npm - mppx - Versions diffs - 0.4.9 → 0.4.10 - Mend

mppx 0.4.9 → 0.4.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (158) hide show

package/CHANGELOG.md +17 -0
package/dist/cli/cli.d.ts.map +1 -1
package/dist/cli/cli.js +155 -0
package/dist/cli/cli.js.map +1 -1
package/dist/discovery/Discovery.d.ts +146 -0
package/dist/discovery/Discovery.d.ts.map +1 -0
package/dist/discovery/Discovery.js +60 -0
package/dist/discovery/Discovery.js.map +1 -0
package/dist/discovery/OpenApi.d.ts +61 -0
package/dist/discovery/OpenApi.d.ts.map +1 -0
package/dist/discovery/OpenApi.js +139 -0
package/dist/discovery/OpenApi.js.map +1 -0
package/dist/discovery/Validate.d.ts +10 -0
package/dist/discovery/Validate.d.ts.map +1 -0
package/dist/discovery/Validate.js +63 -0
package/dist/discovery/Validate.js.map +1 -0
package/dist/discovery/index.d.ts +4 -0
package/dist/discovery/index.d.ts.map +1 -0
package/dist/discovery/index.js +4 -0
package/dist/discovery/index.js.map +1 -0
package/dist/middlewares/elysia.d.ts +52 -1
package/dist/middlewares/elysia.d.ts.map +1 -1
package/dist/middlewares/elysia.js +17 -0
package/dist/middlewares/elysia.js.map +1 -1
package/dist/middlewares/express.d.ts +13 -1
package/dist/middlewares/express.d.ts.map +1 -1
package/dist/middlewares/express.js +18 -0
package/dist/middlewares/express.js.map +1 -1
package/dist/middlewares/hono.d.ts +19 -1
package/dist/middlewares/hono.d.ts.map +1 -1
package/dist/middlewares/hono.js +51 -0
package/dist/middlewares/hono.js.map +1 -1
package/dist/middlewares/internal/mppx.d.ts +4 -2
package/dist/middlewares/internal/mppx.d.ts.map +1 -1
package/dist/middlewares/internal/mppx.js +10 -3
package/dist/middlewares/internal/mppx.js.map +1 -1
package/dist/middlewares/nextjs.d.ts +11 -0
package/dist/middlewares/nextjs.d.ts.map +1 -1
package/dist/middlewares/nextjs.js +15 -0
package/dist/middlewares/nextjs.js.map +1 -1
package/dist/proxy/Proxy.d.ts +6 -0
package/dist/proxy/Proxy.d.ts.map +1 -1
package/dist/proxy/Proxy.js +56 -80
package/dist/proxy/Proxy.js.map +1 -1
package/dist/proxy/Service.d.ts +16 -23
package/dist/proxy/Service.d.ts.map +1 -1
package/dist/proxy/Service.js +19 -83
package/dist/proxy/Service.js.map +1 -1
package/dist/proxy/internal/Route.js +1 -1
package/dist/proxy/internal/Route.js.map +1 -1
package/dist/proxy/services/anthropic.d.ts.map +1 -1
package/dist/proxy/services/anthropic.js +5 -0
package/dist/proxy/services/anthropic.js.map +1 -1
package/dist/proxy/services/openai.d.ts.map +1 -1
package/dist/proxy/services/openai.js +6 -3
package/dist/proxy/services/openai.js.map +1 -1
package/dist/proxy/services/stripe.d.ts.map +1 -1
package/dist/proxy/services/stripe.js +6 -3
package/dist/proxy/services/stripe.js.map +1 -1
package/dist/tempo/server/Session.d.ts.map +1 -1
package/dist/tempo/server/Session.js +18 -5
package/dist/tempo/server/Session.js.map +1 -1
package/dist/tempo/server/internal/transport.d.ts.map +1 -1
package/dist/tempo/server/internal/transport.js +8 -0
package/dist/tempo/server/internal/transport.js.map +1 -1
package/dist/tempo/session/Chain.js +1 -1
package/dist/tempo/session/Chain.js.map +1 -1
package/package.json +6 -1
package/src/BodyDigest.test.ts +1 -1
package/src/Challenge.fuzz.test.ts +121 -0
package/src/Challenge.test-d.ts +1 -1
package/src/Challenge.test.ts +1 -1
package/src/Credential.fuzz.test.ts +62 -0
package/src/Credential.test.ts +1 -1
package/src/Errors.test.ts +1 -1
package/src/Expires.test.ts +1 -1
package/src/Method.test.ts +1 -1
package/src/PaymentRequest.test.ts +1 -1
package/src/Receipt.test.ts +1 -1
