npm - @geekmidas/constructs - Versions diffs - 0.0.21 → 0.1.0 - Mend

@geekmidas/constructs 0.0.21 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (186) hide show

package/dist/{EndpointBuilder-BPHpUekp.d.mts → EndpointBuilder-BJRkivxQ.d.mts} RENAMED Viewed

@@ -1,7 +1,7 @@
-import { HttpMethod } from "./types-DKf0juBf.mjs";
-import { BaseFunctionBuilder } from "./BaseFunctionBuilder-Ct6zY6Jq.mjs";
-import { Authorizer } from "./Authorizer-pmPvIVgv.mjs";
-import { ActorExtractor, AuthorizeFn, Endpoint, EndpointHandler, EndpointSchemas, MappedAudit, SessionFn, SuccessStatus } from "./Endpoint-PtQ-wLIS.mjs";
+import { HttpMethod } from "./types-Cy1IhmUB.mjs";
+import { BaseFunctionBuilder } from "./BaseFunctionBuilder-Oc2xmxmg.mjs";
+import { Authorizer, SecurityScheme } from "./Authorizer-D1w7MpK6.mjs";
+import { ActorExtractor, AuthorizeFn, Endpoint, EndpointHandler, EndpointSchemas, MappedAudit, SessionFn, SuccessStatus } from "./Endpoint-DoY1Owv2.mjs";
 import { Service } from "@geekmidas/services";
 import { AuditStorage, AuditableAction, ExtractStorageAuditAction } from "@geekmidas/audit";
 import { RateLimitConfig } from "@geekmidas/rate-limit";
@@ -25,6 +25,7 @@ declare class EndpointBuilder<TRoute extends string, TMethod extends HttpMethod,
   _authorizerName?: TAuthorizers[number];
   _actorExtractor?: ActorExtractor<TServices, TSession, TLogger>;
   _audits: MappedAudit<TAuditAction, OutSchema>[];
+  _customSecuritySchemes: Record<string, SecurityScheme>;
   constructor(route: TRoute, method: TMethod);
   _setPublisher(publisher: Service<TEventPublisherServiceName, TEventPublisher>): void;
   _setAuditorStorage(storage: Service<TAuditStorageServiceName, TAuditStorage>): void;
@@ -102,4 +103,4 @@ declare class EndpointBuilder<TRoute extends string, TMethod extends HttpMethod,
 }
 //#endregion
 export { EndpointBuilder };
-//# sourceMappingURL=EndpointBuilder-BPHpUekp.d.mts.map
+//# sourceMappingURL=EndpointBuilder-BJRkivxQ.d.mts.map

package/dist/{EndpointBuilder-DrJbIf3Z.cjs → EndpointBuilder-Bhyft7WY.cjs} RENAMED Viewed

@@ -2,6 +2,7 @@ const require_chunk = require('./chunk-CUT6urMc.cjs');
 const require_Construct = require('./Construct-BYSPikVm.cjs');
 const require_BaseFunctionBuilder = require('./BaseFunctionBuilder-C5Se7pdL.cjs');
 const require_Endpoint = require('./Endpoint-CA-byrDr.cjs');
+const require_Authorizer = require('./Authorizer-C0ge_tc8.cjs');
 const lodash_uniqby = require_chunk.__toESM(require("lodash.uniqby"));
 //#region src/endpoints/EndpointBuilder.ts
@@ -18,6 +19,7 @@ var EndpointBuilder = class extends require_BaseFunctionBuilder.BaseFunctionBuil
 	_authorizerName;
 	_actorExtractor;
 	_audits = [];
+	_customSecuritySchemes = {};
 	constructor(route, method) {
 		super(require_Construct.ConstructType.Endpoint);
 		this.route = route;
@@ -161,7 +163,18 @@ var EndpointBuilder = class extends require_BaseFunctionBuilder.BaseFunctionBuil
 		throw new Error("EndpointBuilder does not support generic input. Use body(), query(), or params() instead.");
 	}
 	handle(fn) {
-		const authorizer = this._authorizerName ? this._availableAuthorizers.find((a) => a.name === this._authorizerName) : void 0;
+		let authorizer;
+		if (this._authorizerName) {
+			const existingAuthorizer = this._availableAuthorizers.find((a) => a.name === this._authorizerName);
+			if (existingAuthorizer) authorizer = existingAuthorizer;
+			else {
+				const securityScheme = require_Authorizer.getSecurityScheme(this._authorizerName, this._customSecuritySchemes);
+				authorizer = {
+					name: this._authorizerName,
+					securityScheme
+				};
+			}
+		}
 		return new require_Endpoint.Endpoint({
 			fn,
 			method: this.method,
@@ -196,4 +209,4 @@ Object.defineProperty(exports, 'EndpointBuilder', {
     return EndpointBuilder;
   }
 });
-//# sourceMappingURL=EndpointBuilder-DrJbIf3Z.cjs.map
+//# sourceMappingURL=EndpointBuilder-Bhyft7WY.cjs.map

package/dist/EndpointBuilder-Bhyft7WY.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"EndpointBuilder-Bhyft7WY.cjs","names":["BaseFunctionBuilder","route: TRoute","method: TMethod","ConstructType","publisher: Service<TEventPublisherServiceName, TEventPublisher>","storage: Service<TAuditStorageServiceName, TAuditStorage>","service: Service<TDatabaseServiceName, TDatabase>","description: string","status: SuccessStatus","event: TEvent","tags: string[]","memorySize: number","publisher: Service<TName, T>","schema: T","config: RateLimitConfig","name: TAuthorizers[number] | 'none'","services: T","logger: T","storage: Service<TName, T>","extractor: ActorExtractor<TServices, TSession, TLogger>","audits: MappedAudit<TAuditAction, OutSchema>[]","service: Service<TName, T>","_schema: any","fn: EndpointHandler<\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TDatabase,\n TAuditStorage,\n TAuditAction\n >","authorizer: Authorizer | undefined","Endpoint"],"sources":["../src/endpoints/EndpointBuilder.ts"],"sourcesContent":["import type {\n AuditStorage,\n AuditableAction,\n ExtractStorageAuditAction,\n} from '@geekmidas/audit';\nimport type { EventPublisher, MappedEvent } from '@geekmidas/events';\nimport type { Logger } from '@geekmidas/logger';\nimport type { RateLimitConfig } from '@geekmidas/rate-limit';\nimport type { Service } from '@geekmidas/services';\nimport type { StandardSchemaV1 } from '@standard-schema/spec';\nimport uniqBy from 'lodash.uniqby';\nimport { ConstructType } from '../Construct';\nimport { BaseFunctionBuilder } from '../functions';\nimport type { HttpMethod } from '../types';\nimport type { Authorizer, SecurityScheme } from './Authorizer';\nimport { getSecurityScheme } from './Authorizer';\nimport { Endpoint, type EndpointSchemas } from './Endpoint';\nimport type {\n AuthorizeFn,\n EndpointHandler,\n SessionFn,\n SuccessStatus,\n} from './Endpoint';\nimport type { ActorExtractor, MappedAudit } from './audit';\n\nexport class EndpointBuilder<\n TRoute extends string,\n TMethod extends HttpMethod,\n TInput extends EndpointSchemas = {},\n TServices extends Service[] = [],\n TLogger extends Logger = Logger,\n OutSchema extends StandardSchemaV1 | undefined = undefined,\n TSession = unknown,\n TEventPublisher extends EventPublisher<any> | undefined = undefined,\n TEventPublisherServiceName extends string = string,\n TAuthorizers extends readonly string[] = readonly string[],\n TAuditStorage extends AuditStorage | undefined = undefined,\n TAuditStorageServiceName extends string = string,\n TAuditAction extends AuditableAction<string, unknown> = AuditableAction<\n string,\n unknown\n >,\n TDatabase = undefined,\n TDatabaseServiceName extends string = string,\n> extends BaseFunctionBuilder<\n TInput,\n OutSchema,\n TServices,\n TLogger,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuditStorage,\n TAuditStorageServiceName,\n TDatabase,\n TDatabaseServiceName\n> {\n protected schemas: TInput = {} as TInput;\n protected _description?: string;\n protected _status?: SuccessStatus;\n protected _tags?: string[];\n protected _memorySize?: number;\n _getSession: SessionFn<TServices, TLogger, TSession, TDatabase> = () =>\n ({}) as TSession;\n _authorize: AuthorizeFn<TServices, TLogger, TSession> = () => true;\n _rateLimit?: RateLimitConfig;\n _availableAuthorizers: Authorizer[] = [];\n _authorizerName?: TAuthorizers[number];\n _actorExtractor?: ActorExtractor<TServices, TSession, TLogger>;\n _audits: MappedAudit<TAuditAction, OutSchema>[] = [];\n _customSecuritySchemes: Record<string, SecurityScheme> = {};\n\n constructor(\n readonly route: TRoute,\n readonly method: TMethod,\n ) {\n super(ConstructType.Endpoint);\n }\n\n // Internal setter for EndpointFactory to set default publisher\n _setPublisher(\n publisher: Service<TEventPublisherServiceName, TEventPublisher>,\n ) {\n this._publisher = publisher;\n }\n\n // Internal setter for EndpointFactory to set default auditor storage\n _setAuditorStorage(\n storage: Service<TAuditStorageServiceName, TAuditStorage>,\n ) {\n this._auditorStorage = storage;\n }\n\n // Internal setter for EndpointFactory to set default database service\n _setDatabaseService(service: Service<TDatabaseServiceName, TDatabase>) {\n this._databaseService = service;\n }\n\n description(description: string): this {\n this._description = description;\n return this;\n }\n\n status(status: SuccessStatus): this {\n this._status = status;\n return this;\n }\n\n event<TEvent extends MappedEvent<TEventPublisher, OutSchema>>(\n event: TEvent,\n ): this {\n this._events.push(event);\n return this;\n }\n\n tags(tags: string[]): this {\n this._tags = tags;\n return this;\n }\n\n memorySize(memorySize: number): this {\n this._memorySize = memorySize;\n return this;\n }\n\n publisher<T extends EventPublisher<any>, TName extends string>(\n publisher: Service<TName, T>,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n T,\n TName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this._publisher = publisher as unknown as Service<\n TEventPublisherServiceName,\n TEventPublisher\n >;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n T,\n TName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n body<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n Omit<TInput, 'body'> & { body: T },\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this.schemas.body = schema as unknown as T;\n // @ts-ignore\n return this;\n }\n\n search<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n Omit<TInput, 'query'> & { query: T },\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this.schemas.query = schema as unknown as T;\n // @ts-ignore\n return this;\n }\n\n query<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n Omit<TInput, 'query'> & { query: T },\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n return this.search(schema);\n }\n\n params<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n Omit<TInput, 'params'> & { params: T },\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this.schemas.params = schema as unknown as T;\n // @ts-ignore\n return this;\n }\n\n rateLimit(config: RateLimitConfig): this {\n this._rateLimit = config;\n return this;\n }\n\n authorizer(\n name: TAuthorizers[number] | 'none',\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n // Special case: 'none' explicitly marks endpoint as having no authorizer\n if (name === 'none') {\n this._authorizerName = undefined;\n return this;\n }\n\n // Validate that the authorizer exists in available authorizers\n const authorizerExists = this._availableAuthorizers.some(\n (a) => a.name === name,\n );\n if (!authorizerExists && this._availableAuthorizers.length > 0) {\n const available = this._availableAuthorizers\n .map((a) => a.name)\n .join(', ');\n throw new Error(\n `Authorizer \"${name as string}\" not found in available authorizers: ${available}`,\n );\n }\n this._authorizerName = name;\n return this;\n }\n\n services<T extends Service[]>(\n services: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n [...TServices, ...T],\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this._services = uniqBy(\n [...this._services, ...services],\n (s) => s.serviceName,\n ) as TServices;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n [...TServices, ...T],\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n logger<T extends Logger>(\n logger: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n T,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this._logger = logger as unknown as TLogger;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n T,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n output<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n T,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this.outputSchema = schema as unknown as OutSchema;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n T,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n /**\n * Set the auditor storage service for this endpoint.\n * This enables audit functionality and makes `auditor` available in the handler context.\n * The audit action type is automatically inferred from the storage's generic parameter.\n */\n auditor<T extends AuditStorage<any>, TName extends string>(\n storage: Service<TName, T>,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n T,\n TName,\n ExtractStorageAuditAction<T>,\n TDatabase,\n TDatabaseServiceName\n > {\n this._auditorStorage = storage as unknown as Service<\n TAuditStorageServiceName,\n TAuditStorage\n >;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n T,\n TName,\n ExtractStorageAuditAction<T>,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n /**\n * Set the actor extractor function for audit records.\n * The actor is extracted from the request context and attached to all audits.\n */\n actor(\n extractor: ActorExtractor<TServices, TSession, TLogger>,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this._actorExtractor = extractor;\n return this;\n }\n\n /**\n * Add declarative audit definitions that are processed after the handler executes.\n * Similar to `.event()` for events, but for audits.\n *\n * @example\n * ```typescript\n * .audit<AppAuditAction>([\n * {\n * type: 'user.created',\n * payload: (response) => ({ userId: response.id, email: response.email }),\n * when: (response) => response.active,\n * entityId: (response) => response.id,\n * table: 'users',\n * },\n * ])\n * ```\n */\n audit(audits: MappedAudit<TAuditAction, OutSchema>[]): this {\n this._audits = audits;\n return this;\n }\n\n /**\n * Set the database service for this endpoint.\n * The database will be available in the handler context as `db`.\n * When audit storage is configured and uses the same database,\n * `db` will automatically be the transaction for ACID compliance.