@objectstack/plugin-hono-server 4.0.3 → 4.0.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/README.md +93 -1
  2. package/dist/index.d.mts +118 -27
  3. package/dist/index.d.ts +118 -27
  4. package/dist/index.js +247 -26
  5. package/dist/index.js.map +1 -1
  6. package/dist/index.mjs +247 -26
  7. package/dist/index.mjs.map +1 -1
  8. package/package.json +33 -8
  9. package/.turbo/turbo-build.log +0 -22
  10. package/CHANGELOG.md +0 -680
  11. package/objectstack.config.ts +0 -240
  12. package/src/adapter.ts +0 -222
  13. package/src/hono-plugin.test.ts +0 -113
  14. package/src/hono-plugin.ts +0 -328
  15. package/src/index.ts +0 -5
  16. package/tsconfig.json +0 -24
package/dist/index.js CHANGED
@@ -34,7 +34,12 @@ var __publicField = (obj, key, value) => __defNormalProp(obj, typeof key !== "sy
34
34
  var index_exports = {};
35
35
  __export(index_exports, {
36
36
  HonoHttpServer: () => HonoHttpServer,
37
- HonoServerPlugin: () => HonoServerPlugin
37
+ HonoServerPlugin: () => HonoServerPlugin,
38
+ createOriginMatcher: () => createOriginMatcher,
39
+ hasWildcardPattern: () => hasWildcardPattern,
40
+ isLocalhostOrigin: () => isLocalhostOrigin,
41
+ matchOriginPattern: () => matchOriginPattern,
42
+ normalizeOriginPatterns: () => normalizeOriginPatterns
38
43
  });
39
44
  module.exports = __toCommonJS(index_exports);
40
45
 
@@ -60,7 +65,9 @@ var HonoHttpServer = class {
60
65
  wrap(handler) {
61
66
  return async (c) => {
62
67
  let body = {};
63
- if (c.req.header("content-type")?.includes("application/json")) {
68
+ const contentType = c.req.header("content-type") ?? "";
69
+ const isOctetStream = contentType.includes("application/octet-stream");
70
+ if (contentType.includes("application/json")) {
64
71
  try {
65
72
  body = await c.req.json();
66
73
  } catch (e) {
@@ -69,19 +76,31 @@ var HonoHttpServer = class {
69
76
  } catch (e2) {
70
77
  }
71
78
  }
72
- } else {
79
+ } else if (!isOctetStream) {
73
80
  try {
74
81
  body = await c.req.parseBody();
75
82
  } catch (e) {
76
83
  }
77
84
  }
85
+ const rawHeaders = c.req.header();
86
+ if (!rawHeaders.host) {
87
+ try {
88
+ const u = new URL(c.req.url);
89
+ if (u.host) rawHeaders.host = u.host;
90
+ } catch {
91
+ }
92
+ }
78
93
  const req = {
79
94
  params: c.req.param(),
80
95
  query: c.req.query(),
81
96
  body,
82
- headers: c.req.header(),
97
+ headers: rawHeaders,
83
98
  method: c.req.method,
84
- path: c.req.path
99
+ path: c.req.path,
100
+ rawBody: async () => {
101
+ const ab = await c.req.arrayBuffer();
102
+ return Buffer.from(ab);
103
+ }
85
104
  };
86
105
  let capturedResponse;
87
106
  let streamController = null;
@@ -136,13 +155,13 @@ var HonoHttpServer = class {
136
155
  streamController?.close();
137
156
  resolve2(null);
138
157
  }
139
- }).catch(() => {
158
+ }).catch((err) => {
140
159
  streamController?.close();
141
160
  resolve2(null);
142
161
  });
143
162
  });
144
163
  const streamResponse = await streamPromise;
145
- return streamResponse ?? capturedResponse;
164
+ return streamResponse ?? capturedResponse ?? c.json({ error: "No response from handler" }, 500);
146
165
  };
147
166
  }
148
167
  get(path2, handler) {
@@ -163,11 +182,23 @@ var HonoHttpServer = class {
163
182
  use(pathOrHandler, handler) {
164
183
  if (typeof pathOrHandler === "string" && handler) {
165
184
  this.app.use(pathOrHandler, async (c, next) => {
166
- await handler({}, {}, next);
185
+ let nextCalled = false;
186
+ const wrappedNext = () => {
187
+ nextCalled = true;
188
+ return next();
189
+ };
190
+ await handler({}, {}, wrappedNext);
191
+ if (!nextCalled) await next();
167
192
  });
168
193
  } else if (typeof pathOrHandler === "function") {
169
194
  this.app.use("*", async (c, next) => {
170
- await pathOrHandler({}, {}, next);
195
+ let nextCalled = false;
196
+ const wrappedNext = () => {
197
+ nextCalled = true;
198
+ return next();
199
+ };
200
+ await pathOrHandler({}, {}, wrappedNext);
201
+ if (!nextCalled) await next();
171
202
  });
172
203
  }
173
204
  }
@@ -222,16 +253,58 @@ var HonoHttpServer = class {
