npm - @agentcash/router - Versions diffs - 1.9.4 → 1.10.0 - Mend

@agentcash/router 1.9.4 → 1.10.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -119,6 +119,7 @@ export const POST = router.route({ path: 'search' })
 // app/api/inbox/status/route.ts
 export const GET = router.route({ path: 'inbox/status' })
   .siwx()
+  .method('GET')
   .handler(async ({ wallet }) => getStatus(wallet));
 ```

package/dist/index.cjs CHANGED Viewed

@@ -2177,6 +2177,21 @@ function getAllowedStrategies(allowed) {
   return allowed.map((name) => STRATEGIES[name]);
 }
+// src/protocols/detect.ts
+function detectProtocol(request) {
+  if (request.headers.get(HEADERS.X402_PAYMENT_SIGNATURE) ?? request.headers.get(HEADERS.X402_PAYMENT_LEGACY)) {
+    return "x402";
+  }
+  const auth = request.headers.get(HEADERS.AUTHORIZATION);
+  if (auth && auth.startsWith(AUTH_SCHEME.MPP_PAYMENT)) {
+    return "mpp";
+  }
+  if (request.headers.get(HEADERS.SIWX)) {
+    return "siwx";
+  }
+  return null;
+}
 // src/pipeline/flows/api-key-only.ts
 async function runApiKeyOnlyFlow(ctx) {
   if (!ctx.routeEntry.apiKeyResolver) {
@@ -2192,6 +2207,11 @@ async function runApiKeyOnlyFlow(ctx) {
 var DynamicPricing = class {
   constructor(opts) {
     this.opts = opts;
+    if (!isPositiveDecimal(opts.maxPrice)) {
+      throw new Error(
+        `route '${opts.route ?? "unknown"}': dynamic pricing requires a positive maxPrice, got '${opts.maxPrice}'`
+      );
+    }
   }
   needsBody = true;
   async quote(body) {
@@ -2205,11 +2225,8 @@ var DynamicPricing = class {
         error: err instanceof Error ? err.stack : String(err),
         body
       });
-      if (this.opts.maxPrice) {
-        this.alert("warn", `Using maxPrice ${this.opts.maxPrice} as fallback after pricing error`);
-        return this.opts.maxPrice;
-      }
-      throw err;
+      this.alert("warn", `Using maxPrice ${this.opts.maxPrice} as fallback after pricing error`);
+      return this.opts.maxPrice;
     }
     if (!isPositiveDecimal(priced)) {
       throw new HttpError(
@@ -2220,18 +2237,17 @@ var DynamicPricing = class {
     return priced;
   }
   challengeQuote(body) {
-    if (body === void 0) return Promise.resolve(this.opts.maxPrice ?? "0");
+    if (body === void 0) return Promise.resolve(this.opts.maxPrice);
     return this.quote(body);
   }
   describe() {
     return {
       mode: "dynamic",
       min: this.opts.minPrice ?? "0",
-      max: this.opts.maxPrice ?? "0"
+      max: this.opts.maxPrice
     };
   }
   cap(raw, body) {
-    if (!this.opts.maxPrice) return raw;
     let overCap;
     try {
       overCap = compareDecimals(raw, this.opts.maxPrice) > 0;
@@ -2331,6 +2347,9 @@ function selectPricing(raw, deps = {}) {
     return new FixedPricing(raw);
   }
   if (typeof raw === "function") {
+    if (!deps.maxPrice) {
+      throw new Error(`route '${deps.route ?? "unknown"}': dynamic pricing requires maxPrice`);
+    }
     return new DynamicPricing({
       fn: raw,
       maxPrice: deps.maxPrice,
@@ -3215,21 +3234,6 @@ async function createKvMppStore(kv, options) {
   });
 }
-// src/protocols/detect.ts
-function detectProtocol(request) {
-  if (request.headers.get(HEADERS.X402_PAYMENT_SIGNATURE) ?? request.headers.get(HEADERS.X402_PAYMENT_LEGACY)) {
-    return "x402";
-  }
-  const auth = request.headers.get(HEADERS.AUTHORIZATION);
-  if (auth && auth.startsWith(AUTH_SCHEME.MPP_PAYMENT)) {
-    return "mpp";
-  }
-  if (request.headers.get(HEADERS.SIWX)) {
-    return "siwx";
