@toon-protocol/client 0.10.0 → 0.11.0

package/dist/index.js

@@ -3616,6 +3616,258 @@ async function requestBlobStorage(client, secretKey, params) {
   };
 }
 
+// src/adapters/Http402Client.ts
+var Http402Client = class {
+  fetchImpl;
+  resolveClaim;
+  createIlpClient;
+  needsDuplex;
+  constructor(config = {}) {
+    this.fetchImpl = config.fetch ?? fetch;
+    this.resolveClaim = config.resolveClaim;
+    this.createIlpClient = config.createIlpClient ?? ((httpEndpoint) => new HttpIlpClient({ httpEndpoint }));
+    this.needsDuplex = config.needsDuplex ?? false;
+  }
+  /**
+   * `fetch()`-like entry point. Issues the request; on `402` parses the x402
+   * challenge and — when a usable `toon-channel` offer is present and a claim
+   * resolver is configured — pays over TOON and returns the reconstructed
+   * `Response`. Otherwise returns the original 402 unchanged (AC5).
+   */
+  async fetch(url, opts = {}) {
+    const method = (opts.method ?? "GET").toUpperCase();
+    const probe = await this.fetchImpl(url, {
+      method,
+      ...opts.headers ? { headers: opts.headers } : {},
+      ...opts.body !== void 0 ? { body: opts.body } : {},
+      ...opts.timeout !== void 0 ? { signal: AbortSignal.timeout(opts.timeout) } : {}
+    });
+    if (probe.status !== 402) return probe;
+    const challenge = await parseX402Challenge(probe.clone());
+    const accept = challenge.toonChannel;
+    if (!accept || !this.resolveClaim) return probe;
+    return this.payOverToon(url, method, opts, accept, this.resolveClaim);
+  }
+  /**
+   * Open/reuse a channel (via the injected claim resolver), serialize the HTTP
+   * request into the ILP packet `data`, send it to `POST /ilp` with the claim,
+   * and reconstruct the origin `Response` from the FULFILL `data`.
+   */
+  async payOverToon(url, method, opts, accept, resolveClaim) {
+    const destination = opts.destination ?? accept.destination;
+    const claim = await resolveClaim(destination, accept.amount);
+    const requestBytes = serializeHttpRequest({
+      method,
+      url,
+      headers: opts.headers,
+      body: opts.body
+    });
+    const peer = {
+      httpEndpoint: accept.httpEndpoint,
+      supportsUpgrade: accept.supportsUpgrade
+    };
+    const choice = selectIlpTransport(peer, {
+      needsDuplex: this.needsDuplex
+    });
+    const ilpClient = this.createIlpClient(accept.httpEndpoint);
+    const result = await this.sendOverChoice(
+      ilpClient,
+      choice,
+      {
+        destination,
+        amount: String(accept.amount),
+        data: toBase64(requestBytes),
+        ...opts.timeout !== void 0 ? { timeout: opts.timeout } : {}
+      },
+      claim
+    );
+    if (!result.accepted) {
+      throw new ConnectorError(
+        `h402 payment rejected by connector: ${result.code ?? "F00"} ${result.message ?? ""}`.trim()
+      );
+    }
+    if (!result.data) {
+      throw new ConnectorError(
+        "h402 FULFILL carried no data (expected an HTTP response payload)"
+      );
+    }
+    return parseHttpResponse(fromBase64(result.data));
+  }
+  /**
+   * Send the serialized HTTP-in-ILP PREPARE over the selected transport.
+   *
+   * - `http` / `http-upgradable`: stateless one-shot `POST /ilp` with the claim.
+   * - `http-upgradable` additionally exercises {@link HttpIlpClient.upgradeToBtp}
+   *   for the duplex/streaming path (AC4). v1 still drives the actual write over
+   *   the one-shot HTTP method even after upgrading — full duplex body streaming
+   *   is a documented follow-up — but the upgrade call path is wired here.
+   * - `btp`: not reachable from h402 (the x402 offer only carries an
+   *   `httpEndpoint`); guarded for completeness.
