npm - @xapps-platform/backend-kit - Versions diffs - 0.1.1 - Mend

@xapps-platform/backend-kit 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (142) hide show

package/dist/backend/modules.js ADDED Viewed

@@ -0,0 +1,100 @@
+import { normalizeHostModes, readString } from "./options.js";
+function createHostReferenceModule({
+  gateway = {},
+  branding = {},
+  reference = {},
+  enableLifecycle = true,
+  enableBridge = true,
+  allowedOrigins = [],
+  bootstrap = {},
+  hostProxyService = null
+} = {}, deps = {}) {
+  const createHostProxyService2 = typeof deps.createHostProxyService === "function" ? deps.createHostProxyService : null;
+  const registerHostRoutes = typeof deps.registerHostRoutes === "function" ? deps.registerHostRoutes : null;
+  if (!createHostProxyService2 || !registerHostRoutes) {
+    throw new TypeError("host reference module dependencies are incomplete");
+  }
+  const resolvedHostProxyService = hostProxyService || createHostProxyService2({
+    gateway,
+    branding,
+    reference
+  });
+  const hostOptions = {
+    enableLifecycle,
+    enableBridge,
+    allowedOrigins,
+    bootstrap,
+    branding,
+    hostProxyService: resolvedHostProxyService
+  };
+  return {
+    async registerRoutes(app) {
+      await registerHostRoutes(app, hostOptions);
+    }
+  };
+}
+function createHostProxyService({ gateway = {}, reference = {} } = {}, deps = {}) {
+  const createGatewayClient = typeof deps.createGatewayClient === "function" ? deps.createGatewayClient : null;
+  const createEmbedHostProxyService = typeof deps.createEmbedHostProxyService === "function" ? deps.createEmbedHostProxyService : null;
+  if (!createGatewayClient || !createEmbedHostProxyService) {
+    throw new TypeError("backend host proxy dependencies are incomplete");
+  }
+  const gatewayUrl = readString(gateway.baseUrl).trim();
+  const apiKey = readString(gateway.apiKey).trim();
+  const hostModes = normalizeHostModes(reference.hostSurfaces);
+  return createEmbedHostProxyService({
+    gatewayClient: createGatewayClient({ baseUrl: gatewayUrl, apiKey }),
+    gatewayUrl,
+    hostModes: hostModes.length > 0 ? hostModes : void 0
+  });
+}
+function createGatewayExecutionModule({ enabledModes, subjectProfiles = {}, paymentRuntime = {} } = {}, deps = {}) {
+  const registerPaymentRoutes = typeof deps.registerPaymentRoutes === "function" ? deps.registerPaymentRoutes : null;
+  const registerGuardRoutes = typeof deps.registerGuardRoutes === "function" ? deps.registerGuardRoutes : null;
+  const registerSubjectProfileRoutes = typeof deps.registerSubjectProfileRoutes === "function" ? deps.registerSubjectProfileRoutes : null;
+  if (!registerPaymentRoutes || !registerGuardRoutes || !registerSubjectProfileRoutes) {
+    throw new TypeError("gateway execution module dependencies are incomplete");
+  }
+  return {
+    async registerRoutes(app) {
+      await registerPaymentRoutes(app, { enabledModes, paymentRuntime });
+      await registerGuardRoutes(app, { enabledModes, paymentRuntime });
+      await registerSubjectProfileRoutes(app, subjectProfiles);
+    }
+  };
+}
+function createReferenceSurfaceModule({
+  gateway = {},
+  branding = {},
+  enableReference = true,
+  enableLifecycle = true,
+  enableBridge = true,
+  enabledModes,
+  reference = {}
+} = {}, deps = {}) {
+  const registerReferenceRoutes = typeof deps.registerReferenceRoutes === "function" ? deps.registerReferenceRoutes : null;
+  if (!registerReferenceRoutes) {
+    throw new TypeError("reference surface module dependencies are incomplete");
+  }
+  const referenceOptions = {
+    enableReference,
+    enableLifecycle,
+    enableBridge,
+    enabledModes,
+    gateway,
+    branding,
+    reference
+  };
+  return {
+    async registerRoutes(app) {
+      await registerReferenceRoutes(app, referenceOptions);
+    }
+  };
+}
+export {
+  createGatewayExecutionModule,
+  createHostProxyService,
+  createHostReferenceModule,
+  createReferenceSurfaceModule
+};
+//# sourceMappingURL=modules.js.map

