npm - @geekmidas/constructs - Versions diffs - 0.0.22 → 0.1.0 - Mend

@geekmidas/constructs 0.0.22 → 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (181) hide show

package/dist/{AmazonApiGatewayV2EndpointAdaptor-6hsBFVLf.d.cts → AmazonApiGatewayV2EndpointAdaptor-DurJvFwa.d.cts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { HttpMethod } from "./types-Bp9ysFXd.cjs";
-import { Endpoint, EndpointSchemas } from "./Endpoint-D2Imgihs.cjs";
-import { AmazonApiGatewayEndpoint, AmazonApiGatewayV2EndpointHandler, GetInputResponse, LoggerContext } from "./AmazonApiGatewayEndpointAdaptor-Da9BR5On.cjs";
+import { Endpoint, EndpointSchemas } from "./Endpoint-BJPJTGjV.cjs";
+import { AmazonApiGatewayEndpoint, AmazonApiGatewayV2EndpointHandler, GetInputResponse, LoggerContext } from "./AmazonApiGatewayEndpointAdaptor-TP_hLNAa.cjs";
 import { EventPublisher } from "@geekmidas/events";
 import { Logger } from "@geekmidas/logger";
 import { Service } from "@geekmidas/services";
@@ -18,4 +18,4 @@ declare class AmazonApiGatewayV2Endpoint<TRoute extends string, TMethod extends
 }
 //#endregion
 export { AmazonApiGatewayV2Endpoint };
-//# sourceMappingURL=AmazonApiGatewayV2EndpointAdaptor-6hsBFVLf.d.cts.map
+//# sourceMappingURL=AmazonApiGatewayV2EndpointAdaptor-DurJvFwa.d.cts.map

package/dist/Authorizer-C0ge_tc8.cjs ADDED Viewed

@@ -0,0 +1,92 @@
+//#region src/endpoints/Authorizer.ts
+/**
+* Built-in security schemes available by default.
+* Users can use these without defining them via .securitySchemes().
+*/
+const BUILT_IN_SECURITY_SCHEMES = {
+	jwt: {
+		type: "http",
+		scheme: "bearer",
+		bearerFormat: "JWT",
+		description: "JWT Bearer token authentication"
+	},
+	bearer: {
+		type: "http",
+		scheme: "bearer",
+		description: "Bearer token authentication"
+	},
+	apiKey: {
+		type: "apiKey",
+		in: "header",
+		name: "X-API-Key",
+		description: "API key authentication via header"
+	},
+	oauth2: {
+		type: "oauth2",
+		flows: {},
+		description: "OAuth 2.0 authentication"
+	},
+	oidc: {
+		type: "openIdConnect",
+		openIdConnectUrl: "",
+		description: "OpenID Connect authentication"
+	},
+	iam: {
+		type: "apiKey",
+		in: "header",
+		name: "Authorization",
+		description: "AWS IAM Signature Version 4 authentication",
+		"x-amazon-apigateway-authtype": "awsSigv4"
+	}
+};
+/**
+* Helper to create an authorizer configuration
+*/
+function createAuthorizer(name, options) {
+	return {
+		name,
+		...options
+	};
+}
+/**
+* Check if a name is a built-in security scheme
+*/
+function isBuiltInSecurityScheme(name) {
+	return name in BUILT_IN_SECURITY_SCHEMES;
+}
+/**
+* Get a security scheme by name (built-in or custom)
+*/
+function getSecurityScheme(name, customSchemes) {
+	if (customSchemes && name in customSchemes) return customSchemes[name];
+	if (isBuiltInSecurityScheme(name)) return BUILT_IN_SECURITY_SCHEMES[name];
+	return void 0;
+}
+//#endregion
+Object.defineProperty(exports, 'BUILT_IN_SECURITY_SCHEMES', {
+  enumerable: true,
+  get: function () {
+    return BUILT_IN_SECURITY_SCHEMES;
+  }
+});
+Object.defineProperty(exports, 'createAuthorizer', {
+  enumerable: true,
+  get: function () {
+    return createAuthorizer;
+  }
+});
+Object.defineProperty(exports, 'getSecurityScheme', {
+  enumerable: true,
+  get: function () {
+    return getSecurityScheme;
+  }
+});
+Object.defineProperty(exports, 'isBuiltInSecurityScheme', {
+  enumerable: true,
+  get: function () {
+    return isBuiltInSecurityScheme;
+  }
+});
+//# sourceMappingURL=Authorizer-C0ge_tc8.cjs.map

