mppx 0.3.14 → 0.3.16

package/src/client/Mppx.test-d.ts

@@ -28,6 +28,15 @@ describe('Mppx', () => {
     expectTypeOf(mppx.createCredential).toBeFunction()
     expectTypeOf(mppx.createCredential).returns.toMatchTypeOf<Promise<string>>()
   })
+
+  test('has rawFetch with standard fetch signature', () => {
+    const method = charge({
+      account: {} as Account,
+    })
+    const mppx = Mppx.create({ methods: [method] })
+
+    expectTypeOf(mppx.rawFetch).toEqualTypeOf<typeof globalThis.fetch>()
+  })
 })
 
 describe('create.Config', () => {

package/src/client/Mppx.test.ts

@@ -28,6 +28,7 @@ describe('Mppx.create', () => {
     expect(mppx.transport.name).toBe('http')
     expect(typeof mppx.createCredential).toBe('function')
     expect(typeof mppx.fetch).toBe('function')
+    expect(typeof mppx.rawFetch).toBe('function')
   })
 
   test('behavior: with mcp transport', () => {
@@ -471,3 +472,80 @@ describe('restore', () => {
     expect(globalThis.fetch).toBe(originalFetch)
   })
 })
+
+describe('rawFetch', () => {
+  test('default: returns the original fetch when polyfill is enabled', () => {
+    const originalFetch = globalThis.fetch
+
+    const mppx = Mppx.create({
+      methods: [
+        tempo({
+          account: accounts[1],
+          getClient: () => client,
+        }),
+      ],
+    })
+
+    expect(globalThis.fetch).not.toBe(originalFetch)
+    expect(mppx.rawFetch).toBe(originalFetch)
+  })
+
+  test('behavior: returns the original fetch when polyfill is disabled', () => {
+    const originalFetch = globalThis.fetch
+
+    const mppx = Mppx.create({
+      polyfill: false,
+      methods: [
+        tempo({
+          account: accounts[1],
+          getClient: () => client,
+        }),
+      ],
+    })
+
+    expect(mppx.rawFetch).toBe(originalFetch)
+  })
+
+  test('behavior: returns custom fetch when provided', () => {
+    const customFetch = async () => new Response('custom')
+
+    const mppx = Mppx.create({
+      polyfill: false,
+      fetch: customFetch as typeof globalThis.fetch,
+      methods: [
+        tempo({
+          account: accounts[1],
+          getClient: () => client,
+        }),
+      ],
+    })
+
+    expect(mppx.rawFetch).toBe(customFetch)
+  })
+
+  test('behavior: rawFetch does not intercept 402 responses', async () => {
+    const mppx = Mppx.create({
+      methods: [
+        tempo({
+          account: accounts[1],
+          getClient: () => client,
+        }),
+      ],
+    })
+
+    const httpServer = await Http.createServer(async (req, res) => {
+      const result = await Mppx_server.toNodeListener(
+        server.charge({
+          amount: '1',
+        }),
+      )(req, res)
+      if (result.status === 402) return
+      res.end('OK')
+    })
+
+    const response = await mppx.rawFetch(httpServer.url)
+    expect(response.status).toBe(402)
+
+    httpServer.close()
+  })
+})

package/src/client/Mppx.ts

@@ -15,6 +15,8 @@ export type Mppx<
 > = {
   /** Payment-aware fetch function that automatically handles 402 responses. */
   fetch: Fetch.from.Fetch<FlattenMethods<methods>>
+  /** The original, unwrapped fetch function (pre-polyfill). Useful when you need to make requests that should not be intercepted (e.g. 402 probes for websocket auth). */
+  rawFetch: typeof globalThis.fetch
   /** Methods to configure. */
   methods: FlattenMethods<methods>
   /** The transport used. */
@@ -56,6 +58,8 @@ export function create<
 >(config: create.Config<methods, transport>): Mppx<methods, transport> {
   const { onChallenge, polyfill = true, transport = Transport.http() as transport } = config
 
+  const rawFetch = config.fetch ?? globalThis.fetch
+
   const methods = config.methods.flat() as unknown as FlattenMethods<methods>
 
   const resolvedOnChallenge = onChallenge as Fetch.from.Config<
@@ -71,6 +75,7 @@ export function create<
   if (polyfill) Fetch.polyfill(config_fetch)
   return {
     fetch,
+    rawFetch,
     methods,
     transport,
     async createCredential(response: Transport.ResponseOf<transport>, context?: unknown) {

package/src/client/internal/Fetch.test.ts

@@ -530,7 +530,7 @@ describe('Fetch.from: 402 retry path', () => {
     })
 
     await expect(fetch('https://example.com/api')).rejects.toThrow(
-      'No method found for "stripe.charge"',
+      'No method found for challenges: stripe.charge',
     )
   })
 

package/src/client/internal/Fetch.ts

@@ -52,18 +52,30 @@ export function from<const methods extends readonly Method.AnyClient[]>(
     const context = (init as Record<string, unknown> | undefined)?.context
     const { context: _, ...fetchInit } = (init ?? {}) as Record<string, unknown>
 
