@mastra/server 1.36.1-alpha.0 → 1.37.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (108) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/dist/{api-schema-manifest-LPJBQXPS.cjs → api-schema-manifest-5TBFFQY7.cjs} +4 -4
  3. package/dist/{api-schema-manifest-LPJBQXPS.cjs.map → api-schema-manifest-5TBFFQY7.cjs.map} +1 -1
  4. package/dist/{api-schema-manifest-Q6PMJOZ7.js → api-schema-manifest-Z2JHGSRM.js} +3 -3
  5. package/dist/{api-schema-manifest-Q6PMJOZ7.js.map → api-schema-manifest-Z2JHGSRM.js.map} +1 -1
  6. package/dist/{chunk-CIAFOGUT.js → chunk-2NAY2LUJ.js} +4 -4
  7. package/dist/{chunk-CIAFOGUT.js.map → chunk-2NAY2LUJ.js.map} +1 -1
  8. package/dist/{chunk-DLRY7A4X.js → chunk-5H52FP2S.js} +5 -5
  9. package/dist/{chunk-DLRY7A4X.js.map → chunk-5H52FP2S.js.map} +1 -1
  10. package/dist/{chunk-G5LQCOFZ.js → chunk-5SPGEEYA.js} +3 -3
  11. package/dist/{chunk-G5LQCOFZ.js.map → chunk-5SPGEEYA.js.map} +1 -1
  12. package/dist/{chunk-NRSWA4Z5.js → chunk-5WCQI3QY.js} +3 -3
  13. package/dist/{chunk-NRSWA4Z5.js.map → chunk-5WCQI3QY.js.map} +1 -1
  14. package/dist/{chunk-6PZLOV6Z.js → chunk-AZKOTAON.js} +3 -3
  15. package/dist/{chunk-6PZLOV6Z.js.map → chunk-AZKOTAON.js.map} +1 -1
  16. package/dist/{chunk-O7B3P2AT.cjs → chunk-CU2IRRTR.cjs} +3 -3
  17. package/dist/{chunk-O7B3P2AT.cjs.map → chunk-CU2IRRTR.cjs.map} +1 -1
  18. package/dist/{chunk-J24FU42I.cjs → chunk-DRHETQDI.cjs} +4 -4
  19. package/dist/{chunk-J24FU42I.cjs.map → chunk-DRHETQDI.cjs.map} +1 -1
  20. package/dist/{chunk-CGBDH32D.cjs → chunk-DVRI2PQV.cjs} +4 -4
  21. package/dist/{chunk-CGBDH32D.cjs.map → chunk-DVRI2PQV.cjs.map} +1 -1
  22. package/dist/{chunk-G5YFX7SD.cjs → chunk-DYWRKLPU.cjs} +4 -4
  23. package/dist/{chunk-G5YFX7SD.cjs.map → chunk-DYWRKLPU.cjs.map} +1 -1
  24. package/dist/{chunk-5S77OUMY.js → chunk-EO6MLUAA.js} +3 -3
  25. package/dist/{chunk-5S77OUMY.js.map → chunk-EO6MLUAA.js.map} +1 -1
  26. package/dist/{chunk-AOWOCCSV.js → chunk-HYYIE4HE.js} +19 -19
  27. package/dist/{chunk-AOWOCCSV.js.map → chunk-HYYIE4HE.js.map} +1 -1
  28. package/dist/{chunk-KLESMQPZ.js → chunk-I5WPFNWX.js} +3 -3
  29. package/dist/{chunk-KLESMQPZ.js.map → chunk-I5WPFNWX.js.map} +1 -1
  30. package/dist/{chunk-UKZEL5TK.js → chunk-JE2ZMOKB.js} +3 -3
  31. package/dist/{chunk-UKZEL5TK.js.map → chunk-JE2ZMOKB.js.map} +1 -1
  32. package/dist/{chunk-QJU62KP2.cjs → chunk-JWYT5XYO.cjs} +3 -3
  33. package/dist/{chunk-QJU62KP2.cjs.map → chunk-JWYT5XYO.cjs.map} +1 -1
  34. package/dist/{chunk-DA3GPZIW.js → chunk-K46WKGGZ.js} +4 -4
  35. package/dist/{chunk-DA3GPZIW.js.map → chunk-K46WKGGZ.js.map} +1 -1
  36. package/dist/{chunk-JUGZSL24.cjs → chunk-LWPPY3XE.cjs} +4 -4
  37. package/dist/{chunk-JUGZSL24.cjs.map → chunk-LWPPY3XE.cjs.map} +1 -1
  38. package/dist/{chunk-HTP3LBWI.cjs → chunk-LXOKTLBF.cjs} +5 -5
  39. package/dist/{chunk-HTP3LBWI.cjs.map → chunk-LXOKTLBF.cjs.map} +1 -1
  40. package/dist/{chunk-6HR2SJBP.js → chunk-LYGOXXXA.js} +3 -3
  41. package/dist/{chunk-6HR2SJBP.js.map → chunk-LYGOXXXA.js.map} +1 -1
  42. package/dist/{chunk-REJUB2HI.cjs → chunk-N7ZFWAFJ.cjs} +3 -3
  43. package/dist/{chunk-REJUB2HI.cjs.map → chunk-N7ZFWAFJ.cjs.map} +1 -1
  44. package/dist/{chunk-KUPT7YFR.cjs → chunk-NYPBCQOT.cjs} +4 -4
  45. package/dist/{chunk-KUPT7YFR.cjs.map → chunk-NYPBCQOT.cjs.map} +1 -1
  46. package/dist/{chunk-FI5FIBFG.cjs → chunk-OHJRP6K7.cjs} +3 -3
  47. package/dist/{chunk-FI5FIBFG.cjs.map → chunk-OHJRP6K7.cjs.map} +1 -1
  48. package/dist/{chunk-HZNJ4B7D.cjs → chunk-OR4OZJUW.cjs} +3 -3
  49. package/dist/{chunk-HZNJ4B7D.cjs.map → chunk-OR4OZJUW.cjs.map} +1 -1
  50. package/dist/{chunk-26W4C7FO.cjs → chunk-PQ74DA4K.cjs} +6 -6
  51. package/dist/{chunk-26W4C7FO.cjs.map → chunk-PQ74DA4K.cjs.map} +1 -1
  52. package/dist/{chunk-MEIFOELG.js → chunk-PR6OZGWN.js} +3 -3
  53. package/dist/{chunk-MEIFOELG.js.map → chunk-PR6OZGWN.js.map} +1 -1
  54. package/dist/{chunk-WKUSPOUB.js → chunk-QC4USGJS.js} +3 -3
  55. package/dist/{chunk-WKUSPOUB.js.map → chunk-QC4USGJS.js.map} +1 -1
  56. package/dist/{chunk-TSF3GTOO.js → chunk-QVGUEAP6.js} +3 -3
  57. package/dist/{chunk-TSF3GTOO.js.map → chunk-QVGUEAP6.js.map} +1 -1
  58. package/dist/{chunk-HGRG2WVX.js → chunk-R5CX6VIT.js} +3 -3
  59. package/dist/{chunk-HGRG2WVX.js.map → chunk-R5CX6VIT.js.map} +1 -1
  60. package/dist/{chunk-3U2E4IZQ.cjs → chunk-RF7P3524.cjs} +8 -8
  61. package/dist/{chunk-3U2E4IZQ.cjs.map → chunk-RF7P3524.cjs.map} +1 -1
  62. package/dist/{chunk-CCL4C2ZO.js → chunk-T4UU7EJX.js} +3 -3
  63. package/dist/{chunk-CCL4C2ZO.js.map → chunk-T4UU7EJX.js.map} +1 -1
  64. package/dist/{chunk-IVH5F5HB.cjs → chunk-TDLWDKJT.cjs} +3 -3
  65. package/dist/{chunk-IVH5F5HB.cjs.map → chunk-TDLWDKJT.cjs.map} +1 -1
  66. package/dist/{chunk-AHVAFHUK.cjs → chunk-YW5L7LRF.cjs} +99 -99
  67. package/dist/{chunk-AHVAFHUK.cjs.map → chunk-YW5L7LRF.cjs.map} +1 -1
  68. package/dist/{chunk-DG5OAPEF.cjs → chunk-ZRVRA2PY.cjs} +3 -3
  69. package/dist/{chunk-DG5OAPEF.cjs.map → chunk-ZRVRA2PY.cjs.map} +1 -1
  70. package/dist/docs/SKILL.md +1 -1
  71. package/dist/docs/assets/SOURCE_MAP.json +1 -1
  72. package/dist/server/handlers/a2a.cjs +14 -14
  73. package/dist/server/handlers/a2a.js +1 -1
  74. package/dist/server/handlers/agent-builder.cjs +16 -16
  75. package/dist/server/handlers/agent-builder.js +1 -1
  76. package/dist/server/handlers/agents.cjs +41 -41
  77. package/dist/server/handlers/agents.js +1 -1
  78. package/dist/server/handlers/auth.cjs +12 -12
  79. package/dist/server/handlers/auth.js +1 -1
  80. package/dist/server/handlers/builder-registry.cjs +6 -6
  81. package/dist/server/handlers/builder-registry.js +1 -1
  82. package/dist/server/handlers/conversations.cjs +5 -5
  83. package/dist/server/handlers/conversations.js +1 -1
  84. package/dist/server/handlers/responses.cjs +4 -4
  85. package/dist/server/handlers/responses.js +1 -1
  86. package/dist/server/handlers/scores.cjs +7 -7
  87. package/dist/server/handlers/scores.js +1 -1
  88. package/dist/server/handlers/stored-agent-favorites.cjs +3 -3
  89. package/dist/server/handlers/stored-agent-favorites.js +1 -1
  90. package/dist/server/handlers/stored-agents.cjs +7 -7
  91. package/dist/server/handlers/stored-agents.js +1 -1
  92. package/dist/server/handlers/stored-workspaces.cjs +6 -6
  93. package/dist/server/handlers/stored-workspaces.js +1 -1
  94. package/dist/server/handlers/system.cjs +3 -3
  95. package/dist/server/handlers/system.js +1 -1
  96. package/dist/server/handlers/tools.cjs +6 -6
  97. package/dist/server/handlers/tools.js +1 -1
  98. package/dist/server/handlers/voice.cjs +8 -8
  99. package/dist/server/handlers/voice.js +1 -1
  100. package/dist/server/handlers/workspace.cjs +26 -26
  101. package/dist/server/handlers/workspace.js +1 -1
  102. package/dist/server/handlers.cjs +34 -34
  103. package/dist/server/handlers.js +10 -10
  104. package/dist/server/schemas/index.cjs +400 -400
  105. package/dist/server/schemas/index.js +7 -7
  106. package/dist/server/server-adapter/index.cjs +14 -14
  107. package/dist/server/server-adapter/index.js +3 -3
  108. package/package.json +4 -4
package/dist/{chunk-KUPT7YFR.cjs.map → chunk-NYPBCQOT.cjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["createPublicRoute","capabilitiesResponseSchema","supportsSessionRefresh","handleError","currentUserResponseSchema","ssoLoginQuerySchema","HTTPException","ssoCallbackQuerySchema","refreshResponseSchema","credentialsSignInBodySchema","credentialsSignUpBodySchema","mastra","z","createRoute","MASTRA_USER_PERMISSIONS_KEY"],"mappings":";;;;;;;;;;AAyCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAoBO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AAEA,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACrF,IAAA,MAAM,KAAA,GAAQ,cAAA,IAAkB,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,EAAE,CAAA;AAC7E,IAAA,OAAO,CAAA,EAAG,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,eAAe,MAAA,EAA+C;AACrE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,GAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,QAAQ,OAAO,IAAA,KAAS,YAAY,OAAQ,IAAA,CAAa,MAAM,CAAA,KAAM,UAAA;AACvF;AAMO,IAAM,8BAA8BA,mCAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,4CAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,GAAA,GAAM,eAAe,MAAM,CAAA;AAEjC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,OAAA,EAAS,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,WAAA,EAAa,CAAA;AAIjG,MAAA,IAAI,EAAE,MAAA,IAAU,YAAA,CAAA,IAAiBC,wCAAA,CAAuB,IAAI,CAAA,EAAG;AAC7D,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AAC5D,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AAC5D,YAAA,IAAI,gBAAA,EAAkB;AACpB,cAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,iBAAA,CAAkB,gBAAgB,CAAA;AACpE,cAAA,MAAM,WAAA,GAAc,yBAAyB,cAAc,CAAA;AAC3D,cAAA,IAAI,WAAA,EAAa;AAEf,gBAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK;AAAA,kBAChD,QAAQ,OAAA,CAAQ,MAAA;AAAA,kBAChB,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO;AAAA,iBACrC,CAAA;AACD,gBAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,WAAW,CAAA;AAClD,gBAAA,MAAM,qBAAA,GAAwB,MAAM,iBAAA,CAAkB,IAAA,EAAM,gBAAA,EAAkB;AAAA,kBAC5E,IAAA;AAAA,kBACA,SAAA,EAAW;AAAA,iBACZ,CAAA;AAGD,gBAAA,IAAI,UAAU,qBAAA,EAAuB;AACnC,kBAAC,sBAA8B,gBAAA,GAAmB,cAAA;AAAA,gBACpD;AACA,gBAAA,OAAO,qBAAA;AAAA,cACT;AAAA,YACF;AAAA,UACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKD,SAAS,yBAAyB,OAAA,EAAgD;AAChF,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,YAAY,CAAA,IAAK,QAAQ,YAAY,CAAA;AAC/D,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,UAAU,CAAA;AACxC,EAAA,OAAO,KAAA,GAAS,KAAA,CAAM,CAAC,CAAA,IAAK,IAAA,GAAQ,IAAA;AACtC;AAMO,IAAM,yBAAyBH,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBI,2CAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOD,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsBH,mCAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBK,qCAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBH,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBO,wCAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoBP,mCAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOG,6BAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqBH,mCAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgBQ,uCAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,OAAOH,6BAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCH,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYS,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCN,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYU,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,MAAMK,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAIL,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMD,IAAM,yBAAA,GAA4BM,KAAE,MAAA,CAAO,EAAE,QAAQA,IAAA,CAAE,MAAA,IAAU,CAAA;AACjE,IAAM,6BAAA,GAAgCA,IAAA,CAAE,MAAA,CAAO,EAAE,QAAQA,IAAA,CAAE,MAAA,EAAO,EAAG,WAAA,EAAaA,KAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,GAAG,CAAA;AAEhG,IAAM,6BAA6BC,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iCAAA;AAAA,EACN,YAAA,EAAc,IAAA;AAAA,EACd,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,yBAAA;AAAA,EACjB,cAAA,EAAgB,6BAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAO,GAAI,GAAA;AAG3C,MAAA,MAAM,iBAAA,GAA8B,cAAA,EAAgB,GAAA,CAAIC,6CAA2B,KAAK,EAAC;AACzF,MAAA,MAAM,OAAA,GAAU,kBAAkB,IAAA,CAAK,CAAC,MAAc,CAAA,KAAM,GAAA,IAAO,MAAM,KAAK,CAAA;AAC9E,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIR,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yBAAyB,CAAA;AAAA,MACnE;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,IAAI,CAAC,MAAM,qBAAA,EAAuB;AAChC,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6DAA6D,CAAA;AAAA,MACvG;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,qBAAA,CAAsB,MAAM,CAAA;AAC3D,MAAA,OAAO,EAAE,QAAQ,WAAA,EAAY;AAAA,IAC/B,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,OAAOH,6BAAA,CAAY,OAAO,gCAAgC,CAAA;AAAA,IAC5D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-KUPT7YFR.cjs","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, IFGAProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { z } from 'zod/v4';\nimport { supportsSessionRefresh } from '../auth/helpers';\nimport { MASTRA_USER_PERMISSIONS_KEY } from '../constants';\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n refreshResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute, createRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (\n auth: any,\n request: Request,\n options?: { rbac?: any; fga?: any; apiPrefix?: string },\n) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname,\n * so we rely on forwarded headers to reconstruct the real public origin.\n *\n * Assumes the server is behind a trusted proxy (or running locally). When\n * exposed directly to untrusted clients, the Host header is attacker-controlled\n * and must be validated upstream.\n *\n * Priority:\n * 1. X-Forwarded-Host (traditional reverse proxy) → always HTTPS. Knative's\n * queue-proxy overwrites X-Forwarded-Proto based on the internal HTTP\n * connection, so X-Forwarded-Proto is ignored here.\n * 2. Host header with X-Forwarded-Proto (AWS ALB, some proxies) → respect proto.\n * 3. Host header alone → use the scheme from request.url (covers both direct\n * HTTP access and proxies that preserve Host but don't set a proto header).\n * 4. No Host header → fall back to request.url.origin (local dev / direct access).