@mastra/server 1.33.0-alpha.2 → 1.33.0-alpha.4

package/dist/{chunk-I34RGOPQ.js.map → chunk-MF6GSHTO.js.map}

@@ -1 +1 @@
-{"version":3,"sources":["../src/server/handlers/stored-skills.ts"],"names":[],"mappings":";;;;;;;AA4BO,IAAM,2BAA2B,WAAA,CAAY;AAAA,EAClD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkB,2BAAA;AAAA,EAClB,cAAA,EAAgB,8BAAA;AAAA,EAChB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,6EAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,MAAM,OAAA,EAAS,OAAA,EAAS,QAAA,EAAU,QAAA,EAAS,KAAM;AACzE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,YAAA,CAAa;AAAA,QAC3C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,yBAAyB,WAAA,CAAY;AAAA,EAChD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,uBAAA;AAAA,EACjB,cAAA,EAAgB,4BAAA;AAAA,EAChB,OAAA,EAAS,wBAAA;AAAA,EACT,WAAA,EAAa,sGAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,KAAA,GAAQ,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAE5D,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4B,WAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,cAAA,EAAgB,+BAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,wEAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,EAAA,EAAI,UAAA;AAAA,IACJ,QAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,OAAA;AAAA,IACA,aAAA;AAAA,IACA,MAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAc,MAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,EAAE,CAAA;AAC5C,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,cAAA,EAAiB,EAAE,mBAAmB,CAAA;AAAA,MAChF;AAEA,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,KAAA,EAAO;AAAA,UACL,EAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA,YAAA;AAAA,UACA,OAAA;AAAA,UACA,aAAA;AAAA,UACA,MAAA;AAAA,UACA,UAAA;AAAA,UACA,OAAA;AAAA,UACA,MAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAGD,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,EAAE,CAAA;AACpD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4B,WAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,uBAAA;AAAA,EACjB,UAAA,EAAY,2BAAA;AAAA,EACZ,cAAA,EAAgB,+BAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,aAAA;AAAA;AAAA,IAEA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,OAAA;AAAA,IACA,aAAA;AAAA,IACA,MAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAIA,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,EAAA,EAAI,aAAA;AAAA,QACJ,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,OAAA;AAAA,QACA,aAAA;AAAA,QACA,MAAA;AAAA,QACA,UAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA;AAAA,OACD,CAAA;AAGD,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4B,WAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,uBAAA;AAAA,EACjB,cAAA,EAAgB,+BAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,uDAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,MAAM,UAAA,CAAW,OAAO,aAAa,CAAA;AAErC,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,OAAA,EAAS,SAAS,aAAa,CAAA,qBAAA;AAAA,OACjC;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAOM,IAAM,6BAA6B,WAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,uCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,uBAAA;AAAA,EACjB,UAAA,EAAY,4BAAA;AAAA,EACZ,cAAA,EAAgB,gCAAA;AAAA,EAChB,OAAA,EAAS,sBAAA;AAAA,EACT,WAAA,EACE,uKAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,WAAU,KAAM;AACvD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,SAAA,GAAY,MAAM,OAAA,CAAQ,QAAA,CAAS,OAAO,CAAA;AAChD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAGA,MAAA,MAAM,IAAA,GAAO,MAAM,OAAO,MAAW,CAAA;AACrC,MAAA,MAAM,YAAA,GAAe,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA;AACnD,MAAA,MAAM,WAAA,GAAc,KAAK,OAAA,CAAQ,OAAA,CAAQ,QAAQ,GAAA,CAAI,eAAA,IAAmB,OAAA,CAAQ,GAAA,EAAK,CAAA;AACrF,MAAA,IAAI,CAAC,aAAa,UAAA,CAAW,WAAA,GAAc,KAAK,OAAA,CAAQ,GAAG,CAAA,IAAK,YAAA,KAAiB,WAAA,EAAa;AAC5F,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS,mDAAmD,WAAW,CAAA;AAAA,SACxE,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,MAAA,GAAS,IAAI,gBAAA,EAAiB;AACpC,MAAA,MAAM,EAAE,sBAAA,EAAuB,GAAI,MAAM,OAAO,wBAAwB,CAAA;AAExE,MAAA,MAAM,EAAE,UAAU,IAAA,EAAK,GAAI,MAAM,sBAAA,CAAuB,MAAA,EAAQ,cAAc,SAAS,CAAA;AAGvF,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,EAAA,EAAI,aAAA;AAAA,QACJ,GAAG,QAAA;AAAA,QACH,IAAA;AAAA,QACA,MAAA,EAAQ;AAAA,OACT,CAAA;AAGD,MAAA,MAAM,aAAA,GAAgB,MAAM,UAAA,CAAW,gBAAA,CAAiB,aAAa,CAAA;AACrE,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,MAAM,WAAW,MAAA,CAAO;AAAA,UACtB,EAAA,EAAI,aAAA;AAAA,UACJ,iBAAiB,aAAA,CAAc;AAAA,SAChC,CAAA;AAAA,MACH;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yCAAyC,CAAA;AAAA,MACnF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,+BAA+B,CAAA;AAAA,IAC3D;AAAA,EACF;AACF,CAAC","file":"chunk-I34RGOPQ.js","sourcesContent":["import { LocalSkillSource } from '@mastra/core/workspace';\n\nimport { HTTPException } from '../http-exception';\nimport {\n  storedSkillIdPathParams,\n  listStoredSkillsQuerySchema,\n  createStoredSkillBodySchema,\n  updateStoredSkillBodySchema,\n  publishStoredSkillBodySchema,\n  listStoredSkillsResponseSchema,\n  getStoredSkillResponseSchema,\n  createStoredSkillResponseSchema,\n  updateStoredSkillResponseSchema,\n  deleteStoredSkillResponseSchema,\n  publishStoredSkillResponseSchema,\n} from '../schemas/stored-skills';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/**\n * GET /stored/skills - List all stored skills\n */\nexport const LIST_STORED_SKILLS_ROUTE = createRoute({\n  method: 'GET',\n  path: '/stored/skills',\n  responseType: 'json',\n  queryParamSchema: listStoredSkillsQuerySchema,\n  responseSchema: listStoredSkillsResponseSchema,\n  summary: 'List stored skills',\n  description: 'Returns a paginated list of all skill configurations stored in the database',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({ mastra, page, perPage, orderBy, authorId, metadata }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      const result = await skillStore.listResolved({\n        page,\n        perPage,\n        orderBy,\n        authorId,\n        metadata,\n      });\n\n      return result;\n    } catch (error) {\n      return handleError(error, 'Error listing stored skills');\n    }\n  },\n});\n\n/**\n * GET /stored/skills/:storedSkillId - Get a stored skill by ID\n */\nexport const GET_STORED_SKILL_ROUTE = createRoute({\n  method: 'GET',\n  path: '/stored/skills/:storedSkillId',\n  responseType: 'json',\n  pathParamSchema: storedSkillIdPathParams,\n  responseSchema: getStoredSkillResponseSchema,\n  summary: 'Get stored skill by ID',\n  description: 'Returns a specific skill from storage by its unique identifier (resolved with active version config)',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({ mastra, storedSkillId }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      const skill = await skillStore.getByIdResolved(storedSkillId);\n\n      if (!skill) {\n        throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n      }\n\n      return skill;\n    } catch (error) {\n      return handleError(error, 'Error getting stored skill');\n    }\n  },\n});\n\n/**\n * POST /stored/skills - Create a new stored skill\n */\nexport const CREATE_STORED_SKILL_ROUTE = createRoute({\n  method: 'POST',\n  path: '/stored/skills',\n  responseType: 'json',\n  bodySchema: createStoredSkillBodySchema,\n  responseSchema: createStoredSkillResponseSchema,\n  summary: 'Create stored skill',\n  description: 'Creates a new skill configuration in storage with the provided details',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({\n    mastra,\n    id: providedId,\n    authorId,\n    name,\n    description,\n    instructions,\n    license,\n    compatibility,\n    source,\n    references,\n    scripts,\n    assets,\n    metadata,\n  }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      // Derive ID from name if not explicitly provided\n      const id = providedId || toSlug(name);\n\n      if (!id) {\n        throw new HTTPException(400, {\n          message: 'Could not derive skill ID from name. Please provide an explicit id.',\n        });\n      }\n\n      // Check if skill with this ID already exists\n      const existing = await skillStore.getById(id);\n      if (existing) {\n        throw new HTTPException(409, { message: `Skill with id ${id} already exists` });\n      }\n\n      await skillStore.create({\n        skill: {\n          id,\n          authorId,\n          name,\n          description,\n          instructions,\n          license,\n          compatibility,\n          source,\n          references,\n          scripts,\n          assets,\n          metadata,\n        },\n      });\n\n      // Return the resolved skill (thin record + version config)\n      const resolved = await skillStore.getByIdResolved(id);\n      if (!resolved) {\n        throw new HTTPException(500, { message: 'Failed to resolve created skill' });\n      }\n\n      return resolved;\n    } catch (error) {\n      return handleError(error, 'Error creating stored skill');\n    }\n  },\n});\n\n/**\n * PATCH /stored/skills/:storedSkillId - Update a stored skill\n */\nexport const UPDATE_STORED_SKILL_ROUTE = createRoute({\n  method: 'PATCH',\n  path: '/stored/skills/:storedSkillId',\n  responseType: 'json',\n  pathParamSchema: storedSkillIdPathParams,\n  bodySchema: updateStoredSkillBodySchema,\n  responseSchema: updateStoredSkillResponseSchema,\n  summary: 'Update stored skill',\n  description: 'Updates an existing skill in storage with the provided fields',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({\n    mastra,\n    storedSkillId,\n    // Entity-level fields\n    authorId,\n    // Config fields (snapshot-level)\n    name,\n    description,\n    instructions,\n    license,\n    compatibility,\n    source,\n    references,\n    scripts,\n    assets,\n    metadata,\n  }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      // Check if skill exists\n      const existing = await skillStore.getById(storedSkillId);\n      if (!existing) {\n        throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n      }\n\n      // Update the skill with both entity-level and config-level fields\n      // The storage layer handles separating these into record updates vs new-version creation\n      await skillStore.update({\n        id: storedSkillId,\n        authorId,\n        name,\n        description,\n        instructions,\n        license,\n        compatibility,\n        source,\n        references,\n        scripts,\n        assets,\n        metadata,\n      });\n\n      // Return the resolved skill with the updated config\n      const resolved = await skillStore.getByIdResolved(storedSkillId);\n      if (!resolved) {\n        throw new HTTPException(500, { message: 'Failed to resolve updated skill' });\n      }\n\n      return resolved;\n    } catch (error) {\n      return handleError(error, 'Error updating stored skill');\n    }\n  },\n});\n\n/**\n * DELETE /stored/skills/:storedSkillId - Delete a stored skill\n */\nexport const DELETE_STORED_SKILL_ROUTE = createRoute({\n  method: 'DELETE',\n  path: '/stored/skills/:storedSkillId',\n  responseType: 'json',\n  pathParamSchema: storedSkillIdPathParams,\n  responseSchema: deleteStoredSkillResponseSchema,\n  summary: 'Delete stored skill',\n  description: 'Deletes a skill from storage by its unique identifier',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({ mastra, storedSkillId }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      // Check if skill exists\n      const existing = await skillStore.getById(storedSkillId);\n      if (!existing) {\n        throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n      }\n\n      await skillStore.delete(storedSkillId);\n\n      return {\n        success: true,\n        message: `Skill ${storedSkillId} deleted successfully`,\n      };\n    } catch (error) {\n      return handleError(error, 'Error deleting stored skill');\n    }\n  },\n});\n\n/**\n * POST /stored/skills/:storedSkillId/publish - Publish a skill from filesystem\n * Walks the skill directory, hashes files into blob store, creates a new version\n * with the tree manifest, and sets activeVersionId.\n */\nexport const PUBLISH_STORED_SKILL_ROUTE = createRoute({\n  method: 'POST',\n  path: '/stored/skills/:storedSkillId/publish',\n  responseType: 'json',\n  pathParamSchema: storedSkillIdPathParams,\n  bodySchema: publishStoredSkillBodySchema,\n  responseSchema: publishStoredSkillResponseSchema,\n  summary: 'Publish stored skill',\n  description:\n    'Snapshots the skill directory from the filesystem into content-addressable blob storage, creates a new version with a tree manifest, and marks the skill as published',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({ mastra, storedSkillId, skillPath }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      const blobStore = await storage.getStore('blobs');\n      if (!blobStore) {\n        throw new HTTPException(500, { message: 'Blob storage domain is not available' });\n      }\n\n      // Verify skill exists\n      const existing = await skillStore.getById(storedSkillId);\n      if (!existing) {\n        throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n      }\n\n      // Validate skillPath to prevent path traversal\n      const path = await import('node:path');\n      const resolvedPath = path.default.resolve(skillPath);\n      const allowedBase = path.default.resolve(process.env.SKILLS_BASE_DIR || process.cwd());\n      if (!resolvedPath.startsWith(allowedBase + path.default.sep) && resolvedPath !== allowedBase) {\n        throw new HTTPException(400, {\n          message: `skillPath must be within the allowed directory: ${allowedBase}`,\n        });\n      }\n\n      // Use LocalSkillSource to read from the server filesystem\n      const source = new LocalSkillSource();\n      const { publishSkillFromSource } = await import('@mastra/core/workspace');\n\n      const { snapshot, tree } = await publishSkillFromSource(source, resolvedPath, blobStore);\n\n      // Update the skill with new version data + tree\n      await skillStore.update({\n        id: storedSkillId,\n        ...snapshot,\n        tree,\n        status: 'published',\n      });\n\n      // Point activeVersionId to the newly created version\n      const latestVersion = await skillStore.getLatestVersion(storedSkillId);\n      if (latestVersion) {\n        await skillStore.update({\n          id: storedSkillId,\n          activeVersionId: latestVersion.id,\n        });\n      }\n\n      const resolved = await skillStore.getByIdResolved(storedSkillId);\n      if (!resolved) {\n        throw new HTTPException(500, { message: 'Failed to resolve skill after publish' });\n      }\n\n      return resolved;\n    } catch (error) {\n      return handleError(error, 'Error publishing stored skill');\n    }\n  },\n});\n"]}
