@zuplo/runtime 6.51.59 → 6.51.61

package/out/esm/index.js.LEGAL.txt

@@ -15,4 +15,3 @@
  * Copyright (c) 2016 Lerus Ludovic
  *
  */
-/*! For license information please see index.js.LEGAL.txt */

package/out/types/index.d.ts

@@ -256,85 +256,6 @@ declare interface APITokenCredentialConfig {
     headerValuePrefix?: string;
 }
 
-/**
- * Authorize requests using Aserto.
- *
- * @title Aserto Authorization
- * @beta
- * @param request - The ZuploRequest
- * @param context - The ZuploContext
- * @param options - The policy options set in policies.json
- * @param policyName - The name of the policy as set in policies.json
- * @returns A Request or a Response
- */
-export declare class AsertoAuthZInboundPolicy extends InboundPolicy<AsertoAuthZInboundPolicyOptions> {
-    private cache;
-    private authorizationUrl;
-    /**
-     * Set the authorization context for the current request.
-     *
-     * @param context - The ZuploContext for the current request
-     * @param asertoContext - The Aserto context to send to the Aserto service
-     */
-    static setAuthorizationContext(context: ZuploContext, asertoContext: Partial<AsertoContext>): void;
-    constructor(options: AsertoAuthZInboundPolicyOptions, policyName: string);
-    /**
-     * The handler that is called each time this policy is invoked
-     *
-     * @param request - The incoming Request
-     * @param context - The current context of the Request
-     * @returns A Response or Request object
-     */
-    handler(request: ZuploRequest, context: ZuploContext): Promise<ZuploRequest | Response>;
-}
-
-/**
- * The options for this policy.
- */
-export declare interface AsertoAuthZInboundPolicyOptions {
-    /**
-     * Indicates whether the request should continue if authorization fails. Default is `false` which means unauthorized users will automatically receive a 403 response.
-     */
-    allowUnauthorizedRequests?: boolean;
-    /**
-     * The Aserto Tenant ID.
-     */
-    tenantId: string;
-    /**
-     * The Aserto API key.
-     */
-    authorizerApiKey: string;
-    /**
-     * The Aserto Authorizer API URL.
-     */
-    authorizerApiUrl?: string;
-    /**
-     * The policy instance name.
-     */
-    policyName?: string;
-    /**
-     * Canonicalized service name.
-     */
-    serviceName: string;
-    /**
-     * The path to the user's sub property in the request.
-     */
-    userSubPropertyPath?: string;
-}
-
-/**
- * The Aserto context that is passed to the Aserto service.
- */
-declare interface AsertoContext {
-    identityContext: {
-        identity: string;
-        type: "IDENTITY_TYPE_SUB" | "IDENTITY_TYPE_NONE" | "IDENTITY_TYPE_JWT";
-    };
-    policyContext: PolicyContext;
-    policyInstance: PolicyInstance;
-    resourceContext: ResourceContext;
-}
-
 /**
  * A list of attributes that will be included in the authorization request.
  */
@@ -4349,26 +4270,6 @@ export declare interface PolicyConfiguration {
     options?: unknown;
 }
 
-/**
- * The policy context that is passed to the Aserto service.
- */
-declare interface PolicyContext {
-    decisions: string[];
-    path: string;
-}
-
-declare interface PolicyInstance {
-    /**
-     * The policy instance name
-     */
-    name: string;
-    /**
-     * The policy instance label
-     * @deprecated - This field is no longer required by Aserto
-     */
-    instanceLabel?: string;
-}
-
 /**
  * @public
  */
@@ -5026,8 +4927,6 @@ declare type ResolveRequestQuery<TQuery extends RequestQueryDefault | undefined>
 
 declare type ResolveUserData<TUserData extends UserDataDefault | undefined> = TUserData extends UserDataDefault ? TUserData : UserDataDefault;
 
-declare type ResourceContext = Record<string, string>;
-
 /**
  * @beta
  */
@@ -5162,6 +5061,73 @@ export declare const SchemaBasedRequestValidation: InboundPolicyHandler<RequestV
 
