@codemation/host 0.1.7 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +15 -0
- package/dist/{AppConfigFactory-BBEn2B-i.d.ts → AppConfigFactory-DHdAGOmC.d.ts} +3 -3
- package/dist/{AppContainerFactory-CeKsjo8L.js → AppContainerFactory-BKaAUIi-.js} +13 -9
- package/dist/AppContainerFactory-BKaAUIi-.js.map +1 -0
- package/dist/{CodemationConfig-9PkOBCh-.d.ts → CodemationConfig-DBbMU3HB.d.ts} +2 -2
- package/dist/{CodemationConfigNormalizer-DIc-LYqW.d.ts → CodemationConfigNormalizer-C8wC0skq.d.ts} +2 -2
- package/dist/{CodemationConsumerConfigLoader-CeW4bnOg.d.ts → CodemationConsumerConfigLoader-Ceh6sB3X.d.ts} +2 -2
- package/dist/{CodemationPluginListMerger-Cv7CaM5_.d.ts → CodemationPluginListMerger-Cx9DnyR-.d.ts} +5 -5
- package/dist/{CredentialServices-Dp_jXTJo.d.ts → CredentialServices-CYETzKyb.d.ts} +14 -5
- package/dist/{CredentialServices-xVxVA9Tq.js → CredentialServices-D8BBZH1i.js} +40 -6
- package/dist/CredentialServices-D8BBZH1i.js.map +1 -0
- package/dist/{PublicFrontendBootstrapFactory-SQVHMxLg.d.ts → PublicFrontendBootstrapFactory-DeMjp3cs.d.ts} +2 -2
- package/dist/consumer.d.ts +4 -4
- package/dist/credentials.d.ts +3 -3
- package/dist/credentials.js +1 -1
- package/dist/devServerSidecar.d.ts +1 -1
- package/dist/{index-CLRTQLAp.d.ts → index-dK05sTQ4.d.ts} +9 -1
- package/dist/index.d.ts +10 -10
- package/dist/index.js +3 -3
- package/dist/nextServer.d.ts +9 -8
- package/dist/nextServer.js +2 -2
- package/dist/{persistenceServer-Dv7fg_Jf.d.ts → persistenceServer-D9vUTMqc.d.ts} +2 -2
- package/dist/persistenceServer.d.ts +5 -5
- package/dist/{server-CioY8PP3.js → server-C-WZcsId.js} +3 -3
- package/dist/{server-CioY8PP3.js.map → server-C-WZcsId.js.map} +1 -1
- package/dist/{server-C5oqDnZQ.d.ts → server-fxqY2WEi.d.ts} +5 -5
- package/dist/server.d.ts +8 -8
- package/dist/server.js +3 -3
- package/package.json +5 -5
- package/src/domain/credentials/CredentialInstanceService.ts +8 -1
- package/src/domain/credentials/CredentialOAuth2ScopeResolver.ts +61 -0
- package/src/domain/credentials/CredentialServices.ts +1 -0
- package/src/domain/credentials/OAuth2ConnectServiceFactory.ts +9 -2
- package/dist/AppContainerFactory-CeKsjo8L.js.map +0 -1
- package/dist/CredentialServices-xVxVA9Tq.js.map +0 -1
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { a as CodemationWhitelabelConfig, o as CodemationLogConfig, t as CodemationAuthConfig, u as LoggerFactory } from "./CodemationAuthConfig-7hEfICPf.js";
|
|
2
|
-
import { B as Container, H as EngineExecutionLimitsPolicyConfig, N as WorkflowDefinition, V as TypeToken, s as AnyCredentialType } from "./index-
|
|
2
|
+
import { B as Container, H as EngineExecutionLimitsPolicyConfig, N as WorkflowDefinition, V as TypeToken, s as AnyCredentialType } from "./index-dK05sTQ4.js";
|
|
3
3
|
|
|
4
4
|
//#region src/presentation/config/CodemationClassToken.d.ts
|
|
5
5
|
type CodemationClassToken<TValue> = TypeToken<TValue> & (new (...args: never[]) => TValue);
|
|
@@ -177,4 +177,4 @@ interface CodemationConfig {
|
|
|
177
177
|
}
|
|
178
178
|
//#endregion
|
|
179
179
|
export { CodemationContainerRegistration as C, CodemationPluginPackageMetadata as S, AppPersistenceConfig as _, CodemationConfig as a, CodemationPluginConfig as b, CodemationEngineExecutionLimitsConfig as c, CodemationSchedulerConfig as d, CodemationSchedulerKind as f, AppConfig as g, CodemationRegistrationContextBase as h, CodemationApplicationRuntimeConfig as i, CodemationEventBusConfig as l, CodemationAppContext as m, CodemationAppSchedulerConfig as n, CodemationDatabaseConfig as o, CodemationWorkflowDiscovery as p, CodemationAppSchedulerKind as r, CodemationDatabaseKind as s, CodemationAppDefinition as t, CodemationEventBusKind as u, AppPluginLoadSummary as v, CodemationClassToken as w, CodemationPluginContext as x, CodemationPlugin as y };
|
|
180
|
-
//# sourceMappingURL=CodemationConfig-
|
|
180
|
+
//# sourceMappingURL=CodemationConfig-DBbMU3HB.d.ts.map
|
package/dist/{CodemationConfigNormalizer-DIc-LYqW.d.ts → CodemationConfigNormalizer-C8wC0skq.d.ts}
RENAMED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { C as CodemationContainerRegistration, a as CodemationConfig } from "./CodemationConfig-
|
|
1
|
+
import { C as CodemationContainerRegistration, a as CodemationConfig } from "./CodemationConfig-DBbMU3HB.js";
|
|
2
2
|
|
|
3
3
|
//#region src/presentation/config/CodemationConfigNormalizer.d.ts
|
|
4
4
|
type NormalizedCodemationConfig = CodemationConfig & Readonly<{
|
|
@@ -6,4 +6,4 @@ type NormalizedCodemationConfig = CodemationConfig & Readonly<{
|
|
|
6
6
|
}>;
|
|
7
7
|
//#endregion
|
|
8
8
|
export { NormalizedCodemationConfig as t };
|
|
9
|
-
//# sourceMappingURL=CodemationConfigNormalizer-
|
|
9
|
+
//# sourceMappingURL=CodemationConfigNormalizer-C8wC0skq.d.ts.map
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { t as NormalizedCodemationConfig } from "./CodemationConfigNormalizer-
|
|
1
|
+
import { t as NormalizedCodemationConfig } from "./CodemationConfigNormalizer-C8wC0skq.js";
|
|
2
2
|
|
|
3
3
|
//#region src/presentation/server/CodemationConsumerAppResolver.d.ts
|
|
4
4
|
type CodemationConsumerApp = Readonly<{
|
|
@@ -63,4 +63,4 @@ declare class CodemationConsumerConfigLoader {
|
|
|
63
63
|
}
|
|
64
64
|
//#endregion
|
|
65
65
|
export { CodemationConsumerAppResolver as i, CodemationConsumerConfigResolution as n, CodemationConsumerApp as r, CodemationConsumerConfigLoader as t };
|
|
66
|
-
//# sourceMappingURL=CodemationConsumerConfigLoader-
|
|
66
|
+
//# sourceMappingURL=CodemationConsumerConfigLoader-Ceh6sB3X.d.ts.map
|
package/dist/{CodemationPluginListMerger-Cv7CaM5_.d.ts → CodemationPluginListMerger-Cx9DnyR-.d.ts}
RENAMED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import { a as CodemationWhitelabelConfig, l as Logger, t as CodemationAuthConfig, u as LoggerFactory } from "./CodemationAuthConfig-7hEfICPf.js";
|
|
2
|
-
import { $ as RunSummary, B as Container, L as NodeExecutionRequestHandler, N as WorkflowDefinition, P as WorkflowId, Q as RunPruneCandidate, R as NodeExecutionScheduler, U as RunEvent, V as TypeToken, W as RunEventBus, X as PersistedRunState, Y as WorkflowRunDetailDto, Z as RunCurrentState, et as Clock, k as RunId, n as Engine, q as WorkflowActivationPolicy, s as AnyCredentialType, z as WorkflowRepository } from "./index-
|
|
3
|
-
import { C as CodemationContainerRegistration, S as CodemationPluginPackageMetadata, g as AppConfig, y as CodemationPlugin } from "./CodemationConfig-
|
|
4
|
-
import { t as CredentialStore } from "./CredentialServices-
|
|
5
|
-
import { n as PrismaMigrationDeployer, r as PrismaDatabaseClient } from "./AppConfigFactory-
|
|
2
|
+
import { $ as RunSummary, B as Container, L as NodeExecutionRequestHandler, N as WorkflowDefinition, P as WorkflowId, Q as RunPruneCandidate, R as NodeExecutionScheduler, U as RunEvent, V as TypeToken, W as RunEventBus, X as PersistedRunState, Y as WorkflowRunDetailDto, Z as RunCurrentState, et as Clock, k as RunId, n as Engine, q as WorkflowActivationPolicy, s as AnyCredentialType, z as WorkflowRepository } from "./index-dK05sTQ4.js";
|
|
3
|
+
import { C as CodemationContainerRegistration, S as CodemationPluginPackageMetadata, g as AppConfig, y as CodemationPlugin } from "./CodemationConfig-DBbMU3HB.js";
|
|
4
|
+
import { t as CredentialStore } from "./CredentialServices-CYETzKyb.js";
|
|
5
|
+
import { n as PrismaMigrationDeployer, r as PrismaDatabaseClient } from "./AppConfigFactory-DHdAGOmC.js";
|
|
6
6
|
import "reflect-metadata";
|
|
7
7
|
import { Hono } from "hono";
|
|
8
8
|
|
|
@@ -354,4 +354,4 @@ declare class CodemationPluginListMerger {
|
|
|
354
354
|
}
|
|
355
355
|
//#endregion
|
|
356
356
|
export { Command as _, WorkflowDebuggerOverlayRepository as a, WorkerRuntime as c, AppContainerLifecycle as d, AppContainerFactory as f, CommandBus as g, Query as h, HonoApiRouteRegistrar as i, FrontendRuntime as l, QueryBus as m, CodemationBootstrapRequest as n, WorkflowRunRepository as o, WorkflowWebsocketServer as p, ApplicationTokens as r, SessionVerifier as s, CodemationPluginListMerger as t, DatabaseMigrations as u };
|
|
357
|
-
//# sourceMappingURL=CodemationPluginListMerger-
|
|
357
|
+
//# sourceMappingURL=CodemationPluginListMerger-Cx9DnyR-.d.ts.map
|
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { C as CredentialTypeId, N as WorkflowDefinition, S as CredentialTypeDefinition, _ as CredentialRequirement, b as CredentialSetupStatus, c as CredentialBinding, d as CredentialHealth, f as CredentialInstanceId, h as CredentialMaterialSourceKind, l as CredentialBindingKey, m as CredentialJsonRecord, p as CredentialInstanceRecord, s as AnyCredentialType, u as CredentialFieldSchema, w as CredentialTypeRegistry, x as CredentialType, y as CredentialSessionService, z as WorkflowRepository } from "./index-
|
|
2
|
-
import { g as AppConfig } from "./CodemationConfig-
|
|
1
|
+
import { C as CredentialTypeId, N as WorkflowDefinition, S as CredentialTypeDefinition, _ as CredentialRequirement, b as CredentialSetupStatus, c as CredentialBinding, d as CredentialHealth, f as CredentialInstanceId, g as CredentialOAuth2AuthDefinition, h as CredentialMaterialSourceKind, l as CredentialBindingKey, m as CredentialJsonRecord, p as CredentialInstanceRecord, s as AnyCredentialType, u as CredentialFieldSchema, w as CredentialTypeRegistry, x as CredentialType, y as CredentialSessionService, z as WorkflowRepository } from "./index-dK05sTQ4.js";
|
|
2
|
+
import { g as AppConfig } from "./CodemationConfig-DBbMU3HB.js";
|
|
3
3
|
|
|
4
4
|
//#region src/domain/credentials/CredentialTypeRegistryImpl.d.ts
|
|
5
5
|
declare class CredentialTypeRegistryImpl implements CredentialTypeRegistry {
|
|
@@ -146,6 +146,14 @@ declare class CredentialMaterialResolver {
|
|
|
146
146
|
private resolveEnvMaterial;
|
|
147
147
|
}
|
|
148
148
|
//#endregion
|
|
149
|
+
//#region src/domain/credentials/CredentialOAuth2ScopeResolver.d.ts
|
|
150
|
+
declare class CredentialOAuth2ScopeResolver {
|
|
151
|
+
resolveRequestedScopes(auth: CredentialOAuth2AuthDefinition, publicConfig: JsonRecord): ReadonlyArray<string>;
|
|
152
|
+
private resolveString;
|
|
153
|
+
private resolveScopeList;
|
|
154
|
+
private dedupe;
|
|
155
|
+
}
|
|
156
|
+
//#endregion
|
|
149
157
|
//#region src/domain/credentials/CredentialInstanceService.d.ts
|
|
150
158
|
declare class CredentialInstanceService {
|
|
151
159
|
private readonly credentialStore;
|
|
@@ -153,8 +161,9 @@ declare class CredentialInstanceService {
|
|
|
153
161
|
private readonly credentialSecretCipher;
|
|
154
162
|
private readonly credentialFieldEnvOverlayService;
|
|
155
163
|
private readonly credentialMaterialResolver;
|
|
164
|
+
private readonly credentialOAuth2ScopeResolver;
|
|
156
165
|
private readonly credentialSessionService;
|
|
157
|
-
constructor(credentialStore: CredentialStore, credentialTypeRegistry: CredentialTypeRegistryImpl, credentialSecretCipher: CredentialSecretCipher, credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService, credentialMaterialResolver: CredentialMaterialResolver, credentialSessionService: MutableCredentialSessionService);
|
|
166
|
+
constructor(credentialStore: CredentialStore, credentialTypeRegistry: CredentialTypeRegistryImpl, credentialSecretCipher: CredentialSecretCipher, credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService, credentialMaterialResolver: CredentialMaterialResolver, credentialOAuth2ScopeResolver: CredentialOAuth2ScopeResolver, credentialSessionService: MutableCredentialSessionService);
|
|
158
167
|
listInstances(): Promise<ReadonlyArray<CredentialInstanceDto>>;
|
|
159
168
|
getInstance(instanceId: CredentialInstanceId): Promise<CredentialInstanceDto | undefined>;
|
|
160
169
|
getInstanceWithSecrets(instanceId: CredentialInstanceId): Promise<CredentialInstanceWithSecretsDto | undefined>;
|
|
@@ -288,5 +297,5 @@ type MutableCredentialSessionService = CredentialSessionService & Readonly<{
|
|
|
288
297
|
evictBinding(bindingKey: CredentialBindingKey): void;
|
|
289
298
|
}>;
|
|
290
299
|
//#endregion
|
|
291
|
-
export { CredentialInstanceService as a,
|
|
292
|
-
//# sourceMappingURL=CredentialServices-
|
|
300
|
+
export { CredentialInstanceService as a, CredentialSecretCipher as c, CredentialBindingService as i, CredentialFieldEnvOverlayService as l, CredentialType$1 as n, CredentialOAuth2ScopeResolver as o, CredentialRuntimeMaterialService as r, CredentialMaterialResolver as s, CredentialStore as t, CredentialTypeRegistryImpl as u };
|
|
301
|
+
//# sourceMappingURL=CredentialServices-CYETzKyb.d.ts.map
|
|
@@ -420,16 +420,48 @@ CredentialMaterialResolver = __decorate([
|
|
|
420
420
|
])
|
|
421
421
|
], CredentialMaterialResolver);
|
|
422
422
|
|
|
423
|
+
//#endregion
|
|
424
|
+
//#region src/domain/credentials/CredentialOAuth2ScopeResolver.ts
|
|
425
|
+
let CredentialOAuth2ScopeResolver = class CredentialOAuth2ScopeResolver$1 {
|
|
426
|
+
resolveRequestedScopes(auth, publicConfig) {
|
|
427
|
+
const scopesFromPublicConfig = auth.scopesFromPublicConfig;
|
|
428
|
+
if (!scopesFromPublicConfig) return [...auth.scopes];
|
|
429
|
+
const preset = this.resolveString(publicConfig[scopesFromPublicConfig.presetFieldKey]);
|
|
430
|
+
if (!preset) return [...auth.scopes];
|
|
431
|
+
const presetScopes = scopesFromPublicConfig.presetScopes[preset];
|
|
432
|
+
if (presetScopes) return [...presetScopes];
|
|
433
|
+
if (preset !== (scopesFromPublicConfig.customPresetKey ?? "custom")) return [...auth.scopes];
|
|
434
|
+
const customScopes = this.resolveScopeList(publicConfig[scopesFromPublicConfig.customScopesFieldKey ?? "customScopes"]);
|
|
435
|
+
if (customScopes.length > 0) return customScopes;
|
|
436
|
+
return [...auth.scopes];
|
|
437
|
+
}
|
|
438
|
+
resolveString(value) {
|
|
439
|
+
if (typeof value !== "string") return;
|
|
440
|
+
const normalized = value.trim();
|
|
441
|
+
return normalized.length > 0 ? normalized : void 0;
|
|
442
|
+
}
|
|
443
|
+
resolveScopeList(value) {
|
|
444
|
+
if (Array.isArray(value)) return this.dedupe(value.map((entry) => typeof entry === "string" ? entry.trim() : "").filter((entry) => entry.length > 0));
|
|
445
|
+
if (typeof value !== "string") return [];
|
|
446
|
+
return this.dedupe(value.split(/[\s,]+/).map((entry) => entry.trim()).filter((entry) => entry.length > 0));
|
|
447
|
+
}
|
|
448
|
+
dedupe(entries) {
|
|
449
|
+
return [...new Set(entries)];
|
|
450
|
+
}
|
|
451
|
+
};
|
|
452
|
+
CredentialOAuth2ScopeResolver = __decorate([injectable()], CredentialOAuth2ScopeResolver);
|
|
453
|
+
|
|
423
454
|
//#endregion
|
|
424
455
|
//#region src/domain/credentials/CredentialInstanceService.ts
|
|
425
|
-
var _ref$4, _ref2$4, _ref3$3, _ref4$2;
|
|
456
|
+
var _ref$4, _ref2$4, _ref3$3, _ref4$2, _ref5;
|
|
426
457
|
let CredentialInstanceService = class CredentialInstanceService$1 {
|
|
427
|
-
constructor(credentialStore, credentialTypeRegistry, credentialSecretCipher, credentialFieldEnvOverlayService, credentialMaterialResolver, credentialSessionService) {
|
|
458
|
+
constructor(credentialStore, credentialTypeRegistry, credentialSecretCipher, credentialFieldEnvOverlayService, credentialMaterialResolver, credentialOAuth2ScopeResolver, credentialSessionService) {
|
|
428
459
|
this.credentialStore = credentialStore;
|
|
429
460
|
this.credentialTypeRegistry = credentialTypeRegistry;
|
|
430
461
|
this.credentialSecretCipher = credentialSecretCipher;
|
|
431
462
|
this.credentialFieldEnvOverlayService = credentialFieldEnvOverlayService;
|
|
432
463
|
this.credentialMaterialResolver = credentialMaterialResolver;
|
|
464
|
+
this.credentialOAuth2ScopeResolver = credentialOAuth2ScopeResolver;
|
|
433
465
|
this.credentialSessionService = credentialSessionService;
|
|
434
466
|
}
|
|
435
467
|
async listInstances() {
|
|
@@ -640,7 +672,7 @@ let CredentialInstanceService = class CredentialInstanceService$1 {
|
|
|
640
672
|
if (!material) return {
|
|
641
673
|
status: "disconnected",
|
|
642
674
|
providerId,
|
|
643
|
-
scopes: [...credentialType.definition.auth.
