────────────────────────────────────
128
190
  /**
129
191
  * Sign a payload with an Ed25519 private key (client-side).
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — TypeScript\n// Thin client wrapping the Vorim AI REST API\n// ============================================================================\n\nimport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, PermissionScope, PermissionCheckResult,\n} from './types.js';\n\nexport interface VorimConfig {\n apiKey: string;\n baseUrl?: string;\n timeout?: number;\n}\n\nexport class VorimSDK {\n private apiKey: string;\n private baseUrl: string;\n private timeout: number;\n\n constructor(config: VorimConfig) {\n this.apiKey = config.apiKey;\n this.baseUrl = (config.baseUrl || 'https://api.vorim.ai').replace(/\\/$/, '') + '/v1';\n this.timeout = config.timeout || 10000;\n }\n\n // ─── Health Check ────────────────────────────────────────────────\n\n /**\n * Ping the Vorim API to verify connectivity and API key validity.\n * Returns { status, timestamp } on success, throws VorimError on failure.\n */\n async ping(): Promise<{ status: string; timestamp: string }> {\n const response = await fetch(`${this.baseUrl.replace('/v1', '')}/health`, {\n headers: { 'User-Agent': 'vorim-sdk/2.1.0' },\n signal: AbortSignal.timeout(this.timeout),\n });\n if (!response.ok) throw new VorimError(response.status, 'UNREACHABLE', 'Vorim API is not reachable');\n return response.json() as Promise<{ status: string; timestamp: string }>;\n }\n\n // ─── Agent Identity ────────────────────────────────────────────────\n\n /**\n * Register a new agent with Vorim AI.\n * Returns the agent identity and a private key (shown once).\n */\n async register(input: AgentRegistrationInput): Promise<AgentRegistrationResult> {\n return this.post('/agents', input);\n }\n\n /**\n * Verify an agent's identity via the public Trust API.\n */\n async verify(agentId: string): Promise<TrustRecord> {\n return this.get(`/trust/verify/${agentId}`);\n }\n\n /**\n * Get agent details.\n */\n async getAgent(agentId: string): Promise<Agent> {\n return this.get(`/agents/${agentId}`);\n }\n\n /**\n * List all agents in the organisation.\n */\n async listAgents(params?: { page?: number; per_page?: number; status?: string }): Promise<{ agents: Agent[]; meta: any }> {\n const qs = new URLSearchParams(params as any).toString();\n return this.get(`/agents${qs ? '?' + qs : ''}`);\n }\n\n /**\n * Update an agent's metadata.\n */\n async updateAgent(agentId: string, updates: Partial<Pick<Agent, 'name' | 'description' | 'status' | 'capabilities'>>): Promise<Agent> {\n return this.patch(`/agents/${agentId}`, updates);\n }\n\n /**\n * Revoke an agent (permanent deactivation).\n */\n async revoke(agentId: string): Promise<void> {\n await this.delete(`/agents/${agentId}`);\n }\n\n // ─── Permissions ──────────────────────────────────────────────────\n\n /**\n * Check if an agent has a specific permission scope.\n * Target: < 5ms response via Redis cache.\n */\n async check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult> {\n return this.post(`/agents/${agentId}/permissions/verify`, { scope });\n }\n\n /**\n * Grant a permission scope to an agent.\n */\n async grant(agentId: string, scope: PermissionScope, options?: {\n valid_until?: string;\n rate_limit?: { max: number; window: string };\n }): Promise<any> {\n return this.post(`/agents/${agentId}/permissions`, { scope, ...options });\n }\n\n /**\n * List all active permissions for an agent.\n */\n async listPermissions(agentId: string): Promise<any[]> {\n return this.get(`/agents/${agentId}/permissions`);\n }\n\n /**\n * Revoke a specific permission scope from an agent.\n */\n async revokePermission(agentId: string, scope: PermissionScope): Promise<any> {\n return this.delete(`/agents/${agentId}/permissions/${scope}`);\n }\n\n // ─── Audit ────────────────────────────────────────────────────────\n\n /**\n * Emit an audit event for an agent action.\n */\n async emit(event: AuditEventInput): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events: [event] });\n }\n\n /**\n * Emit a batch of audit events (up to 1,000).\n */\n async emitBatch(events: AuditEventInput[]): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events });\n }\n\n /**\n * Export a signed audit bundle for a date range.\n */\n async exportAudit(from: string, to: string, format: string = 'json'): Promise<any> {\n return this.post('/audit/export', { from, to, format });\n }\n\n // ─── API Keys ──────────────────────────────────────────────────────\n\n /**\n * List all API keys for the organisation.\n */\n async listApiKeys(): Promise<any[]> {\n return this.get('/api-keys');\n }\n\n /**\n * Create a new API key.\n */\n async createApiKey(name: string, options?: { scopes?: string[]; expires_at?: string }): Promise<any> {\n return this.post('/api-keys', { name, ...options });\n }\n\n /**\n * Revoke an API key.\n */\n async deleteApiKey(keyId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/api-keys/${keyId}`);\n }\n\n // ─── Signing ──────────────────────────────────────────────────────\n\n /**\n * Sign a payload with an Ed25519 private key (client-side).\n * Uses the Web Crypto API or Node.js crypto.\n */\n async sign(payload: string, privateKeyPem: string): Promise<string> {\n if (typeof globalThis.crypto?.subtle !== 'undefined') {\n // Web Crypto API\n const keyData = this.pemToArrayBuffer(privateKeyPem);\n const key = await globalThis.crypto.subtle.importKey(\n 'pkcs8', keyData, { name: 'Ed25519' }, false, ['sign']\n );\n const signature = await globalThis.crypto.subtle.sign(\n 'Ed25519', key, new TextEncoder().encode(payload)\n );\n return `ed25519:${this.arrayBufferToBase64(signature)}`;\n } else {\n // Node.js crypto fallback\n const crypto = await import('node:crypto');\n const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);\n return `ed25519:${sign.toString('base64')}`;\n }\n }\n\n // ─── HTTP Client ──────────────────────────────────────────────────\n\n private async get(path: string): Promise<any> {\n return this.request('GET', path);\n }\n\n private async post(path: string, body: any): Promise<any> {\n return this.request('POST', path, body);\n }\n\n private async patch(path: string, body: any): Promise<any> {\n return this.request('PATCH', path, body);\n }\n\n private async delete(path: string): Promise<any> {\n return this.request('DELETE', path);\n }\n\n private async request(method: string, path: string, body?: any): Promise<any> {\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.apiKey}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'vorim-sdk/2.0.0',\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n if (!response.ok) {\n const errBody = await response.json().catch(() => ({})) as Record<string, any>;\n throw new VorimError(\n response.status,\n errBody.error?.code || 'UNKNOWN_ERROR',\n errBody.error?.message || `HTTP ${response.status}`,\n errBody.error?.details\n );\n }\n\n const json = await response.json() as Record<string, any>;\n return json.data;\n } finally {\n clearTimeout(timeoutId);\n }\n }\n\n private pemToArrayBuffer(pem: string): ArrayBuffer {\n const b64 = pem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, '');\n const binary = atob(b64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n }\n\n private arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary);\n }\n}\n\nexport class VorimError extends Error {\n constructor(\n public status: number,\n public code: string,\n message: string,\n public details?: Record<string, unknown>\n ) {\n super(message);\n this.name = 'VorimError';\n }\n}\n\n// ─── Convenience export ──────────────────────────────────────────────\n\nexport default function createVorim(config: VorimConfig): VorimSDK {\n return new VorimSDK(config);\n}\n\n// Re-export types for consumers\nexport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, AuditEventType, AuditResult,\n PermissionScope, PermissionCheckResult, AgentStatus,\n} from './types.js';\n"],"mappings":";AAgBO,IAAM,WAAN,MAAe;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,SAAS,OAAO;AACrB,SAAK,WAAW,OAAO,WAAW,wBAAwB,QAAQ,OAAO,EAAE,IAAI;AAC/E,SAAK,UAAU,OAAO,WAAW;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAuD;AAC3D,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,QAAQ,QAAQ,OAAO,EAAE,CAAC,WAAW;AAAA,MACxE,SAAS,EAAE,cAAc,kBAAkB;AAAA,MAC3C,QAAQ,YAAY,QAAQ,KAAK,OAAO;AAAA,IAC1C,CAAC;AACD,QAAI,CAAC,SAAS,GAAI,OAAM,IAAI,WAAW,SAAS,QAAQ,eAAe,4BAA4B;AACnG,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SAAS,OAAiE;AAC9E,WAAO,KAAK,KAAK,WAAW,KAAK;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAuC;AAClD,WAAO,KAAK,IAAI,iBAAiB,OAAO,EAAE;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAiC;AAC9C,WAAO,KAAK,IAAI,WAAW,OAAO,EAAE;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAW,QAAyG;AACxH,UAAM,KAAK,IAAI,gBAAgB,MAAa,EAAE,SAAS;AACvD,WAAO,KAAK,IAAI,UAAU,KAAK,MAAM,KAAK,EAAE,EAAE;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAiB,SAAmG;AACpI,WAAO,KAAK,MAAM,WAAW,OAAO,IAAI,OAAO;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAgC;AAC3C,UAAM,KAAK,OAAO,WAAW,OAAO,EAAE;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,MAAM,SAAiB,OAAwD;AACnF,WAAO,KAAK,KAAK,WAAW,OAAO,uBAAuB,EAAE,MAAM,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,SAAiB,OAAwB,SAGpC;AACf,WAAO,KAAK,KAAK,WAAW,OAAO,gBAAgB,EAAE,OAAO,GAAG,QAAQ,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAiC;AACrD,WAAO,KAAK,IAAI,WAAW,OAAO,cAAc;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,SAAiB,OAAsC;AAC5E,WAAO,KAAK,OAAO,WAAW,OAAO,gBAAgB,KAAK,EAAE;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,KAAK,OAAuD;AAChE,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,QAA0D;AACxE,WAAO,KAAK,KAAK,iBAAiB,EAAE,OAAO,CAAC;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,MAAc,IAAY,SAAiB,QAAsB;AACjF,WAAO,KAAK,KAAK,iBAAiB,EAAE,MAAM,IAAI,OAAO,CAAC;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAA8B;AAClC,WAAO,KAAK,IAAI,WAAW;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,MAAc,SAAoE;AACnG,WAAO,KAAK,KAAK,aAAa,EAAE,MAAM,GAAG,QAAQ,CAAC;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,OAA8C;AAC/D,WAAO,KAAK,OAAO,aAAa,KAAK,EAAE;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAK,SAAiB,eAAwC;AAClE,QAAI,OAAO,WAAW