@atxp/client 0.5.1 → 0.6.1

package/dist/index.cjs

@@ -318,18 +318,39 @@ class InsufficientFundsError extends Error {
 }
 class PaymentNetworkError extends Error {
     constructor(message, originalError) {
-        super(`Payment failed due to network error: ${message}. Please check your network connection and try again.`);
+        super(`Payment failed due to network error: ${message}`);
         this.originalError = originalError;
         this.name = 'PaymentNetworkError';
     }
 }
 
+/**
+ * Creates an ATXP fetch wrapper that handles OAuth authentication and payments.
+ * This follows the wrapper pattern for fetch functions.
+ *
+ * @param config - The client configuration
+ * @returns A wrapped fetch function that handles ATXP protocol
+ */
 function atxpFetch(config) {
-    const fetcher = new ATXPFetcher(config);
+    const fetcher = new ATXPFetcher({
+        accountId: config.account.accountId,
+        db: config.oAuthDb,
+        paymentMakers: config.account.paymentMakers,
+        fetchFn: config.fetchFn,
+        sideChannelFetch: config.oAuthChannelFetch,
+        allowInsecureRequests: config.allowHttp,
+        allowedAuthorizationServers: config.allowedAuthorizationServers,
+        approvePayment: config.approvePayment,
+        logger: config.logger,
+        onAuthorize: config.onAuthorize,
+        onAuthorizeFailure: config.onAuthorizeFailure,
+        onPayment: config.onPayment,
+        onPaymentFailure: config.onPaymentFailure
+    });
     return fetcher.fetch;
 }
 class ATXPFetcher {
-    constructor({ accountId, db, paymentMakers, fetchFn = fetch, sideChannelFetch = fetchFn, strict = true, allowInsecureRequests = process.env.NODE_ENV === 'development', allowedAuthorizationServers = [common.DEFAULT_AUTHORIZATION_SERVER], approvePayment = async () => true, logger = new common.ConsoleLogger(), onAuthorize = async () => { }, onAuthorizeFailure = async () => { }, onPayment = async () => { }, onPaymentFailure = async () => { } }) {
+    constructor(config) {
         this.defaultPaymentFailureHandler = async ({ payment, error }) => {
             if (error instanceof InsufficientFundsError) {
                 this.logger.info(`PAYMENT FAILED: Insufficient ${error.currency} funds on ${payment.network}`);
@@ -346,6 +367,70 @@ class ATXPFetcher {
                 this.logger.info(`PAYMENT FAILED: ${error.message}`);
             }
         };
+        this.handleMultiDestinationPayment = async (paymentRequestData, paymentRequestUrl, paymentRequestId) => {
+            if (!paymentRequestData.destinations || paymentRequestData.destinations.length === 0) {
+                return false;
+            }
+            // Try each destination in order
+            for (const dest of paymentRequestData.destinations) {
+                const paymentMaker = this.paymentMakers.get(dest.network);
+                if (!paymentMaker) {
+                    this.logger.debug(`ATXP: payment network '${dest.network}' not available, trying next destination`);
+                    continue;
+                }
+                // Convert amount to BigNumber since it comes as a string from JSON
+                const amount = new BigNumber.BigNumber(dest.amount);
+                const prospectivePayment = {
+                    accountId: this.accountId,
+                    resourceUrl: paymentRequestData.resource?.toString() ?? '',
+                    resourceName: paymentRequestData.resourceName ?? '',
+                    network: dest.network,
+                    currency: dest.currency,
+                    amount: amount,
+                    iss: paymentRequestData.iss ?? '',
+                };
+                if (!await this.approvePayment(prospectivePayment)) {
+                    this.logger.info(`ATXP: payment request denied by callback function for destination on ${dest.network}`);
+                    continue;
+                }
+                let paymentId;
+                try {
+                    paymentId = await paymentMaker.makePayment(amount, dest.currency, dest.address, paymentRequestData.iss);
+                    this.logger.info(`ATXP: made payment of ${amount.toString()} ${dest.currency} on ${dest.network}: ${paymentId}`);
+                    await this.onPayment({ payment: prospectivePayment });
+                    // Submit payment to the server
+                    const jwt = await paymentMaker.generateJWT({ paymentRequestId, codeChallenge: '' });
+                    const response = await this.sideChannelFetch(paymentRequestUrl.toString(), {
+                        method: 'PUT',
+                        headers: {
+                            'Authorization': `Bearer ${jwt}`,
+                            'Content-Type': 'application/json'
+                        },
+                        body: JSON.stringify({
+                            transactionId: paymentId,
+                            network: dest.network,
+                            currency: dest.currency
+                        })
+                    });
