@geekmidas/constructs 0.0.22 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (210) hide show
  1. package/README.md +90 -0
  2. package/dist/{AWSLambdaFunction-qWpalqfr.d.mts → AWSLambdaFunction-D9RZhm0N.d.mts} +3 -3
  3. package/dist/{AWSLambdaSubscriberAdaptor-CWbBNRz3.d.mts → AWSLambdaSubscriberAdaptor-C0aZBU64.d.mts} +2 -2
  4. package/dist/{AmazonApiGatewayEndpointAdaptor-DXssXsJi.cjs → AmazonApiGatewayEndpointAdaptor-Bk6ssx3K.cjs} +40 -27
  5. package/dist/AmazonApiGatewayEndpointAdaptor-Bk6ssx3K.cjs.map +1 -0
  6. package/dist/{AmazonApiGatewayEndpointAdaptor-Da9BR5On.d.cts → AmazonApiGatewayEndpointAdaptor-CbJqLU6I.d.cts} +2 -2
  7. package/dist/{AmazonApiGatewayEndpointAdaptor-BQ0IJdaI.d.mts → AmazonApiGatewayEndpointAdaptor-DC3N7zY_.d.mts} +3 -3
  8. package/dist/{AmazonApiGatewayEndpointAdaptor-CacGag6F.mjs → AmazonApiGatewayEndpointAdaptor-pEWzF2uY.mjs} +40 -27
  9. package/dist/AmazonApiGatewayEndpointAdaptor-pEWzF2uY.mjs.map +1 -0
  10. package/dist/{AmazonApiGatewayV1EndpointAdaptor-C4_AZ1ek.d.mts → AmazonApiGatewayV1EndpointAdaptor-BVxgQ-7J.d.mts} +4 -4
  11. package/dist/{AmazonApiGatewayV1EndpointAdaptor-CSm3NsWz.d.cts → AmazonApiGatewayV1EndpointAdaptor-CVwJ5k16.d.cts} +3 -3
  12. package/dist/{AmazonApiGatewayV1EndpointAdaptor-BpnG55R7.mjs → AmazonApiGatewayV1EndpointAdaptor-MJpRbIaQ.mjs} +2 -2
  13. package/dist/{AmazonApiGatewayV1EndpointAdaptor-BpnG55R7.mjs.map → AmazonApiGatewayV1EndpointAdaptor-MJpRbIaQ.mjs.map} +1 -1
  14. package/dist/{AmazonApiGatewayV1EndpointAdaptor-Df4kszio.cjs → AmazonApiGatewayV1EndpointAdaptor-uBp_4zLf.cjs} +2 -2
  15. package/dist/{AmazonApiGatewayV1EndpointAdaptor-Df4kszio.cjs.map → AmazonApiGatewayV1EndpointAdaptor-uBp_4zLf.cjs.map} +1 -1
  16. package/dist/{AmazonApiGatewayV2EndpointAdaptor-6hsBFVLf.d.cts → AmazonApiGatewayV2EndpointAdaptor-1oBZdQH3.d.cts} +3 -3
  17. package/dist/{AmazonApiGatewayV2EndpointAdaptor-DdM8Tr1X.d.mts → AmazonApiGatewayV2EndpointAdaptor-C3H8Hpv7.d.mts} +4 -4
  18. package/dist/{AmazonApiGatewayV2EndpointAdaptor-ZORzMEET.mjs → AmazonApiGatewayV2EndpointAdaptor-ChO8BlDz.mjs} +2 -2
  19. package/dist/{AmazonApiGatewayV2EndpointAdaptor-ZORzMEET.mjs.map → AmazonApiGatewayV2EndpointAdaptor-ChO8BlDz.mjs.map} +1 -1
  20. package/dist/{AmazonApiGatewayV2EndpointAdaptor-5SIvqPby.cjs → AmazonApiGatewayV2EndpointAdaptor-I1W23Nvn.cjs} +2 -2
  21. package/dist/{AmazonApiGatewayV2EndpointAdaptor-5SIvqPby.cjs.map → AmazonApiGatewayV2EndpointAdaptor-I1W23Nvn.cjs.map} +1 -1
  22. package/dist/Authorizer-C0ge_tc8.cjs +92 -0
  23. package/dist/Authorizer-C0ge_tc8.cjs.map +1 -0
  24. package/dist/Authorizer-CpSUMTIs.d.cts +125 -0
  25. package/dist/Authorizer-Cpx59w_q.d.mts +125 -0
  26. package/dist/Authorizer-r9U3y_ms.mjs +68 -0
  27. package/dist/Authorizer-r9U3y_ms.mjs.map +1 -0
  28. package/dist/{BaseFunctionBuilder-Ct6zY6Jq.d.mts → BaseFunctionBuilder-CoV7J45W.d.mts} +2 -2
  29. package/dist/{Construct-DDR0295I.d.mts → Construct-jBKqb-Zi.d.mts} +1 -1
  30. package/dist/Construct.d.mts +1 -1
  31. package/dist/{Cron-DnMRWPFR.d.mts → Cron-JZkp_fHy.d.mts} +2 -2
  32. package/dist/{CronBuilder-RLDitFmP.d.mts → CronBuilder-BmFDO0Dm.d.mts} +4 -4
  33. package/dist/{Endpoint-DbPsw13b.mjs → Endpoint-B70_KKhu.mjs} +8 -2
  34. package/dist/Endpoint-B70_KKhu.mjs.map +1 -0
  35. package/dist/{Endpoint-CA-byrDr.cjs → Endpoint-BJo9Hhwm.cjs} +8 -2
  36. package/dist/Endpoint-BJo9Hhwm.cjs.map +1 -0
  37. package/dist/{Endpoint-PtQ-wLIS.d.mts → Endpoint-C5djXyae.d.mts} +69 -6
  38. package/dist/{Endpoint-D2Imgihs.d.cts → Endpoint-CC2RGjkl.d.cts} +67 -4
  39. package/dist/{EndpointBuilder-BPHpUekp.d.mts → EndpointBuilder-CD8LkBda.d.mts} +43 -5
  40. package/dist/{EndpointBuilder-CYkeYpsL.cjs → EndpointBuilder-DeswNQdG.cjs} +69 -4
  41. package/dist/EndpointBuilder-DeswNQdG.cjs.map +1 -0
  42. package/dist/{EndpointBuilder-W5fdXxYQ.mjs → EndpointBuilder-FyyoFTJ5.mjs} +69 -4
  43. package/dist/EndpointBuilder-FyyoFTJ5.mjs.map +1 -0
  44. package/dist/{EndpointBuilder-TApJQhtG.d.cts → EndpointBuilder-vXk6eIJk.d.cts} +41 -3
  45. package/dist/{EndpointFactory-CNlfBDuD.d.mts → EndpointFactory-3g-7Rznt.d.cts} +68 -21
  46. package/dist/{EndpointFactory-B5fOINuc.d.cts → EndpointFactory-DaFR9LQG.d.mts} +68 -21
  47. package/dist/{EndpointFactory-D5lFZXqY.cjs → EndpointFactory-DcT_g9M_.cjs} +117 -14
  48. package/dist/EndpointFactory-DcT_g9M_.cjs.map +1 -0
  49. package/dist/{EndpointFactory-B27nfeiE.mjs → EndpointFactory-KJAjBWmO.mjs} +117 -14
  50. package/dist/EndpointFactory-KJAjBWmO.mjs.map +1 -0
  51. package/dist/{Function-CD3rXWfa.d.mts → Function-Vh1t-Qjj.d.mts} +2 -2
  52. package/dist/{FunctionBuilder-j2VkwuGf.d.mts → FunctionBuilder-3jsoFffg.d.mts} +4 -4
  53. package/dist/{FunctionExecutionWrapper-B0WP-Vec.d.mts → FunctionExecutionWrapper-CI3CaoCo.d.mts} +2 -2
  54. package/dist/{HonoEndpointAdaptor-CLOpobdq.d.cts → HonoEndpointAdaptor-BJh4J-J9.d.cts} +4 -4
  55. package/dist/{HonoEndpointAdaptor-Bg_vTyA5.mjs → HonoEndpointAdaptor-CcvXzoYV.mjs} +43 -30
  56. package/dist/HonoEndpointAdaptor-CcvXzoYV.mjs.map +1 -0
  57. package/dist/{HonoEndpointAdaptor-B_gJPWGD.cjs → HonoEndpointAdaptor-DodwLM0-.cjs} +43 -30
  58. package/dist/HonoEndpointAdaptor-DodwLM0-.cjs.map +1 -0
  59. package/dist/{HonoEndpointAdaptor-C9gYYBWu.d.mts → HonoEndpointAdaptor-kb1ByjUL.d.mts} +5 -5
  60. package/dist/{Subscriber-D-FPWts6.cjs → Subscriber-DOt3svUC.cjs} +1 -1
  61. package/dist/{Subscriber-D-FPWts6.cjs.map → Subscriber-DOt3svUC.cjs.map} +1 -1
  62. package/dist/{Subscriber-itwm7ugy.d.mts → Subscriber-aNr1qkxR.d.mts} +2 -2
  63. package/dist/{Subscriber-CGb8LjZa.mjs → Subscriber-kCHbH2fZ.mjs} +1 -1
  64. package/dist/{Subscriber-CGb8LjZa.mjs.map → Subscriber-kCHbH2fZ.mjs.map} +1 -1
  65. package/dist/{SubscriberBuilder-9j3JCu8-.d.mts → SubscriberBuilder-CWS4tdbp.d.mts} +2 -2
  66. package/dist/{SubscriberBuilder-BfE2cL1q.cjs → SubscriberBuilder-Cj2u9k5Q.cjs} +2 -2
  67. package/dist/{SubscriberBuilder-BfE2cL1q.cjs.map → SubscriberBuilder-Cj2u9k5Q.cjs.map} +1 -1
  68. package/dist/{SubscriberBuilder-BcAspHv9.mjs → SubscriberBuilder-DmxMU89X.mjs} +2 -2
  69. package/dist/{SubscriberBuilder-BcAspHv9.mjs.map → SubscriberBuilder-DmxMU89X.mjs.map} +1 -1
  70. package/dist/{TestEndpointAdaptor-JONQJeXc.mjs → TestEndpointAdaptor-1pPixE6y.mjs} +4 -4
  71. package/dist/{TestEndpointAdaptor-JONQJeXc.mjs.map → TestEndpointAdaptor-1pPixE6y.mjs.map} +1 -1
  72. package/dist/{TestEndpointAdaptor-C-c8v7VI.d.mts → TestEndpointAdaptor-5-unBV8O.d.mts} +3 -3
  73. package/dist/{TestEndpointAdaptor-BYCwwiYk.d.cts → TestEndpointAdaptor-Bm0UjDtV.d.cts} +2 -2
  74. package/dist/{TestEndpointAdaptor-Bew9lWsx.cjs → TestEndpointAdaptor-wA-fmq4v.cjs} +4 -4
  75. package/dist/{TestEndpointAdaptor-Bew9lWsx.cjs.map → TestEndpointAdaptor-wA-fmq4v.cjs.map} +1 -1
  76. package/dist/adaptors/aws.cjs +5 -5
  77. package/dist/adaptors/aws.d.cts +5 -5
  78. package/dist/adaptors/aws.d.mts +15 -15
  79. package/dist/adaptors/aws.mjs +5 -5
  80. package/dist/adaptors/hono.cjs +4 -4
  81. package/dist/adaptors/hono.d.cts +3 -3
  82. package/dist/adaptors/hono.d.mts +9 -9
  83. package/dist/adaptors/hono.mjs +4 -4
  84. package/dist/adaptors/testing.cjs +3 -3
  85. package/dist/adaptors/testing.d.cts +3 -3
  86. package/dist/adaptors/testing.d.mts +9 -9
  87. package/dist/adaptors/testing.mjs +3 -3
  88. package/dist/crons/Cron.d.mts +6 -6
  89. package/dist/crons/CronBuilder.d.mts +7 -7
  90. package/dist/crons/index.d.cts +4 -4
  91. package/dist/crons/index.d.mts +7 -7
  92. package/dist/endpoints/AmazonApiGatewayEndpointAdaptor.cjs +3 -3
  93. package/dist/endpoints/AmazonApiGatewayEndpointAdaptor.d.cts +3 -3
  94. package/dist/endpoints/AmazonApiGatewayEndpointAdaptor.d.mts +9 -9
  95. package/dist/endpoints/AmazonApiGatewayEndpointAdaptor.mjs +3 -3
  96. package/dist/endpoints/AmazonApiGatewayV1EndpointAdaptor.cjs +4 -4
  97. package/dist/endpoints/AmazonApiGatewayV1EndpointAdaptor.d.cts +4 -4
  98. package/dist/endpoints/AmazonApiGatewayV1EndpointAdaptor.d.mts +10 -10
  99. package/dist/endpoints/AmazonApiGatewayV1EndpointAdaptor.mjs +4 -4
  100. package/dist/endpoints/AmazonApiGatewayV2EndpointAdaptor.cjs +4 -4
  101. package/dist/endpoints/AmazonApiGatewayV2EndpointAdaptor.d.cts +4 -4
  102. package/dist/endpoints/AmazonApiGatewayV2EndpointAdaptor.d.mts +10 -10
  103. package/dist/endpoints/AmazonApiGatewayV2EndpointAdaptor.mjs +4 -4
  104. package/dist/endpoints/Authorizer.cjs +5 -14
  105. package/dist/endpoints/Authorizer.d.cts +2 -2
  106. package/dist/endpoints/Authorizer.d.mts +2 -2
  107. package/dist/endpoints/Authorizer.mjs +2 -13
  108. package/dist/endpoints/Endpoint.cjs +1 -1
  109. package/dist/endpoints/Endpoint.d.cts +2 -2
  110. package/dist/endpoints/Endpoint.d.mts +8 -8
  111. package/dist/endpoints/Endpoint.mjs +1 -1
  112. package/dist/endpoints/EndpointBuilder.cjs +4 -2
  113. package/dist/endpoints/EndpointBuilder.d.cts +3 -3
