@nkmc/gateway 0.1.0

package/test/integration/authenticated-apis.test.ts

@@ -0,0 +1,185 @@
+import { describe, it, expect } from "vitest";
+import { HttpBackend, type HttpAuth } from "@nkmc/agent-fs";
+
+/**
+ * Smoke tests for authenticated APIs using real HTTP calls.
+ * Each test block is skipped when the required environment variable is absent.
+ * These tests validate: request format + authentication + response parsing.
+ */
+
+function makeBackend(baseUrl: string, auth: HttpAuth, bodyEncoding?: "json" | "form") {
+  return new HttpBackend({ baseUrl, auth, bodyEncoding });
+}
+
+// ── GitHub ─────────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.GITHUB_TOKEN)("GitHub API", { timeout: 30_000 }, () => {
+  it("GET /user should return login and id", async () => {
+    const backend = makeBackend("https://api.github.com", {
+      type: "bearer",
+      token: process.env.GITHUB_TOKEN!,
+    });
+    const result = await backend.read("/_api/user") as Record<string, unknown>;
+    // Direct passthrough read — need to set up endpoint or use passthrough
+    // Use passthrough mode since no resources/endpoints configured
+    expect(result).toBeDefined();
+  });
+});
+
+// Helper: create a passthrough backend (no resources/endpoints → passthrough mode)
+function makePassthroughBackend(baseUrl: string, auth: HttpAuth, bodyEncoding?: "json" | "form") {
+  return new HttpBackend({ baseUrl, auth, bodyEncoding });
+}
+
+// ── HuggingFace ────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.HF_TOKEN)("HuggingFace API", { timeout: 30_000 }, () => {
+  it("GET /api/models?limit=1 should return models", async () => {
+    const backend = makePassthroughBackend("https://huggingface.co", {
+      type: "bearer",
+      token: process.env.HF_TOKEN!,
+    });
+    const result = await backend.read("/api/models?limit=1");
+    expect(result).toBeDefined();
+  });
+});
+
+// ── GitLab ─────────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.GITLAB_TOKEN)("GitLab API", { timeout: 30_000 }, () => {
+  it("GET /api/v4/projects?per_page=1 should return projects", async () => {
+    const backend = makePassthroughBackend("https://gitlab.com", {
+      type: "bearer",
+      token: process.env.GITLAB_TOKEN!,
+    });
+    const result = await backend.read("/api/v4/projects?per_page=1");
+    expect(result).toBeDefined();
+    expect(Array.isArray(result)).toBe(true);
+  });
+});
+
+// ── Vercel ─────────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.VERCEL_TOKEN)("Vercel API", { timeout: 30_000 }, () => {
+  it("GET /v9/projects?limit=1 should return projects", async () => {
+    const backend = makePassthroughBackend("https://api.vercel.com", {
+      type: "bearer",
+      token: process.env.VERCEL_TOKEN!,
+    });
+    const result = await backend.read("/v9/projects?limit=1") as Record<string, unknown>;
+    expect(result).toBeDefined();
+  });
+});
+
+// ── Sentry ─────────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.SENTRY_AUTH_TOKEN)("Sentry API", { timeout: 30_000 }, () => {
+  it("GET /api/0/organizations/ should return organizations", async () => {
+    const backend = makePassthroughBackend("https://sentry.io", {
+      type: "bearer",
+      token: process.env.SENTRY_AUTH_TOKEN!,
+    });
+    const result = await backend.read("/api/0/organizations/");
+    expect(result).toBeDefined();
+  });
+});
+
+// ── PagerDuty ──────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.PAGERDUTY_TOKEN)("PagerDuty API", { timeout: 30_000 }, () => {
+  it("GET /services?limit=1 should return services", async () => {
+    const backend = makePassthroughBackend("https://api.pagerduty.com", {
+      type: "bearer",
+      token: process.env.PAGERDUTY_TOKEN!,
+    });
+    const result = await backend.read("/services?limit=1") as Record<string, unknown>;
+    expect(result).toBeDefined();
+  });
+});
+