package/src/Store.test-d.ts +1 -1
package/src/Store.test.ts +1 -1
package/src/cli/cli.test.ts +212 -1
package/src/cli/cli.ts +162 -0
package/src/client/Mppx.test-d.ts +1 -1
package/src/client/Mppx.test.ts +1 -1
package/src/client/Transport.test.ts +1 -1
package/src/client/internal/Fetch.browser.test.ts +1 -1
package/src/client/internal/Fetch.test-d.ts +1 -1
package/src/client/internal/Fetch.test.ts +2 -1
package/src/discovery/Discovery.test.ts +152 -0
package/src/discovery/Discovery.ts +72 -0
package/src/discovery/OpenApi.test.ts +425 -0
package/src/discovery/OpenApi.ts +224 -0
package/src/discovery/Validate.test.ts +188 -0
package/src/discovery/Validate.ts +76 -0
package/src/discovery/index.ts +3 -0
package/src/internal/constantTimeEqual.test.ts +1 -1
package/src/mcp-sdk/client/McpClient.test-d.ts +1 -1
package/src/mcp-sdk/client/McpClient.test.ts +1 -1
package/src/mcp-sdk/server/Transport.test.ts +1 -1
package/src/middlewares/elysia.test.ts +27 -2
package/src/middlewares/elysia.ts +35 -1
package/src/middlewares/express.test.ts +35 -7
package/src/middlewares/express.ts +34 -0
package/src/middlewares/hono.test.ts +28 -6
package/src/middlewares/hono.ts +73 -1
package/src/middlewares/internal/mppx.test.ts +1 -1
package/src/middlewares/internal/mppx.ts +14 -6
package/src/middlewares/nextjs.test.ts +31 -6
package/src/middlewares/nextjs.ts +28 -0
package/src/proxy/Proxy.test.ts +54 -270
package/src/proxy/Proxy.ts +71 -93
package/src/proxy/Service.test.ts +23 -1
package/src/proxy/Service.ts +40 -86
package/src/proxy/internal/Headers.test.ts +1 -1
package/src/proxy/internal/Route.test.ts +9 -1
package/src/proxy/internal/Route.ts +1 -1
package/src/proxy/services/anthropic.test.ts +132 -0
package/src/proxy/services/anthropic.ts +5 -0
package/src/proxy/services/openai.test.ts +1 -1
package/src/proxy/services/openai.ts +6 -4
package/src/proxy/services/stripe.test.ts +132 -0
package/src/proxy/services/stripe.ts +6 -4
package/src/server/Mppx.test-d.ts +1 -1
package/src/server/Mppx.test.ts +2 -1
package/src/server/NodeListener.test.ts +1 -1
package/src/server/Request.test.ts +1 -1
package/src/server/Response.test.ts +1 -1
package/src/server/Transport.test.ts +1 -1
package/src/stripe/Charge.integration.test.ts +1 -1
package/src/stripe/Methods.test.ts +1 -1
package/src/stripe/client/Charge.test.ts +1 -1
package/src/stripe/server/Charge.test.ts +1 -1
package/src/tempo/Attribution.test.ts +1 -1
package/src/tempo/Methods.test.ts +1 -1
package/src/tempo/client/ChannelOps.test.ts +6 -3
package/src/tempo/client/Session.test.ts +5 -2
package/src/tempo/client/SessionManager.test.ts +1 -1
package/src/tempo/internal/auto-swap.test.ts +1 -1
package/src/tempo/internal/defaults.test.ts +1 -1
package/src/tempo/internal/fee-payer.test.ts +1 -1
package/src/tempo/server/Charge.test.ts +1 -1
package/src/tempo/server/Session.test.ts +87 -37
package/src/tempo/server/Session.ts +25 -8
package/src/tempo/server/Sse.test.ts +1 -1
package/src/tempo/server/internal/transport.test.ts +24 -1
package/src/tempo/server/internal/transport.ts +11 -0
package/src/tempo/session/Chain.test.ts +5 -2
package/src/tempo/session/Chain.ts +1 -1
package/src/tempo/session/Channel.test.ts +1 -1
package/src/tempo/session/ChannelStore.test.ts +1 -1
package/src/tempo/session/Receipt.test.ts +1 -1
package/src/tempo/session/Sse.fuzz.test.ts +138 -0
package/src/tempo/session/Sse.test.ts +1 -1
package/src/tempo/session/Voucher.test.ts +1 -1
package/src/viem/Account.test.ts +1 -1
package/src/viem/Client.test.ts +1 -1
package/src/zod.test.ts +147 -0

