@mastra/server 1.16.0-alpha.1 → 1.16.0-alpha.3

package/dist/{chunk-IGZADYRV.cjs.map → chunk-MNEANLCY.cjs.map}

@@ -1 +1 @@
-{"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["createPublicRoute","capabilitiesResponseSchema","handleError","currentUserResponseSchema","ssoLoginQuerySchema","HTTPException","ssoCallbackQuerySchema","credentialsSignInBodySchema","credentialsSignUpBodySchema","mastra"],"mappings":";;;;;;;;AAiCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AASO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AACA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,YAAY,MAAA,IAAU,IAAA;AAChE;AAMO,IAAM,8BAA8BA,mCAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,4CAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,SAAS,EAAE,IAAA,EAAM,SAAA,EAAW,WAAA,EAAa,CAAA;AAE5F,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBF,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBG,2CAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOD,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsBF,mCAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBI,qCAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBF,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBM,wCAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoBN,mCAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOE,6BAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCF,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYO,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCL,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYQ,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,MAAMI,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-IGZADYRV.cjs","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n  IUserProvider,\n  ISessionProvider,\n  ISSOProvider,\n  ICredentialsProvider,\n  SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { HTTPException } from '../http-exception';\nimport {\n  capabilitiesResponseSchema,\n  ssoLoginQuerySchema,\n  ssoCallbackQuerySchema,\n  currentUserResponseSchema,\n  credentialsSignInBodySchema,\n  credentialsSignUpBodySchema,\n} from '../schemas/auth';\nimport { createPublicRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (auth: any, request: Request, options?: { rbac?: any; apiPrefix?: string }) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n  if (!_buildCapabilitiesPromise) {\n    _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n      .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n      .catch(() => {\n        console.error(\n          '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n        );\n        return undefined;\n      });\n  }\n  return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n  const serverConfig = mastra.getServer?.();\n  if (!serverConfig?.auth) return null;\n\n  // Auth can be either MastraAuthConfig or MastraAuthProvider\n  // If it has authenticateToken method, it's a provider\n  if (typeof serverConfig.auth.authenticateToken === 'function') {\n    return serverConfig.auth as MastraAuthProvider;\n  }\n\n  return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname.\n * X-Forwarded-Host tells us the real public hostname.\n * Always uses https when behind a proxy — Knative's queue-proxy overwrites\n * X-Forwarded-Proto based on the internal HTTP connection, so it's unreliable.\n */\nexport function getPublicOrigin(request: Request): string {\n  const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n  if (forwardedHost) {\n    return `https://${forwardedHost}`;\n  }\n  return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n  const serverConfig = mastra.getServer?.();\n  return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n  return auth !== null && typeof auth === 'object' && method in auth;\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/capabilities',\n  responseType: 'json',\n  responseSchema: capabilitiesResponseSchema,\n  summary: 'Get auth capabilities',\n  description:\n    'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, request, routePrefix } = ctx as any;\n\n      const auth = getAuthProvider(mastra);\n\n      if (!auth) {\n        return { enabled: false, login: null };\n      }\n\n      const rbac = getRBACProvider(mastra);\n\n      const buildCapabilities = await loadBuildCapabilities();\n      if (!buildCapabilities) {\n        return { enabled: false, login: null };\n      }\n      const capabilities = await buildCapabilities(auth, request, { rbac, apiPrefix: routePrefix });\n\n      return capabilities;\n    } catch (error) {\n      return handleError(error, 'Error getting auth capabilities');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/me',\n  responseType: 'json',\n  responseSchema: currentUserResponseSchema,\n  summary: 'Get current user',\n  description: 'Returns the currently authenticated user, or null if not authenticated.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, request } = ctx as any;\n      const auth = getAuthProvider(mastra);\n      const rbac = getRBACProvider(mastra);\n\n      if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n        return null;\n      }\n\n      const user = await auth.getCurrentUser(request);\n      if (!user) return null;\n\n      // Get roles/permissions from RBAC provider if available\n      let roles: string[] | undefined;\n      let permissions: string[] | undefined;\n\n      if (rbac) {\n        try {\n          roles = await rbac.getRoles(user);\n          permissions = await rbac.getPermissions(user);\n        } catch {\n          // RBAC not available or failed\n        }\n      }\n\n      return {\n        id: user.id,\n        email: user.email,\n        name: user.name,\n        avatarUrl: user.avatarUrl,\n        roles,\n        permissions,\n      };\n    } catch (error) {\n      return handleError(error, 'Error getting current user');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/sso/login',\n  responseType: 'datastream-response',\n  queryParamSchema: ssoLoginQuerySchema,\n  summary: 'Initiate SSO login',\n  description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n        throw new HTTPException(404, { message: 'SSO not configured' });\n      }\n\n      // Build OAuth callback URI using the configured route prefix\n      const origin = getPublicOrigin(request);\n      const raw = ((routePrefix as string) || '/api').trim();\n      const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n      const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n      const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n      // Encode the post-login redirect in state (where user goes after auth completes)\n      // State format: uuid|postLoginRedirect\n      // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n      // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n      // different port).\n      let postLoginRedirect = '/';\n      if (redirect_uri) {\n        if (!redirect_uri.startsWith('http')) {\n          // Relative path — always safe\n          postLoginRedirect = redirect_uri;\n        } else {\n          try {\n            const redirectUrl = new URL(redirect_uri);\n            const requestOrigin = new URL(origin);\n            const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n            const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n            const isLocalhost =\n              redirectUrl.hostname === 'localhost' ||\n              redirectUrl.hostname === '127.0.0.1' ||\n              redirectUrl.hostname === '[::1]';\n            if (isHttps && (isSameOrigin || isLocalhost)) {\n              postLoginRedirect = redirect_uri;\n            }\n          } catch {\n            // Malformed URL — fall back to /\n          }\n        }\n      }\n      const stateId = crypto.randomUUID();\n      const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n      const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n      // Build response with optional PKCE cookies\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n\n      // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n      if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n        const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n        if (cookies?.length) {\n          // PKCE cookies set for SSO state management\n          for (const cookie of cookies) {\n            headers.append('Set-Cookie', cookie);\n          }\n        }\n      }\n\n      return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n    } catch (error) {\n      return handleError(error, 'Error initiating SSO login');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/sso/callback',\n  responseType: 'datastream-response',\n  queryParamSchema: ssoCallbackQuerySchema,\n  summary: 'Handle SSO callback',\n  description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, code, state, request } = ctx as any;\n\n    // Build base URL for redirects (Response.redirect requires absolute URL)\n    const baseUrl = getPublicOrigin(request);\n\n    // Extract post-login redirect from state (format: uuid|encodedRedirect)\n    let redirectTo = '/';\n    let stateId = state || '';\n    if (state && state.includes('|')) {\n      const [id, encodedRedirect] = state.split('|', 2);\n      stateId = id;\n      try {\n        redirectTo = decodeURIComponent(encodedRedirect);\n      } catch {\n        redirectTo = '/';\n      }\n    }\n\n    // Build absolute redirect URL.\n    // The redirect_uri was validated at the login endpoint (same-origin or localhost\n    // only), so the state should only contain safe URLs. We still apply defense-in-depth\n    // checks here: allow http(s) same-origin or localhost, reject everything else.\n    let absoluteRedirect: string;\n    if (redirectTo.startsWith('http')) {\n      try {\n        const parsed = new URL(redirectTo);\n        const baseOrigin = new URL(baseUrl);\n        const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n        const isSameOrigin = parsed.origin === baseOrigin.origin;\n        const isLocalhost =\n          parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n        absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n      } catch {\n        absoluteRedirect = `${baseUrl}/`;\n      }\n    } else {\n      absoluteRedirect = `${baseUrl}${redirectTo}`;\n    }\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n        return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n      }\n\n      // Pass cookie header to provider for PKCE validation (if supported)\n      const reqCookieHeader = request.headers.get('cookie');\n      if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n        (auth as any).setCallbackCookieHeader(reqCookieHeader);\n      }\n\n      const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n      const user = result.user as EEUser;\n\n      // Build response headers (session cookies, etc.)