@fluojs/http 1.0.0-beta.1

package/dist/exceptions.js

@@ -0,0 +1,222 @@
+import { FluoError } from '@fluojs/core';
+
+/**
+ * Detailed error information for field-level validation or binding failures.
+ */
+
+/**
+ * Optional metadata used when creating an {@link HttpException}.
+ */
+
+/**
+ * Canonical HTTP error response envelope.
+ */
+
+/**
+ * Base HTTP exception type used by the dispatcher error serializer.
+ */
+export class HttpException extends FluoError {
+  /** Detailed field-level or source-level error info. */
+  details;
+  /** HTTP status code. */
+  status;
+
+  /**
+   * Creates an HTTP exception with status, message, and optional structured error metadata.
+   *
+   * @param status HTTP status code used by the dispatcher when writing the error response.
+   * @param message Human-readable error message exposed in the serialized envelope.
+   * @param options Optional structured metadata including `code`, `details`, `meta`, and `cause`.
+   */
+  constructor(status, message, options = {}) {
+    super(message, {
+      cause: options.cause,
+      code: options.code,
+      meta: options.meta
+    });
+    this.details = options.details ? [...options.details] : undefined;
+    this.status = status;
+  }
+}
+
+/**
+ * HTTP 400 Bad Request exception.
+ */
+export class BadRequestException extends HttpException {
+  /**
+   * Creates a 400 Bad Request exception.
+   *
+   * @param message Human-readable reason for rejecting the request.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Bad request.', options = {}) {
+    super(400, message, {
+      ...options,
+      code: 'BAD_REQUEST'
+    });
+  }
+}
+
+/**
+ * HTTP 401 Unauthorized exception.
+ */
+export class UnauthorizedException extends HttpException {
+  /**
+   * Creates a 401 Unauthorized exception.
+   *
+   * @param message Human-readable authentication failure reason.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Authentication required.', options = {}) {
+    super(401, message, {
+      ...options,
+      code: 'UNAUTHORIZED'
+    });
+  }
+}
+
+/**
+ * HTTP 403 Forbidden exception.
+ */
+export class ForbiddenException extends HttpException {
+  /**
+   * Creates a 403 Forbidden exception.
+   *
+   * @param message Human-readable authorization failure reason.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Access denied.', options = {}) {
+    super(403, message, {
+      ...options,
+      code: 'FORBIDDEN'
+    });
+  }
+}
+
+/**
+ * HTTP 404 Not Found exception.
+ */
+export class NotFoundException extends HttpException {
+  /**
+   * Creates a 404 Not Found exception.
+   *
+   * @param message Human-readable missing-resource reason.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Resource not found.', options = {}) {
+    super(404, message, {
+      ...options,
+      code: 'NOT_FOUND'
+    });
+  }
+}
+
+/**
+ * HTTP 409 Conflict exception.
+ */
+export class ConflictException extends HttpException {
+  /**
+   * Creates a 409 Conflict exception.
+   *
+   * @param message Human-readable conflict reason.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Conflict.', options = {}) {
+    super(409, message, {
+      ...options,
+      code: 'CONFLICT'
+    });
+  }
+}
+
+/**
+ * HTTP 406 Not Acceptable exception.
+ */
+export class NotAcceptableException extends HttpException {
+  /**
+   * Creates a 406 Not Acceptable exception.
+   *
+   * @param message Human-readable content-negotiation failure reason.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Not acceptable.', options = {}) {
+    super(406, message, {
+      ...options,
+      code: 'NOT_ACCEPTABLE'
+    });
+  }
+}
+
+/**
+ * HTTP 429 Too Many Requests exception.
+ */
+export class TooManyRequestsException extends HttpException {
+  /**
+   * Creates a 429 Too Many Requests exception.
+   *
+   * @param message Human-readable throttling reason.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Too many requests.', options = {}) {
+    super(429, message, {
+      ...options,
+      code: 'TOO_MANY_REQUESTS'
+    });
+  }
+}
+
+/**
+ * HTTP 413 Payload Too Large exception.
+ */
+export class PayloadTooLargeException extends HttpException {
+  /**
+   * Creates a 413 Payload Too Large exception.
+   *
+   * @param message Human-readable payload-size failure reason.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Payload too large.', options = {}) {
+    super(413, message, {
+      ...options,
+      code: 'PAYLOAD_TOO_LARGE'
+    });
+  }
+}
+
+/**
+ * HTTP 500 Internal Server Error exception.
+ */
+export class InternalServerErrorException extends HttpException {
+  /**
+   * Creates a 500 Internal Server Error exception.
+   *
+   * @param message Human-readable server-side failure reason.
+   * @param options Optional structured details and metadata serialized in the error envelope.
+   */
+  constructor(message = 'Internal server error.', options = {}) {
+    super(500, message, {
+      ...options,
+      code: 'INTERNAL_SERVER_ERROR'
+    });
+  }
+}
+
+/**
+ * Converts an {@link HttpException} to the standard serialized error envelope.
+ *
+ * @param error HTTP exception produced by application code or the dispatcher pipeline.
+ * @param requestId Optional request identifier attached by runtime correlation middleware.
+ * @returns The canonical `{ error: ... }` payload returned to HTTP clients.
+ */
+export function createErrorResponse(error, requestId) {
+  return {
+    error: {
+      code: error.code,
+      details: error.details,
+      message: error.message,
+      meta: error.meta,
+      requestId,
+      status: error.status
+    }
+  };
+}