|
|
675
|
+
scopes: [...this.credentialOAuth2ScopeResolver.resolveRequestedScopes(credentialType.definition.auth, instance.publicConfig)]
|
|
644
676
|
};
|
|
645
677
|
return {
|
|
646
678
|
status: "connected",
|
|
@@ -659,13 +691,15 @@ CredentialInstanceService = __decorate([
|
|
|
659
691
|
__decorateParam(2, inject(CredentialSecretCipher)),
|
|
660
692
|
__decorateParam(3, inject(CredentialFieldEnvOverlayService)),
|
|
661
693
|
__decorateParam(4, inject(CredentialMaterialResolver)),
|
|
662
|
-
__decorateParam(5, inject(
|
|
694
|
+
__decorateParam(5, inject(CredentialOAuth2ScopeResolver)),
|
|
695
|
+
__decorateParam(6, inject(CoreTokens.CredentialSessionService)),
|
|
663
696
|
__decorateMetadata("design:paramtypes", [
|
|
664
697
|
Object,
|
|
665
698
|
typeof (_ref$4 = typeof CredentialTypeRegistryImpl !== "undefined" && CredentialTypeRegistryImpl) === "function" ? _ref$4 : Object,
|
|
666
699
|
typeof (_ref2$4 = typeof CredentialSecretCipher !== "undefined" && CredentialSecretCipher) === "function" ? _ref2$4 : Object,
|
|
667
700
|
typeof (_ref3$3 = typeof CredentialFieldEnvOverlayService !== "undefined" && CredentialFieldEnvOverlayService) === "function" ? _ref3$3 : Object,
|
|
668
701
|
typeof (_ref4$2 = typeof CredentialMaterialResolver !== "undefined" && CredentialMaterialResolver) === "function" ? _ref4$2 : Object,
|
|
702
|
+
typeof (_ref5 = typeof CredentialOAuth2ScopeResolver !== "undefined" && CredentialOAuth2ScopeResolver) === "function" ? _ref5 : Object,
|
|
669
703
|
Object
|
|
670
704
|
])
|
|
671
705
|
], CredentialInstanceService);
|
|
@@ -972,5 +1006,5 @@ CredentialTestService = __decorate([
|
|
|
972
1006
|
], CredentialTestService);
|
|
973
1007
|
|
|
974
1008
|
//#endregion
|
|
975
|
-
export { CredentialInstanceService as a,
|
|
976
|
-
//# sourceMappingURL=CredentialServices-
|
|
1009
|
+
export { CredentialInstanceService as a, CredentialSecretCipher as c, ApplicationTokens as d, ApplicationRequestError as f, OpenAiApiKeyCredentialHealthTester as h, CredentialBindingService as i, CredentialFieldEnvOverlayService as l, OpenAiApiKeyCredentialTypeFactory as m, CredentialSessionServiceImpl as n, CredentialOAuth2ScopeResolver as o, CredentialTypeRegistryImpl as p, CredentialRuntimeMaterialService as r, CredentialMaterialResolver as s, CredentialTestService as t, WorkflowCredentialNodeResolver as u };
|
|
1010
|
+
//# sourceMappingURL=CredentialServices-D8BBZH1i.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"CredentialServices-D8BBZH1i.js","names":["fetchImpl: typeof globalThis.fetch","healthTester: OpenAiApiKeyCredentialHealthTester","CredentialTypeRegistryImpl","WorkflowCredentialNodeResolver","entry","labels: string[]","CredentialFieldEnvOverlayService","appConfig: AppConfig","pub: Record<string, unknown>","mat: Record<string, unknown>","CredentialSecretCipher","appConfig: AppConfig","CredentialMaterialResolver","credentialStore: CredentialStore","credentialSecretCipher: CredentialSecretCipher","appConfig: AppConfig","resolved: Record<string, unknown>","missingEnvironmentVariables: string[]","CredentialOAuth2ScopeResolver","CredentialInstanceService","credentialStore: CredentialStore","credentialTypeRegistry: CredentialTypeRegistryImpl","credentialSecretCipher: CredentialSecretCipher","credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService","credentialMaterialResolver: CredentialMaterialResolver","credentialOAuth2ScopeResolver: CredentialOAuth2ScopeResolver","credentialSessionService: MutableCredentialSessionService","instance: CredentialInstanceRecord","updatedInstance: CredentialInstanceRecord","out: Record<string, unknown>","CredentialBindingService","credentialStore: CredentialStore","credentialInstanceService: CredentialInstanceService","workflowRepository: WorkflowRepository","credentialSessionService: MutableCredentialSessionService","workflowCredentialNodeResolver: WorkflowCredentialNodeResolver","binding: CredentialBinding","slots: WorkflowCredentialHealthSlotDto[]","CredentialRuntimeMaterialService","credentialStore: CredentialStore","credentialMaterialResolver: CredentialMaterialResolver","credentialSecretCipher: CredentialSecretCipher","credentialTypeRegistry: CredentialTypeRegistryImpl","CredentialSessionServiceImpl","credentialStore: CredentialStore","credentialRuntimeMaterialService: CredentialRuntimeMaterialService","credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService","credentialTypeRegistry: CredentialTypeRegistryImpl","workflowRepository: WorkflowRepository","workflowCredentialNodeResolver: WorkflowCredentialNodeResolver","bindingKey: CredentialBindingKey","CredentialTestService","credentialInstanceService: CredentialInstanceService","credentialRuntimeMaterialService: CredentialRuntimeMaterialService","credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService","credentialTypeRegistry: CredentialTypeRegistryImpl","credentialStore: CredentialStore","credentialSessionService: MutableCredentialSessionService"],"sources":["../src/infrastructure/credentials/OpenAiApiKeyCredentialHealthTester.ts","../src/infrastructure/credentials/OpenAiApiKeyCredentialTypeFactory.ts","../src/domain/credentials/CredentialTypeRegistryImpl.ts","../src/application/ApplicationRequestError.ts","../src/applicationTokens.ts","../src/domain/credentials/WorkflowCredentialNodeResolver.ts","../src/domain/credentials/CredentialFieldEnvOverlayService.ts","../src/domain/credentials/CredentialSecretCipher.ts","../src/domain/credentials/CredentialMaterialResolver.ts","../src/domain/credentials/CredentialOAuth2ScopeResolver.ts","../src/domain/credentials/CredentialInstanceService.ts","../src/domain/credentials/CredentialBindingService.ts","../src/domain/credentials/CredentialRuntimeMaterialService.ts","../src/domain/credentials/CredentialSessionServiceImpl.ts","../src/domain/credentials/CredentialTestService.ts"],"sourcesContent":["import type { CredentialHealth, CredentialSessionFactoryArgs } from \"@codemation/core\";\n\nimport type { OpenAiApiKeyMaterial, OpenAiApiKeyPublicConfig } from \"./OpenAiApiKeyCredentialShapes.types\";\n\n/**\n * Verifies an OpenAI-compatible API key by calling the provider's models list endpoint\n * (GET `/v1/models` relative to the configured base URL).\n */\nexport class OpenAiApiKeyCredentialHealthTester {\n constructor(private readonly fetchImpl: typeof globalThis.fetch) {}\n\n async test(\n args: CredentialSessionFactoryArgs<OpenAiApiKeyPublicConfig, OpenAiApiKeyMaterial>,\n ): Promise<CredentialHealth> {\n const testedAt = new Date().toISOString();\n const apiKey = String(args.material.apiKey ?? \"\").trim();\n if (apiKey.length === 0) {\n return {\n status: \"failing\",\n message: \"OpenAI API key is empty.\",\n testedAt,\n };\n }\n\n const modelsUrl = this.resolveModelsListUrl(args.publicConfig.baseUrl);\n\n try {\n const response = await this.fetchImpl(modelsUrl, {\n method: \"GET\",\n headers: {\n Authorization: `Bearer ${apiKey}`,\n },\n signal: AbortSignal.timeout(25_000),\n });\n\n if (response.ok) {\n return {\n status: \"healthy\",\n message: \"API key verified against the models endpoint.\",\n testedAt,\n };\n }\n\n const message = await this.parseErrorMessage(response);\n return {\n status: \"failing\",\n message,\n testedAt,\n };\n } catch (error) {\n return {\n status: \"failing\",\n message: error instanceof Error ? error.message : String(error),\n testedAt,\n };\n }\n }\n\n private resolveModelsListUrl(baseUrlRaw: unknown): string {\n const defaultBase = \"https://api.openai.com/v1\";\n const raw = typeof baseUrlRaw === \"string\" ? baseUrlRaw.trim() : \"\";\n const base = raw === \"\" ? defaultBase : raw.replace(/\\/+$/, \"\");\n if (base.endsWith(\"/models\")) {\n return base;\n }\n if (base.endsWith(\"/v1\")) {\n return `${base}/models`;\n }\n return `${base}/v1/models`;\n }\n\n private async parseErrorMessage(response: Response): Promise<string> {\n const prefix = `HTTP ${response.status}`;\n try {\n const text = await response.text();\n if (text.trim() === \"\") {\n return prefix;\n }\n const parsed = JSON.parse(text) as { error?: { message?: string } };\n const fromApi = parsed.error?.message;\n if (typeof fromApi === \"string\" && fromApi.trim() !== \"\") {\n return `${prefix}: ${fromApi.trim()}`;\n }\n return `${prefix}: ${text.length > 280 ? `${text.slice(0, 280)}…` : text}`;\n } catch {\n return prefix;\n }\n }\n}\n","import type { CredentialType } from \"../../domain/credentials/CredentialServices\";\n\nimport type { OpenAiApiKeyCredentialHealthTester } from \"./OpenAiApiKeyCredentialHealthTester\";\nimport type {\n OpenAiApiKeyMaterial,\n OpenAiApiKeyPublicConfig,\n OpenAiApiKeySession,\n} from \"./OpenAiApiKeyCredentialShapes.types\";\n\n/**\n * Builds the OpenAI-compatible API key credential (`openai.apiKey`) registration.\n * Used by {@link FrameworkBuiltinCredentialTypesRegistrar} and may be listed in {@link CodemationConfig.credentialTypes}\n * so consumer apps always register the type even when bootstrap order differs.\n */\nexport class OpenAiApiKeyCredentialTypeFactory {\n constructor(private readonly healthTester: OpenAiApiKeyCredentialHealthTester) {}\n\n createCredentialType(): CredentialType<OpenAiApiKeyPublicConfig, OpenAiApiKeyMaterial, OpenAiApiKeySession> {\n return {\n definition: {\n typeId: \"openai.apiKey\",\n displayName: \"OpenAI API key\",\n description: \"API key and optional base URL for OpenAI or OpenAI-compatible chat endpoints.\",\n publicFields: [\n {\n key: \"baseUrl\",\n label: \"Base URL\",\n type: \"string\",\n placeholder: \"https://api.openai.com/v1\",\n helpText: \"Leave empty to use the default OpenAI API endpoint.\",\n },\n ],\n secretFields: [{ key: \"apiKey\", label: \"API key\", type: \"password\", required: true }],\n supportedSourceKinds: [\"db\", \"env\", \"code\"],\n },\n createSession: async (args) => {\n const baseUrlRaw = args.publicConfig.baseUrl;\n const baseUrl = typeof baseUrlRaw === \"string\" && baseUrlRaw.trim() !== \"\" ? baseUrlRaw.trim() : undefined;\n return {\n apiKey: String(args.material.apiKey ?? \"\"),\n baseUrl,\n };\n },\n test: async (args) => this.healthTester.test(args),\n };\n }\n}\n","import type { CredentialTypeDefinition, CredentialTypeId, CredentialTypeRegistry } from \"@codemation/core\";\n\nimport { injectable } from \"@codemation/core\";\n\nimport type { AnyCredentialType, CredentialType } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialTypeRegistryImpl implements CredentialTypeRegistry {\n private readonly credentialTypesById = new Map<CredentialTypeId, AnyCredentialType>();\n\n register(type: CredentialType<any, any, unknown>): void {\n if (this.credentialTypesById.has(type.definition.typeId)) {\n throw new Error(`Credential type already registered: ${type.definition.typeId}`);\n }\n this.credentialTypesById.set(type.definition.typeId, type);\n }\n\n listTypes(): ReadonlyArray<CredentialTypeDefinition> {\n return [...this.credentialTypesById.values()].map((entry) => entry.definition);\n }\n\n getType(typeId: CredentialTypeId): CredentialTypeDefinition | undefined {\n return this.credentialTypesById.get(typeId)?.definition;\n }\n\n getCredentialType(typeId: CredentialTypeId): AnyCredentialType | undefined {\n return this.credentialTypesById.get(typeId);\n }\n}\n","export class ApplicationRequestError extends Error {\n readonly status: number;\n\n readonly payload: Readonly<{ error: string; errors?: ReadonlyArray<string> }>;\n\n constructor(status: number, message: string, errors?: ReadonlyArray<string>) {\n super(message);\n this.name = \"ApplicationRequestError\";\n this.status = status;\n this.payload = errors && errors.length > 0 ? { error: message, errors } : { error: message };\n }\n}\n","import type { Clock, TypeToken } from \"@codemation/core\";\nimport type { SessionVerifier } from \"./application/auth/SessionVerifier\";\nimport type { Command } from \"./application/bus/Command\";\nimport type { CommandBus } from \"./application/bus/CommandBus\";\nimport type { CommandHandler } from \"./application/bus/CommandHandler\";\nimport type { DomainEvent } from \"./application/bus/DomainEvent\";\nimport type { DomainEventBus } from \"./application/bus/DomainEventBus\";\nimport type { DomainEventHandler } from \"./application/bus/DomainEventHandler\";\nimport type { Query } from \"./application/bus/Query\";\nimport type { QueryBus } from \"./application/bus/QueryBus\";\nimport type { QueryHandler } from \"./application/bus/QueryHandler\";\nimport type { Logger, LoggerFactory } from \"./application/logging/Logger\";\nimport type { WorkflowWebsocketPublisher } from \"./application/websocket/WorkflowWebsocketPublisher\";\nimport type { CredentialStore } from \"./domain/credentials/CredentialServices\";\nimport type { WorkflowRunRepository } from \"./domain/runs/WorkflowRunRepository\";\nimport type { WorkflowDebuggerOverlayRepository } from \"./domain/workflows/WorkflowDebuggerOverlayRepository\";\nimport type { WorkflowDefinitionRepository } from \"./domain/workflows/WorkflowDefinitionRepository\";\nimport type { WorkflowActivationRepository } from \"./domain/workflows/WorkflowActivationRepository\";\nimport type { PrismaDatabaseClient } from \"./infrastructure/persistence/PrismaDatabaseClient\";\nimport type { WorkerRuntimeScheduler } from \"./infrastructure/scheduler/WorkerRuntimeScheduler\";\nimport type { AppConfig } from \"./presentation/config/AppConfig\";\nimport type { CodemationAuthConfig } from \"./presentation/config/CodemationAuthConfig\";\nimport type { CodemationWhitelabelConfig } from \"./presentation/config/CodemationWhitelabelConfig\";\nimport type { HonoApiRouteRegistrar } from \"./presentation/http/hono/HonoApiRouteRegistrar\";\n\nexport const ApplicationTokens = {\n CodemationAuthConfig: Symbol.for(\"codemation.application.CodemationAuthConfig\") as TypeToken<\n CodemationAuthConfig | undefined\n >,\n CodemationWhitelabelConfig: Symbol.for(\n \"codemation.application.CodemationWhitelabelConfig\",\n ) as TypeToken<CodemationWhitelabelConfig>,\n AppConfig: Symbol.for(\"codemation.application.AppConfig\") as TypeToken<AppConfig>,\n WebSocketPort: Symbol.for(\"codemation.application.WebSocketPort\") as TypeToken<number>,\n WebSocketBindHost: Symbol.for(\"codemation.application.WebSocketBindHost\") as TypeToken<string>,\n QueryBus: Symbol.for(\"codemation.application.QueryBus\") as TypeToken<QueryBus>,\n CommandBus: Symbol.for(\"codemation.application.CommandBus\") as TypeToken<CommandBus>,\n DomainEventBus: Symbol.for(\"codemation.application.DomainEventBus\") as TypeToken<DomainEventBus>,\n QueryHandler: Symbol.for(\"codemation.application.QueryHandler\") as TypeToken<QueryHandler<Query<unknown>, unknown>>,\n CommandHandler: Symbol.for(\"codemation.application.CommandHandler\") as TypeToken<\n CommandHandler<Command<unknown>, unknown>\n >,\n DomainEventHandler: Symbol.for(\"codemation.application.DomainEventHandler\") as TypeToken<\n DomainEventHandler<DomainEvent>\n >,\n HonoApiRouteRegistrar: Symbol.for(\"codemation.application.HonoApiRouteRegistrar\") as TypeToken<HonoApiRouteRegistrar>,\n WorkflowWebsocketPublisher: Symbol.for(\n \"codemation.application.WorkflowWebsocketPublisher\",\n ) as TypeToken<WorkflowWebsocketPublisher>,\n WorkerRuntimeScheduler: Symbol.for(\n \"codemation.application.WorkerRuntimeScheduler\",\n ) as TypeToken<WorkerRuntimeScheduler>,\n WorkflowDefinitionRepository: Symbol.for(\n \"codemation.application.WorkflowDefinitionRepository\",\n ) as TypeToken<WorkflowDefinitionRepository>,\n WorkflowActivationRepository: Symbol.for(\n \"codemation.application.WorkflowActivationRepository\",\n ) as TypeToken<WorkflowActivationRepository>,\n WorkflowDebuggerOverlayRepository: Symbol.for(\n \"codemation.application.WorkflowDebuggerOverlayRepository\",\n ) as TypeToken<WorkflowDebuggerOverlayRepository>,\n WorkflowRunRepository: Symbol.for(\"codemation.application.WorkflowRunRepository\") as TypeToken<WorkflowRunRepository>,\n LoggerFactory: Symbol.for(\"codemation.application.LoggerFactory\") as TypeToken<LoggerFactory>,\n /**\n * Opt-in timing/diagnostics logger (`CODEMATION_PERFORMANCE_LOGGING` + normal minimum log level).