PyPI - capiscio-sdk - Versions diffs - 0.2.0__py3-none-any.whl → 0.3.0__py3-none-any.whl - Mend

capiscio-sdk 0.2.0py3-none-any.whl → 0.3.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

capiscio_sdk/__init__.py +2 -0
capiscio_sdk/config.py +1 -1
capiscio_sdk/errors.py +11 -1
capiscio_sdk/executor.py +17 -0
capiscio_sdk/integrations/fastapi.py +73 -0
capiscio_sdk/simple_guard.py +354 -0
capiscio_sdk/types.py +1 -1
capiscio_sdk-0.3.0.dist-info/METADATA +126 -0
{capiscio_sdk-0.2.0.dist-info → capiscio_sdk-0.3.0.dist-info}/RECORD +11 -9
capiscio_sdk-0.2.0.dist-info/METADATA +0 -221
{capiscio_sdk-0.2.0.dist-info → capiscio_sdk-0.3.0.dist-info}/WHEEL +0 -0
{capiscio_sdk-0.2.0.dist-info → capiscio_sdk-0.3.0.dist-info}/licenses/LICENSE +0 -0

capiscio_sdk/__init__.py CHANGED Viewed

@@ -12,6 +12,7 @@ __version__ = "0.2.0"
 # Core exports
 from .executor import CapiscioSecurityExecutor, secure, secure_agent
+from .simple_guard import SimpleGuard
 from .config import SecurityConfig, DownstreamConfig, UpstreamConfig
 from .errors import (
     CapiscioSecurityError,
@@ -25,6 +26,7 @@ from .types import ValidationResult, ValidationIssue, ValidationSeverity
 __all__ = [
     "__version__",
     "CapiscioSecurityExecutor",
+    "SimpleGuard",
     "secure",
     "secure_agent",
     "SecurityConfig",

capiscio_sdk/config.py CHANGED Viewed

@@ -1,4 +1,4 @@
-"""Configuration for Capiscio A2A Security."""
+"""Configuration for Capiscio Python SDK."""
 import os
 from typing import Literal
 from pydantic import BaseModel, Field

capiscio_sdk/errors.py CHANGED Viewed

@@ -1,4 +1,4 @@
-"""Error types for Capiscio A2A Security."""
+"""Error types for Capiscio Python SDK."""
 from typing import Optional, List, Dict, Any
 from .types import ValidationResult
@@ -67,3 +67,13 @@ class CapiscioTimeoutError(CapiscioSecurityError):
     """Operation timed out."""
     pass
+class ConfigurationError(CapiscioSecurityError):
+    """Missing keys or invalid paths (SimpleGuard)."""
+    pass
+class VerificationError(CapiscioSecurityError):
+    """Invalid signature, expired token, or untrusted key (SimpleGuard)."""
+    pass

capiscio_sdk/executor.py CHANGED Viewed

@@ -138,6 +138,23 @@ class CapiscioSecurityExecutor:
         # Cancellation just passes through - no security checks needed
         await self.delegate.cancel(context, event_queue)
+    async def validate_agent_card(self, url: str) -> ValidationResult:
+        """
+        Validate an agent card from a URL.
+        Args:
+            url: URL to the agent card or agent root
+        Returns:
+            ValidationResult with scores
+        """
+        from .validators.agent_card import AgentCardValidator
+        validator = AgentCardValidator()
+        try:
+            return await validator.fetch_and_validate(url)
+        finally:
+            await validator.http_client.aclose()
     def _validate_message(self, message: Dict[str, Any]) -> ValidationResult:
         """Validate message with caching."""
         # Try cache first