+{"version":3,"sources":["../src/server/handlers/stored-skills.ts"],"names":[],"mappings":";;;;;;;AA4BO,IAAM,2BAA2B,WAAA,CAAY;AAAA,EAClD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkB,2BAAA;AAAA,EAClB,cAAA,EAAgB,8BAAA;AAAA,EAChB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,6EAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,MAAM,OAAA,EAAS,OAAA,EAAS,QAAA,EAAU,QAAA,EAAS,KAAM;AACzE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,YAAA,CAAa;AAAA,QAC3C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,yBAAyB,WAAA,CAAY;AAAA,EAChD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,uBAAA;AAAA,EACjB,cAAA,EAAgB,4BAAA;AAAA,EAChB,OAAA,EAAS,wBAAA;AAAA,EACT,WAAA,EAAa,sGAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,KAAA,GAAQ,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAE5D,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4B,WAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,cAAA,EAAgB,+BAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,wEAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,EAAA,EAAI,UAAA;AAAA,IACJ,QAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,OAAA;AAAA,IACA,aAAA;AAAA,IACA,MAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAc,MAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,EAAE,CAAA;AAC5C,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,cAAA,EAAiB,EAAE,mBAAmB,CAAA;AAAA,MAChF;AAEA,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,KAAA,EAAO;AAAA,UACL,EAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA,YAAA;AAAA,UACA,OAAA;AAAA,UACA,aAAA;AAAA,UACA,MAAA;AAAA,UACA,UAAA;AAAA,UACA,OAAA;AAAA,UACA,MAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAGD,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,EAAE,CAAA;AACpD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4B,WAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,uBAAA;AAAA,EACjB,UAAA,EAAY,2BAAA;AAAA,EACZ,cAAA,EAAgB,+BAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,aAAA;AAAA;AAAA,IAEA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,OAAA;AAAA,IACA,aAAA;AAAA,IACA,MAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAIA,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,EAAA,EAAI,aAAA;AAAA,QACJ,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,OAAA;AAAA,QACA,aAAA;AAAA,QACA,MAAA;AAAA,QACA,UAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA;AAAA,OACD,CAAA;AAGD,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4B,WAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,uBAAA;AAAA,EACjB,cAAA,EAAgB,+BAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,uDAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,MAAM,UAAA,CAAW,OAAO,aAAa,CAAA;AAErC,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,OAAA,EAAS,SAAS,aAAa,CAAA,qBAAA;AAAA,OACjC;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAOM,IAAM,6BAA6B,WAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,uCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,uBAAA;AAAA,EACjB,UAAA,EAAY,4BAAA;AAAA,EACZ,cAAA,EAAgB,gCAAA;AAAA,EAChB,OAAA,EAAS,sBAAA;AAAA,EACT,WAAA,EACE,uKAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,WAAU,KAAM;AACvD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,SAAA,GAAY,MAAM,OAAA,CAAQ,QAAA,CAAS,OAAO,CAAA;AAChD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAGA,MAAA,MAAM,IAAA,GAAO,MAAM,OAAO,MAAW,CAAA;AACrC,MAAA,MAAM,YAAA,GAAe,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA;AACnD,MAAA,MAAM,WAAA,GAAc,KAAK,OAAA,CAAQ,OAAA,CAAQ,QAAQ,GAAA,CAAI,eAAA,IAAmB,OAAA,CAAQ,GAAA,EAAK,CAAA;AACrF,MAAA,IAAI,CAAC,aAAa,UAAA,CAAW,WAAA,GAAc,KAAK,OAAA,CAAQ,GAAG,CAAA,IAAK,YAAA,KAAiB,WAAA,EAAa;AAC5F,QAAA,MAAM,IAAI,cAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS,mDAAmD,WAAW,CAAA;AAAA,SACxE,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,MAAA,GAAS,IAAI,gBAAA,EAAiB;AACpC,MAAA,MAAM,EAAE,sBAAA,EAAuB,GAAI,MAAM,OAAO,wBAAwB,CAAA;AAExE,MAAA,MAAM,EAAE,UAAU,IAAA,EAAK,GAAI,MAAM,sBAAA,CAAuB,MAAA,EAAQ,cAAc,SAAS,CAAA;AAGvF,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,EAAA,EAAI,aAAA;AAAA,QACJ,GAAG,QAAA;AAAA,QACH,IAAA;AAAA,QACA,MAAA,EAAQ;AAAA,OACT,CAAA;AAGD,MAAA,MAAM,aAAA,GAAgB,MAAM,UAAA,CAAW,gBAAA,CAAiB,aAAa,CAAA;AACrE,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,MAAM,WAAW,MAAA,CAAO;AAAA,UACtB,EAAA,EAAI,aAAA;AAAA,UACJ,iBAAiB,aAAA,CAAc;AAAA,SAChC,CAAA;AAAA,MACH;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yCAAyC,CAAA;AAAA,MACnF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,+BAA+B,CAAA;AAAA,IAC3D;AAAA,EACF;AACF,CAAC","file":"chunk-MF6GSHTO.js","sourcesContent":["import { LocalSkillSource } from '@mastra/core/workspace';\n\nimport { HTTPException } from '../http-exception';\nimport {\n  storedSkillIdPathParams,\n  listStoredSkillsQuerySchema,\n  createStoredSkillBodySchema,\n  updateStoredSkillBodySchema,\n  publishStoredSkillBodySchema,\n  listStoredSkillsResponseSchema,\n  getStoredSkillResponseSchema,\n  createStoredSkillResponseSchema,\n  updateStoredSkillResponseSchema,\n  deleteStoredSkillResponseSchema,\n  publishStoredSkillResponseSchema,\n} from '../schemas/stored-skills';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/**\n * GET /stored/skills - List all stored skills\n */\nexport const LIST_STORED_SKILLS_ROUTE = createRoute({\n  method: 'GET',\n  path: '/stored/skills',\n  responseType: 'json',\n  queryParamSchema: listStoredSkillsQuerySchema,\n  responseSchema: listStoredSkillsResponseSchema,\n  summary: 'List stored skills',\n  description: 'Returns a paginated list of all skill configurations stored in the database',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({ mastra, page, perPage, orderBy, authorId, metadata }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      const result = await skillStore.listResolved({\n        page,\n        perPage,\n        orderBy,\n        authorId,\n        metadata,\n      });\n\n      return result;\n    } catch (error) {\n      return handleError(error, 'Error listing stored skills');\n    }\n  },\n});\n\n/**\n * GET /stored/skills/:storedSkillId - Get a stored skill by ID\n */\nexport const GET_STORED_SKILL_ROUTE = createRoute({\n  method: 'GET',\n  path: '/stored/skills/:storedSkillId',\n  responseType: 'json',\n  pathParamSchema: storedSkillIdPathParams,\n  responseSchema: getStoredSkillResponseSchema,\n  summary: 'Get stored skill by ID',\n  description: 'Returns a specific skill from storage by its unique identifier (resolved with active version config)',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({ mastra, storedSkillId }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      const skill = await skillStore.getByIdResolved(storedSkillId);\n\n      if (!skill) {\n        throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n      }\n\n      return skill;\n    } catch (error) {\n      return handleError(error, 'Error getting stored skill');\n    }\n  },\n});\n\n/**\n * POST /stored/skills - Create a new stored skill\n */\nexport const CREATE_STORED_SKILL_ROUTE = createRoute({\n  method: 'POST',\n  path: '/stored/skills',\n  responseType: 'json',\n  bodySchema: createStoredSkillBodySchema,\n  responseSchema: createStoredSkillResponseSchema,\n  summary: 'Create stored skill',\n  description: 'Creates a new skill configuration in storage with the provided details',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({\n    mastra,\n    id: providedId,\n    authorId,\n    name,\n    description,\n    instructions,\n    license,\n    compatibility,\n    source,\n    references,\n    scripts,\n    assets,\n    metadata,\n  }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      // Derive ID from name if not explicitly provided\n      const id = providedId || toSlug(name);\n\n      if (!id) {\n        throw new HTTPException(400, {\n          message: 'Could not derive skill ID from name. Please provide an explicit id.',\n        });\n      }\n\n      // Check if skill with this ID already exists\n      const existing = await skillStore.getById(id);\n      if (existing) {\n        throw new HTTPException(409, { message: `Skill with id ${id} already exists` });\n      }\n\n      await skillStore.create({\n        skill: {\n          id,\n          authorId,\n          name,\n          description,\n          instructions,\n          license,\n          compatibility,\n          source,\n          references,\n          scripts,\n          assets,\n          metadata,\n        },\n      });\n\n      // Return the resolved skill (thin record + version config)\n      const resolved = await skillStore.getByIdResolved(id);\n      if (!resolved) {\n        throw new HTTPException(500, { message: 'Failed to resolve created skill' });\n      }\n\n      return resolved;\n    } catch (error) {\n      return handleError(error, 'Error creating stored skill');\n    }\n  },\n});\n\n/**\n * PATCH /stored/skills/:storedSkillId - Update a stored skill\n */\nexport const UPDATE_STORED_SKILL_ROUTE = createRoute({\n  method: 'PATCH',\n  path: '/stored/skills/:storedSkillId',\n  responseType: 'json',\n  pathParamSchema: storedSkillIdPathParams,\n  bodySchema: updateStoredSkillBodySchema,\n  responseSchema: updateStoredSkillResponseSchema,\n  summary: 'Update stored skill',\n  description: 'Updates an existing skill in storage with the provided fields',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({\n    mastra,\n    storedSkillId,\n    // Entity-level fields\n    authorId,\n    // Config fields (snapshot-level)\n    name,\n    description,\n    instructions,\n    license,\n    compatibility,\n    source,\n    references,\n    scripts,\n    assets,\n    metadata,\n  }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      // Check if skill exists\n      const existing = await skillStore.getById(storedSkillId);\n      if (!existing) {\n        throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n      }\n\n      // Update the skill with both entity-level and config-level fields\n      // The storage layer handles separating these into record updates vs new-version creation\n      await skillStore.update({\n        id: storedSkillId,\n        authorId,\n        name,\n        description,\n        instructions,\n        license,\n        compatibility,\n        source,\n        references,\n        scripts,\n        assets,\n        metadata,\n      });\n\n      // Return the resolved skill with the updated config\n      const resolved = await skillStore.getByIdResolved(storedSkillId);\n      if (!resolved) {\n        throw new HTTPException(500, { message: 'Failed to resolve updated skill' });\n      }\n\n      return resolved;\n    } catch (error) {\n      return handleError(error, 'Error updating stored skill');\n    }\n  },\n});\n\n/**\n * DELETE /stored/skills/:storedSkillId - Delete a stored skill\n */\nexport const DELETE_STORED_SKILL_ROUTE = createRoute({\n  method: 'DELETE',\n  path: '/stored/skills/:storedSkillId',\n  responseType: 'json',\n  pathParamSchema: storedSkillIdPathParams,\n  responseSchema: deleteStoredSkillResponseSchema,\n  summary: 'Delete stored skill',\n  description: 'Deletes a skill from storage by its unique identifier',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({ mastra, storedSkillId }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      // Check if skill exists\n      const existing = await skillStore.getById(storedSkillId);\n      if (!existing) {\n        throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n      }\n\n      await skillStore.delete(storedSkillId);\n\n      return {\n        success: true,\n        message: `Skill ${storedSkillId} deleted successfully`,\n      };\n    } catch (error) {\n      return handleError(error, 'Error deleting stored skill');\n    }\n  },\n});\n\n/**\n * POST /stored/skills/:storedSkillId/publish - Publish a skill from filesystem\n * Walks the skill directory, hashes files into blob store, creates a new version\n * with the tree manifest, and sets activeVersionId.\n */\nexport const PUBLISH_STORED_SKILL_ROUTE = createRoute({\n  method: 'POST',\n  path: '/stored/skills/:storedSkillId/publish',\n  responseType: 'json',\n  pathParamSchema: storedSkillIdPathParams,\n  bodySchema: publishStoredSkillBodySchema,\n  responseSchema: publishStoredSkillResponseSchema,\n  summary: 'Publish stored skill',\n  description:\n    'Snapshots the skill directory from the filesystem into content-addressable blob storage, creates a new version with a tree manifest, and marks the skill as published',\n  tags: ['Stored Skills'],\n  requiresAuth: true,\n  handler: async ({ mastra, storedSkillId, skillPath }) => {\n    try {\n      const storage = mastra.getStorage();\n\n      if (!storage) {\n        throw new HTTPException(500, { message: 'Storage is not configured' });\n      }\n\n      const skillStore = await storage.getStore('skills');\n      if (!skillStore) {\n        throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n      }\n\n      const blobStore = await storage.getStore('blobs');\n      if (!blobStore) {\n        throw new HTTPException(500, { message: 'Blob storage domain is not available' });\n      }\n\n      // Verify skill exists\n      const existing = await skillStore.getById(storedSkillId);\n      if (!existing) {\n        throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n      }\n\n      // Validate skillPath to prevent path traversal\n      const path = await import('node:path');\n      const resolvedPath = path.default.resolve(skillPath);\n      const allowedBase = path.default.resolve(process.env.SKILLS_BASE_DIR || process.cwd());\n      if (!resolvedPath.startsWith(allowedBase + path.default.sep) && resolvedPath !== allowedBase) {\n        throw new HTTPException(400, {\n          message: `skillPath must be within the allowed directory: ${allowedBase}`,\n        });\n      }\n\n      // Use LocalSkillSource to read from the server filesystem\n      const source = new LocalSkillSource();\n      const { publishSkillFromSource } = await import('@mastra/core/workspace');\n\n      const { snapshot, tree } = await publishSkillFromSource(source, resolvedPath, blobStore);\n\n      // Update the skill with new version data + tree\n      await skillStore.update({\n        id: storedSkillId,\n        ...snapshot,\n        tree,\n        status: 'published',\n      });\n\n      // Point activeVersionId to the newly created version\n      const latestVersion = await skillStore.getLatestVersion(storedSkillId);\n      if (latestVersion) {\n        await skillStore.update({\n          id: storedSkillId,\n          activeVersionId: latestVersion.id,\n        });\n      }\n\n      const resolved = await skillStore.getByIdResolved(storedSkillId);\n      if (!resolved) {\n        throw new HTTPException(500, { message: 'Failed to resolve skill after publish' });\n      }\n\n      return resolved;\n    } catch (error) {\n      return handleError(error, 'Error publishing stored skill');\n    }\n  },\n});\n"]}

package/dist/{chunk-GXSML4LI.js → chunk-MLEUYQFZ.js}

@@ -1,6 +1,6 @@
 import { capabilitiesResponseSchema, currentUserResponseSchema, ssoLoginQuerySchema, ssoCallbackQuerySchema, refreshResponseSchema, credentialsSignInBodySchema, credentialsSignUpBodySchema } from './chunk-EPCOAEFM.js';
 import { supportsSessionRefresh } from './chunk-IYEGDP3G.js';
-import { createPublicRoute } from './chunk-KDUX3YN3.js';
+import { createPublicRoute } from './chunk-GDACR4PY.js';
 import { handleError } from './chunk-P23KBWKB.js';
 import { HTTPException } from './chunk-6QWQZI4Q.js';
 
@@ -466,5 +466,5 @@ var AUTH_ROUTES = [
 ];
 
 export { AUTH_ROUTES, GET_AUTH_CAPABILITIES_ROUTE, GET_CURRENT_USER_ROUTE, GET_SSO_CALLBACK_ROUTE, GET_SSO_LOGIN_ROUTE, POST_CREDENTIALS_SIGN_IN_ROUTE, POST_CREDENTIALS_SIGN_UP_ROUTE, POST_LOGOUT_ROUTE, POST_REFRESH_ROUTE, getPublicOrigin };
-//# sourceMappingURL=chunk-GXSML4LI.js.map
-//# sourceMappingURL=chunk-GXSML4LI.js.map
+//# sourceMappingURL=chunk-MLEUYQFZ.js.map
+//# sourceMappingURL=chunk-MLEUYQFZ.js.map

package/dist/{chunk-GXSML4LI.js.map → chunk-MLEUYQFZ.js.map}

@@ -1 +1 @@
-{"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["mastra"],"mappings":";;;;;;;AAuCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAoBO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AAEA,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACrF,IAAA,MAAM,KAAA,GAAQ,cAAA,IAAkB,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,EAAE,CAAA;AAC7E,IAAA,OAAO,CAAA,EAAG,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,eAAe,MAAA,EAA+C;AACrE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,GAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,YAAY,MAAA,IAAU,IAAA;AAChE;AAMO,IAAM,8BAA8B,iBAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,0BAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,GAAA,GAAM,eAAe,MAAM,CAAA;AAEjC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,OAAA,EAAS,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,WAAA,EAAa,CAAA;AAIjG,MAAA,IAAI,EAAE,MAAA,IAAU,YAAA,CAAA,IAAiB,sBAAA,CAAuB,IAAI,CAAA,EAAG;AAC7D,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AAC5D,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AAC5D,YAAA,IAAI,gBAAA,EAAkB;AACpB,cAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,iBAAA,CAAkB,gBAAgB,CAAA;AACpE,cAAA,MAAM,WAAA,GAAc,yBAAyB,cAAc,CAAA;AAC3D,cAAA,IAAI,WAAA,EAAa;AAEf,gBAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK;AAAA,kBAChD,QAAQ,OAAA,CAAQ,MAAA;AAAA,kBAChB,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO;AAAA,iBACrC,CAAA;AACD,gBAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,WAAW,CAAA;AAClD,gBAAA,MAAM,qBAAA,GAAwB,MAAM,iBAAA,CAAkB,IAAA,EAAM,gBAAA,EAAkB;AAAA,kBAC5E,IAAA;AAAA,kBACA,SAAA,EAAW;AAAA,iBACZ,CAAA;AAGD,gBAAA,IAAI,UAAU,qBAAA,EAAuB;AACnC,kBAAC,sBAA8B,gBAAA,GAAmB,cAAA;AAAA,gBACpD;AACA,gBAAA,OAAO,qBAAA;AAAA,cACT;AAAA,YACF;AAAA,UACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKD,SAAS,yBAAyB,OAAA,EAAgD;AAChF,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,YAAY,CAAA,IAAK,QAAQ,YAAY,CAAA;AAC/D,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,UAAU,CAAA;AACxC,EAAA,OAAO,KAAA,GAAS,KAAA,CAAM,CAAC,CAAA,IAAK,IAAA,GAAQ,IAAA;AACtC;AAMO,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,yBAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsB,iBAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,mBAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,sBAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoB,iBAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqB,iBAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgB,qBAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,OAAO,WAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,MAAMA,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-GXSML4LI.js","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n  IUserProvider,\n  ISessionProvider,\n  ISSOProvider,\n  ICredentialsProvider,\n  SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, IFGAProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { supportsSessionRefresh } from '../auth/helpers';\nimport { HTTPException } from '../http-exception';\nimport {\n  capabilitiesResponseSchema,\n  ssoLoginQuerySchema,\n  ssoCallbackQuerySchema,\n  currentUserResponseSchema,\n  credentialsSignInBodySchema,\n  credentialsSignUpBodySchema,\n  refreshResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (\n  auth: any,\n  request: Request,\n  options?: { rbac?: any; fga?: any; apiPrefix?: string },\n) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n  if (!