,QAAQ,WAAW,aAAa;AAEpD,YAAM,UAAU,KAAK,iBAAiB,aAAa;AACnD,YAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,QACzC;AAAA,QAAS;AAAA,QAAS,EAAE,MAAM,UAAU;AAAA,QAAG;AAAA,QAAO,CAAC,MAAM;AAAA,MACvD;AACA,YAAM,YAAY,MAAM,WAAW,OAAO,OAAO;AAAA,QAC/C;AAAA,QAAW;AAAA,QAAK,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,MAClD;AACA,aAAO,WAAW,KAAK,oBAAoB,SAAS,CAAC;AAAA,IACvD,OAAO;AAEL,YAAM,SAAS,MAAM,OAAO,QAAa;AACzC,YAAM,OAAO,OAAO,KAAK,MAAM,OAAO,KAAK,OAAO,GAAG,aAAa;AAClE,aAAO,WAAW,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA,EAIA,MAAc,IAAI,MAA4B;AAC5C,WAAO,KAAK,QAAQ,OAAO,IAAI;AAAA,EACjC;AAAA,EAEA,MAAc,KAAK,MAAc,MAAyB;AACxD,WAAO,KAAK,QAAQ,QAAQ,MAAM,IAAI;AAAA,EACxC;AAAA,EAEA,MAAc,MAAM,MAAc,MAAyB;AACzD,WAAO,KAAK,QAAQ,SAAS,MAAM,IAAI;AAAA,EACzC;AAAA,EAEA,MAAc,OAAO,MAA4B;AAC/C,WAAO,KAAK,QAAQ,UAAU,IAAI;AAAA,EACpC;AAAA,EAEA,MAAc,QAAQ,QAAgB,MAAc,MAA0B;AAC5E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,QACrD;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,UACtC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,IAAI;AAAA,UACR,SAAS;AAAA,UACT,QAAQ,OAAO,QAAQ;AAAA,UACvB,QAAQ,OAAO,WAAW,QAAQ,SAAS,MAAM;AAAA,UACjD,QAAQ,OAAO;AAAA,QACjB;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,UAAE;AACA,mBAAa,SAAS;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,MAAM,IAAI,QAAQ,oBAAoB,EAAE,EAAE,QAAQ,OAAO,EAAE;AACjE,UAAM,SAAS,KAAK,GAAG;AACvB,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,IAChC;AACA,WAAO,MAAM;AAAA,EACf;AAAA,EAEQ,oBAAoB,QAA6B;AACvD,UAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,QAAI,SAAS;AACb,eAAW,QAAQ,OAAO;AACxB,gBAAU,OAAO,aAAa,IAAI;AAAA,IACpC;AACA,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,MAAM;AAAA,EACpC,YACS,QACA,MACP,SACO,SACP;AACA,UAAM,OAAO;AALN;AACA;AAEA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAIe,SAAR,YAA6B,QAA+B;AACjE,SAAO,IAAI,SAAS,MAAM;AAC5B;","names":[]}
1
+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — TypeScript\n// Thin client wrapping the Vorim AI REST API\n// ============================================================================\n\nimport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, PermissionScope, PermissionCheckResult,\n} from './types.js';\n\nexport interface VorimConfig {\n apiKey: string;\n baseUrl?: string;\n timeout?: number;\n}\n\nexport class VorimSDK {\n private apiKey: string;\n private baseUrl: string;\n private timeout: number;\n\n constructor(config: VorimConfig) {\n this.apiKey = config.apiKey;\n this.baseUrl = (config.baseUrl || 'https://api.vorim.ai').replace(/\\/$/, '') + '/v1';\n this.timeout = config.timeout || 10000;\n }\n\n // ─── Health Check ────────────────────────────────────────────────\n\n /**\n * Ping the Vorim API to verify connectivity and API key validity.\n * Returns { status, timestamp } on success, throws VorimError on failure.\n */\n async ping(): Promise<{ status: string; timestamp: string }> {\n const response = await fetch(`${this.baseUrl.replace('/v1', '')}/health`, {\n headers: { 'User-Agent': 'vorim-sdk/2.1.0' },\n signal: AbortSignal.timeout(this.timeout),\n });\n if (!response.ok) throw new VorimError(response.status, 'UNREACHABLE', 'Vorim API is not reachable');\n return response.json() as Promise<{ status: string; timestamp: string }>;\n }\n\n // ─── Agent Identity ────────────────────────────────────────────────\n\n /**\n * Register a new agent with Vorim AI.\n * Returns the agent identity and a private key (shown once).\n */\n async register(input: AgentRegistrationInput): Promise<AgentRegistrationResult> {\n return this.post('/agents', input);\n }\n\n /**\n * Verify an agent's identity via the public Trust API.\n */\n async verify(agentId: string): Promise<TrustRecord> {\n return this.get(`/trust/verify/${agentId}`);\n }\n\n /**\n * Get agent details.\n */\n async getAgent(agentId: string): Promise<Agent> {\n return this.get(`/agents/${agentId}`);\n }\n\n /**\n * List all agents in the organisation.\n */\n async listAgents(params?: { page?: number; per_page?: number; status?: string }): Promise<{ agents: Agent[]; meta: any }> {\n const qs = new URLSearchParams(params as any).toString();\n return this.get(`/agents${qs ? '?' + qs : ''}`);\n }\n\n /**\n * Update an agent's metadata.\n */\n async updateAgent(agentId: string, updates: Partial<Pick<Agent, 'name' | 'description' | 'status' | 'capabilities'>>): Promise<Agent> {\n return this.patch(`/agents/${agentId}`, updates);\n }\n\n /**\n * Revoke an agent (permanent deactivation).\n */\n async revoke(agentId: string): Promise<void> {\n await this.delete(`/agents/${agentId}`);\n }\n\n // ─── Permissions ──────────────────────────────────────────────────\n\n /**\n * Check if an agent has a specific permission scope.\n * Target: < 5ms response via Redis cache.\n */\n async check(agentId: string, scope: PermissionScope): Promise<PermissionCheckResult> {\n return this.post(`/agents/${agentId}/permissions/verify`, { scope });\n }\n\n /**\n * Grant a permission scope to an agent.\n */\n async grant(agentId: string, scope: PermissionScope, options?: {\n valid_until?: string;\n rate_limit?: { max: number; window: string };\n }): Promise<any> {\n return this.post(`/agents/${agentId}/permissions`, { scope, ...options });\n }\n\n /**\n * List all active permissions for an agent.\n */\n async listPermissions(agentId: string): Promise<any[]> {\n return this.get(`/agents/${agentId}/permissions`);\n }\n\n /**\n * Revoke a specific permission scope from an agent.\n */\n async revokePermission(agentId: string, scope: PermissionScope): Promise<any> {\n return this.delete(`/agents/${agentId}/permissions/${scope}`);\n }\n\n // ─── Audit ────────────────────────────────────────────────────────\n\n /**\n * Emit an audit event for an agent action.\n */\n async emit(event: AuditEventInput): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events: [event] });\n }\n\n /**\n * Emit a batch of audit events (up to 1,000).\n */\n async emitBatch(events: AuditEventInput[]): Promise<{ ingested: number }> {\n return this.post('/audit/events', { events });\n }\n\n /**\n * Export a signed audit bundle for a date range.\n */\n async exportAudit(from: string, to: string, format: string = 'json'): Promise<any> {\n return this.post('/audit/export', { from, to, format });\n }\n\n // ─── API Keys ──────────────────────────────────────────────────────\n\n /**\n * List all API keys for the organisation.\n */\n async listApiKeys(): Promise<any[]> {\n return this.get('/api-keys');\n }\n\n /**\n * Create a new API key.\n */\n async createApiKey(name: string, options?: { scopes?: string[]; expires_at?: string }): Promise<any> {\n return this.post('/api-keys', { name, ...options });\n }\n\n /**\n * Revoke an API key.\n */\n async deleteApiKey(keyId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/api-keys/${keyId}`);\n }\n\n // ─── Ephemeral Agents ──────────────────────────────────────────────\n\n /**\n * Register an ephemeral agent with W3C did:key identity.\n * The agent auto-expires after the specified TTL.\n */\n async registerEphemeral(input: {\n capabilities: string[];\n scopes: string[];\n ttl_seconds?: number;\n }): Promise<any> {\n return this.post('/agents/ephemeral', input);\n }\n\n // ─── Credential Delegation ──────────────────────────────────────────\n\n /**\n * Register an OAuth provider for credential delegation.\n */\n async registerProvider(input: {\n provider_key: string;\n display_name?: string;\n client_id: string;\n client_secret: string;\n auth_url: string;\n token_url: string;\n revoke_url?: string;\n scopes_available?: string[];\n }): Promise<any> {\n return this.post('/credentials/providers', input);\n }\n\n /**\n * List registered OAuth providers.\n */\n async listProviders(): Promise<any[]> {\n return this.get('/credentials/providers');\n }\n\n /**\n * Store an OAuth connection (user's authorized tokens).\n */\n async storeConnection(input: {\n provider_id: string;\n refresh_token: string;\n scopes_granted: string[];\n external_account_id?: string;\n }): Promise<any> {\n return this.post('/credentials/connections', input);\n }\n\n /**\n * List OAuth connections.\n */\n async listConnections(): Promise<any[]> {\n return this.get('/credentials/connections');\n }\n\n /**\n * Delegate a credential to an agent.\n * The agent will be able to request short-lived access tokens\n * for the delegated scopes without ever seeing the refresh token.\n */\n async delegateCredential(input: {\n connection_id: string;\n agent_id: string;\n scopes_delegated: string[];\n max_requests_per_hr?: number;\n valid_until?: string;\n }): Promise<any> {\n return this.post('/credentials/delegations', input);\n }\n\n /**\n * List credential delegations for the organisation or a specific agent.\n */\n async listDelegations(agentId?: string): Promise<any[]> {\n const params = agentId ? `?agent_id=${agentId}` : '';\n return this.get(`/credentials/delegations${params}`);\n }\n\n /**\n * Revoke a credential delegation (cascades to delegation chains).\n */\n async revokeDelegation(delegationId: string): Promise<{ revoked: boolean }> {\n return this.delete(`/credentials/delegations/${delegationId}`);\n }\n\n /**\n * Request a short-lived access token for an agent.\n * The agent must have an active credential delegation.\n * The refresh token is never exposed — the platform proxies the request.\n */\n async requestToken(input: {\n agent_id: string;\n scope: string;\n provider_id?: string;\n }): Promise<{\n access_token: string;\n token_type: string;\n expires_in: number;\n scope: string;\n delegation_id: string;\n }> {\n return this.post('/credentials/token', input);\n }\n\n // ─── Signing ──────────────────────────────────────────────────────\n\n /**\n * Sign a payload with an Ed25519 private key (client-side).\n * Uses the Web Crypto API or Node.js crypto.\n */\n async sign(payload: string, privateKeyPem: string): Promise<string> {\n if (typeof globalThis.crypto?.subtle !