x402-surface-check 0.2.8 → 0.2.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +1 -1
  2. package/bin/x402-surface-check.mjs +11 -7
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -16,7 +16,7 @@ npx --yes x402-surface-check --endpoint --method POST https://x402.rpc.ankr.com/
16
16
 
17
17
  - Manifest endpoint discovery from `items[]`, `endpoints[]`, `x402Endpoints`, category arrays, resource strings, and OpenAPI paths
18
18
  - No-payment HTTP 402 challenge shape
19
- - x402 v1 and v2 price fields
19
+ - x402 v1 and v2 price fields, including `accepts[]` and `schemes[]` challenge arrays
20
20
  - MPP `WWW-Authenticate: Payment` and x402 V2 `WWW-Authenticate: X402 requirements=...` challenges
21
21
  - Atomic-unit `amount` / `maxAmountRequired` fields, plus legacy decimal `amount` + `token` x402 v1 challenges
22
22
  - `asset` or token metadata, `network`, and `payTo`
package/bin/x402-surface-check.mjs CHANGED
@@ -332,8 +332,9 @@ async function probeEndpoint(entry) {
332
332
  const authenticateChallenge = parsePaymentAuthenticate(response.headers.get('www-authenticate'))
333
333
  ?? parseX402Authenticate(response.headers.get('www-authenticate'))
334
334
 
335
- if (!body.json?.accepts?.length) {
336
- if (headerChallenge) {
335
+ const bodyHasChallenge = Array.isArray(body.json?.accepts) || Array.isArray(body.json?.schemes)
336
+ if (!bodyHasChallenge) {
337
+ if (headerChallenge && typeof headerChallenge === 'object') {
337
338
  body.json = headerChallenge
338
339
  }
339
340
  else if (authenticateChallenge) {
@@ -400,7 +401,9 @@ function capabilityList(value) {
400
401
  }
401
402
 
402
403
  function challengeAccepts(result) {
403
- return Array.isArray(result.body.json?.accepts) ? result.body.json.accepts : []
404
+ if (Array.isArray(result.body.json?.accepts)) return result.body.json.accepts
405
+ if (Array.isArray(result.body.json?.schemes)) return result.body.json.schemes
406
+ return []
404
407
  }
405
408
 
406
409
  function acceptAmountValue(accept) {
@@ -418,10 +421,11 @@ function acceptDecimals(accept) {
418
421
  }
419
422
 
420
423
  function usesDecimalAmount(accept, result) {
421
- if (accept.maxAmountRequired !== undefined || accept.maxAmount !== undefined) return false
422
- if (accept.amount === undefined || accept.amount === null || accept.amount === '') return false
423
- const amount = String(accept.amount)
424
+ const rawAmount = acceptAmountValue(accept)
425
+ if (rawAmount === undefined || rawAmount === null || rawAmount === '') return false
426
+ const amount = String(rawAmount)
424
427
  if (amount.includes('.')) return true
428
+ if (accept.maxAmountRequired !== undefined || accept.maxAmount !== undefined) return false
425
429
  if (!accept.asset && (accept.token || result.headers?.['x-payment-token'])) return true
426
430
  return result.headers?.['x-payment-amount'] === amount
427
431
  }
@@ -440,7 +444,7 @@ function hasPaymentChallenge(result) {
440
444
 
441
445
  function challengeSummary(result) {
442
446
  const challenge = result.body.json
443
- const firstAccept = challenge?.accepts?.[0] ?? {}
447
+ const firstAccept = challengeAccepts(result)[0] ?? {}
444
448
  const hasChallenge = hasPaymentChallenge(result)
445
449
  const amount = acceptAmountValue(firstAccept)
446
450
  const resourceUrl = challenge?.resource?.url ?? firstAccept.resource ?? ''
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "x402-surface-check",
3
- "version": "0.2.8",
3
+ "version": "0.2.9",
4
4
  "description": "No-payment x402 public-surface checker for manifests, OpenAPI specs, and HTTP 402 challenges.",
5
5
  "type": "module",
6
6
  "bin": {