@dexterai/x402 1.4.1 → 1.5.0

package/dist/server/index.cjs

@@ -1,7 +1,9 @@
 "use strict";
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -15,6 +17,14 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 
 // src/server/index.ts
@@ -48,6 +58,7 @@ __export(server_exports, {
   getTextModels: () => getTextModels,
   isValidModel: () => isValidModel,
   isValidModelId: () => isValidModelId,
+  x402AccessPass: () => x402AccessPass,
   x402Middleware: () => x402Middleware
 });
 module.exports = __toCommonJS(server_exports);
@@ -411,6 +422,245 @@ function x402Middleware(config) {
   };
 }
 
+// src/server/access-pass.ts
+var import_crypto = __toESM(require("crypto"), 1);
+var DURATION_REGEX = /^(\d+)(m|h|d|w)$/;
+function parseTierDuration(tierId) {
+  const match = tierId.match(DURATION_REGEX);
+  if (!match) return null;
+  const value = parseInt(match[1], 10);
+  const unit = match[2];
+  switch (unit) {
+    case "m":
+      return value * 60;
+    case "h":
+      return value * 3600;
+    case "d":
+      return value * 86400;
+    case "w":
+      return value * 604800;
+    default:
+      return null;
+  }
+}
+function formatDuration(seconds) {
+  if (seconds >= 604800 && seconds % 604800 === 0) return `${seconds / 604800} week${seconds / 604800 > 1 ? "s" : ""}`;
+  if (seconds >= 86400 && seconds % 86400 === 0) return `${seconds / 86400} day${seconds / 86400 > 1 ? "s" : ""}`;
+  if (seconds >= 3600 && seconds % 3600 === 0) return `${seconds / 3600} hour${seconds / 3600 > 1 ? "s" : ""}`;
+  if (seconds >= 60 && seconds % 60 === 0) return `${seconds / 60} minute${seconds / 60 > 1 ? "s" : ""}`;
+  return `${seconds} second${seconds > 1 ? "s" : ""}`;
+}
+function signJwt(payload, secret) {
+  const header = Buffer.from(JSON.stringify({ alg: "HS256", typ: "JWT" })).toString("base64url");
+  const body = Buffer.from(JSON.stringify(payload)).toString("base64url");
+  const sig = import_crypto.default.createHmac("sha256", secret).update(`${header}.${body}`).digest("base64url");
+  return `${header}.${body}.${sig}`;
+}
+function verifyJwt(token, secret) {
+  try {
+    const parts = token.split(".");
+    if (parts.length !== 3) return null;
+    const [header, body, sig] = parts;
+    const expected = import_crypto.default.createHmac("sha256", secret).update(`${header}.${body}`).digest("base64url");
+    if (sig !== expected) return null;
+    const payload = JSON.parse(Buffer.from(body, "base64url").toString());
+    if (payload.exp && Date.now() / 1e3 > payload.exp) return null;
+    if (payload.sub !== "x402-access-pass") return null;
+    return payload;
+  } catch {
+    return null;
+  }
+}
+var DEFAULT_NETWORK2 = "solana:5eykt4UsFv8P8NJdTREpY1vzqKqZKvdp";
+var USDC_DECIMALS2 = 6;
+function x402AccessPass(config) {
+  const {
+    payTo,
+    network = DEFAULT_NETWORK2,
+    asset,
+    facilitatorUrl,
+    tiers: tierPrices,
+    ratePerHour,
+    secret = import_crypto.default.randomBytes(32),
+    issuer = "x402-access-pass",
+    verbose = false,
+    description
+  } = config;
+  if (!tierPrices && !ratePerHour) {
+    throw new Error("x402AccessPass: at least one of `tiers` or `ratePerHour` is required");
+  }
+  const log = verbose ? console.log.bind(console, "[x402:access-pass]") : () => {
+  };
+  const decimals = asset?.decimals ?? USDC_DECIMALS2;
+  const builtTiers = [];
+  if (tierPrices) {
+    for (const [id, price] of Object.entries(tierPrices)) {
+      const seconds = parseTierDuration(id);
+      if (!seconds) {
+        console.warn(`x402AccessPass: skipping tier "${id}" \u2014 unrecognized duration format (use 5m, 1h, 24h, 7d)`);
+        continue;
+      }
