@mastra/server 1.38.0-alpha.9 → 1.39.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (202) hide show
  1. package/CHANGELOG.md +267 -0
  2. package/dist/_types/@mastra_schema-compat/dist/_types/@internal_ai-sdk-v5/dist/index.d.ts +11 -8
  3. package/dist/{api-schema-manifest-E3RU6MLF.cjs → api-schema-manifest-ALHYYJMN.cjs} +4 -4
  4. package/dist/{api-schema-manifest-E3RU6MLF.cjs.map → api-schema-manifest-ALHYYJMN.cjs.map} +1 -1
  5. package/dist/{api-schema-manifest-DNC2KIKD.js → api-schema-manifest-PQ6VZTB3.js} +3 -3
  6. package/dist/{api-schema-manifest-DNC2KIKD.js.map → api-schema-manifest-PQ6VZTB3.js.map} +1 -1
  7. package/dist/chunk-2ONW75MN.cjs +477 -0
  8. package/dist/chunk-2ONW75MN.cjs.map +1 -0
  9. package/dist/{chunk-CJMJQR2K.cjs → chunk-3APAH25G.cjs} +4 -4
  10. package/dist/{chunk-CJMJQR2K.cjs.map → chunk-3APAH25G.cjs.map} +1 -1
  11. package/dist/{chunk-PXYR3D6L.cjs → chunk-3D55EABW.cjs} +3 -9
  12. package/dist/chunk-3D55EABW.cjs.map +1 -0
  13. package/dist/{chunk-WXJSYUBX.cjs → chunk-3KXE2KXE.cjs} +4 -4
  14. package/dist/{chunk-WXJSYUBX.cjs.map → chunk-3KXE2KXE.cjs.map} +1 -1
  15. package/dist/{chunk-APV6QKRZ.cjs → chunk-4W7KQRF5.cjs} +28 -28
  16. package/dist/{chunk-APV6QKRZ.cjs.map → chunk-4W7KQRF5.cjs.map} +1 -1
  17. package/dist/{chunk-L33BLLID.cjs → chunk-544IXGBW.cjs} +168 -166
  18. package/dist/chunk-544IXGBW.cjs.map +1 -0
  19. package/dist/{chunk-VH6QCEN7.cjs → chunk-5DDUXRAY.cjs} +102 -102
  20. package/dist/{chunk-VH6QCEN7.cjs.map → chunk-5DDUXRAY.cjs.map} +1 -1
  21. package/dist/{chunk-DNKTFFOV.cjs → chunk-5WB7PKHN.cjs} +4 -4
  22. package/dist/{chunk-DNKTFFOV.cjs.map → chunk-5WB7PKHN.cjs.map} +1 -1
  23. package/dist/{chunk-ODIMB6T6.cjs → chunk-6MP52DMQ.cjs} +7 -7
  24. package/dist/{chunk-ODIMB6T6.cjs.map → chunk-6MP52DMQ.cjs.map} +1 -1
  25. package/dist/{chunk-3LUN33E7.cjs → chunk-76ONC2XD.cjs} +85 -19
  26. package/dist/chunk-76ONC2XD.cjs.map +1 -0
  27. package/dist/{chunk-TLMAHJTC.cjs → chunk-77IY4RTO.cjs} +16 -16
  28. package/dist/{chunk-TLMAHJTC.cjs.map → chunk-77IY4RTO.cjs.map} +1 -1
  29. package/dist/{chunk-5PCUNLFX.js → chunk-AEH5OCIH.js} +3 -3
  30. package/dist/{chunk-5PCUNLFX.js.map → chunk-AEH5OCIH.js.map} +1 -1
  31. package/dist/{chunk-WADS7CD7.js → chunk-AW5INHG7.js} +4 -4
  32. package/dist/{chunk-WADS7CD7.js.map → chunk-AW5INHG7.js.map} +1 -1
  33. package/dist/{chunk-P7FVOCQB.cjs → chunk-AX6REP5O.cjs} +4 -4
  34. package/dist/{chunk-P7FVOCQB.cjs.map → chunk-AX6REP5O.cjs.map} +1 -1
  35. package/dist/{chunk-4DVNH3KJ.js → chunk-B5NMA52D.js} +4 -4
  36. package/dist/{chunk-4DVNH3KJ.js.map → chunk-B5NMA52D.js.map} +1 -1
  37. package/dist/{chunk-4T6DC425.js → chunk-CBG6LUEW.js} +3 -3
  38. package/dist/{chunk-4T6DC425.js.map → chunk-CBG6LUEW.js.map} +1 -1
  39. package/dist/{chunk-SDBN3DIS.cjs → chunk-D5M3VILP.cjs} +26 -26
  40. package/dist/{chunk-SDBN3DIS.cjs.map → chunk-D5M3VILP.cjs.map} +1 -1
  41. package/dist/{chunk-Z2ZMHHQW.js → chunk-E7AEYMKH.js} +3 -3
  42. package/dist/{chunk-Z2ZMHHQW.js.map → chunk-E7AEYMKH.js.map} +1 -1
  43. package/dist/{chunk-J6OD53OV.js → chunk-ESJTIVEQ.js} +12 -3
  44. package/dist/chunk-ESJTIVEQ.js.map +1 -0
  45. package/dist/{chunk-T2FBYRYD.cjs → chunk-ET7KSUVJ.cjs} +12 -2
  46. package/dist/chunk-ET7KSUVJ.cjs.map +1 -0
  47. package/dist/{chunk-T6IXA4ZQ.js → chunk-FQCCUWMS.js} +3 -3
  48. package/dist/{chunk-T6IXA4ZQ.js.map → chunk-FQCCUWMS.js.map} +1 -1
  49. package/dist/{chunk-QRIHD5UO.js → chunk-G2CL5JMK.js} +5 -5
  50. package/dist/{chunk-QRIHD5UO.js.map → chunk-G2CL5JMK.js.map} +1 -1
  51. package/dist/{chunk-XDOMY4VL.cjs → chunk-GAERIPY2.cjs} +5 -5
  52. package/dist/{chunk-XDOMY4VL.cjs.map → chunk-GAERIPY2.cjs.map} +1 -1
  53. package/dist/{chunk-QM3NYDZZ.js → chunk-HEBNJ6KJ.js} +4 -4
  54. package/dist/{chunk-QM3NYDZZ.js.map → chunk-HEBNJ6KJ.js.map} +1 -1
  55. package/dist/{chunk-AT5ZCHIV.cjs → chunk-HGREXGI2.cjs} +3 -3
  56. package/dist/{chunk-AT5ZCHIV.cjs.map → chunk-HGREXGI2.cjs.map} +1 -1
  57. package/dist/{chunk-RBONVWGZ.js → chunk-HJVMQDSZ.js} +9 -3
  58. package/dist/chunk-HJVMQDSZ.js.map +1 -0
  59. package/dist/{chunk-MFYZWOKE.cjs → chunk-IGE7NPFH.cjs} +5 -5
  60. package/dist/{chunk-MFYZWOKE.cjs.map → chunk-IGE7NPFH.cjs.map} +1 -1
  61. package/dist/{chunk-UFYCA27U.js → chunk-IONXSX77.js} +5 -3
  62. package/dist/chunk-IONXSX77.js.map +1 -0
  63. package/dist/{chunk-RTYOFB6W.cjs → chunk-IU3ZRZSG.cjs} +5 -3
  64. package/dist/chunk-IU3ZRZSG.cjs.map +1 -0
  65. package/dist/{chunk-76I5G5W5.js → chunk-JMEMSVJ5.js} +4 -9
  66. package/dist/chunk-JMEMSVJ5.js.map +1 -0
  67. package/dist/{chunk-56F2IRK3.js → chunk-K6XESXNQ.js} +3 -3
  68. package/dist/{chunk-56F2IRK3.js.map → chunk-K6XESXNQ.js.map} +1 -1
  69. package/dist/{chunk-43KD3CRE.cjs → chunk-LBVQK4LO.cjs} +16 -5
  70. package/dist/chunk-LBVQK4LO.cjs.map +1 -0
  71. package/dist/{chunk-IJFPP2XB.js → chunk-LNBKA6IA.js} +69 -4
  72. package/dist/chunk-LNBKA6IA.js.map +1 -0
  73. package/dist/{chunk-BKYFKSJI.js → chunk-LPYCF5B2.js} +3 -3
  74. package/dist/{chunk-BKYFKSJI.js.map → chunk-LPYCF5B2.js.map} +1 -1
  75. package/dist/{chunk-DRXZDKLU.js → chunk-LQQCTO6D.js} +3 -3
  76. package/dist/{chunk-DRXZDKLU.js.map → chunk-LQQCTO6D.js.map} +1 -1
  77. package/dist/{chunk-HX5BGP6D.cjs → chunk-LYF4J3JE.cjs} +17 -17
  78. package/dist/{chunk-HX5BGP6D.cjs.map → chunk-LYF4J3JE.cjs.map} +1 -1
  79. package/dist/chunk-NQLS4Z3W.js +472 -0
  80. package/dist/chunk-NQLS4Z3W.js.map +1 -0
  81. package/dist/{chunk-KSZXXQHZ.js → chunk-NTE3Q3BA.js} +3 -3
  82. package/dist/{chunk-KSZXXQHZ.js.map → chunk-NTE3Q3BA.js.map} +1 -1
  83. package/dist/{chunk-5FPJ4RT4.js → chunk-OCWY55IQ.js} +3 -3
  84. package/dist/{chunk-5FPJ4RT4.js.map → chunk-OCWY55IQ.js.map} +1 -1
  85. package/dist/{chunk-GPAQ47NG.cjs → chunk-QVFQUBC7.cjs} +9 -3
  86. package/dist/chunk-QVFQUBC7.cjs.map +1 -0
  87. package/dist/{chunk-7GOHECZP.js → chunk-SEAEQN2H.js} +3 -3
  88. package/dist/{chunk-7GOHECZP.js.map → chunk-SEAEQN2H.js.map} +1 -1
  89. package/dist/{chunk-6XSS54BL.cjs → chunk-THXUZHS6.cjs} +7 -7
  90. package/dist/{chunk-6XSS54BL.cjs.map → chunk-THXUZHS6.cjs.map} +1 -1
  91. package/dist/{chunk-M7HLT2GO.js → chunk-UOQHTFYI.js} +3 -3
  92. package/dist/{chunk-M7HLT2GO.js.map → chunk-UOQHTFYI.js.map} +1 -1
  93. package/dist/{chunk-5SK4SJJH.js → chunk-V4G7MSFL.js} +3 -3
  94. package/dist/{chunk-5SK4SJJH.js.map → chunk-V4G7MSFL.js.map} +1 -1
  95. package/dist/{chunk-XB6H6LOM.js → chunk-VSB4S6R5.js} +3 -3
  96. package/dist/{chunk-XB6H6LOM.js.map → chunk-VSB4S6R5.js.map} +1 -1
  97. package/dist/{chunk-4DGDQWQQ.cjs → chunk-VWFP6O2W.cjs} +14 -14
  98. package/dist/{chunk-4DGDQWQQ.cjs.map → chunk-VWFP6O2W.cjs.map} +1 -1
  99. package/dist/{chunk-ZNMKBPTN.cjs → chunk-WUPBIK5J.cjs} +15 -15
  100. package/dist/{chunk-ZNMKBPTN.cjs.map → chunk-WUPBIK5J.cjs.map} +1 -1
  101. package/dist/{chunk-F27R55RI.cjs → chunk-XGFN7MMF.cjs} +4 -4
  102. package/dist/{chunk-F27R55RI.cjs.map → chunk-XGFN7MMF.cjs.map} +1 -1
  103. package/dist/{chunk-YW252K6H.js → chunk-XNGC2C6Z.js} +20 -18
  104. package/dist/chunk-XNGC2C6Z.js.map +1 -0
  105. package/dist/{chunk-7GSR7HQ2.js → chunk-Y5CIOSHU.js} +4 -4
  106. package/dist/{chunk-7GSR7HQ2.js.map → chunk-Y5CIOSHU.js.map} +1 -1
  107. package/dist/{chunk-OJNVSXOF.js → chunk-YH4WGIEH.js} +16 -5
  108. package/dist/chunk-YH4WGIEH.js.map +1 -0
  109. package/dist/{chunk-NSXV3FWO.cjs → chunk-ZIWTQGJV.cjs} +20 -20
  110. package/dist/{chunk-NSXV3FWO.cjs.map → chunk-ZIWTQGJV.cjs.map} +1 -1
  111. package/dist/constants-DVRTNEGY-A5OAGF3M.js +3 -0
  112. package/dist/{constants-SPS7MR4D-YRZDDIPO.js.map → constants-DVRTNEGY-A5OAGF3M.js.map} +1 -1
  113. package/dist/{constants-SPS7MR4D-ZMHAFWSH.cjs → constants-DVRTNEGY-ZGCNETZ3.cjs} +8 -8
  114. package/dist/{constants-SPS7MR4D-ZMHAFWSH.cjs.map → constants-DVRTNEGY-ZGCNETZ3.cjs.map} +1 -1
  115. package/dist/{dist-HIWM6H43.js → dist-LWX2CRMH.js} +304 -125
  116. package/dist/dist-LWX2CRMH.js.map +1 -0
  117. package/dist/{dist-LZYJXHUM.cjs → dist-QFLLP7OJ.cjs} +336 -157
  118. package/dist/dist-QFLLP7OJ.cjs.map +1 -0
  119. package/dist/docs/SKILL.md +1 -1
  120. package/dist/docs/assets/SOURCE_MAP.json +1 -1
  121. package/dist/{observational-memory-TJFOX3YN-A2QE2E3I.cjs → observational-memory-G52HNRHE-73KIWQ2G.cjs} +31 -31
  122. package/dist/{observational-memory-TJFOX3YN-A2QE2E3I.cjs.map → observational-memory-G52HNRHE-73KIWQ2G.cjs.map} +1 -1
  123. package/dist/{observational-memory-TJFOX3YN-P3KG2OXA.js → observational-memory-G52HNRHE-RHA4V77M.js} +4 -4
  124. package/dist/{observational-memory-TJFOX3YN-P3KG2OXA.js.map → observational-memory-G52HNRHE-RHA4V77M.js.map} +1 -1
  125. package/dist/server/auth/helpers.d.ts +3 -4
  126. package/dist/server/auth/helpers.d.ts.map +1 -1
  127. package/dist/server/auth/index.cjs +15 -15
  128. package/dist/server/auth/index.js +1 -1
  129. package/dist/server/handlers/a2a.cjs +14 -14
  130. package/dist/server/handlers/a2a.js +1 -1
  131. package/dist/server/handlers/agent-builder.cjs +17 -17
  132. package/dist/server/handlers/agent-builder.js +1 -1
  133. package/dist/server/handlers/agent-versions.cjs +8 -8
  134. package/dist/server/handlers/agent-versions.js +1 -1
  135. package/dist/server/handlers/agents.cjs +45 -45
  136. package/dist/server/handlers/agents.d.ts +4 -0
  137. package/dist/server/handlers/agents.d.ts.map +1 -1