+                    this.logger.debug(`ATXP: payment was ${response.ok ? 'successfully' : 'not successfully'} PUT to ${paymentRequestUrl} : status ${response.status} ${response.statusText}`);
+                    if (!response.ok) {
+                        const msg = `ATXP: payment to ${paymentRequestUrl} failed: HTTP ${response.status} ${await response.text()}`;
+                        this.logger.info(msg);
+                        throw new Error(msg);
+                    }
+                    return true;
+                }
+                catch (error) {
+                    const typedError = error;
+                    this.logger.warn(`ATXP: payment failed on ${dest.network}: ${typedError.message}`);
+                    await this.onPaymentFailure({ payment: prospectivePayment, error: typedError });
+                    // Try next destination
+                    continue;
+                }
+            }
+            this.logger.info(`ATXP: no suitable payment destination found among ${paymentRequestData.destinations.length} options`);
+            return false;
+        };
         this.handlePaymentRequestError = async (paymentRequestError) => {
             if (paymentRequestError.code !== common.PAYMENT_REQUIRED_ERROR_CODE) {
                 throw new Error(`ATXP: expected payment required error (code ${common.PAYMENT_REQUIRED_ERROR_CODE}); got code ${paymentRequestError.code}`);
@@ -366,6 +451,11 @@ class ATXPFetcher {
             if (!paymentRequestData) {
                 throw new Error(`ATXP: payment request ${paymentRequestId} not found on server ${paymentRequestUrl}`);
             }
+            // Handle multi-destination format
+            if (paymentRequestData.destinations && paymentRequestData.destinations.length > 0) {
+                return this.handleMultiDestinationPayment(paymentRequestData, paymentRequestUrl, paymentRequestId);
+            }
+            // Handle legacy single destination format
             const requestedNetwork = paymentRequestData.network;
             if (!requestedNetwork) {
                 throw new Error(`Payment network not provided`);
@@ -442,7 +532,8 @@ class ATXPFetcher {
                 },
                 body: JSON.stringify({
                     transactionId: paymentId,
-                    network: requestedNetwork
+                    network: requestedNetwork,
+                    currency: currency
                 })
             });
             this.logger.debug(`ATXP: payment was ${response.ok ? 'successfully' : 'not successfully'} PUT to ${paymentRequestUrl} : status ${response.status} ${response.statusText}`);
@@ -661,6 +752,7 @@ class ATXPFetcher {
                 throw error;
             }
         };
+        const { accountId, db, paymentMakers, fetchFn = fetch, sideChannelFetch = fetchFn, strict = true, allowInsecureRequests = process.env.NODE_ENV === 'development', allowedAuthorizationServers = [common.DEFAULT_AUTHORIZATION_SERVER], approvePayment = async () => true, logger = new common.ConsoleLogger(), onAuthorize = async () => { }, onAuthorizeFailure = async () => { }, onPayment = async () => { }, onPaymentFailure = async () => { } } = config;
         // Use React Native safe fetch if in React Native environment
         const safeFetchFn = common.getIsReactNative() ? common.createReactNativeSafeFetch(fetchFn) : fetchFn;
         const safeSideChannelFetch = common.getIsReactNative() ? common.createReactNativeSafeFetch(sideChannelFetch) : sideChannelFetch;
@@ -15819,22 +15911,9 @@ function buildClientConfig(args) {
 }
 function buildStreamableTransport(args) {
     const config = buildClientConfig(args);
-    const fetcher = new ATXPFetcher({
-        accountId: args.account.accountId,
-        db: config.oAuthDb,
-        paymentMakers: args.account.paymentMakers,
-        fetchFn: config.fetchFn,
-        sideChannelFetch: config.oAuthChannelFetch,
-        allowInsecureRequests: config.allowHttp,
-        allowedAuthorizationServers: config.allowedAuthorizationServers,
-        approvePayment: config.approvePayment,
-        logger: config.logger,
-        onAuthorize: config.onAuthorize,
-        onAuthorizeFailure: config.onAuthorizeFailure,
-        onPayment: config.onPayment,
-        onPaymentFailure: config.onPaymentFailure
-    });
-    const transport = new StreamableHTTPClientTransport(new URL(args.mcpServer), { fetch: fetcher.fetch });
+    // Apply the ATXP wrapper to the fetch function
+    const wrappedFetch = atxpFetch(config);
+    const transport = new StreamableHTTPClientTransport(new URL(args.mcpServer), { fetch: wrappedFetch });
     return transport;
 }
 async function atxpClient(args) {
@@ -15851,7 +15930,7 @@ const ValidateTransferError = pay.ValidateTransferError;
 class SolanaPaymentMaker {
     constructor(solanaEndpoint, sourceSecretKey, logger) {
         this.generateJWT = async ({ paymentRequestId, codeChallenge }) => {
-            // Solana/Web3.js secretKey is 64 bytes: 
+            // Solana/Web3.js secretKey is 64 bytes:
             // first 32 bytes are the private scalar, last 32 are the public key.
