@odatano/x402 0.1.0

package/srv/index.js

@@ -0,0 +1,111 @@
+"use strict";
+/**
+ * @odatano/x402 — public API barrel.
+ *
+ * Cardano-x402-v2 payment library for SAP CAP applications.
+ *
+ * Three usage shapes:
+ *
+ *   // 1. Express middleware (mount under a path)
+ *   import { x402Middleware } from '@odatano/x402';
+ *   app.use('/api/premium', x402Middleware({
+ *     payTo: 'addr_test1...',
+ *     network: 'cardano:preprod',
+ *     asset: '16a55b...ddde.0014df105553444d',
+ *     priceUnits: '1000000',
+ *     onAccepted: async (claim) => { ... },
+ *   }));
+ *
+ *   // 2. CAP service gate (registers a before-* handler)
+ *   import { gateService } from '@odatano/x402';
+ *   class MyService extends cds.ApplicationService {
+ *     async init() {
+ *       gateService(this, {
+ *         payTo, network, asset,
+ *         routePricing: { Prices: '10000', getBestPrice: '10000' },
+ *       });
+ *       return super.init();
+ *     }
+ *   }
+ *
+ *   // 3. Programmatic — verify a confirmed payment by tx hash
+ *   import { verifyConfirmedPayment } from '@odatano/x402';
+ *   const r = await verifyConfirmedPayment({
+ *     txHash, requiredAmount, asset, payTo, network,
+ *   });
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.bridge = exports.gateService = exports.x402Middleware = exports.buildUnsignedPaymentTx = exports.verifyConfirmedPayment = exports.checkNonceUnspent = exports.settle = exports.verifyPayment = exports.Codes = exports.X402Error = exports.networksMatch = exports.isNetwork = exports.parseNetwork = exports.buildAssetString = exports.parseAsset = exports.validatePayment = exports.decode = exports.flatRequirements = exports.buildEntry = exports.buildPaymentRequirements = void 0;
+// ─── Core builders / validators (pure) ────────────────────────────────
+var requirements_1 = require("./core/requirements");
+Object.defineProperty(exports, "buildPaymentRequirements", { enumerable: true, get: function () { return requirements_1.buildPaymentRequirements; } });
+Object.defineProperty(exports, "buildEntry", { enumerable: true, get: function () { return requirements_1.buildEntry; } });
+Object.defineProperty(exports, "flatRequirements", { enumerable: true, get: function () { return requirements_1.flatRequirements; } });
+var decode_1 = require("./core/decode");
+Object.defineProperty(exports, "decode", { enumerable: true, get: function () { return decode_1.decode; } });
+var validate_1 = require("./core/validate");
+Object.defineProperty(exports, "validatePayment", { enumerable: true, get: function () { return validate_1.validatePayment; } });
+// ─── Asset / network helpers ──────────────────────────────────────────
+var asset_1 = require("./core/asset");
+Object.defineProperty(exports, "parseAsset", { enumerable: true, get: function () { return asset_1.parseAsset; } });
+Object.defineProperty(exports, "buildAssetString", { enumerable: true, get: function () { return asset_1.buildAssetString; } });
+var network_1 = require("./core/network");
+Object.defineProperty(exports, "parseNetwork", { enumerable: true, get: function () { return network_1.parseNetwork; } });
+Object.defineProperty(exports, "isNetwork", { enumerable: true, get: function () { return network_1.isNetwork; } });
+Object.defineProperty(exports, "networksMatch", { enumerable: true, get: function () { return network_1.networksMatch; } });
+// ─── Errors / codes ───────────────────────────────────────────────────
+var errors_1 = require("./core/errors");
+Object.defineProperty(exports, "X402Error", { enumerable: true, get: function () { return errors_1.X402Error; } });
+Object.defineProperty(exports, "Codes", { enumerable: true, get: function () { return errors_1.Codes; } });
+// ─── Facilitator (chain-touching) ─────────────────────────────────────
+var verify_1 = require("./facilitator/verify");
+Object.defineProperty(exports, "verifyPayment", { enumerable: true, get: function () { return verify_1.process; } });
+var settle_1 = require("./facilitator/settle");
+Object.defineProperty(exports, "settle", { enumerable: true, get: function () { return settle_1.settle; } });
+var nonce_1 = require("./facilitator/nonce");
+Object.defineProperty(exports, "checkNonceUnspent", { enumerable: true, get: function () { return nonce_1.checkNonceUnspent; } });
+// ─── Helpers ──────────────────────────────────────────────────────────
+var verify_confirmed_1 = require("./helpers/verify-confirmed");
+Object.defineProperty(exports, "verifyConfirmedPayment", { enumerable: true, get: function () { return verify_confirmed_1.verifyConfirmedPayment; } });
+var build_unsigned_tx_1 = require("./helpers/build-unsigned-tx");
+Object.defineProperty(exports, "buildUnsignedPaymentTx", { enumerable: true, get: function () { return build_unsigned_tx_1.buildUnsignedPaymentTx; } });
+// ─── Middleware ───────────────────────────────────────────────────────
+var express_1 = require("./middleware/express");
+Object.defineProperty(exports, "x402Middleware", { enumerable: true, get: function () { return express_1.x402Middleware; } });
+var cap_1 = require("./middleware/cap");
+Object.defineProperty(exports, "gateService", { enumerable: true, get: function () { return cap_1.gateService; } });
+// ─── Bridge (lower-level: exposed for advanced consumers) ─────────────
+exports.bridge = __importStar(require("./bridge"));

