@atxp/server 0.2.22 → 0.4.0

package/dist/serverTestHelpers.js

@@ -1,17 +1,27 @@
-/* eslint-disable @typescript-eslint/no-explicit-any, no-console */
 import { Readable } from 'stream';
+import { MemoryOAuthDb, DEFAULT_AUTHORIZATION_SERVER } from '@atxp/common';
 import { vi } from 'vitest';
-import { TokenProblem } from './types.js';
-import { buildServerConfig } from './atxpServer.js';
 import { BigNumber } from 'bignumber.js';
-export const DESTINATION = 'testDestination';
-export const SOURCE = 'testSource';
-export function charge({ amount = BigNumber(0.01), currency = 'USDC', network = 'solana', destination = DESTINATION, source = SOURCE } = {}) {
+
+var TokenProblem;
+(function (TokenProblem) {
+    TokenProblem["NO_TOKEN"] = "NO-TOKEN";
+    TokenProblem["NON_BEARER_AUTH_HEADER"] = "NON-BEARER-AUTH-HEADER";
+    TokenProblem["INVALID_TOKEN"] = "INVALID-TOKEN";
+    TokenProblem["INVALID_AUDIENCE"] = "INVALID-AUDIENCE";
+    TokenProblem["NON_SUFFICIENT_FUNDS"] = "NON-SUFFICIENT-FUNDS";
+    TokenProblem["INTROSPECT_ERROR"] = "INTROSPECT-ERROR";
+})(TokenProblem || (TokenProblem = {}));
+
+/* eslint-disable @typescript-eslint/no-explicit-any, no-console */
+const DESTINATION = 'testDestination';
+const SOURCE = 'testSource';
+function charge({ amount = BigNumber(0.01), currency = 'USDC', network = 'solana', destination = DESTINATION, source = SOURCE } = {}) {
     return { amount, currency, network, destination, source };
 }
-export const oneCentCharge = charge({ amount: BigNumber(0.01) });
-export const zeroCharge = charge({ amount: BigNumber(0) });
-export function logger() {
+const oneCentCharge = charge({ amount: BigNumber(0.01) });
+const zeroCharge = charge({ amount: BigNumber(0) });
+function logger() {
     return {
         debug: vi.fn().mockImplementation((msg) => { console.debug(msg); }),
         info: vi.fn().mockImplementation((msg) => { console.info(msg); }),
@@ -19,26 +29,45 @@ export function logger() {
         error: vi.fn().mockImplementation((msg) => { console.error(msg); }),
     };
 }
-export function config(args = {}) {
-    return buildServerConfig({
-        ...args,
+function config(args = {}) {
+    // Create a basic config without using buildServerConfig to avoid circular dependency
+    const mockLogger = logger();
+    const oAuthDb = args.oAuthDb ?? new MemoryOAuthDb();
+    const oAuthClient = args.oAuthClient ?? {
+        introspect: vi.fn().mockResolvedValue(tokenData()),
+        validateClientCredentials: vi.fn().mockResolvedValue(true),
+        extractAccessToken: vi.fn().mockReturnValue('test-token')
+    };
+    const config = {
         destination: args.destination ?? DESTINATION,
-        atxpAuthClientToken: args.atxpAuthClientToken ?? 'test-auth-token'
-    });
+        mountPath: args.mountPath ?? '/',
+        currency: args.currency ?? 'USDC',
+        network: args.network ?? 'base',
+        server: args.server ?? DEFAULT_AUTHORIZATION_SERVER,
+        payeeName: args.payeeName ?? 'Test ATXP Server',
+        allowHttp: args.allowHttp ?? true,
+        resource: args.resource ?? null,
+        oAuthDb,
+        oAuthClient,
+        paymentServer: args.paymentServer ?? paymentServer(),
+        logger: args.logger ?? mockLogger,
+        ...args
+    };
+    return config;
 }
-export function paymentServer({ charge = vi.fn().mockResolvedValue({ success: true, requiredPaymentId: null }), createPaymentRequest = vi.fn().mockResolvedValue('test-payment-request-id') } = {}) {
+function paymentServer({ charge = vi.fn().mockResolvedValue({ success: true, requiredPaymentId: null }), createPaymentRequest = vi.fn().mockResolvedValue('test-payment-request-id') } = {}) {
     return {
         charge,
         createPaymentRequest,
     };
 }
-export function mcpRequest({ method = 'tools/call', params = {}, id = 'call-1' } = {}) {
+function mcpRequest({ method = 'tools/call', params = {}, id = 'call-1' } = {}) {
     return { jsonrpc: "2.0", method, params, id };
 }
-export function mcpToolRequest({ toolName = 'testTool', args = { paramOne: 'test' }, } = {}) {
+function mcpToolRequest({ toolName = 'testTool', args = { paramOne: 'test' }, } = {}) {
     return mcpRequest({ method: 'tools/call', params: { name: toolName, arguments: args } });
 }
-export function incomingMessage({ body = {}, method = 'POST', url = '/', headers = { 'content-type': 'application/json' } } = {}) {
+function incomingMessage({ body = {}, method = 'POST', url = '/', headers = { 'content-type': 'application/json' } } = {}) {
     const bodyString = JSON.stringify(body);
     const stream = new Readable({
         read() {
@@ -51,14 +80,14 @@ export function incomingMessage({ body = {}, method = 'POST', url = '/', headers
     stream.headers = headers;
     return stream;
 }
-export function incomingToolMessage({ authHeader = undefined, url = '/', } = {}) {
+function incomingToolMessage({ authHeader = undefined, url = '/', } = {}) {
     return incomingMessage({
         body: mcpToolRequest({ toolName: 'testTool' }),
         headers: { 'authorization': authHeader, 'content-type': 'application/json' },
         url
     });
 }
-export function oAuthClient({ introspectResult = tokenData(), authorizationServer = {
+function oAuthClient({ introspectResult = tokenData(), authorizationServer = {
     issuer: 'https://auth.atxp.ai',
 } } = {}) {
     return {
@@ -66,10 +95,10 @@ export function oAuthClient({ introspectResult = tokenData(), authorizationServe
         authorizationServerFromUrl: vi.fn().mockResolvedValue(authorizationServer)
     };
 }
-export function tokenData({ active = true, sub = 'test-user', scope = 'tools:read', aud = 'https://example.com' } = {}) {
+function tokenData({ active = true, sub = 'test-user', scope = 'tools:read', aud = 'https://example.com' } = {}) {
     return { active, sub, scope, aud };
 }
-export function tokenCheck({ data = tokenData(), token = 'test-token', passes = true, problem = TokenProblem.NO_TOKEN, resourceMetadataUrl = 'https://example.com/.well-known/oauth-protected-resource' } = {}) {
+function tokenCheck({ data = tokenData(), token = 'test-token', passes = true, problem = TokenProblem.NO_TOKEN, resourceMetadataUrl = 'https://example.com/.well-known/oauth-protected-resource' } = {}) {
     if (passes) {
         return { passes, token, data, };
     }
@@ -77,7 +106,7 @@ export function tokenCheck({ data = tokenData(), token = 'test-token', passes =
         return { passes, token, data, problem, resourceMetadataUrl };
     }
 }
-export function serverResponse() {
+function serverResponse() {
     return {
         getHeader: vi.fn(),
         setHeader: vi.fn(),
@@ -85,4 +114,6 @@ export function serverResponse() {
         end: vi.fn(),
     };
 }
-//# sourceMappingURL=serverTestHelpers.js.map
+
+export { DESTINATION, SOURCE, charge, config, incomingMessage, incomingToolMessage, logger, mcpRequest, mcpToolRequest, oAuthClient, oneCentCharge, paymentServer, serverResponse, tokenCheck, tokenData, zeroCharge };
+//# sourceMappingURL=serverTestHelpers.js.map

