@agent-native/core 0.7.19 → 0.7.20

package/dist/server/builder-browser.js.map

@@ -1 +1 @@
-{"version":3,"file":"builder-browser.js","sourceRoot":"","sources":["../../src/server/builder-browser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEvE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9D,MAAM,wBAAwB,GAAG,oBAAoB,CAAC;AACtD,MAAM,wBAAwB,GAAG,wBAAwB,CAAC;AAC1D,MAAM,oBAAoB,GAAG,sBAAsB,CAAC;AACpD,MAAM,yBAAyB,GAAG,sBAAsB,CAAC;AAEzD,MAAM,CAAC,MAAM,qBAAqB,GAAG,iCAAiC,CAAC;AAEvE;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,WAAW,CAAC;AAE/C,MAAM,oBAAoB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAwB5C,SAAS,WAAW,CAAC,KAAa,EAAE,YAAoB,EAAE,EAAU;IAClE,OAAO,UAAU,CAAC,QAAQ,EAAE,gBAAgB,aAAa,EAAE,EAAE,CAAC;SAC3D,MAAM,CAAC,GAAG,KAAK,IAAI,YAAY,IAAI,EAAE,EAAE,CAAC;SACxC,MAAM,CAAC,WAAW,CAAC,CAAC;AACzB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,wBAAwB,CAAC,YAAoB;IAC3D,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACtB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC7E,MAAM,GAAG,GAAG,WAAW,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;IACjD,OAAO,GAAG,KAAK,IAAI,YAAY,IAAI,EAAE,IAAI,GAAG,EAAE,CAAC;AACjD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CACxC,KAAgC,EAChC,YAAoB;IAEpB,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAClE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACrC,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;IAChD,IAAI,CAAC,KAAK,IAAI,CAAC,YAAY,IAAI,CAAC,KAAK,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAC;IAE5D,IAAI,UAAkB,CAAC;IACvB,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACvE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,UAAU,KAAK,YAAY;QAAE,OAAO,KAAK,CAAC;IAE9C,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IACzB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IACvC,mEAAmE;IACnE,qEAAqE;IACrE,mCAAmC;IACnC,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,oBAAoB;QAAE,OAAO,KAAK,CAAC;IAEnE,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC,CAAC;IACnE,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,QAAQ,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACvD,OAAO,eAAe,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,yBAAyB,CAAC,SAAiB;IAClD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAClC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC/C,MAAM,iBAAiB,GACrB,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC;QAC9D,MAAM,WAAW,GACf,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,OAAO,CAAC;QACvB,MAAM,eAAe,GACnB,QAAQ,KAAK,YAAY,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,mBAAmB,GACvB,QAAQ,KAAK,kBAAkB,IAAI,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;QAC5E,OAAO,CACL,iBAAiB;YACjB,CAAC,WAAW,IAAI,eAAe,IAAI,mBAAmB,CAAC,CACxD,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,MAAc;IACrC,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,OAAO,CAAC,GAAG,CAAC,uBAAuB;QACnC,wBAAwB,CACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,QAAQ;QACpB,OAAO,CAAC,GAAG,CAAC,YAAY;QACxB,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,wBAAwB,CACzB,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAc,EACd,QAAuB,IAAI;IAE3B,MAAM,gBAAgB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,WAAW,GAAG,IAAI,GAAG,CACzB,GAAG,WAAW,GAAG,qBAAqB,EAAE,EACxC,gBAAgB,CACjB,CAAC;IACF,IAAI,KAAK,EAAE,CAAC;QACV,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACtD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC9C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC;IACnD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC;IAC7D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC7D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,GAAG,gBAAgB,GAAG,WAAW,EAAE,CAAC,CAAC;IACzE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IAClD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,2BAA2B,CAAC,MAAc;IACxD,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,GAAG,cAAc,EAAE,gCAAgC,CAAC;AACvF,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,MAAc;IACpD,OAAO;QACL,UAAU,EAAE,CAAC,CAAC,CACZ,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAClE;QACD,cAAc,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc;QAC5C,OAAO,EAAE,iBAAiB,EAAE;QAC5B,OAAO,EAAE,iBAAiB,EAAE;QAC5B,UAAU,EAAE,2BAA2B,CAAC,MAAM,CAAC;QAC/C,mBAAmB,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB;QACrD,oBAAoB,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB;QACvD,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,SAAS;QAChD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,SAAS;QAClD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,SAAS;KACnD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,+BAA+B,CAC7C,KAAc;IAEd,OAAO,uBAAuB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AACnD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,qBAAqB;IACrB,oBAAoB;IACpB,iBAAiB;IACjB,kBAAkB;IAClB,kBAAkB;CACV,CAAC;AAIX,MAAM,UAAU,yBAAyB,CAAC,MAMzC;IACC,MAAM,MAAM,GAAkC;QAC5C,mBAAmB,EAAE,MAAM,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,EAAE;QACpD,kBAAkB,EAAE,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE;QAClD,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE;QAC5C,gBAAgB,EAAE,MAAM,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE;QAC9C,gBAAgB,EAAE,MAAM,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE;KAC/C,CAAC;IACF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;AACtE,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,UAAqC,EACrC,KAAc;IAEd,IAAI,UAAU,IAAI,yBAAyB,CAAC,UAAU,CAAC,EAAE,CAAC;QACxD,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,gCAAgC,CAAC,UAAkB;IACjE,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IAC9C,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;mBAoCU,UAAU;;;;;;;;;;;sCAWS,UAAU;;;;;;QAMxC,CAAC;AACT,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,qCAAqC,CAAC,OAAe;IACnE,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IAC/C,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oBAmDW,cAAc;;;;;;;;;;;;;;;;QAgB1B,CAAC;AACT,CAAC;AAiBD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAyB;IAEzB,MAAM,EAAE,yBAAyB,EAAE,GACjC,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,MAAM,yBAAyB,EAAE,CAAC;IAChD,IAAI,CAAC,KAAK,CAAC,UAAU,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,aAAa,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACxD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAEhD,MAAM,IAAI,GAA4B;QACpC,WAAW,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE;KACzC,CAAC;IACF,IAAI,IAAI,CAAC,SAAS;QAAE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IACpD,IAAI,IAAI,CAAC,UAAU;QAAE,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;IACvD,IAAI,IAAI,CAAC,SAAS;QAAE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IACpD,IAAI,IAAI,CAAC,MAAM;QAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAE3C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,KAAK,CAAC,UAAU,EAAE;YAC3C,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;KAC3B,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGtD,CAAC;IACF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,GAAG,GACP,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ;YAC9B,CAAC,CAAC,MAAM,CAAC,KAAK;YACd,CAAC,CAAC,6BAA6B,QAAQ,CAAC,MAAM,GAAG,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,OAAO;QACL,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC;QAC3C,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC;QACzC,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC;QAC7B,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,IAAI,YAAY,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,+BAA+B,CACnD,IAA2B;IAE3B,MAAM,EAAE,yBAAyB,EAAE