@armory-sh/middleware-elysia 0.3.16 → 0.3.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/README.md +76 -0
  2. package/dist/index.d.ts +1 -1
  3. package/dist/index.js +101 -20
  4. package/dist/routes.d.ts +57 -0
  5. package/dist/routes.js +175 -0
  6. package/package.json +3 -2
package/README.md ADDED
@@ -0,0 +1,76 @@
1
+ # @armory-sh/middleware-elysia
2
+
3
+ x402 payment middleware for Elysia applications.
4
+
5
+ ## Installation
6
+
7
+ ```bash
8
+ bun add @armory-sh/middleware-elysia
9
+ ```
10
+
11
+ ## Features
12
+
13
+ - Simple payment plugin for Elysia
14
+ - Route-aware payment configuration
15
+ - Multi-network, multi-token support
16
+ - Full TypeScript support
17
+
18
+ ## Basic Usage
19
+
20
+ ```typescript
21
+ import { Elysia } from "elysia";
22
+ import { paymentMiddleware } from "@armory-sh/middleware-elysia";
23
+
24
+ const requirements = {
25
+ scheme: "exact" as const,
26
+ network: "eip155:8453",
27
+ amount: "1000000",
28
+ asset: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913" as `0x${string}`,
29
+ payTo: "0xYourAddress..." as `0x${string}`,
30
+ maxTimeoutSeconds: 300,
31
+ extra: {},
32
+ };
33
+
34
+ const app = new Elysia()
35
+ .use(paymentMiddleware({ requirements }))
36
+ .get("/api/data", ({ payment }) => {
37
+ return {
38
+ data: "protected data",
39
+ payerAddress: payment?.payerAddress,
40
+ };
41
+ })
42
+ .listen(3000);
43
+ ```
44
+
45
+ ## Route-Aware Middleware
46
+
47
+ ```typescript
48
+ import { routeAwarePaymentMiddleware } from "@armory-sh/middleware-elysia";
49
+
50
+ const premiumRequirements = {
51
+ scheme: "exact" as const,
52
+ network: "eip155:8453",
53
+ amount: "5000000",
54
+ asset: "0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913" as `0x${string}`,
55
+ payTo: "0xYourAddress..." as `0x${string}`,
56
+ maxTimeoutSeconds: 300,
57
+ extra: {},
58
+ };
59
+
60
+ const app = new Elysia()
61
+ .use(routeAwarePaymentMiddleware({
62
+ "/api/premium": { requirements: premiumRequirements },
63
+ "/api/basic": { requirements: basicRequirements },
64
+ }))
65
+ .listen(3000);
66
+ ```
67
+
68
+ ## API
69
+
70
+ ### `paymentMiddleware(config)`
71
+
72
+ Creates a payment plugin for Elysia.
73
+
74
+ ### `routeAwarePaymentMiddleware(perRouteConfig)`
75
+
76
+ Creates a route-aware payment plugin for Elysia. Takes a record mapping route patterns to payment configuration entries.
package/dist/index.d.ts CHANGED
@@ -1,10 +1,10 @@
1
1
  import { Elysia } from 'elysia';
2
2
  import { X402PaymentPayload, X402PaymentRequirements } from '@armory-sh/base';
3
+ export { PaymentMiddlewareConfigEntry, RouteAwarePaymentInfo, RouteAwarePaymentMiddlewareConfig, routeAwarePaymentMiddleware } from './routes.js';
3
4
 
4
5
  interface PaymentMiddlewareConfig {
5
6
  requirements: X402PaymentRequirements;
6
7
  facilitatorUrl?: string;
7
- skipVerification?: boolean;
8
8
  }
9
9
  interface PaymentInfo {
10
10
  payload: X402PaymentPayload;
package/dist/index.js CHANGED
@@ -1,5 +1,5 @@
1
1
  // src/index.ts
2
- import { Elysia } from "elysia";
2
+ import { Elysia as Elysia2 } from "elysia";
3
3
 
4
4
  // src/payment-utils.ts
5
5
  import { extractPaymentFromHeaders, PAYMENT_SIGNATURE_HEADER } from "@armory-sh/base";
@@ -73,18 +73,6 @@ var verifyLocally = async (payload, requirements) => {
73
73
  };
74
74
  };
75
75