\n *\n * @example\n * ```typescript\n * .database(databaseService)\n * .handle(async ({ db }) => {\n * // db is the raw database or transaction (when auditor uses same db)\n * return await db.selectFrom('users').selectAll().execute();\n * })\n * ```\n */\n database<T, TName extends string>(\n service: Service<TName, T>,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n T,\n TName\n > {\n this._databaseService = service as unknown as Service<\n TDatabaseServiceName,\n TDatabase\n >;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n T,\n TName\n >;\n }\n\n // EndpointBuilder doesn't have a generic input method - it uses body, query, params instead\n input(_schema: any): any {\n throw new Error(\n 'EndpointBuilder does not support generic input. Use body(), query(), or params() instead.',\n );\n }\n\n handle(\n fn: EndpointHandler<\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TDatabase,\n TAuditStorage,\n TAuditAction\n >,\n ): Endpoint<\n TRoute,\n TMethod,\n TInput,\n OutSchema,\n TServices,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n // Find authorizer metadata if name is set\n // If the authorizer name is set but not in availableAuthorizers, create a simple authorizer object\n let authorizer: Authorizer | undefined;\n if (this._authorizerName) {\n const existingAuthorizer = this._availableAuthorizers.find(\n (a) => a.name === this._authorizerName,\n );\n\n if (existingAuthorizer) {\n authorizer = existingAuthorizer;\n } else {\n // Create authorizer with security scheme if available (built-in or custom)\n const securityScheme = getSecurityScheme(\n this._authorizerName as string,\n this._customSecuritySchemes,\n );\n authorizer = {\n name: this._authorizerName as string,\n securityScheme,\n };\n }\n }\n\n return new Endpoint({\n fn,\n method: this.method,\n route: this.route,\n description: this._description,\n tags: this._tags,\n input: this.schemas,\n output: this.outputSchema,\n services: this._services,\n logger: this._logger,\n timeout: this._timeout,\n memorySize: this._memorySize,\n authorize: this._authorize,\n status: this._status,\n getSession: this._getSession,\n rateLimit: this._rateLimit,\n publisherService: this._publisher,\n events: this._events,\n authorizer,\n auditorStorageService: this._auditorStorage,\n actorExtractor: this._actorExtractor,\n audits: this._audits,\n databaseService: this._databaseService,\n });\n }\n}\n"],"mappings":";;;;;;;;AAyBA,IAAa,kBAAb,cAmBUA,gDAWR;CACA,AAAU,UAAkB,CAAE;CAC9B,AAAU;CACV,AAAU;CACV,AAAU;CACV,AAAU;CACV,cAAkE,OAC/D,CAAE;CACL,aAAwD,MAAM;CAC9D;CACA,wBAAsC,CAAE;CACxC;CACA;CACA,UAAkD,CAAE;CACpD,yBAAyD,CAAE;CAE3D,YACWC,OACAC,QACT;AACA,QAAMC,gCAAc,SAAS;EAHpB;EACA;CAGV;CAGD,cACEC,WACA;AACA,OAAK,aAAa;CACnB;CAGD,mBACEC,SACA;AACA,OAAK,kBAAkB;CACxB;CAGD,oBAAoBC,SAAmD;AACrE,OAAK,mBAAmB;CACzB;CAED,YAAYC,aAA2B;AACrC,OAAK,eAAe;AACpB,SAAO;CACR;CAED,OAAOC,QAA6B;AAClC,OAAK,UAAU;AACf,SAAO;CACR;CAED,MACEC,OACM;AACN,OAAK,QAAQ,KAAK,MAAM;AACxB,SAAO;CACR;CAED,KAAKC,MAAsB;AACzB,OAAK,QAAQ;AACb,SAAO;CACR;CAED,WAAWC,YAA0B;AACnC,OAAK,cAAc;AACnB,SAAO;CACR;CAED,UACEC,WAiBA;AACA,OAAK,aAAa;AAKlB,SAAO;CAiBR;CAED,KACEC,QAiBA;AACA,OAAK,QAAQ,OAAO;AAEpB,SAAO;CACR;CAED,OACEA,QAiBA;AACA,OAAK,QAAQ,QAAQ;AAErB,SAAO;CACR;CAED,MACEA,QAiBA;AACA,SAAO,KAAK,OAAO,OAAO;CAC3B;CAED,OACEA,QAiBA;AACA,OAAK,QAAQ,SAAS;AAEtB,SAAO;CACR;CAED,UAAUC,QAA+B;AACvC,OAAK,aAAa;AAClB,SAAO;CACR;CAED,WACEC,MAiBA;AAEA,MAAI,SAAS,QAAQ;AACnB,QAAK;AACL,UAAO;EACR;EAGD,MAAM,mBAAmB,KAAK,sBAAsB,KAClD,CAAC,MAAM,EAAE,SAAS,KACnB;AACD,OAAK,oBAAoB,KAAK,sBAAsB,SAAS,GAAG;GAC9D,MAAM,YAAY,KAAK,sBACpB,IAAI,CAAC,MAAM,EAAE,KAAK,CAClB,KAAK,KAAK;AACb,SAAM,IAAI,OACP,cAAc,KAAe,wCAAwC,UAAU;EAEnF;AACD,OAAK,kBAAkB;AACvB,SAAO;CACR;CAED,SACEC,UAiBA;AACA,OAAK,YAAY,2BACf,CAAC,GAAG,KAAK,WAAW,GAAG,QAAS,GAChC,CAAC,MAAM,EAAE,YACV;AAED,SAAO;CAiBR;CAED,OACEC,QAiBA;AACA,OAAK,UAAU;AAEf,SAAO;CAiBR;CAED,OACEJ,QAiBA;AACA,OAAK,eAAe;AAEpB,SAAO;CAiBR;;;;;;CAOD,QACEK,SAiBA;AACA,OAAK,kBAAkB;AAKvB,SAAO;CAiBR;;;;;CAMD,MACEC,WAiBA;AACA,OAAK,kBAAkB;AACvB,SAAO;CACR;;;;;;;;;;;;;;;;;;CAmBD,MAAMC,QAAsD;AAC1D,OAAK,UAAU;AACf,SAAO;CACR;;;;;;;;;;;;;;;;CAiBD,SACEC,SAiBA;AACA,OAAK,mBAAmB;AAKxB,SAAO;CAiBR;CAGD,MAAMC,SAAmB;AACvB,QAAM,IAAI,MACR;CAEH;CAED,OACEC,IAyBA;EAGA,IAAIC;AACJ,MAAI,KAAK,iBAAiB;GACxB,MAAM,qBAAqB,KAAK,sBAAsB,KACpD,CAAC,MAAM,EAAE,SAAS,KAAK,gBACxB;AAED,OAAI,mBACF,cAAa;QACR;IAEL,MAAM,iBAAiB,qCACrB,KAAK,iBACL,KAAK,uBACN;AACD,iBAAa;KACX,MAAM,KAAK;KACX;IACD;GACF;EACF;AAED,SAAO,IAAIC,0BAAS;GAClB;GACA,QAAQ,KAAK;GACb,OAAO,KAAK;GACZ,aAAa,KAAK;GAClB,MAAM,KAAK;GACX,OAAO,KAAK;GACZ,QAAQ,KAAK;GACb,UAAU,KAAK;GACf,QAAQ,KAAK;GACb,SAAS,KAAK;GACd,YAAY,KAAK;GACjB,WAAW,KAAK;GAChB,QAAQ,KAAK;GACb,YAAY,KAAK;GACjB,WAAW,KAAK;GAChB,kBAAkB,KAAK;GACvB,QAAQ,KAAK;GACb;GACA,uBAAuB,KAAK;GAC5B,gBAAgB,KAAK;GACrB,QAAQ,KAAK;GACb,iBAAiB,KAAK;EACvB;CACF;AACF"}

package/dist/{EndpointBuilder-TApJQhtG.d.cts → EndpointBuilder-CQ-jOXsD.d.cts} RENAMED Viewed

@@ -1,7 +1,7 @@
 import { HttpMethod } from "./types-Bp9ysFXd.cjs";
 import { BaseFunctionBuilder } from "./BaseFunctionBuilder-DaQA0uKE.cjs";
-import { Authorizer } from "./Authorizer-BTmly8ps.cjs";
-import { ActorExtractor, AuthorizeFn, Endpoint, EndpointHandler, EndpointSchemas, MappedAudit, SessionFn, SuccessStatus } from "./Endpoint-D2Imgihs.cjs";
+import { Authorizer, SecurityScheme } from "./Authorizer-CpSUMTIs.cjs";
+import { ActorExtractor, AuthorizeFn, Endpoint, EndpointHandler, EndpointSchemas, MappedAudit, SessionFn, SuccessStatus } from "./Endpoint-BJPJTGjV.cjs";
 import { AuditStorage, AuditableAction, ExtractStorageAuditAction } from "@geekmidas/audit";
 import { EventPublisher, MappedEvent } from "@geekmidas/events";
 import { Logger } from "@geekmidas/logger";
@@ -25,6 +25,7 @@ declare class EndpointBuilder<TRoute extends string, TMethod extends HttpMethod,
   _authorizerName?: TAuthorizers[number];
   _actorExtractor?: ActorExtractor<TServices, TSession, TLogger>;
   _audits: MappedAudit<TAuditAction, OutSchema>[];
+  _customSecuritySchemes: Record<string, SecurityScheme>;
   constructor(route: TRoute, method: TMethod);
   _setPublisher(publisher: Service<TEventPublisherServiceName, TEventPublisher>): void;
   _setAuditorStorage(storage: Service<TAuditStorageServiceName, TAuditStorage>): void;
@@ -102,4 +103,4 @@ declare class EndpointBuilder<TRoute extends string, TMethod extends HttpMethod,
 }
 //#endregion
 export { EndpointBuilder };
-//# sourceMappingURL=EndpointBuilder-TApJQhtG.d.cts.map
+//# sourceMappingURL=EndpointBuilder-CQ-jOXsD.d.cts.map

package/dist/{EndpointFactory-DNwMexc7.mjs → EndpointFactory-ARUlRlyM.mjs} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { EndpointBuilder } from "./EndpointBuilder-B5QPf5Wd.mjs";
+import { EndpointBuilder } from "./EndpointBuilder-69uVrKZL.mjs";
 import { ConsoleLogger } from "@geekmidas/logger/console";
 import uniqBy from "lodash.uniqby";
@@ -16,7 +16,8 @@ var EndpointFactory = class EndpointFactory {
 	defaultAuditorStorage;
 	defaultDatabaseService;
 	defaultActorExtractor;
-	constructor({ basePath, defaultAuthorizeFn, defaultLogger, defaultSessionExtractor, defaultServices = [], defaultEventPublisher, availableAuthorizers = [], defaultAuthorizerName, defaultAuditorStorage, defaultDatabaseService, defaultActorExtractor } = {}) {
+	customSecuritySchemes = {};
+	constructor({ basePath, defaultAuthorizeFn, defaultLogger, defaultSessionExtractor, defaultServices = [], defaultEventPublisher, availableAuthorizers = [], defaultAuthorizerName, defaultAuditorStorage, defaultDatabaseService, defaultActorExtractor, customSecuritySchemes = {} } = {}) {
 		this.defaultServices = uniqBy(defaultServices, (s) => s.serviceName);
 		this.basePath = basePath || "";
 		this.defaultAuthorizeFn = defaultAuthorizeFn;
@@ -28,6 +29,7 @@ var EndpointFactory = class EndpointFactory {
 		this.defaultAuditorStorage = defaultAuditorStorage;
 		this.defaultDatabaseService = defaultDatabaseService;
 		this.defaultActorExtractor = defaultActorExtractor;
+		this.customSecuritySchemes = customSecuritySchemes;
 	}
 	static joinPaths(path, basePath = "") {
 		if (!basePath && !path) return "/";
@@ -54,7 +56,76 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: this.defaultActorExtractor
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
+		});
+	}
+	/**
+	* Define custom security schemes for this factory.
