npm - @mastra/server - Versions diffs - 1.27.0 → 1.28.0-alpha.1 - Mend

@mastra/server 1.27.0 → 1.28.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (291) hide show

package/dist/chunk-HKFP7TIK.cjs DELETED Viewed

@@ -1,441 +0,0 @@
-'use strict';
-var chunkFPURK3UW_cjs = require('./chunk-FPURK3UW.cjs');
-// ../memory/dist/chunk-EQ4M72KU.js
-var require_token_io = chunkFPURK3UW_cjs.__commonJS({
-  "../../../node_modules/.pnpm/@vercel+oidc@3.1.0/node_modules/@vercel/oidc/dist/token-io.js"(exports$1, module) {
-    var __create = Object.create;
-    var __defProp = Object.defineProperty;
-    var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-    var __getOwnPropNames = Object.getOwnPropertyNames;
-    var __getProtoOf = Object.getPrototypeOf;
-    var __hasOwnProp = Object.prototype.hasOwnProperty;
-    var __export = (target, all) => {
-      for (var name in all)
-        __defProp(target, name, { get: all[name], enumerable: true });
-    };
-    var __copyProps = (to, from, except, desc) => {
-      if (from && typeof from === "object" || typeof from === "function") {
-        for (let key of __getOwnPropNames(from))
-          if (!__hasOwnProp.call(to, key) && key !== except)
-            __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-      }
-      return to;
-    };
-    var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-      // If the importer is in node compatibility mode or this is not an ESM
-      // file that has been converted to a CommonJS file using a Babel-
-      // compatible transform (i.e. "__esModule" has not been set), then set
-      // "default" to the CommonJS "module.exports" for node compatibility.
-      !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-      mod
-    ));
-    var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-    var token_io_exports = {};
-    __export(token_io_exports, {
-      findRootDir: () => findRootDir,
-      getUserDataDir: () => getUserDataDir
-    });
-    module.exports = __toCommonJS(token_io_exports);
-    var import_path = __toESM(chunkFPURK3UW_cjs.__require2("path"));
-    var import_fs = __toESM(chunkFPURK3UW_cjs.__require2("fs"));
-    var import_os = __toESM(chunkFPURK3UW_cjs.__require2("os"));
-    var import_token_error = chunkFPURK3UW_cjs.require_token_error();
-    function findRootDir() {
-      try {
-        let dir = process.cwd();
-        while (dir !== import_path.default.dirname(dir)) {
-          const pkgPath = import_path.default.join(dir, ".vercel");
-          if (import_fs.default.existsSync(pkgPath)) {
-            return dir;
-          }
-          dir = import_path.default.dirname(dir);
-        }
-      } catch (e) {
-        throw new import_token_error.VercelOidcTokenError(
-          "Token refresh only supported in node server environments"
-        );
-      }
-      return null;
-    }
-    function getUserDataDir() {
-      if (process.env.XDG_DATA_HOME) {
-        return process.env.XDG_DATA_HOME;
-      }
-      switch (import_os.default.platform()) {
-        case "darwin":
-          return import_path.default.join(import_os.default.homedir(), "Library/Application Support");
-        case "linux":
-          return import_path.default.join(import_os.default.homedir(), ".local/share");
-        case "win32":
-          if (process.env.LOCALAPPDATA) {
-            return process.env.LOCALAPPDATA;
-          }
-          return null;
-        default:
-          return null;
-      }
-    }
-  }
-});
-var require_auth_config = chunkFPURK3UW_cjs.__commonJS({
-  "../../../node_modules/.pnpm/@vercel+oidc@3.1.0/node_modules/@vercel/oidc/dist/auth-config.js"(exports$1, module) {
-    var __create = Object.create;
-    var __defProp = Object.defineProperty;
-    var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-    var __getOwnPropNames = Object.getOwnPropertyNames;
-    var __getProtoOf = Object.getPrototypeOf;
-    var __hasOwnProp = Object.prototype.hasOwnProperty;
-    var __export = (target, all) => {
-      for (var name in all)
-        __defProp(target, name, { get: all[name], enumerable: true });
-    };
-    var __copyProps = (to, from, except, desc) => {
-      if (from && typeof from === "object" || typeof from === "function") {
-        for (let key of __getOwnPropNames(from))
-          if (!__hasOwnProp.call(to, key) && key !== except)
-            __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-      }
-      return to;
-    };
-    var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-      // If the importer is in node compatibility mode or this is not an ESM
-      // file that has been converted to a CommonJS file using a Babel-
-      // compatible transform (i.e. "__esModule" has not been set), then set
-      // "default" to the CommonJS "module.exports" for node compatibility.
-      !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-      mod
-    ));
-    var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-    var auth_config_exports = {};
-    __export(auth_config_exports, {
-      isValidAccessToken: () => isValidAccessToken,
-      readAuthConfig: () => readAuthConfig,
-      writeAuthConfig: () => writeAuthConfig
-    });
-    module.exports = __toCommonJS(auth_config_exports);
-    var fs = __toESM(chunkFPURK3UW_cjs.__require2("fs"));
-    var path = __toESM(chunkFPURK3UW_cjs.__require2("path"));
-    var import_token_util = require_token_util();
-    function getAuthConfigPath() {
-      const dataDir = (0, import_token_util.getVercelDataDir)();
-      if (!dataDir) {
-        throw new Error(
-          `Unable to find Vercel CLI data directory. Your platform: ${process.platform}. Supported: darwin, linux, win32.`
-        );
-      }
-      return path.join(dataDir, "auth.json");
-    }
-    function readAuthConfig() {
-      try {
-        const authPath = getAuthConfigPath();
-        if (!fs.existsSync(authPath)) {
-          return null;
-        }
-        const content = fs.readFileSync(authPath, "utf8");
-        if (!content) {
-          return null;
-        }
-        return JSON.parse(content);
-      } catch (error) {
-        return null;
-      }
-    }
-    function writeAuthConfig(config) {
-      const authPath = getAuthConfigPath();
-      const authDir = path.dirname(authPath);
-      if (!fs.existsSync(authDir)) {
-        fs.mkdirSync(authDir, { mode: 504, recursive: true });
-      }
-      fs.writeFileSync(authPath, JSON.stringify(config, null, 2), { mode: 384 });
-    }
-    function isValidAccessToken(authConfig) {
-      if (!authConfig.token)
-        return false;
-      if (typeof authConfig.expiresAt !== "number")
-        return true;
-      const nowInSeconds = Math.floor(Date.now() / 1e3);
-      return authConfig.expiresAt >= nowInSeconds;
-    }
-  }
-});
-var require_oauth = chunkFPURK3UW_cjs.__commonJS({
-  "../../../node_modules/.pnpm/@vercel+oidc@3.1.0/node_modules/@vercel/oidc/dist/oauth.js"(exports$1, module) {
-    var __defProp = Object.defineProperty;
-    var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-    var __getOwnPropNames = Object.getOwnPropertyNames;
-    var __hasOwnProp = Object.prototype.hasOwnProperty;
-    var __export = (target, all) => {
-      for (var name in all)
-        __defProp(target, name, { get: all[name], enumerable: true });
-    };
-    var __copyProps = (to, from, except, desc) => {
-      if (from && typeof from === "object" || typeof from === "function") {
-        for (let key of __getOwnPropNames(from))
-          if (!__hasOwnProp.call(to, key) && key !== except)
-            __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-      }
-      return to;
-    };
-    var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-    var oauth_exports = {};
-    __export(oauth_exports, {
-      processTokenResponse: () => processTokenResponse,
-      refreshTokenRequest: () => refreshTokenRequest
-    });
-    module.exports = __toCommonJS(oauth_exports);
-    var import_os = chunkFPURK3UW_cjs.__require2("os");
-    var VERCEL_ISSUER = "https://vercel.com";
-    var VERCEL_CLI_CLIENT_ID = "cl_HYyOPBNtFMfHhaUn9L4QPfTZz6TP47bp";
-    var userAgent = `@vercel/oidc node-${process.version} ${(0, import_os.platform)()} (${(0, import_os.arch)()}) ${(0, import_os.hostname)()}`;
-    var _tokenEndpoint = null;
-    async function getTokenEndpoint() {
-      if (_tokenEndpoint) {
-        return _tokenEndpoint;
-      }
-      const discoveryUrl = `${VERCEL_ISSUER}/.well-known/openid-configuration`;
-      const response = await fetch(discoveryUrl, {
-        headers: { "user-agent": userAgent }
-      });
-      if (!response.ok) {
-        throw new Error("Failed to discover OAuth endpoints");
-      }
-      const metadata = await response.json();
-      if (!metadata || typeof metadata.token_endpoint !== "string") {
-        throw new Error("Invalid OAuth discovery response");
-      }
-      const endpoint = metadata.token_endpoint;
-      _tokenEndpoint = endpoint;
-      return endpoint;
-    }
-    async function refreshTokenRequest(options) {
-      const tokenEndpoint = await getTokenEndpoint();
-      return await fetch(tokenEndpoint, {
-        method: "POST",
-        headers: {
-          "Content-Type": "application/x-www-form-urlencoded",
-          "user-agent": userAgent
-        },
-        body: new URLSearchParams({
-          client_id: VERCEL_CLI_CLIENT_ID,
-          grant_type: "refresh_token",
-          ...options
-        })
-      });
-    }
-    async function processTokenResponse(response) {
-      const json = await response.json();
-      if (!response.ok) {
-        const errorMsg = typeof json === "object" && json && "error" in json ? String(json.error) : "Token refresh failed";
-        return [new Error(errorMsg)];
-      }
-      if (typeof json !== "object" || json === null) {
-        return [new Error("Invalid token response")];
-      }
-      if (typeof json.access_token !== "string") {
-        return [new Error("Missing access_token in response")];
-      }
-      if (json.token_type !== "Bearer") {
-        return [new Error("Invalid token_type in response")];
-      }
-      if (typeof json.expires_in !== "number") {
-        return [new Error("Missing expires_in in response")];
-      }
-      return [null, json];
-    }
-  }
-});
-var require_token_util = chunkFPURK3UW_cjs.__commonJS({
-  "../../../node_modules/.pnpm/@vercel+oidc@3.1.0/node_modules/@vercel/oidc/dist/token-util.js"(exports$1, module) {
-    var __create = Object.create;
-    var __defProp = Object.defineProperty;
-    var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-    var __getOwnPropNames = Object.getOwnPropertyNames;
-    var __getProtoOf = Object.getPrototypeOf;
-    var __hasOwnProp = Object.prototype.hasOwnProperty;
-    var __export = (target, all) => {
-      for (var name in all)
-        __defProp(target, name, { get: all[name], enumerable: true });
-    };
-    var __copyProps = (to, from, except, desc) => {
-      if (from && typeof from === "object" || typeof from === "function") {
-        for (let key of __getOwnPropNames(from))
-          if (!__hasOwnProp.call(to, key) && key !== except)
-            __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-      }
-      return to;
-    };
-    var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-      // If the importer is in node compatibility mode or this is not an ESM
-      // file that has been converted to a CommonJS file using a Babel-
-      // compatible transform (i.e. "__esModule" has not been set), then set
-      // "default" to the CommonJS "module.exports" for node compatibility.
