npm - @tanakayuto/intmax402-core - Versions diffs - 0.1.0 - Mend

@tanakayuto/intmax402-core 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,5 @@
+# @intmax402/core
+Part of [intmax402](https://github.com/zaq2989/intmax402) — HTTP 402, reimagined for AI agents.
+See [main README](https://github.com/zaq2989/intmax402) for full documentation.

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export * from "./types";
+export { generateNonce } from "./nonce";
+export { verifyNonce } from "./verify";
+export { parseWWWAuthenticate, parseAuthorization } from "./parse";

package/dist/index.js ADDED Viewed

@@ -0,0 +1,25 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseAuthorization = exports.parseWWWAuthenticate = exports.verifyNonce = exports.generateNonce = void 0;
+__exportStar(require("./types"), exports);
+var nonce_1 = require("./nonce");
+Object.defineProperty(exports, "generateNonce", { enumerable: true, get: function () { return nonce_1.generateNonce; } });
+var verify_1 = require("./verify");
+Object.defineProperty(exports, "verifyNonce", { enumerable: true, get: function () { return verify_1.verifyNonce; } });
+var parse_1 = require("./parse");
+Object.defineProperty(exports, "parseWWWAuthenticate", { enumerable: true, get: function () { return parse_1.parseWWWAuthenticate; } });
+Object.defineProperty(exports, "parseAuthorization", { enumerable: true, get: function () { return parse_1.parseAuthorization; } });

package/dist/nonce.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+/**
+ * Generate a stateless nonce.
+ * Time-windowed + path-bound. IP binding is optional (disabled by default for agent compatibility).
+ */
+export declare function generateNonce(secret: string, ip: string, path: string, bindIp?: boolean): string;
+/**
+ * Verify a nonce. Checks current and previous window for clock skew tolerance.
+ */
+export declare function verifyNonce(nonce: string, secret: string, ip: string, path: string, bindIp?: boolean): boolean;

package/dist/nonce.js ADDED Viewed

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateNonce = generateNonce;
+exports.verifyNonce = verifyNonce;
+const crypto_1 = require("crypto");
+const WINDOW_MS = 30_000; // 30 second windows
+function getTimeWindow() {
+    return Math.floor(Date.now() / WINDOW_MS);
+}
+/**
+ * Generate a stateless nonce.
+ * Time-windowed + path-bound. IP binding is optional (disabled by default for agent compatibility).
+ */
+function generateNonce(secret, ip, path, bindIp = false // ← false = AIエージェント対応（IP変動OK）
+) {
+    const window = getTimeWindow();
+    const data = bindIp
+        ? `${window}:${ip}:${path}`
+        : `${window}:${path}`;
+    return (0, crypto_1.createHmac)("sha256", secret).update(data).digest("hex");
+}
+/**
+ * Verify a nonce. Checks current and previous window for clock skew tolerance.
+ */
+function verifyNonce(nonce, secret, ip, path, bindIp = false) {
+    const window = getTimeWindow();
+    // Check current and previous window (allows up to ~60s of clock skew)
+    for (const w of [window, window - 1]) {
+        const data = bindIp
+            ? `${w}:${ip}:${path}`
+            : `${w}:${path}`;
+        const expected = (0, crypto_1.createHmac)("sha256", secret).update(data).digest("hex");
+        if (expected === nonce)
+            return true;
+    }
+    return false;
+}

package/dist/parse.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { INTMAX402Challenge, INTMAX402Credential } from "./types";
+export declare function parseWWWAuthenticate(header: string): INTMAX402Challenge | null;
+export declare function parseAuthorization(header: string): INTMAX402Credential | null;

package/dist/parse.js ADDED Viewed

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseWWWAuthenticate = parseWWWAuthenticate;
+exports.parseAuthorization = parseAuthorization;
+function parseWWWAuthenticate(header) {
+    if (!header.startsWith("INTMAX402 "))
+        return null;
+    const params = header.slice("INTMAX402 ".length);
+    const result = {};
+    const regex = /(\w+)="([^"]*)"/g;
+    let match;
+    while ((match = regex.exec(params)) !== null) {
+        result[match[1]] = match[2];
+    }
+    if (!result.realm || !result.nonce || !result.mode)
+        return null;
+    return {
+        realm: result.realm,
+        nonce: result.nonce,
+        mode: result.mode,
+        serverAddress: result.serverAddress,
+        amount: result.amount,
+        tokenAddress: result.tokenAddress,
+        chainId: result.chainId,
+    };
+}
+function parseAuthorization(header) {
+    if (!header.startsWith("INTMAX402 "))
+        return null;
+    const params = header.slice("INTMAX402 ".length);
+    const result = {};
+    const regex = /(\w+)="([^"]*)"/g;
+    let match;
+    while ((match = regex.exec(params)) !== null) {
+        result[match[1]] = match[2];
+    }
+    if (!result.address || !result.nonce || !result.signature)
+        return null;
+    return {
+        address: result.address,
+        nonce: result.nonce,
+        signature: result.signature,
+        txHash: result.txHash,
+    };
+}

package/dist/types.d.ts ADDED Viewed

@@ -0,0 +1,29 @@
+export type INTMAX402Mode = "identity" | "payment";
+export interface INTMAX402Challenge {
+    realm: string;
+    nonce: string;
+    mode: INTMAX402Mode;
+    serverAddress?: string;
+    amount?: string;
+    tokenAddress?: string;
+    chainId?: string;
+}
+export interface INTMAX402Credential {
+    address: string;
+    nonce: string;
+    signature: string;
+    txHash?: string;
+}
+export interface INTMAX402Config {
+    mode: INTMAX402Mode;
+    secret: string;
+    serverAddress?: string;
+    amount?: string;
+    tokenAddress?: string;
+    chainId?: string;
+    environment?: "mainnet" | "testnet";
+    allowList?: string[];
+    pricing?: Record<string, string>;
+    /** Bind nonce to client IP. Default false (recommended for AI agents). */
+    bindIp?: boolean;
+}

package/dist/types.js ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ "use strict";
2	+ Object.defineProperty(exports, "__esModule", { value: true });

package/dist/verify.d.ts ADDED Viewed

	@@ -0,0 +1 @@
1	+ export { verifyNonce } from "./nonce";

package/dist/verify.js ADDED Viewed

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyNonce = void 0;
+// Re-export verifyNonce from nonce.ts for backward compatibility
+var nonce_1 = require("./nonce");
+Object.defineProperty(exports, "verifyNonce", { enumerable: true, get: function () { return nonce_1.verifyNonce; } });

package/package.json ADDED Viewed

@@ -0,0 +1,37 @@
+{
+  "name": "@tanakayuto/intmax402-core",
+  "version": "0.1.0",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "dependencies": {},
+  "devDependencies": {
+    "typescript": "^5.4.0",
+    "@types/node": "^20.0.0"
+  },
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "license": "MIT",
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/zaq2989/intmax402"
+  },
+  "keywords": [
+    "intmax",
+    "http-402",
+    "payment",
+    "ai-agent",
+    "express",
+    "web3",
+    "zk"
+  ],
+  "scripts": {
+    "build": "tsc",
+    "clean": "rm -rf dist",
+    "typecheck": "tsc --noEmit"
+  }
+}