@atxp/server 0.2.5

package/dist/paymentServer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"paymentServer.d.ts","sourceRoot":"","sources":["../src/paymentServer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC3D,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,sBAAsB,EAAE,SAAS,EAAE,MAAM,EAAsB,MAAM,cAAc,CAAC;AAChH,OAAO,SAAS,MAAM,cAAc,CAAC;AAErC;;;;;;;;;;;;;;;;;;;GAmBG;AACH,qBAAa,iBAAkB,YAAW,aAAa;IAEnD,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,eAAe;IAChC,OAAO,CAAC,QAAQ,CAAC,MAAM;IACvB,OAAO,CAAC,QAAQ,CAAC,OAAO;gBAHP,MAAM,EAAE,sBAAsB,EAC9B,eAAe,EAAE,MAAM,EACvB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,SAAiB;IAM7C,MAAM,GAAS,oDACb;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,QAAQ,CAAC;QAAC,MAAM,EAAE,SAAS,CAAA;KAAC,KAAG,OAAO,CAAC,cAAc,CAAC,CAczH;IAED,oBAAoB,GAAS,oDAC3B;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,OAAO,CAAC;QAAC,QAAQ,EAAE,QAAQ,CAAC;QAAC,MAAM,EAAE,SAAS,CAAA;KAAC,KAAG,OAAO,CAAC,MAAM,CAAC,CAajH;IAED;;;;;;;;;;;;;;;;;;;;;OAqBG;IACH,SAAS,CAAC,WAAW,GAAS,QAAQ,KAAK,GAAG,MAAM,EAAE,MAAM,MAAM,EAAE,MAAM,OAAO,KAAG,OAAO,CAAC,QAAQ,CAAC,CAWpG;CACF"}

package/dist/paymentServer.js

@@ -0,0 +1,97 @@
+/**
+ * ATXP Payment Server implementation
+ *
+ * This class handles payment operations with the ATXP authorization server.
+ *
+ * **Required Environment Variable:**
+ * - `ATXP_AUTH_CLIENT_TOKEN`: Authentication token for the ATXP authorization server.
+ *   This token is used to authenticate API calls to the ATXP server for payment operations.
+ *   Must be set when using this class, otherwise an error will be thrown.
+ *
+ * @example
+ * ```typescript
+ * // Ensure ATXP_AUTH_CLIENT_TOKEN is set in your environment
+ * const paymentServer = new ATXPPaymentServer(
+ *   'https://auth.atxp.ai',
+ *   oAuthDb,
+ *   logger
+ * );
+ * ```
+ */
+export class ATXPPaymentServer {
+    constructor(server, authCredentials, logger, fetchFn = fetch) {
+        this.server = server;
+        this.authCredentials = authCredentials;
+        this.logger = logger;
+        this.fetchFn = fetchFn;
+        this.charge = async ({ source, destination, network, currency, amount }) => {
+            const body = { source, destination, network, currency, amount };
+            const chargeResponse = await this.makeRequest('POST', '/charge', body);
+            const json = await chargeResponse.json();
+            if (chargeResponse.status === 200) {
+                return { success: true, requiredPayment: null };
+            }
+            else if (chargeResponse.status === 402) {
+                return { success: false, requiredPayment: json };
+            }
+            else {
+                const msg = `Unexpected status code ${chargeResponse.status} from payment server POST /charge endpoint`;
+                this.logger.warn(msg);
+                this.logger.debug(`Response body: ${JSON.stringify(json)}`);
+                throw new Error(msg);
+            }
+        };
+        this.createPaymentRequest = async ({ source, destination, network, currency, amount }) => {
+            const body = { source, destination, network, currency, amount };
+            const response = await this.makeRequest('POST', '/payment-request', body);
+            const json = await response.json();
+            if (response.status !== 200) {
+                this.logger.warn(`POST /payment-request responded with unexpected HTTP status ${response.status}`);
+                this.logger.debug(`Response body: ${JSON.stringify(json)}`);
+                throw new Error(`POST /payment-request responded with unexpected HTTP status ${response.status}`);
+            }
+            if (!json.id) {
+                throw new Error(`POST /payment-request response did not contain an id`);
+            }
+            return json.id;
+        };
+        /**
+         * Makes authenticated requests to the ATXP authorization server
+         *
+         * This method automatically includes the `ATXP_AUTH_CLIENT_TOKEN` from environment variables
+         * in the Authorization header for all requests.
+         *
+         * @param method - HTTP method ('GET' or 'POST')
+         * @param path - API endpoint path
+         * @param body - Request body (for POST requests)
+         * @returns Promise<Response> - The HTTP response from the server
+         * @throws {Error} When `ATXP_AUTH_CLIENT_TOKEN` environment variable is not set
+         *
+         * @example
+         * ```typescript
+         * // Ensure ATXP_AUTH_CLIENT_TOKEN is set in your environment
+         * const response = await paymentServer.makeRequest('POST', '/charge', {
+         *   source: 'user123',
+         *   destination: 'merchant456',
+         *   amount: new BigNumber('0.01')
+         * });
+         * ```
+         */
+        this.makeRequest = async (method, path, body) => {
+            const url = new URL(path, this.server);
+            const response = await this.fetchFn(url, {
+                method,
+                headers: {
+                    'Authorization': `Bearer ${this.authCredentials}`,
+                    'Content-Type': 'application/json'
+                },
+                body: JSON.stringify(body)
+            });
+            return response;
+        };
+        if (!authCredentials || authCredentials.trim() === '') {
+            throw new Error('Auth credentials are required');
+        }
+    }
+}
+//# sourceMappingURL=paymentServer.js.map

