@facetlayer/prism-framework 0.4.0 → 0.4.1

package/dist/index.js

@@ -0,0 +1,1364 @@
+// src/Errors.ts
+var HttpError = class extends Error {
+  constructor(statusCode, message, details) {
+    super(message);
+    this.statusCode = statusCode;
+    this.details = details;
+    this.name = "HttpError";
+  }
+};
+var BadRequestError = class extends HttpError {
+  constructor(message = "Bad Request", details) {
+    super(400, message, details);
+    this.name = "BadRequestError";
+  }
+};
+var SchemaValidationError = class extends HttpError {
+  constructor(message = "Schema Validation Error", details) {
+    super(422, message, details);
+    this.name = "SchemaValidationError";
+  }
+};
+var ResponseSchemaValidationError = class extends HttpError {
+  constructor(message = "Response Schema Validation Error", details) {
+    super(500, message, details);
+    this.name = "ResponseSchemaValidationError";
+  }
+};
+var UnauthorizedError = class extends HttpError {
+  constructor(message = "Unauthorized", details) {
+    super(401, message, details);
+    this.name = "UnauthorizedError";
+  }
+};
+var ForbiddenError = class extends HttpError {
+  constructor(message = "Forbidden", details) {
+    super(403, message, details);
+    this.name = "ForbiddenError";
+  }
+};
+var NotFoundError = class extends HttpError {
+  constructor(message = "Not Found", details) {
+    super(404, message, details);
+    this.name = "NotFoundError";
+  }
+};
+var ConflictError = class extends HttpError {
+  constructor(message = "Conflict", details) {
+    super(409, message, details);
+    this.name = "ConflictError";
+  }
+};
+var ValidationError = class extends HttpError {
+  constructor(message = "Validation Error", details) {
+    super(422, message, details);
+    this.name = "ValidationError";
+  }
+};
+var NotImplementedError = class extends HttpError {
+  constructor(message = "Not Implemented", details) {
+    super(501, message, details);
+    this.name = "NotImplementedError";
+  }
+};
+var ServiceUnavailableError = class extends HttpError {
+  constructor(message = "Service Unavailable", details) {
+    super(503, message, details);
+    this.name = "ServiceUnavailableError";
+  }
+};
+function createErrorFromStatus(statusCode, message, details) {
+  switch (statusCode) {
+    case 400:
+      return new BadRequestError(message, details);
+    case 401:
+      return new UnauthorizedError(message, details);
+    case 403:
+      return new ForbiddenError(message, details);
+    case 404:
+      return new NotFoundError(message, details);
+    case 409:
+      return new ConflictError(message, details);
+    case 422:
+      return new ValidationError(message, details);
+    case 500:
+      return new HttpError(500, message || "Internal Server Error", details);
+    case 501:
+      return new NotImplementedError(message, details);
+    case 503:
+      return new ServiceUnavailableError(message, details);
+    default:
+      return new HttpError(statusCode, message || "Unknown Error", details);
+  }
+}
+function isHttpError(error) {
+  return error instanceof HttpError;
+}
+
+// src/web/ExpressAppSetup.ts
+import cookieParser from "cookie-parser";
+import express2 from "express";
+
+// src/Metrics.ts
+import PromClient from "prom-client";
+var _hasSetupMetrics = false;
+var httpRequests;
+var httpResponses;
+function setupMetrics() {
+  _hasSetupMetrics = true;
+  PromClient.collectDefaultMetrics({
+    // prefix: ...
+    // labels: ...
+  });
+  httpRequests = new PromClient.Counter({
+    name: "http_request_counter",
+    help: "HTTP requests",
+    labelNames: ["method", "endpoint"]
+  });
+  httpResponses = new PromClient.Counter({
+    name: "http_response_counter",
+    help: "HTTP responses",
+    labelNames: ["method", "endpoint", "status_code", "duration"]
+  });
+}
+function recordHttpRequest(method, endpoint) {
+  if (!_hasSetupMetrics) {
+    setupMetrics();
+  }
+  httpRequests.inc({ method, endpoint });
+}
+function recordHttpResponse(method, endpoint, statusCode, duration) {
+  if (!_hasSetupMetrics) {
+    setupMetrics();
+  }
+  httpResponses.inc({ method, endpoint, status_code: statusCode.toString(), duration });
+}
+function getMetrics() {
+  if (!_hasSetupMetrics) {
+    setupMetrics();
+  }
+  return PromClient.register.metrics();
+}
+
+// src/web/corsMiddleware.ts
+function setACAOHeader(res, reqOrigin, config) {
+  const webBaseUrl = config.webBaseUrl;
+  if (!reqOrigin) {
+    if (webBaseUrl) {
+      res.header("Access-Control-Allow-Origin", webBaseUrl);
+    }
+    return;
+  }
+  if (webBaseUrl) {
+    const allowedOrigins = [`https://${webBaseUrl}`];
+    if (allowedOrigins.includes(reqOrigin)) {
+      res.header("Access-Control-Allow-Origin", reqOrigin);
+      return;
+    }
+  }
+  const localhostAllowed = config.allowLocalhost ?? config.enableTestEndpoints;
+  if (localhostAllowed && reqOrigin.startsWith("http://localhost:")) {
+    res.header("Access-Control-Allow-Origin", reqOrigin);
+    return;
+  }
+}
+function corsMiddleware(config = {}) {
