@dexto/server 1.3.0 → 1.5.0

package/dist/hono/routes/approvals.cjs

@@ -33,8 +33,42 @@ const ApprovalResponseSchema = import_zod_openapi.z.object({
   approvalId: import_zod_openapi.z.string().describe("The ID of the processed approval"),
   status: import_zod_openapi.z.enum([import_core.ApprovalStatus.APPROVED, import_core.ApprovalStatus.DENIED]).describe("The final status")
 }).describe("Response after processing approval");
+const PendingApprovalSchema = import_zod_openapi.z.object({
+  approvalId: import_zod_openapi.z.string().describe("The unique ID of the approval request"),
+  type: import_zod_openapi.z.string().describe("The type of approval (tool_confirmation, elicitation, etc.)"),
+  sessionId: import_zod_openapi.z.string().optional().describe("The session ID if applicable"),
+  timeout: import_zod_openapi.z.number().optional().describe("Timeout in milliseconds"),
+  timestamp: import_zod_openapi.z.string().describe("ISO timestamp when the request was created"),
+  metadata: import_zod_openapi.z.record(import_zod_openapi.z.unknown()).describe("Type-specific metadata")
+}).describe("A pending approval request");
+const PendingApprovalsResponseSchema = import_zod_openapi.z.object({
+  ok: import_zod_openapi.z.literal(true).describe("Success indicator"),
+  approvals: import_zod_openapi.z.array(PendingApprovalSchema).describe("List of pending approval requests")
+}).describe("Response containing pending approval requests");
 function createApprovalsRouter(getAgent, approvalCoordinator) {
   const app = new import_zod_openapi.OpenAPIHono();
+  const getPendingApprovalsRoute = (0, import_zod_openapi.createRoute)({
+    method: "get",
+    path: "/approvals",
+    summary: "Get Pending Approvals",
+    description: "Fetch all pending approval requests for a session. Use this to restore UI state after page refresh.",
+    tags: ["approvals"],
+    request: {
+      query: import_zod_openapi.z.object({
+        sessionId: import_zod_openapi.z.string().describe("The session ID to fetch pending approvals for")
+      })
+    },
+    responses: {
+      200: {
+        description: "List of pending approval requests",
+        content: {
+          "application/json": {
+            schema: PendingApprovalsResponseSchema
+          }
+        }
+      }
+    }
+  });
   const submitApprovalRoute = (0, import_zod_openapi.createRoute)({
     method: "post",
     path: "/approvals/{approvalId}",
@@ -72,8 +106,25 @@ function createApprovalsRouter(getAgent, approvalCoordinator) {
       }
     }
   });
-  return app.openapi(submitApprovalRoute, async (ctx) => {
-    const agent = getAgent();
+  return app.openapi(getPendingApprovalsRoute, async (ctx) => {
+    const agent = await getAgent(ctx);
+    const { sessionId } = ctx.req.valid("query");
+    agent.logger.debug(`Fetching pending approvals for session ${sessionId}`);
+    const pendingIds = agent.services.approvalManager.getPendingApprovals();
+    const approvals = pendingIds.map((approvalId) => ({
+      approvalId,
+      type: "tool_confirmation",
+      // Default type
+      sessionId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      metadata: {}
+    }));
+    return ctx.json({
+      ok: true,
+      approvals
+    });
+  }).openapi(submitApprovalRoute, async (ctx) => {
+    const agent = await getAgent(ctx);
     const { approvalId } = ctx.req.valid("param");
     const { status, formData, rememberChoice } = ctx.req.valid("json");
     agent.logger.info(`Received approval decision for ${approvalId}: ${status}`);