\n */\n PerformanceDiagnosticsLogger: Symbol.for(\"codemation.application.PerformanceDiagnosticsLogger\") as TypeToken<Logger>,\n CredentialStore: Symbol.for(\"codemation.application.CredentialStore\") as TypeToken<CredentialStore>,\n PrismaClient: Symbol.for(\"codemation.application.PrismaClient\") as TypeToken<PrismaDatabaseClient>,\n SessionVerifier: Symbol.for(\"codemation.application.SessionVerifier\") as TypeToken<SessionVerifier>,\n Clock: Symbol.for(\"codemation.application.Clock\") as TypeToken<Clock>,\n} as const;\n","import type { CredentialRequirement, WorkflowDefinition } from \"@codemation/core\";\nimport {\n AgentConfigInspector,\n AgentConnectionNodeCollector,\n type AgentConnectionNodeDescriptor,\n ConnectionNodeIdFactory,\n} from \"@codemation/core\";\n\nimport { injectable } from \"@codemation/core\";\n\nexport type WorkflowCredentialSlotRef = Readonly<{\n workflowId: string;\n nodeId: string;\n nodeName: string;\n requirement: CredentialRequirement;\n}>;\n\n/**\n * Resolves credential requirements for workflow node ids, including connection-owned LLM/tool children.\n */\n@injectable()\nexport class WorkflowCredentialNodeResolver {\n /**\n * Human-readable label for credential errors (workflow node name or agent › attachment).\n */\n describeCredentialNodeDisplay(workflow: WorkflowDefinition, nodeId: string): string {\n const direct = workflow.nodes.find((n) => n.id === nodeId);\n if (direct) {\n return direct.name ?? direct.config.name ?? direct.id;\n }\n const recursive = this.findRecursiveConnectionNode(workflow, nodeId);\n if (!recursive) {\n return nodeId;\n }\n return this.buildRecursiveDisplayLabel(recursive.rootAgentLabel, recursive.entry, recursive.entriesById);\n }\n\n isCredentialNodeIdInWorkflow(workflow: WorkflowDefinition, nodeId: string): boolean {\n if (workflow.nodes.some((n) => n.id === nodeId)) {\n return true;\n }\n return this.findRecursiveConnectionNode(workflow, nodeId) !== undefined;\n }\n\n findRequirement(\n workflow: WorkflowDefinition,\n nodeId: string,\n slotKey: string,\n ): Readonly<{ nodeName: string; requirement: CredentialRequirement }> | undefined {\n const direct = this.findDirectRequirement(workflow, nodeId, slotKey);\n if (direct) {\n return direct;\n }\n const recursive = this.findRecursiveConnectionNode(workflow, nodeId);\n if (!recursive) {\n return undefined;\n }\n const requirement = recursive.entry.credentialSource\n .getCredentialRequirements?.()\n ?.find((entry) => entry.slotKey === slotKey);\n return requirement ? { nodeName: recursive.entry.name, requirement } : undefined;\n }\n\n listSlots(workflow: WorkflowDefinition): ReadonlyArray<WorkflowCredentialSlotRef> {\n const slotsByKey = new Map<string, WorkflowCredentialSlotRef>();\n\n for (const node of workflow.nodes) {\n if (AgentConfigInspector.isAgentNodeConfig(node.config)) {\n this.addRecursiveAgentSlots(workflow.id, node.id, node.config, slotsByKey);\n continue;\n }\n this.addSlotsForRequirements(\n workflow.id,\n node.id,\n node.name ?? node.config.name ?? node.id,\n node.config.getCredentialRequirements?.() ?? [],\n slotsByKey,\n );\n }\n return [...slotsByKey.values()];\n }\n\n private findDirectRequirement(\n workflow: WorkflowDefinition,\n nodeId: string,\n slotKey: string,\n ): Readonly<{ nodeName: string; requirement: CredentialRequirement }> | undefined {\n const node = workflow.nodes.find((entry) => entry.id === nodeId);\n if (!node || AgentConfigInspector.isAgentNodeConfig(node.config)) {\n return undefined;\n }\n const requirement = node.config.getCredentialRequirements?.()?.find((entry) => entry.slotKey === slotKey);\n if (!requirement) {\n return undefined;\n }\n return { nodeName: node.name ?? node.config.name ?? node.id, requirement };\n }\n\n private addRecursiveAgentSlots(\n workflowId: string,\n rootAgentNodeId: string,\n agentConfig: Parameters<typeof AgentConnectionNodeCollector.collect>[1],\n slotsByKey: Map<string, WorkflowCredentialSlotRef>,\n ): void {\n for (const entry of AgentConnectionNodeCollector.collect(rootAgentNodeId, agentConfig)) {\n this.addSlotsForRequirements(\n workflowId,\n entry.nodeId,\n entry.name,\n entry.credentialSource.getCredentialRequirements?.() ?? [],\n slotsByKey,\n );\n }\n }\n\n private addSlotsForRequirements(\n workflowId: string,\n nodeId: string,\n nodeName: string,\n requirements: ReadonlyArray<CredentialRequirement>,\n slotsByKey: Map<string, WorkflowCredentialSlotRef>,\n ): void {\n for (const requirement of requirements) {\n const key = `${nodeId}\\0${requirement.slotKey}`;\n if (slotsByKey.has(key)) {\n continue;\n }\n slotsByKey.set(key, {\n workflowId,\n nodeId,\n nodeName,\n requirement,\n });\n }\n }\n\n private findRecursiveConnectionNode(\n workflow: WorkflowDefinition,\n nodeId: string,\n ):\n | Readonly<{\n rootAgentNodeId: string;\n rootAgentLabel: string;\n entry: AgentConnectionNodeDescriptor;\n entriesById: ReadonlyMap<string, AgentConnectionNodeDescriptor>;\n }>\n | undefined {\n if (\n !ConnectionNodeIdFactory.isLanguageModelConnectionNodeId(nodeId) &&\n !ConnectionNodeIdFactory.isToolConnectionNodeId(nodeId)\n ) {\n return undefined;\n }\n for (const node of workflow.nodes) {\n if (!AgentConfigInspector.isAgentNodeConfig(node.config)) {\n continue;\n }\n const entries = AgentConnectionNodeCollector.collect(node.id, node.config);\n const entriesById = new Map(entries.map((entry) => [entry.nodeId, entry]));\n const entry = entriesById.get(nodeId);\n if (!entry) {\n continue;\n }\n return {\n rootAgentNodeId: node.id,\n rootAgentLabel: node.name ?? node.config.name ?? node.id,\n entry,\n entriesById,\n };\n }\n return undefined;\n }\n\n private buildRecursiveDisplayLabel(\n rootAgentLabel: string,\n entry: AgentConnectionNodeDescriptor,\n entriesById: ReadonlyMap<string, AgentConnectionNodeDescriptor>,\n ): string {\n const labels = [rootAgentLabel, ...this.collectAncestorToolLabels(entry.parentNodeId, entriesById)];\n labels.push(entry.role === \"languageModel\" ? \"Language model\" : entry.name);\n return labels.join(\" › \");\n }\n\n private collectAncestorToolLabels(\n parentNodeId: string,\n entriesById: ReadonlyMap<string, AgentConnectionNodeDescriptor>,\n ): ReadonlyArray<string> {\n const labels: string[] = [];\n let currentNodeId = parentNodeId;\n while (true) {\n const parentEntry = entriesById.get(currentNodeId);\n if (!parentEntry) {\n return labels.reverse();\n }\n if (parentEntry.role === \"tool\" || parentEntry.role === \"nestedAgent\") {\n labels.push(parentEntry.name);\n }\n currentNodeId = parentEntry.parentNodeId;\n }\n }\n}\n","import type { CredentialFieldSchema, CredentialTypeDefinition } from \"@codemation/core\";\nimport { inject, injectable } from \"@codemation/core\";\n\nimport { ApplicationTokens } from \"../../applicationTokens\";\nimport type { AppConfig } from \"../../presentation/config/AppConfig\";\n\nimport type { JsonRecord } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialFieldEnvOverlayService {\n constructor(\n @inject(ApplicationTokens.AppConfig)\n private readonly appConfig: AppConfig,\n ) {}\n\n /** True when the field declares an env var and process.env has a non-empty string for it. */\n isFieldResolvedFromEnv(field: CredentialFieldSchema): boolean {\n const name = field.envVarName?.trim();\n if (!name) {\n return false;\n }\n const v = this.appConfig.env[name];\n return typeof v === \"string\" && v.length > 0;\n }\n\n apply(\n args: Readonly<{\n definition: CredentialTypeDefinition;\n publicConfig: JsonRecord;\n material: JsonRecord;\n }>,\n ): Readonly<{ resolvedPublicConfig: JsonRecord; resolvedMaterial: JsonRecord }> {\n const pub: Record<string, unknown> = { ...args.publicConfig };\n const mat: Record<string, unknown> = { ...args.material };\n for (const field of args.definition.publicFields ?? []) {\n const name = field.envVarName?.trim();\n if (!name) {\n continue;\n }\n const v = this.appConfig.env[name];\n if (typeof v === \"string\" && v.length > 0) {\n pub[field.key] = v;\n }\n }\n for (const field of args.definition.secretFields ?? []) {\n const name = field.envVarName?.trim();\n if (!name) {\n continue;\n }\n const v = this.appConfig.env[name];\n if (typeof v === \"string\" && v.length > 0) {\n mat[field.key] = v;\n }\n }\n return Object.freeze({\n resolvedPublicConfig: Object.freeze(pub),\n resolvedMaterial: Object.freeze(mat),\n });\n }\n}\n","import { createCipheriv, createDecipheriv, createHash, randomBytes } from \"node:crypto\";\n\nimport { inject, injectable } from \"@codemation/core\";\n\nimport { ApplicationTokens } from \"../../applicationTokens\";\nimport type { AppConfig } from \"../../presentation/config/AppConfig\";\n\nimport type { JsonRecord } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialSecretCipher {\n private static readonly algorithm = \"aes-256-gcm\";\n private static readonly schemaVersion = 1;\n private static readonly ivLength = 12;\n\n constructor(\n @inject(ApplicationTokens.AppConfig)\n private readonly appConfig: AppConfig,\n ) {}\n\n encrypt(value: JsonRecord): Readonly<{\n encryptedJson: string;\n encryptionKeyId: string;\n schemaVersion: number;\n }> {\n const iv = randomBytes(CredentialSecretCipher.ivLength);\n const cipher = createCipheriv(CredentialSecretCipher.algorithm, this.resolveKeyMaterial(), iv);\n const plaintext = Buffer.from(JSON.stringify(value), \"utf8\");\n const encrypted = Buffer.concat([cipher.update(plaintext), cipher.final()]);\n const authTag = cipher.getAuthTag();\n return {\n encryptedJson: Buffer.concat([iv, authTag, encrypted]).toString(\"base64\"),\n encryptionKeyId: this.resolveKeyId(),\n schemaVersion: CredentialSecretCipher.schemaVersion,\n };\n }\n\n decrypt(\n record: Readonly<{\n encryptedJson: string;\n encryptionKeyId: string;\n schemaVersion: number;\n }>,\n ): JsonRecord {\n const packed = Buffer.from(record.encryptedJson, \"base64\");\n const iv = packed.subarray(0, CredentialSecretCipher.ivLength);\n const authTag = packed.subarray(CredentialSecretCipher.ivLength, CredentialSecretCipher.ivLength + 16);\n const encrypted = packed.subarray(CredentialSecretCipher.ivLength + 16);\n const decipher = createDecipheriv(CredentialSecretCipher.algorithm, this.resolveKeyMaterial(), iv);\n decipher.setAuthTag(authTag);\n const plaintext = Buffer.concat([decipher.update(encrypted), decipher.final()]).toString(\"utf8\");\n return JSON.parse(plaintext) as JsonRecord;\n }\n\n private resolveKeyMaterial(): Buffer {\n const rawValue = this.appConfig.env.CODEMATION_CREDENTIALS_MASTER_KEY;\n if (!rawValue || rawValue.trim().length === 0) {\n throw new Error(\"CODEMATION_CREDENTIALS_MASTER_KEY is required to encrypt database-managed credentials.\");\n }\n return createHash(\"sha256\").update(rawValue).digest();\n }\n\n private resolveKeyId(): string {\n const rawValue = this.appConfig.env.CODEMATION_CREDENTIALS_MASTER_KEY;\n return createHash(\"sha256\")\n .update(rawValue ?? \"\")\n .digest(\"hex\")\n .slice(0, 12);\n }\n}\n","import { inject, injectable } from \"@codemation/core\";\n\nimport { ApplicationTokens } from \"../../applicationTokens\";\nimport type { AppConfig } from \"../../presentation/config/AppConfig\";\n\nimport { CredentialSecretCipher } from \"./CredentialSecretCipher\";\nimport type { CredentialInstanceRecord, CredentialStore, JsonRecord } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialMaterialResolver {\n constructor(\n @inject(ApplicationTokens.CredentialStore)\n private readonly credentialStore: CredentialStore,\n @inject(CredentialSecretCipher)\n private readonly credentialSecretCipher: CredentialSecretCipher,\n @inject(ApplicationTokens.AppConfig)\n private readonly appConfig: AppConfig,\n ) {}\n\n async resolveMaterial(instance: CredentialInstanceRecord): Promise<JsonRecord> {\n if (instance.secretRef.kind === \"db\") {\n const secretMaterial = await this.credentialStore.getSecretMaterial(instance.instanceId);\n if (!secretMaterial) {\n throw new Error(`Credential ${instance.instanceId} is missing encrypted secret material.`);\n }\n return this.credentialSecretCipher.decrypt(secretMaterial);\n }\n if (instance.secretRef.kind === \"env\") {\n return this.resolveEnvMaterial(instance);\n }\n return instance.secretRef.value;\n }\n\n private resolveEnvMaterial(instance: CredentialInstanceRecord): JsonRecord {\n if (instance.secretRef.kind !== \"env\") {\n throw new Error(`Credential ${instance.instanceId} is not environment-backed.`);\n }\n const resolved: Record<string, unknown> = {};\n const missingEnvironmentVariables: string[] = [];\n for (const [fieldKey, envVarName] of Object.entries(instance.secretRef.envByField)) {\n const value = this.appConfig.env[envVarName];\n if (value === undefined || value.length === 0) {\n missingEnvironmentVariables.push(envVarName);\n continue;\n }\n resolved[fieldKey] = value;\n }\n if (missingEnvironmentVariables.length > 0) {\n throw new Error(\n `Credential ${instance.instanceId} requires environment variables that are not set: ${missingEnvironmentVariables.join(\", \")}.