capiscio_sdk/integrations/fastapi.py ADDED Viewed

@@ -0,0 +1,73 @@
+"""FastAPI integration for Capiscio SimpleGuard."""
+from typing import Callable, Awaitable, Any, Dict
+try:
+    from starlette.middleware.base import BaseHTTPMiddleware
+    from starlette.requests import Request
+    from starlette.responses import JSONResponse, Response
+    from starlette.types import ASGIApp
+except ImportError:
+    raise ImportError("FastAPI/Starlette is required for this integration. Install with 'pip install fastapi'.")
+from ..simple_guard import SimpleGuard
+from ..errors import VerificationError
+import time
+class CapiscioMiddleware(BaseHTTPMiddleware):
+    """
+    Middleware to enforce A2A identity verification on incoming requests.
+    """
+    def __init__(self, app: ASGIApp, guard: SimpleGuard) -> None:
+        super().__init__(app)
+        self.guard = guard
+    async def dispatch(
+        self,
+        request: Request,
+        call_next: Callable[[Request], Awaitable[Response]]
+    ) -> Response:
+        # Allow health checks or public endpoints if needed
+        # For now, we assume everything under /agent/ needs protection
+        # But let's just check for the header.
+        if request.method == "OPTIONS":
+            return await call_next(request)
+        auth_header = request.headers.get("X-Capiscio-JWS")
+        # If no header, we might let it pass but mark as unverified?
+        # The mandate says: "Returns 401 (missing) or 403 (invalid)."
+        if not auth_header:
+             return JSONResponse(
+                 {"error": "Missing X-Capiscio-JWS header. This endpoint is protected by CapiscIO."},
+                 status_code=401
+             )
+        start_time = time.perf_counter()
+        try:
+            # Read the body for integrity check
+            body_bytes = await request.body()
+            # Verify the JWS with body
+            payload = self.guard.verify_inbound(auth_header, body=body_bytes)
+            # Reset the receive channel so downstream can read the body
+            async def receive() -> Dict[str, Any]:
+                return {"type": "http.request", "body": body_bytes, "more_body": False}
+            request._receive = receive
+            # Inject claims into request.state
+            request.state.agent = payload
+            request.state.agent_id = payload.get("iss")
+        except VerificationError as e:
+            return JSONResponse({"error": f"Access Denied: {str(e)}"}, status_code=403)
+        verification_duration = (time.perf_counter() - start_time) * 1000
+        response = await call_next(request)
+        # Add Server-Timing header (standard for performance metrics)
+        # Syntax: metric_name;dur=123.4;desc="Description"
+        response.headers["Server-Timing"] = f"capiscio-auth;dur={verification_duration:.3f};desc=\"CapiscIO Verification\""
+        return response

