@arcblock/payment-service 1.29.7 → 1.29.8

package/dist/index.d.ts

@@ -166,3 +166,20 @@ export declare function createEmbeddedIdentityServices(): {
     directory(): any;
 };
 export declare function createEmbeddedPaymentService(slots: PaymentCoreSlots): PaymentCoreService;
+/** The reserved mount prefix for the embedded payment service. */
+export declare const PAYMENT_PREFIX = "/.well-known/payment";
+/** The caller identity the host resolved (injected as `x-user-*`; no in-process login_token verify). */
+export interface HostCallerIdentity {
+    did: string;
+    role?: string;
+    authMethod?: string;
+    displayName?: string;
+}
+/**
+ * Strip client-forged `x-user-*` and inject the host-resolved caller (raw role —
+ * the core strips any `blocklet-` prefix itself). See the core module for the
+ * full rationale.
+ */
+export declare function injectCaller(headers: Headers, caller: HostCallerIdentity | null): void;
+/** Build a lazy per-tenant provisioner with in-flight dedup (null tenant = no-op). */
+export declare function createTenantProvisioner(provision: (instanceDid: string) => Promise<void>): (instanceDid: string | null) => Promise<void>;

package/dist/index.js

@@ -360,7 +360,6 @@ __export(env_exports, {
   creditConsumptionCronTime: () => creditConsumptionCronTime,
   creditLowBalanceThresholdPercentage: () => creditLowBalanceThresholdPercentage,
   creditQueueConcurrency: () => creditQueueConcurrency,
-  daysUntilCancel: () => daysUntilCancel,
   default: () => env_default,
   depositVaultCronTime: () => depositVaultCronTime,
   enableDevFakeAuth: () => enableDevFakeAuth,
@@ -437,7 +436,7 @@ function hasConfig(key) {
   const v = readConfig(key);
   return v !== void 0 && v !== "";
 }
-var import_env, activeConfig, numConfig, paymentStatCronTime, subscriptionCronTime, notificationCronTime, expiredSessionCleanupCronTime, notificationCronConcurrency, stripeInvoiceCronTime, stripePaymentCronTime, stripeSubscriptionCronTime, revokeStakeCronTime, daysUntilCancel, meteringSubscriptionDetectionCronTime, overdueDetectionCronTime, overdueThreshold, depositVaultCronTime, creditConsumptionCronTime, vendorStatusCheckCronTime, vendorReturnScanCronTime, iapReconcileCronTime, eventRetryCronTime, quoteCleanupCronTime, vendorTimeoutMinutes, webhookAlertWindowMinutes, webhookAlertMinFailures, shortUrlApiKey, shortUrlDomain, sequelizeOptionsPoolMin, sequelizeOptionsPoolMax, sequelizeOptionsPoolIdle, updateDataConcurrency, stopAcceptingOrders, exchangeRateCacheTTLSeconds, systemMaxPendingAmount, allowChangeLockedPrice, blockletMode, isProduction, nodeEnv, isTestEnv, isDevelopmentEnv, enableDevFakeAuth, tenantModeRaw, blockletAppPid, blockletAppId, blockletAppName, blockletAppUrl, blockletAppHost, blockletAppDir, blockletPort, blockletMountPoints, appStoreWriteEnabled, appStoreSkipSignatureVerify, googlePubsubSkipSignatureVerify, googlePubsubPushServiceAccount, googlePubsubAllowUnverifiedSender, googlePlayWebhookUrl, stripeWebhookSecret, iapReconcileBatchSize, paymentBillingThreshold, paymentMinStakeAmount, paymentDaysUntilDue, paymentDaysUntilCancel, paymentReloadSubscriptionJobs, paymentRateVolatilityThreshold, paymentLivemode, creditLowBalanceThresholdPercentage, creditBatchSize, creditBatchWindowMs, creditQueueConcurrency, exchangeRateCacheTTLFromEnv, sqlLog, sqlBenchmark, cfEnv, isCfWorker, isBlockletServer, env_default;