  114. package/dist/endpoints/EndpointBuilder.d.mts +9 -9
  115. package/dist/endpoints/EndpointBuilder.mjs +4 -2
  116. package/dist/endpoints/EndpointFactory.cjs +5 -3
  117. package/dist/endpoints/EndpointFactory.d.cts +4 -4
  118. package/dist/endpoints/EndpointFactory.d.mts +10 -10
  119. package/dist/endpoints/EndpointFactory.mjs +5 -3
  120. package/dist/endpoints/HonoEndpointAdaptor.cjs +4 -4
  121. package/dist/endpoints/HonoEndpointAdaptor.d.cts +3 -3
  122. package/dist/endpoints/HonoEndpointAdaptor.d.mts +9 -9
  123. package/dist/endpoints/HonoEndpointAdaptor.mjs +4 -4
  124. package/dist/endpoints/TestEndpointAdaptor.cjs +3 -3
  125. package/dist/endpoints/TestEndpointAdaptor.d.cts +3 -3
  126. package/dist/endpoints/TestEndpointAdaptor.d.mts +9 -9
  127. package/dist/endpoints/TestEndpointAdaptor.mjs +3 -3
  128. package/dist/endpoints/audit.d.cts +2 -2
  129. package/dist/endpoints/audit.d.mts +8 -8
  130. package/dist/endpoints/helpers.cjs +2 -2
  131. package/dist/endpoints/helpers.d.cts +2 -2
  132. package/dist/endpoints/helpers.d.mts +8 -8
  133. package/dist/endpoints/helpers.mjs +2 -2
  134. package/dist/endpoints/index.cjs +6 -3
  135. package/dist/endpoints/index.cjs.map +1 -1
  136. package/dist/endpoints/index.d.cts +7 -7
  137. package/dist/endpoints/index.d.mts +13 -13
  138. package/dist/endpoints/index.mjs +6 -4
  139. package/dist/endpoints/index.mjs.map +1 -1
  140. package/dist/endpoints/processAudits.cjs +1 -1
  141. package/dist/endpoints/processAudits.d.cts +24 -5
  142. package/dist/endpoints/processAudits.d.mts +30 -11
  143. package/dist/endpoints/processAudits.mjs +1 -1
  144. package/dist/endpoints/rls.cjs +3 -0
  145. package/dist/endpoints/rls.d.cts +9 -0
  146. package/dist/endpoints/rls.d.mts +9 -0
  147. package/dist/endpoints/rls.mjs +3 -0
  148. package/dist/functions/AWSLambdaFunction.d.mts +4 -4
  149. package/dist/functions/BaseFunctionBuilder.d.mts +2 -2
  150. package/dist/functions/Function.d.mts +2 -2
  151. package/dist/functions/FunctionBuilder.d.mts +4 -4
  152. package/dist/functions/FunctionExecutionWrapper.d.mts +3 -3
  153. package/dist/functions/TestFunctionAdaptor.d.mts +2 -2
  154. package/dist/functions/index.d.mts +5 -5
  155. package/dist/{helpers-CrrdyA04.mjs → helpers-C3B2lVrM.mjs} +2 -2
  156. package/dist/{helpers-CrrdyA04.mjs.map → helpers-C3B2lVrM.mjs.map} +1 -1
  157. package/dist/{helpers-DiPZVJQC.cjs → helpers-DxxSpLfw.cjs} +2 -2
  158. package/dist/{helpers-DiPZVJQC.cjs.map → helpers-DxxSpLfw.cjs.map} +1 -1
  159. package/dist/index-CFyaRrck.d.mts +10 -0
  160. package/dist/index.d.mts +2 -2
  161. package/dist/{processAudits-BFokHhCO.cjs → processAudits-CzHkPokQ.cjs} +13 -7
  162. package/dist/processAudits-CzHkPokQ.cjs.map +1 -0
  163. package/dist/{processAudits-DfcB-X-4.mjs → processAudits-Dj8UGqcW.mjs} +13 -7
  164. package/dist/processAudits-Dj8UGqcW.mjs.map +1 -0
  165. package/dist/publisher.d.mts +1 -1
  166. package/dist/rls-Bf3FRwto.mjs +9 -0
  167. package/dist/rls-Bf3FRwto.mjs.map +1 -0
  168. package/dist/rls-CmJ7bRsz.cjs +15 -0
  169. package/dist/rls-CmJ7bRsz.cjs.map +1 -0
  170. package/dist/subscribers/AWSLambdaSubscriberAdaptor.d.mts +3 -3
  171. package/dist/subscribers/Subscriber.cjs +1 -1
  172. package/dist/subscribers/Subscriber.d.mts +2 -2
  173. package/dist/subscribers/Subscriber.mjs +1 -1
  174. package/dist/subscribers/SubscriberBuilder.cjs +2 -2
  175. package/dist/subscribers/SubscriberBuilder.d.mts +3 -3
  176. package/dist/subscribers/SubscriberBuilder.mjs +2 -2
  177. package/dist/subscribers/index.cjs +2 -2
  178. package/dist/subscribers/index.d.cts +2 -2
  179. package/dist/subscribers/index.d.mts +5 -5
  180. package/dist/subscribers/index.mjs +2 -2
  181. package/dist/{types-DKf0juBf.d.mts → types-CScirkHt.d.mts} +1 -1
  182. package/dist/types.d.mts +1 -1
  183. package/package.json +4 -3
  184. package/src/endpoints/AmazonApiGatewayEndpointAdaptor.ts +59 -26
  185. package/src/endpoints/Authorizer.ts +119 -1
  186. package/src/endpoints/Endpoint.ts +19 -0
  187. package/src/endpoints/EndpointBuilder.ts +80 -6
  188. package/src/endpoints/EndpointFactory.ts +263 -27
  189. package/src/endpoints/HonoEndpointAdaptor.ts +68 -37
  190. package/src/endpoints/TestEndpointAdaptor.ts +2 -0
  191. package/src/endpoints/index.ts +7 -0
  192. package/src/endpoints/processAudits.ts +39 -16
  193. package/src/endpoints/rls.ts +67 -0
  194. package/dist/AmazonApiGatewayEndpointAdaptor-CacGag6F.mjs.map +0 -1
  195. package/dist/AmazonApiGatewayEndpointAdaptor-DXssXsJi.cjs.map +0 -1
  196. package/dist/Authorizer-BTmly8ps.d.cts +0 -29
  197. package/dist/Authorizer-pmPvIVgv.d.mts +0 -29
  198. package/dist/Endpoint-CA-byrDr.cjs.map +0 -1
  199. package/dist/Endpoint-DbPsw13b.mjs.map +0 -1
  200. package/dist/EndpointBuilder-CYkeYpsL.cjs.map +0 -1
  201. package/dist/EndpointBuilder-W5fdXxYQ.mjs.map +0 -1
  202. package/dist/EndpointFactory-B27nfeiE.mjs.map +0 -1
  203. package/dist/EndpointFactory-D5lFZXqY.cjs.map +0 -1
  204. package/dist/HonoEndpointAdaptor-B_gJPWGD.cjs.map +0 -1
  205. package/dist/HonoEndpointAdaptor-Bg_vTyA5.mjs.map +0 -1
  206. package/dist/endpoints/Authorizer.cjs.map +0 -1
  207. package/dist/endpoints/Authorizer.mjs.map +0 -1
  208. package/dist/index-licEVXjh.d.mts +0 -10
  209. package/dist/processAudits-BFokHhCO.cjs.map +0 -1
  210. package/dist/processAudits-DfcB-X-4.mjs.map +0 -1
package/dist/{EndpointFactory-B27nfeiE.mjs → EndpointFactory-KJAjBWmO.mjs} RENAMED
@@ -1,4 +1,4 @@
1
- import { EndpointBuilder } from "./EndpointBuilder-W5fdXxYQ.mjs";
1
+ import { EndpointBuilder } from "./EndpointBuilder-FyyoFTJ5.mjs";
2
2
  import { ConsoleLogger } from "@geekmidas/logger/console";
3
3
  import uniqBy from "lodash.uniqby";
4
4
 
@@ -16,7 +16,9 @@ var EndpointFactory = class EndpointFactory {
16
16
  defaultAuditorStorage;
17
17
  defaultDatabaseService;
18
18
  defaultActorExtractor;
19
- constructor({ basePath, defaultAuthorizeFn, defaultLogger, defaultSessionExtractor, defaultServices = [], defaultEventPublisher, availableAuthorizers = [], defaultAuthorizerName, defaultAuditorStorage, defaultDatabaseService, defaultActorExtractor } = {}) {
19
+ customSecuritySchemes = {};
20
+ defaultRlsConfig;
21
+ constructor({ basePath, defaultAuthorizeFn, defaultLogger, defaultSessionExtractor, defaultServices = [], defaultEventPublisher, availableAuthorizers = [], defaultAuthorizerName, defaultAuditorStorage, defaultDatabaseService, defaultActorExtractor, customSecuritySchemes = {}, defaultRlsConfig } = {}) {
20
22
  this.defaultServices = uniqBy(defaultServices, (s) => s.serviceName);
21
23
  this.basePath = basePath || "";
22
24
  this.defaultAuthorizeFn = defaultAuthorizeFn;
@@ -28,6 +30,8 @@ var EndpointFactory = class EndpointFactory {
28
30
  this.defaultAuditorStorage = defaultAuditorStorage;
29
31
  this.defaultDatabaseService = defaultDatabaseService;
30
32
  this.defaultActorExtractor = defaultActorExtractor;
33
+ this.customSecuritySchemes = customSecuritySchemes;
34
+ this.defaultRlsConfig = defaultRlsConfig;
31
35
  }
32
36
  static joinPaths(path, basePath = "") {
33
37
  if (!basePath && !path) return "/";
@@ -54,13 +58,55 @@ var EndpointFactory = class EndpointFactory {
54
58
  defaultAuthorizerName: this.defaultAuthorizerName,
55
59
  defaultAuditorStorage: this.defaultAuditorStorage,
56
60
  defaultDatabaseService: this.defaultDatabaseService,
57
- defaultActorExtractor: this.defaultActorExtractor
61
+ defaultActorExtractor: this.defaultActorExtractor,
62
+ customSecuritySchemes: this.customSecuritySchemes,
63
+ defaultRlsConfig: this.defaultRlsConfig
64
+ });
65
+ }
66
+ /**
67
+ * Define custom security schemes for this factory.
68
+ * These extend the built-in schemes (jwt, bearer, apiKey, oauth2, oidc).
69
+ *
70
+ * @example
71
+ * ```typescript
72
+ * const router = e.securitySchemes({
73
+ * awsIamSigV4: {
74
+ * type: 'apiKey',
75
+ * in: 'header',
76
+ * name: 'Authorization',
77
+ * 'x-amazon-apigateway-authtype': 'awsSigv4',
78
+ * },
79
+ * });
80
+ * ```
81
+ */
82
+ securitySchemes(schemes) {
83
+ return new EndpointFactory({
84
+ defaultServices: this.defaultServices,
85
+ basePath: this.basePath,
86
+ defaultAuthorizeFn: this.defaultAuthorizeFn,
87
+ defaultLogger: this.defaultLogger,
88
+ defaultSessionExtractor: this.defaultSessionExtractor,
89
+ defaultEventPublisher: this.defaultEventPublisher,
90
+ availableAuthorizers: this.availableAuthorizers,
91
+ defaultAuthorizerName: this.defaultAuthorizerName,
92
+ defaultAuditorStorage: this.defaultAuditorStorage,
93
+ defaultDatabaseService: this.defaultDatabaseService,
94
+ defaultActorExtractor: this.defaultActorExtractor,
95
+ customSecuritySchemes: {
96
+ ...this.customSecuritySchemes,
97
+ ...schemes
98
+ }
58
99
  });
59
100
  }
60
101
  /**
61
102
  * Set the default authorizer for all endpoints created from this factory.