package/dist/paymentServer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"paymentServer.js","sourceRoot":"","sources":["../src/paymentServer.ts"],"names":[],"mappings":"AAIA;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,OAAO,iBAAiB;IAC5B,YACmB,MAA8B,EAC9B,eAAuB,EACvB,MAAc,EACd,UAAqB,KAAK;QAH1B,WAAM,GAAN,MAAM,CAAwB;QAC9B,oBAAe,GAAf,eAAe,CAAQ;QACvB,WAAM,GAAN,MAAM,CAAQ;QACd,YAAO,GAAP,OAAO,CAAmB;QAM7C,WAAM,GAAG,KAAK,EAAC,EAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EACkC,EAA2B,EAAE;YAC3H,MAAM,IAAI,GAAG,EAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAC,CAAC;YAC9D,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC;YACvE,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,IAAI,EAA+B,CAAC;YACtE,IAAI,cAAc,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAClC,OAAO,EAAC,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAC,CAAC;YAChD,CAAC;iBAAM,IAAI,cAAc,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACzC,OAAO,EAAC,OAAO,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAC,CAAC;YACjD,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,GAAG,0BAA0B,cAAc,CAAC,MAAM,4CAA4C,CAAC;gBACxG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC5D,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,CAAA;QAED,yBAAoB,GAAG,KAAK,EAAC,EAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EACoB,EAAmB,EAAE;YACnH,MAAM,IAAI,GAAG,EAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAC,CAAC;YAC9D,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,EAAE,kBAAkB,EAAE,IAAI,CAAC,CAAC;YAC1E,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAmB,CAAC;YACpD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+DAA+D,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;gBACnG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC5D,MAAM,IAAI,KAAK,CAAC,+DAA+D,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;YACpG,CAAC;YACD,IAAG,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;YAC1E,CAAC;YACD,OAAO,IAAI,CAAC,EAAE,CAAC;QACjB,CAAC,CAAA;QAED;;;;;;;;;;;;;;;;;;;;;WAqBG;QACO,gBAAW,GAAG,KAAK,EAAC,MAAsB,EAAE,IAAY,EAAE,IAAa,EAAqB,EAAE;YACtG,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;YACvC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE;gBACvC,MAAM;gBACN,OAAO,EAAE;oBACP,eAAe,EAAE,UAAU,IAAI,CAAC,eAAe,EAAE;oBACjD,cAAc,EAAE,kBAAkB;iBACnC;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;aAC3B,CAAC,CAAC;YACH,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAA;QAvEC,IAAI,CAAC,eAAe,IAAI,eAAe,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;CAqEF"}

package/dist/protectedResourceMetadata.d.ts

@@ -0,0 +1,5 @@
+import { ATXPConfig, ProtectedResourceMetadata } from "./types.js";
+import { ServerResponse } from "http";
+export declare function sendProtectedResourceMetadata(res: ServerResponse, metadata: ProtectedResourceMetadata | null): boolean;
+export declare function getProtectedResourceMetadata(config: ATXPConfig, requestUrl: URL): ProtectedResourceMetadata | null;
+//# sourceMappingURL=protectedResourceMetadata.d.ts.map

package/dist/protectedResourceMetadata.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"protectedResourceMetadata.d.ts","sourceRoot":"","sources":["../src/protectedResourceMetadata.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,yBAAyB,EAAE,MAAM,YAAY,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,MAAM,CAAC;AAGtC,wBAAgB,6BAA6B,CAAC,GAAG,EAAE,cAAc,EAAE,QAAQ,EAAE,yBAAyB,GAAG,IAAI,GAAG,OAAO,CAQtH;AAED,wBAAgB,4BAA4B,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,GAAG,yBAAyB,GAAG,IAAI,CAYlH"}

package/dist/protectedResourceMetadata.js

@@ -0,0 +1,40 @@
+import { getPath, getResource } from "./getResource.js";
+export function sendProtectedResourceMetadata(res, metadata) {
+    if (!metadata) {
+        return false;
+    }
+    res.setHeader('Content-Type', 'application/json');
+    res.writeHead(200);
+    res.end(JSON.stringify(metadata));
+    return true;
+}
+export function getProtectedResourceMetadata(config, requestUrl) {
+    if (isProtectedResourceMetadataRequest(config, requestUrl)) {
+        const resource = getResource(config, requestUrl);
+        return {
+            resource,
+            resource_name: config.payeeName || resource.toString(),
+            authorization_servers: [config.server],
+            bearer_methods_supported: ['header'],
+            scopes_supported: ['read', 'write'],
+        };
+    }
+    return null;
+}
+function isProtectedResourceMetadataRequest(config, requestUrl) {
+    const path = getPath(requestUrl);
+    if (!path.startsWith('/.well-known/oauth-protected-resource')) {
+        return false;
+    }
+    const resource = getResource(config, requestUrl);
+    const resourcePath = getPath(resource);
+    const mountPath = config.mountPath.replace(/\/$/, '');
+    if (resourcePath === mountPath) {
+        return true;
+    }
+    if (resourcePath === `${mountPath}/message`) {
+        return true;
+    }
+    return false;
+}
+//# sourceMappingURL=protectedResourceMetadata.js.map

package/dist/protectedResourceMetadata.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"protectedResourceMetadata.js","sourceRoot":"","sources":["../src/protectedResourceMetadata.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAExD,MAAM,UAAU,6BAA6B,CAAC,GAAmB,EAAE,QAA0C;IAC3G,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,KAAK,CAAC;IACf,CAAC;IACD,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;IAClD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACnB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;IAClC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,MAAkB,EAAE,UAAe;IAC9E,IAAI,kCAAkC,CAAC,MAAM,EAAE,UAAU,CAAC,EAAE,CAAC;QAC3D,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QACjD,OAAO;YACL,QAAQ;YACR,aAAa,EAAE,MAAM,CAAC,SAAS,IAAI,QAAQ,CAAC,QAAQ,EAAE;YACtD,qBAAqB,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC;YACtC,wBAAwB,EAAE,CAAC,QAAQ,CAAC;YACpC,gBAAgB,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;SACpC,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,kCAAkC,CAAC,MAAkB,EAAE,UAAe;IAC7E,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IACjC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,uCAAuC,CAAC,EAAE,CAAC;QAC9D,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACjD,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACtD,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,YAAY,KAAK,GAAG,SAAS,UAAU,EAAE,CAAC;QAC5C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/requirePayment.d.ts

