@agentwonderland/mcp 0.1.45 → 0.1.47

package/dist/core/__tests__/payments.test.js

@@ -6,18 +6,22 @@ let currentCard = {
     last4: "1111",
     brand: "visa",
 };
+let currentLink = null;
 let currentDefaultWallet;
 let currentWallets = [];
 let currentResolvedMethod = null;
+let currentDefaultPaymentMethod = "card";
 const createdFetches = [vi.fn(), vi.fn(), vi.fn(), vi.fn()];
 const mockMppxCreate = vi.fn();
 const mockStripe = vi.fn((opts) => opts);
 const mockTempoChargeClient = vi.fn((..._args) => "tempo_method");
 const mockBaseChargeClient = vi.fn((..._args) => "base_method");
+const mockCreateLinkSharedPaymentToken = vi.fn(async (_config) => "spt_test");
 vi.mock("../config.js", () => ({
     getApiUrl: () => "http://api.test",
     getCardConfig: () => currentCard,
-    getConfig: () => ({ defaultPaymentMethod: "card" }),
+    getLinkConfig: () => currentLink,
+    getConfig: () => ({ defaultPaymentMethod: currentDefaultPaymentMethod }),
     getDefaultWallet: () => currentDefaultWallet,
     getWallets: () => currentWallets,
     resolveWalletAndChain: () => currentResolvedMethod,
@@ -34,10 +38,14 @@ vi.mock("../tempo-charge.js", () => ({
 vi.mock("../base-charge.js", () => ({
     baseChargeClient: (config) => mockBaseChargeClient(config),
 }));
+vi.mock("../link-cli.js", () => ({
+    createLinkSharedPaymentToken: (config) => mockCreateLinkSharedPaymentToken(config),
+}));
 describe("payment method initialization", () => {
     beforeEach(() => {
         vi.clearAllMocks();
         vi.resetModules();
+        delete process.env.AGENTWONDERLAND_LINK_APPROVAL_LIMIT_CENTS;
         currentCard = {
             consumerToken: "consumer_one",
             paymentMethodId: "pm_one",
@@ -47,6 +55,8 @@ describe("payment method initialization", () => {
         currentDefaultWallet = undefined;
         currentWallets = [];
         currentResolvedMethod = null;
+        currentLink = null;
+        currentDefaultPaymentMethod = "card";
         mockMppxCreate
             .mockReturnValueOnce({ fetch: createdFetches[0] })
             .mockReturnValueOnce({ fetch: createdFetches[1] })
@@ -93,4 +103,48 @@ describe("payment method initialization", () => {
         expect(mockBaseChargeClient).not.toHaveBeenCalled();
         expect(mockMppxCreate).toHaveBeenCalledWith(expect.objectContaining({ methods: ["tempo_method"], polyfill: false }));
     });
+    it("initializes Stripe SPT method when Link is requested", async () => {
+        currentLink = {
+            paymentMethodId: "csmrpd_link_123",
+            label: "Visa ****4242",
+        };
+        currentDefaultPaymentMethod = "link";
+        const { getPaymentFetch } = await import("../payments.js");
+        await getPaymentFetch("link");
+        expect(mockStripe).toHaveBeenCalledWith(expect.objectContaining({ paymentMethod: "csmrpd_link_123" }));
+        expect(mockMppxCreate).toHaveBeenCalledWith(expect.objectContaining({
+            methods: [expect.objectContaining({ paymentMethod: "csmrpd_link_123" })],
+            polyfill: false,
+        }));
+        const stripeConfig = mockStripe.mock.calls[0]?.[0];
+        await stripeConfig.createToken({
+            amount: "25",
+            currency: "usd",
+            expiresAt: 1778290000,
+            networkId: "profile_test",
+        });
+        expect(mockCreateLinkSharedPaymentToken).toHaveBeenCalledWith(expect.objectContaining({
+            amount: "10000",
+            currency: "usd",
+            networkId: "profile_test",
+            paymentMethodId: "csmrpd_link_123",
+        }));
+        const linkTokenRequest = mockCreateLinkSharedPaymentToken.mock.calls[0]?.[0];
+        expect(linkTokenRequest?.context).toContain("up to USD 100.00");
+        expect(linkTokenRequest?.context).toContain("quoted at USD 0.25");
+    });
+    it("advertises Link as Stripe SPT compatibility", async () => {
+        currentLink = {
+            paymentMethodId: "csmrpd_link_123",
+        };
+        currentDefaultPaymentMethod = "link";
+        const { getAcceptedPaymentMethods, getCompatiblePaymentMethods } = await import("../payments.js");
+        expect(getAcceptedPaymentMethods()).toEqual(["stripe_card", "card"]);
+        expect(getCompatiblePaymentMethods({
+            payment: { accepted_payments: ["stripe_card"] },
+        })).toEqual(["link"]);
+        expect(getCompatiblePaymentMethods({
+            payment: { accepted_payments: ["card"] },
+        })).toEqual(["link"]);
+    });
 });