,GACjC,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,MAAM,yBAAyB,EAAE,CAAC;IAChD,IAAI,CAAC,KAAK,CAAC,UAAU,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC;IACzC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,iCAAiC,EAAE,iBAAiB,EAAE,CAAC,CAAC;IAC5E,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAChD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;QACjB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,KAAK,CAAC,UAAU,EAAE;YAC3C,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,SAAS;YACT,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,SAAS;YACtC,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,SAAS;YACxC,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,SAAS;YAC1C,kBAAkB,EAAE,IAAI,CAAC,kBAAkB,IAAI,SAAS;YACxD,QAAQ,EAAE,IAAI,CAAC,gBAAgB,IAAI,SAAS;SAC7C,CAAC;KACH,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGpD,CAAC;IACF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,KAAK,GACT,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ;YAC5B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,mCAAmC,QAAQ,CAAC,MAAM,GAAG,CAAC;QAC5D,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import { createHmac, randomBytes, timingSafeEqual } from \"node:crypto\";\nimport type { H3Event } from \"h3\";\nimport { getAuthSecret } from \"./better-auth-instance.js\";\nimport { getAppBasePath, getOrigin } from \"./google-oauth.js\";\n\nconst DEFAULT_BUILDER_APP_HOST = \"https://builder.io\";\nconst DEFAULT_BUILDER_API_HOST = \"https://api.builder.io\";\nconst BUILDER_BROWSER_HOST = \"agent-native-browser\";\nconst BUILDER_BROWSER_CLIENT_ID = \"Agent Native Browser\";\n\nexport const BUILDER_CALLBACK_PATH = \"/_agent-native/builder/callback\";\n\n/**\n * Query-param name carrying the signed CSRF state on the connect→callback\n * round-trip. Prefixed with `_an_` to avoid collisions if Builder ever\n * adds standard OAuth `state` support to cli-auth. Builder preserves\n * the path/query of `redirect_url` verbatim when redirecting back, so\n * we embed `_an_state=…` inside the redirect_url query string at\n * connect time and read it back on the callback.\n */\nexport const BUILDER_STATE_PARAM = \"_an_state\";\n\nconst BUILDER_STATE_TTL_MS = 10 * 60 * 1000;\n\nexport interface BuilderBrowserStatus {\n  configured: boolean;\n  builderEnabled: boolean;\n  appHost: string;\n  apiHost: string;\n  connectUrl: string;\n  publicKeyConfigured: boolean;\n  privateKeyConfigured: boolean;\n  userId?: string;\n  orgName?: string;\n  orgKind?: string;\n}\n\nexport interface BrowserConnectionArgs {\n  sessionId?: string;\n  projectId?: string;\n  branchName?: string;\n  proxyOrigin?: string;\n  proxyDefaultOrigin?: string;\n  proxyDestination?: string;\n}\n\nfunction macForParts(nonce: string, emailEncoded: string, ts: number): string {\n  return createHmac(\"sha256\", `builder-csrf:${getAuthSecret()}`)\n    .update(`${nonce}.${emailEncoded}.${ts}`)\n    .digest(\"base64url\");\n}\n\n/**\n * Mint a signed CSRF state token bound to the current session's email\n * and a fresh nonce. Round-trips through Builder's cli-auth flow inside\n * the redirect_url query string and is verified on the callback before\n * any keys are written.\n *\n * Why bind to email: it's the only stable, universally-available\n * identity field across all auth modes (Better Auth, BYOA, AUTH_MODE=local).\n * Binding to the session token instead would put the cookie value in a\n * URL that may end up in server logs / browser history.\n */\nexport function signBuilderCallbackState(sessionEmail: string): string {\n  const nonce = randomBytes(16).toString(\"base64url\");\n  const ts = Date.now();\n  const emailEncoded = Buffer.from(sessionEmail, \"utf8\").toString(\"base64url\");\n  const mac = macForParts(nonce, emailEncoded, ts);\n  return `${nonce}.${emailEncoded}.${ts}.${mac}`;\n}\n\n/**\n * Verify a state token produced by `signBuilderCallbackState`. Returns\n * false on any malformed, forged, expired, or cross-session token.\n */\nexport function verifyBuilderCallbackState(\n  token: string | null | undefined,\n  sessionEmail: string,\n): boolean {\n  if (typeof token !== \"string\" || token.length === 0) return false;\n  const parts = token.split(\".\");\n  if (parts.length !== 4) return false;\n  const [nonce, emailEncoded, tsStr, mac] = parts;\n  if (!nonce || !emailEncoded || !tsStr || !mac) return false;\n\n  let boundEmail: string;\n  try {\n    boundEmail = Buffer.from(emailEncoded, \"base64url\").toString(\"utf8\");\n  } catch {\n    return false;\n  }\n  if (boundEmail !== sessionEmail) return false;\n\n  const ts = Number(tsStr);\n  if (!Number.isFinite(ts)) return false;\n  // Reject expired AND far-future timestamps — a clock-skew attacker\n  // (or a bug that mints states with `ts` in the future) shouldn't get\n  // an arbitrarily-long-lived token.\n  if (Math.abs(Date.now() - ts) > BUILDER_STATE_TTL_MS) return false;\n\n  const expected = Buffer.from(macForParts(nonce, emailEncoded, ts));\n  const candidate = Buffer.from(mac);\n  if (expected.length !== candidate.length) return false;\n  return timingSafeEqual(expected, candidate);\n}\n\nfunction isAllowedBrowserReturnUrl(urlString: string): boolean {\n  try {\n    const parsed = new URL(urlString);\n    const hostname = parsed.hostname.toLowerCase();\n    const isAllowedProtocol =\n      parsed.protocol === \"http:\" || parsed.protocol === \"https:\";\n    const isLocalhost =\n      hostname === \"localhost\" ||\n      hostname === \"127.0.0.1\" ||\n      hostname === \"[::1]\";\n    const isBuilderDomain =\n      hostname === \"builder.io\" || hostname.endsWith(\".builder.io\");\n    const isAgentNativeDomain =\n      hostname === \"agent-native.com\" || hostname.endsWith(\".agent-native.com\");\n    return (\n      isAllowedProtocol &&\n      (isLocalhost || isBuilderDomain || isAgentNativeDomain)\n    );\n  } catch {\n    return false;\n  }\n}\n\nfunction normalizeOrigin(origin: string): string {\n  return origin.replace(/\\/+$/, \"\");\n}\n\nexport function getBuilderAppHost(): string {\n  return (\n    process.env.BUILDER_APP_HOST ||\n    process.env.BUILDER_PUBLIC_APP_HOST ||\n    DEFAULT_BUILDER_APP_HOST\n  );\n}\n\nexport function getBuilderApiHost(): string {\n  return (\n    process.env.AIR_HOST ||\n    process.env.BUILDER_HOST ||\n    process.env.BUILDER_API_HOST ||\n    DEFAULT_BUILDER_API_HOST\n  );\n}\n\n/**\n * Build the Builder cli-auth URL for the connect popup. When a signed\n * `state` token is supplied it is embedded inside the `redirect_url`\n * query string so it survives Builder's redirect verbatim — Builder\n * preserves the redirect_url's existing query when appending p-key /\n * api-key / etc., so we don't depend on Builder echoing a top-level\n * `state` parameter (it doesn't).\n *\n * The user-facing connect entry point is `/_agent-native/builder/connect`\n * (a server-side 302). Status / chat-card responses surface that path\n * rather than the cli-auth URL directly, so the 302 handler can mint a\n * fresh state bound to the current session on every click.