npm - @everworker/oneringai - Versions diffs - 0.1.0 - Mend

@everworker/oneringai 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/LICENSE +21 -0
package/README.md +1228 -0
package/dist/IProvider-BP49c93d.d.cts +22 -0
package/dist/IProvider-BP49c93d.d.ts +22 -0
package/dist/ImageModel-B-uH3JEz.d.cts +763 -0
package/dist/ImageModel-C7EyUfU0.d.ts +763 -0
package/dist/capabilities/agents/index.cjs +408 -0
package/dist/capabilities/agents/index.cjs.map +1 -0
package/dist/capabilities/agents/index.d.cts +3 -0
package/dist/capabilities/agents/index.d.ts +3 -0
package/dist/capabilities/agents/index.js +405 -0
package/dist/capabilities/agents/index.js.map +1 -0
package/dist/capabilities/images/index.cjs +3583 -0
package/dist/capabilities/images/index.cjs.map +1 -0
package/dist/capabilities/images/index.d.cts +2 -0
package/dist/capabilities/images/index.d.ts +2 -0
package/dist/capabilities/images/index.js +3556 -0
package/dist/capabilities/images/index.js.map +1 -0
package/dist/index-BmOYeqU7.d.ts +1338 -0
package/dist/index-DCzFlLoN.d.cts +1338 -0
package/dist/index.cjs +49257 -0
package/dist/index.cjs.map +1 -0
package/dist/index.d.cts +12263 -0
package/dist/index.d.ts +12263 -0
package/dist/index.js +48953 -0
package/dist/index.js.map +1 -0
package/package.json +162 -0

package/dist/capabilities/images/index.js ADDED Viewed

@@ -0,0 +1,3556 @@
+import * as crypto from 'crypto';
+import { importPKCS8, SignJWT } from 'jose';
+import * as fs2 from 'fs';
+import { EventEmitter } from 'eventemitter3';
+import * as path from 'path';
+import OpenAI from 'openai';
+import { GoogleGenAI } from '@google/genai';
+// src/connectors/oauth/utils/encryption.ts
+var ALGORITHM = "aes-256-gcm";
+var IV_LENGTH = 16;
+var SALT_LENGTH = 64;
+var TAG_LENGTH = 16;
+var KEY_LENGTH = 32;
+function encrypt(text, password) {
+  const salt = crypto.randomBytes(SALT_LENGTH);
+  const key = crypto.pbkdf2Sync(password, salt, 1e5, KEY_LENGTH, "sha512");
+  const iv = crypto.randomBytes(IV_LENGTH);
+  const cipher = crypto.createCipheriv(ALGORITHM, key, iv);
+  let encrypted = cipher.update(text, "utf8", "hex");
+  encrypted += cipher.final("hex");
+  const tag = cipher.getAuthTag();
+  const result = Buffer.concat([salt, iv, tag, Buffer.from(encrypted, "hex")]);
+  return result.toString("base64");
+}
+function decrypt(encryptedData, password) {
+  const buffer = Buffer.from(encryptedData, "base64");
+  const salt = buffer.subarray(0, SALT_LENGTH);
+  const iv = buffer.subarray(SALT_LENGTH, SALT_LENGTH + IV_LENGTH);
+  const tag = buffer.subarray(SALT_LENGTH + IV_LENGTH, SALT_LENGTH + IV_LENGTH + TAG_LENGTH);
+  const encrypted = buffer.subarray(SALT_LENGTH + IV_LENGTH + TAG_LENGTH);
+  const key = crypto.pbkdf2Sync(password, salt, 1e5, KEY_LENGTH, "sha512");
+  const decipher = crypto.createDecipheriv(ALGORITHM, key, iv);
+  decipher.setAuthTag(tag);
+  let decrypted = decipher.update(encrypted);
+  decrypted = Buffer.concat([decrypted, decipher.final()]);
+  return decrypted.toString("utf8");
+}
+function getEncryptionKey() {
+  if (process.env.OAUTH_ENCRYPTION_KEY) {
+    return process.env.OAUTH_ENCRYPTION_KEY;
+  }
+  if (!global.__oauthEncryptionKey) {
+    global.__oauthEncryptionKey = crypto.randomBytes(32).toString("hex");
+    console.warn(
+      "WARNING: Using auto-generated encryption key. Tokens will not persist across restarts. Set OAUTH_ENCRYPTION_KEY environment variable for production!"
+    );
+  }
+  return global.__oauthEncryptionKey;
+}
+// src/connectors/oauth/infrastructure/storage/MemoryStorage.ts
+var MemoryStorage = class {
+  tokens = /* @__PURE__ */ new Map();
+  // Stores encrypted tokens
+  async storeToken(key, token) {
+    const encryptionKey = getEncryptionKey();
+    const plaintext = JSON.stringify(token);
+    const encrypted = encrypt(plaintext, encryptionKey);
+    this.tokens.set(key, encrypted);
+  }
+  async getToken(key) {
+    const encrypted = this.tokens.get(key);
+    if (!encrypted) {
+      return null;
+    }
+    try {
+      const encryptionKey = getEncryptionKey();
+      const decrypted = decrypt(encrypted, encryptionKey);
+      return JSON.parse(decrypted);
+    } catch (error) {
+      console.error("Failed to decrypt token from memory:", error);
+      this.tokens.delete(key);
+      return null;
+    }
+  }
+  async deleteToken(key) {
+    this.tokens.delete(key);
+  }
+  async hasToken(key) {
+    return this.tokens.has(key);
+  }
+  /**
+   * Clear all tokens (useful for testing)
+   */
+  clearAll() {
+    this.tokens.clear();
+  }
+  /**
+   * Get number of stored tokens
+   */
+  size() {
+    return this.tokens.size;
+  }
+};
+// src/connectors/oauth/domain/TokenStore.ts
+var TokenStore = class {
+  storage;
+  baseStorageKey;
+  constructor(storageKey = "default", storage) {
+    this.baseStorageKey = storageKey;
+    this.storage = storage || new MemoryStorage();
+  }
+  /**
+   * Get user-scoped storage key
+   * For multi-user support, keys are scoped per user: "provider:userId"
+   * For single-user (backward compatible), userId is omitted or "default"
+   *
+   * @param userId - User identifier (optional, defaults to single-user mode)
+   * @returns Storage key scoped to user
+   */
+  getScopedKey(userId) {
+    if (!userId || userId === "default") {
+      return this.baseStorageKey;
+    }
+    return `${this.baseStorageKey}:${userId}`;
+  }
+  /**
+   * Store token (encrypted by storage layer)
+   * @param tokenResponse - Token response from OAuth provider
+   * @param userId - Optional user identifier for multi-user support
+   */
+  async storeToken(tokenResponse, userId) {
+    if (!tokenResponse.access_token) {
+      throw new Error("OAuth response missing required access_token field");
+    }
+    if (typeof tokenResponse.access_token !== "string") {
+      throw new Error("access_token must be a string");
+    }
+    if (tokenResponse.expires_in !== void 0 && tokenResponse.expires_in < 0) {
+      throw new Error("expires_in must be positive");
+    }
+    const token = {
+      access_token: tokenResponse.access_token,
+      refresh_token: tokenResponse.refresh_token,
+      expires_in: tokenResponse.expires_in || 3600,
+      token_type: tokenResponse.token_type || "Bearer",
+      scope: tokenResponse.scope,
+      obtained_at: Date.now()
+    };
+    const key = this.getScopedKey(userId);
+    await this.storage.storeToken(key, token);
+  }
+  /**
+   * Get access token
+   * @param userId - Optional user identifier for multi-user support
+   */
+  async getAccessToken(userId) {
+    const key = this.getScopedKey(userId);
+    const token = await this.storage.getToken(key);
+    if (!token) {
+      throw new Error(`No token stored for ${userId ? `user: ${userId}` : "default user"}`);
+    }
+    return token.access_token;
+  }
+  /**
+   * Get refresh token
+   * @param userId - Optional user identifier for multi-user support
+   */
+  async getRefreshToken(userId) {
+    const key = this.getScopedKey(userId);
+    const token = await this.storage.getToken(key);
+    if (!token?.refresh_token) {
+      throw new Error(`No refresh token available for ${userId ? `user: ${userId}` : "default user"}`);
+    }
+    return token.refresh_token;
+  }
+  /**
+   * Check if has refresh token
+   * @param userId - Optional user identifier for multi-user support
+   */
+  async hasRefreshToken(userId) {
+    const key = this.getScopedKey(userId);
+    const token = await this.storage.getToken(key);
+    return !!token?.refresh_token;
+  }
+  /**
+   * Check if token is valid (not expired)
+   *
+   * @param bufferSeconds - Refresh this many seconds before expiry (default: 300 = 5 min)
+   * @param userId - Optional user identifier for multi-user support
+   */
+  async isValid(bufferSeconds = 300, userId) {
+    const key = this.getScopedKey(userId);
+    const token = await this.storage.getToken(key);
+    if (!token) {
+      return false;
+    }
+    const expiresAt = token.obtained_at + token.expires_in * 1e3;
+    const bufferMs = bufferSeconds * 1e3;
+    return Date.now() < expiresAt - bufferMs;
+  }
+  /**
+   * Clear stored token
+   * @param userId - Optional user identifier for multi-user support
+   */
+  async clear(userId) {
+    const key = this.getScopedKey(userId);
+    await this.storage.deleteToken(key);
+  }
+  /**
+   * Get full token info
+   * @param userId - Optional user identifier for multi-user support
+   */
+  async getTokenInfo(userId) {
+    const key = this.getScopedKey(userId);
+    return this.storage.getToken(key);
+  }
+};
+function generatePKCE() {
+  const codeVerifier = base64URLEncode(crypto.randomBytes(32));
+  const hash = crypto.createHash("sha256").update(codeVerifier).digest();
+  const codeChallenge = base64URLEncode(hash);
+  return {
+    codeVerifier,
+    codeChallenge
+  };
+}
+function base64URLEncode(buffer) {
+  return buffer.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+}
+function generateState() {
+  return crypto.randomBytes(16).toString("hex");
+}
+// src/connectors/oauth/flows/AuthCodePKCE.ts
+var AuthCodePKCEFlow = class {
+  constructor(config) {
+    this.config = config;
+    const storageKey = config.storageKey || `auth_code:${config.clientId}`;
+    this.tokenStore = new TokenStore(storageKey, config.storage);
+  }
+  tokenStore;
+  // Store PKCE data per user with timestamps for cleanup
+  codeVerifiers = /* @__PURE__ */ new Map();
+  states = /* @__PURE__ */ new Map();
+  // Store refresh locks per user to prevent concurrent refresh
+  refreshLocks = /* @__PURE__ */ new Map();
+  // PKCE data TTL: 15 minutes (auth flows should complete within this time)
+  PKCE_TTL = 15 * 60 * 1e3;
+  /**
+   * Generate authorization URL for user to visit
+   * Opens browser or redirects user to this URL
+   *
+   * @param userId - User identifier for multi-user support (optional)
+   */
+  async getAuthorizationUrl(userId) {
+    if (!this.config.authorizationUrl) {
+      throw new Error("authorizationUrl is required for authorization_code flow");
+    }
+    if (!this.config.redirectUri) {
+      throw new Error("redirectUri is required for authorization_code flow");
+    }
+    this.cleanupExpiredPKCE();
+    const userKey = userId || "default";
+    const { codeVerifier, codeChallenge } = generatePKCE();
+    this.codeVerifiers.set(userKey, { verifier: codeVerifier, timestamp: Date.now() });
+    const state = generateState();
+    this.states.set(userKey, { state, timestamp: Date.now() });
+    const params = new URLSearchParams({
+      response_type: "code",
+      client_id: this.config.clientId,
+      redirect_uri: this.config.redirectUri,
+      state
+    });
+    if (this.config.scope) {
+      params.append("scope", this.config.scope);
+    }
+    if (this.config.usePKCE !== false) {
+      params.append("code_challenge", codeChallenge);
+      params.append("code_challenge_method", "S256");
+    }
+    const stateWithUser = userId ? `${state}::${userId}` : state;
+    params.set("state", stateWithUser);
+    return `${this.config.authorizationUrl}?${params.toString()}`;
+  }
+  /**
+   * Exchange authorization code for access token
+   *
+   * @param code - Authorization code from callback
+   * @param state - State parameter from callback (for CSRF verification, may include userId)
+   * @param userId - User identifier (optional, can be extracted from state)
+   */
+  async exchangeCode(code, state, userId) {
+    let actualState = state;
+    let actualUserId = userId;
+    if (state.includes("::")) {
+      const parts = state.split("::");
+      actualState = parts[0];
+      actualUserId = parts[1];
+    }
+    const userKey = actualUserId || "default";
+    const stateData = this.states.get(userKey);
+    if (!stateData) {
+      throw new Error(`No PKCE state found for user ${actualUserId}. Authorization flow may have expired (15 min TTL).`);
+    }
+    const expectedState = stateData.state;
+    if (actualState !== expectedState) {
+      throw new Error(`State mismatch for user ${actualUserId} - possible CSRF attack. Expected: ${expectedState}, Got: ${actualState}`);
+    }
+    if (!this.config.redirectUri) {
+      throw new Error("redirectUri is required");
+    }
+    const params = new URLSearchParams({
+      grant_type: "authorization_code",
+      code,
+      redirect_uri: this.config.redirectUri,
+      client_id: this.config.clientId
+    });
+    if (this.config.clientSecret) {
+      params.append("client_secret", this.config.clientSecret);
+    }
+    const verifierData = this.codeVerifiers.get(userKey);
+    if (this.config.usePKCE !== false && verifierData) {
+      params.append("code_verifier", verifierData.verifier);
+    }
+    const response = await fetch(this.config.tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: params
+    });
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Token exchange failed: ${response.status} ${response.statusText} - ${error}`);
+    }
+    const data = await response.json();
+    await this.tokenStore.storeToken(data, actualUserId);