  138. package/dist/server/handlers/agents.js +1 -1
  139. package/dist/server/handlers/auth.cjs +12 -12
  140. package/dist/server/handlers/auth.js +1 -1
  141. package/dist/server/handlers/conversations.cjs +5 -5
  142. package/dist/server/handlers/conversations.js +1 -1
  143. package/dist/server/handlers/memory.cjs +27 -27
  144. package/dist/server/handlers/memory.d.ts.map +1 -1
  145. package/dist/server/handlers/memory.js +1 -1
  146. package/dist/server/handlers/responses.cjs +4 -4
  147. package/dist/server/handlers/responses.js +1 -1
  148. package/dist/server/handlers/scorer-versions.cjs +8 -8
  149. package/dist/server/handlers/scorer-versions.js +1 -1
  150. package/dist/server/handlers/scores.cjs +7 -7
  151. package/dist/server/handlers/scores.js +1 -1
  152. package/dist/server/handlers/stored-agent-favorites.cjs +3 -3
  153. package/dist/server/handlers/stored-agent-favorites.js +1 -1
  154. package/dist/server/handlers/stored-agents.cjs +12 -8
  155. package/dist/server/handlers/stored-agents.d.ts +26 -0
  156. package/dist/server/handlers/stored-agents.d.ts.map +1 -1
  157. package/dist/server/handlers/stored-agents.js +1 -1
  158. package/dist/server/handlers/stored-scorers.cjs +6 -6
  159. package/dist/server/handlers/stored-scorers.js +1 -1
  160. package/dist/server/handlers/system.cjs +3 -3
  161. package/dist/server/handlers/system.js +1 -1
  162. package/dist/server/handlers/tools.cjs +6 -6
  163. package/dist/server/handlers/tools.js +1 -1
  164. package/dist/server/handlers/workflows.cjs +27 -27
  165. package/dist/server/handlers/workflows.js +1 -1
  166. package/dist/server/handlers.cjs +18 -18
  167. package/dist/server/handlers.js +9 -9
  168. package/dist/server/schemas/agents.d.ts +2 -0
  169. package/dist/server/schemas/agents.d.ts.map +1 -1
  170. package/dist/server/schemas/index.cjs +119 -115
  171. package/dist/server/schemas/index.js +5 -5
  172. package/dist/server/schemas/stored-agents.d.ts +17 -0
  173. package/dist/server/schemas/stored-agents.d.ts.map +1 -1
  174. package/dist/server/server-adapter/index.cjs +23 -16
  175. package/dist/server/server-adapter/index.cjs.map +1 -1
  176. package/dist/server/server-adapter/index.d.ts.map +1 -1
  177. package/dist/server/server-adapter/index.js +11 -4
  178. package/dist/server/server-adapter/index.js.map +1 -1
  179. package/dist/server/server-adapter/routes/stored-agents.d.ts +2 -1
  180. package/dist/server/server-adapter/routes/stored-agents.d.ts.map +1 -1
  181. package/dist/working-memory-state-J7ASTNXX-JNDYMEET.js +3 -0
  182. package/dist/working-memory-state-J7ASTNXX-JNDYMEET.js.map +1 -0
  183. package/dist/working-memory-state-J7ASTNXX-WEIO7C67.cjs +24 -0
  184. package/dist/working-memory-state-J7ASTNXX-WEIO7C67.cjs.map +1 -0
  185. package/package.json +9 -9
  186. package/dist/chunk-3LUN33E7.cjs.map +0 -1
  187. package/dist/chunk-43KD3CRE.cjs.map +0 -1
  188. package/dist/chunk-76I5G5W5.js.map +0 -1
  189. package/dist/chunk-GPAQ47NG.cjs.map +0 -1
  190. package/dist/chunk-IJFPP2XB.js.map +0 -1
  191. package/dist/chunk-J6OD53OV.js.map +0 -1
  192. package/dist/chunk-L33BLLID.cjs.map +0 -1
  193. package/dist/chunk-OJNVSXOF.js.map +0 -1
  194. package/dist/chunk-PXYR3D6L.cjs.map +0 -1
  195. package/dist/chunk-RBONVWGZ.js.map +0 -1
  196. package/dist/chunk-RTYOFB6W.cjs.map +0 -1
  197. package/dist/chunk-T2FBYRYD.cjs.map +0 -1
  198. package/dist/chunk-UFYCA27U.js.map +0 -1
  199. package/dist/chunk-YW252K6H.js.map +0 -1
  200. package/dist/constants-SPS7MR4D-YRZDDIPO.js +0 -3
  201. package/dist/dist-HIWM6H43.js.map +0 -1
  202. package/dist/dist-LZYJXHUM.cjs.map +0 -1
package/dist/{chunk-CJMJQR2K.cjs.map → chunk-3APAH25G.cjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["createPublicRoute","capabilitiesResponseSchema","supportsSessionRefresh","handleError","currentUserResponseSchema","ssoLoginQuerySchema","HTTPException","ssoCallbackQuerySchema","refreshResponseSchema","credentialsSignInBodySchema","credentialsSignUpBodySchema","mastra","z","createRoute","MASTRA_USER_PERMISSIONS_KEY"],"mappings":";;;;;;;;;;AAyCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAoBO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AAEA,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACrF,IAAA,MAAM,KAAA,GAAQ,cAAA,IAAkB,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,EAAE,CAAA;AAC7E,IAAA,OAAO,CAAA,EAAG,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,eAAe,MAAA,EAA+C;AACrE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,GAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,QAAQ,OAAO,IAAA,KAAS,YAAY,OAAQ,IAAA,CAAa,MAAM,CAAA,KAAM,UAAA;AACvF;AAMO,IAAM,8BAA8BA,mCAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,4CAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,GAAA,GAAM,eAAe,MAAM,CAAA;AAEjC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,OAAA,EAAS,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,WAAA,EAAa,CAAA;AAIjG,MAAA,IAAI,EAAE,MAAA,IAAU,YAAA,CAAA,IAAiBC,wCAAA,CAAuB,IAAI,CAAA,EAAG;AAC7D,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AAC5D,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AAC5D,YAAA,IAAI,gBAAA,EAAkB;AACpB,cAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,iBAAA,CAAkB,gBAAgB,CAAA;AACpE,cAAA,MAAM,WAAA,GAAc,yBAAyB,cAAc,CAAA;AAC3D,cAAA,IAAI,WAAA,EAAa;AAEf,gBAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK;AAAA,kBAChD,QAAQ,OAAA,CAAQ,MAAA;AAAA,kBAChB,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO;AAAA,iBACrC,CAAA;AACD,gBAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,WAAW,CAAA;AAClD,gBAAA,MAAM,qBAAA,GAAwB,MAAM,iBAAA,CAAkB,IAAA,EAAM,gBAAA,EAAkB;AAAA,kBAC5E,IAAA;AAAA,kBACA,SAAA,EAAW;AAAA,iBACZ,CAAA;AAGD,gBAAA,IAAI,UAAU,qBAAA,EAAuB;AACnC,kBAAC,sBAA8B,gBAAA,GAAmB,cAAA;AAAA,gBACpD;AACA,gBAAA,OAAO,qBAAA;AAAA,cACT;AAAA,YACF;AAAA,UACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKD,SAAS,yBAAyB,OAAA,EAAgD;AAChF,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,YAAY,CAAA,IAAK,QAAQ,YAAY,CAAA;AAC/D,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,UAAU,CAAA;AACxC,EAAA,OAAO,KAAA,GAAS,KAAA,CAAM,CAAC,CAAA,IAAK,IAAA,GAAQ,IAAA;AACtC;AAMO,IAAM,yBAAyBH,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBI,2CAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOD,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsBH,mCAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBK,qCAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBH,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBO,wCAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoBP,mCAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOG,6BAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqBH,mCAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgBQ,uCAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,OAAOH,6BAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCH,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYS,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCN,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYU,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,MAAMK,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAIL,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMD,IAAM,yBAAA,GAA4BM,KAAE,MAAA,CAAO,EAAE,QAAQA,IAAA,CAAE,MAAA,IAAU,CAAA;AACjE,IAAM,6BAAA,GAAgCA,IAAA,CAAE,MAAA,CAAO,EAAE,QAAQA,IAAA,CAAE,MAAA,EAAO,EAAG,WAAA,EAAaA,KAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,GAAG,CAAA;AAEhG,IAAM,6BAA6BC,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iCAAA;AAAA,EACN,YAAA,EAAc,IAAA;AAAA,EACd,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,yBAAA;AAAA,EACjB,cAAA,EAAgB,6BAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAO,GAAI,GAAA;AAG3C,MAAA,MAAM,iBAAA,GAA8B,cAAA,EAAgB,GAAA,CAAIC,6CAA2B,KAAK,EAAC;AACzF,MAAA,MAAM,OAAA,GAAU,kBAAkB,IAAA,CAAK,CAAC,MAAc,CAAA,KAAM,GAAA,IAAO,MAAM,KAAK,CAAA;AAC9E,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIR,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yBAAyB,CAAA;AAAA,MACnE;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,IAAI,CAAC,MAAM,qBAAA,EAAuB;AAChC,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6DAA6D,CAAA;AAAA,MACvG;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,qBAAA,CAAsB,MAAM,CAAA;AAC3D,MAAA,OAAO,EAAE,QAAQ,WAAA,EAAY;AAAA,IAC/B,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,OAAOH,6BAAA,CAAY,OAAO,gCAAgC,CAAA;AAAA,IAC5D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-CJMJQR2K.cjs","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, IFGAProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { z } from 'zod/v4';\nimport { supportsSessionRefresh } from '../auth/helpers';\nimport { MASTRA_USER_PERMISSIONS_KEY } from '../constants';\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n refreshResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute, createRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (\n auth: any,\n request: Request,\n options?: { rbac?: any; fga?: any; apiPrefix?: string },\n) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname,\n * so we rely on forwarded headers to reconstruct the real public origin.\n *\n * Assumes the server is behind a trusted proxy (or running locally). When\n * exposed directly to untrusted clients, the Host header is attacker-controlled\n * and must be validated upstream.