package/dist/core/__tests__/principal.test.js

@@ -88,6 +88,24 @@ describe("consumer principal helpers", () => {
         const principal = await getConsumerPrincipalForMethod("solana");
         expect(principal).toBe("did:pkh:solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp:42W2HfLfveSm1T5et9WTLp2CZ2QXdF2EYCUvyJ2gPpxF");
     });
+    it("uses the default consumer principal for Link payments", async () => {
+        state.wallets = [
+            { id: "aw-main", keyType: "ows", owsWalletId: "ows-main", chains: ["tempo", "base"], defaultChain: "base" },
+        ];
+        state.addresses = {
+            "aw-main": "0xBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
+            base: "0xBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB",
+        };
+        const { getConsumerPrincipalForMethod } = await import("../principal.js");
+        const principal = await getConsumerPrincipalForMethod("link");
+        expect(principal).toBe("did:pkh:eip155:8453:0xbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb");
+    });
+    it("creates a fallback identity wallet for Link payments when no wallet exists", async () => {
+        const { ensureConsumerPrincipalForMethod } = await import("../principal.js");
+        const principal = await ensureConsumerPrincipalForMethod("link");
+        expect(principal).toMatch(/^did:pkh:eip155:8453:0x[a-f0-9]{40}$/);
+        expect(state.addedWallets).toHaveLength(1);
+    });
     it("returns the Base rebate principal when an EVM wallet is available", async () => {
         state.wallets = [
             { id: "aw-main", keyType: "ows", owsWalletId: "ows-main", chains: ["tempo", "base", "solana"], defaultChain: "tempo" },

package/dist/core/config.d.ts

@@ -13,6 +13,15 @@ export interface CardConfig {
     last4: string;
     brand: string;
 }
+export interface LinkConfig {
+    paymentMethodId: string;
+    label?: string;
+}
+export interface PendingLinkSetup {
+    verificationUrl: string;
+    phrase: string;
+    createdAt: string;
+}
 export interface SpendPolicy {
     maxPerTxUsd?: number;
     maxPerDayUsd?: number;
@@ -32,6 +41,8 @@ export interface Config {
     defaultWallet: string | null;
     defaultPaymentMethod?: string;
     card: CardConfig | null;
+    link: LinkConfig | null;
+    pendingLinkSetup?: PendingLinkSetup | null;
     pendingCardSetupToken?: string | null;
     favorites: string[];
     /** Require user confirmation before spending. Default: true. Set false for headless/automated use. */
@@ -60,6 +71,7 @@ export declare function requiresSpendConfirmation(): boolean;
 export declare function getDefaultTipAmount(): number;
 export declare function getSpendPolicy(method: string): SpendPolicy | null;
 export declare function setSpendPolicy(method: string, policy: SpendPolicy): void;
+export declare function setDefaultPaymentMethod(defaultPaymentMethod: string | undefined): void;
 export declare function getSpendLedger(): SpendLedgerEntry[];
 export declare function saveSpendLedger(entries: SpendLedgerEntry[]): void;
 /**
@@ -89,10 +101,14 @@ export declare function removeWallet(id: string): void;
  * Get card configuration.
  */
 export declare function getCardConfig(): CardConfig | null;
+export declare function getLinkConfig(): LinkConfig | null;
+export declare function getPendingLinkSetup(): PendingLinkSetup | null;
 /**
  * Save card configuration after setup.
  */
 export declare function setCardConfig(card: CardConfig | null): void;
+export declare function setLinkConfig(link: LinkConfig | null): void;
+export declare function setPendingLinkSetup(pendingLinkSetup: PendingLinkSetup | null): void;
 export declare function getPendingCardSetupToken(): string | null;
 export declare function setPendingCardSetupToken(token: string | null): void;
 /**