\n */\nexport function buildBuilderCliAuthUrl(\n  origin: string,\n  state: string | null = null,\n): string {\n  const normalizedOrigin = normalizeOrigin(origin);\n  const appBasePath = getAppBasePath();\n  const callbackUrl = new URL(\n    `${appBasePath}${BUILDER_CALLBACK_PATH}`,\n    normalizedOrigin,\n  );\n  if (state) {\n    callbackUrl.searchParams.set(BUILDER_STATE_PARAM, state);\n  }\n  const url = new URL(\"/cli-auth\", getBuilderAppHost());\n  url.searchParams.set(\"response_type\", \"code\");\n  url.searchParams.set(\"host\", BUILDER_BROWSER_HOST);\n  url.searchParams.set(\"client_id\", BUILDER_BROWSER_CLIENT_ID);\n  url.searchParams.set(\"redirect_url\", callbackUrl.toString());\n  url.searchParams.set(\"preview_url\", `${normalizedOrigin}${appBasePath}`);\n  url.searchParams.set(\"framework\", \"agent-native\");\n  return url.toString();\n}\n\n/**\n * The URL surfaced to clients (chat card, settings panels, status\n * endpoint) as `connectUrl`. Pointing every entry point at our local 302\n * means the cli-auth URL — and the CSRF state token bound to the current\n * session — are minted server-side at click time, instead of being baked\n * into a status response that may be cached or rendered for a different\n * session.\n */\nexport function getBuilderBrowserConnectUrl(origin: string): string {\n  return `${normalizeOrigin(origin)}${getAppBasePath()}/_agent-native/builder/connect`;\n}\n\nexport function getBuilderBrowserStatus(origin: string): BuilderBrowserStatus {\n  return {\n    configured: !!(\n      process.env.BUILDER_PRIVATE_KEY && process.env.BUILDER_PUBLIC_KEY\n    ),\n    builderEnabled: !!process.env.ENABLE_BUILDER,\n    appHost: getBuilderAppHost(),\n    apiHost: getBuilderApiHost(),\n    connectUrl: getBuilderBrowserConnectUrl(origin),\n    publicKeyConfigured: !!process.env.BUILDER_PUBLIC_KEY,\n    privateKeyConfigured: !!process.env.BUILDER_PRIVATE_KEY,\n    userId: process.env.BUILDER_USER_ID || undefined,\n    orgName: process.env.BUILDER_ORG_NAME || undefined,\n    orgKind: process.env.BUILDER_ORG_KIND || undefined,\n  };\n}\n\nexport function getBuilderBrowserStatusForEvent(\n  event: H3Event,\n): BuilderBrowserStatus {\n  return getBuilderBrowserStatus(getOrigin(event));\n}\n\n/**\n * Env vars written by the Builder CLI-auth callback. Single source of truth\n * for the connect/disconnect key set — `getBuilderCallbackEnvVars` and the\n * disconnect handler's scrub loop both derive from this list, so drift\n * (e.g. disconnect silently leaving `BUILDER_USER_ID` behind because\n * someone added a key to one site but not the other) is impossible.\n */\nexport const BUILDER_ENV_KEYS = [\n  \"BUILDER_PRIVATE_KEY\",\n  \"BUILDER_PUBLIC_KEY\",\n  \"BUILDER_USER_ID\",\n  \"BUILDER_ORG_NAME\",\n  \"BUILDER_ORG_KIND\",\n] as const;\n\nexport type BuilderEnvKey = (typeof BUILDER_ENV_KEYS)[number];\n\nexport function getBuilderCallbackEnvVars(params: {\n  privateKey?: string | null;\n  publicKey?: string | null;\n  userId?: string | null;\n  orgName?: string | null;\n  orgKind?: string | null;\n}) {\n  const values: Record<BuilderEnvKey, string> = {\n    BUILDER_PRIVATE_KEY: params.privateKey?.trim() || \"\",\n    BUILDER_PUBLIC_KEY: params.publicKey?.trim() || \"\",\n    BUILDER_USER_ID: params.userId?.trim() || \"\",\n    BUILDER_ORG_NAME: params.orgName?.trim() || \"\",\n    BUILDER_ORG_KIND: params.orgKind?.trim() || \"\",\n  };\n  return BUILDER_ENV_KEYS.map((key) => ({ key, value: values[key] }));\n}\n\nexport function resolveSafePreviewUrl(\n  previewUrl: string | null | undefined,\n  event: H3Event,\n): string {\n  if (previewUrl && isAllowedBrowserReturnUrl(previewUrl)) {\n    return previewUrl;\n  }\n  return getOrigin(event);\n}\n\nexport function createBuilderBrowserCallbackPage(previewUrl: string): string {\n  const escapedUrl = JSON.stringify(previewUrl);\n  return `<!doctype html>\n<html lang=\"en\">\n  <head>\n    <meta charset=\"utf-8\" />\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no\" />\n    <title>Builder Connected</title>\n    <style>\n      body {\n        margin: 0;\n        min-height: 100vh;\n        display: grid;\n        place-items: center;\n        background:\n          radial-gradient(circle at top, rgba(20, 184, 166, 0.18), transparent 38%),\n          linear-gradient(180deg, #f7fafc 0%, #eef2f7 100%);\n        color: #0f172a;\n        font: 14px/1.5 ui-sans-serif, system-ui, sans-serif;\n      }\n      .card {\n        width: min(460px, calc(100vw - 32px));\n        border: 1px solid rgba(15, 23, 42, 0.08);\n        border-radius: 18px;\n        padding: 28px;\n        background: rgba(255, 255, 255, 0.92);\n        box-shadow: 0 24px 80px rgba(15, 23, 42, 0.12);\n      }\n      h1 { margin: 0 0 8px; font-size: 22px; }\n      p { margin: 0 0 12px; color: #475569; }\n      a { color: #0f766e; font-weight: 600; }\n    </style>\n  </head>\n  <body>\n    <main class=\"card\">\n      <h1>Builder connected</h1>\n      <p>Browser access is now available to your agent-native app.</p>\n      <p>You can close this tab and return to the workspace.</p>\n      <p><a href=${escapedUrl} target=\"_blank\" rel=\"noopener noreferrer\">Open the workspace</a></p>\n    </main>\n    <script>\n      // If we're a popup opened by the app, close ourselves and let the\n      // parent tab keep polling for connection status. If close() is\n      // blocked (e.g. we're the top-level tab because popups were\n      // downgraded), fall back to navigating back to the workspace.\n      window.setTimeout(function () {\n        try { window.close(); } catch (e) {}\n        window.setTimeout(function () {\n          if (!window.closed) {\n            window.location.replace(${escapedUrl});\n          }\n        }, 200);\n      }, 700);\n    </script>\n  </body>\n</html>`;\n}\n\n/**\n * HTML page rendered inside the OAuth popup when the callback handler caught\n * an error persisting the per-user Builder credentials. Without this, the\n * popup would show the success page even though the write failed — leaving\n * the parent window stuck on \"Waiting for Builder…\" until the 5-minute poll\n * timeout fires (Midhun reported this on 2026-04-28).\n *\n * The page does two things:\n * 1. Shows the user a clear \"couldn't save credentials\" message with the\n *    underlying error so they can retry or report.\n * 2. `postMessage`s the parent (same-origin opener) so the connect-flow\n *    polling stops immediately rather than waiting for the next /status\n *    poll to surface the SQL `builder-connect-error:<email>` row.\n */\nexport function createBuilderBrowserCallbackErrorPage(message: string): string {\n  const escapedMessage = JSON.stringify(message);\n  return `<!doctype html>\n<html lang=\"en\">\n  <head>\n    <meta charset=\"utf-8\" />\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no\" />\n    <title>Builder connect failed</title>\n    <style>\n      body {\n        margin: 0;\n        min-height: 100vh;\n        display: grid;\n        place-items: center;\n        background:\n          radial-gradient(circle at top, rgba(244, 63, 94, 0.14), transparent 38%),\n          linear-gradient(180deg, #f7fafc 0%, #eef2f7 100%);\n        color: #0f172a;\n        font: 14px/1.5 ui-sans-serif, system-ui, sans-serif;\n      }\n      .card {\n        width: min(460px, calc(100vw - 32px));\n        border: 1px solid rgba(15, 23, 42, 0.08);\n        border-radius: 18px;\n        padding: 28px;\n        background: rgba(255, 255, 255, 0.92);\n        box-shadow: 0 24px 80px rgba(15, 23, 42, 0.12);\n      }\n      h1 { margin: 0 0 8px; font-size: 22px; color: #b91c1c; }\n      p { margin: 0 0 12px; color: #475569; }\n      pre {\n        margin: 0 0 12px;\n        padding: 10px 12px;\n        background: #fef2f2;\n        border: 1px solid #fecaca;\n        border-radius: 8px;\n        color: #991b1b;\n        font-family: ui-monospace, SFMono-Regular, Menlo, monospace;\n        font-size: 12px;\n        white-space: pre-wrap;\n        word-break: break-word;\n      }\n    </style>\n  </head>\n  <body>\n    <main class=\"card\">\n      <h1>Couldn't save Builder connection</h1>\n      <p>Builder authorized your account but the server couldn't persist the credentials.