Fix budget error handling, add retry guard and missing HTTP methods

- maxPrice check now throws L402BudgetExceededError (was L402Error)
- Budget records actual paid amount from SDK instead of server-reported price
- Added put/patch/delete convenience methods to L402Client
- Retry after payment throws if server still returns 402 (prevents infinite loops)
- Bump to 0.2.0

Made-with: Cursor

Author: realbub

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lnbot/l402",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "L402 Lightning payment middleware for Express.js — paywall any API in one line",
   "type": "module",
   "exports": {

src/client/fetch.ts

@@ -2,6 +2,7 @@ import type { LnBot } from "@lnbot/sdk";
 import type { L402ClientOptions } from "../types.js";
 import {
   L402Error,
+  L402BudgetExceededError,
   L402PaymentFailedError,
 } from "../errors.js";
 import { parseChallenge, parseAuthorization } from "../server/headers.js";
@@ -16,6 +17,12 @@ export interface L402Client {
   get(url: string, init?: RequestInit): Promise<unknown>;
   /** POST + JSON parse with automatic L402 payment. */
   post(url: string, init?: RequestInit): Promise<unknown>;
+  /** PUT + JSON parse with automatic L402 payment. */
+  put(url: string, init?: RequestInit): Promise<unknown>;
+  /** PATCH + JSON parse with automatic L402 payment. */
+  patch(url: string, init?: RequestInit): Promise<unknown>;
+  /** DELETE + JSON parse with automatic L402 payment. */
+  delete(url: string, init?: RequestInit): Promise<unknown>;
 }
 
 /**
@@ -67,7 +74,7 @@ export function client(ln: LnBot, options: L402ClientOptions = {}): L402Client {
 
     // Step 4: Budget checks
     if (price > maxPrice) {
-      throw new L402Error(
+      throw new L402BudgetExceededError(
         `Price ${price} sats exceeds maxPrice ${maxPrice}`,
       );
     }
@@ -97,23 +104,33 @@ export function client(ln: LnBot, options: L402ClientOptions = {}): L402Client {
         : undefined,
     });
 
-    budget.record(price);
+    budget.record(payment.amount ?? price);
 
     // Step 7: Retry with L402 Authorization
     const retryHeaders = new Headers(init?.headers);
     retryHeaders.set("Authorization", payment.authorization);
-    return globalThis.fetch(url, { ...init, headers: retryHeaders });
+    const retry = await globalThis.fetch(url, { ...init, headers: retryHeaders });
+
+    if (retry.status === 402) {
+      throw new L402PaymentFailedError(
+        "Server returned 402 after successful payment",
+      );
+    }
+
+    return retry;
+  }
+
+  async function jsonMethod(method: string, url: string, init?: RequestInit) {
+    const res = await l402Fetch(url, { ...init, method });
+    return res.json();
   }
 
   return {
     fetch: l402Fetch,
-    async get(url: string, init?: RequestInit) {
-      const res = await l402Fetch(url, { ...init, method: "GET" });
-      return res.json();
-    },
-    async post(url: string, init?: RequestInit) {
-      const res = await l402Fetch(url, { ...init, method: "POST" });
-      return res.json();
-    },
+    get: (url: string, init?: RequestInit) => jsonMethod("GET", url, init),
+    post: (url: string, init?: RequestInit) => jsonMethod("POST", url, init),
+    put: (url: string, init?: RequestInit) => jsonMethod("PUT", url, init),
+    patch: (url: string, init?: RequestInit) => jsonMethod("PATCH", url, init),
+    delete: (url: string, init?: RequestInit) => jsonMethod("DELETE", url, init),
   };
 }

tests/client.test.ts

@@ -182,7 +182,7 @@ describe("L402 client", () => {
     expect(res2.status).toBe(200);
   });
 