== 'undefined') {\n // Web Crypto API\n const keyData = this.pemToArrayBuffer(privateKeyPem);\n const key = await globalThis.crypto.subtle.importKey(\n 'pkcs8', keyData, { name: 'Ed25519' }, false, ['sign']\n );\n const signature = await globalThis.crypto.subtle.sign(\n 'Ed25519', key, new TextEncoder().encode(payload)\n );\n return `ed25519:${this.arrayBufferToBase64(signature)}`;\n } else {\n // Node.js crypto fallback\n const crypto = await import('node:crypto');\n const sign = crypto.sign(null, Buffer.from(payload), privateKeyPem);\n return `ed25519:${sign.toString('base64')}`;\n }\n }\n\n // ─── HTTP Client ──────────────────────────────────────────────────\n\n private async get(path: string): Promise<any> {\n return this.request('GET', path);\n }\n\n private async post(path: string, body: any): Promise<any> {\n return this.request('POST', path, body);\n }\n\n private async patch(path: string, body: any): Promise<any> {\n return this.request('PATCH', path, body);\n }\n\n private async delete(path: string): Promise<any> {\n return this.request('DELETE', path);\n }\n\n private async request(method: string, path: string, body?: any): Promise<any> {\n const controller = new AbortController();\n const timeoutId = setTimeout(() => controller.abort(), this.timeout);\n\n try {\n const response = await fetch(`${this.baseUrl}${path}`, {\n method,\n headers: {\n 'Authorization': `Bearer ${this.apiKey}`,\n 'Content-Type': 'application/json',\n 'User-Agent': 'vorim-sdk/2.0.0',\n },\n body: body ? JSON.stringify(body) : undefined,\n signal: controller.signal,\n });\n\n if (!response.ok) {\n const errBody = await response.json().catch(() => ({})) as Record<string, any>;\n throw new VorimError(\n response.status,\n errBody.error?.code || 'UNKNOWN_ERROR',\n errBody.error?.message || `HTTP ${response.status}`,\n errBody.error?.details\n );\n }\n\n const json = await response.json() as Record<string, any>;\n return json.data;\n } finally {\n clearTimeout(timeoutId);\n }\n }\n\n private pemToArrayBuffer(pem: string): ArrayBuffer {\n const b64 = pem.replace(/-----[^-]+-----/g, '').replace(/\\s/g, '');\n const binary = atob(b64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n }\n\n private arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (const byte of bytes) {\n binary += String.fromCharCode(byte);\n }\n return btoa(binary);\n }\n}\n\nexport class VorimError extends Error {\n constructor(\n public status: number,\n public code: string,\n message: string,\n public details?: Record<string, unknown>\n ) {\n super(message);\n this.name = 'VorimError';\n }\n}\n\n// ─── Convenience export ──────────────────────────────────────────────\n\nexport default function createVorim(config: VorimConfig): VorimSDK {\n return new VorimSDK(config);\n}\n\n// Re-export types for consumers\nexport type {\n Agent, AgentRegistrationInput, AgentRegistrationResult,\n TrustRecord, AuditEventInput, AuditEventType, AuditResult,\n PermissionScope, PermissionCheckResult, AgentStatus,\n} from './types.js';\n"],"mappings":";AAgBO,IAAM,WAAN,MAAe;AAAA,EACZ;AAAA,EACA;AAAA,EACA;AAAA,EAER,YAAY,QAAqB;AAC/B,SAAK,SAAS,OAAO;AACrB,SAAK,WAAW,OAAO,WAAW,wBAAwB,QAAQ,OAAO,EAAE,IAAI;AAC/E,SAAK,UAAU,OAAO,WAAW;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,OAAuD;AAC3D,UAAM,WAAW,MAAM,MAAM,GAAG,KAAK,QAAQ,QAAQ,OAAO,EAAE,CAAC,WAAW;AAAA,MACxE,SAAS,EAAE,cAAc,kBAAkB;AAAA,MAC3C,QAAQ,YAAY,QAAQ,KAAK,OAAO;AAAA,IAC1C,CAAC;AACD,QAAI,CAAC,SAAS,GAAI,OAAM,IAAI,WAAW,SAAS,QAAQ,eAAe,4BAA4B;AACnG,WAAO,SAAS,KAAK;AAAA,EACvB;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,SAAS,OAAiE;AAC9E,WAAO,KAAK,KAAK,WAAW,KAAK;AAAA,EACnC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAuC;AAClD,WAAO,KAAK,IAAI,iBAAiB,OAAO,EAAE;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,SAAS,SAAiC;AAC9C,WAAO,KAAK,IAAI,WAAW,OAAO,EAAE;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,WAAW,QAAyG;AACxH,UAAM,KAAK,IAAI,gBAAgB,MAAa,EAAE,SAAS;AACvD,WAAO,KAAK,IAAI,UAAU,KAAK,MAAM,KAAK,EAAE,EAAE;AAAA,EAChD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,SAAiB,SAAmG;AACpI,WAAO,KAAK,MAAM,WAAW,OAAO,IAAI,OAAO;AAAA,EACjD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,OAAO,SAAgC;AAC3C,UAAM,KAAK,OAAO,WAAW,OAAO,EAAE;AAAA,EACxC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,MAAM,SAAiB,OAAwD;AACnF,WAAO,KAAK,KAAK,WAAW,OAAO,uBAAuB,EAAE,MAAM,CAAC;AAAA,EACrE;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,MAAM,SAAiB,OAAwB,SAGpC;AACf,WAAO,KAAK,KAAK,WAAW,OAAO,gBAAgB,EAAE,OAAO,GAAG,QAAQ,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAiC;AACrD,WAAO,KAAK,IAAI,WAAW,OAAO,cAAc;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,SAAiB,OAAsC;AAC5E,WAAO,KAAK,OAAO,WAAW,OAAO,gBAAgB,KAAK,EAAE;AAAA,EAC9D;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,KAAK,OAAuD;AAChE,WAAO,KAAK,KAAK,iBAAiB,EAAE,QAAQ,CAAC,KAAK,EAAE,CAAC;AAAA,EACvD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU,QAA0D;AACxE,WAAO,KAAK,KAAK,iBAAiB,EAAE,OAAO,CAAC;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,YAAY,MAAc,IAAY,SAAiB,QAAsB;AACjF,WAAO,KAAK,KAAK,iBAAiB,EAAE,MAAM,IAAI,OAAO,CAAC;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,cAA8B;AAClC,WAAO,KAAK,IAAI,WAAW;AAAA,EAC7B;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,MAAc,SAAoE;AACnG,WAAO,KAAK,KAAK,aAAa,EAAE,MAAM,GAAG,QAAQ,CAAC;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,aAAa,OAA8C;AAC/D,WAAO,KAAK,OAAO,aAAa,KAAK,EAAE;AAAA,EACzC;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,kBAAkB,OAIP;AACf,WAAO,KAAK,KAAK,qBAAqB,KAAK;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,iBAAiB,OASN;AACf,WAAO,KAAK,KAAK,0BAA0B,KAAK;AAAA,EAClD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgC;AACpC,WAAO,KAAK,IAAI,wBAAwB;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,OAKL;AACf,WAAO,KAAK,KAAK,4BAA4B,KAAK;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,kBAAkC;AACtC,WAAO,KAAK,IAAI,0BAA0B;AAAA,EAC5C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,mBAAmB,OAMR;AACf,WAAO,KAAK,KAAK,4BAA4B,KAAK;AAAA,EACpD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,gBAAgB,SAAkC;AACtD,UAAM,SAAS,UAAU,aAAa,OAAO,KAAK;AAClD,WAAO,KAAK,IAAI,2BAA2B,MAAM,EAAE;AAAA,EACrD;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,iBAAiB,cAAqD;AAC1E,WAAO,KAAK,OAAO,4BAA4B,YAAY,EAAE;AAAA,EAC/D;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,aAAa,OAUhB;AACD,WAAO,KAAK,KAAK,sBAAsB,KAAK;AAAA,EAC9C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,MAAM,KAAK,SAAiB,eAAwC;AAClE,QAAI,OAAO,WAAW,QAAQ,WAAW,aAAa;AAEpD,YAAM,UAAU,KAAK,iBAAiB,aAAa;AACnD,YAAM,MAAM,MAAM,WAAW,OAAO,OAAO;AAAA,QACzC;AAAA,QAAS;AAAA,QAAS,EAAE,MAAM,UAAU;AAAA,QAAG;AAAA,QAAO,CAAC,MAAM;AAAA,MACvD;AACA,YAAM,YAAY,MAAM,WAAW,OAAO,OAAO;AAAA,QAC/C;AAAA,QAAW;AAAA,QAAK,IAAI,YAAY,EAAE,OAAO,OAAO;AAAA,MAClD;AACA,aAAO,WAAW,KAAK,oBAAoB,SAAS,CAAC;AAAA,IACvD,OAAO;AAEL,YAAM,SAAS,MAAM,OAAO,QAAa;AACzC,YAAM,OAAO,OAAO,KAAK,MAAM,OAAO,KAAK,OAAO,GAAG,aAAa;AAClE,aAAO,WAAW,KAAK,SAAS,QAAQ,CAAC;AAAA,IAC3C;AAAA,EACF;AAAA;AAAA,EAIA,MAAc,IAAI,MAA4B;AAC5C,WAAO,KAAK,QAAQ,OAAO,IAAI;AAAA,EACjC;AAAA,EAEA,MAAc,KAAK,MAAc,MAAyB;AACxD,WAAO,KAAK,QAAQ,QAAQ,MAAM,IAAI;AAAA,EACxC;AAAA,EAEA,MAAc,MAAM,MAAc,MAAyB;AACzD,WAAO,KAAK,QAAQ,SAAS,MAAM,IAAI;AAAA,EACzC;AAAA,EAEA,MAAc,OAAO,MAA4B;AAC/C,WAAO,KAAK,QAAQ,UAAU,IAAI;AAAA,EACpC;AAAA,EAEA,MAAc,QAAQ,QAAgB,MAAc,MAA0B;AAC5E,UAAM,aAAa,IAAI,gBAAgB;AACvC,UAAM,YAAY,WAAW,MAAM,WAAW,MAAM,GAAG,KAAK,OAAO;AAEnE,QAAI;AACF,YAAM,WAAW,MAAM,MAAM,GAAG,KAAK,OAAO,GAAG,IAAI,IAAI;AAAA,QACrD;AAAA,QACA,SAAS;AAAA,UACP,iBAAiB,UAAU,KAAK,MAAM;AAAA,UACtC,gBAAgB;AAAA,UAChB,cAAc;AAAA,QAChB;AAAA,QACA,MAAM,OAAO,KAAK,UAAU,IAAI,IAAI;AAAA,QACpC,QAAQ,WAAW;AAAA,MACrB,CAAC;AAED,UAAI,CAAC,SAAS,IAAI;AAChB,cAAM,UAAU,MAAM,SAAS,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AACtD,cAAM,IAAI;AAAA,UACR,SAAS;AAAA,UACT,QAAQ,OAAO,QAAQ;AAAA,UACvB,QAAQ,OAAO,WAAW,QAAQ,SAAS,MAAM;AAAA,UACjD,QAAQ,OAAO;AAAA,QACjB;AAAA,MACF;AAEA,YAAM,OAAO,MAAM,SAAS,KAAK;AACjC,aAAO,KAAK;AAAA,IACd,UAAE;AACA,mBAAa,SAAS;AAAA,IACxB;AAAA,EACF;AAAA,EAEQ,iBAAiB,KAA0B;AACjD,UAAM,MAAM,IAAI,QAAQ,oBAAoB,EAAE,EAAE,QAAQ,OAAO,EAAE;AACjE,UAAM,SAAS,KAAK,GAAG;AACvB,UAAM,QAAQ,IAAI,WAAW,OAAO,MAAM;AAC1C,aAAS,IAAI,GAAG,IAAI,OAAO,QAAQ,KAAK;AACtC,YAAM,CAAC,IAAI,OAAO,WAAW,CAAC;AAAA,IAChC;AACA,WAAO,MAAM;AAAA,EACf;AAAA,EAEQ,oBAAoB,QAA6B;AACvD,UAAM,QAAQ,IAAI,WAAW,MAAM;AACnC,QAAI,SAAS;AACb,eAAW,QAAQ,OAAO;AACxB,gBAAU,OAAO,aAAa,IAAI;AAAA,IACpC;AACA,WAAO,KAAK,MAAM;AAAA,EACpB;AACF;AAEO,IAAM,aAAN,cAAyB,MAAM;AAAA,EACpC,YACS,QACA,MACP,SACO,SACP;AACA,UAAM,OAAO;AALN;AACA;AAEA;AAGP,SAAK,OAAO;AAAA,EACd;AACF;AAIe,SAAR,YAA6B,QAA+B;AACjE,SAAO,IAAI,SAAS,MAAM;AAC5B;","names":[]}
package/dist/integrations/anthropic.cjs ADDED
@@ -0,0 +1,199 @@
1
+ "use strict";
2
+ var __defProp = Object.defineProperty;
3
+ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
4
+ var __getOwnPropNames = Object.getOwnPropertyNames;
5
+ var __hasOwnProp = Object.prototype.hasOwnProperty;
6
+ var __export = (target, all) => {
7
+ for (var name in all)
8
+ __defProp(target, name, { get: all[name], enumerable: true });
9
+ };
10
+ var __copyProps = (to, from, except, desc) => {
11
+ if (from && typeof from === "object" || typeof from === "function") {
12
+ for (let key of __getOwnPropNames(from))
13
+ if (!__hasOwnProp.call(to, key) && key !== except)
14
+ __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
15
+ }
16
+ return to;
17
+ };
18
+ var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
19
+
20
+ // src/integrations/anthropic.ts
21
+ var anthropic_exports = {};
22
+ __export(anthropic_exports, {
23
+ VorimToolRegistry: () => VorimToolRegistry,
24
+ createVorimClaudeAgent: () => createVorimClaudeAgent,
25
+ runAgentLoop: () => runAgentLoop
26
+ });
27
+ module.exports = __toCommonJS(anthropic_exports);
28
+ var VorimToolRegistry = class {
29
+ vorim;
30
+ agentId;
31
+ defaultPermission;
32
+ asyncAudit;
33
+ tools = /* @__PURE__ */ new Map();
34
+ constructor(config) {
35
+ this.vorim = config.vorim;
36
+ this.agentId = config.agentId;
37
+ this.defaultPermission = config.defaultPermission ?? "agent:execute";
38
+ this.asyncAudit = config.asyncAudit ?? true;
39
+ }
40
+ /** Register a tool. */
41
+ add(definition) {
42
+ this.tools.set(definition.name, definition);
43
+ return this;
44
+ }
45
+ /** Register multiple tools. */
46
+ addAll(definitions) {
47
+ for (const def of definitions) this.add(def);
48
+ return this;
49
+ }
50
+ /** Convert registered tools to Anthropic's tool format. */
51
+ toAnthropicTools() {
52
+ return [...this.tools.values()].map((t) => ({
53
+ name: t.name,
54
+ description: t.description,
55
+ input_schema: t.input_schema
56
+ }));
57
+ }
58
+ /**
59
+ * Execute tool_use blocks from a Claude message response.