package/srv/middleware/cap.d.ts

@@ -0,0 +1,65 @@
+/**
+ * CAP integration for x402 payment gating.
+ *
+ * CAP services receive requests through `srv.before(...)` / `srv.on(...)`
+ * handlers, not Express middleware. For OData-served entities, the 402
+ * needs to come from `req.reject(402, body)` — the response is built by
+ * CAP, not by `res.status(...)`.
+ *
+ * Usage:
+ *
+ *   import { gateService } from '@odatano/x402';
+ *
+ *   class MyService extends cds.ApplicationService {
+ *     async init() {
+ *       gateService(this, {
+ *         payTo: '...', network: 'cardano:preprod', asset: '<policy>.<name>',
+ *         routePricing: { Prices: '10000', getBestPrice: '10000' },
+ *       });
+ *       return super.init();
+ *     }
+ *   }
+ *
+ * The gate inspects each `req.event` (entity name OR action name) and
+ * matches it against `routePricing`. For unmapped events / entities,
+ * the request passes through unmodified.
+ */
+import cds from '@sap/cds';
+import type { AssetTransferMethod, Network, PaymentClaim } from '../core/types';
+export interface X402CapOptions {
+    payTo: string;
+    network: Network | string;
+    asset: string;
+    /** Single price (applies to all gated events). */
+    priceUnits?: string | number | bigint;
+    /**
+     * Per-event prices. Keys are CAP event names (entity name for CRUD,
+     * action name for actions). Events absent here pass through.
+     */
+    routePricing?: Record<string, string | number | bigint>;
+    description?: string;
+    mimeType?: string;
+    assetTransferMethod?: AssetTransferMethod;
+    maxTimeoutSeconds?: number;
+    extra?: Record<string, unknown>;
+    settlePollBudgetMs?: number;
+    allowNoTtl?: boolean;
+    onAccepted?: (claim: PaymentClaim, req: cds.Request) => void | Promise<void>;
+    /**
+     * Optional resource URL builder. Defaults to the request's HTTP URL
+     * when available, falling back to `cap://<event>`. Pass a custom
+     * builder to embed pair / entity id in the resource string.
+     */
+    resourceUrl?: (req: cds.Request) => string;
+}
+/**
+ * Attach the x402 gate to a CAP ApplicationService. Returns the service
+ * (chainable) so callers can fluently wire multiple middlewares.
+ *
+ * The gate registers as `srv.before('*', ...)` which fires for every
+ * event on the service. We filter inside the handler based on
+ * `routePricing` — registering per-entity would lose actions, and
+ * per-event arrays don't support the `'*'` fallback we want.
+ */
+export declare function gateService<S extends cds.Service>(srv: S, opts: X402CapOptions): S;
+//# sourceMappingURL=cap.d.ts.map