+    this.codeVerifiers.delete(userKey);
+    this.states.delete(userKey);
+  }
+  /**
+   * Get valid token (auto-refreshes if needed)
+   * @param userId - User identifier for multi-user support
+   */
+  async getToken(userId) {
+    const key = userId || "default";
+    if (this.refreshLocks.has(key)) {
+      return this.refreshLocks.get(key);
+    }
+    if (await this.tokenStore.isValid(this.config.refreshBeforeExpiry, userId)) {
+      return this.tokenStore.getAccessToken(userId);
+    }
+    if (await this.tokenStore.hasRefreshToken(userId)) {
+      const refreshPromise = this.refreshToken(userId);
+      this.refreshLocks.set(key, refreshPromise);
+      try {
+        return await refreshPromise;
+      } finally {
+        this.refreshLocks.delete(key);
+      }
+    }
+    throw new Error(`No valid token available for ${userId ? `user: ${userId}` : "default user"}. User needs to authorize (call startAuthFlow).`);
+  }
+  /**
+   * Refresh access token using refresh token
+   * @param userId - User identifier for multi-user support
+   */
+  async refreshToken(userId) {
+    const refreshToken = await this.tokenStore.getRefreshToken(userId);
+    const params = new URLSearchParams({
+      grant_type: "refresh_token",
+      refresh_token: refreshToken,
+      client_id: this.config.clientId
+    });
+    if (this.config.clientSecret) {
+      params.append("client_secret", this.config.clientSecret);
+    }
+    const response = await fetch(this.config.tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: params
+    });
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Token refresh failed: ${response.status} ${response.statusText} - ${error}`);
+    }
+    const data = await response.json();
+    await this.tokenStore.storeToken(data, userId);
+    return data.access_token;
+  }
+  /**
+   * Check if token is valid
+   * @param userId - User identifier for multi-user support
+   */
+  async isTokenValid(userId) {
+    return this.tokenStore.isValid(this.config.refreshBeforeExpiry, userId);
+  }
+  /**
+   * Revoke token (if supported by provider)
+   * @param revocationUrl - Optional revocation endpoint
+   * @param userId - User identifier for multi-user support
+   */
+  async revokeToken(revocationUrl, userId) {
+    if (!revocationUrl) {
+      await this.tokenStore.clear(userId);
+      return;
+    }
+    try {
+      const token = await this.tokenStore.getAccessToken(userId);
+      await fetch(revocationUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/x-www-form-urlencoded"
+        },
+        body: new URLSearchParams({
+          token,
+          client_id: this.config.clientId
+        })
+      });
+    } finally {
+      await this.tokenStore.clear(userId);
+    }
+  }
+  /**
+   * Clean up expired PKCE data to prevent memory leaks
+   * Removes verifiers and states older than PKCE_TTL (15 minutes)
+   */
+  cleanupExpiredPKCE() {
+    const now = Date.now();
+    for (const [key, data] of this.codeVerifiers) {
+      if (now - data.timestamp > this.PKCE_TTL) {
+        this.codeVerifiers.delete(key);
+        this.states.delete(key);
+      }
+    }
+  }
+};
+// src/connectors/oauth/flows/ClientCredentials.ts
+var ClientCredentialsFlow = class {
+  constructor(config) {
+    this.config = config;
+    const storageKey = config.storageKey || `client_credentials:${config.clientId}`;
+    this.tokenStore = new TokenStore(storageKey, config.storage);
+  }
+  tokenStore;
+  /**
+   * Get token using client credentials
+   */
+  async getToken() {
+    if (await this.tokenStore.isValid(this.config.refreshBeforeExpiry)) {
+      return this.tokenStore.getAccessToken();
+    }
+    return this.requestToken();
+  }
+  /**
+   * Request a new token from the authorization server
+   */
+  async requestToken() {
+    const auth = Buffer.from(`${this.config.clientId}:${this.config.clientSecret}`).toString(
+      "base64"
+    );
+    const params = new URLSearchParams({
+      grant_type: "client_credentials"
+    });
+    if (this.config.scope) {
+      params.append("scope", this.config.scope);
+    }
+    const response = await fetch(this.config.tokenUrl, {
+      method: "POST",
+      headers: {
+        Authorization: `Basic ${auth}`,
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: params
+    });
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`Token request failed: ${response.status} ${response.statusText} - ${error}`);
+    }
+    const data = await response.json();
+    await this.tokenStore.storeToken(data);
+    return data.access_token;
+  }
+  /**
+   * Refresh token (client credentials don't use refresh tokens)
+   * Just requests a new token
+   */
+  async refreshToken() {
+    await this.tokenStore.clear();
+    return this.requestToken();
+  }
+  /**
+   * Check if token is valid
+   */
+  async isTokenValid() {
+    return this.tokenStore.isValid(this.config.refreshBeforeExpiry);
+  }
+};
+var JWTBearerFlow = class {
+  constructor(config) {
+    this.config = config;
+    const storageKey = config.storageKey || `jwt_bearer:${config.clientId}`;
+    this.tokenStore = new TokenStore(storageKey, config.storage);
+    if (config.privateKey) {
+      this.privateKey = config.privateKey;
+    } else if (config.privateKeyPath) {
+      try {
+        this.privateKey = fs2.readFileSync(config.privateKeyPath, "utf8");
+      } catch (error) {
+        throw new Error(`Failed to read private key from ${config.privateKeyPath}: ${error.message}`);
+      }
+    } else {
+      throw new Error("JWT Bearer flow requires privateKey or privateKeyPath");
+    }
+  }
+  tokenStore;
+  privateKey;
+  /**
+   * Generate signed JWT assertion
+   */
+  async generateJWT() {
+    const now = Math.floor(Date.now() / 1e3);
+    const alg = this.config.tokenSigningAlg || "RS256";
+    const key = await importPKCS8(this.privateKey, alg);
+    const jwt = await new SignJWT({
+      scope: this.config.scope || ""
+    }).setProtectedHeader({ alg }).setIssuer(this.config.clientId).setSubject(this.config.clientId).setAudience(this.config.audience || this.config.tokenUrl).setIssuedAt(now).setExpirationTime(now + 3600).sign(key);
+    return jwt;
+  }
+  /**
+   * Get token using JWT Bearer assertion
+   */
+  async getToken() {
+    if (await this.tokenStore.isValid(this.config.refreshBeforeExpiry)) {
+      return this.tokenStore.getAccessToken();
+    }
+    return this.requestToken();
+  }
+  /**
+   * Request token using JWT assertion
+   */
+  async requestToken() {
+    const assertion = await this.generateJWT();
+    const params = new URLSearchParams({
+      grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
+      assertion
+    });
+    const response = await fetch(this.config.tokenUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/x-www-form-urlencoded"
+      },
+      body: params
+    });
+    if (!response.ok) {
+      const error = await response.text();
+      throw new Error(`JWT Bearer token request failed: ${response.status} ${response.statusText} - ${error}`);
+    }
+    const data = await response.json();
+    await this.tokenStore.storeToken(data);
+    return data.access_token;
+  }
+  /**
+   * Refresh token (generate new JWT and request new token)
+   */
+  async refreshToken() {
+    await this.tokenStore.clear();
+    return this.requestToken();
+  }
+  /**
+   * Check if token is valid
+   */
+  async isTokenValid() {
+    return this.tokenStore.isValid(this.config.refreshBeforeExpiry);
+  }
+};
+// src/connectors/oauth/flows/StaticToken.ts
+var StaticTokenFlow = class {
+  token;
+  constructor(config) {
+    if (!config.staticToken) {
+      throw new Error("Static token flow requires staticToken in config");
+    }
+    this.token = config.staticToken;
+  }
+  /**
+   * Get token (always returns the static token)
+   */
+  async getToken() {
+    return this.token;
+  }
+  /**
+   * Refresh token (no-op for static tokens)
+   */
+  async refreshToken() {
+    return this.token;
+  }
+  /**
+   * Token is always valid for static tokens
+   */
+  async isTokenValid() {
+    return true;
+  }
+  /**
+   * Update the static token
+   */
+  updateToken(newToken) {
+    this.token = newToken;
+  }
+};
+// src/connectors/oauth/OAuthManager.ts
+var OAuthManager = class {
+  flow;
+  constructor(config) {
+    this.validateConfig(config);
+    switch (config.flow) {
+      case "authorization_code":
+        this.flow = new AuthCodePKCEFlow(config);
+        break;
+      case "client_credentials":
+        this.flow = new ClientCredentialsFlow(config);
+        break;
+      case "jwt_bearer":
+        this.flow = new JWTBearerFlow(config);
+        break;
+      case "static_token":
+        this.flow = new StaticTokenFlow(config);
+        break;
+      default:
+        throw new Error(`Unknown OAuth flow: ${config.flow}`);
+    }
+  }
+  /**
+   * Get valid access token
+   * Automatically refreshes if expired
+   *
+   * @param userId - User identifier for multi-user support (optional)
+   */
+  async getToken(userId) {
+    return this.flow.getToken(userId);
+  }
+  /**
+   * Force refresh the token
+   *
+   * @param userId - User identifier for multi-user support (optional)
+   */
+  async refreshToken(userId) {
+    return this.flow.refreshToken(userId);
+  }
+  /**
+   * Check if current token is valid
+   *
+   * @param userId - User identifier for multi-user support (optional)
+   */
+  async isTokenValid(userId) {
+    return this.flow.isTokenValid(userId);
+  }
+  // ==================== Authorization Code Flow Methods ====================
+  /**
+   * Start authorization flow (Authorization Code only)
+   * Returns URL for user to visit
+   *
+   * @param userId - User identifier for multi-user support (optional)
+   * @returns Authorization URL for the user to visit
+   */
+  async startAuthFlow(userId) {
+    if (!(this.flow instanceof AuthCodePKCEFlow)) {
+      throw new Error("startAuthFlow() is only available for authorization_code flow");
+    }
+    return this.flow.getAuthorizationUrl(userId);
+  }
+  /**
+   * Handle OAuth callback (Authorization Code only)
+   * Call this with the callback URL after user authorizes
+   *
+   * @param callbackUrl - Full callback URL with code and state parameters
+   * @param userId - Optional user identifier (can be extracted from state if embedded)
+   */
+  async handleCallback(callbackUrl, userId) {
+    if (!(this.flow instanceof AuthCodePKCEFlow)) {
+      throw new Error("handleCallback() is only available for authorization_code flow");
+    }
+    const url = new URL(callbackUrl);
+    const code = url.searchParams.get("code");
+    const state = url.searchParams.get("state");
+    if (!code) {
+      throw new Error("Missing authorization code in callback URL");
+    }
+    if (!state) {
+      throw new Error("Missing state parameter in callback URL");
+    }
+    await this.flow.exchangeCode(code, state, userId);
+  }
+  /**
+   * Revoke token (if supported by provider)
+   *
+   * @param revocationUrl - Optional revocation endpoint URL
+   * @param userId - User identifier for multi-user support (optional)
+   */
+  async revokeToken(revocationUrl, userId) {
+    if (this.flow instanceof AuthCodePKCEFlow) {
+      await this.flow.revokeToken(revocationUrl, userId);
+    } else {
+      throw new Error("Token revocation not implemented for this flow");
+    }
+  }
+  // ==================== Validation ====================
+  validateConfig(config) {
+    if (!config.flow) {
+      throw new Error("OAuth flow is required (authorization_code, client_credentials, jwt_bearer, or static_token)");
+    }
+    if (config.flow !== "static_token") {
+      if (!config.tokenUrl) {
+        throw new Error("tokenUrl is required");
+      }
+      if (!config.clientId) {
+        throw new Error("clientId is required");
+      }
+    }
+    switch (config.flow) {
+      case "authorization_code":
+        if (!config.authorizationUrl) {
+          throw new Error("authorizationUrl is required for authorization_code flow");
+        }
+        if (!config.redirectUri) {
+          throw new Error("redirectUri is required for authorization_code flow");
+        }
+        break;
+      case "client_credentials":
+        if (!config.clientSecret) {
+          throw new Error("clientSecret is required for client_credentials flow");
+        }
+        break;
+      case "jwt_bearer":
+        if (!config.privateKey && !config.privateKeyPath) {
+          throw new Error(
+            "privateKey or privateKeyPath is required for jwt_bearer flow"
+          );
+        }
+        break;
+      case "static_token":
+        if (!config.staticToken) {
+          throw new Error("staticToken is required for static_token flow");
+        }
+        break;
+    }
+    if (config.storage && !process.env.OAUTH_ENCRYPTION_KEY) {
+      console.warn(
+        "WARNING: Using persistent storage without OAUTH_ENCRYPTION_KEY environment variable. Tokens will be encrypted with auto-generated key that changes on restart!"
