npm - @firststep-studio/sdk - Versions diffs - 0.1.0 - Mend

@firststep-studio/sdk 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (17) hide show

package/README.md +40 -0
package/dist/index.d.mts +299 -0
package/dist/index.d.ts +299 -0
package/dist/index.js +238 -0
package/dist/index.js.map +1 -0
package/dist/index.mjs +204 -0
package/dist/index.mjs.map +1 -0
package/dist/server.d.mts +77 -0
package/dist/server.d.ts +77 -0
package/dist/server.js +312 -0
package/dist/server.js.map +1 -0
package/dist/server.mjs +287 -0
package/dist/server.mjs.map +1 -0
package/dist/types-Bm98aHcd.d.mts +438 -0
package/dist/types-Bm98aHcd.d.ts +438 -0
package/llms.txt +597 -0
package/package.json +45 -0

package/dist/server.js ADDED Viewed

@@ -0,0 +1,312 @@
+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+// src/server.ts
+var server_exports = {};
+__export(server_exports, {
+  createServer: () => createServer
+});
+module.exports = __toCommonJS(server_exports);
+var import_http = require("http");
+// src/auth.ts
+var import_crypto = require("crypto");
+function verifyRequestSignature(token, payload, signature) {
+  try {
+    const expected = (0, import_crypto.createHmac)("sha256", token).update(payload).digest("hex");
+    const expectedBuffer = Buffer.from(expected, "hex");
+    const signatureBuffer = Buffer.from(signature, "hex");
+    if (expectedBuffer.length !== signatureBuffer.length) {
+      return false;
+    }
+    return (0, import_crypto.timingSafeEqual)(expectedBuffer, signatureBuffer);
+  } catch {
+    return false;
+  }
+}
+// src/server.ts
+function readBody(req) {
+  return new Promise((resolve, reject) => {
+    const chunks = [];
+    req.on("data", (chunk) => chunks.push(chunk));
+    req.on("end", () => resolve(Buffer.concat(chunks).toString("utf-8")));
+    req.on("error", reject);
+  });
+}
+function sendJson(res, status, body) {
+  const json = JSON.stringify(body);
+  res.writeHead(status, {
+    "Content-Type": "application/json",
+    "Content-Length": Buffer.byteLength(json),
+    "Access-Control-Allow-Origin": "*"
+  });
+  res.end(json);
+}
+function parsePath(url) {
+  if (!url) return "/";
+  const idx = url.indexOf("?");
+  return idx >= 0 ? url.substring(0, idx) : url;
+}
+function buildStubContext(data) {
+  const noopAsync = async () => ({});
+  const noop = () => {
+  };
+  return {
+    session: {
+      sessionId: "",
+      getState: noopAsync,
+      updateState: noopAsync,
+      getHistory: async () => [],
+      saveMessage: noopAsync,
+      complete: noopAsync,
+      getFormData: async () => ({}),
+      updateFormField: noopAsync,
+      updateFormData: noopAsync,
+      ...data?.session
+    },
+    knowledge: {
+      queryDatabase: noopAsync,
+      searchPages: noopAsync,
+      ...data?.knowledge
+    },
+    integrations: {
+      execute: noopAsync,
+      ...data?.integrations
+    },
+    analytics: {
+      logActionExecuted: noop,
+      logInteraction: noop,
+      logCustomEvent: noop,
+      ...data?.analytics
+    },
+    logger: {
+      debug: noop,
+      info: noop,
+      warn: noop,
+      error: noop,
+      logRouting: noop,
+      logToolUse: noop,
+      ...data?.logger
+    },
+    deployment: {
+      id: "",
+      slug: "",
+      name: "",
+      protocolType: "external",
+      ...data?.deployment
+    },
+    chatbot: data?.chatbot
+  };
+}
+function createServer(handler, config) {
+  const {
+    token,
+    port = parseInt(process.env.PORT || "3001", 10),
+    host = "0.0.0.0",
+    skipSignatureVerification = false
+  } = config;
+  if (!token && !skipSignatureVerification) {
+    throw new Error(
+      "FIRSTSTEP_TOKEN is required. Pass it via config.token or set skipSignatureVerification for local dev."
+    );
+  }
+  async function handleRequest(req, res) {
+    const path = parsePath(req.url);
+    const method = (req.method || "GET").toUpperCase();
+    if (method === "OPTIONS") {
+      res.writeHead(204, {
+        "Access-Control-Allow-Origin": "*",
+        "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
+        "Access-Control-Allow-Headers": "Content-Type, Authorization, X-FirstStep-Signature",
+        "Access-Control-Max-Age": "86400"
+      });
+      res.end();
+      return;
+    }
+    if (path === "/health" && method === "GET") {
+      sendJson(res, 200, { status: "ok", timestamp: Date.now() });
+      return;
+    }
+    if (path === "/handshake" && method === "POST") {
+      const body = await readBody(req);
+      if (!skipSignatureVerification) {
+        const signature = req.headers["x-firststep-signature"];
+        if (!signature || !verifyRequestSignature(token, body, signature)) {
+          sendJson(res, 401, { error: "Invalid signature" });
+          return;
+        }
+      }
+      const capabilities = handler.getCapabilities();