60
+ * Each call is checked against Vorim permissions and audited.
61
+ * Returns an array of tool_result blocks ready to send back to Claude.
62
+ */
63
+ async executeToolUseBlocks(toolUseBlocks) {
64
+ return Promise.all(
65
+ toolUseBlocks.map((block) => this.executeSingleBlock(block))
66
+ );
67
+ }
68
+ async executeSingleBlock(block) {
69
+ const definition = this.tools.get(block.name);
70
+ if (!definition) {
71
+ return {
72
+ type: "tool_result",
73
+ tool_use_id: block.id,
74
+ content: JSON.stringify({ error: `Unknown tool: ${block.name}` }),
75
+ is_error: true
76
+ };
77
+ }
78
+ const scope = definition.permission ?? this.defaultPermission;
79
+ const { allowed, reason } = await this.vorim.check(this.agentId, scope);
80
+ if (!allowed) {
81
+ const event = {
82
+ agent_id: this.agentId,
83
+ event_type: "tool_call",
84
+ action: block.name,
85
+ resource: truncate(JSON.stringify(block.input), 500),
86
+ permission: scope,
87
+ result: "denied",
88
+ metadata: { reason, framework: "anthropic" }
89
+ };
90
+ this.emitAudit(event);
91
+ return {
92
+ type: "tool_result",
93
+ tool_use_id: block.id,
94
+ content: JSON.stringify({ error: `Permission denied: ${scope}${reason ? ` \u2014 ${reason}` : ""}` }),
95
+ is_error: true
96
+ };
97
+ }
98
+ const start = Date.now();
99
+ try {
100
+ const result = await definition.execute(block.input);
101
+ const content = typeof result === "string" ? result : JSON.stringify(result);
102
+ const event = {
103
+ agent_id: this.agentId,
104
+ event_type: "tool_call",
105
+ action: block.name,
106
+ resource: truncate(JSON.stringify(block.input), 500),
107
+ permission: scope,
108
+ result: "success",
109
+ latency_ms: Date.now() - start,
110
+ metadata: { framework: "anthropic" }
111
+ };
112
+ this.emitAudit(event);
113
+ return { type: "tool_result", tool_use_id: block.id, content };
114
+ } catch (err) {
115
+ const errMsg = err instanceof Error ? err.message : String(err);
116
+ const event = {
117
+ agent_id: this.agentId,
118
+ event_type: "tool_call",
119
+ action: block.name,
120
+ resource: truncate(JSON.stringify(block.input), 500),
121
+ permission: scope,
122
+ result: "error",
123
+ latency_ms: Date.now() - start,
124
+ error_code: err instanceof Error ? err.name : "UNKNOWN",
125
+ metadata: { error: errMsg, framework: "anthropic" }
126
+ };
127
+ this.emitAudit(event);
128
+ return {
129
+ type: "tool_result",
130
+ tool_use_id: block.id,
131
+ content: JSON.stringify({ error: errMsg }),
132
+ is_error: true
133
+ };
134
+ }
135
+ }
136
+ emitAudit(event) {
137
+ this.vorim.emit(event).catch(() => {
138
+ });
139
+ }
140
+ };
141
+ async function runAgentLoop(config) {
142
+ const {
143
+ anthropic,
144
+ model = "claude-sonnet-4-20250514",
145
+ systemPrompt,
146
+ maxIterations = 10,
147
+ maxTokens = 1024,
148
+ registry,
149
+ userMessage
150
+ } = config;
151
+ const tools = registry.toAnthropicTools();
152
+ const messages = [{ role: "user", content: userMessage }];
153
+ for (let i = 0; i < maxIterations; i++) {
154
+ const response = await anthropic.messages.create({
155
+ model,
156
+ max_tokens: maxTokens,
157
+ ...systemPrompt ? { system: systemPrompt } : {},
158
+ messages,
159
+ ...tools.length > 0 ? { tools } : {}
160
+ });
161
+ if (response.stop_reason === "end_turn" || response.stop_reason !== "tool_use") {
162
+ const textBlocks = response.content.filter((b) => b.type === "text");
163
+ return textBlocks.map((b) => b.text).join("") || "";
164
+ }
165
+ const toolUseBlocks = response.content.filter((b) => b.type === "tool_use");
166
+ const toolResults = await registry.executeToolUseBlocks(toolUseBlocks);
167
+ messages.push({ role: "assistant", content: response.content });
168
+ messages.push({ role: "user", content: toolResults });
169
+ }
170
+ return "";
171
+ }
172
+ async function createVorimClaudeAgent(config) {
173
+ const { vorim, name, description, capabilities, scopes, tools } = config;
174
+ const registration = await vorim.register({
175
+ name,
176
+ description,
177
+ capabilities,
178
+ scopes
179
+ });
180
+ const agentId = registration.agent.agent_id;
181
+ const registry = new VorimToolRegistry({ vorim, agentId });
182
+ registry.addAll(tools);
183
+ return {
184
+ agentId,
185
+ registration,
186
+ registry,
187
+ privateKey: registration.private_key
188
+ };
189
+ }
190
+ function truncate(str, max) {
191
+ return str.length > max ? str.slice(0, max) + "\u2026" : str;
192
+ }
193
+ // Annotate the CommonJS export names for ESM import in node:
194
+ 0 && (module.exports = {
195
+ VorimToolRegistry,
196
+ createVorimClaudeAgent,
197
+ runAgentLoop
198
+ });
199
+ //# sourceMappingURL=anthropic.cjs.map
package/dist/integrations/anthropic.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../src/integrations/anthropic.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — Anthropic/Claude Integration\n// Wraps Anthropic tool use with Vorim permission checks, audit trails,\n// and agent identity. Works with the Anthropic Node.js SDK (messages API\n// with tool use).\n//\n// Peer dependency: @anthropic-ai/sdk >=0.30.0\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type { PermissionScope, AuditEventInput } from '../types.js';\n\n// ─── Re-declared Anthropic types (peer dependency — not bundled) ──────────\n\ninterface AnthropicTool {\n name: string;\n description: string;\n input_schema: Record<string, unknown>;\n}\n\ninterface ToolUseBlock {\n type: 'tool_use';\n id: string;\n name: string;\n input: Record<string, unknown>;\n}\n\ninterface ToolResultBlock {\n type: 'tool_result';\n tool_use_id: string;\n content: string;\n is_error?: boolean;\n}\n\n// ─── Configuration ────────────────────────────────────────────────────────\n\nexport interface VorimToolDefinition<TArgs = Record<string, unknown>, TResult = unknown> {\n /** Tool name (must match the tool name sent to Claude). */\n name: string;\n /** Description shown to Claude. */\n description: string;\n /** JSON Schema for the tool's input. */\n input_schema: Record<string, unknown>;\n /** The function to execute when the tool is called. */\n execute: (args: TArgs) => Promise<TResult>;\n /** Vorim permission scope required. @default 'agent:execute' */\n permission?: PermissionScope;\n}\n\nexport interface VorimAnthropicConfig {\n /** Vorim SDK instance. */\n vorim: VorimSDK;\n /** The Vorim agent_id. */\n agentId: string;\n /** Default permission scope for tools without an explicit one. @default 'agent:execute' */\n defaultPermission?: PermissionScope;\n /** Whether to emit audit events asynchronously (fire-and-forget). @default true */\n asyncAudit?: boolean;\n}\n\n// ─── Tool Registry ────────────────────────────────────────────────────────\n\n/**\n * Manages a set of tools with Vorim permission checks and audit logging.\n * Converts tools to Anthropic's tool format and handles execution of\n * tool_use blocks from Claude's response.\n *\n * @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n *\n * const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n * const anthropic = new Anthropic();\n *\n * const registry = new VorimToolRegistry({\n * vorim,\n * agentId: \"agid_acme_a1b2c3d4\",\n * });\n *\n * registry.add({\n * name: \"search_docs\",\n * description: \"Search internal documents\",\n * input_schema: {\n * type: \"object\",\n * properties: { query: { type: \"string\" } },\n * required: [\"query\"],\n * },\n * execute: async ({ query }) => searchDocs(query),\n * permission: \"agent:read\",\n * });\n *\n * const response = await anthropic.messages.create({\n * model: \"claude-sonnet-4-20250514\",\n * max_tokens: 1024,\n * messages,\n * tools: registry.toAnthropicTools(),\n * });\n *\n * // Execute tool_use blocks from response\n * const toolResults = await registry.executeToolUseBlocks(\n * response.content.filter(b => b.type === \"tool_use\")\n * );\n * ```\n */\nexport class VorimToolRegistry {\n private vorim: VorimSDK;\n private agentId: string;\n private defaultPermission: PermissionScope;\n private asyncAudit: boolean;\n private tools = new Map<string, VorimToolDefinition>();\n\n constructor(config: VorimAnthropicConfig) {\n this.vorim = config.vorim;\n this.agentId = config.agentId;\n this.defaultPermission = config.defaultPermission ?? 'agent:execute';\n this.asyncAudit = config.asyncAudit ?? true;\n }\n\n /** Register a tool. */\n add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this {\n this.tools.set(definition.name, definition as VorimToolDefinition);\n return this;\n }\n\n /** Register multiple tools. */\n addAll(definitions: VorimToolDefinition[]): this {\n for (const def of definitions) this.add(def);\n return this;\n }\n\n /** Convert registered tools to Anthropic's tool format. */\n toAnthropicTools(): AnthropicTool[] {\n return [...this.tools.values()].map(t => ({\n name: t.name,\n description: t.description,\n input_schema: t.input_schema,\n }));\n }\n\n /**\n * Execute tool_use blocks from a Claude message response.\n * Each call is checked against Vorim permissions and audited.\n * Returns an array of tool_result blocks ready to send back to Claude.\n */\n async executeToolUseBlocks(toolUseBlocks: ToolUseBlock[]): Promise<ToolResultBlock[]> {\n return Promise.all(\n toolUseBlocks.map(block => this.executeSingleBlock(block)),\n );\n }\n\n private async executeSingleBlock(block: ToolUseBlock): Promise<ToolResultBlock> {\n const definition = this.tools.get(block.name);\n\n if (!definition) {\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Unknown tool: ${block.name}` }),\n is_error: true,\n };\n }\n\n const scope = definition.permission ?? this.defaultPermission;\n\n // 1. Permission check\n const { allowed, reason } = await this.vorim.check(this.agentId, scope);\n\n if (!allowed) {\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'denied',\n metadata: { reason, framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Permission denied: ${scope}${reason ? ` — ${reason}` : ''}` }),\n is_error: true,\n };\n }\n\n // 2. Execute\n const start = Date.now();\n try {\n const result = await definition.execute(block.input as any);\n const content = typeof result === 'string' ? result : JSON.stringify(result);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'success',\n latency_ms: Date.now() - start,\n metadata: { framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return { type: 'tool_result', tool_use_id: block.id, content };\n } catch (err) {\n const errMsg = err instanceof Error ? err.message : String(err);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'error',\n latency_ms: Date.now() - start,\n error_code: err instanceof Error ? err.name : 'UNKNOWN',\n metadata: { error: errMsg, framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: errMsg }),\n is_error: true,\n };\n }\n }\n\n private emitAudit(event: AuditEventInput): void {\n this.vorim.emit(event).catch(() => {});\n }\n}\n\n// ─── Agent Loop ───────────────────────────────────────────────────────────\n\n/** Minimal Anthropic client interface (avoids importing the full SDK). */\ninterface AnthropicClient {\n messages: {\n create(params: any): Promise<any>;\n };\n}\n\nexport interface VorimAgentLoopConfig extends VorimAnthropicConfig {\n /** Anthropic client instance. */\n anthropic: AnthropicClient;\n /** Model to use. @default 'claude-sonnet-4-20250514' */\n model?: string;\n /** System prompt for the agent. */\n systemPrompt?: string;\n /** Maximum tool-use iterations before stopping. @default 10 */\n maxIterations?: number;\n /** Max tokens per response. @default 1024 */\n maxTokens?: number;\n}\n\n/**\n * Runs a complete agent loop with Claude tool use, Vorim\n * permission enforcement, and audit logging.