62
103
  * Individual endpoints can override this by calling `.authorizer()` on the builder.
63
104
  * Use `'none'` to explicitly disable authorization for all endpoints.
105
+ *
106
+ * Accepts:
107
+ * - Built-in security scheme names: 'jwt', 'bearer', 'apiKey', 'oauth2', 'oidc'
108
+ * - Custom security scheme names defined via `.securitySchemes()`
109
+ * - 'none' to disable authorization
64
110
  */
65
111
  authorizer(name) {
66
112
  if (name !== "none" && this.availableAuthorizers.length > 0) {
@@ -81,7 +127,9 @@ var EndpointFactory = class EndpointFactory {
81
127
  defaultAuthorizerName: name === "none" ? void 0 : name,
82
128
  defaultAuditorStorage: this.defaultAuditorStorage,
83
129
  defaultDatabaseService: this.defaultDatabaseService,
84
- defaultActorExtractor: this.defaultActorExtractor
130
+ defaultActorExtractor: this.defaultActorExtractor,
131
+ customSecuritySchemes: this.customSecuritySchemes,
132
+ defaultRlsConfig: this.defaultRlsConfig
85
133
  });
86
134
  }
87
135
  route(path) {
@@ -97,7 +145,9 @@ var EndpointFactory = class EndpointFactory {
97
145
  defaultAuthorizerName: this.defaultAuthorizerName,
98
146
  defaultAuditorStorage: this.defaultAuditorStorage,
99
147
  defaultDatabaseService: this.defaultDatabaseService,
100
- defaultActorExtractor: this.defaultActorExtractor
148
+ defaultActorExtractor: this.defaultActorExtractor,
149
+ customSecuritySchemes: this.customSecuritySchemes,
150
+ defaultRlsConfig: this.defaultRlsConfig
101
151
  });
102
152
  }
103
153
  authorize(fn) {
@@ -112,7 +162,9 @@ var EndpointFactory = class EndpointFactory {
112
162
  defaultAuthorizerName: this.defaultAuthorizerName,
113
163
  defaultAuditorStorage: this.defaultAuditorStorage,
114
164
  defaultDatabaseService: this.defaultDatabaseService,
115
- defaultActorExtractor: this.defaultActorExtractor
165
+ defaultActorExtractor: this.defaultActorExtractor,
166
+ customSecuritySchemes: this.customSecuritySchemes,
167
+ defaultRlsConfig: this.defaultRlsConfig
116
168
  });
117
169
  }
118
170
  services(services) {
@@ -127,7 +179,9 @@ var EndpointFactory = class EndpointFactory {
127
179
  defaultAuthorizerName: this.defaultAuthorizerName,
128
180
  defaultAuditorStorage: this.defaultAuditorStorage,
129
181
  defaultDatabaseService: this.defaultDatabaseService,
130
- defaultActorExtractor: this.defaultActorExtractor
182
+ defaultActorExtractor: this.defaultActorExtractor,
183
+ customSecuritySchemes: this.customSecuritySchemes,
184
+ defaultRlsConfig: this.defaultRlsConfig
131
185
  });
132
186
  }
133
187
  logger(logger) {
@@ -142,7 +196,9 @@ var EndpointFactory = class EndpointFactory {
142
196
  defaultAuthorizerName: this.defaultAuthorizerName,
143
197
  defaultAuditorStorage: this.defaultAuditorStorage,
144
198
  defaultDatabaseService: this.defaultDatabaseService,
145
- defaultActorExtractor: this.defaultActorExtractor
199
+ defaultActorExtractor: this.defaultActorExtractor,
200
+ customSecuritySchemes: this.customSecuritySchemes,
201
+ defaultRlsConfig: this.defaultRlsConfig
146
202
  });
147
203
  }
148
204
  publisher(publisher) {
@@ -157,7 +213,9 @@ var EndpointFactory = class EndpointFactory {
157
213
  defaultAuthorizerName: this.defaultAuthorizerName,
158
214
  defaultAuditorStorage: this.defaultAuditorStorage,
159
215
  defaultDatabaseService: this.defaultDatabaseService,
160
- defaultActorExtractor: this.defaultActorExtractor
216
+ defaultActorExtractor: this.defaultActorExtractor,
217
+ customSecuritySchemes: this.customSecuritySchemes,
218
+ defaultRlsConfig: this.defaultRlsConfig
161
219
  });
162
220
  }
163
221
  session(session) {
@@ -172,7 +230,9 @@ var EndpointFactory = class EndpointFactory {
172
230
  defaultAuthorizerName: this.defaultAuthorizerName,
173
231
  defaultAuditorStorage: this.defaultAuditorStorage,
174
232
  defaultDatabaseService: this.defaultDatabaseService,
175
- defaultActorExtractor: this.defaultActorExtractor
233
+ defaultActorExtractor: this.defaultActorExtractor,
234
+ customSecuritySchemes: this.customSecuritySchemes,
235
+ defaultRlsConfig: this.defaultRlsConfig
176
236
  });
177
237
  }
178
238
  /**
@@ -190,7 +250,9 @@ var EndpointFactory = class EndpointFactory {
190
250
  availableAuthorizers: this.availableAuthorizers,
191
251
  defaultAuthorizerName: this.defaultAuthorizerName,
192
252
  defaultAuditorStorage: this.defaultAuditorStorage,
193
- defaultDatabaseService: service
253
+ defaultDatabaseService: service,
254
+ customSecuritySchemes: this.customSecuritySchemes,
255
+ defaultRlsConfig: this.defaultRlsConfig
194
256
  });
195
257
  }
196
258
  /**
@@ -210,7 +272,9 @@ var EndpointFactory = class EndpointFactory {
210
272
  defaultAuthorizerName: this.defaultAuthorizerName,
211
273
  defaultAuditorStorage: storage,
212
274
  defaultDatabaseService: this.defaultDatabaseService,
213
- defaultActorExtractor: this.defaultActorExtractor
275
+ defaultActorExtractor: this.defaultActorExtractor,
276
+ customSecuritySchemes: this.customSecuritySchemes,
277
+ defaultRlsConfig: this.defaultRlsConfig
214
278
  });
215
279
  }
216
280
  /**
@@ -229,7 +293,44 @@ var EndpointFactory = class EndpointFactory {
229
293
  defaultAuthorizerName: this.defaultAuthorizerName,
230
294
  defaultAuditorStorage: this.defaultAuditorStorage,
231
295
  defaultDatabaseService: this.defaultDatabaseService,
232
- defaultActorExtractor: extractor
296
+ defaultActorExtractor: extractor,
297
+ customSecuritySchemes: this.customSecuritySchemes,
298
+ defaultRlsConfig: this.defaultRlsConfig
299
+ });
300
+ }
301
+ /**
302
+ * Set the RLS (Row-Level Security) configuration for endpoints created from this factory.
303
+ * This enables automatic PostgreSQL session variable setting for RLS policies.
304
+ *
305
+ * @example
306
+ * ```typescript
307
+ * const api = new EndpointFactory()
308
+ * .database(databaseService)
309
+ * .session(extractSession)
310
+ * .rls({
311
+ * extractor: ({ session }) => ({
312
+ * user_id: session.userId,
313
+ * tenant_id: session.tenantId,
314
+ * }),
315
+ * prefix: 'app',
316
+ * });
317
+ * ```
318
+ */
319
+ rls(config) {
320
+ return new EndpointFactory({
321
+ defaultServices: this.defaultServices,
322
+ basePath: this.basePath,
323
+ defaultAuthorizeFn: this.defaultAuthorizeFn,
324
+ defaultLogger: this.defaultLogger,
325
+ defaultSessionExtractor: this.defaultSessionExtractor,
326
+ defaultEventPublisher: this.defaultEventPublisher,
327
+ availableAuthorizers: this.availableAuthorizers,
328
+ defaultAuthorizerName: this.defaultAuthorizerName,
329
+ defaultAuditorStorage: this.defaultAuditorStorage,
330
+ defaultDatabaseService: this.defaultDatabaseService,
331
+ defaultActorExtractor: this.defaultActorExtractor,
332
+ customSecuritySchemes: this.customSecuritySchemes,
333
+ defaultRlsConfig: config
233
334
  });
234
335
  }
235
336
  createBuilder(method, path) {
@@ -245,6 +346,8 @@ var EndpointFactory = class EndpointFactory {
245
346
  if (this.defaultAuditorStorage) builder._setAuditorStorage(this.defaultAuditorStorage);
246
347
  if (this.defaultDatabaseService) builder._setDatabaseService(this.defaultDatabaseService);
247
348
  if (this.defaultActorExtractor) builder._actorExtractor = this.defaultActorExtractor;
349
+ builder._customSecuritySchemes = this.customSecuritySchemes;
350
+ if (this.defaultRlsConfig) builder._rlsConfig = this.defaultRlsConfig;
248
351
  return builder;
249
352
  }
250
353
  post(path) {
@@ -270,4 +373,4 @@ const e = new EndpointFactory();
270
373
 
271
374
  //#endregion
272
375
  export { EndpointFactory, e };
273
- //# sourceMappingURL=EndpointFactory-B27nfeiE.mjs.map
376
+ //# sourceMappingURL=EndpointFactory-KJAjBWmO.mjs.map
package/dist/EndpointFactory-KJAjBWmO.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"EndpointFactory-KJAjBWmO.mjs","names":["DEFAULT_LOGGER","path: P","basePath: TBasePath","authorizers: T","schemes: T","name:\n | BuiltInSecuritySchemeId\n | keyof TSecuritySchemes\n | TAuthorizers[number]\n | 'none'","path: TPath","fn: AuthorizeFn<TServices, TLogger, TSession>","services: S","logger: L","publisher: Service<TServiceName, T>","session: SessionFn<TServices, TLogger, T, TDatabase>","service: Service<TName, T>","storage: Service<TName, T>","extractor: ActorExtractor<TServices, TSession, TLogger>","config: TConfig","method: TMethod"],"sources":["../src/endpoints/EndpointFactory.ts"],"sourcesContent":["import type {\n AuditStorage,\n AuditableAction,\n ExtractStorageAuditAction,\n} from '@geekmidas/audit';\nimport type { EventPublisher, MappedEvent } from '@geekmidas/events';\nimport type { Logger } from '@geekmidas/logger';\nimport { ConsoleLogger } from '@geekmidas/logger/console';\nimport type { Service } from '@geekmidas/services';\nimport uniqBy from 'lodash.uniqby';\nimport type { HttpMethod } from '../types';\nimport type {\n Authorizer,\n BuiltInSecuritySchemeId,\n SecurityScheme,\n} from './Authorizer';\nimport type { AuthorizeFn, SessionFn } from './Endpoint';\nimport { EndpointBuilder } from './EndpointBuilder';\nimport type { ActorExtractor } from './audit';\nimport type { RlsConfig } from './rls';\n\nconst DEFAULT_LOGGER = new ConsoleLogger() as any;\n\nexport class EndpointFactory<\n TServices extends Service[] = [],\n TBasePath extends string = '',\n TLogger extends Logger = Logger,\n TSession = unknown,\n TEventPublisher extends EventPublisher<any> | undefined = undefined,\n TEventPublisherServiceName extends string = string,\n TAuthorizers extends readonly string[] = readonly string[],\n TAuditStorage extends AuditStorage<any> | undefined = undefined,\n TAuditStorageServiceName extends string = string,\n TAuditAction extends AuditableAction<\n string,\n unknown\n > = ExtractStorageAuditAction<NonNullable<TAuditStorage>>,\n TDatabase = undefined,\n TDatabaseServiceName extends string = string,\n TSecuritySchemes extends Record<string, SecurityScheme> = Record<\n string,\n SecurityScheme\n >,\n TRlsConfig extends\n | RlsConfig<TServices, TSession, TLogger>\n | undefined = undefined,\n> {\n // @ts-ignore\n private defaultServices: TServices;\n private basePath: TBasePath = '' as TBasePath;\n private defaultAuthorizeFn?: AuthorizeFn<TServices, TLogger, TSession>;\n private defaultEventPublisher:\n | Service<TEventPublisherServiceName, TEventPublisher>\n | undefined;\n private defaultSessionExtractor?: SessionFn<\n