npm - @mastra/server - Versions diffs - 1.33.0-alpha.5 → 1.33.0-alpha.7 - Mend

@mastra/server 1.33.0-alpha.5 → 1.33.0-alpha.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (339) hide show

package/dist/{chunk-BK2PRWVJ.cjs.map → chunk-Y5LNMKEY.cjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/server/auth/defaults.ts","../src/server/auth/path-pattern.ts","../src/server/auth/helpers.ts"],"names":["MASTRA_AUTH_TOKEN_KEY","MASTRA_RESOURCE_ID_KEY"],"mappings":";;;;;AAGO,IAAM,iBAAA,GAAsC;AAAA,EACjD,SAAA,EAAW,CAAC,QAAQ,CAAA;AAAA,EACpB,MAAA,EAAQ,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA;AAAA,EAE9B,KAAA,EAAO;AAAA;AAAA,IAEL;AAAA,MACE,WAAW,CAAA,IAAA,KAAQ;AACjB,QAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,IAAA,EAAM;AAC7C,UAAA,IAAI,aAAa,IAAA,EAAM;AACrB,YAAA,OAAO,CAAC,CAAC,IAAA,CAAK,OAAA;AAAA,UAChB;AAEA,UAAA,IAAI,UAAU,IAAA,EAAM;AAClB,YAAA,OAAO,KAAK,IAAA,KAAS,OAAA;AAAA,UACvB;AAAA,QACF;AACA,QAAA,OAAO,KAAA;AAAA,MACT,CAAA;AAAA,MACA,KAAA,EAAO;AAAA;AACT;AAEJ;;;ACcO,SAAS,KAAA,CAAM,OAAwB,KAAA,EAAgC;AAC5E,EAAA,IAAI,iBAAiB,MAAA,EAAQ,OAAO,EAAE,IAAA,EAAM,KAAA,EAAO,SAAS,KAAA,EAAM;AAElE,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,MAAM,OAAiB,EAAC;AACxB,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAE3B,EAAA,GAAA,CAAI,CAAC,CAAA,IAAK,GAAA,CAAI,KAAA,EAAM;AAEpB,EAAA,OAAQ,GAAA,GAAM,GAAA,CAAI,KAAA,EAAM,EAAI;AAC1B,IAAA,CAAA,GAAI,IAAI,CAAC,CAAA;AACT,IAAA,IAAI,MAAM,GAAA,EAAK;AACb,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,OAAA,IAAW,GAAA,CAAI,CAAC,CAAA,KAAM,GAAA,GAAM,YAAA,GAAe,OAAA;AAAA,IAC7C,CAAA,MAAA,IAAW,MAAM,GAAA,EAAK;AACpB,MAAA,CAAA,GAAI,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACtB,MAAA,GAAA,GAAM,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACxB,MAAA,IAAA,CAAK,KAAK,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAC,CAAC,CAAA,GAAI,CAAA,GAAI,CAAC,CAAC,CAAC,GAAA,GAAM,GAAA,GAAM,GAAA,CAAI,MAAM,CAAC,CAAA;AAChE,MAAA,OAAA,IAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,gBAAA,GAAmB,WAAA;AAC9C,MAAA,IAAI,CAAC,CAAC,CAAC,GAAA,cAAiB,CAAC,CAAC,CAAC,CAAA,GAAI,GAAA,GAAM,EAAA,IAAM,IAAA,GAAO,GAAA,CAAI,UAAU,GAAG,CAAA;AAAA,IACrE,CAAA,MAAO;AACL,MAAA,OAAA,IAAW,GAAA,GAAM,GAAA;AAAA,IACnB;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,OAAA,EAAS,IAAI,MAAA,CAAO,GAAA,GAAM,WAA+B,QAAQ,GAAG;AAAA,GACtE;AACF;;;ACzDO,IAAM,sBAAA,GAAyB,CACpC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,KAAM,IAAA;AAAA,EACtD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,KAAM,IAAA;AAAA,EACpD;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,YAAA,KAAiB,IAAA;AAAA,IAC1B;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAMO,IAAM,uBAAA,GAA0B,CACrC,IAAA,EACA,MAAA,EACA,SAAA,KACoE;AACpE,EAAA,IAAI,CAAC,WAAW,OAAO,MAAA;AAEvB,EAAA,KAAA,MAAW,SAAS,SAAA,EAAW;AAC7B,IAAA,IAAI,KAAA,CAAM,MAAA,KAAW,MAAA,IAAU,KAAA,CAAM,WAAW,KAAA,EAAO;AAEvD,IAAA,MAAM,EAAE,IAAA,EAAM,OAAA,EAAS,OAAM,GAAI,KAAA,CAAM,MAAM,IAAI,CAAA;AACjD,IAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,IAAA,CAAK,IAAI,CAAA;AAC7B,IAAA,IAAI,CAAC,KAAA,EAAO;AAEZ,IAAA,MAAM,SAAiC,EAAC;AACxC,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,GAAS,CAAA,EAAG;AAC3B,MAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,QAAQ,CAAA,EAAA,EAAK;AACpC,QAAA,IAAI,KAAA,CAAM,CAAA,GAAI,CAAC,CAAA,KAAM,MAAA,EAAW;AAC9B,UAAA,MAAA,CAAO,KAAK,CAAC,CAAE,CAAA,GAAI,KAAA,CAAM,IAAI,CAAC,CAAA;AAAA,QAChC;AAAA,MACF;AAAA,IACF;AAEA,IAAA,OAAO,EAAE,OAAO,MAAA,EAAO;AAAA,EACzB;AAEA,EAAA,OAAO,MAAA;AACT;AAOO,IAAM,yBAAyB,CACpC,IAAA,EACA,MAAA,EACA,SAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OACE,OAAA,CAAQ,IAAI,UAAA,KAAe,MAAA;AAAA,GAEzB,CAAC,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,eAAe,KAAK,CAAC,sBAAA,CAAuB,IAAA,EAAM,MAAA,EAAQ,qBAAqB,CAAA;AAAA,EAEzG,SAAA,CAAU,yBAAyB,CAAA,KAAM,MAAA,CAAA;AAE/C;AAEO,IAAM,mBAAA,GAAsB,CACjC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA;AAAA,EACjD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA;AAAA,EAC/C;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,CAAC,YAAA;AAAA,IACV;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAQO,IAAM,eAAA,GAAkB,CAC7B,IAAA,EACA,MAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OAAO,UAAA,CAAW,MAAM,MAAA,EAAQ,eAAe,KAAK,sBAAA,CAAuB,IAAA,EAAM,QAAQ,qBAAqB,CAAA;AAChH;AAEO,IAAM,iBAAA,GAAoB,CAAC,IAAA,EAAc,MAAA,EAAgB,UAAA,KAA0C;AAExG,EAAA,MAAM,YAAA,GAAe,CAAC,GAAI,iBAAA,CAAkB,MAAA,IAAU,EAAC,EAAI,GAAI,UAAA,CAAW,MAAA,IAAU,EAAG,CAAA;AAEvF,EAAA,OAAO,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,YAAY,CAAA;AAC9C;AAEA,IAAM,UAAA,GAAa,CACjB,IAAA,EACA,MAAA,EACA,QAAA,KACY;AACZ,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,KAAA,MAAW,uBAAuB,QAAA,EAAU;AAC1C,IAAA,IAAI,+BAA+B,MAAA,EAAQ;AACzC,MAAA,IAAI,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAA,EAAG;AAClC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,mBAAA,KAAwB,QAAA,IAAY,kBAAA,CAAmB,IAAA,EAAM,mBAAmB,CAAA,EAAG;AAC5F,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,MAAM,OAAA,CAAQ,mBAAmB,CAAA,IAAK,mBAAA,CAAoB,WAAW,CAAA,EAAG;AAC1E,MAAA,MAAM,CAAC,OAAA,EAAS,eAAe,CAAA,GAAI,mBAAA;AACnC,MAAA,IAAI,mBAAmB,IAAA,EAAM,OAAO,KAAK,iBAAA,CAAkB,eAAA,EAAiB,MAAM,CAAA,EAAG;AACnF,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT,CAAA;AAEO,IAAM,kBAAA,GAAqB,CAAC,IAAA,EAAc,OAAA,KAA6B;AAQ5E,EAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAM,GAAI,MAAM,OAAO,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,CAAA;AACxB;AAEO,IAAM,eAAA,GAAkB,CAAC,IAAA,EAAc,QAAA,KAA8D;AAC1G,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,IAAA,OAAO,kBAAA,CAAmB,MAAM,QAAQ,CAAA;AAAA,EAC1C;AAEA,EAAA,IAAI,oBAAoB,MAAA,EAAQ;AAC9B,IAAA,OAAO,QAAA,CAAS,KAAK,IAAI,CAAA;AAAA,EAC3B;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,QAAQ,CAAA,EAAG;AAC3B,IAAA,OAAO,SAAS,IAAA,CAAK,CAAA,CAAA,KAAK,kBAAA,CAAmB,IAAA,EAAM,CAAC,CAAC,CAAA;AAAA,EACvD;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,IAAM,iBAAA,GAAoB,CAAC,MAAA,EAA2B,KAAA,KAA2B;AACtF,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA,KAAW,KAAA;AAAA,EACpB;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,IAAA,OAAO,MAAA,CAAO,SAAS,KAAK,CAAA;AAAA,EAC9B;AAEA,EAAA,OAAO,KAAA;AACT;AAuBA,IAAM,IAAA,GAAmB,EAAE,MAAA,EAAQ,MAAA,EAAO;AAQnC,IAAM,uBAAuB,OAAwB;AAAA,EAC1D,MAAA;AAAA,EACA,KAAA;AAAA,EACA;AACF,CAAA,KAA0D;AACxD,EAAA,MAAM,kBAAkB,KAAA,CAAM,OAAA,CAAQ,aAAA,EAAe,EAAE,EAAE,IAAA,EAAK;AAC9D,EAAA,IAAI,CAAC,eAAA,EAAiB;AACpB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA;AACvC,EAAA,IAAI,CAAC,UAAA,IAAc,OAAO,UAAA,CAAW,sBAAsB,UAAA,EAAY;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAQ,MAAM,UAAA,CAAW,iBAAA,CAAkB,eAAA,EAAiB,OAAc,CAAA;AAC5E;AAMO,SAAS,uBACd,UAAA,EAE2F;AAC3F,EAAA,OACE,OAAQ,UAAA,CAAmB,uBAAA,KAA4B,UAAA,IACvD,OAAQ,WAAmB,cAAA,KAAmB,UAAA,IAC9C,OAAQ,UAAA,CAAmB,iBAAA,KAAsB,UAAA;AAErD;AAMO,IAAM,kBAAA,GAAqB,OAAO,GAAA,KAAoD;AAC3F,EAAA,MAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAY,qBAAA,EAAuB,cAAA,EAAgB,UAAA,EAAY,KAAA,EAAM,GAAI,GAAA;AAOlH,EAAA,MAAM,eAAA,GAAkB,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA;AAChE,EAAA,IAAI,CAAC,mBAAmB,sBAAA,CAAuB,IAAA,EAAM,QAAQ,SAAA,EAAW,UAAA,EAAY,qBAAqB,CAAA,EAAG;AAC1G,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,MAAA,EAAQ,UAAA,EAAY,qBAAqB,CAAA,EAAG;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,iBAAA,CAAkB,IAAA,EAAM,MAAA,EAAQ,UAAU,CAAA,EAAG;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AAIA,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI,cAAA;AAEJ,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA,EAAY;AACtD,MAAA,IAAA,GAAO,MAAM,UAAA,CAAW,iBAAA,CAAkB,KAAA,IAAS,IAAI,UAAiB,CAAA;AAAA,IAC1E,CAAA,MAAO;AACL,MAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,IAC3D;AAIA,IAAA,IAAI,CAAC,IAAA,IAAQ,sBAAA,CAAuB,UAAU,CAAA,IAAK,sBAAsB,OAAA,EAAS;AAChF,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,GAAY,UAAA,CAAW,uBAAA,CAAwB,UAAU,CAAA;AAC/D,QAAA,IAAI,SAAA,EAAW;AACb,UAAA,MAAM,UAAA,GAAa,MAAM,UAAA,CAAW,cAAA,CAAe,SAAS,CAAA;AAC5D,UAAA,IAAI,UAAA,EAAY;AAKd,YAAA,cAAA,GAAiB,UAAA,CAAW,kBAAkB,UAAU,CAAA;AACxD,YAAA,MAAM,eAAA,GAAkB,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,CAClD,MAAA,CAAO,CAAC,CAAC,CAAC,CAAA,KAAM,CAAA,CAAE,WAAA,EAAY,KAAM,YAAY,CAAA,CAChD,GAAA,CAAI,CAAC,GAAG,CAAC,CAAA,KAAM,CAAA,CAAE,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA,CAC9B,KAAK,IAAI,CAAA;AACZ,YAAA,IAAI,eAAA,EAAiB;AACnB,cAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAA,EAAK;AAAA,gBACnD,QAAQ,UAAA,CAAW,MAAA;AAAA,gBACnB,OAAA,EAAS,IAAI,OAAA,CAAQ,UAAA,CAAW,OAAO;AAAA,eACxC,CAAA;AACD,cAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,eAAe,CAAA;AAKtD,cAAA,MAAM,WAAA,GAAc,eAAA,CAAgB,QAAA,CAAS,GAAG,IAC5C,eAAA,CAAgB,KAAA,CAAM,GAAG,CAAA,CAAE,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA,CAAK,GAAG,CAAA,GAC5C,eAAA;AACJ,cAAA,IAAA,GAAO,MAAM,UAAA,CAAW,iBAAA,CAAkB,WAAA,EAAa,gBAAuB,CAAA;AAAA,YAChF;AACA,YAAA,IAAI,CAAC,IAAA,EAAM;AACT,cAAA,cAAA,GAAiB,MAAA;AAAA,YACnB;AAAA,UACF;AAAA,QACF;AAAA,MACF,SAAS,UAAA,EAAY;AACnB,QAAA,cAAA,GAAiB,MAAA;AACjB,QAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,6CAAA,EAA+C;AAAA,UACvE,OAAO,UAAA,YAAsB,KAAA,GAAQ,EAAE,OAAA,EAAS,UAAA,CAAW,SAAQ,GAAI;AAAA,SACxE,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,IAC9G;AAEA,IAAA,cAAA,CAAe,GAAA,CAAI,QAAQ,IAAI,CAAA;AAO/B,IAAA,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAA,IAAI,CAAC,cAAA,IAAkB,UAAA,YAAsB,OAAA,EAAS;AACpD,MAAA,MAAM,YAAA,GAAe,UAAA,CAAW,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,MAAM,KAAA,GAAQ,YAAA,CAAa,KAAA,CAAM,sBAAsB,CAAA;AACvD,QAAA,IAAI,KAAA,GAAQ,CAAC,CAAA,EAAG,cAAA,GAAiB,MAAM,CAAC,CAAA;AAAA,MAC1C;AAAA,IACF;AACA,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,cAAA,CAAe,GAAA,CAAIA,yCAAuB,cAAc,CAAA;AAAA,IAC1D;AAEA,IAAA,IAAI,OAAO,UAAA,CAAW,mBAAA,KAAwB,UAAA,EAAY;AACxD,MAAA,IAAI;AACF,QAAA,MAAM,UAAA,GAAa,UAAA,CAAW,mBAAA,CAAoB,IAAI,CAAA;AACtD,QAAA,IAAI,UAAA,EAAY;AACd,UAAA,cAAA,CAAe,GAAA,CAAIC,0CAAwB,UAAU,CAAA;AAAA,QACvD;AAAA,MACF,SAAS,QAAA,EAAU;AACjB,QAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,4BAAA,EAA8B;AAAA,UACtD,KAAA,EAAO,QAAA,YAAoB,KAAA,GAAQ,EAAE,OAAA,EAAS,SAAS,OAAA,EAAS,KAAA,EAAO,QAAA,CAAS,KAAA,EAAM,GAAI;AAAA,SAC3F,CAAA;AACD,QAAA,OAAO;AAAA,UACL,MAAA,EAAQ,OAAA;AAAA,UACR,MAAA,EAAQ,GAAA;AAAA,UACR,IAAA,EAAM,EAAE,KAAA,EAAO,mDAAA,EAAoD;AAAA,UACnE,OAAA,EAAS;AAAA,SACX;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,OAAO,SAAA,EAAU;AACtC,MAAA,MAAM,eAAe,YAAA,EAAc,IAAA;AAEnC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,SAAS,QAAA,IAAY,EAAE,QAAQ,IAAA,CAAA,EAAO;AACxD,UAAA,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA,CAAK,mFAAmF,CAAA;AAAA,QAC9G,CAAA,MAAO;AACL,UAAA,MAAM,WAAA,GAAc,MAAM,YAAA,CAAa,cAAA,CAAe,IAAc,CAAA;AACpE,UAAA,cAAA,CAAe,GAAA,CAAI,mBAAmB,WAAW,CAAA;AAEjD,UAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,QAAA,CAAS,IAAc,CAAA;AACxD,UAAA,cAAA,CAAe,GAAA,CAAI,aAAa,KAAK,CAAA;AAAA,QACvC;AAAA,MACF;AAAA,IACF,SAAS,SAAA,EAAW;AAClB,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,6CAAA,EAA+C;AAAA,QACvE,KAAA,EAAO,SAAA,YAAqB,KAAA,GAAQ,EAAE,OAAA,EAAS,UAAU,OAAA,EAAS,KAAA,EAAO,SAAA,CAAU,KAAA,EAAM,GAAI;AAAA,OAC9F,CAAA;AAAA,IACH;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sBAAA,EAAwB;AAAA,MAChD,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,KAC5E,CAAA;AACD,IAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,EAC9G;AAIA,EAAA,IAAI,eAAA,IAAmB,UAAA,IAAc,OAAO,UAAA,CAAW,kBAAkB,UAAA,EAAY;AACnF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,MAAM,UAAA,CAAW,aAAA,CAAc,MAAM,UAAiB,CAAA;AAE3E,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,MACnG;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sCAAA,EAAwC;AAAA,QAChE,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,OAC5E,CAAA;AACD,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,IACzG;AAAA,EACF,WAAW,WAAA,IAAe,UAAA,IAAc,OAAO,UAAA,CAAW,cAAc,UAAA,EAAY;AAClF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,IAAI,qBAAA,EAAsB;AAC/C,MAAA,MAAM,eAAe,MAAM,UAAA,CAAW,UAAU,IAAA,EAAM,MAAA,EAAQ,MAAM,YAAmB,CAAA;AAEvF,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,MACnG;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,kCAAA,EAAoC;AAAA,QAC5D,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI,GAAA;AAAA,QAC3E,IAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,IACzG;AAAA,EACF,CAAA,MAAA,IAAW,WAAW,UAAA,IAAc,UAAA,CAAW,SAAS,UAAA,CAAW,KAAA,CAAM,SAAS,CAAA,EAAG;AACnF,IAAA,MAAM,eAAe,MAAM,UAAA,CAAW,WAAW,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAE1E,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,IACnG;AAAA,EACF,CAAA,MAAO;AAIL,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA;AACzC,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,IAAI,iBAAA,CAAkB,KAAA,IAAS,iBAAA,CAAkB,KAAA,CAAM,SAAS,CAAA,EAAG;AACjE,QAAA,MAAM,eAAe,MAAM,UAAA,CAAW,kBAAkB,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAEjF,QAAA,IAAI,CAAC,YAAA,EAAc;AACjB,UAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,QACnG;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,MACnG;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,iBAAiB,EAAE,MAAA,EAAQ,MAAA,EAAQ,OAAA,EAAS,gBAAe,GAAI,IAAA;AACxE;AAGO,IAAM,UAAA,GAAa,OACxB,KAAA,EACA,IAAA,EACA,QACA,IAAA,KACqB;AAErB,EAAA,KAAA,MAAW,CAAA,IAAK,KAAA,IAAS,EAAC,EAAG;AAC3B,IAAA,MAAM,IAAA,GAAO,QAAQ,CAAC,CAAA;AAEtB,IAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,IAAA,CAAK,IAAI,CAAA,EAAG;AACrC,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,KAAK,OAAA,IAAW,CAAC,kBAAkB,IAAA,CAAK,OAAA,EAAS,MAAM,CAAA,EAAG;AAC5D,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,YAAY,IAAA,CAAK,SAAA;AACvB,IAAA,IAAI,OAAO,cAAc,UAAA,EAAY;AACnC,MAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,OAAA,EAAQ,CACnC,IAAA,CAAK,MAAM,SAAA,CAAU,IAAI,CAAC,CAAA,CAC1B,KAAA,CAAM,MAAM,KAAK,CAAA;AAEpB,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,KAAK,KAAA,EAAO;AACrB,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,OAAO,KAAA;AACT","file":"chunk-BK2PRWVJ.cjs","sourcesContent":["import type { MastraAuthConfig } from '@mastra/core/server';\n\n// Default configuration that can be extended by clients\nexport const defaultAuthConfig: MastraAuthConfig = {\n protected: ['/api/'],\n public: ['/api', '/api/auth/'],\n // Simple rule system\n rules: [\n // Admin users can do anything\n {\n condition: user => {\n if (typeof user === 'object' && user !== null) {\n if ('isAdmin' in user) {\n return !!user.isAdmin;\n }\n\n if ('role' in user) {\n return user.role === 'admin';\n }\n }\n return false;\n },\n allow: true,\n },\n ],\n};\n","/*\n Path pattern matching utility\n * Inlined from regexparam v3.0.0 (MIT License)\n * https://github.com/lukeed/regexparam\n \n Copyright (c) Luke Edwards <luke.edwards05@gmail.com> (lukeed.com)\n \n Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n \n The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n \n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n /\n\nexport interface ParsedPattern {\n keys: string[] \| false;\n pattern: RegExp;\n}\n\n/\n Parse a route pattern into a RegExp\n * Supports:\n * - Named parameters: /users/:id\n * - Optional parameters: /users/:id?\n * - Wildcards: /files/\n - Mixed patterns: /api/:version/users/:id\n /\nexport function parse(input: string \| RegExp, loose?: boolean): ParsedPattern {\n if (input instanceof RegExp) return { keys: false, pattern: input };\n\n let c: string;\n let o: number;\n let tmp: string \| undefined;\n let ext: number;\n const keys: string[] = [];\n let pattern = '';\n const arr = input.split('/');\n\n arr[0] \|\| arr.shift();\n\n while ((tmp = arr.shift())) {\n c = tmp[0]!;\n if (c === '') {\n keys.push(c);\n pattern += tmp[1] === '?' ? '(?:/(.))?' : '/(.)';\n } else if (c === ':') {\n o = tmp.indexOf('?', 1);\n ext = tmp.indexOf('.', 1);\n keys.push(tmp.substring(1, !!~o ? o : !!~ext ? ext : tmp.length));\n pattern += !!~o && !~ext ? '(?:/([^/]+?))?' : '/([^/]+?)';\n if (!!~ext) pattern += (!!~o ? '?' : '') + '\\\\' + tmp.substring(ext);\n } else {\n pattern += '/' + tmp;\n }\n }\n\n return {\n keys: keys,\n pattern: new RegExp('^' + pattern + (loose ? '(?=$\|/)' : '/?$'), 'i'),\n };\n}\n\n/*\n Test if a path matches a pattern\n /\nexport function matchPath(path: string, pattern: string \| RegExp): boolean {\n const { pattern: regex } = parse(pattern);\n return regex.test(path);\n}\n","import type { ISessionProvider } from '@mastra/core/auth';\nimport type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { Mastra } from '@mastra/core/mastra';\nimport type { ApiRoute, MastraAuthConfig, MastraAuthProvider } from '@mastra/core/server';\nimport type { HonoRequest } from 'hono';\n\nimport { MASTRA_RESOURCE_ID_KEY, MASTRA_AUTH_TOKEN_KEY } from '../constants';\nimport { defaultAuthConfig } from './defaults';\nimport { parse } from './path-pattern';\n\n/\n Check if a route is a registered custom route that requires authentication.