package/dist/hono/routes/approvals.d.ts

@@ -1,7 +1,34 @@
 import { OpenAPIHono } from '@hono/zod-openapi';
 import { type DextoAgent, ApprovalStatus } from '@dexto/core';
 import type { ApprovalCoordinator } from '../../approval/approval-coordinator.js';
-export declare function createApprovalsRouter(getAgent: () => DextoAgent, approvalCoordinator?: ApprovalCoordinator): OpenAPIHono<import("hono").Env, {
+import type { Context } from 'hono';
+type GetAgentFn = (ctx: Context) => DextoAgent | Promise<DextoAgent>;
+export declare function createApprovalsRouter(getAgent: GetAgentFn, approvalCoordinator?: ApprovalCoordinator): OpenAPIHono<import("hono").Env, {
+    "/approvals": {
+        $get: {
+            input: {
+                query: {
+                    sessionId: string;
+                };
+            };
+            output: {
+                ok: true;
+                approvals: {
+                    type: string;
+                    metadata: {
+                        [x: string]: import("hono/utils/types").JSONValue;
+                    };
+                    timestamp: string;
+                    approvalId: string;
+                    sessionId?: string | undefined;
+                    timeout?: number | undefined;
+                }[];
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+} & {
     "/approvals/:approvalId": {
         $post: {
             input: {
@@ -86,4 +113,5 @@ export declare function createApprovalsRouter(getAgent: () => DextoAgent, approv
         };
     };
 }, "/">;
+export {};
 //# sourceMappingURL=approvals.d.ts.map

package/dist/hono/routes/approvals.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"approvals.d.ts","sourceRoot":"","sources":["../../../src/hono/routes/approvals.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAChE,OAAO,EAAE,KAAK,UAAU,EAAgB,cAAc,EAAiB,MAAM,aAAa,CAAC;AAC3F,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,wCAAwC,CAAC;AA4BlF,wBAAgB,qBAAqB,CACjC,QAAQ,EAAE,MAAM,UAAU,EAC1B,mBAAmB,CAAC,EAAE,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QA6G5C"}
+{"version":3,"file":"approvals.d.ts","sourceRoot":"","sources":["../../../src/hono/routes/approvals.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAChE,OAAO,EAAE,KAAK,UAAU,EAAgB,cAAc,EAAiB,MAAM,aAAa,CAAC;AAC3F,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,wCAAwC,CAAC;AAClF,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACpC,KAAK,UAAU,GAAG,CAAC,GAAG,EAAE,OAAO,KAAK,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AA8CrE,wBAAgB,qBAAqB,CACjC,QAAQ,EAAE,UAAU,EACpB,mBAAmB,CAAC,EAAE,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAgK5C"}

package/dist/hono/routes/approvals.js

@@ -10,8 +10,42 @@ const ApprovalResponseSchema = z.object({
   approvalId: z.string().describe("The ID of the processed approval"),
   status: z.enum([ApprovalStatus.APPROVED, ApprovalStatus.DENIED]).describe("The final status")
 }).describe("Response after processing approval");
+const PendingApprovalSchema = z.object({
+  approvalId: z.string().describe("The unique ID of the approval request"),
+  type: z.string().describe("The type of approval (tool_confirmation, elicitation, etc.)"),
+  sessionId: z.string().optional().describe("The session ID if applicable"),
+  timeout: z.number().optional().describe("Timeout in milliseconds"),
+  timestamp: z.string().describe("ISO timestamp when the request was created"),
+  metadata: z.record(z.unknown()).describe("Type-specific metadata")
+}).describe("A pending approval request");
+const PendingApprovalsResponseSchema = z.object({
+  ok: z.literal(true).describe("Success indicator"),
+  approvals: z.array(PendingApprovalSchema).describe("List of pending approval requests")
+}).describe("Response containing pending approval requests");
 function createApprovalsRouter(getAgent, approvalCoordinator) {
   const app = new OpenAPIHono();
+  const getPendingApprovalsRoute = createRoute({
+    method: "get",
+    path: "/approvals",
+    summary: "Get Pending Approvals",
+    description: "Fetch all pending approval requests for a session. Use this to restore UI state after page refresh.",
+    tags: ["approvals"],
+    request: {
+      query: z.object({
+        sessionId: z.string().describe("The session ID to fetch pending approvals for")
+      })
+    },
+    responses: {
+      200: {
+        description: "List of pending approval requests",
+        content: {
+          "application/json": {
+            schema: PendingApprovalsResponseSchema
+          }
+        }
+      }
+    }
+  });
   const submitApprovalRoute = createRoute({
     method: "post",
     path: "/approvals/{approvalId}",
@@ -49,8 +83,25 @@ function createApprovalsRouter(getAgent, approvalCoordinator) {
       }
     }
   });
-  return app.openapi(submitApprovalRoute, async (ctx) => {
-    const agent = getAgent();
+  return app.openapi(getPendingApprovalsRoute, async (ctx) => {
+    const agent = await getAgent(ctx);
+    const { sessionId } = ctx.req.valid("query");
+    agent.logger.debug(`Fetching pending approvals for session ${sessionId}`);
+    const pendingIds = agent.services.approvalManager.getPendingApprovals();
+    const approvals = pendingIds.map((approvalId) => ({
+      approvalId,
+      type: "tool_confirmation",
+      // Default type
+      sessionId,
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      metadata: {}
+    }));
+    return ctx.json({
+      ok: true,
+      approvals
+    });
+  }).openapi(submitApprovalRoute, async (ctx) => {
+    const agent = await getAgent(ctx);
     const { approvalId } = ctx.req.valid("param");
     const { status, formData, rememberChoice } = ctx.req.valid("json");
     agent.logger.info(`Received approval decision for ${approvalId}: ${status}`);