\n *\n * Priority:\n * 1. X-Forwarded-Host (traditional reverse proxy) → always HTTPS. Knative's\n * queue-proxy overwrites X-Forwarded-Proto based on the internal HTTP\n * connection, so X-Forwarded-Proto is ignored here.\n * 2. Host header with X-Forwarded-Proto (AWS ALB, some proxies) → respect proto.\n * 3. Host header alone → use the scheme from request.url (covers both direct\n * HTTP access and proxies that preserve Host but don't set a proto header).\n * 4. No Host header → fall back to request.url.origin (local dev / direct access).\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n\n const host = request.headers.get('host');\n if (host) {\n const forwardedProto = request.headers.get('x-forwarded-proto')?.split(',')[0]?.trim();\n const proto = forwardedProto || new URL(request.url).protocol.replace(':', '');\n return `${proto}://${host}`;\n }\n\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Helper to get FGA provider from Mastra server config.\n */\nfunction getFGAProvider(mastra: any): IFGAProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.fga as IFGAProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && typeof (auth as any)[method] === 'function';\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra);\n const fga = getFGAProvider(mastra);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, fga, apiPrefix: routePrefix });\n\n // If capabilities came back without a user, the session may have expired.\n // Attempt a transparent refresh (same logic as coreAuthMiddleware) and retry.\n if (!('user' in capabilities) && supportsSessionRefresh(auth)) {\n try {\n const sessionId = await auth.getSessionIdFromRequest(request);\n if (sessionId) {\n const refreshedSession = await auth.refreshSession(sessionId);\n if (refreshedSession) {\n const sessionHeaders = await auth.getSessionHeaders(refreshedSession);\n const cookieValue = extractCookieFromHeaders(sessionHeaders);\n if (cookieValue) {\n // Rebuild capabilities with the refreshed cookie\n const refreshedRequest = new Request(request.url, {\n method: request.method,\n headers: new Headers(request.headers),\n });\n refreshedRequest.headers.set('Cookie', cookieValue);\n const refreshedCapabilities = await buildCapabilities(auth, refreshedRequest, {\n rbac,\n apiPrefix: routePrefix,\n });\n\n // Attach refresh headers so the adapter can set the new cookie\n if ('user' in refreshedCapabilities) {\n (refreshedCapabilities as any).__refreshHeaders = sessionHeaders;\n }\n return refreshedCapabilities;\n }\n }\n }\n } catch {\n // Refresh failed — return original unauthenticated capabilities\n }\n }\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n/**\n * Extract a full cookie string from session headers (e.g. Set-Cookie → Cookie).\n */\nfunction extractCookieFromHeaders(headers: Record<string, string>): string | null {\n const setCookie = headers['Set-Cookie'] || headers['set-cookie'];\n if (!setCookie) return null;\n // Set-Cookie value is \"name=value; Path=/; ...\" — extract \"name=value\"\n const match = setCookie.match(/^([^;]+)/);\n return match ? (match[1] ?? null) : null;\n}\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const auth = getAuthProvider(mastra);\n const rbac = getRBACProvider(mastra);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/refresh',\n responseType: 'datastream-response',\n responseSchema: refreshResponseSchema,\n summary: 'Refresh session',\n description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (\n !auth ||\n !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n ) {\n throw new HTTPException(404, { message: 'Session refresh not configured' });\n }\n\n // Get session ID from request\n const sessionId = auth.getSessionIdFromRequest(request);\n if (!sessionId) {\n throw new HTTPException(401, { message: 'No session' });\n }\n\n // Refresh the session\n const newSession = await auth.refreshSession(sessionId);\n if (!newSession) {\n throw new HTTPException(401, { message: 'Session expired' });\n }\n\n // Build response with new session headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n const sessionHeaders = auth.getSessionHeaders(newSession);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers,\n });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error refreshing session');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// GET /auth/roles/:roleId/permissions\n// ============================================================================\n\nconst rolePermissionsPathSchema = z.object({ roleId: z.string() });\nconst rolePermissionsResponseSchema = z.object({ roleId: z.string(), permissions: z.array(z.string()) });\n\nexport const GET_ROLE_PERMISSIONS_ROUTE = createRoute({\n method: 'GET',\n path: '/auth/roles/:roleId/permissions',\n requiresAuth: true,\n responseType: 'json',\n pathParamSchema: rolePermissionsPathSchema,\n responseSchema: rolePermissionsResponseSchema,\n summary: 'Get permissions for a role',\n description:\n 'Returns the resolved permissions for a specific role. Only accessible by admin users. Used by the \"View as role\" feature.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, requestContext, roleId } = ctx as any;\n\n // Check that the caller is an admin\n const callerPermissions: string[] = requestContext?.get(MASTRA_USER_PERMISSIONS_KEY) ?? [];\n const isAdmin = callerPermissions.some((p: string) => p === '*' || p === '*:*');\n if (!isAdmin) {\n throw new HTTPException(403, { message: 'Admin access required' });\n }\n\n const rbac = getRBACProvider(mastra);\n if (!rbac?.getPermissionsForRole) {\n throw new HTTPException(404, { message: 'RBAC provider does not support role permission resolution' });\n }\n\n const permissions = await rbac.getPermissionsForRole(roleId);\n return { roleId, permissions };\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error getting role permissions');\n }\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_REFRESH_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n GET_ROLE_PERMISSIONS_ROUTE,\n] as const;\n"]}
1
+ {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["createPublicRoute","capabilitiesResponseSchema","supportsSessionRefresh","handleError","currentUserResponseSchema","ssoLoginQuerySchema","HTTPException","ssoCallbackQuerySchema","refreshResponseSchema","credentialsSignInBodySchema","credentialsSignUpBodySchema","mastra","z","createRoute","MASTRA_USER_PERMISSIONS_KEY"],"mappings":";;;;;;;;;;AAyCA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAKA,SAAS,gBAAgB,MAAA,EAAwC;AAC/D,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAoBO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AAEA,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACrF,IAAA,MAAM,KAAA,GAAQ,cAAA,IAAkB,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,EAAE,CAAA;AAC7E,IAAA,OAAO,CAAA,EAAG,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAKA,SAAS,gBAAgB,MAAA,EAAgD;AACvE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAKA,SAAS,eAAe,MAAA,EAA+C;AACrE,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,GAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,QAAQ,OAAO,IAAA,KAAS,YAAY,OAAQ,IAAA,CAAa,MAAM,CAAA,KAAM,UAAA;AACvF;AAMO,IAAM,8BAA8BA,mCAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,4CAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAEzC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,GAAA,GAAM,eAAe,MAAM,CAAA;AAEjC,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,OAAA,EAAS,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,WAAA,EAAa,CAAA;AAIjG,MAAA,IAAI,EAAE,MAAA,IAAU,YAAA,CAAA,IAAiBC,wCAAA,CAAuB,IAAI,CAAA,EAAG;AAC7D,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AAC5D,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AAC5D,YAAA,IAAI,gBAAA,EAAkB;AACpB,cAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,iBAAA,CAAkB,gBAAgB,CAAA;AACpE,cAAA,MAAM,WAAA,GAAc,yBAAyB,cAAc,CAAA;AAC3D,cAAA,IAAI,WAAA,EAAa;AAEf,gBAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK;AAAA,kBAChD,QAAQ,OAAA,CAAQ,MAAA;AAAA,kBAChB,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO;AAAA,iBACrC,CAAA;AACD,gBAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,WAAW,CAAA;AAClD,gBAAA,MAAM,qBAAA,GAAwB,MAAM,iBAAA,CAAkB,IAAA,EAAM,gBAAA,EAAkB;AAAA,kBAC5E,IAAA;AAAA,kBACA,SAAA,EAAW;AAAA,iBACZ,CAAA;AAGD,gBAAA,IAAI,UAAU,qBAAA,EAAuB;AACnC,kBAAC,sBAA8B,gBAAA,GAAmB,cAAA;AAAA,gBACpD;AACA,gBAAA,OAAO,qBAAA;AAAA,cACT;AAAA,YACF;AAAA,UACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKD,SAAS,yBAAyB,OAAA,EAAgD;AAChF,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,YAAY,CAAA,IAAK,QAAQ,YAAY,CAAA;AAC/D,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,UAAU,CAAA;AACxC,EAAA,OAAO,KAAA,GAAS,KAAA,CAAM,CAAC,CAAA,IAAK,IAAA,GAAQ,IAAA;AACtC;AAMO,IAAM,yBAAyBH,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBI,2CAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOD,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsBH,mCAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBK,qCAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,IAAA,CAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAA;AAGzD,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyBH,mCAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkBO,wCAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoBP,mCAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAOG,6BAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqBH,mCAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgBQ,uCAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAE5B,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAIF,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,OAAOH,6BAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCH,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYS,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAE7C,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIH,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiCN,mCAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAYU,6CAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AAEnD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AAEnC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAIJ,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,MAAMK,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAIL,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMD,IAAM,yBAAA,GAA4BM,KAAE,MAAA,CAAO,EAAE,QAAQA,IAAA,CAAE,MAAA,IAAU,CAAA;AACjE,IAAM,6BAAA,GAAgCA,IAAA,CAAE,MAAA,CAAO,EAAE,QAAQA,IAAA,CAAE,MAAA,EAAO,EAAG,WAAA,EAAaA,KAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,GAAG,CAAA;AAEhG,IAAM,6BAA6BC,6BAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iCAAA;AAAA,EACN,YAAA,EAAc,IAAA;AAAA,EACd,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,yBAAA;AAAA,EACjB,cAAA,EAAgB,6BAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAO,GAAI,GAAA;AAG3C,MAAA,MAAM,iBAAA,GAA8B,cAAA,EAAgB,GAAA,CAAIC,6CAA2B,KAAK,EAAC;AACzF,MAAA,MAAM,OAAA,GAAU,kBAAkB,IAAA,CAAK,CAAC,MAAc,CAAA,KAAM,GAAA,IAAO,MAAM,KAAK,CAAA;AAC9E,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAIR,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yBAAyB,CAAA;AAAA,MACnE;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,IAAI,CAAC,MAAM,qBAAA,EAAuB;AAChC,QAAA,MAAM,IAAIA,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6DAA6D,CAAA;AAAA,MACvG;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,qBAAA,CAAsB,MAAM,CAAA;AAC3D,MAAA,OAAO,EAAE,QAAQ,WAAA,EAAY;AAAA,IAC/B,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiBA,iCAAe,MAAM,KAAA;AAC1C,MAAA,OAAOH,6BAAA,CAAY,OAAO,gCAAgC,CAAA;AAAA,IAC5D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA,8BAAA;AAAA,EACA;AACF","file":"chunk-3APAH25G.cjs","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, IFGAProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { z } from 'zod/v4';\nimport { supportsSessionRefresh } from '../auth/helpers';\nimport { MASTRA_USER_PERMISSIONS_KEY } from '../constants';\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n refreshResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute, createRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (\n auth: any,\n request: Request,\n options?: { rbac?: any; fga?: any; apiPrefix?: string },\n) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n */\nfunction getAuthProvider(mastra: any): MastraAuthProvider | null {\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname,\n * so we rely on forwarded headers to reconstruct the real public origin.\n *\n * Assumes the server is behind a trusted proxy (or running locally). When\n * exposed directly to untrusted clients, the Host header is attacker-controlled\n * and must be validated upstream.\n *\n * Priority:\n * 1. X-Forwarded-Host (traditional reverse proxy) → always HTTPS. Knative's\n * queue-proxy overwrites X-Forwarded-Proto based on the internal HTTP\n * connection, so X-Forwarded-Proto is ignored here.\n * 2. Host header with X-Forwarded-Proto (AWS ALB, some proxies) → respect proto.\n * 3. Host header alone → use the scheme from request.url (covers both direct\n * HTTP access and proxies that preserve Host but don't set a proto header).\n * 4. No Host header → fall back to request.url.origin (local dev / direct access).\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n\n const host = request.headers.get('host');\n if (host) {\n const forwardedProto = request.headers.get('x-forwarded-proto')?.split(',')[0]?.trim();\n const proto = forwardedProto || new URL(request.url).protocol.replace(':', '');\n return `${proto}://${host}`;\n }\n\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra server config.\n */\nfunction getRBACProvider(mastra: any): IRBACProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Helper to get FGA provider from Mastra server config.\n */\nfunction getFGAProvider(mastra: any): IFGAProvider<EEUser> | undefined {\n const serverConfig = mastra.getServer?.();\n return serverConfig?.fga as IFGAProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && typeof (auth as any)[method] === 'function';\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra);\n const fga = getFGAProvider(mastra);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, fga, apiPrefix: routePrefix });\n\n // If capabilities came back without a user, the session may have expired.\n // Attempt a transparent refresh (same logic as coreAuthMiddleware) and retry.\n if (!('user' in capabilities) && supportsSessionRefresh(auth)) {\n try {\n const sessionId = await auth.getSessionIdFromRequest(request);\n if (sessionId) {\n const refreshedSession = await auth.refreshSession(sessionId);\n if (refreshedSession) {\n const sessionHeaders = await auth.getSessionHeaders(refreshedSession);\n const cookieValue = extractCookieFromHeaders(sessionHeaders);\n if (cookieValue) {\n // Rebuild capabilities with the refreshed cookie\n const refreshedRequest = new Request(request.url, {\n method: request.method,\n headers: new Headers(request.headers),\n });\n refreshedRequest.headers.set('Cookie', cookieValue);\n const refreshedCapabilities = await buildCapabilities(auth, refreshedRequest, {\n rbac,\n apiPrefix: routePrefix,\n });\n\n // Attach refresh headers so the adapter can set the new cookie\n if ('user' in refreshedCapabilities) {\n (refreshedCapabilities as any).__refreshHeaders = sessionHeaders;\n }\n return refreshedCapabilities;\n }\n }\n }\n } catch {\n // Refresh failed — return original unauthenticated capabilities\n }\n }\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n/**\n * Extract a full cookie string from session headers (e.g. Set-Cookie → Cookie).\n */\nfunction extractCookieFromHeaders(headers: Record<string, string>): string | null {\n const setCookie = headers['Set-Cookie'] || headers['set-cookie'];\n if (!setCookie) return null;\n // Set-Cookie value is \"name=value; Path=/; ...\" — extract \"name=value\"\n const match = setCookie.match(/^([^;]+)/);\n return match ? (match[1] ?? null) : null;\n}\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const auth = getAuthProvider(mastra);\n const rbac = getRBACProvider(mastra);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = auth.getLoginUrl(oauthCallbackUri, state);\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/refresh',\n responseType: 'datastream-response',\n responseSchema: refreshResponseSchema,\n summary: 'Refresh session',\n description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (\n !auth ||\n !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n ) {\n throw new HTTPException(404, { message: 'Session refresh not configured' });\n }\n\n // Get session ID from request\n const sessionId = auth.getSessionIdFromRequest(request);\n if (!sessionId) {\n throw new HTTPException(401, { message: 'No session' });\n }\n\n // Refresh the session\n const newSession = await auth.refreshSession(sessionId);\n if (!newSession) {\n throw new HTTPException(401, { message: 'Session expired' });\n }\n\n // Build response with new session headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n const sessionHeaders = auth.getSessionHeaders(newSession);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers,\n });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error refreshing session');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n\n try {\n const auth = getAuthProvider(mastra);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// GET /auth/roles/:roleId/permissions\n// ============================================================================\n\nconst rolePermissionsPathSchema = z.object({ roleId: z.string() });\nconst rolePermissionsResponseSchema = z.object({ roleId: z.string(), permissions: z.array(z.string()) });\n\nexport const GET_ROLE_PERMISSIONS_ROUTE = createRoute({\n method: 'GET',\n path: '/auth/roles/:roleId/permissions',\n requiresAuth: true,\n responseType: 'json',\n pathParamSchema: rolePermissionsPathSchema,\n responseSchema: rolePermissionsResponseSchema,\n summary: 'Get permissions for a role',\n description:\n 'Returns the resolved permissions for a specific role. Only accessible by admin users. Used by the \"View as role\" feature.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, requestContext, roleId } = ctx as any;\n\n // Check that the caller is an admin\n const callerPermissions: string[] = requestContext?.get(MASTRA_USER_PERMISSIONS_KEY) ?? [];\n const isAdmin = callerPermissions.some((p: string) => p === '*' || p === '*:*');\n if (!isAdmin) {\n throw new HTTPException(403, { message: 'Admin access required' });\n }\n\n const rbac = getRBACProvider(mastra);\n if (!rbac?.getPermissionsForRole) {\n throw new HTTPException(404, { message: 'RBAC provider does not support role permission resolution' });\n }\n\n const permissions = await rbac.getPermissionsForRole(roleId);\n return { roleId, permissions };\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error getting role permissions');\n }\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_REFRESH_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n GET_ROLE_PERMISSIONS_ROUTE,\n] as const;\n"]}
