@agent-native/core 0.14.8 → 0.15.1

package/dist/server/credential-provider.d.ts

@@ -109,6 +109,20 @@ export declare function resolveBuilderCredentials(): Promise<{
  * `scope: "user"` (the safe default that doesn't trample the org's shared
  * connection).
  *
+ * Stale-credential cleanup: before writing the new values we (1) clear ALL
+ * five BUILDER_* keys at the target scope, so optional fields the new
+ * connection doesn't carry (e.g. user picked a Builder space that returns
+ * no orgName) don't leave the previous connection's metadata behind, and
+ * (2) when writing at org scope, also clear the writer's own user-scope
+ * BUILDER_* rows so a stale personal override from an earlier connect
+ * doesn't shadow the new org write on resolution (user scope wins org
+ * scope by design — see `resolveScopedBuilderCredential`). The org-scope
+ * row is intentionally left alone when writing at user scope: that row is
+ * shared with the rest of the org and a single user's personal override
+ * shouldn't blow it away. (Victoria's "I signed in again with my Builder
+ * space and it still says no credits" report on 2026-05-11 was exactly
+ * this stale-shadow case.)
+ *
  * Returns the actual scope/scopeId used so the caller can show "Connected
  * for Builder.io" vs "Connected (personal)" in the UI.
  */

package/dist/server/credential-provider.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"credential-provider.d.ts","sourceRoot":"","sources":["../../src/server/credential-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAKH;;;;;;;;GAQG;AACH,wBAAgB,2BAA2B,CACzC,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EAChC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC9B;IAAE,KAAK,EAAE,MAAM,GAAG,KAAK,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAK5C;AAED,qBAAa,yBAA0B,SAAQ,KAAK;IAClD,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;gBAElB,IAAI,EAAE;QAChB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB;CAUF;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAEvE;AAED;;;;;GAKG;AACH,wBAAgB,iCAAiC,IAAI,OAAO,CAG3D;AAED,wBAAgB,wCAAwC,IAAI,OAAO,CAIlE;AAiBD,KAAK,uBAAuB,GAAG,MAAM,GAAG,KAAK,GAAG,WAAW,GAAG,KAAK,CAAC;AA6DpE;;;;;GAKG;AACH,wBAAsB,wBAAwB,CAC5C,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAKxB;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,IAAI,OAAO,CAE7C;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAEvE;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAGvE;AAED;;;GAGG;AACH,wBAAsB,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC,CAEpE;AAED;;;GAGG;AACH,wBAAsB,8BAA8B,IAAI,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,CAO9F;AAED;;;GAGG;AACH,wBAAsB,yBAAyB,IAAI,OAAO,CAAC;IACzD,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAC,CASD;AAUD;;;;;;;;;;;;;GAaG;AACH,wBAAsB,uBAAuB,CAC3C,KAAK,EAAE,MAAM,EACb,KAAK,EAAE;IACL,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,EACD,OAAO,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,GACxD,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,GAAG,KAAK,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAgCrD;AAED;;;;;;;;;GASG;AACH,wBAAsB,wBAAwB,CAC5C,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,GACxD,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,GAAG,KAAK,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAiBrD;AAeD;;;;GAIG;AACH,wBAAsB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAuDvE;AAOD;;;;;;GAMG;AACH,wBAAgB,oBAAoB,IAAI,OAAO,CAE9C;AAED,yEAAyE;AACzE,wBAAgB,qBAAqB,IAAI,MAAM,CAO9C;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,IAAI,MAAM,CAKjD;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,IAAI,MAAM,CAKzD;AAED,uEAAuE;AACvE,wBAAgB,oBAAoB,IAAI,MAAM,GAAG,IAAI,CAGpD"}
+{"version":3,"file":"credential-provider.d.ts","sourceRoot":"","sources":["../../src/server/credential-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAKH;;;;;;;;GAQG;AACH,wBAAgB,2BAA2B,CACzC,KAAK,EAAE,MAAM,EACb,KAAK,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EAChC,IAAI,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,GAC9B;IAAE,KAAK,EAAE,MAAM,GAAG,KAAK,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAK5C;AAED,qBAAa,yBAA0B,SAAQ,KAAK;IAClD,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;gBAElB,IAAI,EAAE;QAChB,kBAAkB,EAAE,MAAM,CAAC;QAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC3B,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB;CAUF;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAEvE;AAED;;;;;GAKG;AACH,wBAAgB,iCAAiC,IAAI,OAAO,CAG3D;AAED,wBAAgB,wCAAwC,IAAI,OAAO,CAIlE;AAiBD,KAAK,uBAAuB,GAAG,MAAM,GAAG,KAAK,GAAG,WAAW,GAAG,KAAK,CAAC;AA+FpE;;;;;GAKG;AACH,wBAAsB,wBAAwB,CAC5C,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAKxB;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,IAAI,OAAO,CAE7C;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAEvE;AAED;;;GAGG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAGvE;AAED;;;GAGG;AACH,wBAAsB,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC,CAEpE;AAED;;;GAGG;AACH,wBAAsB,8BAA8B,IAAI,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC,CAO9F;AAED;;;GAGG;AACH,wBAAsB,yBAAyB,IAAI,OAAO,CAAC;IACzD,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAC,CASD;AAUD;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,wBAAsB,uBAAuB,CAC3C,KAAK,EAAE,MAAM,EACb,KAAK,EAAE;IACL,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,OAAO,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,EACD,OAAO,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,GACxD,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,GAAG,KAAK,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAmDrD;AAED;;;;;;;;;GASG;AACH,wBAAsB,wBAAwB,CAC5C,KAAK,EAAE,MAAM,EACb,OAAO,CAAC,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,GACxD,OAAO,CAAC;IAAE,KAAK,EAAE,MAAM,GAAG,KAAK,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,CAAC,CAiBrD;AAeD;;;;GAIG;AACH,wBAAsB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CA0GvE;AAOD;;;;;;GAMG;AACH,wBAAgB,oBAAoB,IAAI,OAAO,CAE9C;AAED,yEAAyE;AACzE,wBAAgB,qBAAqB,IAAI,MAAM,CAO9C;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,IAAI,MAAM,CAKjD;AAED;;;GAGG;AACH,wBAAgB,gCAAgC,IAAI,MAAM,CAKzD;AAED,uEAAuE;AACvE,wBAAgB,oBAAoB,IAAI,MAAM,GAAG,IAAI,CAGpD"}

package/dist/server/credential-provider.js

@@ -75,6 +75,12 @@ async function resolveScopedBuilderCredential(key) {
     const email = getRequestUserEmail();
     if (!email)
         return null;
+    // Always trace Builder lookups — these come up in "I connected Builder but
+    // chat still says Use Builder" support requests, and without scope-by-scope
+    // visibility into where the lookup actually went, the only diagnostic move
+    // is to ask the user to redo the connect flow. Mirrors `resolveSecret`'s
+    // default-on trace gate for BUILDER_* keys.
+    let scopeAttempted = "user";
     try {
         const { readAppSecret } = await import("../secrets/storage.js");
         // 1. Per-user override: a user can paste their own key in settings to
@@ -84,8 +90,10 @@ async function resolveScopedBuilderCredential(key) {
             scope: "user",
             scopeId: email,
         });
-        if (userSecret)
+        if (userSecret) {
+            console.log(`[builder-credential] key=${key} email=${email} scope=user hit=true`);
             return { value: userSecret.value, source: "user" };
+        }
         // 2. Per-org shared credential: when one teammate connects Builder
         //    as an owner/admin we write the OAuth result at org scope so
         //    every member of that org gets the AI chat working without
@@ -93,37 +101,47 @@ async function resolveScopedBuilderCredential(key) {
         //    silently — the caller never has to know which scope answered.
         const orgId = getRequestOrgId();
         if (orgId) {
+            scopeAttempted = "org";
             const orgSecret = await readAppSecret({
                 key,
                 scope: "org",
                 scopeId: orgId,
             });
-            if (orgSecret)
+            if (orgSecret) {
+                console.log(`[builder-credential] key=${key} email=${email} orgId=${orgId} scope=org hit=true`);
                 return { value: orgSecret.value, source: "org" };
+            }
             // Older setup flows wrote shared credentials at workspace scope.
             // Keep reading those rows so status UIs and runtime resolution agree
             // for users who connected before org-scoped Builder credentials existed.
+            scopeAttempted = "workspace";
             const workspaceSecret = await readAppSecret({
                 key,
                 scope: "workspace",
                 scopeId: orgId,
             });
             if (workspaceSecret) {
+                console.log(`[builder-credential] key=${key} email=${email} orgId=${orgId} scope=workspace hit=true`);
                 return { value: workspaceSecret.value, source: "workspace" };
             }
+            console.log(`[builder-credential] key=${key} email=${email} orgId=${orgId} miss tried=user,org,workspace`);
         }
         else {
+            scopeAttempted = "workspace-solo";
             const soloWorkspaceSecret = await readAppSecret({
                 key,
                 scope: "workspace",
                 scopeId: `solo:${email}`,
             });
             if (soloWorkspaceSecret) {
+                console.log(`[builder-credential] key=${key} email=${email} scope=workspace-solo hit=true`);
                 return { value: soloWorkspaceSecret.value, source: "workspace" };
             }
+            console.log(`[builder-credential] key=${key} email=${email} orgId=(none) miss tried=user,workspace-solo`);
         }
     }
-    catch {
+    catch (err) {
+        console.log(`[builder-credential] key=${key} email=${email} scope=${scopeAttempted} error=${err?.message ?? err}`);
         // Secrets table not ready — treat as missing.
     }
     return null;
@@ -216,12 +234,39 @@ const BUILDER_CREDENTIAL_KEYS = [
  * `scope: "user"` (the safe default that doesn't trample the org's shared
  * connection).
  *
+ * Stale-credential cleanup: before writing the new values we (1) clear ALL
+ * five BUILDER_* keys at the target scope, so optional fields the new
+ * connection doesn't carry (e.g. user picked a Builder space that returns
+ * no orgName) don't leave the previous connection's metadata behind, and
+ * (2) when writing at org scope, also clear the writer's own user-scope
+ * BUILDER_* rows so a stale personal override from an earlier connect
+ * doesn't shadow the new org write on resolution (user scope wins org
+ * scope by design — see `resolveScopedBuilderCredential`). The org-scope
+ * row is intentionally left alone when writing at user scope: that row is
+ * shared with the rest of the org and a single user's personal override
+ * shouldn't blow it away. (Victoria's "I signed in again with my Builder
+ * space and it still says no credits" report on 2026-05-11 was exactly
+ * this stale-shadow case.)
+ *
  * Returns the actual scope/scopeId used so the caller can show "Connected
  * for Builder.io" vs "Connected (personal)" in the UI.
  */
 export async function writeBuilderCredentials(email, creds, options) {
-    const { writeAppSecret } = await import("../secrets/storage.js");
+    const { writeAppSecret, deleteAppSecret } = await import("../secrets/storage.js");
     const target = resolveCredentialWriteScope(email, options?.orgId ?? null, options?.role ?? null);
+    // Clear stale rows before writing the new connection. See the function's
+    // doc comment for the two cases this handles.