</p>\n      <pre id=\"msg\"></pre>\n      <p>You can close this tab and try again from settings. The connect dialog has the same error so you can copy it.</p>\n    </main>\n    <script>\n      try {\n        var msg = ${escapedMessage};\n        document.getElementById(\"msg\").textContent = msg;\n        // Stop the parent's poll immediately. /builder/status also surfaces\n        // a connectError row written by the callback so the parent picks\n        // this up even if the popup closed before postMessage delivered.\n        if (window.opener && !window.opener.closed) {\n          try {\n            window.opener.postMessage(\n              { type: \"builder-connect-error\", message: msg },\n              window.location.origin,\n            );\n          } catch (e) {}\n        }\n      } catch (e) {}\n    </script>\n  </body>\n</html>`;\n}\n\nexport interface RunBuilderAgentArgs {\n  prompt: string;\n  projectId?: string;\n  branchName?: string;\n  userEmail?: string;\n  userId?: string;\n}\n\nexport interface RunBuilderAgentResult {\n  branchName: string;\n  projectId: string;\n  url: string;\n  status: string;\n}\n\n/**\n * POST a prompt to the Builder agents-run API. The Builder agent runs in a\n * cloud sandbox and writes code to a branch; the returned URL opens that\n * branch in the Visual Editor so the user can watch progress.\n *\n * Spec: https://www.builder.io/c/docs/agents-run-api\n */\nexport async function runBuilderAgent(\n  args: RunBuilderAgentArgs,\n): Promise<RunBuilderAgentResult> {\n  const { resolveBuilderCredentials } =\n    await import(\"./credential-provider.js\");\n  const creds = await resolveBuilderCredentials();\n  if (!creds.privateKey || !creds.publicKey) {\n    throw new Error(\"Builder keys are not configured\");\n  }\n  if (!args.prompt || !args.prompt.trim()) {\n    throw new Error(\"prompt is required\");\n  }\n  if (!args.userEmail && !args.userId) {\n    throw new Error(\"userEmail or userId is required\");\n  }\n\n  const url = new URL(\"/agents/run\", getBuilderApiHost());\n  url.searchParams.set(\"apiKey\", creds.publicKey);\n\n  const body: Record<string, unknown> = {\n    userMessage: { userPrompt: args.prompt },\n  };\n  if (args.projectId) body.projectId = args.projectId;\n  if (args.branchName) body.branchName = args.branchName;\n  if (args.userEmail) body.userEmail = args.userEmail;\n  if (args.userId) body.userId = args.userId;\n\n  const response = await fetch(url, {\n    method: \"POST\",\n    headers: {\n      Authorization: `Bearer ${creds.privateKey}`,\n      \"Content-Type\": \"application/json\",\n    },\n    body: JSON.stringify(body),\n  });\n\n  const parsed = (await response.json().catch(() => ({}))) as Record<\n    string,\n    unknown\n  >;\n  if (!response.ok) {\n    const msg =\n      typeof parsed.error === \"string\"\n        ? parsed.error\n        : `Builder agent run failed (${response.status})`;\n    throw new Error(msg);\n  }\n\n  return {\n    branchName: String(parsed.branchName ?? \"\"),\n    projectId: String(parsed.projectId ?? \"\"),\n    url: String(parsed.url ?? \"\"),\n    status: String(parsed.status ?? \"processing\"),\n  };\n}\n\nexport async function requestBuilderBrowserConnection(\n  args: BrowserConnectionArgs,\n): Promise<Record<string, unknown>> {\n  const { resolveBuilderCredentials } =\n    await import(\"./credential-provider.js\");\n  const creds = await resolveBuilderCredentials();\n  if (!creds.privateKey || !creds.publicKey) {\n    throw new Error(\"Builder browser access is not configured\");\n  }\n\n  const sessionId = args.sessionId?.trim();\n  if (!sessionId) {\n    throw new Error(\"sessionId is required\");\n  }\n\n  const url = new URL(\"/codegen/get-browser-connection\", getBuilderApiHost());\n  url.searchParams.set(\"apiKey\", creds.publicKey);\n  if (creds.userId) {\n    url.searchParams.set(\"userId\", creds.userId);\n  }\n\n  const response = await fetch(url, {\n    method: \"POST\",\n    headers: {\n      Authorization: `Bearer ${creds.privateKey}`,\n      \"Content-Type\": \"application/json\",\n    },\n    body: JSON.stringify({\n      sessionId,\n      projectId: args.projectId || undefined,\n      branchName: args.branchName || undefined,\n      proxyOrigin: args.proxyOrigin || undefined,\n      proxyDefaultOrigin: args.proxyDefaultOrigin || undefined,\n      proxyDst: args.proxyDestination || undefined,\n    }),\n  });\n\n  const body = (await response.json().catch(() => ({}))) as Record<\n    string,\n    unknown\n  >;\n  if (!response.ok) {\n    const error =\n      typeof body.error === \"string\"\n        ? body.error\n        : `Builder browser request failed (${response.status})`;\n    throw new Error(error);\n  }\n\n  return body;\n}\n"]}
+{"version":3,"file":"builder-browser.js","sourceRoot":"","sources":["../../src/server/builder-browser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEvE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9D,MAAM,wBAAwB,GAAG,oBAAoB,CAAC;AACtD,MAAM,wBAAwB,GAAG,wBAAwB,CAAC;AAC1D,MAAM,oBAAoB,GAAG,sBAAsB,CAAC;AACpD,MAAM,yBAAyB,GAAG,sBAAsB,CAAC;AAEzD,MAAM,CAAC,MAAM,qBAAqB,GAAG,iCAAiC,CAAC;AAEvE;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,WAAW,CAAC;AAE/C,MAAM,oBAAoB,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAiC5C,SAAS,WAAW,CAAC,KAAa,EAAE,YAAoB,EAAE,EAAU;IAClE,OAAO,UAAU,CAAC,QAAQ,EAAE,gBAAgB,aAAa,EAAE,EAAE,CAAC;SAC3D,MAAM,CAAC,GAAG,KAAK,IAAI,YAAY,IAAI,EAAE,EAAE,CAAC;SACxC,MAAM,CAAC,WAAW,CAAC,CAAC;AACzB,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,wBAAwB,CAAC,YAAoB;IAC3D,MAAM,KAAK,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACtB,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC7E,MAAM,GAAG,GAAG,WAAW,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;IACjD,OAAO,GAAG,KAAK,IAAI,YAAY,IAAI,EAAE,IAAI,GAAG,EAAE,CAAC;AACjD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CACxC,KAAgC,EAChC,YAAoB;IAEpB,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAClE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACrC,MAAM,CAAC,KAAK,EAAE,YAAY,EAAE,KAAK,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC;IAChD,IAAI,CAAC,KAAK,IAAI,CAAC,YAAY,IAAI,CAAC,KAAK,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAC;IAE5D,IAAI,UAAkB,CAAC;IACvB,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACvE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,UAAU,KAAK,YAAY;QAAE,OAAO,KAAK,CAAC;IAE9C,MAAM,EAAE,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IACzB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QAAE,OAAO,KAAK,CAAC;IACvC,mEAAmE;IACnE,qEAAqE;IACrE,mCAAmC;IACnC,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,CAAC,GAAG,oBAAoB;QAAE,OAAO,KAAK,CAAC;IAEnE,MAAM,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC,CAAC;IACnE,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,QAAQ,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM;QAAE,OAAO,KAAK,CAAC;IACvD,OAAO,eAAe,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,yBAAyB,CAAC,SAAiB;IAClD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;QAClC,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC/C,MAAM,iBAAiB,GACrB,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC;QAC9D,MAAM,WAAW,GACf,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,WAAW;YACxB,QAAQ,KAAK,OAAO,CAAC;QACvB,MAAM,eAAe,GACnB,QAAQ,KAAK,YAAY,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