222
253
  return this.app;
223
254
  }
224
255
  async close() {
225
- if (this.server && typeof this.server.close === "function") {
226
- this.server.close();
256
+ if (!this.server) return;
257
+ if (typeof this.server.closeAllConnections === "function") {
258
+ this.server.closeAllConnections();
227
259
  }
260
+ await new Promise((resolve2, reject) => {
261
+ this.server.close((err) => err ? reject(err) : resolve2());
262
+ });
228
263
  }
229
264
  };
230
265
 
231
266
  // src/hono-plugin.ts
267
+ var import_cors = require("hono/cors");
232
268
  var import_serve_static2 = require("@hono/node-server/serve-static");
233
269
  var fs = __toESM(require("fs"));
234
270
  var path = __toESM(require("path"));
271
+
272
+ // src/pattern-matcher.ts
273
+ function isLocalhostOrigin(origin) {
274
+ return /^https?:\/\/(localhost|127\.0\.0\.1|\[::1\])(:\d+)?$/.test(origin);
275
+ }
276
+ function matchOriginPattern(origin, pattern) {
277
+ if (isLocalhostOrigin(origin)) return true;
278
+ if (pattern === "*") return true;
279
+ if (pattern === origin) return true;
280
+ const regexPattern = pattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
281
+ const regex = new RegExp(`^${regexPattern}$`);
282
+ return regex.test(origin);
283
+ }
284
+ function normalizeOriginPatterns(patterns) {
285
+ if (Array.isArray(patterns)) {
286
+ return patterns.map((p) => p.trim()).filter(Boolean);
287
+ }
288
+ return patterns.includes(",") ? patterns.split(",").map((s) => s.trim()).filter(Boolean) : [patterns.trim()].filter(Boolean);
289
+ }
290
+ function createOriginMatcher(patterns) {
291
+ const patternList = normalizeOriginPatterns(patterns);
292
+ return (requestOrigin) => {
293
+ if (!requestOrigin) return null;
294
+ for (const pattern of patternList) {
295
+ if (matchOriginPattern(requestOrigin, pattern)) {
296
+ return requestOrigin;
297
+ }
298
+ }
299
+ return null;
300
+ };
301
+ }
302
+ function hasWildcardPattern(patterns) {
303
+ const list = Array.isArray(patterns) ? patterns : [patterns];
304
+ return list.some((p) => p.includes("*"));
305
+ }
306
+
307
+ // src/hono-plugin.ts
235
308
  var HonoServerPlugin = class {
236
309
  constructor(options = {}) {
237
310
  __publicField(this, "name", "com.objectstack.server.hono");
@@ -250,6 +323,50 @@ var HonoServerPlugin = class {
250
323
  ctx.registerService("http.server", this.server);
251
324
  ctx.registerService("http-server", this.server);
252
325
  ctx.logger.debug("HTTP server service registered", { serviceName: "http.server" });
326
+ const corsDisabledByEnv = process.env.CORS_ENABLED === "false";
327
+ if (this.options.cors !== false && !corsDisabledByEnv) {
328
+ const corsOpts = typeof this.options.cors === "object" ? this.options.cors : {};
329
+ const enabled = corsOpts.enabled ?? true;
330
+ if (enabled) {
331
+ let configuredOrigin;
332
+ if (corsOpts.origins) {
333
+ configuredOrigin = corsOpts.origins;
334
+ } else if (process.env.CORS_ORIGIN) {
335
+ const envOrigin = process.env.CORS_ORIGIN.trim();
336
+ configuredOrigin = envOrigin.includes(",") ? envOrigin.split(",").map((s) => s.trim()) : envOrigin;
337
+ } else {
338
+ configuredOrigin = "*";
339
+ }
340
+ const credentials = corsOpts.credentials ?? process.env.CORS_CREDENTIALS !== "false";
341
+ const maxAge = corsOpts.maxAge ?? (process.env.CORS_MAX_AGE ? parseInt(process.env.CORS_MAX_AGE, 10) : 86400);
342
+ let origin;
343
+ if (configuredOrigin === "*" && credentials) {
344
+ origin = (requestOrigin) => requestOrigin || "*";
345
+ } else if (hasWildcardPattern(configuredOrigin)) {
346
+ origin = createOriginMatcher(configuredOrigin);
347
+ } else {
348
+ const matcher = createOriginMatcher(configuredOrigin);
349
+ origin = (requestOrigin) => matcher(requestOrigin);
350
+ }
351
+ const rawApp = this.server.getRawApp();
352
+ const defaultAllowHeaders = ["Content-Type", "Authorization", "X-Requested-With", "X-Tenant-ID", "X-Project-Id"];
353
+ const defaultExposeHeaders = ["set-auth-token"];
354
+ const allowHeaders = corsOpts.allowHeaders ?? defaultAllowHeaders;
355