package/dist/{chunk-PXYR3D6L.cjs → chunk-3D55EABW.cjs} RENAMED
@@ -1,11 +1,6 @@
1
1
  'use strict';
2
2
 
3
- // ../memory/dist/chunk-VKRZ3O5X.js
4
- var __defProp = Object.defineProperty;
5
- var __export = (target, all) => {
6
- for (var name in all)
7
- __defProp(target, name, { get: all[name], enumerable: true });
8
- };
3
+ // ../memory/dist/chunk-LSJJAJAF.js
9
4
  var OBSERVATIONAL_MEMORY_DEFAULTS = {
10
5
  observation: {
11
6
  model: "google/gemini-2.5-flash",
@@ -112,6 +107,5 @@ exports.OBSERVATION_CONTEXT_INSTRUCTIONS = OBSERVATION_CONTEXT_INSTRUCTIONS;
112
107
  exports.OBSERVATION_CONTEXT_PROMPT = OBSERVATION_CONTEXT_PROMPT;
113
108
  exports.OBSERVATION_CONTINUATION_HINT = OBSERVATION_CONTINUATION_HINT;
114
109
  exports.OBSERVATION_RETRIEVAL_INSTRUCTIONS = OBSERVATION_RETRIEVAL_INSTRUCTIONS;
115
- exports.__export = __export;
116
- //# sourceMappingURL=chunk-PXYR3D6L.cjs.map
117
- //# sourceMappingURL=chunk-PXYR3D6L.cjs.map
110
+ //# sourceMappingURL=chunk-3D55EABW.cjs.map
111
+ //# sourceMappingURL=chunk-3D55EABW.cjs.map
package/dist/chunk-3D55EABW.cjs.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../../memory/src/processors/observational-memory/constants.ts"],"names":[],"mappings":";;;AAGO,IAAM,6BAAA,GAAgC;EAC3C,WAAA,EAAa;IACX,KAAA,EAAO,yBAAA;IACP,aAAA,EAAe,GAAA;IACf,aAAA,EAAe;MACb,WAAA,EAAa,GAAA;MACb,eAAA,EAAiB;AAAA,KAAA;IAEnB,eAAA,EAAiB;MACf,MAAA,EAAQ;QACN,cAAA,EAAgB;UACd,cAAA,EAAgB;AAAA;AAClB;AACF,KAAA;IAEF,iBAAA,EAAmB,GAAA;;IAEnB,YAAA,EAAc,GAAA;;IACd,gBAAA,EAAkB;;AAAA,GAAA;EAEpB,UAAA,EAAY;IACV,KAAA,EAAO,yBAAA;IACP,iBAAA,EAAmB,GAAA;IACnB,aAAA,EAAe;MACb,WAAA,EAAa,CAAA;;MACb,eAAA,EAAiB;AAAA,KAAA;IAEnB,eAAA,EAAiB;MACf,MAAA,EAAQ;QACN,cAAA,EAAgB;UACd,cAAA,EAAgB;AAAA;AAClB;AACF,KAAA;;IAGF,gBAAA,EAAkB;;AAAA;AAEtB;AAOO,IAAM,6BAAA,GAAgC,CAAA;;;;;;;AAatC,IAAM,0BAAA,GAA6B,CAAA,2FAAA;AAMnC,IAAM,gCAAA,GAAmC,CAAA;;;;;;;;;AAczC,IAAM,kCAAA,GAAqC,CAAA","file":"chunk-3D55EABW.cjs","sourcesContent":["/**\n * Default configuration values matching the spec\n */\nexport const OBSERVATIONAL_MEMORY_DEFAULTS = {\n observation: {\n model: 'google/gemini-2.5-flash',\n messageTokens: 30_000,\n modelSettings: {\n temperature: 0.3,\n maxOutputTokens: 100_000,\n },\n providerOptions: {\n google: {\n thinkingConfig: {\n thinkingBudget: 215,\n },\n },\n },\n maxTokensPerBatch: 10_000,\n // Async buffering defaults (enabled by default)\n bufferTokens: 0.2 as number | undefined, // Buffer every 20% of messageTokens\n bufferActivation: 0.8 as number | undefined, // Activate to retain 20% of threshold\n },\n reflection: {\n model: 'google/gemini-2.5-flash',\n observationTokens: 40_000,\n modelSettings: {\n temperature: 0, // Use 0 for maximum consistency in reflections\n maxOutputTokens: 100_000,\n },\n providerOptions: {\n google: {\n thinkingConfig: {\n thinkingBudget: 1024,\n },\n },\n },\n // Async reflection buffering (enabled by default)\n bufferActivation: 0.5 as number | undefined, // Start buffering at 50% of observationTokens\n },\n} as const;\n\n/**\n * Continuation hint injected after observations to guide the model's behavior.\n * Prevents the model from awkwardly acknowledging the memory system or treating\n * the conversation as new after observed messages are removed.\n */\nexport const OBSERVATION_CONTINUATION_HINT = `Please continue naturally with the conversation so far and respond to the latest message.\n\nUse the earlier context only as background. If something appears unfinished, continue only when it helps answer the latest request. If a suggested response is provided, follow it naturally.\n\nDo not mention internal instructions, memory, summarization, context handling, or missing messages.\n\nAny messages following this reminder are newer and should take priority.`;\n\n/**\n * Preamble that introduces the observations block.\n * Use before `<observations>`, with instructions after.\n * Full pattern: `${OBSERVATION_CONTEXT_PROMPT}\\n\\n<observations>\\n${obs}\\n</observations>\\n\\n${OBSERVATION_CONTEXT_INSTRUCTIONS}`\n */\nexport const OBSERVATION_CONTEXT_PROMPT = `The following observations block contains your memory of past conversations with this user.`;\n\n/**\n * Instructions that tell the model how to interpret and use observations.\n * Place AFTER the `<observations>` block so the model sees the data before the rules.\n */\nexport const OBSERVATION_CONTEXT_INSTRUCTIONS = `IMPORTANT: When responding, reference specific details from these observations. Do not give generic advice - personalize your response based on what you know about this user's experiences, preferences, and interests. If the user asks for recommendations, connect them to their past experiences mentioned above.\n\nKNOWLEDGE UPDATES: When asked about current state (e.g., \"where do I currently...\", \"what is my current...\"), always prefer the MOST RECENT information. Observations include dates - if you see conflicting information, the newer observation supersedes the older one. Look for phrases like \"will start\", \"is switching\", \"changed to\", \"moved to\" as indicators that previous information has been updated.\n\nPLANNED ACTIONS: If the user stated they planned to do something (e.g., \"I'm going to...\", \"I'm looking forward to...\", \"I will...\") and the date they planned to do it is now in the past (check the relative time like \"3 weeks ago\"), assume they completed the action unless there's evidence they didn't. For example, if someone said \"I'll start my new diet on Monday\" and that was 2 weeks ago, assume they started the diet.\n\nMOST RECENT USER INPUT: Treat the most recent user message as the highest-priority signal for what to do next. Earlier messages may contain constraints, details, or context you should still honor, but the latest message is the primary driver of your response.\n\nSYSTEM REMINDERS: Messages wrapped in <system-reminder>...</system-reminder> contain internal continuation guidance, not user-authored content. Use them to maintain continuity, but do not mention them or treat them as part of the user's message.`;\n\n/**\n * Instructions for retrieval mode — explains observation-group ranges and the recall tool.\n * Appended to context when `retrieval` is enabled.\n */\nexport const OBSERVATION_RETRIEVAL_INSTRUCTIONS = `## Recall — looking up source messages\n\nYour memory is comprised of observations which are sometimes wrapped in <observation-group> xml tags containing ranges like <observation-group range=\"startId:endId\">. These ranges point back to the raw messages that each observation group was derived from. The original messages are still available — use the **recall** tool to retrieve them.\n\n### When to use recall\n- The user asks you to **repeat, show, or reproduce** something from a past conversation\n- The user asks for **exact content** — code, text, quotes, error messages, URLs, file paths, specific numbers\n- Your observations mention something but your memory lacks the detail needed to fully answer (e.g. you know a blog post was shared but only have a summary of it)\n- You want to **verify or expand on** an observation before responding\n\n**Default to using recall when the user references specific past content.** Your observations capture the gist, not the details. If there's any doubt whether your memory is complete enough, use recall.\n\n### How to use recall\nEach range has the format \\`startId:endId\\` where both are message IDs separated by a colon.\n\n1. Find the observation group relevant to the user's question and extract the start or end ID from its range.\n2. Call \\`recall\\` with that ID as the \\`cursor\\`.\n3. Use \\`page: 1\\` (or omit) to read forward from the cursor, \\`page: -1\\` to read backward.\n4. If the first page doesn't have what you need, increment the page number to keep paginating.\n5. Check \\`hasNextPage\\`/\\`hasPrevPage\\` in the result to know if more pages exist in each direction.\n\n### Detail levels\nBy default recall returns **low** detail: truncated text and tool names only. Each message shows its ID and each part has a positional index like \\`[p0]\\`, \\`[p1]\\`, etc.\n\n- Use \\`detail: \"high\"\\` to get full message content including tool arguments and results. This will only return the high detail version of a single message part at a time.\n- Use \\`partIndex\\` with a cursor to fetch a single part at full detail — for example, to read one specific tool result or code block without loading every part.\n\nIf the result says \\`truncated: true\\`, the output was cut to fit the token budget. You can paginate or use \\`partIndex\\` to target specific content.\n\n### Following up on truncated parts\nLow-detail results may include truncation hints like:\n\\`[truncated — call recall cursor=\"...\" partIndex=N detail=\"high\" for full content]\\`\n\n**When you see these hints and need the full content, make the exact call described in the hint.** This is the normal workflow: first recall at low detail to scan, then drill into specific parts at high detail. Do not stop at the low-detail result if the user asked for exact content.\n\n### When recall is NOT needed\n- The user is asking for a high-level summary and your observations already cover it\n- The question is about general preferences or facts that don't require source text\n- There is no relevant range in your observations for the topic\n\nObservation groups with range IDs and your recall tool allows you to think back and remember details you're fuzzy on.`;\n"]}