,mBAAmB,GACvB,QAAQ,KAAK,kBAAkB,IAAI,QAAQ,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;QAC5E,OAAO,CACL,iBAAiB;YACjB,CAAC,WAAW,IAAI,eAAe,IAAI,mBAAmB,CAAC,CACxD,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,MAAc;IACrC,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,OAAO,CAAC,GAAG,CAAC,uBAAuB;QACnC,wBAAwB,CACzB,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,QAAQ;QACpB,OAAO,CAAC,GAAG,CAAC,YAAY;QACxB,OAAO,CAAC,GAAG,CAAC,gBAAgB;QAC5B,wBAAwB,CACzB,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,MAAM,iCAAiC,GAC5C,kCAAkC,CAAC;AAErC,MAAM,UAAU,yBAAyB;IACvC,OAAO,CACL,OAAO,CAAC,GAAG,CAAC,2BAA2B;QACvC,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACrC,OAAO,CAAC,GAAG,CAAC,kBAAkB;QAC9B,iCAAiC,CAClC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,yBAAyB;IACvC,OAAO,CAAC,CAAC,CACP,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,MAAM;QACrC,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,GAAG;QAClC,OAAO,CAAC,GAAG,CAAC,2BAA2B;QACvC,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACrC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAC/B,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAc,EACd,QAAuB,IAAI;IAE3B,MAAM,gBAAgB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IACrC,MAAM,WAAW,GAAG,IAAI,GAAG,CACzB,GAAG,WAAW,GAAG,qBAAqB,EAAE,EACxC,gBAAgB,CACjB,CAAC;IACF,IAAI,KAAK,EAAE,CAAC;QACV,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,WAAW,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACtD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;IAC9C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC;IACnD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,yBAAyB,CAAC,CAAC;IAC7D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,WAAW,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC7D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,GAAG,gBAAgB,GAAG,WAAW,EAAE,CAAC,CAAC;IACzE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IAClD,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;AACxB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,2BAA2B,CAAC,MAAc;IACxD,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,GAAG,cAAc,EAAE,gCAAgC,CAAC;AACvF,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,MAAc;IACpD,MAAM,eAAe,GACnB,OAAO,CAAC,GAAG,CAAC,2BAA2B;QACvC,OAAO,CAAC,GAAG,CAAC,yBAAyB;QACrC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;IACjC,MAAM,UAAU,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IACrD,OAAO;QACL,UAAU,EAAE,CAAC,CAAC,CACZ,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAClE;QACD,cAAc,EAAE,yBAAyB,EAAE;QAC3C,yBAAyB,EAAE,CAAC,CAAC,eAAe;QAC5C,eAAe,EAAE,eAAe,IAAI,SAAS;QAC7C,UAAU;QACV,OAAO,EAAE,iBAAiB,EAAE;QAC5B,OAAO,EAAE,iBAAiB,EAAE;QAC5B,UAAU,EAAE,2BAA2B,CAAC,MAAM,CAAC;QAC/C,mBAAmB,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB;QACrD,oBAAoB,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB;QACvD,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,SAAS;QAChD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,SAAS;QAClD,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,SAAS;KACnD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,+BAA+B,CAC7C,KAAc;IAEd,OAAO,uBAAuB,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;AACnD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,qBAAqB;IACrB,oBAAoB;IACpB,iBAAiB;IACjB,kBAAkB;IAClB,kBAAkB;CACV,CAAC;AAIX,MAAM,UAAU,yBAAyB,CAAC,MAMzC;IACC,MAAM,MAAM,GAAkC;QAC5C,mBAAmB,EAAE,MAAM,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,EAAE;QACpD,kBAAkB,EAAE,MAAM,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE;QAClD,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE;QAC5C,gBAAgB,EAAE,MAAM,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE;QAC9C,gBAAgB,EAAE,MAAM,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE;KAC/C,CAAC;IACF,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;AACtE,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,UAAqC,EACrC,KAAc;IAEd,IAAI,UAAU,IAAI,yBAAyB,CAAC,UAAU,CAAC,EAAE,CAAC;QACxD,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,gCAAgC,CAAC,UAAkB;IACjE,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IAC9C,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;mBAoCU,UAAU;;;;;;;;;;;sCAWS,UAAU;;;;;;QAMxC,CAAC;AACT,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,qCAAqC,CAAC,OAAe;IACnE,MAAM,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;IAC/C,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oBAmDW,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;QA2B1B,CAAC;AACT,CAAC;AAiBD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,IAAyB;IAEzB,MAAM,EAAE,yBAAyB,EAAE,GACjC,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,MAAM,yBAAyB,EAAE,CAAC;IAChD,IAAI,CAAC,KAAK,CAAC,UAAU,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;QACxC,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;IACxC,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;IACrD,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,aAAa,EAAE,iBAAiB,EAAE,CAAC,CAAC;IACxD,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAEhD,MAAM,IAAI,GAA4B;QACpC,WAAW,EAAE,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE;KACzC,CAAC;IACF,IAAI,IAAI,CAAC,SAAS;QAAE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IACpD,IAAI,IAAI,CAAC,UAAU;QAAE,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC;IACvD,IAAI,IAAI,CAAC,SAAS;QAAE,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;IACpD,IAAI,IAAI,CAAC,MAAM;QAAE,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;IAE3C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,KAAK,CAAC,UAAU,EAAE;YAC3C,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;KAC3B,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGtD,CAAC;IACF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,GAAG,GACP,OAAO,MAAM,CAAC,KAAK,KAAK,QAAQ;YAC9B,CAAC,CAAC,MAAM,CAAC,KAAK;YACd,CAAC,CAAC,6BAA6B,QAAQ,CAAC,MAAM,GAAG,CAAC;QACtD,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,OAAO;QACL,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC;QAC3C,SAAS,EAAE,MAAM,CAAC,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC;QACzC,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC;QAC7B,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,IAAI,YAAY,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,+BAA+B,CACnD,IAA2B;IAE3B,MAAM,EAAE,yBAAyB,EAAE,GACjC,MAAM,MAAM,CAAC,0BAA0B,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,MAAM,yBAAyB,EAAE,CAAC;IAChD,IAAI,CAAC,KAAK,CAAC,UAAU,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QAC1C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC;IACzC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,iCAAiC,EAAE,iBAAiB,EAAE,CAAC,CAAC;IAC5E,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC;IAChD,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;QACjB,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAChC,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,KAAK,CAAC,UAAU,EAAE;YAC3C,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,SAAS;YACT,SAAS,EAAE,IAAI,CAAC,SAAS,IAAI,SAAS;YACtC,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,SAAS;YACxC,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,SAAS;YAC1C,kBAAkB,EAAE,IAAI,CAAC,kBAAkB,IAAI,SAAS;YACxD,QAAQ,EAAE,IAAI,CAAC,gBAAgB,IAAI,SAAS;SAC7C,CAAC;KACH,CAAC,CAAC;IAEH,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGpD,CAAC;IACF,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,KAAK,GACT,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ;YAC5B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,mCAAmC,QAAQ,CAAC,MAAM,GAAG,CAAC;QAC5D,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC;IACzB,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC","sourcesContent":["import { createHmac, randomBytes, timingSafeEqual } from \"node:crypto\";\nimport type { H3Event } from \"h3\";\nimport { getAuthSecret } from \"./better-auth-instance.js\";\nimport { getAppBasePath, getOrigin } from \"./google-oauth.js\";\n\nconst DEFAULT_BUILDER_APP_HOST = \"https://builder.io\";\nconst DEFAULT_BUILDER_API_HOST = \"https://api.builder.io\";\nconst BUILDER_BROWSER_HOST = \"agent-native-browser\";\nconst BUILDER_BROWSER_CLIENT_ID = \"Agent Native Browser\";\n\nexport const BUILDER_CALLBACK_PATH = \"/_agent-native/builder/callback\";\n\n/**\n * Query-param name carrying the signed CSRF state on the connect→callback\n * round-trip. Prefixed with `_an_` to avoid collisions if Builder ever\n * adds standard OAuth `state` support to cli-auth. Builder preserves\n * the path/query of `redirect_url` verbatim when redirecting back, so\n * we embed `_an_state=…` inside the redirect_url query string at\n * connect time and read it back on the callback.