package/src/discovery/Validate.test.ts ADDED Viewed

@@ -0,0 +1,188 @@
+import { validate } from './Validate.js'
+function makeDoc(overrides: Record<string, unknown> = {}) {
+  return {
+    info: { title: 'Test', version: '1.0.0' },
+    openapi: '3.1.0',
+    paths: {
+      '/search': {
+        post: {
+          'x-payment-info': {
+            amount: '100',
+            intent: 'charge',
+            method: 'tempo',
+          },
+          requestBody: {
+            content: { 'application/json': { schema: { type: 'object' } } },
+          },
+          responses: {
+            '200': { description: 'OK' },
+            '402': { description: 'Payment Required' },
+          },
+        },
+      },
+    },
+    ...overrides,
+  }
+}
+describe('validate', () => {
+  test('returns no errors for a valid document', () => {
+    const errors = validate(makeDoc())
+    expect(errors.filter((error) => error.severity === 'error')).toHaveLength(0)
+  })
+  test('returns error for missing 402 response', () => {
+    const errors = validate(
+      makeDoc({
+        paths: {
+          '/search': {
+            post: {
+              'x-payment-info': {
+                amount: '100',
+                intent: 'charge',
+                method: 'tempo',
+              },
+              requestBody: {},
+              responses: {
+                '200': { description: 'OK' },
+              },
+            },
+          },
+        },
+      }),
+    )
+    expect(errors.find((error) => error.severity === 'error')?.message).toContain('402')
+  })
+  test('returns warning for missing requestBody', () => {
+    const errors = validate(
+      makeDoc({
+        paths: {
+          '/search': {
+            post: {
+              'x-payment-info': {
+                amount: '100',
+                intent: 'charge',
+                method: 'tempo',
+              },
+              responses: {
+                '200': { description: 'OK' },
+                '402': { description: 'Payment Required' },
+              },
+            },
+          },
+        },
+      }),
+    )
+    expect(errors.find((error) => error.severity === 'warning')?.message).toContain('requestBody')
+  })
+  test('returns structural errors for invalid top-level document', () => {
+    const errors = validate({ openapi: '3.1.0' })
+    expect(errors.length).toBeGreaterThan(0)
+    expect(errors[0]!.severity).toBe('error')
+  })
+  test('returns errors for invalid extension values', () => {
+    const errors = validate(
+      makeDoc({
+        'x-service-info': {
+          docs: { homepage: 'not-a-uri' },
+        },
+        paths: {
+          '/search': {
+            post: {
+              'x-payment-info': {
+                amount: '01',
+                intent: 'subscribe',
+                method: 'tempo',
+              },
+              responses: {
+                '402': { description: 'Payment Required' },
+              },
+            },
+          },
+        },
+      }),
+    )
+    expect(errors.some((error) => error.severity === 'error')).toBe(true)
+  })
+  test('ignores path-item-level fields like summary and parameters', () => {
+    const errors = validate(
+      makeDoc({
+        paths: {
+          '/search': {
+            summary: 'Search endpoints',
+            parameters: [{ name: 'q', in: 'query' }],
+            'x-custom': 'value',
+            post: {
+              'x-payment-info': {
+                amount: '100',
+                intent: 'charge',
+                method: 'tempo',
+              },
+              requestBody: {
+                content: { 'application/json': { schema: { type: 'object' } } },
+              },
+              responses: {
+                '200': { description: 'OK' },
+                '402': { description: 'Payment Required' },
+              },
+            },
+          },
+        },
+      }),
+    )
+    expect(errors.filter((e) => e.severity === 'error')).toHaveLength(0)
+  })
+  test('validates proxy-generated docs with relative llms path', () => {
+    const errors = validate({
+      info: { title: 'API Proxy', version: '1.0.0' },
+      openapi: '3.1.0',
+      paths: {},
+      'x-service-info': {
+        categories: ['gateway'],
+        docs: {
+          apiReference: 'https://example.com/api',
+          homepage: 'https://example.com',
+          llms: '/llms.txt',
+        },
+      },
+    })
+    expect(errors.filter((e) => e.severity === 'error')).toHaveLength(0)
+  })
+  test('accepts x-payment-info with unknown fields', () => {
+    const errors = validate({
+      info: { title: 'Test', version: '1.0.0' },
+      openapi: '3.1.0',
+      paths: {
+        '/api/call': {
+          post: {
+            'x-payment-info': {
+              price: '0.54',
+              pricingMode: 'fixed',
+              protocols: ['x402', 'mpp'],
+            },
+            requestBody: {
+              content: { 'application/json': { schema: { type: 'object' } } },
+            },
+            responses: {
+              '200': { description: 'OK' },
+              '402': { description: 'Payment Required' },
+            },
+          },
+        },
+      },
+    })
+    expect(errors.filter((e) => e.severity === 'error')).toHaveLength(0)
+  })
+})