package/dist/{chunk-WXJSYUBX.cjs → chunk-3KXE2KXE.cjs} RENAMED
@@ -1,7 +1,7 @@
1
1
  'use strict';
2
2
 
3
3
  var chunkGFP7IMFR_cjs = require('./chunk-GFP7IMFR.cjs');
4
- var chunkT2FBYRYD_cjs = require('./chunk-T2FBYRYD.cjs');
4
+ var chunkET7KSUVJ_cjs = require('./chunk-ET7KSUVJ.cjs');
5
5
  var v4 = require('zod/v4');
6
6
 
7
7
  var listScorerVersionsQuerySchema = chunkGFP7IMFR_cjs.listVersionsQuerySchema;
@@ -40,7 +40,7 @@ var scorerVersionSchema = v4.z.object({
40
40
  name: v4.z.string().describe("Name of the scorer"),
41
41
  description: v4.z.string().optional().describe("Description of the scorer"),
42
42
  type: scorerTypeEnum,
43
- model: chunkT2FBYRYD_cjs.modelConfigSchema.optional(),
43
+ model: chunkET7KSUVJ_cjs.modelConfigSchema.optional(),
44
44
  instructions: v4.z.string().optional(),
45
45
  scoreRange: v4.z.object({
46
46
  min: v4.z.number().optional(),
@@ -81,5 +81,5 @@ exports.restoreScorerVersionResponseSchema = restoreScorerVersionResponseSchema;
81
81
  exports.scorerVersionIdPathParams = scorerVersionIdPathParams;
82
82
  exports.scorerVersionPathParams = scorerVersionPathParams;
83
83
  exports.scorerVersionSchema = scorerVersionSchema;
84
- //# sourceMappingURL=chunk-WXJSYUBX.cjs.map
85
- //# sourceMappingURL=chunk-WXJSYUBX.cjs.map
84
+ //# sourceMappingURL=chunk-3KXE2KXE.cjs.map
85
+ //# sourceMappingURL=chunk-3KXE2KXE.cjs.map
package/dist/{chunk-WXJSYUBX.cjs.map → chunk-3KXE2KXE.cjs.map} RENAMED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/server/schemas/scorer-versions.ts"],"names":["listVersionsQuerySchema","compareVersionsQuerySchema","createVersionBodySchema","z","modelConfigSchema","createListVersionsResponseSchema","activateVersionResponseSchema","deleteVersionResponseSchema","createCompareVersionsResponseSchema"],"mappings":";;;;;;AAcO,IAAM,6BAAA,GAAgCA;AACtC,IAAM,gCAAA,GAAmCC;AACzC,IAAM,6BAAA,GAAgCC;AAMtC,IAAM,uBAAA,GAA0BC,KAAE,MAAA,CAAO;AAAA,EAC9C,QAAA,EAAUA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,oDAAoD;AACpF,CAAC;AAEM,IAAM,yBAAA,GAA4BA,KAAE,MAAA,CAAO;AAAA,EAChD,QAAA,EAAUA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,oDAAoD,CAAA;AAAA,EAClF,SAAA,EAAWA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C;AAC3E,CAAC;AAMD,IAAM,oBAAA,GAAuBA,KAAE,KAAA,CAAM;AAAA,EACnCA,IAAA,CAAE,OAAO,EAAE,IAAA,EAAMA,KAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAAA,EACpCA,KAAE,MAAA,CAAO,EAAE,MAAMA,IAAA,CAAE,OAAA,CAAQ,OAAO,CAAA,EAAG,IAAA,EAAMA,IAAA,CAAE,MAAA,GAAS,GAAA,CAAI,CAAC,EAAE,GAAA,CAAI,CAAC,GAAG;AACvE,CAAC,CAAA;AAED,IAAM,cAAA,GAAiBA,KAAE,IAAA,CAAK;AAAA,EAC5B,WAAA;AAAA,EACA,kBAAA;AAAA,EACA,mBAAA;AAAA,EACA,MAAA;AAAA,EACA,mBAAA;AAAA,EACA,mBAAA;AAAA,EACA,cAAA;AAAA,EACA,eAAA;AAAA,EACA,mBAAA;AAAA,EACA,kBAAA;AAAA,EACA,oBAAA;AAAA,EACA;AACF,CAAC,CAAA;AAEM,IAAM,mBAAA,GAAsBA,KAAE,MAAA,CAAO;AAAA,EAC1C,EAAA,EAAIA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C,CAAA;AAAA,EAClE,kBAAA,EAAoBA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C,CAAA;AAAA,EAClF,aAAA,EAAeA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C,CAAA;AAAA;AAAA,EAE7E,IAAA,EAAMA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,oBAAoB,CAAA;AAAA,EAC9C,aAAaA,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,2BAA2B,CAAA;AAAA,EACvE,IAAA,EAAM,cAAA;AAAA,EACN,KAAA,EAAOC,oCAAkB,QAAA,EAAS;AAAA,EAClC,YAAA,EAAcD,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,UAAA,EAAYA,KACT,MAAA,CAAO;AAAA,IACN,GAAA,EAAKA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IACzB,GAAA,EAAKA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,GAC1B,EACA,QAAA,EAAS;AAAA,EACZ,YAAA,EAAcA,IAAA,CAAE,MAAA,CAAOA,IAAA,CAAE,MAAA,IAAUA,IAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACzD,eAAA,EAAiB,qBAAqB,QAAA,EAAS;AAAA;AAAA,EAE/C,aAAA,EAAeA,IAAA,CAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,6DAA6D,CAAA;AAAA,EACpH,eAAeA,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,yCAAyC,CAAA;AAAA,EACvF,WAAWA,IAAA,CAAE,MAAA,CAAO,IAAA,EAAK,CAAE,SAAS,+BAA+B;AACrE,CAAC;AAEM,IAAM,gCAAA,GAAmCE,mDAAiC,mBAAmB;AAE7F,IAAM,8BAAA,GAAiC;AAEvC,IAAM,iCAAA,GAAoC,mBAAA,CAAoB,OAAA,EAAQ,CAAE,KAAA;AAAA,EAC7EF,KAAE,MAAA,CAAO;AAAA,IACP,EAAA,EAAIA,KAAE,MAAA,EAAO;AAAA,IACb,kBAAA,EAAoBA,KAAE,MAAA,EAAO;AAAA,IAC7B,aAAA,EAAeA,KAAE,MAAA,EAAO;AAAA,IACxB,SAAA,EAAWA,IAAA,CAAE,MAAA,CAAO,IAAA;AAAK,GAC1B;AACH;AAEO,IAAM,mCAAA,GAAsCG;AAE5C,IAAM,kCAAA,GAAqC;AAE3C,IAAM,iCAAA,GAAoCC;AAE1C,IAAM,mCAAA,GAAsCC,sDAAoC,mBAAmB","file":"chunk-WXJSYUBX.cjs","sourcesContent":["import { z } from 'zod/v4';\nimport { modelConfigSchema } from './stored-agents';\nimport {\n listVersionsQuerySchema,\n compareVersionsQuerySchema,\n createVersionBodySchema,\n activateVersionResponseSchema,\n deleteVersionResponseSchema,\n versionDiffEntrySchema,\n createListVersionsResponseSchema,\n createCompareVersionsResponseSchema,\n} from './version-common';\n\n// Re-export shared schemas under domain-specific names\nexport const listScorerVersionsQuerySchema = listVersionsQuerySchema;\nexport const compareScorerVersionsQuerySchema = compareVersionsQuerySchema;\nexport const createScorerVersionBodySchema = createVersionBodySchema;\n\n// ============================================================================\n// Path Parameter Schemas\n// ============================================================================\n\nexport const scorerVersionPathParams = z.object({\n scorerId: z.string().describe('Unique identifier for the stored scorer definition'),\n});\n\nexport const scorerVersionIdPathParams = z.object({\n scorerId: z.string().describe('Unique identifier for the stored scorer definition'),\n versionId: z.string().describe('Unique identifier for the version (UUID)'),\n});\n\n// ============================================================================\n// Response Schemas\n// ============================================================================\n\nconst samplingConfigSchema = z.union([\n z.object({ type: z.literal('none') }),\n z.object({ type: z.literal('ratio'), rate: z.number().min(0).max(1) }),\n]);\n\nconst scorerTypeEnum = z.enum([\n 'llm-judge',\n 'answer-relevancy',\n 'answer-similarity',\n 'bias',\n 'context-precision',\n 'context-relevance',\n 'faithfulness',\n 'hallucination',\n 'noise-sensitivity',\n 'prompt-alignment',\n 'tool-call-accuracy',\n 'toxicity',\n]);\n\nexport const scorerVersionSchema = z.object({\n id: z.string().describe('Unique identifier for the version (UUID)'),\n scorerDefinitionId: z.string().describe('ID of the scorer this version belongs to'),\n versionNumber: z.number().describe('Sequential version number (1, 2, 3, ...)'),\n // Snapshot config fields\n name: z.string().describe('Name of the scorer'),\n description: z.string().optional().describe('Description of the scorer'),\n type: scorerTypeEnum,\n model: modelConfigSchema.optional(),\n instructions: z.string().optional(),\n scoreRange: z\n .object({\n min: z.number().optional(),\n max: z.number().optional(),\n })\n .optional(),\n presetConfig: z.record(z.string(), z.unknown()).optional(),\n defaultSampling: samplingConfigSchema.optional(),\n // Version metadata\n changedFields: z.array(z.string()).optional().describe('Array of field names that changed from the previous version'),\n changeMessage: z.string().optional().describe('Optional message describing the changes'),\n createdAt: z.coerce.date().describe('When this version was created'),\n});\n\nexport const listScorerVersionsResponseSchema = createListVersionsResponseSchema(scorerVersionSchema);\n\nexport const getScorerVersionResponseSchema = scorerVersionSchema;\n\nexport const createScorerVersionResponseSchema = scorerVersionSchema.partial().merge(\n z.object({\n id: z.string(),\n scorerDefinitionId: z.string(),\n versionNumber: z.number(),\n createdAt: z.coerce.date(),\n }),\n);\n\nexport const activateScorerVersionResponseSchema = activateVersionResponseSchema;\n\nexport const restoreScorerVersionResponseSchema = scorerVersionSchema;\n\nexport const deleteScorerVersionResponseSchema = deleteVersionResponseSchema;\n\nexport const compareScorerVersionsResponseSchema = createCompareVersionsResponseSchema(scorerVersionSchema);\n\nexport { versionDiffEntrySchema };\n"]}
1