+var import_env, activeConfig, numConfig, TRUTHY, FALSY, parseBool, readConfigAny, paymentStatCronTime, subscriptionCronTime, notificationCronTime, expiredSessionCleanupCronTime, notificationCronConcurrency, stripeInvoiceCronTime, stripePaymentCronTime, stripeSubscriptionCronTime, revokeStakeCronTime, meteringSubscriptionDetectionCronTime, overdueDetectionCronTime, overdueThreshold, depositVaultCronTime, creditConsumptionCronTime, vendorStatusCheckCronTime, vendorReturnScanCronTime, iapReconcileCronTime, eventRetryCronTime, quoteCleanupCronTime, vendorTimeoutMinutes, webhookAlertWindowMinutes, webhookAlertMinFailures, shortUrlApiKey, shortUrlDomain, sequelizeOptionsPoolMin, sequelizeOptionsPoolMax, sequelizeOptionsPoolIdle, updateDataConcurrency, stopAcceptingOrders, exchangeRateCacheTTLSeconds, systemMaxPendingAmount, allowChangeLockedPrice, blockletMode, isProduction, nodeEnv, isTestEnv, isDevelopmentEnv, enableDevFakeAuth, tenantModeRaw, blockletAppPid, blockletAppId, blockletAppName, blockletAppUrl, blockletAppHost, blockletAppDir, blockletPort, blockletMountPoints, appStoreWriteEnabled, appStoreSkipSignatureVerify, googlePubsubSkipSignatureVerify, googlePubsubPushServiceAccount, googlePubsubAllowUnverifiedSender, googlePlayWebhookUrl, stripeWebhookSecret, iapReconcileBatchSize, paymentBillingThreshold, paymentMinStakeAmount, paymentDaysUntilDue, paymentDaysUntilCancel, paymentReloadSubscriptionJobs, paymentRateVolatilityThreshold, paymentLivemode, creditLowBalanceThresholdPercentage, creditBatchSize, creditBatchWindowMs, creditQueueConcurrency, exchangeRateCacheTTLFromEnv, sqlLog, sqlBenchmark, cfEnv, isCfWorker, isBlockletServer, env_default;
 var init_env = __esm({
   "../../blocklets/core/api/src/libs/env.ts"() {
     "use strict";
@@ -446,6 +445,22 @@ var init_env = __esm({
       const v = readConfig(key);
       return v ? +v : fallback;
     };
+    TRUTHY = /* @__PURE__ */ new Set(["1", "true", "yes", "on"]);
+    FALSY = /* @__PURE__ */ new Set(["0", "false", "no", "off"]);
+    parseBool = (value, fallback = false) => {
+      if (value === void 0 || value === "") return fallback;
+      const v = value.trim().toLowerCase();
+      if (TRUTHY.has(v)) return true;
+      if (FALSY.has(v)) return false;
+      return fallback;
+    };
+    readConfigAny = (...keys) => {
+      for (const key of keys) {
+        const v = readConfig(key);
+        if (v !== void 0 && v !== "") return v;
+      }
+      return void 0;
+    };
     paymentStatCronTime = () => "0 1 0 * * *";
     subscriptionCronTime = () => readConfig("SUBSCRIPTION_CRON_TIME") || "0 */30 * * * *";
     notificationCronTime = () => readConfig("NOTIFICATION_CRON_TIME") || "0 5 */6 * * *";
@@ -455,7 +470,6 @@ var init_env = __esm({
     stripePaymentCronTime = () => readConfig("STRIPE_PAYMENT_CRON_TIME") || "0 */20 * * * *";
     stripeSubscriptionCronTime = () => readConfig("STRIPE_SUBSCRIPTION_CRON_TIME") || "0 10 */8 * * *";
     revokeStakeCronTime = () => readConfig("REVOKE_STAKE_CRON_TIME") || "0 */5 * * * *";
-    daysUntilCancel = () => readConfig("DAYS_UNTIL_CANCEL");
     meteringSubscriptionDetectionCronTime = () => readConfig("METERING_SUBSCRIPTION_DETECTION_CRON_TIME") || "0 0 10 * * *";