package/dist/guards.d.ts

@@ -0,0 +1,3 @@
+import type { GuardContext, GuardLike } from './types.js';
+export declare function runGuardChain(definitions: GuardLike[], context: GuardContext): Promise<void>;
+//# sourceMappingURL=guards.d.ts.map

package/dist/guards.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guards.d.ts","sourceRoot":"","sources":["../src/guards.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAS,YAAY,EAAE,SAAS,EAAkB,MAAM,YAAY,CAAC;AAcjF,wBAAsB,aAAa,CAAC,WAAW,EAAE,SAAS,EAAE,EAAE,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CASlG"}

package/dist/guards.js

@@ -0,0 +1,19 @@
+import { ForbiddenException } from './exceptions.js';
+function isGuard(value) {
+  return typeof value === 'object' && value !== null && 'canActivate' in value;
+}
+async function resolveGuard(definition, requestContext) {
+  if (isGuard(definition)) {
+    return definition;
+  }
+  return requestContext.container.resolve(definition);
+}
+export async function runGuardChain(definitions, context) {
+  for (const definition of definitions) {
+    const guard = await resolveGuard(definition, context.requestContext);
+    const result = await guard.canActivate(context);
+    if (result === false) {
+      throw new ForbiddenException('Access denied.');
+    }
+  }
+}

package/dist/index.d.ts

@@ -0,0 +1,15 @@
+export * from './adapter.js';
+export * from './middleware/correlation.js';
+export * from './middleware/cors.js';
+export { All, Controller, Convert, Delete, FromBody, FromCookie, FromHeader, FromPath, FromQuery, Get, Head, Header, HttpCode, Optional, Options, Patch, Post, Produces, Put, Redirect, RequestDto, UseGuards, UseInterceptors, Version, } from './decorators.js';
+export * from './dispatch/dispatcher.js';
+export * from './errors.js';
+export * from './exceptions.js';
+export * from './mapping.js';
+export { forRoutes, isMiddlewareRouteConfig, matchRoutePattern, normalizeRoutePattern, } from './middleware/middleware.js';
+export * from './middleware/rate-limit.js';
+export * from './context/request-context.js';
+export * from './middleware/security-headers.js';
+export * from './context/sse.js';
+export * from './types.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,cAAc,CAAC;AAC7B,cAAc,6BAA6B,CAAC;AAC5C,cAAc,sBAAsB,CAAC;AACrC,OAAO,EACL,GAAG,EACH,UAAU,EACV,OAAO,EACP,MAAM,EACN,QAAQ,EACR,UAAU,EACV,UAAU,EACV,QAAQ,EACR,SAAS,EACT,GAAG,EACH,IAAI,EACJ,MAAM,EACN,QAAQ,EACR,QAAQ,EACR,OAAO,EACP,KAAK,EACL,IAAI,EACJ,QAAQ,EACR,GAAG,EACH,QAAQ,EACR,UAAU,EACV,SAAS,EACT,eAAe,EACf,OAAO,GACR,MAAM,iBAAiB,CAAC;AACzB,cAAc,0BAA0B,CAAC;AACzC,cAAc,aAAa,CAAC;AAC5B,cAAc,iBAAiB,CAAC;AAChC,cAAc,cAAc,CAAC;AAC7B,OAAO,EACL,SAAS,EACT,uBAAuB,EACvB,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,4BAA4B,CAAC;AACpC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,8BAA8B,CAAC;AAC7C,cAAc,kCAAkC,CAAC;AACjD,cAAc,kBAAkB,CAAC;AACjC,cAAc,YAAY,CAAC"}