package/src/discovery/Validate.ts ADDED Viewed

@@ -0,0 +1,76 @@
+import { DiscoveryDocument, PaymentInfo } from './Discovery.js'
+export type ValidationError = {
+  message: string
+  path: string
+  severity: 'error' | 'warning'
+}
+/**
+ * Validates a discovery document structurally and semantically.
+ */
+export function validate(doc: unknown): ValidationError[] {
+  const errors: ValidationError[] = []
+  const result = DiscoveryDocument.safeParse(doc)
+  if (!result.success) {
+    for (const issue of result.error.issues) {
+      errors.push({
+        message: issue.message,
+        path: issue.path.map(String).join('.') || '(root)',
+        severity: 'error',
+      })
+    }
+    return errors
+  }
+  const parsed = result.data
+  const paths = parsed.paths
+  if (!paths) return errors
+  for (const [pathKey, pathItem] of Object.entries(paths)) {
+    for (const [method, operation] of Object.entries(pathItem as Record<string, unknown>)) {
+      if (!operation || typeof operation !== 'object' || Array.isArray(operation)) continue
+      const op = operation as Record<string, unknown>
+      const opPath = `paths.${pathKey}.${method}`
+      const rawPaymentInfo = op['x-payment-info']
+      if (!rawPaymentInfo) continue
+      const paymentResult = PaymentInfo.safeParse(rawPaymentInfo)
+      if (!paymentResult.success) {
+        for (const issue of paymentResult.error.issues) {
+          errors.push({
+            message: issue.message,
+            path: `${opPath}.x-payment-info.${issue.path.map(String).join('.')}`,
+            severity: 'error',
+          })
+        }
+        continue
+      }
+      const responses = op.responses as Record<string, unknown> | undefined
+      if (!responses || !('402' in responses)) {
+        errors.push({
+          message: 'Operation with x-payment-info MUST have a 402 response',
+          path: `${opPath}.responses`,
+          severity: 'error',
+        })
+      }
+      const methodUpper = method.toUpperCase()
+      if (
+        !op.requestBody &&
+        (methodUpper === 'POST' || methodUpper === 'PUT' || methodUpper === 'PATCH')
+      ) {
+        errors.push({
+          message: 'Operation with x-payment-info has no requestBody',
+          path: opPath,
+          severity: 'warning',
+        })
+      }
+    }
+  }
+  return errors
+}