-      !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-      mod
-    ));
-    var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-    var token_util_exports = {};
-    __export(token_util_exports, {
-      assertVercelOidcTokenResponse: () => assertVercelOidcTokenResponse,
-      findProjectInfo: () => findProjectInfo,
-      getTokenPayload: () => getTokenPayload,
-      getVercelCliToken: () => getVercelCliToken,
-      getVercelDataDir: () => getVercelDataDir,
-      getVercelOidcToken: () => getVercelOidcToken,
-      isExpired: () => isExpired,
-      loadToken: () => loadToken,
-      saveToken: () => saveToken
-    });
-    module.exports = __toCommonJS(token_util_exports);
-    var path = __toESM(chunkFPURK3UW_cjs.__require2("path"));
-    var fs = __toESM(chunkFPURK3UW_cjs.__require2("fs"));
-    var import_token_error = chunkFPURK3UW_cjs.require_token_error();
-    var import_token_io = require_token_io();
-    var import_auth_config = require_auth_config();
-    var import_oauth = require_oauth();
-    function getVercelDataDir() {
-      const vercelFolder = "com.vercel.cli";
-      const dataDir = (0, import_token_io.getUserDataDir)();
-      if (!dataDir) {
-        return null;
-      }
-      return path.join(dataDir, vercelFolder);
-    }
-    async function getVercelCliToken() {
-      const authConfig = (0, import_auth_config.readAuthConfig)();
-      if (!authConfig) {
-        return null;
-      }
-      if ((0, import_auth_config.isValidAccessToken)(authConfig)) {
-        return authConfig.token || null;
-      }
-      if (!authConfig.refreshToken) {
-        (0, import_auth_config.writeAuthConfig)({});
-        return null;
-      }
-      try {
-        const tokenResponse = await (0, import_oauth.refreshTokenRequest)({
-          refresh_token: authConfig.refreshToken
-        });
-        const [tokensError, tokens] = await (0, import_oauth.processTokenResponse)(tokenResponse);
-        if (tokensError || !tokens) {
-          (0, import_auth_config.writeAuthConfig)({});
-          return null;
-        }
-        const updatedConfig = {
-          token: tokens.access_token,
-          expiresAt: Math.floor(Date.now() / 1e3) + tokens.expires_in
-        };
-        if (tokens.refresh_token) {
-          updatedConfig.refreshToken = tokens.refresh_token;
-        }
-        (0, import_auth_config.writeAuthConfig)(updatedConfig);
-        return updatedConfig.token ?? null;
-      } catch (error) {
-        (0, import_auth_config.writeAuthConfig)({});
-        return null;
-      }
-    }
-    async function getVercelOidcToken(authToken, projectId, teamId) {
-      const url = `https://api.vercel.com/v1/projects/${projectId}/token?source=vercel-oidc-refresh${teamId ? `&teamId=${teamId}` : ""}`;
-      const res = await fetch(url, {
-        method: "POST",
-        headers: {
-          Authorization: `Bearer ${authToken}`
-        }
-      });
-      if (!res.ok) {
-        throw new import_token_error.VercelOidcTokenError(
-          `Failed to refresh OIDC token: ${res.statusText}`
-        );
-      }
-      const tokenRes = await res.json();
-      assertVercelOidcTokenResponse(tokenRes);
-      return tokenRes;
-    }
-    function assertVercelOidcTokenResponse(res) {
-      if (!res || typeof res !== "object") {
-        throw new TypeError(
-          "Vercel OIDC token is malformed. Expected an object. Please run `vc env pull` and try again"
-        );
-      }
-      if (!("token" in res) || typeof res.token !== "string") {
-        throw new TypeError(
-          "Vercel OIDC token is malformed. Expected a string-valued token property. Please run `vc env pull` and try again"
-        );
-      }
-    }
-    function findProjectInfo() {
-      const dir = (0, import_token_io.findRootDir)();
-      if (!dir) {
-        throw new import_token_error.VercelOidcTokenError(
-          "Unable to find project root directory. Have you linked your project with `vc link?`"
-        );
-      }
-      const prjPath = path.join(dir, ".vercel", "project.json");
-      if (!fs.existsSync(prjPath)) {
-        throw new import_token_error.VercelOidcTokenError(
-          "project.json not found, have you linked your project with `vc link?`"
-        );
-      }
-      const prj = JSON.parse(fs.readFileSync(prjPath, "utf8"));
-      if (typeof prj.projectId !== "string" && typeof prj.orgId !== "string") {
-        throw new TypeError(
-          "Expected a string-valued projectId property. Try running `vc link` to re-link your project."
-        );
-      }
-      return { projectId: prj.projectId, teamId: prj.orgId };
-    }
-    function saveToken(token, projectId) {
-      const dir = (0, import_token_io.getUserDataDir)();
-      if (!dir) {
-        throw new import_token_error.VercelOidcTokenError(
-          "Unable to find user data directory. Please reach out to Vercel support."
-        );
-      }
-      const tokenPath = path.join(dir, "com.vercel.token", `${projectId}.json`);
-      const tokenJson = JSON.stringify(token);
-      fs.mkdirSync(path.dirname(tokenPath), { mode: 504, recursive: true });
-      fs.writeFileSync(tokenPath, tokenJson);
-      fs.chmodSync(tokenPath, 432);
-      return;
-    }
-    function loadToken(projectId) {
-      const dir = (0, import_token_io.getUserDataDir)();
-      if (!dir) {
-        throw new import_token_error.VercelOidcTokenError(
-          "Unable to find user data directory. Please reach out to Vercel support."
