@mastra/server 1.46.0-alpha.2 → 1.46.0-alpha.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (187) hide show
  1. package/CHANGELOG.md +26 -0
  2. package/dist/{api-schema-manifest-3MIPI77N.js → api-schema-manifest-24KFXICH.js} +3 -3
  3. package/dist/{api-schema-manifest-3MIPI77N.js.map → api-schema-manifest-24KFXICH.js.map} +1 -1
  4. package/dist/{api-schema-manifest-LFSM6XAL.cjs → api-schema-manifest-C5OU3K53.cjs} +4 -4
  5. package/dist/{api-schema-manifest-LFSM6XAL.cjs.map → api-schema-manifest-C5OU3K53.cjs.map} +1 -1
  6. package/dist/{chunk-NEPOKWAA.js → chunk-26FMCYZK.js} +4 -4
  7. package/dist/{chunk-NEPOKWAA.js.map → chunk-26FMCYZK.js.map} +1 -1
  8. package/dist/{chunk-K3FM6RLZ.cjs → chunk-2YCWZHBH.cjs} +7 -7
  9. package/dist/{chunk-K3FM6RLZ.cjs.map → chunk-2YCWZHBH.cjs.map} +1 -1
  10. package/dist/{chunk-BB6RVOJY.js → chunk-3D4XT5RX.js} +3 -3
  11. package/dist/{chunk-BB6RVOJY.js.map → chunk-3D4XT5RX.js.map} +1 -1
  12. package/dist/{chunk-RM4ITWAQ.cjs → chunk-3P3R4Z5I.cjs} +3 -3
  13. package/dist/{chunk-RM4ITWAQ.cjs.map → chunk-3P3R4Z5I.cjs.map} +1 -1
  14. package/dist/{chunk-OHWAEEZJ.js → chunk-3ZAH6OQU.js} +3 -3
  15. package/dist/{chunk-OHWAEEZJ.js.map → chunk-3ZAH6OQU.js.map} +1 -1
  16. package/dist/{chunk-E345K7K7.js → chunk-4GRES47M.js} +4 -4
  17. package/dist/{chunk-E345K7K7.js.map → chunk-4GRES47M.js.map} +1 -1
  18. package/dist/{chunk-UVJZRFSY.cjs → chunk-5GSQ6FIO.cjs} +256 -216
  19. package/dist/chunk-5GSQ6FIO.cjs.map +1 -0
  20. package/dist/{chunk-DEK4ZGUR.cjs → chunk-7HW3DUN5.cjs} +5 -5
  21. package/dist/{chunk-DEK4ZGUR.cjs.map → chunk-7HW3DUN5.cjs.map} +1 -1
  22. package/dist/{chunk-ZZOHO2FT.js → chunk-ABROKC5A.js} +3 -3
  23. package/dist/{chunk-ZZOHO2FT.js.map → chunk-ABROKC5A.js.map} +1 -1
  24. package/dist/{chunk-R4O5HVDI.js → chunk-AI75K5XV.js} +3 -3
  25. package/dist/{chunk-R4O5HVDI.js.map → chunk-AI75K5XV.js.map} +1 -1
  26. package/dist/{chunk-S2HKHYJ3.cjs → chunk-C3QMOBYA.cjs} +4 -4
  27. package/dist/{chunk-S2HKHYJ3.cjs.map → chunk-C3QMOBYA.cjs.map} +1 -1
  28. package/dist/{chunk-U72IZ5BP.cjs → chunk-CELYVWOU.cjs} +4 -4
  29. package/dist/{chunk-U72IZ5BP.cjs.map → chunk-CELYVWOU.cjs.map} +1 -1
  30. package/dist/{chunk-KBSTGVA4.cjs → chunk-CWPHUHVE.cjs} +3 -3
  31. package/dist/{chunk-KBSTGVA4.cjs.map → chunk-CWPHUHVE.cjs.map} +1 -1
  32. package/dist/{chunk-JY2LHUT4.cjs → chunk-DJYRYDAF.cjs} +5 -5
  33. package/dist/{chunk-JY2LHUT4.cjs.map → chunk-DJYRYDAF.cjs.map} +1 -1
  34. package/dist/{chunk-46Y4Y2RB.js → chunk-DPKG24KJ.js} +3 -3
  35. package/dist/{chunk-46Y4Y2RB.js.map → chunk-DPKG24KJ.js.map} +1 -1
  36. package/dist/{chunk-ONBABU5V.cjs → chunk-DVHRHL5N.cjs} +3 -3
  37. package/dist/{chunk-ONBABU5V.cjs.map → chunk-DVHRHL5N.cjs.map} +1 -1
  38. package/dist/{chunk-NIM337G7.cjs → chunk-DY353SJU.cjs} +3 -3
  39. package/dist/{chunk-NIM337G7.cjs.map → chunk-DY353SJU.cjs.map} +1 -1
  40. package/dist/{chunk-BYCLHKAC.js → chunk-E6UDV3F5.js} +3 -3
  41. package/dist/{chunk-BYCLHKAC.js.map → chunk-E6UDV3F5.js.map} +1 -1
  42. package/dist/{chunk-R7624SPL.js → chunk-GB67HE2R.js} +4 -4
  43. package/dist/{chunk-R7624SPL.js.map → chunk-GB67HE2R.js.map} +1 -1
  44. package/dist/{chunk-7DKSWNOM.cjs → chunk-H7YXAKEQ.cjs} +4 -4
  45. package/dist/{chunk-7DKSWNOM.cjs.map → chunk-H7YXAKEQ.cjs.map} +1 -1
  46. package/dist/{chunk-UITLSJUW.cjs → chunk-HT6CWICR.cjs} +7 -7
  47. package/dist/{chunk-UITLSJUW.cjs.map → chunk-HT6CWICR.cjs.map} +1 -1
  48. package/dist/{chunk-MLLGO6XZ.js → chunk-HV64O7BN.js} +4 -4
  49. package/dist/{chunk-MLLGO6XZ.js.map → chunk-HV64O7BN.js.map} +1 -1
  50. package/dist/{chunk-56TEDJND.js → chunk-HZBASZCD.js} +3 -3
  51. package/dist/{chunk-56TEDJND.js.map → chunk-HZBASZCD.js.map} +1 -1
  52. package/dist/chunk-I6AIWII6.cjs +1138 -0
  53. package/dist/chunk-I6AIWII6.cjs.map +1 -0
  54. package/dist/{chunk-DULEYONH.cjs → chunk-IIISD6NP.cjs} +5 -5
  55. package/dist/{chunk-DULEYONH.cjs.map → chunk-IIISD6NP.cjs.map} +1 -1
  56. package/dist/{chunk-BTMYAVRX.cjs → chunk-LLXZPATO.cjs} +4 -4
  57. package/dist/{chunk-BTMYAVRX.cjs.map → chunk-LLXZPATO.cjs.map} +1 -1
  58. package/dist/{chunk-YD3A4BO6.js → chunk-MHYN6XMP.js} +3 -3
  59. package/dist/{chunk-YD3A4BO6.js.map → chunk-MHYN6XMP.js.map} +1 -1
  60. package/dist/chunk-MYNSU6B4.js +1103 -0
  61. package/dist/chunk-MYNSU6B4.js.map +1 -0
  62. package/dist/{chunk-PUW3RA3B.js → chunk-OG3RHAT5.js} +3 -3
  63. package/dist/{chunk-PUW3RA3B.js.map → chunk-OG3RHAT5.js.map} +1 -1
  64. package/dist/{chunk-J2LKP5LL.js → chunk-OQIQ7O3I.js} +6 -6
  65. package/dist/{chunk-J2LKP5LL.js.map → chunk-OQIQ7O3I.js.map} +1 -1
  66. package/dist/{chunk-CYOIFE4C.js → chunk-OTOG57OS.js} +70 -30
  67. package/dist/chunk-OTOG57OS.js.map +1 -0
  68. package/dist/{chunk-E2JNW3QM.js → chunk-PKP37L3H.js} +4 -4
  69. package/dist/{chunk-E2JNW3QM.js.map → chunk-PKP37L3H.js.map} +1 -1
  70. package/dist/{chunk-JZJ3PP2H.cjs → chunk-QDKNDZMW.cjs} +3 -3
  71. package/dist/{chunk-JZJ3PP2H.cjs.map → chunk-QDKNDZMW.cjs.map} +1 -1
  72. package/dist/{chunk-M5DAKMVZ.cjs → chunk-QNECOADU.cjs} +5 -5
  73. package/dist/{chunk-M5DAKMVZ.cjs.map → chunk-QNECOADU.cjs.map} +1 -1
  74. package/dist/{chunk-F5EEKLC4.js → chunk-QPC3COIK.js} +5 -5
  75. package/dist/{chunk-F5EEKLC4.js.map → chunk-QPC3COIK.js.map} +1 -1
  76. package/dist/{chunk-KBOC52HT.js → chunk-QTWC3NAN.js} +4 -4
  77. package/dist/{chunk-KBOC52HT.js.map → chunk-QTWC3NAN.js.map} +1 -1
  78. package/dist/{chunk-SJPWXUKZ.js → chunk-RABO3TJ4.js} +4 -4
  79. package/dist/{chunk-SJPWXUKZ.js.map → chunk-RABO3TJ4.js.map} +1 -1
  80. package/dist/{chunk-UD7JBYUI.cjs → chunk-RO755CGB.cjs} +13 -13
  81. package/dist/{chunk-UD7JBYUI.cjs.map → chunk-RO755CGB.cjs.map} +1 -1
  82. package/dist/{chunk-4ZHHKMDQ.cjs → chunk-T6DNAIYV.cjs} +3 -3
  83. package/dist/{chunk-4ZHHKMDQ.cjs.map → chunk-T6DNAIYV.cjs.map} +1 -1
  84. package/dist/{chunk-UZ43QCIA.cjs → chunk-TFWCZYHH.cjs} +4 -4
  85. package/dist/{chunk-UZ43QCIA.cjs.map → chunk-TFWCZYHH.cjs.map} +1 -1
  86. package/dist/{chunk-WMVLRIPB.cjs → chunk-U4TOYQTL.cjs} +6 -6
  87. package/dist/{chunk-WMVLRIPB.cjs.map → chunk-U4TOYQTL.cjs.map} +1 -1
  88. package/dist/{chunk-73MURMD2.cjs → chunk-UA2RGHTI.cjs} +4 -4
  89. package/dist/{chunk-73MURMD2.cjs.map → chunk-UA2RGHTI.cjs.map} +1 -1
  90. package/dist/{chunk-XOQEKMY2.cjs → chunk-UAE5VRI2.cjs} +13 -13
  91. package/dist/{chunk-XOQEKMY2.cjs.map → chunk-UAE5VRI2.cjs.map} +1 -1
  92. package/dist/{chunk-PVID56QD.js → chunk-UZWRNDJY.js} +4 -4
  93. package/dist/{chunk-PVID56QD.js.map → chunk-UZWRNDJY.js.map} +1 -1
  94. package/dist/{chunk-QGCSJMS7.cjs → chunk-VC4I57RM.cjs} +22 -22
  95. package/dist/{chunk-QGCSJMS7.cjs.map → chunk-VC4I57RM.cjs.map} +1 -1
  96. package/dist/{chunk-T32FQPWH.cjs → chunk-VLTKVNN7.cjs} +3 -3
  97. package/dist/{chunk-T32FQPWH.cjs.map → chunk-VLTKVNN7.cjs.map} +1 -1
  98. package/dist/{chunk-TS5QYSEZ.js → chunk-X6VNCWUE.js} +5 -5
  99. package/dist/{chunk-TS5QYSEZ.js.map → chunk-X6VNCWUE.js.map} +1 -1
  100. package/dist/{chunk-MMY24AC4.js → chunk-XXRCIVFY.js} +3 -3
  101. package/dist/{chunk-MMY24AC4.js.map → chunk-XXRCIVFY.js.map} +1 -1
  102. package/dist/{chunk-GU4AEOGA.cjs → chunk-YGUQ5EQN.cjs} +3 -3
  103. package/dist/{chunk-GU4AEOGA.cjs.map → chunk-YGUQ5EQN.cjs.map} +1 -1
  104. package/dist/{chunk-WKSF3TVK.js → chunk-YNMRF4NL.js} +4 -4
  105. package/dist/{chunk-WKSF3TVK.js.map → chunk-YNMRF4NL.js.map} +1 -1
  106. package/dist/{chunk-PLWZVSGT.js → chunk-YR4HTQHN.js} +4 -4
  107. package/dist/{chunk-PLWZVSGT.js.map → chunk-YR4HTQHN.js.map} +1 -1
  108. package/dist/{chunk-TPGA2ZTS.js → chunk-ZDPZ3AGZ.js} +3 -3
  109. package/dist/{chunk-TPGA2ZTS.js.map → chunk-ZDPZ3AGZ.js.map} +1 -1
  110. package/dist/{chunk-C4U5EL4H.js → chunk-ZKHIUO3M.js} +6 -6
  111. package/dist/{chunk-C4U5EL4H.js.map → chunk-ZKHIUO3M.js.map} +1 -1
  112. package/dist/{chunk-IRJJ2JJG.cjs → chunk-ZTE226KZ.cjs} +4 -4
  113. package/dist/{chunk-IRJJ2JJG.cjs.map → chunk-ZTE226KZ.cjs.map} +1 -1
  114. package/dist/{dist-7DWILFVQ.js → dist-OWZWIJZY.js} +15 -3
  115. package/dist/{dist-7DWILFVQ.js.map → dist-OWZWIJZY.js.map} +1 -1
  116. package/dist/{dist-FN5GSHL2.cjs → dist-TXDLPF66.cjs} +15 -3
  117. package/dist/{dist-FN5GSHL2.cjs.map → dist-TXDLPF66.cjs.map} +1 -1
  118. package/dist/docs/SKILL.md +1 -1
  119. package/dist/docs/assets/SOURCE_MAP.json +1 -1
  120. package/dist/server/handlers/a2a.cjs +14 -14
  121. package/dist/server/handlers/a2a.js +1 -1
  122. package/dist/server/handlers/agent-builder.cjs +17 -17
  123. package/dist/server/handlers/agent-builder.js +1 -1
  124. package/dist/server/handlers/agent-versions.cjs +8 -8
  125. package/dist/server/handlers/agent-versions.js +1 -1
  126. package/dist/server/handlers/agents.cjs +46 -46
  127. package/dist/server/handlers/agents.js +1 -1
  128. package/dist/server/handlers/auth.cjs +13 -13
  129. package/dist/server/handlers/auth.js +1 -1
  130. package/dist/server/handlers/conversations.cjs +5 -5
  131. package/dist/server/handlers/conversations.js +1 -1
  132. package/dist/server/handlers/datasets.cjs +26 -26
  133. package/dist/server/handlers/datasets.js +1 -1
  134. package/dist/server/handlers/editor-builder.cjs +6 -6
  135. package/dist/server/handlers/editor-builder.js +1 -1
  136. package/dist/server/handlers/favorites-enrichment.cjs +4 -4
  137. package/dist/server/handlers/favorites-enrichment.js +1 -1
  138. package/dist/server/handlers/harness.cjs +144 -0
  139. package/dist/server/handlers/harness.cjs.map +1 -0
  140. package/dist/server/handlers/harness.d.ts +707 -0
  141. package/dist/server/handlers/harness.d.ts.map +1 -0
  142. package/dist/server/handlers/harness.js +3 -0
  143. package/dist/server/handlers/harness.js.map +1 -0
  144. package/dist/server/handlers/logs.cjs +4 -4
  145. package/dist/server/handlers/logs.js +1 -1
  146. package/dist/server/handlers/mcp-client-versions.cjs +8 -8
  147. package/dist/server/handlers/mcp-client-versions.js +1 -1
  148. package/dist/server/handlers/prompt-block-versions.cjs +8 -8
  149. package/dist/server/handlers/prompt-block-versions.js +1 -1
  150. package/dist/server/handlers/responses.cjs +4 -4
  151. package/dist/server/handlers/responses.js +1 -1
  152. package/dist/server/handlers/scorer-versions.cjs +8 -8
  153. package/dist/server/handlers/scorer-versions.js +1 -1
  154. package/dist/server/handlers/scores.cjs +7 -7
  155. package/dist/server/handlers/scores.js +1 -1
  156. package/dist/server/handlers/stored-agent-favorites.cjs +3 -3
  157. package/dist/server/handlers/stored-agent-favorites.js +1 -1
  158. package/dist/server/handlers/stored-agents.cjs +10 -10
  159. package/dist/server/handlers/stored-agents.js +1 -1
  160. package/dist/server/handlers/stored-mcp-clients.cjs +6 -6
  161. package/dist/server/handlers/stored-mcp-clients.js +1 -1
  162. package/dist/server/handlers/stored-prompt-blocks.cjs +6 -6
  163. package/dist/server/handlers/stored-prompt-blocks.js +1 -1
  164. package/dist/server/handlers/stored-scorers.cjs +6 -6
  165. package/dist/server/handlers/stored-scorers.js +1 -1
  166. package/dist/server/handlers/stored-skill-favorites.cjs +3 -3
  167. package/dist/server/handlers/stored-skill-favorites.js +1 -1
  168. package/dist/server/handlers/stored-skills.cjs +7 -7
  169. package/dist/server/handlers/stored-skills.js +1 -1
  170. package/dist/server/handlers/system.cjs +3 -3
  171. package/dist/server/handlers/system.js +1 -1
  172. package/dist/server/handlers/tools.cjs +6 -6
  173. package/dist/server/handlers/tools.js +1 -1
  174. package/dist/server/handlers/workflows.cjs +27 -27
  175. package/dist/server/handlers/workflows.js +1 -1
  176. package/dist/server/handlers.cjs +29 -29
  177. package/dist/server/handlers.js +11 -11
  178. package/dist/server/schemas/index.cjs +664 -664
  179. package/dist/server/schemas/index.js +11 -11
  180. package/dist/server/server-adapter/index.cjs +13 -13
  181. package/dist/server/server-adapter/index.js +2 -2
  182. package/dist/server/server-adapter/routes/harness.d.ts +3 -0
  183. package/dist/server/server-adapter/routes/harness.d.ts.map +1 -0
  184. package/dist/server/server-adapter/routes/index.d.ts.map +1 -1
  185. package/package.json +6 -6
  186. package/dist/chunk-CYOIFE4C.js.map +0 -1
  187. package/dist/chunk-UVJZRFSY.cjs.map +0 -1
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["mastra"],"mappings":";;;;;;;;AA0CA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAEA,IAAI,0BAAA;AACJ,SAAS,sBAAA,GAAuE;AAC9E,EAAA,IAAI,CAAC,0BAAA,EAA4B;AAC/B,IAAA,0BAAA,GAA6B,OAAO,sBAAsB,CAAA,CACvD,IAAA,CAAK,OAAK,CAAA,CAAE,mBAA8C,CAAA,CAC1D,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,0BAAA;AACT;AASA,SAAS,eAAA,CAAgB,QAAa,QAAA,EAA+C;AAEnF,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,MAAM,gBAAgB,YAAA,EAAc,IAAA,IAAQ,OAAO,YAAA,CAAa,KAAK,iBAAA,KAAsB,UAAA;AAG3F,EAAA,IAAI,YAAY,aAAA,EAAe;AAC7B,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAIA,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAKA,SAAS,gBAAgB,OAAA,EAA2B;AAClD,EAAA,OAAO,yBAAyB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,yBAAyB,KAAK,MAAS,CAAA;AAC7F;AAoBO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AAEA,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACrF,IAAA,MAAM,KAAA,GAAQ,cAAA,IAAkB,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,EAAE,CAAA;AAC7E,IAAA,OAAO,CAAA,EAAG,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAMA,SAAS,eAAA,CAAgB,QAAa,QAAA,EAAuD;AAC3F,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,IAAA,IAAI,cAAc,IAAA,EAAM;AACtB,MAAA,OAAO,YAAA,CAAa,IAAA;AAAA,IACtB;AAAA,EACF;AACA,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAMA,SAAS,cAAA,CAAe,QAAa,QAAA,EAAsD;AACzF,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,IAAA,IAAI,cAAc,GAAA,EAAK;AACrB,MAAA,OAAO,YAAA,CAAa,GAAA;AAAA,IACtB;AAAA,EACF;AACA,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,GAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,QAAQ,OAAO,IAAA,KAAS,YAAY,OAAQ,IAAA,CAAa,MAAM,CAAA,KAAM,UAAA;AACvF;AAMO,IAAM,8BAA8B,iBAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,0BAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAGzC,MAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAC7C,MAAA,MAAM,GAAA,GAAM,cAAA,CAAe,MAAA,EAAQ,QAAQ,CAAA;AAE3C,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,OAAA,EAAS,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,WAAA,EAAa,CAAA;AAIjG,MAAA,IAAI,EAAE,MAAA,IAAU,YAAA,CAAA,IAAiB,sBAAA,CAAuB,IAAI,CAAA,EAAG;AAC7D,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AAC5D,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AAC5D,YAAA,IAAI,gBAAA,EAAkB;AACpB,cAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,iBAAA,CAAkB,gBAAgB,CAAA;AACpE,cAAA,MAAM,WAAA,GAAc,yBAAyB,cAAc,CAAA;AAC3D,cAAA,IAAI,WAAA,EAAa;AAEf,gBAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK;AAAA,kBAChD,QAAQ,OAAA,CAAQ,MAAA;AAAA,kBAChB,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO;AAAA,iBACrC,CAAA;AACD,gBAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,WAAW,CAAA;AAClD,gBAAA,MAAM,qBAAA,GAAwB,MAAM,iBAAA,CAAkB,IAAA,EAAM,gBAAA,EAAkB;AAAA,kBAC5E,IAAA;AAAA,kBACA,SAAA,EAAW;AAAA,iBACZ,CAAA;AAGD,gBAAA,IAAI,UAAU,qBAAA,EAAuB;AACnC,kBAAC,sBAA8B,gBAAA,GAAmB,cAAA;AAAA,gBACpD;AACA,gBAAA,OAAO,qBAAA;AAAA,cACT;AAAA,YACF;AAAA,UACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKD,SAAS,yBAAyB,OAAA,EAAgD;AAChF,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,YAAY,CAAA,IAAK,QAAQ,YAAY,CAAA;AAC/D,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,UAAU,CAAA;AACxC,EAAA,OAAO,KAAA,GAAS,KAAA,CAAM,CAAC,CAAA,IAAK,IAAA,GAAQ,IAAA;AACtC;AAMO,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,yBAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AACxC,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAC7C,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsB,iBAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,mBAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AACxC,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,MAAM,OAAA,CAAQ,OAAA,CAAQ,KAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAC,CAAA;AAGhF,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,sBAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AACzC,IAAkB,gBAAgB,OAAO;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AAIF,MAAA,IAAI,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,IAAI,CAAA;AAGvC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,IAAA,GAAO,eAAA,CAAgB,QAAQ,KAAK,CAAA;AAAA,MACtC;AAEA,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoB,iBAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,IAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqB,iBAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgB,qBAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,IAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,OAAO,WAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAC7C,IAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AACnD,IAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,MAAMA,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMD,IAAM,yBAAA,GAA4B,EAAE,MAAA,CAAO,EAAE,QAAQ,CAAA,CAAE,MAAA,IAAU,CAAA;AACjE,IAAM,6BAAA,GAAgC,CAAA,CAAE,MAAA,CAAO,EAAE,QAAQ,CAAA,CAAE,MAAA,EAAO,EAAG,WAAA,EAAa,EAAE,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,GAAG,CAAA;AAEhG,IAAM,6BAA6B,WAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iCAAA;AAAA,EACN,YAAA,EAAc,IAAA;AAAA,EACd,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,yBAAA;AAAA,EACjB,cAAA,EAAgB,6BAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAO,GAAI,GAAA;AAG3C,MAAA,MAAM,iBAAA,GAA8B,cAAA,EAAgB,GAAA,CAAI,2BAA2B,KAAK,EAAC;AACzF,MAAA,MAAM,OAAA,GAAU,kBAAkB,IAAA,CAAK,CAAC,MAAc,CAAA,KAAM,GAAA,IAAO,MAAM,KAAK,CAAA;AAC9E,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yBAAyB,CAAA;AAAA,MACnE;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,IAAI,CAAC,MAAM,qBAAA,EAAuB;AAChC,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6DAA6D,CAAA;AAAA,MACvG;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,qBAAA,CAAsB,MAAM,CAAA;AAC3D,MAAA,OAAO,EAAE,QAAQ,WAAA,EAAY;AAAA,IAC/B,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,OAAO,WAAA,CAAY,OAAO,gCAAgC,CAAA;AAAA,IAC5D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,gCAAgC,WAAA,CAAY;AAAA,EACvD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,IAAA;AAAA,EACd,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,gCAAA;AAAA,EAChB,OAAA,EAAS,gCAAA;AAAA,EACT,WAAA,EACE,qKAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,SAAS,YAAY;AACnB,IAAA,MAAM,QAAA,GAAW,MAAM,sBAAA,EAAuB;AAC9C,IAAA,OAAO,EAAE,QAAA,EAAU,MAAA,CAAO,KAAK,QAAA,IAAY,EAAE,CAAA,EAAE;AAAA,EACjD;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA,8BAAA;AAAA,EACA,0BAAA;AAAA,EACA;AACF","file":"chunk-R4O5HVDI.js","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, IFGAProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { z } from 'zod/v4';\nimport { supportsSessionRefresh } from '../auth/helpers';\nimport { MASTRA_USER_PERMISSIONS_KEY, MASTRA_CLIENT_TYPE_HEADER, isStudioClientTypeHeader } from '../constants';\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n refreshResponseSchema,\n permissionPatternsResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute, createRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (\n auth: any,\n request: Request,\n options?: { rbac?: any; fga?: any; apiPrefix?: string },\n) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\nlet _permissionPatternsPromise: Promise<Record<string, unknown> | undefined> | undefined;\nfunction loadPermissionPatterns(): Promise<Record<string, unknown> | undefined> {\n if (!_permissionPatternsPromise) {\n _permissionPatternsPromise = import('@mastra/core/auth/ee')\n .then(m => m.PERMISSION_PATTERNS as Record<string, unknown>)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _permissionPatternsPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n *\n * Dual auth is OPT-IN: if studio.auth is explicitly configured, Studio requests\n * use it exclusively. Otherwise, Studio requests fall back to server.auth for\n * backward compatibility.\n */\nfunction getAuthProvider(mastra: any, isStudio?: boolean): MastraAuthProvider | null {\n // Check if studio.auth is explicitly configured\n const studioConfig = mastra.getStudio?.();\n const hasStudioAuth = studioConfig?.auth && typeof studioConfig.auth.authenticateToken === 'function';\n\n // If this is a Studio request AND studio.auth is configured, use it exclusively\n if (isStudio && hasStudioAuth) {\n return studioConfig.auth as MastraAuthProvider;\n }\n\n // Otherwise (non-studio request, OR studio request without studio.auth configured),\n // fall back to server.auth for backward compatibility\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Check if the request is from Studio (via x-mastra-client-type header).\n */\nfunction isStudioRequest(request: Request): boolean {\n return isStudioClientTypeHeader(request.headers.get(MASTRA_CLIENT_TYPE_HEADER) ?? undefined);\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname,\n * so we rely on forwarded headers to reconstruct the real public origin.\n *\n * Assumes the server is behind a trusted proxy (or running locally). When\n * exposed directly to untrusted clients, the Host header is attacker-controlled\n * and must be validated upstream.\n *\n * Priority:\n * 1. X-Forwarded-Host (traditional reverse proxy) → always HTTPS. Knative's\n * queue-proxy overwrites X-Forwarded-Proto based on the internal HTTP\n * connection, so X-Forwarded-Proto is ignored here.\n * 2. Host header with X-Forwarded-Proto (AWS ALB, some proxies) → respect proto.\n * 3. Host header alone → use the scheme from request.url (covers both direct\n * HTTP access and proxies that preserve Host but don't set a proto header).\n * 4. No Host header → fall back to request.url.origin (local dev / direct access).\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n\n const host = request.headers.get('host');\n if (host) {\n const forwardedProto = request.headers.get('x-forwarded-proto')?.split(',')[0]?.trim();\n const proto = forwardedProto || new URL(request.url).protocol.replace(':', '');\n return `${proto}://${host}`;\n }\n\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra config.\n * Checks studio config first when isStudio is true.\n */\nfunction getRBACProvider(mastra: any, isStudio?: boolean): IRBACProvider<EEUser> | undefined {\n if (isStudio) {\n const studioConfig = mastra.getStudio?.();\n if (studioConfig?.rbac) {\n return studioConfig.rbac as IRBACProvider<EEUser>;\n }\n }\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Helper to get FGA provider from Mastra config.\n * Checks studio config first when isStudio is true.\n */\nfunction getFGAProvider(mastra: any, isStudio?: boolean): IFGAProvider<EEUser> | undefined {\n if (isStudio) {\n const studioConfig = mastra.getStudio?.();\n if (studioConfig?.fga) {\n return studioConfig.fga as IFGAProvider<EEUser>;\n }\n }\n const serverConfig = mastra.getServer?.();\n return serverConfig?.fga as IFGAProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && typeof (auth as any)[method] === 'function';\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n // Check if this is a Studio request (via x-mastra-client-type header)\n const isStudio = isStudioRequest(request);\n\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra, isStudio);\n const fga = getFGAProvider(mastra, isStudio);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, fga, apiPrefix: routePrefix });\n\n // If capabilities came back without a user, the session may have expired.\n // Attempt a transparent refresh (same logic as coreAuthMiddleware) and retry.\n if (!('user' in capabilities) && supportsSessionRefresh(auth)) {\n try {\n const sessionId = await auth.getSessionIdFromRequest(request);\n if (sessionId) {\n const refreshedSession = await auth.refreshSession(sessionId);\n if (refreshedSession) {\n const sessionHeaders = await auth.getSessionHeaders(refreshedSession);\n const cookieValue = extractCookieFromHeaders(sessionHeaders);\n if (cookieValue) {\n // Rebuild capabilities with the refreshed cookie\n const refreshedRequest = new Request(request.url, {\n method: request.method,\n headers: new Headers(request.headers),\n });\n refreshedRequest.headers.set('Cookie', cookieValue);\n const refreshedCapabilities = await buildCapabilities(auth, refreshedRequest, {\n rbac,\n apiPrefix: routePrefix,\n });\n\n // Attach refresh headers so the adapter can set the new cookie\n if ('user' in refreshedCapabilities) {\n (refreshedCapabilities as any).__refreshHeaders = sessionHeaders;\n }\n return refreshedCapabilities;\n }\n }\n }\n } catch {\n // Refresh failed — return original unauthenticated capabilities\n }\n }\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n/**\n * Extract a full cookie string from session headers (e.g. Set-Cookie → Cookie).\n */\nfunction extractCookieFromHeaders(headers: Record<string, string>): string | null {\n const setCookie = headers['Set-Cookie'] || headers['set-cookie'];\n if (!setCookie) return null;\n // Set-Cookie value is \"name=value; Path=/; ...\" — extract \"name=value\"\n const match = setCookie.match(/^([^;]+)/);\n return match ? (match[1] ?? null) : null;\n}\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const isStudio = isStudioRequest(request);\n const auth = getAuthProvider(mastra, isStudio);\n const rbac = getRBACProvider(mastra, isStudio);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const isStudio = isStudioRequest(request);\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = await Promise.resolve(auth.getLoginUrl(oauthCallbackUri, state));\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n const _isStudio = isStudioRequest(request); // Kept for potential future use; currently we prefer studio auth for SSO\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n // For SSO callback, the redirect from the identity provider won't include\n // the x-mastra-client-type header. Prefer studio auth for SSO (it's the\n // typical SSO use case), fall back to server auth only if studio doesn't exist.\n let auth = getAuthProvider(mastra, true); // Try studio first\n\n // If studio doesn't have SSO, fall back to server\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n auth = getAuthProvider(mastra, false);\n }\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n const isStudio = isStudioRequest(request);\n\n try {\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/refresh',\n responseType: 'datastream-response',\n responseSchema: refreshResponseSchema,\n summary: 'Refresh session',\n description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n const isStudio = isStudioRequest(request);\n\n try {\n const auth = getAuthProvider(mastra, isStudio);\n\n if (\n !auth ||\n !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n ) {\n throw new HTTPException(404, { message: 'Session refresh not configured' });\n }\n\n // Get session ID from request\n const sessionId = auth.getSessionIdFromRequest(request);\n if (!sessionId) {\n throw new HTTPException(401, { message: 'No session' });\n }\n\n // Refresh the session\n const newSession = await auth.refreshSession(sessionId);\n if (!newSession) {\n throw new HTTPException(401, { message: 'Session expired' });\n }\n\n // Build response with new session headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n const sessionHeaders = auth.getSessionHeaders(newSession);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers,\n });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error refreshing session');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n const isStudio = isStudioRequest(request);\n\n try {\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n const isStudio = isStudioRequest(request);\n\n try {\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// GET /auth/roles/:roleId/permissions\n// ============================================================================\n\nconst rolePermissionsPathSchema = z.object({ roleId: z.string() });\nconst rolePermissionsResponseSchema = z.object({ roleId: z.string(), permissions: z.array(z.string()) });\n\nexport const GET_ROLE_PERMISSIONS_ROUTE = createRoute({\n method: 'GET',\n path: '/auth/roles/:roleId/permissions',\n requiresAuth: true,\n responseType: 'json',\n pathParamSchema: rolePermissionsPathSchema,\n responseSchema: rolePermissionsResponseSchema,\n summary: 'Get permissions for a role',\n description:\n 'Returns the resolved permissions for a specific role. Only accessible by admin users. Used by the \"View as role\" feature.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, requestContext, roleId } = ctx as any;\n\n // Check that the caller is an admin\n const callerPermissions: string[] = requestContext?.get(MASTRA_USER_PERMISSIONS_KEY) ?? [];\n const isAdmin = callerPermissions.some((p: string) => p === '*' || p === '*:*');\n if (!isAdmin) {\n throw new HTTPException(403, { message: 'Admin access required' });\n }\n\n const rbac = getRBACProvider(mastra);\n if (!rbac?.getPermissionsForRole) {\n throw new HTTPException(404, { message: 'RBAC provider does not support role permission resolution' });\n }\n\n const permissions = await rbac.getPermissionsForRole(roleId);\n return { roleId, permissions };\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error getting role permissions');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/permission-patterns\n// ============================================================================\n\nexport const GET_PERMISSION_PATTERNS_ROUTE = createRoute({\n method: 'GET',\n path: '/auth/permission-patterns',\n requiresAuth: true,\n responseType: 'json',\n responseSchema: permissionPatternsResponseSchema,\n summary: 'List valid permission patterns',\n description:\n 'Returns the authoritative list of valid permission-pattern strings. Used by Studio to validate the route→permission literals it ships and to gate the sidebar.',\n tags: ['Auth'],\n handler: async () => {\n const patterns = await loadPermissionPatterns();\n return { patterns: Object.keys(patterns ?? {}) };\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_REFRESH_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n GET_ROLE_PERMISSIONS_ROUTE,\n GET_PERMISSION_PATTERNS_ROUTE,\n] as const;\n"]}
1
+ {"version":3,"sources":["../src/server/handlers/auth.ts"],"names":["mastra"],"mappings":";;;;;;;;AA0CA,IAAI,yBAAA;AACJ,SAAS,qBAAA,GAAkE;AACzE,EAAA,IAAI,CAAC,yBAAA,EAA2B;AAC9B,IAAA,yBAAA,GAA4B,OAAO,sBAAsB,CAAA,CACtD,IAAA,CAAK,OAAK,CAAA,CAAE,iBAAwC,CAAA,CACpD,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,yBAAA;AACT;AAEA,IAAI,0BAAA;AACJ,SAAS,sBAAA,GAAuE;AAC9E,EAAA,IAAI,CAAC,0BAAA,EAA4B;AAC/B,IAAA,0BAAA,GAA6B,OAAO,sBAAsB,CAAA,CACvD,IAAA,CAAK,OAAK,CAAA,CAAE,mBAA8C,CAAA,CAC1D,KAAA,CAAM,MAAM;AACX,MAAA,OAAA,CAAQ,KAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,OAAO,MAAA;AAAA,IACT,CAAC,CAAA;AAAA,EACL;AACA,EAAA,OAAO,0BAAA;AACT;AASA,SAAS,eAAA,CAAgB,QAAa,QAAA,EAA+C;AAEnF,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,MAAM,gBAAgB,YAAA,EAAc,IAAA,IAAQ,OAAO,YAAA,CAAa,KAAK,iBAAA,KAAsB,UAAA;AAG3F,EAAA,IAAI,YAAY,aAAA,EAAe;AAC7B,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAIA,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,IAAI,CAAC,YAAA,EAAc,IAAA,EAAM,OAAO,IAAA;AAIhC,EAAA,IAAI,OAAO,YAAA,CAAa,IAAA,CAAK,iBAAA,KAAsB,UAAA,EAAY;AAC7D,IAAA,OAAO,YAAA,CAAa,IAAA;AAAA,EACtB;AAEA,EAAA,OAAO,IAAA;AACT;AAKA,SAAS,gBAAgB,OAAA,EAA2B;AAClD,EAAA,OAAO,yBAAyB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,yBAAyB,KAAK,MAAS,CAAA;AAC7F;AAoBO,SAAS,gBAAgB,OAAA,EAA0B;AACxD,EAAA,MAAM,aAAA,GAAgB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACnF,EAAA,IAAI,aAAA,EAAe;AACjB,IAAA,OAAO,WAAW,aAAa,CAAA,CAAA;AAAA,EACjC;AAEA,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA;AACvC,EAAA,IAAI,IAAA,EAAM;AACR,IAAA,MAAM,cAAA,GAAiB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA,EAAG,KAAA,CAAM,GAAG,CAAA,CAAE,CAAC,CAAA,EAAG,IAAA,EAAK;AACrF,IAAA,MAAM,KAAA,GAAQ,cAAA,IAAkB,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,EAAE,CAAA;AAC7E,IAAA,OAAO,CAAA,EAAG,KAAK,CAAA,GAAA,EAAM,IAAI,CAAA,CAAA;AAAA,EAC3B;AAEA,EAAA,OAAO,IAAI,GAAA,CAAI,OAAA,CAAQ,GAAG,CAAA,CAAE,MAAA;AAC9B;AAMA,SAAS,eAAA,CAAgB,QAAa,QAAA,EAAuD;AAC3F,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,IAAA,IAAI,cAAc,IAAA,EAAM;AACtB,MAAA,OAAO,YAAA,CAAa,IAAA;AAAA,IACtB;AAAA,EACF;AACA,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,IAAA;AACvB;AAMA,SAAS,cAAA,CAAe,QAAa,QAAA,EAAsD;AACzF,EAAA,IAAI,QAAA,EAAU;AACZ,IAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,IAAA,IAAI,cAAc,GAAA,EAAK;AACrB,MAAA,OAAO,YAAA,CAAa,GAAA;AAAA,IACtB;AAAA,EACF;AACA,EAAA,MAAM,YAAA,GAAe,OAAO,SAAA,IAAY;AACxC,EAAA,OAAO,YAAA,EAAc,GAAA;AACvB;AAKA,SAAS,mBAAA,CAAuB,MAAe,MAAA,EAA4B;AACzE,EAAA,OAAO,IAAA,KAAS,QAAQ,OAAO,IAAA,KAAS,YAAY,OAAQ,IAAA,CAAa,MAAM,CAAA,KAAM,UAAA;AACvF;AAMO,IAAM,8BAA8B,iBAAA,CAAkB;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,0BAAA;AAAA,EAChB,OAAA,EAAS,uBAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,WAAA,EAAY,GAAI,GAAA;AAGzC,MAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AAEA,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAC7C,MAAA,MAAM,GAAA,GAAM,cAAA,CAAe,MAAA,EAAQ,QAAQ,CAAA;AAE3C,MAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,EAAsB;AACtD,MAAA,IAAI,CAAC,iBAAA,EAAmB;AACtB,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,IAAA,EAAK;AAAA,MACvC;AACA,MAAA,MAAM,YAAA,GAAe,MAAM,iBAAA,CAAkB,IAAA,EAAM,OAAA,EAAS,EAAE,IAAA,EAAM,GAAA,EAAK,SAAA,EAAW,WAAA,EAAa,CAAA;AAIjG,MAAA,IAAI,EAAE,MAAA,IAAU,YAAA,CAAA,IAAiB,sBAAA,CAAuB,IAAI,CAAA,EAAG;AAC7D,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AAC5D,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,MAAM,gBAAA,GAAmB,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AAC5D,YAAA,IAAI,gBAAA,EAAkB;AACpB,cAAA,MAAM,cAAA,GAAiB,MAAM,IAAA,CAAK,iBAAA,CAAkB,gBAAgB,CAAA;AACpE,cAAA,MAAM,WAAA,GAAc,yBAAyB,cAAc,CAAA;AAC3D,cAAA,IAAI,WAAA,EAAa;AAEf,gBAAA,MAAM,gBAAA,GAAmB,IAAI,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK;AAAA,kBAChD,QAAQ,OAAA,CAAQ,MAAA;AAAA,kBAChB,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAA,CAAQ,OAAO;AAAA,iBACrC,CAAA;AACD,gBAAA,gBAAA,CAAiB,OAAA,CAAQ,GAAA,CAAI,QAAA,EAAU,WAAW,CAAA;AAClD,gBAAA,MAAM,qBAAA,GAAwB,MAAM,iBAAA,CAAkB,IAAA,EAAM,gBAAA,EAAkB;AAAA,kBAC5E,IAAA;AAAA,kBACA,SAAA,EAAW;AAAA,iBACZ,CAAA;AAGD,gBAAA,IAAI,UAAU,qBAAA,EAAuB;AACnC,kBAAC,sBAA8B,gBAAA,GAAmB,cAAA;AAAA,gBACpD;AACA,gBAAA,OAAO,qBAAA;AAAA,cACT;AAAA,YACF;AAAA,UACF;AAAA,QACF,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO,YAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AAKD,SAAS,yBAAyB,OAAA,EAAgD;AAChF,EAAA,MAAM,SAAA,GAAY,OAAA,CAAQ,YAAY,CAAA,IAAK,QAAQ,YAAY,CAAA;AAC/D,EAAA,IAAI,CAAC,WAAW,OAAO,IAAA;AAEvB,EAAA,MAAM,KAAA,GAAQ,SAAA,CAAU,KAAA,CAAM,UAAU,CAAA;AACxC,EAAA,OAAO,KAAA,GAAS,KAAA,CAAM,CAAC,CAAA,IAAK,IAAA,GAAQ,IAAA;AACtC;AAMO,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,UAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,yBAAA;AAAA,EAChB,OAAA,EAAS,kBAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,MAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AACxC,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAC7C,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAmC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACxE,QAAA,OAAO,IAAA;AAAA,MACT;AAEA,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,cAAA,CAAe,OAAO,CAAA;AAC9C,MAAA,IAAI,CAAC,MAAM,OAAO,IAAA;AAGlB,MAAA,IAAI,KAAA;AACJ,MAAA,IAAI,WAAA;AAEJ,MAAA,IAAI,IAAA,EAAM;AACR,QAAA,IAAI;AACF,UAAA,KAAA,GAAQ,MAAM,IAAA,CAAK,QAAA,CAAS,IAAI,CAAA;AAChC,UAAA,WAAA,GAAc,MAAM,IAAA,CAAK,cAAA,CAAe,IAAI,CAAA;AAAA,QAC9C,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAEA,MAAA,OAAO;AAAA,QACL,IAAI,IAAA,CAAK,EAAA;AAAA,QACT,OAAO,IAAA,CAAK,KAAA;AAAA,QACZ,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,WAAW,IAAA,CAAK,SAAA;AAAA,QAChB,KAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,sBAAsB,iBAAA,CAAkB;AAAA,EACnD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,mBAAA;AAAA,EAClB,OAAA,EAAS,oBAAA;AAAA,EACT,WAAA,EAAa,4DAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,YAAA,EAAc,OAAA,EAAS,aAAY,GAAI,GAAA;AACvD,MAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AACxC,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,aAAa,CAAA,EAAG;AACpE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,sBAAsB,CAAA;AAAA,MAChE;AAGA,MAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,MAAA,MAAM,GAAA,GAAA,CAAQ,WAAA,IAA0B,MAAA,EAAQ,IAAA,EAAK;AACrD,MAAA,MAAM,YAAY,GAAA,CAAI,UAAA,CAAW,GAAG,CAAA,GAAI,GAAA,GAAM,IAAI,GAAG,CAAA,CAAA;AACrD,MAAA,MAAM,MAAA,GAAS,UAAU,QAAA,CAAS,GAAG,IAAI,SAAA,CAAU,KAAA,CAAM,CAAA,EAAG,EAAE,CAAA,GAAI,SAAA;AAClE,MAAA,MAAM,gBAAA,GAAmB,CAAA,EAAG,MAAM,CAAA,EAAG,MAAM,CAAA,kBAAA,CAAA;AAO3C,MAAA,IAAI,iBAAA,GAAoB,GAAA;AACxB,MAAA,IAAI,YAAA,EAAc;AAChB,QAAA,IAAI,CAAC,YAAA,CAAa,UAAA,CAAW,MAAM,CAAA,EAAG;AAEpC,UAAA,iBAAA,GAAoB,YAAA;AAAA,QACtB,CAAA,MAAO;AACL,UAAA,IAAI;AACF,YAAA,MAAM,WAAA,GAAc,IAAI,GAAA,CAAI,YAAY,CAAA;AACxC,YAAA,MAAM,aAAA,GAAgB,IAAI,GAAA,CAAI,MAAM,CAAA;AACpC,YAAA,MAAM,OAAA,GAAU,WAAA,CAAY,QAAA,KAAa,OAAA,IAAW,YAAY,QAAA,KAAa,QAAA;AAC7E,YAAA,MAAM,YAAA,GAAe,WAAA,CAAY,MAAA,KAAW,aAAA,CAAc,MAAA;AAC1D,YAAA,MAAM,WAAA,GACJ,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,WAAA,IACzB,YAAY,QAAA,KAAa,OAAA;AAC3B,YAAA,IAAI,OAAA,KAAY,gBAAgB,WAAA,CAAA,EAAc;AAC5C,cAAA,iBAAA,GAAoB,YAAA;AAAA,YACtB;AAAA,UACF,CAAA,CAAA,MAAQ;AAAA,UAER;AAAA,QACF;AAAA,MACF;AACA,MAAA,MAAM,OAAA,GAAU,OAAO,UAAA,EAAW;AAClC,MAAA,MAAM,QAAQ,CAAA,EAAG,OAAO,CAAA,CAAA,EAAI,kBAAA,CAAmB,iBAAiB,CAAC,CAAA,CAAA;AAEjE,MAAA,MAAM,QAAA,GAAW,MAAM,OAAA,CAAQ,OAAA,CAAQ,KAAK,WAAA,CAAY,gBAAA,EAAkB,KAAK,CAAC,CAAA;AAGhF,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,iBAAiB,CAAA,IAAK,KAAK,eAAA,EAAiB;AACtF,QAAA,MAAM,OAAA,GAAU,IAAA,CAAK,eAAA,CAAgB,gBAAA,EAAkB,KAAK,CAAA;AAC5D,QAAA,IAAI,SAAS,MAAA,EAAQ;AAEnB,UAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,YAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,UACrC;AAAA,QACF;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,IAAA,CAAK,SAAA,CAAU,EAAE,GAAA,EAAK,QAAA,EAAU,CAAA,EAAG,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IACjF,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,4BAA4B,CAAA;AAAA,IACxD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,yBAAyB,iBAAA,CAAkB;AAAA,EACtD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,oBAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,gBAAA,EAAkB,sBAAA;AAAA,EAClB,OAAA,EAAS,qBAAA;AAAA,EACT,WAAA,EAAa,mFAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,IAAA,EAAM,KAAA,EAAO,SAAQ,GAAI,GAAA;AACzC,IAAkB,gBAAgB,OAAO;AAGzC,IAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AAGvC,IAAA,IAAI,UAAA,GAAa,GAAA;AACjB,IAAA,IAAI,UAAU,KAAA,IAAS,EAAA;AACvB,IAAA,IAAI,KAAA,IAAS,KAAA,CAAM,QAAA,CAAS,GAAG,CAAA,EAAG;AAChC,MAAA,MAAM,CAAC,EAAA,EAAI,eAAe,IAAI,KAAA,CAAM,KAAA,CAAM,KAAK,CAAC,CAAA;AAChD,MAAA,OAAA,GAAU,EAAA;AACV,MAAA,IAAI;AACF,QAAA,UAAA,GAAa,mBAAmB,eAAe,CAAA;AAAA,MACjD,CAAA,CAAA,MAAQ;AACN,QAAA,UAAA,GAAa,GAAA;AAAA,MACf;AAAA,IACF;AAMA,IAAA,IAAI,gBAAA;AACJ,IAAA,IAAI,UAAA,CAAW,UAAA,CAAW,MAAM,CAAA,EAAG;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,MAAA,GAAS,IAAI,GAAA,CAAI,UAAU,CAAA;AACjC,QAAA,MAAM,UAAA,GAAa,IAAI,GAAA,CAAI,OAAO,CAAA;AAClC,QAAA,MAAM,OAAA,GAAU,MAAA,CAAO,QAAA,KAAa,OAAA,IAAW,OAAO,QAAA,KAAa,QAAA;AACnE,QAAA,MAAM,YAAA,GAAe,MAAA,CAAO,MAAA,KAAW,UAAA,CAAW,MAAA;AAClD,QAAA,MAAM,WAAA,GACJ,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,WAAA,IAAe,OAAO,QAAA,KAAa,OAAA;AAC5F,QAAA,gBAAA,GAAmB,OAAA,KAAY,YAAA,IAAgB,WAAA,CAAA,GAAe,UAAA,GAAa,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MACvF,CAAA,CAAA,MAAQ;AACN,QAAA,gBAAA,GAAmB,GAAG,OAAO,CAAA,CAAA,CAAA;AAAA,MAC/B;AAAA,IACF,CAAA,MAAO;AACL,MAAA,gBAAA,GAAmB,CAAA,EAAG,OAAO,CAAA,EAAG,UAAU,CAAA,CAAA;AAAA,IAC5C;AAEA,IAAA,IAAI;AAIF,MAAA,IAAI,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,IAAI,CAAA;AAGvC,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,IAAA,GAAO,eAAA,CAAgB,QAAQ,KAAK,CAAA;AAAA,MACtC;AAEA,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAAkC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AACvE,QAAA,OAAO,QAAA,CAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,6BAA6B,GAAG,CAAA;AAAA,MAC9E;AAGA,MAAA,MAAM,eAAA,GAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAA;AACpD,MAAA,IAAI,OAAQ,IAAA,CAAa,uBAAA,KAA4B,UAAA,EAAY;AAC/D,QAAC,IAAA,CAAa,wBAAwB,eAAe,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAU,MAAM,IAAA,CAAK,cAAA,CAAe,MAAM,OAAO,CAAA;AACvD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAGpB,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,EAAQ;AAC5B,MAAA,OAAA,CAAQ,GAAA,CAAI,YAAY,gBAAgB,CAAA;AAGxC,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF,WAAW,mBAAA,CAAsC,IAAA,EAAM,eAAe,CAAA,IAAK,OAAO,MAAA,EAAQ;AAExF,QAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,aAAA,CAAc,KAAK,EAAA,EAAI;AAAA,UAChD,WAAA,EAAa,OAAO,MAAA,CAAO,WAAA;AAAA,UAC3B,YAAA,EAAc,OAAO,MAAA,CAAO,YAAA;AAAA,UAC5B,SAAA,EAAW,OAAO,MAAA,CAAO,SAAA;AAAA,UACzB,gBAAiB,IAAA,CAAa;AAAA,SAC/B,CAAA;AACD,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,OAAO,CAAA;AACrD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,EAAM;AAAA,QACxB,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AAEd,MAAA,MAAM,eAAe,kBAAA,CAAmB,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,UAAU,eAAe,CAAA;AAChG,MAAA,OAAO,SAAS,QAAA,CAAS,CAAA,EAAG,gBAAgB,CAAA,OAAA,EAAU,YAAY,IAAI,GAAG,CAAA;AAAA,IAC3E;AAAA,EACF;AACF,CAAC;AAMM,IAAM,oBAAoB,iBAAA,CAAkB;AAAA,EACjD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,cAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,OAAA,EAAS,QAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,IAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,EAAM;AACT,QAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,UACrD,MAAA,EAAQ,GAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA;AAAmB,SAC/C,CAAA;AAAA,MACH;AAGA,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EAAG;AAC1E,QAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,QAAA,IAAI,SAAA,IAAa,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,EAAG;AAC9E,UAAA,MAAM,IAAA,CAAK,eAAe,SAAS,CAAA;AAAA,QACrC;AAAA,MACF;AAGA,MAAA,IAAI,UAAA;AACJ,MAAA,IAAI,mBAAA,CAAkC,IAAA,EAAM,cAAc,CAAA,IAAK,KAAK,YAAA,EAAc;AAEhF,QAAA,MAAM,MAAA,GAAS,gBAAgB,OAAO,CAAA;AACtC,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,CAAa,QAAQ,OAAO,CAAA;AACzD,QAAA,UAAA,GAAa,SAAA,IAAa,MAAA;AAAA,MAC5B;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAGlE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,wBAAwB,CAAA,EAAG;AACzE,QAAA,MAAM,YAAA,GAAe,KAAK,sBAAA,EAAuB;AACjD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,YAAY,CAAA,EAAG;AACvD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,UAAA,EAAY,CAAA,EAAG;AAAA,QACjE,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,OAAO,WAAA,CAAY,OAAO,mBAAmB,CAAA;AAAA,IAC/C;AAAA,EACF;AACF,CAAC;AAMM,IAAM,qBAAqB,iBAAA,CAAkB;AAAA,EAClD,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,eAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,cAAA,EAAgB,qBAAA;AAAA,EAChB,OAAA,EAAS,iBAAA;AAAA,EACT,WAAA,EAAa,4FAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAQ,GAAI,GAAA;AAC5B,IAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IACE,CAAC,IAAA,IACD,CAAC,mBAAA,CAAsC,IAAA,EAAM,gBAAgB,CAAA,IAC7D,CAAC,mBAAA,CAAsC,IAAA,EAAM,yBAAyB,CAAA,EACtE;AACA,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,kCAAkC,CAAA;AAAA,MAC5E;AAGA,MAAA,MAAM,SAAA,GAAY,IAAA,CAAK,uBAAA,CAAwB,OAAO,CAAA;AACtD,MAAA,IAAI,CAAC,SAAA,EAAW;AACd,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,cAAc,CAAA;AAAA,MACxD;AAGA,MAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,cAAA,CAAe,SAAS,CAAA;AACtD,MAAA,IAAI,CAAC,UAAA,EAAY;AACf,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,mBAAmB,CAAA;AAAA,MAC7D;AAGA,MAAA,MAAM,UAAU,IAAI,OAAA,CAAQ,EAAE,cAAA,EAAgB,oBAAoB,CAAA;AAClE,MAAA,IAAI,mBAAA,CAAsC,IAAA,EAAM,mBAAmB,CAAA,EAAG;AACpE,QAAA,MAAM,cAAA,GAAiB,IAAA,CAAK,iBAAA,CAAkB,UAAU,CAAA;AACxD,QAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,cAAc,CAAA,EAAG;AACzD,UAAA,OAAA,CAAQ,MAAA,CAAO,KAAK,KAAK,CAAA;AAAA,QAC3B;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,SAAS,IAAA,CAAK,SAAA,CAAU,EAAE,OAAA,EAAS,IAAA,EAAM,CAAA,EAAG;AAAA,QACrD,MAAA,EAAQ,GAAA;AAAA,QACR;AAAA,OACD,CAAA;AAAA,IACH,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,OAAO,WAAA,CAAY,OAAO,0BAA0B,CAAA;AAAA,IACtD;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,+CAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,UAAS,GAAI,GAAA;AAC7C,IAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,MAAA,CAAO,KAAA,EAAO,UAAU,OAAO,CAAA;AACzD,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAE1C,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6BAA6B,CAAA;AAAA,IACvE;AAAA,EACF;AACF,CAAC;AAMM,IAAM,iCAAiC,iBAAA,CAAkB;AAAA,EAC9D,MAAA,EAAQ,MAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,qBAAA;AAAA,EACd,UAAA,EAAY,2BAAA;AAAA,EACZ,OAAA,EAAS,0BAAA;AAAA,EACT,WAAA,EAAa,qDAAA;AAAA,EACb,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,MAAM,EAAE,MAAA,EAAQ,OAAA,EAAS,KAAA,EAAO,QAAA,EAAU,MAAK,GAAI,GAAA;AACnD,IAAA,MAAM,QAAA,GAAW,gBAAgB,OAAO,CAAA;AAExC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,eAAA,CAAgB,MAAA,EAAQ,QAAQ,CAAA;AAE7C,MAAA,IAAI,CAAC,IAAA,IAAQ,CAAC,mBAAA,CAA0C,IAAA,EAAM,QAAQ,CAAA,EAAG;AACvE,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6CAA6C,CAAA;AAAA,MACvF;AAEA,MAAA,MAAM,SAAS,MAAM,IAAA,CAAK,OAAO,KAAA,EAAO,QAAA,EAAU,MAAM,OAAO,CAAA;AAC/D,MAAA,MAAM,OAAO,MAAA,CAAO,IAAA;AAEpB,MAAA,MAAM,YAAA,GAAe,KAAK,SAAA,CAAU;AAAA,QAClC,IAAA,EAAM;AAAA,UACJ,IAAI,IAAA,CAAK,EAAA;AAAA,UACT,OAAO,IAAA,CAAK,KAAA;AAAA,UACZ,MAAM,IAAA,CAAK,IAAA;AAAA,UACX,WAAW,IAAA,CAAK;AAAA,SAClB;AAAA,QACA,OAAO,MAAA,CAAO;AAAA,OACf,CAAA;AAGD,MAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,QAC1B,cAAA,EAAgB;AAAA,OACjB,CAAA;AAGD,MAAA,IAAI,MAAA,CAAO,SAAS,MAAA,EAAQ;AAC1B,QAAA,KAAA,MAAW,MAAA,IAAU,OAAO,OAAA,EAAS;AACnC,UAAA,OAAA,CAAQ,MAAA,CAAO,cAAc,MAAM,CAAA;AAAA,QACrC;AAAA,MACF;AAEA,MAAA,OAAO,IAAI,QAAA,CAAS,YAAA,EAAc,EAAE,MAAA,EAAQ,GAAA,EAAK,SAAS,CAAA;AAAA,IAC5D,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,MAAMA,UAAU,GAAA,CAAY,MAAA;AAC5B,MAAAA,OAAAA,EAAQ,SAAA,IAAY,EAAG,KAAA,CAAM,eAAA,EAAiB;AAAA,QAC5C,KAAA,EAAO,KAAA,YAAiB,KAAA,GAAQ,EAAE,OAAA,EAAS,MAAM,OAAA,EAAS,KAAA,EAAO,KAAA,CAAM,KAAA,EAAM,GAAI;AAAA,OAClF,CAAA;AACD,MAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,4BAA4B,CAAA;AAAA,IACtE;AAAA,EACF;AACF,CAAC;AAMD,IAAM,yBAAA,GAA4B,EAAE,MAAA,CAAO,EAAE,QAAQ,CAAA,CAAE,MAAA,IAAU,CAAA;AACjE,IAAM,6BAAA,GAAgC,CAAA,CAAE,MAAA,CAAO,EAAE,QAAQ,CAAA,CAAE,MAAA,EAAO,EAAG,WAAA,EAAa,EAAE,KAAA,CAAM,CAAA,CAAE,MAAA,EAAQ,GAAG,CAAA;AAEhG,IAAM,6BAA6B,WAAA,CAAY;AAAA,EACpD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,iCAAA;AAAA,EACN,YAAA,EAAc,IAAA;AAAA,EACd,YAAA,EAAc,MAAA;AAAA,EACd,eAAA,EAAiB,yBAAA;AAAA,EACjB,cAAA,EAAgB,6BAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EACE,2HAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,OAAA,EAAS,OAAM,GAAA,KAAO;AACpB,IAAA,IAAI;AACF,MAAA,MAAM,EAAE,MAAA,EAAQ,cAAA,EAAgB,MAAA,EAAO,GAAI,GAAA;AAG3C,MAAA,MAAM,iBAAA,GAA8B,cAAA,EAAgB,GAAA,CAAI,2BAA2B,KAAK,EAAC;AACzF,MAAA,MAAM,OAAA,GAAU,kBAAkB,IAAA,CAAK,CAAC,MAAc,CAAA,KAAM,GAAA,IAAO,MAAM,KAAK,CAAA;AAC9E,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,yBAAyB,CAAA;AAAA,MACnE;AAEA,MAAA,MAAM,IAAA,GAAO,gBAAgB,MAAM,CAAA;AACnC,MAAA,IAAI,CAAC,MAAM,qBAAA,EAAuB;AAChC,QAAA,MAAM,IAAI,aAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,6DAA6D,CAAA;AAAA,MACvG;AAEA,MAAA,MAAM,WAAA,GAAc,MAAM,IAAA,CAAK,qBAAA,CAAsB,MAAM,CAAA;AAC3D,MAAA,OAAO,EAAE,QAAQ,WAAA,EAAY;AAAA,IAC/B,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,KAAA,YAAiB,eAAe,MAAM,KAAA;AAC1C,MAAA,OAAO,WAAA,CAAY,OAAO,gCAAgC,CAAA;AAAA,IAC5D;AAAA,EACF;AACF,CAAC;AAMM,IAAM,gCAAgC,WAAA,CAAY;AAAA,EACvD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,2BAAA;AAAA,EACN,YAAA,EAAc,IAAA;AAAA,EACd,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgB,gCAAA;AAAA,EAChB,OAAA,EAAS,gCAAA;AAAA,EACT,WAAA,EACE,qKAAA;AAAA,EACF,IAAA,EAAM,CAAC,MAAM,CAAA;AAAA,EACb,SAAS,YAAY;AACnB,IAAA,MAAM,QAAA,GAAW,MAAM,sBAAA,EAAuB;AAC9C,IAAA,OAAO,EAAE,QAAA,EAAU,MAAA,CAAO,KAAK,QAAA,IAAY,EAAE,CAAA,EAAE;AAAA,EACjD;AACF,CAAC;AAMM,IAAM,WAAA,GAAc;AAAA,EACzB,2BAAA;AAAA,EACA,sBAAA;AAAA,EACA,mBAAA;AAAA,EACA,sBAAA;AAAA,EACA,iBAAA;AAAA,EACA,kBAAA;AAAA,EACA,8BAAA;AAAA,EACA,8BAAA;AAAA,EACA,0BAAA;AAAA,EACA;AACF","file":"chunk-AI75K5XV.js","sourcesContent":["/**\n * Auth handlers for EE authentication capabilities.\n *\n * These routes enable Studio to:\n * - Detect available auth capabilities\n * - Initiate SSO login flows\n * - Handle OAuth callbacks\n * - Logout users\n */\n\nimport type {\n IUserProvider,\n ISessionProvider,\n ISSOProvider,\n ICredentialsProvider,\n SSOCallbackResult,\n} from '@mastra/core/auth';\nimport type { IRBACProvider, IFGAProvider, EEUser } from '@mastra/core/auth/ee';\nimport type { MastraAuthProvider } from '@mastra/core/server';\n\nimport { z } from 'zod/v4';\nimport { supportsSessionRefresh } from '../auth/helpers';\nimport { MASTRA_USER_PERMISSIONS_KEY, MASTRA_CLIENT_TYPE_HEADER, isStudioClientTypeHeader } from '../constants';\nimport { HTTPException } from '../http-exception';\nimport {\n capabilitiesResponseSchema,\n ssoLoginQuerySchema,\n ssoCallbackQuerySchema,\n currentUserResponseSchema,\n credentialsSignInBodySchema,\n credentialsSignUpBodySchema,\n refreshResponseSchema,\n permissionPatternsResponseSchema,\n} from '../schemas/auth';\nimport { createPublicRoute, createRoute } from '../server-adapter/routes/route-builder';\nimport { handleError } from './error';\n\ntype BuildCapabilitiesFn = (\n auth: any,\n request: Request,\n options?: { rbac?: any; fga?: any; apiPrefix?: string },\n) => Promise<any>;\nlet _buildCapabilitiesPromise: Promise<BuildCapabilitiesFn | undefined> | undefined;\nfunction loadBuildCapabilities(): Promise<BuildCapabilitiesFn | undefined> {\n if (!_buildCapabilitiesPromise) {\n _buildCapabilitiesPromise = import('@mastra/core/auth/ee')\n .then(m => m.buildCapabilities as BuildCapabilitiesFn)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _buildCapabilitiesPromise;\n}\n\nlet _permissionPatternsPromise: Promise<Record<string, unknown> | undefined> | undefined;\nfunction loadPermissionPatterns(): Promise<Record<string, unknown> | undefined> {\n if (!_permissionPatternsPromise) {\n _permissionPatternsPromise = import('@mastra/core/auth/ee')\n .then(m => m.PERMISSION_PATTERNS as Record<string, unknown>)\n .catch(() => {\n console.error(\n '[@mastra/server] EE auth features require @mastra/core >= 1.6.0. Please upgrade: npm install @mastra/core@latest',\n );\n return undefined;\n });\n }\n return _permissionPatternsPromise;\n}\n\n/**\n * Helper to get auth provider from Mastra instance.\n *\n * Dual auth is OPT-IN: if studio.auth is explicitly configured, Studio requests\n * use it exclusively. Otherwise, Studio requests fall back to server.auth for\n * backward compatibility.