+   */
+  async sendOverChoice(ilpClient, choice, params, claim) {
+    if (choice.kind === "http-upgradable") {
+      const btp = await ilpClient.upgradeToBtp();
+      try {
+        return await btp.sendIlpPacketWithClaim(
+          params,
+          claim
+        );
+      } finally {
+        await btp.disconnect().catch(() => {
+        });
+      }
+    }
+    if (choice.kind === "btp") {
+      throw new ToonClientError(
+        "h402 offer resolved to a BTP-only transport; the x402 toon-channel entry must advertise an httpEndpoint",
+        "INVALID_STATE"
+      );
+    }
+    return ilpClient.sendIlpPacketWithClaim(params, claim);
+  }
+};
+function readString(obj, keys) {
+  for (const k of keys) {
+    const v = obj[k];
+    if (typeof v === "string" && v.trim().length > 0) return v.trim();
+  }
+  return void 0;
+}
+function readAmount(obj, keys) {
+  for (const k of keys) {
+    const v = obj[k];
+    if (typeof v === "bigint") return v;
+    if (typeof v === "number" && Number.isFinite(v)) return BigInt(Math.trunc(v));
+    if (typeof v === "string" && /^\d+$/.test(v.trim())) return BigInt(v.trim());
+  }
+  return void 0;
+}
+async function parseX402Challenge(response) {
+  let body;
+  try {
+    body = await response.json();
+  } catch {
+    return {};
+  }
+  return parseX402Body(body);
+}
+function parseX402Body(body) {
+  if (typeof body !== "object" || body === null) return {};
+  const b = body;
+  const version = typeof b["x402Version"] === "number" ? b["x402Version"] : void 0;
+  const accepts = Array.isArray(b["accepts"]) ? b["accepts"] : [];
+  for (const raw of accepts) {
+    if (typeof raw !== "object" || raw === null) continue;
+    const entry = raw;
+    const scheme = readString(entry, ["scheme"]);
+    if (scheme !== "toon-channel") continue;
+    const destination = readString(entry, [
+      "destination",
+      "ilpAddress",
+      "payTo"
+    ]);
+    const httpEndpoint = readString(entry, [
+      "httpEndpoint",
+      "ilpEndpoint",
+      "endpoint"
+    ]);
+    const amount = readAmount(entry, ["amount", "price", "maxAmountRequired"]);
+    if (!destination || !httpEndpoint || amount === void 0) continue;
+    const network = readString(entry, ["network", "chain"]);
+    const supportsUpgrade = entry["supportsUpgrade"] === true || entry["upgradable"] === true;
+    return {
+      ...version !== void 0 ? { x402Version: version } : {},
+      toonChannel: {
+        scheme: "toon-channel",
+        ...network !== void 0 ? { network } : {},
+        destination,
+        amount,
+        httpEndpoint,
+        supportsUpgrade
+      }
+    };
+  }
+  return version !== void 0 ? { x402Version: version } : {};
+}
+var CRLF = "\r\n";
+function concatHeadAndBody(head, body) {
+  const headBytes = encodeUtf8(head);
+  const out = new Uint8Array(headBytes.length + body.length);
+  out.set(headBytes, 0);
+  out.set(body, headBytes.length);
+  return out;
+}
+function bodyToBytes(body) {
+  if (body === void 0) return new Uint8Array(0);
+  return typeof body === "string" ? encodeUtf8(body) : body;
+}
+function serializeHttpRequest(req) {
+  const u = new URL(req.url);
+  const target = `${u.pathname}${u.search}` || "/";
+  const bodyBytes = bodyToBytes(req.body);
+  const headers = /* @__PURE__ */ new Map();
+  const put = (name, value) => headers.set(name.toLowerCase(), `${name}: ${value}`);
+  const has = (name) => headers.has(name.toLowerCase());
+  for (const [name, value] of Object.entries(req.headers ?? {})) {
+    put(name, value);
+  }
+  if (!has("host")) put("Host", u.host);
+  if (bodyBytes.length > 0 && !has("content-length")) {
+    put("Content-Length", String(bodyBytes.length));
+  }
+  const lines = [
+    `${req.method.toUpperCase()} ${target} HTTP/1.1`,
+    ...headers.values()
+  ];
+  const head = lines.join(CRLF) + CRLF + CRLF;
+  return concatHeadAndBody(head, bodyBytes);
+}
+function findHeaderEnd(bytes) {
+  for (let i = 0; i + 3 < bytes.length; i++) {
+    if (bytes[i] === 13 && bytes[i + 1] === 10 && bytes[i + 2] === 13 && bytes[i + 3] === 10) {
+      return i + 4;
+    }
+  }
+  return -1;
+}
+function parseHttpResponse(bytes) {
+  const headerEnd = findHeaderEnd(bytes);
+  const headBytes = headerEnd === -1 ? bytes : bytes.subarray(0, headerEnd - 2);
+  const body = headerEnd === -1 ? new Uint8Array(0) : bytes.subarray(headerEnd);
+  const headText = decodeUtf8(headBytes);
+  const lines = headText.split(CRLF).filter((l) => l.length > 0);
+  const statusLine = lines.shift();
+  if (!statusLine) {
+    throw new ConnectorError(
+      "h402 response payload had no HTTP status line"
+    );
+  }
+  const match = /^HTTP\/\d\.\d\s+(\d{3})(?:\s+(.*))?$/.exec(statusLine.trim());
+  if (!match) {
+    throw new ConnectorError(
+      `h402 response payload had a malformed status line: "${statusLine}"`
+    );
+  }
+  const status = parseInt(match[1], 10);
+  const statusText = match[2] ?? "";
+  const headers = new Headers();
+  for (const line of lines) {
+    const idx = line.indexOf(":");
+    if (idx === -1) continue;
+    const name = line.slice(0, idx).trim();
+    const value = line.slice(idx + 1).trim();
+    if (name.length === 0) continue;
+    headers.append(name, value);
+  }
+  const nullBodyStatus = status === 101 || status === 204 || status === 205 || status === 304;
+  const init = { status, headers };
+  if (statusText) init.statusText = statusText;
+  return new Response(
+    nullBodyStatus || body.length === 0 ? null : body.slice(),
+    init
+  );
+}
+
 // src/ToonClient.ts
 var ToonClient = class {
   config;
@@ -3971,6 +4223,46 @@ var ToonClient = class {
       );
     }
   }
+  /**
+   * Payment-aware HTTP fetch over TOON (issue #50). A `fetch()`-like method that
+   * makes paying for an HTTP resource transparent:
+   *
+   *   1. Issues the HTTP request to `url`.
+   *   2. On `402`, parses the x402 `accepts` array and selects the
+   *      `toon-channel` entry (see {@link Http402Client} for the wire shape).
+   *   3. Opens/reuses a payment channel for the entry's ILP destination (via
+   *      ChannelManager), signs a balance proof for the demanded price, and
+   *      re-sends the SAME HTTP request as a transparent HTTP-in-ILP packet to
+   *      the connector's `POST /ilp` (via {@link HttpIlpClient}), with the claim
+   *      in the `ILP-Payment-Channel-Claim` header.
+   *   4. Reconstructs and returns a standard Web `Response` from the FULFILL
+   *      `data`. The caller never sees ILP.
+   *
+   * If the origin offers no `toon-channel` entry, the original `402` Response is
+   * returned unchanged (the caller sees the vanilla x402 challenge).
+   *
+   * The channel/claim plumbing is wired to the live ChannelManager + per-chain
+   * signer via `resolveClaimForDestination` — identical to `publishEvent`. The
+   * `amount` paid comes from the selected x402 entry (the resource's price).
+   *
+   * @throws {ToonClientError} If the client is not started.
+   * @throws {ConnectorError} If the connector rejects the payment or returns no
+   *   HTTP payload.
+   */
+  async h402Fetch(url, opts) {
+    if (!this.state) {
+      throw new ToonClientError(
+        "Client not started. Call start() first.",
+        "INVALID_STATE"
+      );
+    }
+    const client = new Http402Client({
+      ...this.channelManager ? {
+        resolveClaim: (destination, amount) => this.resolveClaimForDestination(destination, amount)
+      } : {}
+    });
+    return client.fetch(url, opts);
+  }
   /**
    * Sends a raw swap ILP packet (Story 12.5) to a Mill peer with an attached
    * balance-proof claim. This is a lower-level surface than `publishEvent`:
@@ -6117,6 +6409,7 @@ export {
   EvmSigner,
   HS_HOSTNAME_MAX_LENGTH,
   HS_HOSTNAME_REGEX,
+  Http402Client,
   HttpConnectorAdmin,
   HttpIlpClient,
   HttpRuntimeClient,
@@ -6157,14 +6450,18 @@ export {
   isRoutableHsHostname,
   loadKeystore,
   parseBackupPayload,
+  parseHttpResponse,
   parsePetInteractionEvent,
   parsePetInteractionResult,
   parsePetListing,
+  parseX402Body,
+  parseX402Challenge,
   readDiscoveredIlpPeer,
   readMinaDepositTotal,
   requestBlobStorage,
   selectAnonAsset,
   selectIlpTransport,
+  serializeHttpRequest,
   startManagedAnonProxy,
   validateConfig,
   validateMnemonic,