-        );
-      }
-      const tokenPath = path.join(dir, "com.vercel.token", `${projectId}.json`);
-      if (!fs.existsSync(tokenPath)) {
-        return null;
-      }
-      const token = JSON.parse(fs.readFileSync(tokenPath, "utf8"));
-      assertVercelOidcTokenResponse(token);
-      return token;
-    }
-    function getTokenPayload(token) {
-      const tokenParts = token.split(".");
-      if (tokenParts.length !== 3) {
-        throw new import_token_error.VercelOidcTokenError(
-          "Invalid token. Please run `vc env pull` and try again"
-        );
-      }
-      const base64 = tokenParts[1].replace(/-/g, "+").replace(/_/g, "/");
-      const padded = base64.padEnd(
-        base64.length + (4 - base64.length % 4) % 4,
-        "="
-      );
-      return JSON.parse(Buffer.from(padded, "base64").toString("utf8"));
-    }
-    function isExpired(token) {
-      return token.exp * 1e3 < Date.now();
-    }
-  }
-});
-exports.require_token_util = require_token_util;
-//# sourceMappingURL=chunk-HKFP7TIK.cjs.map
-//# sourceMappingURL=chunk-HKFP7TIK.cjs.map

package/dist/chunk-HKFP7TIK.cjs.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../../../node_modules/.pnpm/@vercel+oidc@3.1.0/node_modules/@vercel/oidc/dist/token-io.js","../../../node_modules/.pnpm/@vercel+oidc@3.1.0/node_modules/@vercel/oidc/dist/auth-config.js","../../../node_modules/.pnpm/@vercel+oidc@3.1.0/node_modules/@vercel/oidc/dist/oauth.js","../../../node_modules/.pnpm/@vercel+oidc@3.1.0/node_modules/@vercel/oidc/dist/token-util.js"],"names":["__commonJS","exports","__require2","require_token_error"],"mappings":";;;;;AAAA,IAAA,mBAAAA,4BAAA,CAAA;AAAA,EAAA,2FAAA,CAAAC,WAAA,MAAA,EAAA;AACA,IAAA,IAAI,WAAW,MAAA,CAAO,MAAA;AACtB,IAAA,IAAI,YAAY,MAAA,CAAO,cAAA;AACvB,IAAA,IAAI,mBAAmB,MAAA,CAAO,wBAAA;AAC9B,IAAA,IAAI,oBAAoB,MAAA,CAAO,mBAAA;AAC/B,IAAA,IAAI,eAAe,MAAA,CAAO,cAAA;AAC1B,IAAA,IAAI,YAAA,GAAe,OAAO,SAAA,CAAU,cAAA;AACpC,IAAA,IAAI,QAAA,GAAW,CAAC,MAAA,EAAQ,GAAA,KAAQ;AAC9B,MAAA,KAAA,IAAS,IAAA,IAAQ,GAAA;AACf,QAAA,SAAA,CAAU,MAAA,EAAQ,MAAM,EAAE,GAAA,EAAK,IAAI,IAAI,CAAA,EAAG,UAAA,EAAY,IAAA,EAAM,CAAA;AAChE,IAAA,CAAA;AACA,IAAA,IAAI,WAAA,GAAc,CAAC,EAAA,EAAI,IAAA,EAAM,QAAQ,IAAA,KAAS;AAC5C,MAAA,IAAI,QAAQ,OAAO,IAAA,KAAS,QAAA,IAAY,OAAO,SAAS,UAAA,EAAY;AAClE,QAAA,KAAA,IAAS,GAAA,IAAO,kBAAkB,IAAI,CAAA;AACpC,UAAA,IAAI,CAAC,YAAA,CAAa,IAAA,CAAK,EAAA,EAAI,GAAG,KAAK,GAAA,KAAQ,MAAA;AACzC,YAAA,SAAA,CAAU,IAAI,GAAA,EAAK,EAAE,GAAA,EAAK,MAAM,KAAK,GAAG,CAAA,EAAG,UAAA,EAAY,EAAE,OAAO,gBAAA,CAAiB,IAAA,EAAM,GAAG,CAAA,CAAA,IAAM,IAAA,CAAK,YAAY,CAAA;AACvH,MAAA;AACA,MAAA,OAAO,EAAA;AACT,IAAA,CAAA;AACA,IAAA,IAAI,OAAA,GAAU,CAAC,GAAA,EAAK,UAAA,EAAY,YAAY,MAAA,GAAS,GAAA,IAAO,IAAA,GAAO,QAAA,CAAS,YAAA,CAAa,GAAG,CAAC,CAAA,GAAI,EAAA,EAAI,WAAA;;;;;AAKrF,MAAA,CAAC,GAAA,IAAO,CAAC,GAAA,CAAI,UAAA,GAAa,SAAA,CAAU,MAAA,EAAQ,SAAA,EAAW,EAAE,KAAA,EAAO,GAAA,EAAK,UAAA,EAAY,IAAA,EAAM,CAAA,GAAI,MAAA;AACzG,MAAA;AAAA,KAAA,CAAA;AAEF,IAAA,IAAI,YAAA,GAAe,CAAC,GAAA,KAAQ,WAAA,CAAY,SAAA,CAAU,EAAA,EAAI,YAAA,EAAc,EAAE,KAAA,EAAO,IAAA,EAAM,GAAG,GAAG,CAAA;AACzF,IAAA,IAAI,mBAAmB,EAAA;AACvB,IAAA,QAAA,CAAS,gBAAA,EAAkB;AACzB,MAAA,WAAA,EAAa,MAAM,WAAA;AACnB,MAAA,cAAA,EAAgB,MAAM;AACvB,KAAA,CAAA;AACD,IAAA,MAAA,CAAO,OAAA,GAAU,aAAa,gBAAgB,CAAA;AAC9C,IAAA,IAAI,WAAA,GAAc,OAAA,CAAQC,4BAAA,CAAQ,MAAM,CAAC,CAAA;AACzC,IAAA,IAAI,SAAA,GAAY,OAAA,CAAQA,4BAAA,CAAQ,IAAI,CAAC,CAAA;AACrC,IAAA,IAAI,SAAA,GAAY,OAAA,CAAQA,4BAAA,CAAQ,IAAI,CAAC,CAAA;AACrC,IAAA,IAAI,qBAAqBC,qCAAA,EAAA;AACzB,IAAA,SAAS,WAAA,GAAc;AACrB,MAAA,IAAI;AACF,QAAA,IAAI,GAAA,GAAM,QAAQ,GAAA,EAAA;AAClB,QAAA,OAAO,GAAA,KAAQ,WAAA,CAAY,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA,EAAG;AAC/C,UAAA,MAAM,OAAA,GAAU,WAAA,CAAY,OAAA,CAAQ,IAAA,CAAK,KAAK,SAAS,CAAA;AACvD,UAAA,IAAI,SAAA,CAAU,OAAA,CAAQ,UAAA,CAAW,OAAO,CAAA,EAAG;AACzC,YAAA,OAAO,GAAA;AACT,UAAA;AACA,UAAA,GAAA,GAAM,WAAA,CAAY,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AACvC,QAAA;AACF,MAAA,CAAA,CAAA,OAAS,CAAA,EAAG;AACV,QAAA,MAAM,IAAI,kBAAA,CAAmB,oBAAA;AAC3B,UAAA;AAAA,SAAA;AAEJ,MAAA;AACA,MAAA,OAAO,IAAA;AACT,IAAA;AACA,IAAA,SAAS,cAAA,GAAiB;AACxB,MAAA,IAAI,OAAA,CAAQ,IAAI,aAAA,EAAe;AAC7B,QAAA,OAAO,QAAQ,GAAA,CAAI,aAAA;AACrB,MAAA;AACA,MAAA,QAAQ,SAAA,CAAU,OAAA,CAAQ,QAAA,EAAA;QACxB,KAAK,QAAA;AACH,UAAA,OAAO,YAAY,OAAA,CAAQ,IAAA,CAAK,UAAU,OAAA,CAAQ,OAAA,IAAW,6BAA6B,CAAA;QAC5F,KAAK,OAAA;AACH,UAAA,OAAO,YAAY,OAAA,CAAQ,IAAA,CAAK,UAAU,OAAA,CAAQ,OAAA,IAAW,cAAc,CAAA;QAC7E,KAAK,OAAA;AACH,UAAA,IAAI,OAAA,CAAQ,IAAI,YAAA,EAAc;AAC5B,YAAA,OAAO,QAAQ,GAAA,CAAI,YAAA;AACrB,UAAA;AACA,UAAA,OAAO,IAAA;AACT,QAAA;AACE,UAAA,OAAO,IAAA;AAAA;AAEb,IAAA;AAAA,EAAA;AAAA,CAAA,CAAA;ACxEA,IAAA,sBAAAH,4BAAA,CAAA;AAAA,EAAA,8FAAA,CAAAC,WAAA,MAAA,EAAA;AACA,IAAA,IAAI,WAAW,MAAA,CAAO,MAAA;AACtB,IAAA,IAAI,YAAY,MAAA,CAAO,cAAA;AACvB,IAAA,IAAI,mBAAmB,MAAA,CAAO,wBAAA;AAC9B,IAAA,IAAI,oBAAoB,MAAA,CAAO,mBAAA;AAC/B,IAAA,IAAI,eAAe,MAAA,CAAO,cAAA;AAC1B,IAAA,IAAI,YAAA,GAAe,OAAO,SAAA,CAAU,cAAA;AACpC,IAAA,IAAI,QAAA,GAAW,CAAC,MAAA,EAAQ,GAAA,KAAQ;AAC9B,MAAA,KAAA,IAAS,IAAA,IAAQ,GAAA;AACf,QAAA,SAAA,CAAU,MAAA,EAAQ,MAAM,EAAE,GAAA,EAAK,IAAI,IAAI,CAAA,EAAG,UAAA,EAAY,IAAA,EAAM,CAAA;AAChE,IAAA,CAAA;AACA,IAAA,IAAI,WAAA,GAAc,CAAC,EAAA,EAAI,IAAA,EAAM,QAAQ,IAAA,KAAS;AAC5C,MAAA,IAAI,QAAQ,OAAO,IAAA,KAAS,QAAA,IAAY,OAAO,SAAS,UAAA,EAAY;AAClE,QAAA,KAAA,IAAS,GAAA,IAAO,kBAAkB,IAAI,CAAA;AACpC,UAAA,IAAI,CAAC,YAAA,CAAa,IAAA,CAAK,EAAA,EAAI,GAAG,KAAK,GAAA,KAAQ,MAAA;AACzC,YAAA,SAAA,CAAU,IAAI,GAAA,EAAK,EAAE,GAAA,EAAK,MAAM,KAAK,GAAG,CAAA,EAAG,UAAA,EAAY,EAAE,OAAO,gBAAA,CAAiB,IAAA,EAAM,GAAG,CAAA,CAAA,IAAM,IAAA,CAAK,YAAY,CAAA;AACvH,MAAA;AACA,MAAA,OAAO,EAAA;AACT,IAAA,CAAA;AACA,IAAA,IAAI,OAAA,GAAU,CAAC,GAAA,EAAK,UAAA,EAAY,YAAY,MAAA,GAAS,GAAA,IAAO,IAAA,GAAO,QAAA,CAAS,YAAA,CAAa,GAAG,CAAC,CAAA,GAAI,EAAA,EAAI,WAAA;;;;;AAKrF,MAAA,CAAC,GAAA,IAAO,CAAC,GAAA,CAAI,UAAA,GAAa,SAAA,CAAU,MAAA,EAAQ,SAAA,EAAW,EAAE,KAAA,EAAO,GAAA,EAAK,UAAA,EAAY,IAAA,EAAM,CAAA,GAAI,MAAA;AACzG,MAAA;AAAA,KAAA,CAAA;AAEF,IAAA,IAAI,YAAA,GAAe,CAAC,GAAA,KAAQ,WAAA,CAAY,SAAA,CAAU,EAAA,EAAI,YAAA,EAAc,EAAE,KAAA,EAAO,IAAA,EAAM,GAAG,GAAG,CAAA;AACzF,IAAA,IAAI,sBAAsB,EAAA;AAC1B,IAAA,QAAA,CAAS,mBAAA,EAAqB;AAC5B,MAAA,kBAAA,EAAoB,MAAM,kBAAA;AAC1B,MAAA,cAAA,EAAgB,MAAM,cAAA;AACtB,MAAA,eAAA,EAAiB,MAAM;AACxB,KAAA,CAAA;AACD,IAAA,MAAA,CAAO,OAAA,GAAU,aAAa,mBAAmB,CAAA;