_buildCapabilitiesPromise) {\n    _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n      .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n      .catch(() => {\n        console.error(\n          '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n        );\n        return undefined;\n      });\n  }\n  return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n  const serverConfig = mastra.getServer?.();\n  if (!serverConfig?.auth) return null;\n\n  // Auth can be either MastraAuthConfig or MastraAuthProvider\n  // If it has authenticateToken method, it's a provider\n  if (typeof serverConfig.auth.authenticateToken === 'function') {\n    return serverConfig.auth as MastraAuthProvider;\n  }\n\n  return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname,\n * so we rely on forwarded headers to reconstruct the real public origin.\n *\n * Assumes the server is behind a trusted proxy (or running locally). When\n * exposed directly to untrusted clients, the Host header is attacker-controlled\n * and must be validated upstream.\n *\n * Priority:\n * 1. X-Forwarded-Host (traditional reverse proxy) → always HTTPS. Knative's\n *    queue-proxy overwrites X-Forwarded-Proto based on the internal HTTP\n *    connection, so X-Forwarded-Proto is ignored here.\n * 2. Host header with X-Forwarded-Proto (AWS ALB, some proxies) → respect proto.\n * 3. Host header alone → use the scheme from request.url (covers both direct\n *    HTTP access and proxies that preserve Host but don't set a proto header).\n * 4. No Host header → fall back to request.url.origin (local dev / direct access).\n */\nexport function getPublicOrigin(request: Request): string {\n  const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n  if (forwardedHost) {\n    return `https://${forwardedHost}`;\n  }\n\n  const host = request.headers.get('host');\n  if (host) {\n    const forwardedProto = request.headers.get('x-forwarded-proto')?.split(',')[0]?.trim();\n    const proto = forwardedProto || new URL(request.url).protocol.replace(':', '');\n    return `${proto}://${host}`;\n  }\n\n  return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n  const serverConfig = mastra.getServer?.();\n  return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Helper to get FGA provider from Mastra server config.\n */\nfunction getFGAProvider(mastra: any): IFGAProvider<EEUser> | undefined {\n  const serverConfig = mastra.getServer?.();\n  return serverConfig?.fga as IFGAProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n  return auth !== null && typeof auth === 'object' && method in auth;\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/capabilities',\n  responseType: 'json',\n  responseSchema: capabilitiesResponseSchema,\n  summary: 'Get auth capabilities',\n  description:\n    'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, request, routePrefix } = ctx as any;\n\n      const auth = getAuthProvider(mastra);\n\n      if (!auth) {\n        return { enabled: false, login: null };\n      }\n\n      const rbac = getRBACProvider(mastra);\n      const fga = getFGAProvider(mastra);\n\n      const buildCapabilities = await loadBuildCapabilities();\n      if (!buildCapabilities) {\n        return { enabled: false, login: null };\n      }\n      const capabilities = await buildCapabilities(auth, request, { rbac, fga, apiPrefix: routePrefix });\n\n      // If capabilities came back without a user, the session may have expired.\n      // Attempt a transparent refresh (same logic as coreAuthMiddleware) and retry.\n      if (!('user' in capabilities) && supportsSessionRefresh(auth)) {\n        try {\n          const sessionId = await auth.getSessionIdFromRequest(request);\n          if (sessionId) {\n            const refreshedSession = await auth.refreshSession(sessionId);\n            if (refreshedSession) {\n              const sessionHeaders = await auth.getSessionHeaders(refreshedSession);\n              const cookieValue = extractCookieFromHeaders(sessionHeaders);\n              if (cookieValue) {\n                // Rebuild capabilities with the refreshed cookie\n                const refreshedRequest = new Request(request.url, {\n                  method: request.method,\n                  headers: new Headers(request.headers),\n                });\n                refreshedRequest.headers.set('Cookie', cookieValue);\n                const refreshedCapabilities = await buildCapabilities(auth, refreshedRequest, {\n                  rbac,\n                  apiPrefix: routePrefix,\n                });\n\n                // Attach refresh headers so the adapter can set the new cookie\n                if ('user' in refreshedCapabilities) {\n                  (refreshedCapabilities as any).__refreshHeaders = sessionHeaders;\n                }\n                return refreshedCapabilities;\n              }\n            }\n          }\n        } catch {\n          // Refresh failed — return original unauthenticated capabilities\n        }\n      }\n\n      return capabilities;\n    } catch (error) {\n      return handleError(error, 'Error getting auth capabilities');\n    }\n  },\n});\n\n/**\n * Extract a full cookie string from session headers (e.g. Set-Cookie → Cookie).\n */\nfunction extractCookieFromHeaders(headers: Record<string, string>): string | null {\n  const setCookie = headers['Set-Cookie'] || headers['set-cookie'];\n  if (!setCookie) return null;\n  // Set-Cookie value is \"name=value; Path=/; ...\" — extract \"name=value\"\n  const match = setCookie.match(/^([^;]+)/);\n  return match ? (match[1] ?? null) : null;\n}\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/me',\n  responseType: 'json',\n  responseSchema: currentUserResponseSchema,\n  summary: 'Get current user',\n  description: 'Returns the currently authenticated user, or null if not authenticated.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, request } = ctx as any;\n      const auth = getAuthProvider(mastra);\n      const rbac = getRBACProvider(mastra);\n\n      if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n        return null;\n      }\n\n      const user = await auth.getCurrentUser(request);\n      if (!user) return null;\n\n      // Get roles/permissions from RBAC provider if available\n      let roles: string[] | undefined;\n      let permissions: string[] | undefined;\n\n      if (rbac) {\n        try {\n          roles = await rbac.getRoles(user);\n          permissions = await rbac.getPermissions(user);\n        } catch {\n          // RBAC not available or failed\n        }\n      }\n\n      return {\n        id: user.id,\n        email: user.email,\n        name: user.name,\n        avatarUrl: user.avatarUrl,\n        roles,\n        permissions,\n      };\n    } catch (error) {\n      return handleError(error, 'Error getting current user');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/sso/login',\n  responseType: 'datastream-response',\n  queryParamSchema: ssoLoginQuerySchema,\n  summary: 'Initiate SSO login',\n  description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n        throw new HTTPException(404, { message: 'SSO not configured' });\n      }\n\n      // Build OAuth callback URI using the configured route prefix\n      const origin = getPublicOrigin(request);\n      const raw = ((routePrefix as string) || '/api').trim();\n      const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n      const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n      const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n      // Encode the post-login redirect in state (where user goes after auth completes)\n      // State format: uuid|postLoginRedirect\n      // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n      // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n      // different port).\n      let postLoginRedirect = '/';\n      if (redirect_uri) {\n        if (!redirect_uri.startsWith('http')) {\n          // Relative path — always safe\n          postLoginRedirect = redirect_uri;\n        } else {\n          try {\n            const redirectUrl = new URL(redirect_uri);\n            const requestOrigin = new URL(origin);\n            const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n            const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n            const isLocalhost =\n              redirectUrl.hostname === 'localhost' ||\n              redirectUrl.hostname === '127.0.0.1' ||\n              redirectUrl.hostname === '[::1]';\n            if (isHttps && (isSameOrigin || isLocalhost)) {\n              postLoginRedirect = redirect_uri;\n            }\n          } catch {\n            // Malformed URL — fall back to /\n          }\n        }\n      }\n      const stateId = crypto.randomUUID();\n      const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n      const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n      // Build response with optional PKCE cookies\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n\n      // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n      if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n        const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n        if (cookies?.length) {\n          // PKCE cookies set for SSO state management\n          for (const cookie of cookies) {\n            headers.append('Set-Cookie', cookie);\n          }\n        }\n      }\n\n      return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n    } catch (error) {\n      return handleError(error, 'Error initiating SSO login');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/sso/callback',\n  responseType: 'datastream-response',\n  queryParamSchema: ssoCallbackQuerySchema,\n  summary: 'Handle SSO callback',\n  description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, code, state, request } = ctx as any;\n\n    // Build base URL for redirects (Response.redirect requires absolute URL)\n    const baseUrl = getPublicOrigin(request);\n\n    // Extract post-login redirect from state (format: uuid|encodedRedirect)\n    let redirectTo = '/';\n    let stateId = state || '';\n    if (state && state.includes('|')) {\n      const [id, encodedRedirect] = state.split('|', 2);\n      stateId = id;\n      try {\n        redirectTo = decodeURIComponent(encodedRedirect);\n      } catch {\n        redirectTo = '/';\n      }\n    }\n\n    // Build absolute redirect URL.\n    // The redirect_uri was validated at the login endpoint (same-origin or localhost\n    // only), so the state should only contain safe URLs. We still apply defense-in-depth\n    // checks here: allow http(s) same-origin or localhost, reject everything else.\n    let absoluteRedirect: string;\n    if (redirectTo.startsWith('http')) {\n      try {\n        const parsed = new URL(redirectTo);\n        const baseOrigin = new URL(baseUrl);\n        const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n        const isSameOrigin = parsed.origin === baseOrigin.origin;\n        const isLocalhost =\n          parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n        absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n      } catch {\n        absoluteRedirect = `${baseUrl}/`;\n      }\n    } else {\n      absoluteRedirect = `${baseUrl}${redirectTo}`;\n    }\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n        return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n      }\n\n      // Pass cookie header to provider for PKCE validation (if supported)\n      const reqCookieHeader = request.headers.get('cookie');\n      if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n        (auth as any).setCallbackCookieHeader(reqCookieHeader);\n      }\n\n      const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n      const user = result.user as EEUser;\n\n      // Build response headers (session cookies, etc.)\n      const headers = new Headers();\n      headers.set('Location', absoluteRedirect);\n\n      // Set session cookies from the SSO result\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n        // Fallback: Create session manually for providers without cookie support\n        const session = await auth.createSession(user.id, {\n          accessToken: result.tokens.accessToken,\n          refreshToken: result.tokens.refreshToken,\n          expiresAt: result.tokens.expiresAt,\n          organizationId: (user as any).organizationId,\n        });\n        const sessionHeaders = auth.getSessionHeaders(session);\n        for (const [key, value] of Object.entries(sessionHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(null, {\n        status: 302,\n        headers,\n      });\n    } catch (error) {\n      // Redirect with error (use absolute URL)\n      const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n      return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/logout',\n  responseType: 'datastream-response',\n  summary: 'Logout',\n  description: 'Destroys the current session and returns logout redirect URL if available.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth) {\n        return new Response(JSON.stringify({ success: true }), {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        });\n      }\n\n      // Get session ID and destroy it\n      if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n        const sessionId = auth.getSessionIdFromRequest(request);\n        if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n          await auth.destroySession(sessionId);\n        }\n      }\n\n      // Get logout URL if available\n      let redirectTo: string | undefined;\n      if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n        // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n        const origin = getPublicOrigin(request);\n        const logoutUrl = await auth.getLogoutUrl(origin, request);\n        redirectTo = logoutUrl ?? undefined;\n      }\n\n      // Build response with session clearing headers\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n\n      // Clear session cookie\n      if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n        const clearHeaders = auth.getClearSessionHeaders();\n        for (const [key, value] of Object.entries(clearHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(JSON.stringify({ success: true, redirectTo }), {\n        status: 200,\n        headers,\n      });\n    } catch (error) {\n      return handleError(error, 'Error logging out');\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/refresh',\n  responseType: 'datastream-response',\n  responseSchema: refreshResponseSchema,\n  summary: 'Refresh session',\n  description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (\n        !auth ||\n        !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n        !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n      ) {\n        throw new HTTPException(404, { message: 'Session refresh not configured' });\n      }\n\n      // Get session ID from request\n      const sessionId = auth.getSessionIdFromRequest(request);\n      if (!sessionId) {\n        throw new HTTPException(401, { message: 'No session' });\n      }\n\n      // Refresh the session\n      const newSession = await auth.refreshSession(sessionId);\n      if (!newSession) {\n        throw new HTTPException(401, { message: 'Session expired' });\n      }\n\n      // Build response with new session headers\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n      if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n        const sessionHeaders = auth.getSessionHeaders(newSession);\n        for (const [key, value] of Object.entries(sessionHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(JSON.stringify({ success: true }), {\n        status: 200,\n        headers,\n      });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      return handleError(error, 'Error refreshing session');\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/credentials/sign-in',\n  responseType: 'datastream-response',\n  bodySchema: credentialsSignInBodySchema,\n  summary: 'Sign in with credentials',\n  description: 'Authenticates a user with email and password.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request, email, password } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n        throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n      }\n\n      const result = await auth.signIn(email, password, request);\n      const user = result.user as EEUser;\n\n      const responseBody = JSON.stringify({\n        user: {\n          id: user.id,\n          email: user.email,\n          name: user.name,\n          avatarUrl: user.avatarUrl,\n        },\n        token: result.token,\n      });\n\n      // Build response headers, including cookies from the auth provider\n      const headers = new Headers({\n        'Content-Type': 'application/json',\n      });\n\n      // Forward session cookies from the auth provider\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      }\n\n      return new Response(responseBody, { status: 200, headers });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      // Return a generic error for auth failures to avoid leaking info\n      throw new HTTPException(401, { message: 'Invalid email or password' });\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/credentials/sign-up',\n  responseType: 'datastream-response',\n  bodySchema: credentialsSignUpBodySchema,\n  summary: 'Sign up with credentials',\n  description: 'Creates a new user account with email and password.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request, email, password, name } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n        throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n      }\n\n      const result = await auth.signUp(email, password, name, request);\n      const user = result.user as EEUser;\n\n      const responseBody = JSON.stringify({\n        user: {\n          id: user.id,\n          email: user.email,\n          name: user.name,\n          avatarUrl: user.avatarUrl,\n        },\n        token: result.token,\n      });\n\n      // Build response headers, including cookies from the auth provider\n      const headers = new Headers({\n        'Content-Type': 'application/json',\n      });\n\n      // Forward session cookies from the auth provider\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      }\n\n      return new Response(responseBody, { status: 200, headers });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      const mastra = (ctx as any).mastra;\n      mastra?.getLogger?.()?.error('Sign-up error', {\n        error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n      });\n      throw new HTTPException(400, { message: 'Failed to create account' });\n    }\n  },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n  GET_AUTH_CAPABILITIES_ROUTE,\n  GET_CURRENT_USER_ROUTE,\n  GET_SSO_LOGIN_ROUTE,\n  GET_SSO_CALLBACK_ROUTE,\n  POST_LOGOUT_ROUTE,\n  POST_REFRESH_ROUTE,\n  POST_CREDENTIALS_SIGN_IN_ROUTE,\n  POST_CREDENTIALS_SIGN_UP_ROUTE,\n] as const;\n"]}