+  return (req, res, next) => {
+    setACAOHeader(res, req.headers.origin, config);
+    res.header("Access-Control-Allow-Credentials", "true");
+    res.header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, PATCH");
+    res.header(
+      "Access-Control-Allow-Headers",
+      "Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, Cache-Control"
+    );
+    res.header("Access-Control-Max-Age", "86400");
+    if (req.method === "OPTIONS") {
+      res.sendStatus(200);
+      return;
+    }
+    next();
+  };
+}
+
+// src/logging/index.ts
+var useStderr = false;
+function setLogStderr(enabled) {
+  useStderr = enabled;
+}
+function logInfo(...args) {
+  if (useStderr) {
+    console.error(...args);
+  } else {
+    console.log(...args);
+  }
+}
+function logWarn(...args) {
+  console.warn(...args);
+}
+function logError(...args) {
+  console.error(...args);
+}
+
+// src/web/openapi/OpenAPI.ts
+import {
+  OpenAPIRegistry,
+  OpenApiGeneratorV31,
+  extendZodWithOpenApi
+} from "@asteasolutions/zod-to-openapi";
+import swaggerUi from "swagger-ui-express";
+import z from "zod";
+import { captureError } from "@facetlayer/streams";
+extendZodWithOpenApi(z);
+function parseExpressPathForOpenAPI(expressApiPath) {
+  const expressApiPathParts = expressApiPath.split("/");
+  const pathParams = [];
+  const openApiPathParts = [];
+  for (const part of expressApiPathParts) {
+    if (part.startsWith(":")) {
+      pathParams.push(part.substring(1));
+      openApiPathParts.push(`{${part.substring(1)}}`);
+    } else {
+      openApiPathParts.push(part);
+    }
+  }
+  return {
+    openApiPath: openApiPathParts.join("/"),
+    pathParams
+  };
+}
+function generateOpenAPISchema(services, documentInfo) {
+  const registry = new OpenAPIRegistry();
+  for (const service of services) {
+    const endpoints = service.endpoints || [];
+    for (const endpoint of endpoints) {
+      const { openApiPath, pathParams } = parseExpressPathForOpenAPI(endpoint.path);
+      const requestConfig = {};
+      if (pathParams.length > 0) {
+        const pathParamsSchema = {};
+        for (const param of pathParams) {
+          pathParamsSchema[param] = z.string();
+        }
+        requestConfig.params = z.object(pathParamsSchema);
+      }
+      if (endpoint.requestSchema) {
+        requestConfig.body = {
+          content: {
+            "application/json": {
+              schema: endpoint.requestSchema
+            }
+          }
+        };
+      }
+      registry.registerPath({
+        method: endpoint.method.toLowerCase(),
+        path: openApiPath,
+        description: endpoint.description || `${endpoint.method} ${endpoint.path}`,
+        operationId: getEffectiveOperationId(endpoint),
+        request: requestConfig,
+        responses: {
+          200: {
+            description: "Success",
+            content: {
+              "application/json": {
+                schema: endpoint.responseSchema ?? z.any()
+              }
+            }
+          }
+          /*
+          400: {
+            description: 'Bad Request - Schema validation failed',
+            content: {
+              'application/json': {
+                schema: z.object({
+                  error: z.string(),
+                  details: z.array(z.any()),
+                }),
+              },
+            },
+          },
+          401: {
+            description: 'Unauthorized',
+            content: {
+              'application/json': {
+                schema: z.object({
+                  message: z.string(),
+                  details: z.any().optional(),
+                }),
+              },
+            },
+          },
+          500: {
+            description: 'Internal Server Error',
+            content: {
+              'application/json': {
+                schema: z.object({
+                  message: z.string(),
+                }),
+              },
+            },
+          },
+          */
+        }
+      });
+    }
+  }
+  const generator = new OpenApiGeneratorV31(
+    registry.definitions
+    /*
+    .concat([
+      {
+        type: 'component',
+        componentType: 'securitySchemes',
+        name: 'bearer_auth',
+        component: {
+          type: 'http',
+          scheme: 'bearer',
+          bearerFormat: 'JWT',
+        },
+      },
+    ])
+      */
+  );
+  return generator.generateDocument({
+    openapi: "3.1.0",
+    info: {
+      version: documentInfo.version,
+      title: documentInfo.title,
+      description: documentInfo.description
+    },
+    servers: [
+      { url: "/api", description: "API server" }
+    ],
+    security: [
+      {
+        bearer_auth: []
+      }
+    ]
+  });
+}
+function setupSwaggerUI(app, openApiJsonPath = "/openapi.json") {
+  const router = app;
+  router.use(
+    "/swagger",
+    swaggerUi.serve,
+    swaggerUi.setup(null, {
+      swaggerOptions: {
+        url: openApiJsonPath
+      }
+    })
+  );
+}
+function mountOpenAPIEndpoints(config, target, prismApp) {
+  const router = target;