+// ── Mistral ────────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.MISTRAL_API_KEY)("Mistral API", { timeout: 30_000 }, () => {
+  it("GET /v1/models should return models", async () => {
+    const backend = makePassthroughBackend("https://api.mistral.ai", {
+      type: "bearer",
+      token: process.env.MISTRAL_API_KEY!,
+    });
+    const result = await backend.read("/v1/models") as Record<string, unknown>;
+    expect(result).toBeDefined();
+    expect(result.data).toBeDefined();
+  });
+});
+
+// ── Cloudflare ─────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.CLOUDFLARE_API_TOKEN)("Cloudflare API", { timeout: 30_000 }, () => {
+  it("GET /client/v4/zones should return result array", async () => {
+    const backend = makePassthroughBackend("https://api.cloudflare.com", {
+      type: "bearer",
+      token: process.env.CLOUDFLARE_API_TOKEN!,
+    });
+    const result = await backend.read("/client/v4/zones") as Record<string, unknown>;
+    expect(result).toBeDefined();
+    expect(result.result).toBeDefined();
+  });
+});
+
+// ── DigitalOcean ───────────────────────────────────────────────────
+
+describe.skipIf(!process.env.DIGITALOCEAN_TOKEN)("DigitalOcean API", { timeout: 30_000 }, () => {
+  it("GET /v2/account should return account info", async () => {
+    const backend = makePassthroughBackend("https://api.digitalocean.com", {
+      type: "bearer",
+      token: process.env.DIGITALOCEAN_TOKEN!,
+    });
+    const result = await backend.read("/v2/account") as Record<string, unknown>;
+    expect(result).toBeDefined();
+    expect(result.account).toBeDefined();
+  });
+});
+
+// ── Stripe ─────────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.STRIPE_SECRET_KEY)("Stripe API", { timeout: 30_000 }, () => {
+  it("GET /v1/customers?limit=1 should return data array", async () => {
+    const backend = makePassthroughBackend("https://api.stripe.com", {
+      type: "bearer",
+      token: process.env.STRIPE_SECRET_KEY!,
+    }, "form");
+    const result = await backend.read("/v1/customers?limit=1") as Record<string, unknown>;
+    expect(result).toBeDefined();
+    expect(result.data).toBeDefined();
+    expect(Array.isArray(result.data)).toBe(true);
+  });
+});
+
+// ── Slack ──────────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.SLACK_BOT_TOKEN)("Slack API", { timeout: 30_000 }, () => {
+  it("GET /api/auth.test should return ok", async () => {
+    const backend = makePassthroughBackend("https://slack.com", {
+      type: "bearer",
+      token: process.env.SLACK_BOT_TOKEN!,
+    });
+    const result = await backend.read("/api/auth.test") as Record<string, unknown>;
+    expect(result).toBeDefined();
+    expect(result.ok).toBe(true);
+  });
+});
+
+// ── Discord ────────────────────────────────────────────────────────
+
+describe.skipIf(!process.env.DISCORD_BOT_TOKEN)("Discord API", { timeout: 30_000 }, () => {
+  it("GET /api/v10/users/@me should return id and username", async () => {
+    const backend = makePassthroughBackend("https://discord.com", {
+      type: "bearer",
+      token: process.env.DISCORD_BOT_TOKEN!,
+      prefix: "Bot",
+    });
+    const result = await backend.read("/api/v10/users/@me") as Record<string, unknown>;
+    expect(result).toBeDefined();
+    expect(result.id).toBeDefined();
+    expect(result.username).toBeDefined();
+  });
+});

package/test/integration/free-apis-e2e.test.ts

@@ -0,0 +1,222 @@
+import { describe, it, expect, beforeAll, afterAll } from "vitest";
+import { createServer, type Server, type IncomingMessage, type ServerResponse } from "node:http";
+import { OnboardPipeline } from "../../src/onboard/pipeline.js";
+import { AgentFs, HttpBackend } from "@nkmc/agent-fs";
+import { createRegistryResolver } from "../../src/registry/resolver.js";
+import { MemoryRegistryStore } from "../../src/registry/memory-store.js";
+
+/**
+ * Full-chain integration tests: CLI command → AgentFs → registry → HttpBackend → HTTP server.