-    const challenge = Challenge.fromResponse(response)
-
-    const mi = methods.find((m) => m.name === challenge.method && m.intent === challenge.intent)
-    if (!mi)
+    // Parse all challenges from the response (supports merged WWW-Authenticate headers).
+    // Match in client preference order: iterate the client's methods array and pick the
+    // first method that has a matching challenge, so the client controls priority.
+    const challenges = Challenge.fromResponseList(response)
+
+    let challenge: Challenge.Challenge | undefined
+    let mi: (typeof methods)[number] | undefined
+    for (const m of methods) {
+      const match = challenges.find((c) => c.method === m.name && c.intent === m.intent)
+      if (match) {
+        challenge = match
+        mi = m
+        break
+      }
+    }
+    if (!challenge || !mi)
       throw new Error(
-        `No method found for "${challenge.method}.${challenge.intent}". Available: ${methods.map((m) => `${m.name}.${m.intent}`).join(', ')}`,
+        `No method found for challenges: ${challenges.map((c) => `${c.method}.${c.intent}`).join(', ')}. Available: ${methods.map((m) => `${m.name}.${m.intent}`).join(', ')}`,
       )
 
     const onChallengeCredential = onChallenge
       ? await onChallenge(challenge, {
           createCredential: async (overrideContext?: AnyContextFor<methods>) =>
-            resolveCredential(challenge, mi, overrideContext ?? context),
+            resolveCredential(challenge, mi!, overrideContext ?? context),
         })
       : undefined
     const credential = onChallengeCredential ?? (await resolveCredential(challenge, mi, context))