package/srv/middleware/cap.js

@@ -0,0 +1,170 @@
+"use strict";
+/**
+ * CAP integration for x402 payment gating.
+ *
+ * CAP services receive requests through `srv.before(...)` / `srv.on(...)`
+ * handlers, not Express middleware. For OData-served entities, the 402
+ * needs to come from `req.reject(402, body)` — the response is built by
+ * CAP, not by `res.status(...)`.
+ *
+ * Usage:
+ *
+ *   import { gateService } from '@odatano/x402';
+ *
+ *   class MyService extends cds.ApplicationService {
+ *     async init() {
+ *       gateService(this, {
+ *         payTo: '...', network: 'cardano:preprod', asset: '<policy>.<name>',
+ *         routePricing: { Prices: '10000', getBestPrice: '10000' },
+ *       });
+ *       return super.init();
+ *     }
+ *   }
+ *
+ * The gate inspects each `req.event` (entity name OR action name) and
+ * matches it against `routePricing`. For unmapped events / entities,
+ * the request passes through unmodified.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.gateService = gateService;
+const cds_1 = __importDefault(require("@sap/cds"));
+const requirements_1 = require("../core/requirements");
+const verify_1 = require("../facilitator/verify");
+const errors_1 = require("../core/errors");
+const log = cds_1.default.log('x402');
+/**
+ * Resolve the routePricing key for a CAP request.
+ *
+ * CAP fires two distinct shapes:
+ *   - CRUD on an entity:  req.event === 'READ' | 'CREATE' | 'UPDATE' | 'DELETE'
+ *                         req.target.name === '<Service>.<Entity>'
+ *   - Action call:        req.event === '<actionName>'
+ *                         req.target may be empty or the bound-entity target
+ *
+ * routePricing keys are meant to be human-readable identifiers (entity
+ * names or action names), so we try the entity name first (more specific)
+ * and fall back to the event verb. Either match wins; both miss falls
+ * through to opts.priceUnits or null.
+ */
+function pickPriceUnits(req, opts) {
+    if (opts.routePricing) {
+        const event = String(req.event ?? '');
+        const targetName = req.target?.name ?? '';
+        const entitySegment = targetName.split('.').pop() ?? '';
+        const price = opts.routePricing[entitySegment] ?? opts.routePricing[event];
+        if (price != null)
+            return String(price);
+        if (opts.priceUnits != null)
+            return String(opts.priceUnits);
+        return null;
+    }
+    return opts.priceUnits != null ? String(opts.priceUnits) : null;
+}
+function getHeader(req, name) {
+    // CAP's req.http?.req exposes the underlying express request. Fall
+    // back to req._.req for older shapes.
+    const httpReq = req;
+    const hdrs = httpReq.http?.req?.headers ?? httpReq._?.req?.headers;
+    const v = hdrs?.[name];
+    return Array.isArray(v) ? v[0] : v;
+}
+function getResourceUrl(req, opts) {
+    if (opts.resourceUrl)
+        return opts.resourceUrl(req);
+    const httpReq = req;
+    return httpReq.http?.req?.originalUrl ?? httpReq.http?.req?.url ?? `cap://${req.event}`;
+}
+/**
+ * Attach the x402 gate to a CAP ApplicationService. Returns the service
+ * (chainable) so callers can fluently wire multiple middlewares.
+ *
+ * The gate registers as `srv.before('*', ...)` which fires for every
+ * event on the service. We filter inside the handler based on
+ * `routePricing` — registering per-entity would lose actions, and
+ * per-event arrays don't support the `'*'` fallback we want.
+ */
+function gateService(srv, opts) {
+    if (!opts.payTo)
+        throw new Error('gateService: payTo is required');
+    if (!opts.network)
+        throw new Error('gateService: network is required');
+    if (!opts.asset)
+        throw new Error('gateService: asset is required');
+    if (opts.priceUnits == null && !opts.routePricing) {
+        throw new Error('gateService: priceUnits or routePricing is required');
+    }
+    srv.before('*', async function x402CapGate(req) {
+        const priceUnits = pickPriceUnits(req, opts);
+        if (priceUnits == null)
+            return; // unmapped → pass through
+        const requirementsBody = (0, requirements_1.buildPaymentRequirements)({
+            amount: priceUnits,
+            asset: opts.asset,
+            payTo: opts.payTo,
+            network: opts.network,
+            resource: {
+                url: getResourceUrl(req, opts),
+                description: opts.description ?? '',
+                mimeType: opts.mimeType ?? 'application/json',
+            },
+            ...(opts.assetTransferMethod ? { assetTransferMethod: opts.assetTransferMethod } : {}),
+            ...(opts.maxTimeoutSeconds !== undefined ? { maxTimeoutSeconds: opts.maxTimeoutSeconds } : {}),
+            ...(opts.extra ? { extra: opts.extra } : {}),
+            withMissingHeaderError: true,
+        });
+        const headerVal = getHeader(req, 'payment-signature');
+        const processArgs = {
+            paymentHeader: headerVal,
+            requirementsBody,
+        };
+        if (opts.settlePollBudgetMs !== undefined) {
+            processArgs.settlePollBudgetMs = opts.settlePollBudgetMs;
+        }
+        if (opts.allowNoTtl)
+            processArgs.allowNoTtl = true;
+        if (opts.onAccepted) {
+            processArgs.onAccepted = (claim) => opts.onAccepted(claim, req);
+        }
+        // ─── Run the pipeline. Only the orchestrator's internal errors are
+        //     trapped here — `req.reject` MUST be called outside this catch
+        //     because it throws synchronously, and re-catching that throw
+        //     would translate the 402 into a 500. ─────────────────────────
+        let result;
+        try {
+            result = await (0, verify_1.process)(processArgs);
+        }
+        catch (err) {
+            log.error('x402 CAP gate internal error', err);
+            // `reject` throws; we DO NOT wrap this in another try/catch.
+            req
+                .reject(500, 'x402 internal error');
+            return;
+        }
+        // ─── Apply the result. From here on, `req.reject` is called once
+        //     and we let its synchronous throw bubble — CAP's dispatcher
+        //     wraps it into the OData error response.
+        if (result.kind === 'accepted') {
+            req.payment = result.payment;
+            const httpRes = req.http?.res;
+            httpRes?.setHeader('X-PAYMENT-RESPONSE', result.paymentResponseB64);
+            return;
+        }
+        // rejected | pending → 402 with the requirements body
+        const body = { ...result.requirementsBody };
+        const baseError = (result.requirementsBody.error ?? 'payment required').toString();
+        if (result.code && result.code !== errors_1.Codes.MISSING_HEADER) {
+            body.error = `${baseError} (${result.code}): ${result.reason ?? ''}`.trim();
+        }
+        if (result.kind === 'pending') {
+            body.pending = true;
+            if (result.txHash)
+                body.transaction = result.txHash;
+        }
+        req
+            .reject(402, JSON.stringify(body));
+    });
+    return srv;
+}