@@ -0,0 +1,3 @@
+import { RequirePaymentConfig } from "@atxp/common";
+export declare function requirePayment(paymentConfig: RequirePaymentConfig): Promise<void>;
+//# sourceMappingURL=requirePayment.d.ts.map

package/dist/requirePayment.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"requirePayment.d.ts","sourceRoot":"","sources":["../src/requirePayment.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAwB,MAAM,cAAc,CAAC;AAG1E,wBAAsB,cAAc,CAAC,aAAa,EAAE,oBAAoB,GAAG,OAAO,CAAC,IAAI,CAAC,CAmCvF"}

package/dist/requirePayment.js

@@ -0,0 +1,35 @@
+import { paymentRequiredError } from "@atxp/common";
+import { getATXPConfig, atxpAccountId } from "./atxpContext.js";
+export async function requirePayment(paymentConfig) {
+    const config = getATXPConfig();
+    if (!config) {
+        throw new Error('No config found');
+    }
+    const user = atxpAccountId();
+    if (!user) {
+        config.logger.error('No user found');
+        throw new Error('No user found');
+    }
+    const charge = {
+        amount: paymentConfig.price,
+        currency: config.currency,
+        network: config.network,
+        destination: config.destination,
+        source: user
+    };
+    config.logger.debug(`Charging amount ${charge.amount}, destination ${charge.destination}, source ${charge.source}`);
+    const chargeResponse = await config.paymentServer.charge(charge);
+    if (chargeResponse.success) {
+        config.logger.info(`Charged ${charge.amount} for source ${charge.source}`);
+        return;
+    }
+    const existingPaymentId = await paymentConfig.getExistingPaymentId?.();
+    if (existingPaymentId) {
+        config.logger.info(`Found existing payment ID ${existingPaymentId}`);
+        throw paymentRequiredError(config.server, existingPaymentId, charge.amount);
+    }
+    const paymentId = await config.paymentServer.createPaymentRequest(charge);
+    config.logger.info(`Created payment request ${paymentId}`);
+    throw paymentRequiredError(config.server, paymentId, charge.amount);
+}
+//# sourceMappingURL=requirePayment.js.map

package/dist/requirePayment.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"requirePayment.js","sourceRoot":"","sources":["../src/requirePayment.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,oBAAoB,EAAE,MAAM,cAAc,CAAC;AAC1E,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEhE,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,aAAmC;IACtE,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,iBAAiB,CAAC,CAAC;IACrC,CAAC;IACD,MAAM,IAAI,GAAG,aAAa,EAAE,CAAC;IAC7B,IAAI,CAAC,IAAI,EAAE,CAAC;QACV,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACrC,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;IACnC,CAAC;IAED,MAAM,MAAM,GAAG;QACb,MAAM,EAAE,aAAa,CAAC,KAAK;QAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,MAAM,EAAE,IAAI;KACb,CAAC;IAEF,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,MAAM,CAAC,MAAM,iBAAiB,MAAM,CAAC,WAAW,YAAY,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACpH,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACjE,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC;QAC3B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,MAAM,eAAe,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QAC3E,OAAO;IACT,CAAC;IAED,MAAM,iBAAiB,GAAG,MAAM,aAAa,CAAC,oBAAoB,EAAE,EAAE,CAAC;IACvE,IAAI,iBAAiB,EAAE,CAAC;QACtB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,iBAAiB,EAAE,CAAC,CAAC;QACrE,MAAM,oBAAoB,CAAC,MAAM,CAAC,MAAM,EAAE,iBAAiB,EAAE,MAAM,CAAC,MAAM,CAAC,CAAA;IAC7E,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;IAC1E,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,SAAS,EAAE,CAAC,CAAC;IAC3D,MAAM,oBAAoB,CAAC,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;AACtE,CAAC"}

package/dist/serverTestHelpers.d.ts

@@ -0,0 +1,55 @@
+import { IncomingHttpHeaders, IncomingMessage, ServerResponse } from 'http';
+import { JSONRPCRequest } from '@modelcontextprotocol/sdk/types.js';
+import { OAuthResourceClient, TokenData, Logger, Currency, Network } from '@atxp/common';
+import { Charge, ATXPConfig, TokenCheck, TokenProblem, McpMethod, McpName, PaymentServer } from './types.js';
+import * as oauth from 'oauth4webapi';
+export declare const DESTINATION = "testDestination";
+export declare const SOURCE = "testSource";
+export declare function charge({ amount, currency, network, destination, source }?: {
+    amount?: BigNumber;
+    currency?: Currency;
+    network?: Network;
+    destination?: string;
+    source?: string;
+}): Charge;
+export declare const oneCentCharge: Charge;
+export declare const zeroCharge: Charge;
+export declare function logger(): Logger;
+export declare function config(args?: Partial<ATXPConfig>): ATXPConfig;
+export declare function paymentServer({ charge, createPaymentRequest }?: {
+    charge?: import("vitest").Mock<(...args: any[]) => any> | undefined;
+    createPaymentRequest?: import("vitest").Mock<(...args: any[]) => any> | undefined;
+}): PaymentServer;
+export declare function mcpRequest({ method, params, id }?: {
+    method?: McpMethod;
+    params?: any;
+    id?: string;
+}): JSONRPCRequest;
+export declare function mcpToolRequest({ toolName, args, }?: {
+    toolName?: McpName;
+    args?: any;
+}): JSONRPCRequest;
+export declare function incomingMessage({ body, method, url, headers }?: {
+    body?: any;
+    method?: 'POST' | 'GET' | 'PUT' | 'DELETE' | 'PATCH' | 'OPTIONS';
+    url?: string;
+    headers?: IncomingHttpHeaders;
+}): IncomingMessage;
+export declare function incomingToolMessage({ authHeader, url, }?: {
+    authHeader?: string;
+    url?: string;
+}): IncomingMessage;
+export declare function oAuthClient({ introspectResult, authorizationServer }?: {
+    introspectResult?: TokenData;
+    authorizationServer?: oauth.AuthorizationServer;
+}): OAuthResourceClient;
+export declare function tokenData({ active, sub, scope, aud }?: Partial<TokenData>): TokenData;
+export declare function tokenCheck({ data, token, passes, problem, resourceMetadataUrl }?: {
+    data?: TokenData;
+    token?: string | null;
+    passes?: boolean;
+    problem?: TokenProblem;
+    resourceMetadataUrl?: string;
+}): TokenCheck;
+export declare function serverResponse(): ServerResponse;
+//# sourceMappingURL=serverTestHelpers.d.ts.map