package/src/discovery/index.ts ADDED Viewed

@@ -0,0 +1,3 @@
+export * from './Discovery.js'
+export * from './OpenApi.js'
+export * from './Validate.js'

package/src/internal/constantTimeEqual.test.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { describe, expect, test } from 'vitest'
+import { describe, expect, test } from 'vp/test'
 import { constantTimeEqual } from './constantTimeEqual.js'

package/src/mcp-sdk/client/McpClient.test-d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 import type { Client } from '@modelcontextprotocol/sdk/client/index.js'
 import { tempo } from 'mppx/client'
 import type { Account } from 'viem'
-import { describe, expectTypeOf, test } from 'vitest'
+import { describe, expectTypeOf, test } from 'vp/test'
 import * as McpClient from './McpClient.js'

package/src/mcp-sdk/client/McpClient.test.ts CHANGED Viewed

@@ -6,7 +6,7 @@ import { Challenge, Mcp as core_Mcp } from 'mppx'
 import { tempo as tempo_client } from 'mppx/client'
 import { Mppx as Mppx_server, tempo as tempo_server } from 'mppx/server'
 import { createClient } from 'viem'
-import { afterEach, beforeEach, describe, expect, test } from 'vitest'
+import { afterEach, beforeEach, describe, expect, test } from 'vp/test'
 import { accounts, asset, chain, http, client as testClient } from '~test/tempo/viem.js'
 import * as McpServer_transport from '../server/Transport.js'

package/src/mcp-sdk/server/Transport.test.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { describe, expect, test } from 'vitest'
+import { describe, expect, test } from 'vp/test'
 import type { Challenge } from '../../Challenge.js'
 import type { Credential } from '../../Credential.js'

package/src/middlewares/elysia.test.ts CHANGED Viewed

@@ -3,9 +3,9 @@ import * as http from 'node:http'
 import { Elysia } from 'elysia'
 import { Receipt } from 'mppx'
 import { Mppx as Mppx_client, tempo as tempo_client } from 'mppx/client'
-import { Mppx } from 'mppx/elysia'
+import { Mppx, discovery } from 'mppx/elysia'
 import { tempo as tempo_server } from 'mppx/server'
-import { describe, expect, test } from 'vitest'
+import { describe, expect, test } from 'vp/test'
 import { accounts, asset, client } from '~test/tempo/viem.js'
 function createServer(app: Elysia<any, any, any, any, any, any, any>) {
@@ -87,4 +87,29 @@ describe('charge', () => {
     server.close()
   })
+  test('serves /openapi.json from discovery plugin', async () => {
+    const app = new Elysia().use(
+      discovery(mppx, {
+        info: { title: 'Elysia API', version: '1.0.0' },
+        routes: [{ handler: mppx.charge({ amount: '1' }), method: 'get', path: '/' }],
+      }),
+    )
+    const server = await createServer(app)
+    const response = await globalThis.fetch(`${server.url}/openapi.json`)
+    expect(response.status).toBe(200)
+    expect(response.headers.get('cache-control')).toBe('public, max-age=300')
+    const body = (await response.json()) as Record<string, any>
+    expect(body.info).toEqual({ title: 'Elysia API', version: '1.0.0' })
+    expect(body.paths['/'].get['x-payment-info']).toMatchObject({
+      amount: '1000000',
+      currency: asset,
+      intent: 'charge',
+      method: 'tempo',
+    })
+    server.close()
+  })
 })