package/dist/serverTestHelpers.js.map

@@ -1 +1 @@
-{"version":3,"file":"serverTestHelpers.js","sourceRoot":"","sources":["../src/serverTestHelpers.ts"],"names":[],"mappings":"AAAA,mEAAmE;AAEnE,OAAO,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAIlC,OAAO,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAkE,YAAY,EAAqC,MAAM,YAAY,CAAC;AAC7I,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAGzC,MAAM,CAAC,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAC7C,MAAM,CAAC,MAAM,MAAM,GAAG,YAAY,CAAC;AAEnC,MAAM,UAAU,MAAM,CAAC,EACnB,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,EACxB,QAAQ,GAAG,MAAM,EACjB,OAAO,GAAG,QAAQ,EAClB,WAAW,GAAG,WAAW,EACzB,MAAM,GAAG,MAAM,KAOb,EAAE;IAEN,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC;AAC5D,CAAC;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,MAAM,CAAC,EAAC,MAAM,EAAE,SAAS,CAAC,IAAI,CAAC,EAAC,CAAC,CAAC;AAE/D,MAAM,CAAC,MAAM,UAAU,GAAG,MAAM,CAAC,EAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,EAAC,CAAC,CAAC;AAEzD,MAAM,UAAU,MAAM;IACpB,OAAO;QACL,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,EAAE,GAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACxE,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,EAAE,GAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACtE,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,EAAE,GAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACtE,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,EAAE,GAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;KACzE,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,OAA4B,EAAE;IACnD,OAAO,iBAAiB,CAAC;QACvB,GAAG,IAAI;QACP,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,WAAW;QAC5C,mBAAmB,EAAE,IAAI,CAAC,mBAAmB,IAAI,iBAAiB;KACnE,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,EAC5B,MAAM,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,EAAC,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAC,CAAC,EAC5E,oBAAoB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,yBAAyB,CAAC,EAC5E,GAAG,EAAE;IACJ,OAAO;QACL,MAAM;QACN,oBAAoB;KACO,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,EAAC,MAAM,GAAG,YAAY,EAAE,MAAM,GAAG,EAAE,EAAE,EAAE,GAAG,QAAQ,KAIzE,EAAE;IAEJ,OAAO,EAAE,OAAO,EAAE,KAAc,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;AACzD,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,EAC3B,QAAQ,GAAG,UAAU,EACrB,IAAI,GAAG,EAAC,QAAQ,EAAE,MAAM,EAAC,MAIvB,EAAE;IAEN,OAAO,UAAU,CAAC,EAAC,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAC,EAAC,CAAC,CAAC;AACvF,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,EAC5B,IAAI,GAAG,EAAE,EACT,MAAM,GAAG,MAAM,EACf,GAAG,GAAG,GAAG,EACT,OAAO,GAAG,EAAC,cAAc,EAAE,kBAAkB,EAAC,KAM5C,EAAE;IAEN,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,IAAI,QAAQ,CAAC;QAC1B,IAAI;YACF,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACtB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClB,CAAC;KACF,CAAoB,CAAC;IACtB,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,MAAM,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,EAChC,UAAU,GAAG,SAAS,EACtB,GAAG,GAAG,GAAG,MAIP,EAAE;IAEN,OAAO,eAAe,CAAC;QACrB,IAAI,EAAE,cAAc,CAAC,EAAC,QAAQ,EAAE,UAAU,EAAC,CAAC;QAC5C,OAAO,EAAE,EAAC,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE,kBAAkB,EAAC;QAC1E,GAAG;KACJ,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,EAC1B,gBAAgB,GAAG,SAAS,EAAE,EAC9B,mBAAmB,GAAG;IACpB,MAAM,EAAE,sBAAsB;CAC/B,KAIC,EAAE;IACJ,OAAO;QACL,eAAe,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,gBAAgB,CAAC;QAC5D,0BAA0B,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,mBAAmB,CAAC;KACzC,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,EACtB,MAAM,GAAG,IAAI,EACb,GAAG,GAAG,WAAW,EACjB,KAAK,GAAG,YAAY,EACpB,GAAG,GAAG,qBAAqB,KACL,EAAE;IAE1B,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,CAAA;AACpC,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,EACzB,IAAI,GAAG,SAAS,EAAE,EAClB,KAAK,GAAG,YAAY,EACpB,MAAM,GAAG,IAAI,EACb,OAAO,GAAG,YAAY,CAAC,QAAQ,EAC/B,mBAAmB,GAAG,0DAA0D,KAO9E,EAAE;IACJ,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,GAAqB,CAAC;IACpD,CAAC;SAAM,CAAC;QACN,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAoB,CAAC;IACjF,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,OAAO;QACL,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;KACgB,CAAC;AACjC,CAAC"}