+ {"version":3,"sources":["../src/server/schemas/scorer-versions.ts"],"names":["listVersionsQuerySchema","compareVersionsQuerySchema","createVersionBodySchema","z","modelConfigSchema","createListVersionsResponseSchema","activateVersionResponseSchema","deleteVersionResponseSchema","createCompareVersionsResponseSchema"],"mappings":";;;;;;AAcO,IAAM,6BAAA,GAAgCA;AACtC,IAAM,gCAAA,GAAmCC;AACzC,IAAM,6BAAA,GAAgCC;AAMtC,IAAM,uBAAA,GAA0BC,KAAE,MAAA,CAAO;AAAA,EAC9C,QAAA,EAAUA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,oDAAoD;AACpF,CAAC;AAEM,IAAM,yBAAA,GAA4BA,KAAE,MAAA,CAAO;AAAA,EAChD,QAAA,EAAUA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,oDAAoD,CAAA;AAAA,EAClF,SAAA,EAAWA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C;AAC3E,CAAC;AAMD,IAAM,oBAAA,GAAuBA,KAAE,KAAA,CAAM;AAAA,EACnCA,IAAA,CAAE,OAAO,EAAE,IAAA,EAAMA,KAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAAA,EACpCA,KAAE,MAAA,CAAO,EAAE,MAAMA,IAAA,CAAE,OAAA,CAAQ,OAAO,CAAA,EAAG,IAAA,EAAMA,IAAA,CAAE,MAAA,GAAS,GAAA,CAAI,CAAC,EAAE,GAAA,CAAI,CAAC,GAAG;AACvE,CAAC,CAAA;AAED,IAAM,cAAA,GAAiBA,KAAE,IAAA,CAAK;AAAA,EAC5B,WAAA;AAAA,EACA,kBAAA;AAAA,EACA,mBAAA;AAAA,EACA,MAAA;AAAA,EACA,mBAAA;AAAA,EACA,mBAAA;AAAA,EACA,cAAA;AAAA,EACA,eAAA;AAAA,EACA,mBAAA;AAAA,EACA,kBAAA;AAAA,EACA,oBAAA;AAAA,EACA;AACF,CAAC,CAAA;AAEM,IAAM,mBAAA,GAAsBA,KAAE,MAAA,CAAO;AAAA,EAC1C,EAAA,EAAIA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C,CAAA;AAAA,EAClE,kBAAA,EAAoBA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C,CAAA;AAAA,EAClF,aAAA,EAAeA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,0CAA0C,CAAA;AAAA;AAAA,EAE7E,IAAA,EAAMA,IAAA,CAAE,MAAA,EAAO,CAAE,SAAS,oBAAoB,CAAA;AAAA,EAC9C,aAAaA,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,2BAA2B,CAAA;AAAA,EACvE,IAAA,EAAM,cAAA;AAAA,EACN,KAAA,EAAOC,oCAAkB,QAAA,EAAS;AAAA,EAClC,YAAA,EAAcD,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,EAClC,UAAA,EAAYA,KACT,MAAA,CAAO;AAAA,IACN,GAAA,EAAKA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA,EAAS;AAAA,IACzB,GAAA,EAAKA,IAAA,CAAE,MAAA,EAAO,CAAE,QAAA;AAAS,GAC1B,EACA,QAAA,EAAS;AAAA,EACZ,YAAA,EAAcA,IAAA,CAAE,MAAA,CAAOA,IAAA,CAAE,MAAA,IAAUA,IAAA,CAAE,OAAA,EAAS,CAAA,CAAE,QAAA,EAAS;AAAA,EACzD,eAAA,EAAiB,qBAAqB,QAAA,EAAS;AAAA;AAAA,EAE/C,aAAA,EAAeA,IAAA,CAAE,KAAA,CAAMA,IAAA,CAAE,MAAA,EAAQ,CAAA,CAAE,QAAA,EAAS,CAAE,QAAA,CAAS,6DAA6D,CAAA;AAAA,EACpH,eAAeA,IAAA,CAAE,MAAA,GAAS,QAAA,EAAS,CAAE,SAAS,yCAAyC,CAAA;AAAA,EACvF,WAAWA,IAAA,CAAE,MAAA,CAAO,IAAA,EAAK,CAAE,SAAS,+BAA+B;AACrE,CAAC;AAEM,IAAM,gCAAA,GAAmCE,mDAAiC,mBAAmB;AAE7F,IAAM,8BAAA,GAAiC;AAEvC,IAAM,iCAAA,GAAoC,mBAAA,CAAoB,OAAA,EAAQ,CAAE,KAAA;AAAA,EAC7EF,KAAE,MAAA,CAAO;AAAA,IACP,EAAA,EAAIA,KAAE,MAAA,EAAO;AAAA,IACb,kBAAA,EAAoBA,KAAE,MAAA,EAAO;AAAA,IAC7B,aAAA,EAAeA,KAAE,MAAA,EAAO;AAAA,IACxB,SAAA,EAAWA,IAAA,CAAE,MAAA,CAAO,IAAA;AAAK,GAC1B;AACH;AAEO,IAAM,mCAAA,GAAsCG;AAE5C,IAAM,kCAAA,GAAqC;AAE3C,IAAM,iCAAA,GAAoCC;AAE1C,IAAM,mCAAA,GAAsCC,sDAAoC,mBAAmB","file":"chunk-3KXE2KXE.cjs","sourcesContent":["import { z } from 'zod/v4';\nimport { modelConfigSchema } from './stored-agents';\nimport {\n listVersionsQuerySchema,\n compareVersionsQuerySchema,\n createVersionBodySchema,\n activateVersionResponseSchema,\n deleteVersionResponseSchema,\n versionDiffEntrySchema,\n createListVersionsResponseSchema,\n createCompareVersionsResponseSchema,\n} from './version-common';\n\n// Re-export shared schemas under domain-specific names\nexport const listScorerVersionsQuerySchema = listVersionsQuerySchema;\nexport const compareScorerVersionsQuerySchema = compareVersionsQuerySchema;\nexport const createScorerVersionBodySchema = createVersionBodySchema;\n\n// ============================================================================\n// Path Parameter Schemas\n// ============================================================================\n\nexport const scorerVersionPathParams = z.object({\n scorerId: z.string().describe('Unique identifier for the stored scorer definition'),\n});\n\nexport const scorerVersionIdPathParams = z.object({\n scorerId: z.string().describe('Unique identifier for the stored scorer definition'),\n versionId: z.string().describe('Unique identifier for the version (UUID)'),\n});\n\n// ============================================================================\n// Response Schemas\n// ============================================================================\n\nconst samplingConfigSchema = z.union([\n z.object({ type: z.literal('none') }),\n z.object({ type: z.literal('ratio'), rate: z.number().min(0).max(1) }),\n]);\n\nconst scorerTypeEnum = z.enum([\n 'llm-judge',\n 'answer-relevancy',\n 'answer-similarity',\n 'bias',\n 'context-precision',\n 'context-relevance',\n 'faithfulness',\n 'hallucination',\n 'noise-sensitivity',\n 'prompt-alignment',\n 'tool-call-accuracy',\n 'toxicity',\n]);\n\nexport const scorerVersionSchema = z.object({\n id: z.string().describe('Unique identifier for the version (UUID)'),\n scorerDefinitionId: z.string().describe('ID of the scorer this version belongs to'),\n versionNumber: z.number().describe('Sequential version number (1, 2, 3, ...)'),\n // Snapshot config fields\n name: z.string().describe('Name of the scorer'),\n description: z.string().optional().describe('Description of the scorer'),\n type: scorerTypeEnum,\n model: modelConfigSchema.optional(),\n instructions: z.string().optional(),\n scoreRange: z\n .object({\n min: z.number().optional(),\n max: z.number().optional(),\n })\n .optional(),\n presetConfig: z.record(z.string(), z.unknown()).optional(),\n defaultSampling: samplingConfigSchema.optional(),\n // Version metadata\n changedFields: z.array(z.string()).optional().describe('Array of field names that changed from the previous version'),\n changeMessage: z.string().optional().describe('Optional message describing the changes'),\n createdAt: z.coerce.date().describe('When this version was created'),\n});\n\nexport const listScorerVersionsResponseSchema = createListVersionsResponseSchema(scorerVersionSchema);\n\nexport const getScorerVersionResponseSchema = scorerVersionSchema;\n\nexport const createScorerVersionResponseSchema = scorerVersionSchema.partial().merge(\n z.object({\n id: z.string(),\n scorerDefinitionId: z.string(),\n versionNumber: z.number(),\n createdAt: z.coerce.date(),\n }),\n);\n\nexport const activateScorerVersionResponseSchema = activateVersionResponseSchema;\n\nexport const restoreScorerVersionResponseSchema = scorerVersionSchema;\n\nexport const deleteScorerVersionResponseSchema = deleteVersionResponseSchema;\n\nexport const compareScorerVersionsResponseSchema = createCompareVersionsResponseSchema(scorerVersionSchema);\n\nexport { versionDiffEntrySchema };\n"]}
package/dist/{chunk-APV6QKRZ.cjs → chunk-4W7KQRF5.cjs} RENAMED
@@ -1,6 +1,6 @@
1
1
  'use strict';
2
2
 
3
- var chunkPXYR3D6L_cjs = require('./chunk-PXYR3D6L.cjs');
3
+ var chunk3D55EABW_cjs = require('./chunk-3D55EABW.cjs');
4
4
  var features = require('@mastra/core/features');
5
5
  var llm = require('@mastra/core/llm');
6
6
  var memory = require('@mastra/core/memory');
@@ -1042,7 +1042,7 @@ function imageSize(input) {
1042
1042
  throw new TypeError(`unsupported file type: ${type}`);
1043
1043
  }
1044
1044
 
1045
- // ../memory/dist/chunk-KMJQDCCZ.js
1045
+ // ../memory/dist/chunk-SXFOZU7K.js
1046
1046
  var MINUTE = 6e4;
1047
1047
  var HOUR = 60 * MINUTE;
1048
1048
  var SHORT_TTL = 5 * MINUTE;
@@ -2838,7 +2838,7 @@ var ResourceScopedObservationStrategy = class extends ObservationStrategy {
2838
2838
  }
2839
2839
  }
2840
2840
  async observe(_existingObservations, _messages) {
2841
- const maxTokensPerBatch = this.observationConfig.maxTokensPerBatch ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.maxTokensPerBatch;
2841
+ const maxTokensPerBatch = this.observationConfig.maxTokensPerBatch ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.maxTokensPerBatch;
2842
2842
  const orderedThreadIds = this.threadOrder.filter((tid) => this.threadsWithMessages.has(tid));
2843
2843
  const batches = [];
2844
2844
  let currentBatch = {
@@ -8247,16 +8247,16 @@ var ObservationalMemory = class _ObservationalMemory {
8247
8247
  this.onIndexObservations = config.onIndexObservations;
8248
8248
  this.mastra = config.mastra;
8249
8249
  const resolveModel = (model, defaultModel) => model === "default" ? defaultModel : model;
8250
- const observationModel = resolveModel(config.model, chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.model) ?? resolveModel(config.observation?.model, chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.model) ?? resolveModel(config.reflection?.model, chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.model) ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.model;
8251
- const reflectionModel = resolveModel(config.model, chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.model) ?? resolveModel(config.reflection?.model, chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.model) ?? resolveModel(config.observation?.model, chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.model) ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.model;
8252
- const messageTokens = config.observation?.messageTokens ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.messageTokens;
8253
- const observationTokens = config.reflection?.observationTokens ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.observationTokens;
8250
+ const observationModel = resolveModel(config.model, chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.model) ?? resolveModel(config.observation?.model, chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.model) ?? resolveModel(config.reflection?.model, chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.model) ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.model;
8251
+ const reflectionModel = resolveModel(config.model, chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.model) ?? resolveModel(config.reflection?.model, chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.model) ?? resolveModel(config.observation?.model, chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.model) ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.model;