package/dist/hono/routes/discovery.cjs

@@ -0,0 +1,67 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var discovery_exports = {};
+__export(discovery_exports, {
+  createDiscoveryRouter: () => createDiscoveryRouter
+});
+module.exports = __toCommonJS(discovery_exports);
+var import_zod_openapi = require("@hono/zod-openapi");
+var import_core = require("@dexto/core");
+const DiscoveredProviderSchema = import_zod_openapi.z.object({
+  type: import_zod_openapi.z.string().describe('Provider type identifier (e.g., "local", "s3", "reactive-overflow")'),
+  category: import_zod_openapi.z.enum(["blob", "compaction", "customTools"]).describe("Provider category"),
+  metadata: import_zod_openapi.z.object({
+    displayName: import_zod_openapi.z.string().optional().describe("Human-readable display name"),
+    description: import_zod_openapi.z.string().optional().describe("Provider description")
+  }).passthrough().optional().describe("Optional metadata about the provider")
+}).describe("Information about a registered provider");
+const InternalToolSchema = import_zod_openapi.z.object({
+  name: import_zod_openapi.z.string().describe('Internal tool name identifier (e.g., "search_history", "ask_user")'),
+  description: import_zod_openapi.z.string().describe("Human-readable description of what the tool does")
+}).describe("Information about an internal tool");
+const DiscoveryResponseSchema = import_zod_openapi.z.object({
+  blob: import_zod_openapi.z.array(DiscoveredProviderSchema).describe("Blob storage providers"),
+  compaction: import_zod_openapi.z.array(DiscoveredProviderSchema).describe("Compaction strategy providers"),
+  customTools: import_zod_openapi.z.array(DiscoveredProviderSchema).describe("Custom tool providers"),
+  internalTools: import_zod_openapi.z.array(InternalToolSchema).describe("Internal tools available for configuration")
+}).describe("Discovery response with providers grouped by category");
+function createDiscoveryRouter() {
+  const app = new import_zod_openapi.OpenAPIHono();
+  const discoveryRoute = (0, import_zod_openapi.createRoute)({
+    method: "get",
+    path: "/discovery",
+    summary: "Discover Available Providers and Tools",
+    description: "Returns all registered providers (blob storage, compaction, custom tools) and available internal tools. Useful for building UIs that need to display configurable options.",
+    tags: ["discovery"],
+    responses: {
+      200: {
+        description: "Available providers grouped by category",
+        content: { "application/json": { schema: DiscoveryResponseSchema } }
+      }
+    }
+  });
+  return app.openapi(discoveryRoute, async (ctx) => {
+    const providers = (0, import_core.listAllProviders)();
+    return ctx.json(providers);
+  });
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createDiscoveryRouter
+});