\n */\nexport const BUILDER_STATE_PARAM = \"_an_state\";\n\nconst BUILDER_STATE_TTL_MS = 10 * 60 * 1000;\n\nexport interface BuilderBrowserStatus {\n  configured: boolean;\n  builderEnabled: boolean;\n  branchProjectIdConfigured: boolean;\n  branchProjectId?: string;\n  /**\n   * True when `BUILDER_PRIVATE_KEY` is set at the deployment level. Every\n   * user of this deploy shares the operator's Builder identity; the UI\n   * must hide the per-user connect/disconnect flow and show a read-only\n   * \"managed by deployment\" state instead.\n   */\n  envManaged: boolean;\n  appHost: string;\n  apiHost: string;\n  connectUrl: string;\n  publicKeyConfigured: boolean;\n  privateKeyConfigured: boolean;\n  userId?: string;\n  orgName?: string;\n  orgKind?: string;\n}\n\nexport interface BrowserConnectionArgs {\n  sessionId?: string;\n  projectId?: string;\n  branchName?: string;\n  proxyOrigin?: string;\n  proxyDefaultOrigin?: string;\n  proxyDestination?: string;\n}\n\nfunction macForParts(nonce: string, emailEncoded: string, ts: number): string {\n  return createHmac(\"sha256\", `builder-csrf:${getAuthSecret()}`)\n    .update(`${nonce}.${emailEncoded}.${ts}`)\n    .digest(\"base64url\");\n}\n\n/**\n * Mint a signed CSRF state token bound to the current session's email\n * and a fresh nonce. Round-trips through Builder's cli-auth flow inside\n * the redirect_url query string and is verified on the callback before\n * any keys are written.\n *\n * Why bind to email: it's the only stable, universally-available\n * identity field across all auth modes (Better Auth, BYOA, AUTH_MODE=local).\n * Binding to the session token instead would put the cookie value in a\n * URL that may end up in server logs / browser history.\n */\nexport function signBuilderCallbackState(sessionEmail: string): string {\n  const nonce = randomBytes(16).toString(\"base64url\");\n  const ts = Date.now();\n  const emailEncoded = Buffer.from(sessionEmail, \"utf8\").toString(\"base64url\");\n  const mac = macForParts(nonce, emailEncoded, ts);\n  return `${nonce}.${emailEncoded}.${ts}.${mac}`;\n}\n\n/**\n * Verify a state token produced by `signBuilderCallbackState`. Returns\n * false on any malformed, forged, expired, or cross-session token.\n */\nexport function verifyBuilderCallbackState(\n  token: string | null | undefined,\n  sessionEmail: string,\n): boolean {\n  if (typeof token !== \"string\" || token.length === 0) return false;\n  const parts = token.split(\".\");\n  if (parts.length !== 4) return false;\n  const [nonce, emailEncoded, tsStr, mac] = parts;\n  if (!nonce || !emailEncoded || !tsStr || !mac) return false;\n\n  let boundEmail: string;\n  try {\n    boundEmail = Buffer.from(emailEncoded, \"base64url\").toString(\"utf8\");\n  } catch {\n    return false;\n  }\n  if (boundEmail !== sessionEmail) return false;\n\n  const ts = Number(tsStr);\n  if (!Number.isFinite(ts)) return false;\n  // Reject expired AND far-future timestamps — a clock-skew attacker\n  // (or a bug that mints states with `ts` in the future) shouldn't get\n  // an arbitrarily-long-lived token.\n  if (Math.abs(Date.now() - ts) > BUILDER_STATE_TTL_MS) return false;\n\n  const expected = Buffer.from(macForParts(nonce, emailEncoded, ts));\n  const candidate = Buffer.from(mac);\n  if (expected.length !== candidate.length) return false;\n  return timingSafeEqual(expected, candidate);\n}\n\nfunction isAllowedBrowserReturnUrl(urlString: string): boolean {\n  try {\n    const parsed = new URL(urlString);\n    const hostname = parsed.hostname.toLowerCase();\n    const isAllowedProtocol =\n      parsed.protocol === \"http:\" || parsed.protocol === \"https:\";\n    const isLocalhost =\n      hostname === \"localhost\" ||\n      hostname === \"127.0.0.1\" ||\n      hostname === \"[::1]\";\n    const isBuilderDomain =\n      hostname === \"builder.io\" || hostname.endsWith(\".builder.io\");\n    const isAgentNativeDomain =\n      hostname === \"agent-native.com\" || hostname.endsWith(\".agent-native.com\");\n    return (\n      isAllowedProtocol &&\n      (isLocalhost || isBuilderDomain || isAgentNativeDomain)\n    );\n  } catch {\n    return false;\n  }\n}\n\nfunction normalizeOrigin(origin: string): string {\n  return origin.replace(/\\/+$/, \"\");\n}\n\nexport function getBuilderAppHost(): string {\n  return (\n    process.env.BUILDER_APP_HOST ||\n    process.env.BUILDER_PUBLIC_APP_HOST ||\n    DEFAULT_BUILDER_APP_HOST\n  );\n}\n\nexport function getBuilderApiHost(): string {\n  return (\n    process.env.AIR_HOST ||\n    process.env.BUILDER_HOST ||\n    process.env.BUILDER_API_HOST ||\n    DEFAULT_BUILDER_API_HOST\n  );\n}\n\nexport const DEFAULT_BUILDER_BRANCH_PROJECT_ID =\n  \"274d28fec94b48f2b2d68f2274d390eb\";\n\nexport function getBuilderBranchProjectId(): string {\n  return (\n    process.env.DISPATCH_BUILDER_PROJECT_ID ||\n    process.env.BUILDER_BRANCH_PROJECT_ID ||\n    process.env.BUILDER_PROJECT_ID ||\n    DEFAULT_BUILDER_BRANCH_PROJECT_ID\n  );\n}\n\nexport function isBuilderBranchingEnabled(): boolean {\n  return !!(\n    process.env.ENABLE_BUILDER === \"true\" ||\n    process.env.ENABLE_BUILDER === \"1\" ||\n    process.env.DISPATCH_BUILDER_PROJECT_ID ||\n    process.env.BUILDER_BRANCH_PROJECT_ID ||\n    process.env.BUILDER_PROJECT_ID\n  );\n}\n\n/**\n * Build the Builder cli-auth URL for the connect popup. When a signed\n * `state` token is supplied it is embedded inside the `redirect_url`\n * query string so it survives Builder's redirect verbatim — Builder\n * preserves the redirect_url's existing query when appending p-key /\n * api-key / etc., so we don't depend on Builder echoing a top-level\n * `state` parameter (it doesn't).\n *\n * The user-facing connect entry point is `/_agent-native/builder/connect`\n * (a server-side 302). Status / chat-card responses surface that path\n * rather than the cli-auth URL directly, so the 302 handler can mint a\n * fresh state bound to the current session on every click.