  var verifyPaymentWithRetry = async (payload, requirements, facilitatorUrl) => facilitatorUrl ? verifyWithFacilitator(facilitatorUrl, payload, requirements) : verifyLocally(payload, requirements);
76
- var extractPayerAddress = (payload) => {
77
- if ("payload" in payload) {
78
- const x402Payload = payload;
79
- if ("authorization" in x402Payload.payload) {
80
- return x402Payload.payload.authorization.from;
81
- }
82
- }
83
- if ("from" in payload && typeof payload.from === "string") {
84
- return payload.from;
85
- }
86
- throw new Error("Unable to extract payer address from payload");
87
- };
88
76
  var createResponseHeaders = (payerAddress) => ({
89
77
  [PAYMENT_HEADERS.RESPONSE]: JSON.stringify({
90
78
  status: "verified",
@@ -92,17 +80,55 @@ var createResponseHeaders = (payerAddress) => ({
92
80
  })
93
81
  });
94
82
 
95
- // src/index.ts
83
+ // src/routes.ts
84
+ import { Elysia } from "elysia";
85
+ import { matchRoute, validateRouteConfig } from "@armory-sh/base";
86
+ var resolveRouteConfig = (config) => {
87
+ const validationError = validateRouteConfig(config);
88
+ if (validationError) {
89
+ return { routes: [], error: validationError };
90
+ }
91
+ const { route, routes, perRoute } = config;
92
+ const routePatterns = route ? [route] : routes || [];
93
+ const resolvedRoutes = [];
94
+ for (const pattern of routePatterns) {
95
+ const routeConfig = perRoute?.[pattern];
96
+ if (routeConfig) {
97
+ resolvedRoutes.push({
98
+ pattern,
99
+ config: routeConfig
100
+ });
101
+ }
102
+ }
103
+ return { routes: resolvedRoutes };
104
+ };
96
105
  var errorResponse = (error, status, headers) => new Response(JSON.stringify(error), {
97
106
  status,
98
107
  headers: { "Content-Type": "application/json", ...headers }
99
108
  });
100
- var paymentMiddleware = (config) => {
101
- const { requirements, facilitatorUrl, skipVerification = false } = config;
102
- return new Elysia({ name: "armory-payment" }).derive(() => ({
109
+ var routeAwarePaymentMiddleware = (perRouteConfig) => {
110
+ const config = {
111
+ routes: Object.keys(perRouteConfig),
112
+ perRoute: perRouteConfig
113
+ };
114
+ const { routes: resolvedRoutes, error: configError } = resolveRouteConfig(config);
115
+ return new Elysia({ name: "armory-route-aware-payment" }).derive(() => ({
103
116
  payment: void 0
104
117
  })).onBeforeHandle(async ({ payment, request }) => {
105
118
  try {
119
+ if (configError) {
120
+ return errorResponse(
121
+ { error: "Payment middleware configuration error", details: configError.message },
122
+ 500
123
+ );
124
+ }
125
+ const path = new URL(request.url).pathname;
126
+ const matchedRoute = resolvedRoutes.find((r) => matchRoute(r.pattern, path));
127
+ if (!matchedRoute) {
128
+ return;
129
+ }
130
+ const routeConfig = matchedRoute.config;
131
+ const { requirements, facilitatorUrl } = routeConfig;
106
132
  const paymentHeader = request.headers.get(PAYMENT_HEADERS.PAYMENT);
107
133
  if (!paymentHeader) {
108
134
  return errorResponse(
@@ -120,7 +146,7 @@ var paymentMiddleware = (config) => {
120
146
  message: error instanceof Error ? error.message : "Unknown error"
121
147
  }, 400);
122
148
  }
123
- const verifyResult = skipVerification ? { success: true, payerAddress: extractPayerAddress(payload) } : await verifyPaymentWithRetry(payload, requirements, facilitatorUrl);
149