\n *\n * @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { runAgentLoop, VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n *\n * const registry = new VorimToolRegistry({ vorim, agentId });\n * registry.add({ name: \"search\", ... });\n *\n * const response = await runAgentLoop({\n * vorim,\n * agentId,\n * anthropic: new Anthropic(),\n * model: \"claude-sonnet-4-20250514\",\n * systemPrompt: \"You are a helpful assistant.\",\n * registry,\n * userMessage: \"Find docs about onboarding\",\n * });\n * ```\n */\nexport async function runAgentLoop(\n config: VorimAgentLoopConfig & {\n registry: VorimToolRegistry;\n userMessage: string;\n },\n): Promise<string> {\n const {\n anthropic,\n model = 'claude-sonnet-4-20250514',\n systemPrompt,\n maxIterations = 10,\n maxTokens = 1024,\n registry,\n userMessage,\n } = config;\n\n const tools = registry.toAnthropicTools();\n const messages: any[] = [{ role: 'user', content: userMessage }];\n\n for (let i = 0; i < maxIterations; i++) {\n const response = await anthropic.messages.create({\n model,\n max_tokens: maxTokens,\n ...(systemPrompt ? { system: systemPrompt } : {}),\n messages,\n ...(tools.length > 0 ? { tools } : {}),\n });\n\n // If stop_reason is \"end_turn\" — Claude is done\n if (response.stop_reason === 'end_turn' || response.stop_reason !== 'tool_use') {\n const textBlocks = response.content.filter((b: any) => b.type === 'text');\n return textBlocks.map((b: any) => b.text).join('') || '';\n }\n\n // Extract tool_use blocks and execute\n const toolUseBlocks = response.content.filter((b: any) => b.type === 'tool_use');\n const toolResults = await registry.executeToolUseBlocks(toolUseBlocks);\n\n // Append assistant response and tool results to conversation\n messages.push({ role: 'assistant', content: response.content });\n messages.push({ role: 'user', content: toolResults });\n }\n\n return '';\n}\n\n// ─── Agent Registration Helper ───────────────────────────────────────────\n\n/**\n * Registers a new agent with Vorim and returns a ready-to-use tool registry\n * configured for Anthropic/Claude.\n *\n * @example\n * ```ts\n * const { agentId, registry } = await createVorimClaudeAgent({\n * vorim,\n * name: \"claude-assistant\",\n * capabilities: [\"search\", \"calculate\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * tools: [searchTool, calcTool],\n * });\n * ```\n */\nexport async function createVorimClaudeAgent(config: {\n vorim: VorimSDK;\n name: string;\n description?: string;\n capabilities: string[];\n scopes: PermissionScope[];\n tools: VorimToolDefinition[];\n}) {\n const { vorim, name, description, capabilities, scopes, tools } = config;\n\n const registration = await vorim.register({\n name,\n description,\n capabilities,\n scopes,\n });\n\n const agentId = registration.agent.agent_id;\n const registry = new VorimToolRegistry({ vorim, agentId });\n registry.addAll(tools);\n\n return {\n agentId,\n registration,\n registry,\n privateKey: registration.private_key,\n };\n}\n\n// ─── Helpers ──────────────────────────────────────────────────────────────\n\nfunction truncate(str: string, max: number): string {\n return str.length > max ? str.slice(0, max) + '…' : str;\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AA0GO,IAAM,oBAAN,MAAwB;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,QAAQ,oBAAI,IAAiC;AAAA,EAErD,YAAY,QAA8B;AACxC,SAAK,QAAQ,OAAO;AACpB,SAAK,UAAU,OAAO;AACtB,SAAK,oBAAoB,OAAO,qBAAqB;AACrD,SAAK,aAAa,OAAO,cAAc;AAAA,EACzC;AAAA;AAAA,EAGA,IAAoB,YAAuD;AACzE,SAAK,MAAM,IAAI,WAAW,MAAM,UAAiC;AACjE,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAO,aAA0C;AAC/C,eAAW,OAAO,YAAa,MAAK,IAAI,GAAG;AAC3C,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,mBAAoC;AAClC,WAAO,CAAC,GAAG,KAAK,MAAM,OAAO,CAAC,EAAE,IAAI,QAAM;AAAA,MACxC,MAAM,EAAE;AAAA,MACR,aAAa,EAAE;AAAA,MACf,cAAc,EAAE;AAAA,IAClB,EAAE;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,qBAAqB,eAA2D;AACpF,WAAO,QAAQ;AAAA,MACb,cAAc,IAAI,WAAS,KAAK,mBAAmB,KAAK,CAAC;AAAA,IAC3D;AAAA,EACF;AAAA,EAEA,MAAc,mBAAmB,OAA+C;AAC9E,UAAM,aAAa,KAAK,MAAM,IAAI,MAAM,IAAI;AAE5C,QAAI,CAAC,YAAY;AACf,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,iBAAiB,MAAM,IAAI,GAAG,CAAC;AAAA,QAChE,UAAU;AAAA,MACZ;AAAA,IACF;AAEA,UAAM,QAAQ,WAAW,cAAc,KAAK;AAG5C,UAAM,EAAE,SAAS,OAAO,IAAI,MAAM,KAAK,MAAM,MAAM,KAAK,SAAS,KAAK;AAEtE,QAAI,CAAC,SAAS;AACZ,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,UAAU,EAAE,QAAQ,WAAW,YAAY;AAAA,MAC7C;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,sBAAsB,KAAK,GAAG,SAAS,WAAM,MAAM,KAAK,EAAE,GAAG,CAAC;AAAA,QAC/F,UAAU;AAAA,MACZ;AAAA,IACF;AAGA,UAAM,QAAQ,KAAK,IAAI;AACvB,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,QAAQ,MAAM,KAAY;AAC1D,YAAM,UAAU,OAAO,WAAW,WAAW,SAAS,KAAK,UAAU,MAAM;AAE3E,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,UAAU,EAAE,WAAW,YAAY;AAAA,MACrC;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO,EAAE,MAAM,eAAe,aAAa,MAAM,IAAI,QAAQ;AAAA,IAC/D,SAAS,KAAK;AACZ,YAAM,SAAS,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAE9D,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,YAAY,eAAe,QAAQ,IAAI,OAAO;AAAA,QAC9C,UAAU,EAAE,OAAO,QAAQ,WAAW,YAAY;AAAA,MACpD;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,OAAO,CAAC;AAAA,QACzC,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,UAAU,OAA8B;AAC9C,SAAK,MAAM,KAAK,KAAK,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAAA,EACvC;AACF;AAgDA,eAAsB,aACpB,QAIiB;AACjB,QAAM;AAAA,IACJ;AAAA,IACA,QAAQ;AAAA,IACR;AAAA,IACA,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,QAAQ,SAAS,iBAAiB;AACxC,QAAM,WAAkB,CAAC,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAE/D,WAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,UAAM,WAAW,MAAM,UAAU,SAAS,OAAO;AAAA,MAC/C;AAAA,MACA,YAAY;AAAA,MACZ,GAAI,eAAe,EAAE,QAAQ,aAAa,IAAI,CAAC;AAAA,MAC/C;AAAA,MACA,GAAI,MAAM,SAAS,IAAI,EAAE,MAAM,IAAI,CAAC;AAAA,IACtC,CAAC;AAGD,QAAI,SAAS,gBAAgB,cAAc,SAAS,gBAAgB,YAAY;AAC9E,YAAM,aAAa,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,MAAM;AACxE,aAAO,WAAW,IAAI,CAAC,MAAW,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK;AAAA,IACxD;AAGA,UAAM,gBAAgB,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,UAAU;AAC/E,UAAM,cAAc,MAAM,SAAS,qBAAqB,aAAa;AAGrE,aAAS,KAAK,EAAE,MAAM,aAAa,SAAS,SAAS,QAAQ,CAAC;AAC9D,aAAS,KAAK,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAAA,EACtD;AAEA,SAAO;AACT;AAmBA,eAAsB,uBAAuB,QAO1C;AACD,QAAM,EAAE,OAAO,MAAM,aAAa,cAAc,QAAQ,MAAM,IAAI;AAElE,QAAM,eAAe,MAAM,MAAM,SAAS;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAU,aAAa,MAAM;AACnC,QAAM,WAAW,IAAI,kBAAkB,EAAE,OAAO,QAAQ,CAAC;AACzD,WAAS,OAAO,KAAK;AAErB,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY,aAAa;AAAA,EAC3B;AACF;AAIA,SAAS,SAAS,KAAa,KAAqB;AAClD,SAAO,IAAI,SAAS,MAAM,IAAI,MAAM,GAAG,GAAG,IAAI,WAAM;AACtD;","names":[]}
package/dist/integrations/anthropic.d.cts ADDED
@@ -0,0 +1,183 @@
1
+ import { VorimSDK, PermissionScope, AgentRegistrationResult } from '../index.cjs';
2
+
3
+ interface AnthropicTool {
4
+ name: string;
5
+ description: string;
6
+ input_schema: Record<string, unknown>;
7
+ }
8
+ interface ToolUseBlock {
9
+ type: 'tool_use';
10
+ id: string;
11
+ name: string;
12
+ input: Record<string, unknown>;
13
+ }
14
+ interface ToolResultBlock {
15
+ type: 'tool_result';
16
+ tool_use_id: string;
17
+ content: string;
18
+ is_error?: boolean;
19
+ }
20
+ interface VorimToolDefinition<TArgs = Record<string, unknown>, TResult = unknown> {
21
+ /** Tool name (must match the tool name sent to Claude). */
22
+ name: string;
23
+ /** Description shown to Claude. */
24
+ description: string;
25
+ /** JSON Schema for the tool's input. */
26
+ input_schema: Record<string, unknown>;
27
+ /** The function to execute when the tool is called. */
28
+ execute: (args: TArgs) => Promise<TResult>;
29
+ /** Vorim permission scope required. @default 'agent:execute' */
30
+ permission?: PermissionScope;
31
+ }
32
+ interface VorimAnthropicConfig {
33
+ /** Vorim SDK instance. */
34
+ vorim: VorimSDK;
35
+ /** The Vorim agent_id. */
36
+ agentId: string;
37
+ /** Default permission scope for tools without an explicit one. @default 'agent:execute' */
38
+ defaultPermission?: PermissionScope;
39
+ /** Whether to emit audit events asynchronously (fire-and-forget). @default true */
40
+ asyncAudit?: boolean;
41
+ }
42
+ /**
43
+ * Manages a set of tools with Vorim permission checks and audit logging.
44
+ * Converts tools to Anthropic's tool format and handles execution of
45
+ * tool_use blocks from Claude's response.
46
+ *
47
+ * @example
48
+ * ```ts
49
+ * import Anthropic from "@anthropic-ai/sdk";
50
+ * import createVorim from "@vorim/sdk";
51
+ * import { VorimToolRegistry } from "@vorim/sdk/integrations/anthropic";
52
+ *
53
+ * const vorim = createVorim({ apiKey: "agid_sk_live_..." });
54
+ * const anthropic = new Anthropic();
55
+ *
56
+ * const registry = new VorimToolRegistry({
57
+ * vorim,
58
+ * agentId: "agid_acme_a1b2c3d4",
59
+ * });
60
+ *
61
+ * registry.add({
62
+ * name: "search_docs",
63
+ * description: "Search internal documents",
64
+ * input_schema: {
65
+ * type: "object",
66
+ * properties: { query: { type: "string" } },
67
+ * required: ["query"],
68
+ * },
69
+ * execute: async ({ query }) => searchDocs(query),
70
+ * permission: "agent:read",
71
+ * });
72
+ *
73
+ * const response = await anthropic.messages.create({
74
+ * model: "claude-sonnet-4-20250514",
75
+ * max_tokens: 1024,
76
+ * messages,
77
+ * tools: registry.toAnthropicTools(),
78
+ * });
79
+ *
80
+ * // Execute tool_use blocks from response
81
+ * const toolResults = await registry.executeToolUseBlocks(
82
+ * response.content.filter(b => b.type === "tool_use")
83
+ * );
84
+ * ```
85
+ */
86
+ declare class VorimToolRegistry {
87
+ private vorim;
88
+ private agentId;
89
+ private defaultPermission;
90
+ private asyncAudit;
91
+ private tools;
92
+ constructor(config: VorimAnthropicConfig);
93
+ /** Register a tool. */
94
+ add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this;
95
+ /** Register multiple tools. */
96
+ addAll(definitions: VorimToolDefinition[]): this;
97
+ /** Convert registered tools to Anthropic's tool format. */
98
+ toAnthropicTools(): AnthropicTool[];
99
+ /**
100
+ * Execute tool_use blocks from a Claude message response.