\n */\nexport function buildBuilderCliAuthUrl(\n  origin: string,\n  state: string | null = null,\n): string {\n  const normalizedOrigin = normalizeOrigin(origin);\n  const appBasePath = getAppBasePath();\n  const callbackUrl = new URL(\n    `${appBasePath}${BUILDER_CALLBACK_PATH}`,\n    normalizedOrigin,\n  );\n  if (state) {\n    callbackUrl.searchParams.set(BUILDER_STATE_PARAM, state);\n  }\n  const url = new URL(\"/cli-auth\", getBuilderAppHost());\n  url.searchParams.set(\"response_type\", \"code\");\n  url.searchParams.set(\"host\", BUILDER_BROWSER_HOST);\n  url.searchParams.set(\"client_id\", BUILDER_BROWSER_CLIENT_ID);\n  url.searchParams.set(\"redirect_url\", callbackUrl.toString());\n  url.searchParams.set(\"preview_url\", `${normalizedOrigin}${appBasePath}`);\n  url.searchParams.set(\"framework\", \"agent-native\");\n  return url.toString();\n}\n\n/**\n * The URL surfaced to clients (chat card, settings panels, status\n * endpoint) as `connectUrl`. Pointing every entry point at our local 302\n * means the cli-auth URL — and the CSRF state token bound to the current\n * session — are minted server-side at click time, instead of being baked\n * into a status response that may be cached or rendered for a different\n * session.\n */\nexport function getBuilderBrowserConnectUrl(origin: string): string {\n  return `${normalizeOrigin(origin)}${getAppBasePath()}/_agent-native/builder/connect`;\n}\n\nexport function getBuilderBrowserStatus(origin: string): BuilderBrowserStatus {\n  const branchProjectId =\n    process.env.DISPATCH_BUILDER_PROJECT_ID ||\n    process.env.BUILDER_BRANCH_PROJECT_ID ||\n    process.env.BUILDER_PROJECT_ID;\n  const envManaged = !!process.env.BUILDER_PRIVATE_KEY;\n  return {\n    configured: !!(\n      process.env.BUILDER_PRIVATE_KEY && process.env.BUILDER_PUBLIC_KEY\n    ),\n    builderEnabled: isBuilderBranchingEnabled(),\n    branchProjectIdConfigured: !!branchProjectId,\n    branchProjectId: branchProjectId || undefined,\n    envManaged,\n    appHost: getBuilderAppHost(),\n    apiHost: getBuilderApiHost(),\n    connectUrl: getBuilderBrowserConnectUrl(origin),\n    publicKeyConfigured: !!process.env.BUILDER_PUBLIC_KEY,\n    privateKeyConfigured: !!process.env.BUILDER_PRIVATE_KEY,\n    userId: process.env.BUILDER_USER_ID || undefined,\n    orgName: process.env.BUILDER_ORG_NAME || undefined,\n    orgKind: process.env.BUILDER_ORG_KIND || undefined,\n  };\n}\n\nexport function getBuilderBrowserStatusForEvent(\n  event: H3Event,\n): BuilderBrowserStatus {\n  return getBuilderBrowserStatus(getOrigin(event));\n}\n\n/**\n * Env vars written by the Builder CLI-auth callback. Single source of truth\n * for the connect/disconnect key set — `getBuilderCallbackEnvVars` and the\n * disconnect handler's scrub loop both derive from this list, so drift\n * (e.g. disconnect silently leaving `BUILDER_USER_ID` behind because\n * someone added a key to one site but not the other) is impossible.\n */\nexport const BUILDER_ENV_KEYS = [\n  \"BUILDER_PRIVATE_KEY\",\n  \"BUILDER_PUBLIC_KEY\",\n  \"BUILDER_USER_ID\",\n  \"BUILDER_ORG_NAME\",\n  \"BUILDER_ORG_KIND\",\n] as const;\n\nexport type BuilderEnvKey = (typeof BUILDER_ENV_KEYS)[number];\n\nexport function getBuilderCallbackEnvVars(params: {\n  privateKey?: string | null;\n  publicKey?: string | null;\n  userId?: string | null;\n  orgName?: string | null;\n  orgKind?: string | null;\n}) {\n  const values: Record<BuilderEnvKey, string> = {\n    BUILDER_PRIVATE_KEY: params.privateKey?.trim() || \"\",\n    BUILDER_PUBLIC_KEY: params.publicKey?.trim() || \"\",\n    BUILDER_USER_ID: params.userId?.trim() || \"\",\n    BUILDER_ORG_NAME: params.orgName?.trim() || \"\",\n    BUILDER_ORG_KIND: params.orgKind?.trim() || \"\",\n  };\n  return BUILDER_ENV_KEYS.map((key) => ({ key, value: values[key] }));\n}\n\nexport function resolveSafePreviewUrl(\n  previewUrl: string | null | undefined,\n  event: H3Event,\n): string {\n  if (previewUrl && isAllowedBrowserReturnUrl(previewUrl)) {\n    return previewUrl;\n  }\n  return getOrigin(event);\n}\n\nexport function createBuilderBrowserCallbackPage(previewUrl: string): string {\n  const escapedUrl = JSON.stringify(previewUrl);\n  return `<!doctype html>\n<html lang=\"en\">\n  <head>\n    <meta charset=\"utf-8\" />\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no\" />\n    <title>Builder Connected</title>\n    <style>\n      body {\n        margin: 0;\n        min-height: 100vh;\n        display: grid;\n        place-items: center;\n        background:\n          radial-gradient(circle at top, rgba(20, 184, 166, 0.18), transparent 38%),\n          linear-gradient(180deg, #f7fafc 0%, #eef2f7 100%);\n        color: #0f172a;\n        font: 14px/1.5 ui-sans-serif, system-ui, sans-serif;\n      }\n      .card {\n        width: min(460px, calc(100vw - 32px));\n        border: 1px solid rgba(15, 23, 42, 0.08);\n        border-radius: 18px;\n        padding: 28px;\n        background: rgba(255, 255, 255, 0.92);\n        box-shadow: 0 24px 80px rgba(15, 23, 42, 0.12);\n      }\n      h1 { margin: 0 0 8px; font-size: 22px; }\n      p { margin: 0 0 12px; color: #475569; }\n      a { color: #0f766e; font-weight: 600; }\n    </style>\n  </head>\n  <body>\n    <main class=\"card\">\n      <h1>Builder connected</h1>\n      <p>Browser access is now available to your agent-native app.</p>\n      <p>You can close this tab and return to the workspace.</p>\n      <p><a href=${escapedUrl} target=\"_blank\" rel=\"noopener noreferrer\">Open the workspace</a></p>\n    </main>\n    <script>\n      // If we're a popup opened by the app, close ourselves and let the\n      // parent tab keep polling for connection status. If close() is\n      // blocked (e.g. we're the top-level tab because popups were\n      // downgraded), fall back to navigating back to the workspace.\n      window.setTimeout(function () {\n        try { window.close(); } catch (e) {}\n        window.setTimeout(function () {\n          if (!window.closed) {\n            window.location.replace(${escapedUrl});\n          }\n        }, 200);\n      }, 700);\n    </script>\n  </body>\n</html>`;\n}\n\n/**\n * HTML page rendered inside the OAuth popup when the callback handler caught\n * an error persisting the per-user Builder credentials. Without this, the\n * popup would show the success page even though the write failed — leaving\n * the parent window stuck on \"Waiting for Builder…\" until the 5-minute poll\n * timeout fires (Midhun reported this on 2026-04-28).\n *\n * The page does two things:\n * 1. Shows the user a clear \"couldn't save credentials\" message with the\n *    underlying error so they can retry or report.\n * 2. `postMessage`s the parent (same-origin opener) so the connect-flow\n *    polling stops immediately rather than waiting for the next /status\n *    poll to surface the SQL `builder-connect-error:<email>` row.\n */\nexport function createBuilderBrowserCallbackErrorPage(message: string): string {\n  const escapedMessage = JSON.stringify(message);\n  return `<!doctype html>\n<html lang=\"en\">\n  <head>\n    <meta charset=\"utf-8\" />\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no\" />\n    <title>Builder connect failed</title>\n    <style>\n      body {\n        margin: 0;\n        min-height: 100vh;\n        display: grid;\n        place-items: center;\n        background:\n          radial-gradient(circle at top, rgba(244, 63, 94, 0.14), transparent 38%),\n          linear-gradient(180deg, #f7fafc 0%, #eef2f7 100%);\n        color: #0f172a;\n        font: 14px/1.5 ui-sans-serif, system-ui, sans-serif;\n      }\n      .card {\n        width: min(460px, calc(100vw - 32px));\n        border: 1px solid rgba(15, 23, 42, 0.08);\n        border-radius: 18px;\n        padding: 28px;\n        background: rgba(255, 255, 255, 0.92);\n        box-shadow: 0 24px 80px rgba(15, 23, 42, 0.12);\n      }\n      h1 { margin: 0 0 8px; font-size: 22px; color: #b91c1c; }\n      p { margin: 0 0 12px; color: #475569; }\n      pre {\n        margin: 0 0 12px;\n        padding: 10px 12px;\n        background: #fef2f2;\n        border: 1px solid #fecaca;\n        border-radius: 8px;\n        color: #991b1b;\n        font-family: ui-monospace, SFMono-Regular, Menlo, monospace;\n        font-size: 12px;\n        white-space: pre-wrap;\n        word-break: break-word;\n      }\n    </style>\n  </head>\n  <body>\n    <main class=\"card\">\n      <h1>Couldn't save Builder connection</h1>\n      <p>Builder authorized your account but the server couldn't persist the credentials.