@nevermined-io/payments 1.8.0 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/README.md +2 -1
  2. package/dist/mcp/core/auth.d.ts +2 -2
  3. package/dist/mcp/core/auth.d.ts.map +1 -1
  4. package/dist/mcp/core/auth.js +29 -18
  5. package/dist/mcp/core/auth.js.map +1 -1
  6. package/dist/mcp/core/paywall.d.ts.map +1 -1
  7. package/dist/mcp/core/paywall.js +10 -6
  8. package/dist/mcp/core/paywall.js.map +1 -1
  9. package/dist/mcp/core/server-manager.d.ts.map +1 -1
  10. package/dist/mcp/core/server-manager.js +6 -4
  11. package/dist/mcp/core/server-manager.js.map +1 -1
  12. package/dist/mcp/http/client-registration.d.ts.map +1 -1
  13. package/dist/mcp/http/client-registration.js +4 -2
  14. package/dist/mcp/http/client-registration.js.map +1 -1
  15. package/dist/mcp/http/oauth-metadata.d.ts.map +1 -1
  16. package/dist/mcp/http/oauth-metadata.js +2 -1
  17. package/dist/mcp/http/oauth-metadata.js.map +1 -1
  18. package/dist/mcp/index.d.ts +12 -5
  19. package/dist/mcp/index.d.ts.map +1 -1
  20. package/dist/mcp/index.js +46 -23
  21. package/dist/mcp/index.js.map +1 -1
  22. package/dist/mcp/types/http.types.d.ts +2 -2
  23. package/dist/mcp/types/http.types.d.ts.map +1 -1
  24. package/dist/mcp/types/http.types.js.map +1 -1
  25. package/dist/mcp/types/paywall.types.d.ts +6 -2
  26. package/dist/mcp/types/paywall.types.d.ts.map +1 -1
  27. package/dist/mcp/types/paywall.types.js.map +1 -1
  28. package/dist/mcp/types/server.types.d.ts +4 -2
  29. package/dist/mcp/types/server.types.d.ts.map +1 -1
  30. package/dist/mcp/types/server.types.js.map +1 -1
  31. package/dist/payments.d.ts.map +1 -1
  32. package/package.json +1 -1
package/README.md CHANGED
@@ -389,7 +389,8 @@ payments.mcp.registerPrompt(
389
389
  ```typescript
390
390
  const { info, stop } = await payments.mcp.start({
391
391
  port: 3002,
392
- agentId: process.env.NVM_AGENT_ID!,
392
+ planId: process.env.NVM_PLAN_ID!,
393
+ agentId: process.env.NVM_AGENT_ID, // optional — informational only
393
394
  serverName: 'weather-mcp',
394
395
  version: '0.1.0',
395
396
  })
package/dist/mcp/core/auth.d.ts CHANGED
@@ -53,7 +53,7 @@ export declare class PaywallAuthenticator {
53
53
  authenticate(extra: any, options: {
54
54
  planId?: string;
55
55
  maxAmount?: bigint;
56
- } | undefined, agentId: string, serverName: string, name: string, kind: 'tool' | 'resource' | 'prompt', argsOrVars: any): Promise<AuthResult>;
56
+ } | undefined, agentId: string | undefined, serverName: string, name: string, kind: 'tool' | 'resource' | 'prompt', argsOrVars: any): Promise<AuthResult>;
57
57
  /**
58
58
  * Authenticate generic MCP meta operations (e.g., initialize, tools/list, resources/list, prompts/list).
59
59
  * Returns an AuthResult compatible with paywall flows (without redeem step).
@@ -61,6 +61,6 @@ export declare class PaywallAuthenticator {
61
61
  authenticateMeta(extra: any, options: {
62
62
  planId?: string;
63
63
  maxAmount?: bigint;
64
- } | undefined, agentId: string, serverName: string, method: string): Promise<AuthResult>;
64
+ } | undefined, agentId: string | undefined, serverName: string, method: string): Promise<AuthResult>;
65
65
  }
66
66
  //# sourceMappingURL=auth.d.ts.map
package/dist/mcp/core/auth.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/mcp/core/auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAGjD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AAoBtD;;GAEG;AACH,qBAAa,oBAAoB;IACnB,OAAO,CAAC,QAAQ;gBAAR,QAAQ,EAAE,QAAQ;IAEtC;;;;;;OAMG;IACH,OAAO,CAAC,4BAA4B;IAepC;;;;OAIG;IACH,OAAO,CAAC,uBAAuB;IAuB/B;;;OAGG;YACW,kBAAkB;IAsDhC;;;;;;;;;;;;OAYG;YACW,yBAAyB;IA2CvC;;;OAGG;YACW,kBAAkB;IAyDhC;;OAEG;IACG,YAAY,CAChB,KAAK,EAAE,GAAG,EACV,OAAO,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,YAAK,EACrD,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAClB,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,QAAQ,EACpC,UAAU,EAAE,GAAG,GACd,OAAO,CAAC,UAAU,CAAC;IAkBtB;;;OAGG;IACG,gBAAgB,CACpB,KAAK,EAAE,GAAG,EACV,OAAO,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,YAAK,EACrD,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,UAAU,CAAC;CAiBvB"}
1
+ {"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../src/mcp/core/auth.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAGjD,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAA;AAoBtD;;GAEG;AACH,qBAAa,oBAAoB;IACnB,OAAO,CAAC,QAAQ;gBAAR,QAAQ,EAAE,QAAQ;IAEtC;;;;;;OAMG;IACH,OAAO,CAAC,4BAA4B;IAepC;;;;OAIG;IACH,OAAO,CAAC,uBAAuB;IAuB/B;;;OAGG;YACW,kBAAkB;IAsDhC;;;;;;;;;;;;OAYG;YACW,yBAAyB;IAuDvC;;;OAGG;YACW,kBAAkB;IA0DhC;;OAEG;IACG,YAAY,CAChB,KAAK,EAAE,GAAG,EACV,OAAO,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,YAAK,EACrD,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,UAAU,EAAE,MAAM,EAClB,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,QAAQ,EACpC,UAAU,EAAE,GAAG,GACd,OAAO,CAAC,UAAU,CAAC;IAuBtB;;;OAGG;IACG,gBAAgB,CACpB,KAAK,EAAE,GAAG,EACV,OAAO,EAAE;QAAE,MAAM,CAAC,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,YAAK,EACrD,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,UAAU,CAAC;CAsBvB"}
package/dist/mcp/core/auth.js CHANGED
@@ -98,7 +98,7 @@ export class PaywallAuthenticator {
98
98
  // Both attempts failed — surface a spec-shaped PaymentRequired error
99
99
  // (converted in-band to a tool-result error for tools; propagates as a
100
100
  // JSON-RPC error for resources/prompts).
101
- throw await this.buildPaymentRequiredError(agentId, logicalUrl);
101
+ throw await this.buildPaymentRequiredError(agentId, logicalUrl, 'Payment required.', planIdOverride);
102
102
  }
103
103
  /**
104
104
  * Build a spec-shaped {@link PaymentRequiredError} from the agent's plans.
@@ -113,26 +113,36 @@ export class PaywallAuthenticator {
113
113
  * @param message - Leading human-readable message (e.g. "Authorization required.").
114
114
  * @returns A `PaymentRequiredError` carrying the `PaymentRequired` object.
115
115
  */
116
- async buildPaymentRequiredError(agentId, endpoint, message = 'Payment required.') {
116
+ async buildPaymentRequiredError(agentId, endpoint, message = 'Payment required.', fallbackPlanId) {
117
117
  const planIds = [];
118
118
  const names = [];
119
119
  let plansLookupFailed = false;
120
- try {
121
- const plans = await this.payments.agents.getAgentPlans(agentId);
122
- if (plans && Array.isArray(plans.plans)) {
123
- for (const p of plans.plans) {
124
- const pid = p.planId || p.id;
125
- if (pid)
126
- planIds.push(pid);
127
- if (pid)
128
- names.push(`${pid}${p.name ? ` (${p.name})` : ''}`);
120
+ // Only look up the agent's plans when an agentId is configured. Under the
121
+ // plan-centric model agentId is optional, so we advertise the configured
122
+ // plan directly (below) instead of requiring an agent lookup.
123
+ if (agentId) {
124
+ try {
125
+ const plans = await this.payments.agents.getAgentPlans(agentId);
126
+ if (plans && Array.isArray(plans.plans)) {
127
+ for (const p of plans.plans) {
128
+ const pid = p.planId || p.id;
129
+ if (pid)
130
+ planIds.push(pid);
131
+ if (pid)
132
+ names.push(`${pid}${p.name ? ` (${p.name})` : ''}`);
133
+ }
129
134
  }
130
135
  }
136
+ catch (error) {
137
+ // Best-effort: a backend failure must not look like a clean "unpaid".
138
+ plansLookupFailed = true;
139
+ console.error(`[x402] Failed to fetch agent plans while building payment-required (agentId=${agentId}): ${error instanceof Error ? error.message : String(error)}`);
140
+ }
131
141
  }
132
- catch (error) {
133
- // Best-effort: a backend failure must not look like a clean "unpaid".
134
- plansLookupFailed = true;
135
- console.error(`[x402] Failed to fetch agent plans while building payment-required (agentId=${agentId}): ${error instanceof Error ? error.message : String(error)}`);
142
+ // Plan-centric fallback: advertise the configured plan when no plans were
143
+ // resolved via the agent (or no agentId was provided).
144
+ if (planIds.length === 0 && fallbackPlanId) {
145
+ planIds.push(fallbackPlanId);
136
146
  }
137
147
  const plansMsg = names.length > 0 ? ` Available plans: ${names.slice(0, 3).join(', ')}...` : '';
138
148
  const paymentRequired = buildPaymentRequiredForPlans(planIds, {
@@ -159,7 +169,8 @@ export class PaywallAuthenticator {
159
169
  let planId = planIdOverride ?? decodedAccessToken.accepted?.planId;
160
170
  const subscriberAddress = decodedAccessToken.payload?.authorization?.from;
161
171
  // If planId is not available, try to get it from the agent's plans
162
- if (!planId) {
172
+ // (only possible when an agentId is configured).
173
+ if (!planId && agentId) {
163
174
  try {
164
175
  const agentPlans = await this.payments.agents.getAgentPlans(agentId);
165
176
  if (agentPlans && Array.isArray(agentPlans.plans) && agentPlans.plans.length > 0) {
@@ -200,7 +211,7 @@ export class PaywallAuthenticator {
200
211
  const logicalUrl = buildLogicalUrl({ kind, serverName, name, argsOrVars });
201
212
  const authHeader = this.extractAuthHeaderFromContext(extra);
202
213
  if (!authHeader) {
203
- throw await this.buildPaymentRequiredError(agentId, logicalUrl, 'Authorization required.');
214
+ throw await this.buildPaymentRequiredError(agentId, logicalUrl, 'Authorization required.', options.planId);
204
215
  }
205
216
  return this.verifyWithFallback({
206
217
  accessToken: stripBearer(authHeader),
@@ -219,7 +230,7 @@ export class PaywallAuthenticator {
219
230
  const logicalUrl = buildLogicalMetaUrl(serverName, method);
220
231
  const authHeader = this.extractAuthHeaderFromContext(extra);
221
232
  if (!authHeader) {
222
- throw await this.buildPaymentRequiredError(agentId, logicalUrl, 'Authorization required.');
233
+ throw await this.buildPaymentRequiredError(agentId, logicalUrl, 'Authorization required.', options.planId);
223
234
  }
224
235
  return this.verifyWithFallback({
225
236
  accessToken: stripBearer(authHeader),
package/dist/mcp/core/auth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/mcp/core/auth.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAClD,OAAO,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAA;AAEjE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAA;AACzD,OAAO,EAAW,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAC9D,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAC9E,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,EACL,oBAAoB,EACpB,4BAA4B,GAE7B,MAAM,+BAA+B,CAAA;AAWtC;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAC/B,YAAoB,QAAkB;QAAlB,aAAQ,GAAR,QAAQ,CAAU;IAAG,CAAC;IAE1C;;;;;;OAMG;IACK,4BAA4B,CAAC,KAAU;QAC7C,4DAA4D;QAC5D,IAAI,UAAU,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAA;QAEzC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,cAAc,GAAG,wBAAwB,EAAE,CAAA;YACjD,IAAI,cAAc,EAAE,OAAO,EAAE,CAAC;gBAC5B,mDAAmD;gBACnD,UAAU,GAAG,iBAAiB,CAAC,EAAE,WAAW,EAAE,EAAE,OAAO,EAAE,cAAc,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;YACtF,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED;;;;OAIG;IACK,uBAAuB;QAC7B,MAAM,cAAc,GAAG,wBAAwB,EAAE,CAAA;QACjD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAA;YAC7F,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtC,OAAO,SAAS,CAAA;YAClB,CAAC;YAED,MAAM,QAAQ,GAAG,cAAc,CAAC,OAAO,EAAE,CAAC,mBAAmB,CAAC,IAAI,MAAM,CAAA;YACxE,MAAM,OAAO,GAAG,GAAG,QAAQ,MAAM,IAAI,EAAE,CAAA;YAEvC,kFAAkF;YAClF,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,IAAI,MAAM,CAAA;YACzC,OAAO,GAAG,OAAO,GAAG,IAAI,EAAE,CAAA;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAA;QAClB,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,kBAAkB,CAAC,GAAkB;QACjD,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;QAEpF,wBAAwB;QACxB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC1C,WAAW,EACX,UAAU,EACV,OAAO,EACP,SAAS,EACT,cAAc,CACf,CAAA;YACD,OAAO;gBACL,KAAK,EAAE,WAAW;gBAClB,OAAO;gBACP,UAAU;gBACV,OAAO;gBACP,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;gBAC3C,YAAY,EAAE,MAAM,CAAC,YAAY;aAClC,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,yDAAyD;QAC3D,CAAC;QAED,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC1C,WAAW,EACX,OAAO,EACP,OAAO,EACP,SAAS,EACT,cAAc,CACf,CAAA;gBACD,OAAO;oBACL,KAAK,EAAE,WAAW;oBAClB,OAAO;oBACP,UAAU;oBACV,OAAO;oBACP,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;oBAC3C,YAAY,EAAE,MAAM,CAAC,YAAY;iBAClC,CAAA;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,4BAA4B;YAC9B,CAAC;QACH,CAAC;QAED,qEAAqE;QACrE,uEAAuE;QACvE,yCAAyC;QACzC,MAAM,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAA;IACjE,CAAC;IAED;;;;;;;;;;;;OAYG;IACK,KAAK,CAAC,yBAAyB,CACrC,OAAe,EACf,QAAgB,EAChB,OAAO,GAAG,mBAAmB;QAE7B,MAAM,OAAO,GAAa,EAAE,CAAA;QAC5B,MAAM,KAAK,GAAa,EAAE,CAAA;QAC1B,IAAI,iBAAiB,GAAG,KAAK,CAAA;QAC7B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;YAC/D,IAAI,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxC,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;oBAC5B,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,EAAE,CAAA;oBAC5B,IAAI,GAAG;wBAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;oBAC1B,IAAI,GAAG;wBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;gBAC9D,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sEAAsE;YACtE,iBAAiB,GAAG,IAAI,CAAA;YACxB,OAAO,CAAC,KAAK,CACX,+EAA+E,OAAO,MACpF,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CACvD,EAAE,CACH,CAAA;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,qBAAqB,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAA;QAE/F,MAAM,eAAe,GAAG,4BAA4B,CAAC,OAAO,EAAE;YAC5D,QAAQ;YACR,OAAO;YACP,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;SAChD,CAA6C,CAAA;QAC9C,2EAA2E;QAC3E,wEAAwE;QACxE,2EAA2E;QAC3E,eAAe,CAAC,KAAK,GAAG,iBAAiB,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,kBAAkB,CAAA;QAEpF,OAAO,IAAI,oBAAoB,CAAC,eAAe,EAAE,GAAG,OAAO,GAAG,QAAQ,EAAE,CAAC,CAAA;IAC3E,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,kBAAkB,CAC9B,WAAmB,EACnB,QAAgB,EAChB,OAAe,EACf,SAAiB,EACjB,cAAuB;QAEvB,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAA;QACzD,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAA;QACzC,CAAC;QAED,IAAI,MAAM,GAAG,cAAc,IAAI,kBAAkB,CAAC,QAAQ,EAAE,MAAM,CAAA;QAClE,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,OAAO,EAAE,aAAa,EAAE,IAAI,CAAA;QAEzE,mEAAmE;QACnE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;gBACpE,IAAI,UAAU,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjF,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;gBAC/D,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,+BAA+B;YACjC,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CACb,qHAAqH,CACtH,CAAA;QACH,CAAC;QAED,MAAM,MAAM,GAAG,aAAa,CAAC,kBAAkB,EAAE,QAAQ,EAAE,MAAM,CAAC;YAChE,CAAC,CAAC,kBAAkB,CAAC,QAAQ,CAAC,MAAM;YACpC,CAAC,CAAC,aAAa,CAAA;QACjB,MAAM,eAAe,GAAwB,oBAAoB,CAAC,MAAM,EAAE;YACxE,QAAQ;YACR,OAAO;YACP,QAAQ,EAAE,MAAM;YAChB,MAAM;YACN,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;SAChD,CAAC,CAAA;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,iBAAiB,CAAC;YAC/D,eAAe;YACf,eAAe,EAAE,WAAW;YAC5B,SAAS;SACV,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAA;QACnD,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,CAAA;IACzE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAChB,KAAU,EACV,UAAmD,EAAE,EACrD,OAAe,EACf,UAAkB,EAClB,IAAY,EACZ,IAAoC,EACpC,UAAe;QAEf,MAAM,UAAU,GAAG,eAAe,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAA;QAE1E,MAAM,UAAU,GAAG,IAAI,CAAC,4BAA4B,CAAC,KAAK,CAAC,CAAA;QAC3D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,UAAU,EAAE,yBAAyB,CAAC,CAAA;QAC5F,CAAC;QAED,OAAO,IAAI,CAAC,kBAAkB,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,UAAU,CAAC;YACpC,UAAU;YACV,OAAO,EAAE,IAAI,CAAC,uBAAuB,EAAE;YACvC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE;YAClC,OAAO;YACP,cAAc,EAAE,OAAO,CAAC,MAAM;SAC/B,CAAC,CAAA;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,gBAAgB,CACpB,KAAU,EACV,UAAmD,EAAE,EACrD,OAAe,EACf,UAAkB,EAClB,MAAc;QAEd,MAAM,UAAU,GAAG,mBAAmB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAA;QAE1D,MAAM,UAAU,GAAG,IAAI,CAAC,4BAA4B,CAAC,KAAK,CAAC,CAAA;QAC3D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,UAAU,EAAE,yBAAyB,CAAC,CAAA;QAC5F,CAAC;QAED,OAAO,IAAI,CAAC,kBAAkB,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,UAAU,CAAC;YACpC,UAAU;YACV,OAAO,EAAE,IAAI,CAAC,uBAAuB,EAAE;YACvC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE;YAClC,OAAO;YACP,cAAc,EAAE,OAAO,CAAC,MAAM;SAC/B,CAAC,CAAA;IACJ,CAAC;CACF","sourcesContent":["/**\n * Authentication handler for MCP paywall using X402 tokens\n */\nimport type { Payments } from '../../payments.js'\nimport { decodeAccessToken } from '../../utils.js'\nimport { getCurrentRequestContext } from '../http/mcp-handler.js'\nimport { AuthResult } from '../types/paywall.types.js'\nimport { PaymentRequiredError } from '../utils/errors.js'\nimport { Address, isValidScheme } from '../../common/types.js'\nimport { buildLogicalMetaUrl, buildLogicalUrl } from '../utils/logical-url.js'\nimport { extractAuthHeader, stripBearer } from '../utils/request.js'\nimport {\n buildPaymentRequired,\n buildPaymentRequiredForPlans,\n type X402PaymentRequired,\n} from '../../x402/facilitator-api.js'\n\ninterface VerifyContext {\n accessToken: string\n logicalUrl: string\n httpUrl: string | undefined\n maxAmount: bigint\n agentId: string\n planIdOverride?: string\n}\n\n/**\n * Handles authentication and authorization for MCP requests\n */\nexport class PaywallAuthenticator {\n constructor(private payments: Payments) {}\n\n /**\n * Extract authorization header from extra context or AsyncLocalStorage.\n * Tries SDK's extra context first, then falls back to HTTP request context.\n *\n * @param extra - MCP extra context from SDK\n * @returns Authorization header value or undefined\n */\n private extractAuthHeaderFromContext(extra: any): string | undefined {\n // Try to extract auth header from SDK's extra context first\n let authHeader = extractAuthHeader(extra)\n\n if (!authHeader) {\n const requestContext = getCurrentRequestContext()\n if (requestContext?.headers) {\n // Build an extra-like object for extractAuthHeader\n authHeader = extractAuthHeader({ requestInfo: { headers: requestContext.headers } })\n }\n }\n\n return authHeader\n }\n\n /**\n * Build HTTP endpoint URL from request context.\n *\n * @returns HTTP endpoint URL or undefined if context is not available\n */\n private buildHttpUrlFromContext(): string | undefined {\n const requestContext = getCurrentRequestContext()\n if (!requestContext) {\n return undefined\n }\n\n try {\n const host = requestContext.headers?.['host'] || requestContext.headers?.['x-forwarded-host']\n if (!host || typeof host !== 'string') {\n return undefined\n }\n\n const protocol = requestContext.headers?.['x-forwarded-proto'] || 'http'\n const baseUrl = `${protocol}://${host}`\n\n // Use requestContext.url if available (e.g., '/mcp'), otherwise default to '/mcp'\n const path = requestContext.url || '/mcp'\n return `${baseUrl}${path}`\n } catch {\n return undefined\n }\n }\n\n /**\n * Core verification logic shared by authenticate and authenticateMeta.\n * Tries logical URL first, falls back to HTTP URL if available.