package/srv/middleware/express.d.ts

@@ -0,0 +1,66 @@
+/**
+ * Express middleware factory for Cardano-x402 payment gating.
+ *
+ * Mount on a route or service path to gate every request beneath it.
+ * The `skipPaths` regex carves out paths buyers MUST be able to fetch
+ * without paying (e.g. OData `$metadata`, `$batch` previews).
+ *
+ * Two pricing modes:
+ *   1. `priceUnits`   — single price for everything under this mount.
+ *   2. `routePricing` — { 'EntityOrActionName': 'priceUnits' }, keyed
+ *                       by the last URL segment (with OData function
+ *                       args stripped). Unmapped paths pass through.
+ *
+ * The 402 body is the canonical v2 shape (`x402Version: 2`, `accepts[]`,
+ * etc). When the rejection has a more specific cause than "missing
+ * header", we append `(code): reason` to the `error` string so clients
+ * can extract the code without breaking wire format.
+ */
+import type { Request, RequestHandler } from 'express';
+import type { AssetTransferMethod, PaymentClaim, Network } from '../core/types';
+declare module 'express-serve-static-core' {
+    interface Request {
+        payment?: PaymentClaim;
+    }
+}
+export interface X402MiddlewareOptions {
+    /** Bech32 recipient. */
+    payTo: string;
+    /** v2 network identifier. */
+    network: Network | string;
+    /** v2 asset string: 'lovelace' or '<policy>.<nameHex>'. */
+    asset: string;
+    /**
+     * Single price for everything under this mount. Mutually exclusive
+     * with `routePricing` (but coexistable: routePricing wins where
+     * defined, falls back to priceUnits otherwise).
+     */
+    priceUnits?: string | number | bigint;
+    /** Per-route prices keyed by the URL's last segment. */
+    routePricing?: Record<string, string | number | bigint>;
+    /** Regex of paths that bypass payment (default: $metadata, $batch, root, /index). */
+    skipPaths?: RegExp;
+    /** Shown in `accepts[0].resource.description`. */
+    description?: string;
+    /** Override default `accepts[0].resource.mimeType` ('application/json'). */
+    mimeType?: string;
+    /** v2 `assetTransferMethod`. Default 'default'. */
+    assetTransferMethod?: AssetTransferMethod;
+    /** Buyer-side timeout hint. Default 600. */
+    maxTimeoutSeconds?: number;
+    /** Free-form extras (decimals, fingerprint, UI hints). */
+    extra?: Record<string, unknown>;
+    /** Settle poll budget (ms). Default 60_000. */
+    settlePollBudgetMs?: number;
+    /** If true, accept tx with no TTL set. Default false (spec-strict). */
+    allowNoTtl?: boolean;
+    /**
+     * Audit / persistence callback. Invoked exactly once per accepted
+     * payment, after settle confirms. Errors here are logged but never
+     * block serving the response.
+     */
+    onAccepted?: (claim: PaymentClaim, req: Request) => void | Promise<void>;
+}
+/** Build the Express middleware. */
+export declare function x402Middleware(opts: X402MiddlewareOptions): RequestHandler;
+//# sourceMappingURL=express.d.ts.map