package/dist/backend/modules.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/backend/modules.ts"],
+  "sourcesContent": ["// @ts-nocheck\nimport { normalizeHostModes, readString } from \"./options.js\";\n\nexport function createHostReferenceModule(\n  {\n    gateway = {},\n    branding = {},\n    reference = {},\n    enableLifecycle = true,\n    enableBridge = true,\n    allowedOrigins = [],\n    bootstrap = {},\n    hostProxyService = null,\n  } = {},\n  deps = {},\n) {\n  const createHostProxyService =\n    typeof deps.createHostProxyService === \"function\" ? deps.createHostProxyService : null;\n  const registerHostRoutes =\n    typeof deps.registerHostRoutes === \"function\" ? deps.registerHostRoutes : null;\n  if (!createHostProxyService || !registerHostRoutes) {\n    throw new TypeError(\"host reference module dependencies are incomplete\");\n  }\n\n  const resolvedHostProxyService =\n    hostProxyService ||\n    createHostProxyService({\n      gateway,\n      branding,\n      reference,\n    });\n  const hostOptions = {\n    enableLifecycle,\n    enableBridge,\n    allowedOrigins,\n    bootstrap,\n    branding,\n    hostProxyService: resolvedHostProxyService,\n  };\n\n  return {\n    async registerRoutes(app) {\n      await registerHostRoutes(app, hostOptions);\n    },\n  };\n}\n\nexport function createHostProxyService({ gateway = {}, reference = {} } = {}, deps = {}) {\n  const createGatewayClient =\n    typeof deps.createGatewayClient === \"function\" ? deps.createGatewayClient : null;\n  const createEmbedHostProxyService =\n    typeof deps.createEmbedHostProxyService === \"function\"\n      ? deps.createEmbedHostProxyService\n      : null;\n  if (!createGatewayClient || !createEmbedHostProxyService) {\n    throw new TypeError(\"backend host proxy dependencies are incomplete\");\n  }\n\n  const gatewayUrl = readString(gateway.baseUrl).trim();\n  const apiKey = readString(gateway.apiKey).trim();\n  const hostModes = normalizeHostModes(reference.hostSurfaces);\n\n  return createEmbedHostProxyService({\n    gatewayClient: createGatewayClient({ baseUrl: gatewayUrl, apiKey }),\n    gatewayUrl,\n    hostModes: hostModes.length > 0 ? hostModes : undefined,\n  });\n}\n\nexport function createGatewayExecutionModule(\n  { enabledModes, subjectProfiles = {}, paymentRuntime = {} } = {},\n  deps = {},\n) {\n  const registerPaymentRoutes =\n    typeof deps.registerPaymentRoutes === \"function\" ? deps.registerPaymentRoutes : null;\n  const registerGuardRoutes =\n    typeof deps.registerGuardRoutes === \"function\" ? deps.registerGuardRoutes : null;\n  const registerSubjectProfileRoutes =\n    typeof deps.registerSubjectProfileRoutes === \"function\"\n      ? deps.registerSubjectProfileRoutes\n      : null;\n  if (!registerPaymentRoutes || !registerGuardRoutes || !registerSubjectProfileRoutes) {\n    throw new TypeError(\"gateway execution module dependencies are incomplete\");\n  }\n\n  return {\n    async registerRoutes(app) {\n      await registerPaymentRoutes(app, { enabledModes, paymentRuntime });\n      await registerGuardRoutes(app, { enabledModes, paymentRuntime });\n      await registerSubjectProfileRoutes(app, subjectProfiles);\n    },\n  };\n}\n\nexport function createReferenceSurfaceModule(\n  {\n    gateway = {},\n    branding = {},\n    enableReference = true,\n    enableLifecycle = true,\n    enableBridge = true,\n    enabledModes,\n    reference = {},\n  } = {},\n  deps = {},\n) {\n  const registerReferenceRoutes =\n    typeof deps.registerReferenceRoutes === \"function\" ? deps.registerReferenceRoutes : null;\n  if (!registerReferenceRoutes) {\n    throw new TypeError(\"reference surface module dependencies are incomplete\");\n  }\n\n  const referenceOptions = {\n    enableReference,\n    enableLifecycle,\n    enableBridge,\n    enabledModes,\n    gateway,\n    branding,\n    reference,\n  };\n\n  return {\n    async registerRoutes(app) {\n      await registerReferenceRoutes(app, referenceOptions);\n    },\n  };\n}\n"],
+  "mappings": "AACA,SAAS,oBAAoB,kBAAkB;AAExC,SAAS,0BACd;AAAA,EACE,UAAU,CAAC;AAAA,EACX,WAAW,CAAC;AAAA,EACZ,YAAY,CAAC;AAAA,EACb,kBAAkB;AAAA,EAClB,eAAe;AAAA,EACf,iBAAiB,CAAC;AAAA,EAClB,YAAY,CAAC;AAAA,EACb,mBAAmB;AACrB,IAAI,CAAC,GACL,OAAO,CAAC,GACR;AACA,QAAMA,0BACJ,OAAO,KAAK,2BAA2B,aAAa,KAAK,yBAAyB;AACpF,QAAM,qBACJ,OAAO,KAAK,uBAAuB,aAAa,KAAK,qBAAqB;AAC5E,MAAI,CAACA,2BAA0B,CAAC,oBAAoB;AAClD,UAAM,IAAI,UAAU,mDAAmD;AAAA,EACzE;AAEA,QAAM,2BACJ,oBACAA,wBAAuB;AAAA,IACrB;AAAA,IACA;AAAA,IACA;AAAA,EACF,CAAC;AACH,QAAM,cAAc;AAAA,IAClB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA,kBAAkB;AAAA,EACpB;AAEA,SAAO;AAAA,IACL,MAAM,eAAe,KAAK;AACxB,YAAM,mBAAmB,KAAK,WAAW;AAAA,IAC3C;AAAA,EACF;AACF;AAEO,SAAS,uBAAuB,EAAE,UAAU,CAAC,GAAG,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,OAAO,CAAC,GAAG;AACvF,QAAM,sBACJ,OAAO,KAAK,wBAAwB,aAAa,KAAK,sBAAsB;AAC9E,QAAM,8BACJ,OAAO,KAAK,gCAAgC,aACxC,KAAK,8BACL;AACN,MAAI,CAAC,uBAAuB,CAAC,6BAA6B;AACxD,UAAM,IAAI,UAAU,gDAAgD;AAAA,EACtE;AAEA,QAAM,aAAa,WAAW,QAAQ,OAAO,EAAE,KAAK;AACpD,QAAM,SAAS,WAAW,QAAQ,MAAM,EAAE,KAAK;AAC/C,QAAM,YAAY,mBAAmB,UAAU,YAAY;AAE3D,SAAO,4BAA4B;AAAA,IACjC,eAAe,oBAAoB,EAAE,SAAS,YAAY,OAAO,CAAC;AAAA,IAClE;AAAA,IACA,WAAW,UAAU,SAAS,IAAI,YAAY;AAAA,EAChD,CAAC;AACH;AAEO,SAAS,6BACd,EAAE,cAAc,kBAAkB,CAAC,GAAG,iBAAiB,CAAC,EAAE,IAAI,CAAC,GAC/D,OAAO,CAAC,GACR;AACA,QAAM,wBACJ,OAAO,KAAK,0BAA0B,aAAa,KAAK,wBAAwB;AAClF,QAAM,sBACJ,OAAO,KAAK,wBAAwB,aAAa,KAAK,sBAAsB;AAC9E,QAAM,+BACJ,OAAO,KAAK,iCAAiC,aACzC,KAAK,+BACL;AACN,MAAI,CAAC,yBAAyB,CAAC,uBAAuB,CAAC,8BAA8B;AACnF,UAAM,IAAI,UAAU,sDAAsD;AAAA,EAC5E;AAEA,SAAO;AAAA,IACL,MAAM,eAAe,KAAK;AACxB,YAAM,sBAAsB,KAAK,EAAE,cAAc,eAAe,CAAC;AACjE,YAAM,oBAAoB,KAAK,EAAE,cAAc,eAAe,CAAC;AAC/D,YAAM,6BAA6B,KAAK,eAAe;AAAA,IACzD;AAAA,EACF;AACF;AAEO,SAAS,6BACd;AAAA,EACE,UAAU,CAAC;AAAA,EACX,WAAW,CAAC;AAAA,EACZ,kBAAkB;AAAA,EAClB,kBAAkB;AAAA,EAClB,eAAe;AAAA,EACf;AAAA,EACA,YAAY,CAAC;AACf,IAAI,CAAC,GACL,OAAO,CAAC,GACR;AACA,QAAM,0BACJ,OAAO,KAAK,4BAA4B,aAAa,KAAK,0BAA0B;AACtF,MAAI,CAAC,yBAAyB;AAC5B,UAAM,IAAI,UAAU,sDAAsD;AAAA,EAC5E;AAEA,QAAM,mBAAmB;AAAA,IACvB;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,SAAO;AAAA,IACL,MAAM,eAAe,KAAK;AACxB,YAAM,wBAAwB,KAAK,gBAAgB;AAAA,IACrD;AAAA,EACF;AACF;",
+  "names": ["createHostProxyService"]
+}

package/dist/backend/options.d.ts ADDED Viewed

@@ -0,0 +1,78 @@
+export declare function readRecord(value: any): any;
+export declare function readString(value: any, fallback?: string): string;
+export declare function readList(value: any): any[];
+export declare function normalizeAllowedOrigins(value: any): string[];
+export declare function normalizeApiKeys(value: any): string[];
+export declare function normalizeOwnerIssuer(value: any, fallback?: string): "tenant" | "publisher";
+export declare function normalizeHostModes(hostSurfaces: any): {
+    key: string;
+    label: string;
+}[];
+export declare function resolvePlatformSecretRefFromEnv(input?: {}): string;
+export declare function normalizeBackendKitOptions(input?: {}, deps?: {}): {
+    host: {
+        enableReference: boolean;
+        enableLifecycle: boolean;
+        enableBridge: boolean;
+        allowedOrigins: string[];
+        bootstrap: {
+            apiKeys: string[];
+            signingSecret: string;
+            ttlSeconds: number;
+        };
+    };
+    payments: {
+        enabledModes: any;
+        ownerIssuer: string;
+        paymentUrl: string;
+        returnSecret: any;
+        returnSecretRef: any;
+        returnUrlAllowlist: any;
+    };
+    assets: {
+        seedLogo: {
+            filePath: string;
+            routePath: string;
+            contentType: string;
+        };
+        paymentPage: {
+            filePath: string;
+        };
+    };
+    gateway: {
+        baseUrl: string;
+        apiKey: string;
+    };
+    branding: {
+        tenantName: string;
+        serviceName: string;
+        stackLabel: string;
+    };
+    reference: {
+        tenant: string;
+        workspace: string;
+        stack: string;
+        mode: string;
+        tenantPolicySlugs: any[];
+        proofSources: any[];
+        sdkPaths: any;
+        hostSurfaces: any[];
+        notes: any[];
+        embedSdkCandidateFiles: any[];
+        referenceAssets: any;
+    };
+    subjectProfiles: {
+        workspace: string;
+        source: string;
+        catalogJson: string;
+        defaultProfiles: any[];
+        resolveCandidates: any;
+    };
+    overrides: {
+        hostProxyService: any;
+        gatewayClient: any;
+        paymentHandler: any;
+        resolvePolicyRequest: any;
+    };
+};
+//# sourceMappingURL=options.d.ts.map