+{"version":3,"file":"serverTestHelpers.js","sources":["../src/types.ts","../src/serverTestHelpers.ts"],"sourcesContent":[null,null],"names":[],"mappings":";;;;;AAmDA,IAAY,YAOX;AAPD,CAAA,UAAY,YAAY,EAAA;AACtB,IAAA,YAAA,CAAA,UAAA,CAAA,GAAA,UAAqB;AACrB,IAAA,YAAA,CAAA,wBAAA,CAAA,GAAA,wBAAiD;AACjD,IAAA,YAAA,CAAA,eAAA,CAAA,GAAA,eAA+B;AAC/B,IAAA,YAAA,CAAA,kBAAA,CAAA,GAAA,kBAAqC;AACrC,IAAA,YAAA,CAAA,sBAAA,CAAA,GAAA,sBAA6C;AAC7C,IAAA,YAAA,CAAA,kBAAA,CAAA,GAAA,kBAAqC;AACvC,CAAC,EAPW,YAAY,KAAZ,YAAY,GAAA,EAAA,CAAA,CAAA;;ACnDxB;AAaO,MAAM,WAAW,GAAG;AACpB,MAAM,MAAM,GAAG;AAEhB,SAAU,MAAM,CAAC,EACnB,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,EACxB,QAAQ,GAAG,MAAM,EACjB,OAAO,GAAG,QAAQ,EAClB,WAAW,GAAG,WAAW,EACzB,MAAM,GAAG,MAAM,EAAA,GAOb,EAAE,EAAA;IAEN,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE;AAC3D;AAEO,MAAM,aAAa,GAAG,MAAM,CAAC,EAAC,MAAM,EAAE,SAAS,CAAC,IAAI,CAAC,EAAC;AAEtD,MAAM,UAAU,GAAG,MAAM,CAAC,EAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,EAAC;SAEvC,MAAM,GAAA;IACpB,OAAO;QACL,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,KAAI,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACxE,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,KAAI,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACtE,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,KAAI,EAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACtE,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,KAAI,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;KACzE;AACH;AAEM,SAAU,MAAM,CAAC,IAAA,GAA4B,EAAE,EAAA;;AAEnD,IAAA,MAAM,UAAU,GAAG,MAAM,EAAE;IAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,IAAI,aAAa,EAAE;AACnD,IAAA,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI;QACtC,UAAU,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,SAAS,EAAE,CAAC;QAClD,yBAAyB,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,IAAI,CAAC;QAC1D,kBAAkB,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,YAAY;KAClD;AAER,IAAA,MAAM,MAAM,GAAe;AACzB,QAAA,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,WAAW;AAC5C,QAAA,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,GAAG;AAChC,QAAA,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,MAAM;AACjC,QAAA,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,MAAM;AAC/B,QAAA,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,4BAA4B;AACnD,QAAA,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,kBAAkB;AAC/C,QAAA,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI;AACjC,QAAA,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,IAAI;QAC/B,OAAO;QACP,WAAW;AACX,QAAA,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,aAAa,EAAE;AACpD,QAAA,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,UAAU;AACjC,QAAA,GAAG;KACJ;AAED,IAAA,OAAO,MAAM;AACf;SAEgB,aAAa,CAAC,EAC5B,MAAM,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,EAAC,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAC,CAAC,EAC5E,oBAAoB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,yBAAyB,CAAC,EAC5E,GAAG,EAAE,EAAA;IACJ,OAAO;QACL,MAAM;QACN,oBAAoB;KACO;AAC/B;SAEgB,UAAU,CAAC,EAAC,MAAM,GAAG,YAAY,EAAE,MAAM,GAAG,EAAE,EAAE,EAAE,GAAG,QAAQ,KAIzE,EAAE,EAAA;IAEJ,OAAO,EAAE,OAAO,EAAE,KAAc,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE;AACxD;SAEgB,cAAc,CAAC,EAC3B,QAAQ,GAAG,UAAU,EACrB,IAAI,GAAG,EAAC,QAAQ,EAAE,MAAM,EAAC,MAIvB,EAAE,EAAA;IAEN,OAAO,UAAU,CAAC,EAAC,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAC,EAAC,CAAC;AACtF;AAEM,SAAU,eAAe,CAAC,EAC5B,IAAI,GAAG,EAAE,EACT,MAAM,GAAG,MAAM,EACf,GAAG,GAAG,GAAG,EACT,OAAO,GAAG,EAAC,cAAc,EAAE,kBAAkB,EAAC,EAAA,GAM5C,EAAE,EAAA;IAEN,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;AACvC,IAAA,MAAM,MAAM,GAAG,IAAI,QAAQ,CAAC;QAC1B,IAAI,GAAA;AACF,YAAA,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC;AACrB,YAAA,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;QACjB;AACD,KAAA,CAAoB;AACrB,IAAA,MAAM,CAAC,MAAM,GAAG,MAAM;AACtB,IAAA,MAAM,CAAC,GAAG,GAAG,GAAG;AAChB,IAAA,MAAM,CAAC,OAAO,GAAG,OAAO;AACxB,IAAA,OAAO,MAAM;AACf;AAEM,SAAU,mBAAmB,CAAC,EAChC,UAAU,GAAG,SAAS,EACtB,GAAG,GAAG,GAAG,GAAA,GAIP,EAAE,EAAA;AAEN,IAAA,OAAO,eAAe,CAAC;QACrB,IAAI,EAAE,cAAc,CAAC,EAAC,QAAQ,EAAE,UAAU,EAAC,CAAC;QAC5C,OAAO,EAAE,EAAC,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE,kBAAkB,EAAC;QAC1E;AACD,KAAA,CAAC;AACJ;AAEM,SAAU,WAAW,CAAC,EAC1B,gBAAgB,GAAG,SAAS,EAAE,EAC9B,mBAAmB,GAAG;AACpB,IAAA,MAAM,EAAE,sBAAsB;AAC/B,CAAA,EAAA,GAIC,EAAE,EAAA;IACJ,OAAO;QACL,eAAe,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,gBAAgB,CAAC;QAC5D,0BAA0B,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,mBAAmB;KACxC;AACrC;AAEM,SAAU,SAAS,CAAC,EACtB,MAAM,GAAG,IAAI,EACb,GAAG,GAAG,WAAW,EACjB,KAAK,GAAG,YAAY,EACpB,GAAG,GAAG,qBAAqB,KACL,EAAE,EAAA;IAE1B,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE;AACpC;AAEM,SAAU,UAAU,CAAC,EACzB,IAAI,GAAG,SAAS,EAAE,EAClB,KAAK,GAAG,YAAY,EACpB,MAAM,GAAG,IAAI,EACb,OAAO,GAAG,YAAY,CAAC,QAAQ,EAC/B,mBAAmB,GAAG,0DAA0D,EAAA,GAO9E,EAAE,EAAA;IACJ,IAAI,MAAM,EAAE;AACV,QAAA,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,GAAqB;IACnD;SAAO;QACL,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAoB;IAChF;AACF;SAEgB,cAAc,GAAA;IAC5B,OAAO;AACL,QAAA,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;AAClB,QAAA,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;AAClB,QAAA,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;AAClB,QAAA,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;KACgB;AAChC;;;;"}

