npm - @tanakayuto/intmax402-hono - Versions diffs - 0.1.0 - Mend

@tanakayuto/intmax402-hono 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,95 @@
+# @tanakayuto/intmax402-hono
+[Hono](https://hono.dev/) middleware for the INTMAX402 protocol — HTTP 402 Payment Required / identity verification via INTMAX zkRollup.
+## Features
+- 🦄 **Hono-native** — typed middleware with `MiddlewareHandler<Env>`
+- ⚡ **Edge-ready** — works on Cloudflare Workers, Deno Deploy, Bun, and Node.js
+- 🔐 **Identity & Payment modes** — same config as Express adapter
+- 🧠 **AI-agent friendly** — designed for autonomous agent-to-agent payments
+## Installation
+```bash
+npm install @tanakayuto/intmax402-hono hono
+```
+## Usage
+```typescript
+import { Hono } from "hono"
+import { intmax402, Intmax402Env } from "@tanakayuto/intmax402-hono"
+const app = new Hono<Intmax402Env>()
+// Free route
+app.get("/free", (c) => c.json({ message: "free access" }))
+// Identity-gated route
+app.get(
+  "/premium",
+  intmax402({ mode: "identity", secret: process.env.INTMAX402_SECRET! }),
+  (c) => c.json({
+    message: "verified",
+    address: c.get("intmax402").address,
+  })
+)
+// Payment-gated route
+app.get(
+  "/paid",
+  intmax402({
+    mode: "payment",
+    secret: process.env.INTMAX402_SECRET!,
+    serverAddress: process.env.SERVER_ADDRESS!,
+    amount: "1.0",
+    chainId: 137,
+  }),
+  (c) => c.json({ message: "paid content" })
+)
+export default app
+```
+## Hono vs Express
+| Feature | Express | Hono |
+|---|---|---|
+| Runtime | Node.js only | Node / Workers / Deno / Bun |
+| Typing | `req.intmax402` (augmented) | `c.get("intmax402")` (typed via `Env`) |
+| Edge support | ❌ | ✅ Cloudflare Workers ready |
+| Bundle size | Heavy | Ultralight |
+### Typed Context
+Hono uses a generic `Env` type for context variables. Import `Intmax402Env` and pass it to your `Hono` instance:
+```typescript
+import { Intmax402Env } from "@tanakayuto/intmax402-hono"
+const app = new Hono<Intmax402Env>()
+```
+After a successful auth middleware call, `c.get("intmax402")` returns:
+```typescript
+{
+  address: string   // verified Ethereum address
+  verified: boolean // always true if middleware passed
+  txHash?: string   // present in payment mode
+}
+```
+## Cloudflare Workers
+No changes needed for Workers — Hono's fetch handler works natively:
+```typescript
+// worker.ts
+export default app
+```
+## License
+MIT

package/dist/index.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export { intmax402 } from "./middleware";
2	+ export type { Intmax402Env } from "./middleware";

package/dist/index.js ADDED Viewed

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.intmax402 = void 0;
+var middleware_1 = require("./middleware");
+Object.defineProperty(exports, "intmax402", { enumerable: true, get: function () { return middleware_1.intmax402; } });

package/dist/middleware.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import { MiddlewareHandler } from "hono";
+import { INTMAX402Config } from "@tanakayuto/intmax402-core";
+export type Intmax402Env = {
+    Variables: {
+        intmax402: {
+            address: string;
+            verified: boolean;
+            txHash?: string;
+        };
+    };
+};
+export declare function intmax402(config: INTMAX402Config): MiddlewareHandler<Intmax402Env>;

package/dist/middleware.js ADDED Viewed

@@ -0,0 +1,63 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.intmax402 = intmax402;
+const intmax402_core_1 = require("@tanakayuto/intmax402-core");
+const crypto_1 = require("@tanakayuto/intmax402-express/dist/crypto");
+const verify_payment_1 = require("@tanakayuto/intmax402-express/dist/verify-payment");
+function intmax402(config) {
+    return async (c, next) => {
+        const url = new URL(c.req.url);
+        const authHeader = c.req.header("authorization");
+        const ip = c.req.header("x-forwarded-for")?.split(",")[0]?.trim()
+            ?? c.req.header("x-real-ip")
+            ?? "unknown";
+        if (!authHeader) {
+            const nonce = (0, intmax402_core_1.generateNonce)(config.secret, ip, url.pathname, config.bindIp ?? false);
+            const statusCode = config.mode === "payment" ? 402 : 401;
+            return c.json({
+                error: config.mode === "payment" ? "Payment Required" : "Unauthorized",
+                protocol: "INTMAX402",
+                mode: config.mode,
+            }, statusCode, {
+                "WWW-Authenticate": buildWWWAuthenticate(nonce, config),
+            });
+        }
+        const credential = (0, intmax402_core_1.parseAuthorization)(authHeader);
+        if (!credential)
+            return c.json({ error: "Invalid authorization header" }, 401);
+        if (!(0, intmax402_core_1.verifyNonce)(credential.nonce, config.secret, ip, url.pathname, config.bindIp ?? false)) {
+            return c.json({ error: "Invalid or expired nonce" }, 401);
+        }
+        if (config.allowList?.length) {
+            if (!config.allowList.includes(credential.address.toLowerCase())) {
+                return c.json({ error: "Address not in allow list" }, 403);
+            }
+        }
+        const isValidSig = (0, crypto_1.verifySignature)(credential.signature, credential.nonce, credential.address);
+        if (!isValidSig)
+            return c.json({ error: "Invalid signature" }, 401);
+        if (config.mode === "payment") {
+            if (!credential.txHash)
+                return c.json({ error: "Payment transaction hash required" }, 402);
+            if (!config.serverAddress || !config.amount)
+                return c.json({ error: "Server misconfigured" }, 500);
+            const result = await (0, verify_payment_1.verifyPayment)(credential.txHash, config.amount, config.serverAddress);
+            if (!result.valid)
+                return c.json({ error: result.error ?? "Payment verification failed" }, 402);
+        }
+        c.set("intmax402", { address: credential.address, verified: true, txHash: credential.txHash });
+        await next();
+    };
+}
+function buildWWWAuthenticate(nonce, config) {
+    let header = `INTMAX402 realm="intmax402", nonce="${nonce}", mode="${config.mode}"`;
+    if (config.serverAddress)
+        header += `, serverAddress="${config.serverAddress}"`;
+    if (config.amount)
+        header += `, amount="${config.amount}"`;
+    if (config.tokenAddress)
+        header += `, tokenAddress="${config.tokenAddress}"`;
+    if (config.chainId)
+        header += `, chainId="${config.chainId}"`;
+    return header;
+}

package/package.json ADDED Viewed

@@ -0,0 +1,43 @@
+{
+  "name": "@tanakayuto/intmax402-hono",
+  "version": "0.1.0",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "files": [
+    "dist",
+    "README.md"
+  ],
+  "publishConfig": {
+    "access": "public"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/zaq2989/intmax402"
+  },
+  "keywords": [
+    "intmax",
+    "http-402",
+    "payment",
+    "hono",
+    "cloudflare-workers",
+    "ai-agent"
+  ],
+  "license": "MIT",
+  "dependencies": {
+    "@tanakayuto/intmax402-core": "0.2.2",
+    "@tanakayuto/intmax402-express": "0.2.2",
+    "ethers": "^6.0.0"
+  },
+  "peerDependencies": {
+    "hono": "^4.0.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.4.0",
+    "@types/node": "^20.0.0",
+    "hono": "^4.0.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "clean": "rm -rf dist"
+  }
+}