`,\n );\n }\n return resolved;\n }\n}\n","import type { CredentialOAuth2AuthDefinition } from \"@codemation/core\";\nimport { injectable } from \"@codemation/core\";\nimport type { JsonRecord } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialOAuth2ScopeResolver {\n resolveRequestedScopes(auth: CredentialOAuth2AuthDefinition, publicConfig: JsonRecord): ReadonlyArray<string> {\n const scopesFromPublicConfig = auth.scopesFromPublicConfig;\n if (!scopesFromPublicConfig) {\n return [...auth.scopes];\n }\n const preset = this.resolveString(publicConfig[scopesFromPublicConfig.presetFieldKey]);\n if (!preset) {\n return [...auth.scopes];\n }\n const presetScopes = scopesFromPublicConfig.presetScopes[preset];\n if (presetScopes) {\n return [...presetScopes];\n }\n const customPresetKey = scopesFromPublicConfig.customPresetKey ?? \"custom\";\n if (preset !== customPresetKey) {\n return [...auth.scopes];\n }\n const customScopes = this.resolveScopeList(\n publicConfig[scopesFromPublicConfig.customScopesFieldKey ?? \"customScopes\"],\n );\n if (customScopes.length > 0) {\n return customScopes;\n }\n return [...auth.scopes];\n }\n\n private resolveString(value: unknown): string | undefined {\n if (typeof value !== \"string\") {\n return undefined;\n }\n const normalized = value.trim();\n return normalized.length > 0 ? normalized : undefined;\n }\n\n private resolveScopeList(value: unknown): ReadonlyArray<string> {\n if (Array.isArray(value)) {\n return this.dedupe(\n value.map((entry) => (typeof entry === \"string\" ? entry.trim() : \"\")).filter((entry) => entry.length > 0),\n );\n }\n if (typeof value !== \"string\") {\n return [];\n }\n return this.dedupe(\n value\n .split(/[\\s,]+/)\n .map((entry) => entry.trim())\n .filter((entry) => entry.length > 0),\n );\n }\n\n private dedupe(entries: ReadonlyArray<string>): ReadonlyArray<string> {\n return [...new Set(entries)];\n }\n}\n","import { randomUUID } from \"node:crypto\";\n\nimport type {\n CredentialFieldSchema,\n CredentialInstanceId,\n CredentialMaterialSourceKind,\n CredentialTypeId,\n} from \"@codemation/core\";\n\nimport { CoreTokens, inject, injectable } from \"@codemation/core\";\n\nimport { ApplicationRequestError } from \"../../application/ApplicationRequestError\";\n\nimport type {\n CreateCredentialInstanceRequest,\n CredentialInstanceDto,\n CredentialInstanceWithSecretsDto,\n CredentialOAuth2ConnectionDto,\n UpdateCredentialInstanceRequest,\n} from \"../../application/contracts/CredentialContractsRegistry\";\n\nimport { ApplicationTokens } from \"../../applicationTokens\";\n\nimport { CredentialFieldEnvOverlayService } from \"./CredentialFieldEnvOverlayService\";\nimport { CredentialMaterialResolver } from \"./CredentialMaterialResolver\";\nimport { CredentialOAuth2ScopeResolver } from \"./CredentialOAuth2ScopeResolver\";\nimport { CredentialSecretCipher } from \"./CredentialSecretCipher\";\nimport type {\n CredentialInstanceRecord,\n CredentialSecretMaterialRecord,\n CredentialSecretRef,\n CredentialStore,\n CredentialTestRecord,\n AnyCredentialType,\n JsonRecord,\n MutableCredentialSessionService,\n} from \"./CredentialServices\";\nimport { CredentialTypeRegistryImpl } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialInstanceService {\n constructor(\n @inject(ApplicationTokens.CredentialStore)\n private readonly credentialStore: CredentialStore,\n @inject(CredentialTypeRegistryImpl)\n private readonly credentialTypeRegistry: CredentialTypeRegistryImpl,\n @inject(CredentialSecretCipher)\n private readonly credentialSecretCipher: CredentialSecretCipher,\n @inject(CredentialFieldEnvOverlayService)\n private readonly credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService,\n @inject(CredentialMaterialResolver)\n private readonly credentialMaterialResolver: CredentialMaterialResolver,\n @inject(CredentialOAuth2ScopeResolver)\n private readonly credentialOAuth2ScopeResolver: CredentialOAuth2ScopeResolver,\n @inject(CoreTokens.CredentialSessionService)\n private readonly credentialSessionService: MutableCredentialSessionService,\n ) {}\n\n async listInstances(): Promise<ReadonlyArray<CredentialInstanceDto>> {\n const instances = await this.credentialStore.listInstances();\n const latestTestResults = await this.credentialStore.getLatestTestResults(\n instances.map((instance) => instance.instanceId),\n );\n return await Promise.all(\n instances.map(async (instance) => await this.toDto(instance, latestTestResults.get(instance.instanceId))),\n );\n }\n\n async getInstance(instanceId: CredentialInstanceId): Promise<CredentialInstanceDto | undefined> {\n const instance = await this.credentialStore.getInstance(instanceId);\n if (!instance) {\n return undefined;\n }\n const latestTestResult = await this.credentialStore.getLatestTestResult(instanceId);\n return await this.toDto(instance, latestTestResult);\n }\n\n async getInstanceWithSecrets(\n instanceId: CredentialInstanceId,\n ): Promise<CredentialInstanceWithSecretsDto | undefined> {\n const instance = await this.credentialStore.getInstance(instanceId);\n if (!instance) {\n return undefined;\n }\n const latestTestResult = await this.credentialStore.getLatestTestResult(instanceId);\n const base = await this.toDto(instance, latestTestResult);\n try {\n const material = await this.credentialMaterialResolver.resolveMaterial(instance);\n const secretConfig = Object.fromEntries(Object.entries(material).map(([k, v]) => [k, String(v ?? \"\")])) as Record<\n string,\n string\n >;\n const envSecretRefs =\n instance.secretRef.kind === \"env\" ? (instance.secretRef.envByField as Record<string, string>) : undefined;\n return { ...base, secretConfig, envSecretRefs };\n } catch {\n return base;\n }\n }\n\n async create(request: CreateCredentialInstanceRequest): Promise<CredentialInstanceDto> {\n const credentialType = this.requireCredentialType(request.typeId);\n const publicFields = credentialType.definition.publicFields ?? [];\n const secretFields = credentialType.definition.secretFields ?? [];\n this.validateRequestFields({\n displayName: request.displayName,\n publicFields,\n publicConfig: request.publicConfig ?? {},\n secretFields,\n sourceKind: request.sourceKind,\n secretConfig: request.secretConfig ?? {},\n envSecretRefs: request.envSecretRefs ?? {},\n });\n const timestamp = new Date().toISOString();\n const strippedPublic = this.stripEnvManagedFieldValues(publicFields, request.publicConfig ?? {});\n const strippedSecretForRef = this.stripEnvManagedFieldValues(secretFields, request.secretConfig ?? {});\n const instance: CredentialInstanceRecord = {\n instanceId: randomUUID(),\n typeId: request.typeId,\n displayName: request.displayName.trim(),\n sourceKind: request.sourceKind,\n publicConfig: Object.freeze({ ...strippedPublic }),\n secretRef: this.createSecretRef(request.sourceKind, strippedSecretForRef, request.envSecretRefs ?? {}),\n tags: Object.freeze([...(request.tags ?? [])]),\n setupStatus: credentialType.definition.auth?.kind === \"oauth2\" ? \"draft\" : \"ready\",\n createdAt: timestamp,\n updatedAt: timestamp,\n };\n await this.credentialStore.saveInstance({\n instance,\n secretMaterial: this.createSecretMaterial(instance, strippedSecretForRef, timestamp),\n });\n this.credentialSessionService.evictInstance(instance.instanceId);\n return this.toDto(instance, undefined);\n }\n\n async update(\n instanceId: CredentialInstanceId,\n request: UpdateCredentialInstanceRequest,\n ): Promise<CredentialInstanceDto> {\n const existing = await this.requireInstance(instanceId);\n const credentialType = this.requireCredentialType(existing.typeId);\n const mergedPublicRaw = { ...(request.publicConfig ?? existing.publicConfig) };\n const updatedAt = new Date().toISOString();\n const nextSecretConfig = request.secretConfig;\n const nextEnvSecretRefs = request.envSecretRefs;\n const secretFields = credentialType.definition.secretFields ?? [];\n this.validateRequestFields({\n displayName: request.displayName ?? existing.displayName,\n publicFields: credentialType.definition.publicFields ?? [],\n publicConfig: mergedPublicRaw,\n secretFields,\n sourceKind: existing.sourceKind,\n secretConfig: nextSecretConfig ?? {},\n envSecretRefs: nextEnvSecretRefs ?? {},\n allowSecretOmission: true,\n });\n const publicConfig = Object.freeze({\n ...this.stripEnvManagedFieldValues(credentialType.definition.publicFields ?? [], mergedPublicRaw),\n });\n const mergedSecretForRef =\n nextSecretConfig !== undefined ? this.stripEnvManagedFieldValues(secretFields, nextSecretConfig) : undefined;\n const instance: CredentialInstanceRecord = {\n ...existing,\n displayName: request.displayName?.trim() || existing.displayName,\n publicConfig,\n tags: Object.freeze([...(request.tags ?? existing.tags)]),\n setupStatus: request.setupStatus ?? existing.setupStatus,\n secretRef:\n nextSecretConfig || nextEnvSecretRefs\n ? this.createSecretRef(existing.sourceKind, mergedSecretForRef ?? {}, nextEnvSecretRefs ?? {})\n : existing.secretRef,\n updatedAt,\n };\n await this.credentialStore.saveInstance({\n instance,\n secretMaterial:\n nextSecretConfig !== undefined && mergedSecretForRef !== undefined\n ? this.createSecretMaterial(instance, mergedSecretForRef, updatedAt)\n : undefined,\n });\n this.credentialSessionService.evictInstance(instance.instanceId);\n return this.toDto(instance, await this.credentialStore.getLatestTestResult(instance.instanceId));\n }\n\n async delete(instanceId: CredentialInstanceId): Promise<void> {\n await this.credentialStore.deleteInstance(instanceId);\n this.credentialSessionService.evictInstance(instanceId);\n }\n\n async disconnectOAuth2(instanceId: CredentialInstanceId): Promise<CredentialInstanceDto> {\n const instance = await this.requireInstance(instanceId);\n const credentialType = this.requireCredentialType(instance.typeId);\n if (credentialType.definition.auth?.kind !== \"oauth2\") {\n throw new ApplicationRequestError(400, `Credential instance ${instanceId} does not use OAuth2.`);\n }\n const updatedInstance: CredentialInstanceRecord = {\n ...instance,\n setupStatus: \"draft\",\n updatedAt: new Date().toISOString(),\n };\n await this.credentialStore.saveInstance({\n instance: updatedInstance,\n });\n await this.credentialStore.deleteOAuth2Material(instanceId);\n this.credentialSessionService.evictInstance(instanceId);\n return await this.toDto(updatedInstance, await this.credentialStore.getLatestTestResult(instanceId));\n }\n\n async requireInstance(instanceId: CredentialInstanceId): Promise<CredentialInstanceRecord> {\n const instance = await this.credentialStore.getInstance(instanceId);\n if (!instance) {\n throw new ApplicationRequestError(404, `Unknown credential instance: ${instanceId}`);\n }\n return instance;\n }\n\n private createSecretRef(\n sourceKind: CredentialMaterialSourceKind,\n secretConfig: JsonRecord,\n envSecretRefs: Readonly<Record<string, string>>,\n ): CredentialSecretRef {\n if (sourceKind === \"db\") {\n return { kind: \"db\" };\n }\n if (sourceKind === \"env\") {\n return {\n kind: \"env\",\n envByField: Object.freeze({ ...envSecretRefs }),\n };\n }\n return {\n kind: \"code\",\n value: Object.freeze({ ...secretConfig }),\n };\n }\n\n private createSecretMaterial(\n instance: CredentialInstanceRecord,\n secretConfig: JsonRecord,\n updatedAt: string,\n ): CredentialSecretMaterialRecord | undefined {\n if (instance.sourceKind !== \"db\") {\n return undefined;\n }\n const encrypted = this.credentialSecretCipher.encrypt(secretConfig);\n return {\n instanceId: instance.instanceId,\n encryptedJson: encrypted.encryptedJson,\n encryptionKeyId: encrypted.encryptionKeyId,\n schemaVersion: encrypted.schemaVersion,\n updatedAt,\n };\n }\n\n private validateRequestFields(\n args: Readonly<{\n displayName: string;\n publicFields: ReadonlyArray<CredentialFieldSchema>;\n publicConfig: JsonRecord;\n secretFields: ReadonlyArray<CredentialFieldSchema>;\n sourceKind: CredentialMaterialSourceKind;\n secretConfig: JsonRecord;\n envSecretRefs: Readonly<Record<string, string>>;\n allowSecretOmission?: boolean;\n }>,\n ): void {\n if (!args.displayName || args.displayName.trim().length === 0) {\n throw new ApplicationRequestError(400, \"Credential displayName is required.\");\n }\n this.assertRequiredFields(\"publicConfig\", args.publicFields, args.publicConfig);\n if (args.sourceKind === \"db\") {\n if (!args.allowSecretOmission || Object.keys(args.secretConfig).length > 0) {\n this.assertRequiredFields(\"secretConfig\", args.secretFields, args.secretConfig);\n }\n return;\n }\n if (args.sourceKind === \"env\") {\n if (!args.allowSecretOmission || Object.keys(args.envSecretRefs).length > 0) {\n this.assertRequiredEnvFields(args.secretFields, args.envSecretRefs);\n }\n return;\n }\n if (!args.allowSecretOmission || Object.keys(args.secretConfig).length > 0) {\n this.assertRequiredFields(\"secretConfig\", args.secretFields, args.secretConfig);\n }\n }\n\n private stripEnvManagedFieldValues(fields: ReadonlyArray<CredentialFieldSchema>, value: JsonRecord): JsonRecord {\n const out: Record<string, unknown> = { ...value };\n for (const field of fields) {\n if (this.credentialFieldEnvOverlayService.isFieldResolvedFromEnv(field)) {\n delete out[field.key];\n }\n }\n return Object.freeze(out);\n }\n\n private assertRequiredFields(\n fieldName: string,\n schema: ReadonlyArray<CredentialFieldSchema>,\n value: JsonRecord,\n ): void {\n const missing = schema\n .filter((field) => field.required === true)\n .filter((field) => !this.credentialFieldEnvOverlayService.isFieldResolvedFromEnv(field))\n .filter((field) => value[field.key] === undefined || value[field.key] === null || value[field.key] === \"\")\n .map((field) => field.key);\n if (missing.length > 0) {\n throw new ApplicationRequestError(400, `Missing required ${fieldName} field(s): ${missing.join(\", \")}`);\n }\n }\n\n private assertRequiredEnvFields(\n schema: ReadonlyArray<CredentialFieldSchema>,\n envSecretRefs: Readonly<Record<string, string>>,\n ): void {\n const missing = schema\n .filter((field) => field.required === true)\n .filter((field) => !this.credentialFieldEnvOverlayService.isFieldResolvedFromEnv(field))\n .filter((field) => !envSecretRefs[field.key] || envSecretRefs[field.key]!.trim().length === 0)\n .map((field) => field.key);\n if (missing.length > 0) {\n throw new ApplicationRequestError(400, `Missing required envSecretRefs field(s): ${missing.join(\", \")}`);\n }\n }\n\n private requireCredentialType(typeId: CredentialTypeId): AnyCredentialType {\n const credentialType = this.credentialTypeRegistry.getCredentialType(typeId);\n if (!credentialType) {\n throw new ApplicationRequestError(400, `Unknown credential type: ${typeId}`);\n }\n return credentialType;\n }\n\n async markOAuth2Connected(instanceId: CredentialInstanceId, connectedAt: string): Promise<void> {\n const instance = await this.requireInstance(instanceId);\n await this.credentialStore.saveInstance({\n instance: {\n ...instance,\n setupStatus: \"ready\",\n updatedAt: connectedAt,\n },\n });\n this.credentialSessionService.evictInstance(instanceId);\n }\n\n private async toDto(\n instance: CredentialInstanceRecord,\n latestTestResult: CredentialTestRecord | undefined,\n ): Promise<CredentialInstanceDto> {\n const oauth2Connection = await this.toOAuth2ConnectionDto(instance);\n return {\n instanceId: instance.instanceId,\n typeId: instance.typeId,\n displayName: instance.displayName,\n sourceKind: instance.sourceKind,\n publicConfig: instance.publicConfig,\n tags: instance.tags,\n setupStatus: instance.setupStatus,\n createdAt: instance.createdAt,\n updatedAt: instance.updatedAt,\n latestHealth: latestTestResult?.health,\n oauth2Connection,\n };\n }\n\n private async toOAuth2ConnectionDto(\n instance: CredentialInstanceRecord,\n ): Promise<CredentialOAuth2ConnectionDto | undefined> {\n const credentialType = this.credentialTypeRegistry.getCredentialType(instance.typeId);\n if (credentialType?.definition.auth?.kind !