AACjD,IAAA,IAAI,EAAA,GAAK,OAAA,CAAQC,4BAAA,CAAQ,IAAI,CAAC,CAAA;AAC9B,IAAA,IAAI,IAAA,GAAO,OAAA,CAAQA,4BAAA,CAAQ,MAAM,CAAC,CAAA;AAClC,IAAA,IAAI,oBAAoB,kBAAA,EAAA;AACxB,IAAA,SAAS,iBAAA,GAAoB;AAC3B,MAAA,MAAM,OAAA,GAAA,IAAc,iBAAA,CAAkB,gBAAA,GAAA;AACtC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,KAAA;AACR,UAAA,CAAA,yDAAA,EAA4D,QAAQ,QAAQ,CAAA,kCAAA;AAAA,SAAA;AAEhF,MAAA;AACA,MAAA,OAAO,IAAA,CAAK,IAAA,CAAK,OAAA,EAAS,WAAW,CAAA;AACvC,IAAA;AACA,IAAA,SAAS,cAAA,GAAiB;AACxB,MAAA,IAAI;AACF,QAAA,MAAM,WAAW,iBAAA,EAAA;AACjB,QAAA,IAAI,CAAC,EAAA,CAAG,UAAA,CAAW,QAAQ,CAAA,EAAG;AAC5B,UAAA,OAAO,IAAA;AACT,QAAA;AACA,QAAA,MAAM,OAAA,GAAU,EAAA,CAAG,YAAA,CAAa,QAAA,EAAU,MAAM,CAAA;AAChD,QAAA,IAAI,CAAC,OAAA,EAAS;AACZ,UAAA,OAAO,IAAA;AACT,QAAA;AACA,QAAA,OAAO,IAAA,CAAK,MAAM,OAAO,CAAA;AAC3B,MAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,QAAA,OAAO,IAAA;AACT,MAAA;AACF,IAAA;AACA,IAAA,SAAS,gBAAgB,MAAA,EAAQ;AAC/B,MAAA,MAAM,WAAW,iBAAA,EAAA;AACjB,MAAA,MAAM,OAAA,GAAU,IAAA,CAAK,OAAA,CAAQ,QAAQ,CAAA;AACrC,MAAA,IAAI,CAAC,EAAA,CAAG,UAAA,CAAW,OAAO,CAAA,EAAG;AAC3B,QAAA,EAAA,CAAG,UAAU,OAAA,EAAS,EAAE,MAAM,GAAA,EAAK,SAAA,EAAW,MAAM,CAAA;AACtD,MAAA;AACA,MAAA,EAAA,CAAG,aAAA,CAAc,QAAA,EAAU,IAAA,CAAK,SAAA,CAAU,MAAA,EAAQ,IAAA,EAAM,CAAC,CAAA,EAAG,EAAE,IAAA,EAAM,GAAA,EAAK,CAAA;AAC3E,IAAA;AACA,IAAA,SAAS,mBAAmB,UAAA,EAAY;AACtC,MAAA,IAAI,CAAC,UAAA,CAAW,KAAA;AACd,QAAA,OAAO,KAAA;AACT,MAAA,IAAI,OAAO,WAAW,SAAA,KAAc,QAAA;AAClC,QAAA,OAAO,IAAA;AACT,MAAA,MAAM,eAAe,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAG,CAAA;AAChD,MAAA,OAAO,WAAW,SAAA,IAAa,YAAA;AACjC,IAAA;AAAA,EAAA;AAAA,CAAA,CAAA;AC7EA,IAAA,gBAAAF,4BAAA,CAAA;AAAA,EAAA,wFAAA,CAAAC,WAAA,MAAA,EAAA;AACA,IAAA,IAAI,YAAY,MAAA,CAAO,cAAA;AACvB,IAAA,IAAI,mBAAmB,MAAA,CAAO,wBAAA;AAC9B,IAAA,IAAI,oBAAoB,MAAA,CAAO,mBAAA;AAC/B,IAAA,IAAI,YAAA,GAAe,OAAO,SAAA,CAAU,cAAA;AACpC,IAAA,IAAI,QAAA,GAAW,CAAC,MAAA,EAAQ,GAAA,KAAQ;AAC9B,MAAA,KAAA,IAAS,IAAA,IAAQ,GAAA;AACf,QAAA,SAAA,CAAU,MAAA,EAAQ,MAAM,EAAE,GAAA,EAAK,IAAI,IAAI,CAAA,EAAG,UAAA,EAAY,IAAA,EAAM,CAAA;AAChE,IAAA,CAAA;AACA,IAAA,IAAI,WAAA,GAAc,CAAC,EAAA,EAAI,IAAA,EAAM,QAAQ,IAAA,KAAS;AAC5C,MAAA,IAAI,QAAQ,OAAO,IAAA,KAAS,QAAA,IAAY,OAAO,SAAS,UAAA,EAAY;AAClE,QAAA,KAAA,IAAS,GAAA,IAAO,kBAAkB,IAAI,CAAA;AACpC,UAAA,IAAI,CAAC,YAAA,CAAa,IAAA,CAAK,EAAA,EAAI,GAAG,KAAK,GAAA,KAAQ,MAAA;AACzC,YAAA,SAAA,CAAU,IAAI,GAAA,EAAK,EAAE,GAAA,EAAK,MAAM,KAAK,GAAG,CAAA,EAAG,UAAA,EAAY,EAAE,OAAO,gBAAA,CAAiB,IAAA,EAAM,GAAG,CAAA,CAAA,IAAM,IAAA,CAAK,YAAY,CAAA;AACvH,MAAA;AACA,MAAA,OAAO,EAAA;AACT,IAAA,CAAA;AACA,IAAA,IAAI,YAAA,GAAe,CAAC,GAAA,KAAQ,WAAA,CAAY,SAAA,CAAU,EAAA,EAAI,YAAA,EAAc,EAAE,KAAA,EAAO,IAAA,EAAM,GAAG,GAAG,CAAA;AACzF,IAAA,IAAI,gBAAgB,EAAA;AACpB,IAAA,QAAA,CAAS,aAAA,EAAe;AACtB,MAAA,oBAAA,EAAsB,MAAM,oBAAA;AAC5B,MAAA,mBAAA,EAAqB,MAAM;AAC5B,KAAA,CAAA;AACD,IAAA,MAAA,CAAO,OAAA,GAAU,aAAa,aAAa,CAAA;AAC3C,IAAA,IAAI,SAAA,GAAYC,6BAAQ,IAAI,CAAA;AAC5B,IAAA,IAAM,aAAA,GAAgB,oBAAA;AACtB,IAAA,IAAM,oBAAA,GAAuB,qCAAA;AAC7B,IAAA,IAAM,YAAY,CAAA,kBAAA,EAAqB,OAAA,CAAQ,OAAO,CAAA,CAAA,EAAA,IAAQ,UAAU,QAAA,GAAW,CAAA,EAAA,EAAA,IAAS,UAAU,IAAA,GAAO,SAAS,SAAA,CAAU,WAAW,CAAA,CAAA;AAC3I,IAAA,IAAI,cAAA,GAAiB,IAAA;AACrB,IAAA,eAAe,gBAAA,GAAmB;AAChC,MAAA,IAAI,cAAA,EAAgB;AAClB,QAAA,OAAO,cAAA;AACT,MAAA;AACA,MAAA,MAAM,YAAA,GAAe,GAAG,aAAa,CAAA,iCAAA,CAAA;AACrC,MAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,YAAA,EAAc;QACzC,OAAA,EAAS,EAAE,cAAc,SAAA;AAC1B,OAAA,CAAA;AACD,MAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,QAAA,MAAM,IAAI,MAAM,oCAAoC,CAAA;AACtD,MAAA;AACA,MAAA,MAAM,QAAA,GAAW,MAAM,QAAA,CAAS,IAAA,EAAA;AAChC,MAAA,IAAI,CAAC,QAAA,IAAY,OAAO,QAAA,CAAS,mBAAmB,QAAA,EAAU;AAC5D,QAAA,MAAM,IAAI,MAAM,kCAAkC,CAAA;AACpD,MAAA;AACA,MAAA,MAAM,WAAW,QAAA,CAAS,cAAA;AAC1B,MAAA,cAAA,GAAiB,QAAA;AACjB,MAAA,OAAO,QAAA;AACT,IAAA;AACA,IAAA,eAAe,oBAAoB,OAAA,EAAS;AAC1C,MAAA,MAAM,aAAA,GAAgB,MAAM,gBAAA,EAAA;AAC5B,MAAA,OAAO,MAAM,MAAM,aAAA,EAAe;QAChC,MAAA,EAAQ,MAAA;QACR,OAAA,EAAS;UACP,cAAA,EAAgB,mCAAA;UAChB,YAAA,EAAc;AAAA,SAAA;AAEhB,QAAA,IAAA,EAAM,IAAI,eAAA,CAAgB;UACxB,SAAA,EAAW,oBAAA;UACX,UAAA,EAAY,eAAA;UACZ,GAAG;AACJ,SAAA;AACF,OAAA,CAAA;AACH,IAAA;AACA,IAAA,eAAe,qBAAqB,QAAA,EAAU;AAC5C,MAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAA;AAC5B,MAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,QAAA,MAAM,QAAA,GAAW,OAAO,IAAA,KAAS,QAAA,IAAY,IAAA,IAAQ,WAAW,IAAA,GAAO,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA,GAAI,sBAAA;AAC5F,QAAA,OAAO,CAAC,IAAI,KAAA,CAAM,QAAQ,CAAC,CAAA;AAC7B,MAAA;AACA,MAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,IAAA,EAAM;AAC7C,QAAA,OAAO,CAAC,IAAI,KAAA,CAAM,wBAAwB,CAAC,CAAA;AAC7C,MAAA;AACA,MAAA,IAAI,OAAO,IAAA,CAAK,YAAA,KAAiB,QAAA,EAAU;AACzC,QAAA,OAAO,CAAC,IAAI,KAAA,CAAM,kCAAkC,CAAC,CAAA;AACvD,MAAA;AACA,MAAA,IAAI,IAAA,CAAK,eAAe,QAAA,EAAU;AAChC,QAAA,OAAO,CAAC,IAAI,KAAA,CAAM,gCAAgC,CAAC,CAAA;AACrD,MAAA;AACA,MAAA,IAAI,OAAO,IAAA,CAAK,UAAA,KAAe,QAAA,EAAU;AACvC,QAAA,OAAO,CAAC,IAAI,KAAA,CAAM,gCAAgC,CAAC,CAAA;AACrD,MAAA;AACA,MAAA,OAAO,CAAC,MAAM,IAAI,CAAA;AACpB,IAAA;AAAA,EAAA;AAAA,CAAA,CAAA;AClFA,IAAA,qBAAAF,4BAAA,CAAA;AAAA,EAAA,6FAAA,CAAAC,WAAA,MAAA,EAAA;AACA,IAAA,IAAI,WAAW,MAAA,CAAO,MAAA;AACtB,IAAA,IAAI,YAAY,MAAA,CAAO,cAAA;AACvB,IAAA,IAAI,mBAAmB,MAAA,CAAO,wBAAA;AAC9B,IAAA,IAAI,oBAAoB,MAAA,CAAO,mBAAA;AAC/B,IAAA,IAAI,eAAe,MAAA,CAAO,cAAA;AAC1B,IAAA,IAAI,YAAA,GAAe,OAAO,SAAA,CAAU,cAAA;AACpC,IAAA,IAAI,QAAA,GAAW,CAAC,MAAA,EAAQ,GAAA,KAAQ;AAC9B,MAAA,KAAA,IAAS,IAAA,IAAQ,GAAA;AACf,QAAA,SAAA,CAAU,MAAA,EAAQ,MAAM,EAAE,GAAA,EAAK,IAAI,IAAI,CAAA,EAAG,UAAA,EAAY,IAAA,EAAM,CAAA;AAChE,IAAA,CAAA;AACA,IAAA,IAAI,WAAA,GAAc,CAAC,EAAA,EAAI,IAAA,EAAM,QAAQ,IAAA,KAAS;AAC5C,MAAA,IAAI,QAAQ,OAAO,IAAA,KAAS,QAAA,IAAY,OAAO,SAAS,UAAA,EAAY;AAClE,QAAA,KAAA,IAAS,GAAA,IAAO,kBAAkB,IAAI,CAAA;AACpC,UAAA,IAAI,CAAC,YAAA,CAAa,IAAA,CAAK,EAAA,EAAI,GAAG,KAAK,GAAA,KAAQ,MAAA;AACzC,YAAA,SAAA,CAAU,IAAI,GAAA,EAAK,EAAE,GAAA,EAAK,MAAM,KAAK,GAAG,CAAA,EAAG,UAAA,EAAY,EAAE,OAAO,gBAAA,CAAiB,IAAA,EAAM,GAAG,CAAA,CAAA,IAAM,IAAA,CAAK,YAAY,CAAA;AACvH,MAAA;AACA,MAAA,OAAO,EAAA;AACT,IAAA,CAAA;AACA,IAAA,IAAI,OAAA,GAAU,CAAC,GAAA,EAAK,UAAA,EAAY,YAAY,MAAA,GAAS,GAAA,IAAO,IAAA,GAAO,QAAA,CAAS,YAAA,CAAa,GAAG,CAAC,CAAA,GAAI,EAAA,EAAI,WAAA;;;;;AAKrF,MAAA,CAAC,GAAA,IAAO,CAAC,GAAA,CAAI,UAAA,GAAa,SAAA,CAAU,MAAA,EAAQ,SAAA,EAAW,EAAE,KAAA,EAAO,GAAA,EAAK,UAAA,EAAY,IAAA,EAAM,CAAA,GAAI,MAAA;AACzG,MAAA;AAAA