\n */\nfunction getAuthProvider(mastra: any, isStudio?: boolean): MastraAuthProvider | null {\n // Check if studio.auth is explicitly configured\n const studioConfig = mastra.getStudio?.();\n const hasStudioAuth = studioConfig?.auth && typeof studioConfig.auth.authenticateToken === 'function';\n\n // If this is a Studio request AND studio.auth is configured, use it exclusively\n if (isStudio && hasStudioAuth) {\n return studioConfig.auth as MastraAuthProvider;\n }\n\n // Otherwise (non-studio request, OR studio request without studio.auth configured),\n // fall back to server.auth for backward compatibility\n const serverConfig = mastra.getServer?.();\n if (!serverConfig?.auth) return null;\n\n // Auth can be either MastraAuthConfig or MastraAuthProvider\n // If it has authenticateToken method, it's a provider\n if (typeof serverConfig.auth.authenticateToken === 'function') {\n return serverConfig.auth as MastraAuthProvider;\n }\n\n return null;\n}\n\n/**\n * Check if the request is from Studio (via x-mastra-client-type header).\n */\nfunction isStudioRequest(request: Request): boolean {\n return isStudioClientTypeHeader(request.headers.get(MASTRA_CLIENT_TYPE_HEADER) ?? undefined);\n}\n\n/**\n * Get the public-facing origin from a request, respecting reverse proxy headers.\n * Behind a proxy (e.g. edge router), request.url contains the internal hostname,\n * so we rely on forwarded headers to reconstruct the real public origin.\n *\n * Assumes the server is behind a trusted proxy (or running locally). When\n * exposed directly to untrusted clients, the Host header is attacker-controlled\n * and must be validated upstream.\n *\n * Priority:\n * 1. X-Forwarded-Host (traditional reverse proxy) → always HTTPS. Knative's\n * queue-proxy overwrites X-Forwarded-Proto based on the internal HTTP\n * connection, so X-Forwarded-Proto is ignored here.\n * 2. Host header with X-Forwarded-Proto (AWS ALB, some proxies) → respect proto.\n * 3. Host header alone → use the scheme from request.url (covers both direct\n * HTTP access and proxies that preserve Host but don't set a proto header).\n * 4. No Host header → fall back to request.url.origin (local dev / direct access).\n */\nexport function getPublicOrigin(request: Request): string {\n const forwardedHost = request.headers.get('x-forwarded-host')?.split(',')[0]?.trim();\n if (forwardedHost) {\n return `https://${forwardedHost}`;\n }\n\n const host = request.headers.get('host');\n if (host) {\n const forwardedProto = request.headers.get('x-forwarded-proto')?.split(',')[0]?.trim();\n const proto = forwardedProto || new URL(request.url).protocol.replace(':', '');\n return `${proto}://${host}`;\n }\n\n return new URL(request.url).origin;\n}\n\n/**\n * Helper to get RBAC provider from Mastra config.\n * Checks studio config first when isStudio is true.\n */\nfunction getRBACProvider(mastra: any, isStudio?: boolean): IRBACProvider<EEUser> | undefined {\n if (isStudio) {\n const studioConfig = mastra.getStudio?.();\n if (studioConfig?.rbac) {\n return studioConfig.rbac as IRBACProvider<EEUser>;\n }\n }\n const serverConfig = mastra.getServer?.();\n return serverConfig?.rbac as IRBACProvider<EEUser> | undefined;\n}\n\n/**\n * Helper to get FGA provider from Mastra config.\n * Checks studio config first when isStudio is true.\n */\nfunction getFGAProvider(mastra: any, isStudio?: boolean): IFGAProvider<EEUser> | undefined {\n if (isStudio) {\n const studioConfig = mastra.getStudio?.();\n if (studioConfig?.fga) {\n return studioConfig.fga as IFGAProvider<EEUser>;\n }\n }\n const serverConfig = mastra.getServer?.();\n return serverConfig?.fga as IFGAProvider<EEUser> | undefined;\n}\n\n/**\n * Type guard to check if auth provider implements an interface.\n */\nfunction implementsInterface<T>(auth: unknown, method: keyof T): auth is T {\n return auth !== null && typeof auth === 'object' && typeof (auth as any)[method] === 'function';\n}\n\n// ============================================================================\n// GET /auth/capabilities\n// ============================================================================\n\nexport const GET_AUTH_CAPABILITIES_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/capabilities',\n responseType: 'json',\n responseSchema: capabilitiesResponseSchema,\n summary: 'Get auth capabilities',\n description:\n 'Returns authentication capabilities and current user info. Used by Studio to determine available features and user state.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request, routePrefix } = ctx as any;\n\n // Check if this is a Studio request (via x-mastra-client-type header)\n const isStudio = isStudioRequest(request);\n\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth) {\n return { enabled: false, login: null };\n }\n\n const rbac = getRBACProvider(mastra, isStudio);\n const fga = getFGAProvider(mastra, isStudio);\n\n const buildCapabilities = await loadBuildCapabilities();\n if (!buildCapabilities) {\n return { enabled: false, login: null };\n }\n const capabilities = await buildCapabilities(auth, request, { rbac, fga, apiPrefix: routePrefix });\n\n // If capabilities came back without a user, the session may have expired.\n // Attempt a transparent refresh (same logic as coreAuthMiddleware) and retry.\n if (!('user' in capabilities) && supportsSessionRefresh(auth)) {\n try {\n const sessionId = await auth.getSessionIdFromRequest(request);\n if (sessionId) {\n const refreshedSession = await auth.refreshSession(sessionId);\n if (refreshedSession) {\n const sessionHeaders = await auth.getSessionHeaders(refreshedSession);\n const cookieValue = extractCookieFromHeaders(sessionHeaders);\n if (cookieValue) {\n // Rebuild capabilities with the refreshed cookie\n const refreshedRequest = new Request(request.url, {\n method: request.method,\n headers: new Headers(request.headers),\n });\n refreshedRequest.headers.set('Cookie', cookieValue);\n const refreshedCapabilities = await buildCapabilities(auth, refreshedRequest, {\n rbac,\n apiPrefix: routePrefix,\n });\n\n // Attach refresh headers so the adapter can set the new cookie\n if ('user' in refreshedCapabilities) {\n (refreshedCapabilities as any).__refreshHeaders = sessionHeaders;\n }\n return refreshedCapabilities;\n }\n }\n }\n } catch {\n // Refresh failed — return original unauthenticated capabilities\n }\n }\n\n return capabilities;\n } catch (error) {\n return handleError(error, 'Error getting auth capabilities');\n }\n },\n});\n\n/**\n * Extract a full cookie string from session headers (e.g. Set-Cookie → Cookie).\n */\nfunction extractCookieFromHeaders(headers: Record<string, string>): string | null {\n const setCookie = headers['Set-Cookie'] || headers['set-cookie'];\n if (!setCookie) return null;\n // Set-Cookie value is \"name=value; Path=/; ...\" — extract \"name=value\"\n const match = setCookie.match(/^([^;]+)/);\n return match ? (match[1] ?? null) : null;\n}\n\n// ============================================================================\n// GET /auth/me\n// ============================================================================\n\nexport const GET_CURRENT_USER_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/me',\n responseType: 'json',\n responseSchema: currentUserResponseSchema,\n summary: 'Get current user',\n description: 'Returns the currently authenticated user, or null if not authenticated.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, request } = ctx as any;\n const isStudio = isStudioRequest(request);\n const auth = getAuthProvider(mastra, isStudio);\n const rbac = getRBACProvider(mastra, isStudio);\n\n if (!auth || !implementsInterface<IUserProvider>(auth, 'getCurrentUser')) {\n return null;\n }\n\n const user = await auth.getCurrentUser(request);\n if (!user) return null;\n\n // Get roles/permissions from RBAC provider if available\n let roles: string[] | undefined;\n let permissions: string[] | undefined;\n\n if (rbac) {\n try {\n roles = await rbac.getRoles(user);\n permissions = await rbac.getPermissions(user);\n } catch {\n // RBAC not available or failed\n }\n }\n\n return {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n roles,\n permissions,\n };\n } catch (error) {\n return handleError(error, 'Error getting current user');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/login\n// ============================================================================\n\nexport const GET_SSO_LOGIN_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/login',\n responseType: 'datastream-response',\n queryParamSchema: ssoLoginQuerySchema,\n summary: 'Initiate SSO login',\n description: 'Returns the SSO login URL and sets PKCE cookies if needed.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, redirect_uri, request, routePrefix } = ctx as any;\n const isStudio = isStudioRequest(request);\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'getLoginUrl')) {\n throw new HTTPException(404, { message: 'SSO not configured' });\n }\n\n // Build OAuth callback URI using the configured route prefix\n const origin = getPublicOrigin(request);\n const raw = ((routePrefix as string) || '/api').trim();\n const withSlash = raw.startsWith('/') ? raw : `/${raw}`;\n const prefix = withSlash.endsWith('/') ? withSlash.slice(0, -1) : withSlash;\n const oauthCallbackUri = `${origin}${prefix}/auth/sso/callback`;\n\n // Encode the post-login redirect in state (where user goes after auth completes)\n // State format: uuid|postLoginRedirect\n // Validate redirect_uri to prevent open-redirect attacks: allow relative paths,\n // same-origin URLs, and localhost URLs (for dev setups where Studio runs on a\n // different port).\n let postLoginRedirect = '/';\n if (redirect_uri) {\n if (!redirect_uri.startsWith('http')) {\n // Relative path — always safe\n postLoginRedirect = redirect_uri;\n } else {\n try {\n const redirectUrl = new URL(redirect_uri);\n const requestOrigin = new URL(origin);\n const isHttps = redirectUrl.protocol === 'http:' || redirectUrl.protocol === 'https:';\n const isSameOrigin = redirectUrl.origin === requestOrigin.origin;\n const isLocalhost =\n redirectUrl.hostname === 'localhost' ||\n redirectUrl.hostname === '127.0.0.1' ||\n redirectUrl.hostname === '[::1]';\n if (isHttps && (isSameOrigin || isLocalhost)) {\n postLoginRedirect = redirect_uri;\n }\n } catch {\n // Malformed URL — fall back to /\n }\n }\n }\n const stateId = crypto.randomUUID();\n const state = `${stateId}|${encodeURIComponent(postLoginRedirect)}`;\n\n const loginUrl = await Promise.resolve(auth.getLoginUrl(oauthCallbackUri, state));\n\n // Build response with optional PKCE cookies\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Check for PKCE cookies (e.g., MastraCloudAuthProvider)\n if (implementsInterface<ISSOProvider>(auth, 'getLoginCookies') && auth.getLoginCookies) {\n const cookies = auth.getLoginCookies(oauthCallbackUri, state);\n if (cookies?.length) {\n // PKCE cookies set for SSO state management\n for (const cookie of cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n }\n\n return new Response(JSON.stringify({ url: loginUrl }), { status: 200, headers });\n } catch (error) {\n return handleError(error, 'Error initiating SSO login');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/sso/callback\n// ============================================================================\n\nexport const GET_SSO_CALLBACK_ROUTE = createPublicRoute({\n method: 'GET',\n path: '/auth/sso/callback',\n responseType: 'datastream-response',\n queryParamSchema: ssoCallbackQuerySchema,\n summary: 'Handle SSO callback',\n description: 'Handles the OAuth callback, exchanges code for session, and redirects to the app.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, code, state, request } = ctx as any;\n const _isStudio = isStudioRequest(request); // Kept for potential future use; currently we prefer studio auth for SSO\n\n // Build base URL for redirects (Response.redirect requires absolute URL)\n const baseUrl = getPublicOrigin(request);\n\n // Extract post-login redirect from state (format: uuid|encodedRedirect)\n let redirectTo = '/';\n let stateId = state || '';\n if (state && state.includes('|')) {\n const [id, encodedRedirect] = state.split('|', 2);\n stateId = id;\n try {\n redirectTo = decodeURIComponent(encodedRedirect);\n } catch {\n redirectTo = '/';\n }\n }\n\n // Build absolute redirect URL.\n // The redirect_uri was validated at the login endpoint (same-origin or localhost\n // only), so the state should only contain safe URLs. We still apply defense-in-depth\n // checks here: allow http(s) same-origin or localhost, reject everything else.\n let absoluteRedirect: string;\n if (redirectTo.startsWith('http')) {\n try {\n const parsed = new URL(redirectTo);\n const baseOrigin = new URL(baseUrl);\n const isHttps = parsed.protocol === 'http:' || parsed.protocol === 'https:';\n const isSameOrigin = parsed.origin === baseOrigin.origin;\n const isLocalhost =\n parsed.hostname === 'localhost' || parsed.hostname === '127.0.0.1' || parsed.hostname === '[::1]';\n absoluteRedirect = isHttps && (isSameOrigin || isLocalhost) ? redirectTo : `${baseUrl}/`;\n } catch {\n absoluteRedirect = `${baseUrl}/`;\n }\n } else {\n absoluteRedirect = `${baseUrl}${redirectTo}`;\n }\n\n try {\n // For SSO callback, the redirect from the identity provider won't include\n // the x-mastra-client-type header. Prefer studio auth for SSO (it's the\n // typical SSO use case), fall back to server auth only if studio doesn't exist.\n let auth = getAuthProvider(mastra, true); // Try studio first\n\n // If studio doesn't have SSO, fall back to server\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n auth = getAuthProvider(mastra, false);\n }\n\n if (!auth || !implementsInterface<ISSOProvider>(auth, 'handleCallback')) {\n return Response.redirect(`${absoluteRedirect}?error=sso_not_configured`, 302);\n }\n\n // Pass cookie header to provider for PKCE validation (if supported)\n const reqCookieHeader = request.headers.get('cookie');\n if (typeof (auth as any).setCallbackCookieHeader === 'function') {\n (auth as any).setCallbackCookieHeader(reqCookieHeader);\n }\n\n const result = (await auth.handleCallback(code, stateId)) as SSOCallbackResult<EEUser>;\n const user = result.user as EEUser;\n\n // Build response headers (session cookies, etc.)\n const headers = new Headers();\n headers.set('Location', absoluteRedirect);\n\n // Set session cookies from the SSO result\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n } else if (implementsInterface<ISessionProvider>(auth, 'createSession') && result.tokens) {\n // Fallback: Create session manually for providers without cookie support\n const session = await auth.createSession(user.id, {\n accessToken: result.tokens.accessToken,\n refreshToken: result.tokens.refreshToken,\n expiresAt: result.tokens.expiresAt,\n organizationId: (user as any).organizationId,\n });\n const sessionHeaders = auth.getSessionHeaders(session);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(null, {\n status: 302,\n headers,\n });\n } catch (error) {\n // Redirect with error (use absolute URL)\n const errorMessage = encodeURIComponent(error instanceof Error ? error.message : 'Unknown error');\n return Response.redirect(`${absoluteRedirect}?error=${errorMessage}`, 302);\n }\n },\n});\n\n// ============================================================================\n// POST /auth/logout\n// ============================================================================\n\nexport const POST_LOGOUT_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/logout',\n responseType: 'datastream-response',\n summary: 'Logout',\n description: 'Destroys the current session and returns logout redirect URL if available.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n const isStudio = isStudioRequest(request);\n\n try {\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth) {\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers: { 'Content-Type': 'application/json' },\n });\n }\n\n // Get session ID and destroy it\n if (implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')) {\n const sessionId = auth.getSessionIdFromRequest(request);\n if (sessionId && implementsInterface<ISessionProvider>(auth, 'destroySession')) {\n await auth.destroySession(sessionId);\n }\n }\n\n // Get logout URL if available\n let redirectTo: string | undefined;\n if (implementsInterface<ISSOProvider>(auth, 'getLogoutUrl') && auth.getLogoutUrl) {\n // Use public origin (respects X-Forwarded-Host behind reverse proxy)\n const origin = getPublicOrigin(request);\n const logoutUrl = await auth.getLogoutUrl(origin, request);\n redirectTo = logoutUrl ?? undefined;\n }\n\n // Build response with session clearing headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n\n // Clear session cookie\n if (implementsInterface<ISessionProvider>(auth, 'getClearSessionHeaders')) {\n const clearHeaders = auth.getClearSessionHeaders();\n for (const [key, value] of Object.entries(clearHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true, redirectTo }), {\n status: 200,\n headers,\n });\n } catch (error) {\n return handleError(error, 'Error logging out');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/refresh\n// ============================================================================\n\nexport const POST_REFRESH_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/refresh',\n responseType: 'datastream-response',\n responseSchema: refreshResponseSchema,\n summary: 'Refresh session',\n description: 'Refreshes the current session, extending its expiry. Sets a new session cookie on success.