+  router.get("/openapi.json", (req, res) => {
+    const services = prismApp.getAllServices();
+    try {
+      res.json(generateOpenAPISchema(services, {
+        version: "1.0.0",
+        title: prismApp.name,
+        description: prismApp.description
+      }));
+    } catch (error) {
+      const validationResult = validateServicesForOpenapi(services);
+      console.error("/openapi.json failed to generate schema", {
+        cause: captureError(error),
+        problemEndpoints: validationResult.problemEndpoints
+      });
+      res.status(500).json({ error: "Internal server error" });
+    }
+  });
+  if (config.enableSwagger) {
+    setupSwaggerUI(router, "/api/openapi.json");
+  }
+}
+
+// src/web/openapi/validateServicesForOpenapi.ts
+import { captureError as captureError2 } from "@facetlayer/streams";
+function validateEndpointForOpenapi(endpoint) {
+  const testService = {
+    name: "test",
+    endpoints: [endpoint]
+  };
+  try {
+    generateOpenAPISchema([testService], {
+      version: "1.0.0",
+      title: "Test",
+      description: "Test"
+    });
+    return null;
+  } catch (error) {
+    return { error: captureError2(error) };
+  }
+}
+function validateServicesForOpenapi(services) {
+  const problemEndpoints = [];
+  for (const service of services) {
+    const endpoints = service.endpoints || [];
+    for (const endpoint of endpoints) {
+      const endpointResult = validateEndpointForOpenapi(endpoint);
+      if (endpointResult == null ? void 0 : endpointResult.error) {
+        problemEndpoints.push({
+          serviceName: service.name,
+          path: endpoint.path,
+          method: endpoint.method,
+          error: endpointResult.error
+        });
+      }
+    }
+  }
+  return { problemEndpoints };
+}
+
+// src/endpoints/getEffectiveOperationId.ts
+var INVALID_OPERATION_IDS = /* @__PURE__ */ new Set([
+  "handler",
+  "anonymous",
+  ""
+]);
+function isValidOperationId(operationId) {
+  if (operationId === void 0) {
+    return true;
+  }
+  return !INVALID_OPERATION_IDS.has(operationId);
+}
+function toCamelCase(str) {
+  if (!str.includes("-")) {
+    return str;
+  }
+  return str.split("-").map((part, index) => {
+    if (index === 0) {
+      return part.toLowerCase();
+    }
+    return part.charAt(0).toUpperCase() + part.slice(1).toLowerCase();
+  }).join("");
+}
+function generateOperationIdFromPath(method, path) {
+  const pathPart = path.split("/").filter(Boolean).map((segment, index) => {
+    if (segment.startsWith(":") || segment.startsWith("{")) {
+      const paramName = segment.replace(/^[:{}]+|[}]+$/g, "");
+      return "_" + toCamelCase(paramName);
+    }
+    const camelCased = toCamelCase(segment);
+    return camelCased.charAt(0).toUpperCase() + camelCased.slice(1);
+  }).join("");
+  return method.toLowerCase() + pathPart;
+}
+function getEffectiveOperationId(definition) {
+  if (definition.operationId && isValidOperationId(definition.operationId)) {
+    return definition.operationId;
+  }
+  const handlerName = definition.handler.name;
+  if (handlerName && isValidOperationId(handlerName)) {
+    return handlerName;
+  }
+  return generateOperationIdFromPath(definition.method, definition.path);
+}
+
+// src/endpoints/createEndpoint.ts
+function createEndpoint(definition) {
+  if (definition.operationId !== void 0 && !isValidOperationId(definition.operationId)) {
+    logWarn(`Misconfigured endpoint ${definition.path}: operationId "${definition.operationId}" is not allowed`);
+    return {
+      ...definition,
+      handler: () => {
+        throw new Error(`Misconfigured endpoint ${definition.path}: operationId "${definition.operationId}" is not allowed. Use a descriptive unique identifier.`);
+      }
+    };
+  }
+  const validationResult = validateEndpointForOpenapi(definition);
+  if (validationResult == null ? void 0 : validationResult.error) {
+    logWarn(`Misconfigured endpoint ${definition.path}: ${validationResult.error.errorMessage}`);
+    return {
+      ...definition,
+      requestSchema: void 0,
+      responseSchema: void 0,
+      handler: () => {
+        throw new Error(`Misconfigured endpoint ${definition.path}: ${validationResult.error.errorMessage}`);
+      }
+    };
+  }
+  return definition;
+}
+
+// src/web/ExpressEndpointSetup.ts
+function getRequestDataFromReq(req) {
+  let result = {};
+  if (req.body) {
+    result = { ...result, ...req.body };
+  }
+  if (req.params) {
+    result = { ...result, ...req.params };
+  }
+  if (req.query) {
+    result = { ...result, ...req.query };
+  }
+  return result;
+}
+function getOneHandler(prismApp, endpoint) {
+  return async (req, res, next) => {
+    const startTime = Date.now();
+    const method = req.method;
+    const path = req.path;
+    try {
+      recordHttpRequest(method, endpoint.path);
+      const inputData = getRequestDataFromReq(req);
+      const result = await prismApp.callEndpoint({ method: endpoint.method, path: endpoint.path, input: inputData });
+      res.status(200).json(result);
+      recordHttpResponse(endpoint.method, endpoint.path, 200, Date.now() - startTime);