package/dist/serverTestHelpers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"serverTestHelpers.d.ts","sourceRoot":"","sources":["../src/serverTestHelpers.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,MAAM,CAAC;AAC5E,OAAO,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEzF,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAkC,YAAY,EAAE,SAAS,EAAE,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAG7I,OAAO,KAAK,KAAK,MAAM,cAAc,CAAC;AAEtC,eAAO,MAAM,WAAW,oBAAoB,CAAC;AAC7C,eAAO,MAAM,MAAM,eAAe,CAAC;AAEnC,wBAAgB,MAAM,CAAC,EACnB,MAAwB,EACxB,QAAiB,EACjB,OAAkB,EAClB,WAAyB,EACzB,MAAe,EAChB,GAAE;IACD,MAAM,CAAC,EAAE,SAAS,CAAC;IACnB,QAAQ,CAAC,EAAE,QAAQ,CAAC;IACpB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;CACX,GAAG,MAAM,CAGhB;AAED,eAAO,MAAM,aAAa,QAAoC,CAAC;AAE/D,eAAO,MAAM,UAAU,QAAiC,CAAC;AAEzD,wBAAgB,MAAM,IAAI,MAAM,CAO/B;AAED,wBAAgB,MAAM,CAAC,IAAI,GAAE,OAAO,CAAC,UAAU,CAAM,GAAG,UAAU,CAMjE;AAED,wBAAgB,aAAa,CAAC,EAC5B,MAA4E,EAC5E,oBAA2E,EAC5E;;;CAAK,GAAI,aAAa,CAKtB;AAED,wBAAgB,UAAU,CAAC,EAAC,MAAqB,EAAE,MAAW,EAAE,EAAa,EAAC,GAAE;IAC9E,MAAM,CAAC,EAAE,SAAS,CAAC;IACnB,MAAM,CAAC,EAAE,GAAG,CAAC;IACb,EAAE,CAAC,EAAE,MAAM,CAAA;CACP,GAAG,cAAc,CAGtB;AAED,wBAAgB,cAAc,CAAC,EAC3B,QAAqB,EACrB,IAAyB,GAC1B,GAAE;IACD,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,IAAI,CAAC,EAAE,GAAG,CAAC;CACP,GAAG,cAAc,CAGxB;AAED,wBAAgB,eAAe,CAAC,EAC5B,IAAS,EACT,MAAe,EACf,GAAS,EACT,OAA8C,EAC/C,GAAG;IACF,IAAI,CAAC,EAAE,GAAG,CAAC;IACX,MAAM,CAAC,EAAE,MAAM,GAAG,KAAK,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,GAAG,SAAS,CAAC;IACjE,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,mBAAmB,CAAA;CACzB,GAAG,eAAe,CAazB;AAED,wBAAgB,mBAAmB,CAAC,EAChC,UAAsB,EACtB,GAAS,GACV,GAAE;IACD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;CACT,GAAG,eAAe,CAOzB;AAED,wBAAgB,WAAW,CAAC,EAC1B,gBAA8B,EAC9B,mBAEC,EACF,GAAE;IACD,gBAAgB,CAAC,EAAE,SAAS,CAAA;IAC5B,mBAAmB,CAAC,EAAE,KAAK,CAAC,mBAAmB,CAAA;CAC3C,GAAG,mBAAmB,CAK3B;AAED,wBAAgB,SAAS,CAAC,EACtB,MAAa,EACb,GAAiB,EACjB,KAAoB,EACpB,GAA2B,EAC5B,GAAE,OAAO,CAAC,SAAS,CAAM,GAAG,SAAS,CAGvC;AAED,wBAAgB,UAAU,CAAC,EACzB,IAAkB,EAClB,KAAoB,EACpB,MAAa,EACb,OAA+B,EAC/B,mBAAgF,EACjF,GAAG;IACF,IAAI,CAAC,EAAE,SAAS,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,mBAAmB,CAAC,EAAE,MAAM,CAAA;CACxB,GAAG,UAAU,CAMlB;AAED,wBAAgB,cAAc,IAAI,cAAc,CAO/C"}

package/dist/serverTestHelpers.js

@@ -0,0 +1,88 @@
+/* eslint-disable @typescript-eslint/no-explicit-any, no-console */
+import { Readable } from 'stream';
+import { vi } from 'vitest';
+import { TokenProblem } from './types.js';
+import { buildServerConfig } from './atxpServer.js';
+import { BigNumber } from 'bignumber.js';
+export const DESTINATION = 'testDestination';
+export const SOURCE = 'testSource';
+export function charge({ amount = BigNumber(0.01), currency = 'USDC', network = 'solana', destination = DESTINATION, source = SOURCE } = {}) {
+    return { amount, currency, network, destination, source };
+}
+export const oneCentCharge = charge({ amount: BigNumber(0.01) });
+export const zeroCharge = charge({ amount: BigNumber(0) });
+export function logger() {
+    return {
+        debug: vi.fn().mockImplementation((msg) => { console.debug(msg); }),
+        info: vi.fn().mockImplementation((msg) => { console.info(msg); }),
+        warn: vi.fn().mockImplementation((msg) => { console.warn(msg); }),
+        error: vi.fn().mockImplementation((msg) => { console.error(msg); }),
+    };
+}
+export function config(args = {}) {
+    return buildServerConfig({
+        ...args,
+        destination: args.destination ?? DESTINATION,
+        atxpAuthClientToken: args.atxpAuthClientToken ?? 'test-auth-token'
+    });
+}
+export function paymentServer({ charge = vi.fn().mockResolvedValue({ success: true, requiredPaymentId: null }), createPaymentRequest = vi.fn().mockResolvedValue('test-payment-request-id') } = {}) {
+    return {
+        charge,
+        createPaymentRequest,
+    };
+}
+export function mcpRequest({ method = 'tools/call', params = {}, id = 'call-1' } = {}) {
+    return { jsonrpc: "2.0", method, params, id };
+}
+export function mcpToolRequest({ toolName = 'testTool', args = { paramOne: 'test' }, } = {}) {
+    return mcpRequest({ method: 'tools/call', params: { name: toolName, arguments: args } });
+}
+export function incomingMessage({ body = {}, method = 'POST', url = '/', headers = { 'content-type': 'application/json' } } = {}) {
+    const bodyString = JSON.stringify(body);
+    const stream = new Readable({
+        read() {
+            this.push(bodyString);
+            this.push(null);
+        }
+    });
+    stream.method = method;
+    stream.url = url;
+    stream.headers = headers;
+    return stream;
+}
+export function incomingToolMessage({ authHeader = undefined, url = '/', } = {}) {
+    return incomingMessage({
+        body: mcpToolRequest({ toolName: 'testTool' }),
+        headers: { 'authorization': authHeader, 'content-type': 'application/json' },
+        url
+    });
+}
+export function oAuthClient({ introspectResult = tokenData(), authorizationServer = {
+    issuer: 'https://auth.atxp.ai',
+} } = {}) {
+    return {
+        introspectToken: vi.fn().mockResolvedValue(introspectResult),
+        authorizationServerFromUrl: vi.fn().mockResolvedValue(authorizationServer)
+    };
+}
+export function tokenData({ active = true, sub = 'test-user', scope = 'tools:read', aud = 'https://example.com' } = {}) {
+    return { active, sub, scope, aud };
+}
+export function tokenCheck({ data = tokenData(), token = 'test-token', passes = true, problem = TokenProblem.NO_TOKEN, resourceMetadataUrl = 'https://example.com/.well-known/oauth-protected-resource' } = {}) {
+    if (passes) {
+        return { passes, token, data, };
+    }
+    else {
+        return { passes, token, data, problem, resourceMetadataUrl };
+    }
+}
+export function serverResponse() {
+    return {
+        getHeader: vi.fn(),
+        setHeader: vi.fn(),
+        writeHead: vi.fn(),
+        end: vi.fn(),
+    };
+}
+//# sourceMappingURL=serverTestHelpers.js.map