+    const cleanups = BUILDER_CREDENTIAL_KEYS.map((key) => deleteAppSecret({
+        key,
+        scope: target.scope,
+        scopeId: target.scopeId,
+    }).catch(() => { }));
+    if (target.scope === "org") {
+        for (const key of BUILDER_CREDENTIAL_KEYS) {
+            cleanups.push(deleteAppSecret({ key, scope: "user", scopeId: email }).catch(() => { }));
+        }
+    }
+    await Promise.all(cleanups);
     const entries = [
         { key: "BUILDER_PRIVATE_KEY", value: creds.privateKey },
         { key: "BUILDER_PUBLIC_KEY", value: creds.publicKey },
@@ -281,6 +326,11 @@ export async function deleteBuilderCredentials(email, options) {
  * only when the deploy fallback policy allows it.
  */
 export async function resolveSecret(key) {
+    // Log Builder-credential lookups by default so "I connected Builder but
+    // chat says no LLM" reports can be diagnosed from server logs without
+    // re-running anything. Keep noise low by gating other keys behind a flag.
+    const traceLookup = key.startsWith("BUILDER_") ||
+        /^(1|true)$/i.test(process.env.DEBUG_CREDENTIAL_RESOLVE ?? "");
     const email = getRequestUserEmail();
     if (email) {
         try {
@@ -291,8 +341,12 @@ export async function resolveSecret(key) {
                 scope: "user",
                 scopeId: email,
             });
-            if (userSecret?.value)
+            if (userSecret?.value) {
+                if (traceLookup) {
+                    console.log(`[resolve-secret] key=${key} email=${email} scope=user hit=true`);
+                }
                 return userSecret.value;
+            }
             const orgId = getRequestOrgId();
             if (orgId) {
                 // Fall back to the active org's shared row, when present. Builder
@@ -302,8 +356,12 @@ export async function resolveSecret(key) {
                     scope: "org",
                     scopeId: orgId,
                 });
-                if (orgSecret?.value)
+                if (orgSecret?.value) {
+                    if (traceLookup) {
+                        console.log(`[resolve-secret] key=${key} email=${email} orgId=${orgId} scope=org hit=true`);
+                    }
                     return orgSecret.value;
+                }
                 // Registered secrets historically used "workspace" scope for
                 // org-shared configuration. Keep reading it so Settings status and
                 // runtime resolution agree.
@@ -312,8 +370,12 @@ export async function resolveSecret(key) {
                     scope: "workspace",
                     scopeId: orgId,
                 });
-                if (workspaceSecret?.value)
+                if (workspaceSecret?.value) {
+                    if (traceLookup) {
+                        console.log(`[resolve-secret] key=${key} email=${email} orgId=${orgId} scope=workspace hit=true`);
+                    }
                     return workspaceSecret.value;
+                }
             }
             else {
                 const soloWorkspaceSecret = await readAppSecret({
@@ -321,24 +383,39 @@ export async function resolveSecret(key) {
                     scope: "workspace",
                     scopeId: `solo:${email}`,
                 });
-                if (soloWorkspaceSecret?.value)
+                if (soloWorkspaceSecret?.value) {
+                    if (traceLookup) {
+                        console.log(`[resolve-secret] key=${key} email=${email} scope=workspace-solo hit=true`);
+                    }
                     return soloWorkspaceSecret.value;
+                }
             }
         }
-        catch {
+        catch (err) {
+            if (traceLookup) {
+                console.log(`[resolve-secret] key=${key} email=${email} scope=error err=${err?.message ?? err}`);
+            }
             // Secrets table not ready — treat as missing.
         }
         // Authenticated multi-tenant context: never fall back to process.env.
         // The deploy-level value would silently impersonate the actual key
         // owner across every tenant. Local/single-tenant deployments keep the
         // original env fallback for BYO-server workflows.
-        return canUseDeployCredentialFallbackForRequest()
+        const envFallback = canUseDeployCredentialFallbackForRequest()
             ? process.env[key] || null
             : null;
+        if (traceLookup) {
+            console.log(`[resolve-secret] key=${key} email=${email} orgId=${getRequestOrgId() ?? "(none)"} scope=${envFallback ? "env-fallback" : "none"} hit=${!!envFallback}`);
+        }
+        return envFallback;
     }
     // Unauthenticated / local-dev / CLI / background context: env fallback
     // is safe because there's no user to mis-identify.
-    return process.env[key] || null;
+    const value = process.env[key] || null;
+    if (traceLookup) {
+        console.log(`[resolve-secret] key=${key} email=(none) scope=env-anonymous hit=${!!value}`);
+    }
+    return value;
 }
 // ---------------------------------------------------------------------------
 // Synchronous helpers — env-only fallbacks for contexts where per-user

package/dist/server/credential-provider.js.map

@@ -1 +1 @@
-{"version":3,"file":"credential-provider.js","sourceRoot":"","sources":["../../src/server/credential-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD;;;;;;;;GAQG;AACH,MAAM,UAAU,2BAA2B,CACzC,KAAa,EACb,KAAgC,EAChC,IAA+B;IAE/B,IAAI,KAAK,IAAI,CAAC,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,OAAO,CAAC,EAAE,CAAC;QACpD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC1C,CAAC;IACD,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC3C,CAAC;AAED,MAAM,OAAO,yBAA0B,SAAQ,KAAK;IACzC,kBAAkB,CAAS;IAC3B,iBAAiB,CAAU;IAC3B,WAAW,CAAU;IAE9B,YAAY,IAKX;QACC,KAAK,CACH,IAAI,CAAC,OAAO;YACV,gCAAgC,IAAI,CAAC,kBAAkB,yCAAyC,CACnG,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,2BAA2B,CAAC;QACxC,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAC;QAClD,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAChD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACtC,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CAAC,GAAW;IACjD,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC;AACvC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iCAAiC;IAC/C,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;QAAE,OAAO,IAAI,CAAC;IACvD,OAAO,eAAe,EAAE,CAAC;AAC3B,CAAC;AAED,MAAM,UAAU,wCAAwC;IACtD,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,OAAO,iCAAiC,EAAE,CAAC;AAC7C,CAAC;AAmBD,KAAK,UAAU,8BAA8B,CAC3C,GAAW;IAEX,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAExB,IAAI,CAAC;QACH,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;QAEhE,sEAAsE;QACtE,iEAAiE;QACjE,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC;YACrC,GAAG;YACH,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QACH,IAAI,UAAU;YAAE,OAAO,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;QAEnE,mEAAmE;QACnE,iEAAiE;QACjE,+DAA+D;QAC/D,6DAA6D;QAC7D,mEAAmE;QACnE,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC;gBACpC,GAAG;gBACH,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YACH,IAAI,SAAS;gBAAE,OAAO,EAAE,KAAK,EAAE,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;YAEhE,iEAAiE;YACjE,qEAAqE;YACrE,yEAAyE;YACzE,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC;gBAC1C,GAAG;gBACH,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YACH,IAAI,eAAe,EAAE,CAAC;gBACpB,OAAO,EAAE,KAAK,EAAE,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;YAC/D,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,mBAAmB,GAAG,MAAM,aAAa,CAAC;gBAC9C,GAAG;gBACH,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,QAAQ,KAAK,EAAE;aACzB,CAAC,CAAC;YACH,IAAI,mBAAmB,EAAE,CAAC;gBACxB,OAAO,EAAE,KAAK,EAAE,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;YACnE,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,8CAA8C;IAChD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,GAAW;IAEX,MAAM,MAAM,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;IACzD,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC,KAAK,CAAC;IAChC,IAAI,CAAC,wCAAwC,EAAE;QAAE,OAAO,IAAI,CAAC;IAC7D,OAAO,uBAAuB,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;AAC9C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB;IACjC,OAAO,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;AAC3C,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB;IAC5C,OAAO,wBAAwB,CAAC,qBAAqB,CAAC,CAAC;AACzD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB;IAC5C,MAAM,GAAG,GAAG,MAAM,wBAAwB,EAAE,CAAC;IAC7C,OAAO,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AACtC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B;IAC/C,OAAO,CAAC,CAAC,CAAC,MAAM,wBAAwB,EAAE,CAAC,CAAC;AAC9C,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B;IAClD,MAAM,MAAM,GAAG,MAAM,8BAA8B,CAAC,qBAAqB,CAAC,CAAC;IAC3E,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC,MAAM,CAAC;IACjC,OAAO,wCAAwC,EAAE;QAC/C,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAC/B,CAAC,CAAC,KAAK;QACP,CAAC,CAAC,IAAI,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB;IAO7C,MAAM,CAAC,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAC1E,wBAAwB,CAAC,qBAAqB,CAAC;QAC/C,wBAAwB,CAAC,oBAAoB,CAAC;QAC9C,wBAAwB,CAAC,iBAAiB,CAAC;QAC3C,wBAAwB,CAAC,kBAAkB,CAAC;QAC5C,wBAAwB,CAAC,kBAAkB,CAAC;KAC7C,CAAC,CAAC;IACH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAC7D,CAAC;AAED,MAAM,uBAAuB,GAAG;IAC9B,qBAAqB;IACrB,oBAAoB;IACpB,iBAAiB;IACjB,kBAAkB;IAClB,kBAAkB;CACV,CAAC;AAEX;;;;;;;;;;;;;GAaG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,KAAa,EACb,KAMC,EACD,OAAyD;IAEzD,MAAM,EAAE,cAAc,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;IACjE,MAAM,MAAM,GAAG,2BAA2B,CACxC,KAAK,EACL,OAAO,EAAE,KAAK,IAAI,IAAI,EACtB,OAAO,EAAE,IAAI,IAAI,IAAI,CACtB,CAAC;IAEF,MAAM,OAAO,GAA0C;QACrD,EAAE,GAAG,EAAE,qBAAqB,EAAE,KAAK,EAAE,KAAK,CAAC,UAAU,EAAE;QACvD,EAAE,GAAG,EAAE,oBAAoB,EAAE,KAAK,EAAE,KAAK,CAAC,SAAS,EAAE;KACtD,CAAC;IACF,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,iBAAiB,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAChE,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QAClB,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QAClB,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAClE,CAAC;IACD,MAAM,OAAO,CAAC,GAAG,CACf,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE,CAC7B,cAAc,CAAC;QACb,GAAG;QACH,KAAK;QACL,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAC,CACH,CACF,