+{"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["mastra"],"mappings":";;;;;;;AAuCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAoBO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AAEA,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACrF,IAAA,MAAM,KAAA,GAAQ,cAAA,IAAkB,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,EAAE,CAAA;AAC7E,IAAA,OAAO,CAAA,EAAG,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,eAAe,MAAA,EAA+C;AACrE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,GAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,IAAA,IAAQ,OAAO,IAAA,KAAS,YAAY,MAAA,IAAU,IAAA;AAChE;AAMO,IAAM,8BAA8B,iBAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,0BAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,GAAA,GAAM,eAAe,MAAM,CAAA;AAEjC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,OAAA,EAAS,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,WAAA,EAAa,CAAA;AAIjG,MAAA,IAAI,EAAE,MAAA,IAAU,YAAA,CAAA,IAAiB,sBAAA,CAAuB,IAAI,CAAA,EAAG;AAC7D,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AAC5D,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AAC5D,YAAA,IAAI,gBAAA,EAAkB;AACpB,cAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,iBAAA,CAAkB,gBAAgB,CAAA;AACpE,cAAA,MAAM,WAAA,GAAc,yBAAyB,cAAc,CAAA;AAC3D,cAAA,IAAI,WAAA,EAAa;AAEf,gBAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK;AAAA,kBAChD,QAAQ,OAAA,CAAQ,MAAA;AAAA,kBAChB,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO;AAAA,iBACrC,CAAA;AACD,gBAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,WAAW,CAAA;AAClD,gBAAA,MAAM,qBAAA,GAAwB,MAAM,iBAAA,CAAkB,IAAA,EAAM,gBAAA,EAAkB;AAAA,kBAC5E,IAAA;AAAA,kBACA,SAAA,EAAW;AAAA,iBACZ,CAAA;AAGD,gBAAA,IAAI,UAAU,qBAAA,EAAuB;AACnC,kBAAC,sBAA8B,gBAAA,GAAmB,cAAA;AAAA,gBACpD;AACA,gBAAA,OAAO,qBAAA;AAAA,cACT;AAAA,YACF;AAAA,UACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKD,SAAS,yBAAyB,OAAA,EAAgD;AAChF,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,YAAY,CAAA,IAAK,QAAQ,YAAY,CAAA;AAC/D,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,UAAU,CAAA;AACxC,EAAA,OAAO,KAAA,GAAS,KAAA,CAAM,CAAC,CAAA,IAAK,IAAA,GAAQ,IAAA;AACtC;AAMO,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,yBAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsB,iBAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,mBAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,sBAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoB,iBAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqB,iBAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgB,qBAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,OAAO,WAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,MAAMA,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-MLEUYQFZ.js","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n  IUserProvider,\n  ISessionProvider,\n  ISSOProvider,\n  ICredentialsProvider,\n  SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, IFGAProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { supportsSessionRefresh } from '../auth/helpers';\nimport { HTTPException } from '../http-exception';\nimport {\n  capabilitiesResponseSchema,\n  ssoLoginQuerySchema,\n  ssoCallbackQuerySchema,\n  currentUserResponseSchema,\n  credentialsSignInBodySchema,\n  credentialsSignUpBodySchema,\n  refreshResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (\n  auth: any,\n  request: Request,\n  options?: { rbac?: any; fga?: any; apiPrefix?: string },\n) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n  if (!_buildCapabilitiesPromise) {\n    _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n      .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n      .catch(() => {\n        console.error(\n          '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n        );\n        return undefined;\n      });\n  }\n  return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n  const serverConfig = mastra.getServer?.();\n  if (!serverConfig?.auth) return null;\n\n  // Auth can be either MastraAuthConfig or MastraAuthProvider\n  // If it has authenticateToken method, it's a provider\n  if (typeof serverConfig.auth.authenticateToken === 'function') {\n    return serverConfig.auth as MastraAuthProvider;\n  }\n\n  return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname,\n * so we rely on forwarded headers to reconstruct the real public origin.\n *\n * Assumes the server is behind a trusted proxy (or running locally). When\n * exposed directly to untrusted clients, the Host header is attacker-controlled\n * and must be validated upstream.\n *\n * Priority:\n * 1. X-Forwarded-Host (traditional reverse proxy) → always HTTPS. Knative's\n *    queue-proxy overwrites X-Forwarded-Proto based on the internal HTTP\n *    connection, so X-Forwarded-Proto is ignored here.\n * 2. Host header with X-Forwarded-Proto (AWS ALB, some proxies) → respect proto.\n * 3. Host header alone → use the scheme from request.url (covers both direct\n *    HTTP access and proxies that preserve Host but don't set a proto header).\n * 4. No Host header → fall back to request.url.origin (local dev / direct access).\n */\nexport function getPublicOrigin(request: Request): string {\n  const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n  if (forwardedHost) {\n    return `https://${forwardedHost}`;\n  }\n\n  const host = request.headers.get('host');\n  if (host) {\n    const forwardedProto = request.headers.get('x-forwarded-proto')?.split(',')[0]?.trim();\n    const proto = forwardedProto || new URL(request.url).protocol.replace(':', '');\n    return `${proto}://${host}`;\n  }\n\n  return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n  const serverConfig = mastra.getServer?.();\n  return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Helper to get FGA provider from Mastra server config.\n */\nfunction getFGAProvider(mastra: any): IFGAProvider<EEUser> | undefined {\n  const serverConfig = mastra.getServer?.();\n  return serverConfig?.fga as IFGAProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n  return auth !== null && typeof auth === 'object' && method in auth;\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/capabilities',\n  responseType: 'json',\n  responseSchema: capabilitiesResponseSchema,\n  summary: 'Get auth capabilities',\n  description:\n    'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, request, routePrefix } = ctx as any;\n\n      const auth = getAuthProvider(mastra);\n\n      if (!auth) {\n        return { enabled: false, login: null };\n      }\n\n      const rbac = getRBACProvider(mastra);\n      const fga = getFGAProvider(mastra);\n\n      const buildCapabilities = await loadBuildCapabilities();\n      if (!buildCapabilities) {\n        return { enabled: false, login: null };\n      }\n      const capabilities = await buildCapabilities(auth, request, { rbac, fga, apiPrefix: routePrefix });\n\n      // If capabilities came back without a user, the session may have expired.\n      // Attempt a transparent refresh (same logic as coreAuthMiddleware) and retry.\n      if (!('user' in capabilities) && supportsSessionRefresh(auth)) {\n        try {\n          const sessionId = await auth.getSessionIdFromRequest(request);\n          if (sessionId) {\n            const refreshedSession = await auth.refreshSession(sessionId);\n            if (refreshedSession) {\n              const sessionHeaders = await auth.getSessionHeaders(refreshedSession);\n              const cookieValue = extractCookieFromHeaders(sessionHeaders);\n              if (cookieValue) {\n                // Rebuild capabilities with the refreshed cookie\n                const refreshedRequest = new Request(request.url, {\n                  method: request.method,\n                  headers: new Headers(request.headers),\n                });\n                refreshedRequest.headers.set('Cookie', cookieValue);\n                const refreshedCapabilities = await buildCapabilities(auth, refreshedRequest, {\n                  rbac,\n                  apiPrefix: routePrefix,\n                });\n\n                // Attach refresh headers so the adapter can set the new cookie\n                if ('user' in refreshedCapabilities) {\n                  (refreshedCapabilities as any).__refreshHeaders = sessionHeaders;\n                }\n                return refreshedCapabilities;\n              }\n            }\n          }\n        } catch {\n          // Refresh failed — return original unauthenticated capabilities\n        }\n      }\n\n      return capabilities;\n    } catch (error) {\n      return handleError(error, 'Error getting auth capabilities');\n    }\n  },\n});\n\n/**\n * Extract a full cookie string from session headers (e.g. Set-Cookie → Cookie).\n */\nfunction extractCookieFromHeaders(headers: Record<string, string>): string | null {\n  const setCookie = headers['Set-Cookie'] || headers['set-cookie'];\n  if (!setCookie) return null;\n  // Set-Cookie value is \"name=value; Path=/; ...\" — extract \"name=value\"\n  const match = setCookie.match(/^([^;]+)/);\n  return match ? (match[1] ?? null) : null;\n}\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/me',\n  responseType: 'json',\n  responseSchema: currentUserResponseSchema,\n  summary: 'Get current user',\n  description: 'Returns the currently authenticated user, or null if not authenticated.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, request } = ctx as any;\n      const auth = getAuthProvider(mastra);\n      const rbac = getRBACProvider(mastra);\n\n      if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n        return null;\n      }\n\n      const user = await auth.getCurrentUser(request);\n      if (!user) return null;\n\n      // Get roles/permissions from RBAC provider if available\n      let roles: string[] | undefined;\n      let permissions: string[] | undefined;\n\n      if (rbac) {\n        try {\n          roles = await rbac.getRoles(user);\n          permissions = await rbac.getPermissions(user);\n        } catch {\n          // RBAC not available or failed\n        }\n      }\n\n      return {\n        id: user.id,\n        email: user.email,\n        name: user.name,\n        avatarUrl: user.avatarUrl,\n        roles,\n        permissions,\n      };\n    } catch (error) {\n      return handleError(error, 'Error getting current user');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/sso/login',\n  responseType: 'datastream-response',\n  queryParamSchema: ssoLoginQuerySchema,\n  summary: 'Initiate SSO login',\n  description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    try {\n      const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n        throw new HTTPException(404, { message: 'SSO not configured' });\n      }\n\n      // Build OAuth callback URI using the configured route prefix\n      const origin = getPublicOrigin(request);\n      const raw = ((routePrefix as string) || '/api').trim();\n      const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n      const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n      const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n      // Encode the post-login redirect in state (where user goes after auth completes)\n      // State format: uuid|postLoginRedirect\n      // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n      // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n      // different port).\n      let postLoginRedirect = '/';\n      if (redirect_uri) {\n        if (!redirect_uri.startsWith('http')) {\n          // Relative path — always safe\n          postLoginRedirect = redirect_uri;\n        } else {\n          try {\n            const redirectUrl = new URL(redirect_uri);\n            const requestOrigin = new URL(origin);\n            const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n            const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n            const isLocalhost =\n              redirectUrl.hostname === 'localhost' ||\n              redirectUrl.hostname === '127.0.0.1' ||\n              redirectUrl.hostname === '[::1]';\n            if (isHttps && (isSameOrigin || isLocalhost)) {\n              postLoginRedirect = redirect_uri;\n            }\n          } catch {\n            // Malformed URL — fall back to /\n          }\n        }\n      }\n      const stateId = crypto.randomUUID();\n      const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n      const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n      // Build response with optional PKCE cookies\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n\n      // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n      if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n        const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n        if (cookies?.length) {\n          // PKCE cookies set for SSO state management\n          for (const cookie of cookies) {\n            headers.append('Set-Cookie', cookie);\n          }\n        }\n      }\n\n      return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n    } catch (error) {\n      return handleError(error, 'Error initiating SSO login');\n    }\n  },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n  method: 'GET',\n  path: '/auth/sso/callback',\n  responseType: 'datastream-response',\n  queryParamSchema: ssoCallbackQuerySchema,\n  summary: 'Handle SSO callback',\n  description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, code, state, request } = ctx as any;\n\n    // Build base URL for redirects (Response.redirect requires absolute URL)\n    const baseUrl = getPublicOrigin(request);\n\n    // Extract post-login redirect from state (format: uuid|encodedRedirect)\n    let redirectTo = '/';\n    let stateId = state || '';\n    if (state && state.includes('|')) {\n      const [id, encodedRedirect] = state.split('|', 2);\n      stateId = id;\n      try {\n        redirectTo = decodeURIComponent(encodedRedirect);\n      } catch {\n        redirectTo = '/';\n      }\n    }\n\n    // Build absolute redirect URL.\n    // The redirect_uri was validated at the login endpoint (same-origin or localhost\n    // only), so the state should only contain safe URLs. We still apply defense-in-depth\n    // checks here: allow http(s) same-origin or localhost, reject everything else.\n    let absoluteRedirect: string;\n    if (redirectTo.startsWith('http')) {\n      try {\n        const parsed = new URL(redirectTo);\n        const baseOrigin = new URL(baseUrl);\n        const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n        const isSameOrigin = parsed.origin === baseOrigin.origin;\n        const isLocalhost =\n          parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n        absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n      } catch {\n        absoluteRedirect = `${baseUrl}/`;\n      }\n    } else {\n      absoluteRedirect = `${baseUrl}${redirectTo}`;\n    }\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n        return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n      }\n\n      // Pass cookie header to provider for PKCE validation (if supported)\n      const reqCookieHeader = request.headers.get('cookie');\n      if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n        (auth as any).setCallbackCookieHeader(reqCookieHeader);\n      }\n\n      const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n      const user = result.user as EEUser;\n\n      // Build response headers (session cookies, etc.)