-  }
-  return null;
-}
 // src/protocols/mpp/siwx-mode.ts
 var import_mppx3 = require("mppx");
 async function verifyMppSiwx(request, mppx) {
@@ -3252,8 +3256,6 @@ async function runSiwxOnlyFlow(ctx) {
     if (earlyBody.ok) {
       const validateErr = await runValidate(ctx, earlyBody.data);
       if (validateErr) return validateErr;
-    } else {
-      return earlyBody.response;
     }
   }
   const siwxHeader = request.headers.get(HEADERS.SIWX);
@@ -3386,9 +3388,13 @@ async function runUnprotectedFlow(ctx) {
 // src/pipeline/orchestrate.ts
 function shouldSkipQueryValidation(routeEntry, request) {
-  const isPaidRoute = !!routeEntry.pricing || routeEntry.authMode === "paid";
-  if (!isPaidRoute) return false;
-  return selectIncomingStrategy(request, routeEntry.protocols) === null;
+  if (routeEntry.pricing || routeEntry.authMode === "paid") {
+    return selectIncomingStrategy(request, routeEntry.protocols) === null;
+  }
+  if (routeEntry.authMode === "siwx") {
+    return !request.headers.get(HEADERS.SIWX) && detectProtocol(request) !== "mpp";
+  }
+  return false;
 }
 function createRequestHandler(routeEntry, handler, deps) {
   return async (request) => {
@@ -3582,6 +3588,11 @@ var RouteBuilder = class _RouteBuilder {
         `route '${this.#s.key}': price '${pricing}' must be a positive decimal string`
       );
     }
+    if (typeof pricing === "function" && next.#s.maxPrice === void 0) {
+      throw new Error(
+        `route '${this.#s.key}': dynamic pricing requires maxPrice \u2014 without it, bare probes would advertise a $0 challenge`
+      );
+    }
     if (next.#s.maxPrice !== void 0 && !isPositiveDecimal(next.#s.maxPrice)) {
       throw new Error(
         `route '${this.#s.key}': maxPrice '${next.#s.maxPrice}' must be a positive decimal string`

package/dist/index.js CHANGED Viewed

@@ -2136,6 +2136,21 @@ function getAllowedStrategies(allowed) {
   return allowed.map((name) => STRATEGIES[name]);
 }
+// src/protocols/detect.ts
+function detectProtocol(request) {
+  if (request.headers.get(HEADERS.X402_PAYMENT_SIGNATURE) ?? request.headers.get(HEADERS.X402_PAYMENT_LEGACY)) {
+    return "x402";
+  }
+  const auth = request.headers.get(HEADERS.AUTHORIZATION);
+  if (auth && auth.startsWith(AUTH_SCHEME.MPP_PAYMENT)) {
+    return "mpp";
+  }
+  if (request.headers.get(HEADERS.SIWX)) {
+    return "siwx";
+  }
+  return null;
+}
 // src/pipeline/flows/api-key-only.ts
 async function runApiKeyOnlyFlow(ctx) {
   if (!ctx.routeEntry.apiKeyResolver) {
@@ -2151,6 +2166,11 @@ async function runApiKeyOnlyFlow(ctx) {
 var DynamicPricing = class {
   constructor(opts) {
     this.opts = opts;
+    if (!isPositiveDecimal(opts.maxPrice)) {
+      throw new Error(
+        `route '${opts.route ?? "unknown"}': dynamic pricing requires a positive maxPrice, got '${opts.maxPrice}'`
+      );
+    }
   }
   needsBody = true;
   async quote(body) {
@@ -2164,11 +2184,8 @@ var DynamicPricing = class {
         error: err instanceof Error ? err.stack : String(err),
         body
       });
-      if (this.opts.maxPrice) {
-        this.alert("warn", `Using maxPrice ${this.opts.maxPrice} as fallback after pricing error`);
-        return this.opts.maxPrice;
-      }
-      throw err;
+      this.alert("warn", `Using maxPrice ${this.opts.maxPrice} as fallback after pricing error`);
+      return this.opts.maxPrice;
     }
     if (!isPositiveDecimal(priced)) {
       throw new HttpError(
@@ -2179,18 +2196,17 @@ var DynamicPricing = class {
