npm - web-agent-bridge - Versions diffs - 3.10.0 → 3.10.1 - Mend

web-agent-bridge 3.10.0 → 3.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/package.json +1 -1
package/server/index.js +6 -0
package/server/routes/admin.js +18 -0
package/server/services/commission-billing.js +279 -0
package/server/services/stripe.js +12 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "web-agent-bridge",
-  "version": "3.10.0",
+  "version": "3.10.1",
   "description": "Agent Transaction Bridge — the trust + transaction layer for agentic commerce. Signed intent contracts, idempotent transactions, Ed25519-verifiable receipts, explicit compensation. Plus the original WAB stack: sovereign browser, ShieldQR, SSL health, DNS discovery, agent mesh, and unified gateway for safe AI–website interaction.",
   "author": "Web Agent Bridge <dev@webagentbridge.com>",
   "main": "server/index.js",

package/server/index.js CHANGED Viewed

@@ -790,6 +790,12 @@ if (process.env.NODE_ENV !== 'test') {
   // Start the Certificate Transparency Monitor (opt-in via WAB_CT_MONITOR=true).
   try { require('./services/ssl-ct-monitor').start(); } catch (e) { console.warn('[ct-monitor] start failed:', e.message); }
+  // Start the ATP commission billing timer (opt-in via WAB_COMMISSION_BILLING_INTERVAL_HOURS).
+  try {
+    const r = require('./services/commission-billing').startPeriodicBilling();
+    if (r) console.log(`[commission-billing] periodic cycle every ${r.intervalHours}h`);
+  } catch (e) { console.warn('[commission-billing] start failed:', e.message); }
   server.listen(PORT, () => {
     console.log(`\n  ╔══════════════════════════════════════════╗`);
     console.log(`  ║   Web Agent Bridge v${pkg.version}                ║`);

package/server/routes/admin.js CHANGED Viewed

@@ -658,4 +658,22 @@ router.post('/commissions/:id/status', authenticateAdmin, (req, res) => {
   }
 });
+// Run a billing cycle (turn `pending` rows into Stripe invoices).
+// ?dry_run=1 returns the plan without touching Stripe or the DB.
+router.post('/commissions/run-billing', authenticateAdmin, async (req, res) => {
+  const dryRun = req.query.dry_run === '1' || req.body?.dry_run === true;
+  try {
+    const billing = require('../services/commission-billing');
+    const summary = await billing.runBillingCycle({ dryRun });
+    auditLog({
+      actorType: 'admin', actorId: String(req.admin.id),
+      action: 'commission_billing_cycle',
+      details: { dry_run: dryRun, batches_billed: summary.batches_billed, rows_invoiced: summary.rows_invoiced, total_cents: summary.total_commission_cents },
+    });
+    res.json({ ok: true, data: summary });
+  } catch (e) {
+    res.status(500).json({ ok: false, error: e.message });
+  }
+});
 module.exports = router;

