@agent-score/commerce 2.1.1 → 2.3.0

package/dist/stripe-multichain/index.mjs

@@ -19432,11 +19432,12 @@ function toClient(method, options) {
   };
 }
 function toServer(method, options) {
-  const { authorize, defaults, html, request, respond, stableBinding, transport, verify: verify3 } = options;
+  const { authorize, defaults, extensions, html, request, respond, stableBinding, transport, verify: verify3 } = options;
   return {
     ...method,
     authorize,
     defaults,
+    extensions,
     html,
     request,
     respond,
@@ -19701,50 +19702,76 @@ async function createMultichainPaymentIntent({
 }
 
 // src/stripe-multichain/pay_to_address.ts
+var DEFAULT_NETWORKS = ["tempo", "base", "solana"];
 async function createPayToAddressFromStripePI(opts) {
+  const fromCredential = await tryResolveFromCredential(opts);
+  if (fromCredential !== null) return fromCredential;
+  const { preferred } = await mintAndCache(opts);
+  return preferred;
+}
+async function mintMultichainRecipients(opts) {
+  const fromCredential = await tryResolveFromCredential(opts);
+  if (fromCredential !== null) {
+    const piId = opts.piCache.getPaymentIntentId(fromCredential);
+    const networkMap = piId ? readNetworkMapFromCache(opts.piCache, piId) : {};
+    const merged2 = { ...networkMap, ...opts.staticRecipients ?? {} };
+    return {
+      recipients: merged2,
+      ...piId !== void 0 && { paymentIntentId: piId },
+      reusedFromCredential: true
+    };
+  }
+  const { merged, paymentIntentId } = await mintAndCache(opts);
+  return { recipients: merged, paymentIntentId, reusedFromCredential: false };
+}
+async function tryResolveFromCredential(opts) {
   const authHeader = opts.request.headers.get("authorization");
-  if (authHeader) {
-    const { Credential } = await Promise.resolve().then(() => (init_dist2(), dist_exports));
-    if (Credential.extractPaymentScheme(authHeader)) {
-      let credential;
-      try {
-        credential = Credential.fromRequest(opts.request);
-      } catch {
-        throw new CheckoutValidationError({
-          code: "invalid_credential",
-          message: "The Authorization: Payment header is not a valid MPP credential.",
-          action: "retry_without_credential",
-          status: 401
-        });
-      }
-      const method = credential.challenge.method;
-      if (method === "tempo" || method === "solana") {
-        const toAddress = credential.challenge.request.recipient;
-        if (typeof toAddress !== "string" || !toAddress) {
-          throw new CheckoutValidationError({
-            code: "invalid_credential",
-            message: "The MPP credential is missing its recipient field.",
-            action: "retry_without_credential",
-            status: 401
-          });
-        }
-        if (!await opts.piCache.hasAddress(toAddress)) {
-          throw new CheckoutValidationError({
-            code: "invalid_credential",
-            message: "The signed-against payTo recipient is not in this merchant's cache (unknown or expired). Retry without the Authorization: Payment header to receive a fresh 402 challenge.",
-            action: "retry_without_credential",
-            status: 401
-          });
-        }
-        return toAddress;
-      }
-    }
+  if (!authHeader) return null;
+  const { Credential } = await Promise.resolve().then(() => (init_dist2(), dist_exports));
+  if (!Credential.extractPaymentScheme(authHeader)) return null;
+  let credential;
+  try {
+    credential = Credential.fromRequest(opts.request);
+  } catch {
+    throw new CheckoutValidationError({
+      code: "invalid_credential",
+      message: "The Authorization: Payment header is not a valid MPP credential.",
+      action: "retry_without_credential",
+      status: 401
+    });
+  }
+  const method = credential.challenge.method;
+  if (method !== "tempo" && method !== "solana") return null;
+  const toAddress = credential.challenge.request.recipient;
+  if (typeof toAddress !== "string" || !toAddress) {
+    throw new CheckoutValidationError({
+      code: "invalid_credential",
+      message: "The MPP credential is missing its recipient field.",
+      action: "retry_without_credential",
+      status: 401
+    });
+  }
+  const staticForMethod = opts.staticRecipients?.[method];
+  if (staticForMethod && staticForMethod === toAddress) return toAddress;
+  if (!await opts.piCache.hasAddress(toAddress)) {
+    throw new CheckoutValidationError({
+      code: "invalid_credential",
+      message: "The signed-against payTo recipient is not in this merchant's cache (unknown or expired). Retry without the Authorization: Payment header to receive a fresh 402 challenge.",
+      action: "retry_without_credential",
+      status: 401
+    });
   }
+  return toAddress;
+}
+async function mintAndCache(opts) {
+  const staticRecipients = opts.staticRecipients ?? {};
+  const requestedNetworks = opts.networks ?? [...DEFAULT_NETWORKS];
+  const stripeNetworks = requestedNetworks.filter((n) => !(n in staticRecipients));
   const idempotencyKey = opts.orderId ? `pi-${opts.orderId}-${opts.amountCents}` : void 0;
   const { paymentIntentId, depositAddresses } = await createMultichainPaymentIntent({
     stripe: opts.stripe,
     amount: opts.amountCents,
-    networks: opts.networks ?? ["tempo", "base", "solana"],
+    networks: stripeNetworks,
     ...opts.metadata ? { metadata: opts.metadata } : {},
     ...idempotencyKey ? { idempotencyKey } : {}
   });
@@ -19752,10 +19779,14 @@ async function createPayToAddressFromStripePI(opts) {
     await opts.piCache.cacheAddress(address2);
     opts.piCache.cachePaymentIntent(address2, paymentIntentId);
   }
-  opts.piCache.cacheNetworkAddresses(paymentIntentId, depositAddresses);
-  const preferred = opts.preferredNetwork ?? "tempo";
-  const payTo = depositAddresses[preferred] ?? depositAddresses.base ?? depositAddresses.tempo;
-  if (!payTo) {
+  for (const address2 of Object.values(staticRecipients)) {
+    await opts.piCache.cacheAddress(address2);
+  }
+  const merged = { ...depositAddresses, ...staticRecipients };
+  opts.piCache.cacheNetworkAddresses(paymentIntentId, merged);
+  const preferredKey = opts.preferredNetwork ?? "tempo";
+  const preferred = merged[preferredKey] ?? merged.base ?? merged.tempo;
+  if (!preferred) {
     throw new CheckoutValidationError({
       code: "payment_provider_unavailable",
       message: "Stripe returned deposit addresses but none matched the requested network (tempo / base / solana). The account may have only a subset of multichain networks enabled.",
@@ -19763,7 +19794,15 @@ async function createPayToAddressFromStripePI(opts) {
       status: 503
     });
   }
-  return payTo;
+  return { preferred, merged, paymentIntentId };
+}
+function readNetworkMapFromCache(piCache, paymentIntentId) {
+  const entries = [];
+  for (const n of DEFAULT_NETWORKS) {
+    const addr = piCache.getNetworkDepositAddress(paymentIntentId, n);
+    if (addr) entries.push([n, addr]);
+  }
+  return Object.fromEntries(entries);
 }
 
 // src/stripe-multichain/simulate_deposit.ts
@@ -19987,6 +20026,7 @@ export {
   createMultichainPaymentIntent,
   createPayToAddressFromStripePI,
   createPiCache,
+  mintMultichainRecipients,
   networkForOutcome,
   simulateCryptoDeposit,
   simulateDepositForOutcome,