,KAAA,CAAA;AAEF,IAAA,IAAI,YAAA,GAAe,CAAC,GAAA,KAAQ,WAAA,CAAY,SAAA,CAAU,EAAA,EAAI,YAAA,EAAc,EAAE,KAAA,EAAO,IAAA,EAAM,GAAG,GAAG,CAAA;AACzF,IAAA,IAAI,qBAAqB,EAAA;AACzB,IAAA,QAAA,CAAS,kBAAA,EAAoB;AAC3B,MAAA,6BAAA,EAA+B,MAAM,6BAAA;AACrC,MAAA,eAAA,EAAiB,MAAM,eAAA;AACvB,MAAA,eAAA,EAAiB,MAAM,eAAA;AACvB,MAAA,iBAAA,EAAmB,MAAM,iBAAA;AACzB,MAAA,gBAAA,EAAkB,MAAM,gBAAA;AACxB,MAAA,kBAAA,EAAoB,MAAM,kBAAA;AAC1B,MAAA,SAAA,EAAW,MAAM,SAAA;AACjB,MAAA,SAAA,EAAW,MAAM,SAAA;AACjB,MAAA,SAAA,EAAW,MAAM;AAClB,KAAA,CAAA;AACD,IAAA,MAAA,CAAO,OAAA,GAAU,aAAa,kBAAkB,CAAA;AAChD,IAAA,IAAI,IAAA,GAAO,OAAA,CAAQC,4BAAA,CAAQ,MAAM,CAAC,CAAA;AAClC,IAAA,IAAI,EAAA,GAAK,OAAA,CAAQA,4BAAA,CAAQ,IAAI,CAAC,CAAA;AAC9B,IAAA,IAAI,qBAAqBC,qCAAA,EAAA;AACzB,IAAA,IAAI,kBAAkB,gBAAA,EAAA;AACtB,IAAA,IAAI,qBAAqB,mBAAA,EAAA;AACzB,IAAA,IAAI,eAAe,aAAA,EAAA;AACnB,IAAA,SAAS,gBAAA,GAAmB;AAC1B,MAAA,MAAM,YAAA,GAAe,gBAAA;AACrB,MAAA,MAAM,OAAA,GAAA,IAAc,eAAA,CAAgB,cAAA,GAAA;AACpC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAO,IAAA;AACT,MAAA;AACA,MAAA,OAAO,IAAA,CAAK,IAAA,CAAK,OAAA,EAAS,YAAY,CAAA;AACxC,IAAA;AACA,IAAA,eAAe,iBAAA,GAAoB;AACjC,MAAA,MAAM,UAAA,GAAA,IAAiB,kBAAA,CAAmB,cAAA,GAAA;AAC1C,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,OAAO,IAAA;AACT,MAAA;AACA,MAAA,IAAA,IAAQ,kBAAA,CAAmB,kBAAA,EAAoB,UAAU,CAAA,EAAG;AAC1D,QAAA,OAAO,WAAW,KAAA,IAAS,IAAA;AAC7B,MAAA;AACA,MAAA,IAAI,CAAC,WAAW,YAAA,EAAc;AAC5B,QAAA,IAAI,kBAAA,CAAmB,eAAA,EAAiB,EAAE,CAAA;AAC1C,QAAA,OAAO,IAAA;AACT,MAAA;AACA,MAAA,IAAI;AACF,QAAA,MAAM,aAAA,GAAgB,MAAA,IAAU,YAAA,CAAa,mBAAA,EAAqB;AAChE,UAAA,aAAA,EAAe,UAAA,CAAW;AAC3B,SAAA,CAAA;AACD,QAAA,MAAM,CAAC,aAAa,MAAM,CAAA,GAAI,UAAU,YAAA,CAAa,sBAAsB,aAAa,CAAA;AACxF,QAAA,IAAI,WAAA,IAAe,CAAC,MAAA,EAAQ;AAC1B,UAAA,IAAI,kBAAA,CAAmB,eAAA,EAAiB,EAAE,CAAA;AAC1C,UAAA,OAAO,IAAA;AACT,QAAA;AACA,QAAA,MAAM,aAAA,GAAgB;AACpB,UAAA,KAAA,EAAO,MAAA,CAAO,YAAA;AACd,UAAA,SAAA,EAAW,KAAK,KAAA,CAAM,IAAA,CAAK,KAAA,GAAQ,GAAG,IAAI,MAAA,CAAO;AAAA,SAAA;AAEnD,QAAA,IAAI,OAAO,aAAA,EAAe;AACxB,UAAA,aAAA,CAAc,eAAe,MAAA,CAAO,aAAA;AACtC,QAAA;AACA,QAAA,IAAI,kBAAA,CAAmB,eAAA,EAAiB,aAAa,CAAA;AACrD,QAAA,OAAO,cAAc,KAAA,IAAS,IAAA;AAChC,MAAA,CAAA,CAAA,OAAS,KAAA,EAAO;AACd,QAAA,IAAI,kBAAA,CAAmB,eAAA,EAAiB,EAAE,CAAA;AAC1C,QAAA,OAAO,IAAA;AACT,MAAA;AACF,IAAA;AACA,IAAA,eAAe,kBAAA,CAAmB,SAAA,EAAW,SAAA,EAAW,MAAA,EAAQ;AAC9D,MAAA,MAAM,GAAA,GAAM,sCAAsC,SAAS,CAAA,iCAAA,EAAoC,SAAS,CAAA,QAAA,EAAW,MAAM,KAAK,EAAE,CAAA,CAAA;AAChI,MAAA,MAAM,GAAA,GAAM,MAAM,KAAA,CAAM,GAAA,EAAK;QAC3B,MAAA,EAAQ,MAAA;QACR,OAAA,EAAS;AACP,UAAA,aAAA,EAAe,UAAU,SAAS,CAAA;AAAA;AAErC,OAAA,CAAA;AACD,MAAA,IAAI,CAAC,IAAI,EAAA,EAAI;AACX,QAAA,MAAM,IAAI,kBAAA,CAAmB,oBAAA;AAC3B,UAAA,CAAA,8BAAA,EAAiC,IAAI,UAAU,CAAA;AAAA,SAAA;AAEnD,MAAA;AACA,MAAA,MAAM,QAAA,GAAW,MAAM,GAAA,CAAI,IAAA,EAAA;AAC3B,MAAA,6BAAA,CAA8B,QAAQ,CAAA;AACtC,MAAA,OAAO,QAAA;AACT,IAAA;AACA,IAAA,SAAS,8BAA8B,GAAA,EAAK;AAC1C,MAAA,IAAI,CAAC,GAAA,IAAO,OAAO,GAAA,KAAQ,QAAA,EAAU;AACnC,QAAA,MAAM,IAAI,SAAA;AACR,UAAA;AAAA,SAAA;AAEJ,MAAA;AACA,MAAA,IAAI,EAAE,OAAA,IAAW,GAAA,CAAA,IAAQ,OAAO,GAAA,CAAI,UAAU,QAAA,EAAU;AACtD,QAAA,MAAM,IAAI,SAAA;AACR,UAAA;AAAA,SAAA;AAEJ,MAAA;AACF,IAAA;AACA,IAAA,SAAS,eAAA,GAAkB;AACzB,MAAA,MAAM,GAAA,GAAA,IAAU,eAAA,CAAgB,WAAA,GAAA;AAChC,MAAA,IAAI,CAAC,GAAA,EAAK;AACR,QAAA,MAAM,IAAI,kBAAA,CAAmB,oBAAA;AAC3B,UAAA;AAAA,SAAA;AAEJ,MAAA;AACA,MAAA,MAAM,OAAA,GAAU,IAAA,CAAK,IAAA,CAAK,GAAA,EAAK,WAAW,cAAc,CAAA;AACxD,MAAA,IAAI,CAAC,EAAA,CAAG,UAAA,CAAW,OAAO,CAAA,EAAG;AAC3B,QAAA,MAAM,IAAI,kBAAA,CAAmB,oBAAA;AAC3B,UAAA;AAAA,SAAA;AAEJ,MAAA;AACA,MAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,GAAG,YAAA,CAAa,OAAA,EAAS,MAAM,CAAC,CAAA;AACvD,MAAA,IAAI,OAAO,GAAA,CAAI,SAAA,KAAc,YAAY,OAAO,GAAA,CAAI,UAAU,QAAA,EAAU;AACtE,QAAA,MAAM,IAAI,SAAA;AACR,UAAA;AAAA,SAAA;AAEJ,MAAA;AACA,MAAA,OAAO,EAAE,SAAA,EAAW,GAAA,CAAI,SAAA,EAAW,MAAA,EAAQ,IAAI,KAAA,EAAA;AACjD,IAAA;AACA,IAAA,SAAS,SAAA,CAAU,OAAO,SAAA,EAAW;AACnC,MAAA,MAAM,GAAA,GAAA,IAAU,eAAA,CAAgB,cAAA,GAAA;AAChC,MAAA,IAAI,CAAC,GAAA,EAAK;AACR,QAAA,MAAM,IAAI,kBAAA,CAAmB,oBAAA;AAC3B,UAAA;AAAA,SAAA;AAEJ,MAAA;AACA,MAAA,MAAM,YAAY,IAAA,CAAK,IAAA,CAAK,KAAK,kBAAA,EAAoB,CAAA,EAAG,SAAS,CAAA,KAAA,CAAO,CAAA;AACxE,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,SAAA,CAAU,KAAK,CAAA;AACtC,MAAA,EAAA,CAAG,SAAA,CAAU,IAAA,CAAK,OAAA,CAAQ,SAAS,CAAA,EAAG,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,IAAA,EAAM,CAAA;AACpE,MAAA,EAAA,CAAG,aAAA,CAAc,WAAW,SAAS,CAAA;AACrC,MAAA,EAAA,CAAG,SAAA,CAAU,WAAW,GAAG,CAAA;AAC3B,MAAA;AACF,IAAA;AACA,IAAA,SAAS,UAAU,SAAA,EAAW;AAC5B,MAAA,MAAM,GAAA,GAAA,IAAU,eAAA,CAAgB,cAAA,GAAA;AAChC,MAAA,IAAI,CAAC,GAAA,EAAK;AACR,QAAA,MAAM,IAAI,kBAAA,CAAmB,oBAAA;AAC3B,UAAA;AAAA,SAAA;AAEJ,MAAA;AACA,MAAA,MAAM,YAAY,IAAA,CAAK,IAAA,CAAK,KAAK,kBAAA,EAAoB,CAAA,EAAG,SAAS,CAAA,KAAA,CAAO,CAAA;AACxE,MAAA,IAAI,CAAC,EAAA,CAAG,UAAA,CAAW,SAAS,CAAA,EAAG;AAC7B,QAAA,OAAO,IAAA;AACT,MAAA;AACA,MAAA,MAAM,QAAQ,IAAA,CAAK,KAAA,CAAM,GAAG,YAAA,CAAa,SAAA,EAAW,MAAM,CAAC,CAAA;AAC3D,MAAA,6BAAA,CAA8B,KAAK,CAAA;AACnC,MAAA,OAAO,KAAA;AACT,IAAA;AACA,IAAA,SAAS,gBAAgB,KAAA,EAAO;AAC9B,MAAA,MAAM,UAAA,GAAa,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAClC,MAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3B,QAAA,MAAM,IAAI,kBAAA,CAAmB,oBAAA;AAC3B,UAAA;AAAA,SAAA;AAEJ,MAAA;AACA,MAAA,MAAM,MAAA,GAAS,UAAA,CAAW,CAAC,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA;AACjE,MAAA,MAAM,SAAS,MAAA,CAAO,MAAA;AACpB,QAAA,MAAA,CAAO,MAAA,GAAA,CAAU,CAAA,GAAI,MAAA,CAAO,MAAA,GAAS,CAAA,IAAK,CAAA;AAC1C,QAAA;AAAA,OAAA;AAEF,MAAA,OAAO,IAAA,CAAK,MAAM,MAAA,CAAO,IAAA,CAAK,QAAQ,QAAQ,CAAA,CAAE,QAAA,CAAS,MAAM,CAAC,CAAA;AAClE,IAAA;AACA,IAAA,SAAS,UAAU,KAAA,EAAO;AACxB,MAAA,OAAO,KAAA,CAAM,GAAA,GAAM,GAAA,GAAM,IAAA,CAAK,GAAA,EAAA;AAChC,IAAA;AAAA,EAAA;AAAA,CAAA","file":"chunk-HKFP7TIK.cjs","sourcesContent":["\"use strict\";\nvar __create = Object.create;\nvar __defProp = Object.defineProperty;\nvar __getOwnPropDesc = Object.getOwnPropertyDescriptor;\nvar __getOwnPropNames = Object.getOwnPropertyNames;\nvar __getProtoOf = Object.getPrototypeOf;\nvar __hasOwnProp = Object.prototype.hasOwnProperty;\nvar __export = (target, all) => {\n for (var name in all)\n __defProp(target, name, { get: all[name], enumerable: true });\n};\nvar __copyProps = (to, from, except, desc) => {\n if (from && typeof from === \"object\" || typeof from === \"function\") {\n for (let key of __getOwnPropNames(from))\n if (!