mppx 0.5.17 → 0.6.1

package/src/tempo/server/internal/request-body.test.ts

@@ -0,0 +1,142 @@
+import { describe, expect, test } from 'vp/test'
+
+import {
+  captureRequestBodyProbe,
+  hasCapturedRequestBody,
+  isSessionContentRequest,
+  shouldChargePlainResponse,
+} from './request-body.js'
+
+describe('request-body', () => {
+  describe('hasCapturedRequestBody', () => {
+    test('returns true when the captured request recorded a body stream', () => {
+      expect(
+        hasCapturedRequestBody({
+          hasBody: true,
+          headers: new Headers(),
+        }),
+      ).toBe(true)
+    })
+
+    test('returns true when content-length is non-zero', () => {
+      expect(
+        hasCapturedRequestBody({
+          headers: new Headers({ 'content-length': '42' }),
+        }),
+      ).toBe(true)
+    })
+
+    test('returns true when transfer-encoding is present', () => {
+      expect(
+        hasCapturedRequestBody({
+          headers: new Headers({ 'transfer-encoding': 'chunked' }),
+        }),
+      ).toBe(true)
+    })
+
+    test('returns false for bodyless requests without framing headers', () => {
+      expect(
+        hasCapturedRequestBody({
+          hasBody: false,
+          headers: new Headers(),
+        }),
+      ).toBe(false)
+    })
+  })
+
+  describe('isSessionContentRequest', () => {
+    test('treats GET requests as content requests', () => {
+      expect(
+        isSessionContentRequest({
+          headers: new Headers(),
+          method: 'GET',
+        }),
+      ).toBe(true)
+    })
+
+    test('treats HEAD requests as management requests', () => {
+      expect(
+        isSessionContentRequest({
+          headers: new Headers(),
+          method: 'HEAD',
+        }),
+      ).toBe(false)
+    })
+
+    test('treats POST requests with a body stream and no content-length as content requests', () => {
+      expect(
+        isSessionContentRequest({
+          hasBody: true,
+          headers: new Headers(),
+          method: 'POST',
+        }),
+      ).toBe(true)
+    })
+
+    test('treats bodyless POST requests as management requests', () => {
+      expect(
+        isSessionContentRequest({
+          hasBody: false,
+          headers: new Headers(),
+          method: 'POST',
+        }),
+      ).toBe(false)
+    })
+  })
+
+  describe('shouldChargePlainResponse', () => {
+    test('does not charge close or topUp actions', () => {
+      const input = {
+        hasBody: true,
+        headers: new Headers(),
+        method: 'POST',
+      } as const
+
+      expect(shouldChargePlainResponse(input, { action: 'close' })).toBe(false)
+      expect(shouldChargePlainResponse(input, { action: 'topUp' })).toBe(false)
+    })
+
+    test('charges POST content requests detected via the body stream', () => {
+      expect(
+        shouldChargePlainResponse(
+          {
+            hasBody: true,
+            headers: new Headers(),
+            method: 'POST',
+          },
+          { action: 'voucher' },
+        ),
+      ).toBe(true)
+    })
+
+    test('does not charge bodyless POST management requests', () => {
+      expect(
+        shouldChargePlainResponse(
+          {
+            hasBody: false,
+            headers: new Headers(),
+            method: 'POST',
+          },
+          { action: 'voucher' },
+        ),
+      ).toBe(false)
+    })
+  })
+
+  describe('captureRequestBodyProbe', () => {
+    test('captures body presence from Request.body', () => {
+      const request = new Request('https://example.com', {
+        body: JSON.stringify({ prompt: 'hello' }),
+        method: 'POST',
+      })
+
+      const probe = captureRequestBodyProbe(request)
+      expect(request.headers.get('content-length')).toBeNull()
+      expect(probe).toEqual({
+        headers: request.headers,
+        hasBody: true,
+        method: 'POST',
+      })
+    })
+  })
+})