package/dist/core/config.js

@@ -36,6 +36,8 @@ function migrateIfNeeded(raw) {
             defaultWallet: raw.defaultWallet ?? null,
             defaultPaymentMethod: raw.defaultPaymentMethod ?? undefined,
             card: raw.card ?? null,
+            link: raw.link ?? null,
+            pendingLinkSetup: raw.link ? null : (raw.pendingLinkSetup ?? null),
             pendingCardSetupToken: r.pendingCardSetupToken ?? null,
             favorites: r.favorites ?? [],
             confirmBeforeSpend: r.confirmBeforeSpend !== false,
@@ -109,6 +111,8 @@ function migrateIfNeeded(raw) {
         defaultWallet,
         defaultPaymentMethod: raw.defaultPaymentMethod ?? undefined,
         card,
+        link: raw.link ?? null,
+        pendingLinkSetup: raw.link ? null : (raw.pendingLinkSetup ?? null),
         pendingCardSetupToken: null,
         favorites: [],
         confirmBeforeSpend: true,
@@ -132,6 +136,8 @@ export function getConfig() {
         wallets: [],
         defaultWallet: null,
         card: null,
+        link: null,
+        pendingLinkSetup: null,
         pendingCardSetupToken: null,
         favorites: [],
         confirmBeforeSpend: true,
@@ -188,6 +194,9 @@ export function setSpendPolicy(method, policy) {
     policies[method] = policy;
     saveConfig({ spendPolicies: policies });
 }
+export function setDefaultPaymentMethod(defaultPaymentMethod) {
+    saveConfig({ defaultPaymentMethod });
+}
 export function getSpendLedger() {
     return getConfig().spendLedger ?? [];
 }
@@ -286,6 +295,12 @@ export function removeWallet(id) {
 export function getCardConfig() {
     return getConfig().card;
 }
+export function getLinkConfig() {
+    return getConfig().link;
+}
+export function getPendingLinkSetup() {
+    return getConfig().pendingLinkSetup ?? null;
+}
 /**
  * Save card configuration after setup.
  */
@@ -308,6 +323,28 @@ export function setCardConfig(card) {
         });
     }
 }
+export function setLinkConfig(link) {
+    const current = getConfig();
+    if (link) {
+        saveConfig({
+            link,
+            defaultPaymentMethod: "link",
+            pendingLinkSetup: null,
+        });
+    }
+    else {
+        saveConfig({
+            link,
+            pendingLinkSetup: null,
+            defaultPaymentMethod: current.defaultPaymentMethod === "link"
+                ? undefined
+                : current.defaultPaymentMethod,
+        });
+    }
+}
+export function setPendingLinkSetup(pendingLinkSetup) {
+    saveConfig({ pendingLinkSetup });
+}
 export function getPendingCardSetupToken() {
     return getConfig().pendingCardSetupToken ?? null;
 }