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,KAAa,EACb,OAAyD;IAEzD,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;IAClE,MAAM,MAAM,GAAG,2BAA2B,CACxC,KAAK,EACL,OAAO,EAAE,KAAK,IAAI,IAAI,EACtB,OAAO,EAAE,IAAI,IAAI,IAAI,CACtB,CAAC;IACF,MAAM,OAAO,CAAC,GAAG,CACf,uBAAuB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAClC,eAAe,CAAC;QACd,GAAG;QACH,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CACnB,CACF,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,8EAA8E;AAC9E,2CAA2C;AAC3C,EAAE;AACF,0EAA0E;AAC1E,wEAAwE;AACxE,0EAA0E;AAC1E,4EAA4E;AAC5E,yEAAyE;AACzE,0EAA0E;AAC1E,mEAAmE;AACnE,2BAA2B;AAC3B,8EAA8E;AAE9E;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,GAAW;IAC7C,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,IAAI,KAAK,EAAE,CAAC;QACV,IAAI,CAAC;YACH,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;YAChE,2BAA2B;YAC3B,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC;gBACrC,GAAG;gBACH,KAAK,EAAE,MAAM;gBACb,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YACH,IAAI,UAAU,EAAE,KAAK;gBAAE,OAAO,UAAU,CAAC,KAAK,CAAC;YAE/C,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;YAChC,IAAI,KAAK,EAAE,CAAC;gBACV,kEAAkE;gBAClE,2CAA2C;gBAC3C,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC;oBACpC,GAAG;oBACH,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,KAAK;iBACf,CAAC,CAAC;gBACH,IAAI,SAAS,EAAE,KAAK;oBAAE,OAAO,SAAS,CAAC,KAAK,CAAC;gBAE7C,6DAA6D;gBAC7D,mEAAmE;gBACnE,4BAA4B;gBAC5B,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC;oBAC1C,GAAG;oBACH,KAAK,EAAE,WAAW;oBAClB,OAAO,EAAE,KAAK;iBACf,CAAC,CAAC;gBACH,IAAI,eAAe,EAAE,KAAK;oBAAE,OAAO,eAAe,CAAC,KAAK,CAAC;YAC3D,CAAC;iBAAM,CAAC;gBACN,MAAM,mBAAmB,GAAG,MAAM,aAAa,CAAC;oBAC9C,GAAG;oBACH,KAAK,EAAE,WAAW;oBAClB,OAAO,EAAE,QAAQ,KAAK,EAAE;iBACzB,CAAC,CAAC;gBACH,IAAI,mBAAmB,EAAE,KAAK;oBAAE,OAAO,mBAAmB,CAAC,KAAK,CAAC;YACnE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,8CAA8C;QAChD,CAAC;QACD,sEAAsE;QACtE,mEAAmE;QACnE,sEAAsE;QACtE,kDAAkD;QAClD,OAAO,wCAAwC,EAAE;YAC/C,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI;YAC1B,CAAC,CAAC,IAAI,CAAC;IACX,CAAC;IACD,uEAAuE;IACvE,mDAAmD;IACnD,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;AAClC,CAAC;AAED,8EAA8E;AAC9E,uEAAuE;AACvE,iEAAiE;AACjE,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB;IAClC,OAAO,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;AAC3C,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,qBAAqB;IACnC,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,oBAAoB;QAChC,OAAO,CAAC,GAAG,CAAC,QAAQ;QACpB,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,gCAAgC,CACjC,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,wBAAwB;IACtC,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,wBAAwB;QACpC,gDAAgD,CACjD,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gCAAgC;IAC9C,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,iCAAiC;QAC7C,+CAA+C,CAChD,CAAC;AACJ,CAAC;AAED,uEAAuE;AACvE,MAAM,UAAU,oBAAoB;IAClC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IAC5C,OAAO,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AACtC,CAAC","sourcesContent":["/**\n * Credential provider abstraction.\n *\n * Every feature that needs an external credential (Anthropic API key,\n * Google OAuth tokens, OpenAI key, Slack bot token, etc.) should go through\n * one of the resolve*() helpers here instead of reading `process.env`\n * directly. That way the same feature can work in three modes:\n *\n *   1. User set their own key in .env              → use it directly\n *   2. User connected Builder via `/cli-auth`      → route through Builder proxy\n *   3. Neither                                      → throw FeatureNotConfigured\n *\n * Templates catch FeatureNotConfigured and show a \"Connect Builder (1 click) /\n * set up your own key (guide)\" card.\n *\n * Today these helpers are used by the Builder-hosted LLM gateway, and the\n * shape is meant to grow to cover future managed credential integrations\n * (e.g. additional Builder-hosted services) without rewrites.\n */\n\nimport { getRequestUserEmail, getRequestOrgId } from \"./request-context.js\";\nimport { isLocalDatabase } from \"../db/client.js\";\n\n/**\n * Decide which `app_secrets` scope a Builder/credential write should use.\n *\n * Org scope (\"everyone in this org sees these credentials\") wins when the\n * connecting user is an owner or admin of an active org — the write\n * privileges shared infra. A plain member or a user without an active\n * org falls through to per-user scope so a teammate can't silently\n * overwrite the org-shared connection.\n */\nexport function resolveCredentialWriteScope(\n  email: string,\n  orgId: string | null | undefined,\n  role: string | null | undefined,\n): { scope: \"user\" | \"org\"; scopeId: string } {\n  if (orgId && (role === \"owner\" || role === \"admin\")) {\n    return { scope: \"org\", scopeId: orgId };\n  }\n  return { scope: \"user\", scopeId: email };\n}\n\nexport class FeatureNotConfiguredError extends Error {\n  readonly requiredCredential: string;\n  readonly builderConnectUrl?: string;\n  readonly byokDocsUrl?: string;\n\n  constructor(opts: {\n    requiredCredential: string;\n    message?: string;\n    builderConnectUrl?: string;\n    byokDocsUrl?: string;\n  }) {\n    super(\n      opts.message ??\n        `Feature requires credential \"${opts.requiredCredential}\". Connect Builder or set your own key.`,\n    );\n    this.name = \"FeatureNotConfiguredError\";\n    this.requiredCredential = opts.requiredCredential;\n    this.builderConnectUrl = opts.builderConnectUrl;\n    this.byokDocsUrl = opts.byokDocsUrl;\n  }\n}\n\n/**\n * Deployment-level credential fallback for single-tenant/local operation.\n * Multi-tenant call sites must gate this explicitly before calling.\n */\nexport function readDeployCredentialEnv(key: string): string | undefined {\n  return process.env[key] || undefined;\n}\n\n/**\n * Deployment-level credentials are safe as a runtime fallback only in local /\n * single-tenant contexts. In hosted production with a shared database, every\n * signed-in user needs their own user/org/workspace credential so one deploy\n * key does not silently power another tenant's chat.\n */\nexport function isDeployCredentialFallbackAllowed(): boolean {\n  if (process.env.NODE_ENV !== \"production\") return true;\n  return isLocalDatabase();\n}\n\nexport function canUseDeployCredentialFallbackForRequest(): boolean {\n  const email = getRequestUserEmail();\n  if (!email) return true;\n  return isDeployCredentialFallbackAllowed();\n}\n\n// ---------------------------------------------------------------------------\n// Builder credential resolution:\n//\n//   1. **Request-scoped credentials.** A signed-in user can connect Builder\n//      through the CLI-auth flow. Owner/admin connections land at org scope;\n//      member/no-org connections land at user scope.\n//\n//   2. **Deployment fallback.** BUILDER_PRIVATE_KEY in env still makes local\n//      and single-tenant deploys work out of the box, but it no longer blocks\n//      per-user connect. Request-scoped credentials win whenever present.\n//\n// To run multi-tenant SaaS: prefer leaving BUILDER_PRIVATE_KEY unset unless a\n// shared fallback identity is intentional.\n// ---------------------------------------------------------------------------\n\ntype BuilderCredentialSource = \"user\" | \"org\" | \"workspace\" | \"env\";\n\nasync function resolveScopedBuilderCredential(\n  key: string,\n): Promise<{ value: string; source: \"user\" | \"org\" | \"workspace\" } | null> {\n  const email = getRequestUserEmail();\n  if (!email) return null;\n\n  try {\n    const { readAppSecret } = await import(\"../secrets/storage.js\");\n\n    // 1. Per-user override: a user can paste their own key in settings to\n    //    overrule the org-shared one (handy for a personal sandbox).\n    const userSecret = await readAppSecret({\n      key,\n      scope: \"user\",\n      scopeId: email,\n    });\n    if (userSecret) return { value: userSecret.value, source: \"user\" };\n\n    // 2. Per-org shared credential: when one teammate connects Builder\n    //    as an owner/admin we write the OAuth result at org scope so\n    //    every member of that org gets the AI chat working without\n    //    re-running the connect flow. Resolution falls back here\n    //    silently — the caller never has to know which scope answered.\n    const orgId = getRequestOrgId();\n    if (orgId) {\n      const orgSecret = await readAppSecret({\n        key,\n        scope: \"org\",\n        scopeId: orgId,\n      });\n      if (orgSecret) return { value: orgSecret.value, source: \"org\" };\n\n      // Older setup flows wrote shared credentials at workspace scope.\n      // Keep reading those rows so status UIs and runtime resolution agree\n      // for users who connected before org-scoped Builder credentials existed.\n      const workspaceSecret = await readAppSecret({\n        key,\n        scope: \"workspace\",\n        scopeId: orgId,\n      });\n      if (workspaceSecret) {\n        return { value: workspaceSecret.value, source: \"workspace\" };\n      }\n    } else {\n      const soloWorkspaceSecret = await readAppSecret({\n        key,\n        scope: \"workspace\",\n        scopeId: `solo:${email}`,\n      });\n      if (soloWorkspaceSecret) {\n        return { value: soloWorkspaceSecret.value, source: \"workspace\" };\n      }\n    }\n  } catch {\n    // Secrets table not ready — treat as missing.\n  }\n  return null;\n}\n\n/**\n * Resolve a Builder credential for the current request. User/org credentials\n * win; deployment env is only a fallback. This lets local/root .env keys keep\n * a template working while still allowing users to connect their own Builder\n * account from Settings or onboarding.\n */\nexport async function resolveBuilderCredential(\n  key: string,\n): Promise<string | null> {\n  const scoped = await resolveScopedBuilderCredential(key);\n  if (scoped) return scoped.value;\n  if (!canUseDeployCredentialFallbackForRequest()) return null;\n  return readDeployCredentialEnv(key) ?? null;\n}\n\n/**\n * True when `BUILDER_PRIVATE_KEY` is set at the deployment level. This means\n * a deploy-level fallback exists; it does not prevent per-user connect.\n */\nexport function isBuilderEnvManaged(): boolean {\n  return !!process.env.BUILDER_PRIVATE_KEY;\n}\n\n/**\n * Resolve the Builder private key for the current request. User/org OAuth\n * credentials win; deploy-level `BUILDER_PRIVATE_KEY` is the fallback.