+      return;
+    } catch (error) {
+      const endTime = Date.now();
+      const duration = endTime - startTime;
+      let statusCode = 500;
+      if (isHttpError(error)) {
+        statusCode = error.statusCode;
+        if (error.statusCode >= 500 || error.statusCode == null) {
+          logError(
+            `Server error in endpoint ${method} ${path}`,
+            {
+              path,
+              method,
+              errorMessage: error.message,
+              stack: error.stack
+            },
+            error
+          );
+        }
+        logDebug(`response ${error.statusCode}: ${method} ${path}`);
+        res.status(error.statusCode).json({
+          message: error.message,
+          details: error.details
+        });
+      } else {
+        console.error("Unhandled error in endpoint", {
+          path,
+          method,
+          errorMessage: error.message,
+          stack: error.stack
+        });
+        logError(
+          `Unhandled error in endpoint handler ${method} ${path}`,
+          {
+            path,
+            method,
+            errorMessage: error.message,
+            stack: error.stack
+          },
+          error
+        );
+        logDebug(`response 500: ${method} ${path}`);
+        res.status(500).json({
+          message: "Internal Server Error"
+        });
+      }
+      recordHttpResponse(method, endpoint.path, statusCode, duration);
+    }
+  };
+}
+function mountPrismApp(app, prismApp) {
+  const router = app;
+  const endpoints = prismApp.listAllEndpoints();
+  for (const endpoint of endpoints) {
+    const handler = getOneHandler(prismApp, endpoint);
+    switch (endpoint.method) {
+      case "GET":
+        router.get(endpoint.path, handler);
+        break;
+      case "POST":
+        router.post(endpoint.path, handler);
+        break;
+      case "PUT":
+        router.put(endpoint.path, handler);
+        break;
+      case "DELETE":
+        router.delete(endpoint.path, handler);
+        break;
+      case "PATCH":
+        router.patch(endpoint.path, handler);
+        break;
+    }
+  }
+}
+function mountMiddleware(app, middleware) {
+  app.use(middleware.path, middleware.handler);
+}
+function mountMiddlewares(app, middlewares) {
+  middlewares.forEach((middleware) => mountMiddleware(app, middleware));
+}
+function logDebug(_message) {
+}
+
+// src/web/localhostOnlyMiddleware.ts
+function localhostOnlyMiddleware(req, res, next) {
+  var _a;
+  const allowedIPs = ["127.0.0.1", "::1", "::ffff:127.0.0.1"];
+  const clientIP = req.ip || ((_a = req.connection) == null ? void 0 : _a.remoteAddress);
+  if (!allowedIPs.includes(clientIP)) {
+    return res.status(404).json({ error: "Not found" });
+  }
+  next();
+}
+
+// src/web/requestContextMiddleware.ts
+import { v4 as uuidv4 } from "uuid";
+
+// src/authorization/Authorization.ts
+var Authorization = class {
+  constructor(resources = [], authSources = []) {
+    this.resources = /* @__PURE__ */ new Map();
+    for (const resource of resources) {
+      this.resources.set(resource.type, resource);
+    }
+    this.authSources = [...authSources];
+  }
+  addResource(resource) {
+    this.resources.set(resource.type, resource);
+  }
+  hasResource(type) {
+    return this.resources.has(type);
+  }
+  getResource(type) {
+    return this.resources.get(type);
+  }
+  getAllResources() {
+    return Array.from(this.resources.values());
+  }
+  addAuthSource(authSource) {
+    this.authSources.push(authSource);
+  }
+  getAuthSources() {
+    return [...this.authSources];
+  }
+  getCookieAuthSource() {
+    return this.authSources.find((c) => c.type === "cookie");
+  }
+  setUserPermissions(userPermissions) {
+    this.userPermissions = userPermissions;
+  }
+  getUserPermissions() {
+    return this.userPermissions;
+  }
+  hasPermission(permission) {
+    if (!this.userPermissions) {
+      return false;
+    }
+    return this.userPermissions.permissions.includes(permission);
+  }
+};
+
+// src/RequestContext.ts
+import { AsyncLocalStorage } from "async_hooks";
+var requestContextStorage = new AsyncLocalStorage();
+function withRequestContext(context, fn) {
+  return requestContextStorage.run(context, fn);
+}
+function getCurrentRequestContext() {
+  return requestContextStorage.getStore();
+}
+
+// src/web/requestContextMiddleware.ts
+function requestContextMiddleware(req, res, next) {
+  const requestId = uuidv4();
+  const startTime = Date.now();
+  const context = {
+    requestId,
+    startTime,
+    req,
+    res,
+    auth: new Authorization()
+  };
+  res.setHeader("X-Request-ID", requestId);
+  requestContextStorage.run(context, () => {
+    next();
+  });
+}
+
+// src/web/EndpointListing.ts
+import { readFileSync } from "fs";
+import { join } from "path";
+function createListingEndpoints(endpoints) {
+  return [
+    createEndpoint({
+      method: "GET",
+      path: "/endpoints",
+      description: "Lists all available endpoints in the system",
+      handler: () => {