package/server/services/commission-billing.js ADDED Viewed

@@ -0,0 +1,279 @@
+'use strict';
+/**
+ * ATP Commission Billing — v3.10.1
+ *
+ * Converts `pending` rows in atp_commissions into real Stripe invoices.
+ *
+ * Strategy:
+ *   - Group pending commissions by merchant_user_id + currency.
+ *   - One Stripe invoice per (merchant, currency) per cycle.
+ *   - One Stripe invoice item per commission row, so the merchant sees
+ *     a line-by-line breakdown.
+ *   - Mark rows `invoiced` and stamp the stripe invoice id into `notes`
+ *     inside the same transaction.
+ *
+ * Idempotency:
+ *   - Skips rows whose merchant has no Stripe customer yet.
+ *   - Aborts a merchant's batch on any Stripe error; rows stay `pending`.
+ *   - dry-run mode just returns the plan without touching Stripe or the DB.
+ *
+ * Trigger:
+ *   - Admin endpoint POST /api/admin/commissions/run-billing
+ *   - Optional periodic timer (env WAB_COMMISSION_BILLING_INTERVAL_HOURS).
+ */
+const { db, getStripeCustomer } = require('../models/db');
+function getMinAgeDays() {
+  const n = parseInt(process.env.WAB_COMMISSION_MIN_AGE_DAYS, 10);
+  if (Number.isFinite(n) && n >= 0 && n <= 365) return n;
+  return 0; // by default bill anything that's pending
+}
+function getMinAmountCents() {
+  const n = parseInt(process.env.WAB_COMMISSION_MIN_INVOICE_CENTS, 10);
+  if (Number.isFinite(n) && n >= 0) return n;
+  return 100; // 1 EUR/USD floor — Stripe rejects sub-50c invoices anyway
+}
+/**
+ * Build the per-merchant batches that would be billed in this cycle.
+ * Returns an array: [{ merchantUserId, currency, rows[], totalCents, stripeCustomerId|null, skipReason|null }]
+ */
+function planBillingCycle() {
+  const minAgeDays = getMinAgeDays();
+  const ageClause = minAgeDays > 0
+    ? `AND datetime(created_at) < datetime('now', '-${minAgeDays} days')`
+    : '';
+  const groups = db.prepare(`
+    SELECT merchant_user_id, currency,
+           COUNT(*) AS n,
+           COALESCE(SUM(commission_cents), 0) AS total_cents
+      FROM atp_commissions
+     WHERE status = 'pending'
+       ${ageClause}
+     GROUP BY merchant_user_id, currency
+     ORDER BY total_cents DESC
+  `).all();
+  const minAmount = getMinAmountCents();
+  const batches = [];
+  for (const g of groups) {
+    if (g.total_cents < minAmount) {
+      batches.push({
+        merchantUserId: g.merchant_user_id,
+        currency: g.currency,
+        rows: [],
+        totalCents: g.total_cents,
+        rowCount: g.n,
+        stripeCustomerId: null,
+        skipReason: `below_min_invoice (${g.total_cents}c < ${minAmount}c)`,
+      });
+      continue;
+    }
+    const cust = getStripeCustomer(g.merchant_user_id);
+    if (!cust || !cust.stripe_customer_id) {
+      batches.push({
+        merchantUserId: g.merchant_user_id,
+        currency: g.currency,
+        rows: [],
+        totalCents: g.total_cents,
+        rowCount: g.n,
+        stripeCustomerId: null,
+        skipReason: 'no_stripe_customer',
+      });
+      continue;
+    }
+    const rows = db.prepare(`
+      SELECT id, transaction_id, gross_amount_cents, commission_cents, commission_bps, created_at
+        FROM atp_commissions
+       WHERE merchant_user_id = ? AND currency = ? AND status = 'pending'
+       ${ageClause}
+       ORDER BY created_at ASC
+    `).all(g.merchant_user_id, g.currency);
+    batches.push({
+      merchantUserId: g.merchant_user_id,
+      currency: g.currency,
+      rows,
+      totalCents: g.total_cents,
+      rowCount: rows.length,
+      stripeCustomerId: cust.stripe_customer_id,
+      skipReason: null,
+    });
+  }
+  return batches;
+}
+/**
+ * Execute a billing cycle. When dryRun=true, returns the plan without
+ * touching Stripe or the DB.
+ */
+async function runBillingCycle({ dryRun = false } = {}) {
+  const startedAt = new Date().toISOString();
+  const batches = planBillingCycle();
+  const summary = {
+    started_at: startedAt,
+    dry_run: !!dryRun,
+    batches_total: batches.length,
+    batches_billed: 0,
+    batches_skipped: 0,
+    rows_invoiced: 0,
+    total_commission_cents: 0,
+    invoices: [],
+    errors: [],
+  };
+  if (dryRun) {
+    summary.batches_skipped = batches.filter((b) => b.skipReason).length;
+    summary.batches_billed  = batches.length - summary.batches_skipped;
+    summary.rows_invoiced   = batches.reduce((s, b) => s + (b.skipReason ? 0 : b.rowCount), 0);
+    summary.total_commission_cents = batches.reduce(
+      (s, b) => s + (b.skipReason ? 0 : b.totalCents),
+      0,
+    );
+    summary.plan = batches.map((b) => ({
+      merchant_user_id: b.merchantUserId,
+      currency: b.currency,
+      rows: b.rowCount,
+      total_cents: b.totalCents,
+      stripe_customer_id: b.stripeCustomerId,
+      skip_reason: b.skipReason,
+    }));
+    summary.finished_at = new Date().toISOString();
+    return summary;
+  }
+  const { getStripe, isStripeConfigured } = require('./stripe');
+  if (!isStripeConfigured()) {
+    summary.errors.push({ reason: 'stripe_not_configured' });
+    summary.finished_at = new Date().toISOString();
+    return summary;
+  }
+  const stripe = getStripe();
+  for (const batch of batches) {