-  it("throws L402Error when price exceeds maxPrice", async () => {
+  it("throws L402BudgetExceededError when price exceeds maxPrice", async () => {
     const wwwAuth = 'L402 macaroon="mac", invoice="inv"';
     globalThis.fetch = vi.fn().mockImplementation(() =>
       Promise.resolve(
@@ -192,7 +192,7 @@ describe("L402 client", () => {
 
     const c = client(ln, { maxPrice: 100 });
 
-    await expect(c.fetch(URL_PREMIUM)).rejects.toThrow(L402Error);
+    await expect(c.fetch(URL_PREMIUM)).rejects.toThrow(L402BudgetExceededError);
     await expect(c.fetch(URL_PREMIUM)).rejects.toThrow("exceeds maxPrice");
     expect(ln.l402.pay).not.toHaveBeenCalled();
   });
@@ -293,6 +293,81 @@ describe("L402 client", () => {
     expect(call[1]?.method).toBe("POST");
   });
 
+  it("put() sends PUT method and returns parsed JSON", async () => {
+    globalThis.fetch = vi.fn().mockResolvedValue(
+      jsonResponse(200, { updated: true }),
+    );
+
+    const c = client(ln);
+    const data = await c.put(URL_PREMIUM, {
+      body: JSON.stringify({ name: "new" }),
+    });
+
+    expect(data).toEqual({ updated: true });
+    const call = (globalThis.fetch as ReturnType<typeof vi.fn>).mock.calls[0];
+    expect(call[1]?.method).toBe("PUT");
+  });
+
+  it("patch() sends PATCH method and returns parsed JSON", async () => {
+    globalThis.fetch = vi.fn().mockResolvedValue(
+      jsonResponse(200, { patched: true }),
+    );
+
+    const c = client(ln);
+    const data = await c.patch(URL_PREMIUM, {
+      body: JSON.stringify({ field: "value" }),
+    });
+
+    expect(data).toEqual({ patched: true });
+    const call = (globalThis.fetch as ReturnType<typeof vi.fn>).mock.calls[0];
+    expect(call[1]?.method).toBe("PATCH");
+  });
+
+  it("delete() sends DELETE method and returns parsed JSON", async () => {
+    globalThis.fetch = vi.fn().mockResolvedValue(
+      jsonResponse(200, { deleted: true }),
+    );
+
+    const c = client(ln);
+    const data = await c.delete(URL_PREMIUM);
+
+    expect(data).toEqual({ deleted: true });
+    const call = (globalThis.fetch as ReturnType<typeof vi.fn>).mock.calls[0];
+    expect(call[1]?.method).toBe("DELETE");
+  });
+
+  it("throws L402PaymentFailedError when retry after payment returns 402", async () => {
+    const wwwAuth = 'L402 macaroon="mac", invoice="inv"';
+    globalThis.fetch = vi.fn()
+      .mockResolvedValueOnce(
+        jsonResponse(402, { price: 10 }, { "www-authenticate": wwwAuth }),
+      )
+      .mockResolvedValueOnce(
+        jsonResponse(402, { price: 10 }, { "www-authenticate": wwwAuth }),
+      );
+
+    ln.l402.pay.mockResolvedValue({
+      authorization: "L402 mac:pre",
+      paymentHash: "hash",
+      preimage: "pre",
+      amount: 10,
+      fee: 0,
+      paymentNumber: 1,
+      status: "settled",
+    });
+
+    const c = client(ln);
+
+    await expect(c.fetch(URL_PREMIUM)).rejects.toSatisfy((err: unknown) => {
+      expect(err).toBeInstanceOf(L402PaymentFailedError);
+      expect((err as Error).message).toBe(
+        "Server returned 402 after successful payment",
+      );
+      return true;
+    });
+    expect(ln.l402.pay).toHaveBeenCalledTimes(1);
+  });
+
   it("defaults maxPrice to 1000 sats", async () => {
     const wwwAuth = 'L402 macaroon="mac", invoice="inv"';
     globalThis.fetch = vi.fn().mockImplementation(() =>