+ const exposeHeaders = Array.from(/* @__PURE__ */ new Set([
356
+ ...defaultExposeHeaders,
357
+ ...corsOpts.exposeHeaders ?? []
358
+ ]));
359
+ rawApp.use("*", (0, import_cors.cors)({
360
+ origin,
361
+ allowMethods: corsOpts.methods || ["GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"],
362
+ allowHeaders,
363
+ exposeHeaders,
364
+ credentials,
365
+ maxAge
366
+ }));
367
+ ctx.logger.debug("CORS middleware enabled", { origin: configuredOrigin, credentials });
368
+ }
369
+ }
253
370
  });
254
371
  /**
255
372
  * Start phase - Configure static files and start listening
@@ -344,6 +461,10 @@ var HonoServerPlugin = class {
344
461
  });
345
462
  }
346
463
  }
464
+ const rawAppForNotFound = this.server.getRawApp();
465
+ if (typeof rawAppForNotFound.notFound === "function") {
466
+ rawAppForNotFound.notFound((c) => c.json({ error: "Not found" }, 404));
467
+ }
347
468
  ctx.hook("kernel:ready", async () => {
348
469
  if (this.options.registerStandardEndpoints) {
349
470
  this.registerDiscoveryAndCrudEndpoints(ctx);
@@ -399,30 +520,125 @@ var HonoServerPlugin = class {
399
520
  rawApp.get("/.well-known/objectstack", (c) => c.redirect(`${prefix}/discovery`));
400
521
  rawApp.get(`${prefix}/discovery`, (c) => c.json({ data: discovery }));
401
522
  ctx.logger.info("Registered discovery endpoints", { prefix });
402
- const getBroker = () => ctx.getKernel().broker;
523
+ const getObjectQL = () => ctx.getService("objectql");
524
+ const resolveCtx = async (c) => {
525
+ try {
526
+ const authService = ctx.getService("auth");
527
+ if (!authService) return void 0;
528
+ let api = authService.api;
529
+ if (!api && typeof authService.getApi === "function") {
530
+ api = await authService.getApi();
531
+ }
532
+ if (!api?.getSession) return void 0;
533
+ const session = await api.getSession({ headers: c.req.raw.headers });
534
+ if (!session?.user?.id) return void 0;
535
+ const userId = session.user.id;
536
+ const tenantId = session.session?.activeOrganizationId ?? void 0;
537
+ const permissions = [];
538
+ const roles = [];
539
+ try {
540
+ const ql = getObjectQL();
541
+ const sysCtx = { context: { isSystem: true } };
542
+ const memberRows = await ql?.find?.(
543
+ "sys_member",
544
+ {
545
+ where: tenantId ? { user_id: userId, organization_id: tenantId } : { user_id: userId },
546
+ limit: 50,
547
+ ...sysCtx
548
+ }
549
+ ).catch(() => []);
550
+ for (const m of memberRows ?? []) {
551
+ if (typeof m.role === "string") {
552
+ for (const r of m.role.split(",").map((s) => s.trim()).filter(Boolean)) {
553
+ if (!roles.includes(r)) roles.push(r);
554
+ }
555
+ }
556
+ }
557
+ const upsRows = await ql?.find?.(
558
+ "sys_user_permission_set",
559
+ { where: { user_id: userId }, limit: 100, ...sysCtx }
560
+ ).catch(() => []);
561
+ const psIds = /* @__PURE__ */ new Set();
562
+ for (const r of upsRows ?? []) {
563
+ const orgScope = r.organization_id ?? null;
564
+ if (!orgScope || tenantId && orgScope === tenantId) {
565
+ const pid = r.permission_set_id ?? r.permissionSetId;
566
+ if (pid) psIds.add(pid);
567
+ }
568
+ }
569
+ if (psIds.size > 0) {
570
+ const psRows = await ql?.find?.(
571
+ "sys_permission_set",
572
+ { where: { id: { $in: Array.from(psIds) } }, limit: 500, ...sysCtx }
573
+ ).catch(() => []);
574
+ for (const ps of psRows ?? []) {
575
+ if (ps.name && !permissions.includes(ps.name)) permissions.push(ps.name);
576
+ }
577
+ }
578
+ } catch {
579
+ }
580
+ return {
581
+ userId,
582
+ tenantId,
583
+ roles,
584
+ permissions,
585
+ isSystem: false
586
+ };
587
+ } catch {
588
+ return void 0;
589
+ }
590
+ };
403
591
  rawApp.post(`${prefix}/data/:object`, async (c) => {
404
- const broker = getBroker();
405
- if (!broker) return c.json({ error: "Broker not available" }, 500);
592
+ const ql = getObjectQL();
593
+ if (!ql) return c.json({ error: "Data service not available" }, 503);
406
594
  const object = c.req.param("object");
407
595
  const data = await c.req.json().catch(() => ({}));
408
- const result = await broker.call("data.create", { object, data }, {});
409