package/dist/Authorizer-C0ge_tc8.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Authorizer-C0ge_tc8.cjs","names":["name: string","options?: Omit<Authorizer, 'name'>","customSchemes?: Record<string, SecurityScheme>"],"sources":["../src/endpoints/Authorizer.ts"],"sourcesContent":["/**\n * OpenAPI 3.1 compliant security scheme definition.\n * @see https://spec.openapis.org/oas/v3.1.0#security-scheme-object\n */\nexport interface SecurityScheme {\n /** The type of the security scheme */\n type: 'apiKey' | 'http' | 'mutualTLS' | 'oauth2' | 'openIdConnect';\n /** A description for security scheme */\n description?: string;\n /** Required for apiKey. The name of the header, query or cookie parameter */\n name?: string;\n /** Required for apiKey. The location of the API key */\n in?: 'query' | 'header' | 'cookie';\n /** Required for http. The name of the HTTP Authorization scheme (e.g., 'bearer') */\n scheme?: string;\n /** Optional for http bearer. A hint to the format of the bearer token */\n bearerFormat?: string;\n /** Required for oauth2. An object containing configuration for the flow types */\n flows?: OAuthFlows;\n /** Required for openIdConnect. The URL to discover OAuth2 configuration */\n openIdConnectUrl?: string;\n /** Vendor extensions (e.g., x-amazon-apigateway-authtype) */\n [key: `x-${string}`]: unknown;\n}\n\n/**\n * OAuth2 flow configuration\n */\nexport interface OAuthFlows {\n implicit?: OAuthFlow;\n password?: OAuthFlow;\n clientCredentials?: OAuthFlow;\n authorizationCode?: OAuthFlow;\n}\n\nexport interface OAuthFlow {\n authorizationUrl?: string;\n tokenUrl?: string;\n refreshUrl?: string;\n scopes: Record<string, string>;\n}\n\n/**\n * Built-in security schemes available by default.\n * Users can use these without defining them via .securitySchemes().\n */\nexport const BUILT_IN_SECURITY_SCHEMES = {\n jwt: {\n type: 'http',\n scheme: 'bearer',\n bearerFormat: 'JWT',\n description: 'JWT Bearer token authentication',\n },\n bearer: {\n type: 'http',\n scheme: 'bearer',\n description: 'Bearer token authentication',\n },\n apiKey: {\n type: 'apiKey',\n in: 'header',\n name: 'X-API-Key',\n description: 'API key authentication via header',\n },\n oauth2: {\n type: 'oauth2',\n flows: {},\n description: 'OAuth 2.0 authentication',\n },\n oidc: {\n type: 'openIdConnect',\n openIdConnectUrl: '',\n description: 'OpenID Connect authentication',\n },\n iam: {\n type: 'apiKey',\n in: 'header',\n name: 'Authorization',\n description: 'AWS IAM Signature Version 4 authentication',\n 'x-amazon-apigateway-authtype': 'awsSigv4',\n },\n} as const satisfies Record<string, SecurityScheme>;\n\n/** Names of built-in security schemes */\nexport type BuiltInSecuritySchemeId = keyof typeof BUILT_IN_SECURITY_SCHEMES;\n\n/**\n * Represents an authorizer configuration for endpoints\n */\nexport interface Authorizer {\n /**\n * Unique identifier for the authorizer\n */\n name: string;\n /**\n * The OpenAPI security scheme definition for this authorizer\n */\n securityScheme?: SecurityScheme;\n /**\n * Type of authorizer (e.g., 'iam', 'jwt', 'custom')\n * @deprecated Use securityScheme.type instead\n */\n type?: string;\n /**\n * Description of what this authorizer does\n * @deprecated Use securityScheme.description instead\n */\n description?: string;\n /**\n * Additional metadata specific to the authorizer type\n * @deprecated Use securityScheme with x-* extensions instead\n */\n metadata?: Record<string, unknown>;\n}\n\n/**\n * Helper to create an authorizer configuration\n */\nexport function createAuthorizer(\n name: string,\n options?: Omit<Authorizer, 'name'>,\n): Authorizer {\n return {\n name,\n ...options,\n };\n}\n\n/**\n * Check if a name is a built-in security scheme\n */\nexport function isBuiltInSecurityScheme(\n name: string,\n): name is BuiltInSecuritySchemeId {\n return name in BUILT_IN_SECURITY_SCHEMES;\n}\n\n/**\n * Get a security scheme by name (built-in or custom)\n */\nexport function getSecurityScheme(\n name: string,\n customSchemes?: Record<string, SecurityScheme>,\n): SecurityScheme | undefined {\n if (customSchemes && name in customSchemes) {\n return customSchemes[name];\n }\n if (isBuiltInSecurityScheme(name)) {\n return BUILT_IN_SECURITY_SCHEMES[name];\n }\n return undefined;\n}\n"],"mappings":";;;;;;AA8CA,MAAa,4BAA4B;CACvC,KAAK;EACH,MAAM;EACN,QAAQ;EACR,cAAc;EACd,aAAa;CACd;CACD,QAAQ;EACN,MAAM;EACN,QAAQ;EACR,aAAa;CACd;CACD,QAAQ;EACN,MAAM;EACN,IAAI;EACJ,MAAM;EACN,aAAa;CACd;CACD,QAAQ;EACN,MAAM;EACN,OAAO,CAAE;EACT,aAAa;CACd;CACD,MAAM;EACJ,MAAM;EACN,kBAAkB;EAClB,aAAa;CACd;CACD,KAAK;EACH,MAAM;EACN,IAAI;EACJ,MAAM;EACN,aAAa;EACb,gCAAgC;CACjC;AACF;;;;AAqCD,SAAgB,iBACdA,MACAC,SACY;AACZ,QAAO;EACL;EACA,GAAG;CACJ;AACF;;;;AAKD,SAAgB,wBACdD,MACiC;AACjC,QAAO,QAAQ;AAChB;;;;AAKD,SAAgB,kBACdA,MACAE,eAC4B;AAC5B,KAAI,iBAAiB,QAAQ,cAC3B,QAAO,cAAc;AAEvB,KAAI,wBAAwB,KAAK,CAC/B,QAAO,0BAA0B;AAEnC;AACD"}

package/dist/Authorizer-CpSUMTIs.d.cts ADDED Viewed

@@ -0,0 +1,125 @@
+//#region src/endpoints/Authorizer.d.ts
+/**
+ * OpenAPI 3.1 compliant security scheme definition.
+ * @see https://spec.openapis.org/oas/v3.1.0#security-scheme-object
+ */
+interface SecurityScheme {
+  /** The type of the security scheme */
+  type: 'apiKey' | 'http' | 'mutualTLS' | 'oauth2' | 'openIdConnect';
+  /** A description for security scheme */
+  description?: string;
+  /** Required for apiKey. The name of the header, query or cookie parameter */
+  name?: string;
+  /** Required for apiKey. The location of the API key */
+  in?: 'query' | 'header' | 'cookie';
+  /** Required for http. The name of the HTTP Authorization scheme (e.g., 'bearer') */
+  scheme?: string;
+  /** Optional for http bearer. A hint to the format of the bearer token */
+  bearerFormat?: string;
+  /** Required for oauth2. An object containing configuration for the flow types */
+  flows?: OAuthFlows;
+  /** Required for openIdConnect. The URL to discover OAuth2 configuration */
+  openIdConnectUrl?: string;
+  /** Vendor extensions (e.g., x-amazon-apigateway-authtype) */
+  [key: `x-${string}`]: unknown;
+}
+/**
+ * OAuth2 flow configuration
+ */
+interface OAuthFlows {
+  implicit?: OAuthFlow;
+  password?: OAuthFlow;
+  clientCredentials?: OAuthFlow;
+  authorizationCode?: OAuthFlow;
+}
+interface OAuthFlow {
+  authorizationUrl?: string;
+  tokenUrl?: string;
+  refreshUrl?: string;
+  scopes: Record<string, string>;
+}
+/**
+ * Built-in security schemes available by default.
+ * Users can use these without defining them via .securitySchemes().
+ */
+declare const BUILT_IN_SECURITY_SCHEMES: {
+  readonly jwt: {
+    readonly type: "http";
+    readonly scheme: "bearer";
+    readonly bearerFormat: "JWT";
+    readonly description: "JWT Bearer token authentication";
+  };
+  readonly bearer: {
+    readonly type: "http";
+    readonly scheme: "bearer";
+    readonly description: "Bearer token authentication";
+  };
+  readonly apiKey: {
+    readonly type: "apiKey";
+    readonly in: "header";
+    readonly name: "X-API-Key";
+    readonly description: "API key authentication via header";
+  };
+  readonly oauth2: {
+    readonly type: "oauth2";
+    readonly flows: {};
+    readonly description: "OAuth 2.0 authentication";
+  };
+  readonly oidc: {
+    readonly type: "openIdConnect";
+    readonly openIdConnectUrl: "";
+    readonly description: "OpenID Connect authentication";
+  };
+  readonly iam: {
+    readonly type: "apiKey";
+    readonly in: "header";
+    readonly name: "Authorization";
+    readonly description: "AWS IAM Signature Version 4 authentication";
+    readonly 'x-amazon-apigateway-authtype': "awsSigv4";
+  };
+};
+/** Names of built-in security schemes */
+type BuiltInSecuritySchemeId = keyof typeof BUILT_IN_SECURITY_SCHEMES;
+/**
+ * Represents an authorizer configuration for endpoints
+ */
+interface Authorizer {
+  /**
+   * Unique identifier for the authorizer
+   */
+  name: string;
+  /**
+   * The OpenAPI security scheme definition for this authorizer
+   */
+  securityScheme?: SecurityScheme;
+  /**
+   * Type of authorizer (e.g., 'iam', 'jwt', 'custom')
+   * @deprecated Use securityScheme.type instead
+   */
+  type?: string;
+  /**
+   * Description of what this authorizer does
+   * @deprecated Use securityScheme.description instead
+   */
+  description?: string;
+  /**
+   * Additional metadata specific to the authorizer type
+   * @deprecated Use securityScheme with x-* extensions instead
+   */
+  metadata?: Record<string, unknown>;
+}
+/**
+ * Helper to create an authorizer configuration
+ */
+declare function createAuthorizer(name: string, options?: Omit<Authorizer, 'name'>): Authorizer;
+/**
+ * Check if a name is a built-in security scheme
+ */
+declare function isBuiltInSecurityScheme(name: string): name is BuiltInSecuritySchemeId;
+/**
+ * Get a security scheme by name (built-in or custom)
+ */
+declare function getSecurityScheme(name: string, customSchemes?: Record<string, SecurityScheme>): SecurityScheme | undefined;
+//#endregion
+export { Authorizer, BUILT_IN_SECURITY_SCHEMES, BuiltInSecuritySchemeId, OAuthFlow, OAuthFlows, SecurityScheme, createAuthorizer, getSecurityScheme, isBuiltInSecurityScheme };
+//# sourceMappingURL=Authorizer-CpSUMTIs.d.cts.map

