@mastra/server 1.16.0-alpha.2 → 1.16.0-alpha.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (259) hide show
  1. package/CHANGELOG.md +76 -0
  2. package/dist/{chunk-PUMBMYBX.cjs → chunk-37LAVKFO.cjs} +11 -11
  3. package/dist/{chunk-PUMBMYBX.cjs.map → chunk-37LAVKFO.cjs.map} +1 -1
  4. package/dist/{chunk-62GR2C36.cjs → chunk-3BRCE7JC.cjs} +11 -11
  5. package/dist/{chunk-62GR2C36.cjs.map → chunk-3BRCE7JC.cjs.map} +1 -1
  6. package/dist/{chunk-Z7BMOL42.cjs → chunk-3W54ZNYP.cjs} +30 -30
  7. package/dist/{chunk-Z7BMOL42.cjs.map → chunk-3W54ZNYP.cjs.map} +1 -1
  8. package/dist/{chunk-MZ275AAF.js → chunk-4D7KSU4X.js} +4 -4
  9. package/dist/{chunk-MZ275AAF.js.map → chunk-4D7KSU4X.js.map} +1 -1
  10. package/dist/{chunk-XWN66HIC.cjs → chunk-4G5KVXN6.cjs} +17 -17
  11. package/dist/{chunk-XWN66HIC.cjs.map → chunk-4G5KVXN6.cjs.map} +1 -1
  12. package/dist/{chunk-YAQDFKGR.js → chunk-4NRXB7VI.js} +3 -3
  13. package/dist/{chunk-YAQDFKGR.js.map → chunk-4NRXB7VI.js.map} +1 -1
  14. package/dist/{chunk-WOU6ROOP.js → chunk-5GXB4IME.js} +3 -3
  15. package/dist/{chunk-WOU6ROOP.js.map → chunk-5GXB4IME.js.map} +1 -1
  16. package/dist/{chunk-PIORYI6S.js → chunk-645P6ZAV.js} +11 -3
  17. package/dist/chunk-645P6ZAV.js.map +1 -0
  18. package/dist/{chunk-O52KF4SM.js → chunk-6QBPL7ME.js} +4 -4
  19. package/dist/{chunk-O52KF4SM.js.map → chunk-6QBPL7ME.js.map} +1 -1
  20. package/dist/{chunk-3ZPZHQRS.js → chunk-7TESOQZ3.js} +3 -3
  21. package/dist/{chunk-3ZPZHQRS.js.map → chunk-7TESOQZ3.js.map} +1 -1
  22. package/dist/{chunk-4I2LMHTI.js → chunk-7ZHBGYZB.js} +3 -3
  23. package/dist/{chunk-4I2LMHTI.js.map → chunk-7ZHBGYZB.js.map} +1 -1
  24. package/dist/{chunk-QD7NPKXK.cjs → chunk-A5J2TY2W.cjs} +6 -6
  25. package/dist/{chunk-QD7NPKXK.cjs.map → chunk-A5J2TY2W.cjs.map} +1 -1
  26. package/dist/{chunk-OSZ6AAFG.cjs → chunk-ALMN74MG.cjs} +106 -102
  27. package/dist/chunk-ALMN74MG.cjs.map +1 -0
  28. package/dist/{chunk-K3TANUFC.js → chunk-ATZ7V3XS.js} +5 -5
  29. package/dist/{chunk-K3TANUFC.js.map → chunk-ATZ7V3XS.js.map} +1 -1
  30. package/dist/{chunk-MR2JXSLN.js → chunk-B5KNWY2P.js} +3 -3
  31. package/dist/{chunk-MR2JXSLN.js.map → chunk-B5KNWY2P.js.map} +1 -1
  32. package/dist/{chunk-OQCQTAI6.js → chunk-CZUJUB46.js} +14 -5
  33. package/dist/chunk-CZUJUB46.js.map +1 -0
  34. package/dist/{chunk-375NFGLA.js → chunk-E56FRMZY.js} +3 -3
  35. package/dist/{chunk-375NFGLA.js.map → chunk-E56FRMZY.js.map} +1 -1
  36. package/dist/{chunk-2OGP3GTW.cjs → chunk-EGSCXVMR.cjs} +5 -52
  37. package/dist/chunk-EGSCXVMR.cjs.map +1 -0
  38. package/dist/{chunk-3LBYNV6U.js → chunk-FB5NRM2M.js} +3 -3
  39. package/dist/{chunk-3LBYNV6U.js.map → chunk-FB5NRM2M.js.map} +1 -1
  40. package/dist/{chunk-E3ZR4JAK.cjs → chunk-FPEX6KOJ.cjs} +46 -43
  41. package/dist/chunk-FPEX6KOJ.cjs.map +1 -0
  42. package/dist/{chunk-3CILCP75.js → chunk-FU5Z5NSF.js} +4 -4
  43. package/dist/{chunk-3CILCP75.js.map → chunk-FU5Z5NSF.js.map} +1 -1
  44. package/dist/{chunk-Y5MUJIDZ.js → chunk-G2ZZKKQI.js} +4 -4
  45. package/dist/{chunk-Y5MUJIDZ.js.map → chunk-G2ZZKKQI.js.map} +1 -1
  46. package/dist/{chunk-EGFJ3CSS.cjs → chunk-G5KXPZUB.cjs} +7 -7
  47. package/dist/{chunk-EGFJ3CSS.cjs.map → chunk-G5KXPZUB.cjs.map} +1 -1
  48. package/dist/{chunk-MSGUG7XP.js → chunk-GF42M6A3.js} +3 -3
  49. package/dist/{chunk-MSGUG7XP.js.map → chunk-GF42M6A3.js.map} +1 -1
  50. package/dist/{chunk-ODP5DUNL.cjs → chunk-GVZ7VB33.cjs} +16 -7
  51. package/dist/chunk-GVZ7VB33.cjs.map +1 -0
  52. package/dist/{chunk-HDF6J2PA.js → chunk-GYD5JBBZ.js} +3 -3
  53. package/dist/{chunk-HDF6J2PA.js.map → chunk-GYD5JBBZ.js.map} +1 -1
  54. package/dist/{chunk-C3VLRWVN.cjs → chunk-H6ZLN6EU.cjs} +11 -11
  55. package/dist/{chunk-C3VLRWVN.cjs.map → chunk-H6ZLN6EU.cjs.map} +1 -1
  56. package/dist/{chunk-OIBX76JU.cjs → chunk-HBMIUVV4.cjs} +10 -10
  57. package/dist/{chunk-OIBX76JU.cjs.map → chunk-HBMIUVV4.cjs.map} +1 -1
  58. package/dist/{chunk-2HD547CV.js → chunk-HI5EDX3F.js} +3 -3
  59. package/dist/{chunk-2HD547CV.js.map → chunk-HI5EDX3F.js.map} +1 -1
  60. package/dist/{chunk-NASA6WQI.cjs → chunk-HXICAUTW.cjs} +9 -5
  61. package/dist/chunk-HXICAUTW.cjs.map +1 -0
  62. package/dist/{chunk-HOAPBP32.cjs → chunk-JH576GTI.cjs} +10 -10
  63. package/dist/{chunk-HOAPBP32.cjs.map → chunk-JH576GTI.cjs.map} +1 -1
  64. package/dist/{chunk-EP7BGEQN.js → chunk-JL6JURL5.js} +4 -4
  65. package/dist/{chunk-EP7BGEQN.js.map → chunk-JL6JURL5.js.map} +1 -1
  66. package/dist/{chunk-PY465Q3R.js → chunk-K6RNBFGH.js} +4 -4
  67. package/dist/{chunk-PY465Q3R.js.map → chunk-K6RNBFGH.js.map} +1 -1
  68. package/dist/{chunk-YENPIZNE.cjs → chunk-KAWEDYGS.cjs} +11 -11
  69. package/dist/{chunk-YENPIZNE.cjs.map → chunk-KAWEDYGS.cjs.map} +1 -1
  70. package/dist/{chunk-AYBVZYKG.js → chunk-M6AQTASN.js} +3 -3
  71. package/dist/{chunk-AYBVZYKG.js.map → chunk-M6AQTASN.js.map} +1 -1
  72. package/dist/{chunk-7U4AWIZN.js → chunk-MH2WUZWZ.js} +4 -4
  73. package/dist/{chunk-7U4AWIZN.js.map → chunk-MH2WUZWZ.js.map} +1 -1
  74. package/dist/{chunk-FSAN76YB.js → chunk-MKW43AJ3.js} +4 -4
  75. package/dist/{chunk-FSAN76YB.js.map → chunk-MKW43AJ3.js.map} +1 -1
  76. package/dist/{chunk-7XTRDSIB.cjs → chunk-MNEANLCY.cjs} +10 -10
  77. package/dist/{chunk-7XTRDSIB.cjs.map → chunk-MNEANLCY.cjs.map} +1 -1
  78. package/dist/{chunk-F6OAHS7U.cjs → chunk-NCCK5NVX.cjs} +10 -10
  79. package/dist/{chunk-F6OAHS7U.cjs.map → chunk-NCCK5NVX.cjs.map} +1 -1
  80. package/dist/{chunk-5LHQGPOK.js → chunk-NMS2SC2B.js} +4 -50
  81. package/dist/chunk-NMS2SC2B.js.map +1 -0
  82. package/dist/{chunk-37WHTNK3.cjs → chunk-NOBDUHIG.cjs} +10 -10
  83. package/dist/{chunk-37WHTNK3.cjs.map → chunk-NOBDUHIG.cjs.map} +1 -1
  84. package/dist/{chunk-4Y4RMTIA.cjs → chunk-OCSZZ5UK.cjs} +11 -3
  85. package/dist/chunk-OCSZZ5UK.cjs.map +1 -0
  86. package/dist/{chunk-4RNME2SG.js → chunk-OXE6JN54.js} +3 -3
  87. package/dist/{chunk-4RNME2SG.js.map → chunk-OXE6JN54.js.map} +1 -1
  88. package/dist/{chunk-OMZ2AFE6.js → chunk-QJZOWORS.js} +4 -4
  89. package/dist/{chunk-OMZ2AFE6.js.map → chunk-QJZOWORS.js.map} +1 -1
  90. package/dist/{chunk-BB6XFMH3.js → chunk-R3IO7NKS.js} +12 -9
  91. package/dist/chunk-R3IO7NKS.js.map +1 -0
  92. package/dist/{chunk-3UXER23P.js → chunk-RGI5IQDO.js} +3 -3
  93. package/dist/{chunk-3UXER23P.js.map → chunk-RGI5IQDO.js.map} +1 -1
  94. package/dist/{chunk-VEAVTM4P.js → chunk-RW62AXQH.js} +5 -3
  95. package/dist/chunk-RW62AXQH.js.map +1 -0
  96. package/dist/{chunk-75A4PINQ.js → chunk-SCHPGBMK.js} +5 -5
  97. package/dist/{chunk-75A4PINQ.js.map → chunk-SCHPGBMK.js.map} +1 -1
  98. package/dist/{chunk-5LURYWNF.cjs → chunk-SEMV475G.cjs} +5 -5
  99. package/dist/{chunk-5LURYWNF.cjs.map → chunk-SEMV475G.cjs.map} +1 -1
  100. package/dist/{chunk-J4OPB4KS.cjs → chunk-TYYGY4H4.cjs} +11 -11
  101. package/dist/{chunk-J4OPB4KS.cjs.map → chunk-TYYGY4H4.cjs.map} +1 -1
  102. package/dist/{chunk-UOYOF6ZJ.cjs → chunk-UFK5THVP.cjs} +10 -10