     overdueDetectionCronTime = () => readConfig("OVERDUE_DETECTION_CRON_TIME") || "0 0 10 * * *";
     overdueThreshold = () => numConfig("OVERDUE_THRESHOLD", 5);
@@ -475,16 +489,19 @@ var init_env = __esm({
     sequelizeOptionsPoolMax = () => numConfig("SEQUELIZE_OPTIONS_POOL_MAX", 5);
     sequelizeOptionsPoolIdle = () => numConfig("SEQUELIZE_OPTIONS_POOL_IDLE", 10 * 1e3);
     updateDataConcurrency = () => numConfig("UPDATE_DATA_CONCURRENCY", 5);
-    stopAcceptingOrders = () => readConfig("PAYMENT_KIT_STOP_ACCEPTING_ORDERS") === "true" || readConfig("PAYMENT_KIT_STOP_ACCEPTING_ORDERS") === "1";
+    stopAcceptingOrders = () => parseBool(readConfigAny("PAYMENT_STOP_ACCEPTING_ORDERS", "PAYMENT_KIT_STOP_ACCEPTING_ORDERS"));
     exchangeRateCacheTTLSeconds = () => numConfig("EXCHANGE_RATE_CACHE_TTL_SECONDS", 10 * 60);
-    systemMaxPendingAmount = () => numConfig("PAYMENT_KIT_MAX_PENDING_AMOUNT", 5);
-    allowChangeLockedPrice = () => readConfig("PAYMENT_CHANGE_LOCKED_PRICE") === "1";
+    systemMaxPendingAmount = () => {
+      const v = readConfigAny("PAYMENT_MAX_PENDING_AMOUNT", "PAYMENT_KIT_MAX_PENDING_AMOUNT");
+      return v ? +v : 5;
+    };
+    allowChangeLockedPrice = () => parseBool(readConfig("PAYMENT_CHANGE_LOCKED_PRICE"));
     blockletMode = () => readConfig("BLOCKLET_MODE");
     isProduction = () => blockletMode() === "production";
     nodeEnv = () => readConfig("NODE_ENV");
     isTestEnv = () => nodeEnv() === "test";
     isDevelopmentEnv = () => nodeEnv() === "development";
-    enableDevFakeAuth = () => readConfig("ENABLE_DEV_FAKE_AUTH") === "1";
+    enableDevFakeAuth = () => parseBool(readConfig("ENABLE_DEV_FAKE_AUTH"));
     tenantModeRaw = () => readConfig("PAYMENT_TENANT_MODE");
     blockletAppPid = () => readConfig("BLOCKLET_APP_PID");
     blockletAppId = () => readConfig("BLOCKLET_APP_ID");
@@ -494,11 +511,11 @@ var init_env = __esm({
     blockletAppDir = () => readConfig("BLOCKLET_APP_DIR");
     blockletPort = () => readConfig("BLOCKLET_PORT");
     blockletMountPoints = () => readConfig("BLOCKLET_MOUNT_POINTS");
-    appStoreWriteEnabled = () => readConfig("APP_STORE_WRITE_ENABLED") === "true";
-    appStoreSkipSignatureVerify = () => readConfig("APP_STORE_SKIP_SIGNATURE_VERIFY") === "true";
-    googlePubsubSkipSignatureVerify = () => readConfig("GOOGLE_PUBSUB_SKIP_SIGNATURE_VERIFY") === "true";
+    appStoreWriteEnabled = () => parseBool(readConfig("APP_STORE_WRITE_ENABLED"));
+    appStoreSkipSignatureVerify = () => parseBool(readConfig("APP_STORE_SKIP_SIGNATURE_VERIFY"));
+    googlePubsubSkipSignatureVerify = () => parseBool(readConfig("GOOGLE_PUBSUB_SKIP_SIGNATURE_VERIFY"));
     googlePubsubPushServiceAccount = () => readConfig("GOOGLE_PUBSUB_PUSH_SERVICE_ACCOUNT");
-    googlePubsubAllowUnverifiedSender = () => readConfig("GOOGLE_PUBSUB_ALLOW_UNVERIFIED_SENDER") === "true";
+    googlePubsubAllowUnverifiedSender = () => parseBool(readConfig("GOOGLE_PUBSUB_ALLOW_UNVERIFIED_SENDER"));
     googlePlayWebhookUrl = () => readConfig("GOOGLE_PLAY_WEBHOOK_URL");
     stripeWebhookSecret = () => readConfig("STRIPE_WEBHOOK_SECRET");
     iapReconcileBatchSize = () => Number(readConfig("IAP_RECONCILE_BATCH_SIZE") ?? "100");
@@ -506,19 +523,19 @@ var init_env = __esm({
     paymentMinStakeAmount = () => +readConfig("PAYMENT_MIN_STAKE_AMOUNT");