capiscio_sdk/simple_guard.py ADDED Viewed

@@ -0,0 +1,354 @@
+"""SimpleGuard: Local, zero-config security for A2A agents."""
+import os
+import json
+import logging
+import base64
+import hashlib
+import time
+from pathlib import Path
+from typing import Optional, Dict, Any, Union, cast
+import jwt
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric import ed25519
+from .errors import ConfigurationError, VerificationError
+logger = logging.getLogger(__name__)
+MAX_TOKEN_AGE = 60
+CLOCK_SKEW_LEEWAY = 5
+class SimpleGuard:
+    """
+    The "Customs Officer" for your Agent.
+    Enforces Identity (JWS) and Protocol (A2A) validation locally.
+    Prioritizes local utility and zero-configuration.
+    """
+    def __init__(
+        self,
+        base_dir: Optional[Union[str, Path]] = None,
+        dev_mode: bool = False
+    ) -> None:
+        """
+        Initialize SimpleGuard.
+        Args:
+            base_dir: Starting directory to search for config (defaults to cwd).
+            dev_mode: If True, auto-generates keys and agent-card.json.
+        """
+        self.dev_mode = dev_mode
+        # 1. Safety Check
+        if self.dev_mode and os.getenv("CAPISCIO_ENV") == "prod":
+            logger.critical(
+                "CRITICAL: SimpleGuard initialized in dev_mode=True but CAPISCIO_ENV=prod. "
+                "This is insecure! Disable dev_mode in production."
+            )
+        # 2. Resolve base_dir (Walk up logic)
+        self.project_root = self._resolve_project_root(base_dir)
+        self.keys_dir = self.project_root / "capiscio_keys"
+        self.trusted_dir = self.keys_dir / "trusted"
+        self.agent_card_path = self.project_root / "agent-card.json"
+        self.private_key_path = self.keys_dir / "private.pem"
+        self.public_key_path = self.keys_dir / "public.pem"
+        # 3. Load or Generate agent-card.json
+        self.agent_id: str
+        self.signing_kid: str
+        self._load_or_generate_card()
+        # 4. Load or Generate Keys
+        self._private_key: ed25519.Ed25519PrivateKey
+        self._load_or_generate_keys()
+        # 5. Load Trust Store (and self-trust in dev mode)
+        self._setup_trust_store()
+    def sign_outbound(self, payload: Dict[str, Any], body: Optional[bytes] = None) -> str:
+        """
+        Sign a payload for outbound transmission.
+        Args:
+            payload: The JSON payload to sign.
+            body: Optional HTTP body bytes to bind to the signature.
+        Returns:
+            Compact JWS string.
+        """
+        # Inject issuer if missing
+        if "iss" not in payload:
+            payload["iss"] = self.agent_id
+        # Replay Protection: Inject timestamps
+        now = int(time.time())
+        payload["iat"] = now
+        payload["exp"] = now + MAX_TOKEN_AGE
+        # Integrity: Calculate Body Hash if body is provided
+        if body is not None:
+            # SHA-256 hash
+            sha256_hash = hashlib.sha256(body).digest()
+            # Base64Url encode (no padding)
+            bh = base64.urlsafe_b64encode(sha256_hash).decode('utf-8').rstrip('=')
+            payload["bh"] = bh
+        # Prepare headers
+        headers = {
+            "kid": self.signing_kid,
+            "typ": "JWT",
+            "alg": "EdDSA"
+        }
+        # Sign
+        try:
+            token = jwt.encode(
+                payload,
+                self._private_key,
+                algorithm="EdDSA",
+                headers=headers
+            )
+            return token
+        except Exception as e:
+            raise ConfigurationError(f"Failed to sign payload: {e}")
+    def verify_inbound(self, jws: str, body: Optional[bytes] = None) -> Dict[str, Any]:
+        """
+        Verify an inbound JWS.
+        Args:
+            jws: The compact JWS string.
+            body: Optional HTTP body bytes to verify against 'bh' claim.
+        Returns:
+            The verified payload.
+        Raises:
+            VerificationError: If signature is invalid, key is untrusted, or integrity check fails.
+        """
+        try:
+            # 1. Parse Header to get kid (without verifying yet)
+            header = jwt.get_unverified_header(jws)
+            kid = header.get("kid")
+            if not kid:
+                raise VerificationError("Missing 'kid' in JWS header.")
+            # 2. Resolution: Look for trusted key
+            trusted_key_path = self.trusted_dir / f"{kid}.pem"
+            if not trusted_key_path.exists():
+                logger.warning(f'{{"event": "agent_call_denied", "kid": "{kid}", "reason": "untrusted_key"}}')
+                raise VerificationError(f"Untrusted key ID: {kid}")
+            # Load the trusted public key
+            with open(trusted_key_path, "rb") as f:
+                public_key = serialization.load_pem_public_key(f.read())
+                # Ensure it is a key type compatible with jwt.decode (Ed25519PublicKey is supported)
+                # We cast to Any to satisfy mypy's strict check against the specific union
+                public_key = cast(Any, public_key)
+            # 3. Verify Signature
+            payload = jwt.decode(
+                jws,
+                public_key,
+                algorithms=["EdDSA"],
+                options={"verify_aud": False} # Audience verification depends on context, skipping for generic guard
+            )
+            # Cast payload to Dict[str, Any]
+            payload = cast(Dict[str, Any], payload)
+            # 4. Integrity Check (Body Hash)
+            if "bh" in payload:
+                if body is None:
+                    raise VerificationError("JWS contains 'bh' claim but no body provided for verification.")
+                # Calculate hash of received body
+                sha256_hash = hashlib.sha256(body).digest()
+                calculated_bh = base64.urlsafe_b64encode(sha256_hash).decode('utf-8').rstrip('=')
+                if calculated_bh != payload["bh"]:
+                    logger.warning(f'{{"event": "agent_call_denied", "kid": "{kid}", "reason": "integrity_check_failed"}}')
+                    raise VerificationError("Integrity Check Failed: Body modified")
+            # 5. Replay Protection (Timestamp Enforcement)
+            now = int(time.time())
+            exp = payload.get("exp")
+            iat = payload.get("iat")
+            if exp is None or iat is None:
+                 raise VerificationError("Missing timestamp claims (exp, iat).")
+            if now > (exp + CLOCK_SKEW_LEEWAY):
+                 logger.warning(f'{{"event": "agent_call_denied", "kid": "{kid}", "reason": "token_expired"}}')
+                 raise VerificationError("Token expired.")
+            if now < (iat - CLOCK_SKEW_LEEWAY):
+                 logger.warning(f'{{"event": "agent_call_denied", "kid": "{kid}", "reason": "clock_skew"}}')
+                 raise VerificationError("Token not yet valid (Clock skew).")
+            # 6. Observability
+            iss = payload.get("iss", "unknown")
+            logger.info(f'{{"event": "agent_call_allowed", "iss": "{iss}", "kid": "{kid}"}}')
+            return payload
+        except jwt.InvalidSignatureError:
+            logger.warning(f'{{"event": "agent_call_denied", "kid": "{kid}", "reason": "invalid_signature"}}')
+            raise VerificationError("Invalid signature.")
+        except jwt.ExpiredSignatureError:
+            logger.warning(f'{{"event": "agent_call_denied", "kid": "{kid}", "reason": "token_expired"}}')
+            raise VerificationError("Token expired.")
+        except jwt.DecodeError:
+            raise VerificationError("Invalid JWS format.")
+        except Exception as e:
+            if isinstance(e, VerificationError):
+                raise
+            raise VerificationError(f"Verification failed: {e}")
+    def make_headers(self, payload: Dict[str, Any], body: Optional[bytes] = None) -> Dict[str, str]:
+        """Helper to generate the headers containing the JWS."""
+        token = self.sign_outbound(payload, body=body)
+        return {"X-Capiscio-JWS": token}
+    def _resolve_project_root(self, base_dir: Optional[Union[str, Path]]) -> Path:
+        """Walk up the directory tree to find agent-card.json or stop at root."""
+        current = Path(base_dir or os.getcwd()).resolve()
+        # If we are in dev mode and nothing exists, we might just use cwd
+        # But let's try to find an existing project structure first
+        search_path = current
+        while search_path != search_path.parent:
+            if (search_path / "agent-card.json").exists():
+                return search_path
+            search_path = search_path.parent
+        # If not found, default to cwd
+        return current
+    def _load_or_generate_card(self) -> None:
+        """Load agent-card.json or generate a minimal one in dev_mode."""
+        if self.agent_card_path.exists():
+            try:
+                with open(self.agent_card_path, "r") as f:
+                    data = json.load(f)
+                    self.agent_id = data.get("agent_id")
+                    # Assuming the first key is the signing key for now, or looking for a specific structure
+                    # The mandate says: "Cache self.agent_id and self.signing_kid"
+                    # We need to find the kid from the keys array.
+                    keys = data.get("public_keys", [])
+                    if not keys:
+                         raise ConfigurationError("agent-card.json missing 'public_keys'.")
+                    self.signing_kid = keys[0].get("kid")
+                    if not self.agent_id or not self.signing_kid:
+                        raise ConfigurationError("agent-card.json missing 'agent_id' or 'public_keys[0].kid'.")
+            except Exception as e:
+                raise ConfigurationError(f"Failed to load agent-card.json: {e}")
+        elif self.dev_mode:
+            # Generate minimal card
+            logger.info("Dev Mode: Generating minimal agent-card.json")
+            self.agent_id = "local-dev-agent"
+            self.signing_kid = "local-dev-key"
+            # We will populate the JWK part after generating the key in the next step
+            # For now, just set the basics, we'll write the file after key gen
+        else:
+            raise ConfigurationError(f"agent-card.json not found at {self.project_root}")
+    def _load_or_generate_keys(self) -> None:
+        """Load private.pem or generate it in dev_mode."""
+        if not self.keys_dir.exists():
+            if self.dev_mode:
+                self.keys_dir.mkdir(parents=True, exist_ok=True)
+                self.trusted_dir.mkdir(parents=True, exist_ok=True)
+            else:
+                raise ConfigurationError(f"capiscio_keys directory not found at {self.keys_dir}")
+        if self.private_key_path.exists():
+            try:
+                with open(self.private_key_path, "rb") as f:
+                    loaded_key = serialization.load_pem_private_key(
+                        f.read(), password=None
+                    )
+                    if not isinstance(loaded_key, ed25519.Ed25519PrivateKey):
+                        raise ConfigurationError("Private key is not an Ed25519 key.")
+                    self._private_key = loaded_key
+            except Exception as e:
+                raise ConfigurationError(f"Failed to load private.pem: {e}")
+        elif self.dev_mode:
+            logger.info("Dev Mode: Generating Ed25519 keypair")
+            self._private_key = ed25519.Ed25519PrivateKey.generate()
+            # Save Private Key
+            with open(self.private_key_path, "wb") as f:
+                f.write(self._private_key.private_bytes(
+                    encoding=serialization.Encoding.PEM,
+                    format=serialization.PrivateFormat.PKCS8,
+                    encryption_algorithm=serialization.NoEncryption()
+                ))
+            # Save Public Key
+            public_key = self._private_key.public_key()
+            pem_public = public_key.public_bytes(
+                encoding=serialization.Encoding.PEM,
+                format=serialization.PublicFormat.SubjectPublicKeyInfo
+            )
+            with open(self.public_key_path, "wb") as f:
+                f.write(pem_public)
+            # Now update agent-card.json with the JWK
+            self._update_agent_card_with_jwk(public_key)
+        else:
+            raise ConfigurationError(f"private.pem not found at {self.private_key_path}")
+    def _update_agent_card_with_jwk(self, public_key: ed25519.Ed25519PublicKey) -> None:
+        """Helper to write the agent-card.json with the generated key."""
+        # Convert Ed25519 public key to JWK parameters
+        # Ed25519 keys are simple: x is the raw bytes
+        raw_bytes = public_key.public_bytes(
+            encoding=serialization.Encoding.Raw,
+            format=serialization.PublicFormat.Raw
+        )
+        x_b64 = base64.urlsafe_b64encode(raw_bytes).decode('utf-8').rstrip('=')
+        jwk = {
+            "kty": "OKP",
+            "crv": "Ed25519",
+            "x": x_b64,
+            "kid": self.signing_kid,
+            "use": "sig"
+        }
+        card_data = {
+            "agent_id": self.agent_id,
+            "public_keys": [jwk],
+            "protocolVersion": "0.3.0",
+            "name": "Local Dev Agent",
+            "description": "Auto-generated by SimpleGuard",
+            "url": "http://localhost:8000",
+            "version": "0.1.0",
+            "provider": {
+                "organization": "Local Dev"
+            }
+        }
+        with open(self.agent_card_path, "w") as f:
+            json.dump(card_data, f, indent=2)
+        logger.info(f"Created agent-card.json at {self.agent_card_path}")
+    def _setup_trust_store(self) -> None:
+        """Ensure trust store exists and add self-trust in dev_mode."""
+        if not self.trusted_dir.exists() and self.dev_mode:
+            self.trusted_dir.mkdir(parents=True, exist_ok=True)
+        if self.dev_mode:
+            # Self-Trust: Copy public.pem to trusted/{kid}.pem
+            self_trust_path = self.trusted_dir / f"{self.signing_kid}.pem"
+            if not self_trust_path.exists() and self.public_key_path.exists():
+                import shutil
+                shutil.copy(self.public_key_path, self_trust_path)
+                logger.info(f"Dev Mode: Added self-trust for kid {self.signing_kid}")