+      const handlerInfo = handler.getHandlerInfo?.();
+      sendJson(res, 200, { capabilities, handler: handlerInfo || void 0 });
+      return;
+    }
+    if (path === "/message" && method === "POST") {
+      const body = await readBody(req);
+      if (!skipSignatureVerification) {
+        const signature = req.headers["x-firststep-signature"];
+        if (!signature || !verifyRequestSignature(token, body, signature)) {
+          sendJson(res, 401, { error: "Invalid signature" });
+          return;
+        }
+      }
+      let parsed;
+      try {
+        parsed = JSON.parse(body);
+      } catch {
+        sendJson(res, 400, { error: "Invalid JSON body" });
+        return;
+      }
+      const context = buildStubContext(parsed.context);
+      try {
+        const response = await handler.handleMessage(parsed.request, context);
+        sendJson(res, 200, response);
+      } catch (err) {
+        console.error("[firststep] Handler error:", err);
+        sendJson(res, 500, {
+          error: "Handler error",
+          message: err?.message || "Unknown error"
+        });
+      }
+      return;
+    }
+    if (path === "/message/stream" && method === "POST") {
+      const body = await readBody(req);
+      if (!skipSignatureVerification) {
+        const signature = req.headers["x-firststep-signature"];
+        if (!signature || !verifyRequestSignature(token, body, signature)) {
+          sendJson(res, 401, { error: "Invalid signature" });
+          return;
+        }
+      }
+      let parsed;
+      try {
+        parsed = JSON.parse(body);
+      } catch {
+        sendJson(res, 400, { error: "Invalid JSON body" });
+        return;
+      }
+      if (!handler.handleStream) {
+        const context2 = buildStubContext(parsed.context);
+        try {
+          const response = await handler.handleMessage(parsed.request, context2);
+          res.writeHead(200, {
+            "Content-Type": "text/event-stream",
+            "Cache-Control": "no-cache",
+            "Connection": "keep-alive",
+            "Access-Control-Allow-Origin": "*"
+          });
+          const sendSSE2 = (event, data) => {
+            res.write(`event: ${event}
+data: ${JSON.stringify(data)}
+`);
+          };
+          sendSSE2("connected", { sessionId: response.sessionId });
+          sendSSE2("text", { type: "text", content: response.message, sessionId: response.sessionId });
+          if (response.metadata) {
+            sendSSE2("metadata", { type: "metadata", content: response.metadata, sessionId: response.sessionId });
+          }
+          if (response.form) {
+            sendSSE2("form", { type: "form", content: response.form, sessionId: response.sessionId });
+          }
+          sendSSE2("status", { type: "status", content: response.sessionStatus, sessionId: response.sessionId });
+          sendSSE2("done", { sessionId: response.sessionId });
+          res.end();
+        } catch (err) {
+          console.error("[firststep] Handler error:", err);
+          sendJson(res, 500, { error: "Handler error", message: err?.message || "Unknown error" });
+        }
+        return;
+      }
+      const context = buildStubContext(parsed.context);
+      res.writeHead(200, {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        "Connection": "keep-alive",
+        "Access-Control-Allow-Origin": "*"
+      });
+      const sendSSE = (event, data) => {
+        res.write(`event: ${event}
+data: ${JSON.stringify(data)}
+`);
+      };
+      const sessionId = parsed.request.sessionId || `ext-${Date.now()}`;
+      sendSSE("connected", { sessionId });
+      try {
+        for await (const chunk of handler.handleStream(parsed.request, context)) {
+          sendSSE(chunk.type, {
+            type: chunk.type,
+            content: chunk.content,
+            sessionId
+          });
+        }
+        sendSSE("done", { sessionId });
+      } catch (err) {
+        console.error("[firststep] Stream error:", err);
+        sendSSE("error", { code: "STREAM_ERROR", message: err?.message || "Unknown error" });
+      }
+      res.end();
+      return;
+    }
+    sendJson(res, 404, { error: "Not found" });
+  }
+  function requestListener(req, res) {
+    handleRequest(req, res).catch((err) => {
+      console.error("[firststep] Unexpected error:", err);
+      if (!res.headersSent) {
+        sendJson(res, 500, { error: "Internal server error" });
+      }
+    });
+  }
+  const httpServer = (0, import_http.createServer)(requestListener);
+  return {
+    start() {
+      return new Promise((resolve) => {
+        httpServer.listen(port, host, () => {
+          console.log(`[firststep] Handler server listening on ${host}:${port}`);
+          console.log(`[firststep] Endpoints:`);
+          console.log(`  GET  /health         - Health check`);
+          console.log(`  POST /handshake      - Capability exchange`);