package/dist/types.js

@@ -1,4 +1,4 @@
-export var TokenProblem;
+var TokenProblem;
 (function (TokenProblem) {
     TokenProblem["NO_TOKEN"] = "NO-TOKEN";
     TokenProblem["NON_BEARER_AUTH_HEADER"] = "NON-BEARER-AUTH-HEADER";
@@ -7,4 +7,6 @@ export var TokenProblem;
     TokenProblem["NON_SUFFICIENT_FUNDS"] = "NON-SUFFICIENT-FUNDS";
     TokenProblem["INTROSPECT_ERROR"] = "INTROSPECT-ERROR";
 })(TokenProblem || (TokenProblem = {}));
-//# sourceMappingURL=types.js.map
+
+export { TokenProblem };
+//# sourceMappingURL=types.js.map

package/dist/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAoDA,MAAM,CAAN,IAAY,YAOX;AAPD,WAAY,YAAY;IACtB,qCAAqB,CAAA;IACrB,iEAAiD,CAAA;IACjD,+CAA+B,CAAA;IAC/B,qDAAqC,CAAA;IACrC,6DAA6C,CAAA;IAC7C,qDAAqC,CAAA;AACvC,CAAC,EAPW,YAAY,KAAZ,YAAY,QAOvB"}
+{"version":3,"file":"types.js","sources":["../src/types.ts"],"sourcesContent":[null],"names":[],"mappings":"IAmDY;AAAZ,CAAA,UAAY,YAAY,EAAA;AACtB,IAAA,YAAA,CAAA,UAAA,CAAA,GAAA,UAAqB;AACrB,IAAA,YAAA,CAAA,wBAAA,CAAA,GAAA,wBAAiD;AACjD,IAAA,YAAA,CAAA,eAAA,CAAA,GAAA,eAA+B;AAC/B,IAAA,YAAA,CAAA,kBAAA,CAAA,GAAA,kBAAqC;AACrC,IAAA,YAAA,CAAA,sBAAA,CAAA,GAAA,sBAA6C;AAC7C,IAAA,YAAA,CAAA,kBAAA,CAAA,GAAA,kBAAqC;AACvC,CAAC,EAPW,YAAY,KAAZ,YAAY,GAAA,EAAA,CAAA,CAAA;;;;"}

package/dist/webapi/mcp.js

@@ -0,0 +1,25 @@
+import { parseMcpRequestsCore } from '../core/mcp.js';
+
+/**
+ * Web API implementation of MCP request parsing for Cloudflare Workers, Deno, etc.
+ * Handles Web API Request parsing and delegates to core logic
+ */
+async function parseMcpRequestsWebApi(config, request) {
+    const requestUrl = new URL(request.url);
+    try {
+        const text = await request.text();
+        if (!text) {
+            return [];
+        }
+        const parsedBody = JSON.parse(text);
+        // Use the shared core logic
+        return parseMcpRequestsCore(config, requestUrl, request.method, parsedBody);
+    }
+    catch (error) {
+        config.logger.debug(`Error parsing MCP request: ${error instanceof Error ? error.message : String(error)}`);
+        return [];
+    }
+}
+
+export { parseMcpRequestsWebApi };
+//# sourceMappingURL=mcp.js.map

package/dist/webapi/mcp.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mcp.js","sources":["../../src/webapi/mcp.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAIA;;;AAGG;AACI,eAAe,sBAAsB,CAC1C,MAAkB,EAClB,OAAgB,EAAA;IAEhB,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;AAEvC,IAAA,IAAI;AACF,QAAA,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE;QACjC,IAAI,CAAC,IAAI,EAAE;AACT,YAAA,OAAO,EAAE;QACX;QAEA,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;;AAGnC,QAAA,OAAO,oBAAoB,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,MAAM,EAAE,UAAU,CAAqB;IACjG;IAAE,OAAO,KAAK,EAAE;QACd,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,KAAK,YAAY,KAAK,GAAG,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAA,CAAE,CAAC;AAC3G,QAAA,OAAO,EAAE;IACX;AACF;;;;"}

package/dist/webapi/oauth.js

@@ -0,0 +1,43 @@
+import { createOAuthChallengeResponseCore } from '../core/oauth.js';
+
+/**
+ * Web API implementation of OAuth challenge sending for Cloudflare Workers, Deno, etc.
+ * Uses Web API Response and delegates to core logic
+ */
+function sendOAuthChallengeWebApi(tokenCheck) {
+    // Use the shared core logic to get response data
+    const responseData = createOAuthChallengeResponseCore(tokenCheck);
+    if (!responseData) {
+        return null;
+    }
+    // Convert to Web API Response
+    return new Response(responseData.body, {
+        status: responseData.status,
+        headers: responseData.headers
+    });
+}
+function sendProtectedResourceMetadata(metadata) {
+    if (!metadata) {
+        return null;
+    }
+    return new Response(JSON.stringify(metadata), {
+        status: 200,
+        headers: {
+            'Content-Type': 'application/json'
+        }
+    });
+}
+function sendOAuthMetadata(metadata) {
+    if (!metadata) {
+        return null;
+    }
+    return new Response(JSON.stringify(metadata), {
+        status: 200,
+        headers: {
+            'Content-Type': 'application/json'
+        }
+    });
+}
+
+export { sendOAuthChallengeWebApi, sendOAuthMetadata, sendProtectedResourceMetadata };
+//# sourceMappingURL=oauth.js.map

package/dist/webapi/oauth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth.js","sources":["../../src/webapi/oauth.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAIA;;;AAGG;AACG,SAAU,wBAAwB,CAAC,UAAsB,EAAA;;AAE7D,IAAA,MAAM,YAAY,GAAG,gCAAgC,CAAC,UAAU,CAAC;IAEjE,IAAI,CAAC,YAAY,EAAE;AACjB,QAAA,OAAO,IAAI;IACb;;AAGA,IAAA,OAAO,IAAI,QAAQ,CAAC,YAAY,CAAC,IAAI,EAAE;QACrC,MAAM,EAAE,YAAY,CAAC,MAAM;QAC3B,OAAO,EAAE,YAAY,CAAC;AACvB,KAAA,CAAC;AACJ;AAEM,SAAU,6BAA6B,CAAC,QAA0C,EAAA;IACtF,IAAI,CAAC,QAAQ,EAAE;AACb,QAAA,OAAO,IAAI;IACb;IAEA,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE;AAC5C,QAAA,MAAM,EAAE,GAAG;AACX,QAAA,OAAO,EAAE;AACP,YAAA,cAAc,EAAE;AACjB;AACF,KAAA,CAAC;AACJ;AAEM,SAAU,iBAAiB,CAAC,QAA0C,EAAA;IAC1E,IAAI,CAAC,QAAQ,EAAE;AACb,QAAA,OAAO,IAAI;IACb;IAEA,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE;AAC5C,QAAA,MAAM,EAAE,GAAG;AACX,QAAA,OAAO,EAAE;AACP,YAAA,cAAc,EAAE;AACjB;AACF,KAAA,CAAC;AACJ;;;;"}