  103. package/dist/{chunk-UOYOF6ZJ.cjs.map → chunk-UFK5THVP.cjs.map} +1 -1
  104. package/dist/{chunk-FLIDCUYX.js → chunk-UKYIFRF3.js} +3 -3
  105. package/dist/{chunk-FLIDCUYX.js.map → chunk-UKYIFRF3.js.map} +1 -1
  106. package/dist/{chunk-C4U6B3QN.cjs → chunk-ULLR3RN3.cjs} +10 -10
  107. package/dist/{chunk-C4U6B3QN.cjs.map → chunk-ULLR3RN3.cjs.map} +1 -1
  108. package/dist/{chunk-457RSMZH.cjs → chunk-UTQV3JAT.cjs} +338 -117
  109. package/dist/chunk-UTQV3JAT.cjs.map +1 -0
  110. package/dist/{chunk-ZGDE3DVS.cjs → chunk-UUQ6I673.cjs} +6 -6
  111. package/dist/{chunk-ZGDE3DVS.cjs.map → chunk-UUQ6I673.cjs.map} +1 -1
  112. package/dist/{chunk-U67CHRAK.js → chunk-V4IWGD6S.js} +10 -6
  113. package/dist/chunk-V4IWGD6S.js.map +1 -0
  114. package/dist/{chunk-GIEF7CQR.cjs → chunk-VCBFCDP3.cjs} +103 -100
  115. package/dist/chunk-VCBFCDP3.cjs.map +1 -0
  116. package/dist/{chunk-ZRUDCNFS.js → chunk-W2QMKHBI.js} +338 -118
  117. package/dist/chunk-W2QMKHBI.js.map +1 -0
  118. package/dist/{chunk-2CO6GUN2.cjs → chunk-WC4OPIB4.cjs} +6 -6
  119. package/dist/{chunk-2CO6GUN2.cjs.map → chunk-WC4OPIB4.cjs.map} +1 -1
  120. package/dist/{chunk-JURBS7AW.cjs → chunk-WIQDQTKG.cjs} +12 -12
  121. package/dist/{chunk-JURBS7AW.cjs.map → chunk-WIQDQTKG.cjs.map} +1 -1
  122. package/dist/{chunk-VDMJKGYJ.cjs → chunk-WUCJRGTK.cjs} +10 -10
  123. package/dist/{chunk-VDMJKGYJ.cjs.map → chunk-WUCJRGTK.cjs.map} +1 -1
  124. package/dist/{chunk-S3OSXKBZ.js → chunk-WYAFNFFM.js} +55 -42
  125. package/dist/chunk-WYAFNFFM.js.map +1 -0
  126. package/dist/{chunk-FFX5KP4Y.cjs → chunk-XBMICDYC.cjs} +26 -26
  127. package/dist/{chunk-FFX5KP4Y.cjs.map → chunk-XBMICDYC.cjs.map} +1 -1
  128. package/dist/{chunk-XUBQNV4W.cjs → chunk-Y2OBOWHZ.cjs} +33 -33
  129. package/dist/{chunk-XUBQNV4W.cjs.map → chunk-Y2OBOWHZ.cjs.map} +1 -1
  130. package/dist/{chunk-JTKK7ZEC.cjs → chunk-YEYWCSMW.cjs} +14 -14
  131. package/dist/{chunk-JTKK7ZEC.cjs.map → chunk-YEYWCSMW.cjs.map} +1 -1
  132. package/dist/{chunk-OOTESG4L.js → chunk-YKS5HCGB.js} +12 -9
  133. package/dist/chunk-YKS5HCGB.js.map +1 -0
  134. package/dist/{chunk-DZHGLVLY.cjs → chunk-YTB4DWYU.cjs} +30 -30
  135. package/dist/{chunk-DZHGLVLY.cjs.map → chunk-YTB4DWYU.cjs.map} +1 -1
  136. package/dist/{chunk-F37L2WVR.cjs → chunk-YV7FX2SA.cjs} +10 -10
  137. package/dist/{chunk-F37L2WVR.cjs.map → chunk-YV7FX2SA.cjs.map} +1 -1
  138. package/dist/{chunk-KVLNMWUF.cjs → chunk-YWPRH3D3.cjs} +132 -119
  139. package/dist/chunk-YWPRH3D3.cjs.map +1 -0
  140. package/dist/{chunk-DWIUNYVY.cjs → chunk-ZFCNTRZ2.cjs} +5 -3
  141. package/dist/chunk-ZFCNTRZ2.cjs.map +1 -0
  142. package/dist/{chunk-C2ITUXN6.js → chunk-ZHULRNJG.js} +9 -6
  143. package/dist/chunk-ZHULRNJG.js.map +1 -0
  144. package/dist/{chunk-BHMMMTPE.js → chunk-ZKXIAID6.js} +4 -4
  145. package/dist/{chunk-BHMMMTPE.js.map → chunk-ZKXIAID6.js.map} +1 -1
  146. package/dist/docs/SKILL.md +1 -1
  147. package/dist/docs/assets/SOURCE_MAP.json +1 -1
  148. package/dist/{observational-memory-OZ7TG4DZ-COUORCVN.cjs → observational-memory-K2U3QQIO-MBBXGVVG.cjs} +32 -28
  149. package/dist/{observational-memory-OZ7TG4DZ-COUORCVN.cjs.map → observational-memory-K2U3QQIO-MBBXGVVG.cjs.map} +1 -1
  150. package/dist/observational-memory-K2U3QQIO-MOPJN5M7.js +3 -0
  151. package/dist/{observational-memory-OZ7TG4DZ-MYYBYEP6.js.map → observational-memory-K2U3QQIO-MOPJN5M7.js.map} +1 -1
  152. package/dist/server/handlers/a2a.cjs +9 -9
  153. package/dist/server/handlers/a2a.js +1 -1
  154. package/dist/server/handlers/agent-builder.cjs +16 -16
  155. package/dist/server/handlers/agent-builder.js +1 -1
  156. package/dist/server/handlers/agent-versions.cjs +8 -8
  157. package/dist/server/handlers/agent-versions.js +1 -1
  158. package/dist/server/handlers/agents.cjs +33 -33
  159. package/dist/server/handlers/agents.d.ts +10 -5
  160. package/dist/server/handlers/agents.d.ts.map +1 -1
  161. package/dist/server/handlers/agents.js +1 -1
  162. package/dist/server/handlers/auth.cjs +10 -10
  163. package/dist/server/handlers/auth.js +1 -1
  164. package/dist/server/handlers/datasets.cjs +24 -24
  165. package/dist/server/handlers/datasets.js +1 -1
  166. package/dist/server/handlers/logs.cjs +4 -4
  167. package/dist/server/handlers/logs.js +1 -1
  168. package/dist/server/handlers/mcp-client-versions.cjs +8 -8
  169. package/dist/server/handlers/mcp-client-versions.js +1 -1
  170. package/dist/server/handlers/mcp.cjs +9 -9
  171. package/dist/server/handlers/mcp.js +1 -1
  172. package/dist/server/handlers/memory.cjs +27 -27
  173. package/dist/server/handlers/memory.d.ts +16 -0
  174. package/dist/server/handlers/memory.d.ts.map +1 -1
  175. package/dist/server/handlers/memory.js +1 -1
  176. package/dist/server/handlers/observability-new-endpoints.cjs +19 -19
  177. package/dist/server/handlers/observability-new-endpoints.js +1 -1
  178. package/dist/server/handlers/observability.cjs +24 -24
  179. package/dist/server/handlers/observability.js +2 -2
  180. package/dist/server/handlers/processor-providers.cjs +3 -3
  181. package/dist/server/handlers/processor-providers.js +1 -1
  182. package/dist/server/handlers/processors.cjs +4 -4
  183. package/dist/server/handlers/processors.js +1 -1
  184. package/dist/server/handlers/prompt-block-versions.cjs +8 -8
  185. package/dist/server/handlers/prompt-block-versions.js +1 -1
  186. package/dist/server/handlers/scorer-versions.cjs +8 -8
  187. package/dist/server/handlers/scorer-versions.js +1 -1
  188. package/dist/server/handlers/scores.cjs +7 -7
  189. package/dist/server/handlers/scores.js +1 -1
  190. package/dist/server/handlers/stored-agents.cjs +7 -7
  191. package/dist/server/handlers/stored-agents.js +1 -1
  192. package/dist/server/handlers/stored-mcp-clients.cjs +6 -6
  193. package/dist/server/handlers/stored-mcp-clients.js +1 -1
  194. package/dist/server/handlers/stored-prompt-blocks.cjs +6 -6
  195. package/dist/server/handlers/stored-prompt-blocks.js +1 -1
  196. package/dist/server/handlers/stored-scorers.cjs +6 -6
  197. package/dist/server/handlers/stored-scorers.js +1 -1
  198. package/dist/server/handlers/stored-skills.cjs +7 -7
  199. package/dist/server/handlers/stored-skills.js +1 -1
  200. package/dist/server/handlers/stored-workspaces.cjs +6 -6
  201. package/dist/server/handlers/stored-workspaces.js +1 -1
  202. package/dist/server/handlers/system.cjs +2 -2
  203. package/dist/server/handlers/system.d.ts +4 -0
  204. package/dist/server/handlers/system.d.ts.map +1 -1
  205. package/dist/server/handlers/system.js +1 -1
  206. package/dist/server/handlers/tool-providers.cjs +5 -5
  207. package/dist/server/handlers/tool-providers.js +1 -1
  208. package/dist/server/handlers/tools.cjs +6 -6
  209. package/dist/server/handlers/tools.js +1 -1
  210. package/dist/server/handlers/vector.cjs +16 -16
  211. package/dist/server/handlers/vector.js +1 -1