\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n\n const host = request.headers.get('host');\n if (host) {\n const forwardedProto = request.headers.get('x-forwarded-proto')?.split(',')[0]?.trim();\n const proto = forwardedProto || new URL(request.url).protocol.replace(':', '');\n return `${proto}://${host}`;\n }\n\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Helper to get FGA provider from Mastra server config.\n */\nfunction getFGAProvider(mastra: any): IFGAProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.fga as IFGAProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && typeof (auth as any)[method] === 'function';\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra);\n const fga = getFGAProvider(mastra);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, fga, apiPrefix: routePrefix });\n\n // If capabilities came back without a user, the session may have expired.\n // Attempt a transparent refresh (same logic as coreAuthMiddleware) and retry.\n if (!('user' in capabilities) && supportsSessionRefresh(auth)) {\n try {\n const sessionId = await auth.getSessionIdFromRequest(request);\n if (sessionId) {\n const refreshedSession = await auth.refreshSession(sessionId);\n if (refreshedSession) {\n const sessionHeaders = await auth.getSessionHeaders(refreshedSession);\n const cookieValue = extractCookieFromHeaders(sessionHeaders);\n if (cookieValue) {\n // Rebuild capabilities with the refreshed cookie\n const refreshedRequest = new Request(request.url, {\n method: request.method,\n headers: new Headers(request.headers),\n });\n refreshedRequest.headers.set('Cookie', cookieValue);\n const refreshedCapabilities = await buildCapabilities(auth, refreshedRequest, {\n rbac,\n apiPrefix: routePrefix,\n });\n\n // Attach refresh headers so the adapter can set the new cookie\n if ('user' in refreshedCapabilities) {\n (refreshedCapabilities as any).__refreshHeaders = sessionHeaders;\n }\n return refreshedCapabilities;\n }\n }\n }\n } catch {\n // Refresh failed — return original unauthenticated capabilities\n }\n }\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n/**\n * Extract a full cookie string from session headers (e.g. Set-Cookie → Cookie).\n */\nfunction extractCookieFromHeaders(headers: Record<string, string>): string | null {\n const setCookie = headers['Set-Cookie'] || headers['set-cookie'];\n if (!setCookie) return null;\n // Set-Cookie value is \"name=value; Path=/; ...\" — extract \"name=value\"\n const match = setCookie.match(/^([^;]+)/);\n return match ? (match[1] ?? null) : null;\n}\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const auth = getAuthProvider(mastra);\n const rbac = getRBACProvider(mastra);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/refresh',\n responseType: 'datastream-response',\n responseSchema: refreshResponseSchema,\n summary: 'Refresh session',\n description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (\n !auth ||\n !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n ) {\n throw new HTTPException(404, { message: 'Session refresh not configured' });\n }\n\n // Get session ID from request\n const sessionId = auth.getSessionIdFromRequest(request);\n if (!sessionId) {\n throw new HTTPException(401, { message: 'No session' });\n }\n\n // Refresh the session\n const newSession = await auth.refreshSession(sessionId);\n if (!newSession) {\n throw new HTTPException(401, { message: 'Session expired' });\n }\n\n // Build response with new session headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n const sessionHeaders = auth.getSessionHeaders(newSession);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers,\n });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error refreshing session');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// GET /auth/roles/:roleId/permissions\n// ============================================================================\n\nconst rolePermissionsPathSchema = z.object({ roleId: z.string() });\nconst rolePermissionsResponseSchema = z.object({ roleId: z.string(), permissions: z.array(z.string()) });\n\nexport const GET_ROLE_PERMISSIONS_ROUTE = createRoute({\n method: 'GET',\n path: '/auth/roles/:roleId/permissions',\n requiresAuth: true,\n responseType: 'json',\n pathParamSchema: rolePermissionsPathSchema,\n responseSchema: rolePermissionsResponseSchema,\n summary: 'Get permissions for a role',\n description:\n 'Returns the resolved permissions for a specific role. Only accessible by admin users. Used by the \"View as role\" feature.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, requestContext, roleId } = ctx as any;\n\n // Check that the caller is an admin\n const callerPermissions: string[] = requestContext?.get(MASTRA_USER_PERMISSIONS_KEY) ?? [];\n const isAdmin = callerPermissions.some((p: string) => p === '*' || p === '*:*');\n if (!isAdmin) {\n throw new HTTPException(403, { message: 'Admin access required' });\n }\n\n const rbac = getRBACProvider(mastra);\n if (!rbac?.getPermissionsForRole) {\n throw new HTTPException(404, { message: 'RBAC provider does not support role permission resolution' });\n }\n\n const permissions = await rbac.getPermissionsForRole(roleId);\n return { roleId, permissions };\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error getting role permissions');\n }\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_REFRESH_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n GET_ROLE_PERMISSIONS_ROUTE,\n] as const;\n"]}
1
+ {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["createPublicRoute","capabilitiesResponseSchema","supportsSessionRefresh","handleError","currentUserResponseSchema","ssoLoginQuerySchema","HTTPException","ssoCallbackQuerySchema","refreshResponseSchema","credentialsSignInBodySchema","credentialsSignUpBodySchema","mastra","z","createRoute","MASTRA_USER_PERMISSIONS_KEY"],"mappings":";;;;;;;;;;AAyCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAoBO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AAEA,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACrF,IAAA,MAAM,KAAA,GAAQ,cAAA,IAAkB,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,EAAE,CAAA;AAC7E,IAAA,OAAO,CAAA,EAAG,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,eAAe,MAAA,EAA+C;AACrE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,GAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,QAAQ,OAAO,IAAA,KAAS,YAAY,OAAQ,IAAA,CAAa,MAAM,CAAA,KAAM,UAAA;AACvF;AAMO,IAAM,8BAA8BA,mCAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,4CAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,GAAA,GAAM,eAAe,MAAM,CAAA;AAEjC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,OAAA,EAAS,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,WAAA,EAAa,CAAA;AAIjG,MAAA,IAAI,EAAE,MAAA,IAAU,YAAA,CAAA,IAAiBC,wCAAA,CAAuB,IAAI,CAAA,EAAG;AAC7D,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AAC5D,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AAC5D,YAAA,IAAI,gBAAA,EAAkB;AACpB,cAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,iBAAA,CAAkB,gBAAgB,CAAA;AACpE,cAAA,MAAM,WAAA,GAAc,yBAAyB,cAAc,CAAA;AAC3D,cAAA,IAAI,WAAA,EAAa;AAEf,gBAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK;AAAA,kBAChD,QAAQ,OAAA,CAAQ,MAAA;AAAA,kBAChB,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO;AAAA,iBACrC,CAAA;AACD,gBAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,WAAW,CAAA;AAClD,gBAAA,MAAM,qBAAA,GAAwB,MAAM,iBAAA,CAAkB,IAAA,EAAM,gBAAA,EAAkB;AAAA,kBAC5E,IAAA;AAAA,kBACA,SAAA,EAAW;AAAA,iBACZ,CAAA;AAGD,gBAAA,IAAI,UAAU,qBAAA,EAAuB;AACnC,kBAAC,sBAA8B,gBAAA,GAAmB,cAAA;AAAA,gBACpD;AACA,gBAAA,OAAO,qBAAA;AAAA,cACT;AAAA,YACF;AAAA,UACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKD,SAAS,yBAAyB,OAAA,EAAgD;AAChF,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,YAAY,CAAA,IAAK,QAAQ,YAAY,CAAA;AAC/D,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,UAAU,CAAA;AACxC,EAAA,OAAO,KAAA,GAAS,KAAA,CAAM,CAAC,CAAA,IAAK,IAAA,GAAQ,IAAA;AACtC;AAMO,IAAM,yBAAyBH,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBI,2CAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOD,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsBH,mCAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBK,qCAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBH,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBO,wCAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoBP,mCAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOG,6BAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqBH,mCAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgBQ,uCAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,OAAOH,6BAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCH,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYS,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCN,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYU,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,MAAMK,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAIL,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMD,IAAM,yBAAA,GAA4BM,KAAE,MAAA,CAAO,EAAE,QAAQA,IAAA,CAAE,MAAA,IAAU,CAAA;AACjE,IAAM,6BAAA,GAAgCA,IAAA,CAAE,MAAA,CAAO,EAAE,QAAQA,IAAA,CAAE,MAAA,EAAO,EAAG,WAAA,EAAaA,KAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,GAAG,CAAA;AAEhG,IAAM,6BAA6BC,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iCAAA;AAAA,EACN,YAAA,EAAc,IAAA;AAAA,EACd,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,yBAAA;AAAA,EACjB,cAAA,EAAgB,6BAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAO,GAAI,GAAA;AAG3C,MAAA,MAAM,iBAAA,GAA8B,cAAA,EAAgB,GAAA,CAAIC,6CAA2B,KAAK,EAAC;AACzF,MAAA,MAAM,OAAA,GAAU,kBAAkB,IAAA,CAAK,CAAC,MAAc,CAAA,KAAM,GAAA,IAAO,MAAM,KAAK,CAAA;AAC9E,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIR,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yBAAyB,CAAA;AAAA,MACnE;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,IAAI,CAAC,MAAM,qBAAA,EAAuB;AAChC,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6DAA6D,CAAA;AAAA,MACvG;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,qBAAA,CAAsB,MAAM,CAAA;AAC3D,MAAA,OAAO,EAAE,QAAQ,WAAA,EAAY;AAAA,IAC/B,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,OAAOH,6BAAA,CAAY,OAAO,gCAAgC,CAAA;AAAA,IAC5D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-NYPBCQOT.cjs","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, IFGAProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { z } from 'zod/v4';\nimport { supportsSessionRefresh } from '../auth/helpers';\nimport { MASTRA_USER_PERMISSIONS_KEY } from '../constants';\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n refreshResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute, createRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (\n auth: any,\n request: Request,\n options?: { rbac?: any; fga?: any; apiPrefix?: string },\n) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname,\n * so we rely on forwarded headers to reconstruct the real public origin.\n *\n * Assumes the server is behind a trusted proxy (or running locally). When\n * exposed directly to untrusted clients, the Host header is attacker-controlled\n * and must be validated upstream.\n *\n * Priority:\n * 1. X-Forwarded-Host (traditional reverse proxy) → always HTTPS. Knative's\n * queue-proxy overwrites X-Forwarded-Proto based on the internal HTTP\n * connection, so X-Forwarded-Proto is ignored here.\n * 2. Host header with X-Forwarded-Proto (AWS ALB, some proxies) → respect proto.\n * 3. Host header alone → use the scheme from request.url (covers both direct\n * HTTP access and proxies that preserve Host but don't set a proto header).\n * 4. No Host header → fall back to request.url.origin (local dev / direct access).\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n\n const host = request.headers.get('host');\n if (host) {\n const forwardedProto = request.headers.get('x-forwarded-proto')?.split(',')[0]?.trim();\n const proto = forwardedProto || new URL(request.url).protocol.replace(':', '');\n return `${proto}://${host}`;\n }\n\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Helper to get FGA provider from Mastra server config.\n */\nfunction getFGAProvider(mastra: any): IFGAProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.fga as IFGAProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && typeof (auth as any)[method] === 'function';\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra);\n const fga = getFGAProvider(mastra);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, fga, apiPrefix: routePrefix });\n\n // If capabilities came back without a user, the session may have expired.\n // Attempt a transparent refresh (same logic as coreAuthMiddleware) and retry.\n if (!('user' in capabilities) && supportsSessionRefresh(auth)) {\n try {\n const sessionId = await auth.getSessionIdFromRequest(request);\n if (sessionId) {\n const refreshedSession = await auth.refreshSession(sessionId);\n if (refreshedSession) {\n const sessionHeaders = await auth.getSessionHeaders(refreshedSession);\n const cookieValue = extractCookieFromHeaders(sessionHeaders);\n if (cookieValue) {\n // Rebuild capabilities with the refreshed cookie\n const refreshedRequest = new Request(request.url, {\n method: request.method,\n headers: new Headers(request.headers),\n });\n refreshedRequest.headers.set('Cookie', cookieValue);\n const refreshedCapabilities = await buildCapabilities(auth, refreshedRequest, {\n rbac,\n apiPrefix: routePrefix,\n });\n\n // Attach refresh headers so the adapter can set the new cookie\n if ('user' in refreshedCapabilities) {\n (refreshedCapabilities as any).