+	* These extend the built-in schemes (jwt, bearer, apiKey, oauth2, oidc).
+	*
+	* @example
+	* ```typescript
+	* const router = e.securitySchemes({
+	*   awsIamSigV4: {
+	*     type: 'apiKey',
+	*     in: 'header',
+	*     name: 'Authorization',
+	*     'x-amazon-apigateway-authtype': 'awsSigv4',
+	*   },
+	* });
+	* ```
+	*/
+	securitySchemes(schemes) {
+		return new EndpointFactory({
+			defaultServices: this.defaultServices,
+			basePath: this.basePath,
+			defaultAuthorizeFn: this.defaultAuthorizeFn,
+			defaultLogger: this.defaultLogger,
+			defaultSessionExtractor: this.defaultSessionExtractor,
+			defaultEventPublisher: this.defaultEventPublisher,
+			availableAuthorizers: this.availableAuthorizers,
+			defaultAuthorizerName: this.defaultAuthorizerName,
+			defaultAuditorStorage: this.defaultAuditorStorage,
+			defaultDatabaseService: this.defaultDatabaseService,
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: {
+				...this.customSecuritySchemes,
+				...schemes
+			}
+		});
+	}
+	/**
+	* Set the default authorizer for all endpoints created from this factory.
+	* Individual endpoints can override this by calling `.authorizer()` on the builder.
+	* Use `'none'` to explicitly disable authorization for all endpoints.
+	*
+	* Accepts:
+	* - Built-in security scheme names: 'jwt', 'bearer', 'apiKey', 'oauth2', 'oidc'
+	* - Custom security scheme names defined via `.securitySchemes()`
+	* - 'none' to disable authorization
+	*/
+	authorizer(name) {
+		if (name !== "none" && this.availableAuthorizers.length > 0) {
+			const authorizerExists = this.availableAuthorizers.some((a) => a.name === name);
+			if (!authorizerExists) {
+				const available = this.availableAuthorizers.map((a) => a.name).join(", ");
+				throw new Error(`Authorizer "${name}" not found in available authorizers: ${available}`);
+			}
+		}
+		return new EndpointFactory({
+			defaultServices: this.defaultServices,
+			basePath: this.basePath,
+			defaultAuthorizeFn: this.defaultAuthorizeFn,
+			defaultLogger: this.defaultLogger,
+			defaultSessionExtractor: this.defaultSessionExtractor,
+			defaultEventPublisher: this.defaultEventPublisher,
+			availableAuthorizers: this.availableAuthorizers,
+			defaultAuthorizerName: name === "none" ? void 0 : name,
+			defaultAuditorStorage: this.defaultAuditorStorage,
+			defaultDatabaseService: this.defaultDatabaseService,
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	route(path) {
@@ -70,7 +141,8 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: this.defaultActorExtractor
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	authorize(fn) {
@@ -85,7 +157,8 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: this.defaultActorExtractor
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	services(services) {
@@ -100,7 +173,8 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: this.defaultActorExtractor
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	logger(logger) {
@@ -115,7 +189,8 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: this.defaultActorExtractor
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	publisher(publisher) {
@@ -130,7 +205,8 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: this.defaultActorExtractor
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	session(session) {
@@ -145,7 +221,8 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: this.defaultActorExtractor
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	/**
@@ -163,7 +240,8 @@ var EndpointFactory = class EndpointFactory {
 			availableAuthorizers: this.availableAuthorizers,
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
-			defaultDatabaseService: service
+			defaultDatabaseService: service,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	/**
@@ -183,7 +261,8 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: storage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: this.defaultActorExtractor
+			defaultActorExtractor: this.defaultActorExtractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	/**
@@ -202,7 +281,8 @@ var EndpointFactory = class EndpointFactory {
 			defaultAuthorizerName: this.defaultAuthorizerName,
 			defaultAuditorStorage: this.defaultAuditorStorage,
 			defaultDatabaseService: this.defaultDatabaseService,
-			defaultActorExtractor: extractor
+			defaultActorExtractor: extractor,
+			customSecuritySchemes: this.customSecuritySchemes
 		});
 	}
 	createBuilder(method, path) {
@@ -218,6 +298,7 @@ var EndpointFactory = class EndpointFactory {
 		if (this.defaultAuditorStorage) builder._setAuditorStorage(this.defaultAuditorStorage);
 		if (this.defaultDatabaseService) builder._setDatabaseService(this.defaultDatabaseService);
 		if (this.defaultActorExtractor) builder._actorExtractor = this.defaultActorExtractor;
+		builder._customSecuritySchemes = this.customSecuritySchemes;
 		return builder;
 	}
 	post(path) {
@@ -243,4 +324,4 @@ const e = new EndpointFactory();
 //#endregion
 export { EndpointFactory, e };
-//# sourceMappingURL=EndpointFactory-DNwMexc7.mjs.map
+//# sourceMappingURL=EndpointFactory-ARUlRlyM.mjs.map

package/dist/EndpointFactory-ARUlRlyM.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"EndpointFactory-ARUlRlyM.mjs","names":["DEFAULT_LOGGER","path: P","basePath: TBasePath","authorizers: T","schemes: T","name:\n | BuiltInSecuritySchemeId\n | keyof TSecuritySchemes\n | TAuthorizers[number]\n | 'none'","path: TPath","fn: AuthorizeFn<TServices, TLogger, TSession>","services: S","logger: L","publisher: Service<TServiceName, T>","session: SessionFn<TServices, TLogger, T, TDatabase>","service: Service<TName, T>","storage: Service<TName, T>","extractor: ActorExtractor<TServices, TSession, TLogger>","method: TMethod"],"sources":["../src/endpoints/EndpointFactory.ts"],"sourcesContent":["import type {\n AuditStorage,\n AuditableAction,\n ExtractStorageAuditAction,\n} from '@geekmidas/audit';\nimport type { EventPublisher, MappedEvent } from '@geekmidas/events';\nimport type { Logger } from '@geekmidas/logger';\nimport { ConsoleLogger } from '@geekmidas/logger/console';\nimport type { Service } from '@geekmidas/services';\nimport uniqBy from 'lodash.uniqby';\nimport type { HttpMethod } from '../types';\nimport type {\n Authorizer,\n BuiltInSecuritySchemeId,\n SecurityScheme,\n} from './Authorizer';\nimport type { AuthorizeFn, SessionFn } from './Endpoint';\nimport { EndpointBuilder } from './EndpointBuilder';\nimport type { ActorExtractor } from './audit';\n\nconst DEFAULT_LOGGER = new ConsoleLogger() as any;\n\nexport class EndpointFactory<\n TServices extends Service[] = [],\n TBasePath extends string = '',\n TLogger extends Logger = Logger,\n TSession = unknown,\n TEventPublisher extends EventPublisher<any> | undefined = undefined,\n TEventPublisherServiceName extends string = string,\n TAuthorizers extends readonly string[] = readonly string[],\n TAuditStorage extends AuditStorage<any> | undefined = undefined,\n TAuditStorageServiceName extends string = string,\n TAuditAction extends AuditableAction<\n string,\n unknown\n > = ExtractStorageAuditAction<NonNullable<TAuditStorage>>,\n TDatabase = undefined,\n TDatabaseServiceName extends string = string,\n TSecuritySchemes extends Record<string, SecurityScheme> = Record<\n string,\n SecurityScheme\n >,\n> {\n // @ts-ignore\n private defaultServices: TServices;\n private basePath: TBasePath = '' as TBasePath;\n private defaultAuthorizeFn?: AuthorizeFn<TServices, TLogger, TSession>;\n private defaultEventPublisher:\n | Service<TEventPublisherServiceName, TEventPublisher>\n | undefined;\n private defaultSessionExtractor?: SessionFn<\n TServices,\n TLogger,\n TSession,\n TDatabase\n >;\n private defaultLogger: TLogger = DEFAULT_LOGGER;\n private availableAuthorizers: Authorizer[] = [];\n private defaultAuthorizerName?: TAuthorizers[number];\n private defaultAuditorStorage:\n | Service<TAuditStorageServiceName, TAuditStorage>\n | undefined;\n private defaultDatabaseService:\n | Service<TDatabaseServiceName, TDatabase>\n | undefined;\n private defaultActorExtractor?: ActorExtractor<TServices, TSession, TLogger>;\n private customSecuritySchemes: TSecuritySchemes = {} as TSecuritySchemes;\n\n constructor({\n basePath,\n defaultAuthorizeFn,\n defaultLogger,\n defaultSessionExtractor,\n // @ts-ignore\n defaultServices = [] as TServices,\n defaultEventPublisher,\n availableAuthorizers = [],\n defaultAuthorizerName,\n defaultAuditorStorage,\n defaultDatabaseService,\n defaultActorExtractor,\n customSecuritySchemes = {} as TSecuritySchemes,\n }: EndpointFactoryOptions<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > = {}) {\n // Initialize default services\n this.defaultServices = uniqBy(\n defaultServices,\n (s) => s.serviceName,\n ) as TServices;\n\n this.basePath = basePath || ('' as TBasePath);\n this.defaultAuthorizeFn = defaultAuthorizeFn;\n this.defaultLogger = defaultLogger || (DEFAULT_LOGGER as TLogger);\n this.defaultSessionExtractor = defaultSessionExtractor;\n this.defaultEventPublisher = defaultEventPublisher;\n this.availableAuthorizers = availableAuthorizers;\n this.defaultAuthorizerName = defaultAuthorizerName;\n this.defaultAuditorStorage = defaultAuditorStorage;\n this.defaultDatabaseService = defaultDatabaseService;\n this.defaultActorExtractor = defaultActorExtractor;\n this.customSecuritySchemes = customSecuritySchemes;\n }\n\n static joinPaths<TBasePath extends string, P extends string>(\n path: P,\n basePath: TBasePath = '' as TBasePath,\n ): JoinPaths<TBasePath, P> {\n // Handle empty cases\n if (!basePath && !path) return '/' as JoinPaths<TBasePath, P>;\n if (!basePath)\n return (path.startsWith('/') ? path : '/' + path) as JoinPaths<\n TBasePath,\n P\n >;\n if (!path)\n return (\n basePath.startsWith('/') ? basePath : '/' + basePath\n ) as JoinPaths<TBasePath, P>;\n\n const base = basePath.endsWith('/') ? basePath.slice(0, -1) : basePath;\n const segment = path.startsWith('/') ? path : '/' + path;\n\n let result = base + segment;\n\n // Ensure leading slash\n if (!result.startsWith('/')) {\n result = '/' + result;\n }\n\n // Normalize multiple slashes (except in the middle of the path where they might be intentional)\n result = result.replace(/^\\/+/g, '/');\n\n // Remove trailing slash unless it's the root path \"/\"\n if (result.length > 1 && result.endsWith('/')) {\n result = result.slice(0, -1);\n }\n\n return result as JoinPaths<TBasePath, P>;\n }\n\n // Configure available authorizers\n authorizers<const T extends readonly string[]>(\n authorizers: T,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n T,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n const authorizerConfigs = authorizers.map((name) => ({\n name,\n }));\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n T,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: authorizerConfigs,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n /**\n * Define custom security schemes for this factory.\n * These extend the built-in schemes (jwt, bearer, apiKey, oauth2, oidc).\n *\n * @example\n * ```typescript\n * const router = e.securitySchemes({\n * awsIamSigV4: {\n * type: 'apiKey',\n * in: 'header',\n * name: 'Authorization',\n * 'x-amazon-apigateway-authtype': 'awsSigv4',\n * },\n * });\n * ```\n */\n securitySchemes<T extends Record<string, SecurityScheme>>(\n schemes: T,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes & T\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes & T\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: {\n ...this.customSecuritySchemes,\n ...schemes,\n } as TSecuritySchemes & T,\n });\n }\n\n /**\n * Set the default authorizer for all endpoints created from this factory.\n * Individual endpoints can override this by calling `.authorizer()` on the builder.\n * Use `'none'` to explicitly disable authorization for all endpoints.\n *\n * Accepts:\n * - Built-in security scheme names: 'jwt', 'bearer', 'apiKey', 'oauth2', 'oidc'\n * - Custom security scheme names defined via `.securitySchemes()`\n * - 'none' to disable authorization\n */\n authorizer(\n name:\n | BuiltInSecuritySchemeId\n | keyof TSecuritySchemes\n | TAuthorizers[number]\n | 'none',\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n // Validate that the authorizer exists in available authorizers (if authorizers() was called)\n if (name !== 'none' && this.availableAuthorizers.length > 0) {\n const authorizerExists = this.availableAuthorizers.some(\n (a) => a.name === name,\n );\n if (!authorizerExists) {\n const available = this.availableAuthorizers\n .map((a) => a.name)\n .join(', ');\n throw new Error(\n `Authorizer \"${name as string}\" not found in available authorizers: ${available}`,\n );\n }\n }\n\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName:\n name === 'none' ? undefined : (name as TAuthorizers[number]),\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n // Create a sub-router with a path prefix\n route<TPath extends string>(\n path: TPath,\n ): EndpointFactory<\n TServices,\n JoinPaths<TBasePath, TPath>,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n const newBasePath = EndpointFactory.joinPaths(path, this.basePath);\n return new EndpointFactory<\n TServices,\n JoinPaths<TBasePath, TPath>,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: newBasePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n // Create a new factory with authorization\n authorize(\n fn: AuthorizeFn<TServices, TLogger, TSession>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: fn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n // Create a new factory with services\n services<S extends Service[]>(\n services: S,\n ): EndpointFactory<\n [...S, ...TServices],\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n [...S, ...TServices],\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: [...services, ...this.defaultServices],\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n logger<L extends Logger>(\n logger: L,\n ): EndpointFactory<\n TServices,\n TBasePath,\n L,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n L,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn as unknown as AuthorizeFn<\n TServices,\n L,\n TSession\n >,\n defaultLogger: logger,\n defaultSessionExtractor: this\n .defaultSessionExtractor as unknown as SessionFn<\n TServices,\n L,\n TSession\n >,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this\n .defaultActorExtractor as unknown as ActorExtractor<\n TServices,\n TSession,\n L\n >,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n publisher<\n T extends EventPublisher<any>,\n TServiceName extends string = string,\n >(\n publisher: Service<TServiceName, T>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n T,\n TServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n T,\n TServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: publisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n session<T>(\n session: SessionFn<TServices, TLogger, T, TDatabase>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n T,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n T,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn as unknown as AuthorizeFn<\n TServices,\n TLogger,\n T\n >,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: session,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this\n .defaultActorExtractor as unknown as ActorExtractor<\n TServices,\n T,\n TLogger\n >,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n /**\n * Set the database service for endpoints created from this factory.