  212. package/dist/server/handlers/voice.cjs +8 -8
  213. package/dist/server/handlers/voice.js +1 -1
  214. package/dist/server/handlers/workflows.cjs +24 -24
  215. package/dist/server/handlers/workflows.js +1 -1
  216. package/dist/server/handlers/workspace.cjs +26 -26
  217. package/dist/server/handlers/workspace.d.ts +60 -32
  218. package/dist/server/handlers/workspace.d.ts.map +1 -1
  219. package/dist/server/handlers/workspace.js +1 -1
  220. package/dist/server/handlers.cjs +26 -26
  221. package/dist/server/handlers.js +13 -13
  222. package/dist/server/schemas/index.cjs +103 -99
  223. package/dist/server/schemas/index.js +3 -3
  224. package/dist/server/schemas/memory.d.ts +8 -0
  225. package/dist/server/schemas/memory.d.ts.map +1 -1
  226. package/dist/server/schemas/system.d.ts +2 -0
  227. package/dist/server/schemas/system.d.ts.map +1 -1
  228. package/dist/server/schemas/workspace.d.ts +6 -0
  229. package/dist/server/schemas/workspace.d.ts.map +1 -1
  230. package/dist/server/server-adapter/index.cjs +284 -284
  231. package/dist/server/server-adapter/index.js +34 -34
  232. package/dist/server/server-adapter/routes/memory.d.ts +16 -0
  233. package/dist/server/server-adapter/routes/memory.d.ts.map +1 -1
  234. package/dist/server/server-adapter/routes/system.d.ts +4 -0
  235. package/dist/server/server-adapter/routes/system.d.ts.map +1 -1
  236. package/dist/server/server-adapter/routes/workspace.d.ts +30 -16
  237. package/dist/server/server-adapter/routes/workspace.d.ts.map +1 -1
  238. package/package.json +6 -6
  239. package/dist/chunk-2OGP3GTW.cjs.map +0 -1
  240. package/dist/chunk-457RSMZH.cjs.map +0 -1
  241. package/dist/chunk-4Y4RMTIA.cjs.map +0 -1
  242. package/dist/chunk-5LHQGPOK.js.map +0 -1
  243. package/dist/chunk-BB6XFMH3.js.map +0 -1
  244. package/dist/chunk-C2ITUXN6.js.map +0 -1
  245. package/dist/chunk-DWIUNYVY.cjs.map +0 -1
  246. package/dist/chunk-E3ZR4JAK.cjs.map +0 -1
  247. package/dist/chunk-GIEF7CQR.cjs.map +0 -1
  248. package/dist/chunk-KVLNMWUF.cjs.map +0 -1
  249. package/dist/chunk-NASA6WQI.cjs.map +0 -1
  250. package/dist/chunk-ODP5DUNL.cjs.map +0 -1
  251. package/dist/chunk-OOTESG4L.js.map +0 -1
  252. package/dist/chunk-OQCQTAI6.js.map +0 -1
  253. package/dist/chunk-OSZ6AAFG.cjs.map +0 -1
  254. package/dist/chunk-PIORYI6S.js.map +0 -1
  255. package/dist/chunk-S3OSXKBZ.js.map +0 -1
  256. package/dist/chunk-U67CHRAK.js.map +0 -1
  257. package/dist/chunk-VEAVTM4P.js.map +0 -1
  258. package/dist/chunk-ZRUDCNFS.js.map +0 -1
  259. package/dist/observational-memory-OZ7TG4DZ-MYYBYEP6.js +0 -3
package/dist/{chunk-7XTRDSIB.cjs → chunk-MNEANLCY.cjs} RENAMED
@@ -2,7 +2,7 @@
2
2
 
3
3
  var chunk7C2R3QNO_cjs = require('./chunk-7C2R3QNO.cjs');
4
4
  var chunkB34S64RC_cjs = require('./chunk-B34S64RC.cjs');
5
- var chunk2OGP3GTW_cjs = require('./chunk-2OGP3GTW.cjs');
5
+ var chunkEGSCXVMR_cjs = require('./chunk-EGSCXVMR.cjs');
6
6
  var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
7
7
 
8
8
  // src/server/handlers/auth.ts
@@ -40,7 +40,7 @@ function getRBACProvider(mastra) {
40
40
  function implementsInterface(auth, method) {
41
41
  return auth !== null && typeof auth === "object" && method in auth;
42
42
  }
43
- var GET_AUTH_CAPABILITIES_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
43
+ var GET_AUTH_CAPABILITIES_ROUTE = chunkEGSCXVMR_cjs.createPublicRoute({
44
44
  method: "GET",
45
45
  path: "/auth/capabilities",
46
46
  responseType: "json",
@@ -67,7 +67,7 @@ var GET_AUTH_CAPABILITIES_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
67
67
  }
68
68
  }
69
69
  });
70
- var GET_CURRENT_USER_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
70
+ var GET_CURRENT_USER_ROUTE = chunkEGSCXVMR_cjs.createPublicRoute({
71
71
  method: "GET",
72
72
  path: "/auth/me",
73
73
  responseType: "json",
@@ -107,7 +107,7 @@ var GET_CURRENT_USER_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
107
107
  }
108
108
  }
109
109
  });
110
- var GET_SSO_LOGIN_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
110
+ var GET_SSO_LOGIN_ROUTE = chunkEGSCXVMR_cjs.createPublicRoute({
111
111
  method: "GET",
112
112
  path: "/auth/sso/login",
113
113
  responseType: "datastream-response",
@@ -163,7 +163,7 @@ var GET_SSO_LOGIN_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
163
163
  }
164
164
  }
165
165
  });
166
- var GET_SSO_CALLBACK_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
166
+ var GET_SSO_CALLBACK_ROUTE = chunkEGSCXVMR_cjs.createPublicRoute({
167
167
  method: "GET",
168
168
  path: "/auth/sso/callback",
169
169
  responseType: "datastream-response",
@@ -239,7 +239,7 @@ var GET_SSO_CALLBACK_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
239
239
  }
240
240
  }
241
241
  });
242
- var POST_LOGOUT_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
242
+ var POST_LOGOUT_ROUTE = chunkEGSCXVMR_cjs.createPublicRoute({
243
243
  method: "POST",
244
244
  path: "/auth/logout",
245
245
  responseType: "datastream-response",
@@ -284,7 +284,7 @@ var POST_LOGOUT_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
284
284
  }
285
285
  }
286
286
  });
287
- var POST_CREDENTIALS_SIGN_IN_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
287
+ var POST_CREDENTIALS_SIGN_IN_ROUTE = chunkEGSCXVMR_cjs.createPublicRoute({
288
288
  method: "POST",
289
289
  path: "/auth/credentials/sign-in",
290
290
  responseType: "datastream-response",
@@ -325,7 +325,7 @@ var POST_CREDENTIALS_SIGN_IN_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
325
325
  }
326
326
  }
327
327
  });
328
- var POST_CREDENTIALS_SIGN_UP_ROUTE = chunk2OGP3GTW_cjs.createPublicRoute({
328
+ var POST_CREDENTIALS_SIGN_UP_ROUTE = chunkEGSCXVMR_cjs.createPublicRoute({
329
329
  method: "POST",
330
330
  path: "/auth/credentials/sign-up",
331
331
  responseType: "datastream-response",
@@ -389,5 +389,5 @@ exports.POST_CREDENTIALS_SIGN_IN_ROUTE = POST_CREDENTIALS_SIGN_IN_ROUTE;
389
389
  exports.POST_CREDENTIALS_SIGN_UP_ROUTE = POST_CREDENTIALS_SIGN_UP_ROUTE;
390
390
  exports.POST_LOGOUT_ROUTE = POST_LOGOUT_ROUTE;
391
391
  exports.getPublicOrigin = getPublicOrigin;
392
- //# sourceMappingURL=chunk-7XTRDSIB.cjs.map
393
- //# sourceMappingURL=chunk-7XTRDSIB.cjs.map
392
+ //# sourceMappingURL=chunk-MNEANLCY.cjs.map
393
+ //# sourceMappingURL=chunk-MNEANLCY.cjs.map