+      builtTiers.push({
+        id,
+        label: formatDuration(seconds),
+        seconds,
+        price,
+        priceAtomic: toAtomicUnits(parseFloat(price), decimals)
+      });
+    }
+    builtTiers.sort((a, b) => a.seconds - b.seconds);
+  }
+  const server = createX402Server({
+    payTo,
+    network,
+    asset,
+    facilitatorUrl
+  });
+  const passInfo = {
+    tiers: builtTiers.length > 0 ? builtTiers : void 0,
+    ratePerHour: ratePerHour || void 0,
+    issuer
+  };
+  const passInfoEncoded = btoa(JSON.stringify(passInfo));
+  function calculateCustomPrice(durationSeconds) {
+    if (!ratePerHour) {
+      throw new Error("Custom durations not supported \u2014 no ratePerHour configured");
+    }
+    const hours = durationSeconds / 3600;
+    const price = (parseFloat(ratePerHour) * hours).toFixed(decimals > 4 ? 4 : 2);
+    return { price, priceAtomic: toAtomicUnits(parseFloat(price), decimals) };
+  }
+  function resolvePricing(req) {
+    const tierParam = req.query.tier;
+    const durationParam = req.query.duration;
+    if (tierParam) {
+      const found = builtTiers.find((t) => t.id === tierParam);
+      if (found) {
+        return { tier: found.id, seconds: found.seconds, price: found.price, priceAtomic: found.priceAtomic, label: found.label };
+      }
+    }
+    if (durationParam) {
+      const seconds = parseInt(durationParam, 10);
+      if (seconds > 0 && ratePerHour) {
+        const pricing2 = calculateCustomPrice(seconds);
+        return { tier: "custom", seconds, ...pricing2, label: formatDuration(seconds) };
+      }
+    }
+    if (builtTiers.length > 0) {
+      const t = builtTiers[0];
+      return { tier: t.id, seconds: t.seconds, price: t.price, priceAtomic: t.priceAtomic, label: t.label };
+    }
+    const pricing = calculateCustomPrice(3600);
+    return { tier: "custom", seconds: 3600, ...pricing, label: "1 hour" };
+  }
+  return async (req, res, next) => {
+    try {
+      const auth = req.headers.authorization;
+      if (auth?.startsWith("Bearer ")) {
+        const claims = verifyJwt(auth.slice(7), secret);
+        if (claims) {
+          log("Valid access pass:", claims.tier, "| expires:", new Date(claims.exp * 1e3).toISOString());
+          req.accessPass = {
+            tier: claims.tier,
+            duration: claims.duration,
+            expiresAt: new Date(claims.exp * 1e3).toISOString(),
+            payer: claims.payer,
+            network: claims.network
+          };
+          return next();
+        }
+        log("Invalid or expired access pass token");
+      }
+      const paymentSignature = req.headers["payment-signature"];
+      if (paymentSignature) {
+        log("Payment signature received, verifying for pass purchase...");
+        const verifyResult = await server.verifyPayment(paymentSignature);
+        if (!verifyResult.isValid) {
+          log("Payment verification failed:", verifyResult.invalidReason);
+          res.status(402).json({ error: "Payment verification failed", reason: verifyResult.invalidReason });
+          return;
+        }
+        const settleResult = await server.settlePayment(paymentSignature);
+        if (!settleResult.success) {
+          log("Payment settlement failed:", settleResult.errorReason);
+          res.status(402).json({ error: "Payment settlement failed", reason: settleResult.errorReason });
+          return;
+        }
+        log("Payment settled:", settleResult.transaction);
+        const pricing2 = resolvePricing(req);
+        const now = Math.floor(Date.now() / 1e3);
+        const claims = {
+          sub: "x402-access-pass",
+          tier: pricing2.tier,