\n * Returns true only if the route is explicitly registered with requiresAuth: true.\n * Returns false if the route is not in the config or has requiresAuth: false.\n /\nexport const isProtectedCustomRoute = (\n path: string,\n method: string,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n if (!customRouteAuthConfig) {\n return false;\n }\n\n // Check exact match first (fast path for static routes)\n const exactRouteKey = `${method}:${path}`;\n if (customRouteAuthConfig.has(exactRouteKey)) {\n return customRouteAuthConfig.get(exactRouteKey) === true;\n }\n\n // Check exact match for ALL method\n const allRouteKey = `ALL:${path}`;\n if (customRouteAuthConfig.has(allRouteKey)) {\n return customRouteAuthConfig.get(allRouteKey) === true;\n }\n\n // Check pattern matches for dynamic routes (e.g., '/users/:id')\n for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n const colonIndex = routeKey.indexOf(':');\n if (colonIndex === -1) {\n continue; // Skip malformed keys\n }\n\n const routeMethod = routeKey.substring(0, colonIndex);\n const routePattern = routeKey.substring(colonIndex + 1);\n\n // Check if method matches (exact match or ALL)\n if (routeMethod !== method && routeMethod !== 'ALL') {\n continue;\n }\n\n // Check if path matches the pattern\n if (pathMatchesPattern(path, routePattern)) {\n return requiresAuth === true;\n }\n }\n\n return false; // Not in config = not a protected custom route\n};\n\n/\n Find a matching custom API route for the given path and method.\n * Returns the matched route and any extracted path parameters.\n /\nexport const findMatchingCustomRoute = (\n path: string,\n method: string,\n apiRoutes?: ApiRoute[],\n): { route: ApiRoute; params: Record<string, string> } \| undefined => {\n if (!apiRoutes) return undefined;\n\n for (const route of apiRoutes) {\n if (route.method !== method && route.method !== 'ALL') continue;\n\n const { keys, pattern: regex } = parse(route.path);\n const match = regex.exec(path);\n if (!match) continue;\n\n const params: Record<string, string> = {};\n if (keys && keys.length > 0) {\n for (let i = 0; i < keys.length; i++) {\n if (match[i + 1] !== undefined) {\n params[keys[i]!] = match[i + 1]!;\n }\n }\n }\n\n return { route, params };\n }\n\n return undefined;\n};\n\n/\n Check if request is from dev playground\n * @param getHeader - Function to get header value from request\n * @param customRouteAuthConfig - Map of custom route auth configurations\n /\nexport const isDevPlaygroundRequest = (\n path: string,\n method: string,\n getHeader: (name: string) => string \| undefined,\n authConfig: MastraAuthConfig,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n const protectedAccess = [...(defaultAuthConfig.protected \|\| []), ...(authConfig.protected \|\| [])];\n return (\n process.env.MASTRA_DEV === 'true' &&\n // Allow if path doesn't match protected patterns AND is not a protected custom route\n ((!isAnyMatch(path, method, protectedAccess) && !isProtectedCustomRoute(path, method, customRouteAuthConfig)) \|\|\n // Or if has playground header\n getHeader('x-mastra-dev-playground') === 'true')\n );\n};\n\nexport const isCustomRoutePublic = (\n path: string,\n method: string,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n if (!customRouteAuthConfig) {\n return false;\n }\n\n // Check exact match first (fast path for static routes)\n const exactRouteKey = `${method}:${path}`;\n if (customRouteAuthConfig.has(exactRouteKey)) {\n return !customRouteAuthConfig.get(exactRouteKey); // True when route opts out of auth\n }\n\n // Check exact match for ALL method\n const allRouteKey = `ALL:${path}`;\n if (customRouteAuthConfig.has(allRouteKey)) {\n return !customRouteAuthConfig.get(allRouteKey);\n }\n\n // Check pattern matches for dynamic routes (e.g., '/users/:id')\n for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n const colonIndex = routeKey.indexOf(':');\n if (colonIndex === -1) {\n continue; // Skip malformed keys\n }\n\n const routeMethod = routeKey.substring(0, colonIndex);\n const routePattern = routeKey.substring(colonIndex + 1);\n\n // Check if method matches (exact match or ALL)\n if (routeMethod !== method && routeMethod !== 'ALL') {\n continue;\n }\n\n // Check if path matches the pattern\n if (pathMatchesPattern(path, routePattern)) {\n return !requiresAuth; // True when route opts out of auth\n }\n }\n\n return false;\n};\n\n// NOTE: This uses isProtectedCustomRoute (default-allow for unknown paths) rather than\n// !isCustomRoutePublic (default-deny). This is intentional — all registered server and\n// custom routes are auth-checked via registerRoute/checkRouteAuth regardless of this\n// function. The '/api/' protected pattern exists as a user-facing override mechanism.\n// The old default-deny logic incorrectly blocked non-API paths (e.g. '/', '/agents')\n// which prevented the studio login page from loading in production.\nexport const isProtectedPath = (\n path: string,\n method: string,\n authConfig: MastraAuthConfig,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n const protectedAccess = [...(defaultAuthConfig.protected \|\| []), ...(authConfig.protected \|\| [])];\n return isAnyMatch(path, method, protectedAccess) \|\| isProtectedCustomRoute(path, method, customRouteAuthConfig);\n};\n\nexport const canAccessPublicly = (path: string, method: string, authConfig: MastraAuthConfig): boolean => {\n // Check if this path+method combination is publicly accessible\n const publicAccess = [...(defaultAuthConfig.public \|\| []), ...(authConfig.public \|\| [])];\n\n return isAnyMatch(path, method, publicAccess);\n};\n\nconst isAnyMatch = (\n path: string,\n method: string,\n patterns: MastraAuthConfig['protected'] \| MastraAuthConfig['public'],\n): boolean => {\n if (!patterns) {\n return false;\n }\n\n for (const patternPathOrMethod of patterns) {\n if (patternPathOrMethod instanceof RegExp) {\n if (patternPathOrMethod.test(path)) {\n return true;\n }\n }\n\n if (typeof patternPathOrMethod === 'string' && pathMatchesPattern(path, patternPathOrMethod)) {\n return true;\n }\n\n if (Array.isArray(patternPathOrMethod) && patternPathOrMethod.length === 2) {\n const [pattern, methodOrMethods] = patternPathOrMethod;\n if (pathMatchesPattern(path, pattern) && matchesOrIncludes(methodOrMethods, method)) {\n return true;\n }\n }\n }\n\n return false;\n};\n\nexport const pathMatchesPattern = (path: string, pattern: string): boolean => {\n // Use regexparam for battle-tested path matching\n // Supports:\n // - Exact paths: '/api/users'\n // - Wildcards: '/api/agents/' matches '/api/agents/123'\n // - Path parameters: '/users/:id' matches '/users/123'\n // - Optional parameters: '/users/:id?' matches '/users' and '/users/123'\n // - Mixed patterns: '/api/:version/users/:id/profile'\n const { pattern: regex } = parse(pattern);\n return regex.test(path);\n};\n\nexport const pathMatchesRule = (path: string, rulePath: string \| RegExp \| string[] \| undefined): boolean => {\n if (!rulePath) return true; // No path specified means all paths\n\n if (typeof rulePath === 'string') {\n return pathMatchesPattern(path, rulePath);\n }\n\n if (rulePath instanceof RegExp) {\n return rulePath.test(path);\n }\n\n if (Array.isArray(rulePath)) {\n return rulePath.some(p => pathMatchesPattern(path, p));\n }\n\n return false;\n};\n\nexport const matchesOrIncludes = (values: string \| string[], value: string): boolean => {\n if (typeof values === 'string') {\n return values === value;\n }\n\n if (Array.isArray(values)) {\n return values.includes(value);\n }\n\n return false;\n};\n\n// ── Core auth middleware ──\n// Framework-agnostic auth logic extracted from adapter middlewares.\n// Each adapter builds an AuthMiddlewareContext and delegates to coreAuthMiddleware.\n\nexport interface AuthMiddlewareContext {\n path: string;\n method: string;\n getHeader: (name: string) => string \| undefined;\n mastra: Mastra;\n authConfig: MastraAuthConfig;\n customRouteAuthConfig?: Map<string, boolean>;\n requestContext: { get: (key: string) => unknown; set: (key: string, value: unknown) => void };\n rawRequest: unknown;\n token: string \| null;\n buildAuthorizeContext: () => unknown;\n}\n\nexport type AuthResult =\n \| { action: 'next'; headers?: Record<string, string> }\n \| { action: 'error'; status: number; body: Record<string, unknown>; headers?: Record<string, string> };\n\nconst pass: AuthResult = { action: 'next' };\n\nexport interface GetAuthenticatedUserOptions {\n mastra: Mastra;\n token: string;\n request: Request \| HonoRequest;\n}\n\nexport const getAuthenticatedUser = async <TUser = unknown>({\n mastra,\n token,\n request,\n}: GetAuthenticatedUserOptions): Promise<TUser \| null> => {\n const normalizedToken = token.replace(/^Bearer\\s+/i, '').trim();\n if (!normalizedToken) {\n return null;\n }\n\n const authConfig = mastra.getServer()?.auth;\n if (!authConfig \|\| typeof authConfig.authenticateToken !== 'function') {\n return null;\n }\n\n return (await authConfig.authenticateToken(normalizedToken, request as any)) as TUser \| null;\n};\n\n/\n Check if an auth config object supports transparent session refresh.\n * Returns true if the auth provider implements the necessary ISessionProvider methods.\n /\nexport function supportsSessionRefresh(\n authConfig: MastraAuthConfig \| MastraAuthProvider,\n): authConfig is (MastraAuthConfig \| MastraAuthProvider) &\n Pick<ISessionProvider, 'refreshSession' \| 'getSessionIdFromRequest' \| 'getSessionHeaders'> {\n return (\n typeof (authConfig as any).getSessionIdFromRequest === 'function' &&\n typeof (authConfig as any).refreshSession === 'function' &&\n typeof (authConfig as any).getSessionHeaders === 'function'\n );\n}\n\n/\n Single auth middleware: authenticate → authorize.\n * Skip checks (dev playground, unprotected path, public path) are evaluated once.\n */\nexport const coreAuthMiddleware = async (ctx: AuthMiddlewareContext): Promise<AuthResult> => {\n const { path, method, getHeader, mastra, authConfig, customRouteAuthConfig, requestContext, rawRequest, token } = ctx;\n\n // ── Skip checks (evaluated once) ──\n\n // Only bypass auth for dev playground when no real auth provider is configured.\n // When auth IS configured (has authenticateToken), we need the full auth flow\n // so user/roles/permissions are set in requestContext.\n const hasAuthProvider = typeof authConfig.authenticateToken === 'function';\n if (!hasAuthProvider && isDevPlaygroundRequest(path, method, getHeader, authConfig, customRouteAuthConfig)) {\n return pass;\n }\n\n if (!isProtectedPath(path, method, authConfig, customRouteAuthConfig)) {\n return pass;\n }\n\n if (canAccessPublicly(path, method, authConfig)) {\n return pass;\n }\n\n // ── Authentication ──\n\n let user: unknown;\n let refreshHeaders: Record<string, string> \| undefined;\n\n try {\n if (typeof authConfig.authenticateToken === 'function') {\n user = await authConfig.authenticateToken(token ?? '', rawRequest as any);\n } else {\n throw new Error('No token verification method configured');\n }\n\n // If authentication failed, attempt transparent session refresh before returning 401.\n // This handles expired access tokens without requiring client-side refresh logic.\n if (!user && supportsSessionRefresh(authConfig) && rawRequest instanceof Request) {\n try {\n const sessionId = authConfig.getSessionIdFromRequest(rawRequest);\n if (sessionId) {\n const newSession = await authConfig.refreshSession(sessionId);\n if (newSession) {\n // Refresh succeeded — build updated session headers and re-authenticate.\n // We create a synthetic request with the new session cookie so\n // authenticateToken (which reads cookies from the request) picks up\n // the refreshed session instead of the expired one.\n refreshHeaders = authConfig.getSessionHeaders(newSession);\n const refreshedCookie = Object.entries(refreshHeaders)\n .filter(([k]) => k.toLowerCase() === 'set-cookie')\n .map(([, v]) => v.split(';')[0]) // Extract name=value before attributes\n .join('; ');\n if (refreshedCookie) {\n const refreshedRequest = new Request(rawRequest.url, {\n method: rawRequest.method,\n headers: new Headers(rawRequest.headers),\n });\n refreshedRequest.headers.set('Cookie', refreshedCookie);\n // Pass the refreshed cookie value as the token so authenticateToken\n // picks up the new session instead of the stale original.\n // Auth providers typically read cookies from the request object, but\n // some may also inspect the token parameter directly.\n const cookieValue = refreshedCookie.includes('=')\n ? refreshedCookie.split('=').slice(1).join('=')\n : refreshedCookie;\n user = await authConfig.authenticateToken(cookieValue, refreshedRequest as any);\n }\n if (!user) {\n refreshHeaders = undefined;\n }\n }\n }\n } catch (refreshErr) {\n refreshHeaders = undefined;\n mastra.getLogger()?.debug('Session refresh failed, falling back to 401', {\n error: refreshErr instanceof Error ? { message: refreshErr.message } : refreshErr,\n });\n }\n }\n\n if (!user) {\n return { action: 'error', status: 401, body: { error: 'Invalid or expired token' }, headers: refreshHeaders };\n }\n\n requestContext.set('user', user);\n\n // Store the raw auth token so downstream code (e.g., editor MCP client\n // resolution) can forward it when connecting to auth-protected MCP servers.\n // The token may arrive via Authorization header, apiKey query param, or\n // cookie (SimpleAuth sets `mastra-token`). Check all sources so the\n // forwarded value is available regardless of how the user authenticated.\n let effectiveToken = token;\n if (!effectiveToken && rawRequest instanceof Request) {\n const cookieHeader = rawRequest.headers.get('cookie');\n if (cookieHeader) {\n const match = cookieHeader.match(/mastra-token=([^;]+)/);\n if (match?.[1]) effectiveToken = match[1];\n }\n }\n if (effectiveToken) {\n requestContext.set(MASTRA_AUTH_TOKEN_KEY, effectiveToken);\n }\n\n if (typeof authConfig.mapUserToResourceId === 'function') {\n try {\n const resourceId = authConfig.mapUserToResourceId(user);\n if (resourceId) {\n requestContext.set(MASTRA_RESOURCE_ID_KEY, resourceId);\n }\n } catch (mapError) {\n mastra.getLogger()?.error('mapUserToResourceId failed', {\n error: mapError instanceof Error ? { message: mapError.message, stack: mapError.stack } : mapError,\n });\n return {\n action: 'error',\n status: 500,\n body: { error: 'Failed to map authenticated user to a resource ID' },\n headers: refreshHeaders,\n };\n }\n }\n\n try {\n const serverConfig = mastra.getServer();\n const rbacProvider = serverConfig?.rbac as IRBACProvider<EEUser> \| undefined;\n\n if (rbacProvider) {\n if (!user \|\| typeof user !== 'object' \|\| !('id' in user)) {\n mastra.getLogger()?.warn('RBAC: authenticated user missing required \"id\" field, skipping permission loading');\n } else {\n const permissions = await rbacProvider.getPermissions(user as EEUser);\n requestContext.set('userPermissions', permissions);\n\n const roles = await rbacProvider.getRoles(user as EEUser);\n requestContext.set('userRoles', roles);\n }\n }\n } catch (rbacError) {\n mastra.getLogger()?.error('RBAC: failed to load user permissions/roles', {\n error: rbacError instanceof Error ? { message: rbacError.message, stack: rbacError.stack } : rbacError,\n });\n }\n } catch (err) {\n mastra.getLogger()?.error('Authentication error', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n });\n return { action: 'error', status: 401, body: { error: 'Invalid or expired token' }, headers: refreshHeaders };\n }\n\n // ── Authorization ──\n\n if ('authorizeUser' in authConfig && typeof authConfig.authorizeUser === 'function') {\n try {\n const isAuthorized = await authConfig.authorizeUser(user, rawRequest as any);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n } catch (err) {\n mastra.getLogger()?.error('Authorization error in authorizeUser', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n });\n return { action: 'error', status: 500, body: { error: 'Authorization error' }, headers: refreshHeaders };\n }\n } else if ('authorize' in authConfig && typeof authConfig.authorize === 'function') {\n try {\n const authorizeCtx = ctx.buildAuthorizeContext();\n const isAuthorized = await authConfig.authorize(path, method, user, authorizeCtx as any);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n } catch (err) {\n mastra.getLogger()?.error('Authorization error in authorize', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n path,\n method,\n });\n return { action: 'error', status: 500, body: { error: 'Authorization error' }, headers: refreshHeaders };\n }\n } else if ('rules' in authConfig && authConfig.rules && authConfig.rules.length > 0) {\n const isAuthorized = await checkRules(authConfig.rules, path, method, user);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n } else {\n // No explicit authorization configured (authorizeUser, authorize, or rules)\n // Check if RBAC is configured - if not, allow authenticated users through\n // (auth-only mode = authenticated users get full access)\n const rbacProvider = mastra.getServer()?.rbac;\n if (rbacProvider) {\n if (defaultAuthConfig.rules && defaultAuthConfig.rules.length > 0) {\n const isAuthorized = await checkRules(defaultAuthConfig.rules, path, method, user);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n } else {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n }\n }\n\n return refreshHeaders ? { action: 'next', headers: refreshHeaders } : pass;\n};\n\n// Check authorization rules\nexport const checkRules = async (\n rules: MastraAuthConfig['rules'],\n path: string,\n method: string,\n user: unknown,\n): Promise<boolean> => {\n // Go through rules in order (first match wins)\n for (const i in rules \|\| []) {\n const rule = rules?.[i]!;\n // Check if rule applies to this path\n if (!pathMatchesRule(path, rule.path)) {\n continue;\n }\n\n // Check if rule applies to this method\n if (rule.methods && !matchesOrIncludes(rule.methods, method)) {\n continue;\n }\n\n // Rule matches, check conditions\n const condition = rule.condition;\n if (typeof condition === 'function') {\n const allowed = await Promise.resolve()\n .then(() => condition(user))\n .catch(() => false);\n\n if (allowed) {\n return true;\n }\n } else if (rule.allow) {\n return true;\n }\n }\n\n // No matching rules, deny by default\n return false;\n};\n"]}
