@fidacy/mcp 0.1.8 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/lib.js +33 -1
  2. package/package.json +6 -1
package/dist/lib.js CHANGED
@@ -146,13 +146,34 @@ var ReferenceRail = class {
146
146
  return { railRef };
147
147
  }
148
148
  };
149
+ function httpRedeem(coreUrl, apiKey) {
150
+ const base = String(coreUrl ?? "").replace(/\/+$/, "");
151
+ const u = new URL(base);
152
+ if (u.protocol !== "https:" && !(u.protocol === "http:" && (u.hostname === "localhost" || u.hostname === "127.0.0.1"))) {
153
+ throw new Error("core URL must be https:// (the API key is sent to it)");
154
+ }
155
+ return async (grant) => {
156
+ const res = await fetch(`${base}/v1/grant/redeem`, {
157
+ method: "POST",
158
+ headers: { "content-type": "application/json", authorization: `Bearer ${apiKey}` },
159
+ body: JSON.stringify({ grant })
160
+ });
161
+ if (res.status === 200)
162
+ return true;
163
+ if (res.status === 409)
164
+ return false;
165
+ throw new Error(`redeem -> ${res.status}`);
166
+ };
167
+ }
149
168
  var GrantEnforcingExecutor = class {
150
169
  rail;
151
170
  used = /* @__PURE__ */ new Set();
152
171
  pub;
153
- constructor(publicKeyPem2, rail) {
172
+ redeem;
173
+ constructor(publicKeyPem2, rail, opts) {
154
174
  this.rail = rail;
155
175
  this.pub = createPublicKey(publicKeyPem2);
176
+ this.redeem = opts?.redeem;
156
177
  }
157
178
  async execute(req, grant) {
158
179
  if (!grant)
@@ -183,6 +204,16 @@ var GrantEnforcingExecutor = class {
183
204
  if (req.invoiceRef != null && req.invoiceRef !== (p.invoiceRef ?? null)) {
184
205
  return { status: "REFUSED", reason: "invoice_mismatch" };
185
206
  }
207
+ if (this.redeem) {
208
+ let first;
209
+ try {
210
+ first = await this.redeem(grant);
211
+ } catch {
212
+ return { status: "REFUSED", reason: "redeem_unavailable" };
213
+ }
214
+ if (!first)
215
+ return { status: "REFUSED", reason: "grant_replayed" };
216
+ }
186
217
  this.used.add(p.decisionId);
187
218
  const { railRef } = await this.rail.execute(req);
188
219
  return { status: "EXECUTED", railRef, decisionId: p.decisionId };
@@ -562,6 +593,7 @@ export {
562
593
  ReferenceRail,
563
594
  canonInvoice,
564
595
  evaluate,
596
+ httpRedeem,
565
597
  loadOrGenerateKeyPair,
566
598
  lookalikePayee,
567
599
  makeCore,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@fidacy/mcp",
3
- "version": "0.1.8",
3
+ "version": "0.1.9",
4
4
  "description": "Fidacy action firewall for AI agents. Mandate-gated payment authorization as an MCP server.",
5
5
  "license": "Apache-2.0",
6
6
  "homepage": "https://fidacy.com",
@@ -54,5 +54,10 @@
54
54
  "@types/node": "^22.10.0",
55
55
  "tsx": "^4.19.2",
56
56
  "typescript": "^5.7.2"
57
+ },
58
+ "mcpName": "com.fidacy/mcp",
59
+ "repository": {
60
+ "type": "git",
61
+ "url": "git+https://github.com/lucaslubi/fidacy-mcp.git"
57
62
  }
58
63
  }