+ const verifyResult = await verifyPaymentWithRetry(payload, requirements, facilitatorUrl);
124
150
  if (!verifyResult.success) {
125
151
  return errorResponse(
126
152
  { error: verifyResult.error },
@@ -129,7 +155,7 @@ var paymentMiddleware = (config) => {
129
155
  );
130
156
  }
131
157
  const payerAddress = verifyResult.payerAddress;
132
- payment = { payload, payerAddress, verified: !skipVerification };
158
+ payment = { payload, payerAddress, verified: true, route: matchedRoute.pattern };
133
159
  } catch (error) {
134
160
  return errorResponse({
135
161
  error: "Payment middleware error",
@@ -145,6 +171,61 @@ var paymentMiddleware = (config) => {
145
171
  }
146
172
  });
147
173
  };
174
+
175
+ // src/index.ts
176
+ var errorResponse2 = (error, status, headers) => new Response(JSON.stringify(error), {
177
+ status,
178
+ headers: { "Content-Type": "application/json", ...headers }
179
+ });
180
+ var paymentMiddleware = (config) => {
181
+ const { requirements, facilitatorUrl } = config;
182
+ return new Elysia2({ name: "armory-payment" }).derive(() => ({
183
+ payment: void 0
184
+ })).onBeforeHandle(async ({ payment, request }) => {
185
+ try {
186
+ const paymentHeader = request.headers.get(PAYMENT_HEADERS.PAYMENT);
187
+ if (!paymentHeader) {
188
+ return errorResponse2(
189
+ { error: "Payment required", accepts: [requirements] },
190
+ 402,
191
+ { [PAYMENT_HEADERS.REQUIRED]: encodeRequirements(requirements) }
192
+ );
193
+ }
194
+ let payload;
195
+ try {
196
+ ({ payload } = decodePayload(paymentHeader));
197
+ } catch (error) {
198
+ return errorResponse2({
199
+ error: "Invalid payment payload",
200
+ message: error instanceof Error ? error.message : "Unknown error"
201
+ }, 400);
202
+ }
203
+ const verifyResult = await verifyPaymentWithRetry(payload, requirements, facilitatorUrl);
204
+ if (!verifyResult.success) {
205
+ return errorResponse2(
206
+ { error: verifyResult.error },
207
+ 402,
208
+ { [PAYMENT_HEADERS.REQUIRED]: encodeRequirements(requirements) }
209
+ );
210
+ }
211
+ const payerAddress = verifyResult.payerAddress;
212
+ payment = { payload, payerAddress, verified: true };
213
+ } catch (error) {
214
+ return errorResponse2({
215
+ error: "Payment middleware error",
216
+ message: error instanceof Error ? error.message : "Unknown error"
217
+ }, 500);
218
+ }
219
+ }).onAfterHandle(({ payment }) => {
220
+ if (payment) {
221
+ const { payerAddress } = payment;
222
+ return {
223
+ headers: createResponseHeaders(payerAddress)
224
+ };
225
+ }
226
+ });
227
+ };
148
228
  export {
149
- paymentMiddleware
229
+ paymentMiddleware,
230
+ routeAwarePaymentMiddleware
150
231
  };
package/dist/routes.d.ts ADDED
@@ -0,0 +1,57 @@
1
+ import { Elysia } from 'elysia';
2
+ import { X402PaymentRequirements, X402PaymentPayload } from '@armory-sh/base';
3
+
4
+ interface RouteAwarePaymentMiddlewareConfig {
5
+ route?: string;
6
+ routes?: string[];
7
+ perRoute?: Record<string, PaymentMiddlewareConfigEntry>;
8
+ }
9
+ interface PaymentMiddlewareConfigEntry {
10
+ requirements: X402PaymentRequirements;
11
+ facilitatorUrl?: string;
12
+ }
13
+ interface RouteAwarePaymentInfo {
14
+ payload: X402PaymentPayload;
15
+ payerAddress: string;
16
+ verified: boolean;
17
+ route?: string;
18
+ }
19
+ interface PaymentContext {
20
+ payment: RouteAwarePaymentInfo;
21
+ }
22