package/dist/Authorizer-D1w7MpK6.d.mts ADDED Viewed

@@ -0,0 +1,125 @@
+//#region src/endpoints/Authorizer.d.ts
+/**
+ * OpenAPI 3.1 compliant security scheme definition.
+ * @see https://spec.openapis.org/oas/v3.1.0#security-scheme-object
+ */
+interface SecurityScheme {
+  /** The type of the security scheme */
+  type: 'apiKey' | 'http' | 'mutualTLS' | 'oauth2' | 'openIdConnect';
+  /** A description for security scheme */
+  description?: string;
+  /** Required for apiKey. The name of the header, query or cookie parameter */
+  name?: string;
+  /** Required for apiKey. The location of the API key */
+  in?: 'query' | 'header' | 'cookie';
+  /** Required for http. The name of the HTTP Authorization scheme (e.g., 'bearer') */
+  scheme?: string;
+  /** Optional for http bearer. A hint to the format of the bearer token */
+  bearerFormat?: string;
+  /** Required for oauth2. An object containing configuration for the flow types */
+  flows?: OAuthFlows;
+  /** Required for openIdConnect. The URL to discover OAuth2 configuration */
+  openIdConnectUrl?: string;
+  /** Vendor extensions (e.g., x-amazon-apigateway-authtype) */
+  [key: `x-${string}`]: unknown;
+}
+/**
+ * OAuth2 flow configuration
+ */
+interface OAuthFlows {
+  implicit?: OAuthFlow;
+  password?: OAuthFlow;
+  clientCredentials?: OAuthFlow;
+  authorizationCode?: OAuthFlow;
+}
+interface OAuthFlow {
+  authorizationUrl?: string;
+  tokenUrl?: string;
+  refreshUrl?: string;
+  scopes: Record<string, string>;
+}
+/**
+ * Built-in security schemes available by default.
+ * Users can use these without defining them via .securitySchemes().
+ */
+declare const BUILT_IN_SECURITY_SCHEMES: {
+  readonly jwt: {
+    readonly type: "http";
+    readonly scheme: "bearer";
+    readonly bearerFormat: "JWT";
+    readonly description: "JWT Bearer token authentication";
+  };
+  readonly bearer: {
+    readonly type: "http";
+    readonly scheme: "bearer";
+    readonly description: "Bearer token authentication";
+  };
+  readonly apiKey: {
+    readonly type: "apiKey";
+    readonly in: "header";
+    readonly name: "X-API-Key";
+    readonly description: "API key authentication via header";
+  };
+  readonly oauth2: {
+    readonly type: "oauth2";
+    readonly flows: {};
+    readonly description: "OAuth 2.0 authentication";
+  };
+  readonly oidc: {
+    readonly type: "openIdConnect";
+    readonly openIdConnectUrl: "";
+    readonly description: "OpenID Connect authentication";
+  };
+  readonly iam: {
+    readonly type: "apiKey";
+    readonly in: "header";
+    readonly name: "Authorization";
+    readonly description: "AWS IAM Signature Version 4 authentication";
+    readonly 'x-amazon-apigateway-authtype': "awsSigv4";
+  };
+};
+/** Names of built-in security schemes */
+type BuiltInSecuritySchemeId = keyof typeof BUILT_IN_SECURITY_SCHEMES;
+/**
+ * Represents an authorizer configuration for endpoints
+ */
+interface Authorizer {
+  /**
+   * Unique identifier for the authorizer
+   */
+  name: string;
+  /**
+   * The OpenAPI security scheme definition for this authorizer
+   */
+  securityScheme?: SecurityScheme;
+  /**
+   * Type of authorizer (e.g., 'iam', 'jwt', 'custom')
+   * @deprecated Use securityScheme.type instead
+   */
+  type?: string;
+  /**
+   * Description of what this authorizer does
+   * @deprecated Use securityScheme.description instead
+   */
+  description?: string;
+  /**
+   * Additional metadata specific to the authorizer type
+   * @deprecated Use securityScheme with x-* extensions instead
+   */
+  metadata?: Record<string, unknown>;
+}
+/**
+ * Helper to create an authorizer configuration
+ */
+declare function createAuthorizer(name: string, options?: Omit<Authorizer, 'name'>): Authorizer;
+/**
+ * Check if a name is a built-in security scheme
+ */
+declare function isBuiltInSecurityScheme(name: string): name is BuiltInSecuritySchemeId;
+/**
+ * Get a security scheme by name (built-in or custom)
+ */
+declare function getSecurityScheme(name: string, customSchemes?: Record<string, SecurityScheme>): SecurityScheme | undefined;
+//#endregion
+export { Authorizer, BUILT_IN_SECURITY_SCHEMES, BuiltInSecuritySchemeId, OAuthFlow, OAuthFlows, SecurityScheme, createAuthorizer, getSecurityScheme, isBuiltInSecurityScheme };
+//# sourceMappingURL=Authorizer-D1w7MpK6.d.mts.map