package/dist/index.js

@@ -0,0 +1,14 @@
+export * from './adapter.js';
+export * from './middleware/correlation.js';
+export * from './middleware/cors.js';
+export { All, Controller, Convert, Delete, FromBody, FromCookie, FromHeader, FromPath, FromQuery, Get, Head, Header, HttpCode, Optional, Options, Patch, Post, Produces, Put, Redirect, RequestDto, UseGuards, UseInterceptors, Version } from './decorators.js';
+export * from './dispatch/dispatcher.js';
+export * from './errors.js';
+export * from './exceptions.js';
+export * from './mapping.js';
+export { forRoutes, isMiddlewareRouteConfig, matchRoutePattern, normalizeRoutePattern } from './middleware/middleware.js';
+export * from './middleware/rate-limit.js';
+export * from './context/request-context.js';
+export * from './middleware/security-headers.js';
+export * from './context/sse.js';
+export * from './types.js';

package/dist/input-error-detail.d.ts

@@ -0,0 +1,10 @@
+import type { MetadataSource } from '@fluojs/core';
+import type { HttpExceptionDetail } from './exceptions.js';
+export interface InputErrorDetail {
+    code: string;
+    field?: string;
+    message: string;
+    source?: MetadataSource;
+}
+export declare function toInputErrorDetail(detail: InputErrorDetail): HttpExceptionDetail;
+//# sourceMappingURL=input-error-detail.d.ts.map

package/dist/input-error-detail.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"input-error-detail.d.ts","sourceRoot":"","sources":["../src/input-error-detail.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAEnD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAE3D,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,cAAc,CAAC;CACzB;AAED,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,gBAAgB,GAAG,mBAAmB,CAOhF"}

package/dist/input-error-detail.js

@@ -0,0 +1,8 @@
+export function toInputErrorDetail(detail) {
+  return {
+    code: detail.code,
+    field: detail.field,
+    message: detail.message,
+    source: detail.source
+  };
+}

package/dist/interceptors.d.ts

@@ -0,0 +1,3 @@
+import type { InterceptorContext, InterceptorLike } from './types.js';
+export declare function runInterceptorChain(definitions: InterceptorLike[], context: InterceptorContext, terminal: () => Promise<unknown>): Promise<unknown>;
+//# sourceMappingURL=interceptors.d.ts.map

package/dist/interceptors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interceptors.d.ts","sourceRoot":"","sources":["../src/interceptors.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAGV,kBAAkB,EAClB,eAAe,EAEhB,MAAM,YAAY,CAAC;AAiBpB,wBAAsB,mBAAmB,CACvC,WAAW,EAAE,eAAe,EAAE,EAC9B,OAAO,EAAE,kBAAkB,EAC3B,QAAQ,EAAE,MAAM,OAAO,CAAC,OAAO,CAAC,GAC/B,OAAO,CAAC,OAAO,CAAC,CAelB"}

package/dist/interceptors.js

@@ -0,0 +1,22 @@
+function isInterceptor(value) {
+  return typeof value === 'object' && value !== null && 'intercept' in value;
+}
+async function resolveInterceptor(definition, requestContext) {
+  if (isInterceptor(definition)) {
+    return definition;
+  }
+  return requestContext.container.resolve(definition);
+}
+export async function runInterceptorChain(definitions, context, terminal) {
+  let next = {
+    handle: terminal
+  };
+  for (const definition of [...definitions].reverse()) {
+    const interceptor = await resolveInterceptor(definition, context.requestContext);
+    const previous = next;
+    next = {
+      handle: () => Promise.resolve(interceptor.intercept(context, previous))
+    };
+  }
+  return next.handle();
+}