package/dist/serverTestHelpers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"serverTestHelpers.js","sourceRoot":"","sources":["../src/serverTestHelpers.ts"],"names":[],"mappings":"AAAA,mEAAmE;AAEnE,OAAO,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAIlC,OAAO,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAkE,YAAY,EAAqC,MAAM,YAAY,CAAC;AAC7I,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAGzC,MAAM,CAAC,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAC7C,MAAM,CAAC,MAAM,MAAM,GAAG,YAAY,CAAC;AAEnC,MAAM,UAAU,MAAM,CAAC,EACnB,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,EACxB,QAAQ,GAAG,MAAM,EACjB,OAAO,GAAG,QAAQ,EAClB,WAAW,GAAG,WAAW,EACzB,MAAM,GAAG,MAAM,KAOb,EAAE;IAEN,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC;AAC5D,CAAC;AAED,MAAM,CAAC,MAAM,aAAa,GAAG,MAAM,CAAC,EAAC,MAAM,EAAE,SAAS,CAAC,IAAI,CAAC,EAAC,CAAC,CAAC;AAE/D,MAAM,CAAC,MAAM,UAAU,GAAG,MAAM,CAAC,EAAC,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,EAAC,CAAC,CAAC;AAEzD,MAAM,UAAU,MAAM;IACpB,OAAO;QACL,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,EAAE,GAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACxE,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,EAAE,GAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACtE,IAAI,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,EAAE,GAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;QACtE,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,kBAAkB,CAAC,CAAC,GAAW,EAAE,EAAE,GAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA,CAAA,CAAC,CAAC;KACzE,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,OAA4B,EAAE;IACnD,OAAO,iBAAiB,CAAC;QACvB,GAAG,IAAI;QACP,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,WAAW;QAC5C,mBAAmB,EAAE,IAAI,CAAC,mBAAmB,IAAI,iBAAiB;KACnE,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,EAC5B,MAAM,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,EAAC,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAE,IAAI,EAAC,CAAC,EAC5E,oBAAoB,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,yBAAyB,CAAC,EAC5E,GAAG,EAAE;IACJ,OAAO;QACL,MAAM;QACN,oBAAoB;KACO,CAAC;AAChC,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,EAAC,MAAM,GAAG,YAAY,EAAE,MAAM,GAAG,EAAE,EAAE,EAAE,GAAG,QAAQ,KAIzE,EAAE;IAEJ,OAAO,EAAE,OAAO,EAAE,KAAc,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;AACzD,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,EAC3B,QAAQ,GAAG,UAAU,EACrB,IAAI,GAAG,EAAC,QAAQ,EAAE,MAAM,EAAC,MAIvB,EAAE;IAEN,OAAO,UAAU,CAAC,EAAC,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,EAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAC,EAAC,CAAC,CAAC;AACvF,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,EAC5B,IAAI,GAAG,EAAE,EACT,MAAM,GAAG,MAAM,EACf,GAAG,GAAG,GAAG,EACT,OAAO,GAAG,EAAC,cAAc,EAAE,kBAAkB,EAAC,KAM5C,EAAE;IAEN,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,IAAI,QAAQ,CAAC;QAC1B,IAAI;YACF,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACtB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClB,CAAC;KACF,CAAoB,CAAC;IACtB,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,MAAM,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,EAChC,UAAU,GAAG,SAAS,EACtB,GAAG,GAAG,GAAG,MAIP,EAAE;IAEN,OAAO,eAAe,CAAC;QACrB,IAAI,EAAE,cAAc,CAAC,EAAC,QAAQ,EAAE,UAAU,EAAC,CAAC;QAC5C,OAAO,EAAE,EAAC,eAAe,EAAE,UAAU,EAAE,cAAc,EAAE,kBAAkB,EAAC;QAC1E,GAAG;KACJ,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,EAC1B,gBAAgB,GAAG,SAAS,EAAE,EAC9B,mBAAmB,GAAG;IACpB,MAAM,EAAE,sBAAsB;CAC/B,KAIC,EAAE;IACJ,OAAO;QACL,eAAe,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,gBAAgB,CAAC;QAC5D,0BAA0B,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,mBAAmB,CAAC;KACzC,CAAC;AACtC,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,EACtB,MAAM,GAAG,IAAI,EACb,GAAG,GAAG,WAAW,EACjB,KAAK,GAAG,YAAY,EACpB,GAAG,GAAG,qBAAqB,KACL,EAAE;IAE1B,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,CAAA;AACpC,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,EACzB,IAAI,GAAG,SAAS,EAAE,EAClB,KAAK,GAAG,YAAY,EACpB,MAAM,GAAG,IAAI,EACb,OAAO,GAAG,YAAY,CAAC,QAAQ,EAC/B,mBAAmB,GAAG,0DAA0D,KAO9E,EAAE;IACJ,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,GAAqB,CAAC;IACpD,CAAC;SAAM,CAAC;QACN,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,mBAAmB,EAAoB,CAAC;IACjF,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc;IAC5B,OAAO;QACL,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;QAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;KACgB,CAAC;AACjC,CAAC"}

package/dist/src/atxpContext.d.ts

@@ -0,0 +1,6 @@
+import { ATXPConfig, TokenCheck } from "./types.js";
+export declare function getATXPConfig(): ATXPConfig | null;
+export declare function getATXPResource(): URL | null;
+export declare function atxpAccountId(): string | null;
+export declare function withATXPContext(config: ATXPConfig, resource: URL, tokenInfo: Pick<TokenCheck, 'token' | 'data'> | null, next: () => void): Promise<void>;
+//# sourceMappingURL=atxpContext.d.ts.map