+          console.log(`  POST /message        - Handle chat message`);
+          console.log(`  POST /message/stream - Handle chat message (SSE stream)`);
+          resolve();
+        });
+      });
+    },
+    stop() {
+      return new Promise((resolve, reject) => {
+        httpServer.close((err) => {
+          if (err) reject(err);
+          else resolve();
+        });
+      });
+    },
+    getRequestHandler() {
+      return requestListener;
+    }
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createServer
+});
+//# sourceMappingURL=server.js.map

package/dist/server.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/server.ts","../src/auth.ts"],"sourcesContent":["/**\n * FirstStep SDK Server\n *\n * Standalone HTTP server for protocol handlers.\n * Zero external dependencies, uses Node.js built-in `http` module.\n *\n * @example\n * ```typescript\n * import { createServer } from '@firststep-studio/sdk/server';\n * import type { ProtocolHandler } from '@firststep-studio/sdk';\n *\n * const handler: ProtocolHandler = {\n * async handleMessage(request, context) {\n * return {\n * message: 'Hello from my handler!',\n * sessionId: request.sessionId || 'new',\n * agentId: 'main',\n * sessionStatus: 'active',\n * };\n * },\n * getCapabilities() {\n * return { streaming: false, formQuestions: false, knowledgeActions: false, integrations: false };\n * },\n * };\n *\n * const server = createServer(handler, {\n * token: process.env.FIRSTSTEP_TOKEN!,\n * port: 3001,\n * });\n *\n * server.start();\n * ```\n */\n\nimport { createServer as createHttpServer, IncomingMessage, ServerResponse } from 'http';\nimport type {\n ProtocolHandler,\n ProtocolRequest,\n ProtocolContext,\n ProtocolCapabilities,\n ProtocolStreamChunk,\n} from './types';\nimport { verifyRequestSignature } from './auth';\n\n// ============================================\n// Configuration\n// ============================================\n\nexport interface ServerConfig {\n /** API token (FIRSTSTEP_TOKEN). Used for request signature verification. */\n token: string;\n\n /** Port to listen on. Defaults to 3001, or the PORT env variable. */\n port?: number;\n\n /** Host to bind to. Defaults to '0.0.0.0'. */\n host?: string;\n\n /** Skip signature verification (for local development only). */\n skipSignatureVerification?: boolean;\n}\n\n// ============================================\n// Server Instance\n// ============================================\n\nexport interface FirstStepServer {\n /** Start the server */\n start(): Promise<void>;\n\n /** Stop the server gracefully */\n stop(): Promise<void>;\n\n /**\n * Get the request handler function.\n * Use this to integrate with Express, Fastify, or other frameworks.\n *\n * @example\n * ```typescript\n * // Express\n * const server = createServer(handler, { token: '...' });\n * app.post('/handshake', server.getRequestHandler());\n * app.post('/message', server.getRequestHandler());\n * ```\n */\n getRequestHandler(): (req: IncomingMessage, res: ServerResponse) => void;\n}\n\n// ============================================\n// Internal Helpers\n// ============================================\n\nfunction readBody(req: IncomingMessage): Promise<string> {\n return new Promise((resolve, reject) => {\n const chunks: Buffer[] = [];\n req.on('data', (chunk: Buffer) => chunks.push(chunk));\n req.on('end', () => resolve(Buffer.concat(chunks).toString('utf-8')));\n req.on('error', reject);\n });\n}\n\nfunction sendJson(res: ServerResponse, status: number, body: unknown): void {\n const json = JSON.stringify(body);\n res.writeHead(status, {\n 'Content-Type': 'application/json',\n 'Content-Length': Buffer.byteLength(json),\n 'Access-Control-Allow-Origin': '*',\n });\n res.end(json);\n}\n\nfunction parsePath(url: string | undefined): string {\n if (!url) return '/';\n const idx = url.indexOf('?');\n return idx >= 0 ? url.substring(0, idx) : url;\n}\n\n/**\n * Build a stub ProtocolContext for external handlers.\n *\n * External handlers receive context data as plain JSON from the platform.\n * The stub provides no-op implementations for methods like session.getState()\n * since those will be handled by callback APIs to the FirstStep backend.\n *\n * When the platform sends a /message request, the request body includes\n * a `context` field with serialized context data. This function merges\n * that data with no-op method stubs.