@agentcash/router 1.1.10 → 1.2.0

package/dist/index.cjs

@@ -625,8 +625,8 @@ function resolveMaxPrice(pricing) {
 }
 
 // src/orchestrate.ts
-var import_mppx = require("mppx");
-var import_viem = require("viem");
+var import_mppx2 = require("mppx");
+var import_viem2 = require("viem");
 
 // src/protocols/x402.ts
 init_x402_facilitators();
@@ -898,6 +898,22 @@ async function buildSIWXExtension() {
   return declareSIWxExtension();
 }
 
+// src/auth/mpp-siwx.ts
+var import_mppx = require("mppx");
+var import_viem = require("viem");
+async function verifyMppSiwx(request, mppx) {
+  const result = await mppx.charge({ amount: "0" })(request);
+  if (result.status === 402) {
+    return { valid: false, challenge: result.challenge };
+  }
+  const credential = import_mppx.Credential.fromRequest(request);
+  const rawSource = credential?.source ?? "";
+  const didParts = rawSource.split(":");
+  const lastPart = didParts[didParts.length - 1];
+  const wallet = normalizeWalletAddress((0, import_viem.isAddress)(lastPart) ? (0, import_viem.getAddress)(lastPart) : rawSource);
+  return { valid: true, wallet, withReceipt: result.withReceipt };
+}
+
 // src/auth/api-key.ts
 async function verifyApiKey(request, resolver) {
   const apiKey = request.headers.get("X-API-Key") ?? extractBearerToken(request.headers.get("Authorization"));
@@ -1063,6 +1079,33 @@ function createRequestHandler(routeEntry, handler, deps) {
         }
       }
       const siwxHeader = request.headers.get("SIGN-IN-WITH-X");
+      if (!siwxHeader && protocol === "mpp" && routeEntry.authMode === "siwx" && deps.mppx) {
+        let mppSiwxResult;
+        try {
+          mppSiwxResult = await verifyMppSiwx(request, deps.mppx);
+        } catch (err) {
+          const message = err instanceof Error ? err.message : String(err);
+          firePluginHook(deps.plugin, "onAlert", pluginCtx, {
+            level: "critical",
+            message: `MPP SIWX verification failed: ${message}`,
+            route: routeEntry.key
+          });
+          return fail(500, `MPP SIWX verification failed: ${message}`, meta, pluginCtx);
+        }
+        if (mppSiwxResult.valid) {
+          pluginCtx.setVerifiedWallet(mppSiwxResult.wallet);
+          firePluginHook(deps.plugin, "onAuthVerified", pluginCtx, {
+            authMode: "siwx",
+            wallet: mppSiwxResult.wallet,
+            route: routeEntry.key
+          });
+          const authResponse = await handleAuth(mppSiwxResult.wallet, void 0);
+          if (authResponse.status < 400) {
+            return mppSiwxResult.withReceipt(authResponse);
+          }
+          return authResponse;
+        }
+      }
       if (!siwxHeader && routeEntry.authMode === "siwx") {
         const url = new URL(request.url);
         const nonce = crypto.randomUUID().replace(/-/g, "");
@@ -1118,6 +1161,16 @@ function createRequestHandler(routeEntry, handler, deps) {
           headers: { "Content-Type": "application/json", "Cache-Control": "no-store" }
         });
         if (encoded) response.headers.set("PAYMENT-REQUIRED", encoded);
+        if (deps.mppx) {
+          try {
+            const mppChallenge = await deps.mppx.charge({ amount: "0" })(request);
+            if (mppChallenge.status === 402) {
+              const wwwAuth = mppChallenge.challenge.headers.get("WWW-Authenticate");
+              if (wwwAuth) response.headers.set("WWW-Authenticate", wwwAuth);
+            }
+          } catch {
+          }
+        }
         firePluginResponse(deps, pluginCtx, meta, response);
         return response;
       }
@@ -1343,11 +1396,11 @@ function createRequestHandler(routeEntry, handler, deps) {
         });
         return await build402(request, routeEntry, deps, meta, pluginCtx, body.data);
       }
-      const credential = import_mppx.Credential.fromRequest(request);
+      const credential = import_mppx2.Credential.fromRequest(request);
       const rawSource = credential?.source ?? "";
       const didParts = rawSource.split(":");
       const lastPart = didParts[didParts.length - 1];
-      const wallet = normalizeWalletAddress((0, import_viem.isAddress)(lastPart) ? (0, import_viem.getAddress)(lastPart) : rawSource);
+      const wallet = normalizeWalletAddress((0, import_viem2.isAddress)(lastPart) ? (0, import_viem2.getAddress)(lastPart) : rawSource);
       pluginCtx.setVerifiedWallet(wallet);
       firePluginHook(deps.plugin, "onPaymentVerified", pluginCtx, {
         protocol: "mpp",
@@ -1426,7 +1479,7 @@ async function resolveDynamicPrice(bodyData, routeEntry, deps, pluginCtx, meta)
     if (routeEntry.maxPrice) {
       const calculated = parseFloat(price);
       const max = parseFloat(routeEntry.maxPrice);
-      if (calculated > max) {
+      if (!Number.isFinite(calculated) || calculated > max) {
         firePluginHook(deps.plugin, "onAlert", pluginCtx, {
           level: "warn",
           message: `Price ${price} exceeds maxPrice ${routeEntry.maxPrice}, capping`,

package/dist/index.js

@@ -586,8 +586,8 @@ function resolveMaxPrice(pricing) {
 }
 
 // src/orchestrate.ts
-import { Credential } from "mppx";
-import { isAddress, getAddress } from "viem";
+import { Credential as Credential2 } from "mppx";
+import { isAddress as isAddress2, getAddress as getAddress2 } from "viem";
 