+ *
+ * Uses a local mock HTTP server for reliable, deterministic assertions.
+ * Also includes real-network tests against free public APIs.
+ */
+
+// ── Local mock server: full-chain CLI → API test ─────────────────────
+
+describe("CLI → API full-chain (local mock server)", () => {
+  let mockServer: Server;
+  let mockPort: number;
+  let fs: AgentFs;
+
+  // In-memory data store for the mock server
+  const pets: Record<string, any> = {
+    "1": { id: 1, name: "Buddy", status: "available" },
+    "2": { id: 2, name: "Milo", status: "sold" },
+  };
+
+  beforeAll(async () => {
+    // 1. Start a mock HTTP server that mimics a REST API with basePath /api/v2
+    await new Promise<void>((resolve) => {
+      mockServer = createServer((req: IncomingMessage, res: ServerResponse) => {
+        const url = new URL(req.url ?? "/", `http://localhost`);
+        const path = url.pathname;
+        res.setHeader("Content-Type", "application/json");
+
+        const chunks: Buffer[] = [];
+        req.on("data", (c: Buffer) => chunks.push(c));
+        req.on("end", () => {
+          const body = chunks.length ? JSON.parse(Buffer.concat(chunks).toString()) : undefined;
+
+          // GET /api/v2/pet → list
+          if (path === "/api/v2/pet" && req.method === "GET") {
+            res.writeHead(200);
+            res.end(JSON.stringify(Object.values(pets)));
+            return;
+          }
+
+          // POST /api/v2/pet → create
+          if (path === "/api/v2/pet" && req.method === "POST") {
+            const id = String(body?.id ?? Date.now());
+            pets[id] = { ...body, id: Number(id) };
+            res.writeHead(201);
+            res.end(JSON.stringify(pets[id]));
+            return;
+          }
+
+          // GET/DELETE /api/v2/pet/{id}
+          const match = path.match(/^\/api\/v2\/pet\/(\w+)$/);
+          if (match && req.method === "GET") {
+            const pet = pets[match[1]];
+            if (pet) { res.writeHead(200); res.end(JSON.stringify(pet)); }
+            else { res.writeHead(404); res.end(JSON.stringify({ error: "Not found" })); }
+            return;
+          }
+          if (match && req.method === "DELETE") {
+            const existed = !!pets[match[1]];
+            delete pets[match[1]];
+            res.writeHead(existed ? 200 : 404);
+            res.end(JSON.stringify({ deleted: existed }));
+            return;
+          }
+
+          res.writeHead(404);
+          res.end(JSON.stringify({ error: "Unknown route" }));
+        });
+      });
+      mockServer.listen(0, () => {
+        mockPort = (mockServer.address() as any).port;
+        resolve();
+      });
+    });
+
+    // 2. Create HttpBackend directly with correct http:// baseUrl + basePath
+    //    This tests the full chain: cat/ls/write/rm CLI commands → AgentFs → HttpBackend → real HTTP
+    const backend = new HttpBackend({
+      baseUrl: `http://localhost:${mockPort}/api/v2`,
+      resources: [{ name: "pet", apiPath: "/pet" }],
+    });
+
+    // 3. Mount directly into AgentFs
+    fs = new AgentFs({ mounts: [{ path: "/mock-api", backend }] });
+  });
+
+  afterAll(() => {
+    mockServer?.close();
+  });
+
+  it("ls: should list pet resource", async () => {
+    const result = await fs.execute("ls /mock-api/");
+    expect(result.ok).toBe(true);
+    const entries = result.data as string[];
+    expect(entries).toContain("pet/");
+  });
+
+  it("ls resource: should list pet IDs from mock server", async () => {
+    const result = await fs.execute("ls /mock-api/pet/");
+    expect(result.ok).toBe(true);