== \"oauth2\") {\n return undefined;\n }\n const providerId =\n \"providerId\" in credentialType.definition.auth ? credentialType.definition.auth.providerId : \"custom\";\n const material = await this.credentialStore.getOAuth2Material(instance.instanceId);\n if (!material) {\n const requestedScopes = this.credentialOAuth2ScopeResolver.resolveRequestedScopes(\n credentialType.definition.auth,\n instance.publicConfig,\n );\n return {\n status: \"disconnected\",\n providerId,\n scopes: [...requestedScopes],\n };\n }\n return {\n status: \"connected\",\n providerId: material.providerId,\n connectedEmail: material.connectedEmail,\n connectedAt: material.connectedAt,\n scopes: material.scopes,\n updatedAt: material.updatedAt,\n };\n }\n}\n","import type {\n CredentialBinding,\n CredentialBindingKey,\n CredentialInstanceId,\n CredentialRequirement,\n WorkflowDefinition,\n WorkflowRepository,\n} from \"@codemation/core\";\n\nimport { CoreTokens, inject, injectable } from \"@codemation/core\";\n\nimport { ApplicationRequestError } from \"../../application/ApplicationRequestError\";\n\nimport type {\n WorkflowCredentialHealthDto,\n WorkflowCredentialHealthSlotDto,\n} from \"../../application/contracts/CredentialContractsRegistry\";\n\nimport { ApplicationTokens } from \"../../applicationTokens\";\n\nimport { WorkflowCredentialNodeResolver } from \"./WorkflowCredentialNodeResolver\";\nimport { CredentialInstanceService } from \"./CredentialInstanceService\";\nimport type { CredentialStore, MutableCredentialSessionService } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialBindingService {\n constructor(\n @inject(ApplicationTokens.CredentialStore)\n private readonly credentialStore: CredentialStore,\n @inject(CredentialInstanceService)\n private readonly credentialInstanceService: CredentialInstanceService,\n @inject(CoreTokens.WorkflowRepository)\n private readonly workflowRepository: WorkflowRepository,\n @inject(CoreTokens.CredentialSessionService)\n private readonly credentialSessionService: MutableCredentialSessionService,\n @inject(WorkflowCredentialNodeResolver)\n private readonly workflowCredentialNodeResolver: WorkflowCredentialNodeResolver,\n ) {}\n\n async upsertBinding(\n args: Readonly<{ workflowId: string; nodeId: string; slotKey: string; instanceId: CredentialInstanceId }>,\n ): Promise<CredentialBinding> {\n const workflow = this.requireWorkflow(args.workflowId);\n const requirement = this.requireRequirement(workflow, args.nodeId, args.slotKey);\n const instance = await this.credentialInstanceService.requireInstance(args.instanceId);\n if (!requirement.acceptedTypes.includes(instance.typeId)) {\n throw new ApplicationRequestError(\n 400,\n `Credential instance ${instance.instanceId} (${instance.typeId}) is not compatible with slot ${args.slotKey}. Accepted types: ${requirement.acceptedTypes.join(\", \")}`,\n );\n }\n const binding: CredentialBinding = {\n key: {\n workflowId: args.workflowId,\n nodeId: args.nodeId,\n slotKey: args.slotKey,\n },\n instanceId: args.instanceId,\n updatedAt: new Date().toISOString(),\n };\n await this.credentialStore.upsertBinding(binding);\n this.credentialSessionService.evictBinding(binding.key);\n return binding;\n }\n\n async listWorkflowHealth(workflowId: string): Promise<WorkflowCredentialHealthDto> {\n const workflow = this.requireWorkflow(workflowId);\n const bindings = await this.credentialStore.listBindingsByWorkflowId(workflowId);\n const bindingsByKey = new Map(bindings.map((binding) => [this.toBindingKeyString(binding.key), binding] as const));\n const slots: WorkflowCredentialHealthSlotDto[] = [];\n for (const slotRef of this.workflowCredentialNodeResolver.listSlots(workflow)) {\n const requirement = slotRef.requirement;\n const bindingKey = {\n workflowId,\n nodeId: slotRef.nodeId,\n slotKey: requirement.slotKey,\n } satisfies CredentialBindingKey;\n const binding = bindingsByKey.get(this.toBindingKeyString(bindingKey));\n if (!binding) {\n slots.push({\n workflowId,\n nodeId: slotRef.nodeId,\n nodeName: slotRef.nodeName,\n requirement,\n health: {\n status: requirement.optional ? \"optional-unbound\" : \"unbound\",\n },\n });\n continue;\n }\n const instance = await this.credentialInstanceService.requireInstance(binding.instanceId);\n const latestTestResult = await this.credentialStore.getLatestTestResult(instance.instanceId);\n slots.push({\n workflowId,\n nodeId: slotRef.nodeId,\n nodeName: slotRef.nodeName,\n requirement,\n instance: {\n instanceId: instance.instanceId,\n typeId: instance.typeId,\n displayName: instance.displayName,\n setupStatus: instance.setupStatus,\n },\n health: {\n status: latestTestResult?.health.status ?? \"unknown\",\n message: latestTestResult?.health.message,\n testedAt: latestTestResult?.health.testedAt,\n },\n });\n }\n return {\n workflowId,\n slots,\n };\n }\n\n private requireWorkflow(workflowId: string): WorkflowDefinition {\n const workflow = this.workflowRepository.get(decodeURIComponent(workflowId));\n if (!workflow) {\n throw new ApplicationRequestError(404, `Unknown workflowId: ${workflowId}`);\n }\n return workflow;\n }\n\n private requireRequirement(workflow: WorkflowDefinition, nodeId: string, slotKey: string): CredentialRequirement {\n const resolved = this.workflowCredentialNodeResolver.findRequirement(workflow, nodeId, slotKey);\n if (!resolved) {\n if (!this.workflowCredentialNodeResolver.isCredentialNodeIdInWorkflow(workflow, nodeId)) {\n throw new ApplicationRequestError(404, `Unknown workflow node: ${nodeId}`);\n }\n throw new ApplicationRequestError(400, `Node ${nodeId} does not declare credential slot ${slotKey}.`);\n }\n return resolved.requirement;\n }\n\n private toBindingKeyString(bindingKey: CredentialBindingKey): string {\n return `${bindingKey.workflowId}:${bindingKey.nodeId}:${bindingKey.slotKey}`;\n }\n}\n","import { inject, injectable } from \"@codemation/core\";\n\nimport { ApplicationTokens } from \"../../applicationTokens\";\n\nimport { CredentialMaterialResolver } from \"./CredentialMaterialResolver\";\nimport { CredentialSecretCipher } from \"./CredentialSecretCipher\";\nimport type { CredentialInstanceRecord, CredentialStore, JsonRecord } from \"./CredentialServices\";\nimport { CredentialTypeRegistryImpl } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialRuntimeMaterialService {\n constructor(\n @inject(ApplicationTokens.CredentialStore)\n private readonly credentialStore: CredentialStore,\n @inject(CredentialMaterialResolver)\n private readonly credentialMaterialResolver: CredentialMaterialResolver,\n @inject(CredentialSecretCipher)\n private readonly credentialSecretCipher: CredentialSecretCipher,\n @inject(CredentialTypeRegistryImpl)\n private readonly credentialTypeRegistry: CredentialTypeRegistryImpl,\n ) {}\n\n async compose(instance: CredentialInstanceRecord): Promise<JsonRecord> {\n const baseMaterial = await this.credentialMaterialResolver.resolveMaterial(instance);\n const auth = this.credentialTypeRegistry.getCredentialType(instance.typeId)?.definition.auth;\n if (auth?.kind !== \"oauth2\") {\n return baseMaterial;\n }\n const oauth2Material = await this.credentialStore.getOAuth2Material(instance.instanceId);\n if (!oauth2Material) {\n return baseMaterial;\n }\n const decryptedOauth2Material = this.credentialSecretCipher.decrypt(oauth2Material);\n return Object.freeze({\n ...baseMaterial,\n ...decryptedOauth2Material,\n });\n }\n}\n","import type {\n CredentialBindingKey,\n CredentialInstanceId,\n CredentialSessionService,\n WorkflowRepository,\n} from \"@codemation/core\";\n\nimport { CoreTokens, CredentialUnboundError, inject, injectable } from \"@codemation/core\";\n\nimport { ApplicationRequestError } from \"../../application/ApplicationRequestError\";\n\nimport { ApplicationTokens } from \"../../applicationTokens\";\n\nimport { WorkflowCredentialNodeResolver } from \"./WorkflowCredentialNodeResolver\";\nimport { CredentialFieldEnvOverlayService } from \"./CredentialFieldEnvOverlayService\";\nimport { CredentialRuntimeMaterialService } from \"./CredentialRuntimeMaterialService\";\nimport type { CredentialStore } from \"./CredentialServices\";\nimport { CredentialTypeRegistryImpl } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialSessionServiceImpl implements CredentialSessionService {\n private readonly cachedSessionsByInstanceId = new Map<CredentialInstanceId, Promise<unknown>>();\n private readonly cachedInstanceIdsByBindingKey = new Map<string, CredentialInstanceId>();\n\n constructor(\n @inject(ApplicationTokens.CredentialStore)\n private readonly credentialStore: CredentialStore,\n @inject(CredentialRuntimeMaterialService)\n private readonly credentialRuntimeMaterialService: CredentialRuntimeMaterialService,\n @inject(CredentialFieldEnvOverlayService)\n private readonly credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService,\n @inject(CredentialTypeRegistryImpl)\n private readonly credentialTypeRegistry: CredentialTypeRegistryImpl,\n @inject(CoreTokens.WorkflowRepository)\n private readonly workflowRepository: WorkflowRepository,\n @inject(WorkflowCredentialNodeResolver)\n private readonly workflowCredentialNodeResolver: WorkflowCredentialNodeResolver,\n ) {}\n\n async getSession<TSession = unknown>(\n args: Readonly<{ workflowId: string; nodeId: string; slotKey: string }>,\n ): Promise<TSession> {\n const workflow = this.workflowRepository.get(decodeURIComponent(args.workflowId));\n const displayLabel = workflow\n ? this.workflowCredentialNodeResolver.describeCredentialNodeDisplay(workflow, args.nodeId)\n : undefined;\n const requirement = workflow\n ? this.workflowCredentialNodeResolver.findRequirement(workflow, args.nodeId, args.slotKey)?.requirement\n : undefined;\n const bindingKey: CredentialBindingKey = {\n workflowId: args.workflowId,\n nodeId: args.nodeId,\n slotKey: args.slotKey,\n };\n const binding = await this.credentialStore.getBinding(bindingKey);\n if (!binding) {\n const unbound = new CredentialUnboundError(bindingKey, requirement?.acceptedTypes ?? []);\n if (displayLabel) {\n throw new Error(`${displayLabel}: ${unbound.message}`, { cause: unbound });\n }\n throw unbound;\n }\n const bindingCacheKey = this.toBindingKeyString(bindingKey);\n this.cachedInstanceIdsByBindingKey.set(bindingCacheKey, binding.instanceId);\n const cachedSession = this.cachedSessionsByInstanceId.get(binding.instanceId);\n if (cachedSession) {\n return (await cachedSession) as TSession;\n }\n const nextSessionPromise = this.createSession(binding.instanceId, displayLabel).catch((error) => {\n this.cachedSessionsByInstanceId.delete(binding.instanceId);\n throw error;\n });\n this.cachedSessionsByInstanceId.set(binding.instanceId, nextSessionPromise);\n return (await nextSessionPromise) as TSession;\n }\n\n evictInstance(instanceId: CredentialInstanceId): void {\n this.cachedSessionsByInstanceId.delete(instanceId);\n }\n\n evictBinding(bindingKey: CredentialBindingKey): void {\n const cacheKey = this.toBindingKeyString(bindingKey);\n const instanceId = this.cachedInstanceIdsByBindingKey.get(cacheKey);\n if (instanceId) {\n this.cachedSessionsByInstanceId.delete(instanceId);\n }\n this.cachedInstanceIdsByBindingKey.delete(cacheKey);\n }\n\n private async createSession(instanceId: CredentialInstanceId, displayLabel?: string): Promise<unknown> {\n const instance = await this.credentialStore.getInstance(instanceId);\n if (!instance) {\n throw new ApplicationRequestError(404, `Unknown credential instance: ${instanceId}`);\n }\n const credentialType = this.credentialTypeRegistry.getCredentialType(instance.typeId);\n if (!credentialType) {\n const prefix = displayLabel ? `${displayLabel}: ` : \"\";\n throw new ApplicationRequestError(\n 400,\n `${prefix}Credential type \"${instance.typeId}\" is not registered in this runtime (binding points at an unknown type).