package/dist/hono/routes/discovery.d.ts

@@ -0,0 +1,44 @@
+import { OpenAPIHono } from '@hono/zod-openapi';
+export declare function createDiscoveryRouter(): OpenAPIHono<import("hono").Env, {
+    "/discovery": {
+        $get: {
+            input: {};
+            output: {
+                internalTools: {
+                    description: string;
+                    name: string;
+                }[];
+                customTools: {
+                    type: string;
+                    category: "customTools" | "compaction" | "blob";
+                    metadata?: {
+                        [x: string]: import("hono/utils/types").JSONValue;
+                        description?: string | undefined;
+                        displayName?: string | undefined;
+                    } | undefined;
+                }[];
+                compaction: {
+                    type: string;
+                    category: "customTools" | "compaction" | "blob";
+                    metadata?: {
+                        [x: string]: import("hono/utils/types").JSONValue;
+                        description?: string | undefined;
+                        displayName?: string | undefined;
+                    } | undefined;
+                }[];
+                blob: {
+                    type: string;
+                    category: "customTools" | "compaction" | "blob";
+                    metadata?: {
+                        [x: string]: import("hono/utils/types").JSONValue;
+                        description?: string | undefined;
+                        displayName?: string | undefined;
+                    } | undefined;
+                }[];
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+}, "/">;
+//# sourceMappingURL=discovery.d.ts.map

package/dist/hono/routes/discovery.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"discovery.d.ts","sourceRoot":"","sources":["../../../src/hono/routes/discovery.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAwChE,wBAAgB,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAsBpC"}

package/dist/hono/routes/discovery.js

@@ -0,0 +1,43 @@
+import { OpenAPIHono, createRoute, z } from "@hono/zod-openapi";
+import { listAllProviders } from "@dexto/core";
+const DiscoveredProviderSchema = z.object({
+  type: z.string().describe('Provider type identifier (e.g., "local", "s3", "reactive-overflow")'),
+  category: z.enum(["blob", "compaction", "customTools"]).describe("Provider category"),
+  metadata: z.object({
+    displayName: z.string().optional().describe("Human-readable display name"),
+    description: z.string().optional().describe("Provider description")
+  }).passthrough().optional().describe("Optional metadata about the provider")
+}).describe("Information about a registered provider");
+const InternalToolSchema = z.object({
+  name: z.string().describe('Internal tool name identifier (e.g., "search_history", "ask_user")'),
+  description: z.string().describe("Human-readable description of what the tool does")
+}).describe("Information about an internal tool");
+const DiscoveryResponseSchema = z.object({
+  blob: z.array(DiscoveredProviderSchema).describe("Blob storage providers"),
+  compaction: z.array(DiscoveredProviderSchema).describe("Compaction strategy providers"),
+  customTools: z.array(DiscoveredProviderSchema).describe("Custom tool providers"),
+  internalTools: z.array(InternalToolSchema).describe("Internal tools available for configuration")
+}).describe("Discovery response with providers grouped by category");
+function createDiscoveryRouter() {
+  const app = new OpenAPIHono();
+  const discoveryRoute = createRoute({
+    method: "get",
+    path: "/discovery",
+    summary: "Discover Available Providers and Tools",
+    description: "Returns all registered providers (blob storage, compaction, custom tools) and available internal tools. Useful for building UIs that need to display configurable options.",
+    tags: ["discovery"],
+    responses: {
+      200: {
+        description: "Available providers grouped by category",
+        content: { "application/json": { schema: DiscoveryResponseSchema } }
+      }
+    }
+  });
+  return app.openapi(discoveryRoute, async (ctx) => {
+    const providers = listAllProviders();
+    return ctx.json(providers);
+  });
+}
+export {
+  createDiscoveryRouter
+};

package/dist/hono/routes/greeting.cjs

@@ -47,8 +47,8 @@ function createGreetingRouter(getAgent) {
       }
     }
   });
-  return app.openapi(greetingRoute, (ctx) => {
-    const agent = getAgent();
+  return app.openapi(greetingRoute, async (ctx) => {
+    const agent = await getAgent(ctx);
     const { sessionId } = ctx.req.valid("query");
     const cfg = agent.getEffectiveConfig(sessionId);
     return ctx.json({ greeting: cfg.greeting });

package/dist/hono/routes/greeting.d.ts

@@ -1,6 +1,6 @@
 import { OpenAPIHono } from '@hono/zod-openapi';
-import type { DextoAgent } from '@dexto/core';
-export declare function createGreetingRouter(getAgent: () => DextoAgent): OpenAPIHono<import("hono").Env, {
+import type { GetAgentFn } from '../index.js';
+export declare function createGreetingRouter(getAgent: GetAgentFn): OpenAPIHono<import("hono").Env, {
     "/greeting": {
         $get: {
             input: {