</p>\n      <pre id=\"msg\"></pre>\n      <p>You can close this tab and try again from settings. The connect dialog has the same error so you can copy it.</p>\n    </main>\n    <script>\n      try {\n        var msg = ${escapedMessage};\n        document.getElementById(\"msg\").textContent = msg;\n        // Notify the parent tab immediately so its polling loop stops\n        // without waiting for the next /builder/status tick.\n        //\n        // BroadcastChannel works across same-origin windows regardless of\n        // opener access — it is the only reliable channel here because\n        // popups opened with window.open(..., \"noopener\") or links with\n        // rel=\"noopener\" have window.opener === null. The legacy\n        // window.opener.postMessage path is kept as a belt-and-suspenders\n        // fallback for non-BroadcastChannel environments.\n        try {\n          var bc = new BroadcastChannel(\"builder-connect:\" + window.location.host);\n          bc.postMessage({ type: \"builder-connect-error\", message: msg });\n          bc.close();\n        } catch (e) {}\n        if (window.opener && !window.opener.closed) {\n          try {\n            window.opener.postMessage(\n              { type: \"builder-connect-error\", message: msg },\n              window.location.origin,\n            );\n          } catch (e) {}\n        }\n      } catch (e) {}\n    </script>\n  </body>\n</html>`;\n}\n\nexport interface RunBuilderAgentArgs {\n  prompt: string;\n  projectId?: string;\n  branchName?: string;\n  userEmail?: string;\n  userId?: string;\n}\n\nexport interface RunBuilderAgentResult {\n  branchName: string;\n  projectId: string;\n  url: string;\n  status: string;\n}\n\n/**\n * POST a prompt to the Builder agents-run API. The Builder agent runs in a\n * cloud sandbox and writes code to a branch; the returned URL opens that\n * branch in the Visual Editor so the user can watch progress.\n *\n * Spec: https://www.builder.io/c/docs/agents-run-api\n */\nexport async function runBuilderAgent(\n  args: RunBuilderAgentArgs,\n): Promise<RunBuilderAgentResult> {\n  const { resolveBuilderCredentials } =\n    await import(\"./credential-provider.js\");\n  const creds = await resolveBuilderCredentials();\n  if (!creds.privateKey || !creds.publicKey) {\n    throw new Error(\"Builder keys are not configured\");\n  }\n  if (!args.prompt || !args.prompt.trim()) {\n    throw new Error(\"prompt is required\");\n  }\n  if (!args.userEmail && !args.userId) {\n    throw new Error(\"userEmail or userId is required\");\n  }\n\n  const url = new URL(\"/agents/run\", getBuilderApiHost());\n  url.searchParams.set(\"apiKey\", creds.publicKey);\n\n  const body: Record<string, unknown> = {\n    userMessage: { userPrompt: args.prompt },\n  };\n  if (args.projectId) body.projectId = args.projectId;\n  if (args.branchName) body.branchName = args.branchName;\n  if (args.userEmail) body.userEmail = args.userEmail;\n  if (args.userId) body.userId = args.userId;\n\n  const response = await fetch(url, {\n    method: \"POST\",\n    headers: {\n      Authorization: `Bearer ${creds.privateKey}`,\n      \"Content-Type\": \"application/json\",\n    },\n    body: JSON.stringify(body),\n  });\n\n  const parsed = (await response.json().catch(() => ({}))) as Record<\n    string,\n    unknown\n  >;\n  if (!response.ok) {\n    const msg =\n      typeof parsed.error === \"string\"\n        ? parsed.error\n        : `Builder agent run failed (${response.status})`;\n    throw new Error(msg);\n  }\n\n  return {\n    branchName: String(parsed.branchName ?? \"\"),\n    projectId: String(parsed.projectId ?? \"\"),\n    url: String(parsed.url ?? \"\"),\n    status: String(parsed.status ?? \"processing\"),\n  };\n}\n\nexport async function requestBuilderBrowserConnection(\n  args: BrowserConnectionArgs,\n): Promise<Record<string, unknown>> {\n  const { resolveBuilderCredentials } =\n    await import(\"./credential-provider.js\");\n  const creds = await resolveBuilderCredentials();\n  if (!creds.privateKey || !creds.publicKey) {\n    throw new Error(\"Builder browser access is not configured\");\n  }\n\n  const sessionId = args.sessionId?.trim();\n  if (!sessionId) {\n    throw new Error(\"sessionId is required\");\n  }\n\n  const url = new URL(\"/codegen/get-browser-connection\", getBuilderApiHost());\n  url.searchParams.set(\"apiKey\", creds.publicKey);\n  if (creds.userId) {\n    url.searchParams.set(\"userId\", creds.userId);\n  }\n\n  const response = await fetch(url, {\n    method: \"POST\",\n    headers: {\n      Authorization: `Bearer ${creds.privateKey}`,\n      \"Content-Type\": \"application/json\",\n    },\n    body: JSON.stringify({\n      sessionId,\n      projectId: args.projectId || undefined,\n      branchName: args.branchName || undefined,\n      proxyOrigin: args.proxyOrigin || undefined,\n      proxyDefaultOrigin: args.proxyDefaultOrigin || undefined,\n      proxyDst: args.proxyDestination || undefined,\n    }),\n  });\n\n  const body = (await response.json().catch(() => ({}))) as Record<\n    string,\n    unknown\n  >;\n  if (!response.ok) {\n    const error =\n      typeof body.error === \"string\"\n        ? body.error\n        : `Builder browser request failed (${response.status})`;\n    throw new Error(error);\n  }\n\n  return body;\n}\n"]}

package/dist/server/core-routes-plugin.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"core-routes-plugin.d.ts","sourceRoot":"","sources":["../../src/server/core-routes-plugin.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAgEvD;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,mBAAmB,CAAC;AAiDvD,KAAK,cAAc,GAAG,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE9D,MAAM,WAAW,uBAAuB;IACtC,wEAAwE;IACxE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,yCAAyC;IACzC,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,oDAAoD;IACpD,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,2DAA2D;IAC3D,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,qEAAqE;IACrE,OAAO,CAAC,EAAE,YAAY,EAAE,CAAC;CAC1B;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,GAAE,uBAA4B,GACpC,cAAc,CA02ChB;AAED;;;;;;;;GAQG;AACH,eAAO,MAAM,uBAAuB,EAAE,cAAyC,CAAC"}
+{"version":3,"file":"core-routes-plugin.d.ts","sourceRoot":"","sources":["../../src/server/core-routes-plugin.ts"],"names":[],"mappings":"AAaA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAwEvD;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,mBAAmB,CAAC;AAiEvD,KAAK,cAAc,GAAG,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;AAE9D,MAAM,WAAW,uBAAuB;IACtC,wEAAwE;IACxE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,yCAAyC;IACzC,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,oDAAoD;IACpD,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,2DAA2D;IAC3D,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,qEAAqE;IACrE,OAAO,CAAC,EAAE,YAAY,EAAE,CAAC;CAC1B;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,GAAE,uBAA4B,GACpC,cAAc,CAuqDhB;AAED;;;;;;;;GAQG;AACH,eAAO,MAAM,uBAAuB,EAAE,cAAyC,CAAC"}