             // JWK expects only the 32-byte private scalar for 'd'
             const jwk = {
@@ -15881,8 +15960,10 @@ class SolanaPaymentMaker {
                     this.logger.warn(`Insufficient ${currency} balance for payment. Required: ${amount}, Available: ${balance}`);
                     throw new InsufficientFundsError(currency, amount, balance, 'solana');
                 }
+                // Increase compute units to handle both memo and token transfer
+                // Memo uses ~6000 CUs, token transfer needs ~6500 CUs
                 const modifyComputeUnits = web3_js.ComputeBudgetProgram.setComputeUnitLimit({
-                    units: 10000,
+                    units: 50000,
                 });
                 const addPriorityFee = web3_js.ComputeBudgetProgram.setComputeUnitPrice({
                     microLamports: 20000,
@@ -16076,6 +16157,106 @@ class SolanaAccount {
     }
 }
 
+function toBasicAuth$1(token) {
+    // Basic auth is base64("username:password"), password is blank
+    const b64 = Buffer.from(`${token}:`).toString('base64');
+    return `Basic ${b64}`;
+}
+/**
+ * ATXP implementation of viem's LocalAccount interface.
+ * Delegates signing operations to the accounts-x402 API.
+ * Includes properties needed by x402 library for wallet client compatibility.
+ */
+class ATXPLocalAccount {
+    constructor(address, origin, token, fetchFn = fetch) {
+        this.address = address;
+        this.origin = origin;
+        this.token = token;
+        this.fetchFn = fetchFn;
+        this.type = 'local';
+        /**
+         * Get public key - required by LocalAccount interface
+         */
+        this.publicKey = '0x0000000000000000000000000000000000000000000000000000000000000000';
+        /**
+         * Source - required by LocalAccount interface (set to 'custom')
+         */
+        this.source = 'custom';
+        // x402 library expects these properties for wallet client compatibility
+        this.account = this; // Self-reference for x402's isSignerWallet check
+        this.chain = { id: 8453 }; // Base mainnet - could make this configurable
+        this.transport = {}; // Empty transport object for x402 compatibility
+    }
+    /**
+     * Fetch the wallet address from the /address endpoint
+     */
+    static async create(origin, token, fetchFn = fetch) {
+        // The /address endpoint uses Basic auth like other authenticated endpoints
+        // For X402, we need the Ethereum/Base address with USDC currency
+        const url = new URL(`${origin}/address`);
+        url.searchParams.set('network', 'base'); // X402 operates on Base
+        url.searchParams.set('currency', 'USDC'); // Always USDC for X402
+        const response = await fetchFn(url.toString(), {
+            method: 'GET',
+            headers: {
+                'Authorization': toBasicAuth$1(token)
+            }
+        });
+        if (!response.ok) {
+            const errorText = await response.text();
+            throw new Error(`Failed to fetch destination address: ${response.status} ${response.statusText} ${errorText}`);
+        }
+        const data = await response.json();
+        const address = data.address;
+        if (!address) {
+            throw new Error('Address endpoint did not return an address');
+        }
+        // Check that the account is an Ethereum/Base account (required for X402/EVM operations)
+        const network = data.network;
+        if (!network) {
+            throw new Error('Address endpoint did not return a network');
+        }
+        if (network !== 'ethereum' && network !== 'base') {
+            throw new Error(`ATXPLocalAccount requires an Ethereum/Base account, but got ${network} account`);
+        }
+        return new ATXPLocalAccount(address, origin, token, fetchFn);
+    }
+    /**
+     * Sign a typed data structure using EIP-712
+     * This is what x402 library will call for EIP-3009 authorization
+     */
+    async signTypedData(typedData) {
+        const response = await this.fetchFn(`${this.origin}/sign-typed-data`, {
+            method: 'POST',
+            headers: {
+                'Authorization': toBasicAuth$1(this.token),
+                'Content-Type': 'application/json',
+            },
+            body: JSON.stringify({
+                typedData
+            })
+        });
+        if (!response.ok) {
+            const errorText = await response.text();
+            throw new Error(`Failed to sign typed data: ${response.status} ${response.statusText} ${errorText}`);
+        }
+        const result = await response.json();