- return c.json(result);
596
+ const execCtx = await resolveCtx(c);
597
+ try {
598
+ const res = await ql.insert(object, data, { context: execCtx });
599
+ const record = { ...data, ...res };
600
+ return c.json({ object, id: record.id, record });
601
+ } catch (err) {
602
+ if (err?.code === "PERMISSION_DENIED" || err?.name === "PermissionDeniedError") {
603
+ return c.json({ error: err.message ?? "Forbidden" }, 403);
604
+ }
605
+ throw err;
606
+ }
410
607
  });
411
608
  rawApp.get(`${prefix}/data/:object/:id`, async (c) => {
412
- const broker = getBroker();
413
- if (!broker) return c.json({ error: "Broker not available" }, 500);
609
+ const ql = getObjectQL();
610
+ if (!ql) return c.json({ error: "Data service not available" }, 503);
414
611
  const object = c.req.param("object");
415
612
  const id = c.req.param("id");
416
- const result = await broker.call("data.get", { object, id }, {});
417
- return result ? c.json(result) : c.json({ error: "Not found" }, 404);
613
+ const execCtx = await resolveCtx(c);
614
+ try {
615
+ let all = await ql.find(object, { context: execCtx });
616
+ if (!all) all = [];
617
+ const match = all.find((i) => i.id === id);
618
+ return match ? c.json({ object, id, record: match }) : c.json({ error: "Not found" }, 404);
619
+ } catch (err) {
620
+ if (err?.code === "PERMISSION_DENIED" || err?.name === "PermissionDeniedError") {
621
+ return c.json({ error: err.message ?? "Forbidden" }, 403);
622
+ }
623
+ throw err;
624
+ }
418
625
  });
419
626
  rawApp.get(`${prefix}/data/:object`, async (c) => {
420
- const broker = getBroker();
421
- if (!broker) return c.json({ error: "Broker not available" }, 500);
627
+ const ql = getObjectQL();
628
+ if (!ql) return c.json({ error: "Data service not available" }, 503);
422
629
  const object = c.req.param("object");
423
- const filters = c.req.query();
424
- const result = await broker.call("data.find", { object, filters }, {});
425
- return c.json(result);
630
+ const execCtx = await resolveCtx(c);
631
+ try {
632
+ let all = await ql.find(object, { context: execCtx });
633
+ if (!Array.isArray(all) && all && all.value) all = all.value;
634
+ if (!all) all = [];
635
+ return c.json({ object, records: all, total: all.length });
636
+ } catch (err) {
637
+ if (err?.code === "PERMISSION_DENIED" || err?.name === "PermissionDeniedError") {
638
+ return c.json({ error: err.message ?? "Forbidden" }, 403);
639
+ }
640
+ throw err;
641
+ }
426
642
  });
427
643
  ctx.logger.debug("Registered standard CRUD data endpoints", { prefix });
428
644
  }
@@ -444,6 +660,11 @@ __reExport(index_exports, adapter_exports, module.exports);
444
660
  // Annotate the CommonJS export names for ESM import in node:
445
661
  0 && (module.exports = {
446
662
  HonoHttpServer,
447
- HonoServerPlugin
663
+ HonoServerPlugin,
664
+ createOriginMatcher,
665
+ hasWildcardPattern,
666
+ isLocalhostOrigin,
667
+ matchOriginPattern,
668
+ normalizeOriginPatterns
448
669
  });
449
670
  //# sourceMappingURL=index.js.map
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/index.ts","../src/adapter.ts","../src/hono-plugin.ts"],"sourcesContent":["// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nexport * from './hono-plugin';\nexport * from './adapter';\n\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\n// Export IHttpServer from core\nexport * from '@objectstack/core';\n\nimport { \n IHttpServer, \n RouteHandler, \n Middleware \n} from '@objectstack/core';\nimport { Hono } from 'hono';\nimport { serve } from '@hono/node-server';\nimport { serveStatic } from '@hono/node-server/serve-static';\n\n/**\n * Hono Implementation of IHttpServer\n */\nexport class HonoHttpServer implements IHttpServer {\n private app: Hono;\n private server: any;\n private listeningPort: number | undefined;\n\n constructor(\n private port: number = 3000,\n private staticRoot?: string\n ) {\n this.app = new Hono();\n }\n\n // internal helper to convert standard handler to Hono handler\n private wrap(handler: RouteHandler) {\n return async (c: any) => {\n let body: any = {};\n\n // Try to parse JSON body first if content-type is JSON\n if (c.req.header('content-type')?.includes('application/json')) {\n try {\n body = await c.req.json();\n } catch(e) {\n // If JSON parsing fails, try parseBody\n try {\n body = await c.req.parseBody();\n } catch(e2) {}\n }\n } else {\n // For non-JSON content types, use parseBody\n try {\n body = await c.req.parseBody();\n } catch(e) {}\n }\n\n const req = {\n params: c.req.param(),\n query: c.req.query(),\n body,\n headers: c.req.header(),\n method: c.req.method,\n path: c.req.path\n };\n\n let capturedResponse: any;\n let streamController: ReadableStreamDefaultController | null = null;\n let streamEncoder: TextEncoder | null = null;\n let streamHeaders: Record<string, string> = {};\n let isStreaming = false;\n\n const res = {\n json: (data: any) => { capturedResponse = c.json(data); },\n send: (data: string) => { capturedResponse = c.html(data); },\n status: (code: number) => { c.status(code); return res; },\n header: (name: string, value: string) => {\n c.header(name, value);\n streamHeaders[name] = value;\n return res;\n },\n write: (chunk: string | Uint8Array) => {\n isStreaming = true;\n if (streamController && streamEncoder) {\n const data = typeof chunk === 'string' ? streamEncoder.encode(chunk) : chunk;\n streamController.enqueue(data);\n }\n },\n end: () => {\n if (streamController) {\n streamController.close();\n }\n },\n };\n\n // Create a streaming response wrapper — if handler calls res.write(),\n // we return a ReadableStream; otherwise fall back to capturedResponse.\n const streamPromise = new Promise<Response | null>((resolve) => {\n const stream = new ReadableStream({\n start(controller) {\n streamController = controller;\n streamEncoder = new TextEncoder();\n },\n });\n\n // Run the handler; once it's done, check if streaming was used\n const result = handler(req as any, res as any);\n const done = result instanceof Promise ? result : Promise.resolve(result);\n done.then(() => {\n if (isStreaming) {\n resolve(new Response(stream, {\n status: 200,\n headers: streamHeaders,\n }));\n } else {\n // Not streaming — close the unused stream and return null\n streamController?.close();\n resolve(null);\n }\n }).catch(() => {\n streamController?.close();\n resolve(null);\n });\n });\n\n const streamResponse = await streamPromise;\n return streamResponse ?? capturedResponse;\n };\n }\n\n get(path: string, handler: RouteHandler) {\n this.app.get(path, this.wrap(handler));\n }\n post(path: string, handler: RouteHandler) {\n this.app.post(path, this.wrap(handler));\n }\n put(path: string, handler: RouteHandler) {\n this.app.put(path, this.wrap(handler));\n }\n delete(path: string, handler: RouteHandler) {\n this.app.delete(path, this.wrap(handler));\n }\n patch(path: string, handler: RouteHandler) {\n this.app.patch(path, this.wrap(handler));\n }\n \n use(pathOrHandler: string | Middleware, handler?: Middleware) {\n if (typeof pathOrHandler === 'string' && handler) {\n // Path based middleware\n // Hono middleware signature is different (c, next) => ...\n this.app.use(pathOrHandler, async (c, next) => {\n // Simplistic conversion\n await handler({} as any, {} as any, next);\n });\n } else if (typeof pathOrHandler === 'function') {\n // Global middleware\n this.app.use('*', async (c, next) => {\n await pathOrHandler({} as any, {} as any, next);\n });\n }\n }\n\n /**\n * Mount a sub-application or router\n */\n mount(path: string, subApp: Hono) {\n this.app.route(path, subApp);\n }\n\n\n async listen(port: number) {\n if (this.staticRoot) {\n this.app.get('/*', serveStatic({ root: this.staticRoot }));\n }\n\n const targetPort = port || this.port;\n const maxRetries = 20;\n\n for (let attempt = 0; attempt < maxRetries; attempt++) {\n const tryPort = targetPort + attempt;\n try {\n await this.tryListen(tryPort);\n return;\n } catch (err: any) {\n if (err.code === 'EADDRINUSE' && attempt < maxRetries - 1) {\n if (this.server && typeof this.server.close === 'function') {\n this.server.close();\n }\n continue;\n }\n throw err;\n }\n }\n }\n\n