__hasOwnProp.call(to, key) && key !== except)\n __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });\n }\n return to;\n};\nvar __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(\n // If the importer is in node compatibility mode or this is not an ESM\n // file that has been converted to a CommonJS file using a Babel-\n // compatible transform (i.e. \"__esModule\" has not been set), then set\n // \"default\" to the CommonJS \"module.exports\" for node compatibility.\n isNodeMode || !mod || !mod.__esModule ? __defProp(target, \"default\", { value: mod, enumerable: true }) : target,\n mod\n));\nvar __toCommonJS = (mod) => __copyProps(__defProp({}, \"__esModule\", { value: true }), mod);\nvar token_io_exports = {};\n__export(token_io_exports, {\n findRootDir: () => findRootDir,\n getUserDataDir: () => getUserDataDir\n});\nmodule.exports = __toCommonJS(token_io_exports);\nvar import_path = __toESM(require(\"path\"));\nvar import_fs = __toESM(require(\"fs\"));\nvar import_os = __toESM(require(\"os\"));\nvar import_token_error = require(\"./token-error\");\nfunction findRootDir() {\n try {\n let dir = process.cwd();\n while (dir !== import_path.default.dirname(dir)) {\n const pkgPath = import_path.default.join(dir, \".vercel\");\n if (import_fs.default.existsSync(pkgPath)) {\n return dir;\n }\n dir = import_path.default.dirname(dir);\n }\n } catch (e) {\n throw new import_token_error.VercelOidcTokenError(\n \"Token refresh only supported in node server environments\"\n );\n }\n return null;\n}\nfunction getUserDataDir() {\n if (process.env.XDG_DATA_HOME) {\n return process.env.XDG_DATA_HOME;\n }\n switch (import_os.default.platform()) {\n case \"darwin\":\n return import_path.default.join(import_os.default.homedir(), \"Library/Application Support\");\n case \"linux\":\n return import_path.default.join(import_os.default.homedir(), \".local/share\");\n case \"win32\":\n if (process.env.LOCALAPPDATA) {\n return process.env.LOCALAPPDATA;\n }\n return null;\n default:\n return null;\n }\n}\n// Annotate the CommonJS export names for ESM import in node:\n0 && (module.exports = {\n findRootDir,\n getUserDataDir\n});\n","\"use strict\";\nvar __create = Object.create;\nvar __defProp = Object.defineProperty;\nvar __getOwnPropDesc = Object.getOwnPropertyDescriptor;\nvar __getOwnPropNames = Object.getOwnPropertyNames;\nvar __getProtoOf = Object.getPrototypeOf;\nvar __hasOwnProp = Object.prototype.hasOwnProperty;\nvar __export = (target, all) => {\n for (var name in all)\n __defProp(target, name, { get: all[name], enumerable: true });\n};\nvar __copyProps = (to, from, except, desc) => {\n if (from && typeof from === \"object\" || typeof from === \"function\") {\n for (let key of __getOwnPropNames(from))\n if (!__hasOwnProp.call(to, key) && key !== except)\n __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });\n }\n return to;\n};\nvar __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(\n // If the importer is in node compatibility mode or this is not an ESM\n // file that has been converted to a CommonJS file using a Babel-\n // compatible transform (i.e. \"__esModule\" has not been set), then set\n // \"default\" to the CommonJS \"module.exports\" for node compatibility.\n isNodeMode || !mod || !mod.__esModule ? __defProp(target, \"default\", { value: mod, enumerable: true }) : target,\n mod\n));\nvar __toCommonJS = (mod) => __copyProps(__defProp({}, \"__esModule\", { value: true }), mod);\nvar auth_config_exports = {};\n__export(auth_config_exports, {\n isValidAccessToken: () => isValidAccessToken,\n readAuthConfig: () => readAuthConfig,\n writeAuthConfig: () => writeAuthConfig\n});\nmodule.exports = __toCommonJS(auth_config_exports);\nvar fs = __toESM(require(\"fs\"));\nvar path = __toESM(require(\"path\"));\nvar import_token_util = require(\"./token-util\");\nfunction getAuthConfigPath() {\n const dataDir = (0, import_token_util.getVercelDataDir)();\n if (!dataDir) {\n throw new Error(\n `Unable to find Vercel CLI data directory. Your platform: ${process.platform}. Supported: darwin, linux, win32.`\n );\n }\n return path.join(dataDir, \"auth.json\");\n}\nfunction readAuthConfig() {\n try {\n const authPath = getAuthConfigPath();\n if (!fs.existsSync(authPath)) {\n return null;\n }\n const content = fs.readFileSync(authPath, \"utf8\");\n if (!content) {\n return null;\n }\n return JSON.parse(content);\n } catch (error) {\n return null;\n }\n}\nfunction writeAuthConfig(config) {\n const authPath = getAuthConfigPath();\n const authDir = path.dirname(authPath);\n if (!fs.existsSync(authDir)) {\n fs.mkdirSync(authDir, { mode: 504, recursive: true });\n }\n fs.writeFileSync(authPath, JSON.stringify(config, null, 2), { mode: 384 });\n}\nfunction isValidAccessToken(authConfig) {\n if (!authConfig.token)\n return false;\n if (typeof authConfig.expiresAt !== \"number\")\n return true;\n const nowInSeconds = Math.floor(Date.now() / 1e3);\n return authConfig.expiresAt >= nowInSeconds;\n}\n// Annotate the CommonJS export names for ESM import in node:\n0 && (module.exports = {\n isValidAccessToken,\n readAuthConfig,\n writeAuthConfig\n});\n","\"use strict\";\nvar __defProp = Object.defineProperty;\nvar __getOwnPropDesc = Object.getOwnPropertyDescriptor;\nvar __getOwnPropNames = Object.getOwnPropertyNames;\nvar __hasOwnProp = Object.prototype.hasOwnProperty;\nvar __export = (target, all) => {\n for (var name in all)\n __defProp(target, name, { get: all[name], enumerable: true });\n};\nvar __copyProps = (to, from, except, desc) => {\n if (from && typeof from === \"object\" || typeof from === \"function\") {\n for (let key of __getOwnPropNames(from))\n if (!__hasOwnProp.call(to, key) && key !