package/dist/src/atxpContext.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atxpContext.d.ts","sourceRoot":"","sources":["../../src/atxpContext.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAWpD,wBAAgB,aAAa,IAAI,UAAU,GAAG,IAAI,CAGjD;AAED,wBAAgB,eAAe,IAAI,GAAG,GAAG,IAAI,CAG5C;AAGD,wBAAgB,aAAa,IAAI,MAAM,GAAG,IAAI,CAG7C;AAGD,wBAAsB,eAAe,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,CAAC,UAAU,EAAE,OAAO,GAAG,MAAM,CAAC,GAAG,IAAI,EAAE,IAAI,EAAE,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAwB9J"}

package/dist/src/atxpContext.js

@@ -0,0 +1,41 @@
+import { AsyncLocalStorage } from "async_hooks";
+const contextStorage = new AsyncLocalStorage();
+export function getATXPConfig() {
+    const context = contextStorage.getStore();
+    return context?.config ?? null;
+}
+export function getATXPResource() {
+    const context = contextStorage.getStore();
+    return context?.resource ?? null;
+}
+// Helper function to get the current request's user
+export function atxpAccountId() {
+    const context = contextStorage.getStore();
+    return context?.tokenData?.sub ?? null;
+}
+// Helper function to run code within a user context
+export async function withATXPContext(config, resource, tokenInfo, next) {
+    config.logger.debug(`Setting user context to ${tokenInfo?.data?.sub ?? 'null'}`);
+    if (tokenInfo && tokenInfo.data?.sub) {
+        if (tokenInfo.token) {
+            const dbData = {
+                accessToken: tokenInfo.token,
+                resourceUrl: ''
+            };
+            // Save the token to the oAuthDB so that other users of the DB can access it
+            // if needed (ie, for token-exchange for downstream services)
+            await config.oAuthDb.saveAccessToken(tokenInfo.data.sub, '', dbData);
+        }
+        else {
+            config.logger.warn(`Setting user context with token data, but there was no token provided. This probably indicates a bug, since the data should be derived from the token`);
+            config.logger.debug(`Token data: ${JSON.stringify(tokenInfo.data)}`);
+        }
+    }
+    const ctx = {
+        tokenData: tokenInfo?.data || null,
+        config,
+        resource
+    };
+    return contextStorage.run(ctx, next);
+}
+//# sourceMappingURL=atxpContext.js.map

package/dist/src/atxpContext.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atxpContext.js","sourceRoot":"","sources":["../../src/atxpContext.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAEhD,MAAM,cAAc,GAAG,IAAI,iBAAiB,EAAsB,CAAC;AAQnE,MAAM,UAAU,aAAa;IAC3B,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,EAAE,CAAC;IAC1C,OAAO,OAAO,EAAE,MAAM,IAAI,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,eAAe;IAC7B,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,EAAE,CAAC;IAC1C,OAAO,OAAO,EAAE,QAAQ,IAAI,IAAI,CAAC;AACnC,CAAC;AAED,oDAAoD;AACpD,MAAM,UAAU,aAAa;IAC3B,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,EAAE,CAAC;IAC1C,OAAO,OAAO,EAAE,SAAS,EAAE,GAAG,IAAI,IAAI,CAAC;AACzC,CAAC;AAED,oDAAoD;AACpD,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,MAAkB,EAAE,QAAa,EAAE,SAAoD,EAAE,IAAgB;IAC7I,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,2BAA2B,SAAS,EAAE,IAAI,EAAE,GAAG,IAAI,MAAM,EAAE,CAAC,CAAC;IAEjF,IAAG,SAAS,IAAI,SAAS,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC;QACpC,IAAG,SAAS,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,MAAM,GAAG;gBACb,WAAW,EAAE,SAAS,CAAC,KAAM;gBAC7B,WAAW,EAAE,EAAE;aAChB,CAAC;YACF,4EAA4E;YAC5E,6DAA6D;YAC7D,MAAM,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;QACvE,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,uJAAuJ,CAAC,CAAC;YAC5K,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,eAAe,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED,MAAM,GAAG,GAAG;QACV,SAAS,EAAE,SAAS,EAAE,IAAI,IAAI,IAAI;QAClC,MAAM;QACN,QAAQ;KACT,CAAC;IACF,OAAO,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;AACvC,CAAC"}

package/dist/src/atxpServer.d.ts

@@ -0,0 +1,12 @@
+import { ATXPConfig } from "./types.js";
+import { Router } from "express";
+type RequiredATXPConfigFields = 'destination';
+type RequiredATXPConfig = Pick<ATXPConfig, RequiredATXPConfigFields>;
+type OptionalATXPConfig = Omit<ATXPConfig, RequiredATXPConfigFields>;
+export type ATXPArgs = RequiredATXPConfig & Partial<OptionalATXPConfig>;
+type BuildableATXPConfigFields = 'oAuthDb' | 'oAuthClient' | 'paymentServer' | 'logger';
+export declare const DEFAULT_CONFIG: Required<Omit<OptionalATXPConfig, BuildableATXPConfigFields>>;
+export declare function buildServerConfig(args: ATXPArgs): ATXPConfig;
+export declare function atxpServer(args: ATXPArgs): Router;
+export {};
+//# sourceMappingURL=atxpServer.d.ts.map

package/dist/src/atxpServer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atxpServer.d.ts","sourceRoot":"","sources":["../../src/atxpServer.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAiB,MAAM,YAAY,CAAC;AAKvD,OAAO,EAAmC,MAAM,EAAE,MAAM,SAAS,CAAC;AAMlE,KAAK,wBAAwB,GAAG,aAAa,CAAC;AAC9C,KAAK,kBAAkB,GAAG,IAAI,CAAC,UAAU,EAAE,wBAAwB,CAAC,CAAC;AACrE,KAAK,kBAAkB,GAAG,IAAI,CAAC,UAAU,EAAE,wBAAwB,CAAC,CAAC;AACrE,MAAM,MAAM,QAAQ,GAAG,kBAAkB,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;AACxE,KAAK,yBAAyB,GAAG,SAAS,GAAG,aAAa,GAAG,eAAe,GAAG,QAAQ,CAAC;AAExF,eAAO,MAAM,cAAc,EAAE,QAAQ,CAAC,IAAI,CAAC,kBAAkB,EAAE,yBAAyB,CAAC,CASxF,CAAC;AAEF,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,QAAQ,GAAG,UAAU,CAwB5D;AAED,wBAAgB,UAAU,CAAC,IAAI,EAAE,QAAQ,GAAG,MAAM,CAyDjD"}

package/dist/src/atxpServer.js

@@ -0,0 +1,95 @@
+import { ConsoleLogger, OAuthResourceClient, DEFAULT_AUTHORIZATION_SERVER, MemoryOAuthDb } from "@longrun/atxp-common";
+import { checkToken } from "./token.js";
+import { sendOAuthChallenge } from "./oAuthChallenge.js";
+import { withATXPContext } from "./atxpContext.js";
+import { parseMcpRequests } from "./http.js";
+import { Router } from "express";
+import { getProtectedResourceMetadata as getPRMResponse, sendProtectedResourceMetadata } from "./protectedResourceMetadata.js";
+import { getResource } from "./getResource.js";
+import { ATXPPaymentServer } from "./paymentServer.js";
+import { getOAuthMetadata, sendOAuthMetadata } from "./oAuthMetadata.js";
+export const DEFAULT_CONFIG = {
+    mountPath: '/',
+    currency: 'USDC',
+    network: 'solana',
+    server: DEFAULT_AUTHORIZATION_SERVER,
+    atxpAuthClientToken: process.env.ATXP_AUTH_CLIENT_TOKEN,
+    payeeName: 'An ATXP Server',
+    allowHttp: process.env.NODE_ENV === 'development',
+    resource: null, // Set dynamically from the request URL
+};
+export function buildServerConfig(args) {
+    if (!args.destination) {
+        throw new Error('destination is required');
+    }
+    const withDefaults = { ...DEFAULT_CONFIG, ...args };
+    const oAuthDb = withDefaults.oAuthDb ?? new MemoryOAuthDb();
+    const oAuthClient = withDefaults.oAuthClient ?? new OAuthResourceClient({
+        db: oAuthDb,
+        allowInsecureRequests: withDefaults.allowHttp,
+        clientName: withDefaults.payeeName,
+    });
+    const logger = withDefaults.logger ?? new ConsoleLogger();
+    let paymentServer;
+    if (withDefaults.paymentServer) {
+        paymentServer = withDefaults.paymentServer;
+    }
+    else {
+        if (!withDefaults.atxpAuthClientToken) {
+            throw new Error('ATXP_AUTH_CLIENT_TOKEN is not set. If no payment server is provided, you must set ATXP_AUTH_CLIENT_TOKEN.');
+        }
+        paymentServer = new ATXPPaymentServer(withDefaults.server, withDefaults.atxpAuthClientToken, logger);
+    }
+    const built = { oAuthDb, oAuthClient, paymentServer, logger };
+    return Object.freeze({ ...withDefaults, ...built });
+}
+;
+export function atxpServer(args) {
+    const config = buildServerConfig(args);
+    const router = Router();
+    // Regular middleware
+    const atxpMiddleware = async (req, res, next) => {
+        try {
+            const logger = config.logger; // Capture logger in closure
+            const requestUrl = new URL(req.url, req.protocol + '://' + req.host);
+            logger.debug(`Handling ${req.method} ${requestUrl.toString()}`);
+            const resource = getResource(config, requestUrl);
+            const prmResponse = getPRMResponse(config, requestUrl);
+            if (sendProtectedResourceMetadata(res, prmResponse)) {
+                return;
+            }
+            // Some older clients don't use PRM and assume the MCP server is an OAuth server
+            const oAuthMetadata = await getOAuthMetadata(config, requestUrl);
+            if (sendOAuthMetadata(res, oAuthMetadata)) {
+                return;
+            }
+            const mcpRequests = await parseMcpRequests(config, requestUrl, req, req.body);
+            logger.debug(`${mcpRequests.length} MCP requests found in request`);
+            if (mcpRequests.length === 0) {
+                next();
+                return;
+            }
+            logger.debug(`Request started - ${req.method} ${req.path}`);
+            const tokenCheck = await checkToken(config, resource, req);
+            const user = tokenCheck.data?.sub ?? null;
+            // Listen for when the response is finished
+            res.on('finish', async () => {
+                logger.debug(`Request finished ${user ? `for user ${user} ` : ''}- ${req.method} ${req.path}`);
+            });
+            // Send the oauth challenge, if needed. If we do, we're done
+            if (sendOAuthChallenge(res, tokenCheck)) {
+                return;
+            }
+            return withATXPContext(config, resource, tokenCheck, next);
+        }
+        catch (error) {
+            config.logger.error(`Critical error in atxp middleware - returning HTTP 500. Error: ${error instanceof Error ? error.message : String(error)}`);
+            config.logger.debug(JSON.stringify(error, null, 2));
+            res.status(500).json({ error: 'server_error', error_description: 'An internal server error occurred' });
+        }
+    };
+    // Add middleware to the router
+    router.use(atxpMiddleware);
+    return router;
+}
+//# sourceMappingURL=atxpServer.js.map