package/dist/Authorizer-r9U3y_ms.mjs ADDED Viewed

@@ -0,0 +1,68 @@
+//#region src/endpoints/Authorizer.ts
+/**
+* Built-in security schemes available by default.
+* Users can use these without defining them via .securitySchemes().
+*/
+const BUILT_IN_SECURITY_SCHEMES = {
+	jwt: {
+		type: "http",
+		scheme: "bearer",
+		bearerFormat: "JWT",
+		description: "JWT Bearer token authentication"
+	},
+	bearer: {
+		type: "http",
+		scheme: "bearer",
+		description: "Bearer token authentication"
+	},
+	apiKey: {
+		type: "apiKey",
+		in: "header",
+		name: "X-API-Key",
+		description: "API key authentication via header"
+	},
+	oauth2: {
+		type: "oauth2",
+		flows: {},
+		description: "OAuth 2.0 authentication"
+	},
+	oidc: {
+		type: "openIdConnect",
+		openIdConnectUrl: "",
+		description: "OpenID Connect authentication"
+	},
+	iam: {
+		type: "apiKey",
+		in: "header",
+		name: "Authorization",
+		description: "AWS IAM Signature Version 4 authentication",
+		"x-amazon-apigateway-authtype": "awsSigv4"
+	}
+};
+/**
+* Helper to create an authorizer configuration
+*/
+function createAuthorizer(name, options) {
+	return {
+		name,
+		...options
+	};
+}
+/**
+* Check if a name is a built-in security scheme
+*/
+function isBuiltInSecurityScheme(name) {
+	return name in BUILT_IN_SECURITY_SCHEMES;
+}
+/**
+* Get a security scheme by name (built-in or custom)
+*/
+function getSecurityScheme(name, customSchemes) {
+	if (customSchemes && name in customSchemes) return customSchemes[name];
+	if (isBuiltInSecurityScheme(name)) return BUILT_IN_SECURITY_SCHEMES[name];
+	return void 0;
+}
+//#endregion
+export { BUILT_IN_SECURITY_SCHEMES, createAuthorizer, getSecurityScheme, isBuiltInSecurityScheme };
+//# sourceMappingURL=Authorizer-r9U3y_ms.mjs.map

package/dist/Authorizer-r9U3y_ms.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"Authorizer-r9U3y_ms.mjs","names":["name: string","options?: Omit<Authorizer, 'name'>","customSchemes?: Record<string, SecurityScheme>"],"sources":["../src/endpoints/Authorizer.ts"],"sourcesContent":["/**\n * OpenAPI 3.1 compliant security scheme definition.\n * @see https://spec.openapis.org/oas/v3.1.0#security-scheme-object\n */\nexport interface SecurityScheme {\n /** The type of the security scheme */\n type: 'apiKey' | 'http' | 'mutualTLS' | 'oauth2' | 'openIdConnect';\n /** A description for security scheme */\n description?: string;\n /** Required for apiKey. The name of the header, query or cookie parameter */\n name?: string;\n /** Required for apiKey. The location of the API key */\n in?: 'query' | 'header' | 'cookie';\n /** Required for http. The name of the HTTP Authorization scheme (e.g., 'bearer') */\n scheme?: string;\n /** Optional for http bearer. A hint to the format of the bearer token */\n bearerFormat?: string;\n /** Required for oauth2. An object containing configuration for the flow types */\n flows?: OAuthFlows;\n /** Required for openIdConnect. The URL to discover OAuth2 configuration */\n openIdConnectUrl?: string;\n /** Vendor extensions (e.g., x-amazon-apigateway-authtype) */\n [key: `x-${string}`]: unknown;\n}\n\n/**\n * OAuth2 flow configuration\n */\nexport interface OAuthFlows {\n implicit?: OAuthFlow;\n password?: OAuthFlow;\n clientCredentials?: OAuthFlow;\n authorizationCode?: OAuthFlow;\n}\n\nexport interface OAuthFlow {\n authorizationUrl?: string;\n tokenUrl?: string;\n refreshUrl?: string;\n scopes: Record<string, string>;\n}\n\n/**\n * Built-in security schemes available by default.\n * Users can use these without defining them via .securitySchemes().\n */\nexport const BUILT_IN_SECURITY_SCHEMES = {\n jwt: {\n type: 'http',\n scheme: 'bearer',\n bearerFormat: 'JWT',\n description: 'JWT Bearer token authentication',\n },\n bearer: {\n type: 'http',\n scheme: 'bearer',\n description: 'Bearer token authentication',\n },\n apiKey: {\n type: 'apiKey',\n in: 'header',\n name: 'X-API-Key',\n description: 'API key authentication via header',\n },\n oauth2: {\n type: 'oauth2',\n flows: {},\n description: 'OAuth 2.0 authentication',\n },\n oidc: {\n type: 'openIdConnect',\n openIdConnectUrl: '',\n description: 'OpenID Connect authentication',\n },\n iam: {\n type: 'apiKey',\n in: 'header',\n name: 'Authorization',\n description: 'AWS IAM Signature Version 4 authentication',\n 'x-amazon-apigateway-authtype': 'awsSigv4',\n },\n} as const satisfies Record<string, SecurityScheme>;\n\n/** Names of built-in security schemes */\nexport type BuiltInSecuritySchemeId = keyof typeof BUILT_IN_SECURITY_SCHEMES;\n\n/**\n * Represents an authorizer configuration for endpoints\n */\nexport interface Authorizer {\n /**\n * Unique identifier for the authorizer\n */\n name: string;\n /**\n * The OpenAPI security scheme definition for this authorizer\n */\n securityScheme?: SecurityScheme;\n /**\n * Type of authorizer (e.g., 'iam', 'jwt', 'custom')\n * @deprecated Use securityScheme.type instead\n */\n type?: string;\n /**\n * Description of what this authorizer does\n * @deprecated Use securityScheme.description instead\n */\n description?: string;\n /**\n * Additional metadata specific to the authorizer type\n * @deprecated Use securityScheme with x-* extensions instead\n */\n metadata?: Record<string, unknown>;\n}\n\n/**\n * Helper to create an authorizer configuration\n */\nexport function createAuthorizer(\n name: string,\n options?: Omit<Authorizer, 'name'>,\n): Authorizer {\n return {\n name,\n ...options,\n };\n}\n\n/**\n * Check if a name is a built-in security scheme\n */\nexport function isBuiltInSecurityScheme(\n name: string,\n): name is BuiltInSecuritySchemeId {\n return name in BUILT_IN_SECURITY_SCHEMES;\n}\n\n/**\n * Get a security scheme by name (built-in or custom)\n */\nexport function getSecurityScheme(\n name: string,\n customSchemes?: Record<string, SecurityScheme>,\n): SecurityScheme | undefined {\n if (customSchemes && name in customSchemes) {\n return customSchemes[name];\n }\n if (isBuiltInSecurityScheme(name)) {\n return BUILT_IN_SECURITY_SCHEMES[name];\n }\n return undefined;\n}\n"],"mappings":";;;;;AA8CA,MAAa,4BAA4B;CACvC,KAAK;EACH,MAAM;EACN,QAAQ;EACR,cAAc;EACd,aAAa;CACd;CACD,QAAQ;EACN,MAAM;EACN,QAAQ;EACR,aAAa;CACd;CACD,QAAQ;EACN,MAAM;EACN,IAAI;EACJ,MAAM;EACN,aAAa;CACd;CACD,QAAQ;EACN,MAAM;EACN,OAAO,CAAE;EACT,aAAa;CACd;CACD,MAAM;EACJ,MAAM;EACN,kBAAkB;EAClB,aAAa;CACd;CACD,KAAK;EACH,MAAM;EACN,IAAI;EACJ,MAAM;EACN,aAAa;EACb,gCAAgC;CACjC;AACF;;;;AAqCD,SAAgB,iBACdA,MACAC,SACY;AACZ,QAAO;EACL;EACA,GAAG;CACJ;AACF;;;;AAKD,SAAgB,wBACdD,MACiC;AACjC,QAAO,QAAQ;AAChB;;;;AAKD,SAAgB,kBACdA,MACAE,eAC4B;AAC5B,KAAI,iBAAiB,QAAQ,cAC3B,QAAO,cAAc;AAEvB,KAAI,wBAAwB,KAAK,CAC/B,QAAO,0BAA0B;AAEnC;AACD"}