package/dist/backend/options.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"options.d.ts","sourceRoot":"","sources":["../../src/backend/options.ts"],"names":[],"mappings":"AACA,wBAAgB,UAAU,CAAC,KAAK,KAAA,OAE/B;AAED,wBAAgB,UAAU,CAAC,KAAK,KAAA,EAAE,QAAQ,SAAK,UAE9C;AAED,wBAAgB,QAAQ,CAAC,KAAK,KAAA,SAE7B;AAED,wBAAgB,uBAAuB,CAAC,KAAK,KAAA,YAU5C;AAED,wBAAgB,gBAAgB,CAAC,KAAK,KAAA,YAUrC;AAED,wBAAgB,oBAAoB,CAAC,KAAK,KAAA,EAAE,QAAQ,SAAW,0BAG9D;AAED,wBAAgB,kBAAkB,CAAC,YAAY,KAAA;;;IAW9C;AAED,wBAAgB,+BAA+B,CAAC,KAAK,KAAK,UAuBzD;AAED,wBAAgB,0BAA0B,CAAC,KAAK,KAAK,EAAE,IAAI,KAAK;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAwH/D"}

package/dist/backend/options.js ADDED Viewed

@@ -0,0 +1,153 @@
+function readRecord(value) {
+  return value && typeof value === "object" ? value : {};
+}
+function readString(value, fallback = "") {
+  return typeof value === "string" ? value : fallback;
+}
+function readList(value) {
+  return Array.isArray(value) ? value : [];
+}
+function normalizeAllowedOrigins(value) {
+  if (Array.isArray(value)) {
+    return value.map((entry) => readString(entry).trim().replace(/\/+$/, "")).filter(Boolean);
+  }
+  const raw = readString(value).trim();
+  if (!raw) return [];
+  return raw.split(/[,\n]/).map((entry) => readString(entry).trim().replace(/\/+$/, "")).filter(Boolean);
+}
+function normalizeApiKeys(value) {
+  if (Array.isArray(value)) {
+    return value.map((entry) => readString(entry).trim()).filter(Boolean);
+  }
+  const raw = readString(value).trim();
+  if (!raw) return [];
+  return raw.split(/[,\n]/).map((entry) => readString(entry).trim()).filter(Boolean);
+}
+function normalizeOwnerIssuer(value, fallback = "tenant") {
+  const normalized = readString(value, fallback).trim().toLowerCase();
+  return normalized === "publisher" ? "publisher" : "tenant";
+}
+function normalizeHostModes(hostSurfaces) {
+  return readList(hostSurfaces).map(
+    (entry) => entry && typeof entry === "object" ? {
+      key: readString(entry.key).trim(),
+      label: readString(entry.label).trim()
+    } : null
+  ).filter((entry) => entry && entry.key && entry.label);
+}
+function resolvePlatformSecretRefFromEnv(input = {}) {
+  const name = String(input?.name || "").trim().replace(/[^A-Za-z0-9_]+/g, "_").toUpperCase();
+  const scope = String(input?.scope || "").trim().replace(/[^A-Za-z0-9_]+/g, "_").toUpperCase();
+  const scopeId = String(input?.scopeId || "").trim().replace(/[^A-Za-z0-9_]+/g, "_").toUpperCase();
+  const candidates = [
+    scope && scopeId && name ? `PLATFORM_SECRET__${scope}__${scopeId}__${name}` : "",
+    scope && name ? `PLATFORM_SECRET__${scope}__${name}` : "",
+    name ? `PLATFORM_SECRET__${name}` : ""
+  ].filter(Boolean);
+  for (const key of candidates) {
+    const value = String(process.env[key] || "").trim();
+    if (value) return value;
+  }
+  return "";
+}
+function normalizeBackendKitOptions(input = {}, deps = {}) {
+  const defaults = readRecord(deps.defaults);
+  const normalizeEnabledModes = typeof deps.normalizeEnabledModes === "function" ? deps.normalizeEnabledModes : null;
+  if (!normalizeEnabledModes) {
+    throw new TypeError("normalizeEnabledModes is required");
+  }
+  const host = readRecord(input.host);
+  const payments = readRecord(input.payments);
+  const assets = readRecord(input.assets);
+  const seedLogo = readRecord(assets.seedLogo);
+  const gateway = readRecord(input.gateway);
+  const branding = readRecord(input.branding);
+  const reference = readRecord(input.reference);
+  const subjectProfiles = readRecord(input.subjectProfiles);
+  const overrides = readRecord(input.overrides);
+  const defaultHost = readRecord(defaults.host);
+  const defaultPayments = readRecord(defaults.payments);
+  const defaultGateway = readRecord(defaults.gateway);
+  return {
+    host: {
+      enableReference: host.enableReference !== false && defaultHost.enableReference !== false,
+      enableLifecycle: host.enableLifecycle !== false && defaultHost.enableLifecycle !== false,
+      enableBridge: host.enableBridge !== false && defaultHost.enableBridge !== false,
+      allowedOrigins: normalizeAllowedOrigins(host.allowedOrigins ?? defaultHost.allowedOrigins),
+      bootstrap: {
+        apiKeys: normalizeApiKeys(
+          readRecord(host.bootstrap).apiKeys ?? defaultHost.bootstrap?.apiKeys
+        ),
+        signingSecret: readString(readRecord(host.bootstrap).signingSecret).trim() || readString(defaultHost.bootstrap?.signingSecret).trim(),
+        ttlSeconds: Number(readRecord(host.bootstrap).ttlSeconds ?? defaultHost.bootstrap?.ttlSeconds) > 0 ? Math.floor(
+          Number(readRecord(host.bootstrap).ttlSeconds ?? defaultHost.bootstrap?.ttlSeconds)
+        ) : 300
+      }
+    },
+    payments: {
+      enabledModes: normalizeEnabledModes(payments.enabledModes),
+      ownerIssuer: normalizeOwnerIssuer(payments.ownerIssuer, defaultPayments.ownerIssuer),
+      paymentUrl: readString(payments.paymentUrl).trim() || readString(defaultPayments.paymentUrl),
+      returnSecret: typeof payments.returnSecret === "string" ? payments.returnSecret : readString(defaultPayments.returnSecret),
+      returnSecretRef: typeof payments.returnSecretRef === "string" ? payments.returnSecretRef : readString(defaultPayments.returnSecretRef),
+      returnUrlAllowlist: typeof payments.returnUrlAllowlist === "string" ? payments.returnUrlAllowlist : readString(defaultPayments.returnUrlAllowlist)
+    },
+    assets: {
+      seedLogo: {
+        filePath: readString(seedLogo.filePath),
+        routePath: readString(seedLogo.routePath),
+        contentType: readString(seedLogo.contentType, "image/svg+xml").trim() || "image/svg+xml"
+      },
+      paymentPage: {
+        filePath: readString(readRecord(assets.paymentPage).filePath)
+      }
+    },
+    gateway: {
+      baseUrl: readString(gateway.baseUrl).trim() || readString(defaultGateway.baseUrl),
+      apiKey: readString(gateway.apiKey).trim() || readString(defaultGateway.apiKey)
+    },
+    branding: {
+      tenantName: readString(branding.tenantName),
+      serviceName: readString(branding.serviceName),
+      stackLabel: readString(branding.stackLabel)
+    },
+    reference: {
+      tenant: readString(reference.tenant),
+      workspace: readString(reference.workspace),
+      stack: readString(reference.stack),
+      mode: readString(reference.mode),
+      tenantPolicySlugs: readList(reference.tenantPolicySlugs),
+      proofSources: readList(reference.proofSources),
+      sdkPaths: readRecord(reference.sdkPaths),
+      hostSurfaces: readList(reference.hostSurfaces),
+      notes: readList(reference.notes),
+      embedSdkCandidateFiles: readList(reference.embedSdkCandidateFiles),
+      referenceAssets: readRecord(reference.referenceAssets)
+    },
+    subjectProfiles: {
+      workspace: readString(subjectProfiles.workspace),
+      source: readString(subjectProfiles.source),
+      catalogJson: readString(subjectProfiles.catalogJson),
+      defaultProfiles: readList(subjectProfiles.defaultProfiles),
+      resolveCandidates: typeof subjectProfiles.resolveCandidates === "function" ? subjectProfiles.resolveCandidates : null
+    },
+    overrides: {
+      hostProxyService: overrides.hostProxyService && typeof overrides.hostProxyService === "object" ? overrides.hostProxyService : null,
+      gatewayClient: overrides.gatewayClient && typeof overrides.gatewayClient === "object" ? overrides.gatewayClient : null,
+      paymentHandler: overrides.paymentHandler && typeof overrides.paymentHandler === "object" ? overrides.paymentHandler : null,
+      resolvePolicyRequest: typeof overrides.resolvePolicyRequest === "function" ? overrides.resolvePolicyRequest : null
+    }
+  };
+}
+export {
+  normalizeAllowedOrigins,
+  normalizeApiKeys,
+  normalizeBackendKitOptions,
+  normalizeHostModes,
+  normalizeOwnerIssuer,
+  readList,
+  readRecord,
+  readString,
+  resolvePlatformSecretRefFromEnv
+};
+//# sourceMappingURL=options.js.map