+        const htmlContent = generateEndpointsHTML(endpoints);
+        return {
+          sendHttpResponse: (res) => {
+            res.setHeader("Content-Type", "text/html");
+            res.send(htmlContent);
+          }
+        };
+      }
+    }),
+    createEndpoint({
+      method: "GET",
+      path: "/endpoints.json",
+      description: "Lists all available endpoints in the system (JSON format)",
+      handler: () => {
+        const endpointsData = endpoints.map((endpoint) => ({
+          method: endpoint.method,
+          path: endpoint.path,
+          description: endpoint.description || "No description"
+        }));
+        return {
+          endpoints: endpointsData
+        };
+      }
+    }),
+    createEndpoint({
+      method: "GET",
+      path: "/changelog",
+      description: "Serves the CHANGELOG.md file",
+      handler: () => {
+        const changelogPath = join(process.cwd(), "CHANGELOG.md");
+        const changelogContent = readFileSync(changelogPath, "utf8");
+        return {
+          sendHttpResponse: (res) => {
+            res.setHeader("Content-Type", "text/plain");
+            res.send(changelogContent);
+          }
+        };
+      }
+    }),
+    createEndpoint({
+      method: "GET",
+      path: "/server-info",
+      description: "Returns server information including name",
+      handler: () => {
+        return {
+          name: "prism-framework"
+        };
+      }
+    })
+  ];
+}
+function generateEndpointsHTML(endpoints) {
+  const endpointRows = endpoints.map(
+    (endpoint) => `
+    <tr>
+      <td><code>${endpoint.method}</code></td>
+      <td><code>${endpoint.path}</code></td>
+      <td>${endpoint.description || "No description"}</td>
+    </tr>
+  `
+  ).join("");
+  return `
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>API Endpoints</title>
+    <style>
+        body {
+            font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+            max-width: 1200px;
+            margin: 0 auto;
+            padding: 20px;
+            background-color: #f5f5f5;
+        }
+        .container {
+            background: white;
+            border-radius: 8px;
+            padding: 30px;
+            box-shadow: 0 2px 10px rgba(0,0,0,0.1);
+        }
+        h1 {
+            color: #333;
+            border-bottom: 3px solid #007acc;
+            padding-bottom: 10px;
+        }
+        table {
+            width: 100%;
+            border-collapse: collapse;
+            margin-top: 20px;
+        }
+        th, td {
+            text-align: left;
+            padding: 12px;
+            border-bottom: 1px solid #ddd;
+        }
+        th {
+            background-color: #f8f9fa;
+            font-weight: 600;
+            color: #495057;
+        }
+        tr:hover {
+            background-color: #f8f9fa;
+        }
+        code {
+            background-color: #e9ecef;
+            padding: 2px 6px;
+            border-radius: 3px;
+            font-family: 'Monaco', 'Consolas', monospace;
+        }
+        .method-get { color: #28a745; }
+        .method-post { color: #007bff; }
+        .method-put { color: #ffc107; }
+        .method-delete { color: #dc3545; }
+        .method-patch { color: #6f42c1; }
+        .count {
+            color: #6c757d;
+            font-size: 0.9em;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>API Endpoints</h1>
+        <p class="count">Total endpoints: <strong>${endpoints.length}</strong></p>
+
+        <table>
+            <thead>
+                <tr>
+                    <th>Method</th>
+                    <th>Path</th>
+                    <th>Description</th>
+                </tr>
+            </thead>
+            <tbody>
+                ${endpointRows}
+            </tbody>
+        </table>
+    </div>
+</body>
+</html>
+  `.trim();
+}
+
+// src/web/ExpressAppSetup.ts
+import { captureError as captureError3 } from "@facetlayer/streams";
+
+// src/app/validateApp.ts
+function validateApp(app) {
+  const errors = [];
+  const duplicateError = checkDuplicateOperationIds(app);
+  if (duplicateError) {
+    errors.push(duplicateError);
+  }
+  return {
+    valid: errors.length === 0,
+    errors
+  };
+}
+function checkDuplicateOperationIds(app) {
+  const endpoints = app.listAllEndpoints();
+  const operationIdToEndpoints = /* @__PURE__ */ new Map();
+  for (const endpoint of endpoints) {
+    const operationId = getEffectiveOperationId(endpoint);
+    const endpointKey2 = `${endpoint.method} ${endpoint.path}`;
+    const existing = operationIdToEndpoints.get(operationId) || [];
+    existing.push(endpointKey2);
+    operationIdToEndpoints.set(operationId, existing);
+  }
+  const duplicates = [];
+  for (const [operationId, endpointKeys] of operationIdToEndpoints) {
+    if (endpointKeys.length > 1) {
+      duplicates.push(`operationId "${operationId}" is used by: ${endpointKeys.join(", ")}`);
+    }
+  }
+  if (duplicates.length > 0) {
+    return {
+      message: `Duplicate operationIds found. Each endpoint must have a unique operationId.