\n      const headers = new Headers();\n      headers.set('Location', absoluteRedirect);\n\n      // Set session cookies from the SSO result\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n        // Fallback: Create session manually for providers without cookie support\n        const session = await auth.createSession(user.id, {\n          accessToken: result.tokens.accessToken,\n          refreshToken: result.tokens.refreshToken,\n          expiresAt: result.tokens.expiresAt,\n          organizationId: (user as any).organizationId,\n        });\n        const sessionHeaders = auth.getSessionHeaders(session);\n        for (const [key, value] of Object.entries(sessionHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(null, {\n        status: 302,\n        headers,\n      });\n    } catch (error) {\n      // Redirect with error (use absolute URL)\n      const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n      return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/logout',\n  responseType: 'datastream-response',\n  summary: 'Logout',\n  description: 'Destroys the current session and returns logout redirect URL if available.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth) {\n        return new Response(JSON.stringify({ success: true }), {\n          status: 200,\n          headers: { 'Content-Type': 'application/json' },\n        });\n      }\n\n      // Get session ID and destroy it\n      if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n        const sessionId = auth.getSessionIdFromRequest(request);\n        if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n          await auth.destroySession(sessionId);\n        }\n      }\n\n      // Get logout URL if available\n      let redirectTo: string | undefined;\n      if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n        // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n        const origin = getPublicOrigin(request);\n        const logoutUrl = await auth.getLogoutUrl(origin, request);\n        redirectTo = logoutUrl ?? undefined;\n      }\n\n      // Build response with session clearing headers\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n\n      // Clear session cookie\n      if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n        const clearHeaders = auth.getClearSessionHeaders();\n        for (const [key, value] of Object.entries(clearHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(JSON.stringify({ success: true, redirectTo }), {\n        status: 200,\n        headers,\n      });\n    } catch (error) {\n      return handleError(error, 'Error logging out');\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/refresh',\n  responseType: 'datastream-response',\n  responseSchema: refreshResponseSchema,\n  summary: 'Refresh session',\n  description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (\n        !auth ||\n        !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n        !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n      ) {\n        throw new HTTPException(404, { message: 'Session refresh not configured' });\n      }\n\n      // Get session ID from request\n      const sessionId = auth.getSessionIdFromRequest(request);\n      if (!sessionId) {\n        throw new HTTPException(401, { message: 'No session' });\n      }\n\n      // Refresh the session\n      const newSession = await auth.refreshSession(sessionId);\n      if (!newSession) {\n        throw new HTTPException(401, { message: 'Session expired' });\n      }\n\n      // Build response with new session headers\n      const headers = new Headers({ 'Content-Type': 'application/json' });\n      if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n        const sessionHeaders = auth.getSessionHeaders(newSession);\n        for (const [key, value] of Object.entries(sessionHeaders)) {\n          headers.append(key, value);\n        }\n      }\n\n      return new Response(JSON.stringify({ success: true }), {\n        status: 200,\n        headers,\n      });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      return handleError(error, 'Error refreshing session');\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/credentials/sign-in',\n  responseType: 'datastream-response',\n  bodySchema: credentialsSignInBodySchema,\n  summary: 'Sign in with credentials',\n  description: 'Authenticates a user with email and password.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request, email, password } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n        throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n      }\n\n      const result = await auth.signIn(email, password, request);\n      const user = result.user as EEUser;\n\n      const responseBody = JSON.stringify({\n        user: {\n          id: user.id,\n          email: user.email,\n          name: user.name,\n          avatarUrl: user.avatarUrl,\n        },\n        token: result.token,\n      });\n\n      // Build response headers, including cookies from the auth provider\n      const headers = new Headers({\n        'Content-Type': 'application/json',\n      });\n\n      // Forward session cookies from the auth provider\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      }\n\n      return new Response(responseBody, { status: 200, headers });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      // Return a generic error for auth failures to avoid leaking info\n      throw new HTTPException(401, { message: 'Invalid email or password' });\n    }\n  },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n  method: 'POST',\n  path: '/auth/credentials/sign-up',\n  responseType: 'datastream-response',\n  bodySchema: credentialsSignUpBodySchema,\n  summary: 'Sign up with credentials',\n  description: 'Creates a new user account with email and password.',\n  tags: ['Auth'],\n  handler: async ctx => {\n    const { mastra, request, email, password, name } = ctx as any;\n\n    try {\n      const auth = getAuthProvider(mastra);\n\n      if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n        throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n      }\n\n      const result = await auth.signUp(email, password, name, request);\n      const user = result.user as EEUser;\n\n      const responseBody = JSON.stringify({\n        user: {\n          id: user.id,\n          email: user.email,\n          name: user.name,\n          avatarUrl: user.avatarUrl,\n        },\n        token: result.token,\n      });\n\n      // Build response headers, including cookies from the auth provider\n      const headers = new Headers({\n        'Content-Type': 'application/json',\n      });\n\n      // Forward session cookies from the auth provider\n      if (result.cookies?.length) {\n        for (const cookie of result.cookies) {\n          headers.append('Set-Cookie', cookie);\n        }\n      }\n\n      return new Response(responseBody, { status: 200, headers });\n    } catch (error) {\n      if (error instanceof HTTPException) throw error;\n      const mastra = (ctx as any).mastra;\n      mastra?.getLogger?.()?.error('Sign-up error', {\n        error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n      });\n      throw new HTTPException(400, { message: 'Failed to create account' });\n    }\n  },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n  GET_AUTH_CAPABILITIES_ROUTE,\n  GET_CURRENT_USER_ROUTE,\n  GET_SSO_LOGIN_ROUTE,\n  GET_SSO_CALLBACK_ROUTE,\n  POST_LOGOUT_ROUTE,\n  POST_REFRESH_ROUTE,\n  POST_CREDENTIALS_SIGN_IN_ROUTE,\n  POST_CREDENTIALS_SIGN_UP_ROUTE,\n] as const;\n"]}

package/dist/{chunk-YF6DVWNN.cjs → chunk-MOH4DZJP.cjs}

@@ -1,12 +1,12 @@
 'use strict';
 
-var chunkSAOJYYFE_cjs = require('./chunk-SAOJYYFE.cjs');
+var chunk42WZN6MM_cjs = require('./chunk-42WZN6MM.cjs');
 var chunkOJ72T77G_cjs = require('./chunk-OJ72T77G.cjs');
 var chunkPJYQMPXT_cjs = require('./chunk-PJYQMPXT.cjs');
-var chunkWZKXMP2U_cjs = require('./chunk-WZKXMP2U.cjs');
+var chunk767P6IDT_cjs = require('./chunk-767P6IDT.cjs');
 var chunk64YJOWH2_cjs = require('./chunk-64YJOWH2.cjs');
 var chunkL4M23OMB_cjs = require('./chunk-L4M23OMB.cjs');
-var chunk7LAFXMXB_cjs = require('./chunk-7LAFXMXB.cjs');
+var chunk7756JXUH_cjs = require('./chunk-7756JXUH.cjs');
 var chunkB34S64RC_cjs = require('./chunk-B34S64RC.cjs');
 var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
 var chunkO7I5CWRX_cjs = require('./chunk-O7I5CWRX.cjs');
@@ -170,7 +170,7 @@ async function resolveResponseAgent({
   if (!mastra) {
     throw new chunk64ITUOXI_cjs.HTTPException(500, { message: "Mastra instance is required for agent-backed responses" });
   }
-  return chunkWZKXMP2U_cjs.getAgentFromSystem({ mastra, agentId });
+  return chunk767P6IDT_cjs.getAgentFromSystem({ mastra, agentId });
 }
 async function resolveAgentMemoryStore({
   agent,
@@ -386,9 +386,52 @@ async function prepareCreateResponseRequest({
   requestContext
 }) {
   const executionInput = chunkOJ72T77G_cjs.mapResponseInputToExecutionMessages(body.input);
-  const agent = await resolveResponseAgent({
+  let previousResponseTurnRecord = null;
+  let resolvedAgent = null;
+  if (body.previous_response_id) {
+    if (body.agent_id) {
+      resolvedAgent = await resolveResponseAgent({ mastra, agentId: body.agent_id });
+      previousResponseTurnRecord = await chunkPJYQMPXT_cjs.findResponseTurnRecord({
+        agent: resolvedAgent,
+        responseId: body.previous_response_id,
+        requestContext
+      });
+      if (!previousResponseTurnRecord) {
+        const owningResponseTurnRecord = await chunkPJYQMPXT_cjs.findResponseTurnRecordAcrossAgents({
+          mastra,
+          responseId: body.previous_response_id,
+          requestContext
+        });
+        if (owningResponseTurnRecord) {
+          if (owningResponseTurnRecord.metadata.agentId === body.agent_id) {
+            previousResponseTurnRecord = owningResponseTurnRecord;
+          } else {
+            throw new chunk64ITUOXI_cjs.HTTPException(400, {
+              message: `Stored response ${body.previous_response_id} belongs to agent ${owningResponseTurnRecord.metadata.agentId}, not ${body.agent_id}`
+            });
+          }
+        }
+        if (!previousResponseTurnRecord) {
+          throw new chunk64ITUOXI_cjs.HTTPException(404, { message: `Stored response ${body.previous_response_id} was not found` });
+        }
+      }
+    } else {
+      if (!mastra) {
+        throw new chunk64ITUOXI_cjs.HTTPException(500, { message: "Mastra instance is required for agent-backed responses" });
+      }
+      previousResponseTurnRecord = await chunkPJYQMPXT_cjs.findResponseTurnRecordAcrossAgents({
+        mastra,
+        responseId: body.previous_response_id,
+        requestContext
+      });
+      if (!previousResponseTurnRecord) {
+        throw new chunk64ITUOXI_cjs.HTTPException(404, { message: `Stored response ${body.previous_response_id} was not found` });
+      }
+    }
+  }
+  const agent = resolvedAgent ?? await resolveResponseAgent({
     mastra,
-    agentId: body.agent_id
+    agentId: body.agent_id ?? previousResponseTurnRecord?.metadata.agentId
   });
   const resolvedModel = await agent.getModel({
     requestContext,
@@ -413,10 +456,6 @@ async function prepareCreateResponseRequest({
     requestContext,
     errorMessage: body.previous_response_id ? "previous_response_id requires the target agent to have memory storage configured" : shouldStore ? "Stored responses require the target agent to have memory storage configured" : "conversation_id requires the target agent to have memory storage configured"
   }) : null;
-  const previousResponseTurnRecord = body.previous_response_id ? await chunkPJYQMPXT_cjs.findResponseTurnRecord({ agent, responseId: body.previous_response_id, requestContext }) : null;
-  if (body.previous_response_id && !previousResponseTurnRecord) {
-    throw new chunk64ITUOXI_cjs.HTTPException(404, { message: `Stored response ${body.previous_response_id} was not found` });
-  }
   const configuredTools = chunkOJ72T77G_cjs.mapMastraToolsToResponseTools(
     await Promise.resolve(agent.listTools({ requestContext }))
   );
@@ -595,12 +634,12 @@ function createResponseEventStream({
     }
   });
 }
-var CREATE_RESPONSE_ROUTE = chunk7LAFXMXB_cjs.createRoute({
+var CREATE_RESPONSE_ROUTE = chunk7756JXUH_cjs.createRoute({
   method: "POST",
   path: "/v1/responses",
   responseType: "datastream-response",
-  bodySchema: chunkSAOJYYFE_cjs.createResponseBodySchema,
-  responseSchema: chunkSAOJYYFE_cjs.responseObjectSchema,
+  bodySchema: chunk42WZN6MM_cjs.createResponseBodySchema,
+  responseSchema: chunk42WZN6MM_cjs.responseObjectSchema,
   summary: "Create a response",
   description: "Creates a response through a Mastra-hosted Responses API-compatible route",
   tags: ["Responses"],
@@ -690,12 +729,12 @@ var CREATE_RESPONSE_ROUTE = chunk7LAFXMXB_cjs.createRoute({
     }
   }
 });
-var GET_RESPONSE_ROUTE = chunk7LAFXMXB_cjs.createRoute({
+var GET_RESPONSE_ROUTE = chunk7756JXUH_cjs.createRoute({
   method: "GET",
   path: "/v1/responses/:responseId",
   responseType: "json",
-  pathParamSchema: chunkSAOJYYFE_cjs.responseIdPathParams,
-  responseSchema: chunkSAOJYYFE_cjs.responseObjectSchema,
+  pathParamSchema: chunk42WZN6MM_cjs.responseIdPathParams,
+  responseSchema: chunk42WZN6MM_cjs.responseObjectSchema,
   summary: "Retrieve a stored response",
   description: "Returns a previously stored response object",
   tags: ["Responses"],
@@ -713,12 +752,12 @@ var GET_RESPONSE_ROUTE = chunk7LAFXMXB_cjs.createRoute({
     }
   }
 });
-var DELETE_RESPONSE_ROUTE = chunk7LAFXMXB_cjs.createRoute({
+var DELETE_RESPONSE_ROUTE = chunk7756JXUH_cjs.createRoute({
   method: "DELETE",
   path: "/v1/responses/:responseId",
   responseType: "json",
-  pathParamSchema: chunkSAOJYYFE_cjs.responseIdPathParams,
-  responseSchema: chunkSAOJYYFE_cjs.deleteResponseSchema,
+  pathParamSchema: chunk42WZN6MM_cjs.responseIdPathParams,
+  responseSchema: chunk42WZN6MM_cjs.deleteResponseSchema,
   summary: "Delete a stored response",
   description: "Deletes a stored response so it can no longer be retrieved or chained",
   tags: ["Responses"],
@@ -747,5 +786,5 @@ exports.CREATE_RESPONSE_ROUTE = CREATE_RESPONSE_ROUTE;
 exports.DELETE_RESPONSE_ROUTE = DELETE_RESPONSE_ROUTE;
 exports.GET_RESPONSE_ROUTE = GET_RESPONSE_ROUTE;
 exports.responses_exports = responses_exports;
-//# sourceMappingURL=chunk-YF6DVWNN.cjs.map
-//# sourceMappingURL=chunk-YF6DVWNN.cjs.map
+//# sourceMappingURL=chunk-MOH4DZJP.cjs.map
+//# sourceMappingURL=chunk-MOH4DZJP.cjs.map