     return priced;
   }
   challengeQuote(body) {
-    if (body === void 0) return Promise.resolve(this.opts.maxPrice ?? "0");
+    if (body === void 0) return Promise.resolve(this.opts.maxPrice);
     return this.quote(body);
   }
   describe() {
     return {
       mode: "dynamic",
       min: this.opts.minPrice ?? "0",
-      max: this.opts.maxPrice ?? "0"
+      max: this.opts.maxPrice
     };
   }
   cap(raw, body) {
-    if (!this.opts.maxPrice) return raw;
     let overCap;
     try {
       overCap = compareDecimals(raw, this.opts.maxPrice) > 0;
@@ -2290,6 +2306,9 @@ function selectPricing(raw, deps = {}) {
     return new FixedPricing(raw);
   }
   if (typeof raw === "function") {
+    if (!deps.maxPrice) {
+      throw new Error(`route '${deps.route ?? "unknown"}': dynamic pricing requires maxPrice`);
+    }
     return new DynamicPricing({
       fn: raw,
       maxPrice: deps.maxPrice,
@@ -3174,21 +3193,6 @@ async function createKvMppStore(kv, options) {
   });
 }
-// src/protocols/detect.ts
-function detectProtocol(request) {
-  if (request.headers.get(HEADERS.X402_PAYMENT_SIGNATURE) ?? request.headers.get(HEADERS.X402_PAYMENT_LEGACY)) {
-    return "x402";
-  }
-  const auth = request.headers.get(HEADERS.AUTHORIZATION);
-  if (auth && auth.startsWith(AUTH_SCHEME.MPP_PAYMENT)) {
-    return "mpp";
-  }
-  if (request.headers.get(HEADERS.SIWX)) {
-    return "siwx";
-  }
-  return null;
-}
 // src/protocols/mpp/siwx-mode.ts
 import { Credential as Credential2 } from "mppx";
 async function verifyMppSiwx(request, mppx) {
@@ -3211,8 +3215,6 @@ async function runSiwxOnlyFlow(ctx) {
     if (earlyBody.ok) {
       const validateErr = await runValidate(ctx, earlyBody.data);
       if (validateErr) return validateErr;
-    } else {
-      return earlyBody.response;
     }
   }
   const siwxHeader = request.headers.get(HEADERS.SIWX);
@@ -3345,9 +3347,13 @@ async function runUnprotectedFlow(ctx) {
 // src/pipeline/orchestrate.ts
 function shouldSkipQueryValidation(routeEntry, request) {
-  const isPaidRoute = !!routeEntry.pricing || routeEntry.authMode === "paid";
-  if (!isPaidRoute) return false;
-  return selectIncomingStrategy(request, routeEntry.protocols) === null;
+  if (routeEntry.pricing || routeEntry.authMode === "paid") {
+    return selectIncomingStrategy(request, routeEntry.protocols) === null;
+  }
+  if (routeEntry.authMode === "siwx") {
+    return !request.headers.get(HEADERS.SIWX) && detectProtocol(request) !== "mpp";
+  }
+  return false;
 }
 function createRequestHandler(routeEntry, handler, deps) {
   return async (request) => {
@@ -3541,6 +3547,11 @@ var RouteBuilder = class _RouteBuilder {
         `route '${this.#s.key}': price '${pricing}' must be a positive decimal string`
       );
     }
+    if (typeof pricing === "function" && next.#s.maxPrice === void 0) {
+      throw new Error(
+        `route '${this.#s.key}': dynamic pricing requires maxPrice \u2014 without it, bare probes would advertise a $0 challenge`
+      );
+    }
     if (next.#s.maxPrice !== void 0 && !isPositiveDecimal(next.#s.maxPrice)) {
       throw new Error(
         `route '${this.#s.key}': maxPrice '${next.#s.maxPrice}' must be a positive decimal string`

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@agentcash/router",
-  "version": "1.9.4",
+  "version": "1.10.0",
   "description": "Unified route builder for Next.js App Router APIs with x402, MPP, SIWX, and API key auth",
   "type": "module",
   "exports": {