+${duplicates.join("\n")}`,
+      endpoints: duplicates
+    };
+  }
+  return null;
+}
+function validateAppOrThrow(app) {
+  const result = validateApp(app);
+  if (!result.valid) {
+    const errorMessages = result.errors.map((e) => e.message).join("\n\n");
+    throw new Error(`PrismApp validation failed:
+${errorMessages}`);
+  }
+}
+
+// src/web/ViteIntegration.ts
+import express from "express";
+import { existsSync } from "fs";
+import { join as join2, resolve } from "path";
+async function setupWebMiddleware(expressApp, webConfig) {
+  const isDev = process.env.NODE_ENV !== "production";
+  const webDir = resolve(webConfig.dir);
+  if (isDev) {
+    try {
+      const vite = await Function('return import("vite")')();
+      const viteServer = await vite.createServer({
+        root: webDir,
+        server: { middlewareMode: true },
+        appType: "spa"
+      });
+      expressApp.use(viteServer.middlewares);
+      logInfo(`Vite dev server middleware attached for ${webDir}`);
+      return;
+    } catch {
+    }
+  }
+  const distDir = join2(webDir, "dist");
+  const serveDir = !isDev && existsSync(distDir) ? distDir : webDir;
+  expressApp.use(express.static(serveDir));
+  const indexPath = join2(serveDir, "index.html");
+  expressApp.get("*", (req, res) => {
+    if (existsSync(indexPath)) {
+      res.sendFile(indexPath);
+    } else {
+      res.status(404).send("Not found");
+    }
+  });
+  logInfo(`Serving static files from ${serveDir}`);
+}
+
+// src/web/ExpressAppSetup.ts
+function createExpressApp(config) {
+  const app = express2();
+  app.use(corsMiddleware(config.corsConfig ?? {}));
+  app.use(express2.json());
+  app.use(express2.urlencoded({ extended: true }));
+  app.use(requestContextMiddleware);
+  app.use(cookieParser());
+  const apiRouter = express2.Router();
+  apiRouter.get("/health", localhostOnlyMiddleware, (req, res) => {
+    res.json({ status: "ok", timestamp: (/* @__PURE__ */ new Date()).toISOString() });
+  });
+  apiRouter.get("/metrics", localhostOnlyMiddleware, async (req, res) => {
+    try {
+      const metrics = await getMetrics();
+      res.set("Content-Type", "text/plain; version=0.0.4; charset=utf-8");
+      res.end(metrics);
+    } catch (error) {
+      res.status(500).json({ error: "Failed to retrieve metrics" });
+    }
+  });
+  if (config.openapiConfig) {
+    mountOpenAPIEndpoints(config.openapiConfig, apiRouter, config.app);
+  }
+  const allEndpoints = config.app.listAllEndpoints();
+  const listingEndpoints = createListingEndpoints(allEndpoints);
+  for (const endpoint of listingEndpoints) {
+    const handler = async (req, res) => {
+      try {
+        const result = await endpoint.handler({});
+        if (result.sendHttpResponse) {
+          result.sendHttpResponse(res);
+        } else {
+          res.json(result);
+        }
+      } catch (error) {
+        logError("Unhandled error in endpoint", {
+          endpointPath: endpoint.path,
+          error: captureError3(error)
+        });
+        res.status(500).json({ error: "Internal server error" });
+      }
+    };
+    if (endpoint.method === "GET") {
+      apiRouter.get(endpoint.path, handler);
+    }
+  }
+  mountPrismApp(apiRouter, config.app);
+  apiRouter.use((req, res) => {
+    res.status(404).json({ error: "Not found" });
+  });
+  app.use("/api", apiRouter);
+  return app;
+}
+async function startServer(config) {
+  validateAppOrThrow(config.app);
+  const port = config.port;
+  const app = createExpressApp(config);
+  if (config.web) {
+    await setupWebMiddleware(app, config.web);
+  }
+  const server = app.listen(port, () => {
+    logInfo(`Server now listening on port ${port}`);
+  });
+  process.on("SIGTERM", () => {
+    logInfo("SIGTERM received, shutting down gracefully");
+    server.close(() => {
+      logInfo("Server closed");
+      process.exit(0);
+    });
+  });
+  return server;
+}
+
+// src/web/SseResponse.ts
+var SseResponse = class {
+  constructor(response) {
+    this.isResponseOpen = true;
+    this.response = response;
+    this.setupSseHeaders();
+    this.setupCloseHandlers();
+  }
+  setupSseHeaders() {
+    this.response.writeHead(200, {
+      "Content-Type": "text/event-stream",
+      "Cache-Control": "no-cache",
+      Connection: "keep-alive"
+    });
+  }
+  setupCloseHandlers() {
+    this.response.on("close", () => {
+      this._triggerOnClose();
+    });
+    this.response.on("finish", () => {
+      this._triggerOnClose();
+    });
+  }
+  send(data) {
+    if (!this.isResponseOpen) {
+      return;
+    }
+    const jsonData = JSON.stringify(data);
+    this.response.write(`event: item
+data: ${jsonData}
+
+`);
+  }
+  isOpen() {
+    return this.isResponseOpen;
+  }
+  // close() - Can be called by the handler to close the response.