package/dist/backend/options.js.map ADDED Viewed

@@ -0,0 +1,7 @@
+{
+  "version": 3,
+  "sources": ["../../src/backend/options.ts"],
+  "sourcesContent": ["// @ts-nocheck\nexport function readRecord(value) {\n  return value && typeof value === \"object\" ? value : {};\n}\n\nexport function readString(value, fallback = \"\") {\n  return typeof value === \"string\" ? value : fallback;\n}\n\nexport function readList(value) {\n  return Array.isArray(value) ? value : [];\n}\n\nexport function normalizeAllowedOrigins(value) {\n  if (Array.isArray(value)) {\n    return value.map((entry) => readString(entry).trim().replace(/\\/+$/, \"\")).filter(Boolean);\n  }\n  const raw = readString(value).trim();\n  if (!raw) return [];\n  return raw\n    .split(/[,\\n]/)\n    .map((entry) => readString(entry).trim().replace(/\\/+$/, \"\"))\n    .filter(Boolean);\n}\n\nexport function normalizeApiKeys(value) {\n  if (Array.isArray(value)) {\n    return value.map((entry) => readString(entry).trim()).filter(Boolean);\n  }\n  const raw = readString(value).trim();\n  if (!raw) return [];\n  return raw\n    .split(/[,\\n]/)\n    .map((entry) => readString(entry).trim())\n    .filter(Boolean);\n}\n\nexport function normalizeOwnerIssuer(value, fallback = \"tenant\") {\n  const normalized = readString(value, fallback).trim().toLowerCase();\n  return normalized === \"publisher\" ? \"publisher\" : \"tenant\";\n}\n\nexport function normalizeHostModes(hostSurfaces) {\n  return readList(hostSurfaces)\n    .map((entry) =>\n      entry && typeof entry === \"object\"\n        ? {\n            key: readString(entry.key).trim(),\n            label: readString(entry.label).trim(),\n          }\n        : null,\n    )\n    .filter((entry) => entry && entry.key && entry.label);\n}\n\nexport function resolvePlatformSecretRefFromEnv(input = {}) {\n  const name = String(input?.name || \"\")\n    .trim()\n    .replace(/[^A-Za-z0-9_]+/g, \"_\")\n    .toUpperCase();\n  const scope = String(input?.scope || \"\")\n    .trim()\n    .replace(/[^A-Za-z0-9_]+/g, \"_\")\n    .toUpperCase();\n  const scopeId = String(input?.scopeId || \"\")\n    .trim()\n    .replace(/[^A-Za-z0-9_]+/g, \"_\")\n    .toUpperCase();\n  const candidates = [\n    scope && scopeId && name ? `PLATFORM_SECRET__${scope}__${scopeId}__${name}` : \"\",\n    scope && name ? `PLATFORM_SECRET__${scope}__${name}` : \"\",\n    name ? `PLATFORM_SECRET__${name}` : \"\",\n  ].filter(Boolean);\n  for (const key of candidates) {\n    const value = String(process.env[key] || \"\").trim();\n    if (value) return value;\n  }\n  return \"\";\n}\n\nexport function normalizeBackendKitOptions(input = {}, deps = {}) {\n  const defaults = readRecord(deps.defaults);\n  const normalizeEnabledModes =\n    typeof deps.normalizeEnabledModes === \"function\" ? deps.normalizeEnabledModes : null;\n  if (!normalizeEnabledModes) {\n    throw new TypeError(\"normalizeEnabledModes is required\");\n  }\n\n  const host = readRecord(input.host);\n  const payments = readRecord(input.payments);\n  const assets = readRecord(input.assets);\n  const seedLogo = readRecord(assets.seedLogo);\n  const gateway = readRecord(input.gateway);\n  const branding = readRecord(input.branding);\n  const reference = readRecord(input.reference);\n  const subjectProfiles = readRecord(input.subjectProfiles);\n  const overrides = readRecord(input.overrides);\n  const defaultHost = readRecord(defaults.host);\n  const defaultPayments = readRecord(defaults.payments);\n  const defaultGateway = readRecord(defaults.gateway);\n\n  return {\n    host: {\n      enableReference: host.enableReference !== false && defaultHost.enableReference !== false,\n      enableLifecycle: host.enableLifecycle !== false && defaultHost.enableLifecycle !== false,\n      enableBridge: host.enableBridge !== false && defaultHost.enableBridge !