\n      const headers = new Headers();\n      headers.set('Location', absoluteRedirect);\n\n      // Set session cookies from the SSO result\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n        // Fallback: Create session manually for providers without cookie support\n        const session = await auth.createSession(user.id, {\n          accessToken: result.tokens.accessToken,\n          refreshToken: result.tokens.refreshToken,\n          expiresAt: result.tokens.expiresAt,\n          organizationId: (user as any).organizationId,\n        });\n        const sessionHeaders = auth.getSessionHeaders(session);\n        for (const [key, value] of Object.entries(sessionHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(null, {\n        status: 302,\n        headers,\n      });\n    } catch (error) {\n      // Redirect with error (use absolute URL)\n      const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n      return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/logout',\n  responseType: 'datastream-response',\n  summary: 'Logout',\n  description: 'Destroys the current session and returns logout redirect URL if available.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth) {\n        return new Response(JSON.stringify({ success: true }), {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        });\n      }\n\n      // Get session ID and destroy it\n      if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n        const sessionId = auth.getSessionIdFromRequest(request);\n        if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n          await auth.destroySession(sessionId);\n        }\n      }\n\n      // Get logout URL if available\n      let redirectTo: string | undefined;\n      if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n        // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n        const origin = getPublicOrigin(request);\n        const logoutUrl = await auth.getLogoutUrl(origin, request);\n        redirectTo = logoutUrl ?? undefined;\n      }\n\n      // Build response with session clearing headers\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n\n      // Clear session cookie\n      if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n        const clearHeaders = auth.getClearSessionHeaders();\n        for (const [key, value] of Object.entries(clearHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(JSON.stringify({ success: true, redirectTo }), {\n        status: 200,\n        headers,\n      });\n    } catch (error) {\n      return handleError(error, 'Error logging out');\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/credentials/sign-in',\n  responseType: 'datastream-response',\n  bodySchema: credentialsSignInBodySchema,\n  summary: 'Sign in with credentials',\n  description: 'Authenticates a user with email and password.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request, email, password } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n        throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n      }\n\n      const result = await auth.signIn(email, password, request);\n      const user = result.user as EEUser;\n\n      const responseBody = JSON.stringify({\n        user: {\n          id: user.id,\n          email: user.email,\n          name: user.name,\n          avatarUrl: user.avatarUrl,\n        },\n        token: result.token,\n      });\n\n      // Build response headers, including cookies from the auth provider\n      const headers = new Headers({\n        'Content-Type': 'application/json',\n      });\n\n      // Forward session cookies from the auth provider\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      }\n\n      return new Response(responseBody, { status: 200, headers });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      // Return a generic error for auth failures to avoid leaking info\n      throw new HTTPException(401, { message: 'Invalid email or password' });\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/credentials/sign-up',\n  responseType: 'datastream-response',\n  bodySchema: credentialsSignUpBodySchema,\n  summary: 'Sign up with credentials',\n  description: 'Creates a new user account with email and password.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request, email, password, name } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n        throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n      }\n\n      const result = await auth.signUp(email, password, name, request);\n      const user = result.user as EEUser;\n\n      const responseBody = JSON.stringify({\n        user: {\n          id: user.id,\n          email: user.email,\n          name: user.name,\n          avatarUrl: user.avatarUrl,\n        },\n        token: result.token,\n      });\n\n      // Build response headers, including cookies from the auth provider\n      const headers = new Headers({\n        'Content-Type': 'application/json',\n      });\n\n      // Forward session cookies from the auth provider\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      }\n\n      return new Response(responseBody, { status: 200, headers });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      const mastra = (ctx as any).mastra;\n      mastra?.getLogger?.()?.error('Sign-up error', {\n        error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n      });\n      throw new HTTPException(400, { message: 'Failed to create account' });\n    }\n  },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n  GET_AUTH_CAPABILITIES_ROUTE,\n  GET_CURRENT_USER_ROUTE,\n  GET_SSO_LOGIN_ROUTE,\n  GET_SSO_CALLBACK_ROUTE,\n  POST_LOGOUT_ROUTE,\n  POST_CREDENTIALS_SIGN_IN_ROUTE,\n  POST_CREDENTIALS_SIGN_UP_ROUTE,\n] as const;\n"]}
+{"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["createPublicRoute","capabilitiesResponseSchema","handleError","currentUserResponseSchema","ssoLoginQuerySchema","HTTPException","ssoCallbackQuerySchema","credentialsSignInBodySchema","credentialsSignUpBodySchema","mastra"],"mappings":";;;;;;;;AAiCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AASO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AACA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,YAAY,MAAA,IAAU,IAAA;AAChE;AAMO,IAAM,8BAA8BA,mCAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,4CAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,SAAS,EAAE,IAAA,EAAM,SAAA,EAAW,WAAA,EAAa,CAAA;AAE5F,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBF,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBG,2CAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOD,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsBF,mCAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBI,qCAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBF,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBM,wCAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoBN,mCAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOE,6BAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCF,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYO,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCL,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYQ,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,MAAMI,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-MNEANLCY.cjs","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n  IUserProvider,\n  ISessionProvider,\n  ISSOProvider,\n  ICredentialsProvider,\n  SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { HTTPException } from '../http-exception';\nimport {\n  capabilitiesResponseSchema,\n  ssoLoginQuerySchema,\n  ssoCallbackQuerySchema,\n  currentUserResponseSchema,\n  credentialsSignInBodySchema,\n  credentialsSignUpBodySchema,\n} from '../schemas/auth';\nimport { createPublicRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (auth: any, request: Request, options?: { rbac?: any; apiPrefix?: string }) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n  if (!_buildCapabilitiesPromise) {\n    _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n      .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n      .catch(() => {\n        console.error(\n          '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n        );\n        return undefined;\n      });\n  }\n  return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n  const serverConfig = mastra.getServer?.();\n  if (!serverConfig?.auth) return null;\n\n  // Auth can be either MastraAuthConfig or MastraAuthProvider\n  // If it has authenticateToken method, it's a provider\n  if (typeof serverConfig.auth.authenticateToken === 'function') {\n    return serverConfig.auth as MastraAuthProvider;\n  }\n\n  return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname.\n * X-Forwarded-Host tells us the real public hostname.\n * Always uses https when behind a proxy — Knative's queue-proxy overwrites\n * X-Forwarded-Proto based on the internal HTTP connection, so it's unreliable.\n */\nexport function getPublicOrigin(request: Request): string {\n  const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n  if (forwardedHost) {\n    return `https://${forwardedHost}`;\n  }\n  return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n  const serverConfig = mastra.getServer?.();\n  return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n  return auth !== null && typeof auth === 'object' && method in auth;\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/capabilities',\n  responseType: 'json',\n  responseSchema: capabilitiesResponseSchema,\n  summary: 'Get auth capabilities',\n  description:\n    'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, request, routePrefix } = ctx as any;\n\n      const auth = getAuthProvider(mastra);\n\n      if (!auth) {\n        return { enabled: false, login: null };\n      }\n\n      const rbac = getRBACProvider(mastra);\n\n      const buildCapabilities = await loadBuildCapabilities();\n      if (!buildCapabilities) {\n        return { enabled: false, login: null };\n      }\n      const capabilities = await buildCapabilities(auth, request, { rbac, apiPrefix: routePrefix });\n\n      return capabilities;\n    } catch (error) {\n      return handleError(error, 'Error getting auth capabilities');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/me',\n  responseType: 'json',\n  responseSchema: currentUserResponseSchema,\n  summary: 'Get current user',\n  description: 'Returns the currently authenticated user, or null if not authenticated.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, request } = ctx as any;\n      const auth = getAuthProvider(mastra);\n      const rbac = getRBACProvider(mastra);\n\n      if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n        return null;\n      }\n\n      const user = await auth.getCurrentUser(request);\n      if (!user) return null;\n\n      // Get roles/permissions from RBAC provider if available\n      let roles: string[] | undefined;\n      let permissions: string[] | undefined;\n\n      if (rbac) {\n        try {\n          roles = await rbac.getRoles(user);\n          permissions = await rbac.getPermissions(user);\n        } catch {\n          // RBAC not available or failed\n        }\n      }\n\n      return {\n        id: user.id,\n        email: user.email,\n        name: user.name,\n        avatarUrl: user.avatarUrl,\n        roles,\n        permissions,\n      };\n    } catch (error) {\n      return handleError(error, 'Error getting current user');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/sso/login',\n  responseType: 'datastream-response',\n  queryParamSchema: ssoLoginQuerySchema,\n  summary: 'Initiate SSO login',\n  description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n        throw new HTTPException(404, { message: 'SSO not configured' });\n      }\n\n      // Build OAuth callback URI using the configured route prefix\n      const origin = getPublicOrigin(request);\n      const raw = ((routePrefix as string) || '/api').trim();\n      const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n      const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n      const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n      // Encode the post-login redirect in state (where user goes after auth completes)\n      // State format: uuid|postLoginRedirect\n      // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n      // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n      // different port).