+    const entries = result.data as string[];
+    expect(entries).toContain("1.json");
+    expect(entries).toContain("2.json");
+  });
+
+  it("cat: should read pet by ID with correct data", async () => {
+    const result = await fs.execute("cat /mock-api/pet/1.json");
+    expect(result.ok).toBe(true);
+    const pet = result.data as Record<string, unknown>;
+    expect(pet.id).toBe(1);
+    expect(pet.name).toBe("Buddy");
+    expect(pet.status).toBe("available");
+  });
+
+  it("write → cat round-trip: created pet is readable via cat", async () => {
+    // write (POST): parseCommand → AgentFs → HttpBackend → mock server POST /api/v2/pet
+    const writeResult = await fs.execute(
+      `write /mock-api/pet/ ${JSON.stringify({ id: 42, name: "Nakamichi", status: "available" })}`,
+    );
+    expect(writeResult.ok).toBe(true);
+    expect((writeResult.data as any).id).toBe("42");
+
+    // cat (GET): parseCommand → AgentFs → HttpBackend → mock server GET /api/v2/pet/42
+    const catResult = await fs.execute("cat /mock-api/pet/42.json");
+    expect(catResult.ok).toBe(true);
+    const pet = catResult.data as Record<string, unknown>;
+    expect(pet.id).toBe(42);
+    expect(pet.name).toBe("Nakamichi");
+    expect(pet.status).toBe("available");
+  });
+
+  it("rm → cat: deleted pet is no longer readable", async () => {
+    // rm (DELETE): parseCommand → AgentFs → HttpBackend → mock server DELETE /api/v2/pet/42
+    const rmResult = await fs.execute("rm /mock-api/pet/42.json");
+    expect(rmResult.ok).toBe(true);
+
+    // cat after delete should fail with NotFoundError
+    const catResult = await fs.execute("cat /mock-api/pet/42.json");
+    expect(catResult.ok).toBe(false);
+  });
+});
+
+// ── Petstore E2E (real network, demo API) ────────────────────────────
+
+describe("Petstore E2E (real HTTP)", { timeout: 60_000 }, () => {
+  let fs: AgentFs;
+  const store = new MemoryRegistryStore();
+
+  beforeAll(async () => {
+    const pipeline = new OnboardPipeline({ store, smokeTest: false });
+    const result = await pipeline.onboardOne({
+      domain: "petstore3.swagger.io",
+      specUrl: "https://petstore3.swagger.io/api/v3/openapi.json",
+    });
+    expect(result.status).toBe("ok");
+    expect(result.endpoints).toBeGreaterThan(0);
+
+    const { onMiss, listDomains } = createRegistryResolver({ store, wrapVirtualFiles: false });
+    fs = new AgentFs({ mounts: [], onMiss, listDomains });
+  });
+
+  it("basePath should be /api/v3", async () => {
+    const record = await store.get("petstore3.swagger.io");
+    expect(record?.source?.basePath).toBe("/api/v3");
+  });
+
+  it("ls / should contain pet resource", async () => {
+    const result = await fs.execute("ls /petstore3.swagger.io/");
+    expect(result.ok).toBe(true);
+    const entries = result.data as string[];
+    expect(entries.length).toBeGreaterThan(0);
+    expect(entries.some((e) => e.includes("pet"))).toBe(true);
+  });
+
+  it("should have _api/ listing", async () => {
+    const result = await fs.execute("ls /petstore3.swagger.io/_api/");
+    expect(result.ok).toBe(true);
+    const entries = result.data as string[];
+    expect(entries.length).toBeGreaterThan(0);
+  });
+});
+
+// ── NWS Weather E2E (real network) ──────────────────────────────────
+
+describe("NWS Weather E2E (real HTTP)", { timeout: 60_000 }, () => {
+  let fs: AgentFs;
+  const store = new MemoryRegistryStore();
+
+  beforeAll(async () => {
+    const pipeline = new OnboardPipeline({ store, smokeTest: false });
+    const result = await pipeline.onboardOne({