capiscio_sdk/types.py CHANGED Viewed

@@ -1,4 +1,4 @@
-"""Core types for Capiscio A2A Security."""
+"""Core types for Capiscio Python SDK."""
 from typing import List, Dict, Any, Optional
 from pydantic import BaseModel, Field
 from enum import Enum

capiscio_sdk-0.3.0.dist-info/METADATA ADDED Viewed

@@ -0,0 +1,126 @@
+Metadata-Version: 2.4
+Name: capiscio-sdk
+Version: 0.3.0
+Summary: Runtime security middleware for A2A agents
+Project-URL: Homepage, https://capisc.io
+Project-URL: Documentation, https://docs.capisc.io/sdk-python
+Project-URL: Repository, https://github.com/capiscio/capiscio-sdk-python
+Project-URL: Issues, https://github.com/capiscio/capiscio-sdk-python/issues
+Author-email: Capiscio Team <team@capisc.io>
+License: Apache-2.0
+License-File: LICENSE
+Keywords: a2a,agent,agent-to-agent,middleware,security,validation
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: Apache Software License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Requires-Python: >=3.10
+Requires-Dist: a2a-sdk>=0.1.0
+Requires-Dist: cachetools>=5.3.0
+Requires-Dist: cryptography>=42.0.0
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: pydantic>=2.0.0
+Requires-Dist: pyjwt[crypto]>=2.8.0
+Provides-Extra: dev
+Requires-Dist: black>=24.0.0; extra == 'dev'
+Requires-Dist: fastapi>=0.100.0; extra == 'dev'
+Requires-Dist: mypy>=1.9.0; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
+Requires-Dist: pytest-cov>=4.1.0; extra == 'dev'
+Requires-Dist: pytest>=8.0.0; extra == 'dev'
+Requires-Dist: ruff>=0.3.0; extra == 'dev'
+Requires-Dist: starlette>=0.27.0; extra == 'dev'
+Requires-Dist: types-cachetools>=5.3.0; extra == 'dev'
+Provides-Extra: web
+Requires-Dist: fastapi>=0.100.0; extra == 'web'
+Requires-Dist: starlette>=0.27.0; extra == 'web'
+Description-Content-Type: text/markdown
+# CapiscIO SDK (Python)
+**Enforcement-First Security for A2A Agents.**
+[![PyPI version](https://badge.fury.io/py/capiscio-sdk.svg)](https://badge.fury.io/py/capiscio-sdk)
+[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+[![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
+**CapiscIO** is the "Customs Officer" for your AI Agent. It provides military-grade Identity and Integrity enforcement for the [Agent-to-Agent (A2A) Protocol](https://github.com/google/A2A) with **zero configuration**.
+## 🚀 The 60-Second Upgrade
+Turn any FastAPI application into a Verified A2A Agent in 3 lines of code.
+```python
+from fastapi import FastAPI
+from capiscio_sdk.simple_guard import SimpleGuard
+from capiscio_sdk.integrations.fastapi import CapiscioMiddleware
+# 1. Initialize Guard (Auto-generates keys in dev_mode)
+guard = SimpleGuard(dev_mode=True)
+app = FastAPI()
+# 2. Add Enforcement Middleware
+app.add_middleware(CapiscioMiddleware, guard=guard)
+@app.post("/agent/task")
+async def handle_task(request: Request):
+    # 🔒 Only reachable if Identity + Integrity are verified
+    caller = request.state.agent_id
+    return {"status": "accepted", "verified_caller": caller}
+```
+## 🛡️ What You Get (Out of the Box)
+1.  **Zero-Config Identity**:
+    *   Auto-generates **Ed25519** keys and `agent-card.json` on first run.
+    *   No manual key management required for development.
+2.  **Payload Integrity**:
+    *   Enforces **SHA-256 Body Hash (`bh`)** verification.
+    *   Blocks tampered payloads instantly (returns `403 Forbidden`).
+3.  **Replay Protection**:
+    *   Enforces strict **60-second** token expiration (`exp`).
+    *   Prevents replay attacks and ensures freshness.
+4.  **Performance Telemetry**:
+    *   Adds `<1ms` overhead.
+    *   Includes `Server-Timing` headers for transparent monitoring.
+## Installation
+```bash
+pip install capiscio-sdk
+```
+## How It Works
+### 1. The Handshake
+CapiscIO enforces the **A2A Trust Protocol**:
+*   **Sender**: Signs the request body (JWS + Body Hash).
+*   **Receiver**: Verifies the signature and re-hashes the body to ensure integrity.
+### 2. The "Customs Officer"
+The `SimpleGuard` acts as a local authority. It manages your agent's "Passport" (Agent Card) and verifies the "Visas" (Tokens) of incoming requests.
+### 3. Telemetry
+Every response includes a `Server-Timing` header showing exactly how fast the verification was:
+```http
+Server-Timing: capiscio-auth;dur=0.618;desc="CapiscIO Verification"
+```
+## Documentation
+- [Official Documentation](https://docs.capisc.io)
+- [A2A Protocol Spec](https://github.com/google/A2A)
+## License
+Apache License 2.0 - see [LICENSE](LICENSE) for details.