package/srv/middleware/express.js

@@ -0,0 +1,116 @@
+"use strict";
+/**
+ * Express middleware factory for Cardano-x402 payment gating.
+ *
+ * Mount on a route or service path to gate every request beneath it.
+ * The `skipPaths` regex carves out paths buyers MUST be able to fetch
+ * without paying (e.g. OData `$metadata`, `$batch` previews).
+ *
+ * Two pricing modes:
+ *   1. `priceUnits`   — single price for everything under this mount.
+ *   2. `routePricing` — { 'EntityOrActionName': 'priceUnits' }, keyed
+ *                       by the last URL segment (with OData function
+ *                       args stripped). Unmapped paths pass through.
+ *
+ * The 402 body is the canonical v2 shape (`x402Version: 2`, `accepts[]`,
+ * etc). When the rejection has a more specific cause than "missing
+ * header", we append `(code): reason` to the `error` string so clients
+ * can extract the code without breaking wire format.
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.x402Middleware = x402Middleware;
+const cds_1 = __importDefault(require("@sap/cds"));
+const requirements_1 = require("../core/requirements");
+const verify_1 = require("../facilitator/verify");
+const errors_1 = require("../core/errors");
+const log = cds_1.default.log('x402');
+function pickPriceUnits(req, opts) {
+    if (opts.routePricing) {
+        // Last URL segment, OData function-args stripped:
+        //   /odata/v4/price/getBestPrice(pair='ADA-USD') → getBestPrice
+        const segment = (req.path.split('/').pop() ?? '').split('(')[0];
+        const price = opts.routePricing[segment];
+        if (price != null)
+            return String(price);
+        if (opts.priceUnits != null)
+            return String(opts.priceUnits);
+        return null; // unmapped under routePricing = pass through
+    }
+    return opts.priceUnits != null ? String(opts.priceUnits) : null;
+}
+/** Build the Express middleware. */
+function x402Middleware(opts) {
+    if (!opts.payTo)
+        throw new Error('x402Middleware: payTo is required');
+    if (!opts.network)
+        throw new Error('x402Middleware: network is required');
+    if (!opts.asset)
+        throw new Error('x402Middleware: asset is required');
+    if (opts.priceUnits == null && !opts.routePricing) {
+        throw new Error('x402Middleware: priceUnits or routePricing is required');
+    }
+    const skipPaths = opts.skipPaths ?? /(^\/?$|\$metadata|\$batch|^\/?\?|^\/index)/i;
+    return async function x402Express(req, res, next) {
+        try {
+            if (skipPaths.test(req.path))
+                return next();
+            const priceUnits = pickPriceUnits(req, opts);
+            if (priceUnits == null)
+                return next(); // unmapped path = pass through
+            const requirementsBody = (0, requirements_1.buildPaymentRequirements)({
+                amount: priceUnits,
+                asset: opts.asset,
+                payTo: opts.payTo,
+                network: opts.network,
+                resource: {
+                    url: req.originalUrl ?? req.url,
+                    description: opts.description ?? '',
+                    mimeType: opts.mimeType ?? 'application/json',
+                },
+                ...(opts.assetTransferMethod ? { assetTransferMethod: opts.assetTransferMethod } : {}),
+                ...(opts.maxTimeoutSeconds !== undefined ? { maxTimeoutSeconds: opts.maxTimeoutSeconds } : {}),
+                ...(opts.extra ? { extra: opts.extra } : {}),
+                withMissingHeaderError: true,
+            });
+            const headerVal = req.headers['payment-signature'];
+            const processArgs = {
+                paymentHeader: headerVal,
+                requirementsBody,
+            };
+            if (opts.settlePollBudgetMs !== undefined) {
+                processArgs.settlePollBudgetMs = opts.settlePollBudgetMs;
+            }
+            if (opts.allowNoTtl)
+                processArgs.allowNoTtl = true;
+            if (opts.onAccepted) {
+                processArgs.onAccepted = (claim) => opts.onAccepted(claim, req);
+            }
+            const result = await (0, verify_1.process)(processArgs);
+            if (result.kind === 'accepted') {
+                res.setHeader('X-PAYMENT-RESPONSE', result.paymentResponseB64);
+                req.payment = result.payment;
+                return next();
+            }
+            // rejected | pending → 402
+            const body = { ...result.requirementsBody };
+            const baseError = (result.requirementsBody.error ?? 'payment required').toString();
+            if (result.code && result.code !== errors_1.Codes.MISSING_HEADER) {
+                body.error = `${baseError} (${result.code}): ${result.reason ?? ''}`.trim();
+            }
+            if (result.kind === 'pending') {
+                // Add the spec-defined "pending" markers so the buyer can poll.
+                body.pending = true;
+                if (result.txHash)
+                    body.transaction = result.txHash;
+            }
+            res.status(402).json(body);
+        }
+        catch (err) {
+            log.error('x402 middleware failed', err);
+            next(err);
+        }
+    };
+}