package/dist/internal.d.ts

@@ -0,0 +1,3 @@
+export { DefaultBinder } from './adapters/binding.js';
+export { resolveClientIdentity } from './client-identity.js';
+//# sourceMappingURL=internal.d.ts.map

package/dist/internal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"internal.d.ts","sourceRoot":"","sources":["../src/internal.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC"}

package/dist/internal.js

@@ -0,0 +1,2 @@
+export { DefaultBinder } from './adapters/binding.js';
+export { resolveClientIdentity } from './client-identity.js';

package/dist/mapping.d.ts

@@ -0,0 +1,7 @@
+import type { HandlerMapping, HandlerSource, VersioningOptions } from './types.js';
+interface CreateHandlerMappingOptions {
+    versioning?: VersioningOptions;
+}
+export declare function createHandlerMapping(sources: HandlerSource[], options?: CreateHandlerMappingOptions): HandlerMapping;
+export {};
+//# sourceMappingURL=mapping.d.ts.map

package/dist/mapping.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"mapping.d.ts","sourceRoot":"","sources":["../src/mapping.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAIV,cAAc,EAEd,aAAa,EAIb,iBAAiB,EAClB,MAAM,YAAY,CAAC;AAOpB,UAAU,2BAA2B;IACnC,UAAU,CAAC,EAAE,iBAAiB,CAAC;CAChC;AAmQD,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,aAAa,EAAE,EAAE,OAAO,CAAC,EAAE,2BAA2B,GAAG,cAAc,CA0DpH"}

package/dist/mapping.js

@@ -0,0 +1,244 @@
+import { getControllerMetadata, getRouteMetadata } from '@fluojs/core/internal';
+import { getRouteProducesMetadata } from './decorators.js';
+import { RouteConflictError } from './errors.js';
+import { extractRoutePathParams, matchRoutePath, normalizeRoutePath, parseRoutePath } from './route-path.js';
+import { VersioningType } from './types.js';
+function joinPaths(basePath, routePath) {
+  return normalizeRoutePath(`${basePath}/${routePath}`);
+}
+function normalizeVersionSegment(version) {
+  const normalized = version.trim().replace(/^v/i, '');
+  return `v${normalized}`;
+}
+function applyVersionPrefix(path, version) {
+  if (!version) {
+    return path;
+  }
+  return joinPaths(`/${normalizeVersionSegment(version)}`, path);
+}
+function normalizeVersionValue(version) {
+  return version.trim().replace(/^v/i, '');
+}
+function readHeaderValue(request, headerName) {
+  const normalizedHeaderName = headerName.trim().toLowerCase();
+  if (!normalizedHeaderName) {
+    return undefined;
+  }
+  for (const [key, raw] of Object.entries(request.headers)) {
+    if (key.toLowerCase() !== normalizedHeaderName) {
+      continue;
+    }
+    const values = Array.isArray(raw) ? raw : [raw];
+    for (const value of values) {
+      const normalized = value?.trim();
+      if (normalized) {
+        return normalized;
+      }
+    }
+  }
+  return undefined;
+}
+function escapeRegExp(value) {
+  return value.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+}
+function extractVersionFromMediaType(request, key) {
+  const accept = readHeaderValue(request, 'accept');
+  if (!accept) {
+    return undefined;
+  }
+  const escapedKey = escapeRegExp(key);
+  const matcher = new RegExp(`${escapedKey}([^;,+\\s]+)`, 'i');
+  const mediaTypes = accept.split(',').map(value => value.trim()).filter(Boolean);
+  for (const mediaType of mediaTypes) {
+    const match = mediaType.match(matcher);
+    const extracted = match?.[1]?.trim();
+    if (extracted) {
+      return extracted;
+    }
+  }
+  return undefined;
+}
+function resolveVersioning(options) {
+  const versioning = options?.versioning;
+  if (!versioning || versioning.type === undefined || versioning.type === VersioningType.URI) {
+    return {
+      extractor: () => undefined,
+      type: VersioningType.URI
+    };
+  }
+  if (versioning.type === VersioningType.HEADER) {
+    return {
+      extractor: request => readHeaderValue(request, versioning.header),
+      type: VersioningType.HEADER
+    };
+  }
+  if (versioning.type === VersioningType.MEDIA_TYPE) {
+    return {
+      extractor: request => extractVersionFromMediaType(request, versioning.key ?? 'v='),
+      type: VersioningType.MEDIA_TYPE
+    };
+  }
+  if (versioning.type === VersioningType.CUSTOM) {
+    return {
+      extractor: versioning.extractor,
+      type: VersioningType.CUSTOM
+    };
+  }
+  return {
+    extractor: () => undefined,
+    type: VersioningType.URI
+  };
+}
+function resolveRequestVersion(request, versioning) {
+  const raw = versioning.extractor(request);
+  const values = Array.isArray(raw) ? raw : [raw];
+  for (const value of values) {
+    if (typeof value !== 'string') {
+      continue;
+    }
+    const normalized = normalizeVersionValue(value);
+    if (normalized) {
+      return normalized;
+    }
+  }
+  return undefined;
+}
+function matchesRouteVersion(descriptor, requestVersion) {
+  const routeVersion = descriptor.route.version;
+  if (!routeVersion) {
+    return requestVersion === undefined;
+  }
+  if (!requestVersion) {
+    return false;
+  }
+  return normalizeVersionValue(routeVersion) === requestVersion;
+}
+function getControllerMethodNames(controllerToken) {
+  return Object.getOwnPropertyNames(controllerToken.prototype).filter(propertyKey => propertyKey !== 'constructor');
+}
+function splitIncomingPathSegments(path) {
+  return normalizeRoutePath(path).split('/').filter(Boolean);
+}
+function buildDescriptorIndex(descriptors) {
+  const index = new Map();
+  for (const descriptor of descriptors) {
+    const method = descriptor.route.method;
+    const segments = parseRoutePath(descriptor.route.path, `Registered ${descriptor.route.method} route path`);
+    const segmentCount = segments.length;
+    let methodMap = index.get(method);
+    if (!methodMap) {
+      methodMap = new Map();
+      index.set(method, methodMap);
+    }
+    let bucket = methodMap.get(segmentCount);
+    if (!bucket) {
+      bucket = [];
+      methodMap.set(segmentCount, bucket);
+    }
+    bucket.push({
+      descriptor,
+      segments
+    });
+  }
+  return index;
+}
+function createHandlerDescriptors(source, versioning) {
+  const controllerMetadata = getControllerMetadata(source.controllerToken) ?? {
+    basePath: ''
+  };
+  const descriptors = [];
+  for (const propertyKey of getControllerMethodNames(source.controllerToken)) {
+    const routeMetadata = getRouteMetadata(source.controllerToken.prototype, propertyKey);
+    if (!routeMetadata) {
+      continue;
+    }
+    const effectiveVersion = routeMetadata.version ?? controllerMetadata.version;
+    const routePath = joinPaths(controllerMetadata.basePath, routeMetadata.path);
+    const effectivePath = versioning.type === VersioningType.URI ? applyVersionPrefix(routePath, effectiveVersion) : routePath;
+    const produces = getRouteProducesMetadata(source.controllerToken, propertyKey);
+    descriptors.push({
+      controllerToken: source.controllerToken,
+      metadata: {
+        controllerPath: controllerMetadata.basePath,
+        effectivePath,
+        effectiveVersion,
+        moduleMiddleware: [...(source.moduleMiddleware ?? [])],
+        moduleType: source.moduleType,
+        pathParams: extractRoutePathParams(effectivePath)
+      },
+      methodName: String(propertyKey),
+      route: {
+        ...routeMetadata,
+        ...(produces ? {
+          produces
+        } : {}),
+        guards: [...(controllerMetadata.guards ?? []), ...(routeMetadata.guards ?? [])],
+        interceptors: [...(controllerMetadata.interceptors ?? []), ...(routeMetadata.interceptors ?? [])],
+        path: effectivePath,
+        version: effectiveVersion
+      }
+    });
+  }
+  return descriptors;
+}
+function buildDescriptorList(sources, versioning) {
+  const descriptors = sources.flatMap(source => createHandlerDescriptors(source, versioning));
+  const seen = new Set();
+  for (const descriptor of descriptors) {
+    const routeVersion = descriptor.route.version === undefined ? '<none>' : normalizeVersionValue(descriptor.route.version);
+    const routeKey = `${descriptor.route.method}:${descriptor.route.path}:${routeVersion}`;
+    if (seen.has(routeKey)) {
+      throw new RouteConflictError(`Duplicate route registration detected for ${routeKey}.`);
+    }
+    seen.add(routeKey);
+  }
+  return descriptors;
+}
+export function createHandlerMapping(sources, options) {
+  const versioning = resolveVersioning(options);
+  const descriptors = buildDescriptorList(sources, versioning);
+  const descriptorIndex = buildDescriptorIndex(descriptors);
+  return {
+    descriptors,
+    match(request) {
+      const method = request.method.toUpperCase();
+      const requestVersion = versioning.type === VersioningType.URI ? undefined : resolveRequestVersion(request, versioning);
+      const incomingSegments = splitIncomingPathSegments(request.path);
+      const candidates = [...(descriptorIndex.get(method)?.get(incomingSegments.length) ?? []), ...(descriptorIndex.get('ALL')?.get(incomingSegments.length) ?? [])];
+      let firstUnversionedMatch;
+      for (const candidate of candidates) {
+        const params = matchRoutePath(candidate.segments, incomingSegments);
+        if (!params) {
+          continue;
+        }
+        if (versioning.type === VersioningType.URI) {
+          return {
+            descriptor: candidate.descriptor,
+            params
+          };
+        }
+        if (matchesRouteVersion(candidate.descriptor, requestVersion)) {
+          return {
+            descriptor: candidate.descriptor,
+            params
+          };
+        }
+        if (candidate.descriptor.route.version === undefined && !firstUnversionedMatch) {
+          firstUnversionedMatch = {
+            descriptor: candidate.descriptor,
+            params
+          };
+        }
+      }
+      if (versioning.type !== VersioningType.URI) {
+        if (firstUnversionedMatch) {
+          return {
+            descriptor: firstUnversionedMatch.descriptor,
+            params: firstUnversionedMatch.params
+          };
+        }
+      }
+      return undefined;
+    }
+  };
+}