package/src/middlewares/elysia.ts CHANGED Viewed

@@ -1,5 +1,6 @@
-import type { Context } from 'elysia'
+import { Elysia, type Context } from 'elysia'
+import { generate, type GenerateConfig, type RouteConfig } from '../discovery/OpenApi.js'
 import * as Mppx_core from '../server/Mppx.js'
 import * as Mppx_internal from './internal/mppx.js'
@@ -68,3 +69,36 @@ export function payment<const intent extends Mppx_internal.AnyMethodFn>(
     if (header) set.headers['Payment-Receipt'] = header
   }
 }
+export type DiscoveryConfig = Omit<GenerateConfig, 'routes'> & {
+  path?: string
+  routes?: RouteConfig[]
+}
+const discoveryHeaders = { 'Cache-Control': 'public, max-age=300' }
+/**
+ * Returns an Elysia plugin that serves an OpenAPI discovery document.
+ */
+export function discovery(
+  mppx: { methods: readonly Mppx_internal.AnyServer[]; realm: string },
+  config: DiscoveryConfig = {},
+) {
+  const mountPath = config.path ?? '/openapi.json'
+  const cached = JSON.stringify(
+    generate(mppx, {
+      ...(config.info ? { info: config.info } : {}),
+      routes: config.routes ?? [],
+      ...(config.serviceInfo ? { serviceInfo: config.serviceInfo } : {}),
+    }),
+  )
+  return new Elysia().get(
+    mountPath,
+    () =>
+      new Response(cached, {
+        headers: { ...discoveryHeaders, 'Content-Type': 'application/json' },
+      }),
+  )
+}

package/src/middlewares/express.test.ts CHANGED Viewed

@@ -1,11 +1,11 @@
 import express from 'express'
 import { Receipt } from 'mppx'
 import { Mppx as Mppx_client, session as sessionIntent, tempo as tempo_client } from 'mppx/client'
-import { Mppx, payment } from 'mppx/express'
+import { Mppx, discovery, payment } from 'mppx/express'
 import { Mppx as Mppx_server, tempo as tempo_server } from 'mppx/server'
 import type { Address } from 'viem'
 import { Addresses } from 'viem/tempo'
-import { beforeAll, describe, expect, test } from 'vitest'
+import { beforeAll, describe, expect, test } from 'vp/test'
 import { deployEscrow } from '~test/tempo/session.js'
 import { accounts, asset, client, fundAccount } from '~test/tempo/viem.js'
@@ -29,7 +29,7 @@ describe('charge', () => {
       tempo_server({
         getClient: () => client,
         currency: asset,
-        recipient: accounts[0].address,
+        account: accounts[0],
       }),
     ],
     secretKey,
@@ -81,6 +81,34 @@ describe('charge', () => {
     server.close()
   })
+  test('serves /openapi.json from a handler-derived route config', async () => {
+    const app = express()
+    const pay = mppx.charge({ amount: '1' })
+    app.get('/', pay, (_req, res) => {
+      res.json({ fortune: 'You will be rich' })
+    })
+    discovery(app, mppx, {
+      info: { title: 'Express API', version: '1.2.3' },
+      routes: [{ handler: pay, method: 'get', path: '/' }],
+    })
+    const server = await createServer(app)
+    const response = await globalThis.fetch(`${server.url}/openapi.json`)
+    expect(response.status).toBe(200)
+    expect(response.headers.get('cache-control')).toBe('public, max-age=300')
+    const body = (await response.json()) as Record<string, any>
+    expect(body.info).toEqual({ title: 'Express API', version: '1.2.3' })
+    expect(body.paths['/'].get['x-payment-info']).toMatchObject({
+      amount: '1000000',
+      currency: asset,
+      intent: 'charge',
+      method: 'tempo',
+    })
+    server.close()
+  })
 })
 describe('session', () => {
@@ -97,7 +125,7 @@ describe('session', () => {
       methods: [
         tempo_server.session({
           getClient: () => client,
-          recipient: accounts[0].address,
+          account: accounts[0],
           currency: asset,
           escrowContract,
         }),
@@ -123,10 +151,10 @@ describe('session', () => {
       methods: [
         tempo_server.session({
           getClient: () => client,
-          recipient: accounts[0].address,
+          account: accounts[0],
           currency: asset,
           escrowContract,
-          feePayer: accounts[0],
+          feePayer: true,
         }),
       ],
       secretKey,
@@ -165,7 +193,7 @@ describe('payment', () => {
       tempo_server({
         getClient: () => client,
         currency: asset,
-        recipient: accounts[0].address,
+        account: accounts[0],
       }),
     ],
     secretKey,