\n */\nexport async function resolveBuilderPrivateKey(): Promise<string | null> {\n  return resolveBuilderCredential(\"BUILDER_PRIVATE_KEY\");\n}\n\n/**\n * Resolve the current user's Builder auth header.\n * Returns `\"Bearer <key>\"` or null.\n */\nexport async function resolveBuilderAuthHeader(): Promise<string | null> {\n  const key = await resolveBuilderPrivateKey();\n  return key ? `Bearer ${key}` : null;\n}\n\n/**\n * Check whether the current user has a Builder private key configured\n * (per-user or deployment-level).\n */\nexport async function resolveHasBuilderPrivateKey(): Promise<boolean> {\n  return !!(await resolveBuilderPrivateKey());\n}\n\n/**\n * Resolve where the effective Builder private key came from. Used by status\n * UIs so they can distinguish a deploy fallback from a user/org connection.\n */\nexport async function resolveBuilderCredentialSource(): Promise<BuilderCredentialSource | null> {\n  const scoped = await resolveScopedBuilderCredential(\"BUILDER_PRIVATE_KEY\");\n  if (scoped) return scoped.source;\n  return canUseDeployCredentialFallbackForRequest() &&\n    process.env.BUILDER_PRIVATE_KEY\n    ? \"env\"\n    : null;\n}\n\n/**\n * Resolve all per-user Builder credentials. Used by the status endpoint\n * and agent-chat-plugin to get orgName, userId, etc.\n */\nexport async function resolveBuilderCredentials(): Promise<{\n  privateKey: string | null;\n  publicKey: string | null;\n  userId: string | null;\n  orgName: string | null;\n  orgKind: string | null;\n}> {\n  const [privateKey, publicKey, userId, orgName, orgKind] = await Promise.all([\n    resolveBuilderCredential(\"BUILDER_PRIVATE_KEY\"),\n    resolveBuilderCredential(\"BUILDER_PUBLIC_KEY\"),\n    resolveBuilderCredential(\"BUILDER_USER_ID\"),\n    resolveBuilderCredential(\"BUILDER_ORG_NAME\"),\n    resolveBuilderCredential(\"BUILDER_ORG_KIND\"),\n  ]);\n  return { privateKey, publicKey, userId, orgName, orgKind };\n}\n\nconst BUILDER_CREDENTIAL_KEYS = [\n  \"BUILDER_PRIVATE_KEY\",\n  \"BUILDER_PUBLIC_KEY\",\n  \"BUILDER_USER_ID\",\n  \"BUILDER_ORG_NAME\",\n  \"BUILDER_ORG_KIND\",\n] as const;\n\n/**\n * Write Builder credentials to `app_secrets`.\n *\n * Scope decision (see `resolveCredentialWriteScope`): when the connecting\n * user is owner/admin of an active org we write at `scope: \"org\"` so every\n * member of that org auto-resolves the credentials via\n * `resolveBuilderCredential`'s org fallback — no per-user re-connect\n * needed. A plain member or a user with no active org writes at\n * `scope: \"user\"` (the safe default that doesn't trample the org's shared\n * connection).\n *\n * Returns the actual scope/scopeId used so the caller can show \"Connected\n * for Builder.io\" vs \"Connected (personal)\" in the UI.\n */\nexport async function writeBuilderCredentials(\n  email: string,\n  creds: {\n    privateKey: string;\n    publicKey: string;\n    userId?: string | null;\n    orgName?: string | null;\n    orgKind?: string | null;\n  },\n  options?: { orgId?: string | null; role?: string | null },\n): Promise<{ scope: \"user\" | \"org\"; scopeId: string }> {\n  const { writeAppSecret } = await import(\"../secrets/storage.js\");\n  const target = resolveCredentialWriteScope(\n    email,\n    options?.orgId ?? null,\n    options?.role ?? null,\n  );\n\n  const entries: Array<{ key: string; value: string }> = [\n    { key: \"BUILDER_PRIVATE_KEY\", value: creds.privateKey },\n    { key: \"BUILDER_PUBLIC_KEY\", value: creds.publicKey },\n  ];\n  if (creds.userId) {\n    entries.push({ key: \"BUILDER_USER_ID\", value: creds.userId });\n  }\n  if (creds.orgName) {\n    entries.push({ key: \"BUILDER_ORG_NAME\", value: creds.orgName });\n  }\n  if (creds.orgKind) {\n    entries.push({ key: \"BUILDER_ORG_KIND\", value: creds.orgKind });\n  }\n  await Promise.all(\n    entries.map(({ key, value }) =>\n      writeAppSecret({\n        key,\n        value,\n        scope: target.scope,\n        scopeId: target.scopeId,\n      }),\n    ),\n  );\n  return target;\n}\n\n/**\n * Delete Builder credentials.\n *\n * Default behaviour: clears only this user's per-user override (so a\n * member can disconnect their personal Builder identity without\n * collapsing the org-wide connection for every teammate). To revoke the\n * org's shared connection, pass `{ orgId, role }` for an owner/admin —\n * matching the same authority gate `writeBuilderCredentials` uses on\n * write. Plain members can never reach the org-scoped row.\n */\nexport async function deleteBuilderCredentials(\n  email: string,\n  options?: { orgId?: string | null; role?: string | null },\n): Promise<{ scope: \"user\" | \"org\"; scopeId: string }> {\n  const { deleteAppSecret } = await import(\"../secrets/storage.js\");\n  const target = resolveCredentialWriteScope(\n    email,\n    options?.orgId ?? null,\n    options?.role ?? null,\n  );\n  await Promise.all(\n    BUILDER_CREDENTIAL_KEYS.map((key) =>\n      deleteAppSecret({\n        key,\n        scope: target.scope,\n        scopeId: target.scopeId,\n      }).catch(() => {}),\n    ),\n  );\n  return target;\n}\n\n// ---------------------------------------------------------------------------\n// Generic request-scoped secret resolution\n//\n// New consumers should prefer this over reading `process.env.X` directly.\n// User-pasted and shared secrets live in `app_secrets` (encrypted). The\n// settings UI / onboarding panels can write user, org, or workspace rows.\n// Deploy-level env vars are the fallback for unauthenticated/CLI/background\n// contexts where there's no user to scope by — never the silent fallback\n// for an authenticated request, since on a multi-tenant deploy that would\n// silently identify every user as whoever set the deploy-level key\n// (KVesta Space, 2026-04).\n// ---------------------------------------------------------------------------\n\n/**\n * Resolve a request-scoped secret. Reads from `app_secrets` first (current\n * user override, active org, then workspace row); falls back to `process.env`\n * only when the deploy fallback policy allows it.\n */\nexport async function resolveSecret(key: string): Promise<string | null> {\n  const email = getRequestUserEmail();\n  if (email) {\n    try {\n      const { readAppSecret } = await import(\"../secrets/storage.js\");\n      // Per-user override first.\n      const userSecret = await readAppSecret({\n        key,\n        scope: \"user\",\n        scopeId: email,\n      });\n      if (userSecret?.value) return userSecret.value;\n\n      const orgId = getRequestOrgId();\n      if (orgId) {\n        // Fall back to the active org's shared row, when present. Builder\n        // Connect uses this first-class org scope.\n        const orgSecret = await readAppSecret({\n          key,\n          scope: \"org\",\n          scopeId: orgId,\n        });\n        if (orgSecret?.value) return orgSecret.value;\n\n        // Registered secrets historically used \"workspace\" scope for\n        // org-shared configuration. Keep reading it so Settings status and\n        // runtime resolution agree.\n        const workspaceSecret = await readAppSecret({\n          key,\n          scope: \"workspace\",\n          scopeId: orgId,\n        });\n        if (workspaceSecret?.value) return workspaceSecret.value;\n      } else {\n        const soloWorkspaceSecret = await readAppSecret({\n          key,\n          scope: \"workspace\",\n          scopeId: `solo:${email}`,\n        });\n        if (soloWorkspaceSecret?.value) return soloWorkspaceSecret.value;\n      }\n    } catch {\n      // Secrets table not ready — treat as missing.\n    }\n    // Authenticated multi-tenant context: never fall back to process.env.\n    // The deploy-level value would silently impersonate the actual key\n    // owner across every tenant. Local/single-tenant deployments keep the\n    // original env fallback for BYO-server workflows.\n    return canUseDeployCredentialFallbackForRequest()\n      ? process.env[key] || null\n      : null;\n  }\n  // Unauthenticated / local-dev / CLI / background context: env fallback\n  // is safe because there's no user to mis-identify.\n  return process.env[key] || null;\n}\n\n// ---------------------------------------------------------------------------\n// Synchronous helpers — env-only fallbacks for contexts where per-user\n// lookup isn't possible (sync isConfigured checks, CLI scripts).\n// ---------------------------------------------------------------------------\n\n/**\n * True when a Builder private key is configured at the deployment level.\n *\n * This is the same env-only check as `isBuilderEnvManaged()`. For \"does this\n * request have access to Builder via user/org/env credentials?\" use the async\n * `resolveHasBuilderPrivateKey()`.\n */\nexport function hasBuilderPrivateKey(): boolean {\n  return !!process.env.BUILDER_PRIVATE_KEY;\n}\n\n/** The origin for Builder-proxied API calls. Overridable for testing. */\nexport function getBuilderProxyOrigin(): string {\n  return (\n    process.env.BUILDER_PROXY_ORIGIN ||\n    process.env.AIR_HOST ||\n    process.env.BUILDER_API_HOST ||\n    \"https://ai-services.builder.io\"\n  );\n}\n\n/**\n * Base URL for the public Builder LLM gateway (distinct from the internal\n * proxy origin above — the public gateway lives at\n * api.builder.io/agent-native/gateway, while the internal origin is\n * ai-services.builder.io).\n * Override via BUILDER_GATEWAY_BASE_URL for staging / testing.\n */\nexport function getBuilderGatewayBaseUrl(): string {\n  return (\n    process.env.BUILDER_GATEWAY_BASE_URL ||\n    \"https://api.builder.io/agent-native/gateway/v1\"\n  );\n}\n\n/**\n * Base URL for Builder-managed image generation.\n * Override via BUILDER_IMAGE_GENERATION_BASE_URL for staging / testing.\n */\nexport function getBuilderImageGenerationBaseUrl(): string {\n  return (\n    process.env.BUILDER_IMAGE_GENERATION_BASE_URL ||\n    \"https://api.builder.io/agent-native/images/v1\"\n  );\n}\n\n/** Authorization header value for Builder-proxied calls (env-only). */\nexport function getBuilderAuthHeader(): string | null {\n  const key = process.env.BUILDER_PRIVATE_KEY;\n  return key ? `Bearer ${key}` : null;\n}\n"]}