package/dist/{chunk-7XTRDSIB.cjs.map → chunk-MNEANLCY.cjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["createPublicRoute","capabilitiesResponseSchema","handleError","currentUserResponseSchema","ssoLoginQuerySchema","HTTPException","ssoCallbackQuerySchema","credentialsSignInBodySchema","credentialsSignUpBodySchema","mastra"],"mappings":";;;;;;;;AAiCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AASO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AACA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,YAAY,MAAA,IAAU,IAAA;AAChE;AAMO,IAAM,8BAA8BA,mCAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,4CAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,SAAS,EAAE,IAAA,EAAM,SAAA,EAAW,WAAA,EAAa,CAAA;AAE5F,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBF,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBG,2CAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOD,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsBF,mCAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBI,qCAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBF,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBM,wCAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoBN,mCAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOE,6BAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCF,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYO,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCL,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYQ,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,MAAMI,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-7XTRDSIB.cjs","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n} from '../schemas/auth';\nimport { createPublicRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (auth: any, request: Request, options?: { rbac?: any; apiPrefix?: string }) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname.\n * X-Forwarded-Host tells us the real public hostname.\n * Always uses https when behind a proxy — Knative's queue-proxy overwrites\n * X-Forwarded-Proto based on the internal HTTP connection, so it's unreliable.\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && method in auth;\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, apiPrefix: routePrefix });\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const auth = getAuthProvider(mastra);\n const rbac = getRBACProvider(mastra);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n] as const;\n"]}
1
+ {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["createPublicRoute","capabilitiesResponseSchema","handleError","currentUserResponseSchema","ssoLoginQuerySchema","HTTPException","ssoCallbackQuerySchema","credentialsSignInBodySchema","credentialsSignUpBodySchema","mastra"],"mappings":";;;;;;;;AAiCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AASO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AACA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,YAAY,MAAA,IAAU,IAAA;AAChE;AAMO,IAAM,8BAA8BA,mCAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,4CAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,SAAS,EAAE,IAAA,EAAM,SAAA,EAAW,WAAA,EAAa,CAAA;AAE5F,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBF,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBG,2CAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOD,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsBF,mCAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBI,qCAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBF,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBM,wCAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoBN,mCAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOE,6BAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCF,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYO,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCL,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYQ,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,MAAMI,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-MNEANLCY.cjs","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n} from '../schemas/auth';\nimport { createPublicRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (auth: any, request: Request, options?: { rbac?: any; apiPrefix?: string }) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname.\n * X-Forwarded-Host tells us the real public hostname.\n * Always uses https when behind a proxy — Knative's queue-proxy overwrites\n * X-Forwarded-Proto based on the internal HTTP connection, so it's unreliable.\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && method in auth;\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, apiPrefix: routePrefix });\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const auth = getAuthProvider(mastra);\n const rbac = getRBACProvider(mastra);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n] as const;\n"]}
package/dist/{chunk-F6OAHS7U.cjs → chunk-NCCK5NVX.cjs} RENAMED
@@ -2,14 +2,14 @@
2
2
 
3
3
  var chunk5XEAWQRZ_cjs = require('./chunk-5XEAWQRZ.cjs');
4
4
  var chunk2XZ2466F_cjs = require('./chunk-2XZ2466F.cjs');
5
- var chunk2CO6GUN2_cjs = require('./chunk-2CO6GUN2.cjs');
5
+ var chunkWC4OPIB4_cjs = require('./chunk-WC4OPIB4.cjs');
6
6
  var chunkEES2ZZGL_cjs = require('./chunk-EES2ZZGL.cjs');
7
7
  var chunkB34S64RC_cjs = require('./chunk-B34S64RC.cjs');
8
- var chunk2OGP3GTW_cjs = require('./chunk-2OGP3GTW.cjs');
8
+ var chunkEGSCXVMR_cjs = require('./chunk-EGSCXVMR.cjs');
9
9
  var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
10
10
 
11
11
  // src/server/handlers/stored-mcp-clients.ts
12
- var LIST_STORED_MCP_CLIENTS_ROUTE = chunk2OGP3GTW_cjs.createRoute({
12
+ var LIST_STORED_MCP_CLIENTS_ROUTE = chunkEGSCXVMR_cjs.createRoute({
13
13
  method: "GET",
14
14
  path: "/stored/mcp-clients",
15
15
  responseType: "json",
@@ -43,7 +43,7 @@ var LIST_STORED_MCP_CLIENTS_ROUTE = chunk2OGP3GTW_cjs.createRoute({
43
43
  }
44
44
  }
45
45
  });
46
- var GET_STORED_MCP_CLIENT_ROUTE = chunk2OGP3GTW_cjs.createRoute({
46
+ var GET_STORED_MCP_CLIENT_ROUTE = chunkEGSCXVMR_cjs.createRoute({
47
47
  method: "GET",
48
48
  path: "/stored/mcp-clients/:storedMCPClientId",
49
49
  responseType: "json",
@@ -74,7 +74,7 @@ var GET_STORED_MCP_CLIENT_ROUTE = chunk2OGP3GTW_cjs.createRoute({
74
74
  }
75
75
  }
76
76
  });
77
- var CREATE_STORED_MCP_CLIENT_ROUTE = chunk2OGP3GTW_cjs.createRoute({
77
+ var CREATE_STORED_MCP_CLIENT_ROUTE = chunkEGSCXVMR_cjs.createRoute({
78
78
  method: "POST",
79
79
  path: "/stored/mcp-clients",
80
80
  responseType: "json",
@@ -94,7 +94,7 @@ var CREATE_STORED_MCP_CLIENT_ROUTE = chunk2OGP3GTW_cjs.createRoute({
94
94
  if (!mcpClientStore) {
95
95
  throw new chunk64ITUOXI_cjs.HTTPException(500, { message: "MCP clients storage domain is not available" });
96
96
  }
97
- const id = providedId || chunk2CO6GUN2_cjs.toSlug(name);
97
+ const id = providedId || chunkWC4OPIB4_cjs.toSlug(name);
98
98
  if (!id) {
99
99
  throw new chunk64ITUOXI_cjs.HTTPException(400, {
100
100
  message: "Could not derive MCP client ID from name. Please provide an explicit id."
@@ -124,7 +124,7 @@ var CREATE_STORED_MCP_CLIENT_ROUTE = chunk2OGP3GTW_cjs.createRoute({
124
124
  }
125
125
  }
126
126
  });
127
- var UPDATE_STORED_MCP_CLIENT_ROUTE = chunk2OGP3GTW_cjs.createRoute({
127
+ var UPDATE_STORED_MCP_CLIENT_ROUTE = chunkEGSCXVMR_cjs.createRoute({
128
128
  method: "PATCH",
129
129
  path: "/stored/mcp-clients/:storedMCPClientId",
130
130
  responseType: "json",
@@ -188,7 +188,7 @@ var UPDATE_STORED_MCP_CLIENT_ROUTE = chunk2OGP3GTW_cjs.createRoute({