{capiscio_sdk-0.2.0.dist-info → capiscio_sdk-0.3.0.dist-info}/RECORD RENAMED Viewed

@@ -1,12 +1,14 @@
-capiscio_sdk/__init__.py,sha256=FeQaj_zfpzATbqqFP1vsRbJ_XT5NcBFm4vpR7efoqbE,1108
-capiscio_sdk/config.py,sha256=S5iclYkxG-29UY4ipVU-7DhmeTR2zell6TiX3yrRvE0,3974
-capiscio_sdk/errors.py,sha256=MCDh1fAAswXPpKoZEqVG_eD8rOmHv38GFEFFvz1GRjI,1859
-capiscio_sdk/executor.py,sha256=EKM_93thP5utyLEH2DZNTL1KY9YZRyOvWNBMzIgpTsU,7226
+capiscio_sdk/__init__.py,sha256=d1tXC6Mh3yogY-KLPLSJPzAe5lx-GsnR1EPfAalBv00,1165
+capiscio_sdk/config.py,sha256=-1KNubnRE06SENRXcnGvrj-y1EfKz2uAMdz7s0n6ark,3972
+capiscio_sdk/errors.py,sha256=vGk7fhf07MM4-p7tvMXZlIz0yHQw9J03yIGGqRAEWDY,2107
+capiscio_sdk/executor.py,sha256=jalft0M0PvyfN-5sxuPlD5hExC8EW_Af92pR2KwEtyc,7753
 capiscio_sdk/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-capiscio_sdk/types.py,sha256=mMh_4VTYRy0xE3Cng1WJEeHigAFUVroRG1GVHtzTN2E,7980
+capiscio_sdk/simple_guard.py,sha256=0s85UBDvNw8zG0y-gqZSibWEV_4LaykMATs-tIPCD5M,14516
+capiscio_sdk/types.py,sha256=A_0SLhrbX7apkH5yYGTkG-_284xRjCK0N3lEseVRJRs,7978
 capiscio_sdk/infrastructure/__init__.py,sha256=5yK7kbk1tcHqlnFIN0lR5N_4ZWWquNivLfHkXOAtso0,152
 capiscio_sdk/infrastructure/cache.py,sha256=FjIRRzNbsPxFZrxdeek51IwFSmR682Wpj1bvvmgqwiU,1841
 capiscio_sdk/infrastructure/rate_limiter.py,sha256=7Q_GfcooWKjioDeB46PpPb00laDmkLpUYGM0Ui8nXqI,3642
+capiscio_sdk/integrations/fastapi.py,sha256=op8Bwib0IoebIOihUzDEimY1Z_wmX2b3I374Io5bVcU,2896
 capiscio_sdk/scoring/__init__.py,sha256=OjHeqLe6aZ7yjbpmtt_upqXDwYUnX5CDXTVNngOMHcg,1083
 capiscio_sdk/scoring/availability.py,sha256=CzXA1ED48U1Cc06sh0Mtl_kxZP6af-9cceBumTXQhO8,9130
 capiscio_sdk/scoring/compliance.py,sha256=JZyYuT18A_eiDNdOz-doTIYwW6YhVPvfRj_siNAkkTY,9780
@@ -20,7 +22,7 @@ capiscio_sdk/validators/protocol.py,sha256=bkaJJXseulTJ4Sdiio8gE8Q_Pyqj0BRsJe6BG
 capiscio_sdk/validators/semver.py,sha256=mlF3GO5ZPA-w6FzSxhjcr56sgCdS0YVVAd1dUr1bxWs,6385
 capiscio_sdk/validators/signature.py,sha256=lI8XzaKfG_dXSOQXZ40Lda0ntga9EqqC4zAId2kOt6g,8072
 capiscio_sdk/validators/url_security.py,sha256=SdpOrB48hrfgAMuLvpWH2P0LLCJtg6QBohGDIye8f1E,9802
-capiscio_sdk-0.2.0.dist-info/METADATA,sha256=k3oDfOrYLqCpPighcDEnKPMNX3SRVsBxHfiAO6H7Oyc,7639
-capiscio_sdk-0.2.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-capiscio_sdk-0.2.0.dist-info/licenses/LICENSE,sha256=AMM_E-ILcCpX0JALqX3BL9yfgSx654BtkhX-CBFYp1Q,10758
-capiscio_sdk-0.2.0.dist-info/RECORD,,
+capiscio_sdk-0.3.0.dist-info/METADATA,sha256=MMJh_eCqXM-DyX1bkj3CDJG3UqxBE-Ie81peUbEnV-0,4641
+capiscio_sdk-0.3.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+capiscio_sdk-0.3.0.dist-info/licenses/LICENSE,sha256=AMM_E-ILcCpX0JALqX3BL9yfgSx654BtkhX-CBFYp1Q,10758
+capiscio_sdk-0.3.0.dist-info/RECORD,,