+      );
+    }
+  }
+};
+var DEFAULT_CIRCUIT_BREAKER_CONFIG = {
+  failureThreshold: 5,
+  successThreshold: 2,
+  resetTimeoutMs: 3e4,
+  // 30 seconds
+  windowMs: 6e4,
+  // 1 minute
+  isRetryable: () => true
+  // All errors count by default
+};
+var CircuitOpenError = class extends Error {
+  constructor(breakerName, nextRetryTime, failureCount, lastError) {
+    const retryInSeconds = Math.ceil((nextRetryTime - Date.now()) / 1e3);
+    super(
+      `Circuit breaker '${breakerName}' is OPEN. Retry in ${retryInSeconds}s. (${failureCount} recent failures, last: ${lastError})`
+    );
+    this.breakerName = breakerName;
+    this.nextRetryTime = nextRetryTime;
+    this.failureCount = failureCount;
+    this.lastError = lastError;
+    this.name = "CircuitOpenError";
+  }
+};
+var CircuitBreaker = class extends EventEmitter {
+  constructor(name, config = {}) {
+    super();
+    this.name = name;
+    this.config = { ...DEFAULT_CIRCUIT_BREAKER_CONFIG, ...config };
+    this.lastStateChange = Date.now();
+  }
+  state = "closed";
+  config;
+  // Failure tracking
+  failures = [];
+  lastError = "";
+  // Success tracking
+  consecutiveSuccesses = 0;
+  // Timing
+  openedAt;
+  lastStateChange;
+  // Metrics
+  totalRequests = 0;
+  successCount = 0;
+  failureCount = 0;
+  rejectedCount = 0;
+  lastFailureTime;
+  lastSuccessTime;
+  /**
+   * Execute function with circuit breaker protection
+   */
+  async execute(fn) {
+    this.totalRequests++;
+    const now = Date.now();
+    switch (this.state) {
+      case "open":
+        if (this.openedAt && now - this.openedAt >= this.config.resetTimeoutMs) {
+          this.transitionTo("half-open");
+        } else {
+          this.rejectedCount++;
+          const nextRetry = (this.openedAt || now) + this.config.resetTimeoutMs;
+          throw new CircuitOpenError(this.name, nextRetry, this.failures.length, this.lastError);
+        }
+        break;
+    }
+    try {
+      const result = await fn();
+      this.recordSuccess();
+      return result;
+    } catch (error) {
+      this.recordFailure(error);
+      throw error;
+    }
+  }
+  /**
+   * Record successful execution
+   */
+  recordSuccess() {
+    this.successCount++;
+    this.lastSuccessTime = Date.now();
+    this.consecutiveSuccesses++;
+    if (this.state === "half-open") {
+      if (this.consecutiveSuccesses >= this.config.successThreshold) {
+        this.transitionTo("closed");
+      }
+    } else if (this.state === "closed") {
+      this.pruneOldFailures();
+    }
+  }
+  /**
+   * Record failed execution
+   */
+  recordFailure(error) {
+    if (this.config.isRetryable && !this.config.isRetryable(error)) {
+      return;
+    }
+    this.failureCount++;
+    this.lastFailureTime = Date.now();
+    this.lastError = error.message;
+    this.consecutiveSuccesses = 0;
+    this.failures.push({
+      timestamp: Date.now(),
+      error: error.message
+    });
+    this.pruneOldFailures();
+    if (this.state === "half-open") {
+      this.transitionTo("open");
+    } else if (this.state === "closed") {
+      if (this.failures.length >= this.config.failureThreshold) {
+        this.transitionTo("open");
+      }
+    }
+  }
+  /**
+   * Transition to new state
+   */
+  transitionTo(newState) {
+    this.state = newState;
+    this.lastStateChange = Date.now();
+    switch (newState) {
+      case "open":
+        this.openedAt = Date.now();
+        this.emit("opened", {
+          name: this.name,
+          failureCount: this.failures.length,
+          lastError: this.lastError,
+          nextRetryTime: this.openedAt + this.config.resetTimeoutMs
+        });
+        break;
+      case "half-open":
+        this.emit("half-open", {
+          name: this.name,
+          timestamp: Date.now()
+        });
+        break;
+      case "closed":
+        this.failures = [];
+        this.consecutiveSuccesses = 0;
+        this.openedAt = void 0;
+        this.emit("closed", {
+          name: this.name,
+          successCount: this.consecutiveSuccesses,
+          timestamp: Date.now()
+        });
+        break;
+    }
+  }
+  /**
+   * Remove failures outside the time window
+   */
+  pruneOldFailures() {
+    const now = Date.now();
+    const cutoff = now - this.config.windowMs;
+    this.failures = this.failures.filter((f) => f.timestamp > cutoff);
+  }
+  /**
+   * Get current state
+   */
+  getState() {
+    return this.state;
+  }
+  /**
+   * Get current metrics
+   */
+  getMetrics() {
+    this.pruneOldFailures();
+    const total = this.successCount + this.failureCount;
+    const failureRate = total > 0 ? this.failureCount / total : 0;
+    const successRate = total > 0 ? this.successCount / total : 0;
+    return {
+      name: this.name,
+      state: this.state,
+      totalRequests: this.totalRequests,
+      successCount: this.successCount,
+      failureCount: this.failureCount,
+      rejectedCount: this.rejectedCount,
+      recentFailures: this.failures.length,
+      consecutiveSuccesses: this.consecutiveSuccesses,
+      lastFailureTime: this.lastFailureTime,
+      lastSuccessTime: this.lastSuccessTime,
+      lastStateChange: this.lastStateChange,
+      nextRetryTime: this.openedAt ? this.openedAt + this.config.resetTimeoutMs : void 0,
+      failureRate,
+      successRate
+    };
+  }
+  /**
+   * Manually reset circuit breaker (force close)
+   */
+  reset() {
+    this.transitionTo("closed");
+    this.totalRequests = 0;
+    this.successCount = 0;
+    this.failureCount = 0;
+    this.rejectedCount = 0;
+    this.lastFailureTime = void 0;
+    this.lastSuccessTime = void 0;
+  }
+  /**
+   * Check if circuit is allowing requests
+   */
+  isOpen() {
+    if (this.state === "open" && this.openedAt) {
+      const now = Date.now();
+      if (now - this.openedAt >= this.config.resetTimeoutMs) {
+        this.transitionTo("half-open");
+        return false;
+      }
+      return true;
+    }
+    return false;
+  }
+  /**
+   * Get configuration
+   */
+  getConfig() {
+    return { ...this.config };
+  }
+};
+// src/infrastructure/resilience/BackoffStrategy.ts
+var DEFAULT_BACKOFF_CONFIG = {
+  strategy: "exponential",
+  initialDelayMs: 1e3,
+  // 1 second
+  maxDelayMs: 3e4,
+  // 30 seconds
+  multiplier: 2,
+  jitter: true,
+  jitterFactor: 0.1
+};
+function calculateBackoff(attempt, config = DEFAULT_BACKOFF_CONFIG) {
+  let delay;
+  switch (config.strategy) {
+    case "exponential":
+      delay = config.initialDelayMs * Math.pow(config.multiplier || 2, attempt - 1);
+      break;
+    case "linear":
+      delay = config.initialDelayMs + (config.incrementMs || 1e3) * (attempt - 1);
+      break;
+    case "constant":
+      delay = config.initialDelayMs;
+      break;
+    default:
+      delay = config.initialDelayMs;
+  }
+  delay = Math.min(delay, config.maxDelayMs);
+  if (config.jitter) {
+    delay = addJitter(delay, config.jitterFactor || 0.1);
+  }
+  return Math.floor(delay);
+}
+function addJitter(delay, factor = 0.1) {
+  const jitterRange = delay * factor;
+  const jitter = (Math.random() * 2 - 1) * jitterRange;
+  return delay + jitter;
+}
+var LOG_LEVEL_VALUES = {
+  trace: 10,
+  debug: 20,
+  info: 30,
+  warn: 40,
+  error: 50,
+  silent: 100
+};
+function safeStringify(obj, indent) {
+  const seen = /* @__PURE__ */ new WeakSet();
+  const replacer = (_key, value) => {
+    if (value === null || value === void 0) {
+      return value;
+    }
+    if (typeof value !== "object") {
+      if (typeof value === "function") {
+        return "[Function]";
+      }
+      if (typeof value === "bigint") {
+        return value.toString();
+      }
+      return value;
+    }
+    const objValue = value;
+    const constructor = objValue.constructor?.name || "";
+    if (constructor === "Timeout" || constructor === "TimersList" || constructor === "Socket" || constructor === "Server" || constructor === "IncomingMessage" || constructor === "ServerResponse" || constructor === "WriteStream" || constructor === "ReadStream" || constructor === "EventEmitter") {
+      return `[${constructor}]`;
+    }
+    if (seen.has(objValue)) {
+      return "[Circular]";
+    }
+    if (objValue instanceof Error) {
+      return {
+        name: objValue.name,
+        message: objValue.message,
+        stack: objValue.stack
+      };
+    }
+    if (objValue instanceof Date) {
+      return objValue.toISOString();
+    }
+    if (objValue instanceof Map) {
+      return Object.fromEntries(objValue);
+    }
+    if (objValue instanceof Set) {
+      return Array.from(objValue);
+    }
+    if (Buffer.isBuffer(objValue)) {
+      return `[Buffer(${objValue.length})]`;
+    }
+    seen.add(objValue);
+    return value;
+  };
+  try {
+    return JSON.stringify(obj, replacer, indent);
+  } catch {
+    return "[Unserializable]";
+  }
+}
+var FrameworkLogger = class _FrameworkLogger {
+  config;
+  context;
+  levelValue;
+  fileStream;
+  constructor(config = {}) {
+    this.config = {
+      level: config.level || process.env.LOG_LEVEL || "info",
+      pretty: config.pretty ?? (process.env.LOG_PRETTY === "true" || process.env.NODE_ENV === "development"),
+      destination: config.destination || "console",
+      context: config.context || {},
+      filePath: config.filePath || process.env.LOG_FILE
+    };
+    this.context = this.config.context || {};
+    this.levelValue = LOG_LEVEL_VALUES[this.config.level || "info"];
+    if (this.config.filePath) {
+      this.initFileStream(this.config.filePath);
+    }
+  }
+  /**
+   * Initialize file stream for logging
+   */
+  initFileStream(filePath) {
+    try {
+      const dir = path.dirname(filePath);
+      if (!fs2.existsSync(dir)) {
+        fs2.mkdirSync(dir, { recursive: true });
+      }
+      this.fileStream = fs2.createWriteStream(filePath, {
+        flags: "a",
+        // append mode
+        encoding: "utf8"
+      });
+      this.fileStream.on("error", (err) => {
+        console.error(`[Logger] File stream error: ${err.message}`);
+        this.fileStream = void 0;
+      });
+    } catch (err) {
+      console.error(`[Logger] Failed to initialize log file: ${err instanceof Error ? err.message : err}`);
+    }
+  }
+  /**
+   * Create child logger with additional context
+   */
+  child(context) {
+    return new _FrameworkLogger({
+      ...this.config,
+      context: { ...this.context, ...context }
+    });
+  }
+  /**
+   * Trace log
+   */
+  trace(obj, msg) {
+    this.log("trace", obj, msg);
+  }
+  /**
+   * Debug log
+   */
+  debug(obj, msg) {
+    this.log("debug", obj, msg);
+  }
+  /**
+   * Info log
+   */
+  info(obj, msg) {
+    this.log("info", obj, msg);
+  }
+  /**
+   * Warn log
+   */
+  warn(obj, msg) {
+    this.log("warn", obj, msg);
+  }
+  /**
+   * Error log
+   */
+  error(obj, msg) {
+    this.log("error", obj, msg);
+  }
+  /**
+   * Internal log method
+   */
+  log(level, obj, msg) {
+    if (LOG_LEVEL_VALUES[level] < this.levelValue) {
+      return;
+    }
+    let data;
+    let message;
+    if (typeof obj === "string") {
+      message = obj;
+      data = {};
+    } else {
+      message = msg || "";
+      data = obj;
+    }
+    const entry = {
+      level,
+      time: Date.now(),
+      ...this.context,
+      ...data,
+      msg: message
+    };
+    this.output(entry);
+  }
+  /**
+   * Output log entry
+   */
+  output(entry) {
+    if (this.config.pretty) {
+      this.prettyPrint(entry);
+    } else {
+      this.jsonPrint(entry);
+    }
+  }
+  /**
+   * Pretty print for development
+   */
+  prettyPrint(entry) {
+    const levelColors = {
+      trace: "\x1B[90m",
+      // Gray
+      debug: "\x1B[36m",
+      // Cyan
+      info: "\x1B[32m",
+      // Green
+      warn: "\x1B[33m",
+      // Yellow
+      error: "\x1B[31m",
+      // Red
+      silent: ""
+    };
+    const reset = "\x1B[0m";
+    const color = this.fileStream ? "" : levelColors[entry.level] || "";
+    const time = new Date(entry.time).toISOString().substring(11, 23);
+    const levelStr = entry.level.toUpperCase().padEnd(5);
+    const contextParts = [];
+    for (const [key, value] of Object.entries(entry)) {
+      if (key !== "level" && key !== "time" && key !== "msg") {
+        contextParts.push(`${key}=${safeStringify(value)}`);
+      }
+    }
+    const context = contextParts.length > 0 ? ` ${contextParts.join(" ")}` : "";
+    const output = `${color}[${time}] ${levelStr}${reset} ${entry.msg}${context}`;
+    if (this.fileStream) {
+      const cleanOutput = output.replace(/\x1b\[[0-9;]*m/g, "");
+      this.fileStream.write(cleanOutput + "\n");
+      return;
+    }
+    switch (entry.level) {
+      case "error":
+      case "warn":
+        console.error(output);
+        break;
+      default:
+        console.log(output);
+    }
+  }
+  /**
+   * JSON print for production
+   */
+  jsonPrint(entry) {
+    const json = safeStringify(entry);
+    if (this.fileStream) {
+      this.fileStream.write(json + "\n");
+      return;
+    }
+    switch (this.config.destination) {
+      case "stderr":
+        console.error(json);
+        break;
+      default:
+        console.log(json);
+    }
+  }
+  /**
+   * Update configuration
+   */
+  updateConfig(config) {
+    this.config = { ...this.config, ...config };
+    if (config.level) {
+      this.levelValue = LOG_LEVEL_VALUES[config.level];
+    }
+    if (config.context) {
+      this.context = { ...this.context, ...config.context };
+    }
+    if (config.filePath !== void 0) {
+      this.closeFileStream();
+      if (config.filePath) {
+        this.initFileStream(config.filePath);
+      }
+    }
+  }
+  /**
+   * Close file stream
+   */
+  closeFileStream() {
+    if (this.fileStream) {
+      this.fileStream.end();
+      this.fileStream = void 0;
+    }
+  }
+  /**
+   * Cleanup resources (call before process exit)
+   */
+  close() {
+    this.closeFileStream();