__refreshHeaders = sessionHeaders;\n }\n return refreshedCapabilities;\n }\n }\n }\n } catch {\n // Refresh failed — return original unauthenticated capabilities\n }\n }\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n/**\n * Extract a full cookie string from session headers (e.g. Set-Cookie → Cookie).\n */\nfunction extractCookieFromHeaders(headers: Record<string, string>): string | null {\n const setCookie = headers['Set-Cookie'] || headers['set-cookie'];\n if (!setCookie) return null;\n // Set-Cookie value is \"name=value; Path=/; ...\" — extract \"name=value\"\n const match = setCookie.match(/^([^;]+)/);\n return match ? (match[1] ?? null) : null;\n}\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const auth = getAuthProvider(mastra);\n const rbac = getRBACProvider(mastra);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/refresh',\n responseType: 'datastream-response',\n responseSchema: refreshResponseSchema,\n summary: 'Refresh session',\n description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (\n !auth ||\n !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n ) {\n throw new HTTPException(404, { message: 'Session refresh not configured' });\n }\n\n // Get session ID from request\n const sessionId = auth.getSessionIdFromRequest(request);\n if (!sessionId) {\n throw new HTTPException(401, { message: 'No session' });\n }\n\n // Refresh the session\n const newSession = await auth.refreshSession(sessionId);\n if (!newSession) {\n throw new HTTPException(401, { message: 'Session expired' });\n }\n\n // Build response with new session headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n const sessionHeaders = auth.getSessionHeaders(newSession);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers,\n });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error refreshing session');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// GET /auth/roles/:roleId/permissions\n// ============================================================================\n\nconst rolePermissionsPathSchema = z.object({ roleId: z.string() });\nconst rolePermissionsResponseSchema = z.object({ roleId: z.string(), permissions: z.array(z.string()) });\n\nexport const GET_ROLE_PERMISSIONS_ROUTE = createRoute({\n method: 'GET',\n path: '/auth/roles/:roleId/permissions',\n requiresAuth: true,\n responseType: 'json',\n pathParamSchema: rolePermissionsPathSchema,\n responseSchema: rolePermissionsResponseSchema,\n summary: 'Get permissions for a role',\n description:\n 'Returns the resolved permissions for a specific role. Only accessible by admin users. Used by the \"View as role\" feature.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, requestContext, roleId } = ctx as any;\n\n // Check that the caller is an admin\n const callerPermissions: string[] = requestContext?.get(MASTRA_USER_PERMISSIONS_KEY) ?? [];\n const isAdmin = callerPermissions.some((p: string) => p === '*' || p === '*:*');\n if (!isAdmin) {\n throw new HTTPException(403, { message: 'Admin access required' });\n }\n\n const rbac = getRBACProvider(mastra);\n if (!rbac?.getPermissionsForRole) {\n throw new HTTPException(404, { message: 'RBAC provider does not support role permission resolution' });\n }\n\n const permissions = await rbac.getPermissionsForRole(roleId);\n return { roleId, permissions };\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error getting role permissions');\n }\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_REFRESH_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n GET_ROLE_PERMISSIONS_ROUTE,\n] as const;\n"]}
package/dist/{chunk-FI5FIBFG.cjs → chunk-OHJRP6K7.cjs} RENAMED
@@ -5,11 +5,11 @@ var chunkV4ATNZXG_cjs = require('./chunk-V4ATNZXG.cjs');
5
5
  var chunk4G7S52U3_cjs = require('./chunk-4G7S52U3.cjs');
6
6
  var chunk2XZ2466F_cjs = require('./chunk-2XZ2466F.cjs');
7
7
  var chunkVX3MJR4P_cjs = require('./chunk-VX3MJR4P.cjs');
8
- var chunkLTRLD33R_cjs = require('./chunk-LTRLD33R.cjs');
9
8
  var chunkQZ6UFQ7V_cjs = require('./chunk-QZ6UFQ7V.cjs');
10
9
  var chunkYNSUYESL_cjs = require('./chunk-YNSUYESL.cjs');
11
10
  var chunkXTFWFQZ7_cjs = require('./chunk-XTFWFQZ7.cjs');
12
11
  var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
12
+ var chunkLTRLD33R_cjs = require('./chunk-LTRLD33R.cjs');
13
13
  var chunkDIG2K5CV_cjs = require('./chunk-DIG2K5CV.cjs');
14
14
  var ee = require('@mastra/core/agent-builder/ee');
15
15
 
@@ -547,5 +547,5 @@ exports.GET_STORED_AGENT_ROUTE = GET_STORED_AGENT_ROUTE;
547
547
  exports.LIST_STORED_AGENTS_ROUTE = LIST_STORED_AGENTS_ROUTE;
548
548
  exports.PREVIEW_INSTRUCTIONS_ROUTE = PREVIEW_INSTRUCTIONS_ROUTE;
549
549
  exports.UPDATE_STORED_AGENT_ROUTE = UPDATE_STORED_AGENT_ROUTE;
550
- //# sourceMappingURL=chunk-FI5FIBFG.cjs.map
551
- //# sourceMappingURL=chunk-FI5FIBFG.cjs.map
550
+ //# sourceMappingURL=chunk-OHJRP6K7.cjs.map
551
+ //# sourceMappingURL=chunk-OHJRP6K7.cjs.map
package/dist/{chunk-FI5FIBFG.cjs.map → chunk-OHJRP6K7.cjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/server/utils/resolve-builder-model-policy.ts","../src/server/handlers/stored-agents.ts"],"names":["builderToModelPolicy","createRoute","listStoredAgentsQuerySchema","listStoredAgentsResponseSchema","HTTPException","resolveAuthorFilter","getStoredResourceScope","scopeStoredResourceMetadata","getCallerAuthorId","isBuilderFeatureEnabled","matchesAuthorFilter","annotated","stripFavoriteFields","prepareFavoritesEnrichment","handleError","storedAgentIdPathParams","statusQuerySchema","getStoredAgentResponseSchema","assertStoredResourceScope","assertReadAccess","createStoredAgentBodySchema","createStoredAgentResponseSchema","toSlug","validateMetadataAvatarUrl","assertModelAllowed","updateStoredAgentBodySchema","updateStoredAgentResponseSchema","assertWriteAccess","handleAutoVersioning","deleteStoredAgentResponseSchema","previewInstructionsBodySchema","previewInstructionsResponseSchema"],"mappings":";;;;;;;;;;;;;;;AAiBA,eAAsB,0BAA0B,MAAA,EAAgE;AAC9G,EAAA,IAAI,CAAC,MAAA,EAAQ,OAAO,EAAE,QAAQ,KAAA,EAAM;AACpC,EAAA,IAAI,OAAO,MAAA,CAAO,cAAA,KAAmB,YAAY,OAAO,EAAE,QAAQ,KAAA,EAAM;AACxE,EAAA,IAAI,OAAO,MAAA,CAAO,uBAAA,KAA4B,cAAc,CAAC,MAAA,CAAO,yBAAwB,EAAG;AAC7F,IAAA,OAAO,EAAE,QAAQ,KAAA,EAAM;AAAA,EACzB;AAKA,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,IAAA,OAAOA,wBAAqB,OAAO,CAAA;AAAA,EACrC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,QAAQ,KAAA,EAAM;AAAA,EACzB;AACF;;;ACWA,eAAe,mBAAA,CAAoB,SAAkB,MAAA,EAAyD;AAC5G,EAAA,IAAI,YAAY,IAAA,EAAM;AACpB,IAAA,MAAM,MAAA,GAAS,OAAO,SAAA,IAAY;AAClC,IAAA,MAAM,OAAA,GAAU,MAAM,MAAA,EAAQ,cAAA,IAAiB;AAC/C,IAAA,MAAM,cAAA,GAAiB,OAAA,EAAS,gBAAA,IAAmB,EAAG,KAAA,EAAO,OAAA;AAC7D,IAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN;AAAA,OAGF;AAAA,IACF;AACA,IAAA,OAAO,cAAA,IAAkB,MAAA;AAAA,EAC3B;AACA,EAAA,IAAI,YAAY,KAAA,EAAO;AACrB,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,OAAA;AACT;AAEA,IAAM,4BAAA,GAA+B;AAAA,EACnC,MAAA;AAAA,EACA,aAAA;AAAA,EACA,cAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,gBAAA;AAAA,EACA,WAAA;AAAA,EACA,QAAA;AAAA,EACA,kBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,QAAA;AAAA,EACA,SAAA;AAAA,EACA,sBAAA;AAAA,EACA,YAAA;AAAA,EACA,QAAA;AAAA,EACA,WAAA;AAAA,EACA;AACF,CAAA;AASO,IAAM,2BAA2BC,6BAAA,CAAY;AAAA,EAClD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,6CAAA;AAAA,EAClB,cAAA,EAAgBC,gDAAA;AAAA,EAChB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,cAAA;AAAA,IACA,IAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,UAAA;AAAA,IACA,QAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAKA,MAAA,MAAM,SAASC,qCAAA,CAAoB;AAAA,QACjC,cAAA;AAAA,QACA,QAAA,EAAU,eAAA;AAAA,QACV,aAAA,EAAe,QAAA;AAAA,QACf,eAAA,EAAiB,UAAA,KAAe,QAAA,GAAW,QAAA,GAAW;AAAA,OACvD,CAAA;AAED,MAAA,MAAM,KAAA,GAAQ,MAAMC,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAA;AACjE,MAAA,MAAM,cAAA,GAAiBC,6CAAA,CAA4B,QAAA,EAAU,KAAK,CAAA;AAElE,MAAA,MAAM,QAAA,GAAWC,oCAAkB,cAAc,CAAA;AACjD,MAAA,MAAM,gBAAA,GAAmB,MAAMC,yCAAA,CAAwB,MAAA,EAAQ,WAAW,CAAA;AAC1E,MAAA,MAAM,kBAAA,GAAqB,oBAAoB,aAAA,KAAkB,IAAA;AACjE,MAAA,MAAM,oBAAoB,eAAA,IAAmB,QAAA;AAG7C,MAAA,IAAI,kBAAA,EAAoB;AACtB,QAAA,MAAM,mBAA2B,OAAA,IAAW,GAAA;AAC5C,QAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,UAAA,OAAO,EAAE,MAAA,EAAQ,EAAC,EAAG,KAAA,EAAO,GAAG,IAAA,EAAM,OAAA,EAAS,gBAAA,EAAkB,OAAA,EAAS,KAAA,EAAM;AAAA,QACjF;AACA,QAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,WAAW,CAAA;AACzD,QAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,UAAA,MAAM,IAAIL,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,QACvF;AACA,QAAA,MAAM,UAAA,GAAa,MAAM,cAAA,CAAe,gBAAA,CAAiB,EAAE,MAAA,EAAQ,iBAAA,EAAmB,UAAA,EAAY,OAAA,EAAS,CAAA;AAC3G,QAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3B,UAAA,OAAO,EAAE,MAAA,EAAQ,EAAC,EAAG,KAAA,EAAO,GAAG,IAAA,EAAM,OAAA,EAAS,gBAAA,EAAkB,OAAA,EAAS,KAAA,EAAM;AAAA,QACjF;AACA,QAAA,MAAM,WAAA,GAAc,MAAM,WAAA,CAAY,YAAA,CAAa;AAAA,UACjD,OAAA,EAAS,KAAA;AAAA,UACT,OAAA;AAAA,UACA,MAAA;AAAA,UACA,QAAA,EAAU,MAAA,CAAO,IAAA,KAAS,OAAA,GAAU,OAAO,QAAA,GAAW,MAAA;AAAA,UACtD,QAAA,EAAU,cAAA;AAAA,UACV,SAAA,EAAW;AAAA,SACZ,CAAA;AACD,QAAA,MAAM,OAAA,GAAU,YAAY,MAAA,CAAO,MAAA,CAAO,YAAUM,qCAAA,CAAoB,MAAA,EAAQ,MAAM,CAAC,CAAA;AACvF,QAAA,MAAM,QAAQ,OAAA,CAAQ,MAAA;AACtB,QAAA,MAAM,QAAA,GAAW,gBAAA,KAAqB,CAAA,GAAI,CAAA,GAAI,IAAA,GAAO,gBAAA;AACrD,QAAA,MAAM,MAAA,GAAS,gBAAA,KAAqB,CAAA,GAAI,CAAA,GAAI,QAAA,GAAW,gBAAA;AACvD,QAAA,MAAM,MAAA,GAAS,qBAAqB,CAAA,GAAI,KAAK,OAAA,CAAQ,KAAA,CAAM,UAAU,MAAM,CAAA;AAC3E,QAAA,MAAMC,UAAAA,GAAY,OAAO,GAAA,CAAI,CAAA,MAAA,MAAW,EAAE,GAAG,MAAA,EAAQ,WAAA,EAAa,IAAA,EAAK,CAAE,CAAA;AACzE,QAAA,MAAM,OAAA,GAAU,gBAAA,GAAmB,CAAA,IAAK,MAAA,GAAS,KAAA;AACjD,QAAA,OAAO,EAAE,MAAA,EAAQA,UAAAA,EAAW,OAAO,IAAA,EAAM,OAAA,EAAS,kBAAkB,OAAA,EAAQ;AAAA,MAC9E;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,YAAA,CAAa;AAAA,QAC5C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA,EAAU,MAAA,CAAO,IAAA,KAAS,OAAA,GAAU,OAAO,QAAA,GAAW,MAAA;AAAA,QACtD,QAAA,EAAU;AAAA,OACX,CAAA;AASD,MAAA,MAAM,aAAA,GAAgB,OAAO,MAAA,CAAO,MAAA,CAAO,YAAUD,qCAAA,CAAoB,MAAA,EAAQ,MAAM,CAAC,CAAA;AAExF,MAAA,IAAI,CAAC,gBAAA,EAAkB;AACrB,QAAA,OAAO,EAAE,GAAG,MAAA,EAAQ,QAAQ,aAAA,CAAc,GAAA,CAAIE,qCAAmB,CAAA,EAAE;AAAA,MACrE;AAEA,MAAA,MAAM,aAAa,MAAMC,4CAAA;AAAA,QACvB,MAAA;AAAA,QACA,cAAA;AAAA,QACA,OAAA;AAAA,QACA,aAAA,CAAc,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,EAAE;AAAA,OAC7B;AACA,MAAA,MAAM,YAAY,UAAA,GACd,aAAA,CAAc,GAAA,CAAI,CAAA,MAAA,MAAW,EAAE,GAAG,MAAA,EAAQ,WAAA,EAAa,UAAA,CAAW,WAAW,GAAA,CAAI,MAAA,CAAO,EAAE,CAAA,GAAI,CAAA,GAC9F,aAAA;AAEJ,MAAA,OAAO,EAAE,GAAG,MAAA,EAAQ,MAAA,EAAQ,SAAA,EAAU;AAAA,IACxC,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,yBAAyBb,6BAAA,CAAY;AAAA,EAChD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBc,yCAAA;AAAA,EACjB,gBAAA,EAAkBC,mCAAA;AAAA,EAClB,cAAA,EAAgBC,8CAAA;AAAA,EAChB,OAAA,EAAS,wBAAA;AAAA,EACT,WAAA,EACE,gMAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,QAAQ,cAAA,EAAgB,aAAA,EAAe,QAAO,KAAM;AACpE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIb,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,QAAQ,MAAM,WAAA,CAAY,gBAAgB,aAAA,EAAe,EAAE,QAAQ,CAAA;AAEzE,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AACA,MAAAc,2CAAA,CAA0B,KAAA,EAAO,MAAMZ,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAC,CAAA;AAIrF,MAAAa,kCAAA,CAAiB,EAAE,gBAAgB,QAAA,EAAU,eAAA,EAAiB,YAAY,aAAA,EAAe,MAAA,EAAQ,OAAO,CAAA;AAExG,MAAA,MAAM,UAAA,GAAa,MAAMN,4CAAA,CAA2B,MAAA,EAAQ,gBAAgB,OAAA,EAAS,CAAC,KAAA,CAAM,EAAE,CAAC,CAAA;AAC/F,MAAA,IAAI,UAAA,EAAY;AACd,QAAA,OAAO,EAAE,GAAG,KAAA,EAAO,WAAA,EAAa,WAAW,UAAA,CAAW,GAAA,CAAI,KAAA,CAAM,EAAE,CAAA,EAAE;AAAA,MACtE;AACA,MAAA,OAAOD,sCAAoB,KAAK,CAAA;AAAA,IAClC,SAAS,KAAA,EAAO;AACd,MAAA,OAAOE,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAOTb,6BAAA,CAAY;AAAA,EACd,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYmB,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,gEAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,cAAA;AAAA,IACA,EAAA,EAAI,UAAA;AAAA,IACJ,QAAA;AAAA,IACA,UAAA,EAAY,cAAA;AAAA,IACZ,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,KAAA;AAAA,IACA,KAAA;AAAA,IACA,cAAA;AAAA,IACA,SAAA;AAAA,IACA,MAAA;AAAA,IACA,gBAAA;AAAA,IACA,UAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIjB,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAckB,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIlB,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,EAAE,CAAA;AAC7C,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,cAAA,EAAiB,EAAE,mBAAmB,CAAA;AAAA,MAChF;AAKA,MAAA,MAAM,QAAA,GAAWI,mCAAA,CAAkB,cAAc,CAAA,IAAK,MAAA;AACtD,MAAA,MAAM,UAAA,GAAa,QAAA,GAAY,cAAA,IAAkB,SAAA,GAAa,QAAA;AAG9D,MAAAe,2CAAA,CAA0B,QAAQ,CAAA;AAIlC,MAAA,IAAI,UAAU,MAAA,EAAW;AACvB,QAAA,MAAM,MAAA,GAAS,MAAM,yBAAA,CAA0B,MAAA,CAAO,aAAa,CAAA;AACnE,QAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,UAAAC,qBAAA,CAAmB,MAAA,CAAO,SAAS,KAAiD,CAAA;AAAA,QACtF;AAAA,MACF;AAEA,MAAA,MAAM,eAAA,GAAkB,MAAM,mBAAA,CAAoB,OAAA,EAAS,MAAM,CAAA;AAEjE,MAAA,MAAM,KAAA,GAAQ;AAAA,QACZ,EAAA;AAAA,QACA,QAAA;AAAA,QACA,UAAA;AAAA,QACA,UAAUjB,6CAAA,CAA4B,QAAA,EAAU,MAAMD,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAC,CAAA;AAAA,QACpG,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,KAAA;AAAA,QACA,KAAA;AAAA,QACA,cAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA;AAAA,QACA,gBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA,gBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,OAAA,EAAS,eAAA;AAAA,QACT;AAAA,OACF;AAGA,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,IAAY;AAClC,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAM,MAAA,CAAO,KAAA,CAAM,MAAA,CAAO,KAAK,CAAA;AAAA,MACjC,CAAA,MAAO;AAEL,QAAA,MAAM,WAAA,CAAY,MAAA,CAAO,EAAE,KAAA,EAAO,OAAO,CAAA;AAAA,MAC3C;AAKA,MAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