+        return result.signature;
+    }
+    /**
+     * Sign a message - required by LocalAccount interface but not used for X402
+     */
+    async signMessage(_) {
+        throw new Error('Message signing not implemented for ATXP local account');
+    }
+    /**
+     * Sign a transaction - required by LocalAccount interface but not used for X402
+     */
+    async signTransaction(_transaction, _args) {
+        throw new Error('Transaction signing not implemented for ATXP local account');
+    }
+}
+
 function toBasicAuth(token) {
     // Basic auth is base64("username:password"), password is blank
     const b64 = Buffer.from(`${token}:`).toString('base64');
@@ -16085,10 +16266,11 @@ function parseConnectionString(connectionString) {
     const url = new URL(connectionString);
     const origin = url.origin;
     const token = url.searchParams.get('connection_token') || '';
+    const accountId = url.searchParams.get('account_id');
     if (!token) {
         throw new Error('ATXPAccount: connection string missing connection token');
     }
-    return { origin, token };
+    return { origin, token, accountId };
 }
 class ATXPHttpPaymentMaker {
     constructor(origin, token, fetchFn = fetch) {
@@ -16097,19 +16279,19 @@ class ATXPHttpPaymentMaker {
         this.fetchFn = fetchFn;
     }
     async makePayment(amount, currency, receiver, memo) {
-        const body = {
-            amount: amount.toString(),
-            currency,
-            receiver,
-            memo,
-        };
+        // Make a regular payment via the /pay endpoint
         const response = await this.fetchFn(`${this.origin}/pay`, {
             method: 'POST',
             headers: {
                 'Authorization': toBasicAuth(this.token),
                 'Content-Type': 'application/json',
             },
-            body: JSON.stringify(body),
+            body: JSON.stringify({
+                amount: amount.toString(),
+                currency,
+                receiver,
+                memo,
+            }),
         });
         if (!response.ok) {
             const text = await response.text();
@@ -16146,15 +16328,26 @@ class ATXPHttpPaymentMaker {
 }
 class ATXPAccount {
     constructor(connectionString, opts) {
-        const { origin, token } = parseConnectionString(connectionString);
+        const { origin, token, accountId } = parseConnectionString(connectionString);
         const fetchFn = opts?.fetchFn ?? fetch;
         const network = opts?.network ?? 'base';
-        // Use token as a stable accountId namespace to keep OAuth/ATXP state per-connection
-        this.accountId = `atxp:${token}`;
+        // Store for use in X402 payment creation
+        this.origin = origin;
+        this.token = token;
+        this.fetchFn = fetchFn;
+        if (accountId) {
+            this.accountId = `atxp:${accountId}`;
+        }
+        else {
+            this.accountId = `atxp:${common.crypto.randomUUID()}`;
+        }
         this.paymentMakers = {
             [network]: new ATXPHttpPaymentMaker(origin, token, fetchFn),
         };
     }
+    async getSigner() {
+        return ATXPLocalAccount.create(this.origin, this.token, this.fetchFn);
+    }
 }
 
 class BaseAccount {
@@ -16165,21 +16358,29 @@ class BaseAccount {
         if (!sourceSecretKey) {
             throw new Error('Source secret key is required');
         }
-        const account = accounts.privateKeyToAccount(sourceSecretKey);
-        this.accountId = account.address;
-        const walletClient = viem.createWalletClient({
-            account: account,
+        this.account = accounts.privateKeyToAccount(sourceSecretKey);
+        this.accountId = this.account.address;
+        this.walletClient = viem.createWalletClient({
+            account: this.account,
             chain: chains.base,
             transport: viem.http(baseRPCUrl),
         });
         this.paymentMakers = {
-            'base': new BasePaymentMaker(baseRPCUrl, walletClient),
+            'base': new BasePaymentMaker(baseRPCUrl, this.walletClient),
         };
     }
+    /**
+     * Get a signer that can be used with the x402 library
+     * This is only available for EVM-based accounts
+     */
+    getSigner() {
+        // Return the viem account directly - it implements LocalAccount interface
+        return this.account;
+    }
 }
 
 exports.ATXPAccount = ATXPAccount;
-exports.ATXPFetcher = ATXPFetcher;
+exports.ATXPLocalAccount = ATXPLocalAccount;
 exports.BaseAccount = BaseAccount;
 exports.BasePaymentMaker = BasePaymentMaker;
 exports.DEFAULT_CLIENT_CONFIG = DEFAULT_CLIENT_CONFIG;