1	+ {"version":3,"sources":["../src/server/auth/defaults.ts","../src/server/auth/path-pattern.ts","../src/server/auth/helpers.ts"],"names":["MASTRA_AUTH_TOKEN_KEY","MASTRA_RESOURCE_ID_KEY"],"mappings":";;;;;AAGO,IAAM,iBAAA,GAAsC;AAAA,EACjD,SAAA,EAAW,CAAC,QAAQ,CAAA;AAAA,EACpB,MAAA,EAAQ,CAAC,MAAA,EAAQ,aAAa,CAAA;AAAA;AAAA,EAE9B,KAAA,EAAO;AAAA;AAAA,IAEL;AAAA,MACE,WAAW,CAAA,IAAA,KAAQ;AACjB,QAAA,IAAI,OAAO,IAAA,KAAS,QAAA,IAAY,IAAA,KAAS,IAAA,EAAM;AAC7C,UAAA,IAAI,aAAa,IAAA,EAAM;AACrB,YAAA,OAAO,CAAC,CAAC,IAAA,CAAK,OAAA;AAAA,UAChB;AAEA,UAAA,IAAI,UAAU,IAAA,EAAM;AAClB,YAAA,OAAO,KAAK,IAAA,KAAS,OAAA;AAAA,UACvB;AAAA,QACF;AACA,QAAA,OAAO,KAAA;AAAA,MACT,CAAA;AAAA,MACA,KAAA,EAAO;AAAA;AACT;AAEJ;;;ACcO,SAAS,KAAA,CAAM,OAAwB,KAAA,EAAgC;AAC5E,EAAA,IAAI,iBAAiB,MAAA,EAAQ,OAAO,EAAE,IAAA,EAAM,KAAA,EAAO,SAAS,KAAA,EAAM;AAElE,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,CAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,IAAI,GAAA;AACJ,EAAA,MAAM,OAAiB,EAAC;AACxB,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAE3B,EAAA,GAAA,CAAI,CAAC,CAAA,IAAK,GAAA,CAAI,KAAA,EAAM;AAEpB,EAAA,OAAQ,GAAA,GAAM,GAAA,CAAI,KAAA,EAAM,EAAI;AAC1B,IAAA,CAAA,GAAI,IAAI,CAAC,CAAA;AACT,IAAA,IAAI,MAAM,GAAA,EAAK;AACb,MAAA,IAAA,CAAK,KAAK,CAAC,CAAA;AACX,MAAA,OAAA,IAAW,GAAA,CAAI,CAAC,CAAA,KAAM,GAAA,GAAM,YAAA,GAAe,OAAA;AAAA,IAC7C,CAAA,MAAA,IAAW,MAAM,GAAA,EAAK;AACpB,MAAA,CAAA,GAAI,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACtB,MAAA,GAAA,GAAM,GAAA,CAAI,OAAA,CAAQ,GAAA,EAAK,CAAC,CAAA;AACxB,MAAA,IAAA,CAAK,KAAK,GAAA,CAAI,SAAA,CAAU,CAAA,EAAG,CAAC,CAAC,CAAC,CAAA,GAAI,CAAA,GAAI,CAAC,CAAC,CAAC,GAAA,GAAM,GAAA,GAAM,GAAA,CAAI,MAAM,CAAC,CAAA;AAChE,MAAA,OAAA,IAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,gBAAA,GAAmB,WAAA;AAC9C,MAAA,IAAI,CAAC,CAAC,CAAC,GAAA,cAAiB,CAAC,CAAC,CAAC,CAAA,GAAI,GAAA,GAAM,EAAA,IAAM,IAAA,GAAO,GAAA,CAAI,UAAU,GAAG,CAAA;AAAA,IACrE,CAAA,MAAO;AACL,MAAA,OAAA,IAAW,GAAA,GAAM,GAAA;AAAA,IACnB;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,OAAA,EAAS,IAAI,MAAA,CAAO,GAAA,GAAM,WAA+B,QAAQ,GAAG;AAAA,GACtE;AACF;;;ACzDO,IAAM,sBAAA,GAAyB,CACpC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,KAAM,IAAA;AAAA,EACtD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,KAAM,IAAA;AAAA,EACpD;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,YAAA,KAAiB,IAAA;AAAA,IAC1B;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAMO,IAAM,uBAAA,GAA0B,CACrC,IAAA,EACA,MAAA,EACA,SAAA,KACoE;AACpE,EAAA,IAAI,CAAC,WAAW,OAAO,MAAA;AAEvB,EAAA,KAAA,MAAW,SAAS,SAAA,EAAW;AAC7B,IAAA,IAAI,KAAA,CAAM,MAAA,KAAW,MAAA,IAAU,KAAA,CAAM,WAAW,KAAA,EAAO;AAEvD,IAAA,MAAM,EAAE,IAAA,EAAM,OAAA,EAAS,OAAM,GAAI,KAAA,CAAM,MAAM,IAAI,CAAA;AACjD,IAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,IAAA,CAAK,IAAI,CAAA;AAC7B,IAAA,IAAI,CAAC,KAAA,EAAO;AAEZ,IAAA,MAAM,SAAiC,EAAC;AACxC,IAAA,IAAI,IAAA,IAAQ,IAAA,CAAK,MAAA,GAAS,CAAA,EAAG;AAC3B,MAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,IAAA,CAAK,QAAQ,CAAA,EAAA,EAAK;AACpC,QAAA,IAAI,KAAA,CAAM,CAAA,GAAI,CAAC,CAAA,KAAM,MAAA,EAAW;AAC9B,UAAA,MAAA,CAAO,KAAK,CAAC,CAAE,CAAA,GAAI,KAAA,CAAM,IAAI,CAAC,CAAA;AAAA,QAChC;AAAA,MACF;AAAA,IACF;AAEA,IAAA,OAAO,EAAE,OAAO,MAAA,EAAO;AAAA,EACzB;AAEA,EAAA,OAAO,MAAA;AACT;AAOO,IAAM,yBAAyB,CACpC,IAAA,EACA,MAAA,EACA,SAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OACE,OAAA,CAAQ,IAAI,UAAA,KAAe,MAAA;AAAA,GAEzB,CAAC,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,eAAe,KAAK,CAAC,sBAAA,CAAuB,IAAA,EAAM,MAAA,EAAQ,qBAAqB,CAAA;AAAA,EAEzG,SAAA,CAAU,yBAAyB,CAAA,KAAM,MAAA,CAAA;AAE/C;AAEO,IAAM,mBAAA,GAAsB,CACjC,IAAA,EACA,MAAA,EACA,qBAAA,KACY;AACZ,EAAA,IAAI,CAAC,qBAAA,EAAuB;AAC1B,IAAA,OAAO,KAAA;AAAA,EACT;AAGA,EAAA,MAAM,aAAA,GAAgB,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,IAAI,CAAA,CAAA;AACvC,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA,EAAG;AAC5C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,aAAa,CAAA;AAAA,EACjD;AAGA,EAAA,MAAM,WAAA,GAAc,OAAO,IAAI,CAAA,CAAA;AAC/B,EAAA,IAAI,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA,EAAG;AAC1C,IAAA,OAAO,CAAC,qBAAA,CAAsB,GAAA,CAAI,WAAW,CAAA;AAAA,EAC/C;AAGA,EAAA,KAAA,MAAW,CAAC,QAAA,EAAU,YAAY,CAAA,IAAK,qBAAA,CAAsB,SAAQ,EAAG;AACtE,IAAA,MAAM,UAAA,GAAa,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AACvC,IAAA,IAAI,eAAe,EAAA,EAAI;AACrB,MAAA;AAAA,IACF;AAEA,IAAA,MAAM,WAAA,GAAc,QAAA,CAAS,SAAA,CAAU,CAAA,EAAG,UAAU,CAAA;AACpD,IAAA,MAAM,YAAA,GAAe,QAAA,CAAS,SAAA,CAAU,UAAA,GAAa,CAAC,CAAA;AAGtD,IAAA,IAAI,WAAA,KAAgB,MAAA,IAAU,WAAA,KAAgB,KAAA,EAAO;AACnD,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,kBAAA,CAAmB,IAAA,EAAM,YAAY,CAAA,EAAG;AAC1C,MAAA,OAAO,CAAC,YAAA;AAAA,IACV;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT;AAQO,IAAM,eAAA,GAAkB,CAC7B,IAAA,EACA,MAAA,EACA,YACA,qBAAA,KACY;AACZ,EAAA,MAAM,eAAA,GAAkB,CAAC,GAAI,iBAAA,CAAkB,SAAA,IAAa,EAAC,EAAI,GAAI,UAAA,CAAW,SAAA,IAAa,EAAG,CAAA;AAChG,EAAA,OAAO,UAAA,CAAW,MAAM,MAAA,EAAQ,eAAe,KAAK,sBAAA,CAAuB,IAAA,EAAM,QAAQ,qBAAqB,CAAA;AAChH;AAEO,IAAM,iBAAA,GAAoB,CAAC,IAAA,EAAc,MAAA,EAAgB,UAAA,KAA0C;AAExG,EAAA,MAAM,YAAA,GAAe,CAAC,GAAI,iBAAA,CAAkB,MAAA,IAAU,EAAC,EAAI,GAAI,UAAA,CAAW,MAAA,IAAU,EAAG,CAAA;AAEvF,EAAA,OAAO,UAAA,CAAW,IAAA,EAAM,MAAA,EAAQ,YAAY,CAAA;AAC9C;AAEA,IAAM,UAAA,GAAa,CACjB,IAAA,EACA,MAAA,EACA,QAAA,KACY;AACZ,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,KAAA,MAAW,uBAAuB,QAAA,EAAU;AAC1C,IAAA,IAAI,+BAA+B,MAAA,EAAQ;AACzC,MAAA,IAAI,mBAAA,CAAoB,IAAA,CAAK,IAAI,CAAA,EAAG;AAClC,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,IAAI,OAAO,mBAAA,KAAwB,QAAA,IAAY,kBAAA,CAAmB,IAAA,EAAM,mBAAmB,CAAA,EAAG;AAC5F,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,IAAI,MAAM,OAAA,CAAQ,mBAAmB,CAAA,IAAK,mBAAA,CAAoB,WAAW,CAAA,EAAG;AAC1E,MAAA,MAAM,CAAC,OAAA,EAAS,eAAe,CAAA,GAAI,mBAAA;AACnC,MAAA,IAAI,mBAAmB,IAAA,EAAM,OAAO,KAAK,iBAAA,CAAkB,eAAA,EAAiB,MAAM,CAAA,EAAG;AACnF,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,KAAA;AACT,CAAA;AAEO,IAAM,kBAAA,GAAqB,CAAC,IAAA,EAAc,OAAA,KAA6B;AAQ5E,EAAA,MAAM,EAAE,OAAA,EAAS,KAAA,EAAM,GAAI,MAAM,OAAO,CAAA;AACxC,EAAA,OAAO,KAAA,CAAM,KAAK,IAAI,CAAA;AACxB;AAEO,IAAM,eAAA,GAAkB,CAAC,IAAA,EAAc,QAAA,KAA8D;AAC1G,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,IAAI,OAAO,aAAa,QAAA,EAAU;AAChC,IAAA,OAAO,kBAAA,CAAmB,MAAM,QAAQ,CAAA;AAAA,EAC1C;AAEA,EAAA,IAAI,oBAAoB,MAAA,EAAQ;AAC9B,IAAA,OAAO,QAAA,CAAS,KAAK,IAAI,CAAA;AAAA,EAC3B;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,QAAQ,CAAA,EAAG;AAC3B,IAAA,OAAO,SAAS,IAAA,CAAK,CAAA,CAAA,KAAK,kBAAA,CAAmB,IAAA,EAAM,CAAC,CAAC,CAAA;AAAA,EACvD;AAEA,EAAA,OAAO,KAAA;AACT;AAEO,IAAM,iBAAA,GAAoB,CAAC,MAAA,EAA2B,KAAA,KAA2B;AACtF,EAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,IAAA,OAAO,MAAA,KAAW,KAAA;AAAA,EACpB;AAEA,EAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,MAAM,CAAA,EAAG;AACzB,IAAA,OAAO,MAAA,CAAO,SAAS,KAAK,CAAA;AAAA,EAC9B;AAEA,EAAA,OAAO,KAAA;AACT;AAuBA,IAAM,IAAA,GAAmB,EAAE,MAAA,EAAQ,MAAA,EAAO;AAQnC,IAAM,uBAAuB,OAAwB;AAAA,EAC1D,MAAA;AAAA,EACA,KAAA;AAAA,EACA;AACF,CAAA,KAA0D;AACxD,EAAA,MAAM,kBAAkB,KAAA,CAAM,OAAA,CAAQ,aAAA,EAAe,EAAE,EAAE,IAAA,EAAK;AAC9D,EAAA,IAAI,CAAC,eAAA,EAAiB;AACpB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,UAAA,GAAa,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA;AACvC,EAAA,IAAI,CAAC,UAAA,IAAc,OAAO,UAAA,CAAW,sBAAsB,UAAA,EAAY;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAQ,MAAM,UAAA,CAAW,iBAAA,CAAkB,eAAA,EAAiB,OAAc,CAAA;AAC5E;AAMO,SAAS,uBACd,UAAA,EAE2F;AAC3F,EAAA,OACE,OAAQ,UAAA,CAAmB,uBAAA,KAA4B,UAAA,IACvD,OAAQ,WAAmB,cAAA,KAAmB,UAAA,IAC9C,OAAQ,UAAA,CAAmB,iBAAA,KAAsB,UAAA;AAErD;AAMO,IAAM,kBAAA,GAAqB,OAAO,GAAA,KAAoD;AAC3F,EAAA,MAAM,EAAE,IAAA,EAAM,MAAA,EAAQ,SAAA,EAAW,MAAA,EAAQ,YAAY,qBAAA,EAAuB,cAAA,EAAgB,UAAA,EAAY,KAAA,EAAM,GAAI,GAAA;AAOlH,EAAA,MAAM,eAAA,GAAkB,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA;AAChE,EAAA,IAAI,CAAC,mBAAmB,sBAAA,CAAuB,IAAA,EAAM,QAAQ,SAAA,EAAW,UAAA,EAAY,qBAAqB,CAAA,EAAG;AAC1G,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,MAAA,EAAQ,UAAA,EAAY,qBAAqB,CAAA,EAAG;AACrE,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,IAAI,iBAAA,CAAkB,IAAA,EAAM,MAAA,EAAQ,UAAU,CAAA,EAAG;AAC/C,IAAA,OAAO,IAAA;AAAA,EACT;AAIA,EAAA,IAAI,IAAA;AACJ,EAAA,IAAI,cAAA;AAEJ,EAAA,IAAI;AACF,IAAA,IAAI,OAAO,UAAA,CAAW,iBAAA,KAAsB,UAAA,EAAY;AACtD,MAAA,IAAA,GAAO,MAAM,UAAA,CAAW,iBAAA,CAAkB,KAAA,IAAS,IAAI,UAAiB,CAAA;AAAA,IAC1E,CAAA,MAAO;AACL,MAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,IAC3D;AAIA,IAAA,IAAI,CAAC,IAAA,IAAQ,sBAAA,CAAuB,UAAU,CAAA,IAAK,sBAAsB,OAAA,EAAS;AAChF,MAAA,IAAI;AACF,QAAA,MAAM,SAAA,GAAY,UAAA,CAAW,uBAAA,CAAwB,UAAU,CAAA;AAC/D,QAAA,IAAI,SAAA,EAAW;AACb,UAAA,MAAM,UAAA,GAAa,MAAM,UAAA,CAAW,cAAA,CAAe,SAAS,CAAA;AAC5D,UAAA,IAAI,UAAA,EAAY;AAKd,YAAA,cAAA,GAAiB,UAAA,CAAW,kBAAkB,UAAU,CAAA;AACxD,YAAA,MAAM,eAAA,GAAkB,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,CAClD,MAAA,CAAO,CAAC,CAAC,CAAC,CAAA,KAAM,CAAA,CAAE,WAAA,EAAY,KAAM,YAAY,CAAA,CAChD,GAAA,CAAI,CAAC,GAAG,CAAC,CAAA,KAAM,CAAA,CAAE,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAC,CAAA,CAC9B,KAAK,IAAI,CAAA;AACZ,YAAA,IAAI,eAAA,EAAiB;AACnB,cAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,UAAA,CAAW,GAAA,EAAK;AAAA,gBACnD,QAAQ,UAAA,CAAW,MAAA;AAAA,gBACnB,OAAA,EAAS,IAAI,OAAA,CAAQ,UAAA,CAAW,OAAO;AAAA,eACxC,CAAA;AACD,cAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,eAAe,CAAA;AAKtD,cAAA,MAAM,WAAA,GAAc,eAAA,CAAgB,QAAA,CAAS,GAAG,IAC5C,eAAA,CAAgB,KAAA,CAAM,GAAG,CAAA,CAAE,KAAA,CAAM,CAAC,CAAA,CAAE,IAAA,CAAK,GAAG,CAAA,GAC5C,eAAA;AACJ,cAAA,IAAA,GAAO,MAAM,UAAA,CAAW,iBAAA,CAAkB,WAAA,EAAa,gBAAuB,CAAA;AAAA,YAChF;AACA,YAAA,IAAI,CAAC,IAAA,EAAM;AACT,cAAA,cAAA,GAAiB,MAAA;AAAA,YACnB;AAAA,UACF;AAAA,QACF;AAAA,MACF,SAAS,UAAA,EAAY;AACnB,QAAA,cAAA,GAAiB,MAAA;AACjB,QAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,6CAAA,EAA+C;AAAA,UACvE,OAAO,UAAA,YAAsB,KAAA,GAAQ,EAAE,OAAA,EAAS,UAAA,CAAW,SAAQ,GAAI;AAAA,SACxE,CAAA;AAAA,MACH;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,IAC9G;AAEA,IAAA,cAAA,CAAe,GAAA,CAAI,QAAQ,IAAI,CAAA;AAO/B,IAAA,IAAI,cAAA,GAAiB,KAAA;AACrB,IAAA,IAAI,CAAC,cAAA,IAAkB,UAAA,YAAsB,OAAA,EAAS;AACpD,MAAA,MAAM,YAAA,GAAe,UAAA,CAAW,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,MAAM,KAAA,GAAQ,YAAA,CAAa,KAAA,CAAM,sBAAsB,CAAA;AACvD,QAAA,IAAI,KAAA,GAAQ,CAAC,CAAA,EAAG,cAAA,GAAiB,MAAM,CAAC,CAAA;AAAA,MAC1C;AAAA,IACF;AACA,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,cAAA,CAAe,GAAA,CAAIA,yCAAuB,cAAc,CAAA;AAAA,IAC1D;AAEA,IAAA,IAAI,OAAO,UAAA,CAAW,mBAAA,KAAwB,UAAA,EAAY;AACxD,MAAA,IAAI;AACF,QAAA,MAAM,UAAA,GAAa,UAAA,CAAW,mBAAA,CAAoB,IAAI,CAAA;AACtD,QAAA,IAAI,UAAA,EAAY;AACd,UAAA,cAAA,CAAe,GAAA,CAAIC,0CAAwB,UAAU,CAAA;AAAA,QACvD;AAAA,MACF,SAAS,QAAA,EAAU;AACjB,QAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,4BAAA,EAA8B;AAAA,UACtD,KAAA,EAAO,QAAA,YAAoB,KAAA,GAAQ,EAAE,OAAA,EAAS,SAAS,OAAA,EAAS,KAAA,EAAO,QAAA,CAAS,KAAA,EAAM,GAAI;AAAA,SAC3F,CAAA;AACD,QAAA,OAAO;AAAA,UACL,MAAA,EAAQ,OAAA;AAAA,UACR,MAAA,EAAQ,GAAA;AAAA,UACR,IAAA,EAAM,EAAE,KAAA,EAAO,mDAAA,EAAoD;AAAA,UACnE,OAAA,EAAS;AAAA,SACX;AAAA,MACF;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,OAAO,SAAA,EAAU;AACtC,MAAA,MAAM,eAAe,YAAA,EAAc,IAAA;AAEnC,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,IAAA,IAAQ,OAAO,SAAS,QAAA,IAAY,EAAE,QAAQ,IAAA,CAAA,EAAO;AACxD,UAAA,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA,CAAK,mFAAmF,CAAA;AAAA,QAC9G,CAAA,MAAO;AACL,UAAA,MAAM,WAAA,GAAc,MAAM,YAAA,CAAa,cAAA,CAAe,IAAc,CAAA;AACpE,UAAA,cAAA,CAAe,GAAA,CAAI,mBAAmB,WAAW,CAAA;AAEjD,UAAA,MAAM,KAAA,GAAQ,MAAM,YAAA,CAAa,QAAA,CAAS,IAAc,CAAA;AACxD,UAAA,cAAA,CAAe,GAAA,CAAI,aAAa,KAAK,CAAA;AAAA,QACvC;AAAA,MACF;AAAA,IACF,SAAS,SAAA,EAAW;AAClB,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,6CAAA,EAA+C;AAAA,QACvE,KAAA,EAAO,SAAA,YAAqB,KAAA,GAAQ,EAAE,OAAA,EAAS,UAAU,OAAA,EAAS,KAAA,EAAO,SAAA,CAAU,KAAA,EAAM,GAAI;AAAA,OAC9F,CAAA;AAAA,IACH;AAAA,EACF,SAAS,GAAA,EAAK;AACZ,IAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sBAAA,EAAwB;AAAA,MAChD,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,KAC5E,CAAA;AACD,IAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,0BAAA,EAA2B,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,EAC9G;AAIA,EAAA,IAAI,eAAA,IAAmB,UAAA,IAAc,OAAO,UAAA,CAAW,kBAAkB,UAAA,EAAY;AACnF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,MAAM,UAAA,CAAW,aAAA,CAAc,MAAM,UAAiB,CAAA;AAE3E,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,MACnG;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,sCAAA,EAAwC;AAAA,QAChE,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI;AAAA,OAC5E,CAAA;AACD,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,IACzG;AAAA,EACF,WAAW,WAAA,IAAe,UAAA,IAAc,OAAO,UAAA,CAAW,cAAc,UAAA,EAAY;AAClF,IAAA,IAAI;AACF,MAAA,MAAM,YAAA,GAAe,IAAI,qBAAA,EAAsB;AAC/C,MAAA,MAAM,eAAe,MAAM,UAAA,CAAW,UAAU,IAAA,EAAM,MAAA,EAAQ,MAAM,YAAmB,CAAA;AAEvF,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,MACnG;AAAA,IACF,SAAS,GAAA,EAAK;AACZ,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,kCAAA,EAAoC;AAAA,QAC5D,KAAA,EAAO,GAAA,YAAe,KAAA,GAAQ,EAAE,OAAA,EAAS,IAAI,OAAA,EAAS,KAAA,EAAO,GAAA,CAAI,KAAA,EAAM,GAAI,GAAA;AAAA,QAC3E,IAAA;AAAA,QACA;AAAA,OACD,CAAA;AACD,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,qBAAA,EAAsB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,IACzG;AAAA,EACF,CAAA,MAAA,IAAW,WAAW,UAAA,IAAc,UAAA,CAAW,SAAS,UAAA,CAAW,KAAA,CAAM,SAAS,CAAA,EAAG;AACnF,IAAA,MAAM,eAAe,MAAM,UAAA,CAAW,WAAW,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAE1E,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,IACnG;AAAA,EACF,CAAA,MAAO;AAIL,IAAA,MAAM,YAAA,GAAe,MAAA,CAAO,SAAA,EAAU,EAAG,IAAA;AACzC,IAAA,IAAI,YAAA,EAAc;AAChB,MAAA,IAAI,iBAAA,CAAkB,KAAA,IAAS,iBAAA,CAAkB,KAAA,CAAM,SAAS,CAAA,EAAG;AACjE,QAAA,MAAM,eAAe,MAAM,UAAA,CAAW,kBAAkB,KAAA,EAAO,IAAA,EAAM,QAAQ,IAAI,CAAA;AAEjF,QAAA,IAAI,CAAC,YAAA,EAAc;AACjB,UAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,QACnG;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAO,EAAE,MAAA,EAAQ,OAAA,EAAS,MAAA,EAAQ,GAAA,EAAK,IAAA,EAAM,EAAE,KAAA,EAAO,eAAA,EAAgB,EAAG,OAAA,EAAS,cAAA,EAAe;AAAA,MACnG;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,iBAAiB,EAAE,MAAA,EAAQ,MAAA,EAAQ,OAAA,EAAS,gBAAe,GAAI,IAAA;AACxE;AAGO,IAAM,UAAA,GAAa,OACxB,KAAA,EACA,IAAA,EACA,QACA,IAAA,KACqB;AAErB,EAAA,KAAA,MAAW,CAAA,IAAK,KAAA,IAAS,EAAC,EAAG;AAC3B,IAAA,MAAM,IAAA,GAAO,QAAQ,CAAC,CAAA;AAEtB,IAAA,IAAI,CAAC,eAAA,CAAgB,IAAA,EAAM,IAAA,CAAK,IAAI,CAAA,EAAG;AACrC,MAAA;AAAA,IACF;AAGA,IAAA,IAAI,KAAK,OAAA,IAAW,CAAC,kBAAkB,IAAA,CAAK,OAAA,EAAS,MAAM,CAAA,EAAG;AAC5D,MAAA;AAAA,IACF;AAGA,IAAA,MAAM,YAAY,IAAA,CAAK,SAAA;AACvB,IAAA,IAAI,OAAO,cAAc,UAAA,EAAY;AACnC,MAAA,MAAM,OAAA,GAAU,MAAM,OAAA,CAAQ,OAAA,EAAQ,CACnC,IAAA,CAAK,MAAM,SAAA,CAAU,IAAI,CAAC,CAAA,CAC1B,KAAA,CAAM,MAAM,KAAK,CAAA;AAEpB,MAAA,IAAI,OAAA,EAAS;AACX,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF,CAAA,MAAA,IAAW,KAAK,KAAA,EAAO;AACrB,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAGA,EAAA,OAAO,KAAA;AACT","file":"chunk-Y5LNMKEY.cjs","sourcesContent":["import type { MastraAuthConfig } from '@mastra/core/server';\n\n// Default configuration that can be extended by clients\nexport const defaultAuthConfig: MastraAuthConfig = {\n protected: ['/api/'],\n public: ['/api', '/api/auth/'],\n // Simple rule system\n rules: [\n // Admin users can do anything\n {\n condition: user => {\n if (typeof user === 'object' && user !