package/dist/core/link-cli.d.ts

@@ -0,0 +1,27 @@
+export interface LinkCliAuthStatus {
+    authenticated: boolean;
+    credentialsPath?: string;
+    pending?: boolean;
+}
+export interface LinkCliPaymentMethod {
+    id: string;
+    label?: string;
+    searchText?: string;
+}
+export interface LinkCliLogin {
+    verificationUrl: string;
+    phrase: string;
+    instruction?: string;
+}
+export declare function getLinkCliAuthStatus(): Promise<LinkCliAuthStatus>;
+export declare function startLinkCliLogin(): Promise<LinkCliLogin>;
+export declare function openLinkPaymentMethodAdd(): Promise<void>;
+export declare function listLinkPaymentMethods(): Promise<LinkCliPaymentMethod[]>;
+export declare function createLinkSharedPaymentToken(params: {
+    amount: string;
+    currency: string;
+    context: string;
+    expiresAt: number;
+    networkId: string;
+    paymentMethodId: string;
+}): Promise<string>;

package/dist/core/link-cli.js

@@ -0,0 +1,259 @@
+import { execFile } from "node:child_process";
+import { promisify } from "node:util";
+const execFileAsync = promisify(execFile);
+const LINK_CLI_PACKAGE = "@stripe/link-cli";
+const LINK_CLI_TIMEOUT_MS = 10 * 60 * 1000;
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+async function runLinkCli(args, timeout = LINK_CLI_TIMEOUT_MS) {
+    try {
+        const { stdout } = await execFileAsync("npx", ["--yes", LINK_CLI_PACKAGE, ...args, "--format", "json"], {
+            maxBuffer: 1024 * 1024,
+            timeout,
+        });
+        const trimmed = stdout.trim();
+        return trimmed ? JSON.parse(trimmed) : null;
+    }
+    catch (err) {
+        const error = err;
+        const output = error.stdout?.trim() || error.stderr?.trim();
+        if (output) {
+            try {
+                const parsed = JSON.parse(output);
+                const message = parsed.message ?? output;
+                throw new Error(parsed.code ? `${parsed.code}: ${message}` : message);
+            }
+            catch (parseErr) {
+                if (parseErr instanceof SyntaxError) {
+                    throw new Error(output);
+                }
+                throw parseErr;
+            }
+        }
+        throw error;
+    }
+}
+function asRecord(value) {
+    return typeof value === "object" && value !== null && !Array.isArray(value)
+        ? value
+        : null;
+}
+function walk(value, visit, key) {
+    const direct = visit(value, key);
+    if (direct)
+        return direct;
+    if (Array.isArray(value)) {
+        for (const item of value) {
+            const found = walk(item, visit);
+            if (found)
+                return found;
+        }
+        return null;
+    }
+    const record = asRecord(value);
+    if (record) {
+        for (const [childKey, childValue] of Object.entries(record)) {
+            const found = walk(childValue, visit, childKey);
+            if (found)
+                return found;
+        }
+    }
+    return null;
+}
+function extractSharedPaymentToken(output) {
+    return walk(output, (value, key) => {
+        if (typeof value !== "string")
+            return null;
+        if (value.startsWith("spt_"))
+            return value;
+        if (key && /shared.*payment.*token|spt/i.test(key) && value.includes("spt_")) {
+            return value.match(/spt_[A-Za-z0-9_]+/)?.[0] ?? null;
+        }
+        return null;
+    });
+}
+function extractSpendRequestApproval(output) {
+    const values = Array.isArray(output) ? output : [output];
+    for (const value of values) {
+        const record = asRecord(value);
+        if (!record)
+            continue;
+        const id = typeof record.id === "string" && record.id.startsWith("lsrq_")
+            ? record.id
+            : null;
+        if (!id)
+            continue;
+        return {
+            id,
+            approvalUrl: typeof record.approval_url === "string" ? record.approval_url : undefined,
+            status: typeof record.status === "string" ? record.status : undefined,
+        };
+    }
+    return null;
+}
+function normalizePaymentMethods(output) {
+    const values = Array.isArray(output)
+        ? output
+        : Array.isArray(asRecord(output)?.data)
+            ? asRecord(output)?.data
+            : Array.isArray(asRecord(output)?.payment_methods)
+                ? asRecord(output)?.payment_methods
+                : [];
+    return values
+        .map((value) => {
+        const record = asRecord(value);
+        if (!record)
+            return null;
+        const id = typeof record.id === "string"
+            ? record.id
+            : typeof record.payment_method_id === "string"
+                ? record.payment_method_id
+                : null;
+        if (!id)
+            return null;
+        const name = typeof record.name === "string" ? record.name : undefined;
+        const type = typeof record.type === "string" ? record.type : undefined;
+        const cardDetails = asRecord(record.card_details);
+        const bankDetails = asRecord(record.bank_account_details);
+        const brand = typeof cardDetails?.brand === "string"
+            ? cardDetails.brand
+            : typeof record.brand === "string"
+                ? record.brand
+                : undefined;
+        const last4 = typeof cardDetails?.last4 === "string"
+            ? cardDetails.last4
