@armory-sh/middleware-express 0.3.2

package/dist/index.d.ts

@@ -0,0 +1,43 @@
+import { Request, Response, NextFunction } from 'express';
+import { X402PaymentPayload, X402PaymentRequirements } from '@armory-sh/base';
+import { VerifyPaymentOptions } from '@armory-sh/facilitator';
+
+interface LegacyPaymentPayloadV1 {
+    amount: string;
+    network: string;
+    contractAddress: string;
+    payTo: string;
+    from: string;
+    expiry: number;
+    signature: string;
+}
+interface LegacyPaymentPayloadV2 {
+    to: string;
+    from: string;
+    amount: string;
+    chainId: string;
+    assetId: string;
+    nonce: string;
+    expiry: number;
+    signature: string;
+}
+type AnyPaymentPayload = X402PaymentPayload | LegacyPaymentPayloadV1 | LegacyPaymentPayloadV2;
+type PaymentPayload = AnyPaymentPayload;
+
+interface PaymentMiddlewareConfig {
+    requirements: X402PaymentRequirements;
+    facilitatorUrl?: string;
+    verifyOptions?: VerifyPaymentOptions;
+    skipVerification?: boolean;
+}
+interface AugmentedRequest extends Request {
+    payment?: {
+        payload: PaymentPayload;
+        payerAddress: string;
+        version: 1 | 2;
+        verified: boolean;
+    };
+}
+declare const paymentMiddleware: (config: PaymentMiddlewareConfig) => (req: AugmentedRequest, res: Response, next: NextFunction) => Promise<void>;
+
+export { type AugmentedRequest, type PaymentMiddlewareConfig, paymentMiddleware };

