@agent-score/commerce 2.1.0 → 2.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (76) hide show
  1. package/README.md +1 -1
  2. package/dist/challenge/index.d.mts +2 -2
  3. package/dist/challenge/index.d.ts +2 -2
  4. package/dist/challenge/index.js +7 -5
  5. package/dist/challenge/index.js.map +1 -1
  6. package/dist/challenge/index.mjs +7 -5
  7. package/dist/challenge/index.mjs.map +1 -1
  8. package/dist/{checkout-Bd_4aQ6c.d.mts → checkout-CKQE2QpJ.d.mts} +38 -23
  9. package/dist/{checkout-BH-I_Ns8.d.ts → checkout-CfgxgPZL.d.ts} +38 -23
  10. package/dist/core.js +4 -3
  11. package/dist/core.js.map +1 -1
  12. package/dist/core.mjs +4 -3
  13. package/dist/core.mjs.map +1 -1
  14. package/dist/{default_rails-BxBzcCA1.d.ts → default_rails-C5gKZJMI.d.ts} +11 -1
  15. package/dist/{default_rails-BWAquZeu.d.mts → default_rails-XFCuRddA.d.mts} +11 -1
  16. package/dist/discovery/index.d.mts +3 -3
  17. package/dist/discovery/index.d.ts +3 -3
  18. package/dist/identity/express.d.mts +4 -3
  19. package/dist/identity/express.d.ts +4 -3
  20. package/dist/identity/express.js +4 -3
  21. package/dist/identity/express.js.map +1 -1
  22. package/dist/identity/express.mjs +4 -3
  23. package/dist/identity/express.mjs.map +1 -1
  24. package/dist/identity/fastify.d.mts +4 -3
  25. package/dist/identity/fastify.d.ts +4 -3
  26. package/dist/identity/fastify.js +4 -3
  27. package/dist/identity/fastify.js.map +1 -1
  28. package/dist/identity/fastify.mjs +4 -3
  29. package/dist/identity/fastify.mjs.map +1 -1
  30. package/dist/identity/hono.d.mts +4 -3
  31. package/dist/identity/hono.d.ts +4 -3
  32. package/dist/identity/hono.js +4 -3
  33. package/dist/identity/hono.js.map +1 -1
  34. package/dist/identity/hono.mjs +4 -3
  35. package/dist/identity/hono.mjs.map +1 -1
  36. package/dist/identity/nextjs.js +4 -3
  37. package/dist/identity/nextjs.js.map +1 -1
  38. package/dist/identity/nextjs.mjs +4 -3
  39. package/dist/identity/nextjs.mjs.map +1 -1
  40. package/dist/identity/policy.js +22 -23363
  41. package/dist/identity/policy.js.map +1 -1
  42. package/dist/identity/policy.mjs +1 -23366
  43. package/dist/identity/policy.mjs.map +1 -1
  44. package/dist/identity/web.js +4 -3
  45. package/dist/identity/web.js.map +1 -1
  46. package/dist/identity/web.mjs +4 -3
  47. package/dist/identity/web.mjs.map +1 -1
  48. package/dist/index.d.mts +73 -6
  49. package/dist/index.d.ts +73 -6
  50. package/dist/index.js +392 -148
  51. package/dist/index.js.map +1 -1
  52. package/dist/index.mjs +389 -146
  53. package/dist/index.mjs.map +1 -1
  54. package/dist/middleware/express.js.map +1 -1
  55. package/dist/middleware/express.mjs.map +1 -1
  56. package/dist/middleware/fastify.js.map +1 -1
  57. package/dist/middleware/fastify.mjs.map +1 -1
  58. package/dist/middleware/hono.js.map +1 -1
  59. package/dist/middleware/hono.mjs.map +1 -1
  60. package/dist/middleware/nextjs.js.map +1 -1
  61. package/dist/middleware/nextjs.mjs.map +1 -1
  62. package/dist/middleware/web.js.map +1 -1
  63. package/dist/middleware/web.mjs.map +1 -1
  64. package/dist/payment/index.d.mts +13 -17
  65. package/dist/payment/index.d.ts +13 -17
  66. package/dist/payment/index.js +80 -4
  67. package/dist/payment/index.js.map +1 -1
  68. package/dist/payment/index.mjs +79 -4
  69. package/dist/payment/index.mjs.map +1 -1
  70. package/dist/{pricing-4n5Ota0D.d.mts → pricing-dSI3ePmE.d.mts} +4 -2
  71. package/dist/{pricing-DHfH3ogG.d.ts → pricing-uFGRNoGl.d.ts} +4 -2
  72. package/dist/stripe-multichain/index.js +55 -5
  73. package/dist/stripe-multichain/index.js.map +1 -1
  74. package/dist/stripe-multichain/index.mjs +55 -5
  75. package/dist/stripe-multichain/index.mjs.map +1 -1
  76. package/package.json +8 -8
package/dist/stripe-multichain/index.mjs CHANGED
@@ -19432,11 +19432,12 @@ function toClient(method, options) {
19432
19432
  };
19433
19433
  }
19434
19434
  function toServer(method, options) {
19435
- const { authorize, defaults, html, request, respond, stableBinding, transport, verify: verify3 } = options;
19435
+ const { authorize, defaults, extensions, html, request, respond, stableBinding, transport, verify: verify3 } = options;