+{"version":3,"file":"credential-provider.js","sourceRoot":"","sources":["../../src/server/credential-provider.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAC5E,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD;;;;;;;;GAQG;AACH,MAAM,UAAU,2BAA2B,CACzC,KAAa,EACb,KAAgC,EAChC,IAA+B;IAE/B,IAAI,KAAK,IAAI,CAAC,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,OAAO,CAAC,EAAE,CAAC;QACpD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC1C,CAAC;IACD,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;AAC3C,CAAC;AAED,MAAM,OAAO,yBAA0B,SAAQ,KAAK;IACzC,kBAAkB,CAAS;IAC3B,iBAAiB,CAAU;IAC3B,WAAW,CAAU;IAE9B,YAAY,IAKX;QACC,KAAK,CACH,IAAI,CAAC,OAAO;YACV,gCAAgC,IAAI,CAAC,kBAAkB,yCAAyC,CACnG,CAAC;QACF,IAAI,CAAC,IAAI,GAAG,2BAA2B,CAAC;QACxC,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAkB,CAAC;QAClD,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC,iBAAiB,CAAC;QAChD,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACtC,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,UAAU,uBAAuB,CAAC,GAAW;IACjD,OAAO,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC;AACvC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,iCAAiC;IAC/C,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY;QAAE,OAAO,IAAI,CAAC;IACvD,OAAO,eAAe,EAAE,CAAC;AAC3B,CAAC;AAED,MAAM,UAAU,wCAAwC;IACtD,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IACxB,OAAO,iCAAiC,EAAE,CAAC;AAC7C,CAAC;AAmBD,KAAK,UAAU,8BAA8B,CAC3C,GAAW;IAEX,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAExB,2EAA2E;IAC3E,4EAA4E;IAC5E,2EAA2E;IAC3E,yEAAyE;IACzE,4CAA4C;IAC5C,IAAI,cAAc,GAAG,MAAM,CAAC;IAC5B,IAAI,CAAC;QACH,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;QAEhE,sEAAsE;QACtE,iEAAiE;QACjE,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC;YACrC,GAAG;YACH,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QACH,IAAI,UAAU,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,CACT,4BAA4B,GAAG,UAAU,KAAK,sBAAsB,CACrE,CAAC;YACF,OAAO,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;QACrD,CAAC;QAED,mEAAmE;QACnE,iEAAiE;QACjE,+DAA+D;QAC/D,6DAA6D;QAC7D,mEAAmE;QACnE,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;QAChC,IAAI,KAAK,EAAE,CAAC;YACV,cAAc,GAAG,KAAK,CAAC;YACvB,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC;gBACpC,GAAG;gBACH,KAAK,EAAE,KAAK;gBACZ,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YACH,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,CAAC,GAAG,CACT,4BAA4B,GAAG,UAAU,KAAK,UAAU,KAAK,qBAAqB,CACnF,CAAC;gBACF,OAAO,EAAE,KAAK,EAAE,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;YACnD,CAAC;YAED,iEAAiE;YACjE,qEAAqE;YACrE,yEAAyE;YACzE,cAAc,GAAG,WAAW,CAAC;YAC7B,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC;gBAC1C,GAAG;gBACH,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YACH,IAAI,eAAe,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CACT,4BAA4B,GAAG,UAAU,KAAK,UAAU,KAAK,2BAA2B,CACzF,CAAC;gBACF,OAAO,EAAE,KAAK,EAAE,eAAe,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;YAC/D,CAAC;YACD,OAAO,CAAC,GAAG,CACT,4BAA4B,GAAG,UAAU,KAAK,UAAU,KAAK,gCAAgC,CAC9F,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,gBAAgB,CAAC;YAClC,MAAM,mBAAmB,GAAG,MAAM,aAAa,CAAC;gBAC9C,GAAG;gBACH,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,QAAQ,KAAK,EAAE;aACzB,CAAC,CAAC;YACH,IAAI,mBAAmB,EAAE,CAAC;gBACxB,OAAO,CAAC,GAAG,CACT,4BAA4B,GAAG,UAAU,KAAK,gCAAgC,CAC/E,CAAC;gBACF,OAAO,EAAE,KAAK,EAAE,mBAAmB,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;YACnE,CAAC;YACD,OAAO,CAAC,GAAG,CACT,4BAA4B,GAAG,UAAU,KAAK,8CAA8C,CAC7F,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CACT,4BAA4B,GAAG,UAAU,KAAK,UAAU,cAAc,UAAW,GAAa,EAAE,OAAO,IAAI,GAAG,EAAE,CACjH,CAAC;QACF,8CAA8C;IAChD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,GAAW;IAEX,MAAM,MAAM,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;IACzD,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC,KAAK,CAAC;IAChC,IAAI,CAAC,wCAAwC,EAAE;QAAE,OAAO,IAAI,CAAC;IAC7D,OAAO,uBAAuB,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;AAC9C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB;IACjC,OAAO,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;AAC3C,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB;IAC5C,OAAO,wBAAwB,CAAC,qBAAqB,CAAC,CAAC;AACzD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB;IAC5C,MAAM,GAAG,GAAG,MAAM,wBAAwB,EAAE,CAAC;IAC7C,OAAO,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AACtC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,2BAA2B;IAC/C,OAAO,CAAC,CAAC,CAAC,MAAM,wBAAwB,EAAE,CAAC,CAAC;AAC9C,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B;IAClD,MAAM,MAAM,GAAG,MAAM,8BAA8B,CAAC,qBAAqB,CAAC,CAAC;IAC3E,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC,MAAM,CAAC;IACjC,OAAO,wCAAwC,EAAE;QAC/C,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAC/B,CAAC,CAAC,KAAK;QACP,CAAC,CAAC,IAAI,CAAC;AACX,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB;IAO7C,MAAM,CAAC,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAC1E,wBAAwB,CAAC,qBAAqB,CAAC;QAC/C,wBAAwB,CAAC,oBAAoB,CAAC;QAC9C,wBAAwB,CAAC,iBAAiB,CAAC;QAC3C,wBAAwB,CAAC,kBAAkB,CAAC;QAC5C,wBAAwB,CAAC,kBAAkB,CAAC;KAC7C,CAAC,CAAC;IACH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC;AAC7D,CAAC;AAED,MAAM,uBAAuB,GAAG;IAC9B,qBAAqB;IACrB,oBAAoB;IACpB,iBAAiB;IACjB,kBAAkB;IAClB,kBAAkB;CACV,CAAC;AAEX;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,KAAa,EACb,KAMC,EACD,OAAyD;IAEzD,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,GACvC,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;IACxC,MAAM,MAAM,GAAG,2BAA2B,CACxC,KAAK,EACL,OAAO,EAAE,KAAK,IAAI,IAAI,EACtB,OAAO,EAAE,IAAI,IAAI,IAAI,CACtB,CAAC;IAEF,yEAAyE;IACzE,8CAA8C;IAC9C,MAAM,QAAQ,GAA4B,uBAAuB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAC5E,eAAe,CAAC;QACd,GAAG;QACH,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CACnB,CAAC;IACF,IAAI,MAAM,CAAC,KAAK,KAAK,KAAK,EAAE,CAAC;QAC3B,KAAK,MAAM,GAAG,IAAI,uBAAuB,EAAE,CAAC;YAC1C,QAAQ,CAAC,IAAI,CACX,eAAe,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CACxE,CAAC;QACJ,CAAC;IACH,CAAC;IACD,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAE5B,MAAM,OAAO,GAA0C;QACrD,EAAE,GAAG,EAAE,qBAAqB,EAAE,KAAK,EAAE,KAAK,CAAC,UAAU,EAAE;QACvD,EAAE,GAAG,EAAE,oBAAoB,EAAE,KAAK,EAAE,KAAK,CAAC,SAAS,EAAE;KACtD,CAAC;IACF,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;QACjB,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,iBAAiB,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAChE,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QAClB,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAClE,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QAClB,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,kBAAkB,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IAClE,CAAC;IACD,MAAM,OAAO,CAAC,GAAG,CACf,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,EAAE,EAAE,CAC7B,cAAc,CAAC;QACb,GAAG;QACH,KAAK;QACL,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAC,CACH,CACF,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,KAAa,EACb,OAAyD;IAEzD,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;IAClE,MAAM,MAAM,GAAG,2BAA2B,CACxC,KAAK,EACL,OAAO,EAAE,KAAK,IAAI,IAAI,EACtB,OAAO,EAAE,IAAI,IAAI,IAAI,CACtB,CAAC;IACF,MAAM,OAAO,CAAC,GAAG,CACf,uBAAuB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAClC,eAAe,CAAC;QACd,GAAG;QACH,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,OAAO,EAAE,MAAM,CAAC,OAAO;KACxB,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CACnB,CACF,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,8EAA8E;AAC9E,2CAA2C;AAC3C,EAAE;AACF,0EAA0E;AAC1E,wEAAwE;AACxE,0EAA0E;AAC1E,4EAA4E;AAC5E,yEAAyE;AACzE,0EAA0E;AAC1E,mEAAmE;AACnE,2BAA2B;AAC3B,8EAA8E;AAE9E;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,GAAW;IAC7C,wEAAwE;IACxE,sEAAsE;IACtE,0EAA0E;IAC1E,MAAM,WAAW,GACf,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC;QAC1B,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,EAAE,CAAC,CAAC;IACjE,MAAM,KAAK,GAAG,mBAAmB,EAAE,CAAC;IACpC,IAAI,KAAK,EAAE,CAAC;QACV,IAAI,CAAC;YACH,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,uBAAuB,CAAC,CAAC;YAChE,2BAA2B;YAC3B,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC;gBACrC,GAAG;gBACH,KAAK,EAAE,MAAM;gBACb,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YACH,IAAI,UAAU,EAAE,KAAK,EAAE,CAAC;gBACtB,IAAI,WAAW,EAAE,CAAC;oBAChB,OAAO,CAAC,GAAG,CACT,wBAAwB,GAAG,UAAU,KAAK,sBAAsB,CACjE,CAAC;gBACJ,CAAC;gBACD,OAAO,UAAU,CAAC,KAAK,CAAC;YAC1B,CAAC;YAED,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;YAChC,IAAI,KAAK,EAAE,CAAC;gBACV,kEAAkE;gBAClE,2CAA2C;gBAC3C,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC;oBACpC,GAAG;oBACH,KAAK,EAAE,KAAK;oBACZ,OAAO,EAAE,KAAK;iBACf,CAAC,CAAC;gBACH,IAAI,SAAS,EAAE,KAAK,EAAE,CAAC;oBACrB,IAAI,WAAW,EAAE,CAAC;wBAChB,OAAO,CAAC,GAAG,CACT,wBAAwB,GAAG,UAAU,KAAK,UAAU,KAAK,qBAAqB,CAC/E,CAAC;oBACJ,CAAC;oBACD,OAAO,SAAS,CAAC,KAAK,CAAC;gBACzB,CAAC;gBAED,6DAA6D;gBAC7D,mEAAmE;gBACnE,4BAA4B;gBAC5B,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC;oBAC1C,GAAG;oBACH,KAAK,EAAE,WAAW;oBAClB,OAAO,EAAE,KAAK;iBACf,CAAC,CAAC;gBACH,IAAI,eAAe,EAAE,KAAK,EAAE,CAAC;oBAC3B,IAAI,WAAW,EAAE,CAAC;wBAChB,OAAO,CAAC,GAAG,CACT,wBAAwB,GAAG,UAAU,KAAK,UAAU,KAAK,2BAA2B,CACrF,CAAC;oBACJ,CAAC;oBACD,OAAO,eAAe,CAAC,KAAK,CAAC;gBAC/B,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,mBAAmB,GAAG,MAAM,aAAa,CAAC;oBAC9C,GAAG;oBACH,KAAK,EAAE,WAAW;oBAClB,OAAO,EAAE,QAAQ,KAAK,EAAE;iBACzB,CAAC,CAAC;gBACH,IAAI,mBAAmB,EAAE,KAAK,EAAE,CAAC;oBAC/B,IAAI,WAAW,EAAE,CAAC;wBAChB,OAAO,CAAC,GAAG,CACT,wBAAwB,GAAG,UAAU,KAAK,gCAAgC,CAC3E,CAAC;oBACJ,CAAC;oBACD,OAAO,mBAAmB,CAAC,KAAK,CAAC;gBACnC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,WAAW,EAAE,CAAC;gBAChB,OAAO,CAAC,GAAG,CACT,wBAAwB,GAAG,UAAU,KAAK,oBAAqB,GAAa,EAAE,OAAO,IAAI,GAAG,EAAE,CAC/F,CAAC;YACJ,CAAC;YACD,8CAA8C;QAChD,CAAC;QACD,sEAAsE;QACtE,mEAAmE;QACnE,sEAAsE;QACtE,kDAAkD;QAClD,MAAM,WAAW,GAAG,wCAAwC,EAAE;YAC5D,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI;YAC1B,CAAC,CAAC,IAAI,CAAC;QACT,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,CAAC,GAAG,CACT,wBAAwB,GAAG,UAAU,KAAK,UAAU,eAAe,EAAE,IAAI,QAAQ,UAAU,WAAW,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,QAAQ,CAAC,CAAC,WAAW,EAAE,CACxJ,CAAC;QACJ,CAAC;QACD,OAAO,WAAW,CAAC;IACrB,CAAC;IACD,uEAAuE;IACvE,mDAAmD;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;IACvC,IAAI,WAAW,EAAE,CAAC;QAChB,OAAO,CAAC,GAAG,CACT,wBAAwB,GAAG,yCAAyC,CAAC,CAAC,KAAK,EAAE,CAC9E,CAAC;IACJ,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,8EAA8E;AAC9E,uEAAuE;AACvE,iEAAiE;AACjE,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB;IAClC,OAAO,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;AAC3C,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,qBAAqB;IACnC,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,oBAAoB;QAChC,OAAO,CAAC,GAAG,CAAC,QAAQ;QACpB,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,gCAAgC,CACjC,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,wBAAwB;IACtC,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,wBAAwB;QACpC,gDAAgD,CACjD,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,gCAAgC;IAC9C,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,iCAAiC;QAC7C,+CAA+C,CAChD,CAAC;AACJ,CAAC;AAED,uEAAuE;AACvE,MAAM,UAAU,oBAAoB;IAClC,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IAC5C,OAAO,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;AACtC,CAAC","sourcesContent":["/**\n * Credential provider abstraction.