== false,\n      allowedOrigins: normalizeAllowedOrigins(host.allowedOrigins ?? defaultHost.allowedOrigins),\n      bootstrap: {\n        apiKeys: normalizeApiKeys(\n          readRecord(host.bootstrap).apiKeys ?? defaultHost.bootstrap?.apiKeys,\n        ),\n        signingSecret:\n          readString(readRecord(host.bootstrap).signingSecret).trim() ||\n          readString(defaultHost.bootstrap?.signingSecret).trim(),\n        ttlSeconds:\n          Number(readRecord(host.bootstrap).ttlSeconds ?? defaultHost.bootstrap?.ttlSeconds) > 0\n            ? Math.floor(\n                Number(readRecord(host.bootstrap).ttlSeconds ?? defaultHost.bootstrap?.ttlSeconds),\n              )\n            : 300,\n      },\n    },\n    payments: {\n      enabledModes: normalizeEnabledModes(payments.enabledModes),\n      ownerIssuer: normalizeOwnerIssuer(payments.ownerIssuer, defaultPayments.ownerIssuer),\n      paymentUrl: readString(payments.paymentUrl).trim() || readString(defaultPayments.paymentUrl),\n      returnSecret:\n        typeof payments.returnSecret === \"string\"\n          ? payments.returnSecret\n          : readString(defaultPayments.returnSecret),\n      returnSecretRef:\n        typeof payments.returnSecretRef === \"string\"\n          ? payments.returnSecretRef\n          : readString(defaultPayments.returnSecretRef),\n      returnUrlAllowlist:\n        typeof payments.returnUrlAllowlist === \"string\"\n          ? payments.returnUrlAllowlist\n          : readString(defaultPayments.returnUrlAllowlist),\n    },\n    assets: {\n      seedLogo: {\n        filePath: readString(seedLogo.filePath),\n        routePath: readString(seedLogo.routePath),\n        contentType: readString(seedLogo.contentType, \"image/svg+xml\").trim() || \"image/svg+xml\",\n      },\n      paymentPage: {\n        filePath: readString(readRecord(assets.paymentPage).filePath),\n      },\n    },\n    gateway: {\n      baseUrl: readString(gateway.baseUrl).trim() || readString(defaultGateway.baseUrl),\n      apiKey: readString(gateway.apiKey).trim() || readString(defaultGateway.apiKey),\n    },\n    branding: {\n      tenantName: readString(branding.tenantName),\n      serviceName: readString(branding.serviceName),\n      stackLabel: readString(branding.stackLabel),\n    },\n    reference: {\n      tenant: readString(reference.tenant),\n      workspace: readString(reference.workspace),\n      stack: readString(reference.stack),\n      mode: readString(reference.mode),\n      tenantPolicySlugs: readList(reference.tenantPolicySlugs),\n      proofSources: readList(reference.proofSources),\n      sdkPaths: readRecord(reference.sdkPaths),\n      hostSurfaces: readList(reference.hostSurfaces),\n      notes: readList(reference.notes),\n      embedSdkCandidateFiles: readList(reference.embedSdkCandidateFiles),\n      referenceAssets: readRecord(reference.referenceAssets),\n    },\n    subjectProfiles: {\n      workspace: readString(subjectProfiles.workspace),\n      source: readString(subjectProfiles.source),\n      catalogJson: readString(subjectProfiles.catalogJson),\n      defaultProfiles: readList(subjectProfiles.defaultProfiles),\n      resolveCandidates:\n        typeof subjectProfiles.resolveCandidates === \"function\"\n          ? subjectProfiles.resolveCandidates\n          : null,\n    },\n    overrides: {\n      hostProxyService:\n        overrides.hostProxyService && typeof overrides.hostProxyService === \"object\"\n          ? overrides.hostProxyService\n          : null,\n      gatewayClient:\n        overrides.gatewayClient && typeof overrides.gatewayClient === \"object\"\n          ? overrides.gatewayClient\n          : null,\n      paymentHandler:\n        overrides.paymentHandler && typeof overrides.paymentHandler === \"object\"\n          ? overrides.paymentHandler\n          : null,\n      resolvePolicyRequest:\n        typeof overrides.resolvePolicyRequest === \"function\"\n          ? overrides.resolvePolicyRequest\n          : null,\n    },\n  };\n}\n"],