package/srv/plugin.d.ts

@@ -0,0 +1,16 @@
+/**
+ * CAP plugin registration for `@odatano/x402`.
+ *
+ * Unlike `@odatano/core`, this plugin doesn't auto-serve any CDS
+ * entities — x402 is a library, not a service. We use the
+ * `cds.on('served')` hook only to initialise the bridge (warm up the
+ * @odatano/core connection) and the `cds.on('shutdown')` hook to clean
+ * up. Consumers wire middleware / gateService themselves inside their
+ * own service init().
+ *
+ * NEVER throws on init failure — the plugin must not crash the host
+ * CAP application. Errors are logged; calls into the bridge later
+ * will fail with `BRIDGE_UNAVAILABLE`.
+ */
+export {};
+//# sourceMappingURL=plugin.d.ts.map

package/srv/plugin.js

@@ -0,0 +1,73 @@
+"use strict";
+/**
+ * CAP plugin registration for `@odatano/x402`.
+ *
+ * Unlike `@odatano/core`, this plugin doesn't auto-serve any CDS
+ * entities — x402 is a library, not a service. We use the
+ * `cds.on('served')` hook only to initialise the bridge (warm up the
+ * @odatano/core connection) and the `cds.on('shutdown')` hook to clean
+ * up. Consumers wire middleware / gateService themselves inside their
+ * own service init().
+ *
+ * NEVER throws on init failure — the plugin must not crash the host
+ * CAP application. Errors are logged; calls into the bridge later
+ * will fail with `BRIDGE_UNAVAILABLE`.
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const cds_1 = __importDefault(require("@sap/cds"));
+const bridge = __importStar(require("./bridge"));
+const log = cds_1.default.log('x402');
+cds_1.default.on('served', async () => {
+    try {
+        await bridge.init();
+        log.info('@odatano/x402 bridge ready');
+    }
+    catch (err) {
+        log.warn('@odatano/x402 bridge init failed (will retry on first request):', err?.message ?? err);
+    }
+});
+cds_1.default.on('shutdown', async () => {
+    try {
+        await bridge.shutdown();
+    }
+    catch (err) {
+        log.warn('@odatano/x402 bridge shutdown:', err?.message ?? err);
+    }
+});
+module.exports = {};