package/dist/src/atxpServer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atxpServer.js","sourceRoot":"","sources":["../../src/atxpServer.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,mBAAmB,EAAE,4BAA4B,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAEvH,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAmC,MAAM,EAAE,MAAM,SAAS,CAAC;AAClE,OAAO,EAAE,4BAA4B,IAAI,cAAc,EAAE,6BAA6B,EAAE,MAAM,gCAAgC,CAAC;AAC/H,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAQzE,MAAM,CAAC,MAAM,cAAc,GAAkE;IAC3F,SAAS,EAAE,GAAG;IACd,QAAQ,EAAE,MAAe;IACzB,OAAO,EAAE,QAAiB;IAC1B,MAAM,EAAE,4BAA4B;IACpC,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,sBAAsB;IACvD,SAAS,EAAE,gBAAgB;IAC3B,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa;IACjD,QAAQ,EAAE,IAAI,EAAE,uCAAuC;CACxD,CAAC;AAEF,MAAM,UAAU,iBAAiB,CAAC,IAAc;IAC9C,IAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,MAAM,YAAY,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,IAAI,EAAE,CAAC;IACpD,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,IAAI,IAAI,aAAa,EAAE,CAAA;IAC3D,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,IAAI,IAAI,mBAAmB,CAAC;QACtE,EAAE,EAAE,OAAO;QACX,qBAAqB,EAAE,YAAY,CAAC,SAAS;QAC7C,UAAU,EAAE,YAAY,CAAC,SAAS;KACnC,CAAC,CAAC;IACH,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;IAC1D,IAAI,aAAwC,CAAC;IAC7C,IAAI,YAAY,CAAC,aAAa,EAAG,CAAC;QAChC,aAAa,GAAG,YAAY,CAAC,aAAa,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,YAAY,CAAC,mBAAmB,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,2GAA2G,CAAC,CAAC;QAC/H,CAAC;QACD,aAAa,GAAG,IAAI,iBAAiB,CAAC,YAAY,CAAC,MAAM,EAAE,YAAY,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC;IACvG,CAAC;IACD,MAAM,KAAK,GAAG,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,EAAC,CAAC;IAC7D,OAAO,MAAM,CAAC,MAAM,CAAC,EAAE,GAAG,YAAY,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;AACtD,CAAC;AAAA,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,IAAc;IACvC,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACvC,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC;IAExB,qBAAqB;IACrB,MAAM,cAAc,GAAG,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;QAC/E,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAE,4BAA4B;YAC3D,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,QAAQ,GAAG,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC;YACrE,MAAM,CAAC,KAAK,CAAC,YAAY,GAAG,CAAC,MAAM,IAAI,UAAU,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAEhE,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACjD,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACvD,IAAI,6BAA6B,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;gBACpD,OAAO;YACT,CAAC;YAED,gFAAgF;YAChF,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACjE,IAAG,iBAAiB,CAAC,GAAG,EAAE,aAAa,CAAC,EAAE,CAAC;gBACzC,OAAO;YACT,CAAC;YAED,MAAM,WAAW,GAAG,MAAM,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YAC9E,MAAM,CAAC,KAAK,CAAC,GAAG,WAAW,CAAC,MAAM,gCAAgC,CAAC,CAAC;YAEpE,IAAG,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC5B,IAAI,EAAE,CAAC;gBACP,OAAO;YACT,CAAC;YAED,MAAM,CAAC,KAAK,CAAC,qBAAqB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5D,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC;YAC3D,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,EAAE,GAAG,IAAI,IAAI,CAAC;YAE1C,2CAA2C;YAC3C,GAAG,CAAC,EAAE,CAAC,QAAQ,EAAE,KAAK,IAAI,EAAE;gBAC1B,MAAM,CAAC,KAAK,CAAC,oBAAoB,IAAI,CAAC,CAAC,CAAC,YAAY,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YACjG,CAAC,CAAC,CAAC;YAEH,4DAA4D;YAC5D,IAAI,kBAAkB,CAAC,GAAG,EAAE,UAAU,CAAC,EAAE,CAAC;gBACxC,OAAO;YACT,CAAC;YAED,OAAO,eAAe,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;QAC7D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,kEAAkE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAChJ,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACpD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,iBAAiB,EAAE,mCAAmC,EAAE,CAAC,CAAC;QAC1G,CAAC;IACH,CAAC,CAAC;IAEF,+BAA+B;IAC/B,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAE3B,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/src/getResource.d.ts

@@ -0,0 +1,4 @@
+import { ATXPConfig } from "./types.js";
+export declare function getPath(url: URL): string;
+export declare function getResource(config: ATXPConfig, requestUrl: URL): URL;
+//# sourceMappingURL=getResource.d.ts.map

package/dist/src/getResource.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"getResource.d.ts","sourceRoot":"","sources":["../../src/getResource.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAExC,wBAAgB,OAAO,CAAC,GAAG,EAAE,GAAG,GAAG,MAAM,CAGxC;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,GAAG,GAAG,CAapE"}

package/dist/src/getResource.js

@@ -0,0 +1,17 @@
+export function getPath(url) {
+    const fullPath = url.pathname.replace(/^\/$/, '');
+    return fullPath;
+}
+export function getResource(config, requestUrl) {
+    if (config.resource) {
+        return new URL(config.resource);
+    }
+    const protocol = process.env.NODE_ENV === 'development' ? requestUrl.protocol : 'https:';
+    const url = new URL(`${protocol}//${requestUrl.host}${requestUrl.pathname}`);
+    const fullPath = getPath(url);
+    // If this is a PRM path, convert it into the path for the resource this is the metadata for
+    const resourcePath = fullPath.replace('/.well-known/oauth-protected-resource', '').replace(/\/$/, '');
+    const resource = new URL(`${protocol}//${requestUrl.host}${resourcePath}`);
+    return resource;
+}
+//# sourceMappingURL=getResource.js.map

package/dist/src/getResource.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"getResource.js","sourceRoot":"","sources":["../../src/getResource.ts"],"names":[],"mappings":"AAEA,MAAM,UAAU,OAAO,CAAC,GAAQ;IAC9B,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAClD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAkB,EAAE,UAAe;IAC7D,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,OAAO,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAClC,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC;IACzF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,QAAQ,KAAK,UAAU,CAAC,IAAI,GAAG,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IAC9B,4FAA4F;IAC5F,MAAM,YAAY,GAAG,QAAQ,CAAC,OAAO,CAAC,uCAAuC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAEtG,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,QAAQ,KAAK,UAAU,CAAC,IAAI,GAAG,YAAY,EAAE,CAAC,CAAC;IAC3E,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/src/http.d.ts

@@ -0,0 +1,7 @@
+import { IncomingMessage } from "node:http";
+import { JSONRPCRequest } from "@modelcontextprotocol/sdk/types.js";
+import { ATXPConfig } from "./types.js";
+import { Logger } from "@longrun/atxp-common";
+export declare function parseMcpRequests(config: ATXPConfig, requestUrl: URL, req: IncomingMessage, parsedBody?: unknown): Promise<JSONRPCRequest[]>;
+export declare function parseBody(req: IncomingMessage, logger: Logger): Promise<unknown>;
+//# sourceMappingURL=http.d.ts.map

package/dist/src/http.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.d.ts","sourceRoot":"","sources":["../../src/http.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAG5C,OAAO,EAAE,cAAc,EAAoB,MAAM,oCAAoC,CAAC;AACtF,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAoB,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAQhE,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,EAAE,GAAG,EAAE,eAAe,EAAE,UAAU,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC,CA0BjJ;AAED,wBAAsB,SAAS,CAAC,GAAG,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAmBtF"}