package/src/middlewares/express.ts CHANGED Viewed

@@ -1,10 +1,12 @@
 import type {
+  Express,
   Request as ExpressRequest,
   Response as ExpressResponse,
   NextFunction,
   RequestHandler,
 } from 'express'
+import { generate, type GenerateConfig, type RouteConfig } from '../discovery/OpenApi.js'
 import * as Mppx_core from '../server/Mppx.js'
 import * as Mppx_internal from './internal/mppx.js'
@@ -84,3 +86,35 @@ export function payment<const intent extends Mppx_internal.AnyMethodFn>(
     next()
   }
 }
+export type DiscoveryConfig = Omit<GenerateConfig, 'routes'> & {
+  path?: string
+  routes?: RouteConfig[]
+}
+const discoveryHeaders = { 'Cache-Control': 'public, max-age=300' }
+/**
+ * Mounts a `GET /openapi.json` route that serves an OpenAPI discovery document.
+ */
+export function discovery(
+  app: Express,
+  mppx: { methods: readonly Mppx_internal.AnyServer[]; realm: string },
+  config: DiscoveryConfig = {},
+): void {
+  const mountPath = config.path ?? '/openapi.json'
+  const cached = JSON.stringify(
+    generate(mppx, {
+      ...(config.info ? { info: config.info } : {}),
+      routes: config.routes ?? [],
+      ...(config.serviceInfo ? { serviceInfo: config.serviceInfo } : {}),
+    }),
+  )
+  app.get(mountPath, (_req: ExpressRequest, res: ExpressResponse) => {
+    res.setHeader('Cache-Control', discoveryHeaders['Cache-Control'])
+    res.setHeader('Content-Type', 'application/json')
+    res.end(cached)
+  })
+}

package/src/middlewares/hono.test.ts CHANGED Viewed

@@ -2,11 +2,11 @@ import { serve } from '@hono/node-server'
 import { Hono } from 'hono'
 import { Receipt } from 'mppx'
 import { Mppx as Mppx_client, session as sessionIntent, tempo as tempo_client } from 'mppx/client'
-import { Mppx } from 'mppx/hono'
+import { Mppx, discovery } from 'mppx/hono'
 import { tempo as tempo_server } from 'mppx/server'
 import type { Address } from 'viem'
 import { Addresses } from 'viem/tempo'
-import { beforeAll, describe, expect, test } from 'vitest'
+import { beforeAll, describe, expect, test } from 'vp/test'
 import { deployEscrow } from '~test/tempo/session.js'
 import { accounts, asset, client, fundAccount } from '~test/tempo/viem.js'
@@ -29,7 +29,7 @@ describe('charge', () => {
       tempo_server.charge({
         getClient: () => client,
         currency: asset,
-        recipient: accounts[0].address,
+        account: accounts[0],
       }),
     ],
     secretKey,
@@ -74,6 +74,28 @@ describe('charge', () => {
     server.close()
   })
+  test('serves /openapi.json via auto discovery', async () => {
+    const app = new Hono()
+    app.get('/', mppx.charge({ amount: '1' }), (c) => c.json({ fortune: 'You will be rich' }))
+    discovery(app, mppx, { auto: true, info: { title: 'Auto API', version: '2.0.0' } })
+    const server = await createServer(app)
+    const response = await globalThis.fetch(`${server.url}/openapi.json`)
+    expect(response.status).toBe(200)
+    expect(response.headers.get('cache-control')).toBe('public, max-age=300')
+    const body = (await response.json()) as Record<string, any>
+    expect(body.info).toEqual({ title: 'Auto API', version: '2.0.0' })
+    expect(body.paths['/'].get['x-payment-info']).toMatchObject({
+      amount: '1000000',
+      currency: asset,
+      intent: 'charge',
+      method: 'tempo',
+    })
+    server.close()
+  })
 })
 describe('session', () => {
@@ -90,7 +112,7 @@ describe('session', () => {
       methods: [
         tempo_server.session({
           getClient: () => client,
-          recipient: accounts[0].address,
+          account: accounts[0],
           currency: asset,
           escrowContract,
         }),
@@ -116,10 +138,10 @@ describe('session', () => {
       methods: [
         tempo_server.session({
           getClient: () => client,
-          recipient: accounts[0].address,
+          account: accounts[0],
           currency: asset,
           escrowContract,
-          feePayer: accounts[0],
+          feePayer: true,
         }),
       ],
       secretKey,