,WAAA,CAAY,YAAA,CAAa,EAAE,OAAA,EAAS,EAAA,EAAI,OAAA,EAAS,CAAA,EAAG,CAAA;AAC/E,MAAA,MAAM,cAAA,GAAiB,SAAS,CAAC,CAAA;AACjC,MAAA,IAAI,cAAA,EAAgB;AAClB,QAAA,MAAM,YAAY,MAAA,CAAO;AAAA,UACvB,EAAA;AAAA,UACA,iBAAiB,cAAA,CAAe,EAAA;AAAA,UAChC,MAAA,EAAQ;AAAA,SACT,CAAA;AACD,QAAA,MAAA,EAAQ,KAAA,CAAM,WAAW,EAAE,CAAA;AAAA,MAC7B;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,eAAA,CAAgB,IAAI,EAAE,MAAA,EAAQ,aAAa,CAAA;AAC9E,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOU,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAYTb,6BAAA,CAAY;AAAA,EACd,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBc,yCAAA;AAAA,EACjB,UAAA,EAAYU,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,cAAA;AAAA,IACA,aAAA;AAAA;AAAA,IAEA,QAAA;AAAA,IACA,QAAA;AAAA,IACA,UAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,KAAA;AAAA,IACA,KAAA;AAAA,IACA,cAAA;AAAA,IACA,SAAA;AAAA,IACA,MAAA;AAAA,IACA,gBAAA;AAAA,IACA,UAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,oBAAA;AAAA;AAAA,IAEA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAItB,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,aAAa,CAAA;AACxD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AACA,MAAA,MAAM,KAAA,GAAQ,MAAME,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAA;AACjE,MAAAY,2CAAA,CAA0B,UAAU,KAAK,CAAA;AAGzC,MAAAS,mCAAA,CAAkB;AAAA,QAChB,cAAA;AAAA,QACA,QAAA,EAAU,eAAA;AAAA,QACV,UAAA,EAAY,aAAA;AAAA,QACZ,MAAA,EAAQ,MAAA;AAAA,QACR,MAAA,EAAQ;AAAA,OACT,CAAA;AAGD,MAAAJ,2CAAA,CAA0B,QAAQ,CAAA;AAGlC,MAAA,MAAM,cAAA,GAAiBf,mCAAA,CAAkB,cAAc,CAAA,IAAK,MAAA;AAC5D,MAAA,MAAM,kBAAA,GAAqB,cAAA,GAAiB,UAAA,GAAa,UAAA,IAAc,OAAO,QAAA,GAAW,MAAA;AAGzF,MAAA,IAAI,UAAU,MAAA,EAAW;AACvB,QAAA,MAAM,MAAA,GAAS,MAAM,yBAAA,CAA0B,MAAA,CAAO,aAAa,CAAA;AACnE,QAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,UAAAgB,qBAAA,CAAmB,MAAA,CAAO,SAAS,KAAiD,CAAA;AAAA,QACtF;AAAA,MACF;AAGA,MAAA,MAAM,eAAA,GAAkB,MAAM,mBAAA,CAAoB,OAAA,EAAS,MAAM,CAAA;AAEjE,MAAA,MAAM,cAAA,GACJ,QAAA,KAAa,MAAA,GACTjB,6CAAA,CAA4B,EAAE,GAAI,QAAA,CAAS,QAAA,IAAY,EAAC,EAAI,GAAG,QAAA,EAAS,EAAG,KAAK,CAAA,GAChF,MAAA;AAKN,MAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,MAAA,CAAO;AAAA,QAC5C,EAAA,EAAI,aAAA;AAAA,QACJ,QAAA;AAAA,QACA,GAAI,cAAA,KAAmB,MAAA,GAAY,EAAE,QAAA,EAAU,cAAA,KAAmB,EAAC;AAAA,QACnE,UAAA,EAAY,kBAAA;AAAA,QACZ,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,KAAA;AAAA,QACA,KAAA;AAAA,QACA,cAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA;AAAA,QACA,gBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA,gBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,OAAA,EAAS,eAAA;AAAA,QACT;AAAA,OAC0B,CAAA;AAG5B,MAAA,MAAM,YAAA,GAAe;AAAA,QACnB,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,KAAA;AAAA,QACA,KAAA;AAAA,QACA,cAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA;AAAA,QACA,gBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA,gBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,OAAA,EAAS,eAAA;AAAA,QACT;AAAA,OACF;AAGA,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,WAAA,CAAY,MAAA,CAAO,QAAQ,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA,KAAM,MAAS,CAAC,CAAA;AAIhH,MAAA,MAAM,oBAAoB,MAAMqB,sCAAA;AAAA,QAC9B,WAAA;AAAA,QACA,aAAA;AAAA,QACA,SAAA;AAAA,QACA,4BAAA;AAAA,QACA,QAAA;AAAA,QACA,YAAA;AAAA,QACA,oBAAA;AAAA,QACA,aAAA,GAAgB,EAAE,aAAA,EAAc,GAAI;AAAA,OACtC;AAEA,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,MAC3D;AAOA,MAAA,IAAI,kBAAkB,cAAA,EAAgB;AACpC,QAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,WAAA,CAAY,YAAA,CAAa,EAAE,OAAA,EAAS,aAAA,EAAe,OAAA,EAAS,CAAA,EAAG,CAAA;AAC1F,QAAA,MAAM,aAAA,GAAgB,SAAS,CAAC,CAAA;AAChC,QAAA,IAAI,aAAA,EAAe;AACjB,UAAA,MAAM,YAAY,MAAA,CAAO;AAAA,YACvB,EAAA,EAAI,aAAA;AAAA,YACJ,iBAAiB,aAAA,CAAc;AAAA,WAChC,CAAA;AAAA,QACH;AAAA,MACF;AAGA,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAA,CAAO,KAAA,CAAM,WAAW,aAAa,CAAA;AAAA,MACvC;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,eAAA,CAAgB,eAAe,EAAE,MAAA,EAAQ,SAAS,CAAA;AACrF,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIxB,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOU,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4Bb,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBc,yCAAA;AAAA,EACjB,cAAA,EAAgBc,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,wDAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,cAAA,EAAgB,eAAc,KAAM;AAC5D,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIzB,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,aAAa,CAAA;AACxD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AACA,MAAAc,2CAAA,CAA0B,QAAA,EAAU,MAAMZ,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAC,CAAA;AAGxF,MAAAqB,mCAAA,CAAkB;AAAA,QAChB,cAAA;AAAA,QACA,QAAA,EAAU,eAAA;AAAA,QACV,UAAA,EAAY,aAAA;AAAA,QACZ,MAAA,EAAQ,QAAA;AAAA,QACR,MAAA,EAAQ;AAAA,OACT,CAAA;AAED,MAAA,MAAM,WAAA,CAAY,OAAO,aAAa,CAAA;AAItC,MAAA,IAAI;AACF,QAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,WAAW,CAAA;AACzD,QAAA,MAAM,gBAAgB,wBAAA,CAAyB,EAAE,YAAY,OAAA,EAAS,QAAA,EAAU,eAAe,CAAA;AAAA,MACjG,SAAS,YAAA,EAAc;AACrB,QAAA,MAAA,CACG,SAAA,MACC,IAAA,GAAO,8CAAA,EAAgD,EAAE,aAAA,EAAe,KAAA,EAAO,cAAc,CAAA;AAAA,MACnG;AAGA,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,UAAA,CAAW,aAAa,CAAA;AAElD,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,CAAA,MAAA,EAAS,aAAa,CAAA,qBAAA,CAAA,EAAwB;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOb,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,6BAA6Bb,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,qCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAY6B,+CAAA;AAAA,EACZ,cAAA,EAAgBC,mDAAA;AAAA,EAChB,OAAA,EAAS,+BAAA;AAAA,EACT,WAAA,EACE,6MAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,SAAQ,KAAM;AAC9C,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,MAAM,IAAI3B,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,MACtE;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,MAAA,CAAO,MAAA,CAAO,QAAQ,MAAA,EAAQ,OAAA,IAAW,EAAE,CAAA;AAEhE,MAAA,OAAO,EAAE,MAAA,EAAO;AAAA,IAClB,SAAS,KAAA,EAAO;AACd,MAAA,OAAOU,6BAAA,CAAY,OAAO,+BAA+B,CAAA;AAAA,IAC3D;AAAA,EACF;AACF,CAAC","file":"chunk-FI5FIBFG.cjs","sourcesContent":["import { builderToModelPolicy } from '@mastra/core/agent-builder/ee';\nimport type { BuilderModelPolicy } from '@mastra/core/agent-builder/ee';\nimport type { IMastraEditor } from '@mastra/core/editor';\n\n/**\n * Server-side wrapper around `builderToModelPolicy`.\n *\n * Handles the optional `IMastraEditor` builder API surface (older / OSS editors\n * may not implement `hasEnabledBuilderConfig` / `resolveBuilder`) and returns\n * a uniform `BuilderModelPolicy` to every call site.\n *\n * Returns `{ active: false }` whenever:\n * - no editor is configured,\n * - the editor doesn't expose builder methods,\n * - the builder config is disabled, or\n * - resolving the builder fails / yields nothing.\n */\nexport async function resolveBuilderModelPolicy(editor: IMastraEditor | undefined): Promise<BuilderModelPolicy> {\n if (!editor) return { active: false };\n if (typeof editor.resolveBuilder !== 'function') return { active: false };\n if (typeof editor.hasEnabledBuilderConfig === 'function' && !editor.hasEnabledBuilderConfig()) {\n return { active: false };\n }\n\n // Degrade to inactive on builder-resolution failure rather than letting the\n // rejection escape: agent execution routes seed this on every request, so a\n // transient failure must not 500 the entire route.\n try {\n const builder = await editor.resolveBuilder();\n return builderToModelPolicy(builder);\n } catch {\n return { active: false };\n }\n}\n","import { assertModelAllowed } from '@mastra/core/agent-builder/ee';\nimport type { StorageCreateAgentInput, StorageUpdateAgentInput } from '@mastra/core/storage';\nimport type { z } from 'zod/v4';\n\nimport { HTTPException } from '../http-exception';\nimport {\n storedAgentIdPathParams,\n statusQuerySchema,\n listStoredAgentsQuerySchema,\n createStoredAgentBodySchema,\n updateStoredAgentBodySchema,\n listStoredAgentsResponseSchema,\n getStoredAgentResponseSchema,\n createStoredAgentResponseSchema,\n updateStoredAgentResponseSchema,\n deleteStoredAgentResponseSchema,\n previewInstructionsBodySchema,\n previewInstructionsResponseSchema,\n} from '../schemas/stored-agents';\nimport type { ServerRoute, RouteSchemas, InferParams } from '../server-adapter/routes';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { assertStoredResourceScope, getStoredResourceScope, scopeStoredResourceMetadata, toSlug } from '../utils';\n\nimport { resolveBuilderModelPolicy } from '../utils/resolve-builder-model-policy';\nimport {\n assertReadAccess,\n assertWriteAccess,\n getCallerAuthorId,\n matchesAuthorFilter,\n resolveAuthorFilter,\n} from './authorship';\nimport { isBuilderFeatureEnabled } from './editor-builder';\nimport { handleError } from './error';\nimport { prepareFavoritesEnrichment, stripFavoriteFields } from './favorites-enrichment';\nimport { validateMetadataAvatarUrl } from './validate-avatar';\nimport { handleAutoVersioning } from './version-helpers';\nimport type { VersionedStoreInterface } from './version-helpers';\n\n/**\n * Resolve a `browser` field that may be a boolean shorthand from the UI.\n * - `true` → look up the admin's builder default browser config\n * - `false` → `null` (explicit clear)\n * - object/null/undefined → pass through unchanged\n */\nasync function resolveBrowserField(browser: unknown, mastra: { getEditor?: () => unknown }): Promise<unknown> {\n if (browser === true) {\n const editor = mastra.getEditor?.() as any;\n const builder = await editor?.resolveBuilder?.();\n const defaultBrowser = builder?.getConfiguration?.()?.agent?.browser;\n if (!defaultBrowser) {\n console.warn(\n '[mastra:server] Browser enabled (browser: true) but no default browser config found ' +\n 'in builder configuration. The agent will be created/updated without browser access. ' +\n 'Set `editor.builder.configuration.agent.browser` to fix this.',\n );\n }\n return defaultBrowser ?? undefined;\n }\n if (browser === false) {\n return null;\n }\n return browser;\n}\n\nconst AGENT_SNAPSHOT_CONFIG_FIELDS = [\n 'name',\n 'description',\n 'instructions',\n 'model',\n 'tools',\n 'defaultOptions',\n 'workflows',\n 'agents',\n 'integrationTools',\n 'inputProcessors',\n 'outputProcessors',\n 'memory',\n 'scorers',\n 'requestContextSchema',\n 'mcpClients',\n 'skills',\n 'workspace',\n 'browser',\n] as const;\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/**\n * GET /stored/agents - List all stored agents\n */\nexport const LIST_STORED_AGENTS_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/agents',\n responseType: 'json',\n queryParamSchema: listStoredAgentsQuerySchema,\n responseSchema: listStoredAgentsResponseSchema,\n summary: 'List stored agents',\n description: 'Returns a paginated list of all agents stored in the database',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({\n mastra,\n requestContext,\n page,\n perPage,\n orderBy,\n status,\n authorId,\n visibility,\n metadata,\n favoritedOnly,\n pinFavoritedFor,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n // Resolve the visibility scope for this caller. Non-owner queries for\n // another author return only that author's public rows; default lists\n // return the caller's rows plus legacy unowned records.\n const filter = resolveAuthorFilter({\n requestContext,\n resource: 'stored-agents',\n queryAuthorId: authorId,\n queryVisibility: visibility === 'public' ? 'public' : undefined,\n });\n\n const scope = await getStoredResourceScope(mastra, requestContext);\n const scopedMetadata = scopeStoredResourceMetadata(metadata, scope);\n\n const callerId = getCallerAuthorId(requestContext);\n const favoritesEnabled = await isBuilderFeatureEnabled(mastra, 'favorites');\n const honoredStarredOnly = favoritesEnabled && favoritedOnly === true;\n const favoriteSubjectId = pinFavoritedFor ?? callerId;\n\n // `?favoritedOnly=true`: fetch caller's favorited IDs, then refilter + recompute total.\n if (honoredStarredOnly) {\n const effectivePerPage: number = perPage ?? 100;\n if (!favoriteSubjectId) {\n return { agents: [], total: 0, page, perPage: effectivePerPage, hasMore: false };\n }\n const favoritesStore = await storage.getStore('favorites');\n if (!favoritesStore) {\n throw new HTTPException(500, { message: 'Favorites storage domain is not available' });\n }\n const starredIds = await favoritesStore.listFavoritedIds({ userId: favoriteSubjectId, entityType: 'agent' });\n if (starredIds.length === 0) {\n return { agents: [], total: 0, page, perPage: effectivePerPage, hasMore: false };\n }\n const allMatching = await agentsStore.listResolved({\n perPage: false,\n orderBy,\n status,\n authorId: filter.kind === 'exact' ? filter.authorId : undefined,\n metadata: scopedMetadata,\n entityIds: starredIds,\n });\n const visible = allMatching.agents.filter(record => matchesAuthorFilter(record, filter));\n const total = visible.length;\n const startIdx = effectivePerPage === 0 ? 0 : page * effectivePerPage;\n const endIdx = effectivePerPage === 0 ? 0 : startIdx + effectivePerPage;\n const sliced = effectivePerPage === 0 ? [] : visible.slice(startIdx, endIdx);\n const annotated = sliced.map(record => ({ ...record, isFavorited: true }));\n const hasMore = effectivePerPage > 0 && endIdx < total;\n return { agents: annotated, total, page, perPage: effectivePerPage, hasMore };\n }\n\n const result = await agentsStore.listResolved({\n page,\n perPage,\n orderBy,\n status,\n authorId: filter.kind === 'exact' ? filter.authorId : undefined,\n metadata: scopedMetadata,\n });\n\n // Post-filter to enforce ownership + visibility rules across all backends.