package/dist/webapi/token.js

@@ -0,0 +1,15 @@
+import { checkTokenCore } from '../core/token.js';
+
+/**
+ * Web API implementation of token checking for Cloudflare Workers, Deno, etc.
+ * Extracts data from Web API Request and delegates to core logic
+ */
+async function checkTokenWebApi(config, resourceURL, request) {
+    // Extract authorization header from Web API request
+    const authorizationHeader = request.headers.get('authorization');
+    // Use the shared core logic
+    return checkTokenCore(config, resourceURL, authorizationHeader);
+}
+
+export { checkTokenWebApi };
+//# sourceMappingURL=token.js.map

package/dist/webapi/token.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token.js","sources":["../../src/webapi/token.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAGA;;;AAGG;AACI,eAAe,gBAAgB,CACpC,MAAkB,EAClB,WAAgB,EAChB,OAAgB,EAAA;;IAGhB,MAAM,mBAAmB,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;;IAGhE,OAAO,cAAc,CAAC,MAAM,EAAE,WAAW,EAAE,mBAAmB,CAAC;AACjE;;;;"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@atxp/server",
-  "version": "0.2.22",
+  "version": "0.4.0",
   "description": "ATXP Server - MCP server implementation with payment processing capabilities",
   "license": "MIT",
   "repository": {
@@ -9,35 +9,49 @@
     "directory": "packages/atxp-server"
   },
   "type": "module",
-  "main": "./dist/index.js",
+  "sideEffects": false,
+  "main": "./dist/index.cjs",
+  "module": "./dist/index.js",
   "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "require": "./dist/index.cjs"
+    },
+    "./serverTestHelpers": {
+      "types": "./dist/serverTestHelpers.d.ts",
+      "import": "./dist/serverTestHelpers.js",
+      "require": "./dist/serverTestHelpers.js"
+    }
+  },
   "files": [
     "dist"
   ],
   "scripts": {
-    "build": "tsc",
+    "build": "rollup -c",
     "typecheck": "tsc --noEmit",
     "lint": "eslint . --ext .ts",
     "lint:fix": "eslint . --ext .ts --fix",
-    "test": "vitest run"
+    "test": "vitest run",
+    "prepack": "npm run build && npm run typecheck",
+    "pack:dry": "npm pack --dry-run"
   },
   "dependencies": {
-    "@atxp/common": "0.2.22",
+    "@atxp/common": "0.4.0",
     "@modelcontextprotocol/sdk": "^1.15.0",
-    "@types/express": "^5.0.0",
     "bignumber.js": "^9.3.0",
-    "content-type": "^1.0.5",
-    "express": "^5.0.0",
     "oauth4webapi": "^3.5.0"
   },
+  "peerDependencies": {
+    "content-type": "^1.0.5"
+  },
   "devDependencies": {
     "@types/node": "^22.13.0",
-    "@types/supertest": "^6.0.3",
     "@typescript-eslint/eslint-plugin": "^8.38.0",
     "@typescript-eslint/parser": "^8.38.0",
     "eslint": "^9.32.0",
     "node-mocks-http": "^1.17.2",
-    "supertest": "^7.1.4",
     "typescript": "^5.7.3",
     "vitest": "^3.0.9"
   }

package/dist/atxpContext.d.ts

@@ -1,6 +0,0 @@
-import { ATXPConfig, TokenCheck } from "./types.js";
-export declare function getATXPConfig(): ATXPConfig | null;
-export declare function getATXPResource(): URL | null;
-export declare function atxpAccountId(): string | null;
-export declare function withATXPContext(config: ATXPConfig, resource: URL, tokenInfo: Pick<TokenCheck, 'token' | 'data'> | null, next: () => void): Promise<void>;
-//# sourceMappingURL=atxpContext.d.ts.map

package/dist/atxpContext.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"atxpContext.d.ts","sourceRoot":"","sources":["../src/atxpContext.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAWpD,wBAAgB,aAAa,IAAI,UAAU,GAAG,IAAI,CAGjD;AAED,wBAAgB,eAAe,IAAI,GAAG,GAAG,IAAI,CAG5C;AAGD,wBAAgB,aAAa,IAAI,MAAM,GAAG,IAAI,CAG7C;AAGD,wBAAsB,eAAe,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,EAAE,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAwB9J"}

package/dist/atxpServer.d.ts

@@ -1,12 +0,0 @@
-import { ATXPConfig } from "./types.js";
-import { Router } from "express";
-type RequiredATXPConfigFields = 'destination';
-type RequiredATXPConfig = Pick<ATXPConfig, RequiredATXPConfigFields>;
-type OptionalATXPConfig = Omit<ATXPConfig, RequiredATXPConfigFields>;
-export type ATXPArgs = RequiredATXPConfig & Partial<OptionalATXPConfig>;
-type BuildableATXPConfigFields = 'oAuthDb' | 'oAuthClient' | 'paymentServer' | 'logger';
-export declare const DEFAULT_CONFIG: Required<Omit<OptionalATXPConfig, BuildableATXPConfigFields>>;
-export declare function buildServerConfig(args: ATXPArgs): ATXPConfig;
-export declare function atxpServer(args: ATXPArgs): Router;
-export {};
-//# sourceMappingURL=atxpServer.d.ts.map

package/dist/atxpServer.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"atxpServer.d.ts","sourceRoot":"","sources":["../src/atxpServer.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAiB,MAAM,YAAY,CAAC;AAKvD,OAAO,EAAmC,MAAM,EAAE,MAAM,SAAS,CAAC;AAMlE,KAAK,wBAAwB,GAAG,aAAa,CAAC;AAC9C,KAAK,kBAAkB,GAAG,IAAI,CAAC,UAAU,EAAE,wBAAwB,CAAC,CAAC;AACrE,KAAK,kBAAkB,GAAG,IAAI,CAAC,UAAU,EAAE,wBAAwB,CAAC,CAAC;AACrE,MAAM,MAAM,QAAQ,GAAG,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;AACxE,KAAK,yBAAyB,GAAG,SAAS,GAAG,aAAa,GAAG,eAAe,GAAG,QAAQ,CAAC;AAExF,eAAO,MAAM,cAAc,EAAE,QAAQ,CAAC,IAAI,CAAC,kBAAkB,EAAE,yBAAyB,CAAC,CASxF,CAAC;AAEF,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,QAAQ,GAAG,UAAU,CA8B5D;AAED,wBAAgB,UAAU,CAAC,IAAI,EAAE,QAAQ,GAAG,MAAM,CAyDjD"}