\n *\n * Every feature that needs an external credential (Anthropic API key,\n * Google OAuth tokens, OpenAI key, Slack bot token, etc.) should go through\n * one of the resolve*() helpers here instead of reading `process.env`\n * directly. That way the same feature can work in three modes:\n *\n *   1. User set their own key in .env              → use it directly\n *   2. User connected Builder via `/cli-auth`      → route through Builder proxy\n *   3. Neither                                      → throw FeatureNotConfigured\n *\n * Templates catch FeatureNotConfigured and show a \"Connect Builder (1 click) /\n * set up your own key (guide)\" card.\n *\n * Today these helpers are used by the Builder-hosted LLM gateway, and the\n * shape is meant to grow to cover future managed credential integrations\n * (e.g. additional Builder-hosted services) without rewrites.\n */\n\nimport { getRequestUserEmail, getRequestOrgId } from \"./request-context.js\";\nimport { isLocalDatabase } from \"../db/client.js\";\n\n/**\n * Decide which `app_secrets` scope a Builder/credential write should use.\n *\n * Org scope (\"everyone in this org sees these credentials\") wins when the\n * connecting user is an owner or admin of an active org — the write\n * privileges shared infra. A plain member or a user without an active\n * org falls through to per-user scope so a teammate can't silently\n * overwrite the org-shared connection.\n */\nexport function resolveCredentialWriteScope(\n  email: string,\n  orgId: string | null | undefined,\n  role: string | null | undefined,\n): { scope: \"user\" | \"org\"; scopeId: string } {\n  if (orgId && (role === \"owner\" || role === \"admin\")) {\n    return { scope: \"org\", scopeId: orgId };\n  }\n  return { scope: \"user\", scopeId: email };\n}\n\nexport class FeatureNotConfiguredError extends Error {\n  readonly requiredCredential: string;\n  readonly builderConnectUrl?: string;\n  readonly byokDocsUrl?: string;\n\n  constructor(opts: {\n    requiredCredential: string;\n    message?: string;\n    builderConnectUrl?: string;\n    byokDocsUrl?: string;\n  }) {\n    super(\n      opts.message ??\n        `Feature requires credential \"${opts.requiredCredential}\". Connect Builder or set your own key.`,\n    );\n    this.name = \"FeatureNotConfiguredError\";\n    this.requiredCredential = opts.requiredCredential;\n    this.builderConnectUrl = opts.builderConnectUrl;\n    this.byokDocsUrl = opts.byokDocsUrl;\n  }\n}\n\n/**\n * Deployment-level credential fallback for single-tenant/local operation.\n * Multi-tenant call sites must gate this explicitly before calling.\n */\nexport function readDeployCredentialEnv(key: string): string | undefined {\n  return process.env[key] || undefined;\n}\n\n/**\n * Deployment-level credentials are safe as a runtime fallback only in local /\n * single-tenant contexts. In hosted production with a shared database, every\n * signed-in user needs their own user/org/workspace credential so one deploy\n * key does not silently power another tenant's chat.\n */\nexport function isDeployCredentialFallbackAllowed(): boolean {\n  if (process.env.NODE_ENV !== \"production\") return true;\n  return isLocalDatabase();\n}\n\nexport function canUseDeployCredentialFallbackForRequest(): boolean {\n  const email = getRequestUserEmail();\n  if (!email) return true;\n  return isDeployCredentialFallbackAllowed();\n}\n\n// ---------------------------------------------------------------------------\n// Builder credential resolution:\n//\n//   1. **Request-scoped credentials.** A signed-in user can connect Builder\n//      through the CLI-auth flow. Owner/admin connections land at org scope;\n//      member/no-org connections land at user scope.\n//\n//   2. **Deployment fallback.** BUILDER_PRIVATE_KEY in env still makes local\n//      and single-tenant deploys work out of the box, but it no longer blocks\n//      per-user connect. Request-scoped credentials win whenever present.\n//\n// To run multi-tenant SaaS: prefer leaving BUILDER_PRIVATE_KEY unset unless a\n// shared fallback identity is intentional.\n// ---------------------------------------------------------------------------\n\ntype BuilderCredentialSource = \"user\" | \"org\" | \"workspace\" | \"env\";\n\nasync function resolveScopedBuilderCredential(\n  key: string,\n): Promise<{ value: string; source: \"user\" | \"org\" | \"workspace\" } | null> {\n  const email = getRequestUserEmail();\n  if (!email) return null;\n\n  // Always trace Builder lookups — these come up in \"I connected Builder but\n  // chat still says Use Builder\" support requests, and without scope-by-scope\n  // visibility into where the lookup actually went, the only diagnostic move\n  // is to ask the user to redo the connect flow. Mirrors `resolveSecret`'s\n  // default-on trace gate for BUILDER_* keys.\n  let scopeAttempted = \"user\";\n  try {\n    const { readAppSecret } = await import(\"../secrets/storage.js\");\n\n    // 1. Per-user override: a user can paste their own key in settings to\n    //    overrule the org-shared one (handy for a personal sandbox).\n    const userSecret = await readAppSecret({\n      key,\n      scope: \"user\",\n      scopeId: email,\n    });\n    if (userSecret) {\n      console.log(\n        `[builder-credential] key=${key} email=${email} scope=user hit=true`,\n      );\n      return { value: userSecret.value, source: \"user\" };\n    }\n\n    // 2. Per-org shared credential: when one teammate connects Builder\n    //    as an owner/admin we write the OAuth result at org scope so\n    //    every member of that org gets the AI chat working without\n    //    re-running the connect flow. Resolution falls back here\n    //    silently — the caller never has to know which scope answered.\n    const orgId = getRequestOrgId();\n    if (orgId) {\n      scopeAttempted = \"org\";\n      const orgSecret = await readAppSecret({\n        key,\n        scope: \"org\",\n        scopeId: orgId,\n      });\n      if (orgSecret) {\n        console.log(\n          `[builder-credential] key=${key} email=${email} orgId=${orgId} scope=org hit=true`,\n        );\n        return { value: orgSecret.value, source: \"org\" };\n      }\n\n      // Older setup flows wrote shared credentials at workspace scope.\n      // Keep reading those rows so status UIs and runtime resolution agree\n      // for users who connected before org-scoped Builder credentials existed.\n      scopeAttempted = \"workspace\";\n      const workspaceSecret = await readAppSecret({\n        key,\n        scope: \"workspace\",\n        scopeId: orgId,\n      });\n      if (workspaceSecret) {\n        console.log(\n          `[builder-credential] key=${key} email=${email} orgId=${orgId} scope=workspace hit=true`,\n        );\n        return { value: workspaceSecret.value, source: \"workspace\" };\n      }\n      console.log(\n        `[builder-credential] key=${key} email=${email} orgId=${orgId} miss tried=user,org,workspace`,\n      );\n    } else {\n      scopeAttempted = \"workspace-solo\";\n      const soloWorkspaceSecret = await readAppSecret({\n        key,\n        scope: \"workspace\",\n        scopeId: `solo:${email}`,\n      });\n      if (soloWorkspaceSecret) {\n        console.log(\n          `[builder-credential] key=${key} email=${email} scope=workspace-solo hit=true`,\n        );\n        return { value: soloWorkspaceSecret.value, source: \"workspace\" };\n      }\n      console.log(\n        `[builder-credential] key=${key} email=${email} orgId=(none) miss tried=user,workspace-solo`,\n      );\n    }\n  } catch (err) {\n    console.log(\n      `[builder-credential] key=${key} email=${email} scope=${scopeAttempted} error=${(err as Error)?.message ?? err}`,\n    );\n    // Secrets table not ready — treat as missing.\n  }\n  return null;\n}\n\n/**\n * Resolve a Builder credential for the current request. User/org credentials\n * win; deployment env is only a fallback. This lets local/root .env keys keep\n * a template working while still allowing users to connect their own Builder\n * account from Settings or onboarding.\n */\nexport async function resolveBuilderCredential(\n  key: string,\n): Promise<string | null> {\n  const scoped = await resolveScopedBuilderCredential(key);\n  if (scoped) return scoped.value;\n  if (!canUseDeployCredentialFallbackForRequest()) return null;\n  return readDeployCredentialEnv(key) ?? null;\n}\n\n/**\n * True when `BUILDER_PRIVATE_KEY` is set at the deployment level. This means\n * a deploy-level fallback exists; it does not prevent per-user connect.\n */\nexport function isBuilderEnvManaged(): boolean {\n  return !!process.env.BUILDER_PRIVATE_KEY;\n}\n\n/**\n * Resolve the Builder private key for the current request. User/org OAuth\n * credentials win; deploy-level `BUILDER_PRIVATE_KEY` is the fallback.\n */\nexport async function resolveBuilderPrivateKey(): Promise<string | null> {\n  return resolveBuilderCredential(\"BUILDER_PRIVATE_KEY\");\n}\n\n/**\n * Resolve the current user's Builder auth header.\n * Returns `\"Bearer <key>\"` or null.\n */\nexport async function resolveBuilderAuthHeader(): Promise<string | null> {\n  const key = await resolveBuilderPrivateKey();\n  return key ? `Bearer ${key}` : null;\n}\n\n/**\n * Check whether the current user has a Builder private key configured\n * (per-user or deployment-level).\n */\nexport async function resolveHasBuilderPrivateKey(): Promise<boolean> {\n  return !!(await resolveBuilderPrivateKey());\n}\n\n/**\n * Resolve where the effective Builder private key came from. Used by status\n * UIs so they can distinguish a deploy fallback from a user/org connection.