188
188
  }
189
189
  }
190
190
  });
191
- var DELETE_STORED_MCP_CLIENT_ROUTE = chunk2OGP3GTW_cjs.createRoute({
191
+ var DELETE_STORED_MCP_CLIENT_ROUTE = chunkEGSCXVMR_cjs.createRoute({
192
192
  method: "DELETE",
193
193
  path: "/stored/mcp-clients/:storedMCPClientId",
194
194
  responseType: "json",
@@ -228,5 +228,5 @@ exports.DELETE_STORED_MCP_CLIENT_ROUTE = DELETE_STORED_MCP_CLIENT_ROUTE;
228
228
  exports.GET_STORED_MCP_CLIENT_ROUTE = GET_STORED_MCP_CLIENT_ROUTE;
229
229
  exports.LIST_STORED_MCP_CLIENTS_ROUTE = LIST_STORED_MCP_CLIENTS_ROUTE;
230
230
  exports.UPDATE_STORED_MCP_CLIENT_ROUTE = UPDATE_STORED_MCP_CLIENT_ROUTE;
231
- //# sourceMappingURL=chunk-F6OAHS7U.cjs.map
232
- //# sourceMappingURL=chunk-F6OAHS7U.cjs.map
231
+ //# sourceMappingURL=chunk-NCCK5NVX.cjs.map
232
+ //# sourceMappingURL=chunk-NCCK5NVX.cjs.map
package/dist/{chunk-F6OAHS7U.cjs.map → chunk-NCCK5NVX.cjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/server/handlers/stored-mcp-clients.ts"],"names":["createRoute","listStoredMCPClientsQuerySchema","listStoredMCPClientsResponseSchema","HTTPException","handleError","storedMCPClientIdPathParams","statusQuerySchema","getStoredMCPClientResponseSchema","createStoredMCPClientBodySchema","createStoredMCPClientResponseSchema","toSlug","updateStoredMCPClientBodySchema","updateStoredMCPClientResponseSchema","handleAutoVersioning","MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS","deleteStoredMCPClientResponseSchema"],"mappings":";;;;;;;;;;;AA2BO,IAAM,gCAAgCA,6BAAA,CAAY;AAAA,EACvD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,qBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,iDAAA;AAAA,EAClB,cAAA,EAAgBC,oDAAA;AAAA,EAChB,OAAA,EAAS,yBAAA;AAAA,EACT,WAAA,EAAa,kFAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,IAAA,EAAM,SAAS,OAAA,EAAS,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAS,KAAM;AACjF,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,YAAA,CAAa;AAAA,QAC/C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,8BAA8BJ,6BAAA,CAAY;AAAA,EACrD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,gBAAA,EAAkBC,mCAAA;AAAA,EAClB,cAAA,EAAgBC,kDAAA;AAAA,EAChB,OAAA,EAAS,6BAAA;AAAA,EACT,WAAA,EACE,qMAAA;AAAA,EACF,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,iBAAA,EAAmB,QAAO,KAAM;AACxD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAEA,MAAA,MAAM,YAAY,MAAM,cAAA,CAAe,gBAAgB,iBAAA,EAAmB,EAAE,QAAQ,CAAA;AAEpF,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAEA,MAAA,OAAO,SAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,qBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYQ,iDAAA;AAAA,EACZ,cAAA,EAAgBC,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,6EAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,EAAA,EAAI,UAAA,EAAY,QAAA,EAAU,QAAA,EAAU,IAAA,EAAM,WAAA,EAAa,OAAA,EAAQ,KAAM;AAC7F,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIN,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAcO,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIP,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,EAAE,CAAA;AAChD,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,mBAAA,EAAsB,EAAE,mBAAmB,CAAA;AAAA,MACrF;AAEA,MAAA,MAAM,eAAe,MAAA,CAAO;AAAA,QAC1B,SAAA,EAAW;AAAA,UACT,EAAA;AAAA,UACA,QAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAID,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,eAAA,CAAgB,IAAI,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC7E,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,UAAA,EAAYM,iDAAA;AAAA,EACZ,cAAA,EAAgBC,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,oEAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,iBAAA;AAAA;AAAA,IAEA,QAAA;AAAA,IACA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIT,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,iBAAiB,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAGA,MAAA,MAAM,gBAAA,GAAmB,MAAM,cAAA,CAAe,MAAA,CAAO;AAAA,QACnD,EAAA,EAAI,iBAAA;AAAA,QACJ,QAAA;AAAA,QACA,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACD,CAAA;AAGD,MAAA,MAAM,YAAA,GAAe,EAAE,IAAA,EAAM,WAAA,EAAa,OAAA,EAAQ;AAGlD,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,WAAA,CAAY,MAAA,CAAO,QAAQ,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA,KAAM,MAAS,CAAC,CAAA;AAKhH,MAAA,MAAMU,sCAAA;AAAA,QACJ,cAAA;AAAA,QACA,iBAAA;AAAA,QACA,aAAA;AAAA,QACAC,mDAAA;AAAA,QACA,QAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,OACF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,eAAA,CAAgB,mBAAmB,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC5F,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIX,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,cAAA,EAAgBU,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,6DAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,mBAAkB,KAAM;AAChD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIZ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,iBAAiB,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAEA,MAAA,MAAM,cAAA,CAAe,OAAO,iBAAiB,CAAA;AAE7C,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,OAAA,EAAS,cAAc,iBAAiB,CAAA,qBAAA;AAAA,OAC1C;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC","file":"chunk-F6OAHS7U.cjs","sourcesContent":["import { HTTPException } from '../http-exception';\nimport {\n storedMCPClientIdPathParams,\n statusQuerySchema,\n listStoredMCPClientsQuerySchema,\n createStoredMCPClientBodySchema,\n updateStoredMCPClientBodySchema,\n listStoredMCPClientsResponseSchema,\n getStoredMCPClientResponseSchema,\n createStoredMCPClientResponseSchema,\n updateStoredMCPClientResponseSchema,\n deleteStoredMCPClientResponseSchema,\n} from '../schemas/stored-mcp-clients';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\nimport { handleAutoVersioning, MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS } from './version-helpers';\nimport type { VersionedStoreInterface } from './version-helpers';\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/**\n * GET /stored/mcp-clients - List all stored MCP clients\n */\nexport const LIST_STORED_MCP_CLIENTS_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/mcp-clients',\n responseType: 'json',\n queryParamSchema: listStoredMCPClientsQuerySchema,\n responseSchema: listStoredMCPClientsResponseSchema,\n summary: 'List stored MCP clients',\n description: 'Returns a paginated list of all MCP client configurations stored in the database',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, page, perPage, orderBy, status, authorId, metadata }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n const result = await mcpClientStore.listResolved({\n page,\n perPage,\n orderBy,\n status,\n authorId,\n metadata,\n });\n\n return result;\n } catch (error) {\n return handleError(error, 'Error listing stored MCP clients');\n }\n },\n});\n\n/**\n * GET /stored/mcp-clients/:storedMCPClientId - Get a stored MCP client by ID\n */\nexport const GET_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n