package/dist/{BaseFunctionBuilder-Ct6zY6Jq.d.mts → BaseFunctionBuilder-Oc2xmxmg.d.mts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { ConstructType } from "./Construct-DDR0295I.mjs";
+import { ConstructType } from "./Construct-DCPATqec.mjs";
 import { Service } from "@geekmidas/services";
 import { AuditStorage } from "@geekmidas/audit";
 import { EventPublisher, MappedEvent } from "@geekmidas/events";
@@ -37,4 +37,4 @@ declare abstract class BaseFunctionBuilder<TInput extends ComposableStandardSche
 }
 //#endregion
 export { BaseFunctionBuilder };
-//# sourceMappingURL=BaseFunctionBuilder-Ct6zY6Jq.d.mts.map
+//# sourceMappingURL=BaseFunctionBuilder-Oc2xmxmg.d.mts.map

package/dist/{Construct-DDR0295I.d.mts → Construct-DCPATqec.d.mts} RENAMED Viewed

@@ -46,4 +46,4 @@ declare enum ConstructType {
 }
 //#endregion
 export { Construct, ConstructType };
-//# sourceMappingURL=Construct-DDR0295I.d.mts.map
+//# sourceMappingURL=Construct-DCPATqec.d.mts.map

package/dist/Construct.d.mts CHANGED Viewed

@@ -1,2 +1,2 @@
-import { Construct, ConstructType } from "./Construct-DDR0295I.mjs";
+import { Construct, ConstructType } from "./Construct-DCPATqec.mjs";
 export { Construct, ConstructType };

package/dist/{Cron-DnMRWPFR.d.mts → Cron-DPEcDCDW.d.mts} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { Function, FunctionHandler } from "./Function-CD3rXWfa.mjs";
+import { Function, FunctionHandler } from "./Function-Dthlh2Fb.mjs";
 import { Service } from "@geekmidas/services";
 import { AuditableAction } from "@geekmidas/audit";
 import { EventPublisher } from "@geekmidas/events";
@@ -23,4 +23,4 @@ type CronExpression = `cron(${CronMinute} ${CronHour} ${CronDay} ${CronMonth} ${
 type ScheduleExpression = RateExpression | CronExpression;
 //#endregion
 export { Cron, CronExpression, RateExpression, ScheduleExpression };
-//# sourceMappingURL=Cron-DnMRWPFR.d.mts.map
+//# sourceMappingURL=Cron-DPEcDCDW.d.mts.map

package/dist/{CronBuilder-RLDitFmP.d.mts → CronBuilder-CxKTiepV.d.mts} RENAMED Viewed

@@ -1,6 +1,6 @@
-import { FunctionHandler } from "./Function-CD3rXWfa.mjs";
-import { FunctionBuilder } from "./FunctionBuilder-j2VkwuGf.mjs";
-import { Cron, ScheduleExpression } from "./Cron-DnMRWPFR.mjs";
+import { FunctionHandler } from "./Function-Dthlh2Fb.mjs";
+import { FunctionBuilder } from "./FunctionBuilder-CZFBLfdV.mjs";
+import { Cron, ScheduleExpression } from "./Cron-DPEcDCDW.mjs";
 import { Service } from "@geekmidas/services";
 import { EventPublisher } from "@geekmidas/events";
 import { Logger } from "@geekmidas/logger";
@@ -27,4 +27,4 @@ declare class CronBuilder<TInput extends ComposableStandardSchema, TServices ext
 }
 //#endregion
 export { CronBuilder };
-//# sourceMappingURL=CronBuilder-RLDitFmP.d.mts.map
+//# sourceMappingURL=CronBuilder-CxKTiepV.d.mts.map

package/dist/{Endpoint-D2Imgihs.d.cts → Endpoint-BJPJTGjV.d.cts} RENAMED Viewed

@@ -1,6 +1,6 @@
 import { HttpMethod, LowerHttpMethod, RemoveUndefined } from "./types-Bp9ysFXd.cjs";
 import { Function, FunctionHandler } from "./Function-DHD1V9QW.cjs";
-import { Authorizer } from "./Authorizer-BTmly8ps.cjs";
+import { Authorizer } from "./Authorizer-CpSUMTIs.cjs";
 import { AuditActor, AuditStorage, AuditableAction, Auditor, ExtractAuditPayload, ExtractAuditType } from "@geekmidas/audit";
 import { EventPublisher, ExtractPublisherMessage, MappedEvent } from "@geekmidas/events";
 import { Logger } from "@geekmidas/logger";
@@ -664,4 +664,4 @@ type EndpointOutput<T> = T extends Endpoint<any, any, any, infer OutSchema, any,
 type EndpointEvent<T> = T extends Endpoint<any, any, any, any, any, any, any, infer TEventPublisher> ? ExtractPublisherMessage<TEventPublisher> : never;
 //#endregion
 export { ActorExtractor, AuthorizeContext, AuthorizeFn, ConvertRouteParams, CookieFn, CookieOptions, Endpoint, EndpointAuditorConfig, EndpointContext, EndpointEvent, EndpointHandler, EndpointHeaders, EndpointInput, EndpointOpenApiSchema, EndpointOptions, EndpointOutput, EndpointSchemas, HeaderFn, MappedAudit, MultiHeaderFn, ResponseBuilder, ResponseMetadata, ResponseWithMetadata, SessionContext, SessionFn, SingleHeaderFn, SuccessStatus };
-//# sourceMappingURL=Endpoint-D2Imgihs.d.cts.map
+//# sourceMappingURL=Endpoint-BJPJTGjV.d.cts.map