`,\n );\n }\n const material = await this.credentialRuntimeMaterialService.compose(instance);\n const { resolvedPublicConfig, resolvedMaterial } = this.credentialFieldEnvOverlayService.apply({\n definition: credentialType.definition,\n publicConfig: instance.publicConfig,\n material,\n });\n return await credentialType.createSession({\n instance,\n material: resolvedMaterial,\n publicConfig: resolvedPublicConfig,\n });\n }\n\n private toBindingKeyString(bindingKey: CredentialBindingKey): string {\n return `${bindingKey.workflowId}:${bindingKey.nodeId}:${bindingKey.slotKey}`;\n }\n}\n","import { randomUUID } from \"node:crypto\";\n\nimport type { CredentialHealth, CredentialInstanceId, CredentialTypeId } from \"@codemation/core\";\n\nimport { CoreTokens, inject, injectable } from \"@codemation/core\";\n\nimport { ApplicationRequestError } from \"../../application/ApplicationRequestError\";\n\nimport { ApplicationTokens } from \"../../applicationTokens\";\n\nimport { CredentialFieldEnvOverlayService } from \"./CredentialFieldEnvOverlayService\";\nimport { CredentialInstanceService } from \"./CredentialInstanceService\";\nimport { CredentialRuntimeMaterialService } from \"./CredentialRuntimeMaterialService\";\nimport type { CredentialStore, AnyCredentialType, MutableCredentialSessionService } from \"./CredentialServices\";\nimport { CredentialTypeRegistryImpl } from \"./CredentialServices\";\n\n@injectable()\nexport class CredentialTestService {\n constructor(\n @inject(CredentialInstanceService)\n private readonly credentialInstanceService: CredentialInstanceService,\n @inject(CredentialRuntimeMaterialService)\n private readonly credentialRuntimeMaterialService: CredentialRuntimeMaterialService,\n @inject(CredentialFieldEnvOverlayService)\n private readonly credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService,\n @inject(CredentialTypeRegistryImpl)\n private readonly credentialTypeRegistry: CredentialTypeRegistryImpl,\n @inject(ApplicationTokens.CredentialStore)\n private readonly credentialStore: CredentialStore,\n @inject(CoreTokens.CredentialSessionService)\n private readonly credentialSessionService: MutableCredentialSessionService,\n ) {}\n\n async test(instanceId: CredentialInstanceId): Promise<CredentialHealth> {\n const instance = await this.credentialInstanceService.requireInstance(instanceId);\n const credentialType = this.requireCredentialType(instance.typeId);\n const material = await this.credentialRuntimeMaterialService.compose(instance);\n const { resolvedPublicConfig, resolvedMaterial } = this.credentialFieldEnvOverlayService.apply({\n definition: credentialType.definition,\n publicConfig: instance.publicConfig,\n material,\n });\n const health = await credentialType.test({\n instance,\n material: resolvedMaterial,\n publicConfig: resolvedPublicConfig,\n });\n const testedAt = health.testedAt ?? new Date().toISOString();\n await this.credentialStore.saveTestResult({\n testId: randomUUID(),\n instanceId,\n health: {\n ...health,\n testedAt,\n },\n testedAt,\n expiresAt: health.expiresAt,\n });\n this.credentialSessionService.evictInstance(instanceId);\n return {\n ...health,\n testedAt,\n };\n }\n\n private requireCredentialType(typeId: CredentialTypeId): AnyCredentialType {\n const credentialType = this.credentialTypeRegistry.getCredentialType(typeId);\n if (!credentialType) {\n throw new ApplicationRequestError(400, `Unknown credential type: ${typeId}`);\n }\n return credentialType;\n }\n}\n"],"mappings":";;;;;;;;;;AAQA,IAAa,qCAAb,MAAgD;CAC9C,YAAY,AAAiBA,WAAoC;EAApC;;CAE7B,MAAM,KACJ,MAC2B;EAC3B,MAAM,4BAAW,IAAI,MAAM,EAAC,aAAa;EACzC,MAAM,SAAS,OAAO,KAAK,SAAS,UAAU,GAAG,CAAC,MAAM;AACxD,MAAI,OAAO,WAAW,EACpB,QAAO;GACL,QAAQ;GACR,SAAS;GACT;GACD;EAGH,MAAM,YAAY,KAAK,qBAAqB,KAAK,aAAa,QAAQ;AAEtE,MAAI;GACF,MAAM,WAAW,MAAM,KAAK,UAAU,WAAW;IAC/C,QAAQ;IACR,SAAS,EACP,eAAe,UAAU,UAC1B;IACD,QAAQ,YAAY,QAAQ,KAAO;IACpC,CAAC;AAEF,OAAI,SAAS,GACX,QAAO;IACL,QAAQ;IACR,SAAS;IACT;IACD;AAIH,UAAO;IACL,QAAQ;IACR,SAHc,MAAM,KAAK,kBAAkB,SAAS;IAIpD;IACD;WACM,OAAO;AACd,UAAO;IACL,QAAQ;IACR,SAAS,iBAAiB,QAAQ,MAAM,UAAU,OAAO,MAAM;IAC/D;IACD;;;CAIL,AAAQ,qBAAqB,YAA6B;EACxD,MAAM,cAAc;EACpB,MAAM,MAAM,OAAO,eAAe,WAAW,WAAW,MAAM,GAAG;EACjE,MAAM,OAAO,QAAQ,KAAK,cAAc,IAAI,QAAQ,QAAQ,GAAG;AAC/D,MAAI,KAAK,SAAS,UAAU,CAC1B,QAAO;AAET,MAAI,KAAK,SAAS,MAAM,CACtB,QAAO,GAAG,KAAK;AAEjB,SAAO,GAAG,KAAK;;CAGjB,MAAc,kBAAkB,UAAqC;EACnE,MAAM,SAAS,QAAQ,SAAS;AAChC,MAAI;GACF,MAAM,OAAO,MAAM,SAAS,MAAM;AAClC,OAAI,KAAK,MAAM,KAAK,GAClB,QAAO;GAGT,MAAM,UADS,KAAK,MAAM,KAAK,CACR,OAAO;AAC9B,OAAI,OAAO,YAAY,YAAY,QAAQ,MAAM,KAAK,GACpD,QAAO,GAAG,OAAO,IAAI,QAAQ,MAAM;AAErC,UAAO,GAAG,OAAO,IAAI,KAAK,SAAS,MAAM,GAAG,KAAK,MAAM,GAAG,IAAI,CAAC,KAAK;UAC9D;AACN,UAAO;;;;;;;;;;;;ACvEb,IAAa,oCAAb,MAA+C;CAC7C,YAAY,AAAiBC,cAAkD;EAAlD;;CAE7B,uBAA4G;AAC1G,SAAO;GACL,YAAY;IACV,QAAQ;IACR,aAAa;IACb,aAAa;IACb,cAAc,CACZ;KACE,KAAK;KACL,OAAO;KACP,MAAM;KACN,aAAa;KACb,UAAU;KACX,CACF;IACD,cAAc,CAAC;KAAE,KAAK;KAAU,OAAO;KAAW,MAAM;KAAY,UAAU;KAAM,CAAC;IACrF,sBAAsB;KAAC;KAAM;KAAO;KAAO;IAC5C;GACD,eAAe,OAAO,SAAS;IAC7B,MAAM,aAAa,KAAK,aAAa;IACrC,MAAM,UAAU,OAAO,eAAe,YAAY,WAAW,MAAM,KAAK,KAAK,WAAW,MAAM,GAAG;AACjG,WAAO;KACL,QAAQ,OAAO,KAAK,SAAS,UAAU,GAAG;KAC1C;KACD;;GAEH,MAAM,OAAO,SAAS,KAAK,aAAa,KAAK,KAAK;GACnD;;;;;;ACrCE,uCAAMC,6BAA6D;CACxE,AAAiB,sCAAsB,IAAI,KAA0C;CAErF,SAAS,MAA+C;AACtD,MAAI,KAAK,oBAAoB,IAAI,KAAK,WAAW,OAAO,CACtD,OAAM,IAAI,MAAM,uCAAuC,KAAK,WAAW,SAAS;AAElF,OAAK,oBAAoB,IAAI,KAAK,WAAW,QAAQ,KAAK;;CAG5D,YAAqD;AACnD,SAAO,CAAC,GAAG,KAAK,oBAAoB,QAAQ,CAAC,CAAC,KAAK,UAAU,MAAM,WAAW;;CAGhF,QAAQ,QAAgE;AACtE,SAAO,KAAK,oBAAoB,IAAI,OAAO,EAAE;;CAG/C,kBAAkB,QAAyD;AACzE,SAAO,KAAK,oBAAoB,IAAI,OAAO;;;yCApB9C,YAAY;;;;ACNb,IAAa,0BAAb,cAA6C,MAAM;CACjD,AAAS;CAET,AAAS;CAET,YAAY,QAAgB,SAAiB,QAAgC;AAC3E,QAAM,QAAQ;AACd,OAAK,OAAO;AACZ,OAAK,SAAS;AACd,OAAK,UAAU,UAAU,OAAO,SAAS,IAAI;GAAE,OAAO;GAAS;GAAQ,GAAG,EAAE,OAAO,SAAS;;;;;;ACgBhG,MAAa,oBAAoB;CAC/B,sBAAsB,OAAO,IAAI,8CAA8C;CAG/E,4BAA4B,OAAO,IACjC,oDACD;CACD,WAAW,OAAO,IAAI,mCAAmC;CACzD,eAAe,OAAO,IAAI,uCAAuC;CACjE,mBAAmB,OAAO,IAAI,2CAA2C;CACzE,UAAU,OAAO,IAAI,kCAAkC;CACvD,YAAY,OAAO,IAAI,oCAAoC;CAC3D,gBAAgB,OAAO,IAAI,wCAAwC;CACnE,cAAc,OAAO,IAAI,sCAAsC;CAC/D,gBAAgB,OAAO,IAAI,wCAAwC;CAGnE,oBAAoB,OAAO,IAAI,4CAA4C;CAG3E,uBAAuB,OAAO,IAAI,+CAA+C;CACjF,4BAA4B,OAAO,IACjC,oDACD;CACD,wBAAwB,OAAO,IAC7B,gDACD;CACD,8BAA8B,OAAO,IACnC,sDACD;CACD,8BAA8B,OAAO,IACnC,sDACD;CACD,mCAAmC,OAAO,IACxC,2DACD;CACD,uBAAuB,OAAO,IAAI,+CAA+C;CACjF,eAAe,OAAO,IAAI,uCAAuC;CAIjE,8BAA8B,OAAO,IAAI,sDAAsD;CAC/F,iBAAiB,OAAO,IAAI,yCAAyC;CACrE,cAAc,OAAO,IAAI,sCAAsC;CAC/D,iBAAiB,OAAO,IAAI,yCAAyC;CACrE,OAAO,OAAO,IAAI,+BAA+B;CAClD;;;;AClDM,2CAAMC,iCAA+B;;;;CAI1C,8BAA8B,UAA8B,QAAwB;EAClF,MAAM,SAAS,SAAS,MAAM,MAAM,MAAM,EAAE,OAAO,OAAO;AAC1D,MAAI,OACF,QAAO,OAAO,QAAQ,OAAO,OAAO,QAAQ,OAAO;EAErD,MAAM,YAAY,KAAK,4BAA4B,UAAU,OAAO;AACpE,MAAI,CAAC,UACH,QAAO;AAET,SAAO,KAAK,2BAA2B,UAAU,gBAAgB,UAAU,OAAO,UAAU,YAAY;;CAG1G,6BAA6B,UAA8B,QAAyB;AAClF,MAAI,SAAS,MAAM,MAAM,MAAM,EAAE,OAAO,OAAO,CAC7C,QAAO;AAET,SAAO,KAAK,4BAA4B,UAAU,OAAO,KAAK;;CAGhE,gBACE,UACA,QACA,SACgF;EAChF,MAAM,SAAS,KAAK,sBAAsB,UAAU,QAAQ,QAAQ;AACpE,MAAI,OACF,QAAO;EAET,MAAM,YAAY,KAAK,4BAA4B,UAAU,OAAO;AACpE,MAAI,CAAC,UACH;EAEF,MAAM,cAAc,UAAU,MAAM,iBACjC,6BAA6B,EAC5B,MAAM,UAAU,MAAM,YAAY,QAAQ;AAC9C,SAAO,cAAc;GAAE,UAAU,UAAU,MAAM;GAAM;GAAa,GAAG;;CAGzE,UAAU,UAAwE;EAChF,MAAM,6BAAa,IAAI,KAAwC;AAE/D,OAAK,MAAM,QAAQ,SAAS,OAAO;AACjC,OAAI,qBAAqB,kBAAkB,KAAK,OAAO,EAAE;AACvD,SAAK,uBAAuB,SAAS,IAAI,KAAK,IAAI,KAAK,QAAQ,WAAW;AAC1E;;AAEF,QAAK,wBACH,SAAS,IACT,KAAK,IACL,KAAK,QAAQ,KAAK,OAAO,QAAQ,KAAK,IACtC,KAAK,OAAO,6BAA6B,IAAI,EAAE,EAC/C,WACD;;AAEH,SAAO,CAAC,GAAG,WAAW,QAAQ,CAAC;;CAGjC,AAAQ,sBACN,UACA,QACA,SACgF;EAChF,MAAM,OAAO,SAAS,MAAM,MAAM,UAAU,MAAM,OAAO,OAAO;AAChE,MAAI,CAAC,QAAQ,qBAAqB,kBAAkB,KAAK,OAAO,CAC9D;EAEF,MAAM,cAAc,KAAK,OAAO,6BAA6B,EAAE,MAAM,UAAU,MAAM,YAAY,QAAQ;AACzG,MAAI,CAAC,YACH;AAEF,SAAO;GAAE,UAAU,KAAK,QAAQ,KAAK,OAAO,QAAQ,KAAK;GAAI;GAAa;;CAG5E,AAAQ,uBACN,YACA,iBACA,aACA,YACM;AACN,OAAK,MAAM,SAAS,6BAA6B,QAAQ,iBAAiB,YAAY,CACpF,MAAK,wBACH,YACA,MAAM,QACN,MAAM,MACN,MAAM,iBAAiB,6BAA6B,IAAI,EAAE,EAC1D,WACD;;CAIL,AAAQ,wBACN,YACA,QACA,UACA,cACA,YACM;AACN,OAAK,MAAM,eAAe,cAAc;GACtC,MAAM,MAAM,GAAG,OAAO,IAAI,YAAY;AACtC,OAAI,WAAW,IAAI,IAAI,CACrB;AAEF,cAAW,IAAI,KAAK;IAClB;IACA;IACA;IACA;IACD,CAAC;;;CAIN,AAAQ,4BACN,UACA,QAQY;AACZ,MACE,CAAC,wBAAwB,gCAAgC,OAAO,IAChE,CAAC,wBAAwB,uBAAuB,OAAO,CAEvD;AAEF,OAAK,MAAM,QAAQ,SAAS,OAAO;AACjC,OAAI,CAAC,qBAAqB,kBAAkB,KAAK,OAAO,CACtD;GAEF,MAAM,UAAU,6BAA6B,QAAQ,KAAK,IAAI,KAAK,OAAO;GAC1E,MAAM,cAAc,IAAI,IAAI,QAAQ,KAAK,YAAU,CAACC,QAAM,QAAQA,QAAM,CAAC,CAAC;GAC1E,MAAM,QAAQ,YAAY,IAAI,OAAO;AACrC,OAAI,CAAC,MACH;AAEF,UAAO;IACL,iBAAiB,KAAK;IACtB,gBAAgB,KAAK,QAAQ,KAAK,OAAO,QAAQ,KAAK;IACtD;IACA;IACD;;;CAKL,AAAQ,2BACN,gBACA,OACA,aACQ;EACR,MAAM,SAAS,CAAC,gBAAgB,GAAG,KAAK,0BAA0B,MAAM,cAAc,YAAY,CAAC;AACnG,SAAO,KAAK,MAAM,SAAS,kBAAkB,mBAAmB,MAAM,KAAK;AAC3E,SAAO,OAAO,KAAK,MAAM;;CAG3B,AAAQ,0BACN,cACA,aACuB;EACvB,MAAMC,SAAmB,EAAE;EAC3B,IAAI,gBAAgB;AACpB,SAAO,MAAM;GACX,MAAM,cAAc,YAAY,IAAI,cAAc;AAClD,OAAI,CAAC,YACH,QAAO,OAAO,SAAS;AAEzB,OAAI,YAAY,SAAS,UAAU,YAAY,SAAS,cACtD,QAAO,KAAK,YAAY,KAAK;AAE/B,mBAAgB,YAAY;;;;6CAjLjC,YAAY;;;;ACXN,6CAAMC,mCAAiC;CAC5C,YACE,AACiBC,WACjB;EADiB;;;CAInB,uBAAuB,OAAuC;EAC5D,MAAM,OAAO,MAAM,YAAY,MAAM;AACrC,MAAI,CAAC,KACH,QAAO;EAET,MAAM,IAAI,KAAK,UAAU,IAAI;AAC7B,SAAO,OAAO,MAAM,YAAY,EAAE,SAAS;;CAG7C,MACE,MAK8E;EAC9E,MAAMC,MAA+B,EAAE,GAAG,KAAK,cAAc;EAC7D,MAAMC,MAA+B,EAAE,GAAG,KAAK,UAAU;AACzD,OAAK,MAAM,SAAS,KAAK,WAAW,gBAAgB,EAAE,EAAE;GACtD,MAAM,OAAO,MAAM,YAAY,MAAM;AACrC,OAAI,CAAC,KACH;GAEF,MAAM,IAAI,KAAK,UAAU,IAAI;AAC7B,OAAI,OAAO,MAAM,YAAY,EAAE,SAAS,EACtC,KAAI,MAAM,OAAO;;AAGrB,OAAK,MAAM,SAAS,KAAK,WAAW,gBAAgB,EAAE,EAAE;GACtD,MAAM,OAAO,MAAM,YAAY,MAAM;AACrC,OAAI,CAAC,KACH;GAEF,MAAM,IAAI,KAAK,UAAU,IAAI;AAC7B,OAAI,OAAO,MAAM,YAAY,EAAE,SAAS,EACtC,KAAI,MAAM,OAAO;;AAGrB,SAAO,OAAO,OAAO;GACnB,sBAAsB,OAAO,OAAO,IAAI;GACxC,kBAAkB,OAAO,OAAO,IAAI;GACrC,CAAC;;;;CAjDL,YAAY;oBAGR,OAAO,kBAAkB,UAAU;;;;;;;ACDjC,mCAAMC,yBAAuB;;;;CAClC,OAAwB,YAAY;CACpC,OAAwB,gBAAgB;CACxC,OAAwB,WAAW;CAEnC,YACE,AACiBC,WACjB;EADiB;;CAGnB,QAAQ,OAIL;EACD,MAAM,KAAK,oCAAmC,SAAS;EACvD,MAAM,SAAS,uCAAsC,WAAW,KAAK,oBAAoB,EAAE,GAAG;EAC9F,MAAM,YAAY,OAAO,KAAK,KAAK,UAAU,MAAM,EAAE,OAAO;EAC5D,MAAM,YAAY,OAAO,OAAO,CAAC,OAAO,OAAO,UAAU,EAAE,OAAO,OAAO,CAAC,CAAC;EAC3E,MAAM,UAAU,OAAO,YAAY;AACnC,SAAO;GACL,eAAe,OAAO,OAAO;IAAC;IAAI;IAAS;IAAU,CAAC,CAAC,SAAS,SAAS;GACzE,iBAAiB,KAAK,cAAc;GACpC,uCAAsC;GACvC;;CAGH,QACE,QAKY;EACZ,MAAM,SAAS,OAAO,KAAK,OAAO,eAAe,SAAS;EAC1D,MAAM,KAAK,OAAO,SAAS,2BAA0B,SAAS;EAC9D,MAAM,UAAU,OAAO,iCAAgC,kCAAiC,WAAW,GAAG;EACtG,MAAM,YAAY,OAAO,iCAAgC,WAAW,GAAG;EACvE,MAAM,WAAW,yCAAwC,WAAW,KAAK,oBAAoB,EAAE,GAAG;AAClG,WAAS,WAAW,QAAQ;EAC5B,MAAM,YAAY,OAAO,OAAO,CAAC,SAAS,OAAO,UAAU,EAAE,SAAS,OAAO,CAAC,CAAC,CAAC,SAAS,OAAO;AAChG,SAAO,KAAK,MAAM,UAAU;;CAG9B,AAAQ,qBAA6B;EACnC,MAAM,WAAW,KAAK,UAAU,IAAI;AACpC,MAAI,CAAC,YAAY,SAAS,MAAM,CAAC,WAAW,EAC1C,OAAM,IAAI,MAAM,yFAAyF;AAE3G,SAAO,WAAW,SAAS,CAAC,OAAO,SAAS,CAAC,QAAQ;;CAGvD,AAAQ,eAAuB;EAC7B,MAAM,WAAW,KAAK,UAAU,IAAI;AACpC,SAAO,WAAW,SAAS,CACxB,OAAO,YAAY,GAAG,CACtB,OAAO,MAAM,CACb,MAAM,GAAG,GAAG;;;;CA1DlB,YAAY;oBAOR,OAAO,kBAAkB,UAAU;;;;;;;ACPjC,uCAAMC,6BAA2B;CACtC,YACE,AACiBC,iBACjB,AACiBC,wBACjB,AACiBC,WACjB;EALiB;EAEA;EAEA;;CAGnB,MAAM,gBAAgB,UAAyD;AAC7E,MAAI,SAAS,UAAU,SAAS,MAAM;GACpC,MAAM,iBAAiB,MAAM,KAAK,gBAAgB,kBAAkB,SAAS,WAAW;AACxF,OAAI,CAAC,eACH,OAAM,IAAI,MAAM,cAAc,SAAS,WAAW,wCAAwC;AAE5F,UAAO,KAAK,uBAAuB,QAAQ,eAAe;;AAE5D,MAAI,SAAS,UAAU,SAAS,MAC9B,QAAO,KAAK,mBAAmB,SAAS;AAE1C,SAAO,SAAS,UAAU;;CAG5B,AAAQ,mBAAmB,UAAgD;AACzE,MAAI,SAAS,UAAU,SAAS,MAC9B,OAAM,IAAI,MAAM,cAAc,SAAS,WAAW,6BAA6B;EAEjF,MAAMC,WAAoC,EAAE;EAC5C,MAAMC,8BAAwC,EAAE;AAChD,OAAK,MAAM,CAAC,UAAU,eAAe,OAAO,QAAQ,SAAS,UAAU,WAAW,EAAE;GAClF,MAAM,QAAQ,KAAK,UAAU,IAAI;AACjC,OAAI,UAAU,UAAa,MAAM,WAAW,GAAG;AAC7C,gCAA4B,KAAK,WAAW;AAC5C;;AAEF,YAAS,YAAY;;AAEvB,MAAI,4BAA4B,SAAS,EACvC,OAAM,IAAI,MACR,cAAc,SAAS,WAAW,oDAAoD,4BAA4B,KAAK,KAAK,CAAC,GAC9H;AAEH,SAAO;;;;CA5CV,YAAY;oBAGR,OAAO,kBAAkB,gBAAgB;oBAEzC,OAAO,uBAAuB;oBAE9B,OAAO,kBAAkB,UAAU;;;;;;;;;;ACVjC,0CAAMC,gCAA8B;CACzC,uBAAuB,MAAsC,cAAiD;EAC5G,MAAM,yBAAyB,KAAK;AACpC,MAAI,CAAC,uBACH,QAAO,CAAC,GAAG,KAAK,OAAO;EAEzB,MAAM,SAAS,KAAK,cAAc,aAAa,uBAAuB,gBAAgB;AACtF,MAAI,CAAC,OACH,QAAO,CAAC,GAAG,KAAK,OAAO;EAEzB,MAAM,eAAe,uBAAuB,aAAa;AACzD,MAAI,aACF,QAAO,CAAC,GAAG,aAAa;AAG1B,MAAI,YADoB,uBAAuB,mBAAmB,UAEhE,QAAO,CAAC,GAAG,KAAK,OAAO;EAEzB,MAAM,eAAe,KAAK,iBACxB,aAAa,uBAAuB,wBAAwB,gBAC7D;AACD,MAAI,aAAa,SAAS,EACxB,QAAO;AAET,SAAO,CAAC,GAAG,KAAK,OAAO;;CAGzB,AAAQ,cAAc,OAAoC;AACxD,MAAI,OAAO,UAAU,SACnB;EAEF,MAAM,aAAa,MAAM,MAAM;AAC/B,SAAO,WAAW,SAAS,IAAI,aAAa;;CAG9C,AAAQ,iBAAiB,OAAuC;AAC9D,MAAI,MAAM,QAAQ,MAAM,CACtB,QAAO,KAAK,OACV,MAAM,KAAK,UAAW,OAAO,UAAU,WAAW,MAAM,MAAM,GAAG,GAAI,CAAC,QAAQ,UAAU,MAAM,SAAS,EAAE,CAC1G;AAEH,MAAI,OAAO,UAAU,SACnB,QAAO,EAAE;AAEX,SAAO,KAAK,OACV,MACG,MAAM,SAAS,CACf,KAAK,UAAU,MAAM,MAAM,CAAC,CAC5B,QAAQ,UAAU,MAAM,SAAS,EAAE,CACvC;;CAGH,AAAQ,OAAO,SAAuD;AACpE,SAAO,CAAC,GAAG,IAAI,IAAI,QAAQ,CAAC;;;4CAtD/B,YAAY;;;;;ACoCN,sCAAMC,4BAA0B;CACrC,YACE,AACiBC,iBACjB,AACiBC,wBACjB,AACiBC,wBACjB,AACiBC,kCACjB,AACiBC,4BACjB,AACiBC,+BACjB,AACiBC,0BACjB;EAbiB;EAEA;EAEA;EAEA;EAEA;EAEA;EAEA;;CAGnB,MAAM,gBAA+D;EACnE,MAAM,YAAY,MAAM,KAAK,gBAAgB,eAAe;EAC5D,MAAM,oBAAoB,MAAM,KAAK,gBAAgB,qBACnD,UAAU,KAAK,aAAa,SAAS,WAAW,CACjD;AACD,SAAO,MAAM,QAAQ,IACnB,UAAU,IAAI,OAAO,aAAa,MAAM,KAAK,MAAM,UAAU,kBAAkB,IAAI,SAAS,WAAW,CAAC,CAAC,CAC1G;;CAGH,MAAM,YAAY,YAA8E;EAC9F,MAAM,WAAW,MAAM,KAAK,gBAAgB,YAAY,WAAW;AACnE,MAAI,CAAC,SACH;EAEF,MAAM,mBAAmB,MAAM,KAAK,gBAAgB,oBAAoB,WAAW;AACnF,SAAO,MAAM,KAAK,MAAM,UAAU,iBAAiB;;CAGrD,MAAM,uBACJ,YACuD;EACvD,MAAM,WAAW,MAAM,KAAK,gBAAgB,YAAY,WAAW;AACnE,MAAI,CAAC,SACH;EAEF,MAAM,mBAAmB,MAAM,KAAK,gBAAgB,oBAAoB,WAAW;EACnF,MAAM,OAAO,MAAM,KAAK,MAAM,UAAU,iBAAiB;AACzD,MAAI;GACF,MAAM,WAAW,MAAM,KAAK,2BAA2B,gBAAgB,SAAS;GAChF,MAAM,eAAe,OAAO,YAAY,OAAO,QAAQ,SAAS,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,GAAG,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC;GAIvG,MAAM,gBACJ,SAAS,UAAU,SAAS,QAAS,SAAS,UAAU,aAAwC;AAClG,UAAO;IAAE,GAAG;IAAM;IAAc;IAAe;UACzC;AACN,UAAO;;;CAIX,MAAM,OAAO,SAA0E;EACrF,MAAM,iBAAiB,KAAK,sBAAsB,QAAQ,OAAO;EACjE,MAAM,eAAe,eAAe,WAAW,gBAAgB,EAAE;EACjE,MAAM,eAAe,eAAe,WAAW,gBAAgB,EAAE;AACjE,OAAK,sBAAsB;GACzB,aAAa,QAAQ;GACrB;GACA,cAAc,QAAQ,gBAAgB,EAAE;GACxC;GACA,YAAY,QAAQ;GACpB,cAAc,QAAQ,gBAAgB,EAAE;GACxC,eAAe,QAAQ,iBAAiB,EAAE;GAC3C,CAAC;EACF,MAAM,6BAAY,IAAI,MAAM,EAAC,aAAa;EAC1C,MAAM,iBAAiB,KAAK,2BAA2B,cAAc,QAAQ,gBAAgB,EAAE,CAAC;EAChG,MAAM,uBAAuB,KAAK,2BAA2B,cAAc,QAAQ,gBAAgB,EAAE,CAAC;EACtG,MAAMC,WAAqC;GACzC,YAAY,YAAY;GACxB,QAAQ,QAAQ;GAChB,aAAa,QAAQ,YAAY,MAAM;GACvC,YAAY,QAAQ;GACpB,cAAc,OAAO,OAAO,EAAE,GAAG,gBAAgB,CAAC;GAClD,WAAW,KAAK,gBAAgB,QAAQ,YAAY,sBAAsB,QAAQ,iBAAiB,EAAE,CAAC;GACtG,MAAM,OAAO,OAAO,CAAC,GAAI,QAAQ,QAAQ,EAAE,CAAE,CAAC;GAC9C,aAAa,eAAe,WAAW,MAAM,SAAS,WAAW,UAAU;GAC3E,WAAW;GACX,WAAW;GACZ;AACD,QAAM,KAAK,gBAAgB,aAAa;GACtC;GACA,gBAAgB,KAAK,qBAAqB,UAAU,sBAAsB,UAAU;GACrF,CAAC;AACF,OAAK,yBAAyB,cAAc,SAAS,WAAW;AAChE,SAAO,KAAK,MAAM,UAAU,OAAU;;CAGxC,MAAM,OACJ,YACA,SACgC;EAChC,MAAM,WAAW,MAAM,KAAK,gBAAgB,WAAW;EACvD,MAAM,iBAAiB,KAAK,sBAAsB,SAAS,OAAO;EAClE,MAAM,kBAAkB,EAAE,GAAI,QAAQ,gBAAgB,SAAS,cAAe;EAC9E,MAAM,6BAAY,IAAI,MAAM,EAAC,aAAa;EAC1C,MAAM,mBAAmB,QAAQ;EACjC,MAAM,oBAAoB,QAAQ;EAClC,MAAM,eAAe,eAAe,WAAW,gBAAgB,EAAE;AACjE,OAAK,sBAAsB;GACzB,aAAa,QAAQ,eAAe,SAAS;GAC7C,cAAc,eAAe,WAAW,gBAAgB,EAAE;GAC1D,cAAc;GACd;GACA,YAAY,SAAS;GACrB,cAAc,oBAAoB,EAAE;GACpC,eAAe,qBAAqB,EAAE;GACtC,qBAAqB;GACtB,CAAC;EACF,MAAM,eAAe,OAAO,OAAO,EACjC,GAAG,KAAK,2BAA2B,eAAe,WAAW,gBAAgB,EAAE,EAAE,gBAAgB,EAClG,CAAC;EACF,MAAM,qBACJ,qBAAqB,SAAY,KAAK,2BAA2B,cAAc,iBAAiB,GAAG;EACrG,MAAMA,WAAqC;GACzC,GAAG;GACH,aAAa,QAAQ,aAAa,MAAM,IAAI,SAAS;GACrD;GACA,MAAM,OAAO,OAAO,CAAC,GAAI,QAAQ,QAAQ,SAAS,KAAM,CAAC;GACzD,aAAa,QAAQ,eAAe,SAAS;GAC7C,WACE,oBAAoB,oBAChB,KAAK,gBAAgB,SAAS,YAAY,sBAAsB,EAAE,EAAE,qBAAqB,EAAE,CAAC,GAC5F,SAAS;GACf;GACD;AACD,QAAM,KAAK,gBAAgB,aAAa;GACtC;GACA,gBACE,qBAAqB,UAAa,uBAAuB,SACrD,KAAK,qBAAqB,UAAU,oBAAoB,UAAU,GAClE;GACP,CAAC;AACF,OAAK,yBAAyB,cAAc,SAAS,WAAW;AAChE,SAAO,KAAK,MAAM,UAAU,MAAM,KAAK,gBAAgB,oBAAoB,SAAS,WAAW,CAAC;;CAGlG,MAAM,OAAO,YAAiD;AAC5D,QAAM,KAAK,gBAAgB,eAAe,WAAW;AACrD,OAAK,yBAAyB,cAAc,WAAW;;CAGzD,MAAM,iBAAiB,YAAkE;EACvF,MAAM,WAAW,MAAM,KAAK,gBAAgB,WAAW;AAEvD,MADuB,KAAK,sBAAsB,SAAS,OAAO,CAC/C,WAAW,MAAM,SAAS,SAC3C,OAAM,IAAI,wBAAwB,KAAK,uBAAuB,WAAW,uBAAuB;EAElG,MAAMC,kBAA4C;GAChD,GAAG;GACH,aAAa;GACb,4BAAW,IAAI,MAAM,EAAC,aAAa;GACpC;AACD,QAAM,KAAK,gBAAgB,aAAa,EACtC,UAAU,iBACX,CAAC;AACF,QAAM,KAAK,gBAAgB,qBAAqB,WAAW;AAC3D,OAAK,yBAAyB,cAAc,WAAW;AACvD,SAAO,MAAM,KAAK,MAAM,iBAAiB,MAAM,KAAK,gBAAgB,oBAAoB,WAAW,CAAC;;CAGtG,MAAM,gBAAgB,YAAqE;EACzF,MAAM,WAAW,MAAM,KAAK,gBAAgB,YAAY,WAAW;AACnE,MAAI,CAAC,SACH,OAAM,IAAI,wBAAwB,KAAK,gCAAgC,aAAa;AAEtF,SAAO;;CAGT,AAAQ,gBACN,YACA,cACA,eACqB;AACrB,MAAI,eAAe,KACjB,QAAO,EAAE,MAAM,MAAM;AAEvB,MAAI,eAAe,MACjB,QAAO;GACL,MAAM;GACN,YAAY,OAAO,OAAO,EAAE,GAAG,eAAe,CAAC;GAChD;AAEH,SAAO;GACL,MAAM;GACN,OAAO,OAAO,OAAO,EAAE,GAAG,cAAc,CAAC;GAC1C;;CAGH,AAAQ,qBACN,UACA,cACA,WAC4C;AAC5C,MAAI,SAAS,eAAe,KAC1B;EAEF,MAAM,YAAY,KAAK,uBAAuB,QAAQ,aAAa;AACnE,SAAO;GACL,YAAY,SAAS;GACrB,eAAe,UAAU;GACzB,iBAAiB,UAAU;GAC3B,eAAe,UAAU;GACzB;GACD;;CAGH,AAAQ,sBACN,MAUM;AACN,MAAI,CAAC,KAAK,eAAe,KAAK,YAAY,MAAM,CAAC,WAAW,EAC1D,OAAM,IAAI,wBAAwB,KAAK,sCAAsC;AAE/E,OAAK,qBAAqB,gBAAgB,KAAK,cAAc,KAAK,aAAa;AAC/E,MAAI,KAAK,eAAe,MAAM;AAC5B,OAAI,CAAC,KAAK,uBAAuB,OAAO,KAAK,KAAK,aAAa,CAAC,SAAS,EACvE,MAAK,qBAAqB,gBAAgB,KAAK,cAAc,KAAK,aAAa;AAEjF;;AAEF,MAAI,KAAK,eAAe,OAAO;AAC7B,OAAI,CAAC,KAAK,uBAAuB,OAAO,KAAK,KAAK,cAAc,CAAC,SAAS,EACxE,MAAK,wBAAwB,KAAK,cAAc,KAAK,cAAc;AAErE;;AAEF,MAAI,CAAC,KAAK,uBAAuB,OAAO,KAAK,KAAK,aAAa,CAAC,SAAS,EACvE,MAAK,qBAAqB,gBAAgB,KAAK,cAAc,KAAK,aAAa;;CAInF,AAAQ,2BAA2B,QAA8C,OAA+B;EAC9G,MAAMC,MAA+B,EAAE,GAAG,OAAO;AACjD,OAAK,MAAM,SAAS,OAClB,KAAI,KAAK,iCAAiC,uBAAuB,MAAM,CACrE,QAAO,IAAI,MAAM;AAGrB,SAAO,OAAO,OAAO,IAAI;;CAG3B,AAAQ,qBACN,WACA,QACA,OACM;EACN,MAAM,UAAU,OACb,QAAQ,UAAU,MAAM,aAAa,KAAK,CAC1C,QAAQ,UAAU,CAAC,KAAK,iCAAiC,uBAAuB,MAAM,CAAC,CACvF,QAAQ,UAAU,MAAM,MAAM,SAAS,UAAa,MAAM,MAAM,SAAS,QAAQ,MAAM,MAAM,SAAS,GAAG,CACzG,KAAK,UAAU,MAAM,IAAI;AAC5B,MAAI,QAAQ,SAAS,EACnB,OAAM,IAAI,wBAAwB,KAAK,oBAAoB,UAAU,aAAa,QAAQ,KAAK,KAAK,GAAG;;CAI3G,AAAQ,wBACN,QACA,eACM;EACN,MAAM,UAAU,OACb,QAAQ,UAAU,MAAM,aAAa,KAAK,CAC1C,QAAQ,UAAU,CAAC,KAAK,iCAAiC,uBAAuB,MAAM,CAAC,CACvF,QAAQ,UAAU,CAAC,cAAc,MAAM,QAAQ,cAAc,MAAM,KAAM,MAAM,CAAC,WAAW,EAAE,CAC7F,KAAK,UAAU,MAAM,IAAI;AAC5B,MAAI,QAAQ,SAAS,EACnB,OAAM,IAAI,wBAAwB,KAAK,4CAA4C,QAAQ,KAAK,KAAK,GAAG;;CAI5G,AAAQ,sBAAsB,QAA6C;EACzE,MAAM,iBAAiB,KAAK,uBAAuB,kBAAkB,OAAO;AAC5E,MAAI,CAAC,eACH,OAAM,IAAI,wBAAwB,KAAK,4BAA4B,SAAS;AAE9E,SAAO;;CAGT,MAAM,oBAAoB,YAAkC,aAAoC;EAC9F,MAAM,WAAW,MAAM,KAAK,gBAAgB,WAAW;AACvD,QAAM,KAAK,gBAAgB,aAAa,EACtC,UAAU;GACR,GAAG;GACH,aAAa;GACb,WAAW;GACZ,EACF,CAAC;AACF,OAAK,yBAAyB,cAAc,WAAW;;CAGzD,MAAc,MACZ,UACA,kBACgC;EAChC,MAAM,mBAAmB,MAAM,KAAK,sBAAsB,SAAS;AACnE,SAAO;GACL,YAAY,SAAS;GACrB,QAAQ,SAAS;GACjB,aAAa,SAAS;GACtB,YAAY,SAAS;GACrB,cAAc,SAAS;GACvB,MAAM,SAAS;GACf,aAAa,SAAS;GACtB,WAAW,SAAS;GACpB,WAAW,SAAS;GACpB,cAAc,kBAAkB;GAChC;GACD;;CAGH,MAAc,sBACZ,UACoD;EACpD,MAAM,iBAAiB,KAAK,uBAAuB,kBAAkB,SAAS,OAAO;AACrF,MAAI,gBAAgB,WAAW,MAAM,SAAS,SAC5C;EAEF,MAAM,aACJ,gBAAgB,eAAe,WAAW,OAAO,eAAe,WAAW,KAAK,aAAa;EAC/F,MAAM,WAAW,MAAM,KAAK,gBAAgB,kBAAkB,SAAS,WAAW;AAClF,MAAI,CAAC,SAKH,QAAO;GACL,QAAQ;GACR;GACA,QAAQ,CAAC,GAPa,KAAK,8BAA8B,uBACzD,eAAe,WAAW,MAC1B,SAAS,aACV,CAI6B;GAC7B;AAEH,SAAO;GACL,QAAQ;GACR,YAAY,SAAS;GACrB,gBAAgB,SAAS;GACzB,aAAa,SAAS;GACtB,QAAQ,SAAS;GACjB,WAAW,SAAS;GACrB;;;;CApWJ,YAAY;oBAGR,OAAO,kBAAkB,gBAAgB;oBAEzC,OAAO,2BAA2B;oBAElC,OAAO,uBAAuB;oBAE9B,OAAO,iCAAiC;oBAExC,OAAO,2BAA2B;oBAElC,OAAO,8BAA8B;oBAErC,OAAO,WAAW,yBAAyB;;;;;;;;;;;;;;;AC7BzC,qCAAMC,2BAAyB;CACpC,YACE,AACiBC,iBACjB,AACiBC,2BACjB,AACiBC,oBACjB,AACiBC,0BACjB,AACiBC,gCACjB;EATiB;EAEA;EAEA;EAEA;EAEA;;CAGnB,MAAM,cACJ,MAC4B;EAC5B,MAAM,WAAW,KAAK,gBAAgB,KAAK,WAAW;EACtD,MAAM,cAAc,KAAK,mBAAmB,UAAU,KAAK,QAAQ,KAAK,QAAQ;EAChF,MAAM,WAAW,MAAM,KAAK,0BAA0B,gBAAgB,KAAK,WAAW;AACtF,MAAI,CAAC,YAAY,cAAc,SAAS,SAAS,OAAO,CACtD,OAAM,IAAI,wBACR,KACA,uBAAuB,SAAS,WAAW,IAAI,SAAS,OAAO,gCAAgC,KAAK,QAAQ,oBAAoB,YAAY,cAAc,KAAK,KAAK,GACrK;EAEH,MAAMC,UAA6B;GACjC,KAAK;IACH,YAAY,KAAK;IACjB,QAAQ,KAAK;IACb,SAAS,KAAK;IACf;GACD,YAAY,KAAK;GACjB,4BAAW,IAAI,MAAM,EAAC,aAAa;GACpC;AACD,QAAM,KAAK,gBAAgB,cAAc,QAAQ;AACjD,OAAK,yBAAyB,aAAa,QAAQ,IAAI;AACvD,SAAO;;CAGT,MAAM,mBAAmB,YAA0D;EACjF,MAAM,WAAW,KAAK,gBAAgB,WAAW;EACjD,MAAM,WAAW,MAAM,KAAK,gBAAgB,yBAAyB,WAAW;EAChF,MAAM,gBAAgB,IAAI,IAAI,SAAS,KAAK,YAAY,CAAC,KAAK,mBAAmB,QAAQ,IAAI,EAAE,QAAQ,CAAU,CAAC;EAClH,MAAMC,QAA2C,EAAE;AACnD,OAAK,MAAM,WAAW,KAAK,+BAA+B,UAAU,SAAS,EAAE;GAC7E,MAAM,cAAc,QAAQ;GAC5B,MAAM,aAAa;IACjB;IACA,QAAQ,QAAQ;IAChB,SAAS,YAAY;IACtB;GACD,MAAM,UAAU,cAAc,IAAI,KAAK,mBAAmB,WAAW,CAAC;AACtE,OAAI,CAAC,SAAS;AACZ,UAAM,KAAK;KACT;KACA,QAAQ,QAAQ;KAChB,UAAU,QAAQ;KAClB;KACA,QAAQ,EACN,QAAQ,YAAY,WAAW,qBAAqB,WACrD;KACF,CAAC;AACF;;GAEF,MAAM,WAAW,MAAM,KAAK,0BAA0B,gBAAgB,QAAQ,WAAW;GACzF,MAAM,mBAAmB,MAAM,KAAK,gBAAgB,oBAAoB,SAAS,WAAW;AAC5F,SAAM,KAAK;IACT;IACA,QAAQ,QAAQ;IAChB,UAAU,QAAQ;IAClB;IACA,UAAU;KACR,YAAY,SAAS;KACrB,QAAQ,SAAS;KACjB,aAAa,SAAS;KACtB,aAAa,SAAS;KACvB;IACD,QAAQ;KACN,QAAQ,kBAAkB,OAAO,UAAU;KAC3C,SAAS,kBAAkB,OAAO;KAClC,UAAU,kBAAkB,OAAO;KACpC;IACF,CAAC;;AAEJ,SAAO;GACL;GACA;GACD;;CAGH,AAAQ,gBAAgB,YAAwC;EAC9D,MAAM,WAAW,KAAK,mBAAmB,IAAI,mBAAmB,WAAW,CAAC;AAC5E,MAAI,CAAC,SACH,OAAM,IAAI,wBAAwB,KAAK,uBAAuB,aAAa;AAE7E,SAAO;;CAGT,AAAQ,mBAAmB,UAA8B,QAAgB,SAAwC;EAC/G,MAAM,WAAW,KAAK,+BAA+B,gBAAgB,UAAU,QAAQ,QAAQ;AAC/F,MAAI,CAAC,UAAU;AACb,OAAI,CAAC,KAAK,+BAA+B,6BAA6B,UAAU,OAAO,CACrF,OAAM,IAAI,wBAAwB,KAAK,0BAA0B,SAAS;AAE5E,SAAM,IAAI,wBAAwB,KAAK,QAAQ,OAAO,oCAAoC,QAAQ,GAAG;;AAEvG,SAAO,SAAS;;CAGlB,AAAQ,mBAAmB,YAA0C;AACnE,SAAO,GAAG,WAAW,WAAW,GAAG,WAAW,OAAO,GAAG,WAAW;;;;CAhHtE,YAAY;oBAGR,OAAO,kBAAkB,gBAAgB;oBAEzC,OAAO,0BAA0B;oBAEjC,OAAO,WAAW,mBAAmB;oBAErC,OAAO,WAAW,yBAAyB;oBAE3C,OAAO,+BAA+B;;;;;;;;;;;;;ACzBpC,6CAAMC,mCAAiC;CAC5C,YACE,AACiBC,iBACjB,AACiBC,4BACjB,AACiBC,wBACjB,AACiBC,wBACjB;EAPiB;EAEA;EAEA;EAEA;;CAGnB,MAAM,QAAQ,UAAyD;EACrE,MAAM,eAAe,MAAM,KAAK,2BAA2B,gBAAgB,SAAS;AAEpF,OADa,KAAK,uBAAuB,kBAAkB,SAAS,OAAO,EAAE,WAAW,OAC9E,SAAS,SACjB,QAAO;EAET,MAAM,iBAAiB,MAAM,KAAK,gBAAgB,kBAAkB,SAAS,WAAW;AACxF,MAAI,CAAC,eACH,QAAO;EAET,MAAM,0BAA0B,KAAK,uBAAuB,QAAQ,eAAe;AACnF,SAAO,OAAO,OAAO;GACnB,GAAG;GACH,GAAG;GACJ,CAAC;;;;CA3BL,YAAY;oBAGR,OAAO,kBAAkB,gBAAgB;oBAEzC,OAAO,2BAA2B;oBAElC,OAAO,uBAAuB;oBAE9B,OAAO,2BAA2B;;;;;;;;;;;;ACEhC,yCAAMC,+BAAiE;CAC5E,AAAiB,6CAA6B,IAAI,KAA6C;CAC/F,AAAiB,gDAAgC,IAAI,KAAmC;CAExF,YACE,AACiBC,iBACjB,AACiBC,kCACjB,AACiBC,kCACjB,AACiBC,wBACjB,AACiBC,oBACjB,AACiBC,gCACjB;EAXiB;EAEA;EAEA;EAEA;EAEA;EAEA;;CAGnB,MAAM,WACJ,MACmB;EACnB,MAAM,WAAW,KAAK,mBAAmB,IAAI,mBAAmB,KAAK,WAAW,CAAC;EACjF,MAAM,eAAe,WACjB,KAAK,+BAA+B,8BAA8B,UAAU,KAAK,OAAO,GACxF;EACJ,MAAM,cAAc,WAChB,KAAK,+BAA+B,gBAAgB,UAAU,KAAK,QAAQ,KAAK,QAAQ,EAAE,cAC1F;EACJ,MAAMC,aAAmC;GACvC,YAAY,KAAK;GACjB,QAAQ,KAAK;GACb,SAAS,KAAK;GACf;EACD,MAAM,UAAU,MAAM,KAAK,gBAAgB,WAAW,WAAW;AACjE,MAAI,CAAC,SAAS;GACZ,MAAM,UAAU,IAAI,uBAAuB,YAAY,aAAa,iBAAiB,EAAE,CAAC;AACxF,OAAI,aACF,OAAM,IAAI,MAAM,GAAG,aAAa,IAAI,QAAQ,WAAW,EAAE,OAAO,SAAS,CAAC;AAE5E,SAAM;;EAER,MAAM,kBAAkB,KAAK,mBAAmB,WAAW;AAC3D,OAAK,8BAA8B,IAAI,iBAAiB,QAAQ,WAAW;EAC3E,MAAM,gBAAgB,KAAK,2BAA2B,IAAI,QAAQ,WAAW;AAC7E,MAAI,cACF,QAAQ,MAAM;EAEhB,MAAM,qBAAqB,KAAK,cAAc,QAAQ,YAAY,aAAa,CAAC,OAAO,UAAU;AAC/F,QAAK,2BAA2B,OAAO,QAAQ,WAAW;AAC1D,SAAM;IACN;AACF,OAAK,2BAA2B,IAAI,QAAQ,YAAY,mBAAmB;AAC3E,SAAQ,MAAM;;CAGhB,cAAc,YAAwC;AACpD,OAAK,2BAA2B,OAAO,WAAW;;CAGpD,aAAa,YAAwC;EACnD,MAAM,WAAW,KAAK,mBAAmB,WAAW;EACpD,MAAM,aAAa,KAAK,8BAA8B,IAAI,SAAS;AACnE,MAAI,WACF,MAAK,2BAA2B,OAAO,WAAW;AAEpD,OAAK,8BAA8B,OAAO,SAAS;;CAGrD,MAAc,cAAc,YAAkC,cAAyC;EACrG,MAAM,WAAW,MAAM,KAAK,gBAAgB,YAAY,WAAW;AACnE,MAAI,CAAC,SACH,OAAM,IAAI,wBAAwB,KAAK,gCAAgC,aAAa;EAEtF,MAAM,iBAAiB,KAAK,uBAAuB,kBAAkB,SAAS,OAAO;AACrF,MAAI,CAAC,eAEH,OAAM,IAAI,wBACR,KACA,GAHa,eAAe,GAAG,aAAa,MAAM,GAGxC,mBAAmB,SAAS,OAAO,0EAC9C;EAEH,MAAM,WAAW,MAAM,KAAK,iCAAiC,QAAQ,SAAS;EAC9E,MAAM,EAAE,sBAAsB,qBAAqB,KAAK,iCAAiC,MAAM;GAC7F,YAAY,eAAe;GAC3B,cAAc,SAAS;GACvB;GACD,CAAC;AACF,SAAO,MAAM,eAAe,cAAc;GACxC;GACA,UAAU;GACV,cAAc;GACf,CAAC;;CAGJ,AAAQ,mBAAmB,YAA0C;AACnE,SAAO,GAAG,WAAW,WAAW,GAAG,WAAW,OAAO,GAAG,WAAW;;;;CAjGtE,YAAY;oBAMR,OAAO,kBAAkB,gBAAgB;oBAEzC,OAAO,iCAAiC;oBAExC,OAAO,iCAAiC;oBAExC,OAAO,2BAA2B;oBAElC,OAAO,WAAW,mBAAmB;oBAErC,OAAO,+BAA+B;;;;;;;;;;;;;;AClBpC,kCAAMC,wBAAsB;CACjC,YACE,AACiBC,2BACjB,AACiBC,kCACjB,AACiBC,kCACjB,AACiBC,wBACjB,AACiBC,iBACjB,AACiBC,0BACjB;EAXiB;EAEA;EAEA;EAEA;EAEA;EAEA;;CAGnB,MAAM,KAAK,YAA6D;EACtE,MAAM,WAAW,MAAM,KAAK,0BAA0B,gBAAgB,WAAW;EACjF,MAAM,iBAAiB,KAAK,sBAAsB,SAAS,OAAO;EAClE,MAAM,WAAW,MAAM,KAAK,iCAAiC,QAAQ,SAAS;EAC9E,MAAM,EAAE,sBAAsB,qBAAqB,KAAK,iCAAiC,MAAM;GAC7F,YAAY,eAAe;GAC3B,cAAc,SAAS;GACvB;GACD,CAAC;EACF,MAAM,SAAS,MAAM,eAAe,KAAK;GACvC;GACA,UAAU;GACV,cAAc;GACf,CAAC;EACF,MAAM,WAAW,OAAO,6BAAY,IAAI,MAAM,EAAC,aAAa;AAC5D,QAAM,KAAK,gBAAgB,eAAe;GACxC,QAAQ,YAAY;GACpB;GACA,QAAQ;IACN,GAAG;IACH;IACD;GACD;GACA,WAAW,OAAO;GACnB,CAAC;AACF,OAAK,yBAAyB,cAAc,WAAW;AACvD,SAAO;GACL,GAAG;GACH;GACD;;CAGH,AAAQ,sBAAsB,QAA6C;EACzE,MAAM,iBAAiB,KAAK,uBAAuB,kBAAkB,OAAO;AAC5E,MAAI,CAAC,eACH,OAAM,IAAI,wBAAwB,KAAK,4BAA4B,SAAS;AAE9E,SAAO;;;;CAtDV,YAAY;oBAGR,OAAO,0BAA0B;oBAEjC,OAAO,iCAAiC;oBAExC,OAAO,iCAAiC;oBAExC,OAAO,2BAA2B;oBAElC,OAAO,kBAAkB,gBAAgB;oBAEzC,OAAO,WAAW,yBAAyB"}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { t as CodemationAuthConfig } from "./CodemationAuthConfig-7hEfICPf.js";
|
|
2
2
|
import { a as CodemationFrontendAuthSnapshot, n as InternalAuthBootstrap, r as FrontendAppConfig, t as PublicFrontendBootstrap } from "./PublicFrontendBootstrap-DCniMBGu.js";
|
|
3
|
-
import { g as AppConfig } from "./CodemationConfig-
|
|
3
|
+
import { g as AppConfig } from "./CodemationConfig-DBbMU3HB.js";
|
|
4
4
|
|
|
5
5
|
//#region src/application/contracts/WorkflowViewContracts.d.ts
|
|
6
6
|
type WorkflowNodeDto = Readonly<{
|
|
@@ -90,4 +90,4 @@ declare class PublicFrontendBootstrapFactory {
|
|
|
90
90
|
}
|
|
91
91
|
//#endregion
|
|
92
92
|
export { WorkflowDto as a, CodemationFrontendAuthSnapshotFactory as i, InternalAuthBootstrapFactory as n, WorkflowSummary as o, FrontendAppConfigFactory as r, PublicFrontendBootstrapFactory as t };
|
|
93
|
-
//# sourceMappingURL=PublicFrontendBootstrapFactory-
|
|
93
|
+
//# sourceMappingURL=PublicFrontendBootstrapFactory-DeMjp3cs.d.ts.map
|
package/dist/consumer.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import "./CodemationAuthConfig-7hEfICPf.js";
|
|
2
|
-
import "./index-
|
|
3
|
-
import "./CodemationConfig-
|
|
4
|
-
import "./CodemationConfigNormalizer-
|
|
5
|
-
import { i as CodemationConsumerAppResolver, n as CodemationConsumerConfigResolution, r as CodemationConsumerApp, t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-
|
|
2
|
+
import "./index-dK05sTQ4.js";
|
|
3
|
+
import "./CodemationConfig-DBbMU3HB.js";
|
|
4
|
+
import "./CodemationConfigNormalizer-C8wC0skq.js";
|
|
5
|
+
import { i as CodemationConsumerAppResolver, n as CodemationConsumerConfigResolution, r as CodemationConsumerApp, t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-Ceh6sB3X.js";
|
|
6
6
|
export { type CodemationConsumerApp, CodemationConsumerAppResolver, CodemationConsumerConfigLoader, type CodemationConsumerConfigResolution };
|
package/dist/credentials.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import "./CodemationAuthConfig-7hEfICPf.js";
|
|
2
|
-
import { d as CredentialHealth, s as AnyCredentialType, v as CredentialSessionFactoryArgs } from "./index-
|
|
3
|
-
import "./CodemationConfig-
|
|
4
|
-
import { a as CredentialInstanceService, i as CredentialBindingService, n as CredentialType } from "./CredentialServices-
|
|
2
|
+
import { d as CredentialHealth, s as AnyCredentialType, v as CredentialSessionFactoryArgs } from "./index-dK05sTQ4.js";
|
|
3
|
+
import "./CodemationConfig-DBbMU3HB.js";
|
|
4
|
+
import { a as CredentialInstanceService, i as CredentialBindingService, n as CredentialType } from "./CredentialServices-CYETzKyb.js";
|
|
5
5
|
|
|
6
6
|
//#region src/infrastructure/credentials/OpenAiApiKeyCredentialShapes.types.d.ts
|
|
7
7
|
/**
|
package/dist/credentials.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import "./decorateParam-DrsXNPuw.js";
|
|
2
2
|
import "./decorate-B0PP651O.js";
|
|
3
|
-
import { a as CredentialInstanceService,
|
|
3
|
+
import { a as CredentialInstanceService, h as OpenAiApiKeyCredentialHealthTester, i as CredentialBindingService, m as OpenAiApiKeyCredentialTypeFactory } from "./CredentialServices-D8BBZH1i.js";
|
|
4
4
|
|
|
5
5
|
//#region src/credentials.ts
|
|
6
6
|
const defaultOpenAiApiKeyCredentialTypeFactory = new OpenAiApiKeyCredentialTypeFactory(new OpenAiApiKeyCredentialHealthTester(globalThis.fetch));
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { B as Container, N as WorkflowDefinition } from "./index-
|
|
1
|
+
import { B as Container, N as WorkflowDefinition } from "./index-dK05sTQ4.js";
|
|
2
2
|
|
|
3
3
|
//#region src/presentation/server/CodemationTsyringeParamInfoReader.d.ts
|
|
4
4
|
declare class CodemationTsyringeParamInfoReader {
|
|
@@ -951,16 +951,24 @@ type OAuth2ProviderFromPublicConfig = Readonly<{
|
|
|
951
951
|
tokenUrlFieldKey: string;
|
|
952
952
|
userInfoUrlFieldKey?: string;
|
|
953
953
|
}>;
|
|
954
|
+
type CredentialOAuth2ScopesFromPublicConfig = Readonly<{
|
|
955
|
+
presetFieldKey: string;
|
|
956
|
+
presetScopes: Readonly<Record<string, ReadonlyArray<string>>>;
|
|
957
|
+
customPresetKey?: string;
|
|
958
|
+
customScopesFieldKey?: string;
|
|
959
|
+
}>;
|
|
954
960
|
type CredentialOAuth2AuthDefinition = Readonly<{
|
|
955
961
|
kind: "oauth2";
|
|
956
962
|
providerId: string;
|
|
957
963
|
scopes: ReadonlyArray<string>;
|
|
964
|
+
scopesFromPublicConfig?: CredentialOAuth2ScopesFromPublicConfig;
|
|
958
965
|
clientIdFieldKey?: string;
|
|
959
966
|
clientSecretFieldKey?: string;
|
|
960
967
|
} | {
|
|
961
968
|
kind: "oauth2";
|
|
962
969
|
providerFromPublicConfig: OAuth2ProviderFromPublicConfig;
|
|
963
970
|
scopes: ReadonlyArray<string>;
|
|
971
|
+
scopesFromPublicConfig?: CredentialOAuth2ScopesFromPublicConfig;
|
|
964
972
|
clientIdFieldKey?: string;
|
|
965
973
|
clientSecretFieldKey?: string;
|
|
966
974
|
}>;
|
|
@@ -1289,4 +1297,4 @@ declare class RunIntentService {
|
|
|
1289
1297
|
}
|
|
1290
1298
|
//#endregion
|
|
1291
1299
|
export { RunSummary as $, RunIdFactory as A, Container as B, CredentialTypeId as C, Item as D, BinaryAttachment as E, BinaryStorage as F, ChainCursor as G, EngineExecutionLimitsPolicyConfig as H, NodeExecutionContext as I, WebhookInvocationMatch as J, AnyRunnableNodeConfig as K, NodeExecutionRequestHandler as L, RunnableNodeOutputJson as M, WorkflowDefinition as N, Items as O, WorkflowId as P, RunPruneCandidate as Q, NodeExecutionScheduler as R, CredentialTypeDefinition as S, ActivationIdFactory as T, RunEvent as U, TypeToken as V, RunEventBus as W, PersistedRunState as X, WorkflowRunDetailDto as Y, RunCurrentState as Z, CredentialRequirement as _, ToolConfig as a, CredentialSetupStatus as b, CredentialBinding as c, CredentialHealth as d, Clock as et, CredentialInstanceId as f, CredentialOAuth2AuthDefinition as g, CredentialMaterialSourceKind as h, ChatModelConfig as i, RunnableNodeConfig as j, RunId as k, CredentialBindingKey as l, CredentialJsonRecord as m, Engine as n, DefinedNode as o, CredentialInstanceRecord as p, WorkflowActivationPolicy as q, AgentGuardrailConfig as r, AnyCredentialType as s, RunIntentService as t, CredentialFieldSchema as u, CredentialSessionFactoryArgs as v, CredentialTypeRegistry as w, CredentialType as x, CredentialSessionService as y, WorkflowRepository as z };