\n // Storage adapters can only do an equality filter on authorId, so we apply\n // the ownedOrPublic / publicOnly logic here.\n // Note: `total` is left as the storage-reported count to keep pagination\n // math working. For `unrestricted` / `exact` filters nothing is removed.\n // For `ownedOrPublic` / `publicOnly`, downstream UIs should treat the\n // filter as a view over the caller's scope — an approximation is OK.\n const visibleAgents = result.agents.filter(record => matchesAuthorFilter(record, filter));\n\n if (!favoritesEnabled) {\n return { ...result, agents: visibleAgents.map(stripFavoriteFields) };\n }\n\n const enrichment = await prepareFavoritesEnrichment(\n mastra,\n requestContext,\n 'agent',\n visibleAgents.map(a => a.id),\n );\n const annotated = enrichment\n ? visibleAgents.map(record => ({ ...record, isFavorited: enrichment.starredIds.has(record.id) }))\n : visibleAgents;\n\n return { ...result, agents: annotated };\n } catch (error) {\n return handleError(error, 'Error listing stored agents');\n }\n },\n});\n\n/**\n * GET /stored/agents/:storedAgentId - Get a stored agent by ID\n */\nexport const GET_STORED_AGENT_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/agents/:storedAgentId',\n responseType: 'json',\n pathParamSchema: storedAgentIdPathParams,\n queryParamSchema: statusQuerySchema,\n responseSchema: getStoredAgentResponseSchema,\n summary: 'Get stored agent by ID',\n description:\n 'Returns a specific agent from storage by its unique identifier. Use ?status=draft to resolve with the latest (draft) version, or ?status=published (default) for the active published version.',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({ mastra, requestContext, storedAgentId, status }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n const agent = await agentsStore.getByIdResolved(storedAgentId, { status });\n\n if (!agent) {\n throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n }\n assertStoredResourceScope(agent, await getStoredResourceScope(mastra, requestContext));\n\n // Throws 404 if the caller isn't the owner, admin, `stored-agents:read[:<id>]`\n // holder, and the record isn't public/legacy-unowned.\n assertReadAccess({ requestContext, resource: 'stored-agents', resourceId: storedAgentId, record: agent });\n\n const enrichment = await prepareFavoritesEnrichment(mastra, requestContext, 'agent', [agent.id]);\n if (enrichment) {\n return { ...agent, isFavorited: enrichment.starredIds.has(agent.id) };\n }\n return stripFavoriteFields(agent);\n } catch (error) {\n return handleError(error, 'Error getting stored agent');\n }\n },\n});\n\n/**\n * POST /stored/agents - Create a new stored agent\n */\nexport const CREATE_STORED_AGENT_ROUTE: ServerRoute<\n InferParams<undefined, undefined, typeof createStoredAgentBodySchema>,\n z.infer<typeof createStoredAgentResponseSchema>,\n 'json',\n RouteSchemas<undefined, undefined, typeof createStoredAgentBodySchema, typeof createStoredAgentResponseSchema>,\n 'POST',\n '/stored/agents'\n> = createRoute({\n method: 'POST',\n path: '/stored/agents',\n responseType: 'json',\n bodySchema: createStoredAgentBodySchema,\n responseSchema: createStoredAgentResponseSchema,\n summary: 'Create stored agent',\n description: 'Creates a new agent in storage with the provided configuration',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({\n mastra,\n requestContext,\n id: providedId,\n metadata,\n visibility: bodyVisibility,\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser,\n requestContextSchema,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n // Derive ID from name if not explicitly provided\n const id = providedId || toSlug(name);\n\n if (!id) {\n throw new HTTPException(400, {\n message: 'Could not derive agent ID from name. Please provide an explicit id.',\n });\n }\n\n // Check if agent with this ID already exists\n const existing = await agentsStore.getById(id);\n if (existing) {\n throw new HTTPException(409, { message: `Agent with id ${id} already exists` });\n }\n\n // Force authorId from the authenticated caller; ignore any body-provided value.\n // No owner = always public (no auth / no user context).\n // With an owner, respect the client's choice, defaulting to 'private'.\n const authorId = getCallerAuthorId(requestContext) ?? undefined;\n const visibility = authorId ? (bodyVisibility ?? 'private') : 'public';\n\n // Reject oversized avatar images before writing to storage.\n validateMetadataAvatarUrl(metadata);\n\n // Enforce admin model allowlist before persisting. Mirrors UPDATE; when\n // `model` is omitted the builder applies `defaults.model` server-side.\n if (model !== undefined) {\n const policy = await resolveBuilderModelPolicy(mastra.getEditor?.());\n if (policy.active) {\n assertModelAllowed(policy.allowed, model as Parameters<typeof assertModelAllowed>[1]);\n }\n }\n\n const resolvedBrowser = await resolveBrowserField(browser, mastra);\n\n const input = {\n id,\n authorId,\n visibility,\n metadata: scopeStoredResourceMetadata(metadata, await getStoredResourceScope(mastra, requestContext)),\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser: resolvedBrowser,\n requestContextSchema,\n } as StorageCreateAgentInput;\n\n // Use editor.agent.create() when available to apply builder defaults\n const editor = mastra.getEditor?.();\n if (editor) {\n await editor.agent.create(input);\n } else {\n // Fallback to direct storage create\n await agentsStore.create({ agent: input });\n }\n\n // Publish the initial version so the agent is immediately usable.\n // Without this, the thin record stays as status='draft' with activeVersionId=null,\n // which makes the agent unreachable via status='published' resolution.\n const { versions } = await agentsStore.listVersions({ agentId: id, perPage: 1 });\n const initialVersion = versions[0];\n if (initialVersion) {\n await agentsStore.update({\n id,\n activeVersionId: initialVersion.id,\n status: 'published',\n });\n editor?.agent.clearCache(id);\n }\n\n // Return the resolved agent (thin record + version config) using the newly published version\n const resolved = await agentsStore.getByIdResolved(id, { status: 'published' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve created agent' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error creating stored agent');\n }\n },\n});\n\n/**\n * PATCH /stored/agents/:storedAgentId - Update a stored agent\n */\nexport const UPDATE_STORED_AGENT_ROUTE: ServerRoute<\n InferParams<typeof storedAgentIdPathParams, undefined, typeof updateStoredAgentBodySchema>,\n z.infer<typeof updateStoredAgentResponseSchema>,\n 'json',\n RouteSchemas<\n typeof storedAgentIdPathParams,\n undefined,\n typeof updateStoredAgentBodySchema,\n typeof updateStoredAgentResponseSchema\n >,\n 'PATCH',\n '/stored/agents/:storedAgentId'\n> = createRoute({\n method: 'PATCH',\n path: '/stored/agents/:storedAgentId',\n responseType: 'json',\n pathParamSchema: storedAgentIdPathParams,\n bodySchema: updateStoredAgentBodySchema,\n responseSchema: updateStoredAgentResponseSchema,\n summary: 'Update stored agent',\n description: 'Updates an existing agent in storage with the provided fields',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({\n mastra,\n requestContext,\n storedAgentId,\n // Metadata-level fields\n authorId,\n metadata,\n visibility,\n // Config fields (snapshot-level)\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser,\n requestContextSchema,\n // Version metadata\n changeMessage,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n // Check if agent exists\n const existing = await agentsStore.getById(storedAgentId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n }\n const scope = await getStoredResourceScope(mastra, requestContext);\n assertStoredResourceScope(existing, scope);\n\n // Throws 404 if the caller isn't the owner, admin, or `agents:edit[:<id>]` holder.\n assertWriteAccess({\n requestContext,\n resource: 'stored-agents',\n resourceId: storedAgentId,\n action: 'edit',\n record: existing,\n });\n\n // Reject oversized avatar images before writing to storage.\n validateMetadataAvatarUrl(metadata);\n\n // No owner = always public, regardless of what the client sent.\n const callerAuthorId = getCallerAuthorId(requestContext) ?? undefined;\n const resolvedVisibility = callerAuthorId ? visibility : visibility != null ? 'public' : undefined;\n\n // Enforce admin model allowlist (Phase 6) before persisting.\n if (model !== undefined) {\n const policy = await resolveBuilderModelPolicy(mastra.getEditor?.());\n if (policy.active) {\n assertModelAllowed(policy.allowed, model as Parameters<typeof assertModelAllowed>[1]);\n }\n }\n\n // Resolve boolean browser shorthand from the UI\n const resolvedBrowser = await resolveBrowserField(browser, mastra);\n\n const scopedMetadata =\n metadata !== undefined\n ? scopeStoredResourceMetadata({ ...(existing.metadata ?? {}), ...metadata }, scope)\n : undefined;\n\n // Update the agent with both metadata-level and config-level fields\n // The storage layer handles separating these into agent-record updates vs new-version creation\n // Cast needed because Zod's passthrough() output types don't exactly match the handwritten TS interfaces\n const updatedAgent = await agentsStore.update({\n id: storedAgentId,\n authorId,\n ...(scopedMetadata !== undefined ? { metadata: scopedMetadata } : {}),\n visibility: resolvedVisibility,\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser: resolvedBrowser,\n requestContextSchema,\n } as StorageUpdateAgentInput);\n\n // Build the snapshot config for auto-versioning comparison\n const configFields = {\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser: resolvedBrowser,\n requestContextSchema,\n };\n\n // Filter out undefined values to get only the config fields that were provided\n const providedConfigFields = Object.fromEntries(Object.entries(configFields).filter(([_, v]) => v !== undefined));\n\n // Handle auto-versioning with retry logic for race conditions\n // This creates a new version if there are meaningful config changes.\n const autoVersionResult = await handleAutoVersioning(\n agentsStore as unknown as VersionedStoreInterface,\n storedAgentId,\n 'agentId',\n AGENT_SNAPSHOT_CONFIG_FIELDS,\n existing,\n updatedAgent,\n providedConfigFields,\n changeMessage ? { changeMessage } : undefined,\n );\n\n if (!autoVersionResult) {\n throw new Error('handleAutoVersioning returned undefined');\n }\n\n // Auto-publish: activate the latest version so the update is immediately\n // visible in list views. The Agent Builder UI has no separate \"Publish\"\n // button, so without this every edit after creation would create orphaned\n // draft versions that never surface in the list.\n // When a proper publish flow ships, this block can be removed.\n if (autoVersionResult.versionCreated) {\n const { versions } = await agentsStore.listVersions({ agentId: storedAgentId, perPage: 1 });\n const latestVersion = versions[0];\n if (latestVersion) {\n await agentsStore.update({\n id: storedAgentId,\n activeVersionId: latestVersion.id,\n });\n }\n }\n\n // Clear the cached agent instance so the next request gets the updated config\n const editor = mastra.getEditor();\n if (editor) {\n editor.agent.clearCache(storedAgentId);\n }\n\n // Return the resolved agent with the latest version\n const resolved = await agentsStore.getByIdResolved(storedAgentId, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve updated agent' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error updating stored agent');\n }\n },\n});\n\n/**\n * DELETE /stored/agents/:storedAgentId - Delete a stored agent\n */\nexport const DELETE_STORED_AGENT_ROUTE = createRoute({\n method: 'DELETE',\n path: '/stored/agents/:storedAgentId',\n responseType: 'json',\n pathParamSchema: storedAgentIdPathParams,\n responseSchema: deleteStoredAgentResponseSchema,\n summary: 'Delete stored agent',\n description: 'Deletes an agent from storage by its unique identifier',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({ mastra, requestContext, storedAgentId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n // Check if agent exists\n const existing = await agentsStore.getById(storedAgentId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n }\n assertStoredResourceScope(existing, await getStoredResourceScope(mastra, requestContext));\n\n // Throws 404 if the caller isn't the owner, admin, or `agents:delete[:<id>]` holder.\n assertWriteAccess({\n requestContext,\n resource: 'stored-agents',\n resourceId: storedAgentId,\n action: 'delete',\n record: existing,\n });\n\n await agentsStore.delete(storedAgentId);\n\n // Cascade: drop any favorite rows referencing this agent so they don't\n // resurrect if the same id is reused. Failure must not abort the delete.\n try {\n const favoritesStore = await storage.getStore('favorites');\n await favoritesStore?.deleteFavoritesForEntity({ entityType: 'agent', entityId: storedAgentId });\n } catch (cascadeError) {\n mastra\n .getLogger?.()\n ?.warn?.('Failed to cascade-delete favorites for agent', { storedAgentId, error: cascadeError });\n }\n\n // Clear the cached agent instance\n mastra.getEditor()?.agent.clearCache(storedAgentId);\n\n return { success: true, message: `Agent ${storedAgentId} deleted successfully` };\n } catch (error) {\n return handleError(error, 'Error deleting stored agent');\n }\n },\n});\n\n/**\n * POST /stored/agents/preview-instructions - Preview resolved instructions\n */\nexport const PREVIEW_INSTRUCTIONS_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/agents/preview-instructions',\n responseType: 'json',\n bodySchema: previewInstructionsBodySchema,\n responseSchema: previewInstructionsResponseSchema,\n summary: 'Preview resolved instructions',\n description:\n 'Resolves an array of instruction blocks against a request context, evaluating rules, fetching prompt block references, and rendering template variables. Returns the final concatenated instruction string.',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({ mastra, blocks, context }) => {\n try {\n const editor = mastra.getEditor();\n if (!editor) {\n throw new HTTPException(500, { message: 'Editor is not configured' });\n }\n\n const result = await editor.prompt.preview(blocks, context ?? {});\n\n return { result };\n } catch (error) {\n return handleError(error, 'Error previewing instructions');\n }\n },\n});\n"]}