+  }
+  /**
+   * Get current log level
+   */
+  getLevel() {
+    return this.config.level || "info";
+  }
+  /**
+   * Check if level is enabled
+   */
+  isLevelEnabled(level) {
+    return LOG_LEVEL_VALUES[level] >= this.levelValue;
+  }
+};
+var logger = new FrameworkLogger({
+  level: process.env.LOG_LEVEL || "info",
+  pretty: process.env.LOG_PRETTY === "true" || process.env.NODE_ENV === "development",
+  filePath: process.env.LOG_FILE
+});
+process.on("exit", () => {
+  logger.close();
+});
+process.on("SIGINT", () => {
+  logger.close();
+  process.exit(0);
+});
+process.on("SIGTERM", () => {
+  logger.close();
+  process.exit(0);
+});
+// src/infrastructure/observability/Metrics.ts
+var NoOpMetrics = class {
+  increment() {
+  }
+  gauge() {
+  }
+  timing() {
+  }
+  histogram() {
+  }
+};
+var ConsoleMetrics = class {
+  prefix;
+  constructor(prefix = "oneringai") {
+    this.prefix = prefix;
+  }
+  increment(metric, value = 1, tags) {
+    this.log("COUNTER", metric, value, tags);
+  }
+  gauge(metric, value, tags) {
+    this.log("GAUGE", metric, value, tags);
+  }
+  timing(metric, duration, tags) {
+    this.log("TIMING", metric, `${duration}ms`, tags);
+  }
+  histogram(metric, value, tags) {
+    this.log("HISTOGRAM", metric, value, tags);
+  }
+  log(type, metric, value, tags) {
+    const fullMetric = `${this.prefix}.${metric}`;
+    const tagsStr = tags ? ` ${JSON.stringify(tags)}` : "";
+    console.log(`[METRIC:${type}] ${fullMetric}=${value}${tagsStr}`);
+  }
+};
+var InMemoryMetrics = class {
+  counters = /* @__PURE__ */ new Map();
+  gauges = /* @__PURE__ */ new Map();
+  timings = /* @__PURE__ */ new Map();
+  histograms = /* @__PURE__ */ new Map();
+  increment(metric, value = 1, tags) {
+    const key = this.makeKey(metric, tags);
+    this.counters.set(key, (this.counters.get(key) || 0) + value);
+  }
+  gauge(metric, value, tags) {
+    const key = this.makeKey(metric, tags);
+    this.gauges.set(key, value);
+  }
+  timing(metric, duration, tags) {
+    const key = this.makeKey(metric, tags);
+    const timings = this.timings.get(key) || [];
+    timings.push(duration);
+    this.timings.set(key, timings);
+  }
+  histogram(metric, value, tags) {
+    const key = this.makeKey(metric, tags);
+    const values = this.histograms.get(key) || [];
+    values.push(value);
+    this.histograms.set(key, values);
+  }
+  makeKey(metric, tags) {
+    if (!tags) return metric;
+    const tagStr = Object.entries(tags).map(([k, v]) => `${k}:${v}`).sort().join(",");
+    return `${metric}{${tagStr}}`;
+  }
+  /**
+   * Get all metrics (for testing)
+   */
+  getMetrics() {
+    return {
+      counters: new Map(this.counters),
+      gauges: new Map(this.gauges),
+      timings: new Map(this.timings),
+      histograms: new Map(this.histograms)
+    };
+  }
+  /**
+   * Clear all metrics
+   */
+  clear() {
+    this.counters.clear();
+    this.gauges.clear();
+    this.timings.clear();
+    this.histograms.clear();
+  }
+  /**
+   * Get summary statistics for timings
+   */
+  getTimingStats(metric, tags) {
+    const key = this.makeKey(metric, tags);
+    const timings = this.timings.get(key);
+    if (!timings || timings.length === 0) {
+      return null;
+    }
+    const sorted = [...timings].sort((a, b) => a - b);
+    const count = sorted.length;
+    const sum = sorted.reduce((a, b) => a + b, 0);
+    return {
+      count,
+      min: sorted[0] ?? 0,
+      max: sorted[count - 1] ?? 0,
+      mean: sum / count,
+      p50: sorted[Math.floor(count * 0.5)] ?? 0,
+      p95: sorted[Math.floor(count * 0.95)] ?? 0,
+      p99: sorted[Math.floor(count * 0.99)] ?? 0
+    };
+  }
+};
+function createMetricsCollector(type, prefix) {
+  const collectorType = process.env.METRICS_COLLECTOR || "noop";
+  switch (collectorType) {
+    case "console":
+      return new ConsoleMetrics(prefix);
+    case "inmemory":
+      return new InMemoryMetrics();
+    default:
+      return new NoOpMetrics();
+  }
+}
+var metrics = createMetricsCollector(
+  void 0,
+  process.env.METRICS_PREFIX || "oneringai"
+);
+// src/core/Connector.ts
+var DEFAULT_CONNECTOR_TIMEOUT = 3e4;
+var DEFAULT_MAX_RETRIES = 3;
+var DEFAULT_RETRYABLE_STATUSES = [429, 500, 502, 503, 504];
+var DEFAULT_BASE_DELAY_MS = 1e3;
+var DEFAULT_MAX_DELAY_MS = 3e4;
+var Connector = class _Connector {
+  // ============ Static Registry ============
+  static registry = /* @__PURE__ */ new Map();
+  static defaultStorage = new MemoryStorage();
+  /**
+   * Create and register a new connector
+   * @param config - Must include `name` field
+   */
+  static create(config) {
+    if (!config.name || config.name.trim().length === 0) {
+      throw new Error("Connector name is required");
+    }
+    if (_Connector.registry.has(config.name)) {
+      throw new Error(`Connector '${config.name}' already exists. Use Connector.get() or choose a different name.`);
+    }
+    const connector = new _Connector(config);
+    _Connector.registry.set(config.name, connector);
+    return connector;
+  }
+  /**
+   * Get a connector by name
+   */
+  static get(name) {
+    const connector = _Connector.registry.get(name);
+    if (!connector) {
+      const available = _Connector.list().join(", ") || "none";
+      throw new Error(`Connector '${name}' not found. Available: ${available}`);
+    }
+    return connector;
+  }
+  /**
+   * Check if a connector exists
+   */
+  static has(name) {
+    return _Connector.registry.has(name);
+  }
+  /**
+   * List all registered connector names
+   */
+  static list() {
+    return Array.from(_Connector.registry.keys());
+  }
+  /**
+   * Remove a connector
+   */
+  static remove(name) {
+    const connector = _Connector.registry.get(name);
+    if (connector) {
+      connector.dispose();
+    }
+    return _Connector.registry.delete(name);
+  }
+  /**
+   * Clear all connectors (useful for testing)
+   */
+  static clear() {
+    for (const connector of _Connector.registry.values()) {
+      connector.dispose();
+    }
+    _Connector.registry.clear();
+  }
+  /**
+   * Set default token storage for OAuth connectors
+   */
+  static setDefaultStorage(storage) {
+    _Connector.defaultStorage = storage;
+  }
+  /**
+   * Get all registered connectors
+   */
+  static listAll() {
+    return Array.from(_Connector.registry.values());
+  }
+  /**
+   * Get number of registered connectors
+   */
+  static size() {
+    return _Connector.registry.size;
+  }
+  /**
+   * Get connector descriptions formatted for tool parameters
+   * Useful for generating dynamic tool descriptions
+   */
+  static getDescriptionsForTools() {
+    const connectors = _Connector.listAll();
+    if (connectors.length === 0) {
+      return "No connectors registered yet.";
+    }
+    return connectors.map((c) => `  - "${c.name}": ${c.displayName} - ${c.config.description || "No description"}`).join("\n");
+  }
+  /**
+   * Get connector info (for tools and documentation)
+   */
+  static getInfo() {
+    const info = {};
+    for (const connector of _Connector.registry.values()) {
+      info[connector.name] = {
+        displayName: connector.displayName,
+        description: connector.config.description || "",
+        baseURL: connector.baseURL
+      };
+    }
+    return info;
+  }
+  // ============ Instance ============
+  name;
+  vendor;
+  config;
+  oauthManager;
+  circuitBreaker;
+  disposed = false;
+  // Metrics
+  requestCount = 0;
+  successCount = 0;
+  failureCount = 0;
+  totalLatencyMs = 0;
+  constructor(config) {
+    this.name = config.name;
+    this.vendor = config.vendor;
+    this.config = config;
+    if (config.auth.type === "oauth") {
+      this.initOAuthManager(config.auth);
+    } else if (config.auth.type === "jwt") {
+      this.initJWTManager(config.auth);
+    }
+    this.initCircuitBreaker();
+  }
+  /**
+   * Initialize circuit breaker with config or defaults
+   */
+  initCircuitBreaker() {
+    const cbConfig = this.config.circuitBreaker;
+    const enabled = cbConfig?.enabled ?? true;
+    if (enabled) {
+      this.circuitBreaker = new CircuitBreaker(`connector:${this.name}`, {
+        failureThreshold: cbConfig?.failureThreshold ?? 5,
+        successThreshold: cbConfig?.successThreshold ?? 2,
+        resetTimeoutMs: cbConfig?.resetTimeoutMs ?? 3e4,
+        windowMs: 6e4,
+        // 1 minute window
+        isRetryable: (error) => {
+          if (error.message.includes("HTTP 4") && !error.message.includes("HTTP 429")) {
+            return false;
+          }
+          return true;
+        }
+      });
+      this.circuitBreaker.on("opened", ({ name, failureCount, lastError }) => {
+        logger.warn(`Circuit breaker opened for ${name}: ${failureCount} failures, last error: ${lastError}`);
+        metrics.increment("connector.circuit_breaker.opened", 1, { connector: this.name });
+      });
+      this.circuitBreaker.on("closed", ({ name }) => {
+        logger.info(`Circuit breaker closed for ${name}`);
+        metrics.increment("connector.circuit_breaker.closed", 1, { connector: this.name });
+      });
+    }
+  }
+  /**
+   * Human-readable display name
+   */
+  get displayName() {
+    return this.config.displayName || this.name;
+  }
+  /**
+   * API base URL for this connector
+   */
+  get baseURL() {
+    return this.config.baseURL || "";
+  }
+  /**
+   * Get the API key (for api_key auth type)
+   */
+  getApiKey() {
+    if (this.config.auth.type !== "api_key") {
+      throw new Error(`Connector '${this.name}' does not use API key auth. Type: ${this.config.auth.type}`);
+    }
+    return this.config.auth.apiKey;
+  }
+  /**
+   * Get the current access token (for OAuth, JWT, or API key)
+   * Handles automatic refresh if needed
+   */
+  async getToken(userId) {
+    if (this.config.auth.type === "api_key") {
+      return this.config.auth.apiKey;
+    }
+    if (!this.oauthManager) {
+      throw new Error(`OAuth manager not initialized for connector '${this.name}'`);
+    }
+    return this.oauthManager.getToken(userId);
+  }
+  /**
+   * Start OAuth authorization flow
+   * Returns the URL to redirect the user to
+   */
+  async startAuth(userId) {
+    if (!this.oauthManager) {
+      throw new Error(`Connector '${this.name}' is not an OAuth connector`);
+    }
+    return this.oauthManager.startAuthFlow(userId);
+  }
+  /**
+   * Handle OAuth callback
+   * Call this after user is redirected back from OAuth provider
+   */
+  async handleCallback(callbackUrl, userId) {
+    if (!this.oauthManager) {
+      throw new Error(`Connector '${this.name}' is not an OAuth connector`);
+    }
+    await this.oauthManager.handleCallback(callbackUrl, userId);
+  }
+  /**
+   * Check if the connector has a valid token
+   */
+  async hasValidToken(userId) {
+    try {
+      if (this.config.auth.type === "api_key") {
+        return true;
+      }
+      if (this.oauthManager) {
+        const token = await this.oauthManager.getToken(userId);
+        return !!token;
+      }
+      return false;
+    } catch {
+      return false;
+    }
+  }
+  /**
+   * Get vendor-specific options from config
+   */
+  getOptions() {
+    return this.config.options ?? {};
+  }
+  /**
+   * Get the service type (explicit or undefined)
+   */
+  get serviceType() {
+    return this.config.serviceType;
+  }
+  /**
+   * Get connector metrics
+   */
+  getMetrics() {
+    return {
+      requestCount: this.requestCount,
+      successCount: this.successCount,
+      failureCount: this.failureCount,
+      avgLatencyMs: this.requestCount > 0 ? this.totalLatencyMs / this.requestCount : 0,
+      circuitBreakerState: this.circuitBreaker?.getState()
+    };
+  }
+  /**
+   * Reset circuit breaker (force close)
+   */
+  resetCircuitBreaker() {
+    this.circuitBreaker?.reset();
+  }
+  /**
+   * Make an authenticated fetch request using this connector
+   * This is the foundation for all vendor-dependent tools
+   *
+   * Features:
+   * - Timeout with AbortController
+   * - Circuit breaker protection
+   * - Retry with exponential backoff
+   * - Request/response logging
+   *
+   * @param endpoint - API endpoint (relative to baseURL) or full URL
+   * @param options - Fetch options with connector-specific settings
+   * @param userId - Optional user ID for multi-user OAuth
+   * @returns Fetch Response
+   */
+  async fetch(endpoint, options, userId) {
+    if (this.disposed) {
+      throw new Error(`Connector '${this.name}' has been disposed`);
+    }
+    const startTime = Date.now();
+    this.requestCount++;
+    const url = endpoint.startsWith("http") ? endpoint : `${this.baseURL}${endpoint}`;
+    const timeout = options?.timeout ?? this.config.timeout ?? DEFAULT_CONNECTOR_TIMEOUT;
+    if (this.config.logging?.enabled) {
+      this.logRequest(url, options);
+    }
+    const doFetch = async () => {
+      const token = await this.getToken(userId);
+      const auth = this.config.auth;
+      let headerName = "Authorization";
+      let headerValue = `Bearer ${token}`;
+      if (auth.type === "api_key") {
+        headerName = auth.headerName || "Authorization";
+        const prefix = auth.headerPrefix ?? "Bearer";
+        headerValue = prefix ? `${prefix} ${token}` : token;
+      }
+      const controller = new AbortController();
+      const timeoutId = setTimeout(() => controller.abort(), timeout);
+      try {
+        const response = await fetch(url, {
+          ...options,
+          signal: controller.signal,
+          headers: {
+            ...options?.headers,
+            [headerName]: headerValue
+          }
+        });
+        return response;
+      } finally {
+        clearTimeout(timeoutId);
+      }
+    };
+    const doFetchWithRetry = async () => {
+      const retryConfig = this.config.retry;
+      const maxRetries = retryConfig?.maxRetries ?? DEFAULT_MAX_RETRIES;
+      const retryableStatuses = retryConfig?.retryableStatuses ?? DEFAULT_RETRYABLE_STATUSES;