package/dist/index.js

@@ -0,0 +1,142 @@
+// src/payment-utils.ts
+import { extractPaymentFromHeaders, X402_HEADERS } from "@armory-sh/base";
+import { verifyX402Payment as verifyPayment } from "@armory-sh/facilitator";
+var getHeadersForVersion = (version) => version === 1 ? { payment: "X-PAYMENT", required: "X-PAYMENT-REQUIRED", response: "X-PAYMENT-RESPONSE" } : { payment: "PAYMENT-SIGNATURE", required: "PAYMENT-REQUIRED", response: "PAYMENT-RESPONSE" };
+var getRequirementsVersion = (requirements) => "contractAddress" in requirements && "network" in requirements ? 1 : 2;
+var encodeRequirements = (requirements) => JSON.stringify(requirements);
+function isLegacyV1(payload) {
+  return typeof payload === "object" && payload !== null && "contractAddress" in payload && "network" in payload && "signature" in payload && typeof payload.signature === "string";
+}
+function isLegacyV2(payload) {
+  return typeof payload === "object" && payload !== null && "chainId" in payload && "assetId" in payload && "signature" in payload && typeof payload.signature === "string";
+}
+var decodePayload = (headerValue) => {
+  let parsed;
+  try {
+    if (headerValue.startsWith("{")) {
+      parsed = JSON.parse(headerValue);
+    } else {
+      parsed = JSON.parse(atob(headerValue));
+    }
+  } catch {
+    throw new Error("Invalid payment payload");
+  }
+  const headers = new Headers();
+  headers.set(X402_HEADERS.PAYMENT, headerValue);
+  const x402Payload = extractPaymentFromHeaders(headers);
+  if (x402Payload) {
+    return { payload: x402Payload, version: 2 };
+  }
+  if (isLegacyV1(parsed)) {
+    return { payload: parsed, version: 1 };
+  }
+  if (isLegacyV2(parsed)) {
+    return { payload: parsed, version: 2 };
+  }
+  throw new Error("Unrecognized payment payload format");
+};
+var verifyWithFacilitator = async (facilitatorUrl, payload, requirements, verifyOptions) => {
+  try {
+    const response = await fetch(`${facilitatorUrl}/verify`, {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ payload, requirements, options: verifyOptions })
+    });
+    if (!response.ok) {
+      const error = await response.json();
+      return { success: false, error: JSON.stringify(error) };
+    }
+    const result = await response.json();
+    if (!result.success) {
+      return { success: false, error: result.error ?? "Verification failed" };
+    }
+    return { success: true, payerAddress: result.payerAddress ?? "" };
+  } catch (error) {
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : "Unknown facilitator error"
+    };
+  }
+};
+var verifyLocally = async (payload, requirements, verifyOptions) => {
+  if (isLegacyV1(payload) || isLegacyV2(payload)) {
+    return {
+      success: false,
+      error: "Local verification not supported for legacy payload formats. Use a facilitator."
+    };
+  }
+  const result = await verifyPayment(payload, requirements, verifyOptions);
+  if (!result.success) {
+    return {
+      success: false,
+      error: JSON.stringify({
+        error: "Payment verification failed",
+        reason: result.error.name,
+        message: result.error.message
+      })
+    };
+  }
+  return { success: true, payerAddress: result.payerAddress };
+};
+var verifyPaymentWithRetry = async (payload, requirements, facilitatorUrl, verifyOptions) => facilitatorUrl ? verifyWithFacilitator(facilitatorUrl, payload, requirements, verifyOptions) : verifyLocally(payload, requirements, verifyOptions);
+var extractPayerAddress = (payload) => {
+  if ("payload" in payload) {
+    const x402Payload = payload;
+    if ("authorization" in x402Payload.payload) {
+      return x402Payload.payload.authorization.from;
+    }
+  }
+  if ("from" in payload && typeof payload.from === "string") {
+    return payload.from;
+  }
+  throw new Error("Unable to extract payer address from payload");
+};
+
+// src/index.ts
+var sendError = (res, status, headers, body) => {
+  res.status(status);
+  Object.entries(headers).forEach(([k, v]) => res.setHeader(k, v));
+  res.json(body);
+};
+var paymentMiddleware = (config) => {
+  const { requirements, facilitatorUrl, verifyOptions, skipVerification = false } = config;
+  const version = getRequirementsVersion(requirements);
+  const headers = getHeadersForVersion(version);
+  return async (req, res, next) => {
+    try {
+      const paymentHeader = req.headers[headers.payment.toLowerCase()];
+      if (!paymentHeader) {
+        sendError(res, 402, { [headers.required]: encodeRequirements(requirements), "Content-Type": "application/json" }, { error: "Payment required", requirements });
+        return;
+      }
+      let payload;
+      let payloadVersion;
+      try {
+        ({ payload, version: payloadVersion } = decodePayload(paymentHeader));
+      } catch (error) {
+        sendError(res, 400, {}, { error: "Invalid payment payload", message: error instanceof Error ? error.message : "Unknown error" });
+        return;
+      }
+      if (payloadVersion !== version) {
+        sendError(res, 400, {}, { error: "Payment version mismatch", expected: version, received: payloadVersion });
+        return;
+      }
+      const payerAddress = skipVerification ? extractPayerAddress(payload) : await (async () => {
+        const result = await verifyPaymentWithRetry(payload, requirements, facilitatorUrl, verifyOptions);
+        if (!result.success) {
+          sendError(res, 402, { [headers.required]: encodeRequirements(requirements) }, { error: result.error });
+          throw new Error("Verification failed");
+        }
+        return result.payerAddress;
+      })();
+      req.payment = { payload, payerAddress, version, verified: !skipVerification };
+      res.setHeader(headers.response, JSON.stringify({ status: "verified", payerAddress, version }));
+      next();
+    } catch (error) {
+      sendError(res, 500, {}, { error: "Payment middleware error", message: error instanceof Error ? error.message : "Unknown error" });
+    }
+  };
+};
+export {
+  paymentMiddleware
+};

package/package.json

@@ -0,0 +1,44 @@
+{
+  "name": "@armory-sh/middleware-express",
+  "version": "0.3.2",
+  "license": "MIT",
+  "author": "Sawyer Cutler <sawyer@dirtroad.dev>",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "bun": "./src/index.ts",
+      "default": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/thegreataxios/armory.git",
+    "directory": "packages/middleware-express"
+  },
+  "peerDependencies": {
+    "express": "^4"
+  },
+  "dependencies": {
+    "@armory-sh/base": "0.2.4",
+    "@armory-sh/facilitator": "0.2.4"
+  },
+  "devDependencies": {
+    "bun-types": "latest",
+    "typescript": "5.9.3",
+    "express": "^4",
+    "@types/express": "^4"
+  },
+  "scripts": {
+    "build": "tsup",
+    "test": "bun test"
+  }
+}