\n */\nfunction buildStubContext(data?: Partial<ProtocolContext>): ProtocolContext {\n const noopAsync = async () => ({} as any);\n const noop = () => {};\n\n return {\n session: {\n sessionId: '',\n getState: noopAsync,\n updateState: noopAsync,\n getHistory: async () => [],\n saveMessage: noopAsync,\n complete: noopAsync,\n getFormData: async () => ({}),\n updateFormField: noopAsync,\n updateFormData: noopAsync,\n ...data?.session,\n },\n knowledge: {\n queryDatabase: noopAsync,\n searchPages: noopAsync,\n ...data?.knowledge,\n },\n integrations: {\n execute: noopAsync,\n ...data?.integrations,\n },\n analytics: {\n logActionExecuted: noop,\n logInteraction: noop,\n logCustomEvent: noop,\n ...data?.analytics,\n },\n logger: {\n debug: noop,\n info: noop,\n warn: noop,\n error: noop,\n logRouting: noop,\n logToolUse: noop,\n ...data?.logger,\n },\n deployment: {\n id: '',\n slug: '',\n name: '',\n protocolType: 'external',\n ...data?.deployment,\n },\n chatbot: data?.chatbot,\n };\n}\n\n// ============================================\n// createServer\n// ============================================\n\n/**\n * Create a standalone HTTP server for a protocol handler.\n *\n * The server exposes three endpoints:\n * - `GET /health` - Health check (always 200)\n * - `POST /handshake` - Returns handler capabilities (signature verified)\n * - `POST /message` - Handles a chat message (signature verified)\n */\nexport function createServer(\n handler: ProtocolHandler,\n config: ServerConfig\n): FirstStepServer {\n const {\n token,\n port = parseInt(process.env.PORT || '3001', 10),\n host = '0.0.0.0',\n skipSignatureVerification = false,\n } = config;\n\n // Validate config\n if (!token && !skipSignatureVerification) {\n throw new Error(\n 'FIRSTSTEP_TOKEN is required. Pass it via config.token or set skipSignatureVerification for local dev.'\n );\n }\n\n /**\n * Core request router\n */\n async function handleRequest(req: IncomingMessage, res: ServerResponse): Promise<void> {\n const path = parsePath(req.url);\n const method = (req.method || 'GET').toUpperCase();\n\n // CORS preflight\n if (method === 'OPTIONS') {\n res.writeHead(204, {\n 'Access-Control-Allow-Origin': '*',\n 'Access-Control-Allow-Methods': 'GET, POST, OPTIONS',\n 'Access-Control-Allow-Headers': 'Content-Type, Authorization, X-FirstStep-Signature',\n 'Access-Control-Max-Age': '86400',\n });\n res.end();\n return;\n }\n\n // Health check\n if (path === '/health' && method === 'GET') {\n sendJson(res, 200, { status: 'ok', timestamp: Date.now() });\n return;\n }\n\n // Handshake\n if (path === '/handshake' && method === 'POST') {\n const body = await readBody(req);\n\n if (!skipSignatureVerification) {\n const signature = req.headers['x-firststep-signature'] as string;\n if (!signature || !verifyRequestSignature(token, body, signature)) {\n sendJson(res, 401, { error: 'Invalid signature' });\n return;\n }\n }\n\n const capabilities: ProtocolCapabilities = handler.getCapabilities();\n const handlerInfo = handler.getHandlerInfo?.();\n sendJson(res, 200, { capabilities, handler: handlerInfo || undefined });\n return;\n }\n\n // Message\n if (path === '/message' && method === 'POST') {\n const body = await readBody(req);\n\n if (!skipSignatureVerification) {\n const signature = req.headers['x-firststep-signature'] as string;\n if (!signature || !verifyRequestSignature(token, body, signature)) {\n sendJson(res, 401, { error: 'Invalid signature' });\n return;\n }\n }\n\n let parsed: { request: ProtocolRequest; context?: Partial<ProtocolContext> };\n try {\n parsed = JSON.parse(body);\n } catch {\n sendJson(res, 400, { error: 'Invalid JSON body' });\n return;\n }\n\n const context = buildStubContext(parsed.context);\n\n try {\n const response = await handler.handleMessage(parsed.request, context);\n sendJson(res, 200, response);\n } catch (err: any) {\n console.error('[firststep] Handler error:', err);\n sendJson(res, 500, {\n error: 'Handler error',\n message: err?.message || 'Unknown error',\n });\n }\n return;\n }\n\n // Message (streaming via SSE)\n if (path === '/message/stream' && method === 'POST') {\n const body = await readBody(req);\n\n if (!skipSignatureVerification) {\n const signature = req.headers['x-firststep-signature'] as string;\n if (!signature || !verifyRequestSignature(token, body, signature)) {\n sendJson(res, 401, { error: 'Invalid signature' });\n return;\n }\n }\n\n let parsed: { request: ProtocolRequest; context?: Partial<ProtocolContext> };\n try {\n parsed = JSON.parse(body);\n } catch {\n sendJson(res, 400, { error: 'Invalid JSON body' });\n return;\n }\n\n if (!handler.handleStream) {\n // Fallback: use non-streaming handleMessage, send as single SSE burst\n const context = buildStubContext(parsed.context);\n try {\n const response = await handler.handleMessage(parsed.request, context);\n res.writeHead(200, {\n 'Content-Type': 'text/event-stream',\n 'Cache-Control': 'no-cache',\n 'Connection': 'keep-alive',\n 'Access-Control-Allow-Origin': '*',\n });\n const sendSSE = (event: string, data: unknown) => {\n res.write(`event: ${event}\\ndata: ${JSON.stringify(data)}\\n\\n`);\n };\n sendSSE('connected', { sessionId: response.sessionId });\n sendSSE('text', { type: 'text', content: response.message, sessionId: response.sessionId });\n if (response.metadata) {\n sendSSE('metadata', { type: 'metadata', content: response.metadata, sessionId: response.sessionId });\n }\n if (response.form) {\n sendSSE('form', { type: 'form', content: response.form, sessionId: response.sessionId });\n }\n sendSSE('status', { type: 'status', content: response.sessionStatus, sessionId: response.sessionId });\n sendSSE('done', { sessionId: response.sessionId });\n res.end();\n } catch (err: any) {\n console.error('[firststep] Handler error:', err);\n sendJson(res, 500, { error: 'Handler error', message: err?.message || 'Unknown error' });\n }\n return;\n }\n\n const context = buildStubContext(parsed.context);\n\n res.writeHead(200, {\n 'Content-Type': 'text/event-stream',\n 'Cache-Control': 'no-cache',\n 'Connection': 'keep-alive',\n 'Access-Control-Allow-Origin': '*',\n });\n\n const sendSSE = (event: string, data: unknown) => {\n res.write(`event: ${event}\\ndata: ${JSON.stringify(data)}\\n\\n`);\n };\n\n const sessionId = parsed.request.sessionId || `ext-${Date.now()}`;\n sendSSE('connected', { sessionId });\n\n try {\n for await (const chunk of handler.handleStream(parsed.request, context)) {\n sendSSE(chunk.type, {\n type: chunk.type,\n content: chunk.content,\n sessionId,\n });\n }\n sendSSE('done', { sessionId });\n } catch (err: any) {\n console.error('[firststep] Stream error:', err);\n sendSSE('error', { code: 'STREAM_ERROR', message: err?.message || 'Unknown error' });\n }\n\n res.end();\n return;\n }\n\n // 404\n sendJson(res, 404, { error: 'Not found' });\n }\n\n // Wrap in error boundary\n function requestListener(req: IncomingMessage, res: ServerResponse): void {\n handleRequest(req, res).catch((err) => {\n console.error('[firststep] Unexpected error:', err);\n if (!res.headersSent) {\n sendJson(res, 500, { error: 'Internal server error' });\n }\n });\n }\n\n const httpServer = createHttpServer(requestListener);\n\n return {\n start() {\n return new Promise<void>((resolve) => {\n httpServer.listen(port, host, () => {\n console.log(`[firststep] Handler server listening on ${host}:${port}`);\n console.log(`[firststep] Endpoints:`);\n console.log(` GET /health - Health check`);\n console.log(` POST /handshake - Capability exchange`);\n console.log(` POST /message - Handle chat message`);\n console.log(` POST /message/stream - Handle chat message (SSE stream)`);\n resolve();\n });\n });\n },\n\n stop() {\n return new Promise<void>((resolve, reject) => {\n httpServer.close((err) => {\n if (err) reject(err);\n else resolve();\n });\n });\n },\n\n getRequestHandler() {\n return requestListener;\n },\n };\n}\n","import { createHmac, timingSafeEqual } from 'crypto';\n\nconst TOKEN_PREFIX = 'fst_';\nconst TOKEN_LENGTH = 44; // fst_ (4) + 40 hex chars\n\n/**\n * Verify an HMAC-SHA256 request signature.\n *\n * The handler server can use this to verify that incoming webhook\n * requests were signed by the FirstStep platform using the shared token.\n *\n * @param token - The API token (FIRSTSTEP_TOKEN)\n * @param payload - The raw request body string\n * @param signature - The signature from the X-FirstStep-Signature header\n * @returns true if the signature is valid\n *\n * @example\n * ```typescript\n * import { verifyRequestSignature } from '@firststep-studio/sdk';\n *\n * app.post('/webhook', (req, res) => {\n * const signature = req.headers['x-firststep-signature'] as string;\n * if (!verifyRequestSignature(process.env.FIRSTSTEP_TOKEN!, req.body, signature)) {\n * return res.status(401).send('Invalid signature');\n * }\n * // Process the request...\n * });\n * ```\n */\nexport function verifyRequestSignature(\n token: string,\n payload: string,\n signature: string\n): boolean {\n try {\n const expected = createHmac('sha256', token)\n .update(payload)\n .digest('hex');\n const expectedBuffer = Buffer.from(expected, 'hex');\n const signatureBuffer = Buffer.from(signature, 'hex');\n\n if (expectedBuffer.length !== signatureBuffer.length) {\n return false;\n }\n\n return timingSafeEqual(expectedBuffer, signatureBuffer);\n } catch {\n return false;\n }\n}\n\n/**\n * Create an HMAC-SHA256 signature for a payload.\n *\n * Used by the platform to sign outgoing requests to handler servers.\n *\n * @param token - The API token\n * @param payload - The request body string to sign\n * @returns The hex-encoded HMAC signature\n */\nexport function createRequestSignature(\n token: string,\n payload: string\n): string {\n return createHmac('sha256', token).update(payload).digest('hex');\n}\n\n/**\n * Create an Authorization header value for API requests.