     paymentDaysUntilDue = () => readConfig("PAYMENT_DAYS_UNTIL_DUE");
     paymentDaysUntilCancel = () => readConfig("PAYMENT_DAYS_UNTIL_CANCEL");
-    paymentReloadSubscriptionJobs = () => readConfig("PAYMENT_RELOAD_SUBSCRIPTION_JOBS") === "1";
+    paymentReloadSubscriptionJobs = () => parseBool(readConfig("PAYMENT_RELOAD_SUBSCRIPTION_JOBS"));
     paymentRateVolatilityThreshold = () => readConfig("PAYMENT_RATE_VOLATILITY_THRESHOLD");
-    paymentLivemode = () => readConfig("PAYMENT_LIVEMODE") !== "false";
+    paymentLivemode = () => parseBool(readConfig("PAYMENT_LIVEMODE"), true);
     creditLowBalanceThresholdPercentage = () => parseInt(readConfig("CREDIT_LOW_BALANCE_THRESHOLD_PERCENTAGE") || "10", 10);
     creditBatchSize = () => Math.max(1, parseInt(readConfig("CREDIT_BATCH_SIZE") || "50", 10));
     creditBatchWindowMs = () => Math.max(10, parseInt(readConfig("CREDIT_BATCH_WINDOW_MS") || "3000", 10));
     creditQueueConcurrency = () => Math.max(1, Math.min(20, parseInt(readConfig("CREDIT_QUEUE_CONCURRENCY") || "5", 10) || 5));
     exchangeRateCacheTTLFromEnv = () => hasConfig("EXCHANGE_RATE_CACHE_TTL_SECONDS");
-    sqlLog = () => readConfig("SQL_LOG") === "1";
-    sqlBenchmark = () => readConfig("SQL_BENCHMARK") === "1";
+    sqlLog = () => parseBool(readConfig("SQL_LOG"));
+    sqlBenchmark = () => parseBool(readConfig("SQL_BENCHMARK"));
     cfEnv = () => globalThis.__CF_ENV__;
     isCfWorker = () => !!cfEnv();
-    isBlockletServer = () => hasConfig("BLOCKLET_APP_ID");
+    isBlockletServer = () => hasConfig("BLOCKLET_DID");
     env_default = {
       ...import_env.env
     };
@@ -33814,10 +33831,10 @@ async function handleSubscriptionOnPaymentFailure(subscription, eventType, clien
   const { interval } = subscription.pending_invoice_item_interval;
   const dueUnit = getDueUnit(interval);
   const cancelUpdates = {};
-  const daysUntilCancel2 = getDaysUntilCancel(subscription);
+  const daysUntilCancel = getDaysUntilCancel(subscription);
   const cancelSubscription = shouldCancelSubscription(subscription);
-  if (daysUntilCancel2 > 0) {
-    cancelUpdates.cancel_at = subscription.current_period_start + daysUntilCancel2 * dueUnit;
+  if (daysUntilCancel > 0) {
+    cancelUpdates.cancel_at = subscription.current_period_start + daysUntilCancel * dueUnit;
   } else {
     cancelUpdates.cancel_at_period_end = true;
   }
@@ -40756,10 +40773,10 @@ var init_payment2 = __esm({
         return updates.terminate;
       }
       const dueUnit = getDueUnit(interval);
-      const daysUntilCancel2 = getDaysUntilCancel(subscription);
+      const daysUntilCancel = getDaysUntilCancel(subscription);
       const cancelUpdates = {};
-      if (daysUntilCancel2 > 0) {
-        cancelUpdates.cancel_at = subscription.current_period_start + daysUntilCancel2 * dueUnit;
+      if (daysUntilCancel > 0) {
+        cancelUpdates.cancel_at = subscription.current_period_start + daysUntilCancel * dueUnit;
       } else {
         cancelUpdates.cancel_at_period_end = true;
       }
@@ -49152,7 +49169,7 @@ var init_subscriptions = __esm({
           description,
           metadata = {},
           days_until_due: daysUntilDue,
-          days_until_cancel: daysUntilCancel2,
+          days_until_cancel: daysUntilCancel,
           billing_cycle_anchor: billingCycleAnchor,
           collection_method: collectionMethod,
           proration_behavior: prorationBehavior,
@@ -49244,7 +49261,7 @@ var init_subscriptions = __esm({
           proration_behavior: prorationBehavior,
           payment_behavior: "default_incomplete",
           days_until_due: daysUntilDue,
-          days_until_cancel: daysUntilCancel2,
+          days_until_cancel: daysUntilCancel,
           metadata: formatMetadata(metadata),
           service_actions: serviceActions || []
         });
@@ -51706,10 +51723,10 @@ var init_subscriptions = __esm({
         updates.default_payment_method_id = arcblockMethod.id;
         if (body.recalculate_cancel_at !== false) {
           if (subscription.cancelation_details && !subscription.cancel_at) {
-            const daysUntilCancel2 = subscription.days_until_cancel || 0;
-            if (daysUntilCancel2 > 0) {
+            const daysUntilCancel = subscription.days_until_cancel || 0;
+            if (daysUntilCancel > 0) {
               const dueUnit = 24 * 60 * 60;
-              updates.cancel_at = subscription.current_period_start + daysUntilCancel2 * dueUnit;
+              updates.cancel_at = subscription.current_period_start + daysUntilCancel * dueUnit;
             } else {
               updates.cancel_at_period_end = true;
               updates.cancel_at = subscription.current_period_end;
@@ -71702,9 +71719,9 @@ async function handlePostConsumptionEvents(context2, params) {
       const cancelUpdates = {};
       const { interval } = context2.subscription.pending_invoice_item_interval;
       const dueUnit = getDueUnit(interval);
-      const daysUntilCancel2 = getDaysUntilCancel(context2.subscription);
-      if (daysUntilCancel2 > 0) {
-        cancelUpdates.cancel_at = context2.subscription.current_period_start + daysUntilCancel2 * dueUnit;
+      const daysUntilCancel = getDaysUntilCancel(context2.subscription);
+      if (daysUntilCancel > 0) {
+        cancelUpdates.cancel_at = context2.subscription.current_period_start + daysUntilCancel * dueUnit;
       } else {
         cancelUpdates.cancel_at_period_end = true;
       }
@@ -77921,9 +77938,52 @@ var init_service2 = __esm({
   }
 });
 
+// ../../blocklets/core/api/src/host-glue.ts
+var host_glue_exports = {};
+__export(host_glue_exports, {
+  PAYMENT_PREFIX: () => PAYMENT_PREFIX,
+  USER_HEADERS: () => USER_HEADERS,
+  createTenantProvisioner: () => createTenantProvisioner,
+  injectCaller: () => injectCaller
+});
+function injectCaller(headers, caller) {
+  for (const h of USER_HEADERS) headers.delete(h);
+  if (!caller) return;
+  const canonicalDid2 = caller.did?.startsWith("did:abt:") ? caller.did : `did:abt:${caller.did}`;
+  headers.set("x-user-did", canonicalDid2);
+  headers.set("x-user-role", caller.role || "guest");
+  headers.set("x-user-provider", caller.authMethod === "access-key" ? "access-key" : caller.authMethod || "wallet");
+  headers.set("x-user-fullname", encodeURIComponent(caller.displayName || ""));
+  headers.set("x-user-wallet-os", "");
+}
+function createTenantProvisioner(provision) {
+  const inflight = /* @__PURE__ */ new Map();
+  return (instanceDid) => {
+    if (!instanceDid) return Promise.resolve();
+    let p = inflight.get(instanceDid);
+    if (!p) {
+      p = provision(instanceDid).catch((err) => {
+        inflight.delete(instanceDid);
+        throw err;
+      });
+      inflight.set(instanceDid, p);
+    }
+    return p;
+  };
+}
+var PAYMENT_PREFIX, USER_HEADERS;
+var init_host_glue = __esm({
+  "../../blocklets/core/api/src/host-glue.ts"() {
+    "use strict";
+    PAYMENT_PREFIX = "/.well-known/payment";
+    USER_HEADERS = ["x-user-did", "x-user-role", "x-user-provider", "x-user-fullname", "x-user-wallet-os"];
+  }
+});
+
 // src/index.ts
 var src_exports = {};
 __export(src_exports, {
+  PAYMENT_PREFIX: () => PAYMENT_PREFIX2,
   applyPaymentCoreMigrations: () => applyPaymentCoreMigrations2,
   applySqlMigrations: () => applySqlMigrations2,
   createAuthStorage: () => createAuthStorage2,
@@ -77939,11 +77999,13 @@ __export(src_exports, {
   createNodeDbDriver: () => createNodeDbDriver2,
   createNodeDidConnectRuntime: () => createNodeDidConnectRuntime2,
   createNodeStaticHandler: () => createNodeStaticHandler2,
+  createTenantProvisioner: () => createTenantProvisioner2,
   getCronDriver: () => getCronDriver2,
   getIdentityDriver: () => getIdentityDriver2,
   getPaymentCoreSqlMigrations: () => getPaymentCoreSqlMigrations,
   getQueueHostHooks: () => getQueueHostHooks2,
   getSecretsDriver: () => getSecretsDriver2,
+  injectCaller: () => injectCaller2,
   matchesCron: () => matchesCron2,
   nodeQueueHostHooks: () => nodeQueueHostHooks2,
   scopedLockName: () => scopedLockName2,
@@ -78050,8 +78112,16 @@ function createEmbeddedPaymentService2(slots) {
   const core = (init_service2(), __toCommonJS(service_exports));
   return core.createEmbeddedPaymentService(slots);
 }
+var PAYMENT_PREFIX2 = "/.well-known/payment";
+function injectCaller2(headers, caller) {
+  return (init_host_glue(), __toCommonJS(host_glue_exports)).injectCaller(headers, caller);
+}
+function createTenantProvisioner2(provision) {
+  return (init_host_glue(), __toCommonJS(host_glue_exports)).createTenantProvisioner(provision);
+}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
+  PAYMENT_PREFIX,
   applyPaymentCoreMigrations,
   applySqlMigrations,
   createAuthStorage,
@@ -78067,11 +78137,13 @@ function createEmbeddedPaymentService2(slots) {
   createNodeDbDriver,
   createNodeDidConnectRuntime,
   createNodeStaticHandler,
+  createTenantProvisioner,
   getCronDriver,
   getIdentityDriver,
   getPaymentCoreSqlMigrations,
   getQueueHostHooks,
   getSecretsDriver,
+  injectCaller,
   matchesCron,
   nodeQueueHostHooks,
   scopedLockName,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@arcblock/payment-service",
-  "version": "1.29.7",
+  "version": "1.29.8",
   "description": "Embedded payment service factory (W2) — side-effect-free core for arc / blocklet server / standalone worker hosts",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -44,7 +44,7 @@
     "@blocklet/constant": "^1.17.13-beta-20260613-094425-b81920c8",
     "@blocklet/error": "^0.3.5",
     "@blocklet/logger": "^1.17.13-beta-20260613-094425-b81920c8",
-    "@blocklet/payment-vendor": "1.29.7",
+    "@blocklet/payment-vendor": "1.29.8",
     "@blocklet/sdk": "^1.17.13-beta-20260613-094425-b81920c8",
     "@blocklet/xss": "^0.3.16",
     "@hono/node-server": "^2.0.4",
@@ -90,5 +90,5 @@
     "ts-jest": "^29.1.2",
     "typescript": "^5.4.3"
   },
-  "gitHead": "e1999aecfa9ce64bfd56da14bf47b255a19ef394"
+  "gitHead": "547c0614f1f83abad80ea08452d2f5a9f4f5aa07"
 }