package/src/tempo/server/internal/request-body.ts

@@ -0,0 +1,37 @@
+import type * as Method from '../../../Method.js'
+import type { SessionCredentialPayload } from '../../session/Types.js'
+
+export type RequestBodyProbe = Pick<Method.CapturedRequest, 'headers' | 'hasBody' | 'method'>
+
+export function captureRequestBodyProbe(input: Request): RequestBodyProbe {
+  return {
+    headers: input.headers,
+    hasBody: input.body !== null,
+    method: input.method,
+  }
+}
+
+export function hasCapturedRequestBody(
+  input: Pick<RequestBodyProbe, 'headers' | 'hasBody'>,
+): boolean {
+  const contentLength = input.headers.get('content-length')
+  const headerIndicatesBody =
+    (contentLength !== null && contentLength !== '0') || input.headers.has('transfer-encoding')
+
+  if (input.hasBody === true) return true
+  return headerIndicatesBody
+}
+
+export function isSessionContentRequest(input: RequestBodyProbe): boolean {
+  if (input.method === 'HEAD') return false
+  if (input.method !== 'POST') return true
+  return hasCapturedRequestBody(input)
+}
+
+export function shouldChargePlainResponse(
+  input: RequestBodyProbe,
+  payload: Partial<SessionCredentialPayload>,
+): boolean {
+  if (payload.action === 'close' || payload.action === 'topUp') return false
+  return isSessionContentRequest(input)
+}

package/src/tempo/server/internal/transport.test.ts

@@ -284,6 +284,90 @@ describe('sse transport', () => {
     expect(terminalReceipt.units).toBe(1)
   })
 
+  test('respondReceipt uses the verified route unitType instead of the echoed credential unitType', async () => {
+    const store = memoryStore()
+    await seedChannel(store, 10000000n)
+    const transport = sse({ store })
+    const request = makeAuthorizedRequest({ unitType: 'token' })
+    const credential = makeCredential({ unitType: 'request' })
+
+    async function* gen() {
+      yield 'hello'
+      yield 'world'
+      yield 'again'
+    }
+
+    const response = transport.respondReceipt({
+      credential,
+      envelope: {
+        capturedRequest: {
+          headers: new Headers(request.headers),
+          hasBody: request.body !== null,
+          method: request.method,
+          url: new URL(request.url),
+        },
+        challenge: makeChallenge({ unitType: 'token' }),
+        credential,
+        request: makeChallenge({ unitType: 'token' }).request,
+      },
+      input: request,
+      receipt: makeReceipt(),
+      response: gen(),
+      challengeId,
+    })
+
+    const body = await readResponseText(response)
+    const terminalReceipt = readTerminalReceipt(body)
+    const channel = await store.getChannel(channelId)
+
+    expect(channel!.spent).toBe(3000000n)
+    expect(channel!.units).toBe(3)
+    expect(terminalReceipt.spent).toBe('3000000')
+    expect(terminalReceipt.units).toBe(3)
+  })
+
+  test('respondReceipt uses the canonical challenge amount instead of the raw verified route amount', async () => {
+    const store = memoryStore()
+    await seedChannel(store, 10000000n)
+    const transport = sse({ store })
+    const request = makeAuthorizedRequest({ unitType: 'token' })
+    const credential = makeCredential({ unitType: 'token' })
+
+    const response = transport.respondReceipt({
+      credential,
+      envelope: {
+        capturedRequest: {
+          headers: new Headers(request.headers),
+          hasBody: request.body !== null,
+          method: request.method,
+          url: new URL(request.url),
+        },
+        challenge: credential.challenge,
+        credential,
+        request: {
+          ...credential.challenge.request,
+          amount: '1',
+        },
+      },
+      input: request,
+      receipt: makeReceipt(),
+      response: new Response('ok', {
+        headers: { 'Content-Type': 'text/plain' },
+      }),
+      challengeId,
+    })
+
+    expect(await response.text()).toBe('ok')
+
+    const receipt = deserializeSessionReceipt(response.headers.get('Payment-Receipt')!)
+    const channel = await store.getChannel(channelId)
+
+    expect(channel!.spent).toBe(1000000n)
+    expect(channel!.units).toBe(1)
+    expect(receipt.spent).toBe('1000000')
+    expect(receipt.units).toBe(1)
+  })
+
   test('respondReceipt with AsyncIterable and non-request unitType still charges per chunk', async () => {
     const store = memoryStore()
     await seedChannel(store, 10000000n)
@@ -565,7 +649,13 @@ describe('sse transport', () => {
     const store = memoryStore()
     await seedChannel(store, 10000000n)
     const transport = sse({ store })
-    const request = makeAuthorizedRequest()
+    const request = new Request('https://test.example.com/session', {
+      body: JSON.stringify({ prompt: 'hello' }),
+      headers: makeAuthorizedRequest().headers,
+      method: 'POST',
+    })
+
+    expect(request.headers.get('content-length')).toBeNull()
 
     const plainResponse = new Response(JSON.stringify({ content: 'hello' }), {
       headers: { 'Content-Type': 'application/json' },
@@ -593,11 +683,45 @@ describe('sse transport', () => {
     expect(response.headers.get('Payment-Receipt')).toBeTruthy()
   })
 