package/dist/middleware/correlation.d.ts

@@ -0,0 +1,3 @@
+import type { Middleware } from '../types.js';
+export declare function createCorrelationMiddleware(): Middleware;
+//# sourceMappingURL=correlation.d.ts.map

package/dist/middleware/correlation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"correlation.d.ts","sourceRoot":"","sources":["../../src/middleware/correlation.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAY9C,wBAAgB,2BAA2B,IAAI,UAAU,CAYxD"}

package/dist/middleware/correlation.js

@@ -0,0 +1,19 @@
+import { randomUUID } from 'node:crypto';
+const REQUEST_ID_HEADER = 'x-request-id';
+const CORRELATION_ID_HEADER = 'x-correlation-id';
+function resolveInboundRequestId(headers) {
+  const requestId = headers[REQUEST_ID_HEADER] ?? headers[CORRELATION_ID_HEADER];
+  const value = Array.isArray(requestId) ? requestId[0] : requestId;
+  return value ?? randomUUID();
+}
+export function createCorrelationMiddleware() {
+  return {
+    async handle(context, next) {
+      if (!context.requestContext.requestId) {
+        context.requestContext.requestId = resolveInboundRequestId(context.request.headers);
+      }
+      context.response.setHeader(REQUEST_ID_HEADER, context.requestContext.requestId);
+      await next();
+    }
+  };
+}

package/dist/middleware/cors.d.ts

@@ -0,0 +1,11 @@
+import type { Middleware } from '../types.js';
+export interface CorsOptions {
+    allowCredentials?: boolean;
+    allowHeaders?: string[];
+    allowMethods?: string[];
+    allowOrigin?: string | string[] | ((origin: string | undefined) => string | undefined);
+    exposeHeaders?: string[];
+    maxAge?: number;
+}
+export declare function createCorsMiddleware(options?: CorsOptions): Middleware;
+//# sourceMappingURL=cors.d.ts.map

package/dist/middleware/cors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cors.d.ts","sourceRoot":"","sources":["../../src/middleware/cors.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAE9C,MAAM,WAAW,WAAW;IAC1B,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,CAAC,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,KAAK,MAAM,GAAG,SAAS,CAAC,CAAC;IACvF,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AA4BD,wBAAgB,oBAAoB,CAAC,OAAO,GAAE,WAAgB,GAAG,UAAU,CA0D1E"}