\n      let postLoginRedirect = '/';\n      if (redirect_uri) {\n        if (!redirect_uri.startsWith('http')) {\n          // Relative path — always safe\n          postLoginRedirect = redirect_uri;\n        } else {\n          try {\n            const redirectUrl = new URL(redirect_uri);\n            const requestOrigin = new URL(origin);\n            const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n            const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n            const isLocalhost =\n              redirectUrl.hostname === 'localhost' ||\n              redirectUrl.hostname === '127.0.0.1' ||\n              redirectUrl.hostname === '[::1]';\n            if (isHttps && (isSameOrigin || isLocalhost)) {\n              postLoginRedirect = redirect_uri;\n            }\n          } catch {\n            // Malformed URL — fall back to /\n          }\n        }\n      }\n      const stateId = crypto.randomUUID();\n      const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n      const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n      // Build response with optional PKCE cookies\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n\n      // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n      if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n        const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n        if (cookies?.length) {\n          // PKCE cookies set for SSO state management\n          for (const cookie of cookies) {\n            headers.append('Set-Cookie', cookie);\n          }\n        }\n      }\n\n      return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n    } catch (error) {\n      return handleError(error, 'Error initiating SSO login');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/sso/callback',\n  responseType: 'datastream-response',\n  queryParamSchema: ssoCallbackQuerySchema,\n  summary: 'Handle SSO callback',\n  description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, code, state, request } = ctx as any;\n\n    // Build base URL for redirects (Response.redirect requires absolute URL)\n    const baseUrl = getPublicOrigin(request);\n\n    // Extract post-login redirect from state (format: uuid|encodedRedirect)\n    let redirectTo = '/';\n    let stateId = state || '';\n    if (state && state.includes('|')) {\n      const [id, encodedRedirect] = state.split('|', 2);\n      stateId = id;\n      try {\n        redirectTo = decodeURIComponent(encodedRedirect);\n      } catch {\n        redirectTo = '/';\n      }\n    }\n\n    // Build absolute redirect URL.\n    // The redirect_uri was validated at the login endpoint (same-origin or localhost\n    // only), so the state should only contain safe URLs. We still apply defense-in-depth\n    // checks here: allow http(s) same-origin or localhost, reject everything else.\n    let absoluteRedirect: string;\n    if (redirectTo.startsWith('http')) {\n      try {\n        const parsed = new URL(redirectTo);\n        const baseOrigin = new URL(baseUrl);\n        const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n        const isSameOrigin = parsed.origin === baseOrigin.origin;\n        const isLocalhost =\n          parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n        absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n      } catch {\n        absoluteRedirect = `${baseUrl}/`;\n      }\n    } else {\n      absoluteRedirect = `${baseUrl}${redirectTo}`;\n    }\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n        return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n      }\n\n      // Pass cookie header to provider for PKCE validation (if supported)\n      const reqCookieHeader = request.headers.get('cookie');\n      if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n        (auth as any).setCallbackCookieHeader(reqCookieHeader);\n      }\n\n      const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n      const user = result.user as EEUser;\n\n      // Build response headers (session cookies, etc.)\n      const headers = new Headers();\n      headers.set('Location', absoluteRedirect);\n\n      // Set session cookies from the SSO result\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n        // Fallback: Create session manually for providers without cookie support\n        const session = await auth.createSession(user.id, {\n          accessToken: result.tokens.accessToken,\n          refreshToken: result.tokens.refreshToken,\n          expiresAt: result.tokens.expiresAt,\n          organizationId: (user as any).organizationId,\n        });\n        const sessionHeaders = auth.getSessionHeaders(session);\n        for (const [key, value] of Object.entries(sessionHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(null, {\n        status: 302,\n        headers,\n      });\n    } catch (error) {\n      // Redirect with error (use absolute URL)\n      const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n      return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/logout',\n  responseType: 'datastream-response',\n  summary: 'Logout',\n  description: 'Destroys the current session and returns logout redirect URL if available.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth) {\n        return new Response(JSON.stringify({ success: true }), {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        });\n      }\n\n      // Get session ID and destroy it\n      if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n        const sessionId = auth.getSessionIdFromRequest(request);\n        if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n          await auth.destroySession(sessionId);\n        }\n      }\n\n      // Get logout URL if available\n      let redirectTo: string | undefined;\n      if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n        // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n        const origin = getPublicOrigin(request);\n        const logoutUrl = await auth.getLogoutUrl(origin, request);\n        redirectTo = logoutUrl ?? undefined;\n      }\n\n      // Build response with session clearing headers\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n\n      // Clear session cookie\n      if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n        const clearHeaders = auth.getClearSessionHeaders();\n        for (const [key, value] of Object.entries(clearHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(JSON.stringify({ success: true, redirectTo }), {\n        status: 200,\n        headers,\n      });\n    } catch (error) {\n      return handleError(error, 'Error logging out');\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/credentials/sign-in',\n  responseType: 'datastream-response',\n  bodySchema: credentialsSignInBodySchema,\n  summary: 'Sign in with credentials',\n  description: 'Authenticates a user with email and password.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request, email, password } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n        throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n      }\n\n      const result = await auth.signIn(email, password, request);\n      const user = result.user as EEUser;\n\n      const responseBody = JSON.stringify({\n        user: {\n          id: user.id,\n          email: user.email,\n          name: user.name,\n          avatarUrl: user.avatarUrl,\n        },\n        token: result.token,\n      });\n\n      // Build response headers, including cookies from the auth provider\n      const headers = new Headers({\n        'Content-Type': 'application/json',\n      });\n\n      // Forward session cookies from the auth provider\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      }\n\n      return new Response(responseBody, { status: 200, headers });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      // Return a generic error for auth failures to avoid leaking info\n      throw new HTTPException(401, { message: 'Invalid email or password' });\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/credentials/sign-up',\n  responseType: 'datastream-response',\n  bodySchema: credentialsSignUpBodySchema,\n  summary: 'Sign up with credentials',\n  description: 'Creates a new user account with email and password.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request, email, password, name } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n        throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n      }\n\n      const result = await auth.signUp(email, password, name, request);\n      const user = result.user as EEUser;\n\n      const responseBody = JSON.stringify({\n        user: {\n          id: user.id,\n          email: user.email,\n          name: user.name,\n          avatarUrl: user.avatarUrl,\n        },\n        token: result.token,\n      });\n\n      // Build response headers, including cookies from the auth provider\n      const headers = new Headers({\n        'Content-Type': 'application/json',\n      });\n\n      // Forward session cookies from the auth provider\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      }\n\n      return new Response(responseBody, { status: 200, headers });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      const mastra = (ctx as any).mastra;\n      mastra?.getLogger?.()?.error('Sign-up error', {\n        error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n      });\n      throw new HTTPException(400, { message: 'Failed to create account' });\n    }\n  },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n  GET_AUTH_CAPABILITIES_ROUTE,\n  GET_CURRENT_USER_ROUTE,\n  GET_SSO_LOGIN_ROUTE,\n  GET_SSO_CALLBACK_ROUTE,\n  POST_LOGOUT_ROUTE,\n  POST_CREDENTIALS_SIGN_IN_ROUTE,\n  POST_CREDENTIALS_SIGN_UP_ROUTE,\n] as const;\n"]}

package/dist/{chunk-RFO7PBA6.js → chunk-MROITNSM.js}

@@ -1,5 +1,5 @@
-import { paginationInfoSchema } from './chunk-USZD5AX2.js';
-import z from 'zod';
+import { paginationInfoSchema } from './chunk-S2QK2XG2.js';
+import { z } from 'zod/v4';
 
 var jsonSchemaObject = z.lazy(() => z.record(z.string(), z.unknown()));
 var jsonSchemaField = z.union([jsonSchemaObject, z.null()]).optional();
@@ -333,5 +333,5 @@ var clusterFailuresResponseSchema = z.object({
 });
 
 export { addItemBodySchema, batchDeleteItemsBodySchema, batchDeleteItemsResponseSchema, batchInsertItemsBodySchema, batchInsertItemsResponseSchema, clusterFailuresBodySchema, clusterFailuresResponseSchema, compareExperimentsBodySchema, comparisonResponseSchema, createDatasetBodySchema, datasetAndExperimentIdPathParams, datasetAndItemIdPathParams, datasetIdPathParams, datasetItemResponseSchema, datasetItemVersionPathParams, datasetResponseSchema, datasetVersionResponseSchema, experimentIdPathParams, experimentResponseSchema, experimentResultIdPathParams, experimentResultResponseSchema, experimentSummaryResponseSchema, generateItemsBodySchema, generateItemsResponseSchema, itemIdPathParams, itemVersionResponseSchema, listDatasetVersionsResponseSchema, listDatasetsResponseSchema, listExperimentResultsResponseSchema, listExperimentsResponseSchema, listItemVersionsResponseSchema, listItemsQuerySchema, listItemsResponseSchema, paginationQuerySchema, scorerResultSchema, triggerExperimentBodySchema, updateDatasetBodySchema, updateExperimentResultBodySchema, updateItemBodySchema };