+      const baseDelayMs = retryConfig?.baseDelayMs ?? DEFAULT_BASE_DELAY_MS;
+      const maxDelayMs = retryConfig?.maxDelayMs ?? DEFAULT_MAX_DELAY_MS;
+      const backoffConfig = {
+        strategy: "exponential",
+        initialDelayMs: baseDelayMs,
+        maxDelayMs,
+        multiplier: 2,
+        jitter: true,
+        jitterFactor: 0.1
+      };
+      let lastError;
+      let lastResponse;
+      for (let attempt = 1; attempt <= maxRetries + 1; attempt++) {
+        try {
+          const response = await doFetch();
+          if (!response.ok && retryableStatuses.includes(response.status) && attempt <= maxRetries) {
+            lastResponse = response;
+            const delay = calculateBackoff(attempt, backoffConfig);
+            if (this.config.logging?.enabled) {
+              logger.debug(`Connector ${this.name}: Retry ${attempt}/${maxRetries} after ${delay}ms (status ${response.status})`);
+            }
+            await this.sleep(delay);
+            continue;
+          }
+          return response;
+        } catch (error) {
+          lastError = error;
+          if (lastError.name === "AbortError") {
+            throw new Error(`Request timeout after ${timeout}ms: ${url}`);
+          }
+          if (attempt <= maxRetries && !options?.skipRetry) {
+            const delay = calculateBackoff(attempt, backoffConfig);
+            if (this.config.logging?.enabled) {
+              logger.debug(`Connector ${this.name}: Retry ${attempt}/${maxRetries} after ${delay}ms (error: ${lastError.message})`);
+            }
+            await this.sleep(delay);
+            continue;
+          }
+          throw lastError;
+        }
+      }
+      if (lastResponse) {
+        return lastResponse;
+      }
+      throw lastError ?? new Error("Unknown error during fetch");
+    };
+    try {
+      let response;
+      if (this.circuitBreaker && !options?.skipCircuitBreaker) {
+        response = await this.circuitBreaker.execute(doFetchWithRetry);
+      } else {
+        response = await doFetchWithRetry();
+      }
+      const latency = Date.now() - startTime;
+      this.successCount++;
+      this.totalLatencyMs += latency;
+      metrics.timing("connector.latency", latency, { connector: this.name });
+      metrics.increment("connector.success", 1, { connector: this.name });
+      if (this.config.logging?.enabled) {
+        this.logResponse(url, response, latency);
+      }
+      return response;
+    } catch (error) {
+      const latency = Date.now() - startTime;
+      this.failureCount++;
+      this.totalLatencyMs += latency;
+      metrics.increment("connector.failure", 1, { connector: this.name, error: error.name });
+      if (this.config.logging?.enabled) {
+        logger.error(
+          { connector: this.name, url, latency, error: error.message },
+          `Connector ${this.name} fetch failed: ${error.message}`
+        );
+      }
+      throw error;
+    }
+  }
+  /**
+   * Make an authenticated fetch request and parse JSON response
+   * Throws on non-OK responses
+   *
+   * @param endpoint - API endpoint (relative to baseURL) or full URL
+   * @param options - Fetch options with connector-specific settings
+   * @param userId - Optional user ID for multi-user OAuth
+   * @returns Parsed JSON response
+   */
+  async fetchJSON(endpoint, options, userId) {
+    const response = await this.fetch(endpoint, options, userId);
+    const text = await response.text();
+    let data;
+    try {
+      data = JSON.parse(text);
+    } catch {
+      if (!response.ok) {
+        throw new Error(`HTTP ${response.status}: ${text}`);
+      }
+      throw new Error(`Invalid JSON response: ${text.slice(0, 100)}`);
+    }
+    if (!response.ok) {
+      const errorMsg = typeof data === "object" && data !== null ? JSON.stringify(data) : text;
+      throw new Error(`HTTP ${response.status}: ${errorMsg}`);
+    }
+    return data;
+  }
+  // ============ Private Helpers ============
+  sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+  }
+  logRequest(url, options) {
+    const logData = {
+      connector: this.name,
+      method: options?.method ?? "GET",
+      url
+    };
+    if (this.config.logging?.logHeaders && options?.headers) {
+      const headers = { ...options.headers };
+      if (headers["Authorization"]) {
+        headers["Authorization"] = "[REDACTED]";
+      }
+      if (headers["authorization"]) {
+        headers["authorization"] = "[REDACTED]";
+      }
+      logData.headers = headers;
+    }
+    if (this.config.logging?.logBody && options?.body) {
+      logData.body = typeof options.body === "string" ? options.body.slice(0, 1e3) : "[non-string body]";
+    }
+    logger.debug(logData, `Connector ${this.name} request`);
+  }
+  logResponse(url, response, latency) {
+    logger.debug(
+      { connector: this.name, url, status: response.status, latency },
+      `Connector ${this.name} response`
+    );
+  }
+  /**
+   * Dispose of resources
+   */
+  dispose() {
+    if (this.disposed) return;
+    this.disposed = true;
+    this.oauthManager = void 0;
+    this.circuitBreaker = void 0;
+  }
+  /**
+   * Check if connector is disposed
+   */
+  isDisposed() {
+    return this.disposed;
+  }
+  // ============ Private ============
+  initOAuthManager(auth) {
+    const oauthConfig = {
+      flow: auth.flow,
+      clientId: auth.clientId,
+      clientSecret: auth.clientSecret,
+      tokenUrl: auth.tokenUrl,
+      authorizationUrl: auth.authorizationUrl,
+      redirectUri: auth.redirectUri,
+      scope: auth.scope,
+      usePKCE: auth.usePKCE,
+      privateKey: auth.privateKey,
+      privateKeyPath: auth.privateKeyPath,
+      audience: auth.audience,
+      refreshBeforeExpiry: auth.refreshBeforeExpiry,
+      storage: _Connector.defaultStorage,
+      storageKey: auth.storageKey ?? this.name
+    };
+    this.oauthManager = new OAuthManager(oauthConfig);
+  }
+  initJWTManager(auth) {
+    this.oauthManager = new OAuthManager({
+      flow: "jwt_bearer",
+      clientId: auth.clientId,
+      tokenUrl: auth.tokenUrl,
+      privateKey: auth.privateKey,
+      privateKeyPath: auth.privateKeyPath,
+      scope: auth.scope,
+      audience: auth.audience,
+      storage: _Connector.defaultStorage,
+      storageKey: this.name
+    });
+  }
+};
+// src/core/Vendor.ts
+var Vendor = {
+  OpenAI: "openai",
+  Google: "google",
+  Grok: "grok"};
+// src/domain/errors/AIErrors.ts
+var AIError = class _AIError extends Error {
+  constructor(message, code, statusCode, originalError) {
+    super(message);
+    this.code = code;
+    this.statusCode = statusCode;
+    this.originalError = originalError;
+    this.name = "AIError";
+    Object.setPrototypeOf(this, _AIError.prototype);
+  }
+};
+var ProviderAuthError = class _ProviderAuthError extends AIError {
+  constructor(providerName, message = "Authentication failed") {
+    super(
+      `${providerName}: ${message}`,
+      "PROVIDER_AUTH_ERROR",
+      401
+    );
+    this.name = "ProviderAuthError";
+    Object.setPrototypeOf(this, _ProviderAuthError.prototype);
+  }
+};
+var ProviderRateLimitError = class _ProviderRateLimitError extends AIError {
+  constructor(providerName, retryAfter) {
+    super(
+      `${providerName}: Rate limit exceeded${retryAfter ? `. Retry after ${retryAfter}ms` : ""}`,
+      "PROVIDER_RATE_LIMIT",
+      429
+    );
+    this.retryAfter = retryAfter;
+    this.name = "ProviderRateLimitError";
+    Object.setPrototypeOf(this, _ProviderRateLimitError.prototype);
+  }
+};
+var InvalidConfigError = class _InvalidConfigError extends AIError {
+  constructor(message) {
+    super(message, "INVALID_CONFIG", 400);
+    this.name = "InvalidConfigError";
+    Object.setPrototypeOf(this, _InvalidConfigError.prototype);
+  }
+};
+var ProviderError = class _ProviderError extends AIError {
+  constructor(providerName, message, statusCode, originalError) {
+    super(
+      `${providerName}: ${message}`,
+      "PROVIDER_ERROR",
+      statusCode,
+      originalError
+    );
+    this.providerName = providerName;
+    this.name = "ProviderError";
+    Object.setPrototypeOf(this, _ProviderError.prototype);
+  }
+};
+// src/infrastructure/providers/base/BaseProvider.ts
+var BaseProvider = class {
+  constructor(config) {
+    this.config = config;
+  }
+  /**
+   * Validate provider configuration
+   * Returns validation result with details
+   */
+  async validateConfig() {
+    const validation = this.validateApiKey();
+    return validation.isValid;
+  }
+  /**
+   * Validate API key format and presence
+   * Can be overridden by providers with specific key formats
+   */
+  validateApiKey() {
+    const apiKey = this.config.apiKey;
+    if (!apiKey || apiKey.trim().length === 0) {
+      return { isValid: false };
+    }
+    const placeholders = [
+      "your-api-key",
+      "YOUR_API_KEY",
+      "sk-xxx",
+      "api-key-here",
+      "REPLACE_ME",
+      "<your-key>"
+    ];
+    if (placeholders.some((p) => apiKey.includes(p))) {
+      return {
+        isValid: false,
+        warning: `API key appears to be a placeholder value`
+      };
+    }
+    return this.validateProviderSpecificKeyFormat(apiKey);
+  }
+  /**
+   * Override this method in provider implementations for specific key format validation
+   */
+  validateProviderSpecificKeyFormat(_apiKey) {
+    return { isValid: true };
+  }
+  /**
+   * Validate config and throw if invalid
+   */
+  assertValidConfig() {
+    const validation = this.validateApiKey();
+    if (!validation.isValid) {
+      throw new InvalidConfigError(
+        `Invalid API key for provider '${this.name}'${validation.warning ? `: ${validation.warning}` : ""}`
+      );
+    }
+  }
+  /**
+   * Get API key from config
+   */
+  getApiKey() {
+    return this.config.apiKey;
+  }
+  /**
+   * Get base URL if configured
+   */
+  getBaseURL() {
+    return this.config.baseURL;
+  }
+  /**
+   * Get timeout configuration
+   */
+  getTimeout() {
+    return this.config.timeout || 6e4;
+  }
+  /**
+   * Get max retries configuration
+   */
+  getMaxRetries() {
+    return this.config.maxRetries || 3;
+  }
+};
+// src/infrastructure/providers/base/BaseMediaProvider.ts
+var BaseMediaProvider = class extends BaseProvider {
+  circuitBreaker;
+  logger;
+  _isObservabilityInitialized = false;
+  constructor(config) {
+    super(config);
+    this.logger = logger.child({
+      component: "MediaProvider",
+      provider: "unknown"
+    });
+  }
+  /**
+   * Auto-initialize observability on first use (lazy initialization)
+   * This is called automatically by executeWithCircuitBreaker()
+   * @internal
+   */
+  ensureObservabilityInitialized() {
+    if (this._isObservabilityInitialized) {
+      return;
+    }
+    const providerName = this.name || "unknown";
+    const cbConfig = this.config.circuitBreaker || DEFAULT_CIRCUIT_BREAKER_CONFIG;
+    this.circuitBreaker = new CircuitBreaker(
+      `media-provider:${providerName}`,
+      cbConfig
+    );
+    this.logger = logger.child({
+      component: "MediaProvider",
+      provider: providerName
+    });
+    this.circuitBreaker.on("opened", (data) => {
+      this.logger.warn(data, "Circuit breaker opened");
+      metrics.increment("circuit_breaker.opened", 1, {
+        breaker: data.name,
+        provider: providerName
+      });
+    });
+    this.circuitBreaker.on("closed", (data) => {
+      this.logger.info(data, "Circuit breaker closed");
+      metrics.increment("circuit_breaker.closed", 1, {
+        breaker: data.name,
+        provider: providerName
+      });
+    });
+    this._isObservabilityInitialized = true;
+  }
+  /**
+   * Execute operation with circuit breaker protection
+   * Automatically records metrics and handles errors
+   *
+   * @param operation - The async operation to execute
+   * @param operationName - Name of the operation for metrics (e.g., 'image.generate', 'audio.synthesize')
+   * @param metadata - Additional metadata to log/record
+   */
+  async executeWithCircuitBreaker(operation, operationName, metadata) {
+    this.ensureObservabilityInitialized();
+    const startTime = Date.now();
+    const metricLabels = {
+      provider: this.name,
+      operation: operationName,
+      ...metadata
+    };
+    try {
+      const result = await this.circuitBreaker.execute(operation);
+      const duration = Date.now() - startTime;
+      metrics.histogram(`${operationName}.duration`, duration, metricLabels);
+      metrics.increment(`${operationName}.success`, 1, metricLabels);
+      this.logger.debug(
+        { operation: operationName, duration, ...metadata },
+        "Operation completed successfully"
+      );
+      return result;
+    } catch (error) {
+      const duration = Date.now() - startTime;
+      metrics.increment(`${operationName}.error`, 1, {
+        ...metricLabels,
+        error: error instanceof Error ? error.name : "unknown"
+      });
+      this.logger.error(
+        {
+          operation: operationName,
+          duration,
+          error: error instanceof Error ? error.message : String(error),
+          ...metadata
+        },
+        "Operation failed"
+      );
+      throw error;
+    }
+  }
+  /**
+   * Log operation start with context
+   * Useful for logging before async operations
+   */
+  logOperationStart(operation, context) {
+    this.ensureObservabilityInitialized();
+    this.logger.info({ operation, ...context }, `${operation} started`);
+  }
+  /**
+   * Log operation completion with context
+   */
+  logOperationComplete(operation, context) {
+    this.ensureObservabilityInitialized();
+    this.logger.info({ operation, ...context }, `${operation} completed`);
+  }
+};
+// src/infrastructure/providers/openai/OpenAIImageProvider.ts
+var OpenAIImageProvider = class extends BaseMediaProvider {
+  name = "openai-image";