capiscio_sdk-0.2.0.dist-info/METADATA DELETED Viewed

@@ -1,221 +0,0 @@
-Metadata-Version: 2.4
-Name: capiscio-sdk
-Version: 0.2.0
-Summary: Runtime security middleware for A2A agents
-Project-URL: Homepage, https://capisc.io
-Project-URL: Documentation, https://docs.capisc.io/sdk-python
-Project-URL: Repository, https://github.com/capiscio/capiscio-sdk-python
-Project-URL: Issues, https://github.com/capiscio/capiscio-sdk-python/issues
-Author-email: Capiscio Team <team@capisc.io>
-License: Apache-2.0
-License-File: LICENSE
-Keywords: a2a,agent,agent-to-agent,middleware,security,validation
-Classifier: Development Status :: 3 - Alpha
-Classifier: Intended Audience :: Developers
-Classifier: License :: OSI Approved :: Apache Software License
-Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.10
-Classifier: Programming Language :: Python :: 3.11
-Classifier: Programming Language :: Python :: 3.12
-Classifier: Programming Language :: Python :: 3.13
-Classifier: Topic :: Security
-Classifier: Topic :: Software Development :: Libraries :: Python Modules
-Requires-Python: >=3.10
-Requires-Dist: a2a-sdk>=0.1.0
-Requires-Dist: cachetools>=5.3.0
-Requires-Dist: cryptography>=42.0.0
-Requires-Dist: httpx>=0.27.0
-Requires-Dist: pydantic>=2.0.0
-Requires-Dist: pyjwt[crypto]>=2.8.0
-Provides-Extra: dev
-Requires-Dist: black>=24.0.0; extra == 'dev'
-Requires-Dist: mypy>=1.9.0; extra == 'dev'
-Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
-Requires-Dist: pytest-cov>=4.1.0; extra == 'dev'
-Requires-Dist: pytest>=8.0.0; extra == 'dev'
-Requires-Dist: ruff>=0.3.0; extra == 'dev'
-Requires-Dist: types-cachetools>=5.3.0; extra == 'dev'
-Description-Content-Type: text/markdown
-# CapiscIO SDK (Python)
-**Runtime security middleware for A2A (Agent-to-Agent) protocol agents**
-[![PyPI version](https://badge.fury.io/py/capiscio-sdk.svg)](https://badge.fury.io/py/capiscio-sdk)
-[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
-[![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
-## What is CapiscIO SDK?
-CapiscIO SDK provides **always-on runtime protection** for agents using the [A2A (Agent-to-Agent) protocol](https://github.com/google/A2A). It wraps your agent executor to validate incoming requests, verify signatures, and protect against malicious actors—all without requiring peer cooperation.
-### Key Features
-- ✅ **Message validation** - Schema and protocol compliance checking
-- ✅ **Signature verification** - JWS/JWKS cryptographic validation (RFC 7515)
-- ✅ **Upstream protection** - Validate agents you call
-- ✅ **Downstream protection** - Validate agents calling you
-- ✅ **Rate limiting** - Token bucket algorithm
-- ✅ **Caching** - Performance-optimized validation results
-- ✅ **Three integration patterns** - Minimal, explicit, or decorator
-## Installation
-```bash
-pip install capiscio-sdk
-```
-## Quick Start
-### Pattern 1: Minimal (One-liner with Preset)
-```python
-from capiscio_sdk import secure, SecurityConfig
-from a2a.server.request_handlers import DefaultRequestHandler
-from a2a.server.tasks import InMemoryTaskStore
-# Wrap your agent with security (production defaults)
-agent = secure(MyAgentExecutor(), SecurityConfig.production())
-# Use in A2A request handler
-handler = DefaultRequestHandler(
-    agent_executor=agent,
-    task_store=InMemoryTaskStore()
-)
-# Access validation results (three-dimensional scoring)
-result = await agent.validate_agent_card(card_url)
-print(result.compliance.total, result.trust.total, result.availability.total)
-```
-### Pattern 2: Granular Control
-```python
-from capiscio_sdk import CapiscIOSecurityExecutor, SecurityConfig
-# Start with a preset, customize what matters to you
-config = SecurityConfig.production()
-config.downstream.rate_limit_requests_per_minute = 100  # Higher rate limit
-config.downstream.require_signatures = True             # Enforce signatures
-config.upstream.test_endpoints = True                   # Test before calling
-config.fail_mode = "monitor"                            # Log but don't block yet
-secure_agent = CapiscIOSecurityExecutor(
-    delegate=MyAgentExecutor(),
-    config=config
-)
-```
-### Pattern 3: Environment-Driven (12-Factor App)
-```python
-from capiscio_sdk import secure_agent, SecurityConfig
-from a2a import AgentExecutor, RequestContext, EventQueue
-@secure_agent(config=SecurityConfig.from_env())
-class MyAgentExecutor(AgentExecutor):
-    async def execute(self, context: RequestContext, event_queue: EventQueue):
-        # Your agent logic - config loaded from env vars
-        pass
-# Already secured - use directly!
-handler = DefaultRequestHandler(agent_executor=MyAgentExecutor())
-```
-**All 16 configuration options documented in the [Configuration Guide](https://docs.capisc.io/sdk-python/guides/configuration/).**
-## Why CapiscIO?
-### The Problem
-When building A2A agents, you face security risks from:
-- **Malicious downstream agents** sending invalid/malicious requests
-- **Broken upstream dependencies** with invalid agent cards
-- **Protocol violations** causing runtime failures
-- **Missing signatures** with no authenticity verification
-### The Solution
-CapiscIO wraps your agent executor and provides:
-1. **Downstream Protection** - Validates all incoming requests
-2. **Upstream Protection** - Validates agents you call
-3. **Always-On** - Works without peer cooperation
-4. **Performance** - Caching and parallel validation
-5. **Three-Dimensional Scoring** - Compliance, trust, and availability insights
-## Configuration
-### Presets
-```python
-# Development - Permissive, verbose logging
-SecurityConfig.development()
-# Production - Balanced (default)
-SecurityConfig.production()
-# Strict - Maximum security
-SecurityConfig.strict()
-# From environment variables
-SecurityConfig.from_env()
-```
-### Custom Configuration
-```python
-from capiscio_sdk import SecurityConfig, DownstreamConfig, UpstreamConfig
-config = SecurityConfig(
-    downstream=DownstreamConfig(
-        validate_schema=True,
-        verify_signatures=True,
-        require_signatures=False,
-        enable_rate_limiting=True,
-        rate_limit_requests_per_minute=100
-    ),
-    upstream=UpstreamConfig(
-        validate_agent_cards=True,
-        verify_signatures=True,
-        cache_validation=True,
-        cache_timeout=3600  # seconds
-    ),
-    fail_mode="block",  # "block" | "monitor" | "log"
-    timeout_ms=5000
-)
-```
-## Documentation
-- [Quickstart Guide](docs/quickstart.md)
-- [Configuration Reference](docs/configuration.md)
-- [API Documentation](docs/api-reference.md)
-- [Examples](examples/)
-## Roadmap
-- **V1.0** (Q4 2025) - Core middleware (this package)
-- **V2.0** (Q2 2026) - Extension protocol (validation feedback)
-- **V3.0** (Q3 2026) - Platform integration (trust network)
-- **V4.0** (Q4 2026) - Enterprise features (policies, audit logs)
-## Contributing
-We welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
-## License
-Apache License 2.0 - see [LICENSE](LICENSE) for details.
-## About A2A
-The [Agent-to-Agent (A2A) protocol](https://github.com/google/A2A) is an open standard for agent interoperability, supported by Google and 50+ partners including Salesforce, ServiceNow, SAP, Intuit, and more. CapiscIO provides the security layer for production A2A deployments.
-## Support
-- **Issues:** [GitHub Issues](https://github.com/capiscio/capiscio-sdk-python/issues)
-- **Discussions:** [GitHub Discussions](https://github.com/capiscio/capiscio-sdk-python/discussions)
-- **Documentation:** [docs.capisc.io](https://docs.capisc.io)
-- **Website:** [capisc.io](https://capisc.io)

{capiscio_sdk-0.2.0.dist-info → capiscio_sdk-0.3.0.dist-info}/WHEEL RENAMED Viewed

File without changes

{capiscio_sdk-0.2.0.dist-info → capiscio_sdk-0.3.0.dist-info}/licenses/LICENSE RENAMED Viewed

File without changes

capiscio-sdk 0.2.0__py3-none-any.whl → 0.3.0__py3-none-any.whl

capiscio-sdk 0.2.0py3-none-any.whl → 0.3.0py3-none-any.whl