+  close() {
+    if (this.isResponseOpen) {
+      this.response.write(`event: done
+
+`);
+      this.response.end();
+      this._triggerOnClose();
+    }
+  }
+  // Internal: Called when the response is closed.
+  _triggerOnClose() {
+    this.isResponseOpen = false;
+    if (this._onClose) {
+      this._onClose();
+      this._onClose = null;
+    }
+  }
+  // Adds a callback to be called when the response is closed.
+  onClose(callback) {
+    if (this._onClose) {
+      throw new Error("usage error: alrady have onClose callback");
+    }
+    this._onClose = callback;
+  }
+};
+
+// src/sse/ConnectionManager.ts
+var ConnectionManager = class {
+  constructor(options) {
+    this.connections = /* @__PURE__ */ new Map();
+    this.managerName = options.managerName;
+    this.logDebug = options.logDebug || (() => {
+    });
+    this.logError = options.logError || (() => {
+    });
+  }
+  addConnection(key, sseResponse) {
+    this.logDebug(`${this.managerName} (ConnectionManager) adding connection for: ${key}`);
+    const connectionList = this.connections.get(key) || [];
+    const connection = {
+      key,
+      sseResponse,
+      connectedAt: /* @__PURE__ */ new Date()
+    };
+    connectionList.push(connection);
+    this.connections.set(key, connectionList);
+    sseResponse.onClose(() => {
+      var _a;
+      this.logDebug(`${this.managerName} (ConnectionManager) closed connection for: ${key}`);
+      const updatedList = ((_a = this.connections.get(key)) == null ? void 0 : _a.filter((c) => c !== connection)) || [];
+      if (updatedList.length === 0) {
+        this.connections.delete(key);
+      } else {
+        this.connections.set(key, updatedList);
+      }
+    });
+  }
+  getConnections(key) {
+    return this.connections.get(key) || [];
+  }
+  async postEvent(key, event) {
+    const connections = this.getConnections(key);
+    for (const connection of connections) {
+      if (connection.sseResponse.isOpen()) {
+        try {
+          connection.sseResponse.send(event);
+        } catch (error) {
+          this.logError("Error sending SSE event:", error);
+        }
+      }
+    }
+  }
+};
+
+// src/app/callEndpoint.ts
+async function callEndpoint(app, options) {
+  const match = app.matchEndpoint(options.method, options.path);
+  if (!match) {
+    throw new Error(`Endpoint not found: ${options.method} ${options.path}`);
+  }
+  const { endpoint, params } = match;
+  let input = { ...params, ...options.input || {} };
+  if (endpoint.requestSchema) {
+    const validationResult = endpoint.requestSchema.safeParse(input);
+    if (!validationResult.success) {
+      throw new SchemaValidationError("Schema validation failed", validationResult.error.issues);
+    }
+    input = validationResult.data;
+  }
+  const result = await endpoint.handler(input);
+  if (endpoint.responseSchema) {
+    const validationResult = endpoint.responseSchema.safeParse(result);
+    if (!validationResult.success) {
+      const error = new ResponseSchemaValidationError("Response schema validation failed", validationResult.error.issues);
+      if (options.onResponseSchemaFail) {
+        options.onResponseSchemaFail(error, result);
+      } else {
+        throw error;
+      }
+    }
+  }
+  return result;
+}
+
+// src/app/PrismApp.ts
+function endpointKey(method, path) {
+  return `${method} ${path}`;
+}
+var PrismApp = class {
+  constructor(config = {}) {
+    this.name = config.name ?? "Prism App";
+    this.description = config.description ?? "";
+    this.services = [];
+    this.endpointMap = /* @__PURE__ */ new Map();
+    if (config.services) {
+      for (const service of config.services) {
+        this.addService(service);
+      }
+    }
+  }
+  /**
+   * Add a service to the app. Endpoints from the service will be registered
+   * and available for routing.