\n *\n * @param token - The API token (fst_xxx)\n * @returns The header value, e.g. \"Bearer fst_xxx\"\n *\n * @example\n * ```typescript\n * import { createAuthHeader } from '@firststep-studio/sdk';\n *\n * const response = await fetch('https://api.firststep.ai/api/projects', {\n * headers: {\n * 'Authorization': createAuthHeader(process.env.FIRSTSTEP_TOKEN!),\n * },\n * });\n * ```\n */\nexport function createAuthHeader(token: string): string {\n return `Bearer ${token}`;\n}\n\n/**\n * Validate that a token has the correct format (fst_ prefix + 40 hex chars).\n *\n * @param token - The token string to validate\n * @returns true if the token matches the expected format\n */\nexport function isValidToken(token: string): boolean {\n return (\n typeof token === 'string' &&\n token.startsWith(TOKEN_PREFIX) &&\n token.length === TOKEN_LENGTH\n );\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAkCA,kBAAkF;;;AClClF,oBAA4C;AA6BrC,SAAS,uBACd,OACA,SACA,WACS;AACT,MAAI;AACF,UAAM,eAAW,0BAAW,UAAU,KAAK,EACxC,OAAO,OAAO,EACd,OAAO,KAAK;AACf,UAAM,iBAAiB,OAAO,KAAK,UAAU,KAAK;AAClD,UAAM,kBAAkB,OAAO,KAAK,WAAW,KAAK;AAEpD,QAAI,eAAe,WAAW,gBAAgB,QAAQ;AACpD,aAAO;AAAA,IACT;AAEA,eAAO,+BAAgB,gBAAgB,eAAe;AAAA,EACxD,QAAQ;AACN,WAAO;AAAA,EACT;AACF;;;AD2CA,SAAS,SAAS,KAAuC;AACvD,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,UAAM,SAAmB,CAAC;AAC1B,QAAI,GAAG,QAAQ,CAAC,UAAkB,OAAO,KAAK,KAAK,CAAC;AACpD,QAAI,GAAG,OAAO,MAAM,QAAQ,OAAO,OAAO,MAAM,EAAE,SAAS,OAAO,CAAC,CAAC;AACpE,QAAI,GAAG,SAAS,MAAM;AAAA,EACxB,CAAC;AACH;AAEA,SAAS,SAAS,KAAqB,QAAgB,MAAqB;AAC1E,QAAM,OAAO,KAAK,UAAU,IAAI;AAChC,MAAI,UAAU,QAAQ;AAAA,IACpB,gBAAgB;AAAA,IAChB,kBAAkB,OAAO,WAAW,IAAI;AAAA,IACxC,+BAA+B;AAAA,EACjC,CAAC;AACD,MAAI,IAAI,IAAI;AACd;AAEA,SAAS,UAAU,KAAiC;AAClD,MAAI,CAAC,IAAK,QAAO;AACjB,QAAM,MAAM,IAAI,QAAQ,GAAG;AAC3B,SAAO,OAAO,IAAI,IAAI,UAAU,GAAG,GAAG,IAAI;AAC5C;AAaA,SAAS,iBAAiB,MAAkD;AAC1E,QAAM,YAAY,aAAa,CAAC;AAChC,QAAM,OAAO,MAAM;AAAA,EAAC;AAEpB,SAAO;AAAA,IACL,SAAS;AAAA,MACP,WAAW;AAAA,MACX,UAAU;AAAA,MACV,aAAa;AAAA,MACb,YAAY,YAAY,CAAC;AAAA,MACzB,aAAa;AAAA,MACb,UAAU;AAAA,MACV,aAAa,aAAa,CAAC;AAAA,MAC3B,iBAAiB;AAAA,MACjB,gBAAgB;AAAA,MAChB,GAAG,MAAM;AAAA,IACX;AAAA,IACA,WAAW;AAAA,MACT,eAAe;AAAA,MACf,aAAa;AAAA,MACb,GAAG,MAAM;AAAA,IACX;AAAA,IACA,cAAc;AAAA,MACZ,SAAS;AAAA,MACT,GAAG,MAAM;AAAA,IACX;AAAA,IACA,WAAW;AAAA,MACT,mBAAmB;AAAA,MACnB,gBAAgB;AAAA,MAChB,gBAAgB;AAAA,MAChB,GAAG,MAAM;AAAA,IACX;AAAA,IACA,QAAQ;AAAA,MACN,OAAO;AAAA,MACP,MAAM;AAAA,MACN,MAAM;AAAA,MACN,OAAO;AAAA,MACP,YAAY;AAAA,MACZ,YAAY;AAAA,MACZ,GAAG,MAAM;AAAA,IACX;AAAA,IACA,YAAY;AAAA,MACV,IAAI;AAAA,MACJ,MAAM;AAAA,MACN,MAAM;AAAA,MACN,cAAc;AAAA,MACd,GAAG,MAAM;AAAA,IACX;AAAA,IACA,SAAS,MAAM;AAAA,EACjB;AACF;AAcO,SAAS,aACd,SACA,QACiB;AACjB,QAAM;AAAA,IACJ;AAAA,IACA,OAAO,SAAS,QAAQ,IAAI,QAAQ,QAAQ,EAAE;AAAA,IAC9C,OAAO;AAAA,IACP,4BAA4B;AAAA,EAC9B,IAAI;AAGJ,MAAI,CAAC,SAAS,CAAC,2BAA2B;AACxC,UAAM,IAAI;AAAA,MACR;AAAA,IACF;AAAA,EACF;AAKA,iBAAe,cAAc,KAAsB,KAAoC;AACrF,UAAM,OAAO,UAAU,IAAI,GAAG;AAC9B,UAAM,UAAU,IAAI,UAAU,OAAO,YAAY;AAGjD,QAAI,WAAW,WAAW;AACxB,UAAI,UAAU,KAAK;AAAA,QACjB,+BAA+B;AAAA,QAC/B,gCAAgC;AAAA,QAChC,gCAAgC;AAAA,QAChC,0BAA0B;AAAA,MAC5B,CAAC;AACD,UAAI,IAAI;AACR;AAAA,IACF;AAGA,QAAI,SAAS,aAAa,WAAW,OAAO;AAC1C,eAAS,KAAK,KAAK,EAAE,QAAQ,MAAM,WAAW,KAAK,IAAI,EAAE,CAAC;AAC1D;AAAA,IACF;AAGA,QAAI,SAAS,gBAAgB,WAAW,QAAQ;AAC9C,YAAM,OAAO,MAAM,SAAS,GAAG;AAE/B,UAAI,CAAC,2BAA2B;AAC9B,cAAM,YAAY,IAAI,QAAQ,uBAAuB;AACrD,YAAI,CAAC,aAAa,CAAC,uBAAuB,OAAO,MAAM,SAAS,GAAG;AACjE,mBAAS,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AACjD;AAAA,QACF;AAAA,MACF;AAEA,YAAM,eAAqC,QAAQ,gBAAgB;AACnE,YAAM,cAAc,QAAQ,iBAAiB;AAC7C,eAAS,KAAK,KAAK,EAAE,cAAc,SAAS,eAAe,OAAU,CAAC;AACtE;AAAA,IACF;AAGA,QAAI,SAAS,cAAc,WAAW,QAAQ;AAC5C,YAAM,OAAO,MAAM,SAAS,GAAG;AAE/B,UAAI,CAAC,2BAA2B;AAC9B,cAAM,YAAY,IAAI,QAAQ,uBAAuB;AACrD,YAAI,CAAC,aAAa,CAAC,uBAAuB,OAAO,MAAM,SAAS,GAAG;AACjE,mBAAS,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AACjD;AAAA,QACF;AAAA,MACF;AAEA,UAAI;AACJ,UAAI;AACF,iBAAS,KAAK,MAAM,IAAI;AAAA,MAC1B,QAAQ;AACN,iBAAS,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AACjD;AAAA,MACF;AAEA,YAAM,UAAU,iBAAiB,OAAO,OAAO;AAE/C,UAAI;AACF,cAAM,WAAW,MAAM,QAAQ,cAAc,OAAO,SAAS,OAAO;AACpE,iBAAS,KAAK,KAAK,QAAQ;AAAA,MAC7B,SAAS,KAAU;AACjB,gBAAQ,MAAM,8BAA8B,GAAG;AAC/C,iBAAS,KAAK,KAAK;AAAA,UACjB,OAAO;AAAA,UACP,SAAS,KAAK,WAAW;AAAA,QAC3B,CAAC;AAAA,MACH;AACA;AAAA,IACF;AAGA,QAAI,SAAS,qBAAqB,WAAW,QAAQ;AACnD,YAAM,OAAO,MAAM,SAAS,GAAG;AAE/B,UAAI,CAAC,2BAA2B;AAC9B,cAAM,YAAY,IAAI,QAAQ,uBAAuB;AACrD,YAAI,CAAC,aAAa,CAAC,uBAAuB,OAAO,MAAM,SAAS,GAAG;AACjE,mBAAS,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AACjD;AAAA,QACF;AAAA,MACF;AAEA,UAAI;AACJ,UAAI;AACF,iBAAS,KAAK,MAAM,IAAI;AAAA,MAC1B,QAAQ;AACN,iBAAS,KAAK,KAAK,EAAE,OAAO,oBAAoB,CAAC;AACjD;AAAA,MACF;AAEA,UAAI,CAAC,QAAQ,cAAc;AAEzB,cAAMA,WAAU,iBAAiB,OAAO,OAAO;AAC/C,YAAI;AACF,gBAAM,WAAW,MAAM,QAAQ,cAAc,OAAO,SAASA,QAAO;AACpE,cAAI,UAAU,KAAK;AAAA,YACjB,gBAAgB;AAAA,YAChB,iBAAiB;AAAA,YACjB,cAAc;AAAA,YACd,+BAA+B;AAAA,UACjC,CAAC;AACD,gBAAMC,WAAU,CAAC,OAAe,SAAkB;AAChD,gBAAI,MAAM,UAAU,KAAK;AAAA,QAAW,KAAK,UAAU,IAAI,CAAC;AAAA;AAAA,CAAM;AAAA,UAChE;AACA,UAAAA,SAAQ,aAAa,EAAE,WAAW,SAAS,UAAU,CAAC;AACtD,UAAAA,SAAQ,QAAQ,EAAE,MAAM,QAAQ,SAAS,SAAS,SAAS,WAAW,SAAS,UAAU,CAAC;AAC1F,cAAI,SAAS,UAAU;AACrB,YAAAA,SAAQ,YAAY,EAAE,MAAM,YAAY,SAAS,SAAS,UAAU,WAAW,SAAS,UAAU,CAAC;AAAA,UACrG;AACA,cAAI,SAAS,MAAM;AACjB,YAAAA,SAAQ,QAAQ,EAAE,MAAM,QAAQ,SAAS,SAAS,MAAM,WAAW,SAAS,UAAU,CAAC;AAAA,UACzF;AACA,UAAAA,SAAQ,UAAU,EAAE,MAAM,UAAU,SAAS,SAAS,eAAe,WAAW,SAAS,UAAU,CAAC;AACpG,UAAAA,SAAQ,QAAQ,EAAE,WAAW,SAAS,UAAU,CAAC;AACjD,cAAI,IAAI;AAAA,QACV,SAAS,KAAU;AACjB,kBAAQ,MAAM,8BAA8B,GAAG;AAC/C,mBAAS,KAAK,KAAK,EAAE,OAAO,iBAAiB,SAAS,KAAK,WAAW,gBAAgB,CAAC;AAAA,QACzF;AACA;AAAA,MACF;AAEA,YAAM,UAAU,iBAAiB,OAAO,OAAO;AAE/C,UAAI,UAAU,KAAK;AAAA,QACjB,gBAAgB;AAAA,QAChB,iBAAiB;AAAA,QACjB,cAAc;AAAA,QACd,+BAA+B;AAAA,MACjC,CAAC;AAED,YAAM,UAAU,CAAC,OAAe,SAAkB;AAChD,YAAI,MAAM,UAAU,KAAK;AAAA,QAAW,KAAK,UAAU,IAAI,CAAC;AAAA;AAAA,CAAM;AAAA,MAChE;AAEA,YAAM,YAAY,OAAO,QAAQ,aAAa,OAAO,KAAK,IAAI,CAAC;AAC/D,cAAQ,aAAa,EAAE,UAAU,CAAC;AAElC,UAAI;AACF,yBAAiB,SAAS,QAAQ,aAAa,OAAO,SAAS,OAAO,GAAG;AACvE,kBAAQ,MAAM,MAAM;AAAA,YAClB,MAAM,MAAM;AAAA,YACZ,SAAS,MAAM;AAAA,YACf;AAAA,UACF,CAAC;AAAA,QACH;AACA,gBAAQ,QAAQ,EAAE,UAAU,CAAC;AAAA,MAC/B,SAAS,KAAU;AACjB,gBAAQ,MAAM,6BAA6B,GAAG;AAC9C,gBAAQ,SAAS,EAAE,MAAM,gBAAgB,SAAS,KAAK,WAAW,gBAAgB,CAAC;AAAA,MACrF;AAEA,UAAI,IAAI;AACR;AAAA,IACF;AAGA,aAAS,KAAK,KAAK,EAAE,OAAO,YAAY,CAAC;AAAA,EAC3C;AAGA,WAAS,gBAAgB,KAAsB,KAA2B;AACxE,kBAAc,KAAK,GAAG,EAAE,MAAM,CAAC,QAAQ;AACrC,cAAQ,MAAM,iCAAiC,GAAG;AAClD,UAAI,CAAC,IAAI,aAAa;AACpB,iBAAS,KAAK,KAAK,EAAE,OAAO,wBAAwB,CAAC;AAAA,MACvD;AAAA,IACF,CAAC;AAAA,EACH;AAEA,QAAM,iBAAa,YAAAC,cAAiB,eAAe;AAEnD,SAAO;AAAA,IACL,QAAQ;AACN,aAAO,IAAI,QAAc,CAAC,YAAY;AACpC,mBAAW,OAAO,MAAM,MAAM,MAAM;AAClC,kBAAQ,IAAI,2CAA2C,IAAI,IAAI,IAAI,EAAE;AACrE,kBAAQ,IAAI,wBAAwB;AACpC,kBAAQ,IAAI,uCAAuC;AACnD,kBAAQ,IAAI,8CAA8C;AAC1D,kBAAQ,IAAI,8CAA8C;AAC1D,kBAAQ,IAAI,2DAA2D;AACvE,kBAAQ;AAAA,QACV,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,IAEA,OAAO;AACL,aAAO,IAAI,QAAc,CAAC,SAAS,WAAW;AAC5C,mBAAW,MAAM,CAAC,QAAQ;AACxB,cAAI,IAAK,QAAO,GAAG;AAAA,cACd,SAAQ;AAAA,QACf,CAAC;AAAA,MACH,CAAC;AAAA,IACH;AAAA,IAEA,oBAAoB;AAClB,aAAO;AAAA,IACT;AAAA,EACF;AACF;","names":["context","sendSSE","createHttpServer"]}

package/dist/server.mjs ADDED Viewed

@@ -0,0 +1,287 @@
+// src/server.ts
+import { createServer as createHttpServer } from "http";
+// src/auth.ts
+import { createHmac, timingSafeEqual } from "crypto";
+function verifyRequestSignature(token, payload, signature) {
+  try {
+    const expected = createHmac("sha256", token).update(payload).digest("hex");
+    const expectedBuffer = Buffer.from(expected, "hex");
+    const signatureBuffer = Buffer.from(signature, "hex");
+    if (expectedBuffer.length !== signatureBuffer.length) {
+      return false;
+    }
+    return timingSafeEqual(expectedBuffer, signatureBuffer);
+  } catch {
+    return false;
+  }
+}
+// src/server.ts
+function readBody(req) {
+  return new Promise((resolve, reject) => {
+    const chunks = [];
+    req.on("data", (chunk) => chunks.push(chunk));
+    req.on("end", () => resolve(Buffer.concat(chunks).toString("utf-8")));
+    req.on("error", reject);
+  });
+}
+function sendJson(res, status, body) {
+  const json = JSON.stringify(body);
+  res.writeHead(status, {
+    "Content-Type": "application/json",
+    "Content-Length": Buffer.byteLength(json),
+    "Access-Control-Allow-Origin": "*"
+  });
+  res.end(json);
+}
+function parsePath(url) {
+  if (!url) return "/";
+  const idx = url.indexOf("?");
+  return idx >= 0 ? url.substring(0, idx) : url;
+}
+function buildStubContext(data) {
+  const noopAsync = async () => ({});
+  const noop = () => {
+  };
+  return {
+    session: {
+      sessionId: "",
+      getState: noopAsync,
+      updateState: noopAsync,
+      getHistory: async () => [],
+      saveMessage: noopAsync,
+      complete: noopAsync,
+      getFormData: async () => ({}),
+      updateFormField: noopAsync,
+      updateFormData: noopAsync,
+      ...data?.session
+    },
+    knowledge: {
+      queryDatabase: noopAsync,
+      searchPages: noopAsync,
+      ...data?.knowledge
+    },
+    integrations: {
+      execute: noopAsync,
+      ...data?.integrations
+    },
+    analytics: {
+      logActionExecuted: noop,
+      logInteraction: noop,
+      logCustomEvent: noop,
+      ...data?.analytics
+    },
+    logger: {
+      debug: noop,
+      info: noop,
+      warn: noop,
+      error: noop,
+      logRouting: noop,
+      logToolUse: noop,
+      ...data?.logger
+    },
+    deployment: {
+      id: "",
+      slug: "",
+      name: "",
+      protocolType: "external",
+      ...data?.deployment
+    },
+    chatbot: data?.chatbot
+  };
+}
+function createServer(handler, config) {
+  const {
+    token,
+    port = parseInt(process.env.PORT || "3001", 10),
+    host = "0.0.0.0",
+    skipSignatureVerification = false
+  } = config;
+  if (!token && !skipSignatureVerification) {
+    throw new Error(
+      "FIRSTSTEP_TOKEN is required. Pass it via config.token or set skipSignatureVerification for local dev."