package/src/middlewares/hono.ts CHANGED Viewed

@@ -1,5 +1,6 @@
-import type { MiddlewareHandler } from 'hono'
+import type { Hono, MiddlewareHandler } from 'hono'
+import { generate, type GenerateConfig, type RouteConfig } from '../discovery/OpenApi.js'
 import * as Mppx_core from '../server/Mppx.js'
 import * as Mppx_internal from './internal/mppx.js'
@@ -61,3 +62,74 @@ export function payment<const intent extends Mppx_internal.AnyMethodFn>(
     c.res = result.withReceipt(c.res)
   }
 }
+export type DiscoveryConfig = Omit<GenerateConfig, 'routes'> & {
+  auto?: boolean
+  path?: string
+  routes?: RouteConfig[]
+}
+const discoveryHeaders = { 'Cache-Control': 'public, max-age=300' }
+/**
+ * Mounts a `GET /openapi.json` route that serves an OpenAPI discovery document.
+ *
+ * When `auto` is true, routes are introspected from Hono's internal `app.routes`
+ * array. This is a **best-effort / experimental** convenience — `app.routes` is
+ * not part of Hono's stable public API and may change across versions. Prefer
+ * passing explicit `routes` for production use.
+ */
+export function discovery(
+  app: Hono<any>,
+  mppx: { methods: readonly Mppx_internal.AnyServer[]; realm: string },
+  config: DiscoveryConfig = {},
+): void {
+  const mountPath = config.path ?? '/openapi.json'
+  let cached: string | undefined
+  app.get(mountPath, (c) => {
+    if (!cached) {
+      const routes = config.routes ?? (config.auto ? introspectRoutes(app) : [])
+      const doc = generate(mppx, {
+        ...(config.info ? { info: config.info } : {}),
+        routes,
+        ...(config.serviceInfo ? { serviceInfo: config.serviceInfo } : {}),
+      })
+      cached = JSON.stringify(doc)
+    }
+    c.header('Cache-Control', discoveryHeaders['Cache-Control'])
+    c.header('Content-Type', 'application/json')
+    return c.body(cached)
+  })
+}
+function introspectRoutes(app: Hono<any>): RouteConfig[] {
+  const routes: RouteConfig[] = []
+  const appRoutes = (app as any).routes as
+    | { handler: any; method: string; path: string }[]
+    | undefined
+  if (!appRoutes) return routes
+  const seen = new Set<string>()
+  for (const route of appRoutes) {
+    const internal = (route.handler as { _internal?: Record<string, unknown> } | undefined)
+      ?._internal
+    if (!internal) continue
+    const key = `${route.method}:${route.path}:${internal.name}/${internal.intent}`
+    if (seen.has(key)) continue
+    seen.add(key)
+    routes.push({
+      handler: route.handler,
+      method: route.method,
+      path: route.path,
+    })
+  }
+  return routes
+}

package/src/middlewares/internal/mppx.test.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { Challenge, Credential, Method, z } from 'mppx'
 import { Mppx } from 'mppx/server'
-import { describe, expect, test } from 'vitest'
+import { describe, expect, test } from 'vp/test'
 import { wrap } from './mppx.js'