101
+ * Each call is checked against Vorim permissions and audited.
102
+ * Returns an array of tool_result blocks ready to send back to Claude.
103
+ */
104
+ executeToolUseBlocks(toolUseBlocks: ToolUseBlock[]): Promise<ToolResultBlock[]>;
105
+ private executeSingleBlock;
106
+ private emitAudit;
107
+ }
108
+ /** Minimal Anthropic client interface (avoids importing the full SDK). */
109
+ interface AnthropicClient {
110
+ messages: {
111
+ create(params: any): Promise<any>;
112
+ };
113
+ }
114
+ interface VorimAgentLoopConfig extends VorimAnthropicConfig {
115
+ /** Anthropic client instance. */
116
+ anthropic: AnthropicClient;
117
+ /** Model to use. @default 'claude-sonnet-4-20250514' */
118
+ model?: string;
119
+ /** System prompt for the agent. */
120
+ systemPrompt?: string;
121
+ /** Maximum tool-use iterations before stopping. @default 10 */
122
+ maxIterations?: number;
123
+ /** Max tokens per response. @default 1024 */
124
+ maxTokens?: number;
125
+ }
126
+ /**
127
+ * Runs a complete agent loop with Claude tool use, Vorim
128
+ * permission enforcement, and audit logging.
129
+ *
130
+ * @example
131
+ * ```ts
132
+ * import Anthropic from "@anthropic-ai/sdk";
133
+ * import createVorim from "@vorim/sdk";
134
+ * import { runAgentLoop, VorimToolRegistry } from "@vorim/sdk/integrations/anthropic";
135
+ *
136
+ * const registry = new VorimToolRegistry({ vorim, agentId });
137
+ * registry.add({ name: "search", ... });
138
+ *
139
+ * const response = await runAgentLoop({
140
+ * vorim,
141
+ * agentId,
142
+ * anthropic: new Anthropic(),
143
+ * model: "claude-sonnet-4-20250514",
144
+ * systemPrompt: "You are a helpful assistant.",
145
+ * registry,
146
+ * userMessage: "Find docs about onboarding",
147
+ * });
148
+ * ```
149
+ */
150
+ declare function runAgentLoop(config: VorimAgentLoopConfig & {
151
+ registry: VorimToolRegistry;
152
+ userMessage: string;
153
+ }): Promise<string>;
154
+ /**
155
+ * Registers a new agent with Vorim and returns a ready-to-use tool registry
156
+ * configured for Anthropic/Claude.
157
+ *
158
+ * @example
159
+ * ```ts
160
+ * const { agentId, registry } = await createVorimClaudeAgent({
161
+ * vorim,
162
+ * name: "claude-assistant",
163
+ * capabilities: ["search", "calculate"],
164
+ * scopes: ["agent:read", "agent:execute"],
165
+ * tools: [searchTool, calcTool],
166
+ * });
167
+ * ```
168
+ */
169
+ declare function createVorimClaudeAgent(config: {
170
+ vorim: VorimSDK;
171
+ name: string;
172
+ description?: string;
173
+ capabilities: string[];
174
+ scopes: PermissionScope[];
175
+ tools: VorimToolDefinition[];
176
+ }): Promise<{
177
+ agentId: string;
178
+ registration: AgentRegistrationResult;
179
+ registry: VorimToolRegistry;
180
+ privateKey: string;
181
+ }>;
182
+
183
+ export { type VorimAgentLoopConfig, type VorimAnthropicConfig, type VorimToolDefinition, VorimToolRegistry, createVorimClaudeAgent, runAgentLoop };
package/dist/integrations/anthropic.d.ts ADDED
@@ -0,0 +1,183 @@
1
+ import { VorimSDK, PermissionScope, AgentRegistrationResult } from '../index.js';
2
+
3
+ interface AnthropicTool {
4
+ name: string;
5
+ description: string;
6
+ input_schema: Record<string, unknown>;
7
+ }
8
+ interface ToolUseBlock {
9
+ type: 'tool_use';
10
+ id: string;
11
+ name: string;
12
+ input: Record<string, unknown>;
13
+ }
14
+ interface ToolResultBlock {
15
+ type: 'tool_result';
16
+ tool_use_id: string;
17
+ content: string;
18
+ is_error?: boolean;
19
+ }
20
+ interface VorimToolDefinition<TArgs = Record<string, unknown>, TResult = unknown> {
21
+ /** Tool name (must match the tool name sent to Claude). */
22
+ name: string;
23
+ /** Description shown to Claude. */
24
+ description: string;
25
+ /** JSON Schema for the tool's input. */
26
+ input_schema: Record<string, unknown>;
27
+ /** The function to execute when the tool is called. */
28
+ execute: (args: TArgs) => Promise<TResult>;
29
+ /** Vorim permission scope required. @default 'agent:execute' */
30
+ permission?: PermissionScope;
31
+ }
32
+ interface VorimAnthropicConfig {
33
+ /** Vorim SDK instance. */
34
+ vorim: VorimSDK;
35
+ /** The Vorim agent_id. */
36
+ agentId: string;
37
+ /** Default permission scope for tools without an explicit one. @default 'agent:execute' */
38
+ defaultPermission?: PermissionScope;
39
+ /** Whether to emit audit events asynchronously (fire-and-forget). @default true */
40
+ asyncAudit?: boolean;
41
+ }
42
+ /**
43
+ * Manages a set of tools with Vorim permission checks and audit logging.
44
+ * Converts tools to Anthropic's tool format and handles execution of
45
+ * tool_use blocks from Claude's response.
46
+ *
47
+ * @example
48
+ * ```ts
49
+ * import Anthropic from "@anthropic-ai/sdk";
50
+ * import createVorim from "@vorim/sdk";
51
+ * import { VorimToolRegistry } from "@vorim/sdk/integrations/anthropic";
52
+ *
53
+ * const vorim = createVorim({ apiKey: "agid_sk_live_..." });
54
+ * const anthropic = new Anthropic();
55
+ *
56
+ * const registry = new VorimToolRegistry({
57
+ * vorim,
58
+ * agentId: "agid_acme_a1b2c3d4",
59
+ * });
60
+ *
61
+ * registry.add({
62
+ * name: "search_docs",
63
+ * description: "Search internal documents",
64
+ * input_schema: {
65
+ * type: "object",
66
+ * properties: { query: { type: "string" } },
67
+ * required: ["query"],
68
+ * },
69
+ * execute: async ({ query }) => searchDocs(query),
70
+ * permission: "agent:read",
71
+ * });
72
+ *
73
+ * const response = await anthropic.messages.create({
74
+ * model: "claude-sonnet-4-20250514",
75
+ * max_tokens: 1024,
76
+ * messages,
77
+ * tools: registry.toAnthropicTools(),
78
+ * });
79
+ *
80
+ * // Execute tool_use blocks from response
81
+ * const toolResults = await registry.executeToolUseBlocks(
82
+ * response.content.filter(b => b.type === "tool_use")
83
+ * );
84
+ * ```
85
+ */
86
+ declare class VorimToolRegistry {
87
+ private vorim;
88
+ private agentId;
89
+ private defaultPermission;
90
+ private asyncAudit;
91
+ private tools;
92
+ constructor(config: VorimAnthropicConfig);
93
+ /** Register a tool. */
94
+ add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this;
95
+ /** Register multiple tools. */
96
+ addAll(definitions: VorimToolDefinition[]): this;
97
+ /** Convert registered tools to Anthropic's tool format. */
98
+ toAnthropicTools(): AnthropicTool[];
99
+ /**
100
+ * Execute tool_use blocks from a Claude message response.
101
+ * Each call is checked against Vorim permissions and audited.
102
+ * Returns an array of tool_result blocks ready to send back to Claude.
103
+ */
104
+ executeToolUseBlocks(toolUseBlocks: ToolUseBlock[]): Promise<ToolResultBlock[]>;
105
+ private executeSingleBlock;
106
+ private emitAudit;
107
+ }
108
+ /** Minimal Anthropic client interface (avoids importing the full SDK). */
109
+ interface AnthropicClient {
110
+ messages: {
111
+ create(params: any): Promise<any>;
112
+ };
113
+ }
114
+ interface VorimAgentLoopConfig extends VorimAnthropicConfig {
115
+ /** Anthropic client instance. */
116
+ anthropic: AnthropicClient;
117
+ /** Model to use. @default 'claude-sonnet-4-20250514' */
118
+ model?: string;
119
+ /** System prompt for the agent. */
120
+ systemPrompt?: string;
121
+ /** Maximum tool-use iterations before stopping. @default 10 */
122
+ maxIterations?: number;
123
+ /** Max tokens per response. @default 1024 */
124
+ maxTokens?: number;
125
+ }
126
+ /**
127
+ * Runs a complete agent loop with Claude tool use, Vorim
128
+ * permission enforcement, and audit logging.
129
+ *
130
+ * @example
131
+ * ```ts
132
+ * import Anthropic from "@anthropic-ai/sdk";
133
+ * import createVorim from "@vorim/sdk";
134
+ * import { runAgentLoop, VorimToolRegistry } from "@vorim/sdk/integrations/anthropic";
135
+ *
136
+ * const registry = new VorimToolRegistry({ vorim, agentId });
137
+ * registry.add({ name: "search", ... });
138
+ *
139
+ * const response = await runAgentLoop({
140
+ * vorim,
141
+ * agentId,
142
+ * anthropic: new Anthropic(),
143
+ * model: "claude-sonnet-4-20250514",
144
+ * systemPrompt: "You are a helpful assistant.",
145
+ * registry,
146
+ * userMessage: "Find docs about onboarding",
147
+ * });
148
+ * ```
149
+ */
150
+ declare function runAgentLoop(config: VorimAgentLoopConfig & {
151
+ registry: VorimToolRegistry;
152
+ userMessage: string;
153
+ }): Promise<string>;
154
+ /**
155
+ * Registers a new agent with Vorim and returns a ready-to-use tool registry
156
+ * configured for Anthropic/Claude.
157
+ *
158
+ * @example
159
+ * ```ts
160
+ * const { agentId, registry } = await createVorimClaudeAgent({
161
+ * vorim,
162
+ * name: "claude-assistant",
163
+ * capabilities: ["search", "calculate"],
164
+ * scopes: ["agent:read", "agent:execute"],
165
+ * tools: [searchTool, calcTool],
166
+ * });
167
+ * ```
168
+ */
169
+ declare function createVorimClaudeAgent(config: {
170
+ vorim: VorimSDK;
171
+ name: string;
172
+ description?: string;
173
+ capabilities: string[];
174
+ scopes: PermissionScope[];
175
+ tools: VorimToolDefinition[];
176
+ }): Promise<{
177
+ agentId: string;
178
+ registration: AgentRegistrationResult;
179
+ registry: VorimToolRegistry;
180
+ privateKey: string;
181
+ }>;
182
+
183
+ export { type VorimAgentLoopConfig, type VorimAnthropicConfig, type VorimToolDefinition, VorimToolRegistry, createVorimClaudeAgent, runAgentLoop };
package/dist/integrations/anthropic.js ADDED
@@ -0,0 +1,172 @@
1
+ // src/integrations/anthropic.ts
2
+ var VorimToolRegistry = class {
3
+ vorim;
4
+ agentId;
5
+ defaultPermission;
6
+ asyncAudit;
7
+ tools = /* @__PURE__ */ new Map();
8
+ constructor(config) {
9
+ this.vorim = config.vorim;
10
+ this.agentId = config.agentId;
11
+ this.defaultPermission = config.defaultPermission ?? "agent:execute";
12
+ this.asyncAudit = config.asyncAudit ?? true;
13
+ }
14
+ /** Register a tool. */
15
+ add(definition) {
16
+ this.tools.set(definition.name, definition);
17
+ return this;
18
+ }
19
+ /** Register multiple tools. */
20
+ addAll(definitions) {
21
+ for (const def of definitions) this.add(def);
22
+ return this;
23
+ }
24
+ /** Convert registered tools to Anthropic's tool format. */
25
+ toAnthropicTools() {
26
+ return [...this.tools.values()].map((t) => ({
27
+ name: t.name,
28
+ description: t.description,
29
+ input_schema: t.input_schema
30
+ }));
31
+ }
32
+ /**
33
+ * Execute tool_use blocks from a Claude message response.
