@agent-score/commerce 2.1.0 → 2.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/README.md +1 -1
  2. package/dist/challenge/index.js.map +1 -1
  3. package/dist/challenge/index.mjs.map +1 -1
  4. package/dist/{checkout-Bd_4aQ6c.d.mts → checkout-BRw_caGr.d.mts} +1 -22
  5. package/dist/{checkout-BH-I_Ns8.d.ts → checkout-CuSNUJFX.d.ts} +1 -22
  6. package/dist/core.js +1 -1
  7. package/dist/core.js.map +1 -1
  8. package/dist/core.mjs +1 -1
  9. package/dist/core.mjs.map +1 -1
  10. package/dist/{default_rails-BxBzcCA1.d.ts → default_rails-C5gKZJMI.d.ts} +11 -1
  11. package/dist/{default_rails-BWAquZeu.d.mts → default_rails-XFCuRddA.d.mts} +11 -1
  12. package/dist/discovery/index.d.mts +1 -1
  13. package/dist/discovery/index.d.ts +1 -1
  14. package/dist/identity/express.js +1 -1
  15. package/dist/identity/express.js.map +1 -1
  16. package/dist/identity/express.mjs +1 -1
  17. package/dist/identity/express.mjs.map +1 -1
  18. package/dist/identity/fastify.js +1 -1
  19. package/dist/identity/fastify.js.map +1 -1
  20. package/dist/identity/fastify.mjs +1 -1
  21. package/dist/identity/fastify.mjs.map +1 -1
  22. package/dist/identity/hono.js +1 -1
  23. package/dist/identity/hono.js.map +1 -1
  24. package/dist/identity/hono.mjs +1 -1
  25. package/dist/identity/hono.mjs.map +1 -1
  26. package/dist/identity/nextjs.js +1 -1
  27. package/dist/identity/nextjs.js.map +1 -1
  28. package/dist/identity/nextjs.mjs +1 -1
  29. package/dist/identity/nextjs.mjs.map +1 -1
  30. package/dist/identity/policy.js +22 -23363
  31. package/dist/identity/policy.js.map +1 -1
  32. package/dist/identity/policy.mjs +1 -23366
  33. package/dist/identity/policy.mjs.map +1 -1
  34. package/dist/identity/web.js +1 -1
  35. package/dist/identity/web.js.map +1 -1
  36. package/dist/identity/web.mjs +1 -1
  37. package/dist/identity/web.mjs.map +1 -1
  38. package/dist/index.d.mts +72 -5
  39. package/dist/index.d.ts +72 -5
  40. package/dist/index.js +256 -136
  41. package/dist/index.js.map +1 -1
  42. package/dist/index.mjs +253 -134
  43. package/dist/index.mjs.map +1 -1
  44. package/dist/middleware/express.js.map +1 -1
  45. package/dist/middleware/express.mjs.map +1 -1
  46. package/dist/middleware/fastify.js.map +1 -1
  47. package/dist/middleware/fastify.mjs.map +1 -1
  48. package/dist/middleware/hono.js.map +1 -1
  49. package/dist/middleware/hono.mjs.map +1 -1
  50. package/dist/middleware/nextjs.js.map +1 -1
  51. package/dist/middleware/nextjs.mjs.map +1 -1
  52. package/dist/middleware/web.js.map +1 -1
  53. package/dist/middleware/web.mjs.map +1 -1
  54. package/dist/payment/index.d.mts +13 -17
  55. package/dist/payment/index.d.ts +13 -17
  56. package/dist/payment/index.js +80 -4
  57. package/dist/payment/index.js.map +1 -1
  58. package/dist/payment/index.mjs +79 -4
  59. package/dist/payment/index.mjs.map +1 -1
  60. package/dist/stripe-multichain/index.js +53 -4
  61. package/dist/stripe-multichain/index.js.map +1 -1
  62. package/dist/stripe-multichain/index.mjs +53 -4
  63. package/dist/stripe-multichain/index.mjs.map +1 -1
  64. package/package.json +4 -4
package/dist/stripe-multichain/index.mjs CHANGED
@@ -19642,6 +19642,22 @@ var init_dist2 = __esm({
19642
19642
  }
19643
19643
  });
19644
19644
 
19645
+ // src/errors.ts
19646
+ var CheckoutValidationError = class extends Error {
19647
+ code;
19648
+ action;
19649
+ status;
19650
+ extra;
19651
+ constructor(opts) {
19652
+ super(opts.message);
19653
+ this.name = "CheckoutValidationError";
19654
+ this.code = opts.code;
19655
+ this.action = opts.action ?? "fix_request";
19656
+ this.status = opts.status ?? 400;
19657
+ this.extra = opts.extra;
19658
+ }
19659
+ };
19660
+
19645
19661
  // src/stripe-multichain/payment_intent.ts
19646
19662
  async function createMultichainPaymentIntent({
19647
19663
  stripe,
@@ -19674,7 +19690,12 @@ async function createMultichainPaymentIntent({
19674
19690
  if (info?.address) depositAddresses[network] = info.address;
19675
19691
  }
19676
19692
  if (Object.keys(depositAddresses).length === 0) {
19677
- throw new Error("No deposit addresses returned from Stripe PaymentIntent");
19693
+ throw new CheckoutValidationError({
19694
+ code: "payment_provider_unavailable",
19695
+ message: "Stripe returned no crypto deposit addresses for this PaymentIntent. The account may not be enrolled in the Stablecoins and Crypto preview, or the feature was revoked.",
19696
+ action: "retry_later",
19697
+ status: 503
19698
+ });
19678
19699
  }
19679
19700
  return { paymentIntentId: pi.id, depositAddresses };
19680
19701
  }
@@ -19685,12 +19706,35 @@ async function createPayToAddressFromStripePI(opts) {
19685
19706
  if (authHeader) {
19686
19707
  const { Credential } = await Promise.resolve().then(() => (init_dist2(), dist_exports));
19687
19708
  if (Credential.extractPaymentScheme(authHeader)) {
19688
- const credential = Credential.fromRequest(opts.request);
19709
+ let credential;
19710
+ try {
19711
+ credential = Credential.fromRequest(opts.request);
19712
+ } catch {
19713
+ throw new CheckoutValidationError({
19714
+ code: "invalid_credential",
19715
+ message: "The Authorization: Payment header is not a valid MPP credential.",
19716
+ action: "retry_without_credential",
19717
+ status: 401
19718
+ });
19719
+ }
19689
19720
  const method = credential.challenge.method;
19690
19721
  if (method === "tempo" || method === "solana") {
19691
19722
  const toAddress = credential.challenge.request.recipient;
19723
+ if (typeof toAddress !== "string" || !toAddress) {
19724
+ throw new CheckoutValidationError({
19725
+ code: "invalid_credential",
19726
+ message: "The MPP credential is missing its recipient field.",
19727
+ action: "retry_without_credential",
19728
+ status: 401
19729
+ });
19730
+ }
19692
19731
  if (!await opts.piCache.hasAddress(toAddress)) {
19693
- throw new Error("Invalid payTo address: not found in cache or expired");
19732
+ throw new CheckoutValidationError({
19733
+ code: "invalid_credential",
19734
+ message: "The signed-against payTo recipient is not in this merchant's cache (unknown or expired). Retry without the Authorization: Payment header to receive a fresh 402 challenge.",
19735
+ action: "retry_without_credential",
19736
+ status: 401
19737
+ });
19694
19738
  }
19695
19739
  return toAddress;
19696
19740
  }
@@ -19712,7 +19756,12 @@ async function createPayToAddressFromStripePI(opts) {
19712
19756
  const preferred = opts.preferredNetwork ?? "tempo";
19713
19757
  const payTo = depositAddresses[preferred] ?? depositAddresses.base ?? depositAddresses.tempo;
19714
19758
  if (!payTo) {
19715
- throw new Error("Failed to resolve pay_to address from Stripe PaymentIntent");
19759
+ throw new CheckoutValidationError({
19760
+ code: "payment_provider_unavailable",
19761
+ message: "Stripe returned deposit addresses but none matched the requested network (tempo / base / solana). The account may have only a subset of multichain networks enabled.",
19762
+ action: "retry_later",
19763
+ status: 503
19764
+ });
19716
19765
  }
19717
19766
  return payTo;
19718
19767
  }