\n */\n private async verifyWithFallback(ctx: VerifyContext): Promise<AuthResult> {\n const { accessToken, logicalUrl, httpUrl, maxAmount, agentId, planIdOverride } = ctx\n\n // Try logical URL first\n try {\n const result = await this.verifyWithEndpoint(\n accessToken,\n logicalUrl,\n agentId,\n maxAmount,\n planIdOverride,\n )\n return {\n token: accessToken,\n agentId,\n logicalUrl,\n httpUrl,\n planId: result.planId,\n subscriberAddress: result.subscriberAddress,\n agentRequest: result.agentRequest,\n }\n } catch {\n // If logical URL fails and we have an HTTP URL, try that\n }\n\n if (httpUrl) {\n try {\n const result = await this.verifyWithEndpoint(\n accessToken,\n httpUrl,\n agentId,\n maxAmount,\n planIdOverride,\n )\n return {\n token: accessToken,\n agentId,\n logicalUrl,\n httpUrl,\n planId: result.planId,\n subscriberAddress: result.subscriberAddress,\n agentRequest: result.agentRequest,\n }\n } catch {\n // HTTP fallback also failed\n }\n }\n\n // Both attempts failed — surface a spec-shaped PaymentRequired error\n // (converted in-band to a tool-result error for tools; propagates as a\n // JSON-RPC error for resources/prompts).\n throw await this.buildPaymentRequiredError(agentId, logicalUrl)\n }\n\n /**\n * Build a spec-shaped {@link PaymentRequiredError} from the agent's plans.\n *\n * Fetches the agent's plans (best-effort) to populate the `accepts` array of\n * the `PaymentRequired` object and a human-readable list of plan names in the\n * error message. Falls back to an empty plan id when no plans can be resolved\n * so the structured shape is still valid.\n *\n * @param agentId - Agent identifier used to look up purchasable plans.\n * @param endpoint - Logical resource URL placed in `PaymentRequired.resource`.\n * @param message - Leading human-readable message (e.g. \"Authorization required.\").\n * @returns A `PaymentRequiredError` carrying the `PaymentRequired` object.\n */\n private async buildPaymentRequiredError(\n agentId: string,\n endpoint: string,\n message = 'Payment required.',\n ): Promise<PaymentRequiredError> {\n const planIds: string[] = []\n const names: string[] = []\n let plansLookupFailed = false\n try {\n const plans = await this.payments.agents.getAgentPlans(agentId)\n if (plans && Array.isArray(plans.plans)) {\n for (const p of plans.plans) {\n const pid = p.planId || p.id\n if (pid) planIds.push(pid)\n if (pid) names.push(`${pid}${p.name ? ` (${p.name})` : ''}`)\n }\n }\n } catch (error) {\n // Best-effort: a backend failure must not look like a clean \"unpaid\".\n plansLookupFailed = true\n console.error(\n `[x402] Failed to fetch agent plans while building payment-required (agentId=${agentId}): ${\n error instanceof Error ? error.message : String(error)\n }`,\n )\n }\n\n const plansMsg = names.length > 0 ? ` Available plans: ${names.slice(0, 3).join(', ')}...` : ''\n\n const paymentRequired = buildPaymentRequiredForPlans(planIds, {\n endpoint,\n agentId,\n httpVerb: 'POST',\n environment: this.payments.getEnvironmentName(),\n }) as X402PaymentRequired & { error?: string }\n // When the plans lookup itself failed (backend outage) the `accepts` array\n // falls back to an empty plan id; flag it so a client can't mistake the\n // resulting payment-required for a clean \"free / no plan needed\" response.\n paymentRequired.error = plansLookupFailed ? 'plans unavailable' : 'payment required'\n\n return new PaymentRequiredError(paymentRequired, `${message}${plansMsg}`)\n }\n\n /**\n * Verify permissions against a single endpoint URL.\n * Resolves planId from the token or from the agent's plans as fallback.\n */\n private async verifyWithEndpoint(\n accessToken: string,\n endpoint: string,\n agentId: string,\n maxAmount: bigint,\n planIdOverride?: string,\n ): Promise<{ planId: string; subscriberAddress: Address; agentRequest?: any }> {\n const decodedAccessToken = decodeAccessToken(accessToken)\n if (!decodedAccessToken) {\n throw new Error('Invalid access token')\n }\n\n let planId = planIdOverride ?? decodedAccessToken.accepted?.planId\n const subscriberAddress = decodedAccessToken.payload?.authorization?.from\n\n // If planId is not available, try to get it from the agent's plans\n if (!planId) {\n try {\n const agentPlans = await this.payments.agents.getAgentPlans(agentId)\n if (agentPlans && Array.isArray(agentPlans.plans) && agentPlans.plans.length > 0) {\n planId = agentPlans.plans[0].planId || agentPlans.plans[0].id\n }\n } catch {\n // Ignore errors fetching plans\n }\n }\n\n if (!planId || !subscriberAddress) {\n throw new Error(\n 'Cannot determine plan_id or subscriber_address from token (expected accepted.planId and payload.authorization.from)',\n )\n }\n\n const scheme = isValidScheme(decodedAccessToken?.accepted?.scheme)\n ? decodedAccessToken.accepted.scheme\n : 'nvm:erc4337'\n const paymentRequired: X402PaymentRequired = buildPaymentRequired(planId, {\n endpoint,\n agentId,\n httpVerb: 'POST',\n scheme,\n environment: this.payments.getEnvironmentName(),\n })\n\n const result = await this.payments.facilitator.verifyPermissions({\n paymentRequired,\n x402AccessToken: accessToken,\n maxAmount,\n })\n\n if (!result.isValid) {\n throw new Error('Permission verification failed')\n }\n\n return { planId, subscriberAddress, agentRequest: result.agentRequest }\n }\n\n /**\n * Authenticate an MCP request\n */\n async authenticate(\n extra: any,\n options: { planId?: string; maxAmount?: bigint } = {},\n agentId: string,\n serverName: string,\n name: string,\n kind: 'tool' | 'resource' | 'prompt',\n argsOrVars: any,\n ): Promise<AuthResult> {\n const logicalUrl = buildLogicalUrl({ kind, serverName, name, argsOrVars })\n\n const authHeader = this.extractAuthHeaderFromContext(extra)\n if (!authHeader) {\n throw await this.buildPaymentRequiredError(agentId, logicalUrl, 'Authorization required.')\n }\n\n return this.verifyWithFallback({\n accessToken: stripBearer(authHeader),\n logicalUrl,\n httpUrl: this.buildHttpUrlFromContext(),\n maxAmount: options.maxAmount ?? 1n,\n agentId,\n planIdOverride: options.planId,\n })\n }\n\n /**\n * Authenticate generic MCP meta operations (e.g., initialize, tools/list, resources/list, prompts/list).\n * Returns an AuthResult compatible with paywall flows (without redeem step).\n */\n async authenticateMeta(\n extra: any,\n options: { planId?: string; maxAmount?: bigint } = {},\n agentId: string,\n serverName: string,\n method: string,\n ): Promise<AuthResult> {\n const logicalUrl = buildLogicalMetaUrl(serverName, method)\n\n const authHeader = this.extractAuthHeaderFromContext(extra)\n if (!authHeader) {\n throw await this.buildPaymentRequiredError(agentId, logicalUrl, 'Authorization required.')\n }\n\n return this.verifyWithFallback({\n accessToken: stripBearer(authHeader),\n logicalUrl,\n httpUrl: this.buildHttpUrlFromContext(),\n maxAmount: options.maxAmount ?? 1n,\n agentId,\n planIdOverride: options.planId,\n })\n }\n}\n"]}
1
+ {"version":3,"file":"auth.js","sourceRoot":"","sources":["../../../src/mcp/core/auth.ts"],"names":[],"mappings":"AAIA,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAClD,OAAO,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAA;AAEjE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oBAAoB,CAAA;AACzD,OAAO,EAAW,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAC9D,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAC9E,OAAO,EAAE,iBAAiB,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAA;AACpE,OAAO,EACL,oBAAoB,EACpB,4BAA4B,GAE7B,MAAM,+BAA+B,CAAA;AAWtC;;GAEG;AACH,MAAM,OAAO,oBAAoB;IAC/B,YAAoB,QAAkB;QAAlB,aAAQ,GAAR,QAAQ,CAAU;IAAG,CAAC;IAE1C;;;;;;OAMG;IACK,4BAA4B,CAAC,KAAU;QAC7C,4DAA4D;QAC5D,IAAI,UAAU,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAA;QAEzC,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,cAAc,GAAG,wBAAwB,EAAE,CAAA;YACjD,IAAI,cAAc,EAAE,OAAO,EAAE,CAAC;gBAC5B,mDAAmD;gBACnD,UAAU,GAAG,iBAAiB,CAAC,EAAE,WAAW,EAAE,EAAE,OAAO,EAAE,cAAc,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;YACtF,CAAC;QACH,CAAC;QAED,OAAO,UAAU,CAAA;IACnB,CAAC;IAED;;;;OAIG;IACK,uBAAuB;QAC7B,MAAM,cAAc,GAAG,wBAAwB,EAAE,CAAA;QACjD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,OAAO,EAAE,CAAC,kBAAkB,CAAC,CAAA;YAC7F,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACtC,OAAO,SAAS,CAAA;YAClB,CAAC;YAED,MAAM,QAAQ,GAAG,cAAc,CAAC,OAAO,EAAE,CAAC,mBAAmB,CAAC,IAAI,MAAM,CAAA;YACxE,MAAM,OAAO,GAAG,GAAG,QAAQ,MAAM,IAAI,EAAE,CAAA;YAEvC,kFAAkF;YAClF,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,IAAI,MAAM,CAAA;YACzC,OAAO,GAAG,OAAO,GAAG,IAAI,EAAE,CAAA;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,SAAS,CAAA;QAClB,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,kBAAkB,CAAC,GAAkB;QACjD,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,GAAG,GAAG,CAAA;QAEpF,wBAAwB;QACxB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC1C,WAAW,EACX,UAAU,EACV,OAAO,EACP,SAAS,EACT,cAAc,CACf,CAAA;YACD,OAAO;gBACL,KAAK,EAAE,WAAW;gBAClB,OAAO;gBACP,UAAU;gBACV,OAAO;gBACP,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;gBAC3C,YAAY,EAAE,MAAM,CAAC,YAAY;aAClC,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,yDAAyD;QAC3D,CAAC;QAED,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAC1C,WAAW,EACX,OAAO,EACP,OAAO,EACP,SAAS,EACT,cAAc,CACf,CAAA;gBACD,OAAO;oBACL,KAAK,EAAE,WAAW;oBAClB,OAAO;oBACP,UAAU;oBACV,OAAO;oBACP,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;oBAC3C,YAAY,EAAE,MAAM,CAAC,YAAY;iBAClC,CAAA;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,4BAA4B;YAC9B,CAAC;QACH,CAAC;QAED,qEAAqE;QACrE,uEAAuE;QACvE,yCAAyC;QACzC,MAAM,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,EAAE,UAAU,EAAE,mBAAmB,EAAE,cAAc,CAAC,CAAA;IACtG,CAAC;IAED;;;;;;;;;;;;OAYG;IACK,KAAK,CAAC,yBAAyB,CACrC,OAA2B,EAC3B,QAAgB,EAChB,OAAO,GAAG,mBAAmB,EAC7B,cAAuB;QAEvB,MAAM,OAAO,GAAa,EAAE,CAAA;QAC5B,MAAM,KAAK,GAAa,EAAE,CAAA;QAC1B,IAAI,iBAAiB,GAAG,KAAK,CAAA;QAC7B,0EAA0E;QAC1E,yEAAyE;QACzE,8DAA8D;QAC9D,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;gBAC/D,IAAI,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;oBACxC,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;wBAC5B,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,EAAE,CAAA;wBAC5B,IAAI,GAAG;4BAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;wBAC1B,IAAI,GAAG;4BAAE,KAAK,CAAC,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;oBAC9D,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,sEAAsE;gBACtE,iBAAiB,GAAG,IAAI,CAAA;gBACxB,OAAO,CAAC,KAAK,CACX,+EAA+E,OAAO,MACpF,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CACvD,EAAE,CACH,CAAA;YACH,CAAC;QACH,CAAC;QAED,0EAA0E;QAC1E,uDAAuD;QACvD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,cAAc,EAAE,CAAC;YAC3C,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAC9B,CAAC;QAED,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,qBAAqB,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAA;QAE/F,MAAM,eAAe,GAAG,4BAA4B,CAAC,OAAO,EAAE;YAC5D,QAAQ;YACR,OAAO;YACP,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;SAChD,CAA6C,CAAA;QAC9C,2EAA2E;QAC3E,wEAAwE;QACxE,2EAA2E;QAC3E,eAAe,CAAC,KAAK,GAAG,iBAAiB,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,kBAAkB,CAAA;QAEpF,OAAO,IAAI,oBAAoB,CAAC,eAAe,EAAE,GAAG,OAAO,GAAG,QAAQ,EAAE,CAAC,CAAA;IAC3E,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,kBAAkB,CAC9B,WAAmB,EACnB,QAAgB,EAChB,OAA2B,EAC3B,SAAiB,EACjB,cAAuB;QAEvB,MAAM,kBAAkB,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAA;QACzD,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxB,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAA;QACzC,CAAC;QAED,IAAI,MAAM,GAAG,cAAc,IAAI,kBAAkB,CAAC,QAAQ,EAAE,MAAM,CAAA;QAClE,MAAM,iBAAiB,GAAG,kBAAkB,CAAC,OAAO,EAAE,aAAa,EAAE,IAAI,CAAA;QAEzE,mEAAmE;QACnE,iDAAiD;QACjD,IAAI,CAAC,MAAM,IAAI,OAAO,EAAE,CAAC;YACvB,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;gBACpE,IAAI,UAAU,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,UAAU,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjF,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAA;gBAC/D,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,+BAA+B;YACjC,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CACb,qHAAqH,CACtH,CAAA;QACH,CAAC;QAED,MAAM,MAAM,GAAG,aAAa,CAAC,kBAAkB,EAAE,QAAQ,EAAE,MAAM,CAAC;YAChE,CAAC,CAAC,kBAAkB,CAAC,QAAQ,CAAC,MAAM;YACpC,CAAC,CAAC,aAAa,CAAA;QACjB,MAAM,eAAe,GAAwB,oBAAoB,CAAC,MAAM,EAAE;YACxE,QAAQ;YACR,OAAO;YACP,QAAQ,EAAE,MAAM;YAChB,MAAM;YACN,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;SAChD,CAAC,CAAA;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,iBAAiB,CAAC;YAC/D,eAAe;YACf,eAAe,EAAE,WAAW;YAC5B,SAAS;SACV,CAAC,CAAA;QAEF,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAA;QACnD,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,iBAAiB,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,CAAA;IACzE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAChB,KAAU,EACV,UAAmD,EAAE,EACrD,OAA2B,EAC3B,UAAkB,EAClB,IAAY,EACZ,IAAoC,EACpC,UAAe;QAEf,MAAM,UAAU,GAAG,eAAe,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAA;QAE1E,MAAM,UAAU,GAAG,IAAI,CAAC,4BAA4B,CAAC,KAAK,CAAC,CAAA;QAC3D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,MAAM,IAAI,CAAC,yBAAyB,CACxC,OAAO,EACP,UAAU,EACV,yBAAyB,EACzB,OAAO,CAAC,MAAM,CACf,CAAA;QACH,CAAC;QAED,OAAO,IAAI,CAAC,kBAAkB,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,UAAU,CAAC;YACpC,UAAU;YACV,OAAO,EAAE,IAAI,CAAC,uBAAuB,EAAE;YACvC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE;YAClC,OAAO;YACP,cAAc,EAAE,OAAO,CAAC,MAAM;SAC/B,CAAC,CAAA;IACJ,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,gBAAgB,CACpB,KAAU,EACV,UAAmD,EAAE,EACrD,OAA2B,EAC3B,UAAkB,EAClB,MAAc;QAEd,MAAM,UAAU,GAAG,mBAAmB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAA;QAE1D,MAAM,UAAU,GAAG,IAAI,CAAC,4BAA4B,CAAC,KAAK,CAAC,CAAA;QAC3D,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,MAAM,IAAI,CAAC,yBAAyB,CACxC,OAAO,EACP,UAAU,EACV,yBAAyB,EACzB,OAAO,CAAC,MAAM,CACf,CAAA;QACH,CAAC;QAED,OAAO,IAAI,CAAC,kBAAkB,CAAC;YAC7B,WAAW,EAAE,WAAW,CAAC,UAAU,CAAC;YACpC,UAAU;YACV,OAAO,EAAE,IAAI,CAAC,uBAAuB,EAAE;YACvC,SAAS,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE;YAClC,OAAO;YACP,cAAc,EAAE,OAAO,CAAC,MAAM;SAC/B,CAAC,CAAA;IACJ,CAAC;CACF","sourcesContent":["/**\n * Authentication handler for MCP paywall using X402 tokens\n */\nimport type { Payments } from '../../payments.js'\nimport { decodeAccessToken } from '../../utils.js'\nimport { getCurrentRequestContext } from '../http/mcp-handler.js'\nimport { AuthResult } from '../types/paywall.types.js'\nimport { PaymentRequiredError } from '../utils/errors.js'\nimport { Address, isValidScheme } from '../../common/types.js'\nimport { buildLogicalMetaUrl, buildLogicalUrl } from '../utils/logical-url.js'\nimport { extractAuthHeader, stripBearer } from '../utils/request.js'\nimport {\n buildPaymentRequired,\n buildPaymentRequiredForPlans,\n type X402PaymentRequired,\n} from '../../x402/facilitator-api.js'\n\ninterface VerifyContext {\n accessToken: string\n logicalUrl: string\n httpUrl: string | undefined\n maxAmount: bigint\n agentId?: string\n planIdOverride?: string\n}\n\n/**\n * Handles authentication and authorization for MCP requests\n */\nexport class PaywallAuthenticator {\n constructor(private payments: Payments) {}\n\n /**\n * Extract authorization header from extra context or AsyncLocalStorage.\n * Tries SDK's extra context first, then falls back to HTTP request context.\n *\n * @param extra - MCP extra context from SDK\n * @returns Authorization header value or undefined\n */\n private extractAuthHeaderFromContext(extra: any): string | undefined {\n // Try to extract auth header from SDK's extra context first\n let authHeader = extractAuthHeader(extra)\n\n if (!authHeader) {\n const requestContext = getCurrentRequestContext()\n if (requestContext?.headers) {\n // Build an extra-like object for extractAuthHeader\n authHeader = extractAuthHeader({ requestInfo: { headers: requestContext.headers } })\n }\n }\n\n return authHeader\n }\n\n /**\n * Build HTTP endpoint URL from request context.\n *\n * @returns HTTP endpoint URL or undefined if context is not available\n */\n private buildHttpUrlFromContext(): string | undefined {\n const requestContext = getCurrentRequestContext()\n if (!requestContext) {\n return undefined\n }\n\n try {\n const host = requestContext.headers?.['host'] || requestContext.headers?.['x-forwarded-host']\n if (!host || typeof host !== 'string') {\n return undefined\n }\n\n const protocol = requestContext.headers?.['x-forwarded-proto'] || 'http'\n const baseUrl = `${protocol}://${host}`\n\n // Use requestContext.url if available (e.g., '/mcp'), otherwise default to '/mcp'\n const path = requestContext.url || '/mcp'\n return `${baseUrl}${path}`\n } catch {\n return undefined\n }\n }\n\n /**\n * Core verification logic shared by authenticate and authenticateMeta.\n * Tries logical URL first, falls back to HTTP URL if available.\n */\n private async verifyWithFallback(ctx: VerifyContext): Promise<AuthResult> {\n const { accessToken, logicalUrl, httpUrl, maxAmount, agentId, planIdOverride } = ctx\n\n // Try logical URL first\n try {\n const result = await this.verifyWithEndpoint(\n accessToken,\n logicalUrl,\n agentId,\n maxAmount,\n planIdOverride,\n )\n return {\n token: accessToken,\n agentId,\n logicalUrl,\n httpUrl,\n planId: result.planId,\n subscriberAddress: result.subscriberAddress,\n agentRequest: result.agentRequest,\n }\n } catch {\n // If logical URL fails and we have an HTTP URL, try that\n }\n\n if (httpUrl) {\n try {\n const result = await this.verifyWithEndpoint(\n accessToken,\n httpUrl,\n agentId,\n maxAmount,\n planIdOverride,\n )\n return {\n token: accessToken,\n agentId,\n logicalUrl,\n httpUrl,\n planId: result.planId,\n subscriberAddress: result.subscriberAddress,\n agentRequest: result.agentRequest,\n }\n } catch {\n // HTTP fallback also failed\n }\n }\n\n // Both attempts failed — surface a spec-shaped PaymentRequired error\n // (converted in-band to a tool-result error for tools; propagates as a\n // JSON-RPC error for resources/prompts).\n throw await this.buildPaymentRequiredError(agentId, logicalUrl, 'Payment required.', planIdOverride)\n }\n\n /**\n * Build a spec-shaped {@link PaymentRequiredError} from the agent's plans.\n *\n * Fetches the agent's plans (best-effort) to populate the `accepts` array of\n * the `PaymentRequired` object and a human-readable list of plan names in the\n * error message. Falls back to an empty plan id when no plans can be resolved\n * so the structured shape is still valid.\n *\n * @param agentId - Agent identifier used to look up purchasable plans.\n * @param endpoint - Logical resource URL placed in `PaymentRequired.resource`.\n * @param message - Leading human-readable message (e.g. \"Authorization required.\").\n * @returns A `PaymentRequiredError` carrying the `PaymentRequired` object.\n */\n private async buildPaymentRequiredError(\n agentId: string | undefined,\n endpoint: string,\n message = 'Payment required.',\n fallbackPlanId?: string,\n ): Promise<PaymentRequiredError> {\n const planIds: string[] = []\n const names: string[] = []\n let plansLookupFailed = false\n // Only look up the agent's plans when an agentId is configured. Under the\n // plan-centric model agentId is optional, so we advertise the configured\n // plan directly (below) instead of requiring an agent lookup.\n if (agentId) {\n try {\n const plans = await this.payments.agents.getAgentPlans(agentId)\n if (plans && Array.isArray(plans.plans)) {\n for (const p of plans.plans) {\n const pid = p.planId || p.id\n if (pid) planIds.push(pid)\n if (pid) names.push(`${pid}${p.name ? ` (${p.name})` : ''}`)\n }\n }\n } catch (error) {\n // Best-effort: a backend failure must not look like a clean \"unpaid\".\n plansLookupFailed = true\n console.error(\n `[x402] Failed to fetch agent plans while building payment-required (agentId=${agentId}): ${\n error instanceof Error ? error.message : String(error)\n }`,\n )\n }\n }\n\n // Plan-centric fallback: advertise the configured plan when no plans were\n // resolved via the agent (or no agentId was provided).