34
+ * Each call is checked against Vorim permissions and audited.
35
+ * Returns an array of tool_result blocks ready to send back to Claude.
36
+ */
37
+ async executeToolUseBlocks(toolUseBlocks) {
38
+ return Promise.all(
39
+ toolUseBlocks.map((block) => this.executeSingleBlock(block))
40
+ );
41
+ }
42
+ async executeSingleBlock(block) {
43
+ const definition = this.tools.get(block.name);
44
+ if (!definition) {
45
+ return {
46
+ type: "tool_result",
47
+ tool_use_id: block.id,
48
+ content: JSON.stringify({ error: `Unknown tool: ${block.name}` }),
49
+ is_error: true
50
+ };
51
+ }
52
+ const scope = definition.permission ?? this.defaultPermission;
53
+ const { allowed, reason } = await this.vorim.check(this.agentId, scope);
54
+ if (!allowed) {
55
+ const event = {
56
+ agent_id: this.agentId,
57
+ event_type: "tool_call",
58
+ action: block.name,
59
+ resource: truncate(JSON.stringify(block.input), 500),
60
+ permission: scope,
61
+ result: "denied",
62
+ metadata: { reason, framework: "anthropic" }
63
+ };
64
+ this.emitAudit(event);
65
+ return {
66
+ type: "tool_result",
67
+ tool_use_id: block.id,
68
+ content: JSON.stringify({ error: `Permission denied: ${scope}${reason ? ` \u2014 ${reason}` : ""}` }),
69
+ is_error: true
70
+ };
71
+ }
72
+ const start = Date.now();
73
+ try {
74
+ const result = await definition.execute(block.input);
75
+ const content = typeof result === "string" ? result : JSON.stringify(result);
76
+ const event = {
77
+ agent_id: this.agentId,
78
+ event_type: "tool_call",
79
+ action: block.name,
80
+ resource: truncate(JSON.stringify(block.input), 500),
81
+ permission: scope,
82
+ result: "success",
83
+ latency_ms: Date.now() - start,
84
+ metadata: { framework: "anthropic" }
85
+ };
86
+ this.emitAudit(event);
87
+ return { type: "tool_result", tool_use_id: block.id, content };
88
+ } catch (err) {
89
+ const errMsg = err instanceof Error ? err.message : String(err);
90
+ const event = {
91
+ agent_id: this.agentId,
92
+ event_type: "tool_call",
93
+ action: block.name,
94
+ resource: truncate(JSON.stringify(block.input), 500),
95
+ permission: scope,
96
+ result: "error",
97
+ latency_ms: Date.now() - start,
98
+ error_code: err instanceof Error ? err.name : "UNKNOWN",
99
+ metadata: { error: errMsg, framework: "anthropic" }
100
+ };
101
+ this.emitAudit(event);
102
+ return {
103
+ type: "tool_result",
104
+ tool_use_id: block.id,
105
+ content: JSON.stringify({ error: errMsg }),
106
+ is_error: true
107
+ };
108
+ }
109
+ }
110
+ emitAudit(event) {
111
+ this.vorim.emit(event).catch(() => {
112
+ });
113
+ }
114
+ };
115
+ async function runAgentLoop(config) {
116
+ const {
117
+ anthropic,
118
+ model = "claude-sonnet-4-20250514",
119
+ systemPrompt,
120
+ maxIterations = 10,
121
+ maxTokens = 1024,
122
+ registry,
123
+ userMessage
124
+ } = config;
125
+ const tools = registry.toAnthropicTools();
126
+ const messages = [{ role: "user", content: userMessage }];
127
+ for (let i = 0; i < maxIterations; i++) {
128
+ const response = await anthropic.messages.create({
129
+ model,
130
+ max_tokens: maxTokens,
131
+ ...systemPrompt ? { system: systemPrompt } : {},
132
+ messages,
133
+ ...tools.length > 0 ? { tools } : {}
134
+ });
135
+ if (response.stop_reason === "end_turn" || response.stop_reason !== "tool_use") {
136
+ const textBlocks = response.content.filter((b) => b.type === "text");
137
+ return textBlocks.map((b) => b.text).join("") || "";
138
+ }
139
+ const toolUseBlocks = response.content.filter((b) => b.type === "tool_use");
140
+ const toolResults = await registry.executeToolUseBlocks(toolUseBlocks);
141
+ messages.push({ role: "assistant", content: response.content });
142
+ messages.push({ role: "user", content: toolResults });
143
+ }
144
+ return "";
145
+ }
146
+ async function createVorimClaudeAgent(config) {
147
+ const { vorim, name, description, capabilities, scopes, tools } = config;
148
+ const registration = await vorim.register({
149
+ name,
150
+ description,
151
+ capabilities,
152
+ scopes
153
+ });
154
+ const agentId = registration.agent.agent_id;
155
+ const registry = new VorimToolRegistry({ vorim, agentId });
156
+ registry.addAll(tools);
157
+ return {
158
+ agentId,
159
+ registration,
160
+ registry,
161
+ privateKey: registration.private_key
162
+ };
163
+ }
164
+ function truncate(str, max) {
165
+ return str.length > max ? str.slice(0, max) + "\u2026" : str;
166
+ }
167
+ export {
168
+ VorimToolRegistry,
169
+ createVorimClaudeAgent,
170
+ runAgentLoop
171
+ };
172
+ //# sourceMappingURL=anthropic.js.map
package/dist/integrations/anthropic.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../src/integrations/anthropic.ts"],"sourcesContent":["// ============================================================================\n// VORIM SDK — Anthropic/Claude Integration\n// Wraps Anthropic tool use with Vorim permission checks, audit trails,\n// and agent identity. Works with the Anthropic Node.js SDK (messages API\n// with tool use).\n//\n// Peer dependency: @anthropic-ai/sdk >=0.30.0\n// ============================================================================\n\nimport type { VorimSDK } from '../index.js';\nimport type { PermissionScope, AuditEventInput } from '../types.js';\n\n// ─── Re-declared Anthropic types (peer dependency — not bundled) ──────────\n\ninterface AnthropicTool {\n name: string;\n description: string;\n input_schema: Record<string, unknown>;\n}\n\ninterface ToolUseBlock {\n type: 'tool_use';\n id: string;\n name: string;\n input: Record<string, unknown>;\n}\n\ninterface ToolResultBlock {\n type: 'tool_result';\n tool_use_id: string;\n content: string;\n is_error?: boolean;\n}\n\n// ─── Configuration ────────────────────────────────────────────────────────\n\nexport interface VorimToolDefinition<TArgs = Record<string, unknown>, TResult = unknown> {\n /** Tool name (must match the tool name sent to Claude). */\n name: string;\n /** Description shown to Claude. */\n description: string;\n /** JSON Schema for the tool's input. */\n input_schema: Record<string, unknown>;\n /** The function to execute when the tool is called. */\n execute: (args: TArgs) => Promise<TResult>;\n /** Vorim permission scope required. @default 'agent:execute' */\n permission?: PermissionScope;\n}\n\nexport interface VorimAnthropicConfig {\n /** Vorim SDK instance. */\n vorim: VorimSDK;\n /** The Vorim agent_id. */\n agentId: string;\n /** Default permission scope for tools without an explicit one. @default 'agent:execute' */\n defaultPermission?: PermissionScope;\n /** Whether to emit audit events asynchronously (fire-and-forget). @default true */\n asyncAudit?: boolean;\n}\n\n// ─── Tool Registry ────────────────────────────────────────────────────────\n\n/**\n * Manages a set of tools with Vorim permission checks and audit logging.\n * Converts tools to Anthropic's tool format and handles execution of\n * tool_use blocks from Claude's response.\n *\n * @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n *\n * const vorim = createVorim({ apiKey: \"agid_sk_live_...\" });\n * const anthropic = new Anthropic();\n *\n * const registry = new VorimToolRegistry({\n * vorim,\n * agentId: \"agid_acme_a1b2c3d4\",\n * });\n *\n * registry.add({\n * name: \"search_docs\",\n * description: \"Search internal documents\",\n * input_schema: {\n * type: \"object\",\n * properties: { query: { type: \"string\" } },\n * required: [\"query\"],\n * },\n * execute: async ({ query }) => searchDocs(query),\n * permission: \"agent:read\",\n * });\n *\n * const response = await anthropic.messages.create({\n * model: \"claude-sonnet-4-20250514\",\n * max_tokens: 1024,\n * messages,\n * tools: registry.toAnthropicTools(),\n * });\n *\n * // Execute tool_use blocks from response\n * const toolResults = await registry.executeToolUseBlocks(\n * response.content.filter(b => b.type === \"tool_use\")\n * );\n * ```\n */\nexport class VorimToolRegistry {\n private vorim: VorimSDK;\n private agentId: string;\n private defaultPermission: PermissionScope;\n private asyncAudit: boolean;\n private tools = new Map<string, VorimToolDefinition>();\n\n constructor(config: VorimAnthropicConfig) {\n this.vorim = config.vorim;\n this.agentId = config.agentId;\n this.defaultPermission = config.defaultPermission ?? 'agent:execute';\n this.asyncAudit = config.asyncAudit ?? true;\n }\n\n /** Register a tool. */\n add<TArgs, TResult>(definition: VorimToolDefinition<TArgs, TResult>): this {\n this.tools.set(definition.name, definition as VorimToolDefinition);\n return this;\n }\n\n /** Register multiple tools. */\n addAll(definitions: VorimToolDefinition[]): this {\n for (const def of definitions) this.add(def);\n return this;\n }\n\n /** Convert registered tools to Anthropic's tool format. */\n toAnthropicTools(): AnthropicTool[] {\n return [...this.tools.values()].map(t => ({\n name: t.name,\n description: t.description,\n input_schema: t.input_schema,\n }));\n }\n\n /**\n * Execute tool_use blocks from a Claude message response.\n * Each call is checked against Vorim permissions and audited.\n * Returns an array of tool_result blocks ready to send back to Claude.