package/dist/{Endpoint-PtQ-wLIS.d.mts → Endpoint-DoY1Owv2.d.mts} RENAMED Viewed

@@ -1,6 +1,6 @@
-import { HttpMethod, LowerHttpMethod, RemoveUndefined } from "./types-DKf0juBf.mjs";
-import { Function, FunctionHandler } from "./Function-CD3rXWfa.mjs";
-import { Authorizer } from "./Authorizer-pmPvIVgv.mjs";
+import { HttpMethod, LowerHttpMethod, RemoveUndefined } from "./types-Cy1IhmUB.mjs";
+import { Function, FunctionHandler } from "./Function-Dthlh2Fb.mjs";
+import { Authorizer } from "./Authorizer-D1w7MpK6.mjs";
 import { ComponentCollector, OpenApiSchemaOptions } from "@geekmidas/schema/openapi";
 import { Service, ServiceRecord } from "@geekmidas/services";
 import { AuditActor, AuditStorage, AuditableAction, Auditor, ExtractAuditPayload, ExtractAuditType } from "@geekmidas/audit";
@@ -664,4 +664,4 @@ type EndpointOutput<T> = T extends Endpoint<any, any, any, infer OutSchema, any,
 type EndpointEvent<T> = T extends Endpoint<any, any, any, any, any, any, any, infer TEventPublisher> ? ExtractPublisherMessage<TEventPublisher> : never;
 //#endregion
 export { ActorExtractor, AuthorizeContext, AuthorizeFn, ConvertRouteParams, CookieFn, CookieOptions, Endpoint, EndpointAuditorConfig, EndpointContext, EndpointEvent, EndpointHandler, EndpointHeaders, EndpointInput, EndpointOpenApiSchema, EndpointOptions, EndpointOutput, EndpointSchemas, HeaderFn, MappedAudit, MultiHeaderFn, ResponseBuilder, ResponseMetadata, ResponseWithMetadata, SessionContext, SessionFn, SingleHeaderFn, SuccessStatus };
-//# sourceMappingURL=Endpoint-PtQ-wLIS.d.mts.map
+//# sourceMappingURL=Endpoint-DoY1Owv2.d.mts.map

package/dist/{EndpointBuilder-W5fdXxYQ.mjs → EndpointBuilder-69uVrKZL.mjs} RENAMED Viewed

@@ -1,6 +1,7 @@
 import { ConstructType } from "./Construct-LWeB1rSQ.mjs";
 import { BaseFunctionBuilder } from "./BaseFunctionBuilder-B5gkW0Kt.mjs";
 import { Endpoint } from "./Endpoint-DbPsw13b.mjs";
+import { getSecurityScheme } from "./Authorizer-r9U3y_ms.mjs";
 import uniqBy from "lodash.uniqby";
 //#region src/endpoints/EndpointBuilder.ts
@@ -17,6 +18,7 @@ var EndpointBuilder = class extends BaseFunctionBuilder {
 	_authorizerName;
 	_actorExtractor;
 	_audits = [];
+	_customSecuritySchemes = {};
 	constructor(route, method) {
 		super(ConstructType.Endpoint);
 		this.route = route;
@@ -160,7 +162,18 @@ var EndpointBuilder = class extends BaseFunctionBuilder {
 		throw new Error("EndpointBuilder does not support generic input. Use body(), query(), or params() instead.");
 	}
 	handle(fn) {
-		const authorizer = this._authorizerName ? this._availableAuthorizers.find((a) => a.name === this._authorizerName) ?? { name: this._authorizerName } : void 0;
+		let authorizer;
+		if (this._authorizerName) {
+			const existingAuthorizer = this._availableAuthorizers.find((a) => a.name === this._authorizerName);
+			if (existingAuthorizer) authorizer = existingAuthorizer;
+			else {
+				const securityScheme = getSecurityScheme(this._authorizerName, this._customSecuritySchemes);
+				authorizer = {
+					name: this._authorizerName,
+					securityScheme
+				};
+			}
+		}
 		return new Endpoint({
 			fn,
 			method: this.method,
@@ -190,4 +203,4 @@ var EndpointBuilder = class extends BaseFunctionBuilder {
 //#endregion
 export { EndpointBuilder };
-//# sourceMappingURL=EndpointBuilder-W5fdXxYQ.mjs.map
+//# sourceMappingURL=EndpointBuilder-69uVrKZL.mjs.map