\n if (planIds.length === 0 && fallbackPlanId) {\n planIds.push(fallbackPlanId)\n }\n\n const plansMsg = names.length > 0 ? ` Available plans: ${names.slice(0, 3).join(', ')}...` : ''\n\n const paymentRequired = buildPaymentRequiredForPlans(planIds, {\n endpoint,\n agentId,\n httpVerb: 'POST',\n environment: this.payments.getEnvironmentName(),\n }) as X402PaymentRequired & { error?: string }\n // When the plans lookup itself failed (backend outage) the `accepts` array\n // falls back to an empty plan id; flag it so a client can't mistake the\n // resulting payment-required for a clean \"free / no plan needed\" response.\n paymentRequired.error = plansLookupFailed ? 'plans unavailable' : 'payment required'\n\n return new PaymentRequiredError(paymentRequired, `${message}${plansMsg}`)\n }\n\n /**\n * Verify permissions against a single endpoint URL.\n * Resolves planId from the token or from the agent's plans as fallback.\n */\n private async verifyWithEndpoint(\n accessToken: string,\n endpoint: string,\n agentId: string | undefined,\n maxAmount: bigint,\n planIdOverride?: string,\n ): Promise<{ planId: string; subscriberAddress: Address; agentRequest?: any }> {\n const decodedAccessToken = decodeAccessToken(accessToken)\n if (!decodedAccessToken) {\n throw new Error('Invalid access token')\n }\n\n let planId = planIdOverride ?? decodedAccessToken.accepted?.planId\n const subscriberAddress = decodedAccessToken.payload?.authorization?.from\n\n // If planId is not available, try to get it from the agent's plans\n // (only possible when an agentId is configured).\n if (!planId && agentId) {\n try {\n const agentPlans = await this.payments.agents.getAgentPlans(agentId)\n if (agentPlans && Array.isArray(agentPlans.plans) && agentPlans.plans.length > 0) {\n planId = agentPlans.plans[0].planId || agentPlans.plans[0].id\n }\n } catch {\n // Ignore errors fetching plans\n }\n }\n\n if (!planId || !subscriberAddress) {\n throw new Error(\n 'Cannot determine plan_id or subscriber_address from token (expected accepted.planId and payload.authorization.from)',\n )\n }\n\n const scheme = isValidScheme(decodedAccessToken?.accepted?.scheme)\n ? decodedAccessToken.accepted.scheme\n : 'nvm:erc4337'\n const paymentRequired: X402PaymentRequired = buildPaymentRequired(planId, {\n endpoint,\n agentId,\n httpVerb: 'POST',\n scheme,\n environment: this.payments.getEnvironmentName(),\n })\n\n const result = await this.payments.facilitator.verifyPermissions({\n paymentRequired,\n x402AccessToken: accessToken,\n maxAmount,\n })\n\n if (!result.isValid) {\n throw new Error('Permission verification failed')\n }\n\n return { planId, subscriberAddress, agentRequest: result.agentRequest }\n }\n\n /**\n * Authenticate an MCP request\n */\n async authenticate(\n extra: any,\n options: { planId?: string; maxAmount?: bigint } = {},\n agentId: string | undefined,\n serverName: string,\n name: string,\n kind: 'tool' | 'resource' | 'prompt',\n argsOrVars: any,\n ): Promise<AuthResult> {\n const logicalUrl = buildLogicalUrl({ kind, serverName, name, argsOrVars })\n\n const authHeader = this.extractAuthHeaderFromContext(extra)\n if (!authHeader) {\n throw await this.buildPaymentRequiredError(\n agentId,\n logicalUrl,\n 'Authorization required.',\n options.planId,\n )\n }\n\n return this.verifyWithFallback({\n accessToken: stripBearer(authHeader),\n logicalUrl,\n httpUrl: this.buildHttpUrlFromContext(),\n maxAmount: options.maxAmount ?? 1n,\n agentId,\n planIdOverride: options.planId,\n })\n }\n\n /**\n * Authenticate generic MCP meta operations (e.g., initialize, tools/list, resources/list, prompts/list).\n * Returns an AuthResult compatible with paywall flows (without redeem step).\n */\n async authenticateMeta(\n extra: any,\n options: { planId?: string; maxAmount?: bigint } = {},\n agentId: string | undefined,\n serverName: string,\n method: string,\n ): Promise<AuthResult> {\n const logicalUrl = buildLogicalMetaUrl(serverName, method)\n\n const authHeader = this.extractAuthHeaderFromContext(extra)\n if (!authHeader) {\n throw await this.buildPaymentRequiredError(\n agentId,\n logicalUrl,\n 'Authorization required.',\n options.planId,\n )\n }\n\n return this.verifyWithFallback({\n accessToken: stripBearer(authHeader),\n logicalUrl,\n httpUrl: this.buildHttpUrlFromContext(),\n maxAmount: options.maxAmount ?? 1n,\n agentId,\n planIdOverride: options.planId,\n })\n }\n}\n"]}
package/dist/mcp/core/paywall.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"paywall.d.ts","sourceRoot":"","sources":["../../../src/mcp/core/paywall.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAQjD,OAAO,EAEL,SAAS,EAET,aAAa,EACb,eAAe,EACf,WAAW,EACZ,MAAM,2BAA2B,CAAA;AAalC,OAAO,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAM7D;;GAEG;AACH,qBAAa,gBAAgB;IAQzB,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,aAAa;IACrB,OAAO,CAAC,cAAc;IARxB,OAAO,CAAC,MAAM,CAGb;gBAGS,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,oBAAoB,EACnC,cAAc,EAAE,sBAAsB;IAGhD;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,SAAS,GAAG,IAAI;IAOnC;;OAEG;IAEH,OAAO,CAAC,KAAK,GAAG,GAAG,EACjB,OAAO,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,EACzD,OAAO,EAAE,WAAW,GAAG,aAAa,GACnC,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;IAC7C,OAAO,CACL,OAAO,EAAE,CACP,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAC5C,KAAK,CAAC,EAAE,GAAG,KACR,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,EACvB,OAAO,EAAE,eAAe,GACvB,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;IAKxF;;OAEG;IACH,OAAO,CAAC,oBAAoB;IA0K5B;;;;OAIG;IACH,OAAO,CAAC,4BAA4B;IAYpC;;OAEG;YACW,aAAa;CAyE5B"}
1
+ {"version":3,"file":"paywall.d.ts","sourceRoot":"","sources":["../../../src/mcp/core/paywall.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAQjD,OAAO,EAEL,SAAS,EAET,aAAa,EACb,eAAe,EACf,WAAW,EACZ,MAAM,2BAA2B,CAAA;AAalC,OAAO,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAM7D;;GAEG;AACH,qBAAa,gBAAgB;IAQzB,OAAO,CAAC,QAAQ;IAChB,OAAO,CAAC,aAAa;IACrB,OAAO,CAAC,cAAc;IARxB,OAAO,CAAC,MAAM,CAGb;gBAGS,QAAQ,EAAE,QAAQ,EAClB,aAAa,EAAE,oBAAoB,EACnC,cAAc,EAAE,sBAAsB;IAGhD;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,SAAS,GAAG,IAAI;IAQnC;;OAEG;IAEH,OAAO,CAAC,KAAK,GAAG,GAAG,EACjB,OAAO,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,EACzD,OAAO,EAAE,WAAW,GAAG,aAAa,GACnC,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;IAC7C,OAAO,CACL,OAAO,EAAE,CACP,GAAG,EAAE,GAAG,EACR,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAC5C,KAAK,CAAC,EAAE,GAAG,KACR,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,EACvB,OAAO,EAAE,eAAe,GACvB,CAAC,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,EAAE,KAAK,CAAC,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC;IAKxF;;OAEG;IACH,OAAO,CAAC,oBAAoB;IA6K5B;;;;OAIG;IACH,OAAO,CAAC,4BAA4B;IAYpC;;OAEG;YACW,aAAa;CAyE5B"}
package/dist/mcp/core/paywall.js CHANGED
@@ -19,7 +19,7 @@ export class PaywallDecorator {
19
19
  this.creditsContext = creditsContext;
20
20
  // Internal config ensures serverName is always a concrete string
21
21
  this.config = {
22
- agentId: '',
22
+ planId: '',
23
23
  serverName: 'mcp-server',
24
24
  };
25
25
  }
@@ -28,7 +28,8 @@ export class PaywallDecorator {
28
28
  */
29
29
  configure(options) {
30
30
  this.config = {
31
- agentId: options.agentId || this.config.agentId,
31
+ planId: options.planId || this.config.planId,
32
+ agentId: options.agentId ?? this.config.agentId,
32
33
  serverName: options.serverName ?? this.config.serverName,
33
34
  };
34
35
  }
@@ -40,9 +41,12 @@ export class PaywallDecorator {
40
41
  */
41
42
  createWrappedHandler(handler, options) {
42
43
  return async (...allArgs) => {
43
- // Validate configuration
44
- if (!this.config.agentId) {
45
- throw createRpcError(ERROR_CODES.Misconfiguration, 'Server misconfiguration: missing agentId');
44
+ // Validate configuration: a planId must be resolvable (per-tool option or
45
+ // server-level config). agentId is optional under the plan-centric model
46
+ // (the facilitator resolves everything from planId + token).
47
+ const configuredPlanId = options?.planId ?? this.config.planId;
48
+ if (!configuredPlanId) {
49
+ throw createRpcError(ERROR_CODES.Misconfiguration, 'Server misconfiguration: missing planId');
46
50
  }
47
51
  const kind = options?.kind ?? 'tool';
48
52
  const name = options?.name ?? 'unnamed';
@@ -73,7 +77,7 @@ export class PaywallDecorator {
73
77
  'Authorization header (deprecated under the x402 v2 MCP transport).');
74
78
  }
75
79
  // 1. Authenticate request
76
- const authResult = await this.authenticator.authenticate(authExtra, { planId: options?.planId, maxAmount: options?.maxAmount }, this.config.agentId, this.config.serverName, name, kind, argsOrVars);
80
+ const authResult = await this.authenticator.authenticate(authExtra, { planId: configuredPlanId, maxAmount: options?.maxAmount }, this.config.agentId, this.config.serverName, name, kind, argsOrVars);
77
81
  // 2. Pre-calculate credits if they are fixed (not a function)
78
82
  // This allows handlers to access credits during execution
79
83
  const creditsOption = options?.credits;
package/dist/mcp/core/paywall.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"paywall.js","sourceRoot":"","sources":["../../../src/mcp/core/paywall.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAW,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAE9D,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACrE,OAAO,EACL,oBAAoB,EACpB,4BAA4B,GAG7B,MAAM,+BAA+B,CAAA;AAStC,OAAO,EACL,WAAW,EACX,oBAAoB,EACpB,qBAAqB,EACrB,cAAc,GACf,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EACL,2BAA2B,EAC3B,8BAA8B,EAC9B,qBAAqB,EACrB,kBAAkB,GACnB,MAAM,kBAAkB,CAAA;AAIzB,+EAA+E;AAC/E,6EAA6E;AAC7E,IAAI,2BAA2B,GAAG,KAAK,CAAA;AAEvC;;GAEG;AACH,MAAM,OAAO,gBAAgB;IAO3B,YACU,QAAkB,EAClB,aAAmC,EACnC,cAAsC;QAFtC,aAAQ,GAAR,QAAQ,CAAU;QAClB,kBAAa,GAAb,aAAa,CAAsB;QACnC,mBAAc,GAAd,cAAc,CAAwB;QAThD,iEAAiE;QACzD,WAAM,GAA4C;YACxD,OAAO,EAAE,EAAE;YACX,UAAU,EAAE,YAAY;SACzB,CAAA;IAME,CAAC;IAEJ;;OAEG;IACH,SAAS,CAAC,OAAkB;QAC1B,IAAI,CAAC,MAAM,GAAG;YACZ,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO;YAC/C,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU;SACzD,CAAA;IACH,CAAC;IAkBD,OAAO,CAAC,OAAY,EAAE,OAAuB;QAC3C,OAAO,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IACpD,CAAC;IAED;;OAEG;IACK,oBAAoB,CAC1B,OAAyD,EACzD,OAAuB;QAEvB,OAAO,KAAK,EAAE,GAAG,OAAc,EAAgB,EAAE;YAC/C,yBAAyB;YACzB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACzB,MAAM,cAAc,CAClB,WAAW,CAAC,gBAAgB,EAC5B,0CAA0C,CAC3C,CAAA;YACH,CAAC;YAED,MAAM,IAAI,GAAG,OAAO,EAAE,IAAI,IAAI,MAAM,CAAA;YACpC,MAAM,IAAI,GAAG,OAAO,EAAE,IAAI,IAAI,SAAS,CAAA;YAEvC,qDAAqD;YACrD,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,YAAY,GAAG,CAAA;YACnE,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAClD,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAEvD,IAAI,CAAC;gBACH,iEAAiE;gBACjE,mEAAmE;gBACnE,oEAAoE;gBACpE,wEAAwE;gBACxE,iEAAiE;gBACjE,uEAAuE;gBACvE,uCAAuC;gBACvC,MAAM,cAAc,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAA;gBAChD,IAAI,SAAS,GAAG,KAAK,CAAA;gBACrB,IAAI,cAAc,EAAE,CAAC;oBACnB,MAAM,KAAK,GAAG,iBAAiB,CAAC,cAAc,CAAC,CAAA;oBAC/C,iEAAiE;oBACjE,sEAAsE;oBACtE,2EAA2E;oBAC3E,SAAS,GAAG,EAAE,WAAW,EAAE,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE,EAAE,EAAE,CAAA;gBAChF,CAAC;qBAAM,IAAI,CAAC,2BAA2B,EAAE,CAAC;oBACxC,2BAA2B,GAAG,IAAI,CAAA;oBAClC,OAAO,CAAC,IAAI,CACV,0EAA0E;wBACxE,oEAAoE,CACvE,CAAA;gBACH,CAAC;gBAED,0BAA0B;gBAC1B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,YAAY,CACtD,SAAS,EACT,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,EAC1D,IAAI,CAAC,MAAM,CAAC,OAAO,EACnB,IAAI,CAAC,MAAM,CAAC,UAAU,EACtB,IAAI,EACJ,IAAI,EACJ,UAAU,CACX,CAAA;gBAED,8DAA8D;gBAC9D,0DAA0D;gBAC1D,MAAM,aAAa,GAAG,OAAO,EAAE,OAAO,CAAA;gBACtC,MAAM,cAAc,GAAG,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,KAAK,SAAS,CAAA;gBACvF,MAAM,oBAAoB,GAAG,cAAc;oBACzC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,CAAC;oBAC1E,CAAC,CAAC,SAAS,CAAA;gBAEb,4EAA4E;gBAC5E,MAAM,eAAe,GAAG,OAAO,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAA;gBAE5D,sFAAsF;gBACtF,MAAM,cAAc,GAAG;oBACrB,UAAU;oBACV,OAAO,EAAE,oBAAoB;oBAC7B,MAAM,EAAE,UAAU,CAAC,MAAM;oBACzB,iBAAiB,EAAE,UAAU,CAAC,iBAAiB;oBAC/C,YAAY,EAAE,UAAU,CAAC,YAAY;iBACtC,CAAA;gBAED,2CAA2C;gBAC3C,MAAM,MAAM,GAAG,MAAO,OAAe,CAAC,GAAG,OAAO,EAAE,cAAc,CAAC,CAAA;gBAEjE,6EAA6E;gBAC7E,MAAM,OAAO,GAAG,cAAc;oBAC5B,CAAC,CAAC,CAAC,oBAAoB,IAAI,EAAE,CAAC;oBAC9B,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC,CAAA;gBAE9E,6CAA6C;gBAC7C,cAAc,CAAC,OAAO,GAAG,OAAO,CAAA;gBAEhC,sEAAsE;gBACtE,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC5B,MAAM,SAAS,GAAG,KAAK,IAAI,EAAE;wBAC3B,OAAO,MAAM,IAAI,CAAC,aAAa,CAC7B,eAAe,EACf,UAAU,CAAC,KAAK,EAChB,UAAU,CAAC,iBAAiB,EAC5B,OAAO,EACP,OAAO,EACP,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,UAAU,EACrB,UAAU,CAAC,OAAO,EAClB,MAAM,CACP,CAAA;oBACH,CAAC,CAAA;oBACD,OAAO,iBAAiB,CACtB,MAAM,EACN,SAAS,EACT,eAAe,EACf,UAAU,CAAC,iBAAiB,EAC5B,OAAO,CACR,CAAA;gBACH,CAAC;gBAED,uCAAuC;gBACvC,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,aAAa,CAC5C,eAAe,EACf,UAAU,CAAC,KAAK,EAChB,UAAU,CAAC,iBAAiB,EAC5B,OAAO,EACP,OAAO,EACP,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,UAAU;gBACrB,0EAA0E;gBAC1E,qCAAqC;gBACrC,UAAU,CAAC,OAAO,EAClB,MAAM,CACP,CAAA;gBAED,iEAAiE;gBACjE,sEAAsE;gBACtE,oEAAoE;gBACpE,qEAAqE;gBACrE,2EAA2E;gBAC3E,IAAI,aAAa,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;oBAC5C,OAAO,CAAC,KAAK,CACX,mFAAmF,aAAa,CAAC,WAAW,EAAE,CAC/G,CAAA;oBACD,MAAM,IAAI,qBAAqB,CAAC,IAAI,CAAC,4BAA4B,CAAC,UAAU,CAAC,CAAC,CAAA;gBAChF,CAAC;gBAED,uEAAuE;gBACvE,wEAAwE;gBACxE,yEAAyE;gBACzE,mEAAmE;gBACnE,MAAM,CAAC,KAAK,GAAG;oBACb,GAAG,MAAM,CAAC,KAAK;oBACf,GAAG,CAAC,aAAa,IAAI,EAAE,CAAC,8BAA8B,CAAC,EAAE,aAAa,EAAE,CAAC;oBACzE,CAAC,2BAA2B,CAAC,EAAE;wBAC7B,GAAG,CAAC,aAAa,EAAE,WAAW,IAAI,EAAE,MAAM,EAAE,aAAa,CAAC,WAAW,EAAE,CAAC;wBACxE,eAAe,EAAE,aAAa,EAAE,OAAO;4BACrC,CAAC,CAAC,CAAC,aAAa,CAAC,eAAe,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;4BACvD,CAAC,CAAC,GAAG;wBACP,gBAAgB,EAAE,aAAa,EAAE,gBAAgB;wBACjD,MAAM,EAAE,UAAU,CAAC,MAAM;wBACzB,iBAAiB,EAAE,UAAU,CAAC,iBAAiB;wBAC/C,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;qBACtD;iBACF,CAAA;gBACD,OAAO,MAAM,CAAA;YACf,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,qEAAqE;gBACrE,oEAAoE;gBACpE,qEAAqE;gBACrE,gDAAgD;gBAChD,IAAI,KAAK,YAAY,oBAAoB,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;oBAC7D,OAAO,qBAAqB,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;gBACrD,CAAC;gBACD,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC,CAAA;IACH,CAAC;IAED;;;;OAIG;IACK,4BAA4B,CAAC,UAAsB;QACzD,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,IAAI,EAAE,CAAA;QACtC,MAAM,eAAe,GAAG,4BAA4B,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE;YAC7E,QAAQ,EAAE,UAAU,CAAC,UAAU,IAAI,UAAU,CAAC,OAAO;YACrD,OAAO,EAAE,UAAU,CAAC,OAAO;YAC3B,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;SAChD,CAA6C,CAAA;QAC9C,eAAe,CAAC,KAAK,GAAG,mBAAmB,CAAA;QAC3C,OAAO,eAAe,CAAA;IACxB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa,CACzB,MAAc,EACd,KAAa,EACb,iBAA0B,EAC1B,OAAe,EACf,OAAuB,EACvB,OAAgB,EAChB,QAAiB,EACjB,gBAAyB,EACzB,QAAiB;QAEjB,wEAAwE;QACxE,+EAA+E;QAC/E,IAAI,CAAC,CAAC,OAAO,IAAI,OAAO,GAAG,EAAE,IAAI,iBAAiB,IAAI,MAAM,CAAC,EAAE,CAAC;YAC9D,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,OAAO,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAA;QACxC,MAAM,MAAM,GAAG,aAAa,CAAC,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC;YACrD,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM;YACzB,CAAC,CAAC,aAAa,CAAA;QACjB,IAAI,CAAC;YACH,MAAM,eAAe,GAAwB,oBAAoB,CAAC,MAAM,EAAE;gBACxE,QAAQ,EAAE,QAAQ,IAAI,EAAE;gBACxB,OAAO;gBACP,QAAQ;gBACR,MAAM;gBACN,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;aAChD,CAAC,CAAA;YAEF,OAAO,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,iBAAiB,CAAC;gBACvD,eAAe;gBACf,eAAe,EAAE,KAAK;gBACtB,SAAS,EAAE,OAAO;aACnB,CAAC,CAAA;QACJ,CAAC;QAAC,OAAO,YAAY,EAAE,CAAC;YACtB,uEAAuE;YACvE,IAAI,SAAS,GAAY,YAAY,CAAA;YACrC,IAAI,gBAAgB,EAAE,CAAC;gBACrB,IAAI,CAAC;oBACH,MAAM,eAAe,GAAwB,oBAAoB,CAAC,MAAM,EAAE;wBACxE,QAAQ,EAAE,gBAAgB;wBAC1B,OAAO;wBACP,QAAQ;wBACR,MAAM;wBACN,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;qBAChD,CAAC,CAAA;oBAEF,OAAO,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,iBAAiB,CAAC;wBACvD,eAAe;wBACf,eAAe,EAAE,KAAK;wBACtB,SAAS,EAAE,OAAO;qBACnB,CAAC,CAAA;gBACJ,CAAC;gBAAC,OAAO,aAAa,EAAE,CAAC;oBACvB,iEAAiE;oBACjE,SAAS,GAAG,aAAa,CAAA;gBAC3B,CAAC;YACH,CAAC;YAED,MAAM,WAAW,GAAG,SAAS,YAAY,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;YACtF,OAAO,CAAC,KAAK,CAAC,yBAAyB,WAAW,EAAE,CAAC,CAAA;YACrD,IAAI,OAAO,CAAC,aAAa,KAAK,WAAW,EAAE,CAAC;gBAC1C,MAAM,cAAc,CAClB,WAAW,CAAC,gBAAgB,EAC5B,6BAA6B,WAAW,EAAE,CAC3C,CAAA;YACH,CAAC;YACD,0EAA0E;YAC1E,uEAAuE;YACvE,oCAAoC;YACpC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,WAAW,EAAE,CAAA;QACtE,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,SAAS,eAAe,CAAc,KAAU;IAC9C,OAAO,KAAK,IAAI,IAAI,IAAI,OAAO,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,UAAU,CAAA;AAC3E,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,QAA0B,EAC1B,SAA6B,EAC7B,MAAc,EACd,iBAA0B,EAC1B,OAAe;IAEf,KAAK,SAAS,CAAC,CAAC,SAAS;QACvB,IAAI,aAAa,GAAQ,IAAI,CAAA;QAC7B,IAAI,CAAC;YACH,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;gBACnC,MAAM,KAAU,CAAA;YAClB,CAAC;QACH,CAAC;gBAAS,CAAC;YACT,aAAa,GAAG,MAAM,SAAS,EAAE,CAAA;QACnC,CAAC;QAED,6DAA6D;QAC7D,4EAA4E;QAC5E,6EAA6E;QAC7E,4EAA4E;QAC5E,6EAA6E;QAC7E,0BAA0B;QAC1B,MAAM,UAAU,GAAG,aAAa,IAAI,SAAS,CAAA;QAC7C,MAAM,aAAa,GAAG;YACpB,KAAK,EAAE;gBACL,gDAAgD;gBAChD,GAAG,CAAC,UAAU,EAAE,OAAO,IAAI,EAAE,CAAC,8BAA8B,CAAC,EAAE,UAAU,EAAE,CAAC;gBAC5E,mEAAmE;gBACnE,CAAC,2BAA2B,CAAC,EAAE;oBAC7B,GAAG,CAAC,UAAU,EAAE,WAAW,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,WAAW,EAAE,CAAC;oBAClE,eAAe,EAAE,UAAU,EAAE,OAAO;wBAClC,CAAC,CAAC,CAAC,UAAU,CAAC,eAAe,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;wBACpD,CAAC,CAAC,GAAG;oBACP,gBAAgB,EAAE,UAAU,EAAE,gBAAgB;oBAC9C,MAAM;oBACN,iBAAiB;oBACjB,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;oBAC/C,GAAG,CAAC,UAAU,EAAE,WAAW,IAAI,EAAE,WAAW,EAAE,UAAU,CAAC,WAAW,EAAE,CAAC;iBACxE;aACF;SACF,CAAA;QACD,MAAM,aAAkB,CAAA;IAC1B,CAAC;IACD,OAAO,SAAS,EAAE,CAAA;AACpB,CAAC","sourcesContent":["/**\n * Main paywall decorator for MCP handlers (tools, resources, prompts)\n */\nimport { Address, isValidScheme } from '../../common/types.js'\nimport type { Payments } from '../../payments.js'\nimport { decodeAccessToken, encodeAccessToken } from '../../utils.js'\nimport {\n buildPaymentRequired,\n buildPaymentRequiredForPlans,\n type SettlePermissionsResult,\n type X402PaymentRequired,\n} from '../../x402/facilitator-api.js'\nimport {\n AuthResult,\n McpConfig,\n PaywallOptions,\n PromptOptions,\n ResourceOptions,\n ToolOptions,\n} from '../types/paywall.types.js'\nimport {\n ERROR_CODES,\n PaymentRequiredError,\n SettlementFailedError,\n createRpcError,\n} from '../utils/errors.js'\nimport {\n NEVERMINED_CREDITS_META_KEY,\n X402_PAYMENT_RESPONSE_META_KEY,\n paymentRequiredResult,\n readPaymentPayload,\n} from '../utils/meta.js'\nimport { PaywallAuthenticator } from './auth.js'\nimport { CreditsContextProvider } from './credits-context.js'\n\n// Emit the Authorization-header deprecation notice at most once per process to\n// avoid log spam on high-traffic servers still using the legacy header path.