Metadata-Version: 2.4
Name: ubag
Version: 0.2.0
Summary: Agent identity and routing middleware for MCP-compatible agents
Author: Mohamed Ben Hadj Hmida
License-Expression: MIT
Project-URL: Homepage, https://ubagprotocol.com
Project-URL: Repository, https://github.com/mohameduk/Ubag_protocol
Keywords: mcp,agents,ai,middleware,routing,bot-detection
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Topic :: Internet :: WWW/HTTP :: HTTP Servers
Classifier: Topic :: Security
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: PyJWT[crypto]>=2.8.0
Requires-Dist: cryptography>=42.0
Requires-Dist: httpx>=0.27.0
Provides-Extra: fastapi
Requires-Dist: fastapi>=0.111.0; extra == "fastapi"
Requires-Dist: starlette>=0.37.0; extra == "fastapi"
Provides-Extra: django
Requires-Dist: django>=4.2; extra == "django"
Provides-Extra: flask
Requires-Dist: flask>=3.0; extra == "flask"
Provides-Extra: dev
Requires-Dist: pytest>=8.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.23; extra == "dev"
Requires-Dist: httpx>=0.27.0; extra == "dev"
Requires-Dist: fastapi>=0.111.0; extra == "dev"
Requires-Dist: starlette>=0.37.0; extra == "dev"
Dynamic: license-file

# ubag (Python)

**UBAG Web Layer — agent identity and routing at the web edge.** FastAPI / Starlette middleware.

When an autonomous agent visits a website, UBAG verifies *who it is* and routes
accordingly: humans to your normal site, credentialed agents to clean JSON-LD,
unknown bots to a cryptographic challenge. Asymmetric by design — agent identity
is an Ed25519 keypair; credentials are ES256 JWTs verifiable via JWKS, no shared
secrets.

> Early but real, pre-1.0, unaudited. See the
> [full README](https://github.com/mohameduk/Ubag_protocol#readme) and
> [SECURITY.md](https://github.com/mohameduk/Ubag_protocol/blob/main/SECURITY.md).

## Install

```bash
pip install "ubag[fastapi]"
```

## Quick start

```python
from fastapi import FastAPI
from ubag import UBAGMiddleware, generate_issuer_keypair

issuer_private, _ = generate_issuer_keypair()   # EC P-256 (ES256)

app = FastAPI()
app.add_middleware(
    UBAGMiddleware,
    origin="https://yoursite.com",
    issuer_key=issuer_private,                  # mints + verifies credentials
    site_meta={"name": "My Store", "type": "Store", "description": "We sell widgets"},
)
```

Your site now serves clean JSON-LD to credentialed agents, proxies humans to your
origin, challenges unknown bots, exposes `/.well-known/ubag.json` for discovery,
and serves its issuer key as JWKS at `/.well-known/jwks.json`.

A Node/Express SDK with an identical, cross-verifiable wire format is in the same
repo. Full docs, a runnable demo, and the protocol details:
**https://github.com/mohameduk/Ubag_protocol**

MIT licensed.