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request } = ctx as any;\n const isStudio = isStudioRequest(request);\n\n try {\n const auth = getAuthProvider(mastra, isStudio);\n\n if (\n !auth ||\n !implementsInterface<ISessionProvider>(auth, 'refreshSession') ||\n !implementsInterface<ISessionProvider>(auth, 'getSessionIdFromRequest')\n ) {\n throw new HTTPException(404, { message: 'Session refresh not configured' });\n }\n\n // Get session ID from request\n const sessionId = auth.getSessionIdFromRequest(request);\n if (!sessionId) {\n throw new HTTPException(401, { message: 'No session' });\n }\n\n // Refresh the session\n const newSession = await auth.refreshSession(sessionId);\n if (!newSession) {\n throw new HTTPException(401, { message: 'Session expired' });\n }\n\n // Build response with new session headers\n const headers = new Headers({ 'Content-Type': 'application/json' });\n if (implementsInterface<ISessionProvider>(auth, 'getSessionHeaders')) {\n const sessionHeaders = auth.getSessionHeaders(newSession);\n for (const [key, value] of Object.entries(sessionHeaders)) {\n headers.append(key, value);\n }\n }\n\n return new Response(JSON.stringify({ success: true }), {\n status: 200,\n headers,\n });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error refreshing session');\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-in\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_IN_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-in',\n responseType: 'datastream-response',\n bodySchema: credentialsSignInBodySchema,\n summary: 'Sign in with credentials',\n description: 'Authenticates a user with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password } = ctx as any;\n const isStudio = isStudioRequest(request);\n\n try {\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signIn')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signIn(email, password, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n // Return a generic error for auth failures to avoid leaking info\n throw new HTTPException(401, { message: 'Invalid email or password' });\n }\n },\n});\n\n// ============================================================================\n// POST /auth/credentials/sign-up\n// ============================================================================\n\nexport const POST_CREDENTIALS_SIGN_UP_ROUTE = createPublicRoute({\n method: 'POST',\n path: '/auth/credentials/sign-up',\n responseType: 'datastream-response',\n bodySchema: credentialsSignUpBodySchema,\n summary: 'Sign up with credentials',\n description: 'Creates a new user account with email and password.',\n tags: ['Auth'],\n handler: async ctx => {\n const { mastra, request, email, password, name } = ctx as any;\n const isStudio = isStudioRequest(request);\n\n try {\n const auth = getAuthProvider(mastra, isStudio);\n\n if (!auth || !implementsInterface<ICredentialsProvider>(auth, 'signUp')) {\n throw new HTTPException(404, { message: 'Credentials authentication not configured' });\n }\n\n const result = await auth.signUp(email, password, name, request);\n const user = result.user as EEUser;\n\n const responseBody = JSON.stringify({\n user: {\n id: user.id,\n email: user.email,\n name: user.name,\n avatarUrl: user.avatarUrl,\n },\n token: result.token,\n });\n\n // Build response headers, including cookies from the auth provider\n const headers = new Headers({\n 'Content-Type': 'application/json',\n });\n\n // Forward session cookies from the auth provider\n if (result.cookies?.length) {\n for (const cookie of result.cookies) {\n headers.append('Set-Cookie', cookie);\n }\n }\n\n return new Response(responseBody, { status: 200, headers });\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n const mastra = (ctx as any).mastra;\n mastra?.getLogger?.()?.error('Sign-up error', {\n error: error instanceof Error ? { message: error.message, stack: error.stack } : error,\n });\n throw new HTTPException(400, { message: 'Failed to create account' });\n }\n },\n});\n\n// ============================================================================\n// GET /auth/roles/:roleId/permissions\n// ============================================================================\n\nconst rolePermissionsPathSchema = z.object({ roleId: z.string() });\nconst rolePermissionsResponseSchema = z.object({ roleId: z.string(), permissions: z.array(z.string()) });\n\nexport const GET_ROLE_PERMISSIONS_ROUTE = createRoute({\n method: 'GET',\n path: '/auth/roles/:roleId/permissions',\n requiresAuth: true,\n responseType: 'json',\n pathParamSchema: rolePermissionsPathSchema,\n responseSchema: rolePermissionsResponseSchema,\n summary: 'Get permissions for a role',\n description:\n 'Returns the resolved permissions for a specific role. Only accessible by admin users. Used by the \"View as role\" feature.',\n tags: ['Auth'],\n handler: async ctx => {\n try {\n const { mastra, requestContext, roleId } = ctx as any;\n\n // Check that the caller is an admin\n const callerPermissions: string[] = requestContext?.get(MASTRA_USER_PERMISSIONS_KEY) ?? [];\n const isAdmin = callerPermissions.some((p: string) => p === '*' || p === '*:*');\n if (!isAdmin) {\n throw new HTTPException(403, { message: 'Admin access required' });\n }\n\n const rbac = getRBACProvider(mastra);\n if (!rbac?.getPermissionsForRole) {\n throw new HTTPException(404, { message: 'RBAC provider does not support role permission resolution' });\n }\n\n const permissions = await rbac.getPermissionsForRole(roleId);\n return { roleId, permissions };\n } catch (error) {\n if (error instanceof HTTPException) throw error;\n return handleError(error, 'Error getting role permissions');\n }\n },\n});\n\n// ============================================================================\n// GET /auth/permission-patterns\n// ============================================================================\n\nexport const GET_PERMISSION_PATTERNS_ROUTE = createRoute({\n method: 'GET',\n path: '/auth/permission-patterns',\n requiresAuth: true,\n responseType: 'json',\n responseSchema: permissionPatternsResponseSchema,\n summary: 'List valid permission patterns',\n description:\n 'Returns the authoritative list of valid permission-pattern strings. Used by Studio to validate the route→permission literals it ships and to gate the sidebar.',\n tags: ['Auth'],\n handler: async () => {\n const patterns = await loadPermissionPatterns();\n return { patterns: Object.keys(patterns ?? {}) };\n },\n});\n\n// ============================================================================\n// Export all auth routes\n// ============================================================================\n\nexport const AUTH_ROUTES = [\n GET_AUTH_CAPABILITIES_ROUTE,\n GET_CURRENT_USER_ROUTE,\n GET_SSO_LOGIN_ROUTE,\n GET_SSO_CALLBACK_ROUTE,\n POST_LOGOUT_ROUTE,\n POST_REFRESH_ROUTE,\n POST_CREDENTIALS_SIGN_IN_ROUTE,\n POST_CREDENTIALS_SIGN_UP_ROUTE,\n GET_ROLE_PERMISSIONS_ROUTE,\n GET_PERMISSION_PATTERNS_ROUTE,\n] as const;\n"]}
@@ -1,7 +1,7 @@
1
1
  'use strict';
2
2
 
3
3
  var chunkV23ANIEC_cjs = require('./chunk-V23ANIEC.cjs');
4
- var chunk7DKSWNOM_cjs = require('./chunk-7DKSWNOM.cjs');
4
+ var chunkH7YXAKEQ_cjs = require('./chunk-H7YXAKEQ.cjs');
5
5
  var chunkZ7LCIYK7_cjs = require('./chunk-Z7LCIYK7.cjs');
6
6
  var chunkG54X6VE6_cjs = require('./chunk-G54X6VE6.cjs');
7
7
  var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
@@ -139,7 +139,7 @@ var GET_EDITOR_BUILDER_AVAILABLE_MODELS_ROUTE = chunkG54X6VE6_cjs.createRoute({
139
139
  requiresPermission: "stored-agents:read",
140
140
  handler: async ({ mastra }) => {
141
141
  try {
142
- const providers = (await chunk7DKSWNOM_cjs.buildProvidersList(mastra)).filter((provider) => provider.connected);
142
+ const providers = (await chunkH7YXAKEQ_cjs.buildProvidersList(mastra)).filter((provider) => provider.connected);
143
143
  const policy = await resolveBuilderModelPolicy(mastra.getEditor());
144
144
  if (!policy.active || !policy.allowed || policy.allowed.length === 0) {
145
145
  return { providers };
@@ -276,5 +276,5 @@ exports.GET_EDITOR_BUILDER_SETTINGS_ROUTE = GET_EDITOR_BUILDER_SETTINGS_ROUTE;
276
276
  exports.GET_INFRASTRUCTURE_STATUS_ROUTE = GET_INFRASTRUCTURE_STATUS_ROUTE;
277
277
  exports.isBuilderFeatureEnabled = isBuilderFeatureEnabled;
278
278
  exports.requireBuilderFeature = requireBuilderFeature;
279
- //# sourceMappingURL=chunk-S2HKHYJ3.cjs.map
280
- //# sourceMappingURL=chunk-S2HKHYJ3.cjs.map
279
+ //# sourceMappingURL=chunk-C3QMOBYA.cjs.map
280
+ //# sourceMappingURL=chunk-C3QMOBYA.cjs.map
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/server/utils/resolve-builder-model-policy.ts","../src/server/handlers/editor-builder.ts"],"names":["agentFeaturesSchema","HTTPException","createRoute","builderSettingsResponseSchema","handleError","builderAvailableModelsResponseSchema","buildProvidersList","infrastructureStatusResponseSchema"],"mappings":";;;;;;;;;AAsBA,eAAsB,0BAA0B,MAAA,EAAgE;AAC9G,EAAA,IAAI,CAAC,MAAA,EAAQ,OAAO,EAAE,QAAQ,KAAA,EAAM;AACpC,EAAA,IAAI,OAAO,MAAA,CAAO,cAAA,KAAmB,YAAY,OAAO,EAAE,QAAQ,KAAA,EAAM;AACxE,EAAA,IAAI,OAAO,MAAA,CAAO,uBAAA,KAA4B,cAAc,CAAC,MAAA,CAAO,yBAAwB,EAAG;AAC7F,IAAA,OAAO,EAAE,QAAQ,KAAA,EAAM;AAAA,EACzB;AAKA,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,IAAA,MAAM,EAAE,oBAAA,EAAqB,GAAI,MAAM,OAAO,+BAA+B,CAAA;AAC7E,IAAA,OAAO,qBAAqB,OAAO,CAAA;AAAA,EACrC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,QAAQ,KAAA,EAAM;AAAA,EACzB;AACF;;;ACpBA,eAAe,uBAAuB,MAAA,EAA+C;AACnF,EAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,CAAO,cAAA,KAAmB,YAAY,OAAO,IAAA;AACnE,EAAA,IAAI,CAAC,MAAA,CAAO,uBAAA,IAA0B,EAAG,OAAO,IAAA;AAChD,EAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,EAAA,IAAI,CAAC,OAAA,IAAW,CAAC,OAAA,CAAQ,SAAS,OAAO,IAAA;AACzC,EAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,WAAA,IAAc,EAAG,KAAA;AAC1C,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,MAAM,MAAA,GAASA,qCAAA,CAAoB,SAAA,CAAU,QAAQ,CAAA;AACrD,EAAA,OAAO,MAAA,CAAO,OAAA,GAAU,MAAA,CAAO,IAAA,GAAO,IAAA;AACxC;AAOA,eAAsB,uBAAA,CAAwB,QAAgB,OAAA,EAAgD;AAC5G,EAAA,MAAM,QAAA,GAAW,MAAM,sBAAA,CAAuB,MAAM,CAAA;AACpD,EAAA,OAAO,QAAA,GAAW,OAAO,CAAA,KAAM,IAAA;AACjC;AAOA,eAAsB,qBAAA,CAAsB,QAAgB,OAAA,EAA6C;AACvG,EAAA,IAAI,CAAE,MAAM,uBAAA,CAAwB,MAAA,EAAQ,OAAO,CAAA,EAAI;AACrD,IAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,aAAa,CAAA;AAAA,EACvD;AACF;AAQO,IAAM,oCAAoCC,6BAAA,CAAY;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,0BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,+CAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,QAAQ,CAAA;AAAA,EACf,YAAA,EAAc,IAAA;AAAA,EACd,kBAAA,EAAoB,oBAAA;AAAA,EACpB,OAAA,EAAS,OAAO,EAAE,MAAA,EAAO,KAAM;AAC7B,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAGhC,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAa,EAAE,MAAA,EAAQ,OAAM,EAAE;AAAA,MAC1D;AAGA,MAAA,IAAI,OAAO,MAAA,CAAO,cAAA,KAAmB,UAAA,EAAY;AAC/C,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAa,EAAE,MAAA,EAAQ,OAAM,EAAE;AAAA,MAC1D;AAGA,MAAA,IAAI,CAAC,MAAA,CAAO,uBAAA,IAA0B,EAAG;AACvC,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAa,EAAE,MAAA,EAAQ,OAAM,EAAE;AAAA,MAC1D;AAGA,MAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,MAAA,IAAI,CAAC,OAAA,IAAW,CAAC,OAAA,CAAQ,OAAA,EAAS;AAChC,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAa,EAAE,MAAA,EAAQ,OAAM,EAAE;AAAA,MAC1D;AAEA,MAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,sBAAA,IAAyB,IAAK,EAAC;AAC5D,MAAA,MAAM,aAAA,GAAgB,QAAQ,gBAAA,EAAiB;AAY/C,MAAA,MAAM,cAAA,GAAiB,CAAC,QAAA,KACtB,MAAA,CAAO,OAAA,CAAQ,QAAQ,CAAA,CAAE,GAAA,CAAI,CAAC,CAAC,GAAA,EAAK,MAAM,CAAA,MAAO;AAAA,QAC/C,EAAA,EAAK,OAA2B,EAAA,IAAM,GAAA;AAAA,QACtC;AAAA,OACF,CAAE,CAAA;AAEJ,MAAA,MAAM,cAAc,cAAA,CAAe,MAAA,CAAO,SAAA,EAAU,IAAK,EAAE,CAAA;AAC3D,MAAA,MAAM,eAAe,cAAA,CAAe,MAAA,CAAO,UAAA,EAAW,IAAK,EAAE,CAAA;AAC7D,MAAA,MAAM,kBAAkB,cAAA,CAAe,MAAA,CAAO,aAAA,EAAc,IAAK,EAAE,CAAA;AAInE,MAAA,MAAM,aAAA,GAAgB,CAAC,OAAA,EAAsB,IAAA,KAAuB;AAClE,QAAA,MAAM,GAAA,uBAAU,GAAA,EAAoB;AACpC,QAAA,KAAA,MAAW,KAAK,OAAA,EAAS;AACvB,UAAA,GAAA,CAAI,GAAA,CAAI,EAAE,EAAA,EAAI,IAAA,KAAS,OAAO,CAAA,CAAE,EAAA,GAAK,EAAE,GAAG,CAAA;AAC1C,UAAA,GAAA,CAAI,GAAA,CAAI,EAAE,GAAA,EAAK,IAAA,KAAS,OAAO,CAAA,CAAE,EAAA,GAAK,EAAE,GAAG,CAAA;AAAA,QAC7C;AACA,QAAA,OAAO,GAAA;AAAA,MACT,CAAA;AACA,MAAA,MAAM,UAAA,GAAa,aAAA,CAAc,WAAA,EAAa,KAAK,CAAA;AACnD,MAAA,MAAM,WAAA,GAAc,aAAA,CAAc,YAAA,EAAc,IAAI,CAAA;AACpD,MAAA,MAAM,cAAA,GAAiB,aAAA,CAAc,eAAA,EAAiB,KAAK,CAAA;AAM3D,MAAA,MAAM,EAAE,oBAAA,EAAsB,uBAAA,EAAwB,GAAI,MAAM,OAAO,+BAA+B,CAAA;AAEtG,MAAA,MAAM,SAAS,uBAAA,CAAwB;AAAA,QACrC,QAAQ,aAAA,EAAe,KAAA;AAAA,QACvB,iBAAA,EAAmB,YAAY,OAAA,CAAQ,CAAA,CAAA,KAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA,CAAE,GAAG,CAAC,CAAA;AAAA,QACzD,kBAAA,EAAoB,aAAa,OAAA,CAAQ,CAAA,CAAA,KAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA,CAAE,GAAG,CAAC,CAAA;AAAA,QAC3D,qBAAA,EAAuB,gBAAgB,OAAA,CAAQ,CAAA,CAAA,KAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA,CAAE,GAAG,CAAC;AAAA,OAClE,CAAA;AAED,MAAA,MAAM,SAAA,GAAY,CAAC,OAAA,EAA0B,GAAA,KAA8C;AACzF,QAAA,IAAI,OAAA,KAAY,MAAM,OAAO,IAAA;AAC7B,QAAA,MAAM,MAAgB,EAAC;AACvB,QAAA,MAAM,IAAA,uBAAW,GAAA,EAAY;AAC7B,QAAA,KAAA,MAAW,MAAM,OAAA,EAAS;AACxB,UAAA,MAAM,MAAA,GAAS,GAAA,CAAI,GAAA,CAAI,EAAE,CAAA;AACzB,UAAA,IAAI,MAAA,IAAU,CAAC,IAAA,CAAK,GAAA,CAAI,MAAM,CAAA,EAAG;AAC/B,YAAA,IAAA,CAAK,IAAI,MAAM,CAAA;AACf,YAAA,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,UACjB;AAAA,QACF;AACA,QAAA,OAAO,GAAA;AAAA,MACT,CAAA;AAEA,MAAA,MAAM,sBAAsB,CAAC,GAAG,YAAA,EAAc,GAAG,OAAO,QAAQ,CAAA;AAEhE,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,QAAA,EAAU,QAAQ,WAAA,EAAY;AAAA,QAC9B,aAAA;AAAA,QACA,WAAA,EAAa,qBAAqB,OAAO,CAAA;AAAA,QACzC,MAAA,EAAQ;AAAA,UACN,YAAA,EAAc,SAAA,CAAU,MAAA,CAAO,YAAA,EAAc,UAAU,CAAA;AAAA,UACvD,aAAA,EAAe,SAAA,CAAU,MAAA,CAAO,aAAA,EAAe,WAAW,CAAA;AAAA,UAC1D,gBAAA,EAAkB,SAAA,CAAU,MAAA,CAAO,gBAAA,EAAkB,cAAc;AAAA,SACrE;AAAA,QACA,GAAI,mBAAA,CAAoB,MAAA,GAAS,IAAI,EAAE,mBAAA,KAAwB;AAAC,OAClE;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,gCAAgC,CAAA;AAAA,IAC5D;AAAA,EACF;AACF,CAAC;AAkBM,IAAM,4CAA4CF,6BAAA,CAAY;AAAA,EACnE,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,kCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBG,sDAAA;AAAA,EAChB,OAAA,EAAS,kCAAA;AAAA,EACT,WAAA,EAAa,gFAAA;AAAA,EACb,IAAA,EAAM,CAAC,QAAQ,CAAA;AAAA,EACf,YAAA,EAAc,IAAA;AAAA,EACd,kBAAA,EAAoB,oBAAA;AAAA,EACpB,OAAA,EAAS,OAAO,EAAE,MAAA,EAAO,KAAM;AAC7B,IAAA,IAAI;AAKF,MAAA,MAAM,SAAA,GAAA,CAAa,MAAMC,oCAAA,CAAmB,MAAM,GAAG,MAAA,CAAO,CAAA,QAAA,KAAY,SAAS,SAAS,CAAA;AAC1F,MAAA,MAAM,MAAA,GAAS,MAAM,yBAAA,CAA0B,MAAA,CAAO,WAAW,CAAA;AAGjE,MAAA,IAAI,CAAC,OAAO,MAAA,IAAU,CAAC,OAAO,OAAA,IAAW,MAAA,CAAO,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG;AACpE,QAAA,OAAO,EAAE,SAAA,EAAU;AAAA,MACrB;AAIA,MAAA,MAAM,EAAE,cAAA,EAAe,GAAI,MAAM,OAAO,+BAA+B,CAAA;AAEvE,MAAA,MAAM,QAAA,GAAW,SAAA,CACd,GAAA,CAAI,CAAA,QAAA,MAAa;AAAA,QAChB,GAAG,QAAA;AAAA,QACH,MAAA,EAAQ,QAAA,CAAS,MAAA,CAAO,MAAA,CAAO,aAAW,cAAA,CAAe,MAAA,CAAO,OAAA,EAAS,EAAE,QAAA,EAAU,QAAA,CAAS,EAAA,EAAI,OAAA,EAAS,CAAC;AAAA,QAC5G,CAAA,CACD,MAAA,CAAO,cAAY,QAAA,CAAS,MAAA,CAAO,SAAS,CAAC,CAAA;AAEhD,MAAA,OAAO,EAAE,WAAW,QAAA,EAAS;AAAA,IAC/B,SAAS,KAAA,EAAO;AACd,MAAA,OAAOF,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AASM,IAAM,kCAAkCF,6BAAA,CAAY;AAAA,EACzD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBK,oDAAA;AAAA,EAChB,OAAA,EAAS,2BAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,QAAQ,CAAA;AAAA,EACf,YAAA,EAAc,IAAA;AAAA,EACd,kBAAA,EAAoB,qBAAA;AAAA,EACpB,OAAA,EAAS,OAAO,EAAE,MAAA,EAAO,KAAM;AAC7B,IAAA,IAAI;AACF,MAAA,MAAM,iBAAA,GAAoB,CAAC,KAAA,KAA2B;AACpD,QAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,KAAA,KAAU,MAAA,EAAW,OAAO,SAAA;AAClD,QAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,OAAO,KAAA,KAAU,QAAA,IAAY,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,MAAA,CAAO,KAAK,CAAA;AAC7G,QAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG,OAAO,CAAA,EAAG,KAAA,CAAM,MAAM,CAAA,KAAA,EAAQ,KAAA,CAAM,MAAA,KAAW,CAAA,GAAI,KAAK,GAAG,CAAA,CAAA;AACrF,QAAA,OAAO,KAAA,CAAM,aAAa,IAAA,IAAQ,KAAA,CAAM,YAAY,IAAA,KAAS,QAAA,GAAW,KAAA,CAAM,WAAA,CAAY,IAAA,GAAO,YAAA;AAAA,MACnG,CAAA;AAEA,MAAA,MAAM,eAAA,GAAkB,CAAC,KAAA,KAAkC;AACzD,QAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,QAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,cAAc,KAAA,IAAS,OAAO,MAAM,QAAA,KAAa,QAAA;AAChF,UAAA,OAAO,KAAA,CAAM,QAAA;AACf,QAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,aAAA,IAAiB,KAAA,EAAO;AACvD,UAAA,MAAM,IAAA,GAAQ,MAA8C,WAAA,EAAa,IAAA;AACzE,UAAA,OAAO,IAAA,IAAQ,IAAA,KAAS,QAAA,GAAW,IAAA,GAAO,YAAA;AAAA,QAC5C;AACA,QAAA,OAAO,IAAA;AAAA,MACT,CAAA;AAEA,MAAA,MAAM,mBAAmB,CAAC,MAAA,EAAiC,WAAA,GAAwB,OACjF,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,CAClB,OAAO,CAAC,CAAC,KAAK,KAAK,CAAA,KAAM,CAAC,WAAA,CAAY,QAAA,CAAS,GAAG,CAAA,IAAK,UAAU,MAAA,IAAa,KAAA,KAAU,IAAI,CAAA,CAC5F,IAAI,CAAC,CAAC,GAAA,EAAK,KAAK,OAAO,EAAE,GAAA,EAAK,OAAO,iBAAA,CAAkB,KAAK,GAAE,CAAE,CAAA;AAErE,MAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,mBAAA,EAAoB,IAAK,EAAC;AAC1D,MAAA,MAAM,QAAA,GAA6C;AAAA,QACjD,SAAA,EAAW,MAAA,CAAO,OAAA,CAAQ,gBAAgB,CAAA,CACvC,IAAI,CAAC,CAAC,EAAA,EAAI,QAAQ,CAAA,KAAM;AACvB,UAAA,MAAM,IAAA,GAAO,SAAS,OAAA,IAAU;AAChC,UAAA,MAAM,MAAA,GAAS,QAAA,CAAS,SAAA,IAAY,IAAK,EAAC;AAC1C,UAAA,OAAO;AAAA,YACL,EAAA,EAAI,MAAM,EAAA,IAAM,EAAA;AAAA,YAChB,IAAA,EAAM,MAAM,IAAA,IAAQ,EAAA;AAAA,YACpB,YAAA,EAAc,MAAM,YAAA,IAAgB,KAAA;AAAA,YACpC,YAAY,MAAA,CAAO;AAAA,WACrB;AAAA,QACF,CAAC,CAAA,CACA,MAAA,CAAO,CAAA,QAAA,KAAY,SAAS,YAAY;AAAA,OAC7C;AAEA,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,MAAA,IAAI,OAAA,GAA2C;AAAA,QAC7C,IAAA,EAAM,IAAA;AAAA,QACN,QAAA,EAAU,IAAA;AAAA,QACV,GAAA,EAAK,IAAA;AAAA,QACL,UAAA,EAAY,KAAA;AAAA,QACZ,oBAAoB,EAAC;AAAA,QACrB,QAAQ;AAAC,OACX;AACA,MAAA,IAAI,SAAA,GAA+C;AAAA,QACjD,IAAA,EAAM,IAAA;AAAA,QACN,WAAA,EAAa,IAAA;AAAA,QACb,IAAA,EAAM,IAAA;AAAA,QACN,MAAA,EAAQ,IAAA;AAAA,QACR,UAAA,EAAY,KAAA;AAAA,QACZ,aAAA,EAAe,KAAA;AAAA,QACf,UAAA,EAAY,KAAA;AAAA,QACZ,kBAAA,EAAoB,IAAA;AAAA,QACpB,eAAA,EAAiB,IAAA;AAAA,QACjB,QAAQ;AAAC,OACX;AACA,MAAA,IAAI,UAAA,GAAiD;AAAA,QACnD,QAAA,EAAU,EAAE,OAAA,EAAS,KAAA;AAAM,OAC7B;AAEA,MAAA,IAAI,QAAQ,cAAA,EAAgB;AAC1B,QAAA,MAAM,WAAY,MAAA,CAA4D,UAAA;AAC9E,QAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,QAAA,MAAM,iBAAA,GAAoB,SAAS,aAAA,IAAgB;AACnD,QAAA,UAAA,GAAa;AAAA,UACX,UAAU,EAAE,OAAA,EAAS,iBAAA,EAAmB,QAAA,EAAU,YAAY,IAAA;AAAK,SACrE;AACA,QAAA,MAAM,aAAA,GAAgB,OAAA,EAAS,gBAAA,IAAmB,EAAG,KAAA;AAWrD,QAAA,MAAM,aAAa,aAAA,EAAe,OAAA;AAClC,QAAA,MAAM,aAAA,GAAgB,UAAA,EAAY,MAAA,IAAU,EAAC;AAC7C,QAAA,MAAM,UAAA,GAAa,cAAc,QAAA,IAAY,IAAA;AAC7C,QAAA,OAAA,GAAU;AAAA,UACR,IAAA,EAAM,YAAY,IAAA,IAAQ,IAAA;AAAA,UAC1B,QAAA,EAAU,UAAA;AAAA,UACV,GAAA,EAAK,cAAc,GAAA,IAAO,IAAA;AAAA,UAC1B,YAAY,UAAA,GAAa,CAAC,CAAC,QAAA,EAAU,GAAA,CAAI,UAAU,CAAA,GAAI,KAAA;AAAA,UACvD,kBAAA,EAAoB,WAAW,KAAA,CAAM,IAAA,CAAK,SAAS,IAAA,EAAM,IAAI,EAAC;AAAA,UAC9D,QAAQ,gBAAA,CAAiB,aAAA,EAAe,CAAC,UAAA,EAAY,KAAK,CAAC;AAAA,SAC7D;AAEA,QAAA,MAAM,eAAe,aAAA,EAAe,SAAA;AACpC,QAAA,MAAM,eAAA,GAAkB,YAAA,EAAc,MAAA,IAAU,EAAC;AACjD,QAAA,MAAM,oBAAA,GAAuB,OAAO,cAAA,EAAe;AACnD,QAAA,MAAM,sBAAsB,YAAA,EAAc,WAAA,GACtC,oBAAA,CAAqB,YAAA,CAAa,WAAW,CAAA,GAC7C,MAAA;AACJ,QAAA,MAAM,UAAA,GAAa,mBAAA,EAAqB,SAAA,CAAU,UAAA,IAAc,eAAA,CAAgB,UAAA;AAChF,QAAA,MAAM,OAAA,GAAU,mBAAA,EAAqB,SAAA,CAAU,OAAA,IAAW,eAAA,CAAgB,OAAA;AAC1E,QAAA,MAAM,gBAAA,GACJ,OAAO,eAAA,CAAgB,UAAA,KAAe,QAAA,IACtC,eAAA,CAAgB,UAAA,IAChB,QAAA,IAAY,eAAA,CAAgB,UAAA,GACvB,eAAA,CAAgB,UAAA,CAAW,SAC5B,EAAC;AACP,QAAA,MAAM,aAAA,GACJ,OAAO,eAAA,CAAgB,OAAA,KAAY,QAAA,IAAY,eAAA,CAAgB,OAAA,IAAW,QAAA,IAAY,eAAA,CAAgB,OAAA,GACjG,eAAA,CAAgB,OAAA,CAAQ,SACzB,EAAC;AACP,QAAA,SAAA,GAAY;AAAA,UACV,IAAA,EAAM,cAAc,IAAA,IAAQ,IAAA;AAAA,UAC5B,WAAA,EAAa,cAAc,WAAA,IAAe,IAAA;AAAA,UAC1C,IAAA,EAAM,eAAA,CAAgB,IAAA,IAAQ,mBAAA,EAAqB,UAAU,IAAA,IAAQ,IAAA;AAAA,UACrE,MAAA,EAAQ,qBAAqB,MAAA,IAAU,IAAA;AAAA,UACvC,UAAA,EAAY,CAAC,CAAC,mBAAA;AAAA,UACd,aAAA,EAAe,CAAC,CAAC,UAAA;AAAA,UACjB,UAAA,EAAY,CAAC,CAAC,OAAA;AAAA,UACd,kBAAA,EAAoB,gBAAgB,UAAU,CAAA;AAAA,UAC9C,eAAA,EAAiB,gBAAgB,OAAO,CAAA;AAAA,UACxC,MAAA,EAAQ;AAAA,YACN,GAAG,gBAAA,CAAiB,gBAAgB,CAAA,CAAE,IAAI,CAAA,KAAA,MAAU,EAAE,GAAG,KAAA,EAAO,GAAA,EAAK,CAAA,WAAA,EAAc,KAAA,CAAM,GAAG,IAAG,CAAE,CAAA;AAAA,YACjG,GAAG,gBAAA,CAAiB,aAAa,CAAA,CAAE,IAAI,CAAA,KAAA,MAAU,EAAE,GAAG,KAAA,EAAO,GAAA,EAAK,CAAA,QAAA,EAAW,KAAA,CAAM,GAAG,IAAG,CAAE;AAAA;AAC7F,SACF;AAAA,MACF;AAEA,MAAA,OAAO,EAAE,QAAA,EAAU,OAAA,EAAS,SAAA,EAAW,UAAA,EAAW;AAAA,IACpD,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,qCAAqC,CAAA;AAAA,IACjE;AAAA,EACF;AACF,CAAC","file":"chunk-S2HKHYJ3.cjs","sourcesContent":["import type { BuilderModelPolicy } from '@mastra/core/agent-builder/ee';\nimport type { IMastraEditor } from '@mastra/core/editor';\n\n/**\n * Server-side wrapper around `builderToModelPolicy`.\n *\n * Handles the optional `IMastraEditor` builder API surface (older / OSS editors\n * may not implement `hasEnabledBuilderConfig` / `resolveBuilder`) and returns\n * a uniform `BuilderModelPolicy` to every call site.\n *\n * Returns `{ active: false }` whenever:\n * - no editor is configured,\n * - the editor doesn't expose builder methods,\n * - the builder config is disabled, or\n * - resolving the builder fails / yields nothing.\n *\n * The `@mastra/core/agent-builder/ee` subpath is loaded lazily so this module\n * remains importable on `@mastra/core` versions that pre-date the subpath\n * (the subpath was added in core 1.34.0). The dynamic import is only reached\n * once an editor is actually configured, by which point a compatible core is\n * guaranteed.\n */\nexport async function resolveBuilderModelPolicy(editor: IMastraEditor | undefined): Promise<BuilderModelPolicy> {\n if (!editor) return { active: false };\n if (typeof editor.resolveBuilder !== 'function') return { active: false };\n if (typeof editor.hasEnabledBuilderConfig === 'function' && !editor.hasEnabledBuilderConfig()) {\n return { active: false };\n }\n\n // Degrade to inactive on builder-resolution failure rather than letting the\n // rejection escape: agent execution routes seed this on every request, so a\n // transient failure must not 500 the entire route.\n try {\n const builder = await editor.resolveBuilder();\n const { builderToModelPolicy } = await import('@mastra/core/agent-builder/ee');\n return builderToModelPolicy(builder);\n } catch {\n return { active: false };\n }\n}\n","import type { Mastra } from '@mastra/core';\n\nimport { HTTPException } from '../http-exception';\nimport {\n agentFeaturesSchema,\n builderAvailableModelsResponseSchema,\n builderSettingsResponseSchema,\n infrastructureStatusResponseSchema,\n} from '../schemas/editor-builder';\nimport type { AgentFeatures, InfrastructureStatus } from '../schemas/editor-builder';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { resolveBuilderModelPolicy } from '../utils/resolve-builder-model-policy';\nimport { buildProvidersList } from './agents';\nimport { handleError } from './error';\n\n/**\n * Resolve the active builder feature flags. Returns `null` when the editor is\n * absent, the builder is disabled, or no features are configured.\n */\nasync function resolveBuilderFeatures(mastra: Mastra): Promise<AgentFeatures | null> {\n const editor = mastra.getEditor();\n if (!editor || typeof editor.resolveBuilder !== 'function') return null;\n if (!editor.hasEnabledBuilderConfig?.()) return null;\n const builder = await editor.resolveBuilder();\n if (!builder || !builder.enabled) return null;\n const features = builder.getFeatures?.()?.agent;\n if (!features) return null;\n // Validate the shape so unknown keys cannot smuggle through.\n const parsed = agentFeaturesSchema.safeParse(features);\n return parsed.success ? parsed.data : null;\n}\n\n/**\n * Returns whether a given agent-builder feature is enabled. Used by list /\n * get-by-id handlers to soft-gate response enrichment (omit fields, ignore\n * favoritedOnly / pinFavoritedFor params) when the feature is off.\n */\nexport async function isBuilderFeatureEnabled(mastra: Mastra, feature: keyof AgentFeatures): Promise<boolean> {\n const features = await resolveBuilderFeatures(mastra);\n return features?.[feature] === true;\n}\n\n/**\n * Hard-gate helper for mutation routes that must not exist when the feature\n * is off. Throws `HTTPException(404)` so we don't leak the existence of the\n * feature surface (matches behavior of unregistered routes).\n */\nexport async function requireBuilderFeature(mastra: Mastra, feature: keyof AgentFeatures): Promise<void> {\n if (!(await isBuilderFeatureEnabled(mastra, feature))) {\n throw new HTTPException(404, { message: 'Not Found' });\n }\n}\n\n/**\n * GET /editor/builder/settings\n *\n * Returns the agent builder settings configured by the admin.\n * Used by frontend to determine which features to display.\n */\nexport const GET_EDITOR_BUILDER_SETTINGS_ROUTE = createRoute({\n method: 'GET',\n path: '/editor/builder/settings',\n responseType: 'json',\n responseSchema: builderSettingsResponseSchema,\n summary: 'Get agent builder settings',\n description: 'Returns the agent builder feature flags and configuration for UI gating',\n tags: ['Editor'],\n requiresAuth: true,\n requiresPermission: 'stored-agents:read',\n handler: async ({ mastra }) => {\n try {\n const editor = mastra.getEditor();\n\n // No editor configured\n if (!editor) {\n return { enabled: false, modelPolicy: { active: false } };\n }\n\n // Editor doesn't support builder (older version or OSS)\n if (typeof editor.resolveBuilder !== 'function') {\n return { enabled: false, modelPolicy: { active: false } };\n }\n\n // Check if builder is enabled in config\n if (!editor.hasEnabledBuilderConfig?.()) {\n return { enabled: false, modelPolicy: { active: false } };\n }\n\n // Resolve the builder instance\n const builder = await editor.resolveBuilder();\n if (!builder || !builder.enabled) {\n return { enabled: false, modelPolicy: { active: false } };\n }\n\n const baseWarnings = builder.getModelPolicyWarnings?.() ?? [];\n const configuration = builder.getConfiguration();\n\n // Picker allowlists are written against entity `.id` (what users see in\n // the UI, URLs, traces). The client filters list responses by their\n // response keys, which are not always `.id`:\n // - GET /agents keys by `agent.id`\n // - GET /tools keys by registration key (values include `id`)\n // - GET /workflows keys by registration key (values omit `id`)\n // To keep the client filter simple, we accept `.id` (fallback to\n // registration key) for matching, but emit visible IDs as response keys\n // so `Object.keys(data)` lines up.\n type AliasPair = { id: string; key: string };\n const collectAliases = (registry: Record<string, unknown>): AliasPair[] =>\n Object.entries(registry).map(([key, entity]) => ({\n id: (entity as { id?: string }).id || key,\n key,\n }));\n\n const toolAliases = collectAliases(mastra.listTools() ?? {});\n const agentAliases = collectAliases(mastra.listAgents() ?? {});\n const workflowAliases = collectAliases(mastra.listWorkflows() ?? {});\n\n // Tools/workflows responses are keyed by registration key. Agents\n // response is keyed by `.id`.\n const toResponseKey = (aliases: AliasPair[], byId: 'id' | 'key') => {\n const map = new Map<string, string>();\n for (const a of aliases) {\n map.set(a.id, byId === 'id' ? a.id : a.key);\n map.set(a.key, byId === 'id' ? a.id : a.key);\n }\n return map;\n };\n const toolKeyMap = toResponseKey(toolAliases, 'key');\n const agentKeyMap = toResponseKey(agentAliases, 'id');\n const workflowKeyMap = toResponseKey(workflowAliases, 'key');\n\n // Lazy-load the EE subpath so this module remains importable on\n // `@mastra/core` versions that pre-date it (added in core 1.34.0).\n // We only reach here after `builder.enabled` is true, which guarantees\n // a compatible core.\n const { builderToModelPolicy, resolvePickerVisibility } = await import('@mastra/core/agent-builder/ee');\n\n const picker = resolvePickerVisibility({\n config: configuration?.agent,\n registeredToolIds: toolAliases.flatMap(a => [a.id, a.key]),\n registeredAgentIds: agentAliases.flatMap(a => [a.id, a.key]),\n registeredWorkflowIds: workflowAliases.flatMap(a => [a.id, a.key]),\n });\n\n const normalize = (visible: string[] | null, map: Map<string, string>): string[] | null => {\n if (visible === null) return null;\n const out: string[] = [];\n const seen = new Set<string>();\n for (const id of visible) {\n const mapped = map.get(id);\n if (mapped && !seen.has(mapped)) {\n seen.add(mapped);\n out.push(mapped);\n }\n }\n return out;\n };\n\n const modelPolicyWarnings = [...baseWarnings, ...picker.warnings];\n\n return {\n enabled: true,\n features: builder.getFeatures(),\n configuration,\n modelPolicy: builderToModelPolicy(builder),\n picker: {\n visibleTools: normalize(picker.visibleTools, toolKeyMap),\n visibleAgents: normalize(picker.visibleAgents, agentKeyMap),\n visibleWorkflows: normalize(picker.visibleWorkflows, workflowKeyMap),\n },\n ...(modelPolicyWarnings.length > 0 ? { modelPolicyWarnings } : {}),\n };\n } catch (error) {\n return handleError(error, 'Error getting builder settings');\n }\n },\n});\n\n/**\n * GET /editor/builder/models/available\n *\n * Returns the configured AI providers/models the agent builder may use. The\n * server is the single authority: it scopes the list to providers with a\n * configured API key (`connected`) and applies the active builder model\n * policy via `isModelAllowed`, so the Studio surfaces can render the response\n * verbatim without importing any EE matcher into the browser.\n *\n * - Providers without a configured API key are always omitted — the builder\n * decides the agent's model from this list, so an unconnected provider would\n * produce an agent that can never run.\n * - Policy inactive (or no allowlist) ⇒ all connected providers are returned.\n * - Policy active with an allowlist ⇒ each connected provider's models are\n * filtered, and providers left with no allowed models are omitted entirely.\n */\nexport const GET_EDITOR_BUILDER_AVAILABLE_MODELS_ROUTE = createRoute({\n method: 'GET',\n path: '/editor/builder/models/available',\n responseType: 'json',\n responseSchema: builderAvailableModelsResponseSchema,\n summary: 'List builder-available AI models',\n description: 'Returns AI providers/models filtered by the active agent-builder model policy.',\n tags: ['Editor'],\n requiresAuth: true,\n requiresPermission: 'stored-agents:read',\n handler: async ({ mastra }) => {\n try {\n // Only surface providers whose API key is configured (`connected`). The\n // agent builder decides the agent's model from this list, so including\n // providers without a key lets it pick a model that can never run. We\n // scope to connected providers so every choice is actually usable.\n const providers = (await buildProvidersList(mastra)).filter(provider => provider.connected);\n const policy = await resolveBuilderModelPolicy(mastra.getEditor());\n\n // Inactive policy (or no allowlist) ⇒ no allowlist filtering to apply.\n if (!policy.active || !policy.allowed || policy.allowed.length === 0) {\n return { providers };\n }\n\n // Lazy-load the EE matcher (server-only); mirrors the convention used by\n // resolve-builder-model-policy and the settings handler.\n const { isModelAllowed } = await import('@mastra/core/agent-builder/ee');\n\n const filtered = providers\n .map(provider => ({\n ...provider,\n models: provider.models.filter(modelId => isModelAllowed(policy.allowed, { provider: provider.id, modelId })),\n }))\n .filter(provider => provider.models.length > 0);\n\n return { providers: filtered };\n } catch (error) {\n return handleError(error, 'Error fetching available models');\n }\n },\n});\n\n/**\n * GET /editor/builder/infrastructure\n *\n * Returns the runtime status of Mastra-opinionated primitives (channels,\n * browser providers, workspaces). Admin-only; surfaced in Studio Settings so\n * admins can sanity-check what's wired up to the running server.\n */\nexport const GET_INFRASTRUCTURE_STATUS_ROUTE = createRoute({\n method: 'GET',\n path: '/editor/builder/infrastructure',\n responseType: 'json',\n responseSchema: infrastructureStatusResponseSchema,\n summary: 'Get infrastructure status',\n description: 'Agent Builder infrastructure configuration and lightweight runtime status.',\n tags: ['Editor'],\n requiresAuth: true,\n requiresPermission: 'infrastructure:read',\n handler: async ({ mastra }) => {\n try {\n const formatConfigValue = (value: unknown): string => {\n if (value === null || value === undefined) return 'not set';\n if (typeof value === 'string' || typeof value === 'number' || typeof value === 'boolean') return String(value);\n if (Array.isArray(value)) return `${value.length} item${value.length === 1 ? '' : 's'}`;\n return value.constructor?.name && value.constructor.name !== 'Object' ? value.constructor.name : 'configured';\n };\n\n const getProviderName = (value: unknown): string | null => {\n if (!value) return null;\n if (typeof value === 'object' && 'provider' in value && typeof value.provider === 'string')\n return value.provider;\n if (typeof value === 'object' && 'constructor' in value) {\n const name = (value as { constructor?: { name?: string } }).constructor?.name;\n return name && name !== 'Object' ? name : 'configured';\n }\n return null;\n };\n\n const getConfigEntries = (config: Record<string, unknown>, omittedKeys: string[] = []) =>\n Object.entries(config)\n .filter(([key, value]) => !omittedKeys.includes(key) && value !