package/dist/EndpointBuilder-69uVrKZL.mjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"EndpointBuilder-69uVrKZL.mjs","names":["route: TRoute","method: TMethod","publisher: Service<TEventPublisherServiceName, TEventPublisher>","storage: Service<TAuditStorageServiceName, TAuditStorage>","service: Service<TDatabaseServiceName, TDatabase>","description: string","status: SuccessStatus","event: TEvent","tags: string[]","memorySize: number","publisher: Service<TName, T>","schema: T","config: RateLimitConfig","name: TAuthorizers[number] | 'none'","services: T","logger: T","storage: Service<TName, T>","extractor: ActorExtractor<TServices, TSession, TLogger>","audits: MappedAudit<TAuditAction, OutSchema>[]","service: Service<TName, T>","_schema: any","fn: EndpointHandler<\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TDatabase,\n TAuditStorage,\n TAuditAction\n >","authorizer: Authorizer | undefined"],"sources":["../src/endpoints/EndpointBuilder.ts"],"sourcesContent":["import type {\n AuditStorage,\n AuditableAction,\n ExtractStorageAuditAction,\n} from '@geekmidas/audit';\nimport type { EventPublisher, MappedEvent } from '@geekmidas/events';\nimport type { Logger } from '@geekmidas/logger';\nimport type { RateLimitConfig } from '@geekmidas/rate-limit';\nimport type { Service } from '@geekmidas/services';\nimport type { StandardSchemaV1 } from '@standard-schema/spec';\nimport uniqBy from 'lodash.uniqby';\nimport { ConstructType } from '../Construct';\nimport { BaseFunctionBuilder } from '../functions';\nimport type { HttpMethod } from '../types';\nimport type { Authorizer, SecurityScheme } from './Authorizer';\nimport { getSecurityScheme } from './Authorizer';\nimport { Endpoint, type EndpointSchemas } from './Endpoint';\nimport type {\n AuthorizeFn,\n EndpointHandler,\n SessionFn,\n SuccessStatus,\n} from './Endpoint';\nimport type { ActorExtractor, MappedAudit } from './audit';\n\nexport class EndpointBuilder<\n TRoute extends string,\n TMethod extends HttpMethod,\n TInput extends EndpointSchemas = {},\n TServices extends Service[] = [],\n TLogger extends Logger = Logger,\n OutSchema extends StandardSchemaV1 | undefined = undefined,\n TSession = unknown,\n TEventPublisher extends EventPublisher<any> | undefined = undefined,\n TEventPublisherServiceName extends string = string,\n TAuthorizers extends readonly string[] = readonly string[],\n TAuditStorage extends AuditStorage | undefined = undefined,\n TAuditStorageServiceName extends string = string,\n TAuditAction extends AuditableAction<string, unknown> = AuditableAction<\n string,\n unknown\n >,\n TDatabase = undefined,\n TDatabaseServiceName extends string = string,\n> extends BaseFunctionBuilder<\n TInput,\n OutSchema,\n TServices,\n TLogger,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuditStorage,\n TAuditStorageServiceName,\n TDatabase,\n TDatabaseServiceName\n> {\n protected schemas: TInput = {} as TInput;\n protected _description?: string;\n protected _status?: SuccessStatus;\n protected _tags?: string[];\n protected _memorySize?: number;\n _getSession: SessionFn<TServices, TLogger, TSession, TDatabase> = () =>\n ({}) as TSession;\n _authorize: AuthorizeFn<TServices, TLogger, TSession> = () => true;\n _rateLimit?: RateLimitConfig;\n _availableAuthorizers: Authorizer[] = [];\n _authorizerName?: TAuthorizers[number];\n _actorExtractor?: ActorExtractor<TServices, TSession, TLogger>;\n _audits: MappedAudit<TAuditAction, OutSchema>[] = [];\n _customSecuritySchemes: Record<string, SecurityScheme> = {};\n\n constructor(\n readonly route: TRoute,\n readonly method: TMethod,\n ) {\n super(ConstructType.Endpoint);\n }\n\n // Internal setter for EndpointFactory to set default publisher\n _setPublisher(\n publisher: Service<TEventPublisherServiceName, TEventPublisher>,\n ) {\n this._publisher = publisher;\n }\n\n // Internal setter for EndpointFactory to set default auditor storage\n _setAuditorStorage(\n storage: Service<TAuditStorageServiceName, TAuditStorage>,\n ) {\n this._auditorStorage = storage;\n }\n\n // Internal setter for EndpointFactory to set default database service\n _setDatabaseService(service: Service<TDatabaseServiceName, TDatabase>) {\n this._databaseService = service;\n }\n\n description(description: string): this {\n this._description = description;\n return this;\n }\n\n status(status: SuccessStatus): this {\n this._status = status;\n return this;\n }\n\n event<TEvent extends MappedEvent<TEventPublisher, OutSchema>>(\n event: TEvent,\n ): this {\n this._events.push(event);\n return this;\n }\n\n tags(tags: string[]): this {\n this._tags = tags;\n return this;\n }\n\n memorySize(memorySize: number): this {\n this._memorySize = memorySize;\n return this;\n }\n\n publisher<T extends EventPublisher<any>, TName extends string>(\n publisher: Service<TName, T>,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n T,\n TName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this._publisher = publisher as unknown as Service<\n TEventPublisherServiceName,\n TEventPublisher\n >;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n T,\n TName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n body<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n Omit<TInput, 'body'> & { body: T },\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this.schemas.body = schema as unknown as T;\n // @ts-ignore\n return this;\n }\n\n search<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n Omit<TInput, 'query'> & { query: T },\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this.schemas.query = schema as unknown as T;\n // @ts-ignore\n return this;\n }\n\n query<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n Omit<TInput, 'query'> & { query: T },\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n return this.search(schema);\n }\n\n params<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n Omit<TInput, 'params'> & { params: T },\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this.schemas.params = schema as unknown as T;\n // @ts-ignore\n return this;\n }\n\n rateLimit(config: RateLimitConfig): this {\n this._rateLimit = config;\n return this;\n }\n\n authorizer(\n name: TAuthorizers[number] | 'none',\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n // Special case: 'none' explicitly marks endpoint as having no authorizer\n if (name === 'none') {\n this._authorizerName = undefined;\n return this;\n }\n\n // Validate that the authorizer exists in available authorizers\n const authorizerExists = this._availableAuthorizers.some(\n (a) => a.name === name,\n );\n if (!authorizerExists && this._availableAuthorizers.length > 0) {\n const available = this._availableAuthorizers\n .map((a) => a.name)\n .join(', ');\n throw new Error(\n `Authorizer \"${name as string}\" not found in available authorizers: ${available}`,\n );\n }\n this._authorizerName = name;\n return this;\n }\n\n services<T extends Service[]>(\n services: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n [...TServices, ...T],\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this._services = uniqBy(\n [...this._services, ...services],\n (s) => s.serviceName,\n ) as TServices;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n [...TServices, ...T],\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n logger<T extends Logger>(\n logger: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n T,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this._logger = logger as unknown as TLogger;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n T,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n output<T extends StandardSchemaV1>(\n schema: T,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n T,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this.outputSchema = schema as unknown as OutSchema;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n T,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n /**\n * Set the auditor storage service for this endpoint.