\n */\n async executeToolUseBlocks(toolUseBlocks: ToolUseBlock[]): Promise<ToolResultBlock[]> {\n return Promise.all(\n toolUseBlocks.map(block => this.executeSingleBlock(block)),\n );\n }\n\n private async executeSingleBlock(block: ToolUseBlock): Promise<ToolResultBlock> {\n const definition = this.tools.get(block.name);\n\n if (!definition) {\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Unknown tool: ${block.name}` }),\n is_error: true,\n };\n }\n\n const scope = definition.permission ?? this.defaultPermission;\n\n // 1. Permission check\n const { allowed, reason } = await this.vorim.check(this.agentId, scope);\n\n if (!allowed) {\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'denied',\n metadata: { reason, framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: `Permission denied: ${scope}${reason ? ` — ${reason}` : ''}` }),\n is_error: true,\n };\n }\n\n // 2. Execute\n const start = Date.now();\n try {\n const result = await definition.execute(block.input as any);\n const content = typeof result === 'string' ? result : JSON.stringify(result);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'success',\n latency_ms: Date.now() - start,\n metadata: { framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return { type: 'tool_result', tool_use_id: block.id, content };\n } catch (err) {\n const errMsg = err instanceof Error ? err.message : String(err);\n\n const event: AuditEventInput = {\n agent_id: this.agentId,\n event_type: 'tool_call',\n action: block.name,\n resource: truncate(JSON.stringify(block.input), 500),\n permission: scope,\n result: 'error',\n latency_ms: Date.now() - start,\n error_code: err instanceof Error ? err.name : 'UNKNOWN',\n metadata: { error: errMsg, framework: 'anthropic' },\n };\n this.emitAudit(event);\n\n return {\n type: 'tool_result',\n tool_use_id: block.id,\n content: JSON.stringify({ error: errMsg }),\n is_error: true,\n };\n }\n }\n\n private emitAudit(event: AuditEventInput): void {\n this.vorim.emit(event).catch(() => {});\n }\n}\n\n// ─── Agent Loop ───────────────────────────────────────────────────────────\n\n/** Minimal Anthropic client interface (avoids importing the full SDK). */\ninterface AnthropicClient {\n messages: {\n create(params: any): Promise<any>;\n };\n}\n\nexport interface VorimAgentLoopConfig extends VorimAnthropicConfig {\n /** Anthropic client instance. */\n anthropic: AnthropicClient;\n /** Model to use. @default 'claude-sonnet-4-20250514' */\n model?: string;\n /** System prompt for the agent. */\n systemPrompt?: string;\n /** Maximum tool-use iterations before stopping. @default 10 */\n maxIterations?: number;\n /** Max tokens per response. @default 1024 */\n maxTokens?: number;\n}\n\n/**\n * Runs a complete agent loop with Claude tool use, Vorim\n * permission enforcement, and audit logging.\n *\n * @example\n * ```ts\n * import Anthropic from \"@anthropic-ai/sdk\";\n * import createVorim from \"@vorim/sdk\";\n * import { runAgentLoop, VorimToolRegistry } from \"@vorim/sdk/integrations/anthropic\";\n *\n * const registry = new VorimToolRegistry({ vorim, agentId });\n * registry.add({ name: \"search\", ... });\n *\n * const response = await runAgentLoop({\n * vorim,\n * agentId,\n * anthropic: new Anthropic(),\n * model: \"claude-sonnet-4-20250514\",\n * systemPrompt: \"You are a helpful assistant.\",\n * registry,\n * userMessage: \"Find docs about onboarding\",\n * });\n * ```\n */\nexport async function runAgentLoop(\n config: VorimAgentLoopConfig & {\n registry: VorimToolRegistry;\n userMessage: string;\n },\n): Promise<string> {\n const {\n anthropic,\n model = 'claude-sonnet-4-20250514',\n systemPrompt,\n maxIterations = 10,\n maxTokens = 1024,\n registry,\n userMessage,\n } = config;\n\n const tools = registry.toAnthropicTools();\n const messages: any[] = [{ role: 'user', content: userMessage }];\n\n for (let i = 0; i < maxIterations; i++) {\n const response = await anthropic.messages.create({\n model,\n max_tokens: maxTokens,\n ...(systemPrompt ? { system: systemPrompt } : {}),\n messages,\n ...(tools.length > 0 ? { tools } : {}),\n });\n\n // If stop_reason is \"end_turn\" — Claude is done\n if (response.stop_reason === 'end_turn' || response.stop_reason !== 'tool_use') {\n const textBlocks = response.content.filter((b: any) => b.type === 'text');\n return textBlocks.map((b: any) => b.text).join('') || '';\n }\n\n // Extract tool_use blocks and execute\n const toolUseBlocks = response.content.filter((b: any) => b.type === 'tool_use');\n const toolResults = await registry.executeToolUseBlocks(toolUseBlocks);\n\n // Append assistant response and tool results to conversation\n messages.push({ role: 'assistant', content: response.content });\n messages.push({ role: 'user', content: toolResults });\n }\n\n return '';\n}\n\n// ─── Agent Registration Helper ───────────────────────────────────────────\n\n/**\n * Registers a new agent with Vorim and returns a ready-to-use tool registry\n * configured for Anthropic/Claude.\n *\n * @example\n * ```ts\n * const { agentId, registry } = await createVorimClaudeAgent({\n * vorim,\n * name: \"claude-assistant\",\n * capabilities: [\"search\", \"calculate\"],\n * scopes: [\"agent:read\", \"agent:execute\"],\n * tools: [searchTool, calcTool],\n * });\n * ```\n */\nexport async function createVorimClaudeAgent(config: {\n vorim: VorimSDK;\n name: string;\n description?: string;\n capabilities: string[];\n scopes: PermissionScope[];\n tools: VorimToolDefinition[];\n}) {\n const { vorim, name, description, capabilities, scopes, tools } = config;\n\n const registration = await vorim.register({\n name,\n description,\n capabilities,\n scopes,\n });\n\n const agentId = registration.agent.agent_id;\n const registry = new VorimToolRegistry({ vorim, agentId });\n registry.addAll(tools);\n\n return {\n agentId,\n registration,\n registry,\n privateKey: registration.private_key,\n };\n}\n\n// ─── Helpers ──────────────────────────────────────────────────────────────\n\nfunction truncate(str: string, max: number): string {\n return str.length > max ? str.slice(0, max) + '…' : str;\n}\n"],"mappings":";AA0GO,IAAM,oBAAN,MAAwB;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,QAAQ,oBAAI,IAAiC;AAAA,EAErD,YAAY,QAA8B;AACxC,SAAK,QAAQ,OAAO;AACpB,SAAK,UAAU,OAAO;AACtB,SAAK,oBAAoB,OAAO,qBAAqB;AACrD,SAAK,aAAa,OAAO,cAAc;AAAA,EACzC;AAAA;AAAA,EAGA,IAAoB,YAAuD;AACzE,SAAK,MAAM,IAAI,WAAW,MAAM,UAAiC;AACjE,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,OAAO,aAA0C;AAC/C,eAAW,OAAO,YAAa,MAAK,IAAI,GAAG;AAC3C,WAAO;AAAA,EACT;AAAA;AAAA,EAGA,mBAAoC;AAClC,WAAO,CAAC,GAAG,KAAK,MAAM,OAAO,CAAC,EAAE,IAAI,QAAM;AAAA,MACxC,MAAM,EAAE;AAAA,MACR,aAAa,EAAE;AAAA,MACf,cAAc,EAAE;AAAA,IAClB,EAAE;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,qBAAqB,eAA2D;AACpF,WAAO,QAAQ;AAAA,MACb,cAAc,IAAI,WAAS,KAAK,mBAAmB,KAAK,CAAC;AAAA,IAC3D;AAAA,EACF;AAAA,EAEA,MAAc,mBAAmB,OAA+C;AAC9E,UAAM,aAAa,KAAK,MAAM,IAAI,MAAM,IAAI;AAE5C,QAAI,CAAC,YAAY;AACf,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,iBAAiB,MAAM,IAAI,GAAG,CAAC;AAAA,QAChE,UAAU;AAAA,MACZ;AAAA,IACF;AAEA,UAAM,QAAQ,WAAW,cAAc,KAAK;AAG5C,UAAM,EAAE,SAAS,OAAO,IAAI,MAAM,KAAK,MAAM,MAAM,KAAK,SAAS,KAAK;AAEtE,QAAI,CAAC,SAAS;AACZ,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,UAAU,EAAE,QAAQ,WAAW,YAAY;AAAA,MAC7C;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,sBAAsB,KAAK,GAAG,SAAS,WAAM,MAAM,KAAK,EAAE,GAAG,CAAC;AAAA,QAC/F,UAAU;AAAA,MACZ;AAAA,IACF;AAGA,UAAM,QAAQ,KAAK,IAAI;AACvB,QAAI;AACF,YAAM,SAAS,MAAM,WAAW,QAAQ,MAAM,KAAY;AAC1D,YAAM,UAAU,OAAO,WAAW,WAAW,SAAS,KAAK,UAAU,MAAM;AAE3E,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,UAAU,EAAE,WAAW,YAAY;AAAA,MACrC;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO,EAAE,MAAM,eAAe,aAAa,MAAM,IAAI,QAAQ;AAAA,IAC/D,SAAS,KAAK;AACZ,YAAM,SAAS,eAAe,QAAQ,IAAI,UAAU,OAAO,GAAG;AAE9D,YAAM,QAAyB;AAAA,QAC7B,UAAU,KAAK;AAAA,QACf,YAAY;AAAA,QACZ,QAAQ,MAAM;AAAA,QACd,UAAU,SAAS,KAAK,UAAU,MAAM,KAAK,GAAG,GAAG;AAAA,QACnD,YAAY;AAAA,QACZ,QAAQ;AAAA,QACR,YAAY,KAAK,IAAI,IAAI;AAAA,QACzB,YAAY,eAAe,QAAQ,IAAI,OAAO;AAAA,QAC9C,UAAU,EAAE,OAAO,QAAQ,WAAW,YAAY;AAAA,MACpD;AACA,WAAK,UAAU,KAAK;AAEpB,aAAO;AAAA,QACL,MAAM;AAAA,QACN,aAAa,MAAM;AAAA,QACnB,SAAS,KAAK,UAAU,EAAE,OAAO,OAAO,CAAC;AAAA,QACzC,UAAU;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAAA,EAEQ,UAAU,OAA8B;AAC9C,SAAK,MAAM,KAAK,KAAK,EAAE,MAAM,MAAM;AAAA,IAAC,CAAC;AAAA,EACvC;AACF;AAgDA,eAAsB,aACpB,QAIiB;AACjB,QAAM;AAAA,IACJ;AAAA,IACA,QAAQ;AAAA,IACR;AAAA,IACA,gBAAgB;AAAA,IAChB,YAAY;AAAA,IACZ;AAAA,IACA;AAAA,EACF,IAAI;AAEJ,QAAM,QAAQ,SAAS,iBAAiB;AACxC,QAAM,WAAkB,CAAC,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAE/D,WAAS,IAAI,GAAG,IAAI,eAAe,KAAK;AACtC,UAAM,WAAW,MAAM,UAAU,SAAS,OAAO;AAAA,MAC/C;AAAA,MACA,YAAY;AAAA,MACZ,GAAI,eAAe,EAAE,QAAQ,aAAa,IAAI,CAAC;AAAA,MAC/C;AAAA,MACA,GAAI,MAAM,SAAS,IAAI,EAAE,MAAM,IAAI,CAAC;AAAA,IACtC,CAAC;AAGD,QAAI,SAAS,gBAAgB,cAAc,SAAS,gBAAgB,YAAY;AAC9E,YAAM,aAAa,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,MAAM;AACxE,aAAO,WAAW,IAAI,CAAC,MAAW,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK;AAAA,IACxD;AAGA,UAAM,gBAAgB,SAAS,QAAQ,OAAO,CAAC,MAAW,EAAE,SAAS,UAAU;AAC/E,UAAM,cAAc,MAAM,SAAS,qBAAqB,aAAa;AAGrE,aAAS,KAAK,EAAE,MAAM,aAAa,SAAS,SAAS,QAAQ,CAAC;AAC9D,aAAS,KAAK,EAAE,MAAM,QAAQ,SAAS,YAAY,CAAC;AAAA,EACtD;AAEA,SAAO;AACT;AAmBA,eAAsB,uBAAuB,QAO1C;AACD,QAAM,EAAE,OAAO,MAAM,aAAa,cAAc,QAAQ,MAAM,IAAI;AAElE,QAAM,eAAe,MAAM,MAAM,SAAS;AAAA,IACxC;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AAED,QAAM,UAAU,aAAa,MAAM;AACnC,QAAM,WAAW,IAAI,kBAAkB,EAAE,OAAO,QAAQ,CAAC;AACzD,WAAS,OAAO,KAAK;AAErB,SAAO;AAAA,IACL;AAAA,IACA;AAAA,IACA;AAAA,IACA,YAAY,aAAa;AAAA,EAC3B;AACF;AAIA,SAAS,SAAS,KAAa,KAAqB;AAClD,SAAO,IAAI,SAAS,MAAM,IAAI,MAAM,GAAG,GAAG,IAAI,WAAM;AACtD;","names":[]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@vorim/sdk",
3
- "version": "2.2.0",
3
+ "version": "3.0.0",
4
4
  "description": "Official TypeScript SDK for Vorim AI — AI Agent Identity, Permissions & Audit",
5
5
  "type": "module",
6
6
  "main": "dist/index.cjs",
@@ -56,6 +56,16 @@
56
56
  "types": "./dist/integrations/llamaindex.d.cts",
57
57
  "default": "./dist/integrations/llamaindex.cjs"
58
58
  }
59
+ },
60
+ "./integrations/anthropic": {
61
+ "import": {
62
+ "types": "./dist/integrations/anthropic.d.ts",
63
+ "default": "./dist/integrations/anthropic.js"
64
+ },
65
+ "require": {
66
+ "types": "./dist/integrations/anthropic.d.cts",
67
+ "default": "./dist/integrations/anthropic.cjs"
68
+ }
59
69
  }
60
70
  },
61
71
  "files": [