\n * The database will be available in handler context as `db`.\n */\n database<T, TName extends string>(\n service: Service<TName, T>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n T,\n TName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n T,\n TName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n // Reset session extractor when database changes - user should call .session() after .database()\n // to get proper type inference for the new database type\n defaultSessionExtractor: this.defaultSessionExtractor as unknown as\n | SessionFn<TServices, TLogger, TSession, T>\n | undefined,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: service,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n /**\n * Set the auditor storage service for endpoints created from this factory.\n * This enables audit functionality and makes `auditor` available in handler context.\n * The audit action type is automatically inferred from the storage's generic parameter.\n */\n auditor<T extends AuditStorage<any>, TName extends string>(\n storage: Service<TName, T>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n T,\n TName,\n ExtractStorageAuditAction<T>,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n T,\n TName,\n ExtractStorageAuditAction<T>,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: storage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this\n .defaultActorExtractor as unknown as ActorExtractor<\n TServices,\n TSession,\n TLogger\n >,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n /**\n * Set the actor extractor function for endpoints created from this factory.\n * The actor is extracted from the request context and attached to all audits.\n */\n actor(\n extractor: ActorExtractor<TServices, TSession, TLogger>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: extractor,\n customSecuritySchemes: this.customSecuritySchemes,\n });\n }\n\n private createBuilder<TMethod extends HttpMethod, TPath extends string>(\n method: TMethod,\n path: TPath,\n ): EndpointBuilder<\n JoinPaths<TBasePath, TPath>,\n TMethod,\n {},\n TServices,\n TLogger,\n undefined,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n const fullPath = EndpointFactory.joinPaths(path, this.basePath);\n const builder = new EndpointBuilder<\n JoinPaths<TBasePath, TPath>,\n TMethod,\n {},\n TServices,\n TLogger,\n undefined,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >(fullPath, method);\n\n if (this.defaultAuthorizeFn) {\n // @ts-ignore\n builder._authorize = this.defaultAuthorizeFn;\n }\n if (this.defaultServices.length) {\n // Create a copy to avoid sharing references between builders\n builder._services = [...this.defaultServices] as TServices;\n }\n\n if (this.defaultLogger) {\n builder._logger = this.defaultLogger as TLogger;\n }\n\n if (this.defaultSessionExtractor) {\n builder._getSession = this.defaultSessionExtractor as SessionFn<\n TServices,\n TLogger,\n TSession\n >;\n }\n\n if (this.defaultEventPublisher) {\n builder._setPublisher(this.defaultEventPublisher);\n }\n\n // Set available authorizers and default\n builder._availableAuthorizers = this.availableAuthorizers;\n if (this.defaultAuthorizerName) {\n builder._authorizerName = this.defaultAuthorizerName;\n }\n\n // Set auditor storage if configured\n if (this.defaultAuditorStorage) {\n builder._setAuditorStorage(this.defaultAuditorStorage as any);\n }\n\n // Set database service if configured\n if (this.defaultDatabaseService) {\n builder._setDatabaseService(this.defaultDatabaseService as any);\n }\n\n // Set actor extractor if configured\n if (this.defaultActorExtractor) {\n builder._actorExtractor = this.defaultActorExtractor;\n }\n\n // Set custom security schemes\n builder._customSecuritySchemes = this.customSecuritySchemes;\n\n return builder;\n }\n\n post<TPath extends string>(path: TPath) {\n return this.createBuilder('POST', path);\n }\n\n get<TPath extends string>(path: TPath) {\n return this.createBuilder('GET', path);\n }\n\n put<TPath extends string>(path: TPath) {\n return this.createBuilder('PUT', path);\n }\n\n delete<TPath extends string>(path: TPath) {\n return this.createBuilder('DELETE', path);\n }\n\n patch<TPath extends string>(path: TPath) {\n return this.createBuilder('PATCH', path);\n }\n\n options<TPath extends string>(path: TPath) {\n return this.createBuilder('OPTIONS', path);\n }\n}\n\nexport type RemoveTrailingSlash<T extends string> = T extends `${infer Rest}/`\n ? Rest extends ''\n ? T // Keep \"/\" as is\n : Rest\n : T;\n\nexport type JoinPaths<\n TBasePath extends string,\n TPath extends string,\n> = RemoveTrailingSlash<\n TBasePath extends ''\n ? TPath\n : TPath extends ''\n ? TBasePath\n : TBasePath extends '/'\n ? TPath extends `/${string}`\n ? TPath\n : `/${TPath}`\n : TBasePath extends `${infer Base}/`\n ? TPath extends `/${infer Rest}`\n ? `${Base}/${Rest}`\n : `${Base}/${TPath}`\n : TPath extends `/${infer Rest}`\n ? `${TBasePath}/${Rest}`\n : `${TBasePath}/${TPath}`\n>;\n\nexport interface EndpointFactoryOptions<\n TServices extends Service[] = [],\n TBasePath extends string = '',\n TLogger extends Logger = Logger,\n TSession = unknown,\n TEventPublisher extends EventPublisher<any> | undefined = undefined,\n TEventPublisherServiceName extends string = string,\n TAuthorizers extends readonly string[] = readonly string[],\n TAuditStorage extends AuditStorage | undefined = undefined,\n TAuditStorageServiceName extends string = string,\n TDatabase = undefined,\n TDatabaseServiceName extends string = string,\n TSecuritySchemes extends Record<string, SecurityScheme> = Record<\n string,\n SecurityScheme\n >,\n> {\n defaultServices?: TServices;\n basePath?: TBasePath;\n defaultAuthorizeFn?: AuthorizeFn<TServices, TLogger, TSession>;\n defaultLogger?: TLogger;\n defaultSessionExtractor?: SessionFn<TServices, TLogger, TSession, TDatabase>;\n defaultEventPublisher?: Service<TEventPublisherServiceName, TEventPublisher>;\n defaultEvents?: MappedEvent<TEventPublisher, undefined>[];\n availableAuthorizers?: Authorizer[];\n defaultAuthorizerName?: TAuthorizers[number];\n defaultAuditorStorage?: Service<TAuditStorageServiceName, TAuditStorage>;\n defaultDatabaseService?: Service<TDatabaseServiceName, TDatabase>;\n defaultActorExtractor?: ActorExtractor<TServices, TSession, TLogger>;\n customSecuritySchemes?: TSecuritySchemes;\n}\n\nexport const e = new