\n * This enables audit functionality and makes `auditor` available in the handler context.\n * The audit action type is automatically inferred from the storage's generic parameter.\n */\n auditor<T extends AuditStorage<any>, TName extends string>(\n storage: Service<TName, T>,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n T,\n TName,\n ExtractStorageAuditAction<T>,\n TDatabase,\n TDatabaseServiceName\n > {\n this._auditorStorage = storage as unknown as Service<\n TAuditStorageServiceName,\n TAuditStorage\n >;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n T,\n TName,\n ExtractStorageAuditAction<T>,\n TDatabase,\n TDatabaseServiceName\n >;\n }\n\n /**\n * Set the actor extractor function for audit records.\n * The actor is extracted from the request context and attached to all audits.\n */\n actor(\n extractor: ActorExtractor<TServices, TSession, TLogger>,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n this._actorExtractor = extractor;\n return this;\n }\n\n /**\n * Add declarative audit definitions that are processed after the handler executes.\n * Similar to `.event()` for events, but for audits.\n *\n * @example\n * ```typescript\n * .audit<AppAuditAction>([\n * {\n * type: 'user.created',\n * payload: (response) => ({ userId: response.id, email: response.email }),\n * when: (response) => response.active,\n * entityId: (response) => response.id,\n * table: 'users',\n * },\n * ])\n * ```\n */\n audit(audits: MappedAudit<TAuditAction, OutSchema>[]): this {\n this._audits = audits;\n return this;\n }\n\n /**\n * Set the database service for this endpoint.\n * The database will be available in the handler context as `db`.\n * When audit storage is configured and uses the same database,\n * `db` will automatically be the transaction for ACID compliance.\n *\n * @example\n * ```typescript\n * .database(databaseService)\n * .handle(async ({ db }) => {\n * // db is the raw database or transaction (when auditor uses same db)\n * return await db.selectFrom('users').selectAll().execute();\n * })\n * ```\n */\n database<T, TName extends string>(\n service: Service<TName, T>,\n ): EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n T,\n TName\n > {\n this._databaseService = service as unknown as Service<\n TDatabaseServiceName,\n TDatabase\n >;\n\n return this as unknown as EndpointBuilder<\n TRoute,\n TMethod,\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n T,\n TName\n >;\n }\n\n // EndpointBuilder doesn't have a generic input method - it uses body, query, params instead\n input(_schema: any): any {\n throw new Error(\n 'EndpointBuilder does not support generic input. Use body(), query(), or params() instead.',\n );\n }\n\n handle(\n fn: EndpointHandler<\n TInput,\n TServices,\n TLogger,\n OutSchema,\n TSession,\n TDatabase,\n TAuditStorage,\n TAuditAction\n >,\n ): Endpoint<\n TRoute,\n TMethod,\n TInput,\n OutSchema,\n TServices,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n // Find authorizer metadata if name is set\n // If the authorizer name is set but not in availableAuthorizers, create a simple authorizer object\n let authorizer: Authorizer | undefined;\n if (this._authorizerName) {\n const existingAuthorizer = this._availableAuthorizers.find(\n (a) => a.name === this._authorizerName,\n );\n\n if (existingAuthorizer) {\n authorizer = existingAuthorizer;\n } else {\n // Create authorizer with security scheme if available (built-in or custom)\n const securityScheme = getSecurityScheme(\n this._authorizerName as string,\n this._customSecuritySchemes,\n );\n authorizer = {\n name: this._authorizerName as string,\n securityScheme,\n };\n }\n }\n\n return new Endpoint({\n fn,\n method: this.method,\n route: this.route,\n description: this._description,\n tags: this._tags,\n input: this.schemas,\n output: this.outputSchema,\n services: this._services,\n logger: this._logger,\n timeout: this._timeout,\n memorySize: this._memorySize,\n authorize: this._authorize,\n status: this._status,\n getSession: this._getSession,\n rateLimit: this._rateLimit,\n publisherService: this._publisher,\n events: this._events,\n authorizer,\n auditorStorageService: this._auditorStorage,\n actorExtractor: this._actorExtractor,\n audits: this._audits,\n databaseService: this._databaseService,\n });\n }\n}\n"],"mappings":";;;;;;;AAyBA,IAAa,kBAAb,cAmBU,oBAWR;CACA,AAAU,UAAkB,CAAE;CAC9B,AAAU;CACV,AAAU;CACV,AAAU;CACV,AAAU;CACV,cAAkE,OAC/D,CAAE;CACL,aAAwD,MAAM;CAC9D;CACA,wBAAsC,CAAE;CACxC;CACA;CACA,UAAkD,CAAE;CACpD,yBAAyD,CAAE;CAE3D,YACWA,OACAC,QACT;AACA,QAAM,cAAc,SAAS;EAHpB;EACA;CAGV;CAGD,cACEC,WACA;AACA,OAAK,aAAa;CACnB;CAGD,mBACEC,SACA;AACA,OAAK,kBAAkB;CACxB;CAGD,oBAAoBC,SAAmD;AACrE,OAAK,mBAAmB;CACzB;CAED,YAAYC,aAA2B;AACrC,OAAK,eAAe;AACpB,SAAO;CACR;CAED,OAAOC,QAA6B;AAClC,OAAK,UAAU;AACf,SAAO;CACR;CAED,MACEC,OACM;AACN,OAAK,QAAQ,KAAK,MAAM;AACxB,SAAO;CACR;CAED,KAAKC,MAAsB;AACzB,OAAK,QAAQ;AACb,SAAO;CACR;CAED,WAAWC,YAA0B;AACnC,OAAK,cAAc;AACnB,SAAO;CACR;CAED,UACEC,WAiBA;AACA,OAAK,aAAa;AAKlB,SAAO;CAiBR;CAED,KACEC,QAiBA;AACA,OAAK,QAAQ,OAAO;AAEpB,SAAO;CACR;CAED,OACEA,QAiBA;AACA,OAAK,QAAQ,QAAQ;AAErB,SAAO;CACR;CAED,MACEA,QAiBA;AACA,SAAO,KAAK,OAAO,OAAO;CAC3B;CAED,OACEA,QAiBA;AACA,OAAK,QAAQ,SAAS;AAEtB,SAAO;CACR;CAED,UAAUC,QAA+B;AACvC,OAAK,aAAa;AAClB,SAAO;CACR;CAED,WACEC,MAiBA;AAEA,MAAI,SAAS,QAAQ;AACnB,QAAK;AACL,UAAO;EACR;EAGD,MAAM,mBAAmB,KAAK,sBAAsB,KAClD,CAAC,MAAM,EAAE,SAAS,KACnB;AACD,OAAK,oBAAoB,KAAK,sBAAsB,SAAS,GAAG;GAC9D,MAAM,YAAY,KAAK,sBACpB,IAAI,CAAC,MAAM,EAAE,KAAK,CAClB,KAAK,KAAK;AACb,SAAM,IAAI,OACP,cAAc,KAAe,wCAAwC,UAAU;EAEnF;AACD,OAAK,kBAAkB;AACvB,SAAO;CACR;CAED,SACEC,UAiBA;AACA,OAAK,YAAY,OACf,CAAC,GAAG,KAAK,WAAW,GAAG,QAAS,GAChC,CAAC,MAAM,EAAE,YACV;AAED,SAAO;CAiBR;CAED,OACEC,QAiBA;AACA,OAAK,UAAU;AAEf,SAAO;CAiBR;CAED,OACEJ,QAiBA;AACA,OAAK,eAAe;AAEpB,SAAO;CAiBR;;;;;;CAOD,QACEK,SAiBA;AACA,OAAK,kBAAkB;AAKvB,SAAO;CAiBR;;;;;CAMD,MACEC,WAiBA;AACA,OAAK,kBAAkB;AACvB,SAAO;CACR;;;;;;;;;;;;;;;;;;CAmBD,MAAMC,QAAsD;AAC1D,OAAK,UAAU;AACf,SAAO;CACR;;;;;;;;;;;;;;;;CAiBD,SACEC,SAiBA;AACA,OAAK,mBAAmB;AAKxB,SAAO;CAiBR;CAGD,MAAMC,SAAmB;AACvB,QAAM,IAAI,MACR;CAEH;CAED,OACEC,IAyBA;EAGA,IAAIC;AACJ,MAAI,KAAK,iBAAiB;GACxB,MAAM,qBAAqB,KAAK,sBAAsB,KACpD,CAAC,MAAM,EAAE,SAAS,KAAK,gBACxB;AAED,OAAI,mBACF,cAAa;QACR;IAEL,MAAM,iBAAiB,kBACrB,KAAK,iBACL,KAAK,uBACN;AACD,iBAAa;KACX,MAAM,KAAK;KACX;IACD;GACF;EACF;AAED,SAAO,IAAI,SAAS;GAClB;GACA,QAAQ,KAAK;GACb,OAAO,KAAK;GACZ,aAAa,KAAK;GAClB,MAAM,KAAK;GACX,OAAO,KAAK;GACZ,QAAQ,KAAK;GACb,UAAU,KAAK;GACf,QAAQ,KAAK;GACb,SAAS,KAAK;GACd,YAAY,KAAK;GACjB,WAAW,KAAK;GAChB,QAAQ,KAAK;GACb,YAAY,KAAK;GACjB,WAAW,KAAK;GAChB,kBAAkB,KAAK;GACvB,QAAQ,KAAK;GACb;GACA,uBAAuB,KAAK;GAC5B,gBAAgB,KAAK;GACrB,QAAQ,KAAK;GACb,iBAAiB,KAAK;EACvB;CACF;AACF"}