+  "mappings": "AACO,SAAS,WAAW,OAAO;AAChC,SAAO,SAAS,OAAO,UAAU,WAAW,QAAQ,CAAC;AACvD;AAEO,SAAS,WAAW,OAAO,WAAW,IAAI;AAC/C,SAAO,OAAO,UAAU,WAAW,QAAQ;AAC7C;AAEO,SAAS,SAAS,OAAO;AAC9B,SAAO,MAAM,QAAQ,KAAK,IAAI,QAAQ,CAAC;AACzC;AAEO,SAAS,wBAAwB,OAAO;AAC7C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,WAAO,MAAM,IAAI,CAAC,UAAU,WAAW,KAAK,EAAE,KAAK,EAAE,QAAQ,QAAQ,EAAE,CAAC,EAAE,OAAO,OAAO;AAAA,EAC1F;AACA,QAAM,MAAM,WAAW,KAAK,EAAE,KAAK;AACnC,MAAI,CAAC,IAAK,QAAO,CAAC;AAClB,SAAO,IACJ,MAAM,OAAO,EACb,IAAI,CAAC,UAAU,WAAW,KAAK,EAAE,KAAK,EAAE,QAAQ,QAAQ,EAAE,CAAC,EAC3D,OAAO,OAAO;AACnB;AAEO,SAAS,iBAAiB,OAAO;AACtC,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,WAAO,MAAM,IAAI,CAAC,UAAU,WAAW,KAAK,EAAE,KAAK,CAAC,EAAE,OAAO,OAAO;AAAA,EACtE;AACA,QAAM,MAAM,WAAW,KAAK,EAAE,KAAK;AACnC,MAAI,CAAC,IAAK,QAAO,CAAC;AAClB,SAAO,IACJ,MAAM,OAAO,EACb,IAAI,CAAC,UAAU,WAAW,KAAK,EAAE,KAAK,CAAC,EACvC,OAAO,OAAO;AACnB;AAEO,SAAS,qBAAqB,OAAO,WAAW,UAAU;AAC/D,QAAM,aAAa,WAAW,OAAO,QAAQ,EAAE,KAAK,EAAE,YAAY;AAClE,SAAO,eAAe,cAAc,cAAc;AACpD;AAEO,SAAS,mBAAmB,cAAc;AAC/C,SAAO,SAAS,YAAY,EACzB;AAAA,IAAI,CAAC,UACJ,SAAS,OAAO,UAAU,WACtB;AAAA,MACE,KAAK,WAAW,MAAM,GAAG,EAAE,KAAK;AAAA,MAChC,OAAO,WAAW,MAAM,KAAK,EAAE,KAAK;AAAA,IACtC,IACA;AAAA,EACN,EACC,OAAO,CAAC,UAAU,SAAS,MAAM,OAAO,MAAM,KAAK;AACxD;AAEO,SAAS,gCAAgC,QAAQ,CAAC,GAAG;AAC1D,QAAM,OAAO,OAAO,OAAO,QAAQ,EAAE,EAClC,KAAK,EACL,QAAQ,mBAAmB,GAAG,EAC9B,YAAY;AACf,QAAM,QAAQ,OAAO,OAAO,SAAS,EAAE,EACpC,KAAK,EACL,QAAQ,mBAAmB,GAAG,EAC9B,YAAY;AACf,QAAM,UAAU,OAAO,OAAO,WAAW,EAAE,EACxC,KAAK,EACL,QAAQ,mBAAmB,GAAG,EAC9B,YAAY;AACf,QAAM,aAAa;AAAA,IACjB,SAAS,WAAW,OAAO,oBAAoB,KAAK,KAAK,OAAO,KAAK,IAAI,KAAK;AAAA,IAC9E,SAAS,OAAO,oBAAoB,KAAK,KAAK,IAAI,KAAK;AAAA,IACvD,OAAO,oBAAoB,IAAI,KAAK;AAAA,EACtC,EAAE,OAAO,OAAO;AAChB,aAAW,OAAO,YAAY;AAC5B,UAAM,QAAQ,OAAO,QAAQ,IAAI,GAAG,KAAK,EAAE,EAAE,KAAK;AAClD,QAAI,MAAO,QAAO;AAAA,EACpB;AACA,SAAO;AACT;AAEO,SAAS,2BAA2B,QAAQ,CAAC,GAAG,OAAO,CAAC,GAAG;AAChE,QAAM,WAAW,WAAW,KAAK,QAAQ;AACzC,QAAM,wBACJ,OAAO,KAAK,0BAA0B,aAAa,KAAK,wBAAwB;AAClF,MAAI,CAAC,uBAAuB;AAC1B,UAAM,IAAI,UAAU,mCAAmC;AAAA,EACzD;AAEA,QAAM,OAAO,WAAW,MAAM,IAAI;AAClC,QAAM,WAAW,WAAW,MAAM,QAAQ;AAC1C,QAAM,SAAS,WAAW,MAAM,MAAM;AACtC,QAAM,WAAW,WAAW,OAAO,QAAQ;AAC3C,QAAM,UAAU,WAAW,MAAM,OAAO;AACxC,QAAM,WAAW,WAAW,MAAM,QAAQ;AAC1C,QAAM,YAAY,WAAW,MAAM,SAAS;AAC5C,QAAM,kBAAkB,WAAW,MAAM,eAAe;AACxD,QAAM,YAAY,WAAW,MAAM,SAAS;AAC5C,QAAM,cAAc,WAAW,SAAS,IAAI;AAC5C,QAAM,kBAAkB,WAAW,SAAS,QAAQ;AACpD,QAAM,iBAAiB,WAAW,SAAS,OAAO;AAElD,SAAO;AAAA,IACL,MAAM;AAAA,MACJ,iBAAiB,KAAK,oBAAoB,SAAS,YAAY,oBAAoB;AAAA,MACnF,iBAAiB,KAAK,oBAAoB,SAAS,YAAY,oBAAoB;AAAA,MACnF,cAAc,KAAK,iBAAiB,SAAS,YAAY,iBAAiB;AAAA,MAC1E,gBAAgB,wBAAwB,KAAK,kBAAkB,YAAY,cAAc;AAAA,MACzF,WAAW;AAAA,QACT,SAAS;AAAA,UACP,WAAW,KAAK,SAAS,EAAE,WAAW,YAAY,WAAW;AAAA,QAC/D;AAAA,QACA,eACE,WAAW,WAAW,KAAK,SAAS,EAAE,aAAa,EAAE,KAAK,KAC1D,WAAW,YAAY,WAAW,aAAa,EAAE,KAAK;AAAA,QACxD,YACE,OAAO,WAAW,KAAK,SAAS,EAAE,cAAc,YAAY,WAAW,UAAU,IAAI,IACjF,KAAK;AAAA,UACH,OAAO,WAAW,KAAK,SAAS,EAAE,cAAc,YAAY,WAAW,UAAU;AAAA,QACnF,IACA;AAAA,MACR;AAAA,IACF;AAAA,IACA,UAAU;AAAA,MACR,cAAc,sBAAsB,SAAS,YAAY;AAAA,MACzD,aAAa,qBAAqB,SAAS,aAAa,gBAAgB,WAAW;AAAA,MACnF,YAAY,WAAW,SAAS,UAAU,EAAE,KAAK,KAAK,WAAW,gBAAgB,UAAU;AAAA,MAC3F,cACE,OAAO,SAAS,iBAAiB,WAC7B,SAAS,eACT,WAAW,gBAAgB,YAAY;AAAA,MAC7C,iBACE,OAAO,SAAS,oBAAoB,WAChC,SAAS,kBACT,WAAW,gBAAgB,eAAe;AAAA,MAChD,oBACE,OAAO,SAAS,uBAAuB,WACnC,SAAS,qBACT,WAAW,gBAAgB,kBAAkB;AAAA,IACrD;AAAA,IACA,QAAQ;AAAA,MACN,UAAU;AAAA,QACR,UAAU,WAAW,SAAS,QAAQ;AAAA,QACtC,WAAW,WAAW,SAAS,SAAS;AAAA,QACxC,aAAa,WAAW,SAAS,aAAa,eAAe,EAAE,KAAK,KAAK;AAAA,MAC3E;AAAA,MACA,aAAa;AAAA,QACX,UAAU,WAAW,WAAW,OAAO,WAAW,EAAE,QAAQ;AAAA,MAC9D;AAAA,IACF;AAAA,IACA,SAAS;AAAA,MACP,SAAS,WAAW,QAAQ,OAAO,EAAE,KAAK,KAAK,WAAW,eAAe,OAAO;AAAA,MAChF,QAAQ,WAAW,QAAQ,MAAM,EAAE,KAAK,KAAK,WAAW,eAAe,MAAM;AAAA,IAC/E;AAAA,IACA,UAAU;AAAA,MACR,YAAY,WAAW,SAAS,UAAU;AAAA,MAC1C,aAAa,WAAW,SAAS,WAAW;AAAA,MAC5C,YAAY,WAAW,SAAS,UAAU;AAAA,IAC5C;AAAA,IACA,WAAW;AAAA,MACT,QAAQ,WAAW,UAAU,MAAM;AAAA,MACnC,WAAW,WAAW,UAAU,SAAS;AAAA,MACzC,OAAO,WAAW,UAAU,KAAK;AAAA,MACjC,MAAM,WAAW,UAAU,IAAI;AAAA,MAC/B,mBAAmB,SAAS,UAAU,iBAAiB;AAAA,MACvD,cAAc,SAAS,UAAU,YAAY;AAAA,MAC7C,UAAU,WAAW,UAAU,QAAQ;AAAA,MACvC,cAAc,SAAS,UAAU,YAAY;AAAA,MAC7C,OAAO,SAAS,UAAU,KAAK;AAAA,MAC/B,wBAAwB,SAAS,UAAU,sBAAsB;AAAA,MACjE,iBAAiB,WAAW,UAAU,eAAe;AAAA,IACvD;AAAA,IACA,iBAAiB;AAAA,MACf,WAAW,WAAW,gBAAgB,SAAS;AAAA,MAC/C,QAAQ,WAAW,gBAAgB,MAAM;AAAA,MACzC,aAAa,WAAW,gBAAgB,WAAW;AAAA,MACnD,iBAAiB,SAAS,gBAAgB,eAAe;AAAA,MACzD,mBACE,OAAO,gBAAgB,sBAAsB,aACzC,gBAAgB,oBAChB;AAAA,IACR;AAAA,IACA,WAAW;AAAA,MACT,kBACE,UAAU,oBAAoB,OAAO,UAAU,qBAAqB,WAChE,UAAU,mBACV;AAAA,MACN,eACE,UAAU,iBAAiB,OAAO,UAAU,kBAAkB,WAC1D,UAAU,gBACV;AAAA,MACN,gBACE,UAAU,kBAAkB,OAAO,UAAU,mBAAmB,WAC5D,UAAU,iBACV;AAAA,MACN,sBACE,OAAO,UAAU,yBAAyB,aACtC,UAAU,uBACV;AAAA,IACR;AAAA,EACF;AACF;",
+  "names": []
+}