-//# sourceMappingURL=chunk-RFO7PBA6.js.map
-//# sourceMappingURL=chunk-RFO7PBA6.js.map
+//# sourceMappingURL=chunk-MROITNSM.js.map
+//# sourceMappingURL=chunk-MROITNSM.js.map

package/dist/chunk-MROITNSM.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/server/schemas/datasets.ts"],"names":[],"mappings":";;;AAQA,IAAM,gBAAA,GAAuD,CAAA,CAAE,IAAA,CAAK,MAAM,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAC,CAAA;AAG3G,IAAM,eAAA,GAAkB,CAAA,CAAE,KAAA,CAAM,CAAC,gBAAA,EAAkB,EAAE,IAAA,EAAM,CAAC,CAAA,CAAE,QAAA,EAAS;AAGvE,IAAM,uBAAA,GAA0B,EAC7B,MAAA,CAAO;AAAA,EACN,IAAA,EAAM,CAAA,CAAE,IAAA,CAAK,CAAC,KAAA,EAAO,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,mBAAmB,CAAC,CAAA,CAAE,QAAA,CAAS,2BAA2B,CAAA;AAAA,EACvG,aAAa,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,qDAAqD;AACnG,CAAC,CAAA,CACA,QAAA,EAAS,CACT,QAAA,CAAS,wCAAwC,CAAA;AAM7C,IAAM,mBAAA,GAAsB,EAAE,MAAA,CAAO;AAAA,EAC1C,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC;AACpE,CAAC;AAEM,IAAM,sBAAA,GAAyB,EAAE,MAAA,CAAO;AAAA,EAC7C,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,sCAAsC;AAC1E,CAAC;AAEM,IAAM,gBAAA,GAAmB,EAAE,MAAA,CAAO;AAAA,EACvC,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,wCAAwC;AACtE,CAAC;AAEM,IAAM,gCAAA,GAAmC,EAAE,MAAA,CAAO;AAAA,EACvD,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EAClE,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,sCAAsC;AAC1E,CAAC;AAEM,IAAM,4BAAA,GAA+B,EAAE,MAAA,CAAO;AAAA,EACnD,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EAClE,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,sCAAsC,CAAA;AAAA,EACxE,QAAA,EAAU,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,6CAA6C;AAC7E,CAAC;AAEM,IAAM,0BAAA,GAA6B,EAAE,MAAA,CAAO;AAAA,EACjD,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EAClE,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,wCAAwC;AACtE,CAAC;AAMM,IAAM,qBAAA,GAAwB,EAAE,MAAA,CAAO;AAAA,EAC5C,IAAA,EAAM,EAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,QAAQ,CAAC,CAAA;AAAA,EAC5C,OAAA,EAAS,EAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,QAAQ,EAAE;AAClD,CAAC;AAEM,IAAM,oBAAA,GAAuB,EAAE,MAAA,CAAO;AAAA,EAC3C,IAAA,EAAM,EAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,QAAQ,CAAC,CAAA;AAAA,EAC5C,OAAA,EAAS,EAAE,MAAA,CAAO,MAAA,GAAS,QAAA,EAAS,CAAE,QAAQ,EAAE,CAAA;AAAA,EAChD,SAAS,CAAA,CAAE,MAAA,CAAO,QAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA;AAAA,EAC1C,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACrB,CAAC;AAMM,IAAM,uBAAA,GAA0B,EAAE,MAAA,CAAO;AAAA,EAC9C,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qBAAqB,CAAA;AAAA,EAC/C,aAAa,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,4BAA4B,CAAA;AAAA,EACxE,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACrF,WAAA,EAAa,eAAA,CAAgB,QAAA,CAAS,uCAAuC,CAAA;AAAA,EAC7E,iBAAA,EAAmB,eAAA,CAAgB,QAAA,CAAS,6CAA6C,CAAA;AAAA,EACzF,oBAAA,EAAsB,eAAA,CAAgB,QAAA,CAAS,uDAAuD,CAAA;AAAA,EACtG,YAAY,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,mDAAmD,CAAA;AAAA,EAC9F,SAAA,EAAW,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,oDAAoD;AACzG,CAAC;AAEM,IAAM,uBAAA,GAA0B,EAAE,MAAA,CAAO;AAAA,EAC9C,MAAM,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EAC1D,aAAa,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,4BAA4B,CAAA;AAAA,EACxE,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACrF,WAAA,EAAa,eAAA,CAAgB,QAAA,CAAS,uCAAuC,CAAA;AAAA,EAC7E,iBAAA,EAAmB,eAAA,CAAgB,QAAA,CAAS,6CAA6C,CAAA;AAAA,EACzF,oBAAA,EAAsB,eAAA,CAAgB,QAAA,CAAS,uDAAuD,CAAA;AAAA,EACtG,IAAA,EAAM,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,qDAAqD,CAAA;AAAA,EACnG,YAAY,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,mDAAmD,CAAA;AAAA,EAC9F,SAAA,EAAW,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,oDAAoD;AACzG,CAAC;AAEM,IAAM,iBAAA,GAAoB,EAAE,MAAA,CAAO;AAAA,EACxC,KAAA,EAAO,CAAA,CAAE,OAAA,EAAQ,CAAE,SAAS,iCAAiC,CAAA;AAAA,EAC7D,aAAa,CAAA,CAAE,OAAA,GAAU,QAAA,EAAS,CAAE,SAAS,gCAAgC,CAAA;AAAA,EAC7E,cAAA,EAAgB,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,sCAAsC,CAAA;AAAA,EAC5G,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACrF,MAAA,EAAQ;AACV,CAAC;AAEM,IAAM,oBAAA,GAAuB,EAAE,MAAA,CAAO;AAAA,EAC3C,OAAO,CAAA,CAAE,OAAA,GAAU,QAAA,EAAS,CAAE,SAAS,iCAAiC,CAAA;AAAA,EACxE,aAAa,CAAA,CAAE,OAAA,GAAU,QAAA,EAAS,CAAE,SAAS,gCAAgC,CAAA;AAAA,EAC7E,cAAA,EAAgB,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,sCAAsC,CAAA;AAAA,EAC5G,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,qBAAqB,CAAA;AAAA,EACrF,MAAA,EAAQ;AACV,CAAC;AAEM,IAAM,2BAAA,GAA8B,EAAE,MAAA,CAAO;AAAA,EAClD,UAAA,EAAY,CAAA,CAAE,IAAA,CAAK,CAAC,OAAA,EAAS,YAAY,QAAQ,CAAC,CAAA,CAAE,QAAA,CAAS,+BAA+B,CAAA;AAAA,EAC5F,QAAA,EAAU,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,kBAAkB,CAAA;AAAA,EAChD,SAAA,EAAW,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,yBAAyB,CAAA;AAAA,EAC5E,OAAA,EAAS,CAAA,CAAE,MAAA,CAAO,MAAA,EAAO,CAAE,KAAI,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,iCAAiC,CAAA;AAAA,EACtF,cAAc,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,wCAAwC,CAAA;AAAA,EACrF,gBAAgB,CAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,+BAA+B,CAAA;AAAA,EAC9E,cAAA,EAAgB,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,6CAA6C;AACrH,CAAC;AAEM,IAAM,4BAAA,GAA+B,EAAE,MAAA,CAAO;AAAA,EACnD,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,2BAA2B,CAAA;AAAA,EAC9D,aAAA,EAAe,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,4BAA4B;AACjE,CAAC;AAOM,IAAM,qBAAA,GAAwB,EAAE,MAAA,CAAO;AAAA,EAC5C,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,IAAA,EAAM,EAAE,MAAA,EAAO;AAAA,EACf,aAAa,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,GAAW,QAAA,EAAS;AAAA,EAC5C,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,EAAO,EAAG,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAChE,WAAA,EAAa,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACxD,iBAAA,EAAmB,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EAC9D,oBAAA,EAAsB,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACjE,IAAA,EAAM,EAAE,KAAA,CAAM,CAAA,CAAE,QAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAC9C,YAAY,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,GAAW,QAAA,EAAS;AAAA,EAC3C,SAAA,EAAW,EAAE,KAAA,CAAM,CAAA,CAAE,QAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EACnD,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EACxB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAGM,IAAM,yBAAA,GAA4B,EAAE,MAAA,CAAO;AAAA,EAChD,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,SAAA,EAAW,EAAE,MAAA,EAAO;AAAA,EACpB,cAAA,EAAgB,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EAC/B,KAAA,EAAO,EAAE,OAAA,EAAQ;AAAA,EACjB,WAAA,EAAa,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,cAAA,EAAgB,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EAC3D,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,MAAA,EAAQ,uBAAA;AAAA,EACR,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAGM,IAAM,wBAAA,GAA2B,EAAE,MAAA,CAAO;AAAA,EAC/C,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC/B,gBAAgB,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EAC1C,cAAc,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,GAAW,QAAA,EAAS;AAAA,EAC7C,UAAA,EAAY,EAAE,IAAA,CAAK,CAAC,SAAS,UAAA,EAAY,QAAA,EAAU,WAAW,CAAC,CAAA;AAAA,EAC/D,QAAA,EAAU,EAAE,MAAA,EAAO;AAAA,EACnB,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC1B,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACjC,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,MAAA,EAAQ,EAAE,IAAA,CAAK,CAAC,WAAW,SAAA,EAAW,WAAA,EAAa,QAAQ,CAAC,CAAA;AAAA,EAC5D,UAAA,EAAY,EAAE,MAAA,EAAO;AAAA,EACrB,cAAA,EAAgB,EAAE,MAAA,EAAO;AAAA,EACzB,WAAA,EAAa,EAAE,MAAA,EAAO;AAAA,EACtB,YAAA,EAAc,EAAE,MAAA,EAAO;AAAA,EACvB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,GAAO,QAAA,EAAS;AAAA,EACpC,WAAA,EAAa,CAAA,CAAE,MAAA,CAAO,IAAA,GAAO,QAAA,EAAS;AAAA,EACtC,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAGM,IAAM,kBAAA,GAAqB,EAAE,MAAA,CAAO;AAAA,EACzC,QAAA,EAAU,EAAE,MAAA,EAAO;AAAA,EACnB,UAAA,EAAY,EAAE,MAAA,EAAO;AAAA,EACrB,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC3B,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC5B,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACpB,CAAC;AAGM,IAAM,8BAAA,GAAiC,EAAE,MAAA,CAAO;AAAA,EACrD,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,YAAA,EAAc,EAAE,MAAA,EAAO;AAAA,EACvB,MAAA,EAAQ,EAAE,MAAA,EAAO;AAAA,EACjB,oBAAoB,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EAC9C,KAAA,EAAO,EAAE,OAAA,EAAQ;AAAA,EACjB,MAAA,EAAQ,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC7B,WAAA,EAAa,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,KAAA,EAAO,EACJ,MAAA,CAAO;AAAA,IACN,OAAA,EAAS,EAAE,MAAA,EAAO;AAAA,IAClB,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IAC3B,IAAA,EAAM,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,GAC3B,EACA,QAAA,EAAS;AAAA,EACZ,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,WAAA,EAAa,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EAC3B,UAAA,EAAY,EAAE,MAAA,EAAO;AAAA,EACrB,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC7B,MAAA,EAAQ,CAAA,CAAE,IAAA,CAAK,CAAC,cAAA,EAAgB,UAAA,EAAY,UAAU,CAAC,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAC7E,IAAA,EAAM,EAAE,KAAA,CAAM,CAAA,CAAE,QAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAC9C,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAEM,IAAM,gCAAA,GAAmC,EAAE,MAAA,CAAO;AAAA,EACvD,MAAA,EAAQ,CAAA,CAAE,IAAA,CAAK,CAAC,cAAA,EAAgB,UAAA,EAAY,UAAU,CAAC,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,EAAS;AAAA,EAC7E,MAAM,CAAA,CAAE,KAAA,CAAM,EAAE,MAAA,EAAQ,EAAE,QAAA;AAC5B,CAAC;AAGD,IAAM,oBAAA,GAAuB,EAAE,MAAA,CAAO;AAAA,EACpC,MAAA,EAAQ,EAAE,MAAA,EAAO;AAAA,EACjB,KAAA,EAAO,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAC5B,WAAA,EAAa,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,SAAS,CAAA,CAAE,MAAA;AAAA,IACT,EAAE,MAAA,EAAO;AAAA,IACT,EACG,MAAA,CAAO;AAAA,MACN,MAAA,EAAQ,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAC7B,MAAA,EAAQ,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAU;AAAA,KACnD,EACA,QAAA;AAAS;AAEhB,CAAC,CAAA;AAGM,IAAM,wBAAA,GAA2B,EAAE,MAAA,CAAO;AAAA,EAC/C,UAAA,EAAY,EAAE,MAAA,EAAO;AAAA,EACrB,KAAA,EAAO,CAAA,CAAE,KAAA,CAAM,oBAAoB;AACrC,CAAC;AAIM,IAAM,+BAAA,GAAkC,EAAE,MAAA,CAAO;AAAA,EACtD,YAAA,EAAc,EAAE,MAAA,EAAO;AAAA,EACvB,MAAA,EAAQ,EAAE,IAAA,CAAK,CAAC,WAAW,SAAA,EAAW,WAAA,EAAa,QAAQ,CAAC,CAAA;AAAA,EAC5D,UAAA,EAAY,EAAE,MAAA,EAAO;AAAA,EACrB,cAAA,EAAgB,EAAE,MAAA,EAAO;AAAA,EACzB,WAAA,EAAa,EAAE,MAAA,EAAO;AAAA,EACtB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,WAAA,EAAa,CAAA,CAAE,MAAA,CAAO,IAAA,GAAO,QAAA,EAAS;AAAA,EACtC,SAAS,CAAA,CAAE,KAAA;AAAA,IACT,EAAE,MAAA,CAAO;AAAA,MACP,MAAA,EAAQ,EAAE,MAAA,EAAO;AAAA,MACjB,oBAAoB,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,MAC9C,KAAA,EAAO,EAAE,OAAA,EAAQ;AAAA,MACjB,MAAA,EAAQ,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAC7B,WAAA,EAAa,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAClC,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,MAC3B,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,MACzB,WAAA,EAAa,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,MAC3B,UAAA,EAAY,EAAE,MAAA,EAAO;AAAA,MACrB,QAAQ,CAAA,CAAE,KAAA;AAAA,QACR,EAAE,MAAA,CAAO;AAAA,UACP,QAAA,EAAU,EAAE,MAAA,EAAO;AAAA,UACnB,UAAA,EAAY,EAAE,MAAA,EAAO;AAAA,UACrB,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,UAC3B,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,UAC5B,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,SAC5B;AAAA;AACH,KACD;AAAA;AAEL,CAAC;AAMM,IAAM,0BAAA,GAA6B,EAAE,MAAA,CAAO;AAAA,EACjD,QAAA,EAAU,CAAA,CAAE,KAAA,CAAM,qBAAqB,CAAA;AAAA,EACvC,UAAA,EAAY;AACd,CAAC;AAEM,IAAM,uBAAA,GAA0B,EAAE,MAAA,CAAO;AAAA,EAC9C,KAAA,EAAO,CAAA,CAAE,KAAA,CAAM,yBAAyB,CAAA;AAAA,EACxC,UAAA,EAAY;AACd,CAAC;AAEM,IAAM,6BAAA,GAAgC,EAAE,MAAA,CAAO;AAAA,EACpD,WAAA,EAAa,CAAA,CAAE,KAAA,CAAM,wBAAwB,CAAA;AAAA,EAC7C,UAAA,EAAY;AACd,CAAC;AAEM,IAAM,mCAAA,GAAsC,EAAE,MAAA,CAAO;AAAA,EAC1D,OAAA,EAAS,CAAA,CAAE,KAAA,CAAM,8BAA8B,CAAA;AAAA,EAC/C,UAAA,EAAY;AACd,CAAC;AAOM,IAAM,4BAAA,GAA+B,EAAE,MAAA,CAAO;AAAA,EACnD,SAAA,EAAW,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EAClE,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,wCAAwC,CAAA;AAAA,EACpE,cAAA,EAAgB,EAAE,MAAA,CAAO,MAAA,GAAS,GAAA,EAAI,CAAE,SAAS,wBAAwB;AAC3E,CAAC;AAGM,IAAM,yBAAA,GAA4B,EAAE,MAAA,CAAO;AAAA,EAChD,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,SAAA,EAAW,EAAE,MAAA,EAAO;AAAA,EACpB,cAAA,EAAgB,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EAC/B,KAAA,EAAO,EAAE,OAAA,EAAQ;AAAA,EACjB,WAAA,EAAa,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,EAClC,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACrD,SAAS,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,QAAA,EAAS;AAAA,EACnC,SAAA,EAAW,EAAE,OAAA,EAAQ;AAAA,EACrB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAEM,IAAM,8BAAA,GAAiC,EAAE,MAAA,CAAO;AAAA,EACrD,OAAA,EAAS,CAAA,CAAE,KAAA,CAAM,yBAAyB;AAC5C,CAAC;AAGM,IAAM,4BAAA,GAA+B,EAAE,MAAA,CAAO;AAAA,EACnD,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,EACb,SAAA,EAAW,EAAE,MAAA,EAAO;AAAA,EACpB,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,EAAI;AAAA,EACxB,SAAA,EAAW,CAAA,CAAE,MAAA,CAAO,IAAA;AACtB,CAAC;AAEM,IAAM,iCAAA,GAAoC,EAAE,MAAA,CAAO;AAAA,EACxD,QAAA,EAAU,CAAA,CAAE,KAAA,CAAM,4BAA4B,CAAA;AAAA,EAC9C,UAAA,EAAY;AACd,CAAC;AAMM,IAAM,0BAAA,GAA6B,EAAE,MAAA,CAAO;AAAA,EACjD,OAAO,CAAA,CAAE,KAAA;AAAA,IACP,EAAE,MAAA,CAAO;AAAA,MACP,KAAA,EAAO,EAAE,OAAA,EAAQ;AAAA,MACjB,WAAA,EAAa,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAClC,cAAA,EAAgB,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,MAC3D,QAAA,EAAU,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,MACrD,MAAA,EAAQ;AAAA,KACT;AAAA;AAEL,CAAC;AAEM,IAAM,8BAAA,GAAiC,EAAE,MAAA,CAAO;AAAA,EACrD,KAAA,EAAO,CAAA,CAAE,KAAA,CAAM,yBAAyB,CAAA;AAAA,EACxC,KAAA,EAAO,EAAE,MAAA;AACX,CAAC;AAEM,IAAM,0BAAA,GAA6B,EAAE,MAAA,CAAO;AAAA,EACjD,OAAA,EAAS,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,QAAQ;AAC7B,CAAC;AAEM,IAAM,8BAAA,GAAiC,EAAE,MAAA,CAAO;AAAA,EACrD,OAAA,EAAS,EAAE,OAAA,EAAQ;AAAA,EACnB,YAAA,EAAc,EAAE,MAAA;AAClB,CAAC;AAMM,IAAM,uBAAA,GAA0B,EAAE,MAAA,CAAO;AAAA,EAC9C,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qEAAqE,CAAA;AAAA,EAClG,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,kDAAkD,CAAA;AAAA,EAC9E,OAAO,CAAA,CAAE,MAAA,EAAO,CAAE,GAAA,GAAM,GAAA,CAAI,CAAC,CAAA,CAAE,GAAA,CAAI,EAAE,CAAA,CAAE,OAAA,CAAQ,CAAC,CAAA,CAAE,SAAS,6BAA6B,CAAA;AAAA,EACxF,YAAA,EAAc,EACX,MAAA,CAAO;AAAA,IACN,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IACjC,YAAA,EAAc,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IAClC,OAAO,CAAA,CAAE,KAAA,CAAM,EAAE,MAAA,EAAQ,EAAE,QAAA;AAAS,GACrC,CAAA,CACA,QAAA,EAAS,CACT,SAAS,wDAAwD;AACtE,CAAC;AAED,IAAM,mBAAA,GAAsB,EAAE,MAAA,CAAO;AAAA,EACnC,KAAA,EAAO,EAAE,OAAA,EAAQ;AAAA,EACjB,WAAA,EAAa,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA;AAC3B,CAAC,CAAA;AAEM,IAAM,2BAAA,GAA8B,EAAE,MAAA,CAAO;AAAA,EAClD,KAAA,EAAO,CAAA,CAAE,KAAA,CAAM,mBAAmB;AACpC,CAAC;AAMM,IAAM,yBAAA,GAA4B,EAAE,MAAA,CAAO;AAAA,EAChD,OAAA,EAAS,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qEAAqE,CAAA;AAAA,EAClG,OAAO,CAAA,CACJ,KAAA;AAAA,IACC,EAAE,MAAA,CAAO;AAAA,MACP,EAAA,EAAI,EAAE,MAAA,EAAO;AAAA,MACb,KAAA,EAAO,EAAE,OAAA,EAAQ;AAAA,MACjB,MAAA,EAAQ,CAAA,CAAE,OAAA,EAAQ,CAAE,QAAA,EAAS;AAAA,MAC7B,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,MAC3B,MAAA,EAAQ,CAAA,CAAE,MAAA,CAAO,CAAA,CAAE,MAAA,IAAU,CAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS;AAAA,MAClD,YAAA,EAAc,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,mCAAmC;AAAA,KAC1F;AAAA,GACH,CACC,IAAI,CAAC,CAAA,CACL,IAAI,GAAG,CAAA,CACP,SAAS,0BAA0B,CAAA;AAAA,EACtC,aAAA,EAAe,CAAA,CACZ,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,CAAA,CAChB,QAAA,EAAS,CACT,QAAA,CAAS,qGAAqG,CAAA;AAAA,EACjH,QAAQ,CAAA,CACL,MAAA,GACA,QAAA,EAAS,CACT,SAAS,yFAAyF;AACvG,CAAC;AAED,IAAM,oBAAA,GAAuB,EAAE,MAAA,CAAO;AAAA,EACpC,EAAA,EAAI,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,6BAA6B,CAAA;AAAA,EACrD,KAAA,EAAO,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,sCAAsC,CAAA;AAAA,EACjE,WAAA,EAAa,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mCAAmC,CAAA;AAAA,EACpE,OAAA,EAAS,EAAE,KAAA,CAAM,CAAA,CAAE,QAAQ,CAAA,CAAE,SAAS,wCAAwC;AAChF,CAAC,CAAA;AAEM,IAAM,6BAAA,GAAgC,EAAE,MAAA,CAAO;AAAA,EACpD,QAAA,EAAU,CAAA,CAAE,KAAA,CAAM,oBAAoB,CAAA;AAAA;AAAA,EAEtC,cAAc,CAAA,CACX,KAAA;AAAA,IACC,EAAE,MAAA,CAAO;AAAA,MACP,MAAA,EAAQ,EAAE,MAAA,EAAO;AAAA,MACjB,IAAA,EAAM,CAAA,CAAE,KAAA,CAAM,CAAA,CAAE,QAAQ,CAAA;AAAA,MACxB,MAAA,EAAQ,CAAA,CAAE,MAAA,EAAO,CAAE,SAAS,gEAAgE;AAAA,KAC7F;AAAA,IAEF,QAAA;AACL,CAAC","file":"chunk-MROITNSM.js","sourcesContent":["import { z } from 'zod/v4';\nimport { paginationInfoSchema } from './common';\n\n// ============================================================================\n// JSON Schema Types (for inputSchema/groundTruthSchema fields)\n// ============================================================================\n\n// JSON Schema type (simplified for storage - full spec too complex)\nconst jsonSchemaObject: z.ZodType<Record<string, unknown>> = z.lazy(() => z.record(z.string(), z.unknown()));\n\n// JSON Schema field (object or null to disable)\nconst jsonSchemaField = z.union([jsonSchemaObject, z.null()]).optional();\n\n// Dataset item source tracking\nconst datasetItemSourceSchema = z\n  .object({\n    type: z.enum(['csv', 'json', 'trace', 'llm', 'experiment-result']).describe('How this item was created'),\n    referenceId: z.string().optional().describe('Reference identifier (e.g., trace id, csv filename)'),\n  })\n  .optional()\n  .describe('Source/provenance of this dataset item');\n\n// ============================================================================\n// Path Parameter Schemas\n// ============================================================================\n\nexport const datasetIdPathParams = z.object({\n  datasetId: z.string().describe('Unique identifier for the dataset'),\n});\n\nexport const experimentIdPathParams = z.object({\n  experimentId: z.string().describe('Unique identifier for the experiment'),\n});\n\nexport const itemIdPathParams = z.object({\n  itemId: z.string().describe('Unique identifier for the dataset item'),\n});\n\nexport const datasetAndExperimentIdPathParams = z.object({\n  datasetId: z.string().describe('Unique identifier for the dataset'),\n  experimentId: z.string().describe('Unique identifier for the experiment'),\n});\n\nexport const experimentResultIdPathParams = z.object({\n  datasetId: z.string().describe('Unique identifier for the dataset'),\n  experimentId: z.string().describe('Unique identifier for the experiment'),\n  resultId: z.string().describe('Unique identifier for the experiment result'),\n});\n\nexport const datasetAndItemIdPathParams = z.object({\n  datasetId: z.string().describe('Unique identifier for the dataset'),\n  itemId: z.string().describe('Unique identifier for the dataset item'),\n});\n\n// ============================================================================\n// Query Parameter Schemas\n// ============================================================================\n\nexport const paginationQuerySchema = z.object({\n  page: z.coerce.number().optional().default(0),\n  perPage: z.coerce.number().optional().default(10),\n});\n\nexport const listItemsQuerySchema = z.object({\n  page: z.coerce.number().optional().default(0),\n  perPage: z.coerce.number().optional().default(10),\n  version: z.coerce.number().int().optional(), // Optional version filter for snapshot semantics\n  search: z.string().optional(),\n});\n\n// ============================================================================\n// Request Body Schemas\n// ============================================================================\n\nexport const createDatasetBodySchema = z.object({\n  name: z.string().describe('Name of the dataset'),\n  description: z.string().optional().describe('Description of the dataset'),\n  metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata'),\n  inputSchema: jsonSchemaField.describe('JSON Schema for validating item input'),\n  groundTruthSchema: jsonSchemaField.describe('JSON Schema for validating item groundTruth'),\n  requestContextSchema: jsonSchemaField.describe('JSON Schema describing expected request context shape'),\n  targetType: z.string().optional().describe('Target entity type (e.g. agent, workflow, scorer)'),\n  targetIds: z.array(z.string()).optional().describe('IDs of target entities this dataset is attached to'),\n});\n\nexport const updateDatasetBodySchema = z.object({\n  name: z.string().optional().describe('Name of the dataset'),\n  description: z.string().optional().describe('Description of the dataset'),\n  metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata'),\n  inputSchema: jsonSchemaField.describe('JSON Schema for validating item input'),\n  groundTruthSchema: jsonSchemaField.describe('JSON Schema for validating item groundTruth'),\n  requestContextSchema: jsonSchemaField.describe('JSON Schema describing expected request context shape'),\n  tags: z.array(z.string()).optional().describe('Tag definitions for categorizing experiment results'),\n  targetType: z.string().optional().describe('Target entity type (e.g. agent, workflow, scorer)'),\n  targetIds: z.array(z.string()).optional().describe('IDs of target entities this dataset is attached to'),\n});\n\nexport const addItemBodySchema = z.object({\n  input: z.unknown().describe('Input data for the dataset item'),\n  groundTruth: z.unknown().optional().describe('Expected output for comparison'),\n  requestContext: z.record(z.string(), z.unknown()).optional().describe('Request context preset for this item'),\n  metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata'),\n  source: datasetItemSourceSchema,\n});\n\nexport const updateItemBodySchema = z.object({\n  input: z.unknown().optional().describe('Input data for the dataset item'),\n  groundTruth: z.unknown().optional().describe('Expected output for comparison'),\n  requestContext: z.record(z.string(), z.unknown()).optional().describe('Request context preset for this item'),\n  metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata'),\n  source: datasetItemSourceSchema,\n});\n\nexport const triggerExperimentBodySchema = z.object({\n  targetType: z.enum(['agent', 'workflow', 'scorer']).describe('Type of target to run against'),\n  targetId: z.string().describe('ID of the target'),\n  scorerIds: z.array(z.string()).optional().describe('IDs of scorers to apply'),\n  version: z.coerce.number().int().optional().describe('Pin to specific dataset version'),\n  agentVersion: z.string().optional().describe('Agent version ID to use for experiment'),\n  maxConcurrency: z.number().optional().describe('Maximum concurrent executions'),\n  requestContext: z.record(z.string(), z.unknown()).optional().describe('Global request context passed to the target'),\n});\n\nexport const compareExperimentsBodySchema = z.object({\n  experimentIdA: z.string().describe('ID