\n */\nexport async function resolveBuilderCredentialSource(): Promise<BuilderCredentialSource | null> {\n  const scoped = await resolveScopedBuilderCredential(\"BUILDER_PRIVATE_KEY\");\n  if (scoped) return scoped.source;\n  return canUseDeployCredentialFallbackForRequest() &&\n    process.env.BUILDER_PRIVATE_KEY\n    ? \"env\"\n    : null;\n}\n\n/**\n * Resolve all per-user Builder credentials. Used by the status endpoint\n * and agent-chat-plugin to get orgName, userId, etc.\n */\nexport async function resolveBuilderCredentials(): Promise<{\n  privateKey: string | null;\n  publicKey: string | null;\n  userId: string | null;\n  orgName: string | null;\n  orgKind: string | null;\n}> {\n  const [privateKey, publicKey, userId, orgName, orgKind] = await Promise.all([\n    resolveBuilderCredential(\"BUILDER_PRIVATE_KEY\"),\n    resolveBuilderCredential(\"BUILDER_PUBLIC_KEY\"),\n    resolveBuilderCredential(\"BUILDER_USER_ID\"),\n    resolveBuilderCredential(\"BUILDER_ORG_NAME\"),\n    resolveBuilderCredential(\"BUILDER_ORG_KIND\"),\n  ]);\n  return { privateKey, publicKey, userId, orgName, orgKind };\n}\n\nconst BUILDER_CREDENTIAL_KEYS = [\n  \"BUILDER_PRIVATE_KEY\",\n  \"BUILDER_PUBLIC_KEY\",\n  \"BUILDER_USER_ID\",\n  \"BUILDER_ORG_NAME\",\n  \"BUILDER_ORG_KIND\",\n] as const;\n\n/**\n * Write Builder credentials to `app_secrets`.\n *\n * Scope decision (see `resolveCredentialWriteScope`): when the connecting\n * user is owner/admin of an active org we write at `scope: \"org\"` so every\n * member of that org auto-resolves the credentials via\n * `resolveBuilderCredential`'s org fallback — no per-user re-connect\n * needed. A plain member or a user with no active org writes at\n * `scope: \"user\"` (the safe default that doesn't trample the org's shared\n * connection).\n *\n * Stale-credential cleanup: before writing the new values we (1) clear ALL\n * five BUILDER_* keys at the target scope, so optional fields the new\n * connection doesn't carry (e.g. user picked a Builder space that returns\n * no orgName) don't leave the previous connection's metadata behind, and\n * (2) when writing at org scope, also clear the writer's own user-scope\n * BUILDER_* rows so a stale personal override from an earlier connect\n * doesn't shadow the new org write on resolution (user scope wins org\n * scope by design — see `resolveScopedBuilderCredential`). The org-scope\n * row is intentionally left alone when writing at user scope: that row is\n * shared with the rest of the org and a single user's personal override\n * shouldn't blow it away. (Victoria's \"I signed in again with my Builder\n * space and it still says no credits\" report on 2026-05-11 was exactly\n * this stale-shadow case.)\n *\n * Returns the actual scope/scopeId used so the caller can show \"Connected\n * for Builder.io\" vs \"Connected (personal)\" in the UI.\n */\nexport async function writeBuilderCredentials(\n  email: string,\n  creds: {\n    privateKey: string;\n    publicKey: string;\n    userId?: string | null;\n    orgName?: string | null;\n    orgKind?: string | null;\n  },\n  options?: { orgId?: string | null; role?: string | null },\n): Promise<{ scope: \"user\" | \"org\"; scopeId: string }> {\n  const { writeAppSecret, deleteAppSecret } =\n    await import(\"../secrets/storage.js\");\n  const target = resolveCredentialWriteScope(\n    email,\n    options?.orgId ?? null,\n    options?.role ?? null,\n  );\n\n  // Clear stale rows before writing the new connection. See the function's\n  // doc comment for the two cases this handles.\n  const cleanups: Array<Promise<unknown>> = BUILDER_CREDENTIAL_KEYS.map((key) =>\n    deleteAppSecret({\n      key,\n      scope: target.scope,\n      scopeId: target.scopeId,\n    }).catch(() => {}),\n  );\n  if (target.scope === \"org\") {\n    for (const key of BUILDER_CREDENTIAL_KEYS) {\n      cleanups.push(\n        deleteAppSecret({ key, scope: \"user\", scopeId: email }).catch(() => {}),\n      );\n    }\n  }\n  await Promise.all(cleanups);\n\n  const entries: Array<{ key: string; value: string }> = [\n    { key: \"BUILDER_PRIVATE_KEY\", value: creds.privateKey },\n    { key: \"BUILDER_PUBLIC_KEY\", value: creds.publicKey },\n  ];\n  if (creds.userId) {\n    entries.push({ key: \"BUILDER_USER_ID\", value: creds.userId });\n  }\n  if (creds.orgName) {\n    entries.push({ key: \"BUILDER_ORG_NAME\", value: creds.orgName });\n  }\n  if (creds.orgKind) {\n    entries.push({ key: \"BUILDER_ORG_KIND\", value: creds.orgKind });\n  }\n  await Promise.all(\n    entries.map(({ key, value }) =>\n      writeAppSecret({\n        key,\n        value,\n        scope: target.scope,\n        scopeId: target.scopeId,\n      }),\n    ),\n  );\n  return target;\n}\n\n/**\n * Delete Builder credentials.\n *\n * Default behaviour: clears only this user's per-user override (so a\n * member can disconnect their personal Builder identity without\n * collapsing the org-wide connection for every teammate). To revoke the\n * org's shared connection, pass `{ orgId, role }` for an owner/admin —\n * matching the same authority gate `writeBuilderCredentials` uses on\n * write. Plain members can never reach the org-scoped row.\n */\nexport async function deleteBuilderCredentials(\n  email: string,\n  options?: { orgId?: string | null; role?: string | null },\n): Promise<{ scope: \"user\" | \"org\"; scopeId: string }> {\n  const { deleteAppSecret } = await import(\"../secrets/storage.js\");\n  const target = resolveCredentialWriteScope(\n    email,\n    options?.orgId ?? null,\n    options?.role ?? null,\n  );\n  await Promise.all(\n    BUILDER_CREDENTIAL_KEYS.map((key) =>\n      deleteAppSecret({\n        key,\n        scope: target.scope,\n        scopeId: target.scopeId,\n      }).catch(() => {}),\n    ),\n  );\n  return target;\n}\n\n// ---------------------------------------------------------------------------\n// Generic request-scoped secret resolution\n//\n// New consumers should prefer this over reading `process.env.X` directly.\n// User-pasted and shared secrets live in `app_secrets` (encrypted). The\n// settings UI / onboarding panels can write user, org, or workspace rows.\n// Deploy-level env vars are the fallback for unauthenticated/CLI/background\n// contexts where there's no user to scope by — never the silent fallback\n// for an authenticated request, since on a multi-tenant deploy that would\n// silently identify every user as whoever set the deploy-level key\n// (KVesta Space, 2026-04).\n// ---------------------------------------------------------------------------\n\n/**\n * Resolve a request-scoped secret. Reads from `app_secrets` first (current\n * user override, active org, then workspace row); falls back to `process.env`\n * only when the deploy fallback policy allows it.\n */\nexport async function resolveSecret(key: string): Promise<string | null> {\n  // Log Builder-credential lookups by default so \"I connected Builder but\n  // chat says no LLM\" reports can be diagnosed from server logs without\n  // re-running anything. Keep noise low by gating other keys behind a flag.\n  const traceLookup =\n    key.startsWith(\"BUILDER_\") ||\n    /^(1|true)$/i.test(process.env.DEBUG_CREDENTIAL_RESOLVE ?? \"\");\n  const email = getRequestUserEmail();\n  if (email) {\n    try {\n      const { readAppSecret } = await import(\"../secrets/storage.js\");\n      // Per-user override first.\n      const userSecret = await readAppSecret({\n        key,\n        scope: \"user\",\n        scopeId: email,\n      });\n      if (userSecret?.value) {\n        if (traceLookup) {\n          console.log(\n            `[resolve-secret] key=${key} email=${email} scope=user hit=true`,\n          );\n        }\n        return userSecret.value;\n      }\n\n      const orgId = getRequestOrgId();\n      if (orgId) {\n        // Fall back to the active org's shared row, when present. Builder\n        // Connect uses this first-class org scope.\n        const orgSecret = await readAppSecret({\n          key,\n          scope: \"org\",\n          scopeId: orgId,\n        });\n        if (orgSecret?.value) {\n          if (traceLookup) {\n            console.log(\n              `[resolve-secret] key=${key} email=${email} orgId=${orgId} scope=org hit=true`,\n            );\n          }\n          return orgSecret.value;\n        }\n\n        // Registered secrets historically used \"workspace\" scope for\n        // org-shared configuration. Keep reading it so Settings status and\n        // runtime resolution agree.\n        const workspaceSecret = await readAppSecret({\n          key,\n          scope: \"workspace\",\n          scopeId: orgId,\n        });\n        if (workspaceSecret?.value) {\n          if (traceLookup) {\n            console.log(\n              `[resolve-secret] key=${key} email=${email} orgId=${orgId} scope=workspace hit=true`,\n            );\n          }\n          return workspaceSecret.value;\n        }\n      } else {\n        const soloWorkspaceSecret = await readAppSecret({\n          key,\n          scope: \"workspace\",\n          scopeId: `solo:${email}`,\n        });\n        if (soloWorkspaceSecret?.value) {\n          if (traceLookup) {\n            console.log(\n              `[resolve-secret] key=${key} email=${email} scope=workspace-solo hit=true`,\n            );\n          }\n          return soloWorkspaceSecret.value;\n        }\n      }\n    } catch (err) {\n      if (traceLookup) {\n        console.log(\n          `[resolve-secret] key=${key} email=${email} scope=error err=${(err as Error)?.message ?? err}`,\n        );\n      }\n      // Secrets table not ready — treat as missing.\n    }\n    // Authenticated multi-tenant context: never fall back to process.env.\n    // The deploy-level value would silently impersonate the actual key\n    // owner across every tenant. Local/single-tenant deployments keep the\n    // original env fallback for BYO-server workflows.\n    const envFallback = canUseDeployCredentialFallbackForRequest()\n      ? process.env[key] || null\n      : null;\n    if (traceLookup) {\n      console.log(\n        `[resolve-secret] key=${key} email=${email} orgId=${getRequestOrgId() ?? \"(none)\"} scope=${envFallback ? \"env-fallback\" : \"none\"} hit=${!!envFallback}`,\n      );\n    }\n    return envFallback;\n  }\n  // Unauthenticated / local-dev / CLI / background context: env fallback\n  // is safe because there's no user to mis-identify.