package/dist/atxpServer.js

@@ -1,101 +0,0 @@
-import { ConsoleLogger, OAuthResourceClient, DEFAULT_AUTHORIZATION_SERVER, MemoryOAuthDb } from "@atxp/common";
-import { checkToken } from "./token.js";
-import { sendOAuthChallenge } from "./oAuthChallenge.js";
-import { withATXPContext } from "./atxpContext.js";
-import { parseMcpRequests } from "./http.js";
-import { Router } from "express";
-import { getProtectedResourceMetadata as getPRMResponse, sendProtectedResourceMetadata } from "./protectedResourceMetadata.js";
-import { getResource } from "./getResource.js";
-import { ATXPPaymentServer } from "./paymentServer.js";
-import { getOAuthMetadata, sendOAuthMetadata } from "./oAuthMetadata.js";
-export const DEFAULT_CONFIG = {
-    mountPath: '/',
-    currency: 'USDC',
-    network: 'base',
-    server: DEFAULT_AUTHORIZATION_SERVER,
-    atxpAuthClientToken: undefined, // Will be set in buildServerConfig
-    payeeName: 'An ATXP Server',
-    allowHttp: false, // May be overridden in buildServerConfig by process.env.NODE_ENV
-    resource: null, // Set dynamically from the request URL
-};
-export function buildServerConfig(args) {
-    if (!args.destination) {
-        throw new Error('destination is required');
-    }
-    // Read environment variables at runtime, not module load time
-    const envDefaults = {
-        ...DEFAULT_CONFIG,
-        atxpAuthClientToken: process.env.ATXP_AUTH_CLIENT_TOKEN,
-        allowHttp: process.env.NODE_ENV === 'development',
-    };
-    const withDefaults = { ...envDefaults, ...args };
-    const oAuthDb = withDefaults.oAuthDb ?? new MemoryOAuthDb();
-    const oAuthClient = withDefaults.oAuthClient ?? new OAuthResourceClient({
-        db: oAuthDb,
-        allowInsecureRequests: withDefaults.allowHttp,
-        clientName: withDefaults.payeeName,
-    });
-    const logger = withDefaults.logger ?? new ConsoleLogger();
-    let paymentServer;
-    if (withDefaults.paymentServer) {
-        paymentServer = withDefaults.paymentServer;
-    }
-    else {
-        if (!withDefaults.atxpAuthClientToken) {
-            throw new Error('ATXP_AUTH_CLIENT_TOKEN is not set. If no payment server is provided, you must set ATXP_AUTH_CLIENT_TOKEN.');
-        }
-        paymentServer = new ATXPPaymentServer(withDefaults.server, withDefaults.atxpAuthClientToken, logger);
-    }
-    const built = { oAuthDb, oAuthClient, paymentServer, logger };
-    return Object.freeze({ ...withDefaults, ...built });
-}
-;
-export function atxpServer(args) {
-    const config = buildServerConfig(args);
-    const router = Router();
-    // Regular middleware
-    const atxpMiddleware = async (req, res, next) => {
-        try {
-            const logger = config.logger; // Capture logger in closure
-            const requestUrl = new URL(req.url, req.protocol + '://' + req.host);
-            logger.debug(`Handling ${req.method} ${requestUrl.toString()}`);
-            const resource = getResource(config, requestUrl);
-            const prmResponse = getPRMResponse(config, requestUrl);
-            if (sendProtectedResourceMetadata(res, prmResponse)) {
-                return;
-            }
-            // Some older clients don't use PRM and assume the MCP server is an OAuth server
-            const oAuthMetadata = await getOAuthMetadata(config, requestUrl);
-            if (sendOAuthMetadata(res, oAuthMetadata)) {
-                return;
-            }
-            const mcpRequests = await parseMcpRequests(config, requestUrl, req, req.body);
-            logger.debug(`${mcpRequests.length} MCP requests found in request`);
-            if (mcpRequests.length === 0) {
-                next();
-                return;
-            }
-            logger.debug(`Request started - ${req.method} ${req.path}`);
-            const tokenCheck = await checkToken(config, resource, req);
-            const user = tokenCheck.data?.sub ?? null;
-            // Listen for when the response is finished
-            res.on('finish', async () => {
-                logger.debug(`Request finished ${user ? `for user ${user} ` : ''}- ${req.method} ${req.path}`);
-            });
-            // Send the oauth challenge, if needed. If we do, we're done
-            if (sendOAuthChallenge(res, tokenCheck)) {
-                return;
-            }
-            return withATXPContext(config, resource, tokenCheck, next);
-        }
-        catch (error) {
-            config.logger.error(`Critical error in atxp middleware - returning HTTP 500. Error: ${error instanceof Error ? error.message : String(error)}`);
-            config.logger.debug(JSON.stringify(error, null, 2));
-            res.status(500).json({ error: 'server_error', error_description: 'An internal server error occurred' });
-        }
-    };
-    // Add middleware to the router
-    router.use(atxpMiddleware);
-    return router;
-}
-//# sourceMappingURL=atxpServer.js.map