+  vendor = "openai";
+  capabilities = {
+    text: false,
+    images: true,
+    videos: false,
+    audio: false,
+    features: {
+      imageGeneration: true,
+      imageEditing: true
+    }
+  };
+  client;
+  constructor(config) {
+    super({ apiKey: config.auth.apiKey, ...config });
+    this.client = new OpenAI({
+      apiKey: config.auth.apiKey,
+      baseURL: config.baseURL,
+      organization: config.organization,
+      timeout: config.timeout,
+      maxRetries: config.maxRetries
+    });
+  }
+  /**
+   * Generate images from a text prompt
+   */
+  async generateImage(options) {
+    return this.executeWithCircuitBreaker(
+      async () => {
+        try {
+          this.logOperationStart("image.generate", {
+            model: options.model,
+            size: options.size,
+            quality: options.quality,
+            n: options.n
+          });
+          const isGptImage = options.model === "gpt-image-1";
+          const params = {
+            model: options.model,
+            prompt: options.prompt,
+            size: options.size,
+            quality: options.quality,
+            style: options.style,
+            n: options.n || 1
+          };
+          if (!isGptImage) {
+            params.response_format = options.response_format || "b64_json";
+          }
+          const response = await this.client.images.generate(params);
+          const data = response.data || [];
+          this.logOperationComplete("image.generate", {
+            model: options.model,
+            imagesGenerated: data.length
+          });
+          return {
+            created: response.created,
+            data: data.map((img) => ({
+              url: img.url,
+              b64_json: img.b64_json,
+              revised_prompt: img.revised_prompt
+            }))
+          };
+        } catch (error) {
+          this.handleError(error);
+          throw error;
+        }
+      },
+      "image.generate",
+      { model: options.model }
+    );
+  }
+  /**
+   * Edit an existing image with a prompt
+   * Supported by: gpt-image-1, dall-e-2
+   */
+  async editImage(options) {
+    return this.executeWithCircuitBreaker(
+      async () => {
+        try {
+          this.logOperationStart("image.edit", {
+            model: options.model,
+            size: options.size,
+            n: options.n
+          });
+          const image = this.prepareImageInput(options.image);
+          const mask = options.mask ? this.prepareImageInput(options.mask) : void 0;
+          const isGptImage = options.model === "gpt-image-1";
+          const params = {
+            model: options.model,
+            image,
+            prompt: options.prompt,
+            mask,
+            size: options.size,
+            n: options.n || 1
+          };
+          if (!isGptImage) {
+            params.response_format = options.response_format || "b64_json";
+          }
+          const response = await this.client.images.edit(params);
+          const data = response.data || [];
+          this.logOperationComplete("image.edit", {
+            model: options.model,
+            imagesGenerated: data.length
+          });
+          return {
+            created: response.created,
+            data: data.map((img) => ({
+              url: img.url,
+              b64_json: img.b64_json,
+              revised_prompt: img.revised_prompt
+            }))
+          };
+        } catch (error) {
+          this.handleError(error);
+          throw error;
+        }
+      },
+      "image.edit",
+      { model: options.model }
+    );
+  }
+  /**
+   * Create variations of an existing image
+   * Supported by: dall-e-2 only
+   */
+  async createVariation(options) {
+    return this.executeWithCircuitBreaker(
+      async () => {
+        try {
+          this.logOperationStart("image.variation", {
+            model: options.model,
+            size: options.size,
+            n: options.n
+          });
+          const image = this.prepareImageInput(options.image);
+          const response = await this.client.images.createVariation({
+            model: options.model,
+            image,
+            size: options.size,
+            n: options.n || 1,
+            response_format: options.response_format || "b64_json"
+          });
+          const data = response.data || [];
+          this.logOperationComplete("image.variation", {
+            model: options.model,
+            imagesGenerated: data.length
+          });
+          return {
+            created: response.created,
+            data: data.map((img) => ({
+              url: img.url,
+              b64_json: img.b64_json,
+              revised_prompt: img.revised_prompt
+            }))
+          };
+        } catch (error) {
+          this.handleError(error);
+          throw error;
+        }
+      },
+      "image.variation",
+      { model: options.model }
+    );
+  }
+  /**
+   * List available image models
+   */
+  async listModels() {
+    return ["gpt-image-1", "dall-e-3", "dall-e-2"];
+  }
+  /**
+   * Prepare image input (Buffer or file path) for OpenAI API
+   */
+  prepareImageInput(image) {
+    if (Buffer.isBuffer(image)) {
+      return new File([new Uint8Array(image)], "image.png", { type: "image/png" });
+    }
+    return fs2.createReadStream(image);
+  }
+  /**
+   * Handle OpenAI API errors
+   */
+  handleError(error) {
+    const message = error.message || "Unknown OpenAI API error";
+    const status = error.status;
+    if (status === 401) {
+      throw new ProviderAuthError("openai", "Invalid API key");
+    }
+    if (status === 429) {
+      throw new ProviderRateLimitError("openai", message);
+    }
+    if (status === 400) {
+      if (message.includes("safety system")) {
+        throw new ProviderError("openai", `Content policy violation: ${message}`);
+      }
+      throw new ProviderError("openai", `Bad request: ${message}`);
+    }
+    throw new ProviderError("openai", message);
+  }
+};
+var GoogleImageProvider = class extends BaseMediaProvider {
+  name = "google-image";
+  vendor = "google";
+  capabilities = {
+    text: false,
+    images: true,
+    videos: false,
+    audio: false,
+    features: {
+      imageGeneration: true,
+      imageEditing: true
+    }
+  };
+  client;
+  constructor(config) {
+    super(config);
+    this.client = new GoogleGenAI({
+      apiKey: config.apiKey
+    });
+  }
+  /**
+   * Generate images from a text prompt using Google Imagen
+   */
+  async generateImage(options) {
+    return this.executeWithCircuitBreaker(
+      async () => {
+        try {
+          this.logOperationStart("image.generate", {
+            model: options.model,
+            n: options.n
+          });
+          const googleOptions = options;
+          const response = await this.client.models.generateImages({
+            model: options.model,
+            prompt: options.prompt,
+            config: {
+              numberOfImages: options.n || 1,
+              negativePrompt: googleOptions.negativePrompt,
+              aspectRatio: googleOptions.aspectRatio,
+              seed: googleOptions.seed,
+              outputMimeType: googleOptions.outputMimeType,
+              includeRaiReason: googleOptions.includeRaiReason
+            }
+          });
+          const images = response.generatedImages || [];
+          this.logOperationComplete("image.generate", {
+            model: options.model,
+            imagesGenerated: images.length
+          });
+          return {
+            created: Math.floor(Date.now() / 1e3),
+            data: images.map((img) => ({
+              b64_json: img.image?.imageBytes
+              // Google doesn't provide URLs, only base64
+            }))
+          };
+        } catch (error) {
+          this.handleError(error);
+          throw error;
+        }
+      },
+      "image.generate",
+      { model: options.model }
+    );
+  }
+  /**
+   * Edit an existing image using Imagen capability model
+   * Uses imagen-3.0-capability-001
+   */
+  async editImage(options) {
+    return this.executeWithCircuitBreaker(
+      async () => {
+        try {
+          this.logOperationStart("image.edit", {
+            model: options.model,
+            n: options.n
+          });
+          const referenceImage = await this.prepareReferenceImage(options.image);
+          const response = await this.client.models.editImage({
+            model: options.model || "imagen-3.0-capability-001",
+            prompt: options.prompt,
+            referenceImages: [referenceImage],
+            config: {
+              numberOfImages: options.n || 1
+            }
+          });
+          const images = response.generatedImages || [];
+          this.logOperationComplete("image.edit", {
+            model: options.model,
+            imagesGenerated: images.length
+          });
+          return {
+            created: Math.floor(Date.now() / 1e3),
+            data: images.map((img) => ({
+              b64_json: img.image?.imageBytes
+            }))
+          };
+        } catch (error) {
+          this.handleError(error);
+          throw error;
+        }
+      },
+      "image.edit",
+      { model: options.model }
+    );
+  }
+  /**
+   * List available image models
+   */
+  async listModels() {
+    return [
+      "imagen-4.0-generate-001",
+      "imagen-4.0-ultra-generate-001",
+      "imagen-4.0-fast-generate-001"
+    ];
+  }
+  /**
+   * Prepare a reference image for Google's editImage API
+   */
+  async prepareReferenceImage(image) {
+    let imageBytes;
+    if (Buffer.isBuffer(image)) {
+      imageBytes = image.toString("base64");
+    } else {
+      const fs5 = await import('fs');
+      const buffer = fs5.readFileSync(image);
+      imageBytes = buffer.toString("base64");
+    }
+    return {
+      referenceImage: {
+        image: {
+          imageBytes
+        }
+      },
+      referenceType: "REFERENCE_TYPE_SUBJECT"
+    };
+  }
+  /**
+   * Handle Google API errors
+   */
+  handleError(error) {
+    const message = error.message || "Unknown Google API error";
+    const status = error.status || error.code;
+    if (status === 401 || message.includes("API key not valid")) {
+      throw new ProviderAuthError("google", "Invalid API key");
+    }
+    if (status === 429 || message.includes("Resource exhausted")) {
+      throw new ProviderRateLimitError("google", message);
+    }
+    if (status === 400) {
+      if (message.includes("SAFETY") || message.includes("blocked") || message.includes("Responsible AI")) {
+        throw new ProviderError("google", `Content policy violation: ${message}`);
+      }
+      throw new ProviderError("google", `Bad request: ${message}`);
+    }
+    throw new ProviderError("google", message);
+  }
+};
+var GROK_API_BASE_URL = "https://api.x.ai/v1";
+var GrokImageProvider = class extends BaseMediaProvider {
+  name = "grok-image";
+  vendor = "grok";
+  capabilities = {
+    text: false,
+    images: true,
+    videos: false,
+    audio: false,
+    features: {
+      imageGeneration: true,
+      imageEditing: true
+    }
+  };
+  client;
+  constructor(config) {
+    super({ apiKey: config.auth.apiKey, ...config });
+    this.client = new OpenAI({
+      apiKey: config.auth.apiKey,
+      baseURL: config.baseURL || GROK_API_BASE_URL,
+      timeout: config.timeout,
+      maxRetries: config.maxRetries
+    });
+  }
+  /**
+   * Generate images from a text prompt
+   */
+  async generateImage(options) {
+    return this.executeWithCircuitBreaker(
+      async () => {
+        try {
+          this.logOperationStart("image.generate", {
+            model: options.model,
+            size: options.size,
+            quality: options.quality,
+            n: options.n
+          });
+          const params = {
+            model: options.model || "grok-imagine-image",
+            prompt: options.prompt,
+            n: options.n || 1,
+            response_format: options.response_format || "b64_json"
+          };
+          if (options.aspectRatio) {
+            params.aspect_ratio = options.aspectRatio;
+          }
+          const response = await this.client.images.generate(params);
+          const data = response.data || [];
+          this.logOperationComplete("image.generate", {
+            model: options.model,
+            imagesGenerated: data.length
+          });
+          return {
+            created: response.created,
+            data: data.map((img) => ({
+              url: img.url,
+              b64_json: img.b64_json,
+              revised_prompt: img.revised_prompt
+            }))
+          };
+        } catch (error) {
+          this.handleError(error);
+          throw error;
+        }
+      },
+      "image.generate",
+      { model: options.model }
+    );
+  }
+  /**
+   * Edit an existing image with a prompt
+   */
+  async editImage(options) {
+    return this.executeWithCircuitBreaker(
+      async () => {
+        try {
+          this.logOperationStart("image.edit", {
+            model: options.model,
+            size: options.size,
+            n: options.n
+          });
+          const image = this.prepareImageInput(options.image);
+          const mask = options.mask ? this.prepareImageInput(options.mask) : void 0;
+          const params = {
+            model: options.model || "grok-imagine-image",
+            image,
+            prompt: options.prompt,
+            mask,
+            size: options.size,
+            n: options.n || 1,
+            response_format: options.response_format || "b64_json"
+          };
+          const response = await this.client.images.edit(params);
+          const data = response.data || [];
+          this.logOperationComplete("image.edit", {
+            model: options.model,
+            imagesGenerated: data.length
+          });