== null) {\n if ('isAdmin' in user) {\n return !!user.isAdmin;\n }\n\n if ('role' in user) {\n return user.role === 'admin';\n }\n }\n return false;\n },\n allow: true,\n },\n ],\n};\n","/*\n Path pattern matching utility\n * Inlined from regexparam v3.0.0 (MIT License)\n * https://github.com/lukeed/regexparam\n \n Copyright (c) Luke Edwards <luke.edwards05@gmail.com> (lukeed.com)\n \n Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \"Software\"), to deal\n * in the Software without restriction, including without limitation the rights\n * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell\n * copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n \n The above copyright notice and this permission notice shall be included in all\n * copies or substantial portions of the Software.\n \n THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\n * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\n * SOFTWARE.\n /\n\nexport interface ParsedPattern {\n keys: string[] \| false;\n pattern: RegExp;\n}\n\n/\n Parse a route pattern into a RegExp\n * Supports:\n * - Named parameters: /users/:id\n * - Optional parameters: /users/:id?\n * - Wildcards: /files/\n - Mixed patterns: /api/:version/users/:id\n /\nexport function parse(input: string \| RegExp, loose?: boolean): ParsedPattern {\n if (input instanceof RegExp) return { keys: false, pattern: input };\n\n let c: string;\n let o: number;\n let tmp: string \| undefined;\n let ext: number;\n const keys: string[] = [];\n let pattern = '';\n const arr = input.split('/');\n\n arr[0] \|\| arr.shift();\n\n while ((tmp = arr.shift())) {\n c = tmp[0]!;\n if (c === '') {\n keys.push(c);\n pattern += tmp[1] === '?' ? '(?:/(.))?' : '/(.)';\n } else if (c === ':') {\n o = tmp.indexOf('?', 1);\n ext = tmp.indexOf('.', 1);\n keys.push(tmp.substring(1, !!~o ? o : !!~ext ? ext : tmp.length));\n pattern += !!~o && !~ext ? '(?:/([^/]+?))?' : '/([^/]+?)';\n if (!!~ext) pattern += (!!~o ? '?' : '') + '\\\\' + tmp.substring(ext);\n } else {\n pattern += '/' + tmp;\n }\n }\n\n return {\n keys: keys,\n pattern: new RegExp('^' + pattern + (loose ? '(?=$\|/)' : '/?$'), 'i'),\n };\n}\n\n/*\n Test if a path matches a pattern\n /\nexport function matchPath(path: string, pattern: string \| RegExp): boolean {\n const { pattern: regex } = parse(pattern);\n return regex.test(path);\n}\n","import type { ISessionProvider } from '@mastra/core/auth';\nimport type { IRBACProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { Mastra } from '@mastra/core/mastra';\nimport type { ApiRoute, MastraAuthConfig, MastraAuthProvider } from '@mastra/core/server';\nimport type { HonoRequest } from 'hono';\n\nimport { MASTRA_RESOURCE_ID_KEY, MASTRA_AUTH_TOKEN_KEY } from '../constants';\nimport { defaultAuthConfig } from './defaults';\nimport { parse } from './path-pattern';\n\n/\n Check if a route is a registered custom route that requires authentication.\n * Returns true only if the route is explicitly registered with requiresAuth: true.\n * Returns false if the route is not in the config or has requiresAuth: false.\n /\nexport const isProtectedCustomRoute = (\n path: string,\n method: string,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n if (!customRouteAuthConfig) {\n return false;\n }\n\n // Check exact match first (fast path for static routes)\n const exactRouteKey = `${method}:${path}`;\n if (customRouteAuthConfig.has(exactRouteKey)) {\n return customRouteAuthConfig.get(exactRouteKey) === true;\n }\n\n // Check exact match for ALL method\n const allRouteKey = `ALL:${path}`;\n if (customRouteAuthConfig.has(allRouteKey)) {\n return customRouteAuthConfig.get(allRouteKey) === true;\n }\n\n // Check pattern matches for dynamic routes (e.g., '/users/:id')\n for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n const colonIndex = routeKey.indexOf(':');\n if (colonIndex === -1) {\n continue; // Skip malformed keys\n }\n\n const routeMethod = routeKey.substring(0, colonIndex);\n const routePattern = routeKey.substring(colonIndex + 1);\n\n // Check if method matches (exact match or ALL)\n if (routeMethod !== method && routeMethod !== 'ALL') {\n continue;\n }\n\n // Check if path matches the pattern\n if (pathMatchesPattern(path, routePattern)) {\n return requiresAuth === true;\n }\n }\n\n return false; // Not in config = not a protected custom route\n};\n\n/\n Find a matching custom API route for the given path and method.\n * Returns the matched route and any extracted path parameters.\n /\nexport const findMatchingCustomRoute = (\n path: string,\n method: string,\n apiRoutes?: ApiRoute[],\n): { route: ApiRoute; params: Record<string, string> } \| undefined => {\n if (!apiRoutes) return undefined;\n\n for (const route of apiRoutes) {\n if (route.method !== method && route.method !== 'ALL') continue;\n\n const { keys, pattern: regex } = parse(route.path);\n const match = regex.exec(path);\n if (!match) continue;\n\n const params: Record<string, string> = {};\n if (keys && keys.length > 0) {\n for (let i = 0; i < keys.length; i++) {\n if (match[i + 1] !== undefined) {\n params[keys[i]!] = match[i + 1]!;\n }\n }\n }\n\n return { route, params };\n }\n\n return undefined;\n};\n\n/\n Check if request is from dev playground\n * @param getHeader - Function to get header value from request\n * @param customRouteAuthConfig - Map of custom route auth configurations\n /\nexport const isDevPlaygroundRequest = (\n path: string,\n method: string,\n getHeader: (name: string) => string \| undefined,\n authConfig: MastraAuthConfig,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n const protectedAccess = [...(defaultAuthConfig.protected \|\| []), ...(authConfig.protected \|\| [])];\n return (\n process.env.MASTRA_DEV === 'true' &&\n // Allow if path doesn't match protected patterns AND is not a protected custom route\n ((!isAnyMatch(path, method, protectedAccess) && !isProtectedCustomRoute(path, method, customRouteAuthConfig)) \|\|\n // Or if has playground header\n getHeader('x-mastra-dev-playground') === 'true')\n );\n};\n\nexport const isCustomRoutePublic = (\n path: string,\n method: string,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n if (!customRouteAuthConfig) {\n return false;\n }\n\n // Check exact match first (fast path for static routes)\n const exactRouteKey = `${method}:${path}`;\n if (customRouteAuthConfig.has(exactRouteKey)) {\n return !customRouteAuthConfig.get(exactRouteKey); // True when route opts out of auth\n }\n\n // Check exact match for ALL method\n const allRouteKey = `ALL:${path}`;\n if (customRouteAuthConfig.has(allRouteKey)) {\n return !customRouteAuthConfig.get(allRouteKey);\n }\n\n // Check pattern matches for dynamic routes (e.g., '/users/:id')\n for (const [routeKey, requiresAuth] of customRouteAuthConfig.entries()) {\n const colonIndex = routeKey.indexOf(':');\n if (colonIndex === -1) {\n continue; // Skip malformed keys\n }\n\n const routeMethod = routeKey.substring(0, colonIndex);\n const routePattern = routeKey.substring(colonIndex + 1);\n\n // Check if method matches (exact match or ALL)\n if (routeMethod !== method && routeMethod !== 'ALL') {\n continue;\n }\n\n // Check if path matches the pattern\n if (pathMatchesPattern(path, routePattern)) {\n return !requiresAuth; // True when route opts out of auth\n }\n }\n\n return false;\n};\n\n// NOTE: This uses isProtectedCustomRoute (default-allow for unknown paths) rather than\n// !isCustomRoutePublic (default-deny). This is intentional — all registered server and\n// custom routes are auth-checked via registerRoute/checkRouteAuth regardless of this\n// function. The '/api/' protected pattern exists as a user-facing override mechanism.\n// The old default-deny logic incorrectly blocked non-API paths (e.g. '/', '/agents')\n// which prevented the studio login page from loading in production.\nexport const isProtectedPath = (\n path: string,\n method: string,\n authConfig: MastraAuthConfig,\n customRouteAuthConfig?: Map<string, boolean>,\n): boolean => {\n const protectedAccess = [...(defaultAuthConfig.protected \|\| []), ...(authConfig.protected \|\| [])];\n return isAnyMatch(path, method, protectedAccess) \|\| isProtectedCustomRoute(path, method, customRouteAuthConfig);\n};\n\nexport const canAccessPublicly = (path: string, method: string, authConfig: MastraAuthConfig): boolean => {\n // Check if this path+method combination is publicly accessible\n const publicAccess = [...(defaultAuthConfig.public \|\| []), ...(authConfig.public \|\| [])];\n\n return isAnyMatch(path, method, publicAccess);\n};\n\nconst isAnyMatch = (\n path: string,\n method: string,\n patterns: MastraAuthConfig['protected'] \| MastraAuthConfig['public'],\n): boolean => {\n if (!patterns) {\n return false;\n }\n\n for (const patternPathOrMethod of patterns) {\n if (patternPathOrMethod instanceof RegExp) {\n if (patternPathOrMethod.test(path)) {\n return true;\n }\n }\n\n if (typeof patternPathOrMethod === 'string' && pathMatchesPattern(path, patternPathOrMethod)) {\n return true;\n }\n\n if (Array.isArray(patternPathOrMethod) && patternPathOrMethod.length === 2) {\n const [pattern, methodOrMethods] = patternPathOrMethod;\n if (pathMatchesPattern(path, pattern) && matchesOrIncludes(methodOrMethods, method)) {\n return true;\n }\n }\n }\n\n return false;\n};\n\nexport const pathMatchesPattern = (path: string, pattern: string): boolean => {\n // Use regexparam for battle-tested path matching\n // Supports:\n // - Exact paths: '/api/users'\n // - Wildcards: '/api/agents/' matches '/api/agents/123'\n // - Path parameters: '/users/:id' matches '/users/123'\n // - Optional parameters: '/users/:id?' matches '/users' and '/users/123'\n // - Mixed patterns: '/api/:version/users/:id/profile'\n const { pattern: regex } = parse(pattern);\n return regex.test(path);\n};\n\nexport const pathMatchesRule = (path: string, rulePath: string \| RegExp \| string[] \| undefined): boolean => {\n if (!rulePath) return true; // No path specified means all paths\n\n if (typeof rulePath === 'string') {\n return pathMatchesPattern(path, rulePath);\n }\n\n if (rulePath instanceof RegExp) {\n return rulePath.test(path);\n }\n\n if (Array.isArray(rulePath)) {\n return rulePath.some(p => pathMatchesPattern(path, p));\n }\n\n return false;\n};\n\nexport const matchesOrIncludes = (values: string \| string[], value: string): boolean => {\n if (typeof values === 'string') {\n return values === value;\n }\n\n if (Array.isArray(values)) {\n return values.includes(value);\n }\n\n return false;\n};\n\n// ── Core auth middleware ──\n// Framework-agnostic auth logic extracted from adapter middlewares.\n// Each adapter builds an AuthMiddlewareContext and delegates to coreAuthMiddleware.\n\nexport interface AuthMiddlewareContext {\n path: string;\n method: string;\n getHeader: (name: string) => string \| undefined;\n mastra: Mastra;\n authConfig: MastraAuthConfig;\n customRouteAuthConfig?: Map<string, boolean>;\n requestContext: { get: (key: string) => unknown; set: (key: string, value: unknown) => void };\n rawRequest: unknown;\n token: string \| null;\n buildAuthorizeContext: () => unknown;\n}\n\nexport type AuthResult =\n \| { action: 'next'; headers?: Record<string, string> }\n \| { action: 'error'; status: number; body: Record<string, unknown>; headers?: Record<string, string> };\n\nconst pass: AuthResult = { action: 'next' };\n\nexport interface GetAuthenticatedUserOptions {\n mastra: Mastra;\n token: string;\n request: Request \| HonoRequest;\n}\n\nexport const getAuthenticatedUser = async <TUser = unknown>({\n mastra,\n token,\n request,\n}: GetAuthenticatedUserOptions): Promise<TUser \| null> => {\n const normalizedToken = token.replace(/^Bearer\\s+/i, '').trim();\n if (!normalizedToken) {\n return null;\n }\n\n const authConfig = mastra.getServer()?.auth;\n if (!authConfig \|\| typeof authConfig.authenticateToken !== 'function') {\n return null;\n }\n\n return (await authConfig.authenticateToken(normalizedToken, request as any)) as TUser \| null;\n};\n\n/\n Check if an auth config object supports transparent session refresh.\n * Returns true if the auth provider implements the necessary ISessionProvider methods.\n /\nexport function supportsSessionRefresh(\n authConfig: MastraAuthConfig \| MastraAuthProvider,\n): authConfig is (MastraAuthConfig \| MastraAuthProvider) &\n Pick<ISessionProvider, 'refreshSession' \| 'getSessionIdFromRequest' \| 'getSessionHeaders'> {\n return (\n typeof (authConfig as any).getSessionIdFromRequest === 'function' &&\n typeof (authConfig as any).refreshSession === 'function' &&\n typeof (authConfig as any).getSessionHeaders === 'function'\n );\n}\n\n/\n Single auth middleware: authenticate → authorize.\n * Skip checks (dev playground, unprotected path, public path) are evaluated once.\n */\nexport const coreAuthMiddleware = async (ctx: AuthMiddlewareContext): Promise<AuthResult> => {\n const { path, method, getHeader, mastra, authConfig, customRouteAuthConfig, requestContext, rawRequest, token } = ctx;\n\n // ── Skip checks (evaluated once) ──\n\n // Only bypass auth for dev playground when no real auth provider is configured.\n // When auth IS configured (has authenticateToken), we need the full auth flow\n // so user/roles/permissions are set in requestContext.\n const hasAuthProvider = typeof authConfig.authenticateToken === 'function';\n if (!hasAuthProvider && isDevPlaygroundRequest(path, method, getHeader, authConfig, customRouteAuthConfig)) {\n return pass;\n }\n\n if (!isProtectedPath(path, method, authConfig, customRouteAuthConfig)) {\n return pass;\n }\n\n if (canAccessPublicly(path, method, authConfig)) {\n return pass;\n }\n\n // ── Authentication ──\n\n let user: unknown;\n let refreshHeaders: Record<string, string> \| undefined;\n\n try {\n if (typeof authConfig.authenticateToken === 'function') {\n user = await authConfig.authenticateToken(token ?? '', rawRequest as any);\n } else {\n throw new Error('No token verification method configured');\n }\n\n // If authentication failed, attempt transparent session refresh before returning 401.\n // This handles expired access tokens without requiring client-side refresh logic.\n if (!user && supportsSessionRefresh(authConfig) && rawRequest instanceof Request) {\n try {\n const sessionId = authConfig.getSessionIdFromRequest(rawRequest);\n if (sessionId) {\n const newSession = await authConfig.refreshSession(sessionId);\n if (newSession) {\n // Refresh succeeded — build updated session headers and re-authenticate.\n // We create a synthetic request with the new session cookie so\n // authenticateToken (which reads cookies from the request) picks up\n // the refreshed session instead of the expired one.\n refreshHeaders = authConfig.getSessionHeaders(newSession);\n const refreshedCookie = Object.entries(refreshHeaders)\n .filter(([k]) => k.toLowerCase() === 'set-cookie')\n .map(([, v]) => v.split(';')[0]) // Extract name=value before attributes\n .join('; ');\n if (refreshedCookie) {\n const refreshedRequest = new Request(rawRequest.url, {\n method: rawRequest.method,\n headers: new Headers(rawRequest.headers),\n });\n refreshedRequest.headers.set('Cookie', refreshedCookie);\n // Pass the refreshed cookie value as the token so authenticateToken\n // picks up the new session instead of the stale original.\n // Auth providers typically read cookies from the request object, but\n // some may also inspect the token parameter directly.