 /* Excluded from this release type: SemanticAttributes */
 
+/**
+ * Respond to matched incoming requests with semantically cached content
+ *
+ * The Semantic Cache Inbound policy caches responses based on semantic similarity
+ * of cache keys rather than exact matches. This allows for more flexible caching
+ * where similar requests can return cached responses even if the cache key is not
+ * exactly the same.
+ *
+ * The policy uses Large Language Model (LLM) embeddings to determine semantic
+ * similarity between cache keys based on a configurable similarity tolerance.
+ *
+ * Options:
+ * - similarityTolerance: The minimum similarity threshold for semantic cache matches (0-1, default: 0.8). Values closer to 1 require higher similarity. Can be overridden by custom functions.
+ * - expirationSecondsTtl: The timeout of the cache in seconds (default: 3600, 1 hour). Can be overridden by custom functions.
+ * - cacheBy: Determines how cache keys are generated: 'function' for custom logic or 'propertyPath' to extract from JSON body.
+ *
+ * @title Semantic Cache
+ * @beta
+ * @param request - The ZuploRequest
+ * @param context - The ZuploContext
+ * @param options - The policy options set in policies.json
+ * @param policyName - The name of the policy as set in policies.json
+ * @returns A Request or a Response
+ */
+export declare function SemanticCacheInboundPolicy(request: ZuploRequest, context: ZuploContext, options: SemanticCacheInboundPolicyOptions, policyName: string): Promise<Response | ZuploRequest<RequestGeneric_2>>;
+
+/**
+ * The options for this policy.
+ */
+export declare type SemanticCacheInboundPolicyOptions = {
+    [k: string]: unknown;
+} & {
+    /**
+     * The minimum similarity threshold for semantic cache matches. Values closer to 1 require higher similarity, while lower values allow more flexible matching. Default is 0.8.
+     */
+    similarityTolerance?: number;
+    /**
+     * The timeout of the cache in seconds. Defaults to 1 hour.
+     */
+    expirationSecondsTtl?: number;
+    /**
+     * Determines how the cache key is generated. Use 'function' for custom logic or 'propertyPath' to extract from JSON body.
+     */
+    cacheBy: "function" | "propertyPath";
+    /**
+     * The function that returns dynamic cache key data. Used only with `cacheBy=function`.
+     */
+    cacheByFunction?: {
+        /**
+         * Specifies the export to load your custom cache key function, e.g. `default`, `cacheKeyIdentifier`.
+         */
+        export: string;
+        /**
+         * Specifies the module to load your custom cache key function, in the format `$import(./modules/my-module)`.
+         */
+        module: string;
+    };
+    /**
+     * The path to the property in the request body (JSON) to use as cache key. For example '.userId' would read the 'userId' property from the request body. Only works with cacheBy=propertyPath.
+     */
+    cacheByPropertyPath?: string;
+    /**
+     * Response status codes to be cached.
+     */
+    statusCodes?: number[];
+};
+
 /* Excluded from this release type: serialize */
 
 /**
@@ -6037,6 +6003,41 @@ declare interface WaitUntilFunc {
     (promise: Promise<any>): void;
 }
 
+/**
+ * Authenticate bots using web-bot-auth HTTP Message Signatures.
+ *
+ * @title Web Bot Auth
+ * @public
+ * @param request - The ZuploRequest
+ * @param context - The ZuploContext
+ * @param options - The policy options set in policies.json
+ * @param policyName - The name of the policy as set in policies.json
+ * @returns A Request or a Response
+ */
+export declare const WebBotAuthInboundPolicy: InboundPolicyHandler<WebBotAuthInboundPolicyOptions>;
+
+/**
+ * Options for the Web Bot Auth Inbound Policy.
+ */
+export declare interface WebBotAuthInboundPolicyOptions {
+    /**
+     * List of bot identifiers that are allowed to access the API.
+     */
+    allowedBots: string[];
+    /**
+     * Whether to block bots that aren't in the allowed list.
+     */
+    blockUnknownBots: boolean;
+    /**
+     * Allow requests without bot signatures to proceed. This is useful if you want to use multiple authentication policies or if you want to allow both authenticated and non-authenticated traffic.
+     */
+    allowUnauthenticatedRequests?: boolean;
+    /**
+     * Optional URL to a directory of known bots (for verification).
+     */
+    directoryUrl?: string;
+}
+
 /**
  * Handle websocket requests to a different url
  * @param request - The ZuploRequest

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@zuplo/runtime",
   "type": "module",
-  "version": "6.51.59",
+  "version": "6.51.61",
   "repository": "https://github.com/zuplo/zuplo",
   "author": "Zuplo, Inc.",
   "exports": {