+    if (batch.skipReason) {
+      summary.batches_skipped++;
+      continue;
+    }
+    try {
+      // 1) One invoice item per commission row → merchant gets a full ledger.
+      for (const r of batch.rows) {
+        await stripe.invoiceItems.create({
+          customer: batch.stripeCustomerId,
+          amount: r.commission_cents,
+          currency: (batch.currency || 'eur').toLowerCase(),
+          description: `WAB ATP commission (${(r.commission_bps / 100).toFixed(2)}%) · tx ${r.transaction_id} · ${r.created_at}`,
+          metadata: {
+            wab_commission_id: r.id,
+            wab_transaction_id: r.transaction_id,
+            wab_kind: 'atp_commission',
+          },
+        });
+      }
+      // 2) Finalize a single invoice for all the items above.
+      const invoice = await stripe.invoices.create({
+        customer: batch.stripeCustomerId,
+        collection_method: 'charge_automatically',
+        auto_advance: true,
+        description: `WAB ATP merchant commission · ${batch.rowCount} transactions`,
+        metadata: {
+          wab_kind: 'atp_commission_batch',
+          wab_merchant_user_id: batch.merchantUserId,
+          wab_currency: batch.currency,
+          wab_row_count: String(batch.rowCount),
+        },
+      });
+      // 3) Mark all rows invoiced inside a single DB transaction.
+      const ids = batch.rows.map((r) => r.id);
+      const stamp = `stripe_invoice:${invoice.id}@${new Date().toISOString()}`;
+      const markTx = db.transaction((commIds) => {
+        const upd = db.prepare(`
+          UPDATE atp_commissions
+             SET status = 'invoiced',
+                 notes = COALESCE(notes || ' | ', '') || ?,
+                 updated_at = datetime('now')
+           WHERE id = ? AND status = 'pending'
+        `);
+        for (const id of commIds) upd.run(stamp, id);
+      });
+      markTx(ids);
+      summary.batches_billed++;
+      summary.rows_invoiced += batch.rowCount;
+      summary.total_commission_cents += batch.totalCents;
+      summary.invoices.push({
+        merchant_user_id: batch.merchantUserId,
+        currency: batch.currency,
+        rows: batch.rowCount,
+        total_cents: batch.totalCents,
+        stripe_invoice_id: invoice.id,
+        stripe_invoice_status: invoice.status,
+      });
+    } catch (e) {
+      summary.errors.push({
+        merchant_user_id: batch.merchantUserId,
+        currency: batch.currency,
+        message: e && e.message ? e.message : String(e),
+      });
+    }
+  }
+  summary.finished_at = new Date().toISOString();
+  return summary;
+}
+/**
+ * Webhook hook — called from stripe.js when an invoice tied to a wab
+ * commission batch is paid or fails. Flips matching atp_commissions rows
+ * to 'collected' (paid) or leaves at 'invoiced' (failed → manual).
+ */
+function onStripeInvoicePaid(invoice) {
+  try {
+    const meta = invoice && invoice.metadata;
+    if (!meta || meta.wab_kind !== 'atp_commission_batch') return 0;
+    const r = db.prepare(`
+      UPDATE atp_commissions
+         SET status = 'collected',
+             notes  = COALESCE(notes || ' | ', '') || ?,
+             updated_at = datetime('now')
+       WHERE status = 'invoiced'
+         AND notes LIKE ?
+    `).run(`paid:${invoice.id}@${new Date().toISOString()}`, `%stripe_invoice:${invoice.id}%`);
+    return r.changes;
+  } catch (e) {
+    console.error('[commission-billing] onStripeInvoicePaid failed:', e.message);
+    return 0;
+  }
+}
+let _timer = null;
+function startPeriodicBilling() {
+  const hours = parseFloat(process.env.WAB_COMMISSION_BILLING_INTERVAL_HOURS);
+  if (!Number.isFinite(hours) || hours <= 0) return null;
+  const ms = Math.max(60_000, hours * 3_600_000);
+  if (_timer) clearInterval(_timer);
+  _timer = setInterval(() => {
+    runBillingCycle({ dryRun: false })
+      .then((s) => console.log(
+        `[commission-billing] cycle done: billed=${s.batches_billed} rows=${s.rows_invoiced} total_cents=${s.total_commission_cents} errors=${s.errors.length}`,
+      ))
+      .catch((e) => console.error('[commission-billing] cycle failed:', e.message));
+  }, ms);
+  if (_timer.unref) _timer.unref();
+  return { intervalHours: hours };
+}
+module.exports = {
+  planBillingCycle,
+  runBillingCycle,
+  onStripeInvoicePaid,
+  startPeriodicBilling,
+};

package/server/services/stripe.js CHANGED Viewed

@@ -151,6 +151,18 @@ function handleWebhookEvent(event) {
     case 'invoice.payment_succeeded': {
       const invoice = event.data.object;
+      // ── ATP merchant commission invoice paid? Flip rows to 'collected'. ──
+      try {
+        if (invoice.metadata && invoice.metadata.wab_kind === 'atp_commission_batch') {
+          const billing = require('./commission-billing');
+          const changed = billing.onStripeInvoicePaid(invoice);
+          console.log(`[atp] commission invoice ${invoice.id} paid; ${changed} rows → collected`);
+        }
+      } catch (e) {
+        console.error('[atp] commission invoice paid handler failed (non-fatal):', e.message);
+      }
       if (invoice.subscription) {
         const sub = getStripeSubscriptionBySubId(invoice.subscription);
         if (sub) {