== undefined && value !== null)\n .map(([key, value]) => ({ key, value: formatConfigValue(value) }));\n\n const channelProviders = mastra.getChannelProviders() ?? {};\n const channels: InfrastructureStatus['channels'] = {\n providers: Object.entries(channelProviders)\n .map(([id, provider]) => {\n const info = provider.getInfo?.();\n const routes = provider.getRoutes?.() ?? [];\n return {\n id: info?.id ?? id,\n name: info?.name ?? id,\n isConfigured: info?.isConfigured ?? false,\n routeCount: routes.length,\n };\n })\n .filter(provider => provider.isConfigured),\n };\n\n const editor = mastra.getEditor();\n let browser: InfrastructureStatus['browser'] = {\n type: null,\n provider: null,\n env: null,\n registered: false,\n availableProviders: [],\n config: [],\n };\n let workspace: InfrastructureStatus['workspace'] = {\n type: null,\n workspaceId: null,\n name: null,\n source: null,\n registered: false,\n hasFilesystem: false,\n hasSandbox: false,\n filesystemProvider: null,\n sandboxProvider: null,\n config: [],\n };\n let registries: InfrastructureStatus['registries'] = {\n skillsSh: { enabled: false },\n };\n\n if (editor?.resolveBuilder) {\n const browsers = (editor as unknown as { __browsers?: Map<string, unknown> }).__browsers;\n const builder = await editor.resolveBuilder();\n const builderRegistries = builder?.getRegistries?.();\n registries = {\n skillsSh: { enabled: builderRegistries?.skillsSh?.enabled === true },\n };\n const configuration = builder?.getConfiguration?.()?.agent as\n | {\n browser?: { type?: string; config?: { provider?: string; env?: string } };\n workspace?: {\n type?: string;\n workspaceId?: string;\n config?: { name?: string; filesystem?: unknown; sandbox?: unknown };\n };\n }\n | undefined;\n\n const browserRef = configuration?.browser;\n const browserConfig = browserRef?.config ?? {};\n const providerId = browserConfig.provider ?? null;\n browser = {\n type: browserRef?.type ?? null,\n provider: providerId,\n env: browserConfig.env ?? null,\n registered: providerId ? !!browsers?.has(providerId) : false,\n availableProviders: browsers ? Array.from(browsers.keys()) : [],\n config: getConfigEntries(browserConfig, ['provider', 'env']),\n };\n\n const workspaceRef = configuration?.workspace;\n const workspaceConfig = workspaceRef?.config ?? {};\n const registeredWorkspaces = mastra.listWorkspaces();\n const registeredWorkspace = workspaceRef?.workspaceId\n ? registeredWorkspaces[workspaceRef.workspaceId]\n : undefined;\n const filesystem = registeredWorkspace?.workspace.filesystem ?? workspaceConfig.filesystem;\n const sandbox = registeredWorkspace?.workspace.sandbox ?? workspaceConfig.sandbox;\n const filesystemConfig =\n typeof workspaceConfig.filesystem === 'object' &&\n workspaceConfig.filesystem &&\n 'config' in workspaceConfig.filesystem\n ? (workspaceConfig.filesystem.config as Record<string, unknown>)\n : {};\n const sandboxConfig =\n typeof workspaceConfig.sandbox === 'object' && workspaceConfig.sandbox && 'config' in workspaceConfig.sandbox\n ? (workspaceConfig.sandbox.config as Record<string, unknown>)\n : {};\n workspace = {\n type: workspaceRef?.type ?? null,\n workspaceId: workspaceRef?.workspaceId ?? null,\n name: workspaceConfig.name ?? registeredWorkspace?.workspace.name ?? null,\n source: registeredWorkspace?.source ?? null,\n registered: !!registeredWorkspace,\n hasFilesystem: !!filesystem,\n hasSandbox: !!sandbox,\n filesystemProvider: getProviderName(filesystem),\n sandboxProvider: getProviderName(sandbox),\n config: [\n ...getConfigEntries(filesystemConfig).map(entry => ({ ...entry, key: `filesystem.${entry.key}` })),\n ...getConfigEntries(sandboxConfig).map(entry => ({ ...entry, key: `sandbox.${entry.key}` })),\n ],\n };\n }\n\n return { channels, browser, workspace, registries };\n } catch (error) {\n return handleError(error, 'Error getting infrastructure status');\n }\n },\n});\n"]}
1
+ {"version":3,"sources":["../src/server/utils/resolve-builder-model-policy.ts","../src/server/handlers/editor-builder.ts"],"names":["agentFeaturesSchema","HTTPException","createRoute","builderSettingsResponseSchema","handleError","builderAvailableModelsResponseSchema","buildProvidersList","infrastructureStatusResponseSchema"],"mappings":";;;;;;;;;AAsBA,eAAsB,0BAA0B,MAAA,EAAgE;AAC9G,EAAA,IAAI,CAAC,MAAA,EAAQ,OAAO,EAAE,QAAQ,KAAA,EAAM;AACpC,EAAA,IAAI,OAAO,MAAA,CAAO,cAAA,KAAmB,YAAY,OAAO,EAAE,QAAQ,KAAA,EAAM;AACxE,EAAA,IAAI,OAAO,MAAA,CAAO,uBAAA,KAA4B,cAAc,CAAC,MAAA,CAAO,yBAAwB,EAAG;AAC7F,IAAA,OAAO,EAAE,QAAQ,KAAA,EAAM;AAAA,EACzB;AAKA,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,IAAA,MAAM,EAAE,oBAAA,EAAqB,GAAI,MAAM,OAAO,+BAA+B,CAAA;AAC7E,IAAA,OAAO,qBAAqB,OAAO,CAAA;AAAA,EACrC,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,EAAE,QAAQ,KAAA,EAAM;AAAA,EACzB;AACF;;;ACpBA,eAAe,uBAAuB,MAAA,EAA+C;AACnF,EAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,EAAA,IAAI,CAAC,MAAA,IAAU,OAAO,MAAA,CAAO,cAAA,KAAmB,YAAY,OAAO,IAAA;AACnE,EAAA,IAAI,CAAC,MAAA,CAAO,uBAAA,IAA0B,EAAG,OAAO,IAAA;AAChD,EAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,EAAA,IAAI,CAAC,OAAA,IAAW,CAAC,OAAA,CAAQ,SAAS,OAAO,IAAA;AACzC,EAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,WAAA,IAAc,EAAG,KAAA;AAC1C,EAAA,IAAI,CAAC,UAAU,OAAO,IAAA;AAEtB,EAAA,MAAM,MAAA,GAASA,qCAAA,CAAoB,SAAA,CAAU,QAAQ,CAAA;AACrD,EAAA,OAAO,MAAA,CAAO,OAAA,GAAU,MAAA,CAAO,IAAA,GAAO,IAAA;AACxC;AAOA,eAAsB,uBAAA,CAAwB,QAAgB,OAAA,EAAgD;AAC5G,EAAA,MAAM,QAAA,GAAW,MAAM,sBAAA,CAAuB,MAAM,CAAA;AACpD,EAAA,OAAO,QAAA,GAAW,OAAO,CAAA,KAAM,IAAA;AACjC;AAOA,eAAsB,qBAAA,CAAsB,QAAgB,OAAA,EAA6C;AACvG,EAAA,IAAI,CAAE,MAAM,uBAAA,CAAwB,MAAA,EAAQ,OAAO,CAAA,EAAI;AACrD,IAAA,MAAM,IAAIC,+BAAA,CAAc,GAAA,EAAK,EAAE,OAAA,EAAS,aAAa,CAAA;AAAA,EACvD;AACF;AAQO,IAAM,oCAAoCC,6BAAA,CAAY;AAAA,EAC3D,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,0BAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBC,+CAAA;AAAA,EAChB,OAAA,EAAS,4BAAA;AAAA,EACT,WAAA,EAAa,yEAAA;AAAA,EACb,IAAA,EAAM,CAAC,QAAQ,CAAA;AAAA,EACf,YAAA,EAAc,IAAA;AAAA,EACd,kBAAA,EAAoB,oBAAA;AAAA,EACpB,OAAA,EAAS,OAAO,EAAE,MAAA,EAAO,KAAM;AAC7B,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAGhC,MAAA,IAAI,CAAC,MAAA,EAAQ;AACX,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAa,EAAE,MAAA,EAAQ,OAAM,EAAE;AAAA,MAC1D;AAGA,MAAA,IAAI,OAAO,MAAA,CAAO,cAAA,KAAmB,UAAA,EAAY;AAC/C,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAa,EAAE,MAAA,EAAQ,OAAM,EAAE;AAAA,MAC1D;AAGA,MAAA,IAAI,CAAC,MAAA,CAAO,uBAAA,IAA0B,EAAG;AACvC,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAa,EAAE,MAAA,EAAQ,OAAM,EAAE;AAAA,MAC1D;AAGA,MAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,MAAA,IAAI,CAAC,OAAA,IAAW,CAAC,OAAA,CAAQ,OAAA,EAAS;AAChC,QAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,aAAa,EAAE,MAAA,EAAQ,OAAM,EAAE;AAAA,MAC1D;AAEA,MAAA,MAAM,YAAA,GAAe,OAAA,CAAQ,sBAAA,IAAyB,IAAK,EAAC;AAC5D,MAAA,MAAM,aAAA,GAAgB,QAAQ,gBAAA,EAAiB;AAY/C,MAAA,MAAM,cAAA,GAAiB,CAAC,QAAA,KACtB,MAAA,CAAO,OAAA,CAAQ,QAAQ,CAAA,CAAE,GAAA,CAAI,CAAC,CAAC,GAAA,EAAK,MAAM,CAAA,MAAO;AAAA,QAC/C,EAAA,EAAK,OAA2B,EAAA,IAAM,GAAA;AAAA,QACtC;AAAA,OACF,CAAE,CAAA;AAEJ,MAAA,MAAM,cAAc,cAAA,CAAe,MAAA,CAAO,SAAA,EAAU,IAAK,EAAE,CAAA;AAC3D,MAAA,MAAM,eAAe,cAAA,CAAe,MAAA,CAAO,UAAA,EAAW,IAAK,EAAE,CAAA;AAC7D,MAAA,MAAM,kBAAkB,cAAA,CAAe,MAAA,CAAO,aAAA,EAAc,IAAK,EAAE,CAAA;AAInE,MAAA,MAAM,aAAA,GAAgB,CAAC,OAAA,EAAsB,IAAA,KAAuB;AAClE,QAAA,MAAM,GAAA,uBAAU,GAAA,EAAoB;AACpC,QAAA,KAAA,MAAW,KAAK,OAAA,EAAS;AACvB,UAAA,GAAA,CAAI,GAAA,CAAI,EAAE,EAAA,EAAI,IAAA,KAAS,OAAO,CAAA,CAAE,EAAA,GAAK,EAAE,GAAG,CAAA;AAC1C,UAAA,GAAA,CAAI,GAAA,CAAI,EAAE,GAAA,EAAK,IAAA,KAAS,OAAO,CAAA,CAAE,EAAA,GAAK,EAAE,GAAG,CAAA;AAAA,QAC7C;AACA,QAAA,OAAO,GAAA;AAAA,MACT,CAAA;AACA,MAAA,MAAM,UAAA,GAAa,aAAA,CAAc,WAAA,EAAa,KAAK,CAAA;AACnD,MAAA,MAAM,WAAA,GAAc,aAAA,CAAc,YAAA,EAAc,IAAI,CAAA;AACpD,MAAA,MAAM,cAAA,GAAiB,aAAA,CAAc,eAAA,EAAiB,KAAK,CAAA;AAM3D,MAAA,MAAM,EAAE,oBAAA,EAAsB,uBAAA,EAAwB,GAAI,MAAM,OAAO,+BAA+B,CAAA;AAEtG,MAAA,MAAM,SAAS,uBAAA,CAAwB;AAAA,QACrC,QAAQ,aAAA,EAAe,KAAA;AAAA,QACvB,iBAAA,EAAmB,YAAY,OAAA,CAAQ,CAAA,CAAA,KAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA,CAAE,GAAG,CAAC,CAAA;AAAA,QACzD,kBAAA,EAAoB,aAAa,OAAA,CAAQ,CAAA,CAAA,KAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA,CAAE,GAAG,CAAC,CAAA;AAAA,QAC3D,qBAAA,EAAuB,gBAAgB,OAAA,CAAQ,CAAA,CAAA,KAAK,CAAC,CAAA,CAAE,EAAA,EAAI,CAAA,CAAE,GAAG,CAAC;AAAA,OAClE,CAAA;AAED,MAAA,MAAM,SAAA,GAAY,CAAC,OAAA,EAA0B,GAAA,KAA8C;AACzF,QAAA,IAAI,OAAA,KAAY,MAAM,OAAO,IAAA;AAC7B,QAAA,MAAM,MAAgB,EAAC;AACvB,QAAA,MAAM,IAAA,uBAAW,GAAA,EAAY;AAC7B,QAAA,KAAA,MAAW,MAAM,OAAA,EAAS;AACxB,UAAA,MAAM,MAAA,GAAS,GAAA,CAAI,GAAA,CAAI,EAAE,CAAA;AACzB,UAAA,IAAI,MAAA,IAAU,CAAC,IAAA,CAAK,GAAA,CAAI,MAAM,CAAA,EAAG;AAC/B,YAAA,IAAA,CAAK,IAAI,MAAM,CAAA;AACf,YAAA,GAAA,CAAI,KAAK,MAAM,CAAA;AAAA,UACjB;AAAA,QACF;AACA,QAAA,OAAO,GAAA;AAAA,MACT,CAAA;AAEA,MAAA,MAAM,sBAAsB,CAAC,GAAG,YAAA,EAAc,GAAG,OAAO,QAAQ,CAAA;AAEhE,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,IAAA;AAAA,QACT,QAAA,EAAU,QAAQ,WAAA,EAAY;AAAA,QAC9B,aAAA;AAAA,QACA,WAAA,EAAa,qBAAqB,OAAO,CAAA;AAAA,QACzC,MAAA,EAAQ;AAAA,UACN,YAAA,EAAc,SAAA,CAAU,MAAA,CAAO,YAAA,EAAc,UAAU,CAAA;AAAA,UACvD,aAAA,EAAe,SAAA,CAAU,MAAA,CAAO,aAAA,EAAe,WAAW,CAAA;AAAA,UAC1D,gBAAA,EAAkB,SAAA,CAAU,MAAA,CAAO,gBAAA,EAAkB,cAAc;AAAA,SACrE;AAAA,QACA,GAAI,mBAAA,CAAoB,MAAA,GAAS,IAAI,EAAE,mBAAA,KAAwB;AAAC,OAClE;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAOC,6BAAA,CAAY,OAAO,gCAAgC,CAAA;AAAA,IAC5D;AAAA,EACF;AACF,CAAC;AAkBM,IAAM,4CAA4CF,6BAAA,CAAY;AAAA,EACnE,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,kCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBG,sDAAA;AAAA,EAChB,OAAA,EAAS,kCAAA;AAAA,EACT,WAAA,EAAa,gFAAA;AAAA,EACb,IAAA,EAAM,CAAC,QAAQ,CAAA;AAAA,EACf,YAAA,EAAc,IAAA;AAAA,EACd,kBAAA,EAAoB,oBAAA;AAAA,EACpB,OAAA,EAAS,OAAO,EAAE,MAAA,EAAO,KAAM;AAC7B,IAAA,IAAI;AAKF,MAAA,MAAM,SAAA,GAAA,CAAa,MAAMC,oCAAA,CAAmB,MAAM,GAAG,MAAA,CAAO,CAAA,QAAA,KAAY,SAAS,SAAS,CAAA;AAC1F,MAAA,MAAM,MAAA,GAAS,MAAM,yBAAA,CAA0B,MAAA,CAAO,WAAW,CAAA;AAGjE,MAAA,IAAI,CAAC,OAAO,MAAA,IAAU,CAAC,OAAO,OAAA,IAAW,MAAA,CAAO,OAAA,CAAQ,MAAA,KAAW,CAAA,EAAG;AACpE,QAAA,OAAO,EAAE,SAAA,EAAU;AAAA,MACrB;AAIA,MAAA,MAAM,EAAE,cAAA,EAAe,GAAI,MAAM,OAAO,+BAA+B,CAAA;AAEvE,MAAA,MAAM,QAAA,GAAW,SAAA,CACd,GAAA,CAAI,CAAA,QAAA,MAAa;AAAA,QAChB,GAAG,QAAA;AAAA,QACH,MAAA,EAAQ,QAAA,CAAS,MAAA,CAAO,MAAA,CAAO,aAAW,cAAA,CAAe,MAAA,CAAO,OAAA,EAAS,EAAE,QAAA,EAAU,QAAA,CAAS,EAAA,EAAI,OAAA,EAAS,CAAC;AAAA,QAC5G,CAAA,CACD,MAAA,CAAO,cAAY,QAAA,CAAS,MAAA,CAAO,SAAS,CAAC,CAAA;AAEhD,MAAA,OAAO,EAAE,WAAW,QAAA,EAAS;AAAA,IAC/B,SAAS,KAAA,EAAO;AACd,MAAA,OAAOF,6BAAA,CAAY,OAAO,iCAAiC,CAAA;AAAA,IAC7D;AAAA,EACF;AACF,CAAC;AASM,IAAM,kCAAkCF,6BAAA,CAAY;AAAA,EACzD,MAAA,EAAQ,KAAA;AAAA,EACR,IAAA,EAAM,gCAAA;AAAA,EACN,YAAA,EAAc,MAAA;AAAA,EACd,cAAA,EAAgBK,oDAAA;AAAA,EAChB,OAAA,EAAS,2BAAA;AAAA,EACT,WAAA,EAAa,4EAAA;AAAA,EACb,IAAA,EAAM,CAAC,QAAQ,CAAA;AAAA,EACf,YAAA,EAAc,IAAA;AAAA,EACd,kBAAA,EAAoB,qBAAA;AAAA,EACpB,OAAA,EAAS,OAAO,EAAE,MAAA,EAAO,KAAM;AAC7B,IAAA,IAAI;AACF,MAAA,MAAM,iBAAA,GAAoB,CAAC,KAAA,KAA2B;AACpD,QAAA,IAAI,KAAA,KAAU,IAAA,IAAQ,KAAA,KAAU,MAAA,EAAW,OAAO,SAAA;AAClD,QAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,OAAO,KAAA,KAAU,QAAA,IAAY,OAAO,KAAA,KAAU,SAAA,EAAW,OAAO,MAAA,CAAO,KAAK,CAAA;AAC7G,QAAA,IAAI,KAAA,CAAM,OAAA,CAAQ,KAAK,CAAA,EAAG,OAAO,CAAA,EAAG,KAAA,CAAM,MAAM,CAAA,KAAA,EAAQ,KAAA,CAAM,MAAA,KAAW,CAAA,GAAI,KAAK,GAAG,CAAA,CAAA;AACrF,QAAA,OAAO,KAAA,CAAM,aAAa,IAAA,IAAQ,KAAA,CAAM,YAAY,IAAA,KAAS,QAAA,GAAW,KAAA,CAAM,WAAA,CAAY,IAAA,GAAO,YAAA;AAAA,MACnG,CAAA;AAEA,MAAA,MAAM,eAAA,GAAkB,CAAC,KAAA,KAAkC;AACzD,QAAA,IAAI,CAAC,OAAO,OAAO,IAAA;AACnB,QAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,cAAc,KAAA,IAAS,OAAO,MAAM,QAAA,KAAa,QAAA;AAChF,UAAA,OAAO,KAAA,CAAM,QAAA;AACf,QAAA,IAAI,OAAO,KAAA,KAAU,QAAA,IAAY,aAAA,IAAiB,KAAA,EAAO;AACvD,UAAA,MAAM,IAAA,GAAQ,MAA8C,WAAA,EAAa,IAAA;AACzE,UAAA,OAAO,IAAA,IAAQ,IAAA,KAAS,QAAA,GAAW,IAAA,GAAO,YAAA;AAAA,QAC5C;AACA,QAAA,OAAO,IAAA;AAAA,MACT,CAAA;AAEA,MAAA,MAAM,mBAAmB,CAAC,MAAA,EAAiC,WAAA,GAAwB,OACjF,MAAA,CAAO,OAAA,CAAQ,MAAM,CAAA,CAClB,OAAO,CAAC,CAAC,KAAK,KAAK,CAAA,KAAM,CAAC,WAAA,CAAY,QAAA,CAAS,GAAG,CAAA,IAAK,UAAU,MAAA,IAAa,KAAA,KAAU,IAAI,CAAA,CAC5F,IAAI,CAAC,CAAC,GAAA,EAAK,KAAK,OAAO,EAAE,GAAA,EAAK,OAAO,iBAAA,CAAkB,KAAK,GAAE,CAAE,CAAA;AAErE,MAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,mBAAA,EAAoB,IAAK,EAAC;AAC1D,MAAA,MAAM,QAAA,GAA6C;AAAA,QACjD,SAAA,EAAW,MAAA,CAAO,OAAA,CAAQ,gBAAgB,CAAA,CACvC,IAAI,CAAC,CAAC,EAAA,EAAI,QAAQ,CAAA,KAAM;AACvB,UAAA,MAAM,IAAA,GAAO,SAAS,OAAA,IAAU;AAChC,UAAA,MAAM,MAAA,GAAS,QAAA,CAAS,SAAA,IAAY,IAAK,EAAC;AAC1C,UAAA,OAAO;AAAA,YACL,EAAA,EAAI,MAAM,EAAA,IAAM,EAAA;AAAA,YAChB,IAAA,EAAM,MAAM,IAAA,IAAQ,EAAA;AAAA,YACpB,YAAA,EAAc,MAAM,YAAA,IAAgB,KAAA;AAAA,YACpC,YAAY,MAAA,CAAO;AAAA,WACrB;AAAA,QACF,CAAC,CAAA,CACA,MAAA,CAAO,CAAA,QAAA,KAAY,SAAS,YAAY;AAAA,OAC7C;AAEA,MAAA,MAAM,MAAA,GAAS,OAAO,SAAA,EAAU;AAChC,MAAA,IAAI,OAAA,GAA2C;AAAA,QAC7C,IAAA,EAAM,IAAA;AAAA,QACN,QAAA,EAAU,IAAA;AAAA,QACV,GAAA,EAAK,IAAA;AAAA,QACL,UAAA,EAAY,KAAA;AAAA,QACZ,oBAAoB,EAAC;AAAA,QACrB,QAAQ;AAAC,OACX;AACA,MAAA,IAAI,SAAA,GAA+C;AAAA,QACjD,IAAA,EAAM,IAAA;AAAA,QACN,WAAA,EAAa,IAAA;AAAA,QACb,IAAA,EAAM,IAAA;AAAA,QACN,MAAA,EAAQ,IAAA;AAAA,QACR,UAAA,EAAY,KAAA;AAAA,QACZ,aAAA,EAAe,KAAA;AAAA,QACf,UAAA,EAAY,KAAA;AAAA,QACZ,kBAAA,EAAoB,IAAA;AAAA,QACpB,eAAA,EAAiB,IAAA;AAAA,QACjB,QAAQ;AAAC,OACX;AACA,MAAA,IAAI,UAAA,GAAiD;AAAA,QACnD,QAAA,EAAU,EAAE,OAAA,EAAS,KAAA;AAAM,OAC7B;AAEA,MAAA,IAAI,QAAQ,cAAA,EAAgB;AAC1B,QAAA,MAAM,WAAY,MAAA,CAA4D,UAAA;AAC9E,QAAA,MAAM,OAAA,GAAU,MAAM,MAAA,CAAO,cAAA,EAAe;AAC5C,QAAA,MAAM,iBAAA,GAAoB,SAAS,aAAA,IAAgB;AACnD,QAAA,UAAA,GAAa;AAAA,UACX,UAAU,EAAE,OAAA,EAAS,iBAAA,EAAmB,QAAA,EAAU,YAAY,IAAA;AAAK,SACrE;AACA,QAAA,MAAM,aAAA,GAAgB,OAAA,EAAS,gBAAA,IAAmB,EAAG,KAAA;AAWrD,QAAA,MAAM,aAAa,aAAA,EAAe,OAAA;AAClC,QAAA,MAAM,aAAA,GAAgB,UAAA,EAAY,MAAA,IAAU,EAAC;AAC7C,QAAA,MAAM,UAAA,GAAa,cAAc,QAAA,IAAY,IAAA;AAC7C,QAAA,OAAA,GAAU;AAAA,UACR,IAAA,EAAM,YAAY,IAAA,IAAQ,IAAA;AAAA,UAC1B,QAAA,EAAU,UAAA;AAAA,UACV,GAAA,EAAK,cAAc,GAAA,IAAO,IAAA;AAAA,UAC1B,YAAY,UAAA,GAAa,CAAC,CAAC,QAAA,EAAU,GAAA,CAAI,UAAU,CAAA,GAAI,KAAA;AAAA,UACvD,kBAAA,EAAoB,WAAW,KAAA,CAAM,IAAA,CAAK,SAAS,IAAA,EAAM,IAAI,EAAC;AAAA,UAC9D,QAAQ,gBAAA,CAAiB,aAAA,EAAe,CAAC,UAAA,EAAY,KAAK,CAAC;AAAA,SAC7D;AAEA,QAAA,MAAM,eAAe,aAAA,EAAe,SAAA;AACpC,QAAA,MAAM,eAAA,GAAkB,YAAA,EAAc,MAAA,IAAU,EAAC;AACjD,QAAA,MAAM,oBAAA,GAAuB,OAAO,cAAA,EAAe;AACnD,QAAA,MAAM,sBAAsB,YAAA,EAAc,WAAA,GACtC,oBAAA,CAAqB,YAAA,CAAa,WAAW,CAAA,GAC7C,MAAA;AACJ,QAAA,MAAM,UAAA,GAAa,mBAAA,EAAqB,SAAA,CAAU,UAAA,IAAc,eAAA,CAAgB,UAAA;AAChF,QAAA,MAAM,OAAA,GAAU,mBAAA,EAAqB,SAAA,CAAU,OAAA,IAAW,eAAA,CAAgB,OAAA;AAC1E,QAAA,MAAM,gBAAA,GACJ,OAAO,eAAA,CAAgB,UAAA,KAAe,QAAA,IACtC,eAAA,CAAgB,UAAA,IAChB,QAAA,IAAY,eAAA,CAAgB,UAAA,GACvB,eAAA,CAAgB,UAAA,CAAW,SAC5B,EAAC;AACP,QAAA,MAAM,aAAA,GACJ,OAAO,eAAA,CAAgB,OAAA,KAAY,QAAA,IAAY,eAAA,CAAgB,OAAA,IAAW,QAAA,IAAY,eAAA,CAAgB,OAAA,GACjG,eAAA,CAAgB,OAAA,CAAQ,SACzB,EAAC;AACP,QAAA,SAAA,GAAY;AAAA,UACV,IAAA,EAAM,cAAc,IAAA,IAAQ,IAAA;AAAA,UAC5B,WAAA,EAAa,cAAc,WAAA,IAAe,IAAA;AAAA,UAC1C,IAAA,EAAM,eAAA,CAAgB,IAAA,IAAQ,mBAAA,EAAqB,UAAU,IAAA,IAAQ,IAAA;AAAA,UACrE,MAAA,EAAQ,qBAAqB,MAAA,IAAU,IAAA;AAAA,UACvC,UAAA,EAAY,CAAC,CAAC,mBAAA;AAAA,UACd,aAAA,EAAe,CAAC,CAAC,UAAA;AAAA,UACjB,UAAA,EAAY,CAAC,CAAC,OAAA;AAAA,UACd,kBAAA,EAAoB,gBAAgB,UAAU,CAAA;AAAA,UAC9C,eAAA,EAAiB,gBAAgB,OAAO,CAAA;AAAA,UACxC,MAAA,EAAQ;AAAA,YACN,GAAG,gBAAA,CAAiB,gBAAgB,CAAA,CAAE,IAAI,CAAA,KAAA,MAAU,EAAE,GAAG,KAAA,EAAO,GAAA,EAAK,CAAA,WAAA,EAAc,KAAA,CAAM,GAAG,IAAG,CAAE,CAAA;AAAA,YACjG,GAAG,gBAAA,CAAiB,aAAa,CAAA,CAAE,IAAI,CAAA,KAAA,MAAU,EAAE,GAAG,KAAA,EAAO,GAAA,EAAK,CAAA,QAAA,EAAW,KAAA,CAAM,GAAG,IAAG,CAAE;AAAA;AAC7F,SACF;AAAA,MACF;AAEA,MAAA,OAAO,EAAE,QAAA,EAAU,OAAA,EAAS,SAAA,EAAW,UAAA,EAAW;AAAA,IACpD,SAAS,KAAA,EAAO;AACd,MAAA,OAAOH,6BAAA,CAAY,OAAO,qCAAqC,CAAA;AAAA,IACjE;AAAA,EACF;AACF,CAAC","file":"chunk-C3QMOBYA.cjs","sourcesContent":["import type { BuilderModelPolicy } from '@mastra/core/agent-builder/ee';\nimport type { IMastraEditor } from '@mastra/core/editor';\n\n/**\n * Server-side wrapper around `builderToModelPolicy`.\n *\n * Handles the optional `IMastraEditor` builder API surface (older / OSS editors\n * may not implement `hasEnabledBuilderConfig` / `resolveBuilder`) and returns\n * a uniform `BuilderModelPolicy` to every call site.\n *\n * Returns `{ active: false }` whenever:\n * - no editor is configured,\n * - the editor doesn't expose builder methods,\n * - the builder config is disabled, or\n * - resolving the builder fails / yields nothing.\n *\n * The `@mastra/core/agent-builder/ee` subpath is loaded lazily so this module\n * remains importable on `@mastra/core` versions that pre-date the subpath\n * (the subpath was added in core 1.34.0). The dynamic import is only reached\n * once an editor is actually configured, by which point a compatible core is\n * guaranteed.\n */\nexport async function resolveBuilderModelPolicy(editor: IMastraEditor | undefined): Promise<BuilderModelPolicy> {\n if (!editor) return { active: false };\n if (typeof editor.resolveBuilder !