package/dist/chunk-MOH4DZJP.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/server/handlers/responses.ts"],"names":["__export","HTTPException","getEffectiveThreadId","getEffectiveResourceId","existingThread","enforceThreadAccess","threadId","randomUUID","createdThread","getAgentFromSystem","getAgentMemoryStore","toResponseStatus","toResponseUsage","persistResponseTurnRecord","resolveResponseTurnMessagesForStorage","buildCompletedResponse","mapResponseInputToExecutionMessages","findResponseTurnRecord","findResponseTurnRecordAcrossAgents","mapMastraToolsToResponseTools","createMessageId","buildInProgressResponse","formatSseEvent","createOutputTextPart","extractTextDelta","createRoute","createResponseBodySchema","responseObjectSchema","MastraFGAPermissions","handleError","responseIdPathParams","mapResponseTurnRecordToResponse","deleteResponseSchema","deleteResponseTurnRecord"],"mappings":";;;;;;;;;;;;;;;AAAA,IAAA,iBAAA,GAAA;AAAAA,0BAAA,CAAA,iBAAA,EAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,qBAAA,EAAA,MAAA,qBAAA;AAAA,EAAA,kBAAA,EAAA,MAAA;AAAA,CAAA,CAAA;AAiHA,IAAM,2BAAA,GAA8B;AAAA,EAClC,IAAA,EAAM,QAAA;AAAA,EACN,oBAAA,EAAsB;AACxB,CAAA;AAEA,SAAS,YAAA,CAAa,IAAA,EAAsB,MAAA,GAAiB,GAAA,EAAe;AAC1E,EAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA,EAAG;AAAA,IACxC,MAAA;AAAA,IACA,OAAA,EAAS;AAAA,MACP,cAAA,EAAgB;AAAA;AAClB,GACD,CAAA;AACH;AAEA,SAAS,uBAAuB,IAAA,EAAkC;AAChE,EAAA,IAAI,CAAC,IAAA,EAAM;AACT,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,QAAQ,IAAA,CAAK,OAAO,IAAA;AAAM,IACxB,KAAK,aAAA;AACH,MAAA,OAAO;AAAA,QACL,MAAA,EAAQ,2BAAA;AAAA,QACR,mBAAA,EAAqB;AAAA,OACvB;AAAA,IACF,KAAK,aAAA;AACH,MAAA,OAAO;AAAA,QACL,MAAA,EAAQ,KAAK,MAAA,CAAO;AAAA,OACtB;AAAA,IACF;AACE,MAAA,OAAO,MAAA;AAAA;AAEb;AAEA,SAAS,4BAAA,CAA6B,UAA0B,UAAA,EAAoB;AAClF,EAAA,OACE,SAAS,MAAA,CAAO,IAAA;AAAA,IACd,CAAC,IAAA,KACC,IAAA,CAAK,IAAA,KAAS,SAAA,IAAa,KAAK,EAAA,KAAO;AAAA,GAC3C,IACA,SAAS,MAAA,CAAO,IAAA;AAAA,IACd,CAAC,IAAA,KAAiF,IAAA,CAAK,IAAA,KAAS;AAAA,GAClG,IACA,IAAA;AAEJ;AASA,eAAe,6BAAA,CAA8B;AAAA,EAC3C,KAAA;AAAA,EACA,KAAA;AAAA,EACA,cAAA;AAAA,EACA,0BAAA;AAAA,EACA;AACF,CAAA,EAM2C;AACzC,EAAA,IAAI,cAAA,IAAkB,0BAAA,IAA8B,0BAAA,CAA2B,MAAA,CAAO,OAAO,cAAA,EAAgB;AAC3G,IAAA,MAAM,IAAIC,gCAAc,GAAA,EAAK;AAAA,MAC3B,OAAA,EACE;AAAA,KACH,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,0BAAA,EAA4B;AAC9B,IAAA,OAAO;AAAA,MACL,QAAA,EAAU,2BAA2B,MAAA,CAAO,EAAA;AAAA,MAC5C,UAAA,EAAY,2BAA2B,MAAA,CAAO;AAAA,KAChD;AAAA,EACF;AAEA,EAAA,MAAM,iBAAA,GAAoBC,sCAAA,CAAqB,cAAA,EAAgB,MAAS,CAAA;AACxE,EAAA,MAAM,mBAAA,GAAsBC,wCAAA,CAAuB,cAAA,EAAgB,MAAS,CAAA;AAE5E,EAAA,IAAI,CAAC,KAAA,IAAS,CAAC,cAAA,IAAkB,CAAC,iBAAA,EAAmB;AACnD,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,SAAS,MAAM,KAAA,CAAM,SAAA,CAAU,EAAE,gBAAgB,CAAA;AACvD,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,IAAIF,gCAAc,GAAA,EAAK;AAAA,QAC3B,OAAA,EAAS;AAAA,OACV,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,MAAMG,kBAAiB,MAAM,MAAA,CAAO,cAAc,EAAE,QAAA,EAAU,gBAAgB,CAAA;AAC9E,IAAA,IAAI,CAACA,eAAAA,EAAgB;AACnB,MAAA,MAAM,IAAIH,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,aAAA,EAAgB,cAAc,kBAAkB,CAAA;AAAA,IAC1F;AAEA,IAAA,MAAMI,qCAAA,CAAoB;AAAA,MACxB,MAAA,EAAQ,MAAM,iBAAA,EAAkB;AAAA,MAChC,cAAA;AAAA,MACA,QAAA,EAAU,cAAA;AAAA,MACV,MAAA,EAAQD,eAAAA;AAAA,MACR;AAAA,KACD,CAAA;AACD,IAAA,OAAO;AAAA,MACL,UAAUA,eAAAA,CAAe,EAAA;AAAA,MACzB,UAAA,EAAY,uBAAuBA,eAAAA,CAAe;AAAA,KACpD;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAME,YAAWC,iBAAA,EAAW;AAC5B,IAAA,MAAMC,cAAAA,GAAgB,MAAM,MAAA,CAAO,YAAA,CAAa;AAAA,MAC9C,QAAA,EAAAF,SAAAA;AAAA,MACA,YAAY,mBAAA,IAAuBA;AAAA,KACpC,CAAA;AAED,IAAA,OAAO;AAAA,MACL,UAAUE,cAAAA,CAAc,EAAA;AAAA,MACxB,YAAYA,cAAAA,CAAc;AAAA,KAC5B;AAAA,EACF;AAEA,EAAA,MAAM,QAAA,GAAW,iBAAA;AACjB,EAAA,MAAM,iBAAiB,MAAM,MAAA,CAAO,aAAA,CAAc,EAAE,UAAU,CAAA;AAC9D,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,MAAMH,qCAAA,CAAoB;AAAA,MACxB,MAAA,EAAQ,MAAM,iBAAA,EAAkB;AAAA,MAChC,cAAA;AAAA,MACA,QAAA;AAAA,MACA,MAAA,EAAQ,cAAA;AAAA,MACR;AAAA,KACD,CAAA;AACD,IAAA,OAAO;AAAA,MACL,UAAU,cAAA,CAAe,EAAA;AAAA,MACzB,UAAA,EAAY,uBAAuB,cAAA,CAAe;AAAA,KACpD;AAAA,EACF;AAEA,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,aAAa,mBAAA,IAAuB,QAAA;AAC1C,EAAA,MAAM,aAAA,GAAgB,MAAM,MAAA,CAAO,YAAA,CAAa;AAAA,IAC9C,QAAA;AAAA,IACA;AAAA,GACD,CAAA;AAED,EAAA,OAAO;AAAA,IACL,UAAU,aAAA,CAAc,EAAA;AAAA,IACxB,YAAY,aAAA,CAAc;AAAA,GAC5B;AACF;AAEA,SAAS,sBAAsB,aAAA,EAA8C;AAC3E,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,OAAO;AAAA,IACL,MAAA,EAAQ;AAAA,MACN,QAAQ,aAAA,CAAc,QAAA;AAAA,MACtB,UAAU,aAAA,CAAc;AAAA;AAC1B,GACF;AACF;AAKA,eAAe,oBAAA,CAAqB;AAAA,EAClC,MAAA;AAAA,EACA;AACF,CAAA,EAGuC;AACrC,EAAA,IAAI,CAAC,OAAA,EAAS;AACZ,IAAA,MAAM,IAAIJ,gCAAc,GAAA,EAAK;AAAA,MAC3B,OAAA,EAAS;AAAA,KACV,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0DAA0D,CAAA;AAAA,EACpG;AAEA,EAAA,OAAOQ,oCAAA,CAAmB,EAAE,MAAA,EAAQ,OAAA,EAAS,CAAA;AAC/C;AAEA,eAAe,uBAAA,CAAwB;AAAA,EACrC,KAAA;AAAA,EACA,cAAA;AAAA,EACA;AACF,CAAA,EAI2B;AACzB,EAAA,MAAM,mBAAmB,MAAMC,qCAAA,CAAoB,EAAE,KAAA,EAAO,gBAAgB,CAAA;AAC5E,EAAA,IAAI,CAAC,gBAAA,EAAkB;AACrB,IAAA,MAAM,IAAIT,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,EACxD;AAEA,EAAA,OAAO,gBAAA;AACT;AAKA,eAAe,eAAA,CAAgB;AAAA,EAC7B,KAAA;AAAA,EACA,aAAA;AAAA,EACA,aAAA;AAAA,EACA,YAAA;AAAA,EACA,IAAA;AAAA,EACA,eAAA;AAAA,EACA,KAAA;AAAA,EACA,cAAA;AAAA,EACA,WAAA;AAAA,EACA;AACF,CAAA,EAWG;AACD,EAAA,MAAM,eAAA,GAAkB,sBAAsB,aAAa,CAAA;AAC3D,EAAA,MAAM,gBAAA,GAAmB,uBAAuB,IAAI,CAAA;AACpD,EAAA,MAAM,cAAc,aAAA,GAAgB,EAAE,KAAA,EAAO,aAAA,KAAkB,EAAC;AAChE,EAAA,MAAM,aAAA,GAAgB;AAAA,IACpB,YAAA;AAAA,IACA,cAAA;AAAA,IACA,WAAA;AAAA,IACA,GAAG,WAAA;AAAA,IACH,gBAAA;AAAA,IACA,eAAA;AAAA,IACA,GAAI,mBAAmB;AAAC,GAC1B;AAEA,EAAA,IAAI,aAAA,CAAc,yBAAyB,IAAA,EAAM;AAC/C,IAAA,IAAI,aAAA,EAAe;AACjB,MAAA,OAAQ,MAAM,KAAA,CAAM,cAAA,CAAe,KAAA,EAAO;AAAA,QACxC,YAAA;AAAA,QACA,cAAA;AAAA,QACA,WAAA;AAAA,QACA,GAAG,WAAA;AAAA,QACH,QAAQ,gBAAA,EAAkB,MAAA;AAAA,QAC1B,eAAA;AAAA,QACA,YAAY,aAAA,CAAc,UAAA;AAAA,QAC1B,UAAU,aAAA,CAAc;AAAA,OAChB,CAAA;AAAA,IACZ;AAEA,IAAA,OAAQ,MAAM,KAAA,CAAM,cAAA,CAAe,KAAA,EAAO;AAAA,MACxC,YAAA;AAAA,MACA,cAAA;AAAA,MACA,WAAA;AAAA,MACA,GAAG,WAAA;AAAA,MACH,QAAQ,gBAAA,EAAkB,MAAA;AAAA,MAC1B;AAAA,KACQ,CAAA;AAAA,EACZ;AAEA,EAAA,OAAQ,MAAM,KAAA,CAAM,QAAA,CAAS,KAAA,EAAO,aAAsB,CAAA;AAC5D;AAKA,eAAe,aAAA,CAAc;AAAA,EAC3B,KAAA;AAAA,EACA,aAAA;AAAA,EACA,aAAA;AAAA,EACA,YAAA;AAAA,EACA,IAAA;AAAA,EACA,eAAA;AAAA,EACA,KAAA;AAAA,EACA,cAAA;AAAA,EACA,WAAA;AAAA,EACA;AACF,CAAA,EAWG;AACD,EAAA,MAAM,eAAA,GAAkB,sBAAsB,aAAa,CAAA;AAC3D,EAAA,MAAM,gBAAA,GAAmB,uBAAuB,IAAI,CAAA;AACpD,EAAA,MAAM,cAAc,aAAA,GAAgB,EAAE,KAAA,EAAO,aAAA,KAAkB,EAAC;AAChE,EAAA,MAAM,aAAA,GAAgB;AAAA,IACpB,YAAA;AAAA,IACA,cAAA;AAAA,IACA,WAAA;AAAA,IACA,GAAG,WAAA;AAAA,IACH,gBAAA;AAAA,IACA,eAAA;AAAA,IACA,GAAI,mBAAmB;AAAC,GAC1B;AAEA,EAAA,IAAI,aAAA,CAAc,yBAAyB,IAAA,EAAM;AAC/C,IAAA,IAAI,aAAA,EAAe;AACjB,MAAA,OAAQ,MAAM,KAAA,CAAM,YAAA,CAAa,KAAA,EAAO;AAAA,QACtC,YAAA;AAAA,QACA,cAAA;AAAA,QACA,WAAA;AAAA,QACA,GAAG,WAAA;AAAA,QACH,QAAQ,gBAAA,EAAkB,MAAA;AAAA,QAC1B,eAAA;AAAA,QACA,YAAY,aAAA,CAAc,UAAA;AAAA,QAC1B,UAAU,aAAA,CAAc;AAAA,OAChB,CAAA;AAAA,IACZ;AAEA,IAAA,OAAQ,MAAM,KAAA,CAAM,YAAA,CAAa,KAAA,EAAO;AAAA,MACtC,YAAA;AAAA,MACA,cAAA;AAAA,MACA,WAAA;AAAA,MACA,GAAG,WAAA;AAAA,MACH,QAAQ,gBAAA,EAAkB,MAAA;AAAA,MAC1B;AAAA,KACQ,CAAA;AAAA,EACZ;AAEA,EAAA,OAAQ,MAAM,KAAA,CAAM,MAAA,CAAO,KAAA,EAAO,aAAsB,CAAA;AAC1D;AAEA,eAAe,aAAa,MAAA,EAA4E;AACtG,EAAA,OAAQ,OAAO,MAAA,CAAO,UAAA,IAAc,MAAA,CAAO,KAAA,IAAS,IAAA,CAAA;AACtD;AAEA,eAAe,wBACb,MAAA,EAC+B;AAC/B,EAAA,OAAQ,OAAO,OAAO,gBAAA,IAAoB,MAAA,CAAA;AAC5C;AAEA,eAAe,oBACb,MAAA,EAC6B;AAC7B,EAAA,OAAQ,MAAM,OAAO,YAAA,IAAiB,MAAA;AACxC;AAEA,eAAe,YAAY,MAAA,EAAyE;AAClG,EAAA,OAAQ,MAAM,OAAO,IAAA,IAAS,EAAA;AAChC;AAKA,eAAe,6BAAA,CACb,QACA,YAAA,EACiC;AACjC,EAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,MAAM,CAAA;AAEvC,EAAA,OAAO;AAAA,IACL,aAAa,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAAA,IACzC,MAAA,EAAQU,kCAAA,CAAiB,MAAM,mBAAA,CAAoB,MAAM,CAAC,CAAA;AAAA,IAC1D,IAAA,EAAO,MAAM,WAAA,CAAY,MAAM,CAAA,IAAM,YAAA;AAAA,IACrC,KAAA;AAAA,IACA,YAAA,EAAcC,kCAAgB,KAAK,CAAA;AAAA,IACnC,eAAA,EAAiB,MAAM,uBAAA,CAAwB,MAAM;AAAA,GACvD;AACF;AAKA,eAAe,sBAAA,CAAuB;AAAA,EACpC,gBAAA;AAAA,EACA,QAAA;AAAA,EACA,aAAA;AAAA,EACA,UAAA;AAAA,EACA,QAAA;AAAA,EACA,cAAA;AAAA,EACA;AACF,CAAA,EAQkB;AAChB,EAAA,IAAI,CAAC,QAAA,IAAY,CAAC,aAAA,EAAe;AAC/B,IAAA;AAAA,EACF;AAEA,EAAA,MAAMC,2CAAA,CAA0B;AAAA,IAC9B,WAAA,EAAa,gBAAA;AAAA,IACb,UAAA;AAAA,IACA,QAAA,EAAU;AAAA,MACR,GAAG,QAAA;AAAA,MACH,aAAa,cAAA,CAAe,WAAA;AAAA,MAC5B,QAAQ,cAAA,CAAe,MAAA;AAAA,MACvB,OAAO,cAAA,CAAe,YAAA;AAAA,MACtB,iBAAiB,cAAA,CAAe,eAAA;AAAA,MAChC,YAAY;AAAC,KACf;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACD,CAAA;AACH;AAKA,eAAe,gBAAA,CAAiB;AAAA,EAC9B,gBAAA;AAAA,EACA,QAAA;AAAA,EACA,aAAA;AAAA,EACA,MAAA;AAAA,EACA,UAAA;AAAA,EACA,SAAA;AAAA,EACA,KAAA;AAAA,EACA,YAAA;AAAA,EACA,kBAAA;AAAA,EACA,cAAA;AAAA,EACA,eAAA;AAAA,EACA,gBAAA;AAAA,EACA;AACF,CAAA,EAiB+B;AAC7B,EAAA,MAAM,cAAA,GAAiB,MAAM,6BAAA,CAA8B,MAAA,EAAQ,YAAY,CAAA;AAC/E,EAAA,MAAM,gBAAA,GAAmB,MAAMC,uDAAA,CAAsC;AAAA,IACnE,MAAA;AAAA,IACA,UAAA;AAAA,IACA,MAAM,cAAA,CAAe,IAAA;AAAA,IACrB;AAAA,GACD,CAAA;AACD,EAAA,MAAM,WAAWC,wCAAA,CAAuB;AAAA,IACtC,UAAA;AAAA,IACA,eAAA,EAAiB,UAAA;AAAA,IACjB,KAAA;AAAA,IACA,SAAA;AAAA,IACA,aAAa,cAAA,CAAe,WAAA;AAAA,IAC5B,QAAQ,cAAA,CAAe,MAAA;AAAA,IACvB,MAAM,cAAA,CAAe,IAAA;AAAA,IACrB,OAAO,cAAA,CAAe,KAAA;AAAA,IACtB,YAAA;AAAA,IACA,YAAY,gBAAA,CAAiB,IAAA;AAAA,IAC7B,kBAAA;AAAA,IACA,cAAA;AAAA,IACA,iBAAiB,cAAA,CAAe,eAAA;AAAA,IAChC,KAAA,EAAO,eAAA;AAAA,IACP,QAAA,EAAU,gBAAA;AAAA,IACV,KAAA,EAAO;AAAA,GACR,CAAA;AAED,EAAA,MAAM,sBAAA,CAAuB;AAAA,IAC3B,gBAAA;AAAA,IACA,QAAA;AAAA,IACA,aAAA;AAAA,IACA,UAAA;AAAA,IACA,QAAA,EAAU,gBAAA;AAAA,IACV,cAAA;AAAA,IACA,QAAA,EAAU;AAAA,GACX,CAAA;AAED,EAAA,OAAO,EAAE,cAAA,EAAgB,QAAA,EAAU,gBAAA,EAAiB;AACtD;AAOA,eAAe,4BAAA,CAA6B;AAAA,EAC1C,IAAA;AAAA,EACA,MAAA;AAAA,EACA;AACF,CAAA,EAI2C;AACzC,EAAA,MAAM,cAAA,GAAiBC,qDAAA,CAAoC,IAAA,CAAK,KAAK,CAAA;AACrE,EAAA,IAAI,0BAAA,GAAwD,IAAA;AAC5D,EAAA,IAAI,aAAA,GAAkD,IAAA;AAEtD,EAAA,IAAI,KAAK,oBAAA,EAAsB;AAC7B,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,aAAA,GAAgB,MAAM,oBAAA,CAAqB,EAAE,QAAQ,OAAA,EAAS,IAAA,CAAK,UAAU,CAAA;AAC7E,MAAA,0BAAA,GAA6B,MAAMC,wCAAA,CAAuB;AAAA,QACxD,KAAA,EAAO,aAAA;AAAA,QACP,YAAY,IAAA,CAAK,oBAAA;AAAA,QACjB;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,0BAAA,EAA4B;AAC/B,QAAA,MAAM,wBAAA,GAA2B,MAAMC,oDAAA,CAAmC;AAAA,UACxE,MAAA;AAAA,UACA,YAAY,IAAA,CAAK,oBAAA;AAAA,UACjB;AAAA,SACD,CAAA;AAED,QAAA,IAAI,wBAAA,EAA0B;AAC5B,UAAA,IAAI,wBAAA,CAAyB,QAAA,CAAS,OAAA,KAAY,IAAA,CAAK,QAAA,EAAU;AAC/D,YAAA,0BAAA,GAA6B,wBAAA;AAAA,UAC/B,CAAA,MAAO;AACL,YAAA,MAAM,IAAIjB,gCAAc,GAAA,EAAK;AAAA,cAC3B,OAAA,EAAS,CAAA,gBAAA,EAAmB,IAAA,CAAK,oBAAoB,CAAA,kBAAA,EAAqB,yBAAyB,QAAA,CAAS,OAAO,CAAA,MAAA,EAAS,IAAA,CAAK,QAAQ,CAAA;AAAA,aAC1I,CAAA;AAAA,UACH;AAAA,QACF;AAEA,QAAA,IAAI,CAAC,0BAAA,EAA4B;AAC/B,UAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,gBAAA,EAAmB,IAAA,CAAK,oBAAoB,CAAA,cAAA,CAAA,EAAkB,CAAA;AAAA,QACxG;AAAA,MACF;AAAA,IACF,CAAA,MAAO;AACL,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0DAA0D,CAAA;AAAA,MACpG;AAEA,MAAA,0BAAA,GAA6B,MAAMiB,oDAAA,CAAmC;AAAA,QACpE,MAAA;AAAA,QACA,YAAY,IAAA,CAAK,oBAAA;AAAA,QACjB;AAAA,OACD,CAAA;AAED,MAAA,IAAI,CAAC,0BAAA,EAA4B;AAC/B,QAAA,MAAM,IAAIjB,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,gBAAA,EAAmB,IAAA,CAAK,oBAAoB,CAAA,cAAA,CAAA,EAAkB,CAAA;AAAA,MACxG;AAAA,IACF;AAAA,EACF;AAEA,EAAA,MAAM,KAAA,GACJ,aAAA,IACC,MAAM,oBAAA,CAAqB;AAAA,IAC1B,MAAA;AAAA,IACA,OAAA,EAAS,IAAA,CAAK,QAAA,IAAY,0BAAA,EAA4B,QAAA,CAAS;AAAA,GAChE,CAAA;AACH,EAAA,MAAM,aAAA,GAAgB,MAAM,KAAA,CAAM,QAAA,CAAS;AAAA,IACzC,cAAA;AAAA,IACA,aAAa,IAAA,CAAK;AAAA,GACnB,CAAA;AACD,EAAA,MAAM,aAAA,GACJ,IAAA,CAAK,KAAA,IAAA,CACJ,MAAM;AACL,IAAA,IAAI,aAAA,CAAc,QAAA,IAAY,aAAA,CAAc,OAAA,EAAS;AACnD,MAAA,MAAM,gBAAA,GAAmB,aAAA,CAAc,QAAA,CAAS,QAAA,CAAS,GAAG,CAAA,GACxD,aAAA,CAAc,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,IACnC,aAAA,CAAc,QAAA;AAClB,MAAA,OAAO,CAAA,EAAG,gBAAgB,CAAA,CAAA,EAAI,aAAA,CAAc,OAAO,CAAA,CAAA;AAAA,IACrD;AAEA,IAAA,IAAI,cAAc,OAAA,EAAS;AACzB,MAAA,OAAO,aAAA,CAAc,OAAA;AAAA,IACvB;AAEA,IAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK;AAAA,MAC3B,OAAA,EAAS;AAAA,KACV,CAAA;AAAA,EACH,CAAA,GAAG;AACL,EAAA,MAAM,WAAA,GAAc,KAAK,KAAA,IAAS,KAAA;AAClC,EAAA,MAAM,gBAAA,GAAmB,eAAe,OAAA,CAAQ,IAAA,CAAK,eAAe,CAAA,IAAK,OAAA,CAAQ,KAAK,oBAAoB,CAAA;AAC1G,EAAA,MAAM,gBAAA,GAAmB,gBAAA,GACrB,MAAM,uBAAA,CAAwB;AAAA,IAC5B,KAAA;AAAA,IACA,cAAA;AAAA,IACA,YAAA,EAAc,IAAA,CAAK,oBAAA,GACf,kFAAA,GACA,cACE,6EAAA,GACA;AAAA,GACP,CAAA,GACD,IAAA;AACJ,EAAA,MAAM,eAAA,GAAkBkB,+CAAA;AAAA,IACrB,MAAM,QAAQ,OAAA,CAAQ,KAAA,CAAM,UAAU,EAAE,cAAA,EAAgB,CAAC;AAAA,GAC5D;AAEA,EAAA,MAAM,aAAaC,iCAAA,EAAgB;AACnC,EAAA,MAAM,YAAY,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AAC9C,EAAA,MAAM,aAAA,GAAgB,MAAM,6BAAA,CAA8B;AAAA,IACxD,KAAA;AAAA,IACA,KAAA,EAAO,WAAA;AAAA,IACP,gBAAgB,IAAA,CAAK,eAAA;AAAA,IACrB,0BAAA;AAAA,IACA;AAAA,GACD,CAAA;AAED,EAAA,IAAI,WAAA,IAAe,CAAC,aAAA,EAAe;AACjC,IAAA,MAAM,IAAInB,gCAAc,GAAA,EAAK;AAAA,MAC3B,OAAA,EAAS;AAAA,KACV,CAAA;AAAA,EACH;AAEA,EAAA,MAAM,QAAA,GAAW,WAAA,IAAe,OAAA,CAAQ,aAAa,CAAA;AAErD,EAAA,OAAO;AAAA,IACL,KAAA;AAAA,IACA,gBAAA;AAAA,IACA,eAAA;AAAA,IACA,SAAA;AAAA,IACA,QAAA;AAAA,IACA,cAAA;AAAA,IACA,0BAAA;AAAA,IACA,aAAA;AAAA,IACA,UAAA;AAAA,IACA,aAAA;AAAA,IACA,gBAAA,EAAkB;AAAA,MAChB,SAAS,KAAA,CAAM,EAAA;AAAA,MACf,KAAA,EAAO,aAAA;AAAA,MACP,SAAA;AAAA,MACA,cAAc,IAAA,CAAK,YAAA;AAAA,MACnB,MAAM,IAAA,CAAK,IAAA;AAAA,MACX,kBAAA,EAAoB,0BAAA,EAA4B,OAAA,CAAQ,EAAA,IAAM,IAAA,CAAK,oBAAA;AAAA,MACnE,KAAA,EAAO,eAAA;AAAA,MACP,KAAA,EAAO;AAAA,KACT;AAAA,IACA;AAAA,GACF;AACF;AAMA,SAAS,yBAAA,CAA0B;AAAA,EACjC,gBAAA;AAAA,EACA,IAAA;AAAA,EACA,eAAA;AAAA,EACA,SAAA;AAAA,EACA,QAAA;AAAA,EACA,0BAAA;AAAA,EACA,UAAA;AAAA,EACA,aAAA;AAAA,EACA,gBAAA;AAAA,EACA,YAAA;AAAA,EACA;AACF,CAAA,EAeG;AACD,EAAA,MAAM,kBAAkBoB,yCAAA,CAAwB;AAAA,IAC9C,UAAA;AAAA,IACA,KAAA,EAAO,aAAA;AAAA,IACP,SAAA;AAAA,IACA,cAAc,IAAA,CAAK,YAAA;AAAA,IACnB,YAAY,IAAA,CAAK,IAAA;AAAA,IACjB,oBAAoB,IAAA,CAAK,oBAAA;AAAA,IACzB,cAAA,EAAgB,aAAA,EAAe,QAAA,IAAY,IAAA,CAAK,eAAA;AAAA,IAChD,KAAA,EAAO,eAAA;AAAA,IACP,KAAA,EAAO;AAAA,GACR,CAAA;AAED,EAAA,OAAO,IAAI,cAAA,CAA2B;AAAA,IACpC,MAAM,MAAM,UAAA,EAAY;AACtB,MAAA,IAAI,cAAA,GAAiB,CAAA;AACrB,MAAA,MAAM,YAAA,GAAe,CAAC,SAAA,EAAmB,OAAA,KAAqC;AAC5E,QAAA,UAAA,CAAW,OAAA;AAAA,UACTC,iCAAe,SAAA,EAAW;AAAA,YACxB,GAAG,OAAA;AAAA,YACH,eAAA,EAAiB,cAAA;AAAA,WAClB;AAAA,SACH;AAAA,MACF,CAAA;AAEA,MAAA,YAAA,CAAa,kBAAA,EAAoB;AAAA,QAC/B,IAAA,EAAM,kBAAA;AAAA,QACN,QAAA,EAAU;AAAA,OACX,CAAA;AACD,MAAA,YAAA,CAAa,sBAAA,EAAwB;AAAA,QACnC,IAAA,EAAM,sBAAA;AAAA,QACN,QAAA,EAAU;AAAA,OACX,CAAA;AACD,MAAA,YAAA,CAAa,4BAAA,EAA8B;AAAA,QACzC,IAAA,EAAM,4BAAA;AAAA,QACN,YAAA,EAAc,CAAA;AAAA,QACd,IAAA,EAAM;AAAA,UACJ,EAAA,EAAI,UAAA;AAAA,UACJ,IAAA,EAAM,SAAA;AAAA,UACN,IAAA,EAAM,WAAA;AAAA,UACN,MAAA,EAAQ,aAAA;AAAA,UACR,SAAS;AAAC;AACZ,OACD,CAAA;AACD,MAAA,YAAA,CAAa,6BAAA,EAA+B;AAAA,QAC1C,IAAA,EAAM,6BAAA;AAAA,QACN,YAAA,EAAc,CAAA;AAAA,QACd,aAAA,EAAe,CAAA;AAAA,QACf,OAAA,EAAS,UAAA;AAAA,QACT,IAAA,EAAMC,uCAAqB,EAAE;AAAA,OAC9B,CAAA;AAED,MAAA,IAAI,IAAA,GAAO,EAAA;AACX,MAAA,MAAM,UAAA,GAAa,MAAM,YAAA,CAAa,UAAA;AACtC,MAAA,MAAM,MAAA,GAAS,WAAW,SAAA,EAAU;AAEpC,MAAA,IAAI;AACF,QAAA,OAAO,IAAA,EAAM;AACX,UAAA,MAAM,EAAE,IAAA,EAAM,KAAA,EAAM,GAAI,MAAM,OAAO,IAAA,EAAK;AAC1C,UAAA,IAAI,IAAA,EAAM;AACR,YAAA;AAAA,UACF;AAEA,UAAA,MAAM,KAAA,GAAQC,mCAAiB,KAAK,CAAA;AACpC,UAAA,IAAI,KAAA,EAAO;AACT,YAAA,IAAA,IAAQ,KAAA;AACR,YAAA,YAAA,CAAa,4BAAA,EAA8B;AAAA,cACzC,IAAA,EAAM,4BAAA;AAAA,cACN,YAAA,EAAc,CAAA;AAAA,cACd,aAAA,EAAe,CAAA;AAAA,cACf,OAAA,EAAS,UAAA;AAAA,cACT;AAAA,aACD,CAAA;AAAA,UACH;AAAA,QACF;AAEA,QAAA,MAAM,EAAE,cAAA,EAAgB,QAAA,EAAS,GAAI,MAAM,gBAAA,CAAiB;AAAA,UAC1D,gBAAA;AAAA,UACA,QAAA;AAAA,UACA,aAAA;AAAA,UACA,MAAA,EAAQ,YAAA;AAAA,UACR,UAAA;AAAA,UACA,SAAA;AAAA,UACA,KAAA,EAAO,aAAA;AAAA,UACP,cAAc,IAAA,CAAK,YAAA;AAAA,UACnB,kBAAA,EAAoB,0BAAA,EAA4B,OAAA,CAAQ,EAAA,IAAM,IAAA,CAAK,oBAAA;AAAA,UACnE,cAAA,EAAgB,aAAA,EAAe,QAAA,IAAY,IAAA,CAAK,eAAA;AAAA,UAChD,eAAA;AAAA,UACA,gBAAA;AAAA,UACA,YAAA,EAAc;AAAA,SACf,CAAA;AACD,QAAA,YAAA,CAAa,2BAAA,EAA6B;AAAA,UACxC,IAAA,EAAM,2BAAA;AAAA,UACN,YAAA,EAAc,CAAA;AAAA,UACd,aAAA,EAAe,CAAA;AAAA,UACf,OAAA,EAAS,UAAA;AAAA,UACT,MAAM,cAAA,CAAe;AAAA,SACtB,CAAA;AAED,QAAA,MAAM,aAAA,GAAgB,4BAAA,CAA6B,QAAA,EAAU,UAAU,CAAA,IAAK;AAAA,UAC1E,EAAA,EAAI,UAAA;AAAA,UACJ,IAAA,EAAM,SAAA;AAAA,UACN,IAAA,EAAM,WAAA;AAAA,UACN,MAAA,EAAQ,WAAA;AAAA,UACR,OAAA,EAAS,CAACD,sCAAA,CAAqB,cAAA,CAAe,IAAI,CAAC;AAAA,SACrD;AAEA,QAAA,YAAA,CAAa,4BAAA,EAA8B;AAAA,UACzC,IAAA,EAAM,4BAAA;AAAA,UACN,YAAA,EAAc,CAAA;AAAA,UACd,aAAA,EAAe,CAAA;AAAA,UACf,OAAA,EAAS,UAAA;AAAA,UACT,IAAA,EAAMA,sCAAA,CAAqB,cAAA,CAAe,IAAI;AAAA,SAC/C,CAAA;AACD,QAAA,YAAA,CAAa,2BAAA,EAA6B;AAAA,UACxC,IAAA,EAAM,2BAAA;AAAA,UACN,YAAA,EAAc,CAAA;AAAA,UACd,IAAA,EAAM;AAAA,SACP,CAAA;AACD,QAAA,YAAA,CAAa,oBAAA,EAAsB;AAAA,UACjC,IAAA,EAAM,oBAAA;AAAA,UACN;AAAA,SACD,CAAA;AACD,QAAA,UAAA,CAAW,KAAA,EAAM;AAAA,MACnB,SAAS,KAAA,EAAO;AACd,QAAA,UAAA,CAAW,MAAM,KAAK,CAAA;AAAA,MACxB,CAAA,SAAE;AACA,QAAA,MAAA,CAAO,WAAA,EAAY;AAAA,MACrB;AAAA,IACF;AAAA,GACD,CAAA;AACH;AAEO,IAAM,wBAAwBE,6BAAA,CAAY;AAAA,EAC/C,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYC,0CAAA;AAAA,EACZ,cAAA,EAAgBC,sCAAA;AAAA,EAChB,OAAA,EAAS,mBAAA;AAAA,EACT,WAAA,EAAa,2EAAA;AAAA,EACb,IAAA,EAAM,CAAC,WAAW,CAAA;AAAA,EAClB,YAAA,EAAc,IAAA;AAAA,EACd,oBAAoBC,sCAAA,CAAqB,cAAA;AAAA,EACzC,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,gBAAgB,WAAA,EAAa,GAAG,MAAK,KAAM;AACnE,IAAA,IAAI;AACF,MAAA,MAAM;AAAA,QACJ,KAAA;AAAA,QACA,gBAAA;AAAA,QACA,eAAA;AAAA,QACA,SAAA;AAAA,QACA,QAAA;AAAA,QACA,cAAA;AAAA,QACA,0BAAA;AAAA,QACA,aAAA;AAAA,QACA,UAAA;AAAA,QACA,aAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,UACE,MAAM,4BAAA,CAA6B,EAAE,IAAA,EAAM,MAAA,EAAQ,gBAAgB,CAAA;AAEvE,MAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,QAAA,MAAM,MAAA,GAAS,MAAM,eAAA,CAAgB;AAAA,UACnC,KAAA;AAAA,UACA,aAAA;AAAA,UACA,eAAe,IAAA,CAAK,KAAA;AAAA,UACpB,cAAc,IAAA,CAAK,YAAA;AAAA,UACnB,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,iBAAiB,IAAA,CAAK,eAAA;AAAA,UACtB,KAAA,EAAO,cAAA;AAAA,UACP,cAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA,SACD,CAAA;AAED,QAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,gBAAA,CAAiB;AAAA,UAC1C,gBAAA;AAAA,UACA,QAAA;AAAA,UACA,aAAA;AAAA,UACA,MAAA;AAAA,UACA,UAAA;AAAA,UACA,SAAA;AAAA,UACA,KAAA,EAAO,aAAA;AAAA,UACP,cAAc,IAAA,CAAK,YAAA;AAAA,UACnB,kBAAA,EAAoB,0BAAA,EAA4B,OAAA,CAAQ,EAAA,IAAM,IAAA,CAAK,oBAAA;AAAA,UACnE,cAAA,EAAgB,aAAA,EAAe,QAAA,IAAY,IAAA,CAAK,eAAA;AAAA,UAChD,eAAA;AAAA,UACA,gBAAA;AAAA,UACA,YAAA,EAAc;AAAA,SACf,CAAA;AAED,QAAA,OAAO,aAAa,QAAQ,CAAA;AAAA,MAC9B;AAEA,MAAA,MAAM,YAAA,GAAe,MAAM,aAAA,CAAc;AAAA,QACvC,KAAA;AAAA,QACA,aAAA;AAAA,QACA,eAAe,IAAA,CAAK,KAAA;AAAA,QACpB,cAAc,IAAA,CAAK,YAAA;AAAA,QACnB,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,iBAAiB,IAAA,CAAK,eAAA;AAAA,QACtB,KAAA,EAAO,cAAA;AAAA,QACP,cAAA;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,MAAM,SAAS,yBAAA,CAA0B;AAAA,QACvC,gBAAA;AAAA,QACA,IAAA;AAAA,QACA,eAAA;AAAA,QACA,SAAA;AAAA,QACA,QAAA;AAAA,QACA,0BAAA;AAAA,QACA,UAAA;AAAA,QACA,aAAA;AAAA,QACA,gBAAA;AAAA,QACA,YAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,IAAI,SAAS,MAAA,EAAQ;AAAA,QAC1B,OAAA,EAAS;AAAA,UACP,cAAA,EAAgB,kCAAA;AAAA,UAChB,eAAA,EAAiB,UAAA;AAAA,UACjB,UAAA,EAAY,YAAA;AAAA,UACZ,mBAAA,EAAqB;AAAA;AACvB,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,yBAAyB,CAAA;AAAA,IACrD;AAAA,EACF;AACF,CAAC;AAEM,IAAM,qBAAqBJ,6BAAA,CAAY;AAAA,EAC5C,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,sCAAA;AAAA,EACjB,cAAA,EAAgBH,sCAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EAAa,6CAAA;AAAA,EACb,IAAA,EAAM,CAAC,WAAW,CAAA;AAAA,EAClB,YAAA,EAAc,IAAA;AAAA,EACd,oBAAoBC,sCAAA,CAAqB,WAAA;AAAA,EACzC,SAAS,OAAO,EAAE,MAAA,EAAQ,cAAA,EAAgB,YAAW,KAAM;AACzD,IAAA,IAAI;AACF,MAAA,MAAM,qBAAqB,MAAMV,oDAAA,CAAmC,EAAE,MAAA,EAAQ,UAAA,EAAY,gBAAgB,CAAA;AAC1G,MAAA,IAAI,CAAC,kBAAA,EAAoB;AACvB,QAAA,MAAM,IAAIjB,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,gBAAA,EAAmB,UAAU,kBAAkB,CAAA;AAAA,MACzF;AAEA,MAAA,OAAO8B,kDAAgC,kBAAkB,CAAA;AAAA,IAC3D,SAAS,KAAA,EAAO;AACd,MAAA,OAAOF,6BAAA,CAAY,OAAO,2BAA2B,CAAA;AAAA,IACvD;AAAA,EACF;AACF,CAAC;AAEM,IAAM,wBAAwBJ,6BAAA,CAAY;AAAA,EAC/C,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,sCAAA;AAAA,EACjB,cAAA,EAAgBE,sCAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,uEAAA;AAAA,EACb,IAAA,EAAM,CAAC,WAAW,CAAA;AAAA,EAClB,YAAA,EAAc,IAAA;AAAA,EACd,oBAAoBJ,sCAAA,CAAqB,aAAA;AAAA,EACzC,SAAS,OAAO,EAAE,MAAA,EAAQ,cAAA,EAAgB,YAAW,KAAM;AACzD,IAAA,IAAI;AACF,MAAA,MAAM,qBAAqB,MAAMV,oDAAA,CAAmC,EAAE,MAAA,EAAQ,UAAA,EAAY,gBAAgB,CAAA;AAC1G,MAAA,IAAI,CAAC,kBAAA,EAAoB;AACvB,QAAA,MAAM,IAAIjB,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,gBAAA,EAAmB,UAAU,kBAAkB,CAAA;AAAA,MACzF;AAEA,MAAA,MAAMgC,0CAAA,CAAyB,EAAE,kBAAA,EAAoB,CAAA;AAErD,MAAA,MAAM,QAAA,GAA2B;AAAA,QAC/B,EAAA,EAAI,UAAA;AAAA,QACJ,MAAA,EAAQ,UAAA;AAAA,QACR,OAAA,EAAS;AAAA,OACX;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOJ,6BAAA,CAAY,OAAO,yBAAyB,CAAA;AAAA,IACrD;AAAA,EACF;AACF,CAAC","file":"chunk-MOH4DZJP.cjs","sourcesContent":["import { randomUUID } from 'node:crypto';\nimport type { Agent, MastraDBMessage } from '@mastra/core/agent';\nimport type { Mastra } from '@mastra/core/mastra';\nimport type { RequestContext } from '@mastra/core/request-context';\nimport type { MemoryStorage } from '@mastra/core/storage';\nimport { MastraFGAPermissions } from '../fga-permissions';\nimport { HTTPException } from '../http-exception';\nimport {\n  createResponseBodySchema,\n  deleteResponseSchema,\n  responseIdPathParams,\n  responseObjectSchema,\n} from '../schemas/responses';\nimport type { CreateResponseBody, DeleteResponse, ResponseObject } from '../schemas/responses';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { getAgentFromSystem } from './agents';\nimport { handleError } from './error';\nimport {\n  buildCompletedResponse,\n  buildInProgressResponse,\n  createMessageId,\n  createOutputTextPart,\n  extractTextDelta,\n  formatSseEvent,\n  mapMastraToolsToResponseTools,\n  mapResponseInputToExecutionMessages,\n  mapResponseTurnRecordToResponse,\n  toResponseStatus,\n  toResponseUsage,\n} from './responses.adapter';\nimport {\n  deleteResponseTurnRecord,\n  findResponseTurnRecord,\n  findResponseTurnRecordAcrossAgents,\n  getAgentMemoryStore,\n  persistResponseTurnRecord,\n  resolveResponseTurnMessagesForStorage,\n} from './responses.storage';\nimport type {\n  ProviderMetadataLike,\n  ResponseTurnRecord,\n  ResponseTurnRecordMetadata,\n  ThreadExecutionContext,\n  UsageLike,\n} from './responses.storage';\nimport { enforceThreadAccess, getEffectiveResourceId, getEffectiveThreadId } from './utils';\n\ntype AgentExecutionInput = Parameters<Agent['generate']>[0];\ntype ResolvedAgentModel = Awaited<ReturnType<Agent['getModel']>>;\n\ntype ResponseExecutionResult = {\n  text?: string;\n  finishReason?: string;\n  totalUsage?: UsageLike | Promise<UsageLike>;\n  usage?: UsageLike | Promise<UsageLike>;\n  providerMetadata?: ProviderMetadataLike | Promise<ProviderMetadataLike>;\n  response?: {\n    id?: string;\n    dbMessages?: MastraDBMessage[];\n  };\n};\n\ntype ResponseStreamResult = {\n  fullStream: ReadableStream<unknown> | Promise<ReadableStream<unknown>>;\n  text: Promise<string> | string;\n  finishReason: Promise<string | undefined> | string | undefined;\n  totalUsage?: Promise<UsageLike> | UsageLike;\n  usage?: Promise<UsageLike> | UsageLike;\n  providerMetadata?: Promise<ProviderMetadataLike> | ProviderMetadataLike;\n  response?:\n    | Promise<{\n        id?: string;\n        dbMessages?: MastraDBMessage[];\n      }>\n    | {\n        id?: string;\n        dbMessages?: MastraDBMessage[];\n      };\n};\n\ntype CompletedResponseState = {\n  completedAt: number;\n  status: ResponseObject['status'];\n  text: string;\n  usage: UsageLike;\n  usageDetails: ResponseObject['usage'];\n  providerOptions: ProviderMetadataLike;\n};\n\ntype FinalizedResponse = {\n  completedState: CompletedResponseState;\n  response: ResponseObject;\n  responseMessages: MastraDBMessage[];\n};\n\ntype PreparedCreateResponseRequest = {\n  agent: Agent<any, any, any, any>;\n  agentMemoryStore: MemoryStorage | null;\n  configuredTools: ReturnType<typeof mapMastraToolsToResponseTools>;\n  createdAt: number;\n  didStore: boolean;\n  executionInput: AgentExecutionInput;\n  previousResponseTurnRecord: ResponseTurnRecord | null;\n  resolvedModel: ResolvedAgentModel;\n  responseId: string;\n  responseModel: string;\n  responseMetadata: Omit<\n    ResponseTurnRecordMetadata,\n    'completedAt' | 'status' | 'usage' | 'providerOptions' | 'messageIds'\n  >;\n  threadContext: ThreadExecutionContext | null;\n};\n\nconst JSON_OBJECT_RESPONSE_SCHEMA = {\n  type: 'object',\n  additionalProperties: true,\n} as const;\n\nfunction jsonResponse(data: ResponseObject, status: number = 200): Response {\n  return new Response(JSON.stringify(data), {\n    status,\n    headers: {\n      'Content-Type': 'application/json',\n    },\n  });\n}\n\nfunction createStructuredOutput(text: CreateResponseBody['text']) {\n  if (!text) {\n    return undefined;\n  }\n\n  switch (text.format.type) {\n    case 'json_object':\n      return {\n        schema: JSON_OBJECT_RESPONSE_SCHEMA,\n        jsonPromptInjection: true,\n      };\n    case 'json_schema':\n      return {\n        schema: text.format.schema,\n      };\n    default:\n      return undefined;\n  }\n}\n\nfunction getStreamedMessageOutputItem(response: ResponseObject, responseId: string) {\n  return (\n    response.output.find(\n      (item): item is Extract<ResponseObject['output'][number], { type: 'message' }> =>\n        item.type === 'message' && item.id === responseId,\n    ) ??\n    response.output.find(\n      (item): item is Extract<ResponseObject['output'][number], { type: 'message' }> => item.type === 'message',\n    ) ??\n    null\n  );\n}\n\n/**\n * Resolves the memory thread that should back the current response request.\n *\n * If `previous_response_id` is present, the request continues on that stored thread.\n * Otherwise, the route only creates or reuses a thread when the caller asked to store\n * the response and the resolved agent actually has memory configured.\n */\nasync function resolveThreadExecutionContext({\n  agent,\n  store,\n  conversationId,\n  previousResponseTurnRecord,\n  requestContext,\n}: {\n  agent: Agent<any, any, any, any>;\n  store: boolean;\n  conversationId?: string;\n  previousResponseTurnRecord: ResponseTurnRecord | null;\n  requestContext: RequestContext;\n}): Promise<ThreadExecutionContext | null> {\n  if (conversationId && previousResponseTurnRecord && previousResponseTurnRecord.thread.id !== conversationId) {\n    throw new HTTPException(400, {\n      message:\n        'conversation_id and previous_response_id must reference the same conversation thread when both are provided',\n    });\n  }\n\n  if (previousResponseTurnRecord) {\n    return {\n      threadId: previousResponseTurnRecord.thread.id,\n      resourceId: previousResponseTurnRecord.thread.resourceId,\n    };\n  }\n\n  const effectiveThreadId = getEffectiveThreadId(requestContext, undefined);\n  const effectiveResourceId = getEffectiveResourceId(requestContext, undefined);\n\n  if (!store && !conversationId && !effectiveThreadId) {\n    return null;\n  }\n\n  const memory = await agent.getMemory({ requestContext });\n  if (!memory) {\n    if (conversationId) {\n      throw new HTTPException(400, {\n        message: 'conversation_id requires the target agent to have memory configured',\n      });\n    }\n\n    return null;\n  }\n\n  if (conversationId) {\n    const existingThread = await memory.getThreadById({ threadId: conversationId });\n    if (!existingThread) {\n      throw new HTTPException(404, { message: `Conversation ${conversationId} was not found` });\n    }\n\n    await enforceThreadAccess({\n      mastra: agent.getMastraInstance(),\n      requestContext,\n      threadId: conversationId,\n      thread: existingThread,\n      effectiveResourceId,\n    });\n    return {\n      threadId: existingThread.id,\n      resourceId: effectiveResourceId ?? existingThread.resourceId,\n    };\n  }\n\n  if (!effectiveThreadId) {\n    if (!store) {\n      return null;\n    }\n\n    const threadId = randomUUID();\n    const createdThread = await memory.createThread({\n      threadId,\n      resourceId: effectiveResourceId ?? threadId,\n    });\n\n    return {\n      threadId: createdThread.id,\n      resourceId: createdThread.resourceId,\n    };\n  }\n\n  const threadId = effectiveThreadId;\n  const existingThread = await memory.getThreadById({ threadId });\n  if (existingThread) {\n    await enforceThreadAccess({\n      mastra: agent.getMastraInstance(),\n      requestContext,\n      threadId,\n      thread: existingThread,\n      effectiveResourceId,\n    });\n    return {\n      threadId: existingThread.id,\n      resourceId: effectiveResourceId ?? existingThread.resourceId,\n    };\n  }\n\n  if (!store) {\n    return null;\n  }\n\n  const resourceId = effectiveResourceId ?? threadId;\n  const createdThread = await memory.createThread({\n    threadId,\n    resourceId,\n  });\n\n  return {\n    threadId: createdThread.id,\n    resourceId: createdThread.resourceId,\n  };\n}\n\nfunction createExecutionMemory(threadContext: ThreadExecutionContext | null) {\n  if (!threadContext) {\n    return undefined;\n  }\n\n  return {\n    memory: {\n      thread: threadContext.threadId,\n      resource: threadContext.resourceId,\n    },\n  } as const;\n}\n\n/**\n * Resolves the registered Mastra agent that owns the response request.\n */\nasync function resolveResponseAgent({\n  mastra,\n  agentId,\n}: {\n  mastra: Mastra | undefined;\n  agentId?: string;\n}): Promise<Agent<any, any, any, any>> {\n  if (!agentId) {\n    throw new HTTPException(400, {\n      message: 'Responses requests require an agent_id',\n    });\n  }\n\n  if (!mastra) {\n    throw new HTTPException(500, { message: 'Mastra instance is required for agent-backed responses' });\n  }\n\n  return getAgentFromSystem({ mastra, agentId });\n}\n\nasync function resolveAgentMemoryStore({\n  agent,\n  requestContext,\n  errorMessage,\n}: {\n  agent: Agent<any, any, any, any>;\n  requestContext: RequestContext;\n  errorMessage: string;\n}): Promise<MemoryStorage> {\n  const agentMemoryStore = await getAgentMemoryStore({ agent, requestContext });\n  if (!agentMemoryStore) {\n    throw new HTTPException(400, { message: errorMessage });\n  }\n\n  return agentMemoryStore;\n}\n\n/**\n * Executes a non-streaming Responses API request through the resolved Mastra agent.\n */\nasync function executeGenerate({\n  agent,\n  resolvedModel,\n  modelOverride,\n  instructions,\n  text,\n  providerOptions,\n  input,\n  requestContext,\n  abortSignal,\n  threadContext,\n}: {\n  agent: Agent;\n  resolvedModel: ResolvedAgentModel;\n  modelOverride?: string;\n  instructions: string | undefined;\n  text: CreateResponseBody['text'];\n  providerOptions: CreateResponseBody['providerOptions'];\n  input: AgentExecutionInput;\n  requestContext: RequestContext;\n  abortSignal: AbortSignal;\n  threadContext: ThreadExecutionContext | null;\n}) {\n  const executionMemory = createExecutionMemory(threadContext);\n  const structuredOutput = createStructuredOutput(text);\n  const modelOption = modelOverride ? { model: modelOverride } : {};\n  const commonOptions = {\n    instructions,\n    requestContext,\n    abortSignal,\n    ...modelOption,\n    structuredOutput,\n    providerOptions,\n    ...(executionMemory ?? {}),\n  };\n\n  if (resolvedModel.specificationVersion === 'v1') {\n    if (threadContext) {\n      return (await agent.generateLegacy(input, {\n        instructions,\n        requestContext,\n        abortSignal,\n        ...modelOption,\n        output: structuredOutput?.schema,\n        providerOptions,\n        resourceId: threadContext.resourceId,\n        threadId: threadContext.threadId,\n      } as never)) as ResponseExecutionResult;\n    }\n\n    return (await agent.generateLegacy(input, {\n      instructions,\n      requestContext,\n      abortSignal,\n      ...modelOption,\n      output: structuredOutput?.schema,\n      providerOptions,\n    } as never)) as ResponseExecutionResult;\n  }\n\n  return (await agent.generate(input, commonOptions as never)) as ResponseExecutionResult;\n}\n\n/**\n * Executes a streaming Responses API request through the resolved Mastra agent.\n */\nasync function executeStream({\n  agent,\n  resolvedModel,\n  modelOverride,\n  instructions,\n  text,\n  providerOptions,\n  input,\n  requestContext,\n  abortSignal,\n  threadContext,\n}: {\n  agent: Agent;\n  resolvedModel: ResolvedAgentModel;\n  modelOverride?: string;\n  instructions: string | undefined;\n  text: CreateResponseBody['text'];\n  providerOptions: CreateResponseBody['providerOptions'];\n  input: AgentExecutionInput;\n  requestContext: RequestContext;\n  abortSignal: AbortSignal;\n  threadContext: ThreadExecutionContext | null;\n}) {\n  const executionMemory = createExecutionMemory(threadContext);\n  const structuredOutput = createStructuredOutput(text);\n  const modelOption = modelOverride ? { model: modelOverride } : {};\n  const commonOptions = {\n    instructions,\n    requestContext,\n    abortSignal,\n    ...modelOption,\n    structuredOutput,\n    providerOptions,\n    ...(executionMemory ?? {}),\n  };\n\n  if (resolvedModel.specificationVersion === 'v1') {\n    if (threadContext) {\n      return (await agent.streamLegacy(input, {\n        instructions,\n        requestContext,\n        abortSignal,\n        ...modelOption,\n        output: structuredOutput?.schema,\n        providerOptions,\n        resourceId: threadContext.resourceId,\n        threadId: threadContext.threadId,\n      } as never)) as ResponseStreamResult;\n    }\n\n    return (await agent.streamLegacy(input, {\n      instructions,\n      requestContext,\n      abortSignal,\n      ...modelOption,\n      output: structuredOutput?.schema,\n      providerOptions,\n    } as never)) as ResponseStreamResult;\n  }\n\n  return (await agent.stream(input, commonOptions as never)) as ResponseStreamResult;\n}\n\nasync function resolveUsage(result: ResponseExecutionResult | ResponseStreamResult): Promise<UsageLike> {\n  return (await (result.totalUsage ?? result.usage ?? null)) as UsageLike;\n}\n\nasync function resolveProviderMetadata(\n  result: ResponseExecutionResult | ResponseStreamResult,\n): Promise<ProviderMetadataLike> {\n  return (await (result.providerMetadata ?? undefined)) as ProviderMetadataLike;\n}\n\nasync function resolveFinishReason(\n  result: ResponseExecutionResult | ResponseStreamResult,\n): Promise<string | undefined> {\n  return (await result.finishReason) ?? undefined;\n}\n\nasync function resolveText(result: ResponseExecutionResult | ResponseStreamResult): Promise<string> {\n  return (await result.text) ?? '';\n}\n\n/**\n * Resolves the final response state shared by streaming and non-streaming flows.\n */\nasync function resolveCompletedResponseState(\n  result: ResponseExecutionResult | ResponseStreamResult,\n  fallbackText: string,\n): Promise<CompletedResponseState> {\n  const usage = await resolveUsage(result);\n\n  return {\n    completedAt: Math.floor(Date.now() / 1000),\n    status: toResponseStatus(await resolveFinishReason(result)),\n    text: (await resolveText(result)) || fallbackText,\n    usage,\n    usageDetails: toResponseUsage(usage),\n    providerOptions: await resolveProviderMetadata(result),\n  };\n}\n\n/**\n * Stores the completed response when the request opted into memory-backed persistence.\n */\nasync function storeCompletedResponse({\n  agentMemoryStore,\n  didStore,\n  threadContext,\n  responseId,\n  metadata,\n  completedState,\n  messages,\n}: {\n  agentMemoryStore: MemoryStorage | null;\n  didStore: boolean;\n  threadContext: ThreadExecutionContext | null;\n  responseId: string;\n  metadata: Omit<ResponseTurnRecordMetadata, 'completedAt' | 'status' | 'usage' | 'providerOptions' | 'messageIds'>;\n  completedState: CompletedResponseState;\n  messages: MastraDBMessage[];\n}): Promise<void> {\n  if (!didStore || !threadContext) {\n    return;\n  }\n\n  await persistResponseTurnRecord({\n    memoryStore: agentMemoryStore,\n    responseId,\n    metadata: {\n      ...metadata,\n      completedAt: completedState.completedAt,\n      status: completedState.status,\n      usage: completedState.usageDetails,\n      providerOptions: completedState.providerOptions,\n      messageIds: [],\n    },\n    threadContext,\n    messages,\n  });\n}\n\n/**\n * Resolves the final response object and persists the stored response turn when needed.