TServices,\n TLogger,\n TSession,\n TDatabase\n >;\n private defaultLogger: TLogger = DEFAULT_LOGGER;\n private availableAuthorizers: Authorizer[] = [];\n private defaultAuthorizerName?: TAuthorizers[number];\n private defaultAuditorStorage:\n | Service<TAuditStorageServiceName, TAuditStorage>\n | undefined;\n private defaultDatabaseService:\n | Service<TDatabaseServiceName, TDatabase>\n | undefined;\n private defaultActorExtractor?: ActorExtractor<TServices, TSession, TLogger>;\n private customSecuritySchemes: TSecuritySchemes = {} as TSecuritySchemes;\n private defaultRlsConfig?: TRlsConfig;\n\n constructor({\n basePath,\n defaultAuthorizeFn,\n defaultLogger,\n defaultSessionExtractor,\n // @ts-ignore\n defaultServices = [] as TServices,\n defaultEventPublisher,\n availableAuthorizers = [],\n defaultAuthorizerName,\n defaultAuditorStorage,\n defaultDatabaseService,\n defaultActorExtractor,\n customSecuritySchemes = {} as TSecuritySchemes,\n defaultRlsConfig,\n }: EndpointFactoryOptions<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n > = {}) {\n // Initialize default services\n this.defaultServices = uniqBy(\n defaultServices,\n (s) => s.serviceName,\n ) as TServices;\n\n this.basePath = basePath || ('' as TBasePath);\n this.defaultAuthorizeFn = defaultAuthorizeFn;\n this.defaultLogger = defaultLogger || (DEFAULT_LOGGER as TLogger);\n this.defaultSessionExtractor = defaultSessionExtractor;\n this.defaultEventPublisher = defaultEventPublisher;\n this.availableAuthorizers = availableAuthorizers;\n this.defaultAuthorizerName = defaultAuthorizerName;\n this.defaultAuditorStorage = defaultAuditorStorage;\n this.defaultDatabaseService = defaultDatabaseService;\n this.defaultActorExtractor = defaultActorExtractor;\n this.customSecuritySchemes = customSecuritySchemes;\n this.defaultRlsConfig = defaultRlsConfig;\n }\n\n static joinPaths<TBasePath extends string, P extends string>(\n path: P,\n basePath: TBasePath = '' as TBasePath,\n ): JoinPaths<TBasePath, P> {\n // Handle empty cases\n if (!basePath && !path) return '/' as JoinPaths<TBasePath, P>;\n if (!basePath)\n return (path.startsWith('/') ? path : '/' + path) as JoinPaths<\n TBasePath,\n P\n >;\n if (!path)\n return (\n basePath.startsWith('/') ? basePath : '/' + basePath\n ) as JoinPaths<TBasePath, P>;\n\n const base = basePath.endsWith('/') ? basePath.slice(0, -1) : basePath;\n const segment = path.startsWith('/') ? path : '/' + path;\n\n let result = base + segment;\n\n // Ensure leading slash\n if (!result.startsWith('/')) {\n result = '/' + result;\n }\n\n // Normalize multiple slashes (except in the middle of the path where they might be intentional)\n result = result.replace(/^\\/+/g, '/');\n\n // Remove trailing slash unless it's the root path \"/\"\n if (result.length > 1 && result.endsWith('/')) {\n result = result.slice(0, -1);\n }\n\n return result as JoinPaths<TBasePath, P>;\n }\n\n // Configure available authorizers\n authorizers<const T extends readonly string[]>(\n authorizers: T,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n T,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n const authorizerConfigs = authorizers.map((name) => ({\n name,\n }));\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n T,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: authorizerConfigs,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n /**\n * Define custom security schemes for this factory.\n * These extend the built-in schemes (jwt, bearer, apiKey, oauth2, oidc).\n *\n * @example\n * ```typescript\n * const router = e.securitySchemes({\n * awsIamSigV4: {\n * type: 'apiKey',\n * in: 'header',\n * name: 'Authorization',\n * 'x-amazon-apigateway-authtype': 'awsSigv4',\n * },\n * });\n * ```\n */\n securitySchemes<T extends Record<string, SecurityScheme>>(\n schemes: T,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes & T\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes & T\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: {\n ...this.customSecuritySchemes,\n ...schemes,\n } as TSecuritySchemes & T,\n });\n }\n\n /**\n * Set the default authorizer for all endpoints created from this factory.\n * Individual endpoints can override this by calling `.authorizer()` on the builder.\n * Use `'none'` to explicitly disable authorization for all endpoints.\n *\n * Accepts:\n * - Built-in security scheme names: 'jwt', 'bearer', 'apiKey', 'oauth2', 'oidc'\n * - Custom security scheme names defined via `.securitySchemes()`\n * - 'none' to disable authorization\n */\n authorizer(\n name:\n | BuiltInSecuritySchemeId\n | keyof TSecuritySchemes\n | TAuthorizers[number]\n | 'none',\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n // Validate that the authorizer exists in available authorizers (if authorizers() was called)\n if (name !== 'none' && this.availableAuthorizers.length > 0) {\n const authorizerExists = this.availableAuthorizers.some(\n (a) => a.name === name,\n );\n if (!authorizerExists) {\n const available = this.availableAuthorizers\n .map((a) => a.name)\n .join(', ');\n throw new Error(\n `Authorizer \"${name as string}\" not found in available authorizers: ${available}`,\n );\n }\n }\n\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName:\n name === 'none' ? undefined : (name as TAuthorizers[number]),\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n // Create a sub-router with a path prefix\n route<TPath extends string>(\n path: TPath,\n ): EndpointFactory<\n TServices,\n JoinPaths<TBasePath, TPath>,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n const newBasePath = EndpointFactory.joinPaths(path, this.basePath);\n return new EndpointFactory<\n TServices,\n JoinPaths<TBasePath, TPath>,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: newBasePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n // Create a new factory with authorization\n authorize(\n fn: AuthorizeFn<TServices, TLogger, TSession>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: fn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n // Create a new factory with services\n services<S extends Service[]>(\n services: S,\n ): EndpointFactory<\n [...S, ...TServices],\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n [...S, ...TServices],\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: [...services, ...this.defaultServices],\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n logger<L extends Logger>(\n logger: L,\n ): EndpointFactory<\n TServices,\n TBasePath,\n L,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n L,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn as unknown as AuthorizeFn<\n TServices,\n L,\n TSession\n >,\n defaultLogger: logger,\n defaultSessionExtractor: this\n .defaultSessionExtractor as unknown as SessionFn<\n TServices,\n L,\n TSession\n >,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this\n .defaultActorExtractor as unknown as ActorExtractor<\n TServices,\n TSession,\n L\n >,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n publisher<\n T extends EventPublisher<any>,\n TServiceName extends string = string,\n >(\n publisher: Service<TServiceName, T>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n T,\n TServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n T,\n TServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: publisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n session<T>(\n session: SessionFn<TServices, TLogger, T, TDatabase>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n T,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n T,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn as unknown as AuthorizeFn<\n TServices,\n TLogger,\n T\n >,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: session,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this\n .defaultActorExtractor as unknown as ActorExtractor<\n TServices,\n T,\n TLogger\n >,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n /**\n * Set the database service for endpoints created from this factory.\n * The database will be available in handler context as `db`.\n */\n database<T, TName extends string>(\n service: Service<TName, T>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n T,\n TName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n T,\n TName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n // Reset session extractor when database changes - user should call .session() after .database()\n // to get proper type inference for the new database type\n defaultSessionExtractor: this.defaultSessionExtractor as unknown as\n | SessionFn<TServices, TLogger, TSession, T>\n | undefined,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: service,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n /**\n * Set the auditor storage service for endpoints created from this factory.\n * This enables audit functionality and makes `auditor` available in handler context.\n * The audit action type is automatically inferred from the storage's generic parameter.\n */\n auditor<T extends AuditStorage<any>, TName extends string>(\n storage: Service<TName, T>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n T,\n TName,\n ExtractStorageAuditAction<T>,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n T,\n TName,\n ExtractStorageAuditAction<T>,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: storage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this\n .defaultActorExtractor as unknown as ActorExtractor<\n TServices,\n TSession,\n TLogger\n >,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n /**\n * Set the actor extractor function for endpoints created from this factory.\n * The actor is extracted from the request context and attached to all audits.\n */\n actor(\n extractor: ActorExtractor<TServices, TSession, TLogger>,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TRlsConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: extractor,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: this.defaultRlsConfig,\n });\n }\n\n /**\n * Set the RLS (Row-Level Security) configuration for endpoints created from this factory.\n * This enables automatic PostgreSQL session variable setting for RLS policies.