\nlet authHeaderDeprecationWarned = false\n\n/**\n * Main class for creating paywall-protected MCP handlers\n */\nexport class PaywallDecorator {\n // Internal config ensures serverName is always a concrete string\n private config: { agentId: string; serverName: string } = {\n agentId: '',\n serverName: 'mcp-server',\n }\n\n constructor(\n private payments: Payments,\n private authenticator: PaywallAuthenticator,\n private creditsContext: CreditsContextProvider,\n ) {}\n\n /**\n * Configure the paywall with agent and server information\n */\n configure(options: McpConfig): void {\n this.config = {\n agentId: options.agentId || this.config.agentId,\n serverName: options.serverName ?? this.config.serverName,\n }\n }\n\n /**\n * Create a paywall-protected handler (uncurried version only)\n */\n // Overloads per kind for stronger typing\n protect<TArgs = any>(\n handler: (args: TArgs, extra?: any) => Promise<any> | any,\n options: ToolOptions | PromptOptions,\n ): (args: TArgs, extra?: any) => Promise<any>\n protect(\n handler: (\n uri: URL,\n variables: Record<string, string | string[]>,\n extra?: any,\n ) => Promise<any> | any,\n options: ResourceOptions,\n ): (uri: URL, variables: Record<string, string | string[]>, extra?: any) => Promise<any>\n protect(handler: any, options: PaywallOptions): any {\n return this.createWrappedHandler(handler, options)\n }\n\n /**\n * Internal method to create the wrapped handler\n */\n private createWrappedHandler<TArgs = any>(\n handler: (args: TArgs, extra?: any) => Promise<any> | any,\n options: PaywallOptions,\n ): (...allArgs: any[]) => Promise<any> {\n return async (...allArgs: any[]): Promise<any> => {\n // Validate configuration\n if (!this.config.agentId) {\n throw createRpcError(\n ERROR_CODES.Misconfiguration,\n 'Server misconfiguration: missing agentId',\n )\n }\n\n const kind = options?.kind ?? 'tool'\n const name = options?.name ?? 'unnamed'\n\n // Detect resource signature: (url, variables, extra)\n const isResource = allArgs.length >= 2 && allArgs[0] instanceof URL\n const extra = isResource ? allArgs[2] : allArgs[1]\n const argsOrVars = isResource ? allArgs[1] : allArgs[0]\n\n try {\n // x402 v2 MCP transport: prefer the in-band payment payload from\n // params._meta[\"x402/payment\"]. Re-encode it into the access token\n // string the verify/settle path expects and present it via the same\n // extra/headers shape the auth flow reads, so the in-band payload takes\n // precedence over the Authorization header (kept as a deprecated\n // fallback when the in-band payload is absent). The RAW extra is still\n // forwarded to the user handler below.\n const paymentPayload = readPaymentPayload(extra)\n let authExtra = extra\n if (paymentPayload) {\n const token = encodeAccessToken(paymentPayload)\n // Synthesize an auth-only extra carrying the in-band token. This\n // intentionally drops the rest of `extra` for the AUTH call only; the\n // RAW `extra` (with `_meta`) is still forwarded to the user handler below.\n authExtra = { requestInfo: { headers: { authorization: `Bearer ${token}` } } }\n } else if (!authHeaderDeprecationWarned) {\n authHeaderDeprecationWarned = true\n console.warn(\n '[x402] No _meta[\"x402/payment\"] on the MCP request; falling back to the ' +\n 'Authorization header (deprecated under the x402 v2 MCP transport).',\n )\n }\n\n // 1. Authenticate request\n const authResult = await this.authenticator.authenticate(\n authExtra,\n { planId: options?.planId, maxAmount: options?.maxAmount },\n this.config.agentId,\n this.config.serverName,\n name,\n kind,\n argsOrVars,\n )\n\n // 2. Pre-calculate credits if they are fixed (not a function)\n // This allows handlers to access credits during execution\n const creditsOption = options?.credits\n const isFixedCredits = typeof creditsOption === 'bigint' || creditsOption === undefined\n const preCalculatedCredits = isFixedCredits\n ? this.creditsContext.resolve(creditsOption, argsOrVars, null, authResult)\n : undefined\n\n // Determine effective planId: explicit option overrides token-derived value\n const effectivePlanId = options?.planId ?? authResult.planId\n\n // 3. Build PaywallContext for handler (with extra wrapper for backward compatibility)\n const paywallContext = {\n authResult,\n credits: preCalculatedCredits,\n planId: authResult.planId,\n subscriberAddress: authResult.subscriberAddress,\n agentRequest: authResult.agentRequest,\n }\n\n // 4. Execute original handler with context\n const result = await (handler as any)(...allArgs, paywallContext)\n\n // 5. Resolve final credits to burn (may be different if credits are dynamic)\n const credits = isFixedCredits\n ? (preCalculatedCredits ?? 1n)\n : this.creditsContext.resolve(creditsOption, argsOrVars, result, authResult)\n\n // Update context with final resolved credits\n paywallContext.credits = credits\n\n // 6. If the result is an AsyncIterable (stream), redeem on completion\n if (isAsyncIterable(result)) {\n const onFinally = async () => {\n return await this.redeemCredits(\n effectivePlanId,\n authResult.token,\n authResult.subscriberAddress,\n credits,\n options,\n authResult.agentId,\n authResult.logicalUrl,\n authResult.httpUrl,\n 'POST',\n )\n }\n return wrapAsyncIterable(\n result,\n onFinally,\n effectivePlanId,\n authResult.subscriberAddress,\n credits,\n )\n }\n\n // 7. Non-streaming: redeem immediately\n const creditsResult = await this.redeemCredits(\n effectivePlanId,\n authResult.token,\n authResult.subscriberAddress,\n credits,\n options,\n authResult.agentId,\n authResult.logicalUrl,\n // fix: pre-existing arg order — fallbackEndpoint=httpUrl, httpVerb='POST'\n // (matches the streaming site above)\n authResult.httpUrl,\n 'POST',\n )\n\n // Settlement failed AFTER the tool executed: per the x402 v2 MCP\n // transport spec, do NOT return the tool's content — surface only the\n // payment error so a paid result is never delivered without payment\n // landing. (onRedeemError \"ignore\" therefore no longer delivers paid\n // content; \"propagate\" already threw a Misconfiguration in redeemCredits.)\n if (creditsResult && !creditsResult.success) {\n console.error(\n `[x402] settlement failed after tool execution; suppressing tool content. reason=${creditsResult.errorReason}`,\n )\n throw new SettlementFailedError(this.buildPaymentRequiredFromAuth(authResult))\n }\n\n // creditsResult is undefined for free / no-credit calls (no settlement\n // performed) — in that case the spec receipt is omitted. On success the\n // full receipt goes under the spec key; Nevermined observability is kept\n // under a namespaced key so it never collides with the spec shape.\n result._meta = {\n ...result._meta,\n ...(creditsResult && { [X402_PAYMENT_RESPONSE_META_KEY]: creditsResult }),\n [NEVERMINED_CREDITS_META_KEY]: {\n ...(creditsResult?.transaction && { txHash: creditsResult.transaction }),\n creditsRedeemed: creditsResult?.success\n ? (creditsResult.creditsRedeemed ?? credits.toString())\n : '0',\n remainingBalance: creditsResult?.remainingBalance,\n planId: authResult.planId,\n subscriberAddress: authResult.subscriberAddress,\n success: creditsResult ? creditsResult.success : true,\n },\n }\n return result\n } catch (error) {\n // Payment-required (pre-execution, from auth) and settlement-failure\n // (post-execution) are surfaced in band as an error tool result for\n // tools. Resources/prompts have no tool-result error channel, so the\n // error propagates as a JSON-RPC error instead.\n if (error instanceof PaymentRequiredError && kind === 'tool') {\n return paymentRequiredResult(error.paymentRequired)\n }\n throw error\n }\n }\n }\n\n /**\n * Build a spec-shaped `PaymentRequired` dict for a settlement failure, from\n * the authenticated request context. Surfaced (with tool content suppressed)\n * when settlement fails after the tool has executed.\n */\n private buildPaymentRequiredFromAuth(authResult: AuthResult): Record<string, any> {\n const planId = authResult.planId || ''\n const paymentRequired = buildPaymentRequiredForPlans(planId ? [planId] : [''], {\n endpoint: authResult.logicalUrl || authResult.httpUrl,\n agentId: authResult.agentId,\n httpVerb: 'POST',\n environment: this.payments.getEnvironmentName(),\n }) as X402PaymentRequired & { error?: string }\n paymentRequired.error = 'settlement failed'\n return paymentRequired\n }\n\n /**\n * Redeem credits after successful request\n */\n private async redeemCredits(\n planId: string,\n token: string,\n subscriberAddress: Address,\n credits: bigint,\n options: PaywallOptions,\n agentId?: string,\n endpoint?: string,\n fallbackEndpoint?: string,\n httpVerb?: string,\n ): Promise<SettlePermissionsResult | undefined> {\n // No settlement for free / no-credit calls — signalled to the caller as\n // `undefined` so the spec receipt (_meta[\"x402/payment-response\"]) is omitted.\n if (!(credits && credits > 0n && subscriberAddress && planId)) {\n return undefined\n }\n\n const decoded = decodeAccessToken(token)\n const scheme = isValidScheme(decoded?.accepted?.scheme)\n ? decoded.accepted.scheme\n : 'nvm:erc4337'\n try {\n const paymentRequired: X402PaymentRequired = buildPaymentRequired(planId, {\n endpoint: endpoint || '',\n agentId,\n httpVerb,\n scheme,\n environment: this.payments.getEnvironmentName(),\n })\n\n return await this.payments.facilitator.settlePermissions({\n paymentRequired,\n x402AccessToken: token,\n maxAmount: credits,\n })\n } catch (primaryError) {\n // If logical URL fails and we have an HTTP URL fallback, retry with it\n let lastError: unknown = primaryError\n if (fallbackEndpoint) {\n try {\n const paymentRequired: X402PaymentRequired = buildPaymentRequired(planId, {\n endpoint: fallbackEndpoint,\n agentId,\n httpVerb,\n scheme,\n environment: this.payments.getEnvironmentName(),\n })\n\n return await this.payments.facilitator.settlePermissions({\n paymentRequired,\n x402AccessToken: token,\n maxAmount: credits,\n })\n } catch (fallbackError) {\n // Fallback also failed, use fallback error as the reported error\n lastError = fallbackError\n }\n }\n\n const errorReason = lastError instanceof Error ? lastError.message : String(lastError)\n console.error(`[x402] settle failed: ${errorReason}`)\n if (options.onRedeemError === 'propagate') {\n throw createRpcError(\n ERROR_CODES.Misconfiguration,\n `Failed to redeem credits: ${errorReason}`,\n )\n }\n // Default (\"ignore\"): return a failed result so the caller suppresses the\n // tool content and surfaces the in-band payment error (always-suppress\n // under the x402 v2 MCP transport).\n return { success: false, transaction: '', network: '', errorReason }\n }\n }\n}\n\n/**\n * Type guard to detect AsyncIterable values.\n */\nfunction isAsyncIterable<T = unknown>(value: any): value is AsyncIterable<T> {\n return value != null && typeof value[Symbol.asyncIterator] === 'function'\n}\n\n/**\n * Wrap an AsyncIterable with metadata injection at the end of the stream\n */\nfunction wrapAsyncIterable<T>(\n iterable: AsyncIterable<T>,\n onFinally: () => Promise<any>,\n planId: string,\n subscriberAddress: Address,\n credits: bigint,\n) {\n async function* generator() {\n let creditsResult: any = null\n try {\n for await (const chunk of iterable) {\n yield chunk as T\n }\n } finally {\n creditsResult = await onFinally()\n }\n\n // Yield a _meta chunk at the end with the redemption result.\n // NOTE: a stream cannot retroactively suppress already-yielded chunks, so a\n // post-execution settlement failure on a stream is only reported here in the\n // final _meta chunk (under nevermined/credits) — it cannot withhold content\n // the way a non-streaming tool result does. `creditsResult` is undefined for\n // free / no-credit calls.\n const settlement = creditsResult || undefined\n const metadataChunk = {\n _meta: {\n // Spec receipt only on a successful settlement.\n ...(settlement?.success && { [X402_PAYMENT_RESPONSE_META_KEY]: settlement }),\n // Nevermined-namespaced observability (NOT part of the x402 spec).\n [NEVERMINED_CREDITS_META_KEY]: {\n ...(settlement?.transaction && { txHash: settlement.transaction }),\n creditsRedeemed: settlement?.success\n ? (settlement.creditsRedeemed ?? credits.toString())\n : '0',\n remainingBalance: settlement?.remainingBalance,\n planId,\n subscriberAddress,\n success: settlement ? settlement.success : true,\n ...(settlement?.errorReason && { errorReason: settlement.errorReason }),\n },\n },\n }\n yield metadataChunk as T\n }\n return generator()\n}\n"]}
1
+ {"version":3,"file":"paywall.js","sourceRoot":"","sources":["../../../src/mcp/core/paywall.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAW,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAE9D,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AACrE,OAAO,EACL,oBAAoB,EACpB,4BAA4B,GAG7B,MAAM,+BAA+B,CAAA;AAStC,OAAO,EACL,WAAW,EACX,oBAAoB,EACpB,qBAAqB,EACrB,cAAc,GACf,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EACL,2BAA2B,EAC3B,8BAA8B,EAC9B,qBAAqB,EACrB,kBAAkB,GACnB,MAAM,kBAAkB,CAAA;AAIzB,+EAA+E;AAC/E,6EAA6E;AAC7E,IAAI,2BAA2B,GAAG,KAAK,CAAA;AAEvC;;GAEG;AACH,MAAM,OAAO,gBAAgB;IAO3B,YACU,QAAkB,EAClB,aAAmC,EACnC,cAAsC;QAFtC,aAAQ,GAAR,QAAQ,CAAU;QAClB,kBAAa,GAAb,aAAa,CAAsB;QACnC,mBAAc,GAAd,cAAc,CAAwB;QAThD,iEAAiE;QACzD,WAAM,GAA6D;YACzE,MAAM,EAAE,EAAE;YACV,UAAU,EAAE,YAAY;SACzB,CAAA;IAME,CAAC;IAEJ;;OAEG;IACH,SAAS,CAAC,OAAkB;QAC1B,IAAI,CAAC,MAAM,GAAG;YACZ,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM;YAC5C,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO;YAC/C,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU;SACzD,CAAA;IACH,CAAC;IAkBD,OAAO,CAAC,OAAY,EAAE,OAAuB;QAC3C,OAAO,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;IACpD,CAAC;IAED;;OAEG;IACK,oBAAoB,CAC1B,OAAyD,EACzD,OAAuB;QAEvB,OAAO,KAAK,EAAE,GAAG,OAAc,EAAgB,EAAE;YAC/C,0EAA0E;YAC1E,yEAAyE;YACzE,6DAA6D;YAC7D,MAAM,gBAAgB,GAAG,OAAO,EAAE,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,CAAA;YAC9D,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,MAAM,cAAc,CAClB,WAAW,CAAC,gBAAgB,EAC5B,yCAAyC,CAC1C,CAAA;YACH,CAAC;YAED,MAAM,IAAI,GAAG,OAAO,EAAE,IAAI,IAAI,MAAM,CAAA;YACpC,MAAM,IAAI,GAAG,OAAO,EAAE,IAAI,IAAI,SAAS,CAAA;YAEvC,qDAAqD;YACrD,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,YAAY,GAAG,CAAA;YACnE,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAClD,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;YAEvD,IAAI,CAAC;gBACH,iEAAiE;gBACjE,mEAAmE;gBACnE,oEAAoE;gBACpE,wEAAwE;gBACxE,iEAAiE;gBACjE,uEAAuE;gBACvE,uCAAuC;gBACvC,MAAM,cAAc,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAA;gBAChD,IAAI,SAAS,GAAG,KAAK,CAAA;gBACrB,IAAI,cAAc,EAAE,CAAC;oBACnB,MAAM,KAAK,GAAG,iBAAiB,CAAC,cAAc,CAAC,CAAA;oBAC/C,iEAAiE;oBACjE,sEAAsE;oBACtE,2EAA2E;oBAC3E,SAAS,GAAG,EAAE,WAAW,EAAE,EAAE,OAAO,EAAE,EAAE,aAAa,EAAE,UAAU,KAAK,EAAE,EAAE,EAAE,EAAE,CAAA;gBAChF,CAAC;qBAAM,IAAI,CAAC,2BAA2B,EAAE,CAAC;oBACxC,2BAA2B,GAAG,IAAI,CAAA;oBAClC,OAAO,CAAC,IAAI,CACV,0EAA0E;wBACxE,oEAAoE,CACvE,CAAA;gBACH,CAAC;gBAED,0BAA0B;gBAC1B,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,YAAY,CACtD,SAAS,EACT,EAAE,MAAM,EAAE,gBAAgB,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,EAC3D,IAAI,CAAC,MAAM,CAAC,OAAO,EACnB,IAAI,CAAC,MAAM,CAAC,UAAU,EACtB,IAAI,EACJ,IAAI,EACJ,UAAU,CACX,CAAA;gBAED,8DAA8D;gBAC9D,0DAA0D;gBAC1D,MAAM,aAAa,GAAG,OAAO,EAAE,OAAO,CAAA;gBACtC,MAAM,cAAc,GAAG,OAAO,aAAa,KAAK,QAAQ,IAAI,aAAa,KAAK,SAAS,CAAA;gBACvF,MAAM,oBAAoB,GAAG,cAAc;oBACzC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,CAAC;oBAC1E,CAAC,CAAC,SAAS,CAAA;gBAEb,4EAA4E;gBAC5E,MAAM,eAAe,GAAG,OAAO,EAAE,MAAM,IAAI,UAAU,CAAC,MAAM,CAAA;gBAE5D,sFAAsF;gBACtF,MAAM,cAAc,GAAG;oBACrB,UAAU;oBACV,OAAO,EAAE,oBAAoB;oBAC7B,MAAM,EAAE,UAAU,CAAC,MAAM;oBACzB,iBAAiB,EAAE,UAAU,CAAC,iBAAiB;oBAC/C,YAAY,EAAE,UAAU,CAAC,YAAY;iBACtC,CAAA;gBAED,2CAA2C;gBAC3C,MAAM,MAAM,GAAG,MAAO,OAAe,CAAC,GAAG,OAAO,EAAE,cAAc,CAAC,CAAA;gBAEjE,6EAA6E;gBAC7E,MAAM,OAAO,GAAG,cAAc;oBAC5B,CAAC,CAAC,CAAC,oBAAoB,IAAI,EAAE,CAAC;oBAC9B,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,aAAa,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC,CAAA;gBAE9E,6CAA6C;gBAC7C,cAAc,CAAC,OAAO,GAAG,OAAO,CAAA;gBAEhC,sEAAsE;gBACtE,IAAI,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC5B,MAAM,SAAS,GAAG,KAAK,IAAI,EAAE;wBAC3B,OAAO,MAAM,IAAI,CAAC,aAAa,CAC7B,eAAe,EACf,UAAU,CAAC,KAAK,EAChB,UAAU,CAAC,iBAAiB,EAC5B,OAAO,EACP,OAAO,EACP,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,UAAU,EACrB,UAAU,CAAC,OAAO,EAClB,MAAM,CACP,CAAA;oBACH,CAAC,CAAA;oBACD,OAAO,iBAAiB,CACtB,MAAM,EACN,SAAS,EACT,eAAe,EACf,UAAU,CAAC,iBAAiB,EAC5B,OAAO,CACR,CAAA;gBACH,CAAC;gBAED,uCAAuC;gBACvC,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,aAAa,CAC5C,eAAe,EACf,UAAU,CAAC,KAAK,EAChB,UAAU,CAAC,iBAAiB,EAC5B,OAAO,EACP,OAAO,EACP,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,UAAU;gBACrB,0EAA0E;gBAC1E,qCAAqC;gBACrC,UAAU,CAAC,OAAO,EAClB,MAAM,CACP,CAAA;gBAED,iEAAiE;gBACjE,sEAAsE;gBACtE,oEAAoE;gBACpE,qEAAqE;gBACrE,2EAA2E;gBAC3E,IAAI,aAAa,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;oBAC5C,OAAO,CAAC,KAAK,CACX,mFAAmF,aAAa,CAAC,WAAW,EAAE,CAC/G,CAAA;oBACD,MAAM,IAAI,qBAAqB,CAAC,IAAI,CAAC,4BAA4B,CAAC,UAAU,CAAC,CAAC,CAAA;gBAChF,CAAC;gBAED,uEAAuE;gBACvE,wEAAwE;gBACxE,yEAAyE;gBACzE,mEAAmE;gBACnE,MAAM,CAAC,KAAK,GAAG;oBACb,GAAG,MAAM,CAAC,KAAK;oBACf,GAAG,CAAC,aAAa,IAAI,EAAE,CAAC,8BAA8B,CAAC,EAAE,aAAa,EAAE,CAAC;oBACzE,CAAC,2BAA2B,CAAC,EAAE;wBAC7B,GAAG,CAAC,aAAa,EAAE,WAAW,IAAI,EAAE,MAAM,EAAE,aAAa,CAAC,WAAW,EAAE,CAAC;wBACxE,eAAe,EAAE,aAAa,EAAE,OAAO;4BACrC,CAAC,CAAC,CAAC,aAAa,CAAC,eAAe,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;4BACvD,CAAC,CAAC,GAAG;wBACP,gBAAgB,EAAE,aAAa,EAAE,gBAAgB;wBACjD,MAAM,EAAE,UAAU,CAAC,MAAM;wBACzB,iBAAiB,EAAE,UAAU,CAAC,iBAAiB;wBAC/C,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;qBACtD;iBACF,CAAA;gBACD,OAAO,MAAM,CAAA;YACf,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,qEAAqE;gBACrE,oEAAoE;gBACpE,qEAAqE;gBACrE,gDAAgD;gBAChD,IAAI,KAAK,YAAY,oBAAoB,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;oBAC7D,OAAO,qBAAqB,CAAC,KAAK,CAAC,eAAe,CAAC,CAAA;gBACrD,CAAC;gBACD,MAAM,KAAK,CAAA;YACb,CAAC;QACH,CAAC,CAAA;IACH,CAAC;IAED;;;;OAIG;IACK,4BAA4B,CAAC,UAAsB;QACzD,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,IAAI,EAAE,CAAA;QACtC,MAAM,eAAe,GAAG,4BAA4B,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE;YAC7E,QAAQ,EAAE,UAAU,CAAC,UAAU,IAAI,UAAU,CAAC,OAAO;YACrD,OAAO,EAAE,UAAU,CAAC,OAAO;YAC3B,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;SAChD,CAA6C,CAAA;QAC9C,eAAe,CAAC,KAAK,GAAG,mBAAmB,CAAA;QAC3C,OAAO,eAAe,CAAA;IACxB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,aAAa,CACzB,MAAc,EACd,KAAa,EACb,iBAA0B,EAC1B,OAAe,EACf,OAAuB,EACvB,OAAgB,EAChB,QAAiB,EACjB,gBAAyB,EACzB,QAAiB;QAEjB,wEAAwE;QACxE,+EAA+E;QAC/E,IAAI,CAAC,CAAC,OAAO,IAAI,OAAO,GAAG,EAAE,IAAI,iBAAiB,IAAI,MAAM,CAAC,EAAE,CAAC;YAC9D,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,OAAO,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAA;QACxC,MAAM,MAAM,GAAG,aAAa,CAAC,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC;YACrD,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM;YACzB,CAAC,CAAC,aAAa,CAAA;QACjB,IAAI,CAAC;YACH,MAAM,eAAe,GAAwB,oBAAoB,CAAC,MAAM,EAAE;gBACxE,QAAQ,EAAE,QAAQ,IAAI,EAAE;gBACxB,OAAO;gBACP,QAAQ;gBACR,MAAM;gBACN,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;aAChD,CAAC,CAAA;YAEF,OAAO,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,iBAAiB,CAAC;gBACvD,eAAe;gBACf,eAAe,EAAE,KAAK;gBACtB,SAAS,EAAE,OAAO;aACnB,CAAC,CAAA;QACJ,CAAC;QAAC,OAAO,YAAY,EAAE,CAAC;YACtB,uEAAuE;YACvE,IAAI,SAAS,GAAY,YAAY,CAAA;YACrC,IAAI,gBAAgB,EAAE,CAAC;gBACrB,IAAI,CAAC;oBACH,MAAM,eAAe,GAAwB,oBAAoB,CAAC,MAAM,EAAE;wBACxE,QAAQ,EAAE,gBAAgB;wBAC1B,OAAO;wBACP,QAAQ;wBACR,MAAM;wBACN,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,kBAAkB,EAAE;qBAChD,CAAC,CAAA;oBAEF,OAAO,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,iBAAiB,CAAC;wBACvD,eAAe;wBACf,eAAe,EAAE,KAAK;wBACtB,SAAS,EAAE,OAAO;qBACnB,CAAC,CAAA;gBACJ,CAAC;gBAAC,OAAO,aAAa,EAAE,CAAC;oBACvB,iEAAiE;oBACjE,SAAS,GAAG,aAAa,CAAA;gBAC3B,CAAC;YACH,CAAC;YAED,MAAM,WAAW,GAAG,SAAS,YAAY,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAAA;YACtF,OAAO,CAAC,KAAK,CAAC,yBAAyB,WAAW,EAAE,CAAC,CAAA;YACrD,IAAI,OAAO,CAAC,aAAa,KAAK,WAAW,EAAE,CAAC;gBAC1C,MAAM,cAAc,CAClB,WAAW,CAAC,gBAAgB,EAC5B,6BAA6B,WAAW,EAAE,CAC3C,CAAA;YACH,CAAC;YACD,0EAA0E;YAC1E,uEAAuE;YACvE,oCAAoC;YACpC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,WAAW,EAAE,CAAA;QACtE,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,SAAS,eAAe,CAAc,KAAU;IAC9C,OAAO,KAAK,IAAI,IAAI,IAAI,OAAO,KAAK,CAAC,MAAM,CAAC,aAAa,CAAC,KAAK,UAAU,CAAA;AAC3E,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,QAA0B,EAC1B,SAA6B,EAC7B,MAAc,EACd,iBAA0B,EAC1B,OAAe;IAEf,KAAK,SAAS,CAAC,CAAC,SAAS;QACvB,IAAI,aAAa,GAAQ,IAAI,CAAA;QAC7B,IAAI,CAAC;YACH,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;gBACnC,MAAM,KAAU,CAAA;YAClB,CAAC;QACH,CAAC;gBAAS,CAAC;YACT,aAAa,GAAG,MAAM,SAAS,EAAE,CAAA;QACnC,CAAC;QAED,6DAA6D;QAC7D,4EAA4E;QAC5E,6EAA6E;QAC7E,4EAA4E;QAC5E,6EAA6E;QAC7E,0BAA0B;QAC1B,MAAM,UAAU,GAAG,aAAa,IAAI,SAAS,CAAA;QAC7C,MAAM,aAAa,GAAG;YACpB,KAAK,EAAE;gBACL,gDAAgD;gBAChD,GAAG,CAAC,UAAU,EAAE,OAAO,IAAI,EAAE,CAAC,8BAA8B,CAAC,EAAE,UAAU,EAAE,CAAC;gBAC5E,mEAAmE;gBACnE,CAAC,2BAA2B,CAAC,EAAE;oBAC7B,GAAG,CAAC,UAAU,EAAE,WAAW,IAAI,EAAE,MAAM,EAAE,UAAU,CAAC,WAAW,EAAE,CAAC;oBAClE,eAAe,EAAE,UAAU,EAAE,OAAO;wBAClC,CAAC,CAAC,CAAC,UAAU,CAAC,eAAe,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;wBACpD,CAAC,CAAC,GAAG;oBACP,gBAAgB,EAAE,UAAU,EAAE,gBAAgB;oBAC9C,MAAM;oBACN,iBAAiB;oBACjB,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;oBAC/C,GAAG,CAAC,UAAU,EAAE,WAAW,IAAI,EAAE,WAAW,EAAE,UAAU,CAAC,WAAW,EAAE,CAAC;iBACxE;aACF;SACF,CAAA;QACD,MAAM,aAAkB,CAAA;IAC1B,CAAC;IACD,OAAO,SAAS,EAAE,CAAA;AACpB,CAAC","sourcesContent":["/**\n * Main paywall decorator for MCP handlers (tools, resources, prompts)\n */\nimport { Address, isValidScheme } from '../../common/types.js'\nimport type { Payments } from '../../payments.js'\nimport { decodeAccessToken, encodeAccessToken } from '../../utils.js'\nimport {\n buildPaymentRequired,\n buildPaymentRequiredForPlans,\n type SettlePermissionsResult,\n type X402PaymentRequired,\n} from '../../x402/facilitator-api.js'\nimport {\n AuthResult,\n McpConfig,\n PaywallOptions,\n PromptOptions,\n ResourceOptions,\n ToolOptions,\n} from '../types/paywall.types.js'\nimport {\n ERROR_CODES,\n PaymentRequiredError,\n SettlementFailedError,\n createRpcError,\n} from '../utils/errors.js'\nimport {\n NEVERMINED_CREDITS_META_KEY,\n X402_PAYMENT_RESPONSE_META_KEY,\n paymentRequiredResult,\n readPaymentPayload,\n} from '../utils/meta.js'\nimport { PaywallAuthenticator } from './auth.js'\nimport { CreditsContextProvider } from './credits-context.js'\n\n// Emit the Authorization-header deprecation notice at most once per process to\n// avoid log spam on high-traffic servers still using the legacy header path.\nlet authHeaderDeprecationWarned = false\n\n/**\n * Main class for creating paywall-protected MCP handlers\n */\nexport class PaywallDecorator {\n // Internal config ensures serverName is always a concrete string\n private config: { planId: string; agentId?: string; serverName: string } = {\n planId: '',\n serverName: 'mcp-server',\n }\n\n constructor(\n private payments: Payments,\n private authenticator: PaywallAuthenticator,\n private creditsContext: CreditsContextProvider,\n ) {}\n\n /**\n * Configure the paywall with agent and server information\n */\n configure(options: McpConfig): void {\n this.config = {\n planId: options.planId || this.config.planId,\n agentId: options.agentId ?? this.config.agentId,\n serverName: options.serverName ?? this.config.serverName,\n }\n }\n\n /**\n * Create a paywall-protected handler (uncurried version only)\n */\n // Overloads per kind for stronger typing\n protect<TArgs = any>(\n handler: (args: TArgs, extra?: any) => Promise<any> | any,\n options: ToolOptions | PromptOptions,\n ): (args: TArgs, extra?: any) => Promise<any>\n protect(\n handler: (\n uri: URL,\n variables: Record<string, string | string[]>,\n extra?: any,\n ) => Promise<any> | any,\n options: ResourceOptions,\n ): (uri: URL, variables: Record<string, string | string[]>, extra?: any) => Promise<any>\n protect(handler: any, options: PaywallOptions): any {\n return this.createWrappedHandler(handler, options)\n }\n\n /**\n * Internal method to create the wrapped handler\n */\n private createWrappedHandler<TArgs = any>(\n handler: (args: TArgs, extra?: any) => Promise<any> | any,\n options: PaywallOptions,\n ): (...allArgs: any[]) => Promise<any> {\n return async (...allArgs: any[]): Promise<any> => {\n // Validate configuration: a planId must be resolvable (per-tool option or\n // server-level config). agentId is optional under the plan-centric model\n // (the facilitator resolves everything from planId + token).\n const configuredPlanId = options?.planId ?? this.config.planId\n if (!configuredPlanId) {\n throw createRpcError(\n ERROR_CODES.Misconfiguration,\n 'Server misconfiguration: missing planId',\n )\n }\n\n const kind = options?.kind ?? 'tool'\n const name = options?.name ?? 'unnamed'\n\n // Detect resource signature: (url, variables, extra)\n const isResource = allArgs.length >= 2 && allArgs[0] instanceof URL\n const extra = isResource ? allArgs[2] : allArgs[1]\n const argsOrVars = isResource ? allArgs[1] : allArgs[0]\n\n try {\n // x402 v2 MCP transport: prefer the in-band payment payload from\n // params._meta[\"x402/payment\"]. Re-encode it into the access token\n // string the verify/settle path expects and present it via the same\n // extra/headers shape the auth flow reads, so the in-band payload takes\n // precedence over the Authorization header (kept as a deprecated\n // fallback when the in-band payload is absent). The RAW extra is still\n // forwarded to the user handler below.\n const paymentPayload = readPaymentPayload(extra)\n let authExtra = extra\n if (paymentPayload) {\n const token = encodeAccessToken(paymentPayload)\n // Synthesize an auth-only extra carrying the in-band token. This\n // intentionally drops the rest of `extra` for the AUTH call only; the\n // RAW `extra` (with `_meta`) is still forwarded to the user handler below.\n authExtra = { requestInfo: { headers: { authorization: `Bearer ${token}` } } }\n } else if (!authHeaderDeprecationWarned) {\n authHeaderDeprecationWarned = true\n console.warn(\n '[x402] No _meta[\"x402/payment\"] on the MCP request; falling back to the ' +\n 'Authorization header (deprecated under the x402 v2 MCP transport).',\n )\n }\n\n // 1. Authenticate request\n const authResult = await this.authenticator.authenticate(\n authExtra,\n { planId: configuredPlanId, maxAmount: options?.maxAmount },\n this.config.agentId,\n this.config.serverName,\n name,\n kind,\n argsOrVars,\n )\n\n // 2. Pre-calculate credits if they are fixed (not a function)\n // This allows handlers to access credits during execution\n const creditsOption = options?.credits\n const isFixedCredits = typeof creditsOption === 'bigint' || creditsOption === undefined\n const preCalculatedCredits = isFixedCredits\n ? this.creditsContext.resolve(creditsOption, argsOrVars, null, authResult)\n : undefined\n\n // Determine effective planId: explicit option overrides token-derived value\n const effectivePlanId = options?.planId ?? authResult.planId\n\n // 3. Build PaywallContext for handler (with extra wrapper for backward compatibility)\n const paywallContext = {\n authResult,\n credits: preCalculatedCredits,\n planId: authResult.planId,\n subscriberAddress: authResult.subscriberAddress,\n agentRequest: authResult.agentRequest,\n }\n\n // 4. Execute original handler with context\n const result = await (handler as any)(...allArgs, paywallContext)\n\n // 5. Resolve final credits to burn (may be different if credits are dynamic)\n const credits = isFixedCredits\n ? (preCalculatedCredits ?? 1n)\n : this.creditsContext.resolve(creditsOption, argsOrVars, result, authResult)\n\n // Update context with final resolved credits\n paywallContext.credits = credits\n\n // 6. If the result is an AsyncIterable (stream), redeem on completion\n if (isAsyncIterable(result)) {\n const onFinally = async () => {\n return await this.redeemCredits(\n effectivePlanId,\n authResult.token,\n authResult.subscriberAddress,\n credits,\n options,\n authResult.agentId,\n authResult.logicalUrl,\n authResult.httpUrl,\n 'POST',\n )\n }\n return wrapAsyncIterable(\n result,\n onFinally,\n effectivePlanId,\n authResult.subscriberAddress,\n credits,\n )\n }\n\n // 7. Non-streaming: redeem immediately\n const creditsResult = await this.redeemCredits(\n effectivePlanId,\n authResult.token,\n authResult.subscriberAddress,\n credits,\n options,\n authResult.agentId,\n authResult.logicalUrl,\n // fix: pre-existing arg order — fallbackEndpoint=httpUrl, httpVerb='POST'\n // (matches the streaming site above)\n authResult.httpUrl,\n 'POST',\n )\n\n // Settlement failed AFTER the tool executed: per the x402 v2 MCP\n // transport spec, do NOT return the tool's content — surface only the\n // payment error so a paid result is never delivered without payment\n // landing. (onRedeemError \"ignore\" therefore no longer delivers paid\n // content; \"propagate\" already threw a Misconfiguration in redeemCredits.)\n if (creditsResult && !creditsResult.success) {\n console.error(\n `[x402] settlement failed after tool execution; suppressing tool content. reason=${creditsResult.errorReason}`,\n )\n throw new SettlementFailedError(this.buildPaymentRequiredFromAuth(authResult))\n }\n\n // creditsResult is undefined for free / no-credit calls (no settlement\n // performed) — in that case the spec receipt is omitted. On success the\n // full receipt goes under the spec key; Nevermined observability is kept\n // under a namespaced key so it never collides with the spec shape.\n result._meta = {\n ...result._meta,\n ...(creditsResult && { [X402_PAYMENT_RESPONSE_META_KEY]: creditsResult }),\n [NEVERMINED_CREDITS_META_KEY]: {\n ...(creditsResult?.transaction && { txHash: creditsResult.transaction }),\n creditsRedeemed: creditsResult?.success\n ? (creditsResult.creditsRedeemed ?? credits.toString())\n : '0',\n remainingBalance: creditsResult?.remainingBalance,\n planId: authResult.planId,\n subscriberAddress: authResult.subscriberAddress,\n success: creditsResult ? creditsResult.success : true,\n },\n }\n return result\n } catch (error) {\n // Payment-required (pre-execution, from auth) and settlement-failure\n // (post-execution) are surfaced in band as an error tool result for\n // tools. Resources/prompts have no tool-result error channel, so the\n // error propagates as a JSON-RPC error instead.\n if (error instanceof PaymentRequiredError && kind === 'tool') {\n return paymentRequiredResult(error.paymentRequired)\n }\n throw error\n }\n }\n }\n\n /**\n * Build a spec-shaped `PaymentRequired` dict for a settlement failure, from\n * the authenticated request context. Surfaced (with tool content suppressed)\n * when settlement fails after the tool has executed.\n */\n private buildPaymentRequiredFromAuth(authResult: AuthResult): Record<string, any> {\n const planId = authResult.planId || ''\n const paymentRequired = buildPaymentRequiredForPlans(planId ? [planId] : [''], {\n endpoint: authResult.logicalUrl || authResult.httpUrl,\n agentId: authResult.agentId,\n httpVerb: 'POST',\n environment: this.payments.getEnvironmentName(),\n }) as X402PaymentRequired & { error?: string }\n paymentRequired.error = 'settlement failed'\n return paymentRequired\n }\n\n /**\n * Redeem credits after successful request\n */\n private async redeemCredits(\n planId: string,\n token: string,\n subscriberAddress: Address,\n credits: bigint,\n options: PaywallOptions,\n agentId?: string,\n endpoint?: string,\n fallbackEndpoint?: string,\n httpVerb?: string,\n ): Promise<SettlePermissionsResult | undefined> {\n // No settlement for free / no-credit calls — signalled to the caller as\n // `undefined` so the spec receipt (_meta[\"x402/payment-response\"]) is omitted.\n if (!(credits && credits > 0n && subscriberAddress && planId)) {\n return undefined\n }\n\n const decoded = decodeAccessToken(token)\n const scheme = isValidScheme(decoded?.accepted?.scheme)\n ? decoded.accepted.scheme\n : 'nvm:erc4337'\n try {\n const paymentRequired: X402PaymentRequired = buildPaymentRequired(planId, {\n endpoint: endpoint || '',\n agentId,\n httpVerb,\n scheme,\n environment: this.payments.getEnvironmentName(),\n })\n\n return await this.payments.facilitator.settlePermissions({\n paymentRequired,\n x402AccessToken: token,\n maxAmount: credits,\n })\n } catch (primaryError) {\n // If logical URL fails and we have an HTTP URL fallback, retry with it\n let lastError: unknown = primaryError\n if (fallbackEndpoint) {\n try {\n const paymentRequired: X402PaymentRequired = buildPaymentRequired(planId, {\n endpoint: fallbackEndpoint,\n agentId,\n httpVerb,\n scheme,\n environment: this.payments.getEnvironmentName(),\n })\n\n return await this.payments.facilitator.settlePermissions({\n paymentRequired,\n x402AccessToken: token,\n maxAmount: credits,\n })\n } catch (fallbackError) {\n // Fallback also failed, use fallback error as the reported error\n lastError = fallbackError\n }\n }\n\n const errorReason = lastError instanceof Error ? lastError.message : String(lastError)\n console.error(`[x402] settle failed: ${errorReason}`)\n if (options.onRedeemError === 'propagate') {\n throw createRpcError(\n ERROR_CODES.Misconfiguration,\n `Failed to redeem credits: ${errorReason}`,\n )\n }\n // Default (\"ignore\"): return a failed result so the caller suppresses the\n // tool content and surfaces the in-band payment error (always-suppress\n // under the x402 v2 MCP transport).\n return { success: false, transaction: '', network: '', errorReason }\n }\n }\n}\n\n/**\n * Type guard to detect AsyncIterable values.\n */\nfunction isAsyncIterable<T = unknown>(value: any): value is AsyncIterable<T> {\n return value != null && typeof value[Symbol.asyncIterator] === 'function'\n}\n\n/**\n * Wrap an AsyncIterable with metadata injection at the end of the stream\n */\nfunction wrapAsyncIterable<T>(\n iterable: AsyncIterable<T>,\n onFinally: () => Promise<any>,\n planId: string,\n subscriberAddress: Address,\n credits: bigint,\n) {\n async function* generator() {\n let creditsResult: any = null\n try {\n for await (const chunk of iterable) {\n yield chunk as T\n }\n } finally {\n creditsResult = await onFinally()\n }\n\n // Yield a _meta chunk at the end with the redemption result.\n // NOTE: a stream cannot retroactively suppress already-yielded chunks, so a\n // post-execution settlement failure on a stream is only reported here in the\n // final _meta chunk (under nevermined/credits) — it cannot withhold content\n // the way a non-streaming tool result does. `creditsResult` is undefined for\n // free / no-credit calls.\n const settlement = creditsResult || undefined\n const metadataChunk = {\n _meta: {\n // Spec receipt only on a successful settlement.\n ...(settlement?.success && { [X402_PAYMENT_RESPONSE_META_KEY]: settlement }),\n // Nevermined-namespaced observability (NOT part of the x402 spec).\n [NEVERMINED_CREDITS_META_KEY]: {\n ...(settlement?.transaction && { txHash: settlement.transaction }),\n creditsRedeemed: settlement?.success\n ? (settlement.creditsRedeemed ?? credits.toString())\n : '0',\n remainingBalance: settlement?.remainingBalance,\n planId,\n subscriberAddress,\n success: settlement ? settlement.success : true,\n ...(settlement?.errorReason && { errorReason: settlement.errorReason }),\n },\n },\n }\n yield metadataChunk as T\n }\n return generator()\n}\n"]}
package/dist/mcp/core/server-manager.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"server-manager.d.ts","sourceRoot":"","sources":["../../../src/mcp/core/server-manager.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AACjD,OAAO,KAAK,EACV,aAAa,EACb,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,WAAW,EACX,eAAe,EACf,aAAa,EACb,eAAe,EACf,eAAe,EAKhB,MAAM,0BAA0B,CAAA;AAkCjC;;GAEG;AACH,oBAAY,WAAW;IACrB,IAAI,SAAS;IACb,QAAQ,aAAa;IACrB,OAAO,YAAY;IACnB,QAAQ,aAAa;CACtB;AAED;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,KAAK,CAAgC;IAC7C,OAAO,CAAC,QAAQ,CAAU;IAC1B,OAAO,CAAC,KAAK,CAA2C;IACxD,OAAO,CAAC,SAAS,CAA+C;IAChE,OAAO,CAAC,OAAO,CAA6C;IAC5D,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,UAAU,CAA2B;IAC7C,OAAO,CAAC,UAAU,CAAsB;IACxC,OAAO,CAAC,cAAc,CAA8B;IACpD,OAAO,CAAC,MAAM,CAA+B;IAC7C,OAAO,CAAC,GAAG,CAAqD;IAChE,OAAO,CAAC,gBAAgB,CAAkB;gBAE9B,QAAQ,EAAE,QAAQ;IAQ9B;;OAEG;IACH,QAAQ,IAAI,WAAW;IAIvB;;;OAGG;IACH,YAAY,CACV,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE,WAAW,EACpB,OAAO,GAAE,sBAA2B,GACnC,IAAI;IAkBP;;;OAGG;IACH,gBAAgB,CACd,IAAI,EAAE,MAAM,EACZ,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,iBAAiB,EACzB,OAAO,EAAE,eAAe,EACxB,OAAO,GAAE,sBAA2B,GACnC,IAAI;IAmBP;;;OAGG;IACH,cAAc,CACZ,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,eAAe,EACvB,OAAO,EAAE,aAAa,EACtB,OAAO,GAAE,sBAA2B,GACnC,IAAI;IAkBP;;OAEG;IACG,KAAK,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC;IAkI9D;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IA4B3B;;OAEG;YACW,2BAA2B;IAqKzC;;OAEG;IACH,OAAO,CAAC,iBAAiB;CAiB1B;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,GAAG,gBAAgB,CAExE"}
1
+ {"version":3,"file":"server-manager.d.ts","sourceRoot":"","sources":["../../../src/mcp/core/server-manager.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AACjD,OAAO,KAAK,EACV,aAAa,EACb,iBAAiB,EACjB,eAAe,EACf,sBAAsB,EACtB,WAAW,EACX,eAAe,EACf,aAAa,EACb,eAAe,EACf,eAAe,EAKhB,MAAM,0BAA0B,CAAA;AAkCjC;;GAEG;AACH,oBAAY,WAAW;IACrB,IAAI,SAAS;IACb,QAAQ,aAAa;IACrB,OAAO,YAAY;IACnB,QAAQ,aAAa;CACtB;AAED;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,KAAK,CAAgC;IAC7C,OAAO,CAAC,QAAQ,CAAU;IAC1B,OAAO,CAAC,KAAK,CAA2C;IACxD,OAAO,CAAC,SAAS,CAA+C;IAChE,OAAO,CAAC,OAAO,CAA6C;IAC5D,OAAO,CAAC,SAAS,CAAY;IAC7B,OAAO,CAAC,UAAU,CAA2B;IAC7C,OAAO,CAAC,UAAU,CAAsB;IACxC,OAAO,CAAC,cAAc,CAA8B;IACpD,OAAO,CAAC,MAAM,CAA+B;IAC7C,OAAO,CAAC,GAAG,CAAqD;IAChE,OAAO,CAAC,gBAAgB,CAAkB;gBAE9B,QAAQ,EAAE,QAAQ;IAQ9B;;OAEG;IACH,QAAQ,IAAI,WAAW;IAIvB;;;OAGG;IACH,YAAY,CACV,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,aAAa,EACrB,OAAO,EAAE,WAAW,EACpB,OAAO,GAAE,sBAA2B,GACnC,IAAI;IAkBP;;;OAGG;IACH,gBAAgB,CACd,IAAI,EAAE,MAAM,EACZ,aAAa,EAAE,MAAM,EACrB,MAAM,EAAE,iBAAiB,EACzB,OAAO,EAAE,eAAe,EACxB,OAAO,GAAE,sBAA2B,GACnC,IAAI;IAmBP;;;OAGG;IACH,cAAc,CACZ,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,eAAe,EACvB,OAAO,EAAE,aAAa,EACtB,OAAO,GAAE,sBAA2B,GACnC,IAAI;IAkBP;;OAEG;IACG,KAAK,CAAC,MAAM,EAAE,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC;IAmI9D;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IA4B3B;;OAEG;YACW,2BAA2B;IAsKzC;;OAEG;IACH,OAAO,CAAC,iBAAiB;CAiB1B;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,QAAQ,GAAG,gBAAgB,CAExE"}
package/dist/mcp/core/server-manager.js CHANGED
@@ -129,9 +129,10 @@ export class McpServerManager {
129
129
  this.config = config;
130
130
  this.log = config.onLog;
131
131
  try {
132
- // Validate configuration
133
- if (!config.agentId) {
134
- throw new Error('agentId is required');
132
+ // Validate configuration. planId is required (plan-centric); agentId is
133
+ // optional and informational only.