+          duration: pricing2.seconds,
+          iat: now,
+          exp: now + pricing2.seconds,
+          payer: verifyResult.payer ?? "",
+          network,
+          iss: issuer
+        };
+        const jwt = signJwt(claims, secret);
+        req.x402 = {
+          transaction: settleResult.transaction,
+          payer: verifyResult.payer ?? "",
+          network
+        };
+        const paymentResponseData = {
+          success: true,
+          transaction: settleResult.transaction,
+          network,
+          payer: verifyResult.payer ?? ""
+        };
+        res.setHeader("PAYMENT-RESPONSE", btoa(JSON.stringify(paymentResponseData)));
+        res.setHeader("ACCESS-PASS", jwt);
+        res.json({
+          accessPass: {
+            token: jwt,
+            tier: pricing2.tier,
+            duration: pricing2.label,
+            durationSeconds: pricing2.seconds,
+            expiresAt: new Date((now + pricing2.seconds) * 1e3).toISOString(),
+            usage: "Include on subsequent requests as: Authorization: Bearer <token>"
+          },
+          transaction: settleResult.transaction,
+          payer: verifyResult.payer
+        });
+        return;
+      }
+      log("No access pass or payment, returning 402");
+      const pricing = resolvePricing(req);
+      const amountAtomic = pricing.priceAtomic;
+      const resourceUrl = `${req.protocol}://${req.get("host")}${req.originalUrl}`;
+      const requirements = await server.buildRequirements({
+        amountAtomic,
+        resourceUrl,
+        description: description || `Access pass: ${pricing.label}`,
+        mimeType: "application/json"
+      });
+      const encoded = server.encodeRequirements(requirements);
+      res.setHeader("PAYMENT-REQUIRED", encoded);
+      res.setHeader("X-ACCESS-PASS-TIERS", passInfoEncoded);
+      res.status(402).json({
+        error: "Access pass required",
+        message: "Purchase an access pass to unlock unlimited API access for a time window.",
+        accepts: requirements.accepts,
+        resource: requirements.resource,
+        accessPass: {
+          tiers: builtTiers.length > 0 ? builtTiers : void 0,
+          ratePerHour: ratePerHour || void 0,
+          usage: "Add ?tier=<id> or ?duration=<seconds> to your payment request to choose a pass duration."
+        }
+      });
+    } catch (error) {
+      log("Access pass middleware error:", error);
+      res.status(500).json({
+        error: "Payment processing error",
+        message: error instanceof Error ? error.message : "Unknown error"
+      });
+    }
+  };
+}
+
 // src/server/dynamic-pricing.ts
 function simpleHash(str) {
   let hash = 2166136261;
@@ -494,7 +744,7 @@ function formatPricing(config) {
 }
 
 // src/server/token-pricing.ts
-var import_crypto = require("crypto");
+var import_crypto2 = require("crypto");
 var import_tiktoken = require("tiktoken");
 
 // src/server/model-registry.ts
@@ -1092,7 +1342,7 @@ function countTokens(text, model = DEFAULT_MODEL) {
 }
 function generateQuoteHash(prompt, model, rate, tokens) {
   const configString = JSON.stringify({ model, rate, tokens });
-  return (0, import_crypto.createHash)("sha256").update(prompt + configString).digest("hex").slice(0, 16);
+  return (0, import_crypto2.createHash)("sha256").update(prompt + configString).digest("hex").slice(0, 16);
 }
 function createTokenPricing(config = {}) {
   const model = config.model ?? DEFAULT_MODEL;
@@ -1211,6 +1461,7 @@ function formatTokenPricing(model = DEFAULT_MODEL) {
   getTextModels,
   isValidModel,
   isValidModelId,
+  x402AccessPass,
   x402Middleware
 });
 //# sourceMappingURL=index.cjs.map