queryParamSchema: statusQuerySchema,\n responseSchema: getStoredMCPClientResponseSchema,\n summary: 'Get stored MCP client by ID',\n description:\n 'Returns a specific MCP client from storage by its unique identifier. Use ?status=draft to resolve with the latest (draft) version, or ?status=published (default) for the active published version.',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, storedMCPClientId, status }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n const mcpClient = await mcpClientStore.getByIdResolved(storedMCPClientId, { status });\n\n if (!mcpClient) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n return mcpClient;\n } catch (error) {\n return handleError(error, 'Error getting stored MCP client');\n }\n },\n});\n\n/**\n * POST /stored/mcp-clients - Create a new stored MCP client\n */\nexport const CREATE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/mcp-clients',\n responseType: 'json',\n bodySchema: createStoredMCPClientBodySchema,\n responseSchema: createStoredMCPClientResponseSchema,\n summary: 'Create stored MCP client',\n description: 'Creates a new MCP client configuration in storage with the provided servers',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, id: providedId, authorId, metadata, name, description, servers }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Derive ID from name if not explicitly provided\n const id = providedId || toSlug(name);\n\n if (!id) {\n throw new HTTPException(400, {\n message: 'Could not derive MCP client ID from name. Please provide an explicit id.',\n });\n }\n\n // Check if MCP client with this ID already exists\n const existing = await mcpClientStore.getById(id);\n if (existing) {\n throw new HTTPException(409, { message: `MCP client with id ${id} already exists` });\n }\n\n await mcpClientStore.create({\n mcpClient: {\n id,\n authorId,\n metadata,\n name,\n description,\n servers,\n },\n });\n\n // Return the resolved MCP client (thin record + version config)\n // Use draft status since newly created entities start as drafts\n const resolved = await mcpClientStore.getByIdResolved(id, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve created MCP client' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error creating stored MCP client');\n }\n },\n});\n\n/**\n * PATCH /stored/mcp-clients/:storedMCPClientId - Update a stored MCP client\n */\nexport const UPDATE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'PATCH',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n bodySchema: updateStoredMCPClientBodySchema,\n responseSchema: updateStoredMCPClientResponseSchema,\n summary: 'Update stored MCP client',\n description: 'Updates an existing MCP client in storage with the provided fields',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({\n mastra,\n storedMCPClientId,\n // Metadata-level fields\n authorId,\n metadata,\n // Config fields (snapshot-level)\n name,\n description,\n servers,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Check if MCP client exists\n const existing = await mcpClientStore.getById(storedMCPClientId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n // Update the MCP client with both metadata-level and config-level fields\n const updatedMCPClient = await mcpClientStore.update({\n id: storedMCPClientId,\n authorId,\n metadata,\n name,\n description,\n servers,\n });\n\n // Build the snapshot config for auto-versioning comparison\n const configFields = { name, description, servers };\n\n // Filter out undefined values to get only the config fields that were provided\n const providedConfigFields = Object.fromEntries(Object.entries(configFields).filter(([_, v]) => v !== undefined));\n\n // Handle auto-versioning with retry logic for race conditions\n // This creates a new version if there are meaningful config changes.\n // It does NOT update activeVersionId — the version stays as a draft until explicitly published.\n await handleAutoVersioning(\n mcpClientStore as unknown as VersionedStoreInterface,\n storedMCPClientId,\n 'mcpClientId',\n MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS,\n existing,\n updatedMCPClient,\n providedConfigFields,\n );\n\n // Return the resolved MCP client with the latest (draft) version so the UI sees its edits\n const resolved = await mcpClientStore.getByIdResolved(storedMCPClientId, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve updated MCP client' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error updating stored MCP client');\n }\n },\n});\n\n/**\n * DELETE /stored/mcp-clients/:storedMCPClientId - Delete a stored MCP client\n */\nexport const DELETE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'DELETE',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n responseSchema: deleteStoredMCPClientResponseSchema,\n summary: 'Delete stored MCP client',\n description: 'Deletes an MCP client from storage by its unique identifier',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, storedMCPClientId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Check if MCP client exists\n const existing = await mcpClientStore.getById(storedMCPClientId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n await mcpClientStore.delete(storedMCPClientId);\n\n return {\n success: true,\n message: `MCP client ${storedMCPClientId} deleted successfully`,\n };\n } catch (error) {\n return handleError(error, 'Error deleting stored MCP client');\n }\n },\n});\n"]}
1
+ {"version":3,"sources":["../src/server/handlers/stored-mcp-clients.ts"],"names":["createRoute","listStoredMCPClientsQuerySchema","listStoredMCPClientsResponseSchema","HTTPException","handleError","storedMCPClientIdPathParams","statusQuerySchema","getStoredMCPClientResponseSchema","createStoredMCPClientBodySchema","createStoredMCPClientResponseSchema","toSlug","updateStoredMCPClientBodySchema","updateStoredMCPClientResponseSchema","handleAutoVersioning","MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS","deleteStoredMCPClientResponseSchema"],"mappings":";;;;;;;;;;;AA2BO,IAAM,gCAAgCA,6BAAA,CAAY;AAAA,EACvD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,qBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,iDAAA;AAAA,EAClB,cAAA,EAAgBC,oDAAA;AAAA,EAChB,OAAA,EAAS,yBAAA;AAAA,EACT,WAAA,EAAa,kFAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,IAAA,EAAM,SAAS,OAAA,EAAS,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAS,KAAM;AACjF,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,YAAA,CAAa;AAAA,QAC/C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,8BAA8BJ,6BAAA,CAAY;AAAA,EACrD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,gBAAA,EAAkBC,mCAAA;AAAA,EAClB,cAAA,EAAgBC,kDAAA;AAAA,EAChB,OAAA,EAAS,6BAAA;AAAA,EACT,WAAA,EACE,qMAAA;AAAA,EACF,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,iBAAA,EAAmB,QAAO,KAAM;AACxD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAEA,MAAA,MAAM,YAAY,MAAM,cAAA,CAAe,gBAAgB,iBAAA,EAAmB,EAAE,QAAQ,CAAA;AAEpF,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAEA,MAAA,OAAO,SAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,qBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYQ,iDAAA;AAAA,EACZ,cAAA,EAAgBC,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,6EAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,EAAA,EAAI,UAAA,EAAY,QAAA,EAAU,QAAA,EAAU,IAAA,EAAM,WAAA,EAAa,OAAA,EAAQ,KAAM;AAC7F,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIN,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAcO,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIP,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,EAAE,CAAA;AAChD,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,mBAAA,EAAsB,EAAE,mBAAmB,CAAA;AAAA,MACrF;AAEA,MAAA,MAAM,eAAe,MAAA,CAAO;AAAA,QAC1B,SAAA,EAAW;AAAA,UACT,EAAA;AAAA,UACA,QAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAID,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,eAAA,CAAgB,IAAI,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC7E,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,UAAA,EAAYM,iDAAA;AAAA,EACZ,cAAA,EAAgBC,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,oEAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,iBAAA;AAAA;AAAA,IAEA,QAAA;AAAA,IACA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIT,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,iBAAiB,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAGA,MAAA,MAAM,gBAAA,GAAmB,MAAM,cAAA,CAAe,MAAA,CAAO;AAAA,QACnD,EAAA,EAAI,iBAAA;AAAA,QACJ,QAAA;AAAA,QACA,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACD,CAAA;AAGD,MAAA,MAAM,YAAA,GAAe,EAAE,IAAA,EAAM,WAAA,EAAa,OAAA,EAAQ;AAGlD,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,WAAA,CAAY,MAAA,CAAO,QAAQ,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA,KAAM,MAAS,CAAC,CAAA;AAKhH,MAAA,MAAMU,sCAAA;AAAA,QACJ,cAAA;AAAA,QACA,iBAAA;AAAA,QACA,aAAA;AAAA,QACAC,mDAAA;AAAA,QACA,QAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,OACF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,eAAA,CAAgB,mBAAmB,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC5F,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIX,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,cAAA,EAAgBU,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,6DAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,mBAAkB,KAAM;AAChD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIZ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,iBAAiB,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAEA,MAAA,MAAM,cAAA,CAAe,OAAO,iBAAiB,CAAA;AAE7C,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,OAAA,EAAS,cAAc,iBAAiB,CAAA,qBAAA;AAAA,OAC1C;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC","file":"chunk-NCCK5NVX.cjs","sourcesContent":["import { HTTPException } from '../http-exception';\nimport {\n storedMCPClientIdPathParams,\n statusQuerySchema,\n listStoredMCPClientsQuerySchema,\n createStoredMCPClientBodySchema,\n updateStoredMCPClientBodySchema,\n listStoredMCPClientsResponseSchema,\n getStoredMCPClientResponseSchema,\n createStoredMCPClientResponseSchema,\n updateStoredMCPClientResponseSchema,\n deleteStoredMCPClientResponseSchema,\n} from '../schemas/stored-mcp-clients';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\nimport { handleAutoVersioning, MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS } from './version-helpers';\nimport type { VersionedStoreInterface } from './version-helpers';\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/**\n * GET /stored/mcp-clients - List all stored MCP clients\n */\nexport const LIST_STORED_MCP_CLIENTS_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/mcp-clients',\n responseType: 'json',\n queryParamSchema: listStoredMCPClientsQuerySchema,\n responseSchema: listStoredMCPClientsResponseSchema,\n summary: 'List stored MCP clients',\n description: 'Returns a paginated list of all MCP client configurations stored in the database',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, page, perPage, orderBy, status, authorId, metadata }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n const result = await mcpClientStore.listResolved({\n page,\n perPage,\n orderBy,\n status,\n authorId,\n metadata,\n });\n\n return result;\n } catch (error) {\n return handleError(error, 'Error listing stored MCP clients');\n }\n },\n});\n\n/**\n * GET /stored/mcp-clients/:storedMCPClientId - Get a stored MCP client by ID\n */\nexport const GET_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n queryParamSchema: statusQuerySchema,\n responseSchema: getStoredMCPClientResponseSchema,\n summary: 'Get stored MCP client by ID',\n description:\n 'Returns a specific MCP client from storage by its unique identifier. Use ?status=draft to resolve with the latest (draft) version, or ?status=published (default) for the active published version.',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, storedMCPClientId, status }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n const mcpClient = await mcpClientStore.getByIdResolved(storedMCPClientId, { status });\n\n if (!mcpClient) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n return mcpClient;\n } catch (error) {\n return handleError(error, 'Error getting stored MCP client');\n }\n },\n});\n\n/**\n * POST /stored/mcp-clients - Create a new stored MCP client\n */\nexport const CREATE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/mcp-clients',\n responseType: 'json',\n bodySchema: createStoredMCPClientBodySchema,\n responseSchema: createStoredMCPClientResponseSchema,\n summary: 'Create stored MCP client',\n description: 'Creates a new MCP client configuration in storage with the provided servers',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, id: providedId, authorId, metadata, name, description, servers }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Derive ID from name if not explicitly provided\n const id = providedId || toSlug(name);\n\n if (!id) {\n throw new HTTPException(400, {\n message: 'Could not derive MCP client ID from name. Please provide an explicit id.',\n });\n }\n\n // Check if MCP client with this ID already exists\n const existing = await mcpClientStore.getById(id);\n if (existing) {\n throw new HTTPException(409, { message: `MCP client with id ${id} already exists` });\n }\n\n await mcpClientStore.create({\n mcpClient: {\n id,\n authorId,\n metadata,\n name,\n description,\n servers,\n },\n });\n\n // Return the resolved MCP client (thin record + version config)\n // Use draft status since newly created entities start as drafts\n const resolved = await mcpClientStore.getByIdResolved(id, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve created MCP client' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error creating stored MCP client');\n }\n },\n});\n\n/**\n * PATCH /stored/mcp-clients/:storedMCPClientId - Update a stored MCP client\n */\nexport const