package/dist/atxpServer.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"atxpServer.js","sourceRoot":"","sources":["../src/atxpServer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,4BAA4B,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE/G,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAmC,MAAM,EAAE,MAAM,SAAS,CAAC;AAClE,OAAO,EAAE,4BAA4B,IAAI,cAAc,EAAE,6BAA6B,EAAE,MAAM,gCAAgC,CAAC;AAC/H,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAQzE,MAAM,CAAC,MAAM,cAAc,GAAkE;IAC3F,SAAS,EAAE,GAAG;IACd,QAAQ,EAAE,MAAe;IACzB,OAAO,EAAE,MAAe;IACxB,MAAM,EAAE,4BAA4B;IACpC,mBAAmB,EAAE,SAA6B,EAAE,mCAAmC;IACvF,SAAS,EAAE,gBAAgB;IAC3B,SAAS,EAAE,KAAK,EAAE,iEAAiE;IACnF,QAAQ,EAAE,IAAI,EAAE,uCAAuC;CACxD,CAAC;AAEF,MAAM,UAAU,iBAAiB,CAAC,IAAc;IAC9C,IAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,8DAA8D;IAC9D,MAAM,WAAW,GAAG;QAClB,GAAG,cAAc;QACjB,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB;QACvD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa;KAClD,CAAC;IACF,MAAM,YAAY,GAAG,EAAE,GAAG,WAAW,EAAE,GAAG,IAAI,EAAE,CAAC;IACjD,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,IAAI,IAAI,aAAa,EAAE,CAAA;IAC3D,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,IAAI,IAAI,mBAAmB,CAAC;QACtE,EAAE,EAAE,OAAO;QACX,qBAAqB,EAAE,YAAY,CAAC,SAAS;QAC7C,UAAU,EAAE,YAAY,CAAC,SAAS;KACnC,CAAC,CAAC;IACH,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;IAC1D,IAAI,aAAwC,CAAC;IAC7C,IAAI,YAAY,CAAC,aAAa,EAAG,CAAC;QAChC,aAAa,GAAG,YAAY,CAAC,aAAa,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,2GAA2G,CAAC,CAAC;QAC/H,CAAC;QACD,aAAa,GAAG,IAAI,iBAAiB,CAAC,YAAY,CAAC,MAAM,EAAE,YAAY,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;IACvG,CAAC;IACD,MAAM,KAAK,GAAG,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,EAAC,CAAC;IAC7D,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,YAAY,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;AACtD,CAAC;AAAA,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,IAAc;IACvC,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACvC,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC;IAExB,qBAAqB;IACrB,MAAM,cAAc,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/E,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAE,4BAA4B;YAC3D,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,QAAQ,GAAG,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;YACrE,MAAM,CAAC,KAAK,CAAC,YAAY,GAAG,CAAC,MAAM,IAAI,UAAU,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAEhE,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACjD,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACvD,IAAI,6BAA6B,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;gBACpD,OAAO;YACT,CAAC;YAED,gFAAgF;YAChF,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACjE,IAAG,iBAAiB,CAAC,GAAG,EAAE,aAAa,CAAC,EAAE,CAAC;gBACzC,OAAO;YACT,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YAC9E,MAAM,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,MAAM,gCAAgC,CAAC,CAAC;YAEpE,IAAG,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC5B,IAAI,EAAE,CAAC;gBACP,OAAO;YACT,CAAC;YAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5D,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC3D,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,IAAI,IAAI,CAAC;YAE1C,2CAA2C;YAC3C,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,IAAI,EAAE;gBAC1B,MAAM,CAAC,KAAK,CAAC,oBAAoB,IAAI,CAAC,CAAC,CAAC,YAAY,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YACjG,CAAC,CAAC,CAAC;YAEH,4DAA4D;YAC5D,IAAI,kBAAkB,CAAC,GAAG,EAAE,UAAU,CAAC,EAAE,CAAC;gBACxC,OAAO;YACT,CAAC;YAED,OAAO,eAAe,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;QAC7D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,kEAAkE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAChJ,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACpD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,iBAAiB,EAAE,mCAAmC,EAAE,CAAC,CAAC;QAC1G,CAAC;IACH,CAAC,CAAC;IAEF,+BAA+B;IAC/B,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAE3B,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/getResource.d.ts

@@ -1,4 +0,0 @@
-import { ATXPConfig } from "./types.js";
-export declare function getPath(url: URL): string;
-export declare function getResource(config: ATXPConfig, requestUrl: URL): URL;
-//# sourceMappingURL=getResource.d.ts.map

package/dist/getResource.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"getResource.d.ts","sourceRoot":"","sources":["../src/getResource.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAExC,wBAAgB,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,MAAM,CAGxC;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,GAAG,GAAG,CAapE"}

package/dist/http.d.ts

@@ -1,7 +0,0 @@
-import { IncomingMessage } from "node:http";
-import { JSONRPCRequest } from "@modelcontextprotocol/sdk/types.js";
-import { ATXPConfig } from "./types.js";
-import { Logger } from "@atxp/common";
-export declare function parseMcpRequests(config: ATXPConfig, requestUrl: URL, req: IncomingMessage, parsedBody?: unknown): Promise<JSONRPCRequest[]>;
-export declare function parseBody(req: IncomingMessage, logger: Logger): Promise<unknown>;
-//# sourceMappingURL=http.d.ts.map

package/dist/http.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../src/http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAG5C,OAAO,EAAE,cAAc,EAAoB,MAAM,oCAAoC,CAAC;AACtF,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAoB,MAAM,EAAE,MAAM,cAAc,CAAC;AAQxD,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,EAAE,eAAe,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CA0BjJ;AAED,wBAAsB,SAAS,CAAC,GAAG,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAmBtF"}

package/dist/http.js

@@ -1,51 +0,0 @@
-import getRawBody from "raw-body";
-import contentType from "content-type";
-import { isJSONRPCRequest } from "@modelcontextprotocol/sdk/types.js";
-import { parseMcpMessages } from "@atxp/common";
-// Useful reference for dealing with low-level http requests:
-// https://github.com/modelcontextprotocol/typescript-sdk/blob/c6ac083b1b37b222b5bfba5563822daa5d03372e/src/server/streamableHttp.ts#L375
-// Using the same value as MCP SDK
-const MAXIMUM_MESSAGE_SIZE = "4mb";
-export async function parseMcpRequests(config, requestUrl, req, parsedBody) {
-    if (!req.method) {
-        return [];
-    }
-    if (req.method.toLowerCase() !== 'post') {
-        return [];
-    }
-    // The middleware has to be mounted at the root to serve the protected resource metadata,
-    // but the actual MCP server it's controlling is specified by the mountPath.
-    const path = requestUrl.pathname.replace(/\/$/, '');
-    const mountPath = config.mountPath.replace(/\/$/, '');
-    if (path !== mountPath && path !== `${mountPath}/message`) {
-        config.logger.debug(`Request path (${path}) does not match the mountPath (${mountPath}), skipping MCP middleware`);
-        return [];
-    }
-    parsedBody = parsedBody ?? await parseBody(req, config.logger);
-    const messages = await parseMcpMessages(parsedBody, config.logger);
-    const requests = messages.filter(msg => isJSONRPCRequest(msg));
-    if (requests.length !== messages.length) {
-        config.logger.debug(`Dropped ${messages.length - requests.length} MCP messages that were not MCP requests`);
-    }
-    return requests;
-}
-export async function parseBody(req, logger) {
-    try {
-        const ct = req.headers["content-type"];
-        let encoding = "utf-8";
-        if (ct) {
-            const parsedCt = contentType.parse(ct);
-            encoding = parsedCt.parameters.charset ?? "utf-8";
-        }
-        const body = await getRawBody(req, {
-            limit: MAXIMUM_MESSAGE_SIZE,
-            encoding,
-        });
-        return JSON.parse(body.toString());
-    }
-    catch (error) {
-        logger.error(error.message);
-        return undefined;
-    }
-}
-//# sourceMappingURL=http.js.map