+    );
+  }
+  async function handleRequest(req, res) {
+    const path = parsePath(req.url);
+    const method = (req.method || "GET").toUpperCase();
+    if (method === "OPTIONS") {
+      res.writeHead(204, {
+        "Access-Control-Allow-Origin": "*",
+        "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
+        "Access-Control-Allow-Headers": "Content-Type, Authorization, X-FirstStep-Signature",
+        "Access-Control-Max-Age": "86400"
+      });
+      res.end();
+      return;
+    }
+    if (path === "/health" && method === "GET") {
+      sendJson(res, 200, { status: "ok", timestamp: Date.now() });
+      return;
+    }
+    if (path === "/handshake" && method === "POST") {
+      const body = await readBody(req);
+      if (!skipSignatureVerification) {
+        const signature = req.headers["x-firststep-signature"];
+        if (!signature || !verifyRequestSignature(token, body, signature)) {
+          sendJson(res, 401, { error: "Invalid signature" });
+          return;
+        }
+      }
+      const capabilities = handler.getCapabilities();
+      const handlerInfo = handler.getHandlerInfo?.();
+      sendJson(res, 200, { capabilities, handler: handlerInfo || void 0 });
+      return;
+    }
+    if (path === "/message" && method === "POST") {
+      const body = await readBody(req);
+      if (!skipSignatureVerification) {
+        const signature = req.headers["x-firststep-signature"];
+        if (!signature || !verifyRequestSignature(token, body, signature)) {
+          sendJson(res, 401, { error: "Invalid signature" });
+          return;
+        }
+      }
+      let parsed;
+      try {
+        parsed = JSON.parse(body);
+      } catch {
+        sendJson(res, 400, { error: "Invalid JSON body" });
+        return;
+      }
+      const context = buildStubContext(parsed.context);
+      try {
+        const response = await handler.handleMessage(parsed.request, context);
+        sendJson(res, 200, response);
+      } catch (err) {
+        console.error("[firststep] Handler error:", err);
+        sendJson(res, 500, {
+          error: "Handler error",
+          message: err?.message || "Unknown error"
+        });
+      }
+      return;
+    }
+    if (path === "/message/stream" && method === "POST") {
+      const body = await readBody(req);
+      if (!skipSignatureVerification) {
+        const signature = req.headers["x-firststep-signature"];
+        if (!signature || !verifyRequestSignature(token, body, signature)) {
+          sendJson(res, 401, { error: "Invalid signature" });
+          return;
+        }
+      }
+      let parsed;
+      try {
+        parsed = JSON.parse(body);
+      } catch {
+        sendJson(res, 400, { error: "Invalid JSON body" });
+        return;
+      }
+      if (!handler.handleStream) {
+        const context2 = buildStubContext(parsed.context);
+        try {
+          const response = await handler.handleMessage(parsed.request, context2);
+          res.writeHead(200, {
+            "Content-Type": "text/event-stream",
+            "Cache-Control": "no-cache",
+            "Connection": "keep-alive",
+            "Access-Control-Allow-Origin": "*"
+          });
+          const sendSSE2 = (event, data) => {
+            res.write(`event: ${event}
+data: ${JSON.stringify(data)}
+`);
+          };
+          sendSSE2("connected", { sessionId: response.sessionId });
+          sendSSE2("text", { type: "text", content: response.message, sessionId: response.sessionId });
+          if (response.metadata) {
+            sendSSE2("metadata", { type: "metadata", content: response.metadata, sessionId: response.sessionId });
+          }
+          if (response.form) {
+            sendSSE2("form", { type: "form", content: response.form, sessionId: response.sessionId });
+          }
+          sendSSE2("status", { type: "status", content: response.sessionStatus, sessionId: response.sessionId });
+          sendSSE2("done", { sessionId: response.sessionId });
+          res.end();
+        } catch (err) {
+          console.error("[firststep] Handler error:", err);
+          sendJson(res, 500, { error: "Handler error", message: err?.message || "Unknown error" });
+        }
+        return;
+      }
+      const context = buildStubContext(parsed.context);
+      res.writeHead(200, {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        "Connection": "keep-alive",
+        "Access-Control-Allow-Origin": "*"
+      });
+      const sendSSE = (event, data) => {
+        res.write(`event: ${event}
+data: ${JSON.stringify(data)}
+`);
+      };
+      const sessionId = parsed.request.sessionId || `ext-${Date.now()}`;
+      sendSSE("connected", { sessionId });
+      try {
+        for await (const chunk of handler.handleStream(parsed.request, context)) {
+          sendSSE(chunk.type, {
+            type: chunk.type,
+            content: chunk.content,
+            sessionId
+          });
+        }
+        sendSSE("done", { sessionId });
+      } catch (err) {
+        console.error("[firststep] Stream error:", err);
+        sendSSE("error", { code: "STREAM_ERROR", message: err?.message || "Unknown error" });
+      }
+      res.end();
+      return;
+    }
+    sendJson(res, 404, { error: "Not found" });
+  }
+  function requestListener(req, res) {
+    handleRequest(req, res).catch((err) => {
+      console.error("[firststep] Unexpected error:", err);
+      if (!res.headersSent) {
+        sendJson(res, 500, { error: "Internal server error" });
+      }
+    });
+  }
+  const httpServer = createHttpServer(requestListener);
+  return {
+    start() {
+      return new Promise((resolve) => {
+        httpServer.listen(port, host, () => {
+          console.log(`[firststep] Handler server listening on ${host}:${port}`);
+          console.log(`[firststep] Endpoints:`);
+          console.log(`  GET  /health         - Health check`);
+          console.log(`  POST /handshake      - Capability exchange`);
+          console.log(`  POST /message        - Handle chat message`);
+          console.log(`  POST /message/stream - Handle chat message (SSE stream)`);
+          resolve();
+        });
+      });
+    },
+    stop() {
+      return new Promise((resolve, reject) => {
+        httpServer.close((err) => {
+          if (err) reject(err);
+          else resolve();
+        });
+      });
+    },
+    getRequestHandler() {
+      return requestListener;
+    }
+  };
+}
+export {
+  createServer
+};
+//# sourceMappingURL=server.mjs.map