+      domain: "api.weather.gov",
+      specUrl: "https://api.weather.gov/openapi.json",
+    });
+    expect(result.status).toBe("ok");
+    expect(result.endpoints).toBeGreaterThan(0);
+
+    const { onMiss, listDomains } = createRegistryResolver({ store, wrapVirtualFiles: false });
+    fs = new AgentFs({ mounts: [], onMiss, listDomains });
+  });
+
+  it("ls / should contain resources", async () => {
+    const result = await fs.execute("ls /api.weather.gov/");
+    expect(result.ok).toBe(true);
+    const entries = result.data as string[];
+    expect(entries.length).toBeGreaterThan(0);
+  });
+
+  it("should have _api/ listing", async () => {
+    const result = await fs.execute("ls /api.weather.gov/_api/");
+    expect(result.ok).toBe(true);
+    const entries = result.data as string[];
+    expect(entries.length).toBeGreaterThan(0);
+  });
+});

package/test/metering/d1-store.test.ts

@@ -0,0 +1,82 @@
+import { describe, it, expect, beforeEach, afterEach } from "vitest";
+import { D1MeterStore } from "../../src/metering/d1-store.js";
+import { SqliteD1 } from "../../src/testing/sqlite-d1.js";
+import type { MeterRecord } from "../../src/metering/types.js";
+
+function makeEntry(overrides?: Partial<MeterRecord>): MeterRecord {
+  return {
+    id: overrides?.id ?? `m_${Math.random().toString(36).slice(2)}`,
+    timestamp: overrides?.timestamp ?? Date.now(),
+    domain: overrides?.domain ?? "api.example.com",
+    version: overrides?.version ?? "1.0",
+    endpoint: overrides?.endpoint ?? "GET /api/data",
+    agentId: overrides?.agentId ?? "agent-1",
+    developerId: overrides?.developerId,
+    cost: overrides?.cost ?? 0.05,
+    currency: overrides?.currency ?? "USDC",
+  };
+}
+
+describe("D1MeterStore", () => {
+  let db: SqliteD1;
+  let store: D1MeterStore;
+
+  beforeEach(async () => {
+    db = new SqliteD1();
+    store = new D1MeterStore(db);
+    await store.initSchema();
+  });
+
+  afterEach(() => {
+    db.close();
+  });
+
+  it("should record and query entries", async () => {
+    await store.record(makeEntry({ id: "m1" }));
+    await store.record(makeEntry({ id: "m2" }));
+    const results = await store.query({});
+    expect(results).toHaveLength(2);
+  });
+
+  it("should filter by domain", async () => {
+    await store.record(makeEntry({ id: "m1", domain: "api.example.com" }));
+    await store.record(makeEntry({ id: "m2", domain: "other.com" }));
+    const results = await store.query({ domain: "api.example.com" });
+    expect(results).toHaveLength(1);
+  });
+
+  it("should filter by agentId", async () => {
+    await store.record(makeEntry({ id: "m1", agentId: "agent-1" }));
+    await store.record(makeEntry({ id: "m2", agentId: "agent-2" }));
+    const results = await store.query({ agentId: "agent-1" });
+    expect(results).toHaveLength(1);
+  });
+
+  it("should filter by time range", async () => {
+    await store.record(makeEntry({ id: "m1", timestamp: 1000 }));
+    await store.record(makeEntry({ id: "m2", timestamp: 2000 }));
+    await store.record(makeEntry({ id: "m3", timestamp: 3000 }));
+    const results = await store.query({ from: 1500, to: 2500 });
+    expect(results).toHaveLength(1);
+  });
+
+  it("should sum costs", async () => {
+    await store.record(makeEntry({ id: "m1", cost: 0.05 }));
+    await store.record(makeEntry({ id: "m2", cost: 0.10 }));
+    const { total, currency } = await store.sum({});
+    expect(total).toBeCloseTo(0.15);
+    expect(currency).toBe("USDC");
+  });
+
+  it("should return zero for no matches", async () => {
+    const { total } = await store.sum({ domain: "nonexistent.com" });
+    expect(total).toBe(0);
+  });
+
+  it("should call initSchema multiple times (idempotent)", async () => {
+    await store.initSchema();
+    await store.record(makeEntry({ id: "m1" }));
+    const results = await store.query({});
+    expect(results).toHaveLength(1);
+  });
+});

package/test/metering/memory-store.test.ts

@@ -0,0 +1,76 @@
+import { describe, it, expect, beforeEach } from "vitest";
+import { MemoryMeterStore } from "../../src/metering/memory-store.js";
+import type { MeterRecord } from "../../src/metering/types.js";
+
+function makeEntry(overrides?: Partial<MeterRecord>): MeterRecord {
+  return {
+    id: overrides?.id ?? `m_${Date.now()}`,
+    timestamp: overrides?.timestamp ?? Date.now(),
+    domain: overrides?.domain ?? "api.example.com",
+    version: overrides?.version ?? "1.0",
+    endpoint: overrides?.endpoint ?? "GET /api/data",
+    agentId: overrides?.agentId ?? "agent-1",
+    developerId: overrides?.developerId,
+    cost: overrides?.cost ?? 0.05,
+    currency: overrides?.currency ?? "USDC",
+  };
+}
+
+describe("MemoryMeterStore", () => {
+  let store: MemoryMeterStore;
+
+  beforeEach(() => {
+    store = new MemoryMeterStore();
+  });
+
+  it("should record and query entries", async () => {
+    await store.record(makeEntry({ id: "m1" }));
+    await store.record(makeEntry({ id: "m2" }));
+    const results = await store.query({});
+    expect(results).toHaveLength(2);
+  });
+
+  it("should filter by domain", async () => {
+    await store.record(makeEntry({ id: "m1", domain: "api.example.com" }));
+    await store.record(makeEntry({ id: "m2", domain: "other.com" }));
+    const results = await store.query({ domain: "api.example.com" });
+    expect(results).toHaveLength(1);
+    expect(results[0].domain).toBe("api.example.com");
+  });
+
+  it("should filter by agentId", async () => {
+    await store.record(makeEntry({ id: "m1", agentId: "agent-1" }));
+    await store.record(makeEntry({ id: "m2", agentId: "agent-2" }));
+    const results = await store.query({ agentId: "agent-1" });
+    expect(results).toHaveLength(1);
+  });
+
+  it("should filter by time range", async () => {
+    await store.record(makeEntry({ id: "m1", timestamp: 1000 }));
+    await store.record(makeEntry({ id: "m2", timestamp: 2000 }));
+    await store.record(makeEntry({ id: "m3", timestamp: 3000 }));
+    const results = await store.query({ from: 1500, to: 2500 });
+    expect(results).toHaveLength(1);
+    expect(results[0].id).toBe("m2");
+  });
+
+  it("should sum costs", async () => {
+    await store.record(makeEntry({ id: "m1", cost: 0.05 }));
+    await store.record(makeEntry({ id: "m2", cost: 0.10 }));
+    const { total, currency } = await store.sum({});
+    expect(total).toBeCloseTo(0.15);
+    expect(currency).toBe("USDC");
+  });
+
+  it("should sum with filter", async () => {
+    await store.record(makeEntry({ id: "m1", domain: "a.com", cost: 0.05 }));
+    await store.record(makeEntry({ id: "m2", domain: "b.com", cost: 0.10 }));
+    const { total } = await store.sum({ domain: "a.com" });
+    expect(total).toBeCloseTo(0.05);
+  });
+
+  it("should return zero sum for no matches", async () => {
+    const { total } = await store.sum({ domain: "nonexistent.com" });
+    expect(total).toBe(0);
+  });
+});

package/test/metering/pricing-guard.test.ts

@@ -0,0 +1,108 @@
+import { describe, it, expect } from "vitest";
+import { lookupPricing, checkAccess, meter } from "../../src/metering/pricing-guard.js";
+import { MemoryMeterStore } from "../../src/metering/memory-store.js";
+import type { ServiceRecord } from "../../src/registry/types.js";
+
+function makeRecord(overrides?: Partial<ServiceRecord>): ServiceRecord {
+  return {
+    domain: "api.example.com",
+    name: "Example API",
+    description: "Test",
+    version: "1.0",
+    roles: ["agent"],
+    skillMd: "",
+    endpoints: [
+      { method: "GET", path: "/api/data", description: "Get data" },
+      { method: "POST", path: "/api/orders", description: "Create order", pricing: { cost: 0.05, currency: "USDC", per: "call" } },
+      { method: "GET", path: "/api/users/:id", description: "Get user", pricing: { cost: 0.01, currency: "USDC", per: "call" } },
+    ],
+    isFirstParty: false,
+    createdAt: Date.now(),
+    updatedAt: Date.now(),
+    status: "active",
+    isDefault: true,
+    ...overrides,
+  };
+}
+
+describe("lookupPricing", () => {
+  it("should return pricing for paid endpoint", () => {
+    const record = makeRecord();
+    const pricing = lookupPricing(record, "POST", "/api/orders");
+    expect(pricing).toEqual({ cost: 0.05, currency: "USDC", per: "call" });
+  });
+
+  it("should return null for free endpoint", () => {
+    const record = makeRecord();
+    const pricing = lookupPricing(record, "GET", "/api/data");
+    expect(pricing).toBeNull();
+  });
+
+  it("should match path with :param", () => {
+    const record = makeRecord();
+    const pricing = lookupPricing(record, "GET", "/api/users/123");
+    expect(pricing).toEqual({ cost: 0.01, currency: "USDC", per: "call" });
+  });
+
+  it("should return null for unknown endpoint", () => {
+    const record = makeRecord();
+    const pricing = lookupPricing(record, "DELETE", "/api/unknown");
+    expect(pricing).toBeNull();
+  });
+});
+
+describe("checkAccess", () => {
+  it("should allow active services", () => {
+    const record = makeRecord({ status: "active" });
+    expect(checkAccess(record).allowed).toBe(true);
+  });
+
+  it("should deny sunset services", () => {
+    const record = makeRecord({ status: "sunset" });
+    const result = checkAccess(record);
+    expect(result.allowed).toBe(false);
+    expect(result.reason).toContain("sunset");
+  });
+
+  it("should deny when sunset date has passed", () => {
+    const record = makeRecord({ sunsetDate: Date.now() - 1000 });
+    const result = checkAccess(record);
+    expect(result.allowed).toBe(false);
+  });
+
+  it("should allow when sunset date is in the future", () => {
+    const record = makeRecord({ sunsetDate: Date.now() + 86400000 });
+    expect(checkAccess(record).allowed).toBe(true);
+  });
+});
+
+describe("meter", () => {
+  it("should record a meter entry", async () => {
+    const store = new MemoryMeterStore();
+    const entry = await meter(store, {
+      domain: "api.example.com",
+      version: "1.0",
+      endpoint: "POST /api/orders",
+      agentId: "agent-1",
+      pricing: { cost: 0.05, currency: "USDC", per: "call" },
+    });
+    expect(entry.id).toBeTruthy();
+    expect(entry.cost).toBe(0.05);
+
+    const records = await store.query({ domain: "api.example.com" });
+    expect(records).toHaveLength(1);
+  });
+
+  it("should include developerId when provided", async () => {
+    const store = new MemoryMeterStore();
+    const entry = await meter(store, {
+      domain: "api.example.com",
+      version: "1.0",
+      endpoint: "POST /api/orders",
+      agentId: "agent-1",
+      developerId: "dev-1",
+      pricing: { cost: 0.05, currency: "USDC", per: "call" },
+    });
+    expect(entry.developerId).toBe("dev-1");
+  });
+});