+            : typeof bankDetails?.last4 === "string"
+                ? bankDetails.last4
+                : typeof record.last4 === "string"
+                    ? record.last4
+                    : undefined;
+        const bankName = typeof bankDetails?.bank_name === "string" ? bankDetails.bank_name : undefined;
+        const typeLabel = type === "BANK_ACCOUNT" ? "bank" : type === "CARD" ? "card" : type?.toLowerCase();
+        const labelParts = [
+            name ?? bankName ?? brand ?? typeLabel,
+            brand && name?.toLowerCase().includes(brand.toLowerCase()) !== true ? brand : undefined,
+            last4 ? `****${last4}` : undefined,
+        ];
+        const label = labelParts.filter(Boolean).join(" ");
+        const searchText = [id, label, name, type, brand, bankName, last4].filter(Boolean).join(" ").toLowerCase();
+        return { id, ...(label ? { label } : {}), searchText };
+    })
+        .filter((value) => Boolean(value));
+}
+export async function getLinkCliAuthStatus() {
+    try {
+        const output = await runLinkCli(["auth", "status"], 30_000);
+        const status = Array.isArray(output) ? asRecord(output[0]) : asRecord(output);
+        return {
+            authenticated: status?.authenticated === true,
+            credentialsPath: typeof status?.credentials_path === "string" ? status.credentials_path : undefined,
+            pending: status?.pending === true,
+        };
+    }
+    catch {
+        return { authenticated: false };
+    }
+}
+export async function startLinkCliLogin() {
+    const output = await runLinkCli(["auth", "login", "--client-name", "Agent Wonderland MCP"]);
+    const login = Array.isArray(output) ? asRecord(output[0]) : asRecord(output);
+    const verificationUrl = typeof login?.verification_url === "string"
+        ? login.verification_url
+        : typeof login?.verificationUrl === "string"
+            ? login.verificationUrl
+            : null;
+    const phrase = typeof login?.phrase === "string" ? login.phrase : null;
+    if (!verificationUrl || !phrase) {
+        throw new Error("Link CLI did not return a verification URL.");
+    }
+    return {
+        verificationUrl,
+        phrase,
+        instruction: typeof login?.instruction === "string" ? login.instruction : undefined,
+    };
+}
+export async function openLinkPaymentMethodAdd() {
+    await runLinkCli(["payment-methods", "add"]);
+}
+export async function listLinkPaymentMethods() {
+    const output = await runLinkCli(["payment-methods", "list"], 60_000);
+    return normalizePaymentMethods(output);
+}
+export async function createLinkSharedPaymentToken(params) {
+    const args = [
+        "spend-request",
+        "create",
+        "--credential-type",
+        "shared_payment_token",
+        "--network-id",
+        params.networkId,
+        "--amount",
+        params.amount,
+        "--currency",
+        params.currency,
+        "--payment-method-id",
+        params.paymentMethodId,
+        "--context",
+        params.context,
+        "--request-approval",
+    ];
+    if (process.env.AGENTWONDERLAND_LINK_TEST_MODE === "1") {
+        args.push("--test");
+    }
+    let output;
+    try {
+        output = await runLinkCli(args);
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        if (/invalid network_id|could not retrieve merchant information/i.test(message)) {
+            throw new Error([
+                message,
+                "",
+                `Link CLI rejected the merchant network_id "${params.networkId}".`,
+                "For local Agent Wonderland testing, restart the gateway with a Stripe key whose live/test mode matches STRIPE_PROFILE_ID. If the modes already match, the Stripe profile likely is not provisioned for Link Agentic Commerce/SPT yet or Stripe needs to provide a different network id.",
+            ].join("\n"));
+        }
+        throw err;
+    }
+    const spt = extractSharedPaymentToken(output);
+    if (spt) {
+        return spt;
+    }
+    const approval = extractSpendRequestApproval(output);
+    if (approval?.id && approval.status === "pending_approval") {
+        if (approval.approvalUrl) {
+            console.error(`Link approval required: ${approval.approvalUrl}`);
+        }
+        let retrieved = await runLinkCli([
+            "spend-request",
+            "retrieve",
+            approval.id,
+            "--interval",
+            "2",
+            "--max-attempts",
+            "150",
+        ]);
+        let retrievedSpt = extractSharedPaymentToken(retrieved);
+        for (let attempt = 0; !retrievedSpt && attempt < 30; attempt += 1) {
+            await sleep(2_000);
+            retrieved = await runLinkCli([
+                "spend-request",
+                "retrieve",
+                approval.id,
+            ]);
+            retrievedSpt = extractSharedPaymentToken(retrieved);
+        }
+        if (retrievedSpt) {
+            return retrievedSpt;
+        }
+        throw new Error([
+            "Link spend request finished without a shared payment token.",
+            approval.approvalUrl ? `Approval URL: ${approval.approvalUrl}` : undefined,
+        ].filter(Boolean).join("\n"));
+    }
+    {
+        throw new Error("Link spend request completed without a shared payment token in the CLI response.");
+    }
+}