\n  const value = process.env[key] || null;\n  if (traceLookup) {\n    console.log(\n      `[resolve-secret] key=${key} email=(none) scope=env-anonymous hit=${!!value}`,\n    );\n  }\n  return value;\n}\n\n// ---------------------------------------------------------------------------\n// Synchronous helpers — env-only fallbacks for contexts where per-user\n// lookup isn't possible (sync isConfigured checks, CLI scripts).\n// ---------------------------------------------------------------------------\n\n/**\n * True when a Builder private key is configured at the deployment level.\n *\n * This is the same env-only check as `isBuilderEnvManaged()`. For \"does this\n * request have access to Builder via user/org/env credentials?\" use the async\n * `resolveHasBuilderPrivateKey()`.\n */\nexport function hasBuilderPrivateKey(): boolean {\n  return !!process.env.BUILDER_PRIVATE_KEY;\n}\n\n/** The origin for Builder-proxied API calls. Overridable for testing. */\nexport function getBuilderProxyOrigin(): string {\n  return (\n    process.env.BUILDER_PROXY_ORIGIN ||\n    process.env.AIR_HOST ||\n    process.env.BUILDER_API_HOST ||\n    \"https://ai-services.builder.io\"\n  );\n}\n\n/**\n * Base URL for the public Builder LLM gateway (distinct from the internal\n * proxy origin above — the public gateway lives at\n * api.builder.io/agent-native/gateway, while the internal origin is\n * ai-services.builder.io).\n * Override via BUILDER_GATEWAY_BASE_URL for staging / testing.\n */\nexport function getBuilderGatewayBaseUrl(): string {\n  return (\n    process.env.BUILDER_GATEWAY_BASE_URL ||\n    \"https://api.builder.io/agent-native/gateway/v1\"\n  );\n}\n\n/**\n * Base URL for Builder-managed image generation.\n * Override via BUILDER_IMAGE_GENERATION_BASE_URL for staging / testing.\n */\nexport function getBuilderImageGenerationBaseUrl(): string {\n  return (\n    process.env.BUILDER_IMAGE_GENERATION_BASE_URL ||\n    \"https://api.builder.io/agent-native/images/v1\"\n  );\n}\n\n/** Authorization header value for Builder-proxied calls (env-only). */\nexport function getBuilderAuthHeader(): string | null {\n  const key = process.env.BUILDER_PRIVATE_KEY;\n  return key ? `Bearer ${key}` : null;\n}\n"]}

package/dist/server/google-auth-plugin.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"google-auth-plugin.d.ts","sourceRoot":"","sources":["../../src/server/google-auth-plugin.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,KAAK,cAAc,EACpB,MAAM,uBAAuB,CAAC;AAE/B,KAAK,cAAc,GAAG,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE9D,MAAM,WAAW,uBAAuB;IACtC,yDAAyD;IACzD,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB;;;;OAIG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC;AA0UD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,CAAC,EAAE,uBAAuB,GAChC,cAAc,CAYhB"}
+{"version":3,"file":"google-auth-plugin.d.ts","sourceRoot":"","sources":["../../src/server/google-auth-plugin.ts"],"names":[],"mappings":"AAGA,OAAO,EAEL,KAAK,cAAc,EACpB,MAAM,uBAAuB,CAAC;AAE/B,KAAK,cAAc,GAAG,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE9D,MAAM,WAAW,uBAAuB;IACtC,yDAAyD;IACzD,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB;;;;OAIG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC;AA0XD;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,CAAC,EAAE,uBAAuB,GAChC,cAAc,CAYhB"}

package/dist/server/google-auth-plugin.js

@@ -101,18 +101,27 @@ function getGoogleLoginHtml(googleAuthMode) {
     return origin ? origin + path : __anPath(path);
   }
   function __anBuilderPreviewReturnOrigin() {
+    var candidates = [window.location.href, document.referrer || ''];
     try {
-      var url = new URL(window.location.href);
-      var host = url.hostname.toLowerCase();
-      var isPreviewHost =
-        host === 'builderio.xyz' || host.slice(-14) === '.builderio.xyz' ||
-        host === 'builderio.dev' || host.slice(-14) === '.builderio.dev' ||
-        host === 'builder.codes' || host.slice(-14) === '.builder.codes' ||
-        host === 'builder.my' || host.slice(-11) === '.builder.my';
-      return url.protocol === 'https:' && isPreviewHost ? url.origin : '';
-    } catch(e) {
-      return '';
+      if (window.location.ancestorOrigins) {
+        for (var j = 0; j < window.location.ancestorOrigins.length; j++) {
+          candidates.push(window.location.ancestorOrigins[j]);
+        }
+      }
+    } catch(e) {}
+    for (var i = 0; i < candidates.length; i++) {
+      try {
+        var url = new URL(candidates[i]);
+        var host = url.hostname.toLowerCase();
+        var isPreviewHost =
+          host === 'builderio.xyz' || host.slice(-14) === '.builderio.xyz' ||
+          host === 'builderio.dev' || host.slice(-14) === '.builderio.dev' ||
+          host === 'builder.codes' || host.slice(-14) === '.builder.codes' ||
+          host === 'builder.my' || host.slice(-11) === '.builder.my';
+        if (url.protocol === 'https:' && isPreviewHost) return url.origin;
+      } catch(e) {}
     }
+    return '';
   }
   function __anWorkspaceGatewayReturnOrigin() {
     var previewOrigin = __anBuilderPreviewReturnOrigin();
@@ -152,6 +161,15 @@ function getGoogleLoginHtml(googleAuthMode) {
     var origin = __anWorkspaceGatewayReturnOrigin();
     return origin ? origin + path : path;
   }
+  function __anFinishOAuthExchange(ret, flowId) {
+    if (__anIsBuilderPreview()) {
+      __anSetOAuthDebug('OAuth exchange redeemed; reloading the embedded app', flowId);
+      window.location.reload();
+      return;
+    }
+    __anSetOAuthDebug('OAuth exchange redeemed; returning to the app', flowId);
+    window.location.href = ret || '/';
+  }
   function __anIsBuilderPreview() {
     try {
       var params = new URLSearchParams(window.location.search);
@@ -172,6 +190,13 @@ function getGoogleLoginHtml(googleAuthMode) {
       return false;
     }
   }
+  function __anIsAgentNativeDesktop() {
+    try {
+      return (navigator.userAgent || '').indexOf('AgentNativeDesktop') !== -1;
+    } catch(e) {
+      return false;
+    }
+  }
   function __anIsElectron() {
     try {
       return (navigator.userAgent || '').indexOf('Electron') !== -1;
@@ -180,7 +205,7 @@ function getGoogleLoginHtml(googleAuthMode) {
     }
   }
   function __anResolveAuthFlow() {
-    if (__anIsBuilderPreview() && !__anIsBuilderDesktop()) return 'popup';
+    if (__anIsBuilderPreview()) return 'popup';
     var mode = __AN_GOOGLE_AUTH_MODE || 'auto';
     if (mode === 'popup') return 'popup';
     if (mode === 'redirect') return 'redirect';
@@ -199,15 +224,22 @@ function getGoogleLoginHtml(googleAuthMode) {
   function __anFlowDebugId(flowId) {
     return flowId ? String(flowId).slice(-10) : '';
   }
+  function __anShouldShowOAuthDebug() {
+    try {
+      var loc = window.location || {};
+      return (typeof loc.hash === 'string' && loc.hash.indexOf('oauth-debug') !== -1) ||
+        (typeof loc.search === 'string' && loc.search.indexOf('oauth_debug=1') !== -1);
+    } catch(e) { return false; }
+  }
   function __anSetOAuthDebug(message, flowId) {
     var text = message + (flowId ? ' (flow ' + __anFlowDebugId(flowId) + ')' : '');
     try {
-      console.info('[agent-native][google-oauth]', { message: message, flow: __anFlowDebugId(flowId) || undefined });
+      console.info('[agent-native][google-oauth] ' + text);
     } catch(e) {}
     var debug = document.getElementById('debug');
     if (debug) {
       debug.textContent = text;
-      debug.classList.add('show');
+      if (__anShouldShowOAuthDebug()) debug.classList.add('show');
     }
   }
   function __anShowOAuthError(err, btn, message) {
@@ -231,8 +263,7 @@ function getGoogleLoginHtml(googleAuthMode) {
         if (data && (data.email || data.token)) {
           if (__anOAuthPollTimer) clearInterval(__anOAuthPollTimer);
           __anOAuthPollTimer = null;
-          __anSetOAuthDebug('OAuth exchange redeemed; returning to the app', flowId);
-          window.location.href = ret || '/';
+          __anFinishOAuthExchange(ret, flowId);
           return;
         }
         if (data && data.error) {
@@ -249,7 +280,7 @@ function getGoogleLoginHtml(googleAuthMode) {
         }
       }
       if (Date.now() - started > timeoutMs) {
-        __anShowOAuthError(err, btn, 'Google sign-in did not finish. Flow ' + __anFlowDebugId(flowId) + ' never redeemed; check server logs for [agent-native][google-oauth].');
+        __anShowOAuthError(err, btn, 'Google sign-in did not finish. Flow ' + __anFlowDebugId(flowId) + ' never reached this app. Check the Google OAuth redirect URI and server logs for [agent-native][google-oauth].');
       }
     }
     if (__anOAuthPollTimer) clearInterval(__anOAuthPollTimer);
@@ -258,8 +289,9 @@ function getGoogleLoginHtml(googleAuthMode) {
   }
   function __anStartPopupOAuth(ret, btn, err) {
     var flowId = __anNewOAuthFlowId();
+    var oauthReturn = __anIsBuilderPreview() ? __anOAuthReturnTarget(ret) : ret;
     var params = new URLSearchParams();
-    if (ret) params.set('return', ret);
+    if (oauthReturn) params.set('return', oauthReturn);
     params.set('desktop', '1');
     params.set('flow_id', flowId);
     params.set('redirect', '1');
@@ -287,6 +319,18 @@ function getGoogleLoginHtml(googleAuthMode) {
     }
     __anWaitForOAuthExchange(flowId, ret, btn, err);
   }
+  function __anStartNativeDesktopOAuth(ret, btn, err) {
+    var flowId = __anNewOAuthFlowId();
+    var params = new URLSearchParams();
+    if (ret) params.set('return', ret);
+    params.set('desktop', '1');
+    params.set('flow_id', flowId);
+    params.set('redirect', '1');
+    var url = __anPath('/_agent-native/google/auth-url') + '?' + params.toString();
+    __anSetOAuthDebug('Opening Google sign-in in system browser', flowId);
+    __anOpenOAuthUrl(url);
+    __anWaitForOAuthExchange(flowId, ret, btn, err);
+  }
   function __anOpenOAuthUrl(url) {
     try { sessionStorage.setItem('__an_signin', '1'); } catch(e) {}
     window.location.href = url;
@@ -301,6 +345,10 @@ function getGoogleLoginHtml(googleAuthMode) {
       __anStartPopupOAuth(ret, btn, err);
       return;
     }
+    if (__anIsAgentNativeDesktop()) {
+      __anStartNativeDesktopOAuth(ret, btn, err);
+      return;
+    }
     if (__anIsBuilderPreview()) {
       var params = new URLSearchParams();
       if (ret) params.set('return', __anOAuthReturnTarget(ret));