1
+ {"version":3,"sources":["../src/server/utils/resolve-builder-model-policy.ts","../src/server/handlers/stored-agents.ts"],"names":["builderToModelPolicy","createRoute","listStoredAgentsQuerySchema","listStoredAgentsResponseSchema","HTTPException","resolveAuthorFilter","getStoredResourceScope","scopeStoredResourceMetadata","getCallerAuthorId","isBuilderFeatureEnabled","matchesAuthorFilter","annotated","stripFavoriteFields","prepareFavoritesEnrichment","handleError","storedAgentIdPathParams","statusQuerySchema","getStoredAgentResponseSchema","assertStoredResourceScope","assertReadAccess","createStoredAgentBodySchema","createStoredAgentResponseSchema","toSlug","validateMetadataAvatarUrl","assertModelAllowed","updateStoredAgentBodySchema","updateStoredAgentResponseSchema","assertWriteAccess","handleAutoVersioning","deleteStoredAgentResponseSchema","previewInstructionsBodySchema","previewInstructionsResponseSchema"],"mappings":";;;;;;;;;;;;;;;AAiBA,eAAsB,0BAA0B,MAAA,EAAgE;AAC9G,EAAA,IAAI,CAAC,MAAA,EAAQ,OAAO,EAAE,QAAQ,KAAA,EAAM;AACpC,EAAA,IAAI,OAAO,MAAA,CAAO,cAAA,KAAmB,YAAY,OAAO,EAAE,QAAQ,KAAA,EAAM;AACxE,EAAA,IAAI,OAAO,MAAA,CAAO,uBAAA,KAA4B,cAAc,CAAC,MAAA,CAAO,yBAAwB,EAAG;AAC7F,IAAA,OAAO,EAAE,QAAQ,KAAA,EAAM;AAAA,EACzB;AAKA,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,IAAA,OAAOA,wBAAqB,OAAO,CAAA;AAAA,EACrC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,QAAQ,KAAA,EAAM;AAAA,EACzB;AACF;;;ACWA,eAAe,mBAAA,CAAoB,SAAkB,MAAA,EAAyD;AAC5G,EAAA,IAAI,YAAY,IAAA,EAAM;AACpB,IAAA,MAAM,MAAA,GAAS,OAAO,SAAA,IAAY;AAClC,IAAA,MAAM,OAAA,GAAU,MAAM,MAAA,EAAQ,cAAA,IAAiB;AAC/C,IAAA,MAAM,cAAA,GAAiB,OAAA,EAAS,gBAAA,IAAmB,EAAG,KAAA,EAAO,OAAA;AAC7D,IAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,MAAA,OAAA,CAAQ,IAAA;AAAA,QACN;AAAA,OAGF;AAAA,IACF;AACA,IAAA,OAAO,cAAA,IAAkB,MAAA;AAAA,EAC3B;AACA,EAAA,IAAI,YAAY,KAAA,EAAO;AACrB,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,OAAA;AACT;AAEA,IAAM,4BAAA,GAA+B;AAAA,EACnC,MAAA;AAAA,EACA,aAAA;AAAA,EACA,cAAA;AAAA,EACA,OAAA;AAAA,EACA,OAAA;AAAA,EACA,gBAAA;AAAA,EACA,WAAA;AAAA,EACA,QAAA;AAAA,EACA,kBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,QAAA;AAAA,EACA,SAAA;AAAA,EACA,sBAAA;AAAA,EACA,YAAA;AAAA,EACA,QAAA;AAAA,EACA,WAAA;AAAA,EACA;AACF,CAAA;AASO,IAAM,2BAA2BC,6BAAA,CAAY;AAAA,EAClD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,gBAAA,EAAkBC,6CAAA;AAAA,EAClB,cAAA,EAAgBC,gDAAA;AAAA,EAChB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,cAAA;AAAA,IACA,IAAA;AAAA,IACA,OAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,UAAA;AAAA,IACA,QAAA;AAAA,IACA,aAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAKA,MAAA,MAAM,SAASC,qCAAA,CAAoB;AAAA,QACjC,cAAA;AAAA,QACA,QAAA,EAAU,eAAA;AAAA,QACV,aAAA,EAAe,QAAA;AAAA,QACf,eAAA,EAAiB,UAAA,KAAe,QAAA,GAAW,QAAA,GAAW;AAAA,OACvD,CAAA;AAED,MAAA,MAAM,KAAA,GAAQ,MAAMC,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAA;AACjE,MAAA,MAAM,cAAA,GAAiBC,6CAAA,CAA4B,QAAA,EAAU,KAAK,CAAA;AAElE,MAAA,MAAM,QAAA,GAAWC,oCAAkB,cAAc,CAAA;AACjD,MAAA,MAAM,gBAAA,GAAmB,MAAMC,yCAAA,CAAwB,MAAA,EAAQ,WAAW,CAAA;AAC1E,MAAA,MAAM,kBAAA,GAAqB,oBAAoB,aAAA,KAAkB,IAAA;AACjE,MAAA,MAAM,oBAAoB,eAAA,IAAmB,QAAA;AAG7C,MAAA,IAAI,kBAAA,EAAoB;AACtB,QAAA,MAAM,mBAA2B,OAAA,IAAW,GAAA;AAC5C,QAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,UAAA,OAAO,EAAE,MAAA,EAAQ,EAAC,EAAG,KAAA,EAAO,GAAG,IAAA,EAAM,OAAA,EAAS,gBAAA,EAAkB,OAAA,EAAS,KAAA,EAAM;AAAA,QACjF;AACA,QAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,WAAW,CAAA;AACzD,QAAA,IAAI,CAAC,cAAA,EAAgB;AACnB,UAAA,MAAM,IAAIL,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,QACvF;AACA,QAAA,MAAM,UAAA,GAAa,MAAM,cAAA,CAAe,gBAAA,CAAiB,EAAE,MAAA,EAAQ,iBAAA,EAAmB,UAAA,EAAY,OAAA,EAAS,CAAA;AAC3G,QAAA,IAAI,UAAA,CAAW,WAAW,CAAA,EAAG;AAC3B,UAAA,OAAO,EAAE,MAAA,EAAQ,EAAC,EAAG,KAAA,EAAO,GAAG,IAAA,EAAM,OAAA,EAAS,gBAAA,EAAkB,OAAA,EAAS,KAAA,EAAM;AAAA,QACjF;AACA,QAAA,MAAM,WAAA,GAAc,MAAM,WAAA,CAAY,YAAA,CAAa;AAAA,UACjD,OAAA,EAAS,KAAA;AAAA,UACT,OAAA;AAAA,UACA,MAAA;AAAA,UACA,QAAA,EAAU,MAAA,CAAO,IAAA,KAAS,OAAA,GAAU,OAAO,QAAA,GAAW,MAAA;AAAA,UACtD,QAAA,EAAU,cAAA;AAAA,UACV,SAAA,EAAW;AAAA,SACZ,CAAA;AACD,QAAA,MAAM,OAAA,GAAU,YAAY,MAAA,CAAO,MAAA,CAAO,YAAUM,qCAAA,CAAoB,MAAA,EAAQ,MAAM,CAAC,CAAA;AACvF,QAAA,MAAM,QAAQ,OAAA,CAAQ,MAAA;AACtB,QAAA,MAAM,QAAA,GAAW,gBAAA,KAAqB,CAAA,GAAI,CAAA,GAAI,IAAA,GAAO,gBAAA;AACrD,QAAA,MAAM,MAAA,GAAS,gBAAA,KAAqB,CAAA,GAAI,CAAA,GAAI,QAAA,GAAW,gBAAA;AACvD,QAAA,MAAM,MAAA,GAAS,qBAAqB,CAAA,GAAI,KAAK,OAAA,CAAQ,KAAA,CAAM,UAAU,MAAM,CAAA;AAC3E,QAAA,MAAMC,UAAAA,GAAY,OAAO,GAAA,CAAI,CAAA,MAAA,MAAW,EAAE,GAAG,MAAA,EAAQ,WAAA,EAAa,IAAA,EAAK,CAAE,CAAA;AACzE,QAAA,MAAM,OAAA,GAAU,gBAAA,GAAmB,CAAA,IAAK,MAAA,GAAS,KAAA;AACjD,QAAA,OAAO,EAAE,MAAA,EAAQA,UAAAA,EAAW,OAAO,IAAA,EAAM,OAAA,EAAS,kBAAkB,OAAA,EAAQ;AAAA,MAC9E;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,WAAA,CAAY,YAAA,CAAa;AAAA,QAC5C,IAAA;AAAA,QACA,OAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,QAAA,EAAU,MAAA,CAAO,IAAA,KAAS,OAAA,GAAU,OAAO,QAAA,GAAW,MAAA;AAAA,QACtD,QAAA,EAAU;AAAA,OACX,CAAA;AASD,MAAA,MAAM,aAAA,GAAgB,OAAO,MAAA,CAAO,MAAA,CAAO,YAAUD,qCAAA,CAAoB,MAAA,EAAQ,MAAM,CAAC,CAAA;AAExF,MAAA,IAAI,CAAC,gBAAA,EAAkB;AACrB,QAAA,OAAO,EAAE,GAAG,MAAA,EAAQ,QAAQ,aAAA,CAAc,GAAA,CAAIE,qCAAmB,CAAA,EAAE;AAAA,MACrE;AAEA,MAAA,MAAM,aAAa,MAAMC,4CAAA;AAAA,QACvB,MAAA;AAAA,QACA,cAAA;AAAA,QACA,OAAA;AAAA,QACA,aAAA,CAAc,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,EAAE;AAAA,OAC7B;AACA,MAAA,MAAM,YAAY,UAAA,GACd,aAAA,CAAc,GAAA,CAAI,CAAA,MAAA,MAAW,EAAE,GAAG,MAAA,EAAQ,WAAA,EAAa,UAAA,CAAW,WAAW,GAAA,CAAI,MAAA,CAAO,EAAE,CAAA,GAAI,CAAA,GAC9F,aAAA;AAEJ,MAAA,OAAO,EAAE,GAAG,MAAA,EAAQ,MAAA,EAAQ,SAAA,EAAU;AAAA,IACxC,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,yBAAyBb,6BAAA,CAAY;AAAA,EAChD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBc,yCAAA;AAAA,EACjB,gBAAA,EAAkBC,mCAAA;AAAA,EAClB,cAAA,EAAgBC,8CAAA;AAAA,EAChB,OAAA,EAAS,wBAAA;AAAA,EACT,WAAA,EACE,gMAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,QAAQ,cAAA,EAAgB,aAAA,EAAe,QAAO,KAAM;AACpE,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIb,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAEA,MAAA,MAAM,QAAQ,MAAM,WAAA,CAAY,gBAAgB,aAAA,EAAe,EAAE,QAAQ,CAAA;AAEzE,MAAA,IAAI,CAAC,KAAA,EAAO;AACV,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AACA,MAAAc,2CAAA,CAA0B,KAAA,EAAO,MAAMZ,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAC,CAAA;AAIrF,MAAAa,kCAAA,CAAiB,EAAE,gBAAgB,QAAA,EAAU,eAAA,EAAiB,YAAY,aAAA,EAAe,MAAA,EAAQ,OAAO,CAAA;AAExG,MAAA,MAAM,UAAA,GAAa,MAAMN,4CAAA,CAA2B,MAAA,EAAQ,gBAAgB,OAAA,EAAS,CAAC,KAAA,CAAM,EAAE,CAAC,CAAA;AAC/F,MAAA,IAAI,UAAA,EAAY;AACd,QAAA,OAAO,EAAE,GAAG,KAAA,EAAO,WAAA,EAAa,WAAW,UAAA,CAAW,GAAA,CAAI,KAAA,CAAM,EAAE,CAAA,EAAE;AAAA,MACtE;AACA,MAAA,OAAOD,sCAAoB,KAAK,CAAA;AAAA,IAClC,SAAS,KAAA,EAAO;AACd,MAAA,OAAOE,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAOTb,6BAAA,CAAY;AAAA,EACd,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,gBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAYmB,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,gEAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,cAAA;AAAA,IACA,EAAA,EAAI,UAAA;AAAA,IACJ,QAAA;AAAA,IACA,UAAA,EAAY,cAAA;AAAA,IACZ,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,KAAA;AAAA,IACA,KAAA;AAAA,IACA,cAAA;AAAA,IACA,SAAA;AAAA,IACA,MAAA;AAAA,IACA,gBAAA;AAAA,IACA,UAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIjB,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,EAAA,GAAK,UAAA,IAAckB,wBAAA,CAAO,IAAI,CAAA;AAEpC,MAAA,IAAI,CAAC,EAAA,EAAI;AACP,QAAA,MAAM,IAAIlB,gCAAc,GAAA,EAAK;AAAA,UAC3B,OAAA,EAAS;AAAA,SACV,CAAA;AAAA,MACH;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,EAAE,CAAA;AAC7C,MAAA,IAAI,QAAA,EAAU;AACZ,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,cAAA,EAAiB,EAAE,mBAAmB,CAAA;AAAA,MAChF;AAKA,MAAA,MAAM,QAAA,GAAWI,mCAAA,CAAkB,cAAc,CAAA,IAAK,MAAA;AACtD,MAAA,MAAM,UAAA,GAAa,QAAA,GAAY,cAAA,IAAkB,SAAA,GAAa,QAAA;AAG9D,MAAAe,2CAAA,CAA0B,QAAQ,CAAA;AAIlC,MAAA,IAAI,UAAU,MAAA,EAAW;AACvB,QAAA,MAAM,MAAA,GAAS,MAAM,yBAAA,CAA0B,MAAA,CAAO,aAAa,CAAA;AACnE,QAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,UAAAC,qBAAA,CAAmB,MAAA,CAAO,SAAS,KAAiD,CAAA;AAAA,QACtF;AAAA,MACF;AAEA,MAAA,MAAM,eAAA,GAAkB,MAAM,mBAAA,CAAoB,OAAA,EAAS,MAAM,CAAA;AAEjE,MAAA,MAAM,KAAA,GAAQ;AAAA,QACZ,EAAA;AAAA,QACA,QAAA;AAAA,QACA,UAAA;AAAA,QACA,UAAUjB,6CAAA,CAA4B,QAAA,EAAU,MAAMD,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAC,CAAA;AAAA,QACpG,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,KAAA;AAAA,QACA,KAAA;AAAA,QACA,cAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA;AAAA,QACA,gBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA,gBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,OAAA,EAAS,eAAA;AAAA,QACT;AAAA,OACF;AAGA,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,IAAY;AAClC,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAM,MAAA,CAAO,KAAA,CAAM,MAAA,CAAO,KAAK,CAAA;AAAA,MACjC,CAAA,MAAO;AAEL,QAAA,MAAM,WAAA,CAAY,MAAA,CAAO,EAAE,KAAA,EAAO,OAAO,CAAA;AAAA,MAC3C;AAKA,MAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,WAAA,CAAY,YAAA,CAAa,EAAE,OAAA,EAAS,EAAA,EAAI,OAAA,EAAS,CAAA,EAAG,CAAA;AAC/E,MAAA,MAAM,cAAA,GAAiB,SAAS,CAAC,CAAA;AACjC,MAAA,IAAI,cAAA,EAAgB;AAClB,QAAA,MAAM,YAAY,MAAA,CAAO;AAAA,UACvB,EAAA;AAAA,UACA,iBAAiB,cAAA,CAAe,EAAA;AAAA,UAChC,MAAA,EAAQ;AAAA,SACT,CAAA;AACD,QAAA,MAAA,EAAQ,KAAA,CAAM,WAAW,EAAE,CAAA;AAAA,MAC7B;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,eAAA,CAAgB,IAAI,EAAE,MAAA,EAAQ,aAAa,CAAA;AAC9E,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOU,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAYTb,6BAAA,CAAY;AAAA,EACd,MAAA,EAAQ,OAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBc,yCAAA;AAAA,EACjB,UAAA,EAAYU,6CAAA;AAAA,EACZ,cAAA,EAAgBC,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,+DAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO;AAAA,IACd,MAAA;AAAA,IACA,cAAA;AAAA,IACA,aAAA;AAAA;AAAA,IAEA,QAAA;AAAA,IACA,QAAA;AAAA,IACA,UAAA;AAAA;AAAA,IAEA,IAAA;AAAA,IACA,WAAA;AAAA,IACA,YAAA;AAAA,IACA,KAAA;AAAA,IACA,KAAA;AAAA,IACA,cAAA;AAAA,IACA,SAAA;AAAA,IACA,MAAA;AAAA,IACA,gBAAA;AAAA,IACA,UAAA;AAAA,IACA,eAAA;AAAA,IACA,gBAAA;AAAA,IACA,MAAA;AAAA,IACA,OAAA;AAAA,IACA,MAAA;AAAA,IACA,SAAA;AAAA,IACA,OAAA;AAAA,IACA,oBAAA;AAAA;AAAA,IAEA;AAAA,GACF,KAAM;AACJ,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAItB,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,aAAa,CAAA;AACxD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AACA,MAAA,MAAM,KAAA,GAAQ,MAAME,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAA;AACjE,MAAAY,2CAAA,CAA0B,UAAU,KAAK,CAAA;AAGzC,MAAAS,mCAAA,CAAkB;AAAA,QAChB,cAAA;AAAA,QACA,QAAA,EAAU,eAAA;AAAA,QACV,UAAA,EAAY,aAAA;AAAA,QACZ,MAAA,EAAQ,MAAA;AAAA,QACR,MAAA,EAAQ;AAAA,OACT,CAAA;AAGD,MAAAJ,2CAAA,CAA0B,QAAQ,CAAA;AAGlC,MAAA,MAAM,cAAA,GAAiBf,mCAAA,CAAkB,cAAc,CAAA,IAAK,MAAA;AAC5D,MAAA,MAAM,kBAAA,GAAqB,cAAA,GAAiB,UAAA,GAAa,UAAA,IAAc,OAAO,QAAA,GAAW,MAAA;AAGzF,MAAA,IAAI,UAAU,MAAA,EAAW;AACvB,QAAA,MAAM,MAAA,GAAS,MAAM,yBAAA,CAA0B,MAAA,CAAO,aAAa,CAAA;AACnE,QAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,UAAAgB,qBAAA,CAAmB,MAAA,CAAO,SAAS,KAAiD,CAAA;AAAA,QACtF;AAAA,MACF;AAGA,MAAA,MAAM,eAAA,GAAkB,MAAM,mBAAA,CAAoB,OAAA,EAAS,MAAM,CAAA;AAEjE,MAAA,MAAM,cAAA,GACJ,QAAA,KAAa,MAAA,GACTjB,6CAAA,CAA4B,EAAE,GAAI,QAAA,CAAS,QAAA,IAAY,EAAC,EAAI,GAAG,QAAA,EAAS,EAAG,KAAK,CAAA,GAChF,MAAA;AAKN,MAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,MAAA,CAAO;AAAA,QAC5C,EAAA,EAAI,aAAA;AAAA,QACJ,QAAA;AAAA,QACA,GAAI,cAAA,KAAmB,MAAA,GAAY,EAAE,QAAA,EAAU,cAAA,KAAmB,EAAC;AAAA,QACnE,UAAA,EAAY,kBAAA;AAAA,QACZ,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,KAAA;AAAA,QACA,KAAA;AAAA,QACA,cAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA;AAAA,QACA,gBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA,gBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,OAAA,EAAS,eAAA;AAAA,QACT;AAAA,OAC0B,CAAA;AAG5B,MAAA,MAAM,YAAA,GAAe;AAAA,QACnB,IAAA;AAAA,QACA,WAAA;AAAA,QACA,YAAA;AAAA,QACA,KAAA;AAAA,QACA,KAAA;AAAA,QACA,cAAA;AAAA,QACA,SAAA;AAAA,QACA,MAAA;AAAA,QACA,gBAAA;AAAA,QACA,UAAA;AAAA,QACA,eAAA;AAAA,QACA,gBAAA;AAAA,QACA,MAAA;AAAA,QACA,OAAA;AAAA,QACA,MAAA;AAAA,QACA,SAAA;AAAA,QACA,OAAA,EAAS,eAAA;AAAA,QACT;AAAA,OACF;AAGA,MAAA,MAAM,oBAAA,GAAuB,MAAA,CAAO,WAAA,CAAY,MAAA,CAAO,QAAQ,YAAY,CAAA,CAAE,MAAA,CAAO,CAAC,CAAC,CAAA,EAAG,CAAC,CAAA,KAAM,CAAA,KAAM,MAAS,CAAC,CAAA;AAIhH,MAAA,MAAM,oBAAoB,MAAMqB,sCAAA;AAAA,QAC9B,WAAA;AAAA,QACA,aAAA;AAAA,QACA,SAAA;AAAA,QACA,4BAAA;AAAA,QACA,QAAA;AAAA,QACA,YAAA;AAAA,QACA,oBAAA;AAAA,QACA,aAAA,GAAgB,EAAE,aAAA,EAAc,GAAI;AAAA,OACtC;AAEA,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,MAC3D;AAOA,MAAA,IAAI,kBAAkB,cAAA,EAAgB;AACpC,QAAA,MAAM,EAAE,QAAA,EAAS,GAAI,MAAM,WAAA,CAAY,YAAA,CAAa,EAAE