UPDATE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'PATCH',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n bodySchema: updateStoredMCPClientBodySchema,\n responseSchema: updateStoredMCPClientResponseSchema,\n summary: 'Update stored MCP client',\n description: 'Updates an existing MCP client in storage with the provided fields',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({\n mastra,\n storedMCPClientId,\n // Metadata-level fields\n authorId,\n metadata,\n // Config fields (snapshot-level)\n name,\n description,\n servers,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Check if MCP client exists\n const existing = await mcpClientStore.getById(storedMCPClientId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n // Update the MCP client with both metadata-level and config-level fields\n const updatedMCPClient = await mcpClientStore.update({\n id: storedMCPClientId,\n authorId,\n metadata,\n name,\n description,\n servers,\n });\n\n // Build the snapshot config for auto-versioning comparison\n const configFields = { name, description, servers };\n\n // Filter out undefined values to get only the config fields that were provided\n const providedConfigFields = Object.fromEntries(Object.entries(configFields).filter(([_, v]) => v !== undefined));\n\n // Handle auto-versioning with retry logic for race conditions\n // This creates a new version if there are meaningful config changes.\n // It does NOT update activeVersionId — the version stays as a draft until explicitly published.\n await handleAutoVersioning(\n mcpClientStore as unknown as VersionedStoreInterface,\n storedMCPClientId,\n 'mcpClientId',\n MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS,\n existing,\n updatedMCPClient,\n providedConfigFields,\n );\n\n // Return the resolved MCP client with the latest (draft) version so the UI sees its edits\n const resolved = await mcpClientStore.getByIdResolved(storedMCPClientId, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve updated MCP client' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error updating stored MCP client');\n }\n },\n});\n\n/**\n * DELETE /stored/mcp-clients/:storedMCPClientId - Delete a stored MCP client\n */\nexport const DELETE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'DELETE',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n responseSchema: deleteStoredMCPClientResponseSchema,\n summary: 'Delete stored MCP client',\n description: 'Deletes an MCP client from storage by its unique identifier',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, storedMCPClientId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Check if MCP client exists\n const existing = await mcpClientStore.getById(storedMCPClientId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n await mcpClientStore.delete(storedMCPClientId);\n\n return {\n success: true,\n message: `MCP client ${storedMCPClientId} deleted successfully`,\n };\n } catch (error) {\n return handleError(error, 'Error deleting stored MCP client');\n }\n },\n});\n"]}
package/dist/{chunk-5LHQGPOK.js → chunk-NMS2SC2B.js} RENAMED
@@ -1,8 +1,7 @@
1
1
  import z3, { ZodFirstPartyTypeKind } from 'zod/v3';
2
- import { createRequire } from 'module';
2
+ import { z as z$1, ZodOptional, ZodNullable, ZodArray, ZodRecord, ZodObject, toJSONSchema } from 'zod/v4';
3
3
  import { toStandardSchema as toStandardSchema$1 } from '@mastra/core/schema';
4
4
  import { zodToJsonSchema as zodToJsonSchema$1 } from '@mastra/core/utils/zod-to-json';
5
- import { z as z$1, ZodOptional, ZodNullable, ZodArray, ZodRecord, ZodObject } from 'zod/v4';
6
5
  import { z } from 'zod';
7
6
 
8
7
  // ../schema-compat/dist/chunk-23HDOZLF.js
@@ -114,7 +113,7 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
114
113
  var __getOwnPropNames = Object.getOwnPropertyNames;
115
114
  var __getProtoOf = Object.getPrototypeOf;
116
115
  var __hasOwnProp = Object.prototype.hasOwnProperty;
117
- var __commonJS = (cb, mod) => function __require2() {
116
+ var __commonJS = (cb, mod) => function __require() {
118
117
  return mod || (0, cb[__getOwnPropNames(cb)[0]])((mod = { exports: {} }).exports, mod), mod.exports;
119
118
  };
120
119
  var __copyProps = (to, from, except, desc) => {
@@ -7868,10 +7867,6 @@ var ZOD_V4_TARGET_MAP = {
7868
7867
  "draft-04": "draft-4"
7869
7868
  };
7870
7869
  function convertToJsonSchema2(zodSchema2, options, adapterOptions) {
7871
- const toJSONSchema = getToJSONSchema();
7872
- if (!toJSONSchema) {
7873
- throw new Error("z.toJSONSchema is not available. Ensure zod >= 3.25.0 is installed.");
7874
- }
7875
7870
  const target = SUPPORTED_TARGETS.has(options.target) ? options.target : "draft-07";
7876
7871
  const jsonSchemaOptions = {
7877
7872
  target: ZOD_V4_TARGET_MAP[target] ?? target
@@ -7884,47 +7879,6 @@ function convertToJsonSchema2(zodSchema2, options, adapterOptions) {
7884
7879
  }
7885
7880
  return toJSONSchema(zodSchema2, jsonSchemaOptions);
7886
7881
  }
7887
- var _toJSONSchema = null;
7888
- var _toJSONSchemaResolved = false;
7889
- var __require;
7890
- function getRequire() {
7891
- if (!__require) {
7892
- __require = createRequire(import.meta.url);
7893
- }
7894
- return __require;
7895
- }
7896
- function pickToJSONSchema(mod) {
7897
- const candidate = mod;
7898
- const picks = [
7899
- candidate?.toJSONSchema,
7900
- candidate?.z?.toJSONSchema,
7901
- candidate?.default?.toJSONSchema,
7902
- candidate?.default?.z?.toJSONSchema
7903
- ];
7904
- const toJSONSchema = picks.find((fn) => typeof fn === "function");
7905
- return toJSONSchema ?? null;
7906
- }
7907
- function resolveToJSONSchema(loadModule) {
7908
- for (const moduleName of ["zod/v4", "zod"]) {
7909
- try {
7910
- const zodModule = loadModule(moduleName);
7911
- const toJSONSchema = pickToJSONSchema(zodModule);
7912
- if (toJSONSchema) {
7913
- return toJSONSchema;
7914
- }
7915
- } catch {
7916
- }
7917
- }
7918
- return null;
7919
- }
7920
- function getToJSONSchema() {
7921
- if (_toJSONSchemaResolved) {
7922
- return _toJSONSchema;
7923
- }
7924
- _toJSONSchema = resolveToJSONSchema((moduleName) => getRequire()(moduleName));
7925
- _toJSONSchemaResolved = true;
7926
- return _toJSONSchema;
7927
- }
7928
7882
  function toStandardSchema4(zodSchema2, adapterOptions = {}) {
7929
7883
  const wrapper = Object.create(zodSchema2);
7930
7884
  const existingStandard = zodSchema2["~standard"];
@@ -11937,5 +11891,5 @@ function createPublicRoute(config) {
11937
11891
  }
11938
11892
 
11939
11893
  export { convertCustomRoutesToOpenAPIPaths, createPublicRoute, createRoute, generateOpenAPIDocument, isStandardSchemaWithJSON, jsonQueryParam, pickParams, standardSchemaToJSONSchema, toStandardSchema5, wrapSchemaForQueryParams };
11940
- //# sourceMappingURL=chunk-5LHQGPOK.js.map
11941
- //# sourceMappingURL=chunk-5LHQGPOK.js.map
11894
+ //# sourceMappingURL=chunk-NMS2SC2B.js.map
11895
+ //# sourceMappingURL=chunk-NMS2SC2B.js.map