+   */
+  addService(service) {
+    this.services.push(service);
+    if (service.endpoints) {
+      for (const endpoint of service.endpoints) {
+        const key = endpointKey(endpoint.method, endpoint.path);
+        this.endpointMap.set(key, endpoint);
+      }
+    }
+  }
+  getAllServices() {
+    return this.services;
+  }
+  getEndpoint(method, path) {
+    const key = endpointKey(method, path);
+    return this.endpointMap.get(key);
+  }
+  matchEndpoint(method, path) {
+    const key = endpointKey(method, path);
+    const exactMatch = this.endpointMap.get(key);
+    if (exactMatch) {
+      return { endpoint: exactMatch, params: {} };
+    }
+    for (const [endpointKey2, endpoint] of this.endpointMap.entries()) {
+      if (!endpointKey2.startsWith(method + " ")) {
+        continue;
+      }
+      const endpointPath = endpoint.path;
+      const match = this.matchPath(endpointPath, path);
+      if (match) {
+        return { endpoint, params: match };
+      }
+    }
+    return void 0;
+  }
+  matchPath(pattern, path) {
+    const paramNames = [];
+    const regexString = pattern.replace(/:([^/]+)/g, (_, paramName) => {
+      paramNames.push(paramName);
+      return "([^/]+)";
+    }).replace(/\//g, "\\/");
+    const regex = new RegExp(`^${regexString}$`);
+    const match = path.match(regex);
+    if (!match) {
+      return null;
+    }
+    const params = {};
+    for (let i = 0; i < paramNames.length; i++) {
+      params[paramNames[i]] = match[i + 1];
+    }
+    return params;
+  }
+  listAllEndpoints() {
+    return Array.from(this.endpointMap.values());
+  }
+  callEndpoint(options) {
+    return callEndpoint(this, options);
+  }
+};
+
+// src/launch/launchConfig.ts
+var _config;
+function getLaunchConfig() {
+  if (!_config) {
+    throw new Error("Launch config not initialized");
+  }
+  return _config;
+}
+function setLaunchConfig(config) {
+  if (_config) {
+    throw new Error("Launch config already initialized");
+  }
+  _config = config;
+}
+function getDatabaseConfig(databaseName) {
+  if (!_config) {
+    throw new Error(
+      "Launch config not initialized (tried to getDatabaseConfig for: " + databaseName + ")"
+    );
+  }
+  if (!_config.database[databaseName]) {
+    throw new Error("Database config not found (tried to getDatabaseConfig for: " + databaseName + ")");
+  }
+  return _config.database[databaseName];
+}
+function getLoggingConfig() {
+  if (!_config) {
+    throw new Error("Launch config not initialized (in getLoggingConfig)");
+  }
+  return _config.logging;
+}
+
+// src/databases/DatabaseSetup.ts
+function getStatementsForDatabase(databaseName, services) {
+  return (services || []).map((service) => {
+    var _a;
+    const databases = service.databases;
+    return ((_a = databases == null ? void 0 : databases[databaseName]) == null ? void 0 : _a.statements) || [];
+  }).flat();
+}
+
+// src/stdin/StdinServer.ts
+import { createInterface } from "readline";
+function startStdinServer(config) {
+  setLogStderr(true);
+  validateAppOrThrow(config.app);
+  const app = config.app;
+  const rl = createInterface({
+    input: process.stdin,
+    terminal: false
+  });
+  function sendResponse(response) {
+    process.stdout.write(JSON.stringify(response) + "\n");
+  }
+  function sendError(id, status, message, details) {
+    const response = {
+      id: id ?? "unknown",
+      status,
+      body: { message, ...details ? { details } : {} }
+    };
+    sendResponse(response);
+  }
+  rl.on("line", async (line) => {
+    let request;
+    try {
+      request = JSON.parse(line);
+    } catch {
+      sendError(null, 400, "Invalid JSON");
+      return;
+    }
+    if (!request.id || !request.method || !request.path) {
+      sendError((request == null ? void 0 : request.id) ?? null, 400, "Missing required fields: id, method, path");
+      return;
+    }
+    try {
+      const result = await app.callEndpoint({
+        method: request.method.toUpperCase(),
+        path: request.path,
+        input: request.body ?? {}
+      });
+      sendResponse({
+        id: request.id,
+        status: 200,
+        body: result
+      });
+    } catch (error) {
+      if (isHttpError(error)) {
+        sendResponse({
+          id: request.id,
+          status: error.statusCode,
+          body: {
+            message: error.message,
+            ...error.details ? { details: error.details } : {}
+          }
+        });
+      } else {
+        sendResponse({
+          id: request.id,
+          status: 500,
+          body: { message: error.message ?? "Internal Server Error" }
+        });
+      }
+    }
+  });
+  rl.on("close", () => {
+    process.exit(0);
+  });
+  sendResponse({
+    id: "_ready",
+    status: 200,
+    body: { message: "stdin server ready" }
+  });
+}
+export {
+  PrismApp as App,
+  Authorization,
+  BadRequestError,
+  ConflictError,
+  ConnectionManager,
+  ForbiddenError,
+  HttpError,
+  NotFoundError,
+  NotImplementedError,
+  ServiceUnavailableError,
+  SseResponse,
+  UnauthorizedError,
+  ValidationError,
+  callEndpoint,
+  corsMiddleware,
+  createEndpoint,
+  createErrorFromStatus,
+  createExpressApp,
+  createListingEndpoints,
+  generateOpenAPISchema,
+  getCurrentRequestContext,
+  getDatabaseConfig,
+  getLaunchConfig,
+  getLoggingConfig,
+  getMetrics,
+  getRequestDataFromReq,
+  getStatementsForDatabase,
+  isHttpError,
+  localhostOnlyMiddleware,
+  mountMiddleware,
+  mountMiddlewares,
+  mountPrismApp,
+  parseExpressPathForOpenAPI,
+  recordHttpRequest,
+  recordHttpResponse,
+  requestContextMiddleware,
+  setLaunchConfig,
+  setLogStderr,
+  startServer,
+  startStdinServer,
+  withRequestContext
+};