package/dist/hono/routes/greeting.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"greeting.d.ts","sourceRoot":"","sources":["../../../src/hono/routes/greeting.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAChE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAW9C,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,MAAM,UAAU;;;;;;;;;;;;;;;QAmC9D"}
+{"version":3,"file":"greeting.d.ts","sourceRoot":"","sources":["../../../src/hono/routes/greeting.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAChE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAW9C,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,UAAU;;;;;;;;;;;;;;;QAmCxD"}

package/dist/hono/routes/greeting.js

@@ -24,8 +24,8 @@ function createGreetingRouter(getAgent) {
       }
     }
   });
-  return app.openapi(greetingRoute, (ctx) => {
-    const agent = getAgent();
+  return app.openapi(greetingRoute, async (ctx) => {
+    const agent = await getAgent(ctx);
     const { sessionId } = ctx.req.valid("query");
     const cfg = agent.getEffectiveConfig(sessionId);
     return ctx.json({ greeting: cfg.greeting });

package/dist/hono/routes/health.d.ts

@@ -1,10 +1,10 @@
 import { OpenAPIHono } from '@hono/zod-openapi';
-import type { DextoAgent } from '@dexto/core';
+import type { GetAgentFn } from '../index.js';
 /**
  * NOTE: If we introduce a transport-agnostic handler layer later, the logic in this module can move
  * into that layer. For now we keep the implementation inline for simplicity.
  */
-export declare function createHealthRouter(_getAgent: () => DextoAgent): OpenAPIHono<import("hono").Env, {
+export declare function createHealthRouter(_getAgent: GetAgentFn): OpenAPIHono<import("hono").Env, {
     "/": {
         $get: {
             input: {};

package/dist/hono/routes/health.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../../src/hono/routes/health.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAChE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAE9C;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,UAAU;;;;;;;;;QAiB7D"}
+{"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../../src/hono/routes/health.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAChE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAE9C;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,UAAU;;;;;;;;;QAiBvD"}

package/dist/hono/routes/key.cjs

@@ -0,0 +1,110 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var key_exports = {};
+__export(key_exports, {
+  createKeyRouter: () => createKeyRouter
+});
+module.exports = __toCommonJS(key_exports);
+var import_zod_openapi = require("@hono/zod-openapi");
+var import_core = require("@dexto/core");
+var import_agent_management = require("@dexto/agent-management");
+function maskApiKey(key) {
+  if (!key) return "";
+  if (key.length < 12) {
+    return key.slice(0, 4) + "..." + key.slice(-4);
+  }
+  return key.slice(0, 7) + "..." + key.slice(-4);
+}
+const GetKeyParamsSchema = import_zod_openapi.z.object({
+  provider: import_zod_openapi.z.enum(import_core.LLM_PROVIDERS).describe("LLM provider identifier")
+}).describe("Path parameters for API key operations");
+const SaveKeySchema = import_zod_openapi.z.object({
+  provider: import_zod_openapi.z.enum(import_core.LLM_PROVIDERS).describe("LLM provider identifier (e.g., openai, anthropic)"),
+  apiKey: import_zod_openapi.z.string().min(1, "API key is required").describe("API key for the provider (writeOnly - never returned in responses)").openapi({ writeOnly: true })
+}).describe("Request body for saving a provider API key");
+function createKeyRouter() {
+  const app = new import_zod_openapi.OpenAPIHono();
+  const getKeyRoute = (0, import_zod_openapi.createRoute)({
+    method: "get",
+    path: "/llm/key/{provider}",
+    summary: "Get Provider API Key Status",
+    description: "Retrieves the API key status for a provider. Returns a masked key value (e.g., sk-proj...xyz4) for UI display purposes.",
+    tags: ["llm"],
+    request: { params: GetKeyParamsSchema },
+    responses: {
+      200: {
+        description: "API key status and value",
+        content: {
+          "application/json": {
+            schema: import_zod_openapi.z.object({
+              provider: import_zod_openapi.z.enum(import_core.LLM_PROVIDERS).describe("Provider identifier"),
+              envVar: import_zod_openapi.z.string().describe("Environment variable name"),
+              hasKey: import_zod_openapi.z.boolean().describe("Whether API key is configured"),
+              keyValue: import_zod_openapi.z.string().optional().describe(
+                "Masked API key value if configured (e.g., sk-proj...xyz4)"
+              )
+            }).strict().describe("API key status response")
+          }
+        }
+      }
+    }
+  });
+  const saveKeyRoute = (0, import_zod_openapi.createRoute)({
+    method: "post",
+    path: "/llm/key",
+    summary: "Save Provider API Key",
+    description: "Stores an API key for a provider in .env and makes it available immediately",
+    tags: ["llm"],
+    request: { body: { content: { "application/json": { schema: SaveKeySchema } } } },
+    responses: {
+      200: {
+        description: "API key saved",
+        content: {
+          "application/json": {
+            schema: import_zod_openapi.z.object({
+              ok: import_zod_openapi.z.literal(true).describe("Operation success indicator"),
+              provider: import_zod_openapi.z.enum(import_core.LLM_PROVIDERS).describe("Provider for which the key was saved"),
+              envVar: import_zod_openapi.z.string().describe("Environment variable name where key was stored")
+            }).strict().describe("API key save response")
+          }
+        }
+      }
+    }
+  });
+  return app.openapi(getKeyRoute, (ctx) => {
+    const { provider } = ctx.req.valid("param");
+    const keyStatus = (0, import_agent_management.getProviderKeyStatus)(provider);
+    const apiKey = (0, import_agent_management.resolveApiKeyForProvider)(provider);
+    const maskedKey = apiKey ? maskApiKey(apiKey) : void 0;
+    return ctx.json({
+      provider,
+      envVar: keyStatus.envVar,
+      hasKey: keyStatus.hasApiKey,
+      ...maskedKey && { keyValue: maskedKey }
+    });
+  }).openapi(saveKeyRoute, async (ctx) => {
+    const { provider, apiKey } = ctx.req.valid("json");
+    const meta = await (0, import_agent_management.saveProviderApiKey)(provider, apiKey);
+    return ctx.json({ ok: true, provider, envVar: meta.envVar });
+  });
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createKeyRouter
+});