 // src/protocols/x402.ts
 init_x402_facilitators();
@@ -859,6 +859,22 @@ async function buildSIWXExtension() {
   return declareSIWxExtension();
 }
 
+// src/auth/mpp-siwx.ts
+import { Credential } from "mppx";
+import { isAddress, getAddress } from "viem";
+async function verifyMppSiwx(request, mppx) {
+  const result = await mppx.charge({ amount: "0" })(request);
+  if (result.status === 402) {
+    return { valid: false, challenge: result.challenge };
+  }
+  const credential = Credential.fromRequest(request);
+  const rawSource = credential?.source ?? "";
+  const didParts = rawSource.split(":");
+  const lastPart = didParts[didParts.length - 1];
+  const wallet = normalizeWalletAddress(isAddress(lastPart) ? getAddress(lastPart) : rawSource);
+  return { valid: true, wallet, withReceipt: result.withReceipt };
+}
+
 // src/auth/api-key.ts
 async function verifyApiKey(request, resolver) {
   const apiKey = request.headers.get("X-API-Key") ?? extractBearerToken(request.headers.get("Authorization"));
@@ -1024,6 +1040,33 @@ function createRequestHandler(routeEntry, handler, deps) {
         }
       }
       const siwxHeader = request.headers.get("SIGN-IN-WITH-X");
+      if (!siwxHeader && protocol === "mpp" && routeEntry.authMode === "siwx" && deps.mppx) {
+        let mppSiwxResult;
+        try {
+          mppSiwxResult = await verifyMppSiwx(request, deps.mppx);
+        } catch (err) {
+          const message = err instanceof Error ? err.message : String(err);
+          firePluginHook(deps.plugin, "onAlert", pluginCtx, {
+            level: "critical",
+            message: `MPP SIWX verification failed: ${message}`,
+            route: routeEntry.key
+          });
+          return fail(500, `MPP SIWX verification failed: ${message}`, meta, pluginCtx);
+        }
+        if (mppSiwxResult.valid) {
+          pluginCtx.setVerifiedWallet(mppSiwxResult.wallet);
+          firePluginHook(deps.plugin, "onAuthVerified", pluginCtx, {
+            authMode: "siwx",
+            wallet: mppSiwxResult.wallet,
+            route: routeEntry.key
+          });
+          const authResponse = await handleAuth(mppSiwxResult.wallet, void 0);
+          if (authResponse.status < 400) {
+            return mppSiwxResult.withReceipt(authResponse);
+          }
+          return authResponse;
+        }
+      }
       if (!siwxHeader && routeEntry.authMode === "siwx") {
         const url = new URL(request.url);
         const nonce = crypto.randomUUID().replace(/-/g, "");
@@ -1079,6 +1122,16 @@ function createRequestHandler(routeEntry, handler, deps) {
           headers: { "Content-Type": "application/json", "Cache-Control": "no-store" }
         });
         if (encoded) response.headers.set("PAYMENT-REQUIRED", encoded);
+        if (deps.mppx) {
+          try {
+            const mppChallenge = await deps.mppx.charge({ amount: "0" })(request);
+            if (mppChallenge.status === 402) {
+              const wwwAuth = mppChallenge.challenge.headers.get("WWW-Authenticate");
+              if (wwwAuth) response.headers.set("WWW-Authenticate", wwwAuth);
+            }
+          } catch {
+          }
+        }
         firePluginResponse(deps, pluginCtx, meta, response);
         return response;
       }
@@ -1304,11 +1357,11 @@ function createRequestHandler(routeEntry, handler, deps) {
         });
         return await build402(request, routeEntry, deps, meta, pluginCtx, body.data);
       }
-      const credential = Credential.fromRequest(request);
+      const credential = Credential2.fromRequest(request);
       const rawSource = credential?.source ?? "";
       const didParts = rawSource.split(":");
       const lastPart = didParts[didParts.length - 1];
-      const wallet = normalizeWalletAddress(isAddress(lastPart) ? getAddress(lastPart) : rawSource);
+      const wallet = normalizeWalletAddress(isAddress2(lastPart) ? getAddress2(lastPart) : rawSource);
       pluginCtx.setVerifiedWallet(wallet);
       firePluginHook(deps.plugin, "onPaymentVerified", pluginCtx, {
         protocol: "mpp",
@@ -1387,7 +1440,7 @@ async function resolveDynamicPrice(bodyData, routeEntry, deps, pluginCtx, meta)
     if (routeEntry.maxPrice) {
       const calculated = parseFloat(price);
       const max = parseFloat(routeEntry.maxPrice);
-      if (calculated > max) {
+      if (!Number.isFinite(calculated) || calculated > max) {
         firePluginHook(deps.plugin, "onAlert", pluginCtx, {
           level: "warn",
           message: `Price ${price} exceeds maxPrice ${routeEntry.maxPrice}, capping`,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@agentcash/router",
-  "version": "1.1.10",
+  "version": "1.2.0",
   "description": "Unified route builder for Next.js App Router APIs with x402, MPP, SIWX, and API key auth",
   "type": "module",
   "exports": {