\n */\nasync function finalizeResponse({\n  agentMemoryStore,\n  didStore,\n  threadContext,\n  result,\n  responseId,\n  createdAt,\n  model,\n  instructions,\n  previousResponseId,\n  conversationId,\n  configuredTools,\n  responseMetadata,\n  fallbackText,\n}: {\n  agentMemoryStore: MemoryStorage | null;\n  didStore: boolean;\n  threadContext: ThreadExecutionContext | null;\n  result: ResponseExecutionResult | ResponseStreamResult;\n  responseId: string;\n  createdAt: number;\n  model: string;\n  instructions: string | undefined;\n  previousResponseId?: string;\n  conversationId?: string;\n  configuredTools: ReturnType<typeof mapMastraToolsToResponseTools>;\n  responseMetadata: Omit<\n    ResponseTurnRecordMetadata,\n    'completedAt' | 'status' | 'usage' | 'providerOptions' | 'messageIds'\n  >;\n  fallbackText: string;\n}): Promise<FinalizedResponse> {\n  const completedState = await resolveCompletedResponseState(result, fallbackText);\n  const responseMessages = await resolveResponseTurnMessagesForStorage({\n    result,\n    responseId,\n    text: completedState.text,\n    threadContext,\n  });\n  const response = buildCompletedResponse({\n    responseId,\n    outputMessageId: responseId,\n    model,\n    createdAt,\n    completedAt: completedState.completedAt,\n    status: completedState.status,\n    text: completedState.text,\n    usage: completedState.usage,\n    instructions,\n    textConfig: responseMetadata.text,\n    previousResponseId,\n    conversationId,\n    providerOptions: completedState.providerOptions,\n    tools: configuredTools,\n    messages: responseMessages,\n    store: didStore,\n  });\n\n  await storeCompletedResponse({\n    agentMemoryStore,\n    didStore,\n    threadContext,\n    responseId,\n    metadata: responseMetadata,\n    completedState,\n    messages: responseMessages,\n  });\n\n  return { completedState, response, responseMessages };\n}\n\n/**\n * Resolves all request-scoped Mastra primitives needed to execute a Responses create\n * call: the owning agent, the memory thread context, the normalized execution input,\n * and the response-turn metadata that may be persisted later.\n */\nasync function prepareCreateResponseRequest({\n  body,\n  mastra,\n  requestContext,\n}: {\n  body: CreateResponseBody;\n  mastra: Mastra | undefined;\n  requestContext: RequestContext;\n}): Promise<PreparedCreateResponseRequest> {\n  const executionInput = mapResponseInputToExecutionMessages(body.input) as AgentExecutionInput;\n  let previousResponseTurnRecord: ResponseTurnRecord | null = null;\n  let resolvedAgent: Agent<any, any, any, any> | null = null;\n\n  if (body.previous_response_id) {\n    if (body.agent_id) {\n      resolvedAgent = await resolveResponseAgent({ mastra, agentId: body.agent_id });\n      previousResponseTurnRecord = await findResponseTurnRecord({\n        agent: resolvedAgent,\n        responseId: body.previous_response_id,\n        requestContext,\n      });\n\n      if (!previousResponseTurnRecord) {\n        const owningResponseTurnRecord = await findResponseTurnRecordAcrossAgents({\n          mastra,\n          responseId: body.previous_response_id,\n          requestContext,\n        });\n\n        if (owningResponseTurnRecord) {\n          if (owningResponseTurnRecord.metadata.agentId === body.agent_id) {\n            previousResponseTurnRecord = owningResponseTurnRecord;\n          } else {\n            throw new HTTPException(400, {\n              message: `Stored response ${body.previous_response_id} belongs to agent ${owningResponseTurnRecord.metadata.agentId}, not ${body.agent_id}`,\n            });\n          }\n        }\n\n        if (!previousResponseTurnRecord) {\n          throw new HTTPException(404, { message: `Stored response ${body.previous_response_id} was not found` });\n        }\n      }\n    } else {\n      if (!mastra) {\n        throw new HTTPException(500, { message: 'Mastra instance is required for agent-backed responses' });\n      }\n\n      previousResponseTurnRecord = await findResponseTurnRecordAcrossAgents({\n        mastra,\n        responseId: body.previous_response_id,\n        requestContext,\n      });\n\n      if (!previousResponseTurnRecord) {\n        throw new HTTPException(404, { message: `Stored response ${body.previous_response_id} was not found` });\n      }\n    }\n  }\n\n  const agent =\n    resolvedAgent ??\n    (await resolveResponseAgent({\n      mastra,\n      agentId: body.agent_id ?? previousResponseTurnRecord?.metadata.agentId,\n    }));\n  const resolvedModel = await agent.getModel({\n    requestContext,\n    modelConfig: body.model,\n  });\n  const responseModel =\n    body.model ??\n    (() => {\n      if (resolvedModel.provider && resolvedModel.modelId) {\n        const publicProviderId = resolvedModel.provider.includes('.')\n          ? resolvedModel.provider.split('.')[0]!\n          : resolvedModel.provider;\n        return `${publicProviderId}/${resolvedModel.modelId}`;\n      }\n\n      if (resolvedModel.modelId) {\n        return resolvedModel.modelId;\n      }\n\n      throw new HTTPException(500, {\n        message: 'Responses route could not determine the effective model for this request',\n      });\n    })();\n  const shouldStore = body.store ?? false;\n  const needsMemoryStore = shouldStore || Boolean(body.conversation_id) || Boolean(body.previous_response_id);\n  const agentMemoryStore = needsMemoryStore\n    ? await resolveAgentMemoryStore({\n        agent,\n        requestContext,\n        errorMessage: body.previous_response_id\n          ? 'previous_response_id requires the target agent to have memory storage configured'\n          : shouldStore\n            ? 'Stored responses require the target agent to have memory storage configured'\n            : 'conversation_id requires the target agent to have memory storage configured',\n      })\n    : null;\n  const configuredTools = mapMastraToolsToResponseTools(\n    (await Promise.resolve(agent.listTools({ requestContext }))) as Record<string, unknown>,\n  );\n\n  const responseId = createMessageId();\n  const createdAt = Math.floor(Date.now() / 1000);\n  const threadContext = await resolveThreadExecutionContext({\n    agent,\n    store: shouldStore,\n    conversationId: body.conversation_id,\n    previousResponseTurnRecord,\n    requestContext,\n  });\n\n  if (shouldStore && !threadContext) {\n    throw new HTTPException(400, {\n      message: 'Stored responses require the target agent to have memory configured',\n    });\n  }\n\n  const didStore = shouldStore && Boolean(threadContext);\n\n  return {\n    agent,\n    agentMemoryStore,\n    configuredTools,\n    createdAt,\n    didStore,\n    executionInput,\n    previousResponseTurnRecord,\n    resolvedModel,\n    responseId,\n    responseModel,\n    responseMetadata: {\n      agentId: agent.id,\n      model: responseModel,\n      createdAt,\n      instructions: body.instructions,\n      text: body.text,\n      previousResponseId: previousResponseTurnRecord?.message.id ?? body.previous_response_id,\n      tools: configuredTools,\n      store: didStore,\n    },\n    threadContext,\n  };\n}\n\n/**\n * Bridges a Mastra agent stream into OpenAI-style Responses SSE events and completes\n * the stored response-turn record when the stream finishes.\n */\nfunction createResponseEventStream({\n  agentMemoryStore,\n  body,\n  configuredTools,\n  createdAt,\n  didStore,\n  previousResponseTurnRecord,\n  responseId,\n  responseModel,\n  responseMetadata,\n  streamResult,\n  threadContext,\n}: {\n  agentMemoryStore: MemoryStorage | null;\n  body: CreateResponseBody;\n  configuredTools: ReturnType<typeof mapMastraToolsToResponseTools>;\n  createdAt: number;\n  didStore: boolean;\n  previousResponseTurnRecord: ResponseTurnRecord | null;\n  responseId: string;\n  responseModel: string;\n  responseMetadata: Omit<\n    ResponseTurnRecordMetadata,\n    'completedAt' | 'status' | 'usage' | 'providerOptions' | 'messageIds'\n  >;\n  streamResult: ResponseStreamResult;\n  threadContext: ThreadExecutionContext | null;\n}) {\n  const createdResponse = buildInProgressResponse({\n    responseId,\n    model: responseModel,\n    createdAt,\n    instructions: body.instructions,\n    textConfig: body.text,\n    previousResponseId: body.previous_response_id,\n    conversationId: threadContext?.threadId ?? body.conversation_id,\n    tools: configuredTools,\n    store: didStore,\n  });\n\n  return new ReadableStream<Uint8Array>({\n    async start(controller) {\n      let sequenceNumber = 1;\n      const enqueueEvent = (eventName: string, payload: Record<string, unknown>) => {\n        controller.enqueue(\n          formatSseEvent(eventName, {\n            ...payload,\n            sequence_number: sequenceNumber++,\n          }),\n        );\n      };\n\n      enqueueEvent('response.created', {\n        type: 'response.created',\n        response: createdResponse,\n      });\n      enqueueEvent('response.in_progress', {\n        type: 'response.in_progress',\n        response: createdResponse,\n      });\n      enqueueEvent('response.output_item.added', {\n        type: 'response.output_item.added',\n        output_index: 0,\n        item: {\n          id: responseId,\n          type: 'message',\n          role: 'assistant',\n          status: 'in_progress',\n          content: [],\n        },\n      });\n      enqueueEvent('response.content_part.added', {\n        type: 'response.content_part.added',\n        output_index: 0,\n        content_index: 0,\n        item_id: responseId,\n        part: createOutputTextPart(''),\n      });\n\n      let text = '';\n      const fullStream = await streamResult.fullStream;\n      const reader = fullStream.getReader();\n\n      try {\n        while (true) {\n          const { done, value } = await reader.read();\n          if (done) {\n            break;\n          }\n\n          const delta = extractTextDelta(value);\n          if (delta) {\n            text += delta;\n            enqueueEvent('response.output_text.delta', {\n              type: 'response.output_text.delta',\n              output_index: 0,\n              content_index: 0,\n              item_id: responseId,\n              delta,\n            });\n          }\n        }\n\n        const { completedState, response } = await finalizeResponse({\n          agentMemoryStore,\n          didStore,\n          threadContext,\n          result: streamResult,\n          responseId,\n          createdAt,\n          model: responseModel,\n          instructions: body.instructions,\n          previousResponseId: previousResponseTurnRecord?.message.id ?? body.previous_response_id,\n          conversationId: threadContext?.threadId ?? body.conversation_id,\n          configuredTools,\n          responseMetadata,\n          fallbackText: text,\n        });\n        enqueueEvent('response.output_text.done', {\n          type: 'response.output_text.done',\n          output_index: 0,\n          content_index: 0,\n          item_id: responseId,\n          text: completedState.text,\n        });\n\n        const completedItem = getStreamedMessageOutputItem(response, responseId) ?? {\n          id: responseId,\n          type: 'message' as const,\n          role: 'assistant' as const,\n          status: 'completed' as const,\n          content: [createOutputTextPart(completedState.text)],\n        };\n\n        enqueueEvent('response.content_part.done', {\n          type: 'response.content_part.done',\n          output_index: 0,\n          content_index: 0,\n          item_id: responseId,\n          part: createOutputTextPart(completedState.text),\n        });\n        enqueueEvent('response.output_item.done', {\n          type: 'response.output_item.done',\n          output_index: 0,\n          item: completedItem,\n        });\n        enqueueEvent('response.completed', {\n          type: 'response.completed',\n          response,\n        });\n        controller.close();\n      } catch (error) {\n        controller.error(error);\n      } finally {\n        reader.releaseLock();\n      }\n    },\n  });\n}\n\nexport const CREATE_RESPONSE_ROUTE = createRoute({\n  method: 'POST',\n  path: '/v1/responses',\n  responseType: 'datastream-response',\n  bodySchema: createResponseBodySchema,\n  responseSchema: responseObjectSchema,\n  summary: 'Create a response',\n  description: 'Creates a response through a Mastra-hosted Responses API-compatible route',\n  tags: ['Responses'],\n  requiresAuth: true,\n  requiresPermission: MastraFGAPermissions.AGENTS_EXECUTE,\n  handler: async ({ mastra, requestContext, abortSignal, ...body }) => {\n    try {\n      const {\n        agent,\n        agentMemoryStore,\n        configuredTools,\n        createdAt,\n        didStore,\n        executionInput,\n        previousResponseTurnRecord,\n        resolvedModel,\n        responseId,\n        responseModel,\n        responseMetadata,\n        threadContext,\n      } = await prepareCreateResponseRequest({ body, mastra, requestContext });\n\n      if (!body.stream) {\n        const result = await executeGenerate({\n          agent,\n          resolvedModel,\n          modelOverride: body.model,\n          instructions: body.instructions,\n          text: body.text,\n          providerOptions: body.providerOptions,\n          input: executionInput,\n          requestContext,\n          abortSignal,\n          threadContext,\n        });\n\n        const { response } = await finalizeResponse({\n          agentMemoryStore,\n          didStore,\n          threadContext,\n          result,\n          responseId,\n          createdAt,\n          model: responseModel,\n          instructions: body.instructions,\n          previousResponseId: previousResponseTurnRecord?.message.id ?? body.previous_response_id,\n          conversationId: threadContext?.threadId ?? body.conversation_id,\n          configuredTools,\n          responseMetadata,\n          fallbackText: '',\n        });\n\n        return jsonResponse(response);\n      }\n\n      const streamResult = await executeStream({\n        agent,\n        resolvedModel,\n        modelOverride: body.model,\n        instructions: body.instructions,\n        text: body.text,\n        providerOptions: body.providerOptions,\n        input: executionInput,\n        requestContext,\n        abortSignal,\n        threadContext,\n      });\n\n      const stream = createResponseEventStream({\n        agentMemoryStore,\n        body,\n        configuredTools,\n        createdAt,\n        didStore,\n        previousResponseTurnRecord,\n        responseId,\n        responseModel,\n        responseMetadata,\n        streamResult,\n        threadContext,\n      });\n\n      return new Response(stream, {\n        headers: {\n          'Content-Type': 'text/event-stream; charset=utf-8',\n          'Cache-Control': 'no-cache',\n          Connection: 'keep-alive',\n          'X-Accel-Buffering': 'no',\n        },\n      });\n    } catch (error) {\n      return handleError(error, 'Error creating response');\n    }\n  },\n});\n\nexport const GET_RESPONSE_ROUTE = createRoute({\n  method: 'GET',\n  path: '/v1/responses/:responseId',\n  responseType: 'json',\n  pathParamSchema: responseIdPathParams,\n  responseSchema: responseObjectSchema,\n  summary: 'Retrieve a stored response',\n  description: 'Returns a previously stored response object',\n  tags: ['Responses'],\n  requiresAuth: true,\n  requiresPermission: MastraFGAPermissions.AGENTS_READ,\n  handler: async ({ mastra, requestContext, responseId }) => {\n    try {\n      const responseTurnRecord = await findResponseTurnRecordAcrossAgents({ mastra, responseId, requestContext });\n      if (!responseTurnRecord) {\n        throw new HTTPException(404, { message: `Stored response ${responseId} was not found` });\n      }\n\n      return mapResponseTurnRecordToResponse(responseTurnRecord);\n    } catch (error) {\n      return handleError(error, 'Error retrieving response');\n    }\n  },\n});\n\nexport const DELETE_RESPONSE_ROUTE = createRoute({\n  method: 'DELETE',\n  path: '/v1/responses/:responseId',\n  responseType: 'json',\n  pathParamSchema: responseIdPathParams,\n  responseSchema: deleteResponseSchema,\n  summary: 'Delete a stored response',\n  description: 'Deletes a stored response so it can no longer be retrieved or chained',\n  tags: ['Responses'],\n  requiresAuth: true,\n  requiresPermission: MastraFGAPermissions.AGENTS_DELETE,\n  handler: async ({ mastra, requestContext, responseId }) => {\n    try {\n      const responseTurnRecord = await findResponseTurnRecordAcrossAgents({ mastra, responseId, requestContext });\n      if (!responseTurnRecord) {\n        throw new HTTPException(404, { message: `Stored response ${responseId} was not found` });\n      }\n\n      await deleteResponseTurnRecord({ responseTurnRecord });\n\n      const response: DeleteResponse = {\n        id: responseId,\n        object: 'response',\n        deleted: true,\n      };\n\n      return response;\n    } catch (error) {\n      return handleError(error, 'Error deleting response');\n    }\n  },\n});\n"]}