== except)\n __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });\n }\n return to;\n};\nvar __toCommonJS = (mod) => __copyProps(__defProp({}, \"__esModule\", { value: true }), mod);\nvar oauth_exports = {};\n__export(oauth_exports, {\n processTokenResponse: () => processTokenResponse,\n refreshTokenRequest: () => refreshTokenRequest\n});\nmodule.exports = __toCommonJS(oauth_exports);\nvar import_os = require(\"os\");\nconst VERCEL_ISSUER = \"https://vercel.com\";\nconst VERCEL_CLI_CLIENT_ID = \"cl_HYyOPBNtFMfHhaUn9L4QPfTZz6TP47bp\";\nconst userAgent = `@vercel/oidc node-${process.version} ${(0, import_os.platform)()} (${(0, import_os.arch)()}) ${(0, import_os.hostname)()}`;\nlet _tokenEndpoint = null;\nasync function getTokenEndpoint() {\n if (_tokenEndpoint) {\n return _tokenEndpoint;\n }\n const discoveryUrl = `${VERCEL_ISSUER}/.well-known/openid-configuration`;\n const response = await fetch(discoveryUrl, {\n headers: { \"user-agent\": userAgent }\n });\n if (!response.ok) {\n throw new Error(\"Failed to discover OAuth endpoints\");\n }\n const metadata = await response.json();\n if (!metadata || typeof metadata.token_endpoint !== \"string\") {\n throw new Error(\"Invalid OAuth discovery response\");\n }\n const endpoint = metadata.token_endpoint;\n _tokenEndpoint = endpoint;\n return endpoint;\n}\nasync function refreshTokenRequest(options) {\n const tokenEndpoint = await getTokenEndpoint();\n return await fetch(tokenEndpoint, {\n method: \"POST\",\n headers: {\n \"Content-Type\": \"application/x-www-form-urlencoded\",\n \"user-agent\": userAgent\n },\n body: new URLSearchParams({\n client_id: VERCEL_CLI_CLIENT_ID,\n grant_type: \"refresh_token\",\n ...options\n })\n });\n}\nasync function processTokenResponse(response) {\n const json = await response.json();\n if (!response.ok) {\n const errorMsg = typeof json === \"object\" && json && \"error\" in json ? String(json.error) : \"Token refresh failed\";\n return [new Error(errorMsg)];\n }\n if (typeof json !== \"object\" || json === null) {\n return [new Error(\"Invalid token response\")];\n }\n if (typeof json.access_token !== \"string\") {\n return [new Error(\"Missing access_token in response\")];\n }\n if (json.token_type !== \"Bearer\") {\n return [new Error(\"Invalid token_type in response\")];\n }\n if (typeof json.expires_in !== \"number\") {\n return [new Error(\"Missing expires_in in response\")];\n }\n return [null, json];\n}\n// Annotate the CommonJS export names for ESM import in node:\n0 && (module.exports = {\n processTokenResponse,\n refreshTokenRequest\n});\n","\"use strict\";\nvar __create = Object.create;\nvar __defProp = Object.defineProperty;\nvar __getOwnPropDesc = Object.getOwnPropertyDescriptor;\nvar __getOwnPropNames = Object.getOwnPropertyNames;\nvar __getProtoOf = Object.getPrototypeOf;\nvar __hasOwnProp = Object.prototype.hasOwnProperty;\nvar __export = (target, all) => {\n for (var name in all)\n __defProp(target, name, { get: all[name], enumerable: true });\n};\nvar __copyProps = (to, from, except, desc) => {\n if (from && typeof from === \"object\" || typeof from === \"function\") {\n for (let key of __getOwnPropNames(from))\n if (!__hasOwnProp.call(to, key) && key !== except)\n __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });\n }\n return to;\n};\nvar __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(\n // If the importer is in node compatibility mode or this is not an ESM\n // file that has been converted to a CommonJS file using a Babel-\n // compatible transform (i.e. \"__esModule\" has not been set), then set\n // \"default\" to the CommonJS \"module.exports\" for node compatibility.\n isNodeMode || !mod || !mod.__esModule ? __defProp(target, \"default\", { value: mod, enumerable: true }) : target,\n mod\n));\nvar __toCommonJS = (mod) => __copyProps(__defProp({}, \"__esModule\", { value: true }), mod);\nvar token_util_exports = {};\n__export(token_util_exports, {\n assertVercelOidcTokenResponse: () => assertVercelOidcTokenResponse,\n findProjectInfo: () => findProjectInfo,\n getTokenPayload: () => getTokenPayload,\n getVercelCliToken: () => getVercelCliToken,\n getVercelDataDir: () => getVercelDataDir,\n getVercelOidcToken: () => getVercelOidcToken,\n isExpired: () => isExpired,\n loadToken: () => loadToken,\n saveToken: () => saveToken\n});\nmodule.exports = __toCommonJS(token_util_exports);\nvar path = __toESM(require(\"path\"));\nvar fs = __toESM(require(\"fs\"));\nvar import_token_error = require(\"./token-error\");\nvar import_token_io = require(\"./token-io\");\nvar import_auth_config = require(\"./auth-config\");\nvar import_oauth = require(\"./oauth\");\nfunction getVercelDataDir() {\n const vercelFolder = \"com.vercel.cli\";\n const dataDir = (0, import_token_io.getUserDataDir)();\n if (!dataDir) {\n return null;\n }\n return path.join(dataDir, vercelFolder);\n}\nasync function getVercelCliToken() {\n const authConfig = (0, import_auth_config.readAuthConfig)();\n if (!authConfig) {\n return null;\n }\n if ((0, import_auth_config.isValidAccessToken)(authConfig)) {\n return authConfig.token || null;\n }\n if (!authConfig.refreshToken) {\n (0, import_auth_config.writeAuthConfig)({});\n return null;\n }\n try {\n const tokenResponse = await (0, import_oauth.refreshTokenRequest)({\n refresh_token: authConfig.refreshToken\n });\n const [tokensError, tokens] = await (0, import_oauth.processTokenResponse)(tokenResponse);\n if (tokensError || !tokens) {\n (0, import_auth_config.writeAuthConfig)({});\n return null;\n }\n const updatedConfig = {\n token: tokens.access_token,\n expiresAt: Math.floor(Date.now() / 1e3) + tokens.expires_in\n };\n if (tokens.refresh_token) {\n updatedConfig.refreshToken = tokens.refresh_token;\n }\n (0, import_auth_config.writeAuthConfig)(updatedConfig);\n return updatedConfig.token ?? null;\n } catch (error) {\n (0, import_auth_config.writeAuthConfig)({});\n return null;\n }\n}\nasync function getVercelOidcToken(authToken, projectId, teamId) {\n const url = `https://api.vercel.com/v1/projects/${projectId}/token?source=vercel-oidc-refresh${teamId ? `&teamId=${teamId}` : \"\"}`;\n const res = await fetch(url, {\n method: \"POST\",\n headers: {\n Authorization: `Bearer ${authToken}`\n }\n });\n if (!res.ok) {\n throw new import_token_error.VercelOidcTokenError(\n `Failed to refresh OIDC token: ${res.statusText}`\n );\n }\n const tokenRes = await res.json();\n assertVercelOidcTokenResponse(tokenRes);\n return tokenRes;\n}\nfunction assertVercelOidcTokenResponse(res) {\n if (!res || typeof res !