package/src/middlewares/internal/mppx.test.ts

@@ -0,0 +1,152 @@
+import { Challenge, Credential, Method, z } from 'mppx'
+import { Mppx } from 'mppx/server'
+import { describe, expect, test } from 'vitest'
+import { wrap } from './mppx.js'
+
+const realm = 'api.example.com'
+const secretKey = 'test-secret-key'
+
+const mockChargeA = Method.from({
+  name: 'alpha',
+  intent: 'charge',
+  schema: {
+    credential: {
+      payload: z.object({ token: z.string() }),
+    },
+    request: z.object({
+      amount: z.string(),
+      currency: z.string(),
+      decimals: z.number(),
+      recipient: z.string(),
+    }),
+  },
+})
+
+const mockChargeB = Method.from({
+  name: 'beta',
+  intent: 'charge',
+  schema: {
+    credential: {
+      payload: z.object({ token: z.string() }),
+    },
+    request: z.object({
+      amount: z.string(),
+      currency: z.string(),
+      decimals: z.number(),
+      recipient: z.string(),
+    }),
+  },
+})
+
+function mockReceipt(name: string) {
+  return {
+    method: name,
+    reference: `tx-${name}`,
+    status: 'success' as const,
+    timestamp: new Date().toISOString(),
+  }
+}
+
+const alphaMethod = Method.toServer(mockChargeA, {
+  async verify() {
+    return mockReceipt('alpha')
+  },
+})
+
+const betaMethod = Method.toServer(mockChargeB, {
+  async verify() {
+    return mockReceipt('beta')
+  },
+})
+
+const challengeOpts = {
+  amount: '1000',
+  currency: '0x0000000000000000000000000000000000000001',
+  decimals: 6,
+  expires: new Date(Date.now() + 60_000).toISOString(),
+  recipient: '0x0000000000000000000000000000000000000002',
+}
+
+describe('wrap: nested handlers', () => {
+  test('wrapped.alpha.charge produces a wrapped handler', () => {
+    const mppx = Mppx.create({ methods: [alphaMethod, betaMethod], realm, secretKey }) as any
+
+    const wrapped = wrap(mppx, (methodFn, options) => {
+      return { type: 'wrapped' as const, handler: methodFn(options) }
+    })
+
+    const result = wrapped.alpha.charge(challengeOpts)
+    expect(result.type).toBe('wrapped')
+    expect(typeof result.handler).toBe('function')
+  })
+
+  test('wrapped.beta.charge produces a wrapped handler', () => {
+    const mppx = Mppx.create({ methods: [alphaMethod, betaMethod], realm, secretKey }) as any
+
+    const wrapped = wrap(mppx, (methodFn, options) => {
+      return { type: 'wrapped' as const, handler: methodFn(options) }
+    })
+
+    const result = wrapped.beta.charge(challengeOpts)
+    expect(result.type).toBe('wrapped')
+  })
+
+  test('nested wrapped handler works end-to-end (402 then 200)', async () => {
+    const mppx = Mppx.create({ methods: [alphaMethod], realm, secretKey }) as any
+
+    const wrapped = wrap(mppx, (methodFn, options) => methodFn(options))
+
+    const handle = wrapped.alpha.charge(challengeOpts)
+
+    const firstResult = await handle(new Request('https://example.com/resource'))
+    expect(firstResult.status).toBe(402)
+    if (firstResult.status !== 402) throw new Error()
+
+    const challenge = Challenge.fromResponse(firstResult.challenge)
+    const credential = Credential.from({ challenge, payload: { token: 'valid' } })
+
+    const result = await handle(
+      new Request('https://example.com/resource', {
+        headers: { Authorization: Credential.serialize(credential) },
+      }),
+    )
+    expect(result.status).toBe(200)
+  })
+
+  test('slash key and nested key produce equivalent wrapped handlers', () => {
+    const mppx = Mppx.create({ methods: [alphaMethod], realm, secretKey }) as any
+
+    const wrapped = wrap(mppx, (methodFn, options) => {
+      return { methodFn, options }
+    })
+
+    const nestedResult = wrapped.alpha.charge(challengeOpts) as {
+      methodFn: unknown
+      options: unknown
+    }
+    const slashResult = wrapped['alpha/charge'](challengeOpts) as {
+      methodFn: unknown
+      options: unknown
+    }
+
+    expect(nestedResult.methodFn).toBe(slashResult.methodFn)
+    expect(nestedResult.options).toEqual(slashResult.options)
+  })
+
+  test('compose is passed through unwrapped', () => {
+    const mppx = Mppx.create({ methods: [alphaMethod], realm, secretKey }) as any
+
+    const wrapped = wrap(mppx, (_methodFn, _options) => 'wrapped')
+
+    expect(wrapped.compose).toBe(mppx.compose)
+  })
+
+  test('realm and transport are passed through', () => {
+    const mppx = Mppx.create({ methods: [alphaMethod], realm, secretKey }) as any
+
+    const wrapped = wrap(mppx, (_methodFn, _options) => 'wrapped')
+
+    expect(wrapped.realm).toBe(realm)
+    expect(wrapped.transport).toBe(mppx.transport)
+  })
+})

package/src/middlewares/internal/mppx.ts

@@ -4,10 +4,24 @@ import type * as Mppx from '../../server/Mppx.js'
 export type AnyMethodFn = Mppx.AnyMethodFn
 export type AnyServer = Method.AnyServer
 
-export type Wrap<mppx, handler> = {
-  [key in keyof mppx]: mppx[key] extends (options: infer options) => any
+/** Recursively wraps nested handler objects one level deep. */
+type WrapNested<obj, handler> = {
+  [key in keyof obj]: obj[key] extends (options: infer options) => any
     ? (o: options) => handler
-    : mppx[key]
+    : obj[key]
+}
+
+export type Wrap<mppx, handler> = {
+  // `compose` is passed through unwrapped because it's a multi-method
+  // combinator (takes `[method, options]` tuples), not a per-method handler.
+  // `methods`, `realm`, `transport` are data properties — not handlers.
+  [key in keyof mppx]: key extends 'compose' | 'methods' | 'realm' | 'transport'
+    ? mppx[key]
+    : mppx[key] extends (options: infer options) => any
+      ? (o: options) => handler
+      : mppx[key] extends Record<string, (options: any) => any>
+        ? WrapNested<mppx[key], handler>
+        : mppx[key]
 }
 
 /**
@@ -28,6 +42,11 @@ export function wrap<mppx extends Mppx.Mppx<any, any>, handler>(
     result[key] = (options: any) => wrapper(methodFn, options)
     // Also set shorthand intent key if Mppx registered it (no collision)
     if ((mppx as any)[mi.intent]) result[mi.intent] = (options: any) => wrapper(methodFn, options)
+    // Build nested handlers: wrapped.tempo.charge(...)
+    if (!result[mi.name] || typeof result[mi.name] !== 'object')
+      result[mi.name] = {} as Record<string, unknown>
+    ;(result[mi.name] as Record<string, unknown>)[mi.intent] = (options: any) =>
+      wrapper(methodFn, options)
   }
   return result as never
 }