\n *\n * @example\n * ```typescript\n * const api = new EndpointFactory()\n * .database(databaseService)\n * .session(extractSession)\n * .rls({\n * extractor: ({ session }) => ({\n * user_id: session.userId,\n * tenant_id: session.tenantId,\n * }),\n * prefix: 'app',\n * });\n * ```\n */\n rls<TConfig extends RlsConfig<TServices, TSession, TLogger>>(\n config: TConfig,\n ): EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TConfig\n > {\n return new EndpointFactory<\n TServices,\n TBasePath,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName,\n TSecuritySchemes,\n TConfig\n >({\n defaultServices: this.defaultServices,\n basePath: this.basePath,\n defaultAuthorizeFn: this.defaultAuthorizeFn,\n defaultLogger: this.defaultLogger,\n defaultSessionExtractor: this.defaultSessionExtractor,\n defaultEventPublisher: this.defaultEventPublisher,\n availableAuthorizers: this.availableAuthorizers,\n defaultAuthorizerName: this.defaultAuthorizerName,\n defaultAuditorStorage: this.defaultAuditorStorage,\n defaultDatabaseService: this.defaultDatabaseService,\n defaultActorExtractor: this.defaultActorExtractor,\n customSecuritySchemes: this.customSecuritySchemes,\n defaultRlsConfig: config,\n });\n }\n\n private createBuilder<TMethod extends HttpMethod, TPath extends string>(\n method: TMethod,\n path: TPath,\n ): EndpointBuilder<\n JoinPaths<TBasePath, TPath>,\n TMethod,\n {},\n TServices,\n TLogger,\n undefined,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n > {\n const fullPath = EndpointFactory.joinPaths(path, this.basePath);\n const builder = new EndpointBuilder<\n JoinPaths<TBasePath, TPath>,\n TMethod,\n {},\n TServices,\n TLogger,\n undefined,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuthorizers,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >(fullPath, method);\n\n if (this.defaultAuthorizeFn) {\n // @ts-ignore\n builder._authorize = this.defaultAuthorizeFn;\n }\n if (this.defaultServices.length) {\n // Create a copy to avoid sharing references between builders\n builder._services = [...this.defaultServices] as TServices;\n }\n\n if (this.defaultLogger) {\n builder._logger = this.defaultLogger as TLogger;\n }\n\n if (this.defaultSessionExtractor) {\n builder._getSession = this.defaultSessionExtractor as SessionFn<\n TServices,\n TLogger,\n TSession\n >;\n }\n\n if (this.defaultEventPublisher) {\n builder._setPublisher(this.defaultEventPublisher);\n }\n\n // Set available authorizers and default\n builder._availableAuthorizers = this.availableAuthorizers;\n if (this.defaultAuthorizerName) {\n builder._authorizerName = this.defaultAuthorizerName;\n }\n\n // Set auditor storage if configured\n if (this.defaultAuditorStorage) {\n builder._setAuditorStorage(this.defaultAuditorStorage as any);\n }\n\n // Set database service if configured\n if (this.defaultDatabaseService) {\n builder._setDatabaseService(this.defaultDatabaseService as any);\n }\n\n // Set actor extractor if configured\n if (this.defaultActorExtractor) {\n builder._actorExtractor = this.defaultActorExtractor;\n }\n\n // Set custom security schemes\n builder._customSecuritySchemes = this.customSecuritySchemes;\n\n // Set RLS config if configured\n if (this.defaultRlsConfig) {\n builder._rlsConfig = this.defaultRlsConfig as any;\n }\n\n return builder;\n }\n\n post<TPath extends string>(path: TPath) {\n return this.createBuilder('POST', path);\n }\n\n get<TPath extends string>(path: TPath) {\n return this.createBuilder('GET', path);\n }\n\n put<TPath extends string>(path: TPath) {\n return this.createBuilder('PUT', path);\n }\n\n delete<TPath extends string>(path: TPath) {\n return this.createBuilder('DELETE', path);\n }\n\n patch<TPath extends string>(path: TPath) {\n return this.createBuilder('PATCH', path);\n }\n\n options<TPath extends string>(path: TPath) {\n return this.createBuilder('OPTIONS', path);\n }\n}\n\nexport type RemoveTrailingSlash<T extends string> = T extends `${infer Rest}/`\n ? Rest extends ''\n ? T // Keep \"/\" as is\n : Rest\n : T;\n\nexport type JoinPaths<\n TBasePath extends string,\n TPath extends string,\n> = RemoveTrailingSlash<\n TBasePath extends ''\n ? TPath\n : TPath extends ''\n ? TBasePath\n : TBasePath extends '/'\n ? TPath extends `/${string}`\n ? TPath\n : `/${TPath}`\n : TBasePath extends `${infer Base}/`\n ? TPath extends `/${infer Rest}`\n ? `${Base}/${Rest}`\n : `${Base}/${TPath}`\n : TPath extends `/${infer Rest}`\n ? `${TBasePath}/${Rest}`\n : `${TBasePath}/${TPath}`\n>;\n\nexport interface EndpointFactoryOptions<\n TServices extends Service[] = [],\n TBasePath extends string = '',\n TLogger extends Logger = Logger,\n TSession = unknown,\n TEventPublisher extends EventPublisher<any> | undefined = undefined,\n TEventPublisherServiceName extends string = string,\n TAuthorizers extends readonly string[] = readonly string[],\n TAuditStorage extends AuditStorage | undefined = undefined,\n TAuditStorageServiceName extends string = string,\n TDatabase = undefined,\n TDatabaseServiceName extends string = string,\n TSecuritySchemes extends Record<string, SecurityScheme> = Record<\n string,\n SecurityScheme\n >,\n TRlsConfig extends\n | RlsConfig<TServices, TSession, TLogger>\n | undefined = undefined,\n> {\n defaultServices?: TServices;\n basePath?: TBasePath;\n defaultAuthorizeFn?: AuthorizeFn<TServices, TLogger, TSession>;\n defaultLogger?: TLogger;\n defaultSessionExtractor?: SessionFn<TServices, TLogger, TSession, TDatabase>;\n defaultEventPublisher?: Service<TEventPublisherServiceName, TEventPublisher>;\n defaultEvents?: MappedEvent<TEventPublisher, undefined>[];\n availableAuthorizers?: Authorizer[];\n defaultAuthorizerName?: TAuthorizers[number];\n defaultAuditorStorage?: Service<TAuditStorageServiceName, TAuditStorage>;\n defaultDatabaseService?: Service<TDatabaseServiceName, TDatabase>;\n defaultActorExtractor?: ActorExtractor<TServices, TSession, TLogger>;\n customSecuritySchemes?: TSecuritySchemes;\n defaultRlsConfig?: TRlsConfig;\n}\n\nexport const e = new EndpointFactory();\n"],"mappings":";;;;;AAqBA,MAAMA,mBAAiB,IAAI;AAE3B,IAAa,kBAAb,MAAa,gBAuBX;CAEA,AAAQ;CACR,AAAQ,WAAsB;CAC9B,AAAQ;CACR,AAAQ;CAGR,AAAQ;CAMR,AAAQ,gBAAyBA;CACjC,AAAQ,uBAAqC,CAAE;CAC/C,AAAQ;CACR,AAAQ;CAGR,AAAQ;CAGR,AAAQ;CACR,AAAQ,wBAA0C,CAAE;CACpD,AAAQ;CAER,YAAY,EACV,UACA,oBACA,eACA,yBAEA,kBAAkB,CAAE,GACpB,uBACA,uBAAuB,CAAE,GACzB,uBACA,uBACA,wBACA,uBACA,wBAAwB,CAAE,GAC1B,kBAeD,GAAG,CAAE,GAAE;AAEN,OAAK,kBAAkB,OACrB,iBACA,CAAC,MAAM,EAAE,YACV;AAED,OAAK,WAAW,YAAa;AAC7B,OAAK,qBAAqB;AAC1B,OAAK,gBAAgB,iBAAkBA;AACvC,OAAK,0BAA0B;AAC/B,OAAK,wBAAwB;AAC7B,OAAK,uBAAuB;AAC5B,OAAK,wBAAwB;AAC7B,OAAK,wBAAwB;AAC7B,OAAK,yBAAyB;AAC9B,OAAK,wBAAwB;AAC7B,OAAK,wBAAwB;AAC7B,OAAK,mBAAmB;CACzB;CAED,OAAO,UACLC,MACAC,WAAsB,IACG;AAEzB,OAAK,aAAa,KAAM,QAAO;AAC/B,OAAK,SACH,QAAQ,KAAK,WAAW,IAAI,GAAG,OAAO,MAAM;AAI9C,OAAK,KACH,QACE,SAAS,WAAW,IAAI,GAAG,WAAW,MAAM;EAGhD,MAAM,OAAO,SAAS,SAAS,IAAI,GAAG,SAAS,MAAM,GAAG,GAAG,GAAG;EAC9D,MAAM,UAAU,KAAK,WAAW,IAAI,GAAG,OAAO,MAAM;EAEpD,IAAI,SAAS,OAAO;AAGpB,OAAK,OAAO,WAAW,IAAI,CACzB,UAAS,MAAM;AAIjB,WAAS,OAAO,QAAQ,SAAS,IAAI;AAGrC,MAAI,OAAO,SAAS,KAAK,OAAO,SAAS,IAAI,CAC3C,UAAS,OAAO,MAAM,GAAG,GAAG;AAG9B,SAAO;CACR;CAGD,YACEC,aAeA;EACA,MAAM,oBAAoB,YAAY,IAAI,CAAC,UAAU,EACnD,KACD,GAAE;AACH,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB;GACtB,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;;;;;;;;;;;;;;;;;CAkBD,gBACEC,SAeA;AACA,SAAO,IAAI,gBAcT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB;IACrB,GAAG,KAAK;IACR,GAAG;GACJ;EACF;CACF;;;;;;;;;;;CAYD,WACEC,MAmBA;AAEA,MAAI,SAAS,UAAU,KAAK,qBAAqB,SAAS,GAAG;GAC3D,MAAM,mBAAmB,KAAK,qBAAqB,KACjD,CAAC,MAAM,EAAE,SAAS,KACnB;AACD,QAAK,kBAAkB;IACrB,MAAM,YAAY,KAAK,qBACpB,IAAI,CAAC,MAAM,EAAE,KAAK,CAClB,KAAK,KAAK;AACb,UAAM,IAAI,OACP,cAAc,KAAe,wCAAwC,UAAU;GAEnF;EACF;AAED,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBACE,SAAS,kBAAsB;GACjC,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;CAGD,MACEC,MAeA;EACA,MAAM,cAAc,gBAAgB,UAAU,MAAM,KAAK,SAAS;AAClE,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU;GACV,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;CAGD,UACEC,IAeA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB;GACpB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;CAGD,SACEC,UAeA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,CAAC,GAAG,UAAU,GAAG,KAAK,eAAgB;GACvD,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;CAED,OACEC,QAeA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GAKzB,eAAe;GACf,yBAAyB,KACtB;GAKH,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KACpB;GAKH,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;CAED,UAIEC,WAeA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB;GACvB,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;CAED,QACEC,SAeA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GAKzB,eAAe,KAAK;GACpB,yBAAyB;GACzB,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KACpB;GAKH,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;;;;;CAMD,SACEC,SAeA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GAGpB,yBAAyB,KAAK;GAG9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB;GACxB,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;;;;;;CAOD,QACEC,SAeA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB;GACvB,wBAAwB,KAAK;GAC7B,uBAAuB,KACpB;GAKH,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;;;;;CAMD,MACEC,WAeA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB;GACvB,uBAAuB,KAAK;GAC5B,kBAAkB,KAAK;EACxB;CACF;;;;;;;;;;;;;;;;;;;CAoBD,IACEC,QAgBA;AACA,SAAO,IAAI,gBAeT;GACA,iBAAiB,KAAK;GACtB,UAAU,KAAK;GACf,oBAAoB,KAAK;GACzB,eAAe,KAAK;GACpB,yBAAyB,KAAK;GAC9B,uBAAuB,KAAK;GAC5B,sBAAsB,KAAK;GAC3B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,wBAAwB,KAAK;GAC7B,uBAAuB,KAAK;GAC5B,uBAAuB,KAAK;GAC5B,kBAAkB;EACnB;CACF;CAED,AAAQ,cACNC,QACAV,MAiBA;EACA,MAAM,WAAW,gBAAgB,UAAU,MAAM,KAAK,SAAS;EAC/D,MAAM,UAAU,IAAI,gBAgBlB,UAAU;AAEZ,MAAI,KAAK,mBAEP,SAAQ,aAAa,KAAK;AAE5B,MAAI,KAAK,gBAAgB,OAEvB,SAAQ,YAAY,CAAC,GAAG,KAAK,eAAgB;AAG/C,MAAI,KAAK,cACP,SAAQ,UAAU,KAAK;AAGzB,MAAI,KAAK,wBACP,SAAQ,cAAc,KAAK;AAO7B,MAAI,KAAK,sBACP,SAAQ,cAAc,KAAK,sBAAsB;AAInD,UAAQ,wBAAwB,KAAK;AACrC,MAAI,KAAK,sBACP,SAAQ,kBAAkB,KAAK;AAIjC,MAAI,KAAK,sBACP,SAAQ,mBAAmB,KAAK,sBAA6B;AAI/D,MAAI,KAAK,uBACP,SAAQ,oBAAoB,KAAK,uBAA8B;AAIjE,MAAI,KAAK,sBACP,SAAQ,kBAAkB,KAAK;AAIjC,UAAQ,yBAAyB,KAAK;AAGtC,MAAI,KAAK,iBACP,SAAQ,aAAa,KAAK;AAG5B,SAAO;CACR;CAED,KAA2BA,MAAa;AACtC,SAAO,KAAK,cAAc,QAAQ,KAAK;CACxC;CAED,IAA0BA,MAAa;AACrC,SAAO,KAAK,cAAc,OAAO,KAAK;CACvC;CAED,IAA0BA,MAAa;AACrC,SAAO,KAAK,cAAc,OAAO,KAAK;CACvC;CAED,OAA6BA,MAAa;AACxC,SAAO,KAAK,cAAc,UAAU,KAAK;CAC1C;CAED,MAA4BA,MAAa;AACvC,SAAO,KAAK,cAAc,SAAS,KAAK;CACzC;CAED,QAA8BA,MAAa;AACzC,SAAO,KAAK,cAAc,WAAW,KAAK;CAC3C;AACF;AAiED,MAAa,IAAI,IAAI"}
package/dist/{Function-CD3rXWfa.d.mts → Function-Vh1t-Qjj.d.mts} RENAMED
@@ -1,4 +1,4 @@
1
- import { Construct, ConstructType } from "./Construct-DDR0295I.mjs";
1
+ import { Construct, ConstructType } from "./Construct-jBKqb-Zi.mjs";
2
2
  import { Service, ServiceRecord } from "@geekmidas/services";
3
3
  import { AuditStorage, AuditableAction, Auditor } from "@geekmidas/audit";
4
4
  import { EventPublisher, MappedEvent } from "@geekmidas/events";
@@ -73,4 +73,4 @@ type FunctionContext<Input extends ComposableStandardSchema | undefined = undefi
73
73
  } & DatabaseContext<TDatabase> & AuditorContext<TAuditAction, TAuditStorage>;
74
74
  //#endregion
75
75
  export { Function, FunctionContext, FunctionFactory, FunctionHandler };
76
- //# sourceMappingURL=Function-CD3rXWfa.d.mts.map
76
+ //# sourceMappingURL=Function-Vh1t-Qjj.d.mts.map
package/dist/{FunctionBuilder-j2VkwuGf.d.mts → FunctionBuilder-3jsoFffg.d.mts} RENAMED
@@ -1,6 +1,6 @@
1
- import { ConstructType } from "./Construct-DDR0295I.mjs";
2
- import { Function, FunctionHandler } from "./Function-CD3rXWfa.mjs";
3
- import { BaseFunctionBuilder } from "./BaseFunctionBuilder-Ct6zY6Jq.mjs";
1
+ import { ConstructType } from "./Construct-jBKqb-Zi.mjs";
2
+ import { Function, FunctionHandler } from "./Function-Vh1t-Qjj.mjs";
3
+ import { BaseFunctionBuilder } from "./BaseFunctionBuilder-CoV7J45W.mjs";
4
4
  import { Service } from "@geekmidas/services";
5
5
  import { AuditStorage, AuditableAction } from "@geekmidas/audit";
6
6
  import { EventPublisher } from "@geekmidas/events";
@@ -35,4 +35,4 @@ declare class FunctionBuilder<TInput extends ComposableStandardSchema, OutSchema
35
35
  }
36
36
  //#endregion
37
37
  export { FunctionBuilder };
38
- //# sourceMappingURL=FunctionBuilder-j2VkwuGf.d.mts.map
38
+ //# sourceMappingURL=FunctionBuilder-3jsoFffg.d.mts.map
package/dist/{FunctionExecutionWrapper-B0WP-Vec.d.mts → FunctionExecutionWrapper-CI3CaoCo.d.mts} RENAMED
@@ -1,4 +1,4 @@
1
- import { Function, FunctionHandler } from "./Function-CD3rXWfa.mjs";
1
+ import { Function, FunctionHandler } from "./Function-Vh1t-Qjj.mjs";
2
2
  import { Service, ServiceDiscovery, ServiceRecord } from "@geekmidas/services";
3
3
  import { AuditStorage, AuditableAction, Auditor } from "@geekmidas/audit";
4
4
  import { EnvironmentParser } from "@geekmidas/envkit";
@@ -45,4 +45,4 @@ declare abstract class FunctionExecutionWrapper<TInput extends ComposableStandar
45
45
  }
46
46
  //#endregion
47
47
  export { FunctionExecutionWrapper };
48
- //# sourceMappingURL=FunctionExecutionWrapper-B0WP-Vec.d.mts.map
48
+ //# sourceMappingURL=FunctionExecutionWrapper-CI3CaoCo.d.mts.map
package/dist/{HonoEndpointAdaptor-CLOpobdq.d.cts → HonoEndpointAdaptor-BJh4J-J9.d.cts} RENAMED
@@ -1,12 +1,12 @@
1
1
  import { HttpMethod } from "./types-Bp9ysFXd.cjs";
2
- import { Endpoint, EndpointSchemas } from "./Endpoint-D2Imgihs.cjs";
2
+ import { Endpoint, EndpointSchemas } from "./Endpoint-CC2RGjkl.cjs";
3
3
  import { AuditStorage, AuditableAction } from "@geekmidas/audit";
4
4
  import { EventPublisher } from "@geekmidas/events";
5
5
  import { Logger } from "@geekmidas/logger";
6
6
  import { Service, ServiceDiscovery, ServiceRecord } from "@geekmidas/services";
7
7
  import { StandardSchemaV1 } from "@standard-schema/spec";
8
8
  import { EnvironmentParser } from "@geekmidas/envkit";
9
- import * as hono_types5 from "hono/types";
9
+ import * as hono_types0 from "hono/types";
10
10
  import { Context, Hono } from "hono";
11
11
 
12
12
  //#region src/endpoints/HonoEndpointAdaptor.d.ts
@@ -33,11 +33,11 @@ declare class HonoEndpoint<TRoute extends string, TMethod extends HttpMethod, TI
33
33
  static validate<T extends StandardSchemaV1>(c: Context<any, string, {}>, data: unknown, schema?: T): Promise<any>;
34
34
  addRoute(serviceDiscovery: ServiceDiscovery<ServiceRecord<TServices>, TLogger>, app: Hono): void;
35
35
  static applyEventMiddleware(app: Hono, serviceDiscovery: ServiceDiscovery<any, any>): void;
36
- static fromRoutes<TLogger extends Logger, TServices extends Service[]>(routes: string[], envParser: EnvironmentParser<{}>, app: Hono<hono_types5.BlankEnv, hono_types5.BlankSchema, "/">, logger: TLogger, cwd?: string, options?: HonoEndpointOptions): Promise<Hono>;
36
+ static fromRoutes<TLogger extends Logger, TServices extends Service[]>(routes: string[], envParser: EnvironmentParser<{}>, app: Hono<hono_types0.BlankEnv, hono_types0.BlankSchema, "/">, logger: TLogger, cwd?: string, options?: HonoEndpointOptions): Promise<Hono>;
37
37
  static addRoutes<TServices extends Service[] = [], TLogger extends Logger = Logger>(endpoints: Endpoint<string, HttpMethod, any, any, TServices, TLogger>[], serviceDiscovery: ServiceDiscovery<ServiceRecord<TServices>, TLogger>, app: Hono, options?: HonoEndpointOptions): void;
38
38
  static addRoute<TRoute extends string, TMethod extends HttpMethod, TInput extends EndpointSchemas = {}, TOutSchema extends StandardSchemaV1 | undefined = undefined, TServices extends Service[] = [], TLogger extends Logger = Logger, TSession = unknown, TEventPublisher extends EventPublisher<any> | undefined = undefined, TEventPublisherServiceName extends string = string, TAuditStorage extends AuditStorage | undefined = undefined, TAuditStorageServiceName extends string = string, TAuditAction extends AuditableAction<string, unknown> = AuditableAction<string, unknown>, TDatabase = undefined, TDatabaseServiceName extends string = string>(endpoint: Endpoint<TRoute, TMethod, TInput, TOutSchema, TServices, TLogger, TSession, TEventPublisher, TEventPublisherServiceName, TAuditStorage, TAuditStorageServiceName, TAuditAction, TDatabase, TDatabaseServiceName>, serviceDiscovery: ServiceDiscovery<ServiceRecord<TServices>, TLogger>, app: Hono): void;
39
39
  static addDocsRoute<TServices extends Service[] = [], TLogger extends Logger = Logger>(endpoints: Endpoint<string, HttpMethod, any, any, TServices, TLogger>[], app: Hono, docsPath: string, openApiOptions?: HonoEndpointOptions['openApiOptions']): void;
40
40
  }
41
41
  //#endregion
42
42
  export { HonoEndpoint, HonoEndpointOptions };
43
- //# sourceMappingURL=HonoEndpointAdaptor-CLOpobdq.d.cts.map
43
+ //# sourceMappingURL=HonoEndpointAdaptor-BJh4J-J9.d.cts.map
package/dist/{HonoEndpointAdaptor-Bg_vTyA5.mjs → HonoEndpointAdaptor-CcvXzoYV.mjs} RENAMED
@@ -1,8 +1,9 @@
1
1
  import { publishConstructEvents } from "./publisher-Bw4770Hi.mjs";
2
- import { Endpoint, ResponseBuilder } from "./Endpoint-DbPsw13b.mjs";
3
- import { createAuditContext, executeWithAuditTransaction } from "./processAudits-DfcB-X-4.mjs";
4
- import { getEndpointsFromRoutes } from "./helpers-CrrdyA04.mjs";
2
+ import { Endpoint, ResponseBuilder } from "./Endpoint-B70_KKhu.mjs";
3
+ import { createAuditContext, executeWithAuditTransaction } from "./processAudits-Dj8UGqcW.mjs";
4
+ import { getEndpointsFromRoutes } from "./helpers-C3B2lVrM.mjs";
5
5
  import { parseHonoQuery } from "./parseHonoQuery-CwFKw2ua.mjs";
6
+ import { withRlsContext } from "@geekmidas/db/rls";
6
7
  import { wrapError } from "@geekmidas/errors";
7
8
  import { ServiceDiscovery } from "@geekmidas/services";
8
9
  import { checkRateLimit, getRateLimitHeaders } from "@geekmidas/rate-limit";
@@ -122,34 +123,46 @@ var HonoEndpoint = class HonoEndpoint {
122
123
  });
123
124
  const audits = endpoint.audits;
124
125
  if (!auditContext && audits?.length) logger$1.warn("No auditor storage service available");
126
+ const rlsActive = endpoint.rlsConfig && !endpoint.rlsBypass && rawDb !== void 0;
127
+ const rlsContext = rlsActive ? await endpoint.rlsConfig.extractor({
128
+ services,
129
+ session,
130
+ header,
131
+ cookie,
132
+ logger: logger$1
133
+ }) : void 0;
125
134
  const result = await executeWithAuditTransaction(auditContext, async (auditor) => {
126
135
  const sameDatabase = auditContext?.storage?.databaseServiceName && auditContext.storage.databaseServiceName === endpoint.databaseService?.serviceName;
127
- const db = sameDatabase ? auditor?.getTransaction?.() ?? rawDb : rawDb;
128
- const responseBuilder = new ResponseBuilder();
129
- const response = await endpoint.handler({
130
- services,
131
- logger: logger$1,
132
- body: c.req.valid("json"),
133
- query: c.req.valid("query"),
134
- params: c.req.valid("param"),
135
- session,
136
- header,
137
- cookie,
138
- auditor,
139
- db
140
- }, responseBuilder);
141
- let data = response;
142
- let metadata$1 = responseBuilder.getMetadata();
143
- if (Endpoint.hasMetadata(response)) {
144
- data = response.data;
145
- metadata$1 = response.metadata;
146
- }
147
- const output$1 = endpoint.outputSchema ? await endpoint.parseOutput(data) : void 0;
148
- return {
149
- output: output$1,
150
- metadata: metadata$1,
151
- responseBuilder
136
+ const baseDb = sameDatabase ? auditor?.getTransaction?.() ?? rawDb : rawDb;
137
+ const executeHandler = async (db) => {
138
+ const responseBuilder = new ResponseBuilder();
139
+ const response = await endpoint.handler({
140
+ services,
141
+ logger: logger$1,
142
+ body: c.req.valid("json"),
143
+ query: c.req.valid("query"),
144
+ params: c.req.valid("param"),
145
+ session,
146
+ header,
147
+ cookie,
148
+ auditor,
149
+ db
150
+ }, responseBuilder);
151
+ let data = response;
152
+ let metadata$1 = responseBuilder.getMetadata();
153
+ if (Endpoint.hasMetadata(response)) {
154
+ data = response.data;
155
+ metadata$1 = response.metadata;
156
+ }
157
+ const output$1 = endpoint.outputSchema ? await endpoint.parseOutput(data) : void 0;
158
+ return {
159
+ output: output$1,
160
+ metadata: metadata$1,
161
+ responseBuilder
162
+ };
152
163
  };
164
+ if (rlsActive && rlsContext && baseDb) return withRlsContext(baseDb, rlsContext, async (trx) => executeHandler(trx), { prefix: endpoint.rlsConfig.prefix });
165
+ return executeHandler(baseDb);
153
166
  }, async (result$1, auditor) => {
154
167
  if (!audits?.length) return;
155
168
  for (const audit of audits) {
@@ -161,7 +174,7 @@ var HonoEndpoint = class HonoEndpoint {
161
174
  entityId
162
175
  });
163
176
  }
164
- });
177
+ }, { db: rawDb });
165
178
  const { output, metadata } = result;
166
179
  try {
167
180
  let status = endpoint.status;
@@ -213,4 +226,4 @@ var HonoEndpoint = class HonoEndpoint {
213
226
 
214
227
  //#endregion
215
228
  export { HonoEndpoint };
216
- //# sourceMappingURL=HonoEndpointAdaptor-Bg_vTyA5.mjs.map
229
+ //# sourceMappingURL=HonoEndpointAdaptor-CcvXzoYV.mjs.map
package/dist/HonoEndpointAdaptor-CcvXzoYV.mjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"HonoEndpointAdaptor-CcvXzoYV.mjs","names":["endpoint: Endpoint<\n TRoute,\n TMethod,\n TInput,\n TOutSchema,\n TServices,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >","c: Context<any, string, {}>","data: unknown","schema?: T","serviceDiscovery: ServiceDiscovery<ServiceRecord<TServices>, TLogger>","app: Hono","serviceDiscovery: ServiceDiscovery<any, any>","logger","routes: string[]","envParser: EnvironmentParser<{}>","logger: TLogger","options?: HonoEndpointOptions","endpoints: Endpoint<string, HttpMethod, any, any, TServices, TLogger>[]","db: TDatabase | undefined","metadata","output","result","validationError: any","e: any","docsPath: string","openApiOptions?: HonoEndpointOptions['openApiOptions']"],"sources":["../src/endpoints/HonoEndpointAdaptor.ts"],"sourcesContent":["import type { AuditStorage, AuditableAction } from '@geekmidas/audit';\nimport type { EnvironmentParser } from '@geekmidas/envkit';\nimport type { EventPublisher } from '@geekmidas/events';\nimport type { Logger } from '@geekmidas/logger';\nimport { checkRateLimit, getRateLimitHeaders } from '@geekmidas/rate-limit';\nimport type { StandardSchemaV1 } from '@standard-schema/spec';\nimport { type Context, Hono } from 'hono';\nimport { setCookie } from 'hono/cookie';\nimport { logger as honoLogger } from 'hono/logger';\nimport { timing } from 'hono/timing';\nimport { validator } from 'hono/validator';\nimport type { HttpMethod, LowerHttpMethod } from '../types';\nimport {\n Endpoint,\n type EndpointContext,\n type EndpointSchemas,\n ResponseBuilder,\n} from './Endpoint';\nimport { getEndpointsFromRoutes } from './helpers';\nimport { parseHonoQuery } from './parseHonoQuery';\n\nimport { withRlsContext } from '@geekmidas/db/rls';\nimport { wrapError } from '@geekmidas/errors';\nimport {\n type Service,\n ServiceDiscovery,\n type ServiceRecord,\n} from '@geekmidas/services';\nimport type { ContentfulStatusCode } from 'hono/utils/http-status';\nimport { publishConstructEvents } from '../publisher';\nimport type { MappedAudit } from './audit';\nimport {\n createAuditContext,\n executeWithAuditTransaction,\n} from './processAudits';\n\nexport interface HonoEndpointOptions {\n /**\n * Path where OpenAPI documentation will be served.\n * Set to false to disable docs route.\n * @default '/docs'\n */\n docsPath?: string | false;\n /**\n * OpenAPI schema options\n */\n openApiOptions?: {\n title?: string;\n version?: string;\n description?: string;\n };\n}\n\nexport class HonoEndpoint<\n TRoute extends string,\n TMethod extends HttpMethod,\n TInput extends EndpointSchemas = {},\n TOutSchema extends StandardSchemaV1 | undefined = undefined,\n TServices extends Service[] = [],\n TLogger extends Logger = Logger,\n TSession = unknown,\n TEventPublisher extends EventPublisher<any> | undefined = undefined,\n TEventPublisherServiceName extends string = string,\n TAuditStorage extends AuditStorage | undefined = undefined,\n TAuditStorageServiceName extends string = string,\n TAuditAction extends AuditableAction<string, unknown> = AuditableAction<\n string,\n unknown\n >,\n TDatabase = undefined,\n TDatabaseServiceName extends string = string,\n> {\n constructor(\n private readonly endpoint: Endpoint<\n TRoute,\n TMethod,\n TInput,\n TOutSchema,\n TServices,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >,\n ) {}\n\n static isDev = process.env.NODE_ENV === 'development';\n\n static async validate<T extends StandardSchemaV1>(\n c: Context<any, string, {}>,\n data: unknown,\n schema?: T,\n ) {\n if (!schema) {\n return undefined;\n }\n\n const parsed = await Endpoint.validate(schema, data);\n\n if (parsed.issues) {\n return c.json(parsed.issues, 422);\n }\n\n return parsed.value;\n }\n addRoute(\n serviceDiscovery: ServiceDiscovery<ServiceRecord<TServices>, TLogger>,\n app: Hono,\n ): void {\n HonoEndpoint.addRoute(this.endpoint, serviceDiscovery, app);\n }\n\n static applyEventMiddleware(\n app: Hono,\n serviceDiscovery: ServiceDiscovery<any, any>,\n ) {\n app.use(async (c, next) => {\n await next();\n // @ts-ignore\n const endpoint = c.get('__endpoint') as Endpoint<\n any,\n any,\n any,\n any,\n any,\n any,\n any,\n any\n >;\n // @ts-ignore\n const response = c.get('__response');\n // @ts-ignore\n const logger = c.get('__logger') as Logger;\n\n if (Endpoint.isSuccessStatus(c.res.status) && endpoint) {\n // Process events (audits are handled in the handler with transaction support)\n await publishConstructEvents<any, any>(\n endpoint,\n response,\n serviceDiscovery,\n logger,\n );\n }\n });\n }\n\n static async fromRoutes<TLogger extends Logger, TServices extends Service[]>(\n routes: string[],\n envParser: EnvironmentParser<{}>,\n app = new Hono(),\n logger: TLogger,\n cwd = process.cwd(),\n options?: HonoEndpointOptions,\n ): Promise<Hono> {\n const endpoints = await getEndpointsFromRoutes<TServices>(routes, cwd);\n const serviceDiscovery = ServiceDiscovery.getInstance<\n ServiceRecord<TServices>,\n TLogger\n >(logger, envParser);\n\n HonoEndpoint.addRoutes(endpoints, serviceDiscovery, app, options);\n\n return app;\n }\n\n static addRoutes<\n TServices extends Service[] = [],\n TLogger extends Logger = Logger,\n >(\n endpoints: Endpoint<string, HttpMethod, any, any, TServices, TLogger>[],\n serviceDiscovery: ServiceDiscovery<ServiceRecord<TServices>, TLogger>,\n app: Hono,\n options?: HonoEndpointOptions,\n ): void {\n // Add timing middleware (always enabled)\n app.use('*', timing());\n\n // Add logger middleware in development mode\n\n if (HonoEndpoint.isDev) {\n app.use('*', honoLogger());\n }\n\n // Add docs route if not disabled\n const docsPath =\n options?.docsPath !== false ? options?.docsPath || '/docs' : null;\n if (docsPath) {\n HonoEndpoint.addDocsRoute(\n endpoints,\n app,\n docsPath,\n options?.openApiOptions,\n );\n }\n\n // Sort endpoints to ensure static routes come before dynamic ones\n const sortedEndpoints = endpoints.sort((a, b) => {\n const aSegments = a.route.split('/');\n const bSegments = b.route.split('/');\n\n // Compare each segment\n for (let i = 0; i < Math.max(aSegments.length, bSegments.length); i++) {\n const aSegment = aSegments[i] || '';\n const bSegment = bSegments[i] || '';\n\n // If one is dynamic and the other is not, static comes first\n const aIsDynamic = aSegment.startsWith(':');\n const bIsDynamic = bSegment.startsWith(':');\n\n if (!aIsDynamic && bIsDynamic) return -1;\n if (aIsDynamic && !bIsDynamic) return 1;\n\n // If both are the same type, compare alphabetically\n if (aSegment !== bSegment) {\n return aSegment.localeCompare(bSegment);\n }\n }\n\n return 0;\n });\n HonoEndpoint.applyEventMiddleware(app, serviceDiscovery);\n for (const endpoint of sortedEndpoints) {\n HonoEndpoint.addRoute(endpoint, serviceDiscovery, app);\n }\n }\n\n static addRoute<\n TRoute extends string,\n TMethod extends HttpMethod,\n TInput extends EndpointSchemas = {},\n TOutSchema extends StandardSchemaV1 | undefined = undefined,\n TServices extends Service[] = [],\n TLogger extends Logger = Logger,\n TSession = unknown,\n TEventPublisher extends EventPublisher<any> | undefined = undefined,\n TEventPublisherServiceName extends string = string,\n TAuditStorage extends AuditStorage | undefined = undefined,\n TAuditStorageServiceName extends string = string,\n TAuditAction extends AuditableAction<string, unknown> = AuditableAction<\n string,\n unknown\n >,\n TDatabase = undefined,\n TDatabaseServiceName extends string = string,\n >(\n endpoint: Endpoint<\n TRoute,\n TMethod,\n TInput,\n TOutSchema,\n TServices,\n TLogger,\n TSession,\n TEventPublisher,\n TEventPublisherServiceName,\n TAuditStorage,\n TAuditStorageServiceName,\n TAuditAction,\n TDatabase,\n TDatabaseServiceName\n >,\n serviceDiscovery: ServiceDiscovery<ServiceRecord<TServices>, TLogger>,\n app: Hono,\n ): void {\n const { route } = endpoint;\n const method = endpoint.method.toLowerCase() as LowerHttpMethod<TMethod>;\n\n app[method](\n route,\n validator('json', (value, c) =>\n HonoEndpoint.validate(c, value, endpoint.input?.body),\n ),\n validator('query', (_, c) => {\n const parsedQuery = parseHonoQuery(c);\n return HonoEndpoint.validate(c, parsedQuery, endpoint.input?.query);\n }),\n validator('param', (params, c) =>\n HonoEndpoint.validate(c, params, endpoint.input?.params),\n ),\n async (c) => {\n const logger = endpoint.logger.child({\n endpoint: endpoint.fullPath,\n route: endpoint.route,\n host: c.header('host'),\n method: endpoint.method,\n path: c.req.path,\n }) as TLogger;\n\n try {\n const headerValues = c.req.header();\n\n const header = Endpoint.createHeaders(headerValues);\n const cookie = Endpoint.createCookies(headerValues.cookie);\n\n const services = await serviceDiscovery.register(endpoint.services);\n\n // Resolve database service early so it's available for session extraction\n const rawDb = endpoint.databaseService\n ? await serviceDiscovery\n .register([endpoint.databaseService])\n .then(\n (s) =>\n s[endpoint.databaseService!.serviceName as keyof typeof s],\n )\n : undefined;\n\n const session = await endpoint.getSession({\n services,\n logger,\n header,\n cookie,\n ...(rawDb !== undefined && { db: rawDb }),\n } as any);\n\n const isAuthorized = await endpoint.authorize({\n header,\n cookie,\n services,\n logger,\n session,\n });\n\n if (!isAuthorized) {\n logger.warn('Unauthorized access attempt');\n return c.json({ error: 'Unauthorized' }, 401);\n }\n\n // Check rate limit if configured\n if (endpoint.rateLimit) {\n const rateLimitInfo = await checkRateLimit(endpoint.rateLimit, {\n header,\n services,\n logger,\n session,\n path: c.req.path,\n method: endpoint.method,\n });\n\n // Set rate limit headers\n const rateLimitHeaders = getRateLimitHeaders(\n rateLimitInfo,\n endpoint.rateLimit,\n );\n for (const [key, value] of Object.entries(rateLimitHeaders)) {\n if (value) {\n c.header(key, value);\n }\n }\n }\n\n // Create audit context if audit storage is configured\n const auditContext = await createAuditContext(\n endpoint,\n serviceDiscovery,\n logger,\n {\n session,\n header,\n cookie,\n services: services as Record<string, unknown>,\n },\n );\n\n // Warn if declarative audits are configured but no audit storage\n const audits = endpoint.audits as MappedAudit<\n TAuditAction,\n TOutSchema\n >[];\n if (!auditContext && audits?.length) {\n logger.warn('No auditor storage service available');\n }\n\n // Extract RLS context if configured and not bypassed\n const rlsActive =\n endpoint.rlsConfig && !endpoint.rlsBypass && rawDb !