+          return {
+            created: response.created,
+            data: data.map((img) => ({
+              url: img.url,
+              b64_json: img.b64_json,
+              revised_prompt: img.revised_prompt
+            }))
+          };
+        } catch (error) {
+          this.handleError(error);
+          throw error;
+        }
+      },
+      "image.edit",
+      { model: options.model }
+    );
+  }
+  /**
+   * List available image models
+   */
+  async listModels() {
+    return ["grok-imagine-image"];
+  }
+  /**
+   * Prepare image input (Buffer or file path) for API
+   */
+  prepareImageInput(image) {
+    if (Buffer.isBuffer(image)) {
+      return new File([new Uint8Array(image)], "image.png", { type: "image/png" });
+    }
+    return fs2.createReadStream(image);
+  }
+  /**
+   * Handle API errors
+   */
+  handleError(error) {
+    const message = error.message || "Unknown Grok API error";
+    const status = error.status;
+    if (status === 401) {
+      throw new ProviderAuthError("grok", "Invalid API key");
+    }
+    if (status === 429) {
+      throw new ProviderRateLimitError("grok", message);
+    }
+    if (status === 400) {
+      if (message.includes("safety") || message.includes("policy")) {
+        throw new ProviderError("grok", `Content policy violation: ${message}`);
+      }
+      throw new ProviderError("grok", `Bad request: ${message}`);
+    }
+    throw new ProviderError("grok", message);
+  }
+};
+// src/core/createImageProvider.ts
+function createImageProvider(connector) {
+  const vendor = connector.vendor;
+  switch (vendor) {
+    case Vendor.OpenAI:
+      return new OpenAIImageProvider(extractOpenAIConfig(connector));
+    case Vendor.Google:
+      return new GoogleImageProvider(extractGoogleConfig(connector));
+    case Vendor.Grok:
+      return new GrokImageProvider(extractGrokConfig(connector));
+    default:
+      throw new Error(
+        `No Image provider available for vendor: ${vendor}. Supported vendors: ${Vendor.OpenAI}, ${Vendor.Google}, ${Vendor.Grok}`
+      );
+  }
+}
+function extractOpenAIConfig(connector) {
+  const auth = connector.config.auth;
+  if (auth.type !== "api_key") {
+    throw new Error("OpenAI requires API key authentication");
+  }
+  const options = connector.getOptions();
+  return {
+    auth: {
+      type: "api_key",
+      apiKey: auth.apiKey
+    },
+    baseURL: connector.baseURL,
+    organization: options.organization,
+    timeout: options.timeout,
+    maxRetries: options.maxRetries
+  };
+}
+function extractGoogleConfig(connector) {
+  const auth = connector.config.auth;
+  if (auth.type !== "api_key") {
+    throw new Error("Google requires API key authentication");
+  }
+  return {
+    apiKey: auth.apiKey
+  };
+}
+function extractGrokConfig(connector) {
+  const auth = connector.config.auth;
+  if (auth.type !== "api_key") {
+    throw new Error("Grok requires API key authentication");
+  }
+  const options = connector.getOptions();
+  return {
+    auth: {
+      type: "api_key",
+      apiKey: auth.apiKey
+    },
+    baseURL: connector.baseURL,
+    timeout: options.timeout,
+    maxRetries: options.maxRetries
+  };
+}
+// src/domain/entities/RegistryUtils.ts
+function createRegistryHelpers(registry) {
+  return {
+    /**
+     * Get model information by name
+     */
+    getInfo: (modelName) => {
+      return registry[modelName];
+    },
+    /**
+     * Get all active models for a specific vendor
+     */
+    getByVendor: (vendor) => {
+      return Object.values(registry).filter(
+        (model) => model.provider === vendor && model.isActive
+      );
+    },
+    /**
+     * Get all currently active models (across all vendors)
+     */
+    getActive: () => {
+      return Object.values(registry).filter((model) => model.isActive);
+    },
+    /**
+     * Get all models (including inactive/deprecated)
+     */
+    getAll: () => {
+      return Object.values(registry);
+    },
+    /**
+     * Check if model exists in registry
+     */
+    has: (modelName) => {
+      return modelName in registry;
+    }
+  };
+}
+// src/domain/entities/ImageModel.ts
+var IMAGE_MODELS = {
+  [Vendor.OpenAI]: {
+    /** GPT-Image-1: Latest OpenAI image model with best quality */
+    GPT_IMAGE_1: "gpt-image-1",
+    /** DALL-E 3: High quality image generation */
+    DALL_E_3: "dall-e-3",
+    /** DALL-E 2: Fast, supports editing and variations */
+    DALL_E_2: "dall-e-2"
+  },
+  [Vendor.Google]: {
+    /** Imagen 4.0: Latest Google image generation model */
+    IMAGEN_4_GENERATE: "imagen-4.0-generate-001",
+    /** Imagen 4.0 Ultra: Highest quality */
+    IMAGEN_4_ULTRA: "imagen-4.0-ultra-generate-001",
+    /** Imagen 4.0 Fast: Optimized for speed */
+    IMAGEN_4_FAST: "imagen-4.0-fast-generate-001"
+  },
+  [Vendor.Grok]: {
+    /** Grok Imagine Image: xAI image generation with editing support */
+    GROK_IMAGINE_IMAGE: "grok-imagine-image",
+    /** Grok 2 Image: xAI image generation (text-only input) */
+    GROK_2_IMAGE_1212: "grok-2-image-1212"
+  }
+};
+var IMAGE_MODEL_REGISTRY = {
+  // ======================== OpenAI ========================
+  "gpt-image-1": {
+    name: "gpt-image-1",
+    displayName: "GPT-Image-1",
+    provider: Vendor.OpenAI,
+    description: "OpenAI latest image generation model with best quality and features",
+    isActive: true,
+    releaseDate: "2025-04-01",
+    sources: {
+      documentation: "https://platform.openai.com/docs/guides/images",
+      pricing: "https://openai.com/pricing",
+      lastVerified: "2026-01-25"
+    },
+    capabilities: {
+      sizes: ["1024x1024", "1024x1536", "1536x1024", "auto"],
+      maxImagesPerRequest: 10,
+      outputFormats: ["png", "webp", "jpeg"],
+      features: {
+        generation: true,
+        editing: true,
+        variations: false,
+        styleControl: false,
+        qualityControl: true,
+        transparency: true,
+        promptRevision: false
+      },
+      limits: { maxPromptLength: 32e3 },
+      vendorOptions: {
+        quality: {
+          type: "enum",
+          label: "Quality",
+          description: "Image quality level",
+          enum: ["auto", "low", "medium", "high"],
+          default: "auto",
+          controlType: "select"
+        },
+        background: {
+          type: "enum",
+          label: "Background",
+          description: "Background transparency",
+          enum: ["auto", "transparent", "opaque"],
+          default: "auto",
+          controlType: "select"
+        },
+        output_format: {
+          type: "enum",
+          label: "Output Format",
+          description: "Image file format",
+          enum: ["png", "jpeg", "webp"],
+          default: "png",
+          controlType: "select"
+        },
+        output_compression: {
+          type: "number",
+          label: "Compression",
+          description: "Compression level for JPEG/WebP (0-100)",
+          min: 0,
+          max: 100,
+          default: 75,
+          controlType: "slider"
+        },
+        moderation: {
+          type: "enum",
+          label: "Moderation",
+          description: "Content moderation strictness",
+          enum: ["auto", "low"],
+          default: "auto",
+          controlType: "radio"
+        }
+      }
+    },
+    pricing: {
+      perImageStandard: 0.011,
+      perImageHD: 0.042,
+      currency: "USD"
+    }
+  },
+  "dall-e-3": {
+    name: "dall-e-3",
+    displayName: "DALL-E 3",
+    provider: Vendor.OpenAI,
+    description: "High quality image generation with prompt revision",
+    isActive: true,
+    releaseDate: "2023-11-06",
+    deprecationDate: "2026-05-12",
+    sources: {
+      documentation: "https://platform.openai.com/docs/guides/images",
+      pricing: "https://openai.com/pricing",
+      lastVerified: "2026-01-25"
+    },
+    capabilities: {
+      sizes: ["1024x1024", "1024x1792", "1792x1024"],
+      maxImagesPerRequest: 1,
+      outputFormats: ["png", "url"],
+      features: {
+        generation: true,
+        editing: false,
+        variations: false,
+        styleControl: true,
+        qualityControl: true,
+        transparency: false,
+        promptRevision: true
+      },
+      limits: { maxPromptLength: 4e3 },
+      vendorOptions: {
+        quality: {
+          type: "enum",
+          label: "Quality",
+          description: "Image quality: standard or HD",
+          enum: ["standard", "hd"],
+          default: "standard",
+          controlType: "radio"
+        },
+        style: {
+          type: "enum",
+          label: "Style",
+          description: "Image style: vivid (hyper-real) or natural",
+          enum: ["vivid", "natural"],
+          default: "vivid",
+          controlType: "radio"
+        }
+      }
+    },
+    pricing: {
+      perImageStandard: 0.04,
+      perImageHD: 0.08,
+      currency: "USD"
+    }
+  },
+  "dall-e-2": {
+    name: "dall-e-2",
+    displayName: "DALL-E 2",
+    provider: Vendor.OpenAI,
+    description: "Fast image generation with editing and variation support",
+    isActive: true,
+    releaseDate: "2022-11-03",
+    deprecationDate: "2026-05-12",
+    sources: {
+      documentation: "https://platform.openai.com/docs/guides/images",
+      pricing: "https://openai.com/pricing",
+      lastVerified: "2026-01-25"
+    },
+    capabilities: {
+      sizes: ["256x256", "512x512", "1024x1024"],
+      maxImagesPerRequest: 10,
+      outputFormats: ["png", "url"],
+      features: {
+        generation: true,
+        editing: true,
+        variations: true,
+        styleControl: false,
+        qualityControl: false,
+        transparency: false,
+        promptRevision: false
+      },
+      limits: { maxPromptLength: 1e3 },
+      vendorOptions: {}
+    },
+    pricing: {
+      perImage: 0.02,
+      currency: "USD"
+    }
+  },
+  // ======================== Google ========================
+  "imagen-4.0-generate-001": {
+    name: "imagen-4.0-generate-001",
+    displayName: "Imagen 4.0 Generate",
+    provider: Vendor.Google,
+    description: "Google Imagen 4.0 - standard quality image generation",
+    isActive: true,
+    releaseDate: "2025-06-01",
+    sources: {
+      documentation: "https://ai.google.dev/gemini-api/docs/imagen",
+      pricing: "https://ai.google.dev/pricing",
+      lastVerified: "2026-01-25"
+    },
+    capabilities: {
+      sizes: ["1024x1024"],
+      aspectRatios: ["1:1", "3:4", "4:3", "9:16", "16:9"],
+      maxImagesPerRequest: 4,
+      outputFormats: ["png", "jpeg"],
+      features: {
+        generation: true,
+        editing: false,
+        variations: false,
+        styleControl: false,
+        qualityControl: false,
+        transparency: false,
+        promptRevision: false
+      },
+      limits: { maxPromptLength: 480 },
+      vendorOptions: {
+        aspectRatio: {
+          type: "enum",
+          label: "Aspect Ratio",
+          description: "Output image proportions",
+          enum: ["1:1", "3:4", "4:3", "16:9", "9:16"],
+          default: "1:1",
+          controlType: "select"
+        },
+        sampleImageSize: {
+          type: "enum",
+          label: "Resolution",
+          description: "Output image resolution",
+          enum: ["1K", "2K"],
+          default: "1K",
+          controlType: "radio"
+        },
+        outputMimeType: {
+          type: "enum",
+          label: "Output Format",
+          description: "Image file format",
+          enum: ["image/png", "image/jpeg"],
+          default: "image/png",
+          controlType: "select"
+        },
+        negativePrompt: {
+          type: "string",
+          label: "Negative Prompt",
+          description: "Elements to avoid in the generated image",
+          controlType: "textarea"
+        },
+        personGeneration: {
+          type: "enum",
+          label: "Person Generation",
+          description: "Controls whether people can appear in images",
+          enum: ["dont_allow", "allow_adult", "allow_all"],
+          default: "allow_adult",
+          controlType: "select"
+        },
+        safetyFilterLevel: {
+          type: "enum",
+          label: "Safety Filter",
+          description: "Content safety filtering threshold",
+          enum: ["block_none", "block_only_high", "block_medium_and_above", "block_low_and_above"],
+          default: "block_medium_and_above",
+          controlType: "select"
+        },
+        enhancePrompt: {
+          type: "boolean",
+          label: "Enhance Prompt",
+          description: "Use LLM-based prompt rewriting for better quality",
+          default: true,
+          controlType: "checkbox"
+        },
+        seed: {
+          type: "number",
+          label: "Seed",
+          description: "Random seed for reproducible generation (1-2147483647)",
+          min: 1,
+          max: 2147483647,
+          controlType: "text"
+        },
+        addWatermark: {
+          type: "boolean",
+          label: "Add Watermark",
+          description: "Add invisible SynthID watermark",
+          default: true,
+          controlType: "checkbox"
+        },
+        language: {
+          type: "enum",
+          label: "Prompt Language",
+          description: "Language of the input prompt",
+          enum: ["auto", "en", "zh", "zh-CN", "zh-TW", "hi", "ja", "ko", "pt", "es"],
+          default: "en",
+          controlType: "select"
+        }
+      }
+    },
+    pricing: {
+      perImage: 0.04,
+      currency: "USD"
+    }
+  },
+  "imagen-4.0-ultra-generate-001": {
+    name: "imagen-4.0-ultra-generate-001",
+    displayName: "Imagen 4.0 Ultra",
+    provider: Vendor.Google,
+    description: "Google Imagen 4.0 Ultra - highest quality image generation",
+    isActive: true,
+    releaseDate: "2025-06-01",
+    sources: {
+      documentation: "https://ai.google.dev/gemini-api/docs/imagen",