of baseline experiment'),\n  experimentIdB: z.string().describe('ID of candidate experiment'),\n});\n\n// ============================================================================\n// Response Schemas\n// ============================================================================\n\n// Dataset entity schema\nexport const datasetResponseSchema = z.object({\n  id: z.string(),\n  name: z.string(),\n  description: z.string().optional().nullable(),\n  metadata: z.record(z.string(), z.unknown()).optional().nullable(),\n  inputSchema: z.record(z.string(), z.unknown()).optional(),\n  groundTruthSchema: z.record(z.string(), z.unknown()).optional(),\n  requestContextSchema: z.record(z.string(), z.unknown()).optional(),\n  tags: z.array(z.string()).optional().nullable(),\n  targetType: z.string().optional().nullable(),\n  targetIds: z.array(z.string()).optional().nullable(),\n  version: z.number().int(),\n  createdAt: z.coerce.date(),\n  updatedAt: z.coerce.date(),\n});\n\n// Dataset item entity schema\nexport const datasetItemResponseSchema = z.object({\n  id: z.string(),\n  datasetId: z.string(),\n  datasetVersion: z.number().int(),\n  input: z.unknown(),\n  groundTruth: z.unknown().optional(),\n  requestContext: z.record(z.string(), z.unknown()).optional(),\n  metadata: z.record(z.string(), z.unknown()).optional(),\n  source: datasetItemSourceSchema,\n  createdAt: z.coerce.date(),\n  updatedAt: z.coerce.date(),\n});\n\n// Experiment entity schema\nexport const experimentResponseSchema = z.object({\n  id: z.string(),\n  datasetId: z.string().nullable(),\n  datasetVersion: z.number().int().nullable(),\n  agentVersion: z.string().nullable().optional(),\n  targetType: z.enum(['agent', 'workflow', 'scorer', 'processor']),\n  targetId: z.string(),\n  name: z.string().optional(),\n  description: z.string().optional(),\n  metadata: z.record(z.string(), z.unknown()).optional(),\n  status: z.enum(['pending', 'running', 'completed', 'failed']),\n  totalItems: z.number(),\n  succeededCount: z.number(),\n  failedCount: z.number(),\n  skippedCount: z.number(),\n  startedAt: z.coerce.date().nullable(),\n  completedAt: z.coerce.date().nullable(),\n  createdAt: z.coerce.date(),\n  updatedAt: z.coerce.date(),\n});\n\n// Scorer result schema\nexport const scorerResultSchema = z.object({\n  scorerId: z.string(),\n  scorerName: z.string(),\n  score: z.number().nullable(),\n  reason: z.string().nullable(),\n  error: z.string().nullable(),\n});\n\n// Experiment result entity schema\nexport const experimentResultResponseSchema = z.object({\n  id: z.string(),\n  experimentId: z.string(),\n  itemId: z.string(),\n  itemDatasetVersion: z.number().int().nullable(),\n  input: z.unknown(),\n  output: z.unknown().nullable(),\n  groundTruth: z.unknown().nullable(),\n  error: z\n    .object({\n      message: z.string(),\n      stack: z.string().optional(),\n      code: z.string().optional(),\n    })\n    .nullable(),\n  startedAt: z.coerce.date(),\n  completedAt: z.coerce.date(),\n  retryCount: z.number(),\n  traceId: z.string().nullable(),\n  status: z.enum(['needs-review', 'reviewed', 'complete']).nullable().optional(),\n  tags: z.array(z.string()).nullable().optional(),\n  createdAt: z.coerce.date(),\n});\n\nexport const updateExperimentResultBodySchema = z.object({\n  status: z.enum(['needs-review', 'reviewed', 'complete']).nullable().optional(),\n  tags: z.array(z.string()).optional(),\n});\n\n// Comparison item schema (MVP shape)\nconst comparisonItemSchema = z.object({\n  itemId: z.string(),\n  input: z.unknown().nullable(),\n  groundTruth: z.unknown().nullable(),\n  results: z.record(\n    z.string(),\n    z\n      .object({\n        output: z.unknown().nullable(),\n        scores: z.record(z.string(), z.number().nullable()),\n      })\n      .nullable(),\n  ),\n});\n\n// Comparison result schema\nexport const comparisonResponseSchema = z.object({\n  baselineId: z.string(),\n  items: z.array(comparisonItemSchema),\n});\n\n// Experiment summary schema (returned by trigger experiment)\n// Note: completedAt is nullable for pending/running experiments (async trigger)\nexport const experimentSummaryResponseSchema = z.object({\n  experimentId: z.string(),\n  status: z.enum(['pending', 'running', 'completed', 'failed']),\n  totalItems: z.number(),\n  succeededCount: z.number(),\n  failedCount: z.number(),\n  startedAt: z.coerce.date(),\n  completedAt: z.coerce.date().nullable(),\n  results: z.array(\n    z.object({\n      itemId: z.string(),\n      itemDatasetVersion: z.number().int().nullable(),\n      input: z.unknown(),\n      output: z.unknown().nullable(),\n      groundTruth: z.unknown().nullable(),\n      error: z.string().nullable(),\n      startedAt: z.coerce.date(),\n      completedAt: z.coerce.date(),\n      retryCount: z.number(),\n      scores: z.array(\n        z.object({\n          scorerId: z.string(),\n          scorerName: z.string(),\n          score: z.number().nullable(),\n          reason: z.string().nullable(),\n          error: z.string().nullable(),\n        }),\n      ),\n    }),\n  ),\n});\n\n// ============================================================================\n// List Response Schemas\n// ============================================================================\n\nexport const listDatasetsResponseSchema = z.object({\n  datasets: z.array(datasetResponseSchema),\n  pagination: paginationInfoSchema,\n});\n\nexport const listItemsResponseSchema = z.object({\n  items: z.array(datasetItemResponseSchema),\n  pagination: paginationInfoSchema,\n});\n\nexport const listExperimentsResponseSchema = z.object({\n  experiments: z.array(experimentResponseSchema),\n  pagination: paginationInfoSchema,\n});\n\nexport const listExperimentResultsResponseSchema = z.object({\n  results: z.array(experimentResultResponseSchema),\n  pagination: paginationInfoSchema,\n});\n\n// ============================================================================\n// Version Schemas\n// ============================================================================\n\n// Path params for item version routes\nexport const datasetItemVersionPathParams = z.object({\n  datasetId: z.string().describe('Unique identifier for the dataset'),\n  itemId: z.string().describe('Unique identifier for the dataset item'),\n  datasetVersion: z.coerce.number().int().describe('Dataset version number'),\n});\n\n// Item history row response schema (SCD-2 DatasetItemRow shape)\nexport const itemVersionResponseSchema = z.object({\n  id: z.string(),\n  datasetId: z.string(),\n  datasetVersion: z.number().int(),\n  input: z.unknown(),\n  groundTruth: z.unknown().optional(),\n  metadata: z.record(z.string(), z.unknown()).optional(),\n  validTo: z.number().int().nullable(),\n  isDeleted: z.boolean(),\n  createdAt: z.coerce.date(),\n  updatedAt: z.coerce.date(),\n});\n\nexport const listItemVersionsResponseSchema = z.object({\n  history: z.array(itemVersionResponseSchema),\n});\n\n// Dataset version response schema\nexport const datasetVersionResponseSchema = z.object({\n  id: z.string(),\n  datasetId: z.string(),\n  version: z.number().int(),\n  createdAt: z.coerce.date(),\n});\n\nexport const listDatasetVersionsResponseSchema = z.object({\n  versions: z.array(datasetVersionResponseSchema),\n  pagination: paginationInfoSchema,\n});\n\n// ============================================================================\n// Batch Operation Schemas\n// ============================================================================\n\nexport const batchInsertItemsBodySchema = z.object({\n  items: z.array(\n    z.object({\n      input: z.unknown(),\n      groundTruth: z.unknown().optional(),\n      requestContext: z.record(z.string(), z.unknown()).optional(),\n      metadata: z.record(z.string(), z.unknown()).optional(),\n      source: datasetItemSourceSchema,\n    }),\n  ),\n});\n\nexport const batchInsertItemsResponseSchema = z.object({\n  items: z.array(datasetItemResponseSchema),\n  count: z.number(),\n});\n\nexport const batchDeleteItemsBodySchema = z.object({\n  itemIds: z.array(z.string()),\n});\n\nexport const batchDeleteItemsResponseSchema = z.object({\n  success: z.boolean(),\n  deletedCount: z.number(),\n});\n\n// ============================================================================\n// AI Generation Schemas\n// ============================================================================\n\nexport const generateItemsBodySchema = z.object({\n  modelId: z.string().describe('Model identifier in \"provider/model\" format (e.g., \"openai/gpt-4o\")'),\n  prompt: z.string().describe('Description of the kind of test data to generate'),\n  count: z.number().int().min(1).max(50).default(5).describe('Number of items to generate'),\n  agentContext: z\n    .object({\n      description: z.string().optional(),\n      instructions: z.string().optional(),\n      tools: z.array(z.string()).optional(),\n    })\n    .optional()\n    .describe('Context about the agent to generate relevant test data'),\n});\n\nconst generatedItemSchema = z.object({\n  input: z.unknown(),\n  groundTruth: z.unknown().optional(),\n});\n\nexport const generateItemsResponseSchema = z.object({\n  items: z.array(generatedItemSchema),\n});\n\n// ============================================================================\n// Cluster Failures\n// ============================================================================\n\nexport const clusterFailuresBodySchema = z.object({\n  modelId: z.string().describe('Model identifier in \"provider/model\" format (e.g., \"openai/gpt-4o\")'),\n  items: z\n    .array(\n      z.object({\n        id: z.string(),\n        input: z.unknown(),\n        output: z.unknown().optional(),\n        error: z.string().optional(),\n        scores: z.record(z.string(), z.number()).optional(),\n        existingTags: z.array(z.string()).optional().describe('Tags already applied to this item'),\n      }),\n    )\n    .min(1)\n    .max(200)\n    .describe('Failure items to cluster'),\n  availableTags: z\n    .array(z.string())\n    .optional()\n    .describe('Existing tag vocabulary from the dataset. The LLM should prefer reusing these tags when applicable.'),\n  prompt: z\n    .string()\n    .optional()\n    .describe('Optional user instructions to guide the analysis (e.g., \"focus on tool usage failures\")'),\n});\n\nconst failureClusterSchema = z.object({\n  id: z.string().describe('A unique cluster identifier'),\n  label: z.string().describe('Short label for this failure pattern'),\n  description: z.string().describe('Description of the common pattern'),\n  itemIds: z.array(z.string()).describe('IDs of items belonging to this cluster'),\n});\n\nexport const clusterFailuresResponseSchema = z.object({\n  clusters: z.array(failureClusterSchema),\n  /** Per-item proposed tag assignments. Each entry maps an item ID to the tags the LLM suggests adding. */\n  proposedTags: z\n    .array(\n      z.object({\n        itemId: z.string(),\n        tags: z.array(z.string()),\n        reason: z.string().describe('Brief explanation of why these tags were assigned to this item'),\n      }),\n    )\n    .optional(),\n});\n"]}

package/dist/chunk-MUOB33WV.cjs

@@ -0,0 +1,107 @@
+'use strict';
+
+var chunkEES2ZZGL_cjs = require('./chunk-EES2ZZGL.cjs');
+var v4 = require('zod/v4');
+
+var storedSkillIdPathParams = v4.z.object({
+  storedSkillId: v4.z.string().describe("Unique identifier for the stored skill")
+});
+var storageOrderBySchema = v4.z.object({