\n const cookieValue = refreshedCookie.includes('=')\n ? refreshedCookie.split('=').slice(1).join('=')\n : refreshedCookie;\n user = await authConfig.authenticateToken(cookieValue, refreshedRequest as any);\n }\n if (!user) {\n refreshHeaders = undefined;\n }\n }\n }\n } catch (refreshErr) {\n refreshHeaders = undefined;\n mastra.getLogger()?.debug('Session refresh failed, falling back to 401', {\n error: refreshErr instanceof Error ? { message: refreshErr.message } : refreshErr,\n });\n }\n }\n\n if (!user) {\n return { action: 'error', status: 401, body: { error: 'Invalid or expired token' }, headers: refreshHeaders };\n }\n\n requestContext.set('user', user);\n\n // Store the raw auth token so downstream code (e.g., editor MCP client\n // resolution) can forward it when connecting to auth-protected MCP servers.\n // The token may arrive via Authorization header, apiKey query param, or\n // cookie (SimpleAuth sets `mastra-token`). Check all sources so the\n // forwarded value is available regardless of how the user authenticated.\n let effectiveToken = token;\n if (!effectiveToken && rawRequest instanceof Request) {\n const cookieHeader = rawRequest.headers.get('cookie');\n if (cookieHeader) {\n const match = cookieHeader.match(/mastra-token=([^;]+)/);\n if (match?.[1]) effectiveToken = match[1];\n }\n }\n if (effectiveToken) {\n requestContext.set(MASTRA_AUTH_TOKEN_KEY, effectiveToken);\n }\n\n if (typeof authConfig.mapUserToResourceId === 'function') {\n try {\n const resourceId = authConfig.mapUserToResourceId(user);\n if (resourceId) {\n requestContext.set(MASTRA_RESOURCE_ID_KEY, resourceId);\n }\n } catch (mapError) {\n mastra.getLogger()?.error('mapUserToResourceId failed', {\n error: mapError instanceof Error ? { message: mapError.message, stack: mapError.stack } : mapError,\n });\n return {\n action: 'error',\n status: 500,\n body: { error: 'Failed to map authenticated user to a resource ID' },\n headers: refreshHeaders,\n };\n }\n }\n\n try {\n const serverConfig = mastra.getServer();\n const rbacProvider = serverConfig?.rbac as IRBACProvider<EEUser> \| undefined;\n\n if (rbacProvider) {\n if (!user \|\| typeof user !== 'object' \|\| !('id' in user)) {\n mastra.getLogger()?.warn('RBAC: authenticated user missing required \"id\" field, skipping permission loading');\n } else {\n const permissions = await rbacProvider.getPermissions(user as EEUser);\n requestContext.set('userPermissions', permissions);\n\n const roles = await rbacProvider.getRoles(user as EEUser);\n requestContext.set('userRoles', roles);\n }\n }\n } catch (rbacError) {\n mastra.getLogger()?.error('RBAC: failed to load user permissions/roles', {\n error: rbacError instanceof Error ? { message: rbacError.message, stack: rbacError.stack } : rbacError,\n });\n }\n } catch (err) {\n mastra.getLogger()?.error('Authentication error', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n });\n return { action: 'error', status: 401, body: { error: 'Invalid or expired token' }, headers: refreshHeaders };\n }\n\n // ── Authorization ──\n\n if ('authorizeUser' in authConfig && typeof authConfig.authorizeUser === 'function') {\n try {\n const isAuthorized = await authConfig.authorizeUser(user, rawRequest as any);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n } catch (err) {\n mastra.getLogger()?.error('Authorization error in authorizeUser', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n });\n return { action: 'error', status: 500, body: { error: 'Authorization error' }, headers: refreshHeaders };\n }\n } else if ('authorize' in authConfig && typeof authConfig.authorize === 'function') {\n try {\n const authorizeCtx = ctx.buildAuthorizeContext();\n const isAuthorized = await authConfig.authorize(path, method, user, authorizeCtx as any);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n } catch (err) {\n mastra.getLogger()?.error('Authorization error in authorize', {\n error: err instanceof Error ? { message: err.message, stack: err.stack } : err,\n path,\n method,\n });\n return { action: 'error', status: 500, body: { error: 'Authorization error' }, headers: refreshHeaders };\n }\n } else if ('rules' in authConfig && authConfig.rules && authConfig.rules.length > 0) {\n const isAuthorized = await checkRules(authConfig.rules, path, method, user);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n } else {\n // No explicit authorization configured (authorizeUser, authorize, or rules)\n // Check if RBAC is configured - if not, allow authenticated users through\n // (auth-only mode = authenticated users get full access)\n const rbacProvider = mastra.getServer()?.rbac;\n if (rbacProvider) {\n if (defaultAuthConfig.rules && defaultAuthConfig.rules.length > 0) {\n const isAuthorized = await checkRules(defaultAuthConfig.rules, path, method, user);\n\n if (!isAuthorized) {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n } else {\n return { action: 'error', status: 403, body: { error: 'Access denied' }, headers: refreshHeaders };\n }\n }\n }\n\n return refreshHeaders ? { action: 'next', headers: refreshHeaders } : pass;\n};\n\n// Check authorization rules\nexport const checkRules = async (\n rules: MastraAuthConfig['rules'],\n path: string,\n method: string,\n user: unknown,\n): Promise<boolean> => {\n // Go through rules in order (first match wins)\n for (const i in rules \|\| []) {\n const rule = rules?.[i]!;\n // Check if rule applies to this path\n if (!pathMatchesRule(path, rule.path)) {\n continue;\n }\n\n // Check if rule applies to this method\n if (rule.methods && !matchesOrIncludes(rule.methods, method)) {\n continue;\n }\n\n // Rule matches, check conditions\n const condition = rule.condition;\n if (typeof condition === 'function') {\n const allowed = await Promise.resolve()\n .then(() => condition(user))\n .catch(() => false);\n\n if (allowed) {\n return true;\n }\n } else if (rule.allow) {\n return true;\n }\n }\n\n // No matching rules, deny by default\n return false;\n};\n"]}

package/dist/{chunk-OJRAH5VV.js → chunk-YARY4I5U.js} RENAMED Viewed

@@ -2,6 +2,21 @@
 var MASTRA_RESOURCE_ID_KEY = "mastra__resourceId";
 var MASTRA_THREAD_ID_KEY = "mastra__threadId";
 var MASTRA_AUTH_TOKEN_KEY = "mastra__authToken";
+var MASTRA_IS_STUDIO_KEY = "mastra__isStudio";
+var MASTRA_CLIENT_TYPE_HEADER = "x-mastra-client-type";
+var MASTRA_STUDIO_CLIENT_TYPE = "studio";
+var RESERVED_CONTEXT_KEYS = /* @__PURE__ */ new Set([
+  MASTRA_RESOURCE_ID_KEY,
+  MASTRA_THREAD_ID_KEY,
+  MASTRA_AUTH_TOKEN_KEY,
+  MASTRA_IS_STUDIO_KEY
+]);
+function isReservedRequestContextKey(key) {
+  return RESERVED_CONTEXT_KEYS.has(key);
+}
+function isStudioClientTypeHeader(value) {
+  return value?.toLowerCase() === MASTRA_STUDIO_CLIENT_TYPE;
+}
 var WORKSPACE_TOOLS_PREFIX = "mastra_workspace";
 var WORKSPACE_TOOLS = {
   FILESYSTEM: {
@@ -64,6 +79,6 @@ async function resolveToolConfig(toolsConfig, toolName, context) {
   };
 }
-export { MASTRA_AUTH_TOKEN_KEY, MASTRA_RESOURCE_ID_KEY, MASTRA_THREAD_ID_KEY, WORKSPACE_TOOLS, resolveToolConfig };
-//# sourceMappingURL=chunk-OJRAH5VV.js.map
-//# sourceMappingURL=chunk-OJRAH5VV.js.map
+export { MASTRA_AUTH_TOKEN_KEY, MASTRA_CLIENT_TYPE_HEADER, MASTRA_IS_STUDIO_KEY, MASTRA_RESOURCE_ID_KEY, MASTRA_STUDIO_CLIENT_TYPE, MASTRA_THREAD_ID_KEY, WORKSPACE_TOOLS, isReservedRequestContextKey, isStudioClientTypeHeader, resolveToolConfig };
+//# sourceMappingURL=chunk-YARY4I5U.js.map
+//# sourceMappingURL=chunk-YARY4I5U.js.map

package/dist/chunk-YARY4I5U.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"sources":["../src/server/constants.ts"],"names":[],"mappings":";AAQO,IAAM,sBAAA,GAAyB;AAE/B,IAAM,oBAAA,GAAuB;AAE7B,IAAM,qBAAA,GAAwB;AAE9B,IAAM,oBAAA,GAAuB;AAE7B,IAAM,yBAAA,GAA4B;AAElC,IAAM,yBAAA,GAA4B;AAEzC,IAAM,qBAAA,uBAA4B,GAAA,CAAI;AAAA,EACpC,sBAAA;AAAA,EACA,oBAAA;AAAA,EACA,qBAAA;AAAA,EACA;AACF,CAAC,CAAA;AAEM,SAAS,4BAA4B,GAAA,EAAsB;AAChE,EAAA,OAAO,qBAAA,CAAsB,IAAI,GAAG,CAAA;AACtC;AAEO,SAAS,yBAAyB,KAAA,EAAoC;AAC3E,EAAA,OAAO,KAAA,EAAO,aAAY,KAAM,yBAAA;AAClC;AAEO,IAAM,sBAAA,GAAyB,kBAAA;AAE/B,IAAM,eAAA,GAAkB;AAAA,EAC7B,UAAA,EAAY;AAAA,IACV,SAAA,EAAW,GAAG,sBAAsB,CAAA,UAAA,CAAA;AAAA,IACpC,UAAA,EAAY,GAAG,sBAAsB,CAAA,WAAA,CAAA;AAAA,IACrC,SAAA,EAAW,GAAG,sBAAsB,CAAA,UAAA,CAAA;AAAA,IACpC,UAAA,EAAY,GAAG,sBAAsB,CAAA,WAAA,CAAA;AAAA,IACrC,MAAA,EAAQ,GAAG,sBAAsB,CAAA,OAAA,CAAA;AAAA,IACjC,SAAA,EAAW,GAAG,sBAAsB,CAAA,UAAA,CAAA;AAAA,IACpC,KAAA,EAAO,GAAG,sBAAsB,CAAA,MAAA,CAAA;AAAA,IAChC,IAAA,EAAM,GAAG,sBAAsB,CAAA,KAAA;AAAA,GACjC;AAAA,EACA,OAAA,EAAS;AAAA,IACP,eAAA,EAAiB,GAAG,sBAAsB,CAAA,gBAAA;AAAA,GAC5C;AAAA,EACA,MAAA,EAAQ;AAAA,IACN,MAAA,EAAQ,GAAG,sBAAsB,CAAA,OAAA,CAAA;AAAA,IACjC,KAAA,EAAO,GAAG,sBAAsB,CAAA,MAAA;AAAA;AAEpC;AAuCA,eAAe,mBAAA,CACb,KAAA,EACA,OAAA,EACA,WAAA,EACkB;AAClB,EAAA,IAAI,KAAA,KAAU,QAAW,OAAO,WAAA;AAChC,EAAA,IAAI,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,KAAA;AACvC,EAAA,IAAI,CAAC,SAAS,OAAO,WAAA;AACrB,EAAA,IAAI;AACF,IAAA,OAAO,MAAM,MAAM,OAAO,CAAA;AAAA,EAC5B,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,IAAA,CAAK,wEAAwE,KAAK,CAAA;AAC1F,IAAA,OAAO,WAAA;AAAA,EACT;AACF;AAUA,eAAsB,iBAAA,CACpB,WAAA,EACA,QAAA,EACA,OAAA,EAC2F;AAC3F,EAAA,IAAI,OAAA,GAAkC,IAAA;AACtC,EAAA,IAAI,eAAA,GAA0C,KAAA;AAC9C,EAAA,IAAI,sBAAA;AAEJ,EAAA,IAAI,WAAA,EAAa;AACf,IAAA,IAAI,WAAA,CAAY,YAAY,MAAA,EAAW;AACrC,MAAA,OAAA,GAAU,WAAA,CAAY,OAAA;AAAA,IACxB;AACA,IAAA,IAAI,WAAA,CAAY,oBAAoB,MAAA,EAAW;AAC7C,MAAA,eAAA,GAAkB,WAAA,CAAY,eAAA;AAAA,IAChC;AAEA,IAAA,MAAM,aAAA,GAAgB,YAAY,QAAQ,CAAA;AAC1C,IAAA,IAAI,aAAA,EAAe;AACjB,MAAA,IAAI,aAAA,CAAc,YAAY,MAAA,EAAW;AACvC,QAAA,OAAA,GAAU,aAAA,CAAc,OAAA;AAAA,MAC1B;AACA,MAAA,IAAI,aAAA,CAAc,oBAAoB,MAAA,EAAW;AAC/C,QAAA,eAAA,GAAkB,aAAA,CAAc,eAAA;AAAA,MAClC;AACA,MAAA,IAAI,aAAA,CAAc,2BAA2B,MAAA,EAAW;AACtD,QAAA,sBAAA,GAAyB,aAAA,CAAc,sBAAA;AAAA,MACzC;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,MAAM,mBAAA,CAAoB,OAAA,EAAS,SAAS,KAAK,CAAA;AAAA,IAC1D,eAAA,EAAiB,MAAM,mBAAA,CAAoB,eAAA,EAAiB,SAAS,IAAI,CAAA;AAAA,IACzE,sBAAA,EACE,2BAA2B,MAAA,GACvB,MAAM,oBAAoB,sBAAA,EAAwB,OAAA,EAAS,IAAI,CAAA,GAC/D;AAAA,GACR;AACF","file":"chunk-YARY4I5U.js","sourcesContent":["/**\n * Constants inlined from @mastra/core to avoid import compatibility\n * issues with older core versions that don't export them yet.\n *\n * - Reserved RequestContext keys are inlined from @mastra/core/request-context.\n * - Workspace tool constants are inlined from @mastra/core/workspace.\n */\n\nexport const MASTRA_RESOURCE_ID_KEY = 'mastra__resourceId';\n\nexport const MASTRA_THREAD_ID_KEY = 'mastra__threadId';\n\nexport const MASTRA_AUTH_TOKEN_KEY = 'mastra__authToken';\n\nexport const MASTRA_IS_STUDIO_KEY = 'mastra__isStudio';\n\nexport const MASTRA_CLIENT_TYPE_HEADER = 'x-mastra-client-type';\n\nexport const MASTRA_STUDIO_CLIENT_TYPE = 'studio';\n\nconst RESERVED_CONTEXT_KEYS = new Set([\n MASTRA_RESOURCE_ID_KEY,\n MASTRA_THREAD_ID_KEY,\n MASTRA_AUTH_TOKEN_KEY,\n MASTRA_IS_STUDIO_KEY,\n]);\n\nexport function isReservedRequestContextKey(key: string): boolean {\n return RESERVED_CONTEXT_KEYS.has(key);\n}\n\nexport function isStudioClientTypeHeader(value: string | undefined): boolean {\n return value?.toLowerCase() === MASTRA_STUDIO_CLIENT_TYPE;\n}\n\nexport const WORKSPACE_TOOLS_PREFIX = 'mastra_workspace' as const;\n\nexport const WORKSPACE_TOOLS = {\n FILESYSTEM: {\n READ_FILE: `${WORKSPACE_TOOLS_PREFIX}_read_file` as const,\n WRITE_FILE: `${WORKSPACE_TOOLS_PREFIX}_write_file` as const,\n EDIT_FILE: `${WORKSPACE_TOOLS_PREFIX}_edit_file` as const,\n LIST_FILES: `${WORKSPACE_TOOLS_PREFIX}_list_files` as const,\n DELETE: `${WORKSPACE_TOOLS_PREFIX}_delete` as const,\n FILE_STAT: `${WORKSPACE_TOOLS_PREFIX}_file_stat` as const,\n MKDIR: `${WORKSPACE_TOOLS_PREFIX}_mkdir` as const,\n GREP: `${WORKSPACE_TOOLS_PREFIX}_grep` as const,\n },\n SANDBOX: {\n EXECUTE_COMMAND: `${WORKSPACE_TOOLS_PREFIX}_execute_command` as const,\n },\n SEARCH: {\n SEARCH: `${WORKSPACE_TOOLS_PREFIX}_search` as const,\n INDEX: `${WORKSPACE_TOOLS_PREFIX}_index` as const,\n },\n} as const;\n\nexport type WorkspaceToolName =\n | (typeof WORKSPACE_TOOLS.FILESYSTEM)[keyof typeof WORKSPACE_TOOLS.FILESYSTEM]\n | (typeof WORKSPACE_TOOLS.SEARCH)[keyof typeof WORKSPACE_TOOLS.SEARCH]\n | (typeof WORKSPACE_TOOLS.SANDBOX)[keyof typeof WORKSPACE_TOOLS.SANDBOX];\n\n/**\n * A tool config value that may be a static boolean or a dynamic function.\n * Inlined from @mastra/core/workspace for compatibility.\n *\n * Uses `(...args: any[]) => any` for the function branch so it stays\n * assignable from all core context variants (ToolConfigContext,\n * ToolConfigWithArgsContext) without importing them.\n */\n\ntype DynamicToolConfigValue = boolean | ((...args: any[]) => any);\n\n/**\n * Configuration for a single workspace tool.\n */\nexport interface WorkspaceToolConfig {\n enabled?: DynamicToolConfigValue;\n requireApproval?: DynamicToolConfigValue;\n requireReadBeforeWrite?: DynamicToolConfigValue;\n}\n\n/**\n * Configuration for workspace tools.\n */\nexport type WorkspaceToolsConfig = {\n enabled?: DynamicToolConfigValue;\n requireApproval?: DynamicToolConfigValue;\n} & Partial<Record<WorkspaceToolName, WorkspaceToolConfig>>;\n\n/**\n * Safely resolve a dynamic config value (boolean or async function) to a boolean.\n * Falls back to `safeDefault` when no context is available or the function throws.\n */\nasync function resolveDynamicValue(\n value: DynamicToolConfigValue | undefined,\n context: { workspace: object; requestContext: Record<string, unknown> } | undefined,\n safeDefault: boolean,\n): Promise<boolean> {\n if (value === undefined) return safeDefault;\n if (typeof value === 'boolean') return value;\n if (!context) return safeDefault;\n try {\n return await value(context);\n } catch (error) {\n console.warn('[Workspace Tools] Dynamic config function threw, using safe default:', error);\n return safeDefault;\n }\n}\n\n/**\n * Resolve the effective configuration for a workspace tool.\n * Inlined from @mastra/core/workspace for compatibility.\n *\n * Dynamic function values are resolved by calling them with the provided\n * workspace and requestContext. If a function throws, safe defaults are used\n * (enabled → false, requireApproval → true, requireReadBeforeWrite → true).\n */\nexport async function resolveToolConfig(\n toolsConfig: WorkspaceToolsConfig | undefined,\n toolName: WorkspaceToolName,\n context?: { workspace: object; requestContext: Record<string, unknown> },\n): Promise<{ enabled: boolean; requireApproval: boolean; requireReadBeforeWrite?: boolean }> {\n let enabled: DynamicToolConfigValue = true;\n let requireApproval: DynamicToolConfigValue = false;\n let requireReadBeforeWrite: DynamicToolConfigValue | undefined;\n\n if (toolsConfig) {\n if (toolsConfig.enabled !== undefined) {\n enabled = toolsConfig.enabled;\n }\n if (toolsConfig.requireApproval !== undefined) {\n requireApproval = toolsConfig.requireApproval;\n }\n\n const perToolConfig = toolsConfig[toolName];\n if (perToolConfig) {\n if (perToolConfig.enabled !== undefined) {\n enabled = perToolConfig.enabled;\n }\n if (perToolConfig.requireApproval !== undefined) {\n requireApproval = perToolConfig.requireApproval;\n }\n if (perToolConfig.requireReadBeforeWrite !== undefined) {\n requireReadBeforeWrite = perToolConfig.requireReadBeforeWrite;\n }\n }\n }\n\n return {\n enabled: await resolveDynamicValue(enabled, context, false),\n requireApproval: await resolveDynamicValue(requireApproval, context, true),\n requireReadBeforeWrite:\n requireReadBeforeWrite !== undefined\n ? await resolveDynamicValue(requireReadBeforeWrite, context, true)\n : undefined,\n };\n}\n"]}

package/dist/{chunk-AJV6ZSUS.cjs → chunk-YN57WYLS.cjs} RENAMED Viewed

@@ -1,13 +1,13 @@
 'use strict';
 var chunkQ2B7W7GA_cjs = require('./chunk-Q2B7W7GA.cjs');
-var chunkIQMLYFOO_cjs = require('./chunk-IQMLYFOO.cjs');
-var chunk7756JXUH_cjs = require('./chunk-7756JXUH.cjs');
+var chunkBGRKLLHE_cjs = require('./chunk-BGRKLLHE.cjs');
+var chunkHYYXUP35_cjs = require('./chunk-HYYXUP35.cjs');
 var chunkB34S64RC_cjs = require('./chunk-B34S64RC.cjs');
 var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
 var workspace = require('@mastra/core/workspace');
-var LIST_STORED_SKILLS_ROUTE = chunk7756JXUH_cjs.createRoute({
+var LIST_STORED_SKILLS_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "GET",
   path: "/stored/skills",
   responseType: "json",
@@ -40,7 +40,7 @@ var LIST_STORED_SKILLS_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var GET_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
+var GET_STORED_SKILL_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "GET",
   path: "/stored/skills/:storedSkillId",
   responseType: "json",
@@ -70,7 +70,7 @@ var GET_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var CREATE_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