package/dist/backend/paymentRuntime.d.ts ADDED Viewed

@@ -0,0 +1,31 @@
+import { extractHostedPaymentSessionId } from "@xapps/server-sdk";
+export declare function createPaymentRuntime(options?: {}, deps?: {}): Promise<{
+    gatewayClient: any;
+    paymentHandler: any;
+    paymentSettings: {
+        ownerIssuer: string;
+        paymentUrl: any;
+        returnSecret: any;
+        returnSecretRef: any;
+        returnUrlAllowlist: any;
+    };
+    paymentPageFile: any;
+    resolvePolicyRequest: any;
+}>;
+export declare function createPaymentEvidenceHandler({ payments, gatewayClient, issuer, resolvePlatformSecretRef, }?: {
+    payments?: {};
+    gatewayClient?: any;
+    issuer?: string;
+}): Promise<import("@xapps/server-sdk").PaymentHandler>;
+export declare function buildHostedGatewayPaymentUrl(input?: {}, runtime?: {}): Promise<string>;
+export declare function buildModeHostedGatewayPaymentUrl(input?: {}, defaults?: {}, runtime?: {}): Promise<string>;
+export declare function registerPaymentPageAssetRoute(fastify: any, { pagePath, pageFile }?: {
+    pagePath?: string;
+    pageFile?: string;
+}): Promise<void>;
+export declare function registerPaymentPageApiRoutes(fastify: any, { gatewayClient, pathPrefix }?: {
+    gatewayClient?: any;
+    pathPrefix?: string;
+}): Promise<void>;
+export { extractHostedPaymentSessionId };
+//# sourceMappingURL=paymentRuntime.d.ts.map

package/dist/backend/paymentRuntime.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"paymentRuntime.d.ts","sourceRoot":"","sources":["../../src/backend/paymentRuntime.ts"],"names":[],"mappings":"AAEA,OAAO,EAGL,6BAA6B,EAC9B,MAAM,mBAAmB,CAAC;AA6C3B,wBAAsB,oBAAoB,CAAC,OAAO,KAAK,EAAE,IAAI,KAAK;;;;;;;;;;;;GAoCjE;AAED,wBAAsB,4BAA4B,CAAC,EACjD,QAAa,EACb,aAAoB,EACpB,MAAW,EACX,wBAAwB,GACzB;;;;CAAK,uDAeL;AAED,wBAAsB,4BAA4B,CAAC,KAAK,KAAK,EAAE,OAAO,KAAK,mBAmC1E;AAED,wBAAsB,gCAAgC,CAAC,KAAK,KAAK,EAAE,QAAQ,KAAK,EAAE,OAAO,KAAK,mBA+B7F;AAED,wBAAsB,6BAA6B,CACjD,OAAO,KAAA,EACP,EAAE,QAAiC,EAAE,QAAa,EAAE;;;CAAK,iBAM1D;AAED,wBAAsB,4BAA4B,CAChD,OAAO,KAAA,EACP,EAAE,aAAoB,EAAE,UAAkC,EAAE;;;CAAK,iBAuElE;AAED,OAAO,EAAE,6BAA6B,EAAE,CAAC"}

package/dist/backend/paymentRuntime.js ADDED Viewed

@@ -0,0 +1,231 @@
+import fs from "node:fs";
+import {
+  buildHostedGatewayPaymentUrlFromGuardContext,
+  createPaymentHandlerAsync,
+  extractHostedPaymentSessionId
+} from "@xapps/server-sdk";
+import { normalizeOwnerIssuer, readRecord, readString } from "./options.js";
+function mapHostedSessionResult(input = {}) {
+  return {
+    ...input?.redirectUrl ? { redirect_url: input.redirectUrl } : {},
+    ...input?.flow ? { flow: input.flow } : {},
+    ...input?.paymentSessionId ? { payment_session_id: input.paymentSessionId } : {},
+    ...input?.clientSettleUrl ? { client_settle_url: input.clientSettleUrl } : {},
+    ...input?.providerReference !== void 0 ? { provider_reference: input.providerReference } : {},
+    ...input?.scheme ? { scheme: input.scheme } : {},
+    ...input?.metadata ? { metadata: input.metadata } : {}
+  };
+}
+function readPaymentRequestParams(source = {}) {
+  const input = readRecord(source);
+  return {
+    paymentSessionId: readString(input.payment_session_id, input.paymentSessionId).trim(),
+    returnUrl: readString(input.return_url, input.returnUrl).trim(),
+    cancelUrl: readString(input.cancel_url, input.cancelUrl).trim(),
+    xappsResume: readString(input.xapps_resume, input.xappsResume).trim()
+  };
+}
+function readClientSettleInput(source = {}) {
+  const input = readRecord(source);
+  const status = readString(input.status).trim();
+  return {
+    ...readPaymentRequestParams(input),
+    status: status === "failed" || status === "cancelled" ? status : "paid",
+    clientToken: readString(input.client_token, input.clientToken).trim() || void 0,
+    metadata: input.metadata && typeof input.metadata === "object" && !Array.isArray(input.metadata) ? input.metadata : void 0
+  };
+}
+function sendGatewayUnavailable(reply, message, statusCode = 500) {
+  return reply.code(statusCode).send({ message });
+}
+async function createPaymentRuntime(options = {}, deps = {}) {
+  const createPaymentHandler = typeof deps.createPaymentHandler === "function" ? deps.createPaymentHandler : createPaymentEvidenceHandler;
+  const createGatewayClient = typeof deps.createGatewayClient === "function" ? deps.createGatewayClient : null;
+  const resolvedGatewayClient = options?.overrides?.gatewayClient || (createGatewayClient ? createGatewayClient({
+    baseUrl: options?.gateway?.baseUrl,
+    apiKey: options?.gateway?.apiKey
+  }) : null);
+  const resolvedPaymentHandler = options?.overrides?.paymentHandler || await createPaymentHandler({
+    payments: options?.payments || {},
+    gatewayClient: resolvedGatewayClient
+  });
+  return {
+    gatewayClient: resolvedGatewayClient,
+    paymentHandler: resolvedPaymentHandler,
+    paymentSettings: {
+      ownerIssuer: normalizeOwnerIssuer(options?.payments?.ownerIssuer),
+      paymentUrl: options?.payments?.paymentUrl,
+      returnSecret: options?.payments?.returnSecret,
+      returnSecretRef: options?.payments?.returnSecretRef,
+      returnUrlAllowlist: options?.payments?.returnUrlAllowlist
+    },
+    paymentPageFile: options?.assets?.paymentPage?.filePath || "",
+    resolvePolicyRequest: options?.overrides?.resolvePolicyRequest || null
+  };
+}
+async function createPaymentEvidenceHandler({
+  payments = {},
+  gatewayClient = null,
+  issuer = "",
+  resolvePlatformSecretRef
+} = {}) {
+  const paymentSettings = readRecord(payments);
+  return createPaymentHandlerAsync({
+    secret: readString(paymentSettings.returnSecret).trim() || void 0,
+    secretRef: readString(paymentSettings.returnSecretRef).trim() || void 0,
+    secretRefResolverOptions: {
+      resolvePlatformSecretRef: async (input) => resolvePlatformSecretRef(input)
+    },
+    issuer: normalizeOwnerIssuer(readString(issuer).trim() || readString(paymentSettings.ownerIssuer)) || "tenant",
+    returnUrlAllowlist: readString(paymentSettings.returnUrlAllowlist),
+    gatewayClient: gatewayClient || void 0,
+    requirePersistentStoreInProduction: false
+  });
+}
+async function buildHostedGatewayPaymentUrl(input = {}, runtime = {}) {
+  const payloadInput = readRecord(input);
+  const paymentRuntime = readRecord(runtime);
+  const paymentSettings = readRecord(paymentRuntime.paymentSettings);
+  const ownerIssuer = normalizeOwnerIssuer(paymentSettings.ownerIssuer);
+  const gatewayClient = paymentRuntime.gatewayClient || null;
+  const paymentHandler = paymentRuntime.paymentHandler || null;
+  if (!gatewayClient) {
+    throw new Error("gateway payment session client not configured");
+  }
+  if (!paymentHandler || typeof paymentHandler.upsertSession !== "function") {
+    throw new Error("payment evidence handler not configured");
+  }
+  const result = await buildHostedGatewayPaymentUrlFromGuardContext({
+    deps: {
+      createPaymentSession: (payload) => gatewayClient.createPaymentSession(payload),
+      upsertSession: (payload) => paymentHandler.upsertSession(payload)
+    },
+    payload: payloadInput.payload,
+    context: payloadInput.context,
+    guard: payloadInput.guard,
+    guardConfig: payloadInput.guardConfig,
+    amount: payloadInput.amount,
+    currency: payloadInput.currency,
+    defaultPaymentUrl: readString(paymentSettings.paymentUrl),
+    fallbackIssuer: readString(payloadInput.fallbackIssuer, ownerIssuer) || ownerIssuer,
+    storedIssuer: readString(payloadInput.storedIssuer, readString(payloadInput.fallbackIssuer, ownerIssuer)) || ownerIssuer,
+    defaultSecret: readString(paymentSettings.returnSecret),
+    defaultSecretRef: readString(paymentSettings.returnSecretRef),
+    allowDefaultSecretFallback: Boolean(payloadInput.allowDefaultSecretFallback)
+  });
+  return result.paymentUrl;
+}
+async function buildModeHostedGatewayPaymentUrl(input = {}, defaults = {}, runtime = {}) {
+  const payloadInput = readRecord(input);
+  const modeDefaults = readRecord(defaults);
+  const paymentRuntime = readRecord(runtime);
+  const paymentSettings = readRecord(paymentRuntime.paymentSettings);
+  const ownerIssuer = normalizeOwnerIssuer(paymentSettings.ownerIssuer);
+  return buildHostedGatewayPaymentUrl(
+    {
+      ...payloadInput,
+      fallbackIssuer: readString(
+        modeDefaults.fallbackIssuer,
+        readString(payloadInput.fallbackIssuer, ownerIssuer)
+      ) || ownerIssuer,
+      storedIssuer: readString(
+        modeDefaults.storedIssuer,
+        readString(
+          payloadInput.storedIssuer,
+          readString(
+            modeDefaults.fallbackIssuer,
+            readString(payloadInput.fallbackIssuer, ownerIssuer)
+          )
+        )
+      ) || ownerIssuer,
+      allowDefaultSecretFallback: Boolean(
+        modeDefaults.allowDefaultSecretFallback ?? payloadInput.allowDefaultSecretFallback
+      )
+    },
+    runtime
+  );
+}
+async function registerPaymentPageAssetRoute(fastify, { pagePath = "/tenant-payment.html", pageFile = "" } = {}) {
+  fastify.get(pagePath, async (_request, reply) => {
+    const html = fs.readFileSync(pageFile, "utf8");
+    return reply.code(200).type("text/html; charset=utf-8").send(html);
+  });
+}
+async function registerPaymentPageApiRoutes(fastify, { gatewayClient = null, pathPrefix = "/api/tenant-payment" } = {}) {
+  fastify.get(`${pathPrefix}/session`, async (request, reply) => {
+    const { paymentSessionId, returnUrl, cancelUrl, xappsResume } = readPaymentRequestParams(
+      request.query
+    );
+    if (!gatewayClient || typeof gatewayClient.getGatewayPaymentSession !== "function") {
+      return sendGatewayUnavailable(reply, "gateway payment client is not configured");
+    }
+    if (!paymentSessionId) {
+      return reply.code(400).send({ message: "payment_session_id is required" });
+    }
+    const hosted = await gatewayClient.getGatewayPaymentSession({
+      paymentSessionId,
+      ...returnUrl ? { returnUrl } : {},
+      ...cancelUrl ? { cancelUrl } : {},
+      ...xappsResume ? { xappsResume } : {}
+    });
+    return reply.code(200).send({ status: "success", result: hosted.session });
+  });
+  fastify.post(`${pathPrefix}/complete`, async (request, reply) => {
+    const { paymentSessionId, returnUrl, cancelUrl, xappsResume } = readPaymentRequestParams(
+      request.body
+    );
+    if (!gatewayClient || typeof gatewayClient.completeGatewayPayment !== "function") {
+      return sendGatewayUnavailable(reply, "gateway payment client is not configured");
+    }
+    if (!paymentSessionId) {
+      return reply.code(400).send({ message: "payment_session_id is required" });
+    }
+    const hosted = await gatewayClient.completeGatewayPayment({
+      paymentSessionId,
+      ...returnUrl ? { returnUrl } : {},
+      ...cancelUrl ? { cancelUrl } : {},
+      ...xappsResume ? { xappsResume } : {}
+    });
+    return reply.code(200).send({ status: "success", result: mapHostedSessionResult(hosted) });
+  });
+  fastify.post(`${pathPrefix}/client-settle`, async (request, reply) => {
+    const { paymentSessionId, returnUrl, xappsResume, status, clientToken, metadata } = readClientSettleInput(request.body);
+    if (!paymentSessionId) {
+      return reply.code(400).send({ message: "payment_session_id is required" });
+    }
+    if (!gatewayClient || typeof gatewayClient.clientSettleGatewayPayment !== "function") {
+      return sendGatewayUnavailable(
+        reply,
+        "client-settle is not available for this payment mode",
+        409
+      );
+    }
+    try {
+      const settled = await gatewayClient.clientSettleGatewayPayment({
+        paymentSessionId,
+        returnUrl: returnUrl || void 0,
+        xappsResume: xappsResume || void 0,
+        status,
+        clientToken,
+        metadata
+      });
+      return reply.code(200).send({ status: "success", result: mapHostedSessionResult(settled) });
+    } catch (err) {
+      request.log.error(
+        { err: err instanceof Error ? err.message : String(err) },
+        "client-settle failed"
+      );
+      return reply.code(502).send({ message: "client_settle_failed" });
+    }
+  });
+}
+export {
+  buildHostedGatewayPaymentUrl,
+  buildModeHostedGatewayPaymentUrl,
+  createPaymentEvidenceHandler,
+  createPaymentRuntime,
+  extractHostedPaymentSessionId,
+  registerPaymentPageApiRoutes,
+  registerPaymentPageAssetRoute
+};
+//# sourceMappingURL=paymentRuntime.js.map