,OAAA,EAAS,aAAA,EAAe,OAAA,EAAS,CAAA,EAAG,CAAA;AAC1F,QAAA,MAAM,aAAA,GAAgB,SAAS,CAAC,CAAA;AAChC,QAAA,IAAI,aAAA,EAAe;AACjB,UAAA,MAAM,YAAY,MAAA,CAAO;AAAA,YACvB,EAAA,EAAI,aAAA;AAAA,YACJ,iBAAiB,aAAA,CAAc;AAAA,WAChC,CAAA;AAAA,QACH;AAAA,MACF;AAGA,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,MAAA,CAAO,KAAA,CAAM,WAAW,aAAa,CAAA;AAAA,MACvC;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,eAAA,CAAgB,eAAe,EAAE,MAAA,EAAQ,SAAS,CAAA;AACrF,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIxB,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mCAAmC,CAAA;AAAA,MAC7E;AAEA,MAAA,OAAO,QAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOU,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,4BAA4Bb,6BAAA,CAAY;AAAA,EACnD,MAAA,EAAQ,QAAA;AAAA,EACR,IAAA,EAAM,+BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiBc,yCAAA;AAAA,EACjB,cAAA,EAAgBc,iDAAA;AAAA,EAChB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,wDAAA;AAAA,EACb,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,cAAA,EAAgB,eAAc,KAAM;AAC5D,IAAA,IAAI;AACF,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAElC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIzB,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,MACvE;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,OAAA,CAAQ,QAAA,CAAS,QAAQ,CAAA;AACnD,MAAA,IAAI,CAAC,WAAA,EAAa;AAChB,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,0CAA0C,CAAA;AAAA,MACpF;AAGA,MAAA,MAAM,QAAA,GAAW,MAAM,WAAA,CAAY,OAAA,CAAQ,aAAa,CAAA;AACxD,MAAA,IAAI,CAAC,QAAA,EAAU;AACb,QAAA,MAAM,IAAIA,gCAAc,GAAA,EAAK,EAAE,SAAS,CAAA,qBAAA,EAAwB,aAAa,cAAc,CAAA;AAAA,MAC7F;AACA,MAAAc,2CAAA,CAA0B,QAAA,EAAU,MAAMZ,wCAAA,CAAuB,MAAA,EAAQ,cAAc,CAAC,CAAA;AAGxF,MAAAqB,mCAAA,CAAkB;AAAA,QAChB,cAAA;AAAA,QACA,QAAA,EAAU,eAAA;AAAA,QACV,UAAA,EAAY,aAAA;AAAA,QACZ,MAAA,EAAQ,QAAA;AAAA,QACR,MAAA,EAAQ;AAAA,OACT,CAAA;AAED,MAAA,MAAM,WAAA,CAAY,OAAO,aAAa,CAAA;AAItC,MAAA,IAAI;AACF,QAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,QAAA,CAAS,WAAW,CAAA;AACzD,QAAA,MAAM,gBAAgB,wBAAA,CAAyB,EAAE,YAAY,OAAA,EAAS,QAAA,EAAU,eAAe,CAAA;AAAA,MACjG,SAAS,YAAA,EAAc;AACrB,QAAA,MAAA,CACG,SAAA,MACC,IAAA,GAAO,8CAAA,EAAgD,EAAE,aAAA,EAAe,KAAA,EAAO,cAAc,CAAA;AAAA,MACnG;AAGA,MAAA,MAAA,CAAO,SAAA,EAAU,EAAG,KAAA,CAAM,UAAA,CAAW,aAAa,CAAA;AAElD,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,OAAA,EAAS,CAAA,MAAA,EAAS,aAAa,CAAA,qBAAA,CAAA,EAAwB;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOb,6BAAA,CAAY,OAAO,6BAA6B,CAAA;AAAA,IACzD;AAAA,EACF;AACF,CAAC;AAKM,IAAM,6BAA6Bb,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,qCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,UAAA,EAAY6B,+CAAA;AAAA,EACZ,cAAA,EAAgBC,mDAAA;AAAA,EAChB,OAAA,EAAS,+BAAA;AAAA,EACT,WAAA,EACE,6MAAA;AAAA,EACF,IAAA,EAAM,CAAC,eAAe,CAAA;AAAA,EACtB,YAAA,EAAc,IAAA;AAAA,EACd,SAAS,OAAO,EAAE,MAAA,EAAQ,MAAA,EAAQ,SAAQ,KAAM;AAC9C,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,MAAM,IAAI3B,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,MACtE;AAEA,MAAA,MAAM,MAAA,GAAS,MAAM,MAAA,CAAO,MAAA,CAAO,QAAQ,MAAA,EAAQ,OAAA,IAAW,EAAE,CAAA;AAEhE,MAAA,OAAO,EAAE,MAAA,EAAO;AAAA,IAClB,SAAS,KAAA,EAAO;AACd,MAAA,OAAOU,6BAAA,CAAY,OAAO,+BAA+B,CAAA;AAAA,IAC3D;AAAA,EACF;AACF,CAAC","file":"chunk-OHJRP6K7.cjs","sourcesContent":["import { builderToModelPolicy } from '@mastra/core/agent-builder/ee';\nimport type { BuilderModelPolicy } from '@mastra/core/agent-builder/ee';\nimport type { IMastraEditor } from '@mastra/core/editor';\n\n/**\n * Server-side wrapper around `builderToModelPolicy`.\n *\n * Handles the optional `IMastraEditor` builder API surface (older / OSS editors\n * may not implement `hasEnabledBuilderConfig` / `resolveBuilder`) and returns\n * a uniform `BuilderModelPolicy` to every call site.\n *\n * Returns `{ active: false }` whenever:\n * - no editor is configured,\n * - the editor doesn't expose builder methods,\n * - the builder config is disabled, or\n * - resolving the builder fails / yields nothing.\n */\nexport async function resolveBuilderModelPolicy(editor: IMastraEditor | undefined): Promise<BuilderModelPolicy> {\n if (!editor) return { active: false };\n if (typeof editor.resolveBuilder !== 'function') return { active: false };\n if (typeof editor.hasEnabledBuilderConfig === 'function' && !editor.hasEnabledBuilderConfig()) {\n return { active: false };\n }\n\n // Degrade to inactive on builder-resolution failure rather than letting the\n // rejection escape: agent execution routes seed this on every request, so a\n // transient failure must not 500 the entire route.\n try {\n const builder = await editor.resolveBuilder();\n return builderToModelPolicy(builder);\n } catch {\n return { active: false };\n }\n}\n","import { assertModelAllowed } from '@mastra/core/agent-builder/ee';\nimport type { StorageCreateAgentInput, StorageUpdateAgentInput } from '@mastra/core/storage';\nimport type { z } from 'zod/v4';\n\nimport { HTTPException } from '../http-exception';\nimport {\n storedAgentIdPathParams,\n statusQuerySchema,\n listStoredAgentsQuerySchema,\n createStoredAgentBodySchema,\n updateStoredAgentBodySchema,\n listStoredAgentsResponseSchema,\n getStoredAgentResponseSchema,\n createStoredAgentResponseSchema,\n updateStoredAgentResponseSchema,\n deleteStoredAgentResponseSchema,\n previewInstructionsBodySchema,\n previewInstructionsResponseSchema,\n} from '../schemas/stored-agents';\nimport type { ServerRoute, RouteSchemas, InferParams } from '../server-adapter/routes';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { assertStoredResourceScope, getStoredResourceScope, scopeStoredResourceMetadata, toSlug } from '../utils';\n\nimport { resolveBuilderModelPolicy } from '../utils/resolve-builder-model-policy';\nimport {\n assertReadAccess,\n assertWriteAccess,\n getCallerAuthorId,\n matchesAuthorFilter,\n resolveAuthorFilter,\n} from './authorship';\nimport { isBuilderFeatureEnabled } from './editor-builder';\nimport { handleError } from './error';\nimport { prepareFavoritesEnrichment, stripFavoriteFields } from './favorites-enrichment';\nimport { validateMetadataAvatarUrl } from './validate-avatar';\nimport { handleAutoVersioning } from './version-helpers';\nimport type { VersionedStoreInterface } from './version-helpers';\n\n/**\n * Resolve a `browser` field that may be a boolean shorthand from the UI.\n * - `true` → look up the admin's builder default browser config\n * - `false` → `null` (explicit clear)\n * - object/null/undefined → pass through unchanged\n */\nasync function resolveBrowserField(browser: unknown, mastra: { getEditor?: () => unknown }): Promise<unknown> {\n if (browser === true) {\n const editor = mastra.getEditor?.() as any;\n const builder = await editor?.resolveBuilder?.();\n const defaultBrowser = builder?.getConfiguration?.()?.agent?.browser;\n if (!defaultBrowser) {\n console.warn(\n '[mastra:server] Browser enabled (browser: true) but no default browser config found ' +\n 'in builder configuration. The agent will be created/updated without browser access. ' +\n 'Set `editor.builder.configuration.agent.browser` to fix this.',\n );\n }\n return defaultBrowser ?? undefined;\n }\n if (browser === false) {\n return null;\n }\n return browser;\n}\n\nconst AGENT_SNAPSHOT_CONFIG_FIELDS = [\n 'name',\n 'description',\n 'instructions',\n 'model',\n 'tools',\n 'defaultOptions',\n 'workflows',\n 'agents',\n 'integrationTools',\n 'inputProcessors',\n 'outputProcessors',\n 'memory',\n 'scorers',\n 'requestContextSchema',\n 'mcpClients',\n 'skills',\n 'workspace',\n 'browser',\n] as const;\n\n// ============================================================================\n// Route Definitions\n// ============================================================================\n\n/**\n * GET /stored/agents - List all stored agents\n */\nexport const LIST_STORED_AGENTS_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/agents',\n responseType: 'json',\n queryParamSchema: listStoredAgentsQuerySchema,\n responseSchema: listStoredAgentsResponseSchema,\n summary: 'List stored agents',\n description: 'Returns a paginated list of all agents stored in the database',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({\n mastra,\n requestContext,\n page,\n perPage,\n orderBy,\n status,\n authorId,\n visibility,\n metadata,\n favoritedOnly,\n pinFavoritedFor,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n // Resolve the visibility scope for this caller. Non-owner queries for\n // another author return only that author's public rows; default lists\n // return the caller's rows plus legacy unowned records.\n const filter = resolveAuthorFilter({\n requestContext,\n resource: 'stored-agents',\n queryAuthorId: authorId,\n queryVisibility: visibility === 'public' ? 'public' : undefined,\n });\n\n const scope = await getStoredResourceScope(mastra, requestContext);\n const scopedMetadata = scopeStoredResourceMetadata(metadata, scope);\n\n const callerId = getCallerAuthorId(requestContext);\n const favoritesEnabled = await isBuilderFeatureEnabled(mastra, 'favorites');\n const honoredStarredOnly = favoritesEnabled && favoritedOnly === true;\n const favoriteSubjectId = pinFavoritedFor ?? callerId;\n\n // `?favoritedOnly=true`: fetch caller's favorited IDs, then refilter + recompute total.\n if (honoredStarredOnly) {\n const effectivePerPage: number = perPage ?? 100;\n if (!favoriteSubjectId) {\n return { agents: [], total: 0, page, perPage: effectivePerPage, hasMore: false };\n }\n const favoritesStore = await storage.getStore('favorites');\n if (!favoritesStore) {\n throw new HTTPException(500, { message: 'Favorites storage domain is not available' });\n }\n const starredIds = await favoritesStore.listFavoritedIds({ userId: favoriteSubjectId, entityType: 'agent' });\n if (starredIds.length === 0) {\n return { agents: [], total: 0, page, perPage: effectivePerPage, hasMore: false };\n }\n const allMatching = await agentsStore.listResolved({\n perPage: false,\n orderBy,\n status,\n authorId: filter.kind === 'exact' ? filter.authorId : undefined,\n metadata: scopedMetadata,\n entityIds: starredIds,\n });\n const visible = allMatching.agents.filter(record => matchesAuthorFilter(record, filter));\n const total = visible.length;\n const startIdx = effectivePerPage === 0 ? 0 : page * effectivePerPage;\n const endIdx = effectivePerPage === 0 ? 0 : startIdx + effectivePerPage;\n const sliced = effectivePerPage === 0 ? [] : visible.slice(startIdx, endIdx);\n const annotated = sliced.map(record => ({ ...record, isFavorited: true }));\n const hasMore = effectivePerPage > 0 && endIdx < total;\n return { agents: annotated, total, page, perPage: effectivePerPage, hasMore };\n }\n\n const result = await agentsStore.listResolved({\n page,\n perPage,\n orderBy,\n status,\n authorId: filter.kind === 'exact' ? filter.authorId : undefined,\n metadata: scopedMetadata,\n });\n\n // Post-filter to enforce ownership + visibility rules across all backends.\n // Storage adapters can only do an equality filter on authorId, so we apply\n // the ownedOrPublic / publicOnly logic here.\n // Note: `total` is left as the storage-reported count to keep pagination\n // math working. For `unrestricted` / `exact` filters nothing is removed.\n // For `ownedOrPublic` / `publicOnly`, downstream UIs should treat the\n // filter as a view over the caller's scope — an approximation is OK.\n const visibleAgents = result.agents.filter(record => matchesAuthorFilter(record, filter));\n\n if (!favoritesEnabled) {\n return { ...result, agents: visibleAgents.map(stripFavoriteFields) };\n }\n\n const enrichment = await prepareFavoritesEnrichment(\n mastra,\n requestContext,\n 'agent',\n visibleAgents.map(a => a.id),\n );\n const annotated = enrichment\n ? visibleAgents.map(record => ({ ...record, isFavorited: enrichment.starredIds.has(record.id) }))\n : visibleAgents;\n\n return { ...result, agents: annotated };\n } catch (error) {\n return handleError(error, 'Error listing stored agents');\n }\n },\n});\n\n/**\n * GET /stored/agents/:storedAgentId - Get a stored agent by ID\n */\nexport const GET_STORED_AGENT_ROUTE = createRoute({\n method: 'GET',\n path: '/stored/agents/:storedAgentId',\n responseType: 'json',\n pathParamSchema: storedAgentIdPathParams,\n queryParamSchema: statusQuerySchema,\n responseSchema: getStoredAgentResponseSchema,\n summary: 'Get stored agent by ID',\n description:\n 'Returns a specific agent from storage by its unique identifier. Use ?status=draft to resolve with the latest (draft) version, or ?status=published (default) for the active published version.',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({ mastra, requestContext, storedAgentId, status }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n const agent = await agentsStore.getByIdResolved(storedAgentId, { status });\n\n if (!agent) {\n throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n }\n assertStoredResourceScope(agent, await getStoredResourceScope(mastra, requestContext));\n\n // Throws 404 if the caller isn't the owner, admin, `stored-agents:read[:<id>]`\n // holder, and the record isn't public/legacy-unowned.