+var CREATE_STORED_SKILL_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "POST",
   path: "/stored/skills",
   responseType: "json",
@@ -104,7 +104,7 @@ var CREATE_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
       if (!skillStore) {
         throw new chunk64ITUOXI_cjs.HTTPException(500, { message: "Skills storage domain is not available" });
       }
-      const id = providedId || chunkIQMLYFOO_cjs.toSlug(name);
+      const id = providedId || chunkBGRKLLHE_cjs.toSlug(name);
       if (!id) {
         throw new chunk64ITUOXI_cjs.HTTPException(400, {
           message: "Could not derive skill ID from name. Please provide an explicit id."
@@ -140,7 +140,7 @@ var CREATE_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var UPDATE_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
+var UPDATE_STORED_SKILL_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "PATCH",
   path: "/stored/skills/:storedSkillId",
   responseType: "json",
@@ -205,7 +205,7 @@ var UPDATE_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var DELETE_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
+var DELETE_STORED_SKILL_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "DELETE",
   path: "/stored/skills/:storedSkillId",
   responseType: "json",
@@ -239,7 +239,7 @@ var DELETE_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var PUBLISH_STORED_SKILL_ROUTE = chunk7756JXUH_cjs.createRoute({
+var PUBLISH_STORED_SKILL_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "POST",
   path: "/stored/skills/:storedSkillId/publish",
   responseType: "json",
@@ -309,5 +309,5 @@ exports.GET_STORED_SKILL_ROUTE = GET_STORED_SKILL_ROUTE;
 exports.LIST_STORED_SKILLS_ROUTE = LIST_STORED_SKILLS_ROUTE;
 exports.PUBLISH_STORED_SKILL_ROUTE = PUBLISH_STORED_SKILL_ROUTE;
 exports.UPDATE_STORED_SKILL_ROUTE = UPDATE_STORED_SKILL_ROUTE;
-//# sourceMappingURL=chunk-AJV6ZSUS.cjs.map
-//# sourceMappingURL=chunk-AJV6ZSUS.cjs.map
+//# sourceMappingURL=chunk-YN57WYLS.cjs.map
+//# sourceMappingURL=chunk-YN57WYLS.cjs.map

package/dist/{chunk-AJV6ZSUS.cjs.map → chunk-YN57WYLS.cjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/server/handlers/stored-skills.ts"],"names":["createRoute","listStoredSkillsQuerySchema","listStoredSkillsResponseSchema","HTTPException","handleError","storedSkillIdPathParams","getStoredSkillResponseSchema","createStoredSkillBodySchema","createStoredSkillResponseSchema","toSlug","updateStoredSkillBodySchema","updateStoredSkillResponseSchema","deleteStoredSkillResponseSchema","publishStoredSkillBodySchema","publishStoredSkillResponseSchema","LocalSkillSource"],"mappings":";;;;;;;;;AA4BO,IAAM,2BAA2BA,6BAAA,CAAY;AAAA,EAClD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,6CAAA;AAAA,EAClB,cAAA,EAAgBC,gDAAA;AAAA,EAChB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,6EAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,MAAM,OAAA,EAAS,OAAA,EAAS,QAAA,EAAU,QAAA,EAAS,KAAM;AACzE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,YAAA,CAAa;AAAA,QAC3C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,yBAAyBJ,6BAAA,CAAY;AAAA,EAChD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,cAAA,EAAgBC,8CAAA;AAAA,EAChB,OAAA,EAAS,wBAAA;AAAA,EACT,WAAA,EAAa,sGAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,KAAA,GAAQ,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAE5D,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4BJ,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYO,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,wEAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,EAAA,EAAI,UAAA;AAAA,IACJ,QAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,OAAA;AAAA,IACA,aAAA;AAAA,IACA,MAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIL,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAcM,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIN,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,EAAE,CAAA;AAC5C,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,cAAA,EAAiB,EAAE,mBAAmB,CAAA;AAAA,MAChF;AAEA,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,KAAA,EAAO;AAAA,UACL,EAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA,YAAA;AAAA,UACA,OAAA;AAAA,UACA,aAAA;AAAA,UACA,MAAA;AAAA,UACA,UAAA;AAAA,UACA,OAAA;AAAA,UACA,MAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAGD,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,EAAE,CAAA;AACpD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4BJ,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,UAAA,EAAYK,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,aAAA;AAAA;AAAA,IAEA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,OAAA;AAAA,IACA,aAAA;AAAA,IACA,MAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIR,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAIA,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,EAAA,EAAI,aAAA;AAAA,QACJ,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,OAAA;AAAA,QACA,aAAA;AAAA,QACA,MAAA;AAAA,QACA,UAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA;AAAA,OACD,CAAA;AAGD,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4BJ,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,cAAA,EAAgBO,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,uDAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIT,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,MAAM,UAAA,CAAW,OAAO,aAAa,CAAA;AAErC,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,OAAA,EAAS,SAAS,aAAa,CAAA,qBAAA;AAAA,OACjC;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAOM,IAAM,6BAA6BJ,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,uCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,UAAA,EAAYQ,8CAAA;AAAA,EACZ,cAAA,EAAgBC,kDAAA;AAAA,EAChB,OAAA,EAAS,sBAAA;AAAA,EACT,WAAA,EACE,uKAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,WAAU,KAAM;AACvD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIX,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,SAAA,GAAY,MAAM,OAAA,CAAQ,QAAA,CAAS,OAAO,CAAA;AAChD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAGA,MAAA,MAAM,IAAA,GAAO,MAAM,OAAO,MAAW,CAAA;AACrC,MAAA,MAAM,YAAA,GAAe,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA;AACnD,MAAA,MAAM,WAAA,GAAc,KAAK,OAAA,CAAQ,OAAA,CAAQ,QAAQ,GAAA,CAAI,eAAA,IAAmB,OAAA,CAAQ,GAAA,EAAK,CAAA;AACrF,MAAA,IAAI,CAAC,aAAa,UAAA,CAAW,WAAA,GAAc,KAAK,OAAA,CAAQ,GAAG,CAAA,IAAK,YAAA,KAAiB,WAAA,EAAa;AAC5F,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS,mDAAmD,WAAW,CAAA;AAAA,SACxE,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,MAAA,GAAS,IAAIY,0BAAA,EAAiB;AACpC,MAAA,MAAM,EAAE,sBAAA,EAAuB,GAAI,MAAM,OAAO,wBAAwB,CAAA;AAExE,MAAA,MAAM,EAAE,UAAU,IAAA,EAAK,GAAI,MAAM,sBAAA,CAAuB,MAAA,EAAQ,cAAc,SAAS,CAAA;AAGvF,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,EAAA,EAAI,aAAA;AAAA,QACJ,GAAG,QAAA;AAAA,QACH,IAAA;AAAA,QACA,MAAA,EAAQ;AAAA,OACT,CAAA;AAGD,MAAA,MAAM,aAAA,GAAgB,MAAM,UAAA,CAAW,gBAAA,CAAiB,aAAa,CAAA;AACrE,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,MAAM,WAAW,MAAA,CAAO;AAAA,UACtB,EAAA,EAAI,aAAA;AAAA,UACJ,iBAAiB,aAAA,CAAc;AAAA,SAChC,CAAA;AAAA,MACH;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIZ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yCAAyC,CAAA;AAAA,MACnF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,+BAA+B,CAAA;AAAA,IAC3D;AAAA,EACF;AACF,CAAC","file":"chunk-AJV6ZSUS.cjs","sourcesContent":["import { LocalSkillSource } from '@mastra/core/workspace';\n\nimport { HTTPException } from '../http-exception';\nimport {\n storedSkillIdPathParams,\n listStoredSkillsQuerySchema,\n createStoredSkillBodySchema,\n updateStoredSkillBodySchema,\n publishStoredSkillBodySchema,\n listStoredSkillsResponseSchema,\n getStoredSkillResponseSchema,\n createStoredSkillResponseSchema,\n updateStoredSkillResponseSchema,\n deleteStoredSkillResponseSchema,\n publishStoredSkillResponseSchema,\n} from '../schemas/stored-skills';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/*\n GET /stored/skills - List all stored skills\n /\nexport const LIST_STORED_SKILLS_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/skills',\n responseType: 'json',\n queryParamSchema: listStoredSkillsQuerySchema,\n responseSchema: listStoredSkillsResponseSchema,\n summary: 'List stored skills',\n description: 'Returns a paginated list of all skill configurations stored in the database',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({ mastra, page, perPage, orderBy, authorId, metadata }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n const result = await skillStore.listResolved({\n page,\n perPage,\n orderBy,\n authorId,\n metadata,\n });\n\n return result;\n } catch (error) {\n return handleError(error, 'Error listing stored skills');\n }\n },\n});\n\n/\n GET /stored/skills/:storedSkillId - Get a stored skill by ID\n /\nexport const GET_STORED_SKILL_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/skills/:storedSkillId',\n responseType: 'json',\n pathParamSchema: storedSkillIdPathParams,\n responseSchema: getStoredSkillResponseSchema,\n summary: 'Get stored skill by ID',\n description: 'Returns a specific skill from storage by its unique identifier (resolved with active version config)',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({ mastra, storedSkillId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n const skill = await skillStore.getByIdResolved(storedSkillId);\n\n if (!skill) {\n throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n }\n\n return skill;\n } catch (error) {\n return handleError(error, 'Error getting stored skill');\n }\n },\n});\n\n/\n POST /stored/skills - Create a new stored skill\n /\nexport const CREATE_STORED_SKILL_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/skills',\n responseType: 'json',\n bodySchema: createStoredSkillBodySchema,\n responseSchema: createStoredSkillResponseSchema,\n summary: 'Create stored skill',\n description: 'Creates a new skill configuration in storage with the provided details',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({\n mastra,\n id: providedId,\n authorId,\n name,\n description,\n instructions,\n license,\n compatibility,\n source,\n references,\n scripts,\n assets,\n metadata,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n // Derive ID from name if not explicitly provided\n const id = providedId \|\| toSlug(name);\n\n if (!id) {\n throw new HTTPException(400, {\n message: 'Could not derive skill ID from name. Please provide an explicit id.',\n });\n }\n\n // Check if skill with this ID already exists\n const existing = await skillStore.getById(id);\n if (existing) {\n throw new HTTPException(409, { message: `Skill with id ${id} already exists` });\n }\n\n await skillStore.create({\n skill: {\n id,\n authorId,\n name,\n description,\n instructions,\n license,\n compatibility,\n source,\n references,\n scripts,\n assets,\n metadata,\n },\n });\n\n // Return the resolved skill (thin record + version config)\n const resolved = await skillStore.getByIdResolved(id);\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve created skill' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error creating stored skill');\n }\n },\n});\n\n/\n PATCH /stored/skills/:storedSkillId - Update a stored skill\n /\nexport const UPDATE_STORED_SKILL_ROUTE = createRoute({\n method: 'PATCH',\n path: '/stored/skills/:storedSkillId',\n responseType: 'json',\n pathParamSchema: storedSkillIdPathParams,\n bodySchema: updateStoredSkillBodySchema,\n responseSchema: updateStoredSkillResponseSchema,\n summary: 'Update stored skill',\n description: 'Updates an existing skill in storage with the provided fields',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({\n mastra,\n storedSkillId,\n // Entity-level fields\n authorId,\n // Config fields (snapshot-level)\n name,\n description,\n instructions,\n license,\n compatibility,\n source,\n references,\n scripts,\n assets,\n metadata,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n // Check if skill exists\n const existing = await skillStore.getById(storedSkillId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n }\n\n // Update the skill with both entity-level and config-level fields\n // The storage layer handles separating these into record updates vs new-version creation\n await skillStore.update({\n id: storedSkillId,\n authorId,\n name,\n description,\n instructions,\n license,\n compatibility,\n source,\n references,\n scripts,\n assets,\n metadata,\n });\n\n // Return the resolved skill with the updated config\n const resolved = await skillStore.getByIdResolved(storedSkillId);\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve updated skill' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error updating stored skill');\n }\n },\n});\n\n/\n DELETE /stored/skills/:storedSkillId - Delete a stored skill\n /\nexport const DELETE_STORED_SKILL_ROUTE = createRoute({\n method: 'DELETE',\n path: '/stored/skills/:storedSkillId',\n responseType: 'json',\n pathParamSchema: storedSkillIdPathParams,\n responseSchema: deleteStoredSkillResponseSchema,\n summary: 'Delete stored skill',\n description: 'Deletes a skill from storage by its unique identifier',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({ mastra, storedSkillId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n // Check if skill exists\n const existing = await skillStore.getById(storedSkillId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n }\n\n await skillStore.delete(storedSkillId);\n\n return {\n success: true,\n message: `Skill ${storedSkillId} deleted successfully`,\n };\n } catch (error) {\n return handleError(error, 'Error deleting stored skill');\n }\n },\n});\n\n/\n POST /stored/skills/:storedSkillId/publish - Publish a skill from filesystem\n * Walks the skill directory, hashes files into blob store, creates a new version\n * with the tree manifest, and sets activeVersionId.\n */\nexport const PUBLISH_STORED_SKILL_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/skills/:storedSkillId/publish',\n responseType: 'json',\n pathParamSchema: storedSkillIdPathParams,\n bodySchema: publishStoredSkillBodySchema,\n responseSchema: publishStoredSkillResponseSchema,\n summary: 'Publish stored skill',\n description:\n 'Snapshots the skill directory from the filesystem into content-addressable blob storage, creates a new version with a tree manifest, and marks the skill as published',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({ mastra, storedSkillId, skillPath }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n const blobStore = await storage.getStore('blobs');\n if (!blobStore) {\n throw new HTTPException(500, { message: 'Blob storage domain is not available' });\n }\n\n // Verify skill exists\n const existing = await skillStore.getById(storedSkillId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n }\n\n // Validate skillPath to prevent path traversal\n const path = await import('node:path');\n const resolvedPath = path.default.resolve(skillPath);\n const allowedBase = path.default.resolve(process.env.SKILLS_BASE_DIR \|\| process.cwd());\n if (!resolvedPath.startsWith(allowedBase + path.default.sep) && resolvedPath !== allowedBase) {\n throw new HTTPException(400, {\n message: `skillPath must be within the allowed directory: ${allowedBase}`,\n });\n }\n\n // Use LocalSkillSource to read from the server filesystem\n const source = new LocalSkillSource();\n const { publishSkillFromSource } = await import('@mastra/core/workspace');\n\n const { snapshot, tree } = await publishSkillFromSource(source, resolvedPath, blobStore);\n\n // Update the skill with new version data + tree\n await skillStore.update({\n id: storedSkillId,\n ...snapshot,\n tree,\n status: 'published',\n });\n\n // Point activeVersionId to the newly created version\n const latestVersion = await skillStore.getLatestVersion(storedSkillId);\n if (latestVersion) {\n await skillStore.update({\n id: storedSkillId,\n activeVersionId: latestVersion.id,\n });\n }\n\n const resolved = await skillStore.getByIdResolved(storedSkillId);\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve skill after publish' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error publishing stored skill');\n }\n },\n});\n"]}