134
+ if (!config.planId) {
135
+ throw new Error('planId is required');
135
136
  }
136
137
  if (!config.port) {
137
138
  throw new Error('port is required');
@@ -264,6 +265,7 @@ export class McpServerManager {
264
265
  throw new Error('Server config not set');
265
266
  }
266
267
  this.paywallDecorator.configure({
268
+ planId: this.config.planId,
267
269
  agentId: this.config.agentId,
268
270
  serverName: this.config.serverName,
269
271
  });
@@ -413,7 +415,7 @@ export class McpServerManager {
413
415
  Tools: ${toolsList}
414
416
  Resources: ${resourcesList}
415
417
  Prompts: ${promptsList}
416
- Agent ID: ${config.agentId}`);
418
+ Plan ID: ${config.planId}${config.agentId ? `\n Agent ID: ${config.agentId}` : ''}`);
417
419
  }
418
420
  }
419
421
  /**
package/dist/mcp/core/server-manager.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"server-manager.js","sourceRoot":"","sources":["../../../src/mcp/core/server-manager.ts"],"names":[],"mappings":"AAKA,OAAO,OAA6B,MAAM,SAAS,CAAA;AAiBnD,OAAO,EAAE,oBAAoB,EAAkB,MAAM,4BAA4B,CAAA;AACjF,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AACzD,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,oBAAoB,EACpB,2BAA2B,GAC5B,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAE7D,IAAI,cAAc,GAAQ,IAAI,CAAA;AAC9B,IAAI,qBAAqB,GAAQ,IAAI,CAAA;AAErC;;GAEG;AACH,KAAK,UAAU,iBAAiB;IAC9B,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,yCAAyC,CAAC,CAAA;YACtE,cAAc,GAAG,MAAM,CAAC,SAAS,CAAA;YACjC,qBAAqB,GAAG,MAAM,CAAC,gBAAgB,CAAA;QACjD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CACb,4GAA4G,CAC7G,CAAA;QACH,CAAC;IACH,CAAC;IACD,OAAO,cAAc,CAAA;AACvB,CAAC;AAED;;GAEG;AACH,MAAM,CAAN,IAAY,WAKX;AALD,WAAY,WAAW;IACrB,4BAAa,CAAA;IACb,oCAAqB,CAAA;IACrB,kCAAmB,CAAA;IACnB,oCAAqB,CAAA;AACvB,CAAC,EALW,WAAW,KAAX,WAAW,QAKtB;AAED;;GAEG;AACH,MAAM,OAAO,gBAAgB;IAc3B,YAAY,QAAkB;QAbtB,UAAK,GAAgB,WAAW,CAAC,IAAI,CAAA;QAErC,UAAK,GAAkC,IAAI,GAAG,EAAE,CAAA;QAChD,cAAS,GAAsC,IAAI,GAAG,EAAE,CAAA;QACxD,YAAO,GAAoC,IAAI,GAAG,EAAE,CAAA;QACpD,cAAS,GAAQ,IAAI,CAAA;QACrB,eAAU,GAAuB,IAAI,CAAA;QACrC,eAAU,GAAkB,IAAI,CAAA;QAChC,mBAAc,GAA0B,IAAI,CAAA;QAC5C,WAAM,GAA2B,IAAI,CAAA;QACrC,QAAG,GAA4C,SAAS,CAAA;QAI9D,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;QACxB,+BAA+B;QAC/B,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,QAAQ,CAAC,CAAA;QACxD,MAAM,cAAc,GAAG,IAAI,sBAAsB,EAAE,CAAA;QACnD,IAAI,CAAC,gBAAgB,GAAG,IAAI,gBAAgB,CAAC,QAAQ,EAAE,aAAa,EAAE,cAAc,CAAC,CAAA;IACvF,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAA;IACnB,CAAC;IAED;;;OAGG;IACH,YAAY,CACV,IAAY,EACZ,MAAqB,EACrB,OAAoB,EACpB,UAAkC,EAAE;QAEpC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;QACnE,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE;YACnB,IAAI;YACJ,MAAM;YACN,OAAO;YACP,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,QAAQ;aACjD;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,EAAE,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAA;IACxC,CAAC;IAED;;;OAGG;IACH,gBAAgB,CACd,IAAY,EACZ,aAAqB,EACrB,MAAyB,EACzB,OAAwB,EACxB,UAAkC,EAAE;QAEpC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAA;QACvE,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,aAAa,EAAE;YAChC,IAAI;YACJ,aAAa;YACb,MAAM;YACN,OAAO;YACP,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,QAAQ;aACjD;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,EAAE,CAAC,wBAAwB,IAAI,OAAO,aAAa,EAAE,CAAC,CAAA;IAChE,CAAC;IAED;;;OAGG;IACH,cAAc,CACZ,IAAY,EACZ,MAAuB,EACvB,OAAsB,EACtB,UAAkC,EAAE;QAEpC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAA;QACrE,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE;YACrB,IAAI;YACJ,MAAM;YACN,OAAO;YACP,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,QAAQ;aACjD;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,EAAE,CAAC,sBAAsB,IAAI,EAAE,CAAC,CAAA;IAC1C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,MAAuB;QACjC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAA;QAChE,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,QAAQ,CAAA;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,KAAK,CAAA;QAEvB,IAAI,CAAC;YACH,yBAAyB;YACzB,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;YACxC,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,oBAAoB,MAAM,CAAC,IAAI,EAAE,CAAA;YAEnE,MAAM,SAAS,GAAG,MAAM,iBAAiB,EAAE,CAAA;YAE3C,oBAAoB;YACpB,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC;gBAC7B,IAAI,EAAE,MAAM,CAAC,UAAU;gBACvB,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,OAAO;aACnC,CAAC,CAAA;YAEF,iEAAiE;YACjE,MAAM,IAAI,CAAC,2BAA2B,EAAE,CAAA;YAExC,IAAI,CAAC,UAAU,GAAG,OAAO,EAAE,CAAA;YAE3B,0BAA0B;YAC1B,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACpB,2DAA2D;gBAC3D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,2BAA2B,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;gBAC1D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,oBAAoB,CAAC,MAAM,CAAC,WAAW,IAAI,GAAG,CAAC,CAAC,CAAA;gBACpE,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,CAAA;YAC7C,CAAC;YAED,qBAAqB;YACrB,MAAM,WAAW,GACf,MAAM,CAAC,WAAW,IAAK,IAAI,CAAC,QAAgB,CAAC,eAAe,IAAI,iBAAiB,CAAA;YAEnF,MAAM,WAAW,GAAG,iBAAiB,CAAC;gBACpC,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,OAAO;gBACP,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,WAAW;gBACX,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBACpC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;gBAC5C,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBACxC,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,IAAI,IAAI;gBACzD,wBAAwB,EAAE,MAAM,CAAC,wBAAwB,IAAI,IAAI;gBACjE,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,IAAI;gBACnD,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,IAAI;gBACjD,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,OAAO;gBAClC,WAAW,EAAE,MAAM,CAAC,WAAW;aAChC,CAAC,CAAA;YAEF,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAClC,CAAC;YAED,yBAAyB;YACzB,IAAI,CAAC,cAAc,GAAG,oBAAoB,CAAC;gBACzC,GAAG,EAAE,IAAI,CAAC,GAAG;aACd,CAAC,CAAA;YACF,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YAEhD,qBAAqB;YACrB,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC3C,gBAAgB,CAAC,IAAI,CAAC,UAAiB,EAAE;oBACvC,cAAc,EAAE,IAAI,CAAC,cAAc;oBACnC,WAAW,EAAE,IAAI;oBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;iBACd,CAAC,CAAA;gBAEF,mBAAmB;gBACnB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAE,GAAQ,EAAE,EAAE;oBACzC,IAAI,CAAC,GAAG,EAAE,CAAC,SAAS,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAA;oBAC7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,KAAK,EAAE,WAAW;wBAClB,iBAAiB,EAAE,uBAAuB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE;qBACnE,CAAC,CAAA;gBACJ,CAAC,CAAC,CAAA;YACJ,CAAC;YAED,oBAAoB;YACpB,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;YAChD,CAAC;YACD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAA;YAClC,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC1C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,SAAS,CAAA;gBACrC,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;oBACvD,OAAO,EAAE,CAAA;gBACX,CAAC,CAAC,CAAA;gBACF,IAAI,CAAC,UAAU,GAAG,MAAM,CAAA;gBACxB,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;YAC5B,CAAC,CAAC,CAAA;YAEF,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,OAAO,CAAA;YAEhC,MAAM,IAAI,GAAe;gBACvB,OAAO;gBACP,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBACpC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;gBAC5C,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;aACzC,CAAA;YAED,sBAAsB;YACtB,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;YAEpC,wBAAwB;YACxB,MAAM,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,CAAA;YAEtB,OAAO;gBACL,IAAI;gBACJ,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE;aACxB,CAAA;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAA;YAC7B,MAAM,KAAK,CAAA;QACb,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,OAAO,EAAE,CAAC;YACvC,OAAM;QACR,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,QAAQ,CAAA;QAEjC,uBAAuB;QACvB,IAAI,CAAC,cAAc,EAAE,kBAAkB,EAAE,CAAA;QAEzC,oBAAoB;QACpB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAA;QAC9B,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;gBAClC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAA;YAC/B,CAAC,CAAC,CAAA;QACJ,CAAC;QAED,cAAc;QACd,IAAI,CAAC,SAAS,GAAG,IAAI,CAAA;QACrB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAA;QACtB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAA;QACtB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAA;QAC1B,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAA;QAE7B,IAAI,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,CAAA;IAC9B,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,2BAA2B;QACvC,+CAA+C;QAC/C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;QAC1C,CAAC;QACD,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC;YAC9B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;SACnC,CAAC,CAAA;QAEF,iBAAiB;QACjB,KAAK,MAAM,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9C,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,YAAY,CAAA;YAE7D,4BAA4B;YAC5B,2EAA2E;YAC3E,MAAM,aAAa,GACjB,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU;gBACnC,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;oBACnC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;oBACzB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;YAEvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CACpD,KAAK,EAAE,IAAS,EAAE,KAAW,EAAE,cAAoB,EAAE,EAAE;gBACrD,kEAAkE;gBAClE,MAAM,YAAY,GAAG,cAAc;oBACjC,CAAC,CAAC;wBACE,GAAG,KAAK;wBACR,YAAY,EAAE,cAAc,CAAC,YAAY;qBAC1C;oBACH,CAAC,CAAC,KAAK,CAAA;gBACT,qDAAqD;gBACrD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,YAAY,CAAC,CAAA;gBAChD,OAAO,MAAM,CAAA;YACf,CAAC,EACD;gBACE,IAAI;gBACJ,IAAI,EAAE,MAAM;gBACZ,OAAO,EAAE,aAAa;gBACtB,aAAa,EAAE,OAAO,CAAC,aAAa;aACrC,CACF,CAAA;YAED,2BAA2B;YAC3B,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,EAAE,gBAAgB,CAAC,CAAA;QACjE,CAAC;QAED,qBAAqB;QACrB,KAAK,MAAM,CAAC,aAAa,EAAE,YAAY,CAAC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YAC3D,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,YAAY,CAAA;YAEvE,4BAA4B;YAC5B,2EAA2E;YAC3E,MAAM,aAAa,GACjB,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU;gBACnC,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;oBACnC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;oBACzB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;YAEvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CACpD,KAAK,EAAE,GAAQ,EAAE,KAAW,EAAE,cAAoB,EAAE,EAAE;gBACpD,0DAA0D;gBAC1D,MAAM,YAAY,GAAG,cAAc;oBACjC,CAAC,CAAC;wBACE,GAAG,KAAK;wBACR,UAAU,EAAE,cAAc,CAAC,UAAU;wBACrC,OAAO,EAAE,cAAc,CAAC,OAAO;wBAC/B,YAAY,EAAE,cAAc,CAAC,YAAY;qBAC1C;oBACH,CAAC,CAAC,KAAK,CAAA;gBACT,qDAAqD;gBACrD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;gBAC/C,OAAO,MAAM,CAAA;YACf,CAAC,EACD;gBACE,IAAI;gBACJ,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,aAAa;gBACtB,aAAa,EAAE,OAAO,CAAC,aAAa;aACrC,CACF,CAAA;YAED,2BAA2B;YAC3B,MAAM,oBAAoB,GAAG,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;YAE5D,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,gBAAgB,GAAG,IAAI,qBAAqB,CAAC,aAAa,EAAE;oBAChE,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;iBACtC,CAAC,CAAA;gBACF,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,IAAI,EAAE,gBAAgB,EAAE,cAAc,EAAE,gBAAgB,CAAC,CAAA;YAC3F,CAAC;iBAAM,CAAC;gBACN,2EAA2E;gBAC3E,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,IAAI,EAAE,aAAa,EAAE,cAAc,EAAE,gBAAgB,CAAC,CAAA;YACxF,CAAC;QACH,CAAC;QAED,mBAAmB;QACnB,KAAK,MAAM,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAChD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,YAAY,CAAA;YAE/D,4BAA4B;YAC5B,2EAA2E;YAC3E,MAAM,aAAa,GACjB,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU;gBACnC,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;oBACnC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;oBACzB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;YAEvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CACpD,KAAK,EAAE,IAAS,EAAE,KAAW,EAAE,cAAoB,EAAE,EAAE;gBACrD,iDAAiD;gBACjD,sDAAsD;gBACtD,MAAM,aAAa,GAAG,cAAc;oBAClC,CAAC,CAAC;wBACE,SAAS,EAAE,cAAc,CAAC,YAAY,EAAE,cAAc;wBACtD,OAAO,EAAE,cAAc,CAAC,OAAO;wBAC/B,KAAK,EAAE;4BACL,GAAG,KAAK;4BACR,UAAU,EAAE,cAAc,CAAC,UAAU;4BACrC,OAAO,EAAE,cAAc,CAAC,OAAO;4BAC/B,YAAY,EAAE,cAAc,CAAC,YAAY;yBAC1C;qBACF;oBACH,CAAC,CAAC,KAAK;wBACL,CAAC,CAAC;4BACE,SAAS,EAAE,KAAK,EAAE,YAAY,EAAE,cAAc;4BAC9C,OAAO,EAAE,KAAK,EAAE,OAAO;4BACvB,KAAK;yBACN;wBACH,CAAC,CAAC,SAAS,CAAA;gBAEf,qDAAqD;gBACrD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,aAAa,CAAC,CAAA;gBACjD,OAAO,MAAM,CAAA;YACf,CAAC,EACD;gBACE,IAAI;gBACJ,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,aAAa;gBACtB,aAAa,EAAE,OAAO,CAAC,aAAa;aACrC,CACF,CAAA;YAED,2BAA2B;YAC3B,MAAM,eAAe,GAAQ;gBAC3B,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,WAAW,EAAE,YAAY,CAAC,WAAW;aACtC,CAAA;YAED,IAAI,YAAY,CAAC,UAAU,EAAE,CAAC;gBAC5B,MAAM,MAAM,GAAG,YAAY,CAAC,UAAiB,CAAA;gBAC7C,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;oBAC9D,eAAe,CAAC,UAAU,GAAG,MAAM,CAAC,KAAK,CAAA;gBAC3C,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,UAAU,GAAG,YAAY,CAAC,UAAU,CAAA;gBACtD,CAAC;YACH,CAAC;YAED,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,EAAE,eAAe,EAAE,gBAAgB,CAAC,CAAA;QACxE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,IAAgB,EAAE,MAAuB;QACjE,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,OAAM;QAErB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;QACxE,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;QACpF,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;QAE9E,IAAI,CAAC,GAAG,CAAC;kBACK,IAAI,CAAC,OAAO;kBACZ,IAAI,CAAC,OAAO;kBACZ,IAAI,CAAC,OAAO;qBACT,IAAI,CAAC,OAAO;WACtB,SAAS;eACL,aAAa;aACf,WAAW;cACV,MAAM,CAAC,OAAO,EAAE,CAAC,CAAA;IAC7B,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAkB;IACpD,OAAO,IAAI,gBAAgB,CAAC,QAAQ,CAAC,CAAA;AACvC,CAAC","sourcesContent":["/**\n * Server manager for simplified MCP API.\n * Orchestrates McpServer, Express, Transport, and session management.\n */\nimport type { Server } from 'http'\nimport express, { type Application } from 'express'\nimport type { Payments } from '../../payments.js'\nimport type {\n McpToolConfig,\n McpResourceConfig,\n McpPromptConfig,\n McpRegistrationOptions,\n ToolHandler,\n ResourceHandler,\n PromptHandler,\n McpServerConfig,\n McpServerResult,\n ServerInfo,\n ToolRegistration,\n ResourceRegistration,\n PromptRegistration,\n} from '../types/server.types.js'\nimport { createSessionManager, SessionManager } from '../http/session-manager.js'\nimport { mountMcpHandlers } from '../http/mcp-handler.js'\nimport {\n createOAuthRouter,\n createCorsMiddleware,\n createJsonMiddleware,\n createHttpLoggingMiddleware,\n} from '../http/oauth-router.js'\nimport { PaywallDecorator } from './paywall.js'\nimport { PaywallAuthenticator } from './auth.js'\nimport { CreditsContextProvider } from './credits-context.js'\n\nlet McpServerClass: any = null\nlet ResourceTemplateClass: any = null\n\n/**\n * Lazily load McpServer and ResourceTemplate from the SDK.\n */\nasync function getMcpServerClass(): Promise<any> {\n if (!McpServerClass) {\n try {\n const module = await import('@modelcontextprotocol/sdk/server/mcp.js')\n McpServerClass = module.McpServer\n ResourceTemplateClass = module.ResourceTemplate\n } catch (error) {\n throw new Error(\n 'Failed to load @modelcontextprotocol/sdk. Make sure it is installed: npm install @modelcontextprotocol/sdk',\n )\n }\n }\n return McpServerClass\n}\n\n/**\n * Server manager state.\n */\nexport enum ServerState {\n Idle = 'idle',\n Starting = 'starting',\n Running = 'running',\n Stopping = 'stopping',\n}\n\n/**\n * Manages the complete MCP server lifecycle.\n */\nexport class McpServerManager {\n private state: ServerState = ServerState.Idle\n private payments: Payments\n private tools: Map<string, ToolRegistration> = new Map()\n private resources: Map<string, ResourceRegistration> = new Map()\n private prompts: Map<string, PromptRegistration> = new Map()\n private mcpServer: any = null\n private expressApp: Application | null = null\n private httpServer: Server | null = null\n private sessionManager: SessionManager | null = null\n private config: McpServerConfig | null = null\n private log: ((message: string) => void) | undefined = undefined\n private paywallDecorator: PaywallDecorator\n\n constructor(payments: Payments) {\n this.payments = payments\n // Initialize paywall decorator\n const authenticator = new PaywallAuthenticator(payments)\n const creditsContext = new CreditsContextProvider()\n this.paywallDecorator = new PaywallDecorator(payments, authenticator, creditsContext)\n }\n\n /**\n * Get current server state.\n */\n getState(): ServerState {\n return this.state\n }\n\n /**\n * Register a tool.\n * Must be called before start().\n */\n registerTool(\n name: string,\n config: McpToolConfig,\n handler: ToolHandler,\n options: McpRegistrationOptions = {},\n ): void {\n if (this.state !== ServerState.Idle) {\n throw new Error('Cannot register tools after server has started')\n }\n\n this.tools.set(name, {\n name,\n config,\n handler,\n options: {\n credits: options.credits,\n onRedeemError: options.onRedeemError ?? 'ignore',\n },\n })\n\n this.log?.(`Registered tool: ${name}`)\n }\n\n /**\n * Register a resource.\n * Must be called before start().\n */\n registerResource(\n name: string,\n uriOrTemplate: string,\n config: McpResourceConfig,\n handler: ResourceHandler,\n options: McpRegistrationOptions = {},\n ): void {\n if (this.state !== ServerState.Idle) {\n throw new Error('Cannot register resources after server has started')\n }\n\n this.resources.set(uriOrTemplate, {\n name,\n uriOrTemplate,\n config,\n handler,\n options: {\n credits: options.credits,\n onRedeemError: options.onRedeemError ?? 'ignore',\n },\n })\n\n this.log?.(`Registered resource: ${name} at ${uriOrTemplate}`)\n }\n\n /**\n * Register a prompt.\n * Must be called before start().\n */\n registerPrompt(\n name: string,\n config: McpPromptConfig,\n handler: PromptHandler,\n options: McpRegistrationOptions = {},\n ): void {\n if (this.state !== ServerState.Idle) {\n throw new Error('Cannot register prompts after server has started')\n }\n\n this.prompts.set(name, {\n name,\n config,\n handler,\n options: {\n credits: options.credits,\n onRedeemError: options.onRedeemError ?? 'ignore',\n },\n })\n\n this.log?.(`Registered prompt: ${name}`)\n }\n\n /**\n * Start the MCP server.\n */\n async start(config: McpServerConfig): Promise<McpServerResult> {\n if (this.state !== ServerState.Idle) {\n throw new Error(`Cannot start server in state: ${this.state}`)\n }\n\n this.state = ServerState.Starting\n this.config = config\n this.log = config.onLog\n\n try {\n // Validate configuration\n if (!config.agentId) {\n throw new Error('agentId is required')\n }\n if (!config.port) {\n throw new Error('port is required')\n }\n\n const baseUrl = config.baseUrl || `http://localhost:${config.port}`\n\n const McpServer = await getMcpServerClass()\n\n // Create MCP server\n this.mcpServer = new McpServer({\n name: config.serverName,\n version: config.version || '1.0.0',\n })\n\n // Register tools, resources, and prompts with paywall protection\n await this.registerHandlersWithPaywall()\n\n this.expressApp = express()\n\n // Apply global middleware\n if (this.expressApp) {\n // HTTP request logging (must be first to log all requests)\n this.expressApp.use(createHttpLoggingMiddleware(this.log))\n this.expressApp.use(createCorsMiddleware(config.corsOrigins || '*'))\n this.expressApp.use(createJsonMiddleware())\n }\n\n // Mount OAuth router\n const environment =\n config.environment || (this.payments as any).environmentName || 'staging_sandbox'\n\n const oauthRouter = createOAuthRouter({\n payments: this.payments,\n baseUrl,\n agentId: config.agentId,\n environment,\n serverName: config.serverName,\n tools: Array.from(this.tools.keys()),\n resources: Array.from(this.resources.keys()),\n prompts: Array.from(this.prompts.keys()),\n enableOAuthDiscovery: config.enableOAuthDiscovery ?? true,\n enableClientRegistration: config.enableClientRegistration ?? true,\n enableHealthCheck: config.enableHealthCheck ?? true,\n enableServerInfo: config.enableServerInfo ?? true,\n version: config.version || '1.0.0',\n description: config.description,\n })\n\n if (this.expressApp) {\n this.expressApp.use(oauthRouter)\n }\n\n // Create session manager\n this.sessionManager = createSessionManager({\n log: this.log,\n })\n this.sessionManager.setMcpServer(this.mcpServer)\n\n // Mount MCP handlers\n if (this.expressApp && this.sessionManager) {\n mountMcpHandlers(this.expressApp as any, {\n sessionManager: this.sessionManager,\n requireAuth: true,\n log: this.log,\n })\n\n // Add 404 fallback\n this.expressApp.use((req: any, res: any) => {\n this.log?.(`404 - ${req.method} ${req.path}`)\n res.status(404).json({\n error: 'not_found',\n error_description: `Endpoint not found: ${req.method} ${req.path}`,\n })\n })\n }\n\n // Start HTTP server\n if (!this.expressApp) {\n throw new Error('Express app not initialized')\n }\n const expressApp = this.expressApp\n await new Promise<void>((resolve, reject) => {\n const host = config.host || '0.0.0.0'\n const server = expressApp.listen(config.port, host, () => {\n resolve()\n })\n this.httpServer = server\n server.on('error', reject)\n })\n\n this.state = ServerState.Running\n\n const info: ServerInfo = {\n baseUrl,\n port: config.port,\n tools: Array.from(this.tools.keys()),\n resources: Array.from(this.resources.keys()),\n prompts: Array.from(this.prompts.keys()),\n }\n\n // Log startup message\n this.logStartupMessage(info, config)\n\n // Call onStart callback\n config.onStart?.(info)\n\n return {\n info,\n stop: () => this.stop(),\n }\n } catch (error) {\n this.state = ServerState.Idle\n throw error\n }\n }\n\n /**\n * Stop the server gracefully.\n */\n async stop(): Promise<void> {\n if (this.state !== ServerState.Running) {\n return\n }\n\n this.state = ServerState.Stopping\n\n // Destroy all sessions\n this.sessionManager?.destroyAllSessions()\n\n // Close HTTP server\n const server = this.httpServer\n if (server) {\n await new Promise<void>((resolve) => {\n server.close(() => resolve())\n })\n }\n\n // Reset state\n this.mcpServer = null\n this.expressApp = null\n this.httpServer = null\n this.sessionManager = null\n this.state = ServerState.Idle\n\n this.log?.('Server stopped')\n }\n\n /**\n * Register all tools, resources, and prompts with paywall protection.\n */\n private async registerHandlersWithPaywall(): Promise<void> {\n // Configure paywall with agent and server info\n if (!this.config) {\n throw new Error('Server config not set')\n }\n this.paywallDecorator.configure({\n agentId: this.config.agentId,\n serverName: this.config.serverName,\n })\n\n // Register tools\n for (const [name, registration] of this.tools) {\n const { config: toolConfig, handler, options } = registration\n\n // Wrap handler with paywall\n // Convert number to bigint if needed, but preserve functions and undefined\n const creditsOption: any =\n typeof options.credits === 'function'\n ? options.credits\n : typeof options.credits === 'number'\n ? BigInt(options.credits)\n : options.credits\n\n const protectedHandler = this.paywallDecorator.protect(\n async (args: any, extra?: any, paywallContext?: any) => {\n // Pass agentRequest directly in extra (consistent with resources)\n const handlerExtra = paywallContext\n ? {\n ...extra,\n agentRequest: paywallContext.agentRequest,\n }\n : extra\n // Call the user's handler with the converted context\n const result = await handler(args, handlerExtra)\n return result\n },\n {\n name,\n kind: 'tool',\n credits: creditsOption,\n onRedeemError: options.onRedeemError,\n },\n )\n\n // Register with MCP server\n this.mcpServer.registerTool(name, toolConfig, protectedHandler)\n }\n\n // Register resources\n for (const [uriOrTemplate, registration] of this.resources) {\n const { name, config: resourceConfig, handler, options } = registration\n\n // Wrap handler with paywall\n // Convert number to bigint if needed, but preserve functions and undefined\n const creditsOption: any =\n typeof options.credits === 'function'\n ? options.credits\n : typeof options.credits === 'number'\n ? BigInt(options.credits)\n : options.credits\n\n const protectedHandler = this.paywallDecorator.protect(\n async (uri: URL, extra?: any, paywallContext?: any) => {\n // Convert PaywallContext - pass extra directly to handler\n const handlerExtra = paywallContext\n ? {\n ...extra,\n authResult: paywallContext.authResult,\n credits: paywallContext.credits,\n agentRequest: paywallContext.agentRequest,\n }\n : extra\n // Call the user's handler with the converted context\n const result = await handler(uri, handlerExtra)\n return result\n },\n {\n name,\n kind: 'resource',\n credits: creditsOption,\n onRedeemError: options.onRedeemError,\n },\n )\n\n // Register with MCP server\n const hasTemplateVariables = /\\{[^}]+\\}/.test(uriOrTemplate)\n\n if (hasTemplateVariables) {\n const templateInstance = new ResourceTemplateClass(uriOrTemplate, {\n list: async () => ({ resources: [] }),\n })\n this.mcpServer.registerResource(name, templateInstance, resourceConfig, protectedHandler)\n } else {\n // For static resources: registerResource(name, uriString, config, handler)\n this.mcpServer.registerResource(name, uriOrTemplate, resourceConfig, protectedHandler)\n }\n }\n\n // Register prompts\n for (const [name, registration] of this.prompts) {\n const { config: promptConfig, handler, options } = registration\n\n // Wrap handler with paywall\n // Convert number to bigint if needed, but preserve functions and undefined\n const creditsOption: any =\n typeof options.credits === 'function'\n ? options.credits\n : typeof options.credits === 'number'\n ? BigInt(options.credits)\n : options.credits\n\n const protectedHandler = this.paywallDecorator.protect(\n async (args: any, extra?: any, paywallContext?: any) => {\n // Convert PaywallContext to PromptContext format\n // PromptContext has: { requestId?, credits?, extra? }\n const promptContext = paywallContext\n ? {\n requestId: paywallContext.agentRequest?.agentRequestId,\n credits: paywallContext.credits,\n extra: {\n ...extra,\n authResult: paywallContext.authResult,\n credits: paywallContext.credits,\n agentRequest: paywallContext.agentRequest,\n },\n }\n : extra\n ? {\n requestId: extra?.agentRequest?.agentRequestId,\n credits: extra?.credits,\n extra,\n }\n : undefined\n\n // Call the user's handler with the converted context\n const result = await handler(args, promptContext)\n return result\n },\n {\n name,\n kind: 'prompt',\n credits: creditsOption,\n onRedeemError: options.onRedeemError,\n },\n )\n\n // Register with MCP server\n const sdkPromptConfig: any = {\n title: promptConfig.title,\n description: promptConfig.description,\n }\n\n if (promptConfig.argsSchema) {\n const schema = promptConfig.argsSchema as any\n if (schema && typeof schema === 'object' && 'shape' in schema) {\n sdkPromptConfig.argsSchema = schema.shape\n } else {\n sdkPromptConfig.argsSchema = promptConfig.argsSchema\n }\n }\n\n this.mcpServer.registerPrompt(name, sdkPromptConfig, protectedHandler)\n }\n }\n\n /**\n * Log startup message (only if onLog callback provided).\n */\n private logStartupMessage(info: ServerInfo, config: McpServerConfig): void {\n if (!this.log) return\n\n const toolsList = info.tools.length > 0 ? info.tools.join(', ') : 'none'\n const resourcesList = info.resources.length > 0 ? info.resources.join(', ') : 'none'\n const promptsList = info.prompts.length > 0 ? info.prompts.join(', ') : 'none'\n\n this.log(`MCP Server Started!\n MCP Endpoint: ${info.baseUrl}/mcp\n Health Check: ${info.baseUrl}/health\n Server Info: ${info.baseUrl}/\n OAuth Discovery: ${info.baseUrl}/.well-known/oauth-authorization-server\n Tools: ${toolsList}\n Resources: ${resourcesList}\n Prompts: ${promptsList}\n Agent ID: ${config.agentId}`)\n }\n}\n\n/**\n * Create a new server manager.\n */\nexport function createServerManager(payments: Payments): McpServerManager {\n return new McpServerManager(payments)\n}\n"]}
1
+ {"version":3,"file":"server-manager.js","sourceRoot":"","sources":["../../../src/mcp/core/server-manager.ts"],"names":[],"mappings":"AAKA,OAAO,OAA6B,MAAM,SAAS,CAAA;AAiBnD,OAAO,EAAE,oBAAoB,EAAkB,MAAM,4BAA4B,CAAA;AACjF,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAA;AACzD,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,oBAAoB,EACpB,2BAA2B,GAC5B,MAAM,yBAAyB,CAAA;AAChC,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAC/C,OAAO,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAA;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAE7D,IAAI,cAAc,GAAQ,IAAI,CAAA;AAC9B,IAAI,qBAAqB,GAAQ,IAAI,CAAA;AAErC;;GAEG;AACH,KAAK,UAAU,iBAAiB;IAC9B,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,yCAAyC,CAAC,CAAA;YACtE,cAAc,GAAG,MAAM,CAAC,SAAS,CAAA;YACjC,qBAAqB,GAAG,MAAM,CAAC,gBAAgB,CAAA;QACjD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CACb,4GAA4G,CAC7G,CAAA;QACH,CAAC;IACH,CAAC;IACD,OAAO,cAAc,CAAA;AACvB,CAAC;AAED;;GAEG;AACH,MAAM,CAAN,IAAY,WAKX;AALD,WAAY,WAAW;IACrB,4BAAa,CAAA;IACb,oCAAqB,CAAA;IACrB,kCAAmB,CAAA;IACnB,oCAAqB,CAAA;AACvB,CAAC,EALW,WAAW,KAAX,WAAW,QAKtB;AAED;;GAEG;AACH,MAAM,OAAO,gBAAgB;IAc3B,YAAY,QAAkB;QAbtB,UAAK,GAAgB,WAAW,CAAC,IAAI,CAAA;QAErC,UAAK,GAAkC,IAAI,GAAG,EAAE,CAAA;QAChD,cAAS,GAAsC,IAAI,GAAG,EAAE,CAAA;QACxD,YAAO,GAAoC,IAAI,GAAG,EAAE,CAAA;QACpD,cAAS,GAAQ,IAAI,CAAA;QACrB,eAAU,GAAuB,IAAI,CAAA;QACrC,eAAU,GAAkB,IAAI,CAAA;QAChC,mBAAc,GAA0B,IAAI,CAAA;QAC5C,WAAM,GAA2B,IAAI,CAAA;QACrC,QAAG,GAA4C,SAAS,CAAA;QAI9D,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAA;QACxB,+BAA+B;QAC/B,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,QAAQ,CAAC,CAAA;QACxD,MAAM,cAAc,GAAG,IAAI,sBAAsB,EAAE,CAAA;QACnD,IAAI,CAAC,gBAAgB,GAAG,IAAI,gBAAgB,CAAC,QAAQ,EAAE,aAAa,EAAE,cAAc,CAAC,CAAA;IACvF,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAA;IACnB,CAAC;IAED;;;OAGG;IACH,YAAY,CACV,IAAY,EACZ,MAAqB,EACrB,OAAoB,EACpB,UAAkC,EAAE;QAEpC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;QACnE,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE;YACnB,IAAI;YACJ,MAAM;YACN,OAAO;YACP,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,QAAQ;aACjD;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,EAAE,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAA;IACxC,CAAC;IAED;;;OAGG;IACH,gBAAgB,CACd,IAAY,EACZ,aAAqB,EACrB,MAAyB,EACzB,OAAwB,EACxB,UAAkC,EAAE;QAEpC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAA;QACvE,CAAC;QAED,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,aAAa,EAAE;YAChC,IAAI;YACJ,aAAa;YACb,MAAM;YACN,OAAO;YACP,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,QAAQ;aACjD;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,EAAE,CAAC,wBAAwB,IAAI,OAAO,aAAa,EAAE,CAAC,CAAA;IAChE,CAAC;IAED;;;OAGG;IACH,cAAc,CACZ,IAAY,EACZ,MAAuB,EACvB,OAAsB,EACtB,UAAkC,EAAE;QAEpC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAA;QACrE,CAAC;QAED,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE;YACrB,IAAI;YACJ,MAAM;YACN,OAAO;YACP,OAAO,EAAE;gBACP,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,aAAa,EAAE,OAAO,CAAC,aAAa,IAAI,QAAQ;aACjD;SACF,CAAC,CAAA;QAEF,IAAI,CAAC,GAAG,EAAE,CAAC,sBAAsB,IAAI,EAAE,CAAC,CAAA;IAC1C,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,KAAK,CAAC,MAAuB;QACjC,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACpC,MAAM,IAAI,KAAK,CAAC,iCAAiC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAA;QAChE,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,QAAQ,CAAA;QACjC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,GAAG,GAAG,MAAM,CAAC,KAAK,CAAA;QAEvB,IAAI,CAAC;YACH,wEAAwE;YACxE,mCAAmC;YACnC,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;gBACnB,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAA;YACvC,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;YACrC,CAAC;YAED,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,oBAAoB,MAAM,CAAC,IAAI,EAAE,CAAA;YAEnE,MAAM,SAAS,GAAG,MAAM,iBAAiB,EAAE,CAAA;YAE3C,oBAAoB;YACpB,IAAI,CAAC,SAAS,GAAG,IAAI,SAAS,CAAC;gBAC7B,IAAI,EAAE,MAAM,CAAC,UAAU;gBACvB,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,OAAO;aACnC,CAAC,CAAA;YAEF,iEAAiE;YACjE,MAAM,IAAI,CAAC,2BAA2B,EAAE,CAAA;YAExC,IAAI,CAAC,UAAU,GAAG,OAAO,EAAE,CAAA;YAE3B,0BAA0B;YAC1B,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACpB,2DAA2D;gBAC3D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,2BAA2B,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;gBAC1D,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,oBAAoB,CAAC,MAAM,CAAC,WAAW,IAAI,GAAG,CAAC,CAAC,CAAA;gBACpE,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,CAAA;YAC7C,CAAC;YAED,qBAAqB;YACrB,MAAM,WAAW,GACf,MAAM,CAAC,WAAW,IAAK,IAAI,CAAC,QAAgB,CAAC,eAAe,IAAI,iBAAiB,CAAA;YAEnF,MAAM,WAAW,GAAG,iBAAiB,CAAC;gBACpC,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,OAAO;gBACP,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,WAAW;gBACX,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBACpC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;gBAC5C,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBACxC,oBAAoB,EAAE,MAAM,CAAC,oBAAoB,IAAI,IAAI;gBACzD,wBAAwB,EAAE,MAAM,CAAC,wBAAwB,IAAI,IAAI;gBACjE,iBAAiB,EAAE,MAAM,CAAC,iBAAiB,IAAI,IAAI;gBACnD,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,IAAI;gBACjD,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,OAAO;gBAClC,WAAW,EAAE,MAAM,CAAC,WAAW;aAChC,CAAC,CAAA;YAEF,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACpB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,CAAC,CAAA;YAClC,CAAC;YAED,yBAAyB;YACzB,IAAI,CAAC,cAAc,GAAG,oBAAoB,CAAC;gBACzC,GAAG,EAAE,IAAI,CAAC,GAAG;aACd,CAAC,CAAA;YACF,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;YAEhD,qBAAqB;YACrB,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC3C,gBAAgB,CAAC,IAAI,CAAC,UAAiB,EAAE;oBACvC,cAAc,EAAE,IAAI,CAAC,cAAc;oBACnC,WAAW,EAAE,IAAI;oBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;iBACd,CAAC,CAAA;gBAEF,mBAAmB;gBACnB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,GAAQ,EAAE,GAAQ,EAAE,EAAE;oBACzC,IAAI,CAAC,GAAG,EAAE,CAAC,SAAS,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC,CAAA;oBAC7C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;wBACnB,KAAK,EAAE,WAAW;wBAClB,iBAAiB,EAAE,uBAAuB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE;qBACnE,CAAC,CAAA;gBACJ,CAAC,CAAC,CAAA;YACJ,CAAC;YAED,oBAAoB;YACpB,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;gBACrB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAA;YAChD,CAAC;YACD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAA;YAClC,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;gBAC1C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,IAAI,SAAS,CAAA;gBACrC,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;oBACvD,OAAO,EAAE,CAAA;gBACX,CAAC,CAAC,CAAA;gBACF,IAAI,CAAC,UAAU,GAAG,MAAM,CAAA;gBACxB,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;YAC5B,CAAC,CAAC,CAAA;YAEF,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,OAAO,CAAA;YAEhC,MAAM,IAAI,GAAe;gBACvB,OAAO;gBACP,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;gBACpC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;gBAC5C,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;aACzC,CAAA;YAED,sBAAsB;YACtB,IAAI,CAAC,iBAAiB,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;YAEpC,wBAAwB;YACxB,MAAM,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,CAAA;YAEtB,OAAO;gBACL,IAAI;gBACJ,IAAI,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE;aACxB,CAAA;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAA;YAC7B,MAAM,KAAK,CAAA;QACb,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC,OAAO,EAAE,CAAC;YACvC,OAAM;QACR,CAAC;QAED,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,QAAQ,CAAA;QAEjC,uBAAuB;QACvB,IAAI,CAAC,cAAc,EAAE,kBAAkB,EAAE,CAAA;QAEzC,oBAAoB;QACpB,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAA;QAC9B,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,EAAE;gBAClC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC,CAAA;YAC/B,CAAC,CAAC,CAAA;QACJ,CAAC;QAED,cAAc;QACd,IAAI,CAAC,SAAS,GAAG,IAAI,CAAA;QACrB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAA;QACtB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAA;QACtB,IAAI,CAAC,cAAc,GAAG,IAAI,CAAA;QAC1B,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAA;QAE7B,IAAI,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,CAAA;IAC9B,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,2BAA2B;QACvC,+CAA+C;QAC/C,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAA;QAC1C,CAAC;QACD,IAAI,CAAC,gBAAgB,CAAC,SAAS,CAAC;YAC9B,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO;YAC5B,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU;SACnC,CAAC,CAAA;QAEF,iBAAiB;QACjB,KAAK,MAAM,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9C,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,YAAY,CAAA;YAE7D,4BAA4B;YAC5B,2EAA2E;YAC3E,MAAM,aAAa,GACjB,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU;gBACnC,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;oBACnC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;oBACzB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;YAEvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CACpD,KAAK,EAAE,IAAS,EAAE,KAAW,EAAE,cAAoB,EAAE,EAAE;gBACrD,kEAAkE;gBAClE,MAAM,YAAY,GAAG,cAAc;oBACjC,CAAC,CAAC;wBACE,GAAG,KAAK;wBACR,YAAY,EAAE,cAAc,CAAC,YAAY;qBAC1C;oBACH,CAAC,CAAC,KAAK,CAAA;gBACT,qDAAqD;gBACrD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,YAAY,CAAC,CAAA;gBAChD,OAAO,MAAM,CAAA;YACf,CAAC,EACD;gBACE,IAAI;gBACJ,IAAI,EAAE,MAAM;gBACZ,OAAO,EAAE,aAAa;gBACtB,aAAa,EAAE,OAAO,CAAC,aAAa;aACrC,CACF,CAAA;YAED,2BAA2B;YAC3B,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,IAAI,EAAE,UAAU,EAAE,gBAAgB,CAAC,CAAA;QACjE,CAAC;QAED,qBAAqB;QACrB,KAAK,MAAM,CAAC,aAAa,EAAE,YAAY,CAAC,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YAC3D,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,YAAY,CAAA;YAEvE,4BAA4B;YAC5B,2EAA2E;YAC3E,MAAM,aAAa,GACjB,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU;gBACnC,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;oBACnC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;oBACzB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;YAEvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CACpD,KAAK,EAAE,GAAQ,EAAE,KAAW,EAAE,cAAoB,EAAE,EAAE;gBACpD,0DAA0D;gBAC1D,MAAM,YAAY,GAAG,cAAc;oBACjC,CAAC,CAAC;wBACE,GAAG,KAAK;wBACR,UAAU,EAAE,cAAc,CAAC,UAAU;wBACrC,OAAO,EAAE,cAAc,CAAC,OAAO;wBAC/B,YAAY,EAAE,cAAc,CAAC,YAAY;qBAC1C;oBACH,CAAC,CAAC,KAAK,CAAA;gBACT,qDAAqD;gBACrD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;gBAC/C,OAAO,MAAM,CAAA;YACf,CAAC,EACD;gBACE,IAAI;gBACJ,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,aAAa;gBACtB,aAAa,EAAE,OAAO,CAAC,aAAa;aACrC,CACF,CAAA;YAED,2BAA2B;YAC3B,MAAM,oBAAoB,GAAG,WAAW,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;YAE5D,IAAI,oBAAoB,EAAE,CAAC;gBACzB,MAAM,gBAAgB,GAAG,IAAI,qBAAqB,CAAC,aAAa,EAAE;oBAChE,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;iBACtC,CAAC,CAAA;gBACF,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,IAAI,EAAE,gBAAgB,EAAE,cAAc,EAAE,gBAAgB,CAAC,CAAA;YAC3F,CAAC;iBAAM,CAAC;gBACN,2EAA2E;gBAC3E,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,IAAI,EAAE,aAAa,EAAE,cAAc,EAAE,gBAAgB,CAAC,CAAA;YACxF,CAAC;QACH,CAAC;QAED,mBAAmB;QACnB,KAAK,MAAM,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAChD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,YAAY,CAAA;YAE/D,4BAA4B;YAC5B,2EAA2E;YAC3E,MAAM,aAAa,GACjB,OAAO,OAAO,CAAC,OAAO,KAAK,UAAU;gBACnC,CAAC,CAAC,OAAO,CAAC,OAAO;gBACjB,CAAC,CAAC,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;oBACnC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC;oBACzB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAA;YAEvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CACpD,KAAK,EAAE,IAAS,EAAE,KAAW,EAAE,cAAoB,EAAE,EAAE;gBACrD,iDAAiD;gBACjD,sDAAsD;gBACtD,MAAM,aAAa,GAAG,cAAc;oBAClC,CAAC,CAAC;wBACE,SAAS,EAAE,cAAc,CAAC,YAAY,EAAE,cAAc;wBACtD,OAAO,EAAE,cAAc,CAAC,OAAO;wBAC/B,KAAK,EAAE;4BACL,GAAG,KAAK;4BACR,UAAU,EAAE,cAAc,CAAC,UAAU;4BACrC,OAAO,EAAE,cAAc,CAAC,OAAO;4BAC/B,YAAY,EAAE,cAAc,CAAC,YAAY;yBAC1C;qBACF;oBACH,CAAC,CAAC,KAAK;wBACL,CAAC,CAAC;4BACE,SAAS,EAAE,KAAK,EAAE,YAAY,EAAE,cAAc;4BAC9C,OAAO,EAAE,KAAK,EAAE,OAAO;4BACvB,KAAK;yBACN;wBACH,CAAC,CAAC,SAAS,CAAA;gBAEf,qDAAqD;gBACrD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,aAAa,CAAC,CAAA;gBACjD,OAAO,MAAM,CAAA;YACf,CAAC,EACD;gBACE,IAAI;gBACJ,IAAI,EAAE,QAAQ;gBACd,OAAO,EAAE,aAAa;gBACtB,aAAa,EAAE,OAAO,CAAC,aAAa;aACrC,CACF,CAAA;YAED,2BAA2B;YAC3B,MAAM,eAAe,GAAQ;gBAC3B,KAAK,EAAE,YAAY,CAAC,KAAK;gBACzB,WAAW,EAAE,YAAY,CAAC,WAAW;aACtC,CAAA;YAED,IAAI,YAAY,CAAC,UAAU,EAAE,CAAC;gBAC5B,MAAM,MAAM,GAAG,YAAY,CAAC,UAAiB,CAAA;gBAC7C,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,OAAO,IAAI,MAAM,EAAE,CAAC;oBAC9D,eAAe,CAAC,UAAU,GAAG,MAAM,CAAC,KAAK,CAAA;gBAC3C,CAAC;qBAAM,CAAC;oBACN,eAAe,CAAC,UAAU,GAAG,YAAY,CAAC,UAAU,CAAA;gBACtD,CAAC;YACH,CAAC;YAED,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,EAAE,eAAe,EAAE,gBAAgB,CAAC,CAAA;QACxE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,IAAgB,EAAE,MAAuB;QACjE,IAAI,CAAC,IAAI,CAAC,GAAG;YAAE,OAAM;QAErB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;QACxE,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;QACpF,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;QAE9E,IAAI,CAAC,GAAG,CAAC;kBACK,IAAI,CAAC,OAAO;kBACZ,IAAI,CAAC,OAAO;kBACZ,IAAI,CAAC,OAAO;qBACT,IAAI,CAAC,OAAO;WACtB,SAAS;eACL,aAAa;aACf,WAAW;aACX,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,iBAAiB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACrF,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAkB;IACpD,OAAO,IAAI,gBAAgB,CAAC,QAAQ,CAAC,CAAA;AACvC,CAAC","sourcesContent":["/**\n * Server manager for simplified MCP API.\n * Orchestrates McpServer, Express, Transport, and session management.\n */\nimport type { Server } from 'http'\nimport express, { type Application } from 'express'\nimport type { Payments } from '../../payments.js'\nimport type {\n McpToolConfig,\n McpResourceConfig,\n McpPromptConfig,\n McpRegistrationOptions,\n ToolHandler,\n ResourceHandler,\n PromptHandler,\n McpServerConfig,\n McpServerResult,\n ServerInfo,\n ToolRegistration,\n ResourceRegistration,\n PromptRegistration,\n} from '../types/server.types.js'\nimport { createSessionManager, SessionManager } from '../http/session-manager.js'\nimport { mountMcpHandlers } from '../http/mcp-handler.js'\nimport {\n createOAuthRouter,\n createCorsMiddleware,\n createJsonMiddleware,\n createHttpLoggingMiddleware,\n} from '../http/oauth-router.js'\nimport { PaywallDecorator } from './paywall.js'\nimport { PaywallAuthenticator } from './auth.js'\nimport { CreditsContextProvider } from './credits-context.js'\n\nlet McpServerClass: any = null\nlet ResourceTemplateClass: any = null\n\n/**\n * Lazily load McpServer and ResourceTemplate from the SDK.\n */\nasync function getMcpServerClass(): Promise<any> {\n if (!McpServerClass) {\n try {\n const module = await import('@modelcontextprotocol/sdk/server/mcp.js')\n McpServerClass = module.McpServer\n ResourceTemplateClass = module.ResourceTemplate\n } catch (error) {\n throw new Error(\n 'Failed to load @modelcontextprotocol/sdk. Make sure it is installed: npm install @modelcontextprotocol/sdk',\n )\n }\n }\n return McpServerClass\n}\n\n/**\n * Server manager state.\n */\nexport enum ServerState {\n Idle = 'idle',\n Starting = 'starting',\n Running = 'running',\n Stopping = 'stopping',\n}\n\n/**\n * Manages the complete MCP server lifecycle.\n */\nexport class McpServerManager {\n private state: ServerState = ServerState.Idle\n private payments: Payments\n private tools: Map<string, ToolRegistration> = new Map()\n private resources: Map<string, ResourceRegistration> = new Map()\n private prompts: Map<string, PromptRegistration> = new Map()\n private mcpServer: any = null\n private expressApp: Application | null = null\n private httpServer: Server | null = null\n private sessionManager: SessionManager | null = null\n private config: McpServerConfig | null = null\n private log: ((message: string) => void) | undefined = undefined\n private paywallDecorator: PaywallDecorator\n\n constructor(payments: Payments) {\n this.payments = payments\n // Initialize paywall decorator\n const authenticator = new PaywallAuthenticator(payments)\n const creditsContext = new CreditsContextProvider()\n this.paywallDecorator = new PaywallDecorator(payments, authenticator, creditsContext)\n }\n\n /**\n * Get current server state.\n */\n getState(): ServerState {\n return this.state\n }\n\n /**\n * Register a tool.\n * Must be called before start().\n */\n registerTool(\n name: string,\n config: McpToolConfig,\n handler: ToolHandler,\n options: McpRegistrationOptions = {},\n ): void {\n if (this.state !== ServerState.Idle) {\n throw new Error('Cannot register tools after server has started')\n }\n\n this.tools.set(name, {\n name,\n config,\n handler,\n options: {\n credits: options.credits,\n onRedeemError: options.onRedeemError ?? 'ignore',\n },\n })\n\n this.log?.(`Registered tool: ${name}`)\n }\n\n /**\n * Register a resource.\n * Must be called before start().\n */\n registerResource(\n name: string,\n uriOrTemplate: string,\n config: McpResourceConfig,\n handler: ResourceHandler,\n options: McpRegistrationOptions = {},\n ): void {\n if (this.state !== ServerState.Idle) {\n throw new Error('Cannot register resources after server has started')\n }\n\n this.resources.set(uriOrTemplate, {\n name,\n uriOrTemplate,\n config,\n handler,\n options: {\n credits: options.credits,\n onRedeemError: options.onRedeemError ?? 'ignore',\n },\n })\n\n this.log?.(`Registered resource: ${name} at ${uriOrTemplate}`)\n }\n\n /**\n * Register a prompt.\n * Must be called before start().\n */\n registerPrompt(\n name: string,\n config: McpPromptConfig,\n handler: PromptHandler,\n options: McpRegistrationOptions = {},\n ): void {\n if (this.state !== ServerState.Idle) {\n throw new Error('Cannot register prompts after server has started')\n }\n\n this.prompts.set(name, {\n name,\n config,\n handler,\n options: {\n credits: options.credits,\n onRedeemError: options.onRedeemError ?? 'ignore',\n },\n })\n\n this.log?.(`Registered prompt: ${name}`)\n }\n\n /**\n * Start the MCP server.\n */\n async start(config: McpServerConfig): Promise<McpServerResult> {\n if (this.state !== ServerState.Idle) {\n throw new Error(`Cannot start server in state: ${this.state}`)\n }\n\n this.state = ServerState.Starting\n this.config = config\n this.log = config.onLog\n\n try {\n // Validate configuration. planId is required (plan-centric); agentId is\n // optional and informational only.\n if (!config.planId) {\n throw new Error('planId is required')\n }\n if (!config.port) {\n throw new Error('port is required')\n }\n\n const baseUrl = config.baseUrl || `http://localhost:${config.port}`\n\n const McpServer = await getMcpServerClass()\n\n // Create MCP server\n this.mcpServer = new McpServer({\n name: config.serverName,\n version: config.version || '1.0.0',\n })\n\n // Register tools, resources, and prompts with paywall protection\n await this.registerHandlersWithPaywall()\n\n this.expressApp = express()\n\n // Apply global middleware\n if (this.expressApp) {\n // HTTP request logging (must be first to log all requests)\n this.expressApp.use(createHttpLoggingMiddleware(this.log))\n this.expressApp.use(createCorsMiddleware(config.corsOrigins || '*'))\n this.expressApp.use(createJsonMiddleware())\n }\n\n // Mount OAuth router\n const environment =\n config.environment || (this.payments as any).environmentName || 'staging_sandbox'\n\n const oauthRouter = createOAuthRouter({\n payments: this.payments,\n baseUrl,\n agentId: config.agentId,\n environment,\n serverName: config.serverName,\n tools: Array.from(this.tools.keys()),\n resources: Array.from(this.resources.keys()),\n prompts: Array.from(this.prompts.keys()),\n enableOAuthDiscovery: config.enableOAuthDiscovery ?? true,\n enableClientRegistration: config.enableClientRegistration ?? true,\n enableHealthCheck: config.enableHealthCheck ?? true,\n enableServerInfo: config.enableServerInfo ?? true,\n version: config.version || '1.0.0',\n description: config.description,\n })\n\n if (this.expressApp) {\n this.expressApp.use(oauthRouter)\n }\n\n // Create session manager\n this.sessionManager = createSessionManager({\n log: this.log,\n })\n this.sessionManager.setMcpServer(this.mcpServer)\n\n // Mount MCP handlers\n if (this.expressApp && this.sessionManager) {\n mountMcpHandlers(this.expressApp as any, {\n sessionManager: this.sessionManager,\n requireAuth: true,\n log: this.log,\n })\n\n // Add 404 fallback\n this.expressApp.use((req: any, res: any) => {\n this.log?.(`404 - ${req.method} ${req.path}`)\n res.status(404).json({\n error: 'not_found',\n error_description: `Endpoint not found: ${req.method} ${req.path}`,\n })\n })\n }\n\n // Start HTTP server\n if (!this.expressApp) {\n throw new Error('Express app not initialized')\n }\n const expressApp = this.expressApp\n await new Promise<void>((resolve, reject) => {\n const host = config.host || '0.0.0.0'\n const server = expressApp.listen(config.port, host, () => {\n resolve()\n })\n this.httpServer = server\n server.on('error', reject)\n })\n\n this.state = ServerState.Running\n\n const info: ServerInfo = {\n baseUrl,\n port: config.port,\n tools: Array.from(this.tools.keys()),\n resources: Array.from(this.resources.keys()),\n prompts: Array.from(this.prompts.keys()),\n }\n\n // Log startup message\n this.logStartupMessage(info, config)\n\n // Call onStart callback\n config.onStart?.(info)\n\n return {\n info,\n stop: () => this.stop(),\n }\n } catch (error) {\n this.state = ServerState.Idle\n throw error\n }\n }\n\n /**\n * Stop the server gracefully.\n */\n async stop(): Promise<void> {\n if (this.state !== ServerState.Running) {\n return\n }\n\n this.state = ServerState.Stopping\n\n // Destroy all sessions\n this.sessionManager?.destroyAllSessions()\n\n // Close HTTP server\n const server = this.httpServer\n if (server) {\n await new Promise<void>((resolve) => {\n server.close(() => resolve())\n })\n }\n\n // Reset state\n this.mcpServer = null\n this.expressApp = null\n this.httpServer = null\n this.sessionManager = null\n this.state = ServerState.Idle\n\n this.log?.('Server stopped')\n }\n\n /**\n * Register all tools, resources, and prompts with paywall protection.\n */\n private async registerHandlersWithPaywall(): Promise<void> {\n // Configure paywall with agent and server info\n if (!this.config) {\n throw new Error('Server config not set')\n }\n this.paywallDecorator.configure({\n planId: this.config.planId,\n agentId: this.config.agentId,\n serverName: this.config.serverName,\n })\n\n // Register tools\n for (const [name, registration] of this.tools) {\n const { config: toolConfig, handler, options } = registration\n\n // Wrap handler with paywall\n // Convert number to bigint if needed, but preserve functions and undefined\n const creditsOption: any =\n typeof options.credits === 'function'\n ? options.credits\n : typeof options.credits === 'number'\n ? BigInt(options.credits)\n : options.credits\n\n const protectedHandler = this.paywallDecorator.protect(\n async (args: any, extra?: any, paywallContext?: any) => {\n // Pass agentRequest directly in extra (consistent with resources)\n const handlerExtra = paywallContext\n ? {\n ...extra,\n agentRequest: paywallContext.agentRequest,\n }\n : extra\n // Call the user's handler with the converted context\n const result = await handler(args, handlerExtra)\n return result\n },\n {\n name,\n kind: 'tool',\n credits: creditsOption,\n onRedeemError: options.onRedeemError,\n },\n )\n\n // Register with MCP server\n this.mcpServer.registerTool(name, toolConfig, protectedHandler)\n }\n\n // Register resources\n for (const [uriOrTemplate, registration] of this.resources) {\n const { name, config: resourceConfig, handler, options } = registration\n\n // Wrap handler with paywall\n // Convert number to bigint if needed, but preserve functions and undefined\n const creditsOption: any =\n typeof options.credits === 'function'\n ? options.credits\n : typeof options.credits === 'number'\n ? BigInt(options.credits)\n : options.credits\n\n const protectedHandler = this.paywallDecorator.protect(\n async (uri: URL, extra?: any, paywallContext?: any) => {\n // Convert PaywallContext - pass extra directly to handler\n const handlerExtra = paywallContext\n ? {\n ...extra,\n authResult: paywallContext.authResult,\n credits: paywallContext.credits,\n agentRequest: paywallContext.agentRequest,\n }\n : extra\n // Call the user's handler with the converted context\n const result = await handler(uri, handlerExtra)\n return result\n },\n {\n name,\n kind: 'resource',\n credits: creditsOption,\n onRedeemError: options.onRedeemError,\n },\n )\n\n // Register with MCP server\n const hasTemplateVariables = /\\{[^}]+\\}/.test(uriOrTemplate)\n\n if (hasTemplateVariables) {\n const templateInstance = new ResourceTemplateClass(uriOrTemplate, {\n list: async () => ({ resources: [] }),\n })\n this.mcpServer.registerResource(name, templateInstance, resourceConfig, protectedHandler)\n } else {\n // For static resources: registerResource(name, uriString, config, handler)\n this.mcpServer.registerResource(name, uriOrTemplate, resourceConfig, protectedHandler)\n }\n }\n\n // Register prompts\n for (const [name, registration] of this.prompts) {\n const { config: promptConfig, handler, options } = registration\n\n // Wrap handler with paywall\n // Convert number to bigint if needed, but preserve functions and undefined\n const creditsOption: any =\n typeof options.credits === 'function'\n ? options.credits\n : typeof options.credits === 'number'\n ? BigInt(options.credits)\n : options.credits\n\n const protectedHandler = this.paywallDecorator.protect(\n async (args: any, extra?: any, paywallContext?: any) => {\n // Convert PaywallContext to PromptContext format\n // PromptContext has: { requestId?, credits?, extra? }\n const promptContext = paywallContext\n ? {\n requestId: paywallContext.agentRequest?.agentRequestId,\n credits: paywallContext.credits,\n extra: {\n ...extra,\n authResult: paywallContext.authResult,\n credits: paywallContext.credits,\n agentRequest: paywallContext.agentRequest,\n },\n }\n : extra\n ? {\n requestId: extra?.agentRequest?.agentRequestId,\n credits: extra?.credits,\n extra,\n }\n : undefined\n\n // Call the user's handler with the converted context\n const result = await handler(args, promptContext)\n return result\n },\n {\n name,\n kind: 'prompt',\n credits: creditsOption,\n onRedeemError: options.onRedeemError,\n },\n )\n\n // Register with MCP server\n const sdkPromptConfig: any = {\n title: promptConfig.title,\n description: promptConfig.description,\n }\n\n if (promptConfig.argsSchema) {\n const schema = promptConfig.argsSchema as any\n if (schema && typeof schema === 'object' && 'shape' in schema) {\n sdkPromptConfig.argsSchema = schema.shape\n } else {\n sdkPromptConfig.argsSchema = promptConfig.argsSchema\n }\n }\n\n this.mcpServer.registerPrompt(name, sdkPromptConfig, protectedHandler)\n }\n }\n\n /**\n * Log startup message (only if onLog callback provided).\n */\n private logStartupMessage(info: ServerInfo, config: McpServerConfig): void {\n if (!this.log) return\n\n const toolsList = info.tools.length > 0 ? info.tools.join(', ') : 'none'\n const resourcesList = info.resources.length > 0 ? info.resources.join(', ') : 'none'\n const promptsList = info.prompts.length > 0 ? info.prompts.join(', ') : 'none'\n\n this.log(`MCP Server Started!\n MCP Endpoint: ${info.baseUrl}/mcp\n Health Check: ${info.baseUrl}/health\n Server Info: ${info.baseUrl}/\n OAuth Discovery: ${info.baseUrl}/.well-known/oauth-authorization-server\n Tools: ${toolsList}\n Resources: ${resourcesList}\n Prompts: ${promptsList}\n Plan ID: ${config.planId}${config.agentId ? `\\n Agent ID: ${config.agentId}` : ''}`)\n }\n}\n\n/**\n * Create a new server manager.\n */\nexport function createServerManager(payments: Payments): McpServerManager {\n return new McpServerManager(payments)\n}\n"]}
package/dist/mcp/http/client-registration.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"client-registration.d.ts","sourceRoot":"","sources":["../../../src/mcp/http/client-registration.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EACV,WAAW,EACX,yBAAyB,EACzB,0BAA0B,EAC3B,MAAM,wBAAwB,CAAA;AAO/B;;GAEG;AACH,qBAAa,uBAAwB,SAAQ,KAAK;IAChD,SAAgB,SAAS,EAAE,MAAM,CAAA;IACjC,SAAgB,UAAU,EAAE,MAAM,CAAA;gBAEtB,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,SAAM;IAOhE;;OAEG;IACH,MAAM,IAAI;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAA;KAAE;CAMvD;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,yBAAyB,CAW5F;AAED;;;;;GAKG;AACH,wBAAgB,iCAAiC,CAAC,OAAO,EAAE,yBAAyB,GAAG,IAAI,CA2D1F;AAWD;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,yBAAyB,CAC7C,OAAO,EAAE,yBAAyB,EAClC,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,0BAA0B,CAAC,CAoCrC"}
1
+ {"version":3,"file":"client-registration.d.ts","sourceRoot":"","sources":["../../../src/mcp/http/client-registration.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EACV,WAAW,EACX,yBAAyB,EACzB,0BAA0B,EAC3B,MAAM,wBAAwB,CAAA;AAO/B;;GAEG;AACH,qBAAa,uBAAwB,SAAQ,KAAK;IAChD,SAAgB,SAAS,EAAE,MAAM,CAAA;IACjC,SAAgB,UAAU,EAAE,MAAM,CAAA;gBAEtB,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,SAAM;IAOhE;;OAEG;IACH,MAAM,IAAI;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,iBAAiB,EAAE,MAAM,CAAA;KAAE;CAMvD;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,OAAO,GAAG,IAAI,IAAI,yBAAyB,CAW5F;AAED;;;;;GAKG;AACH,wBAAgB,iCAAiC,CAAC,OAAO,EAAE,yBAAyB,GAAG,IAAI,CA2D1F;AAWD;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,yBAAyB,CAC7C,OAAO,EAAE,yBAAyB,EAClC,MAAM,EAAE,WAAW,GAClB,OAAO,CAAC,0BAA0B,CAAC,CAsCrC"}
package/dist/mcp/http/client-registration.js CHANGED
@@ -116,9 +116,11 @@ function generateClientSecret() {
116
116
  export async function processClientRegistration(request, config) {
117
117
  // Validate the request
118
118
  validateClientRegistrationRequest(request);
119
- // Use agentId as client_id (consistent for this MCP server)
120
- const clientId = config.agentId;
119
+ // client_id = the configured agentId when present (stable for this server);
120
+ // agentId is optional under the plan-centric model, so when it's absent we
121
+ // issue a generated client_id for OAuth dynamic registration.
121
122
  const issuedAt = Math.floor(Date.now() / 1000);
123
+ const clientId = config.agentId ?? `nvm-mcp-client-${issuedAt}-${randomBytes(8).toString('hex')}`;
122
124
  // Determine auth method and if secret is needed
123
125
  const authMethod = request.token_endpoint_auth_method || 'none';
124
126
  const needsSecret = authMethod === 'client_secret_basic' || authMethod === 'client_secret_post';