== \"object\") {\n throw new TypeError(\n \"Vercel OIDC token is malformed. Expected an object. Please run `vc env pull` and try again\"\n );\n }\n if (!(\"token\" in res) || typeof res.token !== \"string\") {\n throw new TypeError(\n \"Vercel OIDC token is malformed. Expected a string-valued token property. Please run `vc env pull` and try again\"\n );\n }\n}\nfunction findProjectInfo() {\n const dir = (0, import_token_io.findRootDir)();\n if (!dir) {\n throw new import_token_error.VercelOidcTokenError(\n \"Unable to find project root directory. Have you linked your project with `vc link?`\"\n );\n }\n const prjPath = path.join(dir, \".vercel\", \"project.json\");\n if (!fs.existsSync(prjPath)) {\n throw new import_token_error.VercelOidcTokenError(\n \"project.json not found, have you linked your project with `vc link?`\"\n );\n }\n const prj = JSON.parse(fs.readFileSync(prjPath, \"utf8\"));\n if (typeof prj.projectId !== \"string\" && typeof prj.orgId !== \"string\") {\n throw new TypeError(\n \"Expected a string-valued projectId property. Try running `vc link` to re-link your project.\"\n );\n }\n return { projectId: prj.projectId, teamId: prj.orgId };\n}\nfunction saveToken(token, projectId) {\n const dir = (0, import_token_io.getUserDataDir)();\n if (!dir) {\n throw new import_token_error.VercelOidcTokenError(\n \"Unable to find user data directory. Please reach out to Vercel support.\"\n );\n }\n const tokenPath = path.join(dir, \"com.vercel.token\", `${projectId}.json`);\n const tokenJson = JSON.stringify(token);\n fs.mkdirSync(path.dirname(tokenPath), { mode: 504, recursive: true });\n fs.writeFileSync(tokenPath, tokenJson);\n fs.chmodSync(tokenPath, 432);\n return;\n}\nfunction loadToken(projectId) {\n const dir = (0, import_token_io.getUserDataDir)();\n if (!dir) {\n throw new import_token_error.VercelOidcTokenError(\n \"Unable to find user data directory. Please reach out to Vercel support.\"\n );\n }\n const tokenPath = path.join(dir, \"com.vercel.token\", `${projectId}.json`);\n if (!fs.existsSync(tokenPath)) {\n return null;\n }\n const token = JSON.parse(fs.readFileSync(tokenPath, \"utf8\"));\n assertVercelOidcTokenResponse(token);\n return token;\n}\nfunction getTokenPayload(token) {\n const tokenParts = token.split(\".\");\n if (tokenParts.length !== 3) {\n throw new import_token_error.VercelOidcTokenError(\n \"Invalid token. Please run `vc env pull` and try again\"\n );\n }\n const base64 = tokenParts[1].replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padded = base64.padEnd(\n base64.length + (4 - base64.length % 4) % 4,\n \"=\"\n );\n return JSON.parse(Buffer.from(padded, \"base64\").toString(\"utf8\"));\n}\nfunction isExpired(token) {\n return token.exp * 1e3 < Date.now();\n}\n// Annotate the CommonJS export names for ESM import in node:\n0 && (module.exports = {\n assertVercelOidcTokenResponse,\n findProjectInfo,\n getTokenPayload,\n getVercelCliToken,\n getVercelDataDir,\n getVercelOidcToken,\n isExpired,\n loadToken,\n saveToken\n});\n"]}

package/dist/chunk-JKFMRHNM.js.map DELETED Viewed

@@ -1 +0,0 @@

- {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["mastra"],"mappings":";;;;;;AAkCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AASO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AACA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,YAAY,MAAA,IAAU,IAAA;AAChE;AAMO,IAAM,8BAA8B,iBAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,0BAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,SAAS,EAAE,IAAA,EAAM,SAAA,EAAW,WAAA,EAAa,CAAA;AAE5F,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,yBAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsB,iBAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,mBAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,sBAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoB,iBAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqB,iBAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgB,qBAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,OAAO,WAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,MAAMA,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-JKFMRHNM.js","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n refreshResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (auth: any, request: Request, options?: { rbac?: any; apiPrefix?: string }) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname.\n * X-Forwarded-Host tells us the real public hostname.\n * Always uses https when behind a proxy — Knative's queue-proxy overwrites\n * X-Forwarded-Proto based on the internal HTTP connection, so it's unreliable.\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && method in auth;\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, apiPrefix: routePrefix });\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const auth = getAuthProvider(mastra);\n const rbac = getRBACProvider(mastra);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/refresh',\n responseType: 'datastream-response',\n responseSchema: refreshResponseSchema,\n summary: 'Refresh session',\n description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (\n !auth ||\n !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n ) {\n throw new HTTPException(404, { message: 'Session refresh not configured' });\n }\n\n // Get session ID from request\n const sessionId = auth.getSessionIdFromRequest(request);\n if (!sessionId) {\n throw new HTTPException(401, { message: 'No session' });\n }\n\n // Refresh the session\n const newSession = await auth.refreshSession(sessionId);\n if (!newSession) {\n throw new HTTPException(401, { message: 'Session expired' });\n }\n\n // Build response with new session headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n const sessionHeaders = auth.getSessionHeaders(newSession);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers,\n });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error refreshing session');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_REFRESH_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n] as const;\n"]}