\n assertReadAccess({ requestContext, resource: 'stored-agents', resourceId: storedAgentId, record: agent });\n\n const enrichment = await prepareFavoritesEnrichment(mastra, requestContext, 'agent', [agent.id]);\n if (enrichment) {\n return { ...agent, isFavorited: enrichment.starredIds.has(agent.id) };\n }\n return stripFavoriteFields(agent);\n } catch (error) {\n return handleError(error, 'Error getting stored agent');\n }\n },\n});\n\n/**\n * POST /stored/agents - Create a new stored agent\n */\nexport const CREATE_STORED_AGENT_ROUTE: ServerRoute<\n InferParams<undefined, undefined, typeof createStoredAgentBodySchema>,\n z.infer<typeof createStoredAgentResponseSchema>,\n 'json',\n RouteSchemas<undefined, undefined, typeof createStoredAgentBodySchema, typeof createStoredAgentResponseSchema>,\n 'POST',\n '/stored/agents'\n> = createRoute({\n method: 'POST',\n path: '/stored/agents',\n responseType: 'json',\n bodySchema: createStoredAgentBodySchema,\n responseSchema: createStoredAgentResponseSchema,\n summary: 'Create stored agent',\n description: 'Creates a new agent in storage with the provided configuration',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({\n mastra,\n requestContext,\n id: providedId,\n metadata,\n visibility: bodyVisibility,\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser,\n requestContextSchema,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n // Derive ID from name if not explicitly provided\n const id = providedId || toSlug(name);\n\n if (!id) {\n throw new HTTPException(400, {\n message: 'Could not derive agent ID from name. Please provide an explicit id.',\n });\n }\n\n // Check if agent with this ID already exists\n const existing = await agentsStore.getById(id);\n if (existing) {\n throw new HTTPException(409, { message: `Agent with id ${id} already exists` });\n }\n\n // Force authorId from the authenticated caller; ignore any body-provided value.\n // No owner = always public (no auth / no user context).\n // With an owner, respect the client's choice, defaulting to 'private'.\n const authorId = getCallerAuthorId(requestContext) ?? undefined;\n const visibility = authorId ? (bodyVisibility ?? 'private') : 'public';\n\n // Reject oversized avatar images before writing to storage.\n validateMetadataAvatarUrl(metadata);\n\n // Enforce admin model allowlist before persisting. Mirrors UPDATE; when\n // `model` is omitted the builder applies `defaults.model` server-side.\n if (model !== undefined) {\n const policy = await resolveBuilderModelPolicy(mastra.getEditor?.());\n if (policy.active) {\n assertModelAllowed(policy.allowed, model as Parameters<typeof assertModelAllowed>[1]);\n }\n }\n\n const resolvedBrowser = await resolveBrowserField(browser, mastra);\n\n const input = {\n id,\n authorId,\n visibility,\n metadata: scopeStoredResourceMetadata(metadata, await getStoredResourceScope(mastra, requestContext)),\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser: resolvedBrowser,\n requestContextSchema,\n } as StorageCreateAgentInput;\n\n // Use editor.agent.create() when available to apply builder defaults\n const editor = mastra.getEditor?.();\n if (editor) {\n await editor.agent.create(input);\n } else {\n // Fallback to direct storage create\n await agentsStore.create({ agent: input });\n }\n\n // Publish the initial version so the agent is immediately usable.\n // Without this, the thin record stays as status='draft' with activeVersionId=null,\n // which makes the agent unreachable via status='published' resolution.\n const { versions } = await agentsStore.listVersions({ agentId: id, perPage: 1 });\n const initialVersion = versions[0];\n if (initialVersion) {\n await agentsStore.update({\n id,\n activeVersionId: initialVersion.id,\n status: 'published',\n });\n editor?.agent.clearCache(id);\n }\n\n // Return the resolved agent (thin record + version config) using the newly published version\n const resolved = await agentsStore.getByIdResolved(id, { status: 'published' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve created agent' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error creating stored agent');\n }\n },\n});\n\n/**\n * PATCH /stored/agents/:storedAgentId - Update a stored agent\n */\nexport const UPDATE_STORED_AGENT_ROUTE: ServerRoute<\n InferParams<typeof storedAgentIdPathParams, undefined, typeof updateStoredAgentBodySchema>,\n z.infer<typeof updateStoredAgentResponseSchema>,\n 'json',\n RouteSchemas<\n typeof storedAgentIdPathParams,\n undefined,\n typeof updateStoredAgentBodySchema,\n typeof updateStoredAgentResponseSchema\n >,\n 'PATCH',\n '/stored/agents/:storedAgentId'\n> = createRoute({\n method: 'PATCH',\n path: '/stored/agents/:storedAgentId',\n responseType: 'json',\n pathParamSchema: storedAgentIdPathParams,\n bodySchema: updateStoredAgentBodySchema,\n responseSchema: updateStoredAgentResponseSchema,\n summary: 'Update stored agent',\n description: 'Updates an existing agent in storage with the provided fields',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({\n mastra,\n requestContext,\n storedAgentId,\n // Metadata-level fields\n authorId,\n metadata,\n visibility,\n // Config fields (snapshot-level)\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser,\n requestContextSchema,\n // Version metadata\n changeMessage,\n }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n // Check if agent exists\n const existing = await agentsStore.getById(storedAgentId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n }\n const scope = await getStoredResourceScope(mastra, requestContext);\n assertStoredResourceScope(existing, scope);\n\n // Throws 404 if the caller isn't the owner, admin, or `agents:edit[:<id>]` holder.\n assertWriteAccess({\n requestContext,\n resource: 'stored-agents',\n resourceId: storedAgentId,\n action: 'edit',\n record: existing,\n });\n\n // Reject oversized avatar images before writing to storage.\n validateMetadataAvatarUrl(metadata);\n\n // No owner = always public, regardless of what the client sent.\n const callerAuthorId = getCallerAuthorId(requestContext) ?? undefined;\n const resolvedVisibility = callerAuthorId ? visibility : visibility != null ? 'public' : undefined;\n\n // Enforce admin model allowlist (Phase 6) before persisting.\n if (model !== undefined) {\n const policy = await resolveBuilderModelPolicy(mastra.getEditor?.());\n if (policy.active) {\n assertModelAllowed(policy.allowed, model as Parameters<typeof assertModelAllowed>[1]);\n }\n }\n\n // Resolve boolean browser shorthand from the UI\n const resolvedBrowser = await resolveBrowserField(browser, mastra);\n\n const scopedMetadata =\n metadata !== undefined\n ? scopeStoredResourceMetadata({ ...(existing.metadata ?? {}), ...metadata }, scope)\n : undefined;\n\n // Update the agent with both metadata-level and config-level fields\n // The storage layer handles separating these into agent-record updates vs new-version creation\n // Cast needed because Zod's passthrough() output types don't exactly match the handwritten TS interfaces\n const updatedAgent = await agentsStore.update({\n id: storedAgentId,\n authorId,\n ...(scopedMetadata !== undefined ? { metadata: scopedMetadata } : {}),\n visibility: resolvedVisibility,\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser: resolvedBrowser,\n requestContextSchema,\n } as StorageUpdateAgentInput);\n\n // Build the snapshot config for auto-versioning comparison\n const configFields = {\n name,\n description,\n instructions,\n model,\n tools,\n defaultOptions,\n workflows,\n agents,\n integrationTools,\n mcpClients,\n inputProcessors,\n outputProcessors,\n memory,\n scorers,\n skills,\n workspace,\n browser: resolvedBrowser,\n requestContextSchema,\n };\n\n // Filter out undefined values to get only the config fields that were provided\n const providedConfigFields = Object.fromEntries(Object.entries(configFields).filter(([_, v]) => v !== undefined));\n\n // Handle auto-versioning with retry logic for race conditions\n // This creates a new version if there are meaningful config changes.\n const autoVersionResult = await handleAutoVersioning(\n agentsStore as unknown as VersionedStoreInterface,\n storedAgentId,\n 'agentId',\n AGENT_SNAPSHOT_CONFIG_FIELDS,\n existing,\n updatedAgent,\n providedConfigFields,\n changeMessage ? { changeMessage } : undefined,\n );\n\n if (!autoVersionResult) {\n throw new Error('handleAutoVersioning returned undefined');\n }\n\n // Auto-publish: activate the latest version so the update is immediately\n // visible in list views. The Agent Builder UI has no separate \"Publish\"\n // button, so without this every edit after creation would create orphaned\n // draft versions that never surface in the list.\n // When a proper publish flow ships, this block can be removed.\n if (autoVersionResult.versionCreated) {\n const { versions } = await agentsStore.listVersions({ agentId: storedAgentId, perPage: 1 });\n const latestVersion = versions[0];\n if (latestVersion) {\n await agentsStore.update({\n id: storedAgentId,\n activeVersionId: latestVersion.id,\n });\n }\n }\n\n // Clear the cached agent instance so the next request gets the updated config\n const editor = mastra.getEditor();\n if (editor) {\n editor.agent.clearCache(storedAgentId);\n }\n\n // Return the resolved agent with the latest version\n const resolved = await agentsStore.getByIdResolved(storedAgentId, { status: 'draft' });\n if (!resolved) {\n throw new HTTPException(500, { message: 'Failed to resolve updated agent' });\n }\n\n return resolved;\n } catch (error) {\n return handleError(error, 'Error updating stored agent');\n }\n },\n});\n\n/**\n * DELETE /stored/agents/:storedAgentId - Delete a stored agent\n */\nexport const DELETE_STORED_AGENT_ROUTE = createRoute({\n method: 'DELETE',\n path: '/stored/agents/:storedAgentId',\n responseType: 'json',\n pathParamSchema: storedAgentIdPathParams,\n responseSchema: deleteStoredAgentResponseSchema,\n summary: 'Delete stored agent',\n description: 'Deletes an agent from storage by its unique identifier',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({ mastra, requestContext, storedAgentId }) => {\n try {\n const storage = mastra.getStorage();\n\n if (!storage) {\n throw new HTTPException(500, { message: 'Storage is not configured' });\n }\n\n const agentsStore = await storage.getStore('agents');\n if (!agentsStore) {\n throw new HTTPException(500, { message: 'Agents storage domain is not available' });\n }\n\n // Check if agent exists\n const existing = await agentsStore.getById(storedAgentId);\n if (!existing) {\n throw new HTTPException(404, { message: `Stored agent with id ${storedAgentId} not found` });\n }\n assertStoredResourceScope(existing, await getStoredResourceScope(mastra, requestContext));\n\n // Throws 404 if the caller isn't the owner, admin, or `agents:delete[:<id>]` holder.\n assertWriteAccess({\n requestContext,\n resource: 'stored-agents',\n resourceId: storedAgentId,\n action: 'delete',\n record: existing,\n });\n\n await agentsStore.delete(storedAgentId);\n\n // Cascade: drop any favorite rows referencing this agent so they don't\n // resurrect if the same id is reused. Failure must not abort the delete.\n try {\n const favoritesStore = await storage.getStore('favorites');\n await favoritesStore?.deleteFavoritesForEntity({ entityType: 'agent', entityId: storedAgentId });\n } catch (cascadeError) {\n mastra\n .getLogger?.()\n ?.warn?.('Failed to cascade-delete favorites for agent', { storedAgentId, error: cascadeError });\n }\n\n // Clear the cached agent instance\n mastra.getEditor()?.agent.clearCache(storedAgentId);\n\n return { success: true, message: `Agent ${storedAgentId} deleted successfully` };\n } catch (error) {\n return handleError(error, 'Error deleting stored agent');\n }\n },\n});\n\n/**\n * POST /stored/agents/preview-instructions - Preview resolved instructions\n */\nexport const PREVIEW_INSTRUCTIONS_ROUTE = createRoute({\n method: 'POST',\n path: '/stored/agents/preview-instructions',\n responseType: 'json',\n bodySchema: previewInstructionsBodySchema,\n responseSchema: previewInstructionsResponseSchema,\n summary: 'Preview resolved instructions',\n description:\n 'Resolves an array of instruction blocks against a request context, evaluating rules, fetching prompt block references, and rendering template variables. Returns the final concatenated instruction string.',\n tags: ['Stored Agents'],\n requiresAuth: true,\n handler: async ({ mastra, blocks, context }) => {\n try {\n const editor = mastra.getEditor();\n if (!editor) {\n throw new HTTPException(500, { message: 'Editor is not configured' });\n }\n\n const result = await editor.prompt.preview(blocks, context ?? {});\n\n return { result };\n } catch (error) {\n return handleError(error, 'Error previewing instructions');\n }\n },\n});\n"]}
package/dist/{chunk-HZNJ4B7D.cjs → chunk-OR4OZJUW.cjs} RENAMED
@@ -1,9 +1,9 @@
1
1
  'use strict';
2
2
 
3
- var chunkHXICAUTW_cjs = require('./chunk-HXICAUTW.cjs');
4
3
  var chunkYNSUYESL_cjs = require('./chunk-YNSUYESL.cjs');
5
4
  var chunkXTFWFQZ7_cjs = require('./chunk-XTFWFQZ7.cjs');
6
5
  var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
6
+ var chunkHXICAUTW_cjs = require('./chunk-HXICAUTW.cjs');
7
7
  var chunkO7I5CWRX_cjs = require('./chunk-O7I5CWRX.cjs');
8
8
  var features = require('@mastra/core/features');
9
9
 
@@ -1342,5 +1342,5 @@ exports.WORKSPACE_SKILLS_SH_ROUTES = WORKSPACE_SKILLS_SH_ROUTES;
1342
1342
  exports.WORKSPACE_SKILLS_SH_SEARCH_ROUTE = WORKSPACE_SKILLS_SH_SEARCH_ROUTE;
1343
1343
  exports.WORKSPACE_SKILLS_SH_UPDATE_ROUTE = WORKSPACE_SKILLS_SH_UPDATE_ROUTE;
1344
1344
  exports.workspace_exports = workspace_exports;
1345
- //# sourceMappingURL=chunk-HZNJ4B7D.cjs.map
1346
- //# sourceMappingURL=chunk-HZNJ4B7D.cjs.map
1345
+ //# sourceMappingURL=chunk-OR4OZJUW.cjs.map
1346
+ //# sourceMappingURL=chunk-OR4OZJUW.cjs.map