private tryListen(port: number): Promise<void> {\n return new Promise<void>((resolve, reject) => {\n const server = serve({\n fetch: this.app.fetch,\n port\n }, (info) => {\n this.listeningPort = info.port;\n resolve();\n });\n this.server = server;\n server.on('error', (err: any) => {\n reject(err);\n });\n });\n }\n\n getPort() {\n return this.listeningPort || this.port;\n }\n\n // Expose raw app for scenarios where standard interface is not enough\n getRawApp() {\n return this.app;\n }\n\n async close() {\n if (this.server && typeof this.server.close === 'function') {\n this.server.close();\n }\n }\n\n\n}\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { Plugin, PluginContext, IHttpServer } from '@objectstack/core';\nimport {\n RestServerConfig,\n} from '@objectstack/spec/api';\nimport { HonoHttpServer } from './adapter';\nimport { serveStatic } from '@hono/node-server/serve-static';\nimport * as fs from 'fs';\nimport * as path from 'path';\n\nexport interface StaticMount {\n root: string;\n path?: string;\n rewrite?: boolean;\n spa?: boolean;\n}\n\nexport interface HonoPluginOptions {\n port?: number;\n staticRoot?: string;\n /**\n * Multiple static resource mounts\n */\n staticMounts?: StaticMount[];\n /**\n * REST server configuration\n * Controls automatic endpoint generation and API behavior\n */\n restConfig?: RestServerConfig;\n /**\n * Whether to register standard ObjectStack CRUD endpoints\n * @default true\n */\n registerStandardEndpoints?: boolean;\n /**\n * Whether to load endpoints from API Registry\n * @default true\n */\n useApiRegistry?: boolean;\n\n /**\n * Whether to enable SPA fallback\n * If true, returns index.html for non-API 404s\n * @default false\n */\n spaFallback?: boolean;\n}\n\n/**\n * Hono Server Plugin\n * \n * Provides HTTP server capabilities using Hono framework.\n * Registers the IHttpServer service so other plugins can register routes.\n * \n * Route registration is handled by plugins:\n * - `@objectstack/rest` → CRUD, metadata, discovery, UI, batch\n * - `createDispatcherPlugin()` → auth, graphql, analytics, packages, etc.\n */\nexport class HonoServerPlugin implements Plugin {\n name = 'com.objectstack.server.hono';\n type = 'server';\n version = '0.9.0';\n \n // Constants\n private static readonly DEFAULT_ENDPOINT_PRIORITY = 100;\n private static readonly CORE_ENDPOINT_PRIORITY = 950;\n private static readonly DISCOVERY_ENDPOINT_PRIORITY = 900;\n \n private options: HonoPluginOptions;\n private server: HonoHttpServer;\n\n constructor(options: HonoPluginOptions = {}) {\n this.options = { \n port: 3000,\n registerStandardEndpoints: true,\n useApiRegistry: true,\n spaFallback: false,\n ...options\n };\n // We handle static root manually in start() to support SPA fallback\n this.server = new HonoHttpServer(this.options.port);\n }\n\n /**\n * Init phase - Setup HTTP server and register as service\n */\n init = async (ctx: PluginContext) => {\n ctx.logger.debug('Initializing Hono server plugin', { \n port: this.options.port,\n staticRoot: this.options.staticRoot \n });\n \n // Register HTTP server service as IHttpServer\n // Register as 'http.server' to match core requirements\n ctx.registerService('http.server', this.server);\n // Alias 'http-server' for backward compatibility\n ctx.registerService('http-server', this.server);\n ctx.logger.debug('HTTP server service registered', { serviceName: 'http.server' });\n }\n\n /**\n * Start phase - Configure static files and start listening\n */\n start = async (ctx: PluginContext) => {\n ctx.logger.debug('Starting Hono server plugin');\n\n // Configure Static Files & SPA Fallback\n const mounts: StaticMount[] = this.options.staticMounts || [];\n\n // Auto-discover UI Plugins\n try {\n const rawKernel = ctx.getKernel() as any;\n if (rawKernel.plugins) {\n const loadedPlugins = rawKernel.plugins instanceof Map \n ? Array.from(rawKernel.plugins.values()) \n : Array.isArray(rawKernel.plugins) ? rawKernel.plugins : Object.values(rawKernel.plugins);\n\n for (const plugin of (loadedPlugins as any[])) {\n // Check for UI Plugin