EndpointFactory();\n"],"mappings":";;;;;AAoBA,MAAMA,mBAAiB,IAAI;AAE3B,IAAa,kBAAb,MAAa,gBAoBX;CAEA,AAAQ;CACR,AAAQ,WAAsB;CAC9B,AAAQ;CACR,AAAQ;CAGR,AAAQ;CAMR,AAAQ,gBAAyBA;CACjC,AAAQ,uBAAqC,CAAE;CAC/C,AAAQ;CACR,AAAQ;CAGR,AAAQ;CAGR,AAAQ;CACR,AAAQ,wBAA0C,CAAE;CAEpD,YAAY,EACV,UACA,oBACA,eACA,yBAEA,kBAAkB,CAAE,GACpB,uBACA,uBAAuB,CAAE,GACzB,uBACA,uBACA,wBACA,uBACA,wBAAwB,CAAE,GAc3B,GAAG,CAAE,GAAE;AAEN,OAAK,kBAAkB,OACrB,iBACA,CAAC,MAAM,EAAE,YACV;AAED,OAAK,WAAW,YAAa;AAC7B,OAAK,qBAAqB;AAC1B,OAAK,gBAAgB,iBAAkBA;AACvC,OAAK,0BAA0B;AAC/B,OAAK,wBAAwB;AAC7B,OAAK,uBAAuB;AAC5B,OAAK,wBAAwB;AAC7B,OAAK,wBAAwB;AAC7B,OAAK,yBAAyB;AAC9B,OAAK,wBAAwB;AAC7B,OAAK,wBAAwB;CAC9B;CAED,OAAO,UACLC,MACAC,WAAsB,IACG;AAEzB,OAAK,aAAa,KAAM,QAAO;AAC/B,OAAK,SACH,QAAQ,KAAK,WAAW,IAAI,GAAG,OAAO,MAAM;AAI9C,OAAK,KACH,QACE,SAAS,WAAW,IAAI,GAAG,WAAW,MAAM;EAGhD,MAAM,OAAO,SAAS,SAAS,IAAI,GAAG,SAAS,MAAM,GAAG,GAAG,GAAG;EAC9D,MAAM,UAAU,KAAK,WAAW,IAAI,GAAG,OAAO,MAAM;EAEpD,IAAI,SAAS,OAAO;AAGpB,OAAK,OAAO,WAAW,IAAI,CACzB,UAAS,MAAM;AAIjB,WAAS,OAAO,QAAQ,SAAS,IAAI;AAGrC,MAAI,OAAO,SAAS,KAAK,OAAO,SAAS,IAAI,CAC3C,UAAS,OAAO,MAAM,GAAG,GAAG;AAG9B,SAAO;CACR;CAGD,YACEC,aAeA;EACA,MAAM,oBAAoB,YAAY,IAAI,CAAC,UAAU,EACnD,KACD,GAAE;AACH,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB;GACtB,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;EAC7B;CACF;;;;;;;;;;;;;;;;;CAkBD,gBACEC,SAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB;IACrB,GAAG,KAAK;IACR,GAAG;GACJ;EACF;CACF;;;;;;;;;;;CAYD,WACEC,MAmBA;AAEA,MAAI,SAAS,UAAU,KAAK,qBAAqB,SAAS,GAAG;GAC3D,MAAM,mBAAmB,KAAK,qBAAqB,KACjD,CAAC,MAAM,EAAE,SAAS,KACnB;AACD,QAAK,kBAAkB;IACrB,MAAM,YAAY,KAAK,qBACpB,IAAI,CAAC,MAAM,EAAE,KAAK,CAClB,KAAK,KAAK;AACb,UAAM,IAAI,OACP,cAAc,KAAe,wCAAwC,UAAU;GAEnF;EACF;AAED,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBACE,SAAS,kBAAsB;GACjC,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;EAC7B;CACF;CAGD,MACEC,MAeA;EACA,MAAM,cAAc,gBAAgB,UAAU,MAAM,KAAK,SAAS;AAClE,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU;GACV,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;EAC7B;CACF;CAGD,UACEC,IAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB;GACpB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;EAC7B;CACF;CAGD,SACEC,UAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,CAAC,GAAG,UAAU,GAAG,KAAK,eAAgB;GACvD,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;EAC7B;CACF;CAED,OACEC,QAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GAKzB,eAAe;GACf,yBAAyB,KACtB;GAKH,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KACpB;GAKH,uBAAuB,KAAK;EAC7B;CACF;CAED,UAIEC,WAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB;GACvB,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;EAC7B;CACF;CAED,QACEC,SAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GAKzB,eAAe,KAAK;GACpB,yBAAyB;GACzB,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KACpB;GAKH,uBAAuB,KAAK;EAC7B;CACF;;;;;CAMD,SACEC,SAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GAGpB,yBAAyB,KAAK;GAG9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB;GACxB,uBAAuB,KAAK;EAC7B;CACF;;;;;;CAOD,QACEC,SAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB;GACvB,wBAAwB,KAAK;GAC7B,uBAAuB,KACpB;GAKH,uBAAuB,KAAK;EAC7B;CACF;;;;;CAMD,MACEC,WAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB;GACvB,uBAAuB,KAAK;EAC7B;CACF;CAED,AAAQ,cACNC,QACAT,MAiBA;EACA,MAAM,WAAW,gBAAgB,UAAU,MAAM,KAAK,SAAS;EAC/D,MAAM,UAAU,IAAI,gBAgBlB,UAAU;AAEZ,MAAI,KAAK,mBAEP,SAAQ,aAAa,KAAK;AAE5B,MAAI,KAAK,gBAAgB,OAEvB,SAAQ,YAAY,CAAC,GAAG,KAAK,eAAgB;AAG/C,MAAI,KAAK,cACP,SAAQ,UAAU,KAAK;AAGzB,MAAI,KAAK,wBACP,SAAQ,cAAc,KAAK;AAO7B,MAAI,KAAK,sBACP,SAAQ,cAAc,KAAK,sBAAsB;AAInD,UAAQ,wBAAwB,KAAK;AACrC,MAAI,KAAK,sBACP,SAAQ,kBAAkB,KAAK;AAIjC,MAAI,KAAK,sBACP,SAAQ,mBAAmB,KAAK,sBAA6B;AAI/D,MAAI,KAAK,uBACP,SAAQ,oBAAoB,KAAK,uBAA8B;AAIjE,MAAI,KAAK,sBACP,SAAQ,kBAAkB,KAAK;AAIjC,UAAQ,yBAAyB,KAAK;AAEtC,SAAO;CACR;CAED,KAA2BA,MAAa;AACtC,SAAO,KAAK,cAAc,QAAQ,KAAK;CACxC;CAED,IAA0BA,MAAa;AACrC,SAAO,KAAK,cAAc,OAAO,KAAK;CACvC;CAED,IAA0BA,MAAa;AACrC,SAAO,KAAK,cAAc,OAAO,KAAK;CACvC;CAED,OAA6BA,MAAa;AACxC,SAAO,KAAK,cAAc,UAAU,KAAK;CAC1C;CAED,MAA4BA,MAAa;AACvC,SAAO,KAAK,cAAc,SAAS,KAAK;CACzC;CAED,QAA8BA,MAAa;AACzC,SAAO,KAAK,cAAc,WAAW,KAAK;CAC3C;AACF;AA6DD,MAAa,IAAI,IAAI"}

package/dist/{EndpointFactory-TJ6gtM0W.d.mts → EndpointFactory-BKEPcQgE.d.mts} RENAMED Viewed

@@ -1,13 +1,13 @@
-import { Authorizer } from "./Authorizer-pmPvIVgv.mjs";
-import { ActorExtractor, AuthorizeFn, SessionFn } from "./Endpoint-PtQ-wLIS.mjs";
-import { EndpointBuilder } from "./EndpointBuilder-BPHpUekp.mjs";
+import { Authorizer, BuiltInSecuritySchemeId, SecurityScheme } from "./Authorizer-D1w7MpK6.mjs";
+import { ActorExtractor, AuthorizeFn, SessionFn } from "./Endpoint-DoY1Owv2.mjs";
+import { EndpointBuilder } from "./EndpointBuilder-BJRkivxQ.mjs";
 import { Service } from "@geekmidas/services";
 import { AuditStorage, AuditableAction, ExtractStorageAuditAction } from "@geekmidas/audit";
 import { EventPublisher, MappedEvent } from "@geekmidas/events";
 import { Logger } from "@geekmidas/logger";
 //#region src/endpoints/EndpointFactory.d.ts
-declare class EndpointFactory<TServices extends Service[] = [], TBasePath extends string = '', TLogger extends Logger = Logger, TSession = unknown, TEventPublisher extends EventPublisher<any> | undefined = undefined, TEventPublisherServiceName extends string = string, TAuthorizers extends readonly string[] = readonly string[], TAuditStorage extends AuditStorage<any> | undefined = undefined, TAuditStorageServiceName extends string = string, TAuditAction extends AuditableAction<string, unknown> = ExtractStorageAuditAction<NonNullable<TAuditStorage>>, TDatabase = undefined, TDatabaseServiceName extends string = string> {
+declare class EndpointFactory<TServices extends Service[] = [], TBasePath extends string = '', TLogger extends Logger = Logger, TSession = unknown, TEventPublisher extends EventPublisher<any> | undefined = undefined, TEventPublisherServiceName extends string = string, TAuthorizers extends readonly string[] = readonly string[], TAuditStorage extends AuditStorage<any> | undefined = undefined, TAuditStorageServiceName extends string = string, TAuditAction extends AuditableAction<string, unknown> = ExtractStorageAuditAction<NonNullable<TAuditStorage>>, TDatabase = undefined, TDatabaseServiceName extends string = string, TSecuritySchemes extends Record<string, SecurityScheme> = Record<string, SecurityScheme>> {
   private defaultServices;
   private basePath;
   private defaultAuthorizeFn?;
@@ -19,6 +19,7 @@ declare class EndpointFactory<TServices extends Service[] = [], TBasePath extend
   private defaultAuditorStorage;
   private defaultDatabaseService;
   private defaultActorExtractor?;
+  private customSecuritySchemes;
   constructor({
     basePath,
     defaultAuthorizeFn,
@@ -30,32 +31,61 @@ declare class EndpointFactory<TServices extends Service[] = [], TBasePath extend
     defaultAuthorizerName,
     defaultAuditorStorage,
     defaultDatabaseService,
-    defaultActorExtractor
-  }?: EndpointFactoryOptions<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TDatabase, TDatabaseServiceName>);
+    defaultActorExtractor,
+    customSecuritySchemes
+  }?: EndpointFactoryOptions<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TDatabase, TDatabaseServiceName, TSecuritySchemes>);
   static joinPaths<TBasePath extends string, P extends string>(path: P, basePath?: TBasePath): JoinPaths<TBasePath, P>;
-  authorizers<const T extends readonly string[]>(authorizers: T): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, T, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
-  route<TPath extends string>(path: TPath): EndpointFactory<TServices, JoinPaths<TBasePath, TPath>, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
-  authorize(fn: AuthorizeFn<TServices, TLogger, TSession>): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
-  services<S extends Service[]>(services: S): EndpointFactory<[...S, ...TServices], TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
-  logger<L extends Logger>(logger: L): EndpointFactory<TServices, TBasePath, L, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
-  publisher<T extends EventPublisher<any>, TServiceName extends string = string>(publisher: Service<TServiceName, T>): EndpointFactory<TServices, TBasePath, TLogger, TSession, T, TServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
-  session<T>(session: SessionFn<TServices, TLogger, T, TDatabase>): EndpointFactory<TServices, TBasePath, TLogger, T, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
+  authorizers<const T extends readonly string[]>(authorizers: T): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, T, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
+  /**
+   * Define custom security schemes for this factory.