+  test('respondReceipt with bodyless POST management request does not deduct from channel', async () => {
+    const store = memoryStore()
+    await seedChannel(store, 10000000n)
+    const transport = sse({ store })
+
+    const response = transport.respondReceipt({
+      credential: Credential.from({
+        challenge: makeChallenge(),
+        payload: {
+          action: 'voucher',
+          channelId,
+          cumulativeAmount: '1000000',
+          signature: '0xdeadbeef',
+        },
+      }),
+      input: new Request('https://test.example.com/session', { method: 'POST' }),
+      receipt: makeReceipt(),
+      response: new Response(JSON.stringify({ ok: true }), {
+        headers: { 'Content-Type': 'application/json' },
+      }),
+      challengeId,
+    })
+
+    expect(await response.text()).toBe('{"ok":true}')
+
+    const channel = await store.getChannel(channelId)
+    expect(channel!.spent).toBe(0n)
+    expect(channel!.units).toBe(0)
+  })
+
   test('respondReceipt with 204 content response still deducts from channel', async () => {
     const store = memoryStore()
     await seedChannel(store, 10000000n)
     const transport = sse({ store })
-    const request = makeAuthorizedRequest()
+    const request = new Request('https://test.example.com/session', {
+      body: JSON.stringify({ prompt: 'hello' }),
+      headers: makeAuthorizedRequest().headers,
+      method: 'POST',
+    })
 
     const contentResponse = new Response(null, { status: 204 })
     const response = transport.respondReceipt({

package/src/tempo/server/internal/transport.ts

@@ -11,6 +11,7 @@ import * as Transport from '../../../server/Transport.js'
 import * as ChannelStore from '../../session/ChannelStore.js'
 import * as Sse_core from '../../session/Sse.js'
 import type { SessionCredentialPayload, SessionReceipt } from '../../session/Types.js'
+import { captureRequestBodyProbe, shouldChargePlainResponse } from './request-body.js'
 
 /** SSE transport with Tempo session controller. */
 export type Sse = Transport.Sse<Sse_core.SessionController>
@@ -43,8 +44,8 @@ export function sse(options: sse.Options & { store: ChannelStore.ChannelStore })
     captureRequest(request) {
       return (
         base.captureRequest?.(request) ?? {
-          hasBody: request.body !== null,
           headers: new Headers(request.headers),
+          hasBody: request.body !== null,
           method: request.method,
           url: new URL(request.url),
         }
@@ -62,14 +63,14 @@ export function sse(options: sse.Options & { store: ChannelStore.ChannelStore })
     respondReceipt({ credential, envelope, receipt, response, challengeId, input }) {
       const verifiedCredential = envelope?.credential ?? credential
       const verifiedChallengeId = envelope?.challenge.id ?? challengeId
+      const verifiedRequest = envelope?.request ?? verifiedCredential.challenge.request
       const payload = verifiedCredential.payload as Partial<SessionCredentialPayload>
       if (!payload.channelId) throw new Error('No SSE context available')
+
       const channelId = payload.channelId
       const tickCost = BigInt(verifiedCredential.challenge.request.amount as string)
       const unitType =
-        typeof verifiedCredential.challenge.request.unitType === 'string'
-          ? verifiedCredential.challenge.request.unitType
-          : undefined
+        typeof verifiedRequest.unitType === 'string' ? verifiedRequest.unitType : undefined
 
       // Auto-detect upstream SSE responses and parse them into an
       // AsyncIterable so they flow through the metered pipeline.
@@ -106,7 +107,8 @@ export function sse(options: sse.Options & { store: ChannelStore.ChannelStore })
         challengeId: verifiedChallengeId,
       })
 
-      if (!shouldChargePlainResponse(input, payload)) {
+      const request = envelope?.capturedRequest ?? captureRequestBodyProbe(input)
+      if (!shouldChargePlainResponse(request, payload)) {
         return baseResponse
       }
 
@@ -274,17 +276,3 @@ function resolveMeteredGenerate(
 function isNullBodyStatus(status: number): boolean {
   return [101, 204, 205, 304].includes(status)
 }
-
-function shouldChargePlainResponse(
-  input: Request,
-  payload: Partial<SessionCredentialPayload>,
-): boolean {
-  if (payload.action === 'close' || payload.action === 'topUp') return false
-  if (input.method !== 'POST') return true
-
-  const contentLength = input.headers.get('content-length')
-  if (contentLength !== null && contentLength !== '0') return true
-  if (input.headers.has('transfer-encoding')) return true
-
-  return false
-}