== 'function') return { active: false };\n if (typeof editor.hasEnabledBuilderConfig === 'function' && !editor.hasEnabledBuilderConfig()) {\n return { active: false };\n }\n\n // Degrade to inactive on builder-resolution failure rather than letting the\n // rejection escape: agent execution routes seed this on every request, so a\n // transient failure must not 500 the entire route.\n try {\n const builder = await editor.resolveBuilder();\n const { builderToModelPolicy } = await import('@mastra/core/agent-builder/ee');\n return builderToModelPolicy(builder);\n } catch {\n return { active: false };\n }\n}\n","import type { Mastra } from '@mastra/core';\n\nimport { HTTPException } from '../http-exception';\nimport {\n agentFeaturesSchema,\n builderAvailableModelsResponseSchema,\n builderSettingsResponseSchema,\n infrastructureStatusResponseSchema,\n} from '../schemas/editor-builder';\nimport type { AgentFeatures, InfrastructureStatus } from '../schemas/editor-builder';\nimport { createRoute } from '../server-adapter/routes/route-builder';\nimport { resolveBuilderModelPolicy } from '../utils/resolve-builder-model-policy';\nimport { buildProvidersList } from './agents';\nimport { handleError } from './error';\n\n/**\n * Resolve the active builder feature flags. Returns `null` when the editor is\n * absent, the builder is disabled, or no features are configured.\n */\nasync function resolveBuilderFeatures(mastra: Mastra): Promise<AgentFeatures | null> {\n const editor = mastra.getEditor();\n if (!editor || typeof editor.resolveBuilder !== 'function') return null;\n if (!editor.hasEnabledBuilderConfig?.()) return null;\n const builder = await editor.resolveBuilder();\n if (!builder || !builder.enabled) return null;\n const features = builder.getFeatures?.()?.agent;\n if (!features) return null;\n // Validate the shape so unknown keys cannot smuggle through.\n const parsed = agentFeaturesSchema.safeParse(features);\n return parsed.success ? parsed.data : null;\n}\n\n/**\n * Returns whether a given agent-builder feature is enabled. Used by list /\n * get-by-id handlers to soft-gate response enrichment (omit fields, ignore\n * favoritedOnly / pinFavoritedFor params) when the feature is off.\n */\nexport async function isBuilderFeatureEnabled(mastra: Mastra, feature: keyof AgentFeatures): Promise<boolean> {\n const features = await resolveBuilderFeatures(mastra);\n return features?.[feature] === true;\n}\n\n/**\n * Hard-gate helper for mutation routes that must not exist when the feature\n * is off. Throws `HTTPException(404)` so we don't leak the existence of the\n * feature surface (matches behavior of unregistered routes).\n */\nexport async function requireBuilderFeature(mastra: Mastra, feature: keyof AgentFeatures): Promise<void> {\n if (!(await isBuilderFeatureEnabled(mastra, feature))) {\n throw new HTTPException(404, { message: 'Not Found' });\n }\n}\n\n/**\n * GET /editor/builder/settings\n *\n * Returns the agent builder settings configured by the admin.\n * Used by frontend to determine which features to display.\n */\nexport const GET_EDITOR_BUILDER_SETTINGS_ROUTE = createRoute({\n method: 'GET',\n path: '/editor/builder/settings',\n responseType: 'json',\n responseSchema: builderSettingsResponseSchema,\n summary: 'Get agent builder settings',\n description: 'Returns the agent builder feature flags and configuration for UI gating',\n tags: ['Editor'],\n requiresAuth: true,\n requiresPermission: 'stored-agents:read',\n handler: async ({ mastra }) => {\n try {\n const editor = mastra.getEditor();\n\n // No editor configured\n if (!editor) {\n return { enabled: false, modelPolicy: { active: false } };\n }\n\n // Editor doesn't support builder (older version or OSS)\n if (typeof editor.resolveBuilder !== 'function') {\n return { enabled: false, modelPolicy: { active: false } };\n }\n\n // Check if builder is enabled in config\n if (!editor.hasEnabledBuilderConfig?.()) {\n return { enabled: false, modelPolicy: { active: false } };\n }\n\n // Resolve the builder instance\n const builder = await editor.resolveBuilder();\n if (!builder || !builder.enabled) {\n return { enabled: false, modelPolicy: { active: false } };\n }\n\n const baseWarnings = builder.getModelPolicyWarnings?.() ?? [];\n const configuration = builder.getConfiguration();\n\n // Picker allowlists are written against entity `.id` (what users see in\n // the UI, URLs, traces). The client filters list responses by their\n // response keys, which are not always `.id`:\n // - GET /agents keys by `agent.id`\n // - GET /tools keys by registration key (values include `id`)\n // - GET /workflows keys by registration key (values omit `id`)\n // To keep the client filter simple, we accept `.id` (fallback to\n // registration key) for matching, but emit visible IDs as response keys\n // so `Object.keys(data)` lines up.\n type AliasPair = { id: string; key: string };\n const collectAliases = (registry: Record<string, unknown>): AliasPair[] =>\n Object.entries(registry).map(([key, entity]) => ({\n id: (entity as { id?: string }).id || key,\n key,\n }));\n\n const toolAliases = collectAliases(mastra.listTools() ?? {});\n const agentAliases = collectAliases(mastra.listAgents() ?? {});\n const workflowAliases = collectAliases(mastra.listWorkflows() ?? {});\n\n // Tools/workflows responses are keyed by registration key. Agents\n // response is keyed by `.id`.\n const toResponseKey = (aliases: AliasPair[], byId: 'id' | 'key') => {\n const map = new Map<string, string>();\n for (const a of aliases) {\n map.set(a.id, byId === 'id' ? a.id : a.key);\n map.set(a.key, byId === 'id' ? a.id : a.key);\n }\n return map;\n };\n const toolKeyMap = toResponseKey(toolAliases, 'key');\n const agentKeyMap = toResponseKey(agentAliases, 'id');\n const workflowKeyMap = toResponseKey(workflowAliases, 'key');\n\n // Lazy-load the EE subpath so this module remains importable on\n // `@mastra/core` versions that pre-date it (added in core 1.34.0).\n // We only reach here after `builder.enabled` is true, which guarantees\n // a compatible core.\n const { builderToModelPolicy, resolvePickerVisibility } = await import('@mastra/core/agent-builder/ee');\n\n const picker = resolvePickerVisibility({\n config: configuration?.agent,\n registeredToolIds: toolAliases.flatMap(a => [a.id, a.key]),\n registeredAgentIds: agentAliases.flatMap(a => [a.id, a.key]),\n registeredWorkflowIds: workflowAliases.flatMap(a => [a.id, a.key]),\n });\n\n const normalize = (visible: string[] | null, map: Map<string, string>): string[] | null => {\n if (visible === null) return null;\n const out: string[] = [];\n const seen = new Set<string>();\n for (const id of visible) {\n const mapped = map.get(id);\n if (mapped && !seen.has(mapped)) {\n seen.add(mapped);\n out.push(mapped);\n }\n }\n return out;\n };\n\n const modelPolicyWarnings = [...baseWarnings, ...picker.warnings];\n\n return {\n enabled: true,\n features: builder.getFeatures(),\n configuration,\n modelPolicy: builderToModelPolicy(builder),\n picker: {\n visibleTools: normalize(picker.visibleTools, toolKeyMap),\n visibleAgents: normalize(picker.visibleAgents, agentKeyMap),\n visibleWorkflows: normalize(picker.visibleWorkflows, workflowKeyMap),\n },\n ...(modelPolicyWarnings.length > 0 ? { modelPolicyWarnings } : {}),\n };\n } catch (error) {\n return handleError(error, 'Error getting builder settings');\n }\n },\n});\n\n/**\n * GET /editor/builder/models/available\n *\n * Returns the configured AI providers/models the agent builder may use. The\n * server is the single authority: it scopes the list to providers with a\n * configured API key (`connected`) and applies the active builder model\n * policy via `isModelAllowed`, so the Studio surfaces can render the response\n * verbatim without importing any EE matcher into the browser.\n *\n * - Providers without a configured API key are always omitted — the builder\n * decides the agent's model from this list, so an unconnected provider would\n * produce an agent that can never run.\n * - Policy inactive (or no allowlist) ⇒ all connected providers are returned.\n * - Policy active with an allowlist ⇒ each connected provider's models are\n * filtered, and providers left with no allowed models are omitted entirely.\n */\nexport const GET_EDITOR_BUILDER_AVAILABLE_MODELS_ROUTE = createRoute({\n method: 'GET',\n path: '/editor/builder/models/available',\n responseType: 'json',\n responseSchema: builderAvailableModelsResponseSchema,\n summary: 'List builder-available AI models',\n description: 'Returns AI providers/models filtered by the active agent-builder model policy.',\n tags: ['Editor'],\n requiresAuth: true,\n requiresPermission: 'stored-agents:read',\n handler: async ({ mastra }) => {\n try {\n // Only surface providers whose API key is configured (`connected`). The\n // agent builder decides the agent's model from this list, so including\n // providers without a key lets it pick a model that can never run. We\n // scope to connected providers so every choice is actually usable.\n const providers = (await buildProvidersList(mastra)).filter(provider => provider.connected);\n const policy = await resolveBuilderModelPolicy(mastra.getEditor());\n\n // Inactive policy (or no allowlist) ⇒ no allowlist filtering to apply.\n if (!policy.active || !policy.allowed || policy.allowed.length === 0) {\n return { providers };\n }\n\n // Lazy-load the EE matcher (server-only); mirrors the convention used by\n // resolve-builder-model-policy and the settings handler.\n const { isModelAllowed } = await import('@mastra/core/agent-builder/ee');\n\n const filtered = providers\n .map(provider => ({\n ...provider,\n models: provider.models.filter(modelId => isModelAllowed(policy.allowed, { provider: provider.id, modelId })),\n }))\n .filter(provider => provider.models.length > 0);\n\n return { providers: filtered };\n } catch (error) {\n return handleError(error, 'Error fetching available models');\n }\n },\n});\n\n/**\n * GET /editor/builder/infrastructure\n *\n * Returns the runtime status of Mastra-opinionated primitives (channels,\n * browser providers, workspaces). Admin-only; surfaced in Studio Settings so\n * admins can sanity-check what's wired up to the running server.\n */\nexport const GET_INFRASTRUCTURE_STATUS_ROUTE = createRoute({\n method: 'GET',\n path: '/editor/builder/infrastructure',\n responseType: 'json',\n responseSchema: infrastructureStatusResponseSchema,\n summary: 'Get infrastructure status',\n description: 'Agent Builder infrastructure configuration and lightweight runtime status.',\n tags: ['Editor'],\n requiresAuth: true,\n requiresPermission: 'infrastructure:read',\n handler: async ({ mastra }) => {\n try {\n const formatConfigValue = (value: unknown): string => {\n if (value === null || value === undefined) return 'not set';\n if (typeof value === 'string' || typeof value === 'number' || typeof value === 'boolean') return String(value);\n if (Array.isArray(value)) return `${value.length} item${value.length === 1 ? '' : 's'}`;\n return value.constructor?.name && value.constructor.name !== 'Object' ? value.constructor.name : 'configured';\n };\n\n const getProviderName = (value: unknown): string | null => {\n if (!value) return null;\n if (typeof value === 'object' && 'provider' in value && typeof value.provider === 'string')\n return value.provider;\n if (typeof value === 'object' && 'constructor' in value) {\n const name = (value as { constructor?: { name?: string } }).constructor?.name;\n return name && name !== 'Object' ? name : 'configured';\n }\n return null;\n };\n\n const getConfigEntries = (config: Record<string, unknown>, omittedKeys: string[] = []) =>\n Object.entries(config)\n .filter(([key, value]) => !omittedKeys.includes(key) && value !== undefined && value !== null)\n .map(([key, value]) => ({ key, value: formatConfigValue(value) }));\n\n const channelProviders = mastra.getChannelProviders() ?? {};\n const channels: InfrastructureStatus['channels'] = {\n providers: Object.entries(channelProviders)\n .map(([id, provider]) => {\n const info = provider.getInfo?.();\n const routes = provider.getRoutes?.() ?? [];\n return {\n id: info?.id ?? id,\n name: info?.name ?? id,\n isConfigured: info?.isConfigured ?? false,\n routeCount: routes.length,\n };\n })\n .filter(provider => provider.isConfigured),\n };\n\n const editor = mastra.getEditor();\n let browser: InfrastructureStatus['browser'] = {\n type: null,\n provider: null,\n env: null,\n registered: false,\n availableProviders: [],\n config: [],\n };\n let workspace: InfrastructureStatus['workspace'] = {\n type: null,\n workspaceId: null,\n name: null,\n source: null,\n registered: false,\n hasFilesystem: false,\n hasSandbox: false,\n filesystemProvider: null,\n sandboxProvider: null,\n config: [],\n };\n let registries: InfrastructureStatus['registries'] = {\n skillsSh: { enabled: false },\n };\n\n if (editor?.resolveBuilder) {\n const browsers = (editor as unknown as { __browsers?: Map<string, unknown> }).__browsers;\n const builder = await editor.resolveBuilder();\n const builderRegistries = builder?.getRegistries?.();\n registries = {\n skillsSh: { enabled: builderRegistries?.skillsSh?.enabled === true },\n };\n const configuration = builder?.getConfiguration?.()?.agent as\n | {\n browser?: { type?: string; config?: { provider?: string; env?: string } };\n workspace?: {\n type?: string;\n workspaceId?: string;\n config?: { name?: string; filesystem?: unknown; sandbox?: unknown };\n };\n }\n | undefined;\n\n const browserRef = configuration?.browser;\n const browserConfig = browserRef?.config ?? {};\n const providerId = browserConfig.provider ?? null;\n browser = {\n type: browserRef?.type ?? null,\n provider: providerId,\n env: browserConfig.env ?? null,\n registered: providerId ? !!browsers?.has(providerId) : false,\n availableProviders: browsers ? Array.from(browsers.keys()) : [],\n config: getConfigEntries(browserConfig, ['provider', 'env']),\n };\n\n const workspaceRef = configuration?.workspace;\n const workspaceConfig = workspaceRef?.config ?? {};\n const registeredWorkspaces = mastra.listWorkspaces();\n const registeredWorkspace = workspaceRef?.workspaceId\n ? registeredWorkspaces[workspaceRef.workspaceId]\n : undefined;\n const filesystem = registeredWorkspace?.workspace.filesystem ?? workspaceConfig.filesystem;\n const sandbox = registeredWorkspace?.workspace.sandbox ?? workspaceConfig.sandbox;\n const filesystemConfig =\n typeof workspaceConfig.filesystem === 'object' &&\n workspaceConfig.filesystem &&\n 'config' in workspaceConfig.filesystem\n ? (workspaceConfig.filesystem.config as Record<string, unknown>)\n : {};\n const sandboxConfig =\n typeof workspaceConfig.sandbox === 'object' && workspaceConfig.sandbox && 'config' in workspaceConfig.sandbox\n ? (workspaceConfig.sandbox.config as Record<string, unknown>)\n : {};\n workspace = {\n type: workspaceRef?.type ?? null,\n workspaceId: workspaceRef?.workspaceId ?? null,\n name: workspaceConfig.name ?? registeredWorkspace?.workspace.name ?? null,\n source: registeredWorkspace?.source ?? null,\n registered: !!registeredWorkspace,\n hasFilesystem: !!filesystem,\n hasSandbox: !!sandbox,\n filesystemProvider: getProviderName(filesystem),\n sandboxProvider: getProviderName(sandbox),\n config: [\n ...getConfigEntries(filesystemConfig).map(entry => ({ ...entry, key: `filesystem.${entry.key}` })),\n ...getConfigEntries(sandboxConfig).map(entry => ({ ...entry, key: `sandbox.${entry.key}` })),\n ],\n };\n }\n\n return { channels, browser, workspace, registries };\n } catch (error) {\n return handleError(error, 'Error getting infrastructure status');\n }\n },\n});\n"]}
@@ -1,13 +1,13 @@
1
1
  'use strict';
2
2
 
3
3
  var chunkXOGNYKAF_cjs = require('./chunk-XOGNYKAF.cjs');
4
- var chunkQQCQV7ZF_cjs = require('./chunk-QQCQV7ZF.cjs');
5
4
  var chunkRVD3DGBZ_cjs = require('./chunk-RVD3DGBZ.cjs');
6
- var chunkDIG2K5CV_cjs = require('./chunk-DIG2K5CV.cjs');
7
5
  var chunkGZ4HWZWE_cjs = require('./chunk-GZ4HWZWE.cjs');
8
6
  var chunkZ7LCIYK7_cjs = require('./chunk-Z7LCIYK7.cjs');
9
7
  var chunkG54X6VE6_cjs = require('./chunk-G54X6VE6.cjs');
10
8
  var chunk64ITUOXI_cjs = require('./chunk-64ITUOXI.cjs');
9
+ var chunkQQCQV7ZF_cjs = require('./chunk-QQCQV7ZF.cjs');
10
+ var chunkDIG2K5CV_cjs = require('./chunk-DIG2K5CV.cjs');
11
11
  var chunkO7I5CWRX_cjs = require('./chunk-O7I5CWRX.cjs');
12
12
  var stream = require('@mastra/core/stream');
13
13
  var v4 = require('zod/v4');
@@ -1143,5 +1143,5 @@ exports.TIME_TRAVEL_ASYNC_WORKFLOW_ROUTE = TIME_TRAVEL_ASYNC_WORKFLOW_ROUTE;
1143
1143
  exports.TIME_TRAVEL_STREAM_WORKFLOW_ROUTE = TIME_TRAVEL_STREAM_WORKFLOW_ROUTE;
1144
1144
  exports.TIME_TRAVEL_WORKFLOW_ROUTE = TIME_TRAVEL_WORKFLOW_ROUTE;
1145
1145
  exports.workflows_exports = workflows_exports;
1146
- //# sourceMappingURL=chunk-U72IZ5BP.cjs.map
1147
- //# sourceMappingURL=chunk-U72IZ5BP.cjs.map
1146
+ //# sourceMappingURL=chunk-CELYVWOU.cjs.map
1147
+ //# sourceMappingURL=chunk-CELYVWOU.cjs.map