+  field: v4.z.enum(["createdAt", "updatedAt"]).optional(),
+  direction: v4.z.enum(["ASC", "DESC"]).optional()
+});
+var listStoredSkillsQuerySchema = chunkEES2ZZGL_cjs.createPagePaginationSchema(100).extend({
+  orderBy: storageOrderBySchema.optional(),
+  authorId: v4.z.string().optional().describe("Filter skills by author identifier"),
+  metadata: v4.z.record(v4.z.string(), v4.z.unknown()).optional().describe("Filter skills by metadata key-value pairs")
+});
+var sourceSchema = v4.z.discriminatedUnion("type", [
+  v4.z.object({
+    type: v4.z.literal("external"),
+    packagePath: v4.z.string().describe("Package path for external source")
+  }),
+  v4.z.object({
+    type: v4.z.literal("local"),
+    projectPath: v4.z.string().describe("Project path for local source")
+  }),
+  v4.z.object({
+    type: v4.z.literal("managed"),
+    mastraPath: v4.z.string().describe("Mastra path for managed source")
+  })
+]);
+var snapshotConfigSchema = v4.z.object({
+  name: v4.z.string().describe("Name of the skill"),
+  description: v4.z.string().describe("Description of what the skill does and when to use it"),
+  instructions: v4.z.string().describe("Markdown instructions for the skill"),
+  license: v4.z.string().optional().describe("License identifier for the skill"),
+  compatibility: v4.z.unknown().optional().describe("Compatibility requirements"),
+  source: sourceSchema.optional().describe("Source location of the skill"),
+  references: v4.z.array(v4.z.string()).optional().describe("List of reference file paths"),
+  scripts: v4.z.array(v4.z.string()).optional().describe("List of script file paths"),
+  assets: v4.z.array(v4.z.string()).optional().describe("List of asset file paths"),
+  metadata: v4.z.record(v4.z.string(), v4.z.unknown()).optional().describe("Additional metadata for the skill")
+});
+var createStoredSkillBodySchema = v4.z.object({
+  id: v4.z.string().optional().describe("Unique identifier. If not provided, derived from name."),
+  authorId: v4.z.string().optional().describe("Author identifier for multi-tenant filtering")
+}).merge(snapshotConfigSchema);
+var updateStoredSkillBodySchema = v4.z.object({
+  authorId: v4.z.string().optional()
+}).partial().merge(snapshotConfigSchema.partial());
+var storedSkillSchema = v4.z.object({
+  id: v4.z.string(),
+  status: v4.z.string().describe("Skill status: draft, published, or archived"),
+  activeVersionId: v4.z.string().optional(),
+  authorId: v4.z.string().optional(),
+  createdAt: v4.z.coerce.date(),
+  updatedAt: v4.z.coerce.date(),
+  name: v4.z.string().describe("Name of the skill"),
+  description: v4.z.string().describe("Description of what the skill does and when to use it"),
+  instructions: v4.z.string().describe("Markdown instructions for the skill"),
+  license: v4.z.string().optional().describe("License identifier for the skill"),
+  compatibility: v4.z.unknown().optional().describe("Compatibility requirements"),
+  source: sourceSchema.optional().describe("Source location of the skill"),
+  references: v4.z.array(v4.z.string()).optional().describe("List of reference file paths"),
+  scripts: v4.z.array(v4.z.string()).optional().describe("List of script file paths"),
+  assets: v4.z.array(v4.z.string()).optional().describe("List of asset file paths"),
+  metadata: v4.z.record(v4.z.string(), v4.z.unknown()).optional().describe("Additional metadata for the skill")
+});
+var listStoredSkillsResponseSchema = chunkEES2ZZGL_cjs.paginationInfoSchema.extend({
+  skills: v4.z.array(storedSkillSchema)
+});
+var getStoredSkillResponseSchema = storedSkillSchema;
+var createStoredSkillResponseSchema = storedSkillSchema;
+var updateStoredSkillResponseSchema = v4.z.union([
+  v4.z.object({
+    id: v4.z.string(),
+    status: v4.z.string(),
+    activeVersionId: v4.z.string().optional(),
+    authorId: v4.z.string().optional(),
+    createdAt: v4.z.coerce.date(),
+    updatedAt: v4.z.coerce.date()
+  }),
+  storedSkillSchema
+]);
+var deleteStoredSkillResponseSchema = v4.z.object({
+  success: v4.z.boolean(),
+  message: v4.z.string()
+});
+var publishStoredSkillBodySchema = v4.z.object({
+  skillPath: v4.z.string().describe("Path to the skill directory on the server filesystem (containing SKILL.md)")
+});
+var publishStoredSkillResponseSchema = storedSkillSchema;
+
+exports.createStoredSkillBodySchema = createStoredSkillBodySchema;
+exports.createStoredSkillResponseSchema = createStoredSkillResponseSchema;
+exports.deleteStoredSkillResponseSchema = deleteStoredSkillResponseSchema;
+exports.getStoredSkillResponseSchema = getStoredSkillResponseSchema;
+exports.listStoredSkillsQuerySchema = listStoredSkillsQuerySchema;
+exports.listStoredSkillsResponseSchema = listStoredSkillsResponseSchema;
+exports.publishStoredSkillBodySchema = publishStoredSkillBodySchema;
+exports.publishStoredSkillResponseSchema = publishStoredSkillResponseSchema;
+exports.storedSkillIdPathParams = storedSkillIdPathParams;
+exports.storedSkillSchema = storedSkillSchema;
+exports.updateStoredSkillBodySchema = updateStoredSkillBodySchema;
+exports.updateStoredSkillResponseSchema = updateStoredSkillResponseSchema;
+//# sourceMappingURL=chunk-MUOB33WV.cjs.map
+//# sourceMappingURL=chunk-MUOB33WV.cjs.map

package/dist/chunk-MUOB33WV.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/server/schemas/stored-skills.ts"],"names":["z","createPagePaginationSchema","paginationInfoSchema"],"mappings":";;;;;AAQO,IAAM,uBAAA,GAA0BA,KAAE,MAAA,CAAO;AAAA,EAC9C,aAAA,EAAeA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,wCAAwC;AAC7E,CAAC;AAMD,IAAM,oBAAA,GAAuBA,KAAE,MAAA,CAAO;AAAA,EACpC,KAAA,EAAOA,KAAE,IAAA,CAAK,CAAC,aAAa,WAAW,CAAC,EAAE,QAAA,EAAS;AAAA,EACnD,SAAA,EAAWA,KAAE,IAAA,CAAK,CAAC,OAAO,MAAM,CAAC,EAAE,QAAA;AACrC,CAAC,CAAA;AAEM,IAAM,2BAAA,GAA8BC,4CAAA,CAA2B,GAAG,CAAA,CAAE,MAAA,CAAO;AAAA,EAChF,OAAA,EAAS,qBAAqB,QAAA,EAAS;AAAA,EACvC,UAAUD,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,oCAAoC,CAAA;AAAA,EAC7E,QAAA,EAAUA,IAAA,CAAE,MAAA,CAAOA,IAAA,CAAE,MAAA,EAAO,EAAGA,IAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,2CAA2C;AAC7G,CAAC;AAMD,IAAM,YAAA,GAAeA,IAAA,CAAE,kBAAA,CAAmB,MAAA,EAAQ;AAAA,EAChDA,KAAE,MAAA,CAAO;AAAA,IACP,IAAA,EAAMA,IAAA,CAAE,OAAA,CAAQ,UAAU,CAAA;AAAA,IAC1B,WAAA,EAAaA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,kCAAkC;AAAA,GACpE,CAAA;AAAA,EACDA,KAAE,MAAA,CAAO;AAAA,IACP,IAAA,EAAMA,IAAA,CAAE,OAAA,CAAQ,OAAO,CAAA;AAAA,IACvB,WAAA,EAAaA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,+BAA+B;AAAA,GACjE,CAAA;AAAA,EACDA,KAAE,MAAA,CAAO;AAAA,IACP,IAAA,EAAMA,IAAA,CAAE,OAAA,CAAQ,SAAS,CAAA;AAAA,IACzB,UAAA,EAAYA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,gCAAgC;AAAA,GACjE;AACH,CAAC,CAAA;AAED,IAAM,oBAAA,GAAuBA,KAAE,MAAA,CAAO;AAAA,EACpC,IAAA,EAAMA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mBAAmB,CAAA;AAAA,EAC7C,WAAA,EAAaA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,uDAAuD,CAAA;AAAA,EACxF,YAAA,EAAcA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qCAAqC,CAAA;AAAA,EACvE,SAASA,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,kCAAkC,CAAA;AAAA,EAC1E,eAAeA,IAAA,CAAE,OAAA,GAAU,QAAA,EAAS,CAAE,SAAS,4BAA4B,CAAA;AAAA,EAC3E,MAAA,EAAQ,YAAA,CAAa,QAAA,EAAS,CAAE,SAAS,8BAA8B,CAAA;AAAA,EACvE,UAAA,EAAYA,IAAA,CAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,8BAA8B,CAAA;AAAA,EAClF,OAAA,EAASA,IAAA,CAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,2BAA2B,CAAA;AAAA,EAC5E,MAAA,EAAQA,IAAA,CAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,0BAA0B,CAAA;AAAA,EAC1E,QAAA,EAAUA,IAAA,CAAE,MAAA,CAAOA,IAAA,CAAE,MAAA,EAAO,EAAGA,IAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,mCAAmC;AACrG,CAAC,CAAA;AAEM,IAAM,2BAAA,GAA8BA,KACxC,MAAA,CAAO;AAAA,EACN,IAAIA,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,wDAAwD,CAAA;AAAA,EAC3F,UAAUA,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,8CAA8C;AACzF,CAAC,CAAA,CACA,MAAM,oBAAoB;AAEtB,IAAM,2BAAA,GAA8BA,KACxC,MAAA,CAAO;AAAA,EACN,QAAA,EAAUA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AACvB,CAAC,EACA,OAAA,EAAQ,CACR,KAAA,CAAM,oBAAA,CAAqB,SAAS;AAMhC,IAAM,iBAAA,GAAoBA,KAAE,MAAA,CAAO;AAAA,EACxC,EAAA,EAAIA,KAAE,MAAA,EAAO;AAAA,EACb,MAAA,EAAQA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,6CAA6C,CAAA;AAAA,EACzE,eAAA,EAAiBA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EACrC,QAAA,EAAUA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAC9B,SAAA,EAAWA,IAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,SAAA,EAAWA,IAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,EACzB,IAAA,EAAMA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,mBAAmB,CAAA;AAAA,EAC7C,WAAA,EAAaA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,uDAAuD,CAAA;AAAA,EACxF,YAAA,EAAcA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,qCAAqC,CAAA;AAAA,EACvE,SAASA,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,kCAAkC,CAAA;AAAA,EAC1E,eAAeA,IAAA,CAAE,OAAA,GAAU,QAAA,EAAS,CAAE,SAAS,4BAA4B,CAAA;AAAA,EAC3E,MAAA,EAAQ,YAAA,CAAa,QAAA,EAAS,CAAE,SAAS,8BAA8B,CAAA;AAAA,EACvE,UAAA,EAAYA,IAAA,CAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,8BAA8B,CAAA;AAAA,EAClF,OAAA,EAASA,IAAA,CAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,2BAA2B,CAAA;AAAA,EAC5E,MAAA,EAAQA,IAAA,CAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,0BAA0B,CAAA;AAAA,EAC1E,QAAA,EAAUA,IAAA,CAAE,MAAA,CAAOA,IAAA,CAAE,MAAA,EAAO,EAAGA,IAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS,CAAE,SAAS,mCAAmC;AACrG,CAAC;AAEM,IAAM,8BAAA,GAAiCE,uCAAqB,MAAA,CAAO;AAAA,EACxE,MAAA,EAAQF,IAAA,CAAE,KAAA,CAAM,iBAAiB;AACnC,CAAC;AAEM,IAAM,4BAAA,GAA+B;AACrC,IAAM,+BAAA,GAAkC;AAExC,IAAM,+BAAA,GAAkCA,KAAE,KAAA,CAAM;AAAA,EACrDA,KAAE,MAAA,CAAO;AAAA,IACP,EAAA,EAAIA,KAAE,MAAA,EAAO;AAAA,IACb,MAAA,EAAQA,KAAE,MAAA,EAAO;AAAA,IACjB,eAAA,EAAiBA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IACrC,QAAA,EAAUA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IAC9B,SAAA,EAAWA,IAAA,CAAE,MAAA,CAAO,IAAA,EAAK;AAAA,IACzB,SAAA,EAAWA,IAAA,CAAE,MAAA,CAAO,IAAA;AAAK,GAC1B,CAAA;AAAA,EACD;AACF,CAAC;AAEM,IAAM,+BAAA,GAAkCA,KAAE,MAAA,CAAO;AAAA,EACtD,OAAA,EAASA,KAAE,OAAA,EAAQ;AAAA,EACnB,OAAA,EAASA,KAAE,MAAA;AACb,CAAC;AAMM,IAAM,4BAAA,GAA+BA,KAAE,MAAA,CAAO;AAAA,EACnD,SAAA,EAAWA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,4EAA4E;AAC7G,CAAC;AAEM,IAAM,gCAAA,GAAmC","file":"chunk-MUOB33WV.cjs","sourcesContent":["import { z } from 'zod/v4';\n\nimport { paginationInfoSchema, createPagePaginationSchema } from './common';\n\n// ============================================================================\n// Path Parameter Schemas\n// ============================================================================\n\nexport const storedSkillIdPathParams = z.object({\n  storedSkillId: z.string().describe('Unique identifier for the stored skill'),\n});\n\n// ============================================================================\n// Query Parameter Schemas\n// ============================================================================\n\nconst storageOrderBySchema = z.object({\n  field: z.enum(['createdAt', 'updatedAt']).optional(),\n  direction: z.enum(['ASC', 'DESC']).optional(),\n});\n\nexport const listStoredSkillsQuerySchema = createPagePaginationSchema(100).extend({\n  orderBy: storageOrderBySchema.optional(),\n  authorId: z.string().optional().describe('Filter skills by author identifier'),\n  metadata: z.record(z.string(), z.unknown()).optional().describe('Filter skills by metadata key-value pairs'),\n});\n\n// ============================================================================\n// Body Parameter