+   * These extend the built-in schemes (jwt, bearer, apiKey, oauth2, oidc).
+   *
+   * @example
+   * ```typescript
+   * const router = e.securitySchemes({
+   *   awsIamSigV4: {
+   *     type: 'apiKey',
+   *     in: 'header',
+   *     name: 'Authorization',
+   *     'x-amazon-apigateway-authtype': 'awsSigv4',
+   *   },
+   * });
+   * ```
+   */
+  securitySchemes<T extends Record<string, SecurityScheme>>(schemes: T): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes & T>;
+  /**
+   * Set the default authorizer for all endpoints created from this factory.
+   * Individual endpoints can override this by calling `.authorizer()` on the builder.
+   * Use `'none'` to explicitly disable authorization for all endpoints.
+   *
+   * Accepts:
+   * - Built-in security scheme names: 'jwt', 'bearer', 'apiKey', 'oauth2', 'oidc'
+   * - Custom security scheme names defined via `.securitySchemes()`
+   * - 'none' to disable authorization
+   */
+  authorizer(name: BuiltInSecuritySchemeId | keyof TSecuritySchemes | TAuthorizers[number] | 'none'): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
+  route<TPath extends string>(path: TPath): EndpointFactory<TServices, JoinPaths<TBasePath, TPath>, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
+  authorize(fn: AuthorizeFn<TServices, TLogger, TSession>): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
+  services<S extends Service[]>(services: S): EndpointFactory<[...S, ...TServices], TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
+  logger<L extends Logger>(logger: L): EndpointFactory<TServices, TBasePath, L, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
+  publisher<T extends EventPublisher<any>, TServiceName extends string = string>(publisher: Service<TServiceName, T>): EndpointFactory<TServices, TBasePath, TLogger, TSession, T, TServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
+  session<T>(session: SessionFn<TServices, TLogger, T, TDatabase>): EndpointFactory<TServices, TBasePath, TLogger, T, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
   /**
    * Set the database service for endpoints created from this factory.
    * The database will be available in handler context as `db`.
    */
-  database<T, TName extends string>(service: Service<TName, T>): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, T, TName>;
+  database<T, TName extends string>(service: Service<TName, T>): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, T, TName, TSecuritySchemes>;
   /**
    * Set the auditor storage service for endpoints created from this factory.
    * This enables audit functionality and makes `auditor` available in handler context.
    * The audit action type is automatically inferred from the storage's generic parameter.
    */
-  auditor<T extends AuditStorage<any>, TName extends string>(storage: Service<TName, T>): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, T, TName, ExtractStorageAuditAction<T>, TDatabase, TDatabaseServiceName>;
+  auditor<T extends AuditStorage<any>, TName extends string>(storage: Service<TName, T>): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, T, TName, ExtractStorageAuditAction<T>, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
   /**
    * Set the actor extractor function for endpoints created from this factory.
    * The actor is extracted from the request context and attached to all audits.
    */
-  actor(extractor: ActorExtractor<TServices, TSession, TLogger>): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
+  actor(extractor: ActorExtractor<TServices, TSession, TLogger>): EndpointFactory<TServices, TBasePath, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName, TSecuritySchemes>;
   private createBuilder;
   post<TPath extends string>(path: TPath): EndpointBuilder<RemoveTrailingSlash<TBasePath extends "" ? TPath : TPath extends "" ? TBasePath : TBasePath extends "/" ? TPath extends `/${string}` ? TPath : `/${TPath}` : TBasePath extends `${infer Base}/` ? TPath extends `/${infer Rest}` ? `${Base}/${Rest}` : `${Base}/${TPath}` : TPath extends `/${infer Rest_1}` ? `${TBasePath}/${Rest_1}` : `${TBasePath}/${TPath}`>, "POST", {}, TServices, TLogger, undefined, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
   get<TPath extends string>(path: TPath): EndpointBuilder<RemoveTrailingSlash<TBasePath extends "" ? TPath : TPath extends "" ? TBasePath : TBasePath extends "/" ? TPath extends `/${string}` ? TPath : `/${TPath}` : TBasePath extends `${infer Base}/` ? TPath extends `/${infer Rest}` ? `${Base}/${Rest}` : `${Base}/${TPath}` : TPath extends `/${infer Rest_1}` ? `${TBasePath}/${Rest_1}` : `${TBasePath}/${TPath}`>, "GET", {}, TServices, TLogger, undefined, TSession, TEventPublisher, TEventPublisherServiceName, TAuthorizers, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>;
@@ -66,7 +96,7 @@ declare class EndpointFactory<TServices extends Service[] = [], TBasePath extend
 }
 type RemoveTrailingSlash<T extends string> = T extends `${infer Rest}/` ? Rest extends '' ? T : Rest : T;
 type JoinPaths<TBasePath extends string, TPath extends string> = RemoveTrailingSlash<TBasePath extends '' ? TPath : TPath extends '' ? TBasePath : TBasePath extends '/' ? TPath extends `/${string}` ? TPath : `/${TPath}` : TBasePath extends `${infer Base}/` ? TPath extends `/${infer Rest}` ? `${Base}/${Rest}` : `${Base}/${TPath}` : TPath extends `/${infer Rest}` ? `${TBasePath}/${Rest}` : `${TBasePath}/${TPath}`>;
-interface EndpointFactoryOptions<TServices extends Service[] = [], TBasePath extends string = '', TLogger extends Logger = Logger, TSession = unknown, TEventPublisher extends EventPublisher<any> | undefined = undefined, TEventPublisherServiceName extends string = string, TAuthorizers extends readonly string[] = readonly string[], TAuditStorage extends AuditStorage | undefined = undefined, TAuditStorageServiceName extends string = string, TDatabase = undefined, TDatabaseServiceName extends string = string> {
+interface EndpointFactoryOptions<TServices extends Service[] = [], TBasePath extends string = '', TLogger extends Logger = Logger, TSession = unknown, TEventPublisher extends EventPublisher<any> | undefined = undefined, TEventPublisherServiceName extends string = string, TAuthorizers extends readonly string[] = readonly string[], TAuditStorage extends AuditStorage | undefined = undefined, TAuditStorageServiceName extends string = string, TDatabase = undefined, TDatabaseServiceName extends string = string, TSecuritySchemes extends Record<string, SecurityScheme> = Record<string, SecurityScheme>> {
   defaultServices?: TServices;
   basePath?: TBasePath;
   defaultAuthorizeFn?: AuthorizeFn<TServices, TLogger, TSession>;
@@ -79,8 +109,9 @@ interface EndpointFactoryOptions<TServices extends Service[] = [], TBasePath ext
   defaultAuditorStorage?: Service<TAuditStorageServiceName, TAuditStorage>;
   defaultDatabaseService?: Service<TDatabaseServiceName, TDatabase>;
   defaultActorExtractor?: ActorExtractor<TServices, TSession, TLogger>;
+  customSecuritySchemes?: TSecuritySchemes;
 }
-declare const e: EndpointFactory<[], "", Logger, unknown, undefined, string, readonly string[], undefined, string, never, undefined, string>;
+declare const e: EndpointFactory<[], "", Logger, unknown, undefined, string, readonly string[], undefined, string, never, undefined, string, Record<string, SecurityScheme>>;
 //#endregion
 export { EndpointFactory, EndpointFactoryOptions, JoinPaths, RemoveTrailingSlash, e };
-//# sourceMappingURL=EndpointFactory-TJ6gtM0W.d.mts.map
+//# sourceMappingURL=EndpointFactory-BKEPcQgE.d.mts.map