signature\n // Support legacy 'ui-plugin' and new 'ui' type\n if ((plugin.type === 'ui' || plugin.type === 'ui-plugin') && plugin.staticPath) {\n // Derive base route from name: @org/console -> console\n const slug = plugin.slug || plugin.name.split('/').pop();\n const baseRoute = `/${slug}`;\n \n ctx.logger.debug(`Auto-mounting UI Plugin: ${plugin.name}`, { \n path: baseRoute, \n root: plugin.staticPath \n });\n\n mounts.push({\n root: plugin.staticPath,\n path: baseRoute,\n rewrite: true, // Strip prefix: /console/assets/x -> /assets/x\n spa: true\n });\n\n // Handle Default Plugin Redirect\n if (plugin.default || plugin.isDefault) {\n const rawApp = this.server.getRawApp();\n rawApp.get('/', (c) => c.redirect(baseRoute));\n ctx.logger.debug(`Set default UI redirect: / -> ${baseRoute}`);\n }\n }\n }\n }\n } catch (err: any) {\n ctx.logger.warn('Failed to auto-discover UI plugins', { error: err.message || err });\n }\n\n // Backward compatibility for staticRoot\n if (this.options.staticRoot) {\n mounts.push({\n root: this.options.staticRoot,\n path: '/',\n rewrite: false,\n spa: this.options.spaFallback\n });\n }\n\n if (mounts.length > 0) {\n const rawApp = this.server.getRawApp();\n \n for (const mount of mounts) {\n const mountRoot = path.resolve(process.cwd(), mount.root);\n\n if (!fs.existsSync(mountRoot)) {\n ctx.logger.warn(`Static mount root not found: ${mountRoot}. Skipping.`);\n continue;\n }\n\n const mountPath = mount.path || '/';\n const normalizedPath = mountPath.startsWith('/') ? mountPath : `/${mountPath}`;\n const routePattern = normalizedPath === '/' ? '/*' : `${normalizedPath.replace(/\\/$/, '')}/*`;\n \n // Routes to register: both /mount and /mount/*\n const routes = normalizedPath === '/' ? [routePattern] : [normalizedPath, routePattern];\n\n ctx.logger.debug('Mounting static files', { \n to: routes, \n from: mountRoot, \n rewrite: mount.rewrite, \n spa: mount.spa \n });\n\n routes.forEach(route => {\n // 1. Serve Static Files\n rawApp.get(\n route, \n serveStatic({ \n root: mount.root,\n rewriteRequestPath: (reqPath) => {\n if (mount.rewrite && normalizedPath !== '/') {\n // /console/assets/style.css -> /assets/style.css\n if (reqPath.startsWith(normalizedPath)) {\n return reqPath.substring(normalizedPath.length) || '/';\n }\n }\n return reqPath;\n }\n })\n );\n\n // 2. SPA Fallback (Scoped)\n if (mount.spa) {\n rawApp.get(route, async (c, next) => {\n // Skip if API path check\n const config = this.options.restConfig || {};\n const basePath = config.api?.basePath || '/api';\n \n if (c.req.path.startsWith(basePath)) {\n return next();\n }\n\n return serveStatic({ \n root: mount.root,\n rewriteRequestPath: () => 'index.html'\n })(c, next);\n });\n }\n });\n }\n }\n\n // Start server on kernel:ready hook\n ctx.hook('kernel:ready', async () => {\n // Register standard endpoints before starting to listen\n if (this.options.registerStandardEndpoints) {\n this.registerDiscoveryAndCrudEndpoints(ctx);\n }\n\n const port = this.options.port ?? 3000;\n ctx.logger.debug('Starting HTTP server', { port });\n \n await this.server.listen(port);\n\n const actualPort = this.server.getPort();\n if (actualPort !== port) {\n ctx.logger.warn(`Port ${port} is in use, using port ${actualPort} instead`);\n }\n ctx.logger.info('HTTP server started successfully', {\n port: actualPort,\n url: `http://localhost:${actualPort}`\n });\n });\n }\n\n /**\n * Register discovery and basic CRUD endpoints.\n * Called when `registerStandardEndpoints` is true, before the server starts listening.