19436
19436
  return {
19437
19437
  ...method,
19438
19438
  authorize,
19439
19439
  defaults,
19440
+ extensions,
19440
19441
  html,
19441
19442
  request,
19442
19443
  respond,
@@ -19642,6 +19643,22 @@ var init_dist2 = __esm({
19642
19643
  }
19643
19644
  });
19644
19645
 
19646
+ // src/errors.ts
19647
+ var CheckoutValidationError = class extends Error {
19648
+ code;
19649
+ action;
19650
+ status;
19651
+ extra;
19652
+ constructor(opts) {
19653
+ super(opts.message);
19654
+ this.name = "CheckoutValidationError";
19655
+ this.code = opts.code;
19656
+ this.action = opts.action ?? "fix_request";
19657
+ this.status = opts.status ?? 400;
19658
+ this.extra = opts.extra;
19659
+ }
19660
+ };
19661
+
19645
19662
  // src/stripe-multichain/payment_intent.ts
19646
19663
  async function createMultichainPaymentIntent({
19647
19664
  stripe,
@@ -19674,7 +19691,12 @@ async function createMultichainPaymentIntent({
19674
19691
  if (info?.address) depositAddresses[network] = info.address;
19675
19692
  }
19676
19693
  if (Object.keys(depositAddresses).length === 0) {
19677
- throw new Error("No deposit addresses returned from Stripe PaymentIntent");
19694
+ throw new CheckoutValidationError({
19695
+ code: "payment_provider_unavailable",
19696
+ message: "Stripe returned no crypto deposit addresses for this PaymentIntent. The account may not be enrolled in the Stablecoins and Crypto preview, or the feature was revoked.",
19697
+ action: "retry_later",
19698
+ status: 503
19699
+ });
19678
19700
  }
19679
19701
  return { paymentIntentId: pi.id, depositAddresses };
19680
19702
  }
@@ -19685,12 +19707,35 @@ async function createPayToAddressFromStripePI(opts) {
19685
19707
  if (authHeader) {
19686
19708
  const { Credential } = await Promise.resolve().then(() => (init_dist2(), dist_exports));
19687
19709
  if (Credential.extractPaymentScheme(authHeader)) {
19688
- const credential = Credential.fromRequest(opts.request);
19710
+ let credential;
19711
+ try {
19712
+ credential = Credential.fromRequest(opts.request);
19713
+ } catch {
19714
+ throw new CheckoutValidationError({
19715
+ code: "invalid_credential",
19716
+ message: "The Authorization: Payment header is not a valid MPP credential.",
19717
+ action: "retry_without_credential",
19718
+ status: 401
19719
+ });
19720
+ }
19689
19721
  const method = credential.challenge.method;
19690
19722
  if (method === "tempo" || method === "solana") {
19691
19723
  const toAddress = credential.challenge.request.recipient;
19724
+ if (typeof toAddress !== "string" || !toAddress) {
19725
+ throw new CheckoutValidationError({
19726
+ code: "invalid_credential",
19727
+ message: "The MPP credential is missing its recipient field.",
19728
+ action: "retry_without_credential",
19729
+ status: 401
19730
+ });
19731
+ }
19692
19732
  if (!await opts.piCache.hasAddress(toAddress)) {
19693
- throw new Error("Invalid payTo address: not found in cache or expired");
19733
+ throw new CheckoutValidationError({
19734
+ code: "invalid_credential",
19735
+ message: "The signed-against payTo recipient is not in this merchant's cache (unknown or expired). Retry without the Authorization: Payment header to receive a fresh 402 challenge.",
19736
+ action: "retry_without_credential",
19737
+ status: 401
19738
+ });
19694
19739
  }
19695
19740
  return toAddress;
19696
19741
  }
@@ -19712,7 +19757,12 @@ async function createPayToAddressFromStripePI(opts) {
19712
19757
  const preferred = opts.preferredNetwork ?? "tempo";
19713
19758
  const payTo = depositAddresses[preferred] ?? depositAddresses.base ?? depositAddresses.tempo;
19714
19759
  if (!payTo) {
19715
- throw new Error("Failed to resolve pay_to address from Stripe PaymentIntent");
19760
+ throw new CheckoutValidationError({
19761
+ code: "payment_provider_unavailable",
19762
+ message: "Stripe returned deposit addresses but none matched the requested network (tempo / base / solana). The account may have only a subset of multichain networks enabled.",
19763
+ action: "retry_later",
19764
+ status: 503
19765
+ });
19716
19766
  }
19717
19767
  return payTo;
19718
19768
  }