+      pricing: "https://ai.google.dev/pricing",
+      lastVerified: "2026-01-25"
+    },
+    capabilities: {
+      sizes: ["1024x1024"],
+      aspectRatios: ["1:1", "3:4", "4:3", "9:16", "16:9"],
+      maxImagesPerRequest: 4,
+      outputFormats: ["png", "jpeg"],
+      features: {
+        generation: true,
+        editing: false,
+        variations: false,
+        styleControl: false,
+        qualityControl: true,
+        transparency: false,
+        promptRevision: false
+      },
+      limits: { maxPromptLength: 480 },
+      vendorOptions: {
+        aspectRatio: {
+          type: "enum",
+          label: "Aspect Ratio",
+          description: "Output image proportions",
+          enum: ["1:1", "3:4", "4:3", "16:9", "9:16"],
+          default: "1:1",
+          controlType: "select"
+        },
+        sampleImageSize: {
+          type: "enum",
+          label: "Resolution",
+          description: "Output image resolution",
+          enum: ["1K", "2K"],
+          default: "1K",
+          controlType: "radio"
+        },
+        outputMimeType: {
+          type: "enum",
+          label: "Output Format",
+          description: "Image file format",
+          enum: ["image/png", "image/jpeg"],
+          default: "image/png",
+          controlType: "select"
+        },
+        negativePrompt: {
+          type: "string",
+          label: "Negative Prompt",
+          description: "Elements to avoid in the generated image",
+          controlType: "textarea"
+        },
+        personGeneration: {
+          type: "enum",
+          label: "Person Generation",
+          description: "Controls whether people can appear in images",
+          enum: ["dont_allow", "allow_adult", "allow_all"],
+          default: "allow_adult",
+          controlType: "select"
+        },
+        safetyFilterLevel: {
+          type: "enum",
+          label: "Safety Filter",
+          description: "Content safety filtering threshold",
+          enum: ["block_none", "block_only_high", "block_medium_and_above", "block_low_and_above"],
+          default: "block_medium_and_above",
+          controlType: "select"
+        },
+        enhancePrompt: {
+          type: "boolean",
+          label: "Enhance Prompt",
+          description: "Use LLM-based prompt rewriting for better quality",
+          default: true,
+          controlType: "checkbox"
+        },
+        seed: {
+          type: "number",
+          label: "Seed",
+          description: "Random seed for reproducible generation (1-2147483647)",
+          min: 1,
+          max: 2147483647,
+          controlType: "text"
+        },
+        addWatermark: {
+          type: "boolean",
+          label: "Add Watermark",
+          description: "Add invisible SynthID watermark",
+          default: true,
+          controlType: "checkbox"
+        },
+        language: {
+          type: "enum",
+          label: "Prompt Language",
+          description: "Language of the input prompt",
+          enum: ["auto", "en", "zh", "zh-CN", "zh-TW", "hi", "ja", "ko", "pt", "es"],
+          default: "en",
+          controlType: "select"
+        }
+      }
+    },
+    pricing: {
+      perImage: 0.08,
+      currency: "USD"
+    }
+  },
+  "imagen-4.0-fast-generate-001": {
+    name: "imagen-4.0-fast-generate-001",
+    displayName: "Imagen 4.0 Fast",
+    provider: Vendor.Google,
+    description: "Google Imagen 4.0 Fast - optimized for speed",
+    isActive: true,
+    releaseDate: "2025-06-01",
+    sources: {
+      documentation: "https://ai.google.dev/gemini-api/docs/imagen",
+      pricing: "https://ai.google.dev/pricing",
+      lastVerified: "2026-01-25"
+    },
+    capabilities: {
+      sizes: ["1024x1024"],
+      aspectRatios: ["1:1", "3:4", "4:3", "9:16", "16:9"],
+      maxImagesPerRequest: 4,
+      outputFormats: ["png", "jpeg"],
+      features: {
+        generation: true,
+        editing: false,
+        variations: false,
+        styleControl: false,
+        qualityControl: false,
+        transparency: false,
+        promptRevision: false
+      },
+      limits: { maxPromptLength: 480 },
+      vendorOptions: {
+        aspectRatio: {
+          type: "enum",
+          label: "Aspect Ratio",
+          description: "Output image proportions",
+          enum: ["1:1", "3:4", "4:3", "16:9", "9:16"],
+          default: "1:1",
+          controlType: "select"
+        },
+        sampleImageSize: {
+          type: "enum",
+          label: "Resolution",
+          description: "Output image resolution",
+          enum: ["1K", "2K"],
+          default: "1K",
+          controlType: "radio"
+        },
+        outputMimeType: {
+          type: "enum",
+          label: "Output Format",
+          description: "Image file format",
+          enum: ["image/png", "image/jpeg"],
+          default: "image/png",
+          controlType: "select"
+        },
+        negativePrompt: {
+          type: "string",
+          label: "Negative Prompt",
+          description: "Elements to avoid in the generated image",
+          controlType: "textarea"
+        },
+        personGeneration: {
+          type: "enum",
+          label: "Person Generation",
+          description: "Controls whether people can appear in images",
+          enum: ["dont_allow", "allow_adult", "allow_all"],
+          default: "allow_adult",
+          controlType: "select"
+        },
+        safetyFilterLevel: {
+          type: "enum",
+          label: "Safety Filter",
+          description: "Content safety filtering threshold",
+          enum: ["block_none", "block_only_high", "block_medium_and_above", "block_low_and_above"],
+          default: "block_medium_and_above",
+          controlType: "select"
+        },
+        enhancePrompt: {
+          type: "boolean",
+          label: "Enhance Prompt",
+          description: "Use LLM-based prompt rewriting for better quality",
+          default: true,
+          controlType: "checkbox"
+        },
+        seed: {
+          type: "number",
+          label: "Seed",
+          description: "Random seed for reproducible generation (1-2147483647)",
+          min: 1,
+          max: 2147483647,
+          controlType: "text"
+        },
+        addWatermark: {
+          type: "boolean",
+          label: "Add Watermark",
+          description: "Add invisible SynthID watermark",
+          default: true,
+          controlType: "checkbox"
+        },
+        language: {
+          type: "enum",
+          label: "Prompt Language",
+          description: "Language of the input prompt",
+          enum: ["auto", "en", "zh", "zh-CN", "zh-TW", "hi", "ja", "ko", "pt", "es"],
+          default: "en",
+          controlType: "select"
+        }
+      }
+    },
+    pricing: {
+      perImage: 0.02,
+      currency: "USD"
+    }
+  },
+  // ======================== xAI Grok ========================
+  "grok-imagine-image": {
+    name: "grok-imagine-image",
+    displayName: "Grok Imagine Image",
+    provider: Vendor.Grok,
+    description: "xAI Grok Imagine image generation with aspect ratio control and editing support",
+    isActive: true,
+    releaseDate: "2025-01-01",
+    sources: {
+      documentation: "https://docs.x.ai/docs/guides/image-generation",
+      pricing: "https://docs.x.ai/docs/models",
+      lastVerified: "2026-02-01"
+    },
+    capabilities: {
+      sizes: ["1024x1024"],
+      aspectRatios: ["1:1", "4:3", "3:4", "16:9", "9:16", "3:2", "2:3"],
+      maxImagesPerRequest: 10,
+      outputFormats: ["png", "jpeg"],
+      features: {
+        generation: true,
+        editing: true,
+        variations: false,
+        styleControl: false,
+        qualityControl: false,
+        // quality not supported by xAI API
+        transparency: false,
+        promptRevision: true
+      },
+      limits: { maxPromptLength: 4096 },
+      vendorOptions: {
+        n: {
+          type: "number",
+          label: "Number of Images",
+          description: "Number of images to generate (1-10)",
+          min: 1,
+          max: 10,
+          default: 1,
+          controlType: "slider"
+        },
+        response_format: {
+          type: "enum",
+          label: "Response Format",
+          description: "Format of the returned image",
+          enum: ["url", "b64_json"],
+          default: "url",
+          controlType: "radio"
+        }
+      }
+    },
+    pricing: {
+      perImage: 0.02,
+      currency: "USD"
+    }
+  },
+  "grok-2-image-1212": {
+    name: "grok-2-image-1212",
+    displayName: "Grok 2 Image",
+    provider: Vendor.Grok,
+    description: "xAI Grok 2 image generation (text-only input, no editing)",
+    isActive: true,
+    releaseDate: "2024-12-12",
+    sources: {
+      documentation: "https://docs.x.ai/docs/guides/image-generation",
+      pricing: "https://docs.x.ai/docs/models",
+      lastVerified: "2026-02-01"
+    },
+    capabilities: {
+      sizes: ["1024x1024"],
+      aspectRatios: ["1:1", "4:3", "3:4", "16:9", "9:16", "3:2", "2:3"],
+      maxImagesPerRequest: 10,
+      outputFormats: ["png", "jpeg"],
+      features: {
+        generation: true,
+        editing: false,
+        variations: false,
+        styleControl: false,
+        qualityControl: false,
+        // quality not supported by xAI API
+        transparency: false,
+        promptRevision: false
+      },
+      limits: { maxPromptLength: 4096 },
+      vendorOptions: {
+        n: {
+          type: "number",
+          label: "Number of Images",
+          description: "Number of images to generate (1-10)",
+          min: 1,
+          max: 10,
+          default: 1,
+          controlType: "slider"
+        },
+        response_format: {
+          type: "enum",
+          label: "Response Format",
+          description: "Format of the returned image",
+          enum: ["url", "b64_json"],
+          default: "url",
+          controlType: "radio"
+        }
+      }
+    },
+    pricing: {
+      perImage: 0.07,
+      currency: "USD"
+    }
+  }
+};
+var helpers = createRegistryHelpers(IMAGE_MODEL_REGISTRY);
+var getImageModelInfo = helpers.getInfo;
+// src/capabilities/images/ImageGeneration.ts
+var ImageGeneration = class _ImageGeneration {
+  provider;
+  connector;
+  defaultModel;
+  constructor(connector) {
+    this.connector = connector;
+    this.provider = createImageProvider(connector);
+    this.defaultModel = this.getDefaultModel();
+  }
+  /**
+   * Create an ImageGeneration instance
+   */
+  static create(options) {
+    const connector = typeof options.connector === "string" ? Connector.get(options.connector) : options.connector;
+    if (!connector) {
+      throw new Error(`Connector not found: ${options.connector}`);
+    }
+    return new _ImageGeneration(connector);
+  }
+  /**
+   * Generate images from a text prompt
+   */
+  async generate(options) {
+    const fullOptions = {
+      model: options.model || this.defaultModel,
+      prompt: options.prompt,
+      size: options.size,
+      quality: options.quality,
+      style: options.style,
+      n: options.n,
+      response_format: options.response_format || "b64_json"
+    };
+    return this.provider.generateImage(fullOptions);
+  }
+  /**
+   * Edit an existing image
+   * Note: Not all models/vendors support this
+   */
+  async edit(options) {
+    if (!this.provider.editImage) {
+      throw new Error(`Image editing not supported by ${this.provider.name}`);
+    }
+    const fullOptions = {
+      ...options,
+      model: options.model || this.getEditModel()
+    };
+    return this.provider.editImage(fullOptions);
+  }
+  /**
+   * Create variations of an existing image
+   * Note: Only DALL-E 2 supports this
+   */
+  async createVariation(options) {
+    if (!this.provider.createVariation) {
+      throw new Error(`Image variations not supported by ${this.provider.name}`);
+    }
+    const fullOptions = {
+      ...options,
+      model: options.model || "dall-e-2"
+      // Only DALL-E 2 supports variations
+    };
+    return this.provider.createVariation(fullOptions);
+  }
+  /**
+   * List available models for this provider
+   */
+  async listModels() {
+    if (this.provider.listModels) {
+      return this.provider.listModels();
+    }
+    const vendor = this.connector.vendor;
+    if (vendor && IMAGE_MODELS[vendor]) {
+      return Object.values(IMAGE_MODELS[vendor]);
+    }
+    return [];
+  }
+  /**
+   * Get information about a specific model
+   */
+  getModelInfo(modelName) {
+    return getImageModelInfo(modelName);
+  }
+  /**
+   * Get the underlying provider
+   */
+  getProvider() {
+    return this.provider;
+  }
+  /**
+   * Get the current connector
+   */
+  getConnector() {
+    return this.connector;
+  }
+  /**
+   * Get the default model for this vendor
+   */
+  getDefaultModel() {
+    const vendor = this.connector.vendor;
+    switch (vendor) {
+      case Vendor.OpenAI:
+        return IMAGE_MODELS[Vendor.OpenAI].DALL_E_3;
+      case Vendor.Google:
+        return IMAGE_MODELS[Vendor.Google].IMAGEN_4_GENERATE;
+      case Vendor.Grok:
+        return IMAGE_MODELS[Vendor.Grok].GROK_IMAGINE_IMAGE;
+      default:
+        throw new Error(`No default image model for vendor: ${vendor}`);
+    }
+  }
+  /**
+   * Get the default edit model for this vendor
+   */
+  getEditModel() {
+    const vendor = this.connector.vendor;
+    switch (vendor) {
+      case Vendor.OpenAI:
+        return IMAGE_MODELS[Vendor.OpenAI].GPT_IMAGE_1;
+      case Vendor.Google:
+        return IMAGE_MODELS[Vendor.Google].IMAGEN_4_GENERATE;
+      case Vendor.Grok:
+        return IMAGE_MODELS[Vendor.Grok].GROK_IMAGINE_IMAGE;
+      default:
+        throw new Error(`No edit model for vendor: ${vendor}`);
+    }
+  }
+};
+export { ImageGeneration };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map