|
|
1292
|
-
//# sourceMappingURL=index-
|
|
1300
|
+
//# sourceMappingURL=index-dK05sTQ4.d.ts.map
|
package/dist/index.d.ts
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
1
|
import { a as CodemationWhitelabelConfig, c as CodemationLogRule, i as CodemationAuthOidcProviderConfig, n as CodemationAuthKind, o as CodemationLogConfig, r as CodemationAuthOAuthProviderConfig, s as CodemationLogLevelName, t as CodemationAuthConfig } from "./CodemationAuthConfig-7hEfICPf.js";
|
|
2
2
|
import { a as CodemationFrontendAuthSnapshot, i as CodemationFrontendAuthProviderSnapshot, n as InternalAuthBootstrap, r as FrontendAppConfig, t as PublicFrontendBootstrap } from "./PublicFrontendBootstrap-DCniMBGu.js";
|
|
3
3
|
import { i as CodemationFrontendAuthSnapshotJsonCodec, n as InternalAuthBootstrapJsonCodec, r as FrontendAppConfigJsonCodec, t as PublicFrontendBootstrapJsonCodec } from "./PublicFrontendBootstrapJsonCodec-BE0mhe1v.js";
|
|
4
|
-
import { D as Item, G as ChainCursor, I as NodeExecutionContext, K as AnyRunnableNodeConfig, M as RunnableNodeOutputJson, N as WorkflowDefinition, O as Items, V as TypeToken, a as ToolConfig, i as ChatModelConfig, j as RunnableNodeConfig, o as DefinedNode, r as AgentGuardrailConfig, s as AnyCredentialType } from "./index-
|
|
5
|
-
import { S as CodemationPluginPackageMetadata, a as CodemationConfig, b as CodemationPluginConfig, c as CodemationEngineExecutionLimitsConfig, d as CodemationSchedulerConfig, f as CodemationSchedulerKind, g as AppConfig, h as CodemationRegistrationContextBase, i as CodemationApplicationRuntimeConfig, l as CodemationEventBusConfig, m as CodemationAppContext, n as CodemationAppSchedulerConfig, o as CodemationDatabaseConfig, p as CodemationWorkflowDiscovery, r as CodemationAppSchedulerKind, s as CodemationDatabaseKind, t as CodemationAppDefinition, u as CodemationEventBusKind, v as AppPluginLoadSummary, w as CodemationClassToken, x as CodemationPluginContext, y as CodemationPlugin } from "./CodemationConfig-
|
|
6
|
-
import "./CodemationConfigNormalizer-
|
|
7
|
-
import { t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-
|
|
8
|
-
import "./CredentialServices-
|
|
9
|
-
import { _ as Command, c as WorkerRuntime, d as AppContainerLifecycle, f as AppContainerFactory, g as CommandBus, h as Query, l as FrontendRuntime, m as QueryBus, n as CodemationBootstrapRequest, r as ApplicationTokens, t as CodemationPluginListMerger, u as DatabaseMigrations } from "./CodemationPluginListMerger-
|
|
10
|
-
import { r as PrismaDatabaseClient, t as AppConfigFactory } from "./AppConfigFactory-
|
|
11
|
-
import { t as CodemationPostgresPrismaClientFactory } from "./persistenceServer-
|
|
12
|
-
import { c as CodemationServerGateway, l as ApiPaths } from "./server-
|
|
13
|
-
import { i as CodemationFrontendAuthSnapshotFactory, n as InternalAuthBootstrapFactory, r as FrontendAppConfigFactory, t as PublicFrontendBootstrapFactory } from "./PublicFrontendBootstrapFactory-
|
|
4
|
+
import { D as Item, G as ChainCursor, I as NodeExecutionContext, K as AnyRunnableNodeConfig, M as RunnableNodeOutputJson, N as WorkflowDefinition, O as Items, V as TypeToken, a as ToolConfig, i as ChatModelConfig, j as RunnableNodeConfig, o as DefinedNode, r as AgentGuardrailConfig, s as AnyCredentialType } from "./index-dK05sTQ4.js";
|
|
5
|
+
import { S as CodemationPluginPackageMetadata, a as CodemationConfig, b as CodemationPluginConfig, c as CodemationEngineExecutionLimitsConfig, d as CodemationSchedulerConfig, f as CodemationSchedulerKind, g as AppConfig, h as CodemationRegistrationContextBase, i as CodemationApplicationRuntimeConfig, l as CodemationEventBusConfig, m as CodemationAppContext, n as CodemationAppSchedulerConfig, o as CodemationDatabaseConfig, p as CodemationWorkflowDiscovery, r as CodemationAppSchedulerKind, s as CodemationDatabaseKind, t as CodemationAppDefinition, u as CodemationEventBusKind, v as AppPluginLoadSummary, w as CodemationClassToken, x as CodemationPluginContext, y as CodemationPlugin } from "./CodemationConfig-DBbMU3HB.js";
|
|
6
|
+
import "./CodemationConfigNormalizer-C8wC0skq.js";
|
|
7
|
+
import { t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigLoader-Ceh6sB3X.js";
|
|
8
|
+
import "./CredentialServices-CYETzKyb.js";
|
|
9
|
+
import { _ as Command, c as WorkerRuntime, d as AppContainerLifecycle, f as AppContainerFactory, g as CommandBus, h as Query, l as FrontendRuntime, m as QueryBus, n as CodemationBootstrapRequest, r as ApplicationTokens, t as CodemationPluginListMerger, u as DatabaseMigrations } from "./CodemationPluginListMerger-Cx9DnyR-.js";
|
|
10
|
+
import { r as PrismaDatabaseClient, t as AppConfigFactory } from "./AppConfigFactory-DHdAGOmC.js";
|
|
11
|
+
import { t as CodemationPostgresPrismaClientFactory } from "./persistenceServer-D9vUTMqc.js";
|
|
12
|
+
import { c as CodemationServerGateway, l as ApiPaths } from "./server-fxqY2WEi.js";
|
|
13
|
+
import { i as CodemationFrontendAuthSnapshotFactory, n as InternalAuthBootstrapFactory, r as FrontendAppConfigFactory, t as PublicFrontendBootstrapFactory } from "./PublicFrontendBootstrapFactory-DeMjp3cs.js";
|
|
14
14
|
import { ZodType, z } from "zod";
|
|
15
15
|
|
|
16
16
|
//#region src/application/contracts/userDirectoryContracts.types.d.ts
|
package/dist/index.js
CHANGED
|
@@ -4,12 +4,12 @@ import { t as CodemationConsumerConfigLoader } from "./CodemationConsumerConfigL
|
|
|
4
4
|
import "./ServerLoggerFactory-BltIIDfQ.js";
|
|
5
5
|
import "./decorateParam-DrsXNPuw.js";
|
|
6
6
|
import "./decorate-B0PP651O.js";
|
|
7
|
-
import {
|
|
8
|
-
import { E as ListUserAccountsQuery, T as UpsertLocalBootstrapUserCommand, _ as CodemationFrontendAuthSnapshotFactory, a as AppContainerLifecycle, g as FrontendAppConfigFactory, h as InternalAuthBootstrapFactory, i as DatabaseMigrations, m as PublicFrontendBootstrapFactory, n as WorkerRuntime, r as FrontendRuntime, t as AppContainerFactory, y as ApiPaths } from "./AppContainerFactory-
|
|
7
|
+
import { d as ApplicationTokens } from "./CredentialServices-D8BBZH1i.js";
|
|
8
|
+
import { E as ListUserAccountsQuery, T as UpsertLocalBootstrapUserCommand, _ as CodemationFrontendAuthSnapshotFactory, a as AppContainerLifecycle, g as FrontendAppConfigFactory, h as InternalAuthBootstrapFactory, i as DatabaseMigrations, m as PublicFrontendBootstrapFactory, n as WorkerRuntime, r as FrontendRuntime, t as AppContainerFactory, y as ApiPaths } from "./AppContainerFactory-BKaAUIi-.js";
|
|
9
9
|
import { n as CodemationPluginPackageMetadata, t as AppConfigFactory } from "./AppConfigFactory-ByT1D8dM.js";
|
|
10
10
|
import { n as CodemationBootstrapRequest, t as CodemationPluginListMerger } from "./CodemationPluginListMerger-CGwOTdZ7.js";
|
|
11
11
|
import { t as CodemationPostgresPrismaClientFactory } from "./persistenceServer-DMvIOGW8.js";
|
|
12
|
-
import { r as CodemationServerGateway } from "./server-
|
|
12
|
+
import { r as CodemationServerGateway } from "./server-C-WZcsId.js";
|
|
13
13
|
import { workflow } from "@codemation/core-nodes";
|
|
14
14
|
|
|
15
15
|
//#region src/presentation/config/CodemationAuthoring.types.ts
|
package/dist/nextServer.d.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
import { l as Logger, u as LoggerFactory } from "./CodemationAuthConfig-7hEfICPf.js";
|
|
2
2
|
import { t as LogLevelPolicy } from "./LogLevelPolicy-9IcPGZFk.js";
|
|
3
3
|
import { a as CodemationFrontendAuthSnapshot, i as CodemationFrontendAuthProviderSnapshot, n as InternalAuthBootstrap, r as FrontendAppConfig, t as PublicFrontendBootstrap } from "./PublicFrontendBootstrap-DCniMBGu.js";
|
|
4
|
-
import { A as RunIdFactory, D as Item, E as BinaryAttachment, F as BinaryStorage, J as WebhookInvocationMatch, N as WorkflowDefinition$1, S as CredentialTypeDefinition, T as ActivationIdFactory, et as Clock, g as CredentialOAuth2AuthDefinition, q as WorkflowActivationPolicy, t as RunIntentService } from "./index-
|
|
5
|
-
import { g as AppConfig } from "./CodemationConfig-
|
|
6
|
-
import "./CodemationConfigNormalizer-
|
|
7
|
-
import { a as CredentialInstanceService, c as
|
|
8
|
-
import { a as WorkflowDebuggerOverlayRepository, c as WorkerRuntime, d as AppContainerLifecycle, f as AppContainerFactory, g as CommandBus, i as HonoApiRouteRegistrar, l as FrontendRuntime, m as QueryBus, n as CodemationBootstrapRequest, o as WorkflowRunRepository, p as WorkflowWebsocketServer, r as ApplicationTokens, s as SessionVerifier, t as CodemationPluginListMerger, u as DatabaseMigrations } from "./CodemationPluginListMerger-
|
|
9
|
-
import { t as AppConfigFactory } from "./AppConfigFactory-
|
|
10
|
-
import { a as WorkflowDto, n as InternalAuthBootstrapFactory, o as WorkflowSummary, r as FrontendAppConfigFactory, t as PublicFrontendBootstrapFactory } from "./PublicFrontendBootstrapFactory-
|
|
4
|
+
import { A as RunIdFactory, D as Item, E as BinaryAttachment, F as BinaryStorage, J as WebhookInvocationMatch, N as WorkflowDefinition$1, S as CredentialTypeDefinition, T as ActivationIdFactory, et as Clock, g as CredentialOAuth2AuthDefinition, q as WorkflowActivationPolicy, t as RunIntentService } from "./index-dK05sTQ4.js";
|
|
5
|
+
import { g as AppConfig } from "./CodemationConfig-DBbMU3HB.js";
|
|
6
|
+
import "./CodemationConfigNormalizer-C8wC0skq.js";
|
|
7
|
+
import { a as CredentialInstanceService, c as CredentialSecretCipher, i as CredentialBindingService, l as CredentialFieldEnvOverlayService, o as CredentialOAuth2ScopeResolver, r as CredentialRuntimeMaterialService, s as CredentialMaterialResolver, t as CredentialStore, u as CredentialTypeRegistryImpl } from "./CredentialServices-CYETzKyb.js";
|
|
8
|
+
import { a as WorkflowDebuggerOverlayRepository, c as WorkerRuntime, d as AppContainerLifecycle, f as AppContainerFactory, g as CommandBus, i as HonoApiRouteRegistrar, l as FrontendRuntime, m as QueryBus, n as CodemationBootstrapRequest, o as WorkflowRunRepository, p as WorkflowWebsocketServer, r as ApplicationTokens, s as SessionVerifier, t as CodemationPluginListMerger, u as DatabaseMigrations } from "./CodemationPluginListMerger-Cx9DnyR-.js";
|
|
9
|
+
import { t as AppConfigFactory } from "./AppConfigFactory-DHdAGOmC.js";
|
|
10
|
+
import { a as WorkflowDto, n as InternalAuthBootstrapFactory, o as WorkflowSummary, r as FrontendAppConfigFactory, t as PublicFrontendBootstrapFactory } from "./PublicFrontendBootstrapFactory-DeMjp3cs.js";
|
|
11
11
|
import { Hono } from "hono";
|
|
12
12
|
import { NodeDefinition, WorkflowDefinition } from "@codemation/core/browser";
|
|
13
13
|
|
|
@@ -262,10 +262,11 @@ declare class OAuth2ConnectService {
|
|
|
262
262
|
private readonly credentialFieldEnvOverlayService;
|
|
263
263
|
private readonly credentialMaterialResolver;
|
|
264
264
|
private readonly credentialSecretCipher;
|
|
265
|
+
private readonly credentialOAuth2ScopeResolver;
|
|
265
266
|
private readonly oauth2ProviderRegistry;
|
|
266
267
|
private readonly appConfig;
|
|
267
268
|
private static readonly stateTtlMs;
|
|
268
|
-
constructor(credentialStore: CredentialStore, credentialInstanceService: CredentialInstanceService, credentialTypeRegistry: CredentialTypeRegistryImpl, credentialRuntimeMaterialService: CredentialRuntimeMaterialService, credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService, credentialMaterialResolver: CredentialMaterialResolver, credentialSecretCipher: CredentialSecretCipher, oauth2ProviderRegistry: OAuth2ProviderRegistry, appConfig: AppConfig);
|
|
269
|
+
constructor(credentialStore: CredentialStore, credentialInstanceService: CredentialInstanceService, credentialTypeRegistry: CredentialTypeRegistryImpl, credentialRuntimeMaterialService: CredentialRuntimeMaterialService, credentialFieldEnvOverlayService: CredentialFieldEnvOverlayService, credentialMaterialResolver: CredentialMaterialResolver, credentialSecretCipher: CredentialSecretCipher, credentialOAuth2ScopeResolver: CredentialOAuth2ScopeResolver, oauth2ProviderRegistry: OAuth2ProviderRegistry, appConfig: AppConfig);
|
|
269
270
|
createAuthRedirect(instanceId: string, requestOrigin: string): Promise<OAuth2AuthRedirectResult>;
|
|
270
271
|
handleCallback(args: Readonly<{
|
|
271
272
|
code?: string | null;
|
package/dist/nextServer.js
CHANGED
|
@@ -2,8 +2,8 @@ import "./ConsoleLogger-ClPU7jtc.js";
|
|
|
2
2
|
import { a as FilteringLogger, i as PerformanceLogPolicy, n as PerformanceLogPolicyFactory, o as LogLevelPolicyFactory, r as performanceLogPolicyFactory, s as logLevelPolicyFactory, t as ServerLoggerFactory } from "./ServerLoggerFactory-BltIIDfQ.js";
|
|
3
3
|
import { n as __decorateMetadata, t as __decorateParam } from "./decorateParam-DrsXNPuw.js";
|
|
4
4
|
import { t as __decorate } from "./decorate-B0PP651O.js";
|
|
5
|
-
import { a as CredentialInstanceService,
|
|
6
|
-
import { a as AppContainerLifecycle, b as WorkflowDefinitionMapper, c as RequestToWebhookItemMapper, d as CredentialHttpRouteHandler, f as CodemationHonoApiApp, g as FrontendAppConfigFactory, h as InternalAuthBootstrapFactory, i as DatabaseMigrations, l as RunHttpRouteHandler, m as PublicFrontendBootstrapFactory, n as WorkerRuntime, o as WorkflowHttpRouteHandler, p as BinaryHttpRouteHandler, r as FrontendRuntime, s as WebhookHttpRouteHandler, t as AppContainerFactory, u as OAuth2HttpRouteHandler, v as WorkflowWebsocketServer, w as RunBinaryAttachmentLookupService, x as WorkflowPolicyUiPresentationFactory } from "./AppContainerFactory-
|
|
5
|
+
import { a as CredentialInstanceService, d as ApplicationTokens, i as CredentialBindingService } from "./CredentialServices-D8BBZH1i.js";
|
|
6
|
+
import { a as AppContainerLifecycle, b as WorkflowDefinitionMapper, c as RequestToWebhookItemMapper, d as CredentialHttpRouteHandler, f as CodemationHonoApiApp, g as FrontendAppConfigFactory, h as InternalAuthBootstrapFactory, i as DatabaseMigrations, l as RunHttpRouteHandler, m as PublicFrontendBootstrapFactory, n as WorkerRuntime, o as WorkflowHttpRouteHandler, p as BinaryHttpRouteHandler, r as FrontendRuntime, s as WebhookHttpRouteHandler, t as AppContainerFactory, u as OAuth2HttpRouteHandler, v as WorkflowWebsocketServer, w as RunBinaryAttachmentLookupService, x as WorkflowPolicyUiPresentationFactory } from "./AppContainerFactory-BKaAUIi-.js";
|
|
7
7
|
import { t as AppConfigFactory } from "./AppConfigFactory-ByT1D8dM.js";
|
|
8
8
|
import { n as CodemationBootstrapRequest, t as CodemationPluginListMerger } from "./CodemationPluginListMerger-CGwOTdZ7.js";
|
|
9
9
|
import { CoreTokens, inject, injectable } from "@codemation/core";
|