== undefined;\n const rlsContext = rlsActive\n ? await endpoint.rlsConfig!.extractor({\n services,\n session,\n header,\n cookie,\n logger,\n })\n : undefined;\n\n // Execute handler with automatic audit transaction support\n const result = await executeWithAuditTransaction(\n auditContext,\n async (auditor) => {\n // Use audit transaction as db only if the storage uses the same database service\n const sameDatabase =\n auditContext?.storage?.databaseServiceName &&\n auditContext.storage.databaseServiceName ===\n endpoint.databaseService?.serviceName;\n const baseDb = sameDatabase\n ? (auditor?.getTransaction?.() ?? rawDb)\n : rawDb;\n\n // Helper to execute handler with given db\n const executeHandler = async (db: TDatabase | undefined) => {\n const responseBuilder = new ResponseBuilder();\n const response = await endpoint.handler(\n {\n services,\n logger,\n body: c.req.valid('json'),\n query: c.req.valid('query'),\n params: c.req.valid('param'),\n session,\n header,\n cookie,\n auditor,\n db,\n } as unknown as EndpointContext<\n TInput,\n TServices,\n TLogger,\n TSession,\n TAuditAction,\n TDatabase,\n TAuditStorage\n >,\n responseBuilder,\n );\n\n // Check if response has metadata\n let data = response;\n let metadata = responseBuilder.getMetadata();\n\n if (Endpoint.hasMetadata(response)) {\n data = response.data;\n metadata = response.metadata;\n }\n\n const output = endpoint.outputSchema\n ? await endpoint.parseOutput(data)\n : undefined;\n\n return { output, metadata, responseBuilder };\n };\n\n // If RLS is active, wrap handler with RLS context\n if (rlsActive && rlsContext && baseDb) {\n return withRlsContext(\n baseDb as any,\n rlsContext,\n async (trx) => executeHandler(trx as TDatabase),\n { prefix: endpoint.rlsConfig!.prefix },\n );\n }\n\n return executeHandler(baseDb as TDatabase | undefined);\n },\n // Process declarative audits after handler (inside transaction)\n async (result, auditor) => {\n if (!audits?.length) return;\n\n for (const audit of audits) {\n if (audit.when && !audit.when(result.output as any)) {\n continue;\n }\n const payload = audit.payload(result.output as any);\n const entityId = audit.entityId?.(result.output as any);\n auditor.audit(audit.type as any, payload as any, {\n table: audit.table,\n entityId,\n });\n }\n },\n // Pass rawDb so storage can reuse existing transactions\n { db: rawDb },\n );\n\n const { output, metadata } = result;\n\n try {\n let status = endpoint.status as ContentfulStatusCode;\n\n // Apply response metadata\n if (metadata.status) {\n status = metadata.status as ContentfulStatusCode;\n }\n\n if (metadata.headers) {\n for (const [key, value] of Object.entries(metadata.headers)) {\n c.header(key, value);\n }\n }\n\n if (metadata.cookies) {\n for (const [name, { value, options }] of metadata.cookies) {\n setCookie(c, name, value, options);\n }\n }\n\n // @ts-ignore\n c.set('__response', output);\n // @ts-ignore\n c.set('__endpoint', endpoint);\n // @ts-ignore\n c.set('__logger', logger);\n // @ts-ignore\n c.set('__session', session);\n // @ts-ignore\n c.set('__services', services);\n\n if (HonoEndpoint.isDev) {\n logger.info({ status, body: output }, 'Outgoing response');\n }\n // @ts-ignore\n return c.json(output, status);\n } catch (validationError: any) {\n logger.error(validationError, 'Output validation failed');\n const error = wrapError(\n validationError,\n 422,\n 'Response validation failed',\n );\n if (HonoEndpoint.isDev) {\n logger.info(\n { status: error.statusCode, body: error },\n 'Outgoing response',\n );\n }\n return c.json(error, error.statusCode as ContentfulStatusCode);\n }\n } catch (e: any) {\n logger.error(e, 'Error processing endpoint request');\n const error = wrapError(e, 500, 'Internal Server Error');\n if (HonoEndpoint.isDev) {\n logger.info(\n { status: error.statusCode, body: error },\n 'Outgoing response',\n );\n }\n return c.json(error, error.statusCode as ContentfulStatusCode);\n }\n },\n );\n }\n\n static addDocsRoute<\n TServices extends Service[] = [],\n TLogger extends Logger = Logger,\n >(\n endpoints: Endpoint<string, HttpMethod, any, any, TServices, TLogger>[],\n app: Hono,\n docsPath: string,\n openApiOptions?: HonoEndpointOptions['openApiOptions'],\n ): void {\n app.get(docsPath, async (c) => {\n try {\n const openApiSchema = await Endpoint.buildOpenApiSchema(\n endpoints,\n openApiOptions,\n );\n\n return c.json(openApiSchema);\n } catch (error) {\n console.error('Error generating OpenAPI schema:', error);\n return c.json(\n { error: 'Failed to generate OpenAPI documentation' },\n 500,\n );\n }\n });\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;AAqDA,IAAa,eAAb,MAAa,aAkBX;CACA,YACmBA,UAgBjB;EAhBiB;CAgBf;CAEJ,OAAO,QAAQ,QAAQ,IAAI,aAAa;CAExC,aAAa,SACXC,GACAC,MACAC,QACA;AACA,OAAK,OACH;EAGF,MAAM,SAAS,MAAM,SAAS,SAAS,QAAQ,KAAK;AAEpD,MAAI,OAAO,OACT,QAAO,EAAE,KAAK,OAAO,QAAQ,IAAI;AAGnC,SAAO,OAAO;CACf;CACD,SACEC,kBACAC,KACM;AACN,eAAa,SAAS,KAAK,UAAU,kBAAkB,IAAI;CAC5D;CAED,OAAO,qBACLA,KACAC,kBACA;AACA,MAAI,IAAI,OAAO,GAAG,SAAS;AACzB,SAAM,MAAM;GAEZ,MAAM,WAAW,EAAE,IAAI,aAAa;GAWpC,MAAM,WAAW,EAAE,IAAI,aAAa;GAEpC,MAAMC,WAAS,EAAE,IAAI,WAAW;AAEhC,OAAI,SAAS,gBAAgB,EAAE,IAAI,OAAO,IAAI,SAE5C,OAAM,uBACJ,UACA,UACA,kBACAA,SACD;EAEJ,EAAC;CACH;CAED,aAAa,WACXC,QACAC,WACA,MAAM,IAAI,QACVC,UACA,MAAM,QAAQ,KAAK,EACnBC,SACe;EACf,MAAM,YAAY,MAAM,uBAAkC,QAAQ,IAAI;EACtE,MAAM,mBAAmB,iBAAiB,YAGxCJ,UAAQ,UAAU;AAEpB,eAAa,UAAU,WAAW,kBAAkB,KAAK,QAAQ;AAEjE,SAAO;CACR;CAED,OAAO,UAILK,WACAR,kBACAC,KACAM,SACM;AAEN,MAAI,IAAI,KAAK,QAAQ,CAAC;AAItB,MAAI,aAAa,MACf,KAAI,IAAI,KAAK,QAAY,CAAC;EAI5B,MAAM,WACJ,SAAS,aAAa,QAAQ,SAAS,YAAY,UAAU;AAC/D,MAAI,SACF,cAAa,aACX,WACA,KACA,UACA,SAAS,eACV;EAIH,MAAM,kBAAkB,UAAU,KAAK,CAAC,GAAG,MAAM;GAC/C,MAAM,YAAY,EAAE,MAAM,MAAM,IAAI;GACpC,MAAM,YAAY,EAAE,MAAM,MAAM,IAAI;AAGpC,QAAK,IAAI,IAAI,GAAG,IAAI,KAAK,IAAI,UAAU,QAAQ,UAAU,OAAO,EAAE,KAAK;IACrE,MAAM,WAAW,UAAU,MAAM;IACjC,MAAM,WAAW,UAAU,MAAM;IAGjC,MAAM,aAAa,SAAS,WAAW,IAAI;IAC3C,MAAM,aAAa,SAAS,WAAW,IAAI;AAE3C,SAAK,cAAc,WAAY,QAAO;AACtC,QAAI,eAAe,WAAY,QAAO;AAGtC,QAAI,aAAa,SACf,QAAO,SAAS,cAAc,SAAS;GAE1C;AAED,UAAO;EACR,EAAC;AACF,eAAa,qBAAqB,KAAK,iBAAiB;AACxD,OAAK,MAAM,YAAY,gBACrB,cAAa,SAAS,UAAU,kBAAkB,IAAI;CAEzD;CAED,OAAO,SAmBLX,UAgBAI,kBACAC,KACM;EACN,MAAM,EAAE,OAAO,GAAG;EAClB,MAAM,SAAS,SAAS,OAAO,aAAa;AAE5C,MAAI,QACF,OACA,UAAU,QAAQ,CAAC,OAAO,MACxB,aAAa,SAAS,GAAG,OAAO,SAAS,OAAO,KAAK,CACtD,EACD,UAAU,SAAS,CAAC,GAAG,MAAM;GAC3B,MAAM,cAAc,eAAe,EAAE;AACrC,UAAO,aAAa,SAAS,GAAG,aAAa,SAAS,OAAO,MAAM;EACpE,EAAC,EACF,UAAU,SAAS,CAAC,QAAQ,MAC1B,aAAa,SAAS,GAAG,QAAQ,SAAS,OAAO,OAAO,CACzD,EACD,OAAO,MAAM;GACX,MAAME,WAAS,SAAS,OAAO,MAAM;IACnC,UAAU,SAAS;IACnB,OAAO,SAAS;IAChB,MAAM,EAAE,OAAO,OAAO;IACtB,QAAQ,SAAS;IACjB,MAAM,EAAE,IAAI;GACb,EAAC;AAEF,OAAI;IACF,MAAM,eAAe,EAAE,IAAI,QAAQ;IAEnC,MAAM,SAAS,SAAS,cAAc,aAAa;IACnD,MAAM,SAAS,SAAS,cAAc,aAAa,OAAO;IAE1D,MAAM,WAAW,MAAM,iBAAiB,SAAS,SAAS,SAAS;IAGnE,MAAM,QAAQ,SAAS,kBACnB,MAAM,iBACH,SAAS,CAAC,SAAS,eAAgB,EAAC,CACpC,KACC,CAAC,MACC,EAAE,SAAS,gBAAiB,aAC/B;IAGP,MAAM,UAAU,MAAM,SAAS,WAAW;KACxC;KACA;KACA;KACA;KACA,GAAI,oBAAuB,EAAE,IAAI,MAAO;IACzC,EAAQ;IAET,MAAM,eAAe,MAAM,SAAS,UAAU;KAC5C;KACA;KACA;KACA;KACA;IACD,EAAC;AAEF,SAAK,cAAc;AACjB,cAAO,KAAK,8BAA8B;AAC1C,YAAO,EAAE,KAAK,EAAE,OAAO,eAAgB,GAAE,IAAI;IAC9C;AAGD,QAAI,SAAS,WAAW;KACtB,MAAM,gBAAgB,MAAM,eAAe,SAAS,WAAW;MAC7D;MACA;MACA;MACA;MACA,MAAM,EAAE,IAAI;MACZ,QAAQ,SAAS;KAClB,EAAC;KAGF,MAAM,mBAAmB,oBACvB,eACA,SAAS,UACV;AACD,UAAK,MAAM,CAAC,KAAK,MAAM,IAAI,OAAO,QAAQ,iBAAiB,CACzD,KAAI,MACF,GAAE,OAAO,KAAK,MAAM;IAGzB;IAGD,MAAM,eAAe,MAAM,mBACzB,UACA,kBACAA,UACA;KACE;KACA;KACA;KACU;IACX,EACF;IAGD,MAAM,SAAS,SAAS;AAIxB,SAAK,gBAAgB,QAAQ,OAC3B,UAAO,KAAK,uCAAuC;IAIrD,MAAM,YACJ,SAAS,cAAc,SAAS,aAAa;IAC/C,MAAM,aAAa,YACf,MAAM,SAAS,UAAW,UAAU;KAClC;KACA;KACA;KACA;KACA;IACD,EAAC;IAIN,MAAM,SAAS,MAAM,4BACnB,cACA,OAAO,YAAY;KAEjB,MAAM,eACJ,cAAc,SAAS,uBACvB,aAAa,QAAQ,wBACnB,SAAS,iBAAiB;KAC9B,MAAM,SAAS,eACV,SAAS,kBAAkB,IAAI,QAChC;KAGJ,MAAM,iBAAiB,OAAOM,OAA8B;MAC1D,MAAM,kBAAkB,IAAI;MAC5B,MAAM,WAAW,MAAM,SAAS,QAC9B;OACE;OACA;OACA,MAAM,EAAE,IAAI,MAAM,OAAO;OACzB,OAAO,EAAE,IAAI,MAAM,QAAQ;OAC3B,QAAQ,EAAE,IAAI,MAAM,QAAQ;OAC5B;OACA;OACA;OACA;OACA;MACD,GASD,gBACD;MAGD,IAAI,OAAO;MACX,IAAIC,aAAW,gBAAgB,aAAa;AAE5C,UAAI,SAAS,YAAY,SAAS,EAAE;AAClC,cAAO,SAAS;AAChB,oBAAW,SAAS;MACrB;MAED,MAAMC,WAAS,SAAS,eACpB,MAAM,SAAS,YAAY,KAAK;AAGpC,aAAO;OAAE;OAAQ;OAAU;MAAiB;KAC7C;AAGD,SAAI,aAAa,cAAc,OAC7B,QAAO,eACL,QACA,YACA,OAAO,QAAQ,eAAe,IAAiB,EAC/C,EAAE,QAAQ,SAAS,UAAW,OAAQ,EACvC;AAGH,YAAO,eAAe,OAAgC;IACvD,GAED,OAAOC,UAAQ,YAAY;AACzB,UAAK,QAAQ,OAAQ;AAErB,UAAK,MAAM,SAAS,QAAQ;AAC1B,UAAI,MAAM,SAAS,MAAM,KAAKA,SAAO,OAAc,CACjD;MAEF,MAAM,UAAU,MAAM,QAAQA,SAAO,OAAc;MACnD,MAAM,WAAW,MAAM,WAAWA,SAAO,OAAc;AACvD,cAAQ,MAAM,MAAM,MAAa,SAAgB;OAC/C,OAAO,MAAM;OACb;MACD,EAAC;KACH;IACF,GAED,EAAE,IAAI,MAAO,EACd;IAED,MAAM,EAAE,QAAQ,UAAU,GAAG;AAE7B,QAAI;KACF,IAAI,SAAS,SAAS;AAGtB,SAAI,SAAS,OACX,UAAS,SAAS;AAGpB,SAAI,SAAS,QACX,MAAK,MAAM,CAAC,KAAK,MAAM,IAAI,OAAO,QAAQ,SAAS,QAAQ,CACzD,GAAE,OAAO,KAAK,MAAM;AAIxB,SAAI,SAAS,QACX,MAAK,MAAM,CAAC,MAAM,EAAE,OAAO,SAAS,CAAC,IAAI,SAAS,QAChD,WAAU,GAAG,MAAM,OAAO,QAAQ;AAKtC,OAAE,IAAI,cAAc,OAAO;AAE3B,OAAE,IAAI,cAAc,SAAS;AAE7B,OAAE,IAAI,YAAYT,SAAO;AAEzB,OAAE,IAAI,aAAa,QAAQ;AAE3B,OAAE,IAAI,cAAc,SAAS;AAE7B,SAAI,aAAa,MACf,UAAO,KAAK;MAAE;MAAQ,MAAM;KAAQ,GAAE,oBAAoB;AAG5D,YAAO,EAAE,KAAK,QAAQ,OAAO;IAC9B,SAAQU,iBAAsB;AAC7B,cAAO,MAAM,iBAAiB,2BAA2B;KACzD,MAAM,QAAQ,UACZ,iBACA,KACA,6BACD;AACD,SAAI,aAAa,MACf,UAAO,KACL;MAAE,QAAQ,MAAM;MAAY,MAAM;KAAO,GACzC,oBACD;AAEH,YAAO,EAAE,KAAK,OAAO,MAAM,WAAmC;IAC/D;GACF,SAAQC,GAAQ;AACf,aAAO,MAAM,GAAG,oCAAoC;IACpD,MAAM,QAAQ,UAAU,GAAG,KAAK,wBAAwB;AACxD,QAAI,aAAa,MACf,UAAO,KACL;KAAE,QAAQ,MAAM;KAAY,MAAM;IAAO,GACzC,oBACD;AAEH,WAAO,EAAE,KAAK,OAAO,MAAM,WAAmC;GAC/D;EACF,EACF;CACF;CAED,OAAO,aAILN,WACAP,KACAc,UACAC,gBACM;AACN,MAAI,IAAI,UAAU,OAAO,MAAM;AAC7B,OAAI;IACF,MAAM,gBAAgB,MAAM,SAAS,mBACnC,WACA,eACD;AAED,WAAO,EAAE,KAAK,cAAc;GAC7B,SAAQ,OAAO;AACd,YAAQ,MAAM,oCAAoC,MAAM;AACxD,WAAO,EAAE,KACP,EAAE,OAAO,2CAA4C,GACrD,IACD;GACF;EACF,EAAC;CACH;AACF"}