8252
+ const messageTokens = config.observation?.messageTokens ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.messageTokens;
8253
+ const observationTokens = config.reflection?.observationTokens ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.observationTokens;
8254
8254
  const isSharedBudget = config.shareTokenBudget ?? false;
8255
8255
  const isDefaultModelSelection = (model) => model === void 0 || model === "default" || model instanceof ModelByInputTokens;
8256
8256
  const observationSelectedModel = config.model ?? config.observation?.model ?? config.reflection?.model;
8257
8257
  const reflectionSelectedModel = config.model ?? config.reflection?.model ?? config.observation?.model;
8258
- const observationDefaultMaxOutputTokens = config.observation?.modelSettings?.maxOutputTokens ?? (isDefaultModelSelection(observationSelectedModel) ? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.modelSettings.maxOutputTokens : void 0);
8259
- const reflectionDefaultMaxOutputTokens = config.reflection?.modelSettings?.maxOutputTokens ?? (isDefaultModelSelection(reflectionSelectedModel) ? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.modelSettings.maxOutputTokens : void 0);
8258
+ const observationDefaultMaxOutputTokens = config.observation?.modelSettings?.maxOutputTokens ?? (isDefaultModelSelection(observationSelectedModel) ? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.modelSettings.maxOutputTokens : void 0);
8259
+ const reflectionDefaultMaxOutputTokens = config.reflection?.modelSettings?.maxOutputTokens ?? (isDefaultModelSelection(reflectionSelectedModel) ? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.modelSettings.maxOutputTokens : void 0);
8260
8260
  const totalBudget = messageTokens + observationTokens;
8261
8261
  const userExplicitlyConfiguredAsync = config.observation?.bufferTokens !== void 0 || config.observation?.bufferActivation !== void 0 || config.reflection?.bufferActivation !== void 0;
8262
8262
  const asyncBufferingDisabled = config.observation?.bufferTokens === false || config.scope === "resource" && !userExplicitlyConfiguredAsync;
@@ -8289,22 +8289,22 @@ Async buffering is enabled by default \u2014 this opt-out is only needed when us
8289
8289
  messageTokens: isSharedBudget ? { min: messageTokens, max: totalBudget } : messageTokens,
8290
8290
  shareTokenBudget: isSharedBudget,
8291
8291
  modelSettings: {
8292
- temperature: config.observation?.modelSettings?.temperature ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.modelSettings.temperature,
8292
+ temperature: config.observation?.modelSettings?.temperature ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.modelSettings.temperature,
8293
8293
  ...observationDefaultMaxOutputTokens !== void 0 ? { maxOutputTokens: observationDefaultMaxOutputTokens } : {}
8294
8294
  },
8295
- providerOptions: config.observation?.providerOptions ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.providerOptions,
8296
- maxTokensPerBatch: config.observation?.maxTokensPerBatch ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.maxTokensPerBatch,
8295
+ providerOptions: config.observation?.providerOptions ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.providerOptions,
8296
+ maxTokensPerBatch: config.observation?.maxTokensPerBatch ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.maxTokensPerBatch,
8297
8297
  bufferTokens: asyncBufferingDisabled ? void 0 : resolveBufferTokens(
8298
- config.observation?.bufferTokens ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.bufferTokens,
8299
- config.observation?.messageTokens ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.messageTokens
8298
+ config.observation?.bufferTokens ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.bufferTokens,
8299
+ config.observation?.messageTokens ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.messageTokens
8300
8300
  ),
8301
8301
  bufferOnIdle: config.observation?.bufferOnIdle ?? false,
8302
- bufferActivation: asyncBufferingDisabled ? void 0 : config.observation?.bufferActivation ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.bufferActivation,
8302
+ bufferActivation: asyncBufferingDisabled ? void 0 : config.observation?.bufferActivation ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.bufferActivation,
8303
8303
  activateAfterIdle: parseActivationTTL(observationActivateAfterIdle, observationActivateAfterIdlePath),
8304
8304
  activateOnProviderChange: config.observation?.activateOnProviderChange ?? config.activateOnProviderChange ?? false,
8305
8305
  blockAfter: asyncBufferingDisabled ? void 0 : resolveBlockAfter(
8306
- config.observation?.blockAfter ?? (config.observation?.bufferTokens ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.bufferTokens ? 1.2 : void 0),
8307
- config.observation?.messageTokens ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.messageTokens
8306
+ config.observation?.blockAfter ?? (config.observation?.bufferTokens ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.bufferTokens ? 1.2 : void 0),
8307
+ config.observation?.messageTokens ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.observation.messageTokens
8308
8308
  ),
8309
8309
  previousObserverTokens: config.observation?.previousObserverTokens ?? 2e3,
8310
8310
  instruction: config.observation?.instruction,
@@ -8316,16 +8316,16 @@ Async buffering is enabled by default \u2014 this opt-out is only needed when us
8316
8316
  observationTokens,
8317
8317
  shareTokenBudget: isSharedBudget,
8318
8318
  modelSettings: {
8319
- temperature: config.reflection?.modelSettings?.temperature ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.modelSettings.temperature,
8319
+ temperature: config.reflection?.modelSettings?.temperature ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.modelSettings.temperature,
8320
8320
  ...reflectionDefaultMaxOutputTokens !== void 0 ? { maxOutputTokens: reflectionDefaultMaxOutputTokens } : {}
8321
8321
  },
8322
- providerOptions: config.reflection?.providerOptions ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.providerOptions,
8323
- bufferActivation: asyncBufferingDisabled ? void 0 : config?.reflection?.bufferActivation ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.bufferActivation,
8322
+ providerOptions: config.reflection?.providerOptions ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.providerOptions,
8323
+ bufferActivation: asyncBufferingDisabled ? void 0 : config?.reflection?.bufferActivation ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.bufferActivation,
8324
8324
  activateAfterIdle: parseActivationTTL(config.reflection?.activateAfterIdle, "reflection.activateAfterIdle"),
8325
8325
  activateOnProviderChange: config.reflection?.activateOnProviderChange ?? false,
8326
8326
  blockAfter: asyncBufferingDisabled ? void 0 : resolveBlockAfter(
8327
- config.reflection?.blockAfter ?? (config.reflection?.bufferActivation ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.bufferActivation ? 1.2 : void 0),
8328
- config.reflection?.observationTokens ?? chunkPXYR3D6L_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.observationTokens
8327
+ config.reflection?.blockAfter ?? (config.reflection?.bufferActivation ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.bufferActivation ? 1.2 : void 0),
8328
+ config.reflection?.observationTokens ?? chunk3D55EABW_cjs.OBSERVATIONAL_MEMORY_DEFAULTS.reflection.observationTokens
8329
8329
  ),
8330
8330
  instruction: config.reflection?.instruction
8331
8331
  };
@@ -9089,11 +9089,11 @@ ${unreflectedContent}` : bufferedReflection;
9089
9089
  optimized = addRelativeTimeToObservations(optimized, currentDate);
9090
9090
  }
9091
9091
  const messages = [
9092
- `${chunkPXYR3D6L_cjs.OBSERVATION_CONTEXT_PROMPT}
9092
+ `${chunk3D55EABW_cjs.OBSERVATION_CONTEXT_PROMPT}
9093
9093
 
9094
- ${chunkPXYR3D6L_cjs.OBSERVATION_CONTEXT_INSTRUCTIONS}${retrieval ? `
9094
+ ${chunk3D55EABW_cjs.OBSERVATION_CONTEXT_INSTRUCTIONS}${retrieval ? `
9095
9095
 
9096
- ${chunkPXYR3D6L_cjs.OBSERVATION_RETRIEVAL_INSTRUCTIONS}` : ""}`
9096
+ ${chunk3D55EABW_cjs.OBSERVATION_RETRIEVAL_INSTRUCTIONS}` : ""}`
9097
9097
  ];
9098
9098
  if (unobservedContextBlocks) {
9099
9099
  messages.push(
@@ -10721,7 +10721,7 @@ function injectObservationContextMessages({
10721
10721
  createdAt: /* @__PURE__ */ new Date(0),
10722
10722
  content: {
10723
10723
  format: 2,
10724
- parts: [{ type: "text", text: `<system-reminder>${chunkPXYR3D6L_cjs.OBSERVATION_CONTINUATION_HINT}</system-reminder>` }]
10724
+ parts: [{ type: "text", text: `<system-reminder>${chunk3D55EABW_cjs.OBSERVATION_CONTINUATION_HINT}</system-reminder>` }]
10725
10725
  },
10726
10726
  threadId,
10727
10727
  resourceId
@@ -10989,5 +10989,5 @@ exports.stripEphemeralAnchorIds = stripEphemeralAnchorIds;
10989
10989
  exports.stripObservationGroups = stripObservationGroups;
10990
10990
  exports.truncateStringByTokens = truncateStringByTokens;
10991
10991
  exports.wrapInObservationGroup = wrapInObservationGroup;
10992
- //# sourceMappingURL=chunk-APV6QKRZ.cjs.map
10993
- //# sourceMappingURL=chunk-APV6QKRZ.cjs.map
10992
+ //# sourceMappingURL=chunk-4W7KQRF5.cjs.map
10993
+ //# sourceMappingURL=chunk-4W7KQRF5.cjs.map