package/dist/hono/routes/key.d.ts

@@ -0,0 +1,48 @@
+/**
+ * API Key Management Routes
+ *
+ * Endpoints for managing LLM provider API keys.
+ *
+ * TODO: For hosted deployments, these endpoints should integrate with a secure
+ * key management service (e.g., AWS Secrets Manager, HashiCorp Vault) rather
+ * than storing keys in local .env files.
+ */
+import { OpenAPIHono } from '@hono/zod-openapi';
+export declare function createKeyRouter(): OpenAPIHono<import("hono").Env, {
+    "/llm/key/:provider": {
+        $get: {
+            input: {
+                param: {
+                    provider: "openai" | "openai-compatible" | "anthropic" | "google" | "groq" | "xai" | "cohere" | "openrouter" | "litellm" | "glama" | "vertex" | "bedrock" | "local" | "ollama";
+                };
+            };
+            output: {
+                provider: "openai" | "openai-compatible" | "anthropic" | "google" | "groq" | "xai" | "cohere" | "openrouter" | "litellm" | "glama" | "vertex" | "bedrock" | "local" | "ollama";
+                hasKey: boolean;
+                envVar: string;
+                keyValue?: string | undefined;
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+} & {
+    "/llm/key": {
+        $post: {
+            input: {
+                json: {
+                    provider: "openai" | "openai-compatible" | "anthropic" | "google" | "groq" | "xai" | "cohere" | "openrouter" | "litellm" | "glama" | "vertex" | "bedrock" | "local" | "ollama";
+                    apiKey: string;
+                };
+            };
+            output: {
+                provider: "openai" | "openai-compatible" | "anthropic" | "google" | "groq" | "xai" | "cohere" | "openrouter" | "litellm" | "glama" | "vertex" | "bedrock" | "local" | "ollama";
+                ok: true;
+                envVar: string;
+            };
+            outputFormat: "json";
+            status: 200;
+        };
+    };
+}, "/">;
+//# sourceMappingURL=key.d.ts.map

package/dist/hono/routes/key.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"key.d.ts","sourceRoot":"","sources":["../../../src/hono/routes/key.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,WAAW,EAAkB,MAAM,mBAAmB,CAAC;AAuChE,wBAAgB,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAsF9B"}