package/dist/http.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"http.js","sourceRoot":"","sources":["../src/http.ts"],"names":[],"mappings":"AACA,OAAO,UAAU,MAAM,UAAU,CAAC;AAClC,OAAO,WAAW,MAAM,cAAc,CAAC;AACvC,OAAO,EAAkB,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AAEtF,OAAO,EAAE,gBAAgB,EAAU,MAAM,cAAc,CAAC;AAExD,6DAA6D;AAC7D,yIAAyI;AAEzI,kCAAkC;AAClC,MAAM,oBAAoB,GAAG,KAAK,CAAC;AAEnC,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAAkB,EAAE,UAAe,EAAE,GAAoB,EAAE,UAAoB;IACpH,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;QAChB,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,IAAI,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,MAAM,EAAE,CAAC;QACxC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,yFAAyF;IACzF,4EAA4E;IAC5E,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACpD,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACtD,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,GAAG,SAAS,UAAU,EAAE,CAAC;QAC1D,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,IAAI,mCAAmC,SAAS,4BAA4B,CAAC,CAAC;QACnH,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,UAAU,GAAG,UAAU,IAAI,MAAM,SAAS,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC/D,MAAM,QAAQ,GAAG,MAAM,gBAAgB,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAEnE,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;IAC/D,IAAI,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC,MAAM,0CAA0C,CAAC,CAAC;IAC9G,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,GAAoB,EAAE,MAAc;IAClE,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAEvC,IAAI,QAAQ,GAAG,OAAO,CAAC;QACvB,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,QAAQ,GAAG,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACvC,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,OAAO,IAAI,OAAO,CAAC;QACpD,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,GAAG,EAAE;YACjC,KAAK,EAAE,oBAAoB;YAC3B,QAAQ;SACT,CAAC,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IACrC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAE,KAAe,CAAC,OAAO,CAAC,CAAC;QACvC,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC"}

package/dist/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,iBAAiB,CAAC;AAChC,cAAc,YAAY,CAAC;AAC3B,cAAc,kBAAkB,CAAC;AACjC,cAAc,qBAAqB,CAAC"}

package/dist/oAuthChallenge.d.ts

@@ -1,4 +0,0 @@
-import { ServerResponse } from "http";
-import { TokenCheck } from "./types.js";
-export declare function sendOAuthChallenge(res: ServerResponse, tokenCheck: TokenCheck): boolean;
-//# sourceMappingURL=oAuthChallenge.d.ts.map

package/dist/oAuthChallenge.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"oAuthChallenge.d.ts","sourceRoot":"","sources":["../src/oAuthChallenge.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,MAAM,CAAC;AACtC,OAAO,EAAE,UAAU,EAAgB,MAAM,YAAY,CAAC;AAGtD,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,cAAc,EAAE,UAAU,EAAE,UAAU,GAAG,OAAO,CAsCvF"}

package/dist/oAuthChallenge.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"oAuthChallenge.js","sourceRoot":"","sources":["../src/oAuthChallenge.ts"],"names":[],"mappings":"AACA,OAAO,EAAc,YAAY,EAAE,MAAM,YAAY,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAE3C,MAAM,UAAU,kBAAkB,CAAC,GAAmB,EAAE,UAAsB;IAC5E,IAAI,UAAU,CAAC,MAAM,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,MAAM,GAAG,GAAG,CAAC;IACjB,IAAI,IAAI,GAAkE,EAAE,CAAC;IAC7E,4DAA4D;IAC5D,QAAQ,UAAU,CAAC,OAAO,EAAE,CAAC;QAC3B,KAAK,YAAY,CAAC,QAAQ;YACxB,MAAM;QACR,KAAK,YAAY,CAAC,sBAAsB;YACtC,MAAM,GAAG,GAAG,CAAC;YACb,IAAI,GAAG,EAAE,KAAK,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,qDAAqD,EAAE,CAAC;YAC9G,MAAM;QACR,KAAK,YAAY,CAAC,aAAa;YAC7B,IAAI,GAAG,EAAE,KAAK,EAAE,eAAe,EAAE,iBAAiB,EAAE,qBAAqB,EAAE,CAAC;YAC5E,MAAM;QACR,KAAK,YAAY,CAAC,gBAAgB;YAChC,IAAI,GAAG,EAAE,KAAK,EAAE,eAAe,EAAE,iBAAiB,EAAE,+CAA+C,EAAE,CAAC;YACtG,MAAM;QACR,KAAK,YAAY,CAAC,oBAAoB;YACpC,MAAM,GAAG,GAAG,CAAC;YACb,IAAI,GAAG,EAAE,KAAK,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,CAAC;YAClF,MAAM;QACR,KAAK,YAAY,CAAC,gBAAgB;YAChC,MAAM,GAAG,GAAG,CAAC;YACb,IAAI,GAAG,EAAE,KAAK,EAAE,cAAc,EAAE,iBAAiB,EAAE,mCAAmC,EAAE,CAAC;YACzF,MAAM;QACR;YACE,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,GAAG,CAAC,SAAS,CAAC,kBAAkB,EAAE,6BAA6B,UAAU,CAAC,mBAAmB,GAAG,CAAC,CAAC;IAClG,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACtB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAE9B,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/oAuthMetadata.d.ts

@@ -1,6 +0,0 @@
-import { ATXPConfig } from "./types.js";
-import * as oauth from 'oauth4webapi';
-import { ServerResponse } from "http";
-export declare function sendOAuthMetadata(res: ServerResponse, metadata: oauth.AuthorizationServer | null): boolean;
-export declare function getOAuthMetadata(config: ATXPConfig, requestUrl: URL): Promise<oauth.AuthorizationServer | null>;
-//# sourceMappingURL=oAuthMetadata.d.ts.map

package/dist/oAuthMetadata.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"oAuthMetadata.d.ts","sourceRoot":"","sources":["../src/oAuthMetadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,KAAK,KAAK,MAAM,cAAc,CAAC;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,MAAM,CAAC;AAGtC,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,cAAc,EAAE,QAAQ,EAAE,KAAK,CAAC,mBAAmB,GAAG,IAAI,GAAG,OAAO,CAQ1G;AAED,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,mBAAmB,GAAG,IAAI,CAAC,CAyBrH"}