+ declare const routeAwarePaymentMiddleware: (perRouteConfig: Record<string, PaymentMiddlewareConfigEntry>) => Elysia<"", {
23
+ decorator: {};
24
+ store: {};
25
+ derive: {};
26
+ resolve: {};
27
+ }, {
28
+ typebox: {};
29
+ error: {};
30
+ }, {
31
+ schema: {};
32
+ standaloneSchema: {};
33
+ macro: {};
34
+ macroFn: {};
35
+ parser: {};
36
+ response: {};
37
+ }, {}, {
38
+ derive: {};
39
+ resolve: {};
40
+ schema: {};
41
+ standaloneSchema: {};
42
+ response: {};
43
+ }, {
44
+ derive: {
45
+ readonly payment: RouteAwarePaymentInfo | undefined;
46
+ };
47
+ resolve: {};
48
+ schema: {};
49
+ standaloneSchema: {};
50
+ response: {
51
+ 200: Response | {
52
+ headers: Record<string, string>;
53
+ };
54
+ };
55
+ }>;
56
+
57
+ export { type PaymentContext, type PaymentMiddlewareConfigEntry, type RouteAwarePaymentInfo, type RouteAwarePaymentMiddlewareConfig, routeAwarePaymentMiddleware };
package/dist/routes.js ADDED
@@ -0,0 +1,175 @@
1
+ // src/routes.ts
2
+ import { Elysia } from "elysia";
3
+
4
+ // src/payment-utils.ts
5
+ import { extractPaymentFromHeaders, PAYMENT_SIGNATURE_HEADER } from "@armory-sh/base";
6
+ var PAYMENT_HEADERS = {
7
+ PAYMENT: "PAYMENT-SIGNATURE",
8
+ REQUIRED: "PAYMENT-REQUIRED",
9
+ RESPONSE: "PAYMENT-RESPONSE"
10
+ };
11
+ var encodeRequirements = (requirements) => JSON.stringify(requirements);
12
+ function isLegacyV2(payload) {
13
+ return typeof payload === "object" && payload !== null && "chainId" in payload && "assetId" in payload && "signature" in payload && typeof payload.signature === "string";
14
+ }
15
+ var decodePayload = (headerValue) => {
16
+ let parsed;
17
+ let isJsonString = false;
18
+ try {
19
+ if (headerValue.startsWith("{")) {
20
+ parsed = JSON.parse(headerValue);
21
+ isJsonString = true;
22
+ } else {
23
+ parsed = JSON.parse(atob(headerValue));
24
+ }
25
+ } catch {
26
+ throw new Error("Invalid payment payload");
27
+ }
28
+ const base64Value = isJsonString ? Buffer.from(headerValue).toString("base64") : headerValue;
29
+ const headers = new Headers();
30
+ headers.set(PAYMENT_SIGNATURE_HEADER, base64Value);
31
+ const x402Payload = extractPaymentFromHeaders(headers);
32
+ if (x402Payload) {
33
+ return { payload: x402Payload };
34
+ }
35
+ if (isLegacyV2(parsed)) {
36
+ return { payload: parsed };
37
+ }
38
+ throw new Error("Unrecognized payment payload format");
39
+ };
40
+ var verifyWithFacilitator = async (facilitatorUrl, payload, requirements) => {
41
+ try {
42
+ const response = await fetch(`${facilitatorUrl}/verify`, {
43
+ method: "POST",
44
+ headers: { "Content-Type": "application/json" },
45
+ body: JSON.stringify({ payload, requirements })
46
+ });
47
+ if (!response.ok) {
48
+ const error = await response.json();
49
+ return { success: false, error: JSON.stringify(error) };
50
+ }
51
+ const result = await response.json();
52
+ if (!result.success) {
53
+ return { success: false, error: result.error ?? "Verification failed" };
54
+ }
55
+ return { success: true, payerAddress: result.payerAddress ?? "" };
56
+ } catch (error) {
57
+ return {
58
+ success: false,
59
+ error: error instanceof Error ? error.message : "Unknown facilitator error"
60
+ };
61
+ }
62
+ };
63
+ var verifyLocally = async (payload, requirements) => {
64
+ if (isLegacyV2(payload)) {
65
+ return {
66
+ success: false,
67
+ error: "Local verification not supported for legacy payload format. Use a facilitator."
68
+ };
69
+ }
70
+ return {
71
+ success: true,
72
+ payerAddress: payload.payload.authorization.from
73
+ };
74
+ };
75
+ var verifyPaymentWithRetry = async (payload, requirements, facilitatorUrl) => facilitatorUrl ? verifyWithFacilitator(facilitatorUrl, payload, requirements) : verifyLocally(payload, requirements);
76
+ var createResponseHeaders = (payerAddress) => ({
77
+ [PAYMENT_HEADERS.RESPONSE]: JSON.stringify({
78
+ status: "verified",
79
+ payerAddress
80
+ })
81
+ });
82
+
83
+ // src/routes.ts
84
+ import { matchRoute, validateRouteConfig } from "@armory-sh/base";
85
+ var resolveRouteConfig = (config) => {
86
+ const validationError = validateRouteConfig(config);
87
+ if (validationError) {
88
+ return { routes: [], error: validationError };
89
+ }
90
+ const { route, routes, perRoute } = config;
91
+ const routePatterns = route ? [route] : routes || [];
92
+ const resolvedRoutes = [];
93
+ for (const pattern of routePatterns) {
94
+ const routeConfig = perRoute?.[pattern];
95
+ if (routeConfig) {
96
+ resolvedRoutes.push({
97
+ pattern,
98
+ config: routeConfig
99
+ });
100
+ }
101
+ }
102
+ return { routes: resolvedRoutes };
103
+ };
104
+ var errorResponse = (error, status, headers) => new Response(JSON.stringify(error), {
105
+ status,
106
+ headers: { "Content-Type": "application/json", ...headers }
107
+ });
108
+ var routeAwarePaymentMiddleware = (perRouteConfig) => {
109
+ const config = {
110
+ routes: Object.keys(perRouteConfig),
111
+ perRoute: perRouteConfig
112
+ };
113
+ const { routes: resolvedRoutes, error: configError } = resolveRouteConfig(config);
114
+ return new Elysia({ name: "armory-route-aware-payment" }).derive(() => ({
115
+ payment: void 0
116
+ })).onBeforeHandle(async ({ payment, request }) => {
117
+ try {
118
+ if (configError) {
119
+ return errorResponse(
120
+ { error: "Payment middleware configuration error", details: configError.message },
121
+ 500
122
+ );
123
+ }
124
+ const path = new URL(request.url).pathname;
125
+ const matchedRoute = resolvedRoutes.find((r) => matchRoute(r.pattern, path));
126
+ if (!matchedRoute) {
127
+ return;
128
+ }
129
+ const routeConfig = matchedRoute.config;
130
+ const { requirements, facilitatorUrl } = routeConfig;
131
+ const paymentHeader = request.headers.get(PAYMENT_HEADERS.PAYMENT);
132
+ if (!paymentHeader) {
133
+ return errorResponse(
134
+ { error: "Payment required", accepts: [requirements] },
135
+ 402,
136
+ { [PAYMENT_HEADERS.REQUIRED]: encodeRequirements(requirements) }
137
+ );
138
+ }
139
+ let payload;
140
+ try {
141
+ ({ payload } = decodePayload(paymentHeader));
142
+ } catch (error) {
143
+ return errorResponse({
144
+ error: "Invalid payment payload",
145
+ message: error instanceof Error ? error.message : "Unknown error"
146
+ }, 400);
147
+ }
148
+ const verifyResult = await verifyPaymentWithRetry(payload, requirements, facilitatorUrl);
149
+ if (!verifyResult.success) {
150
+ return errorResponse(
151
+ { error: verifyResult.error },
152
+ 402,
153
+ { [PAYMENT_HEADERS.REQUIRED]: encodeRequirements(requirements) }
154
+ );
155
+ }
156
+ const payerAddress = verifyResult.payerAddress;
157
+ payment = { payload, payerAddress, verified: true, route: matchedRoute.pattern };
158
+ } catch (error) {
159
+ return errorResponse({
160
+ error: "Payment middleware error",
161
+ message: error instanceof Error ? error.message : "Unknown error"
162
+ }, 500);
163
+ }
164
+ }).onAfterHandle(({ payment }) => {
165
+ if (payment) {
166
+ const { payerAddress } = payment;
167
+ return {
168
+ headers: createResponseHeaders(payerAddress)
169
+ };
170
+ }
171
+ });
172
+ };
173
+ export {
174
+ routeAwarePaymentMiddleware
175
+ };
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@armory-sh/middleware-elysia",
3
- "version": "0.3.16",
3
+ "version": "0.3.18",
4
4
  "license": "MIT",
5
5
  "author": "Sawyer Cutler <sawyer@dirtroad.dev>",
6
6
  "type": "module",
@@ -28,10 +28,11 @@
28
28
  "elysia": "^1"
29
29
  },
30
30
  "dependencies": {
31
- "@armory-sh/base": "0.2.18"
31
+ "@armory-sh/base": "0.2.20"
32
32
  },
33
33
  "devDependencies": {
34
34
  "bun-types": "latest",
35
+ "tsup": "^8.5.1",
35
36
  "typescript": "5.9.3",
36
37
  "elysia": "^1"
37
38
  },