1	+ {"version":3,"sources":["../src/server/handlers/stored-skills.ts"],"names":["createRoute","listStoredSkillsQuerySchema","listStoredSkillsResponseSchema","HTTPException","handleError","storedSkillIdPathParams","getStoredSkillResponseSchema","createStoredSkillBodySchema","createStoredSkillResponseSchema","toSlug","updateStoredSkillBodySchema","updateStoredSkillResponseSchema","deleteStoredSkillResponseSchema","publishStoredSkillBodySchema","publishStoredSkillResponseSchema","LocalSkillSource"],"mappings":";;;;;;;;;AA4BO,IAAM,2BAA2BA,6BAAA,CAAY;AAAA,EAClD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,6CAAA;AAAA,EAClB,cAAA,EAAgBC,gDAAA;AAAA,EAChB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,6EAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,MAAM,OAAA,EAAS,OAAA,EAAS,QAAA,EAAU,QAAA,EAAS,KAAM;AACzE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,UAAA,CAAW,YAAA,CAAa;AAAA,QAC3C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,yBAAyBJ,6BAAA,CAAY;AAAA,EAChD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,cAAA,EAAgBC,8CAAA;AAAA,EAChB,OAAA,EAAS,wBAAA;AAAA,EACT,WAAA,EAAa,sGAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,KAAA,GAAQ,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAE5D,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4BJ,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYO,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,wEAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,EAAA,EAAI,UAAA;AAAA,IACJ,QAAA;AAAA,IACA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,OAAA;AAAA,IACA,aAAA;AAAA,IACA,MAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIL,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAcM,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIN,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,EAAE,CAAA;AAC5C,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,cAAA,EAAiB,EAAE,mBAAmB,CAAA;AAAA,MAChF;AAEA,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,KAAA,EAAO;AAAA,UACL,EAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA,YAAA;AAAA,UACA,OAAA;AAAA,UACA,aAAA;AAAA,UACA,MAAA;AAAA,UACA,UAAA;AAAA,UACA,OAAA;AAAA,UACA,MAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAGD,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,EAAE,CAAA;AACpD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4BJ,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,UAAA,EAAYK,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,aAAA;AAAA;AAAA,IAEA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,OAAA;AAAA,IACA,aAAA;AAAA,IACA,MAAA;AAAA,IACA,UAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIR,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAIA,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,EAAA,EAAI,aAAA;AAAA,QACJ,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,OAAA;AAAA,QACA,aAAA;AAAA,QACA,MAAA;AAAA,QACA,UAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA;AAAA,OACD,CAAA;AAGD,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4BJ,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,cAAA,EAAgBO,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,uDAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,eAAc,KAAM;AAC5C,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIT,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAEA,MAAA,MAAM,UAAA,CAAW,OAAO,aAAa,CAAA;AAErC,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,OAAA,EAAS,SAAS,aAAa,CAAA,qBAAA;AAAA,OACjC;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAOM,IAAM,6BAA6BJ,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,uCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,yCAAA;AAAA,EACjB,UAAA,EAAYQ,8CAAA;AAAA,EACZ,cAAA,EAAgBC,kDAAA;AAAA,EAChB,OAAA,EAAS,sBAAA;AAAA,EACT,WAAA,EACE,uKAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,aAAA,EAAe,WAAU,KAAM;AACvD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIX,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,UAAA,GAAa,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AAClD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,SAAA,GAAY,MAAM,OAAA,CAAQ,QAAA,CAAS,OAAO,CAAA;AAChD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,OAAA,CAAQ,aAAa,CAAA;AACvD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AAGA,MAAA,MAAM,IAAA,GAAO,MAAM,OAAO,MAAW,CAAA;AACrC,MAAA,MAAM,YAAA,GAAe,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,SAAS,CAAA;AACnD,MAAA,MAAM,WAAA,GAAc,KAAK,OAAA,CAAQ,OAAA,CAAQ,QAAQ,GAAA,CAAI,eAAA,IAAmB,OAAA,CAAQ,GAAA,EAAK,CAAA;AACrF,MAAA,IAAI,CAAC,aAAa,UAAA,CAAW,WAAA,GAAc,KAAK,OAAA,CAAQ,GAAG,CAAA,IAAK,YAAA,KAAiB,WAAA,EAAa;AAC5F,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS,mDAAmD,WAAW,CAAA;AAAA,SACxE,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,MAAA,GAAS,IAAIY,0BAAA,EAAiB;AACpC,MAAA,MAAM,EAAE,sBAAA,EAAuB,GAAI,MAAM,OAAO,wBAAwB,CAAA;AAExE,MAAA,MAAM,EAAE,UAAU,IAAA,EAAK,GAAI,MAAM,sBAAA,CAAuB,MAAA,EAAQ,cAAc,SAAS,CAAA;AAGvF,MAAA,MAAM,WAAW,MAAA,CAAO;AAAA,QACtB,EAAA,EAAI,aAAA;AAAA,QACJ,GAAG,QAAA;AAAA,QACH,IAAA;AAAA,QACA,MAAA,EAAQ;AAAA,OACT,CAAA;AAGD,MAAA,MAAM,aAAA,GAAgB,MAAM,UAAA,CAAW,gBAAA,CAAiB,aAAa,CAAA;AACrE,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,MAAM,WAAW,MAAA,CAAO;AAAA,UACtB,EAAA,EAAI,aAAA;AAAA,UACJ,iBAAiB,aAAA,CAAc;AAAA,SAChC,CAAA;AAAA,MACH;AAEA,MAAA,MAAM,QAAA,GAAW,MAAM,UAAA,CAAW,eAAA,CAAgB,aAAa,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIZ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yCAAyC,CAAA;AAAA,MACnF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,+BAA+B,CAAA;AAAA,IAC3D;AAAA,EACF;AACF,CAAC","file":"chunk-YN57WYLS.cjs","sourcesContent":["import { LocalSkillSource } from '@mastra/core/workspace';\n\nimport { HTTPException } from '../http-exception';\nimport {\n storedSkillIdPathParams,\n listStoredSkillsQuerySchema,\n createStoredSkillBodySchema,\n updateStoredSkillBodySchema,\n publishStoredSkillBodySchema,\n listStoredSkillsResponseSchema,\n getStoredSkillResponseSchema,\n createStoredSkillResponseSchema,\n updateStoredSkillResponseSchema,\n deleteStoredSkillResponseSchema,\n publishStoredSkillResponseSchema,\n} from '../schemas/stored-skills';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/*\n GET /stored/skills - List all stored skills\n /\nexport const LIST_STORED_SKILLS_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/skills',\n responseType: 'json',\n queryParamSchema: listStoredSkillsQuerySchema,\n responseSchema: listStoredSkillsResponseSchema,\n summary: 'List stored skills',\n description: 'Returns a paginated list of all skill configurations stored in the database',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({ mastra, page, perPage, orderBy, authorId, metadata }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n const result = await skillStore.listResolved({\n page,\n perPage,\n orderBy,\n authorId,\n metadata,\n });\n\n return result;\n } catch (error) {\n return handleError(error, 'Error listing stored skills');\n }\n },\n});\n\n/\n GET /stored/skills/:storedSkillId - Get a stored skill by ID\n /\nexport const GET_STORED_SKILL_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/skills/:storedSkillId',\n responseType: 'json',\n pathParamSchema: storedSkillIdPathParams,\n responseSchema: getStoredSkillResponseSchema,\n summary: 'Get stored skill by ID',\n description: 'Returns a specific skill from storage by its unique identifier (resolved with active version config)',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({ mastra, storedSkillId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n const skill = await skillStore.getByIdResolved(storedSkillId);\n\n if (!skill) {\n throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n }\n\n return skill;\n } catch (error) {\n return handleError(error, 'Error getting stored skill');\n }\n },\n});\n\n/\n POST /stored/skills - Create a new stored skill\n /\nexport const CREATE_STORED_SKILL_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/skills',\n responseType: 'json',\n bodySchema: createStoredSkillBodySchema,\n responseSchema: createStoredSkillResponseSchema,\n summary: 'Create stored skill',\n description: 'Creates a new skill configuration in storage with the provided details',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({\n mastra,\n id: providedId,\n authorId,\n name,\n description,\n instructions,\n license,\n compatibility,\n source,\n references,\n scripts,\n assets,\n metadata,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n // Derive ID from name if not explicitly provided\n const id = providedId \|\| toSlug(name);\n\n if (!id) {\n throw new HTTPException(400, {\n message: 'Could not derive skill ID from name. Please provide an explicit id.',\n });\n }\n\n // Check if skill with this ID already exists\n const existing = await skillStore.getById(id);\n if (existing) {\n throw new HTTPException(409, { message: `Skill with id ${id} already exists` });\n }\n\n await skillStore.create({\n skill: {\n id,\n authorId,\n name,\n description,\n instructions,\n license,\n compatibility,\n source,\n references,\n scripts,\n assets,\n metadata,\n },\n });\n\n // Return the resolved skill (thin record + version config)\n const resolved = await skillStore.getByIdResolved(id);\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve created skill' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error creating stored skill');\n }\n },\n});\n\n/\n PATCH /stored/skills/:storedSkillId - Update a stored skill\n /\nexport const UPDATE_STORED_SKILL_ROUTE = createRoute({\n method: 'PATCH',\n path: '/stored/skills/:storedSkillId',\n responseType: 'json',\n pathParamSchema: storedSkillIdPathParams,\n bodySchema: updateStoredSkillBodySchema,\n responseSchema: updateStoredSkillResponseSchema,\n summary: 'Update stored skill',\n description: 'Updates an existing skill in storage with the provided fields',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({\n mastra,\n storedSkillId,\n // Entity-level fields\n authorId,\n // Config fields (snapshot-level)\n name,\n description,\n instructions,\n license,\n compatibility,\n source,\n references,\n scripts,\n assets,\n metadata,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n // Check if skill exists\n const existing = await skillStore.getById(storedSkillId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n }\n\n // Update the skill with both entity-level and config-level fields\n // The storage layer handles separating these into record updates vs new-version creation\n await skillStore.update({\n id: storedSkillId,\n authorId,\n name,\n description,\n instructions,\n license,\n compatibility,\n source,\n references,\n scripts,\n assets,\n metadata,\n });\n\n // Return the resolved skill with the updated config\n const resolved = await skillStore.getByIdResolved(storedSkillId);\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve updated skill' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error updating stored skill');\n }\n },\n});\n\n/\n DELETE /stored/skills/:storedSkillId - Delete a stored skill\n /\nexport const DELETE_STORED_SKILL_ROUTE = createRoute({\n method: 'DELETE',\n path: '/stored/skills/:storedSkillId',\n responseType: 'json',\n pathParamSchema: storedSkillIdPathParams,\n responseSchema: deleteStoredSkillResponseSchema,\n summary: 'Delete stored skill',\n description: 'Deletes a skill from storage by its unique identifier',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({ mastra, storedSkillId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n // Check if skill exists\n const existing = await skillStore.getById(storedSkillId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n }\n\n await skillStore.delete(storedSkillId);\n\n return {\n success: true,\n message: `Skill ${storedSkillId} deleted successfully`,\n };\n } catch (error) {\n return handleError(error, 'Error deleting stored skill');\n }\n },\n});\n\n/\n POST /stored/skills/:storedSkillId/publish - Publish a skill from filesystem\n * Walks the skill directory, hashes files into blob store, creates a new version\n * with the tree manifest, and sets activeVersionId.\n */\nexport const PUBLISH_STORED_SKILL_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/skills/:storedSkillId/publish',\n responseType: 'json',\n pathParamSchema: storedSkillIdPathParams,\n bodySchema: publishStoredSkillBodySchema,\n responseSchema: publishStoredSkillResponseSchema,\n summary: 'Publish stored skill',\n description:\n 'Snapshots the skill directory from the filesystem into content-addressable blob storage, creates a new version with a tree manifest, and marks the skill as published',\n tags: ['Stored Skills'],\n requiresAuth: true,\n handler: async ({ mastra, storedSkillId, skillPath }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const skillStore = await storage.getStore('skills');\n if (!skillStore) {\n throw new HTTPException(500, { message: 'Skills storage domain is not available' });\n }\n\n const blobStore = await storage.getStore('blobs');\n if (!blobStore) {\n throw new HTTPException(500, { message: 'Blob storage domain is not available' });\n }\n\n // Verify skill exists\n const existing = await skillStore.getById(storedSkillId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored skill with id ${storedSkillId} not found` });\n }\n\n // Validate skillPath to prevent path traversal\n const path = await import('node:path');\n const resolvedPath = path.default.resolve(skillPath);\n const allowedBase = path.default.resolve(process.env.SKILLS_BASE_DIR \|\| process.cwd());\n if (!resolvedPath.startsWith(allowedBase + path.default.sep) && resolvedPath !== allowedBase) {\n throw new HTTPException(400, {\n message: `skillPath must be within the allowed directory: ${allowedBase}`,\n });\n }\n\n // Use LocalSkillSource to read from the server filesystem\n const source = new LocalSkillSource();\n const { publishSkillFromSource } = await import('@mastra/core/workspace');\n\n const { snapshot, tree } = await publishSkillFromSource(source, resolvedPath, blobStore);\n\n // Update the skill with new version data + tree\n await skillStore.update({\n id: storedSkillId,\n ...snapshot,\n tree,\n status: 'published',\n });\n\n // Point activeVersionId to the newly created version\n const latestVersion = await skillStore.getLatestVersion(storedSkillId);\n if (latestVersion) {\n await skillStore.update({\n id: storedSkillId,\n activeVersionId: latestVersion.id,\n });\n }\n\n const resolved = await skillStore.getByIdResolved(storedSkillId);\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve skill after publish' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error publishing stored skill');\n }\n },\n});\n"]}

package/dist/{chunk-VQMQBGDO.cjs → chunk-YQILRC5Y.cjs} RENAMED Viewed

@@ -1,15 +1,15 @@
 'use strict';
 var chunkWIOYCLJC_cjs = require('./chunk-WIOYCLJC.cjs');
-var chunkIQMLYFOO_cjs = require('./chunk-IQMLYFOO.cjs');
+var chunkBGRKLLHE_cjs = require('./chunk-BGRKLLHE.cjs');
 var chunk2XZ2466F_cjs = require('./chunk-2XZ2466F.cjs');
 var chunkDIG2K5CV_cjs = require('./chunk-DIG2K5CV.cjs');
-var chunk7756JXUH_cjs = require('./chunk-7756JXUH.cjs');
+var chunkHYYXUP35_cjs = require('./chunk-HYYXUP35.cjs');
 var chunkB34S64RC_cjs = require('./chunk-B34S64RC.cjs');
 var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
 // src/server/handlers/stored-mcp-clients.ts
-var LIST_STORED_MCP_CLIENTS_ROUTE = chunk7756JXUH_cjs.createRoute({
+var LIST_STORED_MCP_CLIENTS_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "GET",
   path: "/stored/mcp-clients",
   responseType: "json",
@@ -43,7 +43,7 @@ var LIST_STORED_MCP_CLIENTS_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var GET_STORED_MCP_CLIENT_ROUTE = chunk7756JXUH_cjs.createRoute({
+var GET_STORED_MCP_CLIENT_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "GET",
   path: "/stored/mcp-clients/:storedMCPClientId",
   responseType: "json",
@@ -74,7 +74,7 @@ var GET_STORED_MCP_CLIENT_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var CREATE_STORED_MCP_CLIENT_ROUTE = chunk7756JXUH_cjs.createRoute({
+var CREATE_STORED_MCP_CLIENT_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "POST",
   path: "/stored/mcp-clients",
   responseType: "json",
@@ -94,7 +94,7 @@ var CREATE_STORED_MCP_CLIENT_ROUTE = chunk7756JXUH_cjs.createRoute({
       if (!mcpClientStore) {
         throw new chunk64ITUOXI_cjs.HTTPException(500, { message: "MCP clients storage domain is not available" });
       }
-      const id = providedId || chunkIQMLYFOO_cjs.toSlug(name);
+      const id = providedId || chunkBGRKLLHE_cjs.toSlug(name);
       if (!id) {
         throw new chunk64ITUOXI_cjs.HTTPException(400, {
           message: "Could not derive MCP client ID from name. Please provide an explicit id."