Schemas\n// ============================================================================\n\nconst sourceSchema = z.discriminatedUnion('type', [\n  z.object({\n    type: z.literal('external'),\n    packagePath: z.string().describe('Package path for external source'),\n  }),\n  z.object({\n    type: z.literal('local'),\n    projectPath: z.string().describe('Project path for local source'),\n  }),\n  z.object({\n    type: z.literal('managed'),\n    mastraPath: z.string().describe('Mastra path for managed source'),\n  }),\n]);\n\nconst snapshotConfigSchema = z.object({\n  name: z.string().describe('Name of the skill'),\n  description: z.string().describe('Description of what the skill does and when to use it'),\n  instructions: z.string().describe('Markdown instructions for the skill'),\n  license: z.string().optional().describe('License identifier for the skill'),\n  compatibility: z.unknown().optional().describe('Compatibility requirements'),\n  source: sourceSchema.optional().describe('Source location of the skill'),\n  references: z.array(z.string()).optional().describe('List of reference file paths'),\n  scripts: z.array(z.string()).optional().describe('List of script file paths'),\n  assets: z.array(z.string()).optional().describe('List of asset file paths'),\n  metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata for the skill'),\n});\n\nexport const createStoredSkillBodySchema = z\n  .object({\n    id: z.string().optional().describe('Unique identifier. If not provided, derived from name.'),\n    authorId: z.string().optional().describe('Author identifier for multi-tenant filtering'),\n  })\n  .merge(snapshotConfigSchema);\n\nexport const updateStoredSkillBodySchema = z\n  .object({\n    authorId: z.string().optional(),\n  })\n  .partial()\n  .merge(snapshotConfigSchema.partial());\n\n// ============================================================================\n// Response Schemas\n// ============================================================================\n\nexport const storedSkillSchema = z.object({\n  id: z.string(),\n  status: z.string().describe('Skill status: draft, published, or archived'),\n  activeVersionId: z.string().optional(),\n  authorId: z.string().optional(),\n  createdAt: z.coerce.date(),\n  updatedAt: z.coerce.date(),\n  name: z.string().describe('Name of the skill'),\n  description: z.string().describe('Description of what the skill does and when to use it'),\n  instructions: z.string().describe('Markdown instructions for the skill'),\n  license: z.string().optional().describe('License identifier for the skill'),\n  compatibility: z.unknown().optional().describe('Compatibility requirements'),\n  source: sourceSchema.optional().describe('Source location of the skill'),\n  references: z.array(z.string()).optional().describe('List of reference file paths'),\n  scripts: z.array(z.string()).optional().describe('List of script file paths'),\n  assets: z.array(z.string()).optional().describe('List of asset file paths'),\n  metadata: z.record(z.string(), z.unknown()).optional().describe('Additional metadata for the skill'),\n});\n\nexport const listStoredSkillsResponseSchema = paginationInfoSchema.extend({\n  skills: z.array(storedSkillSchema),\n});\n\nexport const getStoredSkillResponseSchema = storedSkillSchema;\nexport const createStoredSkillResponseSchema = storedSkillSchema;\n\nexport const updateStoredSkillResponseSchema = z.union([\n  z.object({\n    id: z.string(),\n    status: z.string(),\n    activeVersionId: z.string().optional(),\n    authorId: z.string().optional(),\n    createdAt: z.coerce.date(),\n    updatedAt: z.coerce.date(),\n  }),\n  storedSkillSchema,\n]);\n\nexport const deleteStoredSkillResponseSchema = z.object({\n  success: z.boolean(),\n  message: z.string(),\n});\n\n// ============================================================================\n// Publish / Rollback Schemas\n// ============================================================================\n\nexport const publishStoredSkillBodySchema = z.object({\n  skillPath: z.string().describe('Path to the skill directory on the server filesystem (containing SKILL.md)'),\n});\n\nexport const publishStoredSkillResponseSchema = storedSkillSchema;\n"]}

package/dist/{chunk-G4FSJJAS.cjs → chunk-NCCK5NVX.cjs}

@@ -1,20 +1,20 @@
 'use strict';
 
-var chunkULL6VJ5E_cjs = require('./chunk-ULL6VJ5E.cjs');
+var chunk5XEAWQRZ_cjs = require('./chunk-5XEAWQRZ.cjs');
 var chunk2XZ2466F_cjs = require('./chunk-2XZ2466F.cjs');
-var chunkDWJI2VL3_cjs = require('./chunk-DWJI2VL3.cjs');
-var chunkZYXDUS6Q_cjs = require('./chunk-ZYXDUS6Q.cjs');
-var chunkY2BKW5ND_cjs = require('./chunk-Y2BKW5ND.cjs');
-var chunkYJLDMFSE_cjs = require('./chunk-YJLDMFSE.cjs');
+var chunkWC4OPIB4_cjs = require('./chunk-WC4OPIB4.cjs');
+var chunkEES2ZZGL_cjs = require('./chunk-EES2ZZGL.cjs');
+var chunkB34S64RC_cjs = require('./chunk-B34S64RC.cjs');
+var chunkEGSCXVMR_cjs = require('./chunk-EGSCXVMR.cjs');
 var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
 
 // src/server/handlers/stored-mcp-clients.ts
-var LIST_STORED_MCP_CLIENTS_ROUTE = chunkYJLDMFSE_cjs.createRoute({
+var LIST_STORED_MCP_CLIENTS_ROUTE = chunkEGSCXVMR_cjs.createRoute({
   method: "GET",
   path: "/stored/mcp-clients",
   responseType: "json",
-  queryParamSchema: chunkULL6VJ5E_cjs.listStoredMCPClientsQuerySchema,
-  responseSchema: chunkULL6VJ5E_cjs.listStoredMCPClientsResponseSchema,
+  queryParamSchema: chunk5XEAWQRZ_cjs.listStoredMCPClientsQuerySchema,
+  responseSchema: chunk5XEAWQRZ_cjs.listStoredMCPClientsResponseSchema,
   summary: "List stored MCP clients",
   description: "Returns a paginated list of all MCP client configurations stored in the database",
   tags: ["Stored MCP Clients"],
@@ -39,17 +39,17 @@ var LIST_STORED_MCP_CLIENTS_ROUTE = chunkYJLDMFSE_cjs.createRoute({
       });
       return result;
     } catch (error) {
-      return chunkY2BKW5ND_cjs.handleError(error, "Error listing stored MCP clients");
+      return chunkB34S64RC_cjs.handleError(error, "Error listing stored MCP clients");
     }
   }
 });
-var GET_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
+var GET_STORED_MCP_CLIENT_ROUTE = chunkEGSCXVMR_cjs.createRoute({
   method: "GET",
   path: "/stored/mcp-clients/:storedMCPClientId",
   responseType: "json",
-  pathParamSchema: chunkULL6VJ5E_cjs.storedMCPClientIdPathParams,
-  queryParamSchema: chunkZYXDUS6Q_cjs.statusQuerySchema,
-  responseSchema: chunkULL6VJ5E_cjs.getStoredMCPClientResponseSchema,
+  pathParamSchema: chunk5XEAWQRZ_cjs.storedMCPClientIdPathParams,
+  queryParamSchema: chunkEES2ZZGL_cjs.statusQuerySchema,
+  responseSchema: chunk5XEAWQRZ_cjs.getStoredMCPClientResponseSchema,
   summary: "Get stored MCP client by ID",
   description: "Returns a specific MCP client from storage by its unique identifier. Use ?status=draft to resolve with the latest (draft) version, or ?status=published (default) for the active published version.",
   tags: ["Stored MCP Clients"],
@@ -70,16 +70,16 @@ var GET_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
       }
       return mcpClient;
     } catch (error) {
-      return chunkY2BKW5ND_cjs.handleError(error, "Error getting stored MCP client");
+      return chunkB34S64RC_cjs.handleError(error, "Error getting stored MCP client");
     }
   }
 });
-var CREATE_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
+var CREATE_STORED_MCP_CLIENT_ROUTE = chunkEGSCXVMR_cjs.createRoute({
   method: "POST",
   path: "/stored/mcp-clients",
   responseType: "json",
-  bodySchema: chunkULL6VJ5E_cjs.createStoredMCPClientBodySchema,
-  responseSchema: chunkULL6VJ5E_cjs.createStoredMCPClientResponseSchema,
+  bodySchema: chunk5XEAWQRZ_cjs.createStoredMCPClientBodySchema,
+  responseSchema: chunk5XEAWQRZ_cjs.createStoredMCPClientResponseSchema,
   summary: "Create stored MCP client",
   description: "Creates a new MCP client configuration in storage with the provided servers",
   tags: ["Stored MCP Clients"],
@@ -94,7 +94,7 @@ var CREATE_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
       if (!mcpClientStore) {
         throw new chunk64ITUOXI_cjs.HTTPException(500, { message: "MCP clients storage domain is not available" });
       }
-      const id = providedId || chunkDWJI2VL3_cjs.toSlug(name);
+      const id = providedId || chunkWC4OPIB4_cjs.toSlug(name);
       if (!id) {
         throw new chunk64ITUOXI_cjs.HTTPException(400, {
           message: "Could not derive MCP client ID from name. Please provide an explicit id."
@@ -120,17 +120,17 @@ var CREATE_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
       }
       return resolved;
     } catch (error) {
-      return chunkY2BKW5ND_cjs.handleError(error, "Error creating stored MCP client");
+      return chunkB34S64RC_cjs.handleError(error, "Error creating stored MCP client");
     }
   }
 });
-var UPDATE_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
+var UPDATE_STORED_MCP_CLIENT_ROUTE = chunkEGSCXVMR_cjs.createRoute({
   method: "PATCH",
   path: "/stored/mcp-clients/:storedMCPClientId",
   responseType: "json",
-  pathParamSchema: chunkULL6VJ5E_cjs.storedMCPClientIdPathParams,
-  bodySchema: chunkULL6VJ5E_cjs.updateStoredMCPClientBodySchema,
-  responseSchema: chunkULL6VJ5E_cjs.updateStoredMCPClientResponseSchema,
+  pathParamSchema: chunk5XEAWQRZ_cjs.storedMCPClientIdPathParams,
+  bodySchema: chunk5XEAWQRZ_cjs.updateStoredMCPClientBodySchema,
+  responseSchema: chunk5XEAWQRZ_cjs.updateStoredMCPClientResponseSchema,
   summary: "Update stored MCP client",
   description: "Updates an existing MCP client in storage with the provided fields",
   tags: ["Stored MCP Clients"],
@@ -184,16 +184,16 @@ var UPDATE_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
       }
       return resolved;
     } catch (error) {
-      return chunkY2BKW5ND_cjs.handleError(error, "Error updating stored MCP client");
+      return chunkB34S64RC_cjs.handleError(error, "Error updating stored MCP client");
     }
   }
 });
-var DELETE_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
+var DELETE_STORED_MCP_CLIENT_ROUTE = chunkEGSCXVMR_cjs.createRoute({
   method: "DELETE",
   path: "/stored/mcp-clients/:storedMCPClientId",
   responseType: "json",
-  pathParamSchema: chunkULL6VJ5E_cjs.storedMCPClientIdPathParams,
-  responseSchema: chunkULL6VJ5E_cjs.deleteStoredMCPClientResponseSchema,
+  pathParamSchema: chunk5XEAWQRZ_cjs.storedMCPClientIdPathParams,
+  responseSchema: chunk5XEAWQRZ_cjs.deleteStoredMCPClientResponseSchema,
   summary: "Delete stored MCP client",
   description: "Deletes an MCP client from storage by its unique identifier",
   tags: ["Stored MCP Clients"],
@@ -218,7 +218,7 @@ var DELETE_STORED_MCP_CLIENT_ROUTE = chunkYJLDMFSE_cjs.createRoute({
         message: `MCP client ${storedMCPClientId} deleted successfully`
       };
     } catch (error) {
-      return chunkY2BKW5ND_cjs.handleError(error, "Error deleting stored MCP client");
+      return chunkB34S64RC_cjs.handleError(error, "Error deleting stored MCP client");
     }
   }
 });
@@ -228,5 +228,5 @@ exports.DELETE_STORED_MCP_CLIENT_ROUTE = DELETE_STORED_MCP_CLIENT_ROUTE;
 exports.GET_STORED_MCP_CLIENT_ROUTE = GET_STORED_MCP_CLIENT_ROUTE;
 exports.LIST_STORED_MCP_CLIENTS_ROUTE = LIST_STORED_MCP_CLIENTS_ROUTE;
 exports.UPDATE_STORED_MCP_CLIENT_ROUTE = UPDATE_STORED_MCP_CLIENT_ROUTE;
-//# sourceMappingURL=chunk-G4FSJJAS.cjs.map
-//# sourceMappingURL=chunk-G4FSJJAS.cjs.map
+//# sourceMappingURL=chunk-NCCK5NVX.cjs.map
+//# sourceMappingURL=chunk-NCCK5NVX.cjs.map