package/dist/core/mpp-client.d.ts

@@ -59,4 +59,16 @@ export declare const Mppx: {
         rawFetch: typeof fetch;
     };
 };
-export declare function stripe(_parameters?: unknown): ClientMethod;
+export declare function stripe(parameters: {
+    createToken: (parameters: {
+        amount: string;
+        challenge: Challenge;
+        currency: string;
+        expiresAt: number;
+        metadata?: Record<string, string>;
+        networkId: string;
+        paymentMethod?: string;
+    }) => Promise<string>;
+    externalId?: string;
+    paymentMethod?: string;
+}): ClientMethod[];

package/dist/core/mpp-client.js

@@ -41,8 +41,51 @@ export const Mppx = {
         };
     },
 };
-export function stripe(_parameters) {
-    throw new Error("Stripe card payments are temporarily unavailable.");
+export function stripe(parameters) {
+    const { createToken, externalId, paymentMethod: defaultPaymentMethod } = parameters;
+    return [
+        Method.toClient({
+            name: "stripe",
+            intent: "charge",
+        }, {
+            async createCredential({ challenge }) {
+                const paymentMethod = defaultPaymentMethod;
+                if (!paymentMethod) {
+                    throw new Error("paymentMethod is required");
+                }
+                const amount = String(challenge.request.amount ?? "");
+                const currency = String(challenge.request.currency ?? "");
+                const methodDetails = challenge.request.methodDetails;
+                const networkId = methodDetails?.networkId;
+                if (!networkId) {
+                    throw new Error("networkId is required in stripe payment challenge");
+                }
+                const metadata = methodDetails?.metadata;
+                if (metadata?.externalId) {
+                    throw new Error("methodDetails.metadata.externalId is reserved");
+                }
+                const expiresAt = challenge.expires
+                    ? Math.floor(new Date(challenge.expires).getTime() / 1000)
+                    : Math.floor(Date.now() / 1000) + 3600;
+                const spt = await createToken({
+                    amount,
+                    challenge,
+                    currency,
+                    expiresAt,
+                    metadata,
+                    networkId,
+                    paymentMethod,
+                });
+                return Credential.serialize({
+                    challenge,
+                    payload: {
+                        spt,
+                        ...(externalId ? { externalId } : {}),
+                    },
+                });
+            },
+        }),
+    ];
 }
 function createPaymentFetch(baseFetch, methods) {
     const wrapped = (async (input, init) => {