@@ -124,7 +124,7 @@ var CREATE_STORED_MCP_CLIENT_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var UPDATE_STORED_MCP_CLIENT_ROUTE = chunk7756JXUH_cjs.createRoute({
+var UPDATE_STORED_MCP_CLIENT_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "PATCH",
   path: "/stored/mcp-clients/:storedMCPClientId",
   responseType: "json",
@@ -188,7 +188,7 @@ var UPDATE_STORED_MCP_CLIENT_ROUTE = chunk7756JXUH_cjs.createRoute({
     }
   }
 });
-var DELETE_STORED_MCP_CLIENT_ROUTE = chunk7756JXUH_cjs.createRoute({
+var DELETE_STORED_MCP_CLIENT_ROUTE = chunkHYYXUP35_cjs.createRoute({
   method: "DELETE",
   path: "/stored/mcp-clients/:storedMCPClientId",
   responseType: "json",
@@ -228,5 +228,5 @@ exports.DELETE_STORED_MCP_CLIENT_ROUTE = DELETE_STORED_MCP_CLIENT_ROUTE;
 exports.GET_STORED_MCP_CLIENT_ROUTE = GET_STORED_MCP_CLIENT_ROUTE;
 exports.LIST_STORED_MCP_CLIENTS_ROUTE = LIST_STORED_MCP_CLIENTS_ROUTE;
 exports.UPDATE_STORED_MCP_CLIENT_ROUTE = UPDATE_STORED_MCP_CLIENT_ROUTE;
-//# sourceMappingURL=chunk-VQMQBGDO.cjs.map
-//# sourceMappingURL=chunk-VQMQBGDO.cjs.map
+//# sourceMappingURL=chunk-YQILRC5Y.cjs.map
+//# sourceMappingURL=chunk-YQILRC5Y.cjs.map

package/dist/{chunk-VQMQBGDO.cjs.map → chunk-YQILRC5Y.cjs.map} RENAMED Viewed

	@@ -1 +1 @@
1	- {"version":3,"sources":["../src/server/handlers/stored-mcp-clients.ts"],"names":["createRoute","listStoredMCPClientsQuerySchema","listStoredMCPClientsResponseSchema","HTTPException","handleError","storedMCPClientIdPathParams","statusQuerySchema","getStoredMCPClientResponseSchema","createStoredMCPClientBodySchema","createStoredMCPClientResponseSchema","toSlug","updateStoredMCPClientBodySchema","updateStoredMCPClientResponseSchema","handleAutoVersioning","MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS","deleteStoredMCPClientResponseSchema"],"mappings":";;;;;;;;;;;AA2BO,IAAM,gCAAgCA,6BAAA,CAAY;AAAA,EACvD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,qBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,iDAAA;AAAA,EAClB,cAAA,EAAgBC,oDAAA;AAAA,EAChB,OAAA,EAAS,yBAAA;AAAA,EACT,WAAA,EAAa,kFAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,IAAA,EAAM,SAAS,OAAA,EAAS,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAS,KAAM;AACjF,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,YAAA,CAAa;AAAA,QAC/C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,8BAA8BJ,6BAAA,CAAY;AAAA,EACrD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,gBAAA,EAAkBC,mCAAA;AAAA,EAClB,cAAA,EAAgBC,kDAAA;AAAA,EAChB,OAAA,EAAS,6BAAA;AAAA,EACT,WAAA,EACE,qMAAA;AAAA,EACF,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,iBAAA,EAAmB,QAAO,KAAM;AACxD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAEA,MAAA,MAAM,YAAY,MAAM,cAAA,CAAe,gBAAgB,iBAAA,EAAmB,EAAE,QAAQ,CAAA;AAEpF,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAEA,MAAA,OAAO,SAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,qBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYQ,iDAAA;AAAA,EACZ,cAAA,EAAgBC,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,6EAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,EAAA,EAAI,UAAA,EAAY,QAAA,EAAU,QAAA,EAAU,IAAA,EAAM,WAAA,EAAa,OAAA,EAAQ,KAAM;AAC7F,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIN,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAcO,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIP,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,EAAE,CAAA;AAChD,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,mBAAA,EAAsB,EAAE,mBAAmB,CAAA;AAAA,MACrF;AAEA,MAAA,MAAM,eAAe,MAAA,CAAO;AAAA,QAC1B,SAAA,EAAW;AAAA,UACT,EAAA;AAAA,UACA,QAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAID,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,eAAA,CAAgB,IAAI,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC7E,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,UAAA,EAAYM,iDAAA;AAAA,EACZ,cAAA,EAAgBC,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,oEAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,iBAAA;AAAA;AAAA,IAEA,QAAA;AAAA,IACA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIT,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,iBAAiB,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAGA,MAAA,MAAM,gBAAA,GAAmB,MAAM,cAAA,CAAe,MAAA,CAAO;AAAA,QACnD,EAAA,EAAI,iBAAA;AAAA,QACJ,QAAA;AAAA,QACA,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACD,CAAA;AAGD,MAAA,MAAM,YAAA,GAAe,EAAE,IAAA,EAAM,WAAA,EAAa,OAAA,EAAQ;AAGlD,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,WAAA,CAAY,MAAA,CAAO,QAAQ,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA,KAAM,MAAS,CAAC,CAAA;AAKhH,MAAA,MAAMU,sCAAA;AAAA,QACJ,cAAA;AAAA,QACA,iBAAA;AAAA,QACA,aAAA;AAAA,QACAC,mDAAA;AAAA,QACA,QAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,OACF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,eAAA,CAAgB,mBAAmB,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC5F,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIX,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,cAAA,EAAgBU,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,6DAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,mBAAkB,KAAM;AAChD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIZ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,iBAAiB,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAEA,MAAA,MAAM,cAAA,CAAe,OAAO,iBAAiB,CAAA;AAE7C,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,OAAA,EAAS,cAAc,iBAAiB,CAAA,qBAAA;AAAA,OAC1C;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC","file":"chunk-VQMQBGDO.cjs","sourcesContent":["import { HTTPException } from '../http-exception';\nimport {\n storedMCPClientIdPathParams,\n statusQuerySchema,\n listStoredMCPClientsQuerySchema,\n createStoredMCPClientBodySchema,\n updateStoredMCPClientBodySchema,\n listStoredMCPClientsResponseSchema,\n getStoredMCPClientResponseSchema,\n createStoredMCPClientResponseSchema,\n updateStoredMCPClientResponseSchema,\n deleteStoredMCPClientResponseSchema,\n} from '../schemas/stored-mcp-clients';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\nimport { handleAutoVersioning, MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS } from './version-helpers';\nimport type { VersionedStoreInterface } from './version-helpers';\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/*\n GET /stored/mcp-clients - List all stored MCP clients\n /\nexport const LIST_STORED_MCP_CLIENTS_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/mcp-clients',\n responseType: 'json',\n queryParamSchema: listStoredMCPClientsQuerySchema,\n responseSchema: listStoredMCPClientsResponseSchema,\n summary: 'List stored MCP clients',\n description: 'Returns a paginated list of all MCP client configurations stored in the database',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, page, perPage, orderBy, status, authorId, metadata }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n const result = await mcpClientStore.listResolved({\n page,\n perPage,\n orderBy,\n status,\n authorId,\n metadata,\n });\n\n return result;\n } catch (error) {\n return handleError(error, 'Error listing stored MCP clients');\n }\n },\n});\n\n/\n GET /stored/mcp-clients/:storedMCPClientId - Get a stored MCP client by ID\n /\nexport const GET_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n queryParamSchema: statusQuerySchema,\n responseSchema: getStoredMCPClientResponseSchema,\n summary: 'Get stored MCP client by ID',\n description:\n 'Returns a specific MCP client from storage by its unique identifier. Use ?status=draft to resolve with the latest (draft) version, or ?status=published (default) for the active published version.',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, storedMCPClientId, status }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n const mcpClient = await mcpClientStore.getByIdResolved(storedMCPClientId, { status });\n\n if (!mcpClient) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n return mcpClient;\n } catch (error) {\n return handleError(error, 'Error getting stored MCP client');\n }\n },\n});\n\n/\n POST /stored/mcp-clients - Create a new stored MCP client\n /\nexport const CREATE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/mcp-clients',\n responseType: 'json',\n bodySchema: createStoredMCPClientBodySchema,\n responseSchema: createStoredMCPClientResponseSchema,\n summary: 'Create stored MCP client',\n description: 'Creates a new MCP client configuration in storage with the provided servers',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, id: providedId, authorId, metadata, name, description, servers }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Derive ID from name if not explicitly provided\n const id = providedId \|\| toSlug(name);\n\n if (!id) {\n throw new HTTPException(400, {\n message: 'Could not derive MCP client ID from name. Please provide an explicit id.',\n });\n }\n\n // Check if MCP client with this ID already exists\n const existing = await mcpClientStore.getById(id);\n if (existing) {\n throw new HTTPException(409, { message: `MCP client with id ${id} already exists` });\n }\n\n await mcpClientStore.create({\n mcpClient: {\n id,\n authorId,\n metadata,\n name,\n description,\n servers,\n },\n });\n\n // Return the resolved MCP client (thin record + version config)\n // Use draft status since newly created entities start as drafts\n const resolved = await mcpClientStore.getByIdResolved(id, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve created MCP client' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error creating stored MCP client');\n }\n },\n});\n\n/\n PATCH /stored/mcp-clients/:storedMCPClientId - Update a stored MCP client\n /\nexport const UPDATE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'PATCH',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n bodySchema: updateStoredMCPClientBodySchema,\n responseSchema: updateStoredMCPClientResponseSchema,\n summary: 'Update stored MCP client',\n description: 'Updates an existing MCP client in storage with the provided fields',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({\n mastra,\n storedMCPClientId,\n // Metadata-level fields\n authorId,\n metadata,\n // Config fields (snapshot-level)\n name,\n description,\n servers,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Check if MCP client exists\n const existing = await mcpClientStore.getById(storedMCPClientId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n // Update the MCP client with both metadata-level and config-level fields\n const updatedMCPClient = await mcpClientStore.update({\n id: storedMCPClientId,\n authorId,\n metadata,\n name,\n description,\n servers,\n });\n\n // Build the snapshot config for auto-versioning comparison\n const configFields = { name, description, servers };\n\n // Filter out undefined values to get only the config fields that were provided\n const providedConfigFields = Object.fromEntries(Object.entries(configFields).filter(([_, v]) => v !== undefined));\n\n // Handle auto-versioning with retry logic for race conditions\n // This creates a new version if there are meaningful config changes.\n // It does NOT update activeVersionId — the version stays as a draft until explicitly published.\n await handleAutoVersioning(\n mcpClientStore as unknown as VersionedStoreInterface,\n storedMCPClientId,\n 'mcpClientId',\n MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS,\n existing,\n updatedMCPClient,\n providedConfigFields,\n );\n\n // Return the resolved MCP client with the latest (draft) version so the UI sees its edits\n const resolved = await mcpClientStore.getByIdResolved(storedMCPClientId, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve updated MCP client' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error updating stored MCP client');\n }\n },\n});\n\n/\n DELETE /stored/mcp-clients/:storedMCPClientId - Delete a stored MCP client\n */\nexport const DELETE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'DELETE',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n responseSchema: deleteStoredMCPClientResponseSchema,\n summary: 'Delete stored MCP client',\n description: 'Deletes an MCP client from storage by its unique identifier',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, storedMCPClientId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Check if MCP client exists\n const existing = await mcpClientStore.getById(storedMCPClientId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n await mcpClientStore.delete(storedMCPClientId);\n\n return {\n success: true,\n message: `MCP client ${storedMCPClientId} deleted successfully`,\n };\n } catch (error) {\n return handleError(error, 'Error deleting stored MCP client');\n }\n },\n});\n"]}
1	+ {"version":3,"sources":["../src/server/handlers/stored-mcp-clients.ts"],"names":["createRoute","listStoredMCPClientsQuerySchema","listStoredMCPClientsResponseSchema","HTTPException","handleError","storedMCPClientIdPathParams","statusQuerySchema","getStoredMCPClientResponseSchema","createStoredMCPClientBodySchema","createStoredMCPClientResponseSchema","toSlug","updateStoredMCPClientBodySchema","updateStoredMCPClientResponseSchema","handleAutoVersioning","MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS","deleteStoredMCPClientResponseSchema"],"mappings":";;;;;;;;;;;AA2BO,IAAM,gCAAgCA,6BAAA,CAAY;AAAA,EACvD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,qBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,iDAAA;AAAA,EAClB,cAAA,EAAgBC,oDAAA;AAAA,EAChB,OAAA,EAAS,yBAAA;AAAA,EACT,WAAA,EAAa,kFAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,IAAA,EAAM,SAAS,OAAA,EAAS,MAAA,EAAQ,QAAA,EAAU,QAAA,EAAS,KAAM;AACjF,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,cAAA,CAAe,YAAA,CAAa;AAAA,QAC/C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA;AAAA,QACA;AAAA,OACD,CAAA;AAED,MAAA,OAAO,MAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,8BAA8BJ,6BAAA,CAAY;AAAA,EACrD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,gBAAA,EAAkBC,mCAAA;AAAA,EAClB,cAAA,EAAgBC,kDAAA;AAAA,EAChB,OAAA,EAAS,6BAAA;AAAA,EACT,WAAA,EACE,qMAAA;AAAA,EACF,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,iBAAA,EAAmB,QAAO,KAAM;AACxD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAEA,MAAA,MAAM,YAAY,MAAM,cAAA,CAAe,gBAAgB,iBAAA,EAAmB,EAAE,QAAQ,CAAA;AAEpF,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAEA,MAAA,OAAO,SAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,qBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYQ,iDAAA;AAAA,EACZ,cAAA,EAAgBC,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,6EAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,EAAA,EAAI,UAAA,EAAY,QAAA,EAAU,QAAA,EAAU,IAAA,EAAM,WAAA,EAAa,OAAA,EAAQ,KAAM;AAC7F,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIN,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAcO,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIP,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,EAAE,CAAA;AAChD,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,mBAAA,EAAsB,EAAE,mBAAmB,CAAA;AAAA,MACrF;AAEA,MAAA,MAAM,eAAe,MAAA,CAAO;AAAA,QAC1B,SAAA,EAAW;AAAA,UACT,EAAA;AAAA,UACA,QAAA;AAAA,UACA,QAAA;AAAA,UACA,IAAA;AAAA,UACA,WAAA;AAAA,UACA;AAAA;AACF,OACD,CAAA;AAID,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,eAAA,CAAgB,IAAI,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC7E,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,UAAA,EAAYM,iDAAA;AAAA,EACZ,cAAA,EAAgBC,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,oEAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,iBAAA;AAAA;AAAA,IAEA,QAAA;AAAA,IACA,QAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIT,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,iBAAiB,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAGA,MAAA,MAAM,gBAAA,GAAmB,MAAM,cAAA,CAAe,MAAA,CAAO;AAAA,QACnD,EAAA,EAAI,iBAAA;AAAA,QACJ,QAAA;AAAA,QACA,QAAA;AAAA,QACA,IAAA;AAAA,QACA,WAAA;AAAA,QACA;AAAA,OACD,CAAA;AAGD,MAAA,MAAM,YAAA,GAAe,EAAE,IAAA,EAAM,WAAA,EAAa,OAAA,EAAQ;AAGlD,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,WAAA,CAAY,MAAA,CAAO,QAAQ,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA,KAAM,MAAS,CAAC,CAAA;AAKhH,MAAA,MAAMU,sCAAA;AAAA,QACJ,cAAA;AAAA,QACA,iBAAA;AAAA,QACA,aAAA;AAAA,QACAC,mDAAA;AAAA,QACA,QAAA;AAAA,QACA,gBAAA;AAAA,QACA;AAAA,OACF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,eAAA,CAAgB,mBAAmB,EAAE,MAAA,EAAQ,SAAS,CAAA;AAC5F,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIX,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,wCAAwC,CAAA;AAAA,MAClF;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC;AAKM,IAAM,iCAAiCJ,6BAAA,CAAY;AAAA,EACxD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,wCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBK,6CAAA;AAAA,EACjB,cAAA,EAAgBU,qDAAA;AAAA,EAChB,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,6DAAA;AAAA,EACb,IAAA,EAAM,CAAC,oBAAoB,CAAA;AAAA,EAC3B,YAAA,EAAc,IAAA;AAAA,EACd,OAAA,EAAS,OAAO,EAAE,MAAA,EAAQ,mBAAkB,KAAM;AAChD,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIZ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,YAAY,CAAA;AAC1D,MAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,+CAA+C,CAAA;AAAA,MACzF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,cAAA,CAAe,OAAA,CAAQ,iBAAiB,CAAA;AAC/D,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,0BAAA,EAA6B,iBAAiB,cAAc,CAAA;AAAA,MACtG;AAEA,MAAA,MAAM,cAAA,CAAe,OAAO,iBAAiB,CAAA;AAE7C,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,OAAA,EAAS,cAAc,iBAAiB,CAAA,qBAAA;AAAA,OAC1C;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,kCAAkC,CAAA;AAAA,IAC9D;AAAA,EACF;AACF,CAAC","file":"chunk-YQILRC5Y.cjs","sourcesContent":["import { HTTPException } from '../http-exception';\nimport {\n storedMCPClientIdPathParams,\n statusQuerySchema,\n listStoredMCPClientsQuerySchema,\n createStoredMCPClientBodySchema,\n updateStoredMCPClientBodySchema,\n listStoredMCPClientsResponseSchema,\n getStoredMCPClientResponseSchema,\n createStoredMCPClientResponseSchema,\n updateStoredMCPClientResponseSchema,\n deleteStoredMCPClientResponseSchema,\n} from '../schemas/stored-mcp-clients';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { toSlug } from '../utils';\n\nimport { handleError } from './error';\nimport { handleAutoVersioning, MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS } from './version-helpers';\nimport type { VersionedStoreInterface } from './version-helpers';\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/*\n GET /stored/mcp-clients - List all stored MCP clients\n /\nexport const LIST_STORED_MCP_CLIENTS_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/mcp-clients',\n responseType: 'json',\n queryParamSchema: listStoredMCPClientsQuerySchema,\n responseSchema: listStoredMCPClientsResponseSchema,\n summary: 'List stored MCP clients',\n description: 'Returns a paginated list of all MCP client configurations stored in the database',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, page, perPage, orderBy, status, authorId, metadata }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n const result = await mcpClientStore.listResolved({\n page,\n perPage,\n orderBy,\n status,\n authorId,\n metadata,\n });\n\n return result;\n } catch (error) {\n return handleError(error, 'Error listing stored MCP clients');\n }\n },\n});\n\n/\n GET /stored/mcp-clients/:storedMCPClientId - Get a stored MCP client by ID\n /\nexport const GET_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n queryParamSchema: statusQuerySchema,\n responseSchema: getStoredMCPClientResponseSchema,\n summary: 'Get stored MCP client by ID',\n description:\n 'Returns a specific MCP client from storage by its unique identifier. Use ?status=draft to resolve with the latest (draft) version, or ?status=published (default) for the active published version.',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, storedMCPClientId, status }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n const mcpClient = await mcpClientStore.getByIdResolved(storedMCPClientId, { status });\n\n if (!mcpClient) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n return mcpClient;\n } catch (error) {\n return handleError(error, 'Error getting stored MCP client');\n }\n },\n});\n\n/\n POST /stored/mcp-clients - Create a new stored MCP client\n /\nexport const CREATE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/mcp-clients',\n responseType: 'json',\n bodySchema: createStoredMCPClientBodySchema,\n responseSchema: createStoredMCPClientResponseSchema,\n summary: 'Create stored MCP client',\n description: 'Creates a new MCP client configuration in storage with the provided servers',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, id: providedId, authorId, metadata, name, description, servers }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Derive ID from name if not explicitly provided\n const id = providedId \|\| toSlug(name);\n\n if (!id) {\n throw new HTTPException(400, {\n message: 'Could not derive MCP client ID from name. Please provide an explicit id.',\n });\n }\n\n // Check if MCP client with this ID already exists\n const existing = await mcpClientStore.getById(id);\n if (existing) {\n throw new HTTPException(409, { message: `MCP client with id ${id} already exists` });\n }\n\n await mcpClientStore.create({\n mcpClient: {\n id,\n authorId,\n metadata,\n name,\n description,\n servers,\n },\n });\n\n // Return the resolved MCP client (thin record + version config)\n // Use draft status since newly created entities start as drafts\n const resolved = await mcpClientStore.getByIdResolved(id, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve created MCP client' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error creating stored MCP client');\n }\n },\n});\n\n/\n PATCH /stored/mcp-clients/:storedMCPClientId - Update a stored MCP client\n /\nexport const UPDATE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'PATCH',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n bodySchema: updateStoredMCPClientBodySchema,\n responseSchema: updateStoredMCPClientResponseSchema,\n summary: 'Update stored MCP client',\n description: 'Updates an existing MCP client in storage with the provided fields',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({\n mastra,\n storedMCPClientId,\n // Metadata-level fields\n authorId,\n metadata,\n // Config fields (snapshot-level)\n name,\n description,\n servers,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Check if MCP client exists\n const existing = await mcpClientStore.getById(storedMCPClientId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n // Update the MCP client with both metadata-level and config-level fields\n const updatedMCPClient = await mcpClientStore.update({\n id: storedMCPClientId,\n authorId,\n metadata,\n name,\n description,\n servers,\n });\n\n // Build the snapshot config for auto-versioning comparison\n const configFields = { name, description, servers };\n\n // Filter out undefined values to get only the config fields that were provided\n const providedConfigFields = Object.fromEntries(Object.entries(configFields).filter(([_, v]) => v !== undefined));\n\n // Handle auto-versioning with retry logic for race conditions\n // This creates a new version if there are meaningful config changes.\n // It does NOT update activeVersionId — the version stays as a draft until explicitly published.\n await handleAutoVersioning(\n mcpClientStore as unknown as VersionedStoreInterface,\n storedMCPClientId,\n 'mcpClientId',\n MCP_CLIENT_SNAPSHOT_CONFIG_FIELDS,\n existing,\n updatedMCPClient,\n providedConfigFields,\n );\n\n // Return the resolved MCP client with the latest (draft) version so the UI sees its edits\n const resolved = await mcpClientStore.getByIdResolved(storedMCPClientId, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve updated MCP client' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error updating stored MCP client');\n }\n },\n});\n\n/\n DELETE /stored/mcp-clients/:storedMCPClientId - Delete a stored MCP client\n */\nexport const DELETE_STORED_MCP_CLIENT_ROUTE = createRoute({\n method: 'DELETE',\n path: '/stored/mcp-clients/:storedMCPClientId',\n responseType: 'json',\n pathParamSchema: storedMCPClientIdPathParams,\n responseSchema: deleteStoredMCPClientResponseSchema,\n summary: 'Delete stored MCP client',\n description: 'Deletes an MCP client from storage by its unique identifier',\n tags: ['Stored MCP Clients'],\n requiresAuth: true,\n handler: async ({ mastra, storedMCPClientId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const mcpClientStore = await storage.getStore('mcpClients');\n if (!mcpClientStore) {\n throw new HTTPException(500, { message: 'MCP clients storage domain is not available' });\n }\n\n // Check if MCP client exists\n const existing = await mcpClientStore.getById(storedMCPClientId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored MCP client with id ${storedMCPClientId} not found` });\n }\n\n await mcpClientStore.delete(storedMCPClientId);\n\n return {\n success: true,\n message: `MCP client ${storedMCPClientId} deleted successfully`,\n };\n } catch (error) {\n return handleError(error, 'Error deleting stored MCP client');\n }\n },\n});\n"]}