\n */\n private registerDiscoveryAndCrudEndpoints(ctx: PluginContext) {\n const rawApp = this.server.getRawApp();\n const prefix = '/api/v1';\n\n // Build the standard discovery response\n const discovery = {\n version: 'v1',\n apiName: 'ObjectStack API',\n routes: {\n data: `${prefix}/data`,\n metadata: `${prefix}/meta`,\n auth: `${prefix}/auth`,\n packages: `${prefix}/packages`,\n analytics: `${prefix}/analytics`,\n realtime: `${prefix}/realtime`,\n workflow: `${prefix}/workflow`,\n automation: `${prefix}/automation`,\n ai: `${prefix}/ai`,\n notifications: `${prefix}/notifications`,\n i18n: `${prefix}/i18n`,\n storage: `${prefix}/storage`,\n ui: `${prefix}/ui`,\n },\n };\n\n // Discovery endpoints\n rawApp.get('/.well-known/objectstack', (c: any) => c.redirect(`${prefix}/discovery`));\n rawApp.get(`${prefix}/discovery`, (c: any) => c.json({ data: discovery }));\n\n ctx.logger.info('Registered discovery endpoints', { prefix });\n\n // Basic CRUD data endpoints — delegate to kernel.broker when available\n const getBroker = () => (ctx.getKernel() as any).broker;\n\n // Create\n rawApp.post(`${prefix}/data/:object`, async (c: any) => {\n const broker = getBroker();\n if (!broker) return c.json({ error: 'Broker not available' }, 500);\n const object = c.req.param('object');\n const data = await c.req.json().catch(() => ({}));\n const result = await broker.call('data.create', { object, data }, {});\n return c.json(result);\n });\n\n // Get by ID\n rawApp.get(`${prefix}/data/:object/:id`, async (c: any) => {\n const broker = getBroker();\n if (!broker) return c.json({ error: 'Broker not available' }, 500);\n const object = c.req.param('object');\n const id = c.req.param('id');\n const result = await broker.call('data.get', { object, id }, {});\n return result ? c.json(result) : c.json({ error: 'Not found' }, 404);\n });\n\n // Find / List\n rawApp.get(`${prefix}/data/:object`, async (c: any) => {\n const broker = getBroker();\n if (!broker) return c.json({ error: 'Broker not available' }, 500);\n const object = c.req.param('object');\n const filters = c.req.query();\n const result = await broker.call('data.find', { object, filters }, {});\n return c.json(result);\n });\n\n ctx.logger.debug('Registered standard CRUD data endpoints', { prefix });\n }\n\n /**\n * Destroy phase - Stop server\n */\n async destroy() {\n this.server.close();\n // Note: Can't use ctx.logger here since we're in destroy\n console.log('[HonoServerPlugin] Server stopped');\n }\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA;AAAA;AAAA;AAAA;AAGA,4BAAc;AAOd,kBAAqB;AACrB,yBAAsB;AACtB,0BAA4B;AAKrB,IAAM,iBAAN,MAA4C;AAAA,EAK/C,YACY,OAAe,KACf,YACV;AAFU;AACA;AANZ,wBAAQ;AACR,wBAAQ;AACR,wBAAQ;AAMJ,SAAK,MAAM,IAAI,iBAAK;AAAA,EACxB;AAAA;AAAA,EAGQ,KAAK,SAAuB;AAChC,WAAO,OAAO,MAAW;AACrB,UAAI,OAAY,CAAC;AAGjB,UAAI,EAAE,IAAI,OAAO,cAAc,GAAG,SAAS,kBAAkB,GAAG;AAC5D,YAAI;AACA,iBAAO,MAAM,EAAE,IAAI,KAAK;AAAA,QAC5B,SAAQ,GAAG;AAEP,cAAI;AACA,mBAAO,MAAM,EAAE,IAAI,UAAU;AAAA,UACjC,SAAQ,IAAI;AAAA,UAAC;AAAA,QACjB;AAAA,MACJ,OAAO;AAEH,YAAI;AACA,iBAAO,MAAM,EAAE,IAAI,UAAU;AAAA,QACjC,SAAQ,GAAG;AAAA,QAAC;AAAA,MAChB;AAEA,YAAM,MAAM;AAAA,QACR,QAAQ,EAAE,IAAI,MAAM;AAAA,QACpB,OAAO,EAAE,IAAI,MAAM;AAAA,QACnB;AAAA,QACA,SAAS,EAAE,IAAI,OAAO;AAAA,QACtB,QAAQ,EAAE,IAAI;AAAA,QACd,MAAM,EAAE,IAAI;AAAA,MAChB;AAEA,UAAI;AACJ,UAAI,mBAA2D;AAC/D,UAAI,gBAAoC;AACxC,UAAI,gBAAwC,CAAC;AAC7C,UAAI,cAAc;AAElB,YAAM,MAAM;AAAA,QACR,MAAM,CAAC,SAAc;AAAE,6BAAmB,EAAE,KAAK,IAAI;AAAA,QAAG;AAAA,QACxD,MAAM,CAAC,SAAiB;AAAE,6BAAmB,EAAE,KAAK,IAAI;AAAA,QAAG;AAAA,QAC3D,QAAQ,CAAC,SAAiB;AAAE,YAAE,OAAO,IAAI;AAAG,iBAAO;AAAA,QAAK;AAAA,QACxD,QAAQ,CAAC,MAAc,UAAkB;AACrC,YAAE,OAAO,MAAM,KAAK;AACpB,wBAAc,IAAI,IAAI;AACtB,iBAAO;AAAA,QACX;AAAA,QACA,OAAO,CAAC,UAA+B;AACnC,wBAAc;AACd,cAAI,oBAAoB,eAAe;AACnC,kBAAM,OAAO,OAAO,UAAU,WAAW,cAAc,OAAO,KAAK,IAAI;AACvE,6BAAiB,QAAQ,IAAI;AAAA,UACjC;AAAA,QACJ;AAAA,QACA,KAAK,MAAM;AACP,cAAI,kBAAkB;AAClB,6BAAiB,MAAM;AAAA,UAC3B;AAAA,QACJ;AAAA,MACJ;AAIA,YAAM,gBAAgB,IAAI,QAAyB,CAACA,aAAY;AAC5D,cAAM,SAAS,IAAI,eAAe;AAAA,UAC9B,MAAM,YAAY;AACd,+BAAmB;AACnB,4BAAgB,IAAI,YAAY;AAAA,UACpC;AAAA,QACJ,CAAC;AAGD,cAAM,SAAS,QAAQ,KAAY,GAAU;AAC7C,cAAM,OAAO,kBAAkB,UAAU,SAAS,QAAQ,QAAQ,MAAM;AACxE,aAAK,KAAK,MAAM;AACZ,cAAI,aAAa;AACb,YAAAA,SAAQ,IAAI,SAAS,QAAQ;AAAA,cACzB,QAAQ;AAAA,cACR,SAAS;AAAA,YACb,CAAC,CAAC;AAAA,UACN,OAAO;AAEH,8BAAkB,MAAM;AACxB,YAAAA,SAAQ,IAAI;AAAA,UAChB;AAAA,QACJ,CAAC,EAAE,MAAM,MAAM;AACX,4BAAkB,MAAM;AACxB,UAAAA,SAAQ,IAAI;AAAA,QAChB,CAAC;AAAA,MACL,CAAC;AAED,YAAM,iBAAiB,MAAM;AAC7B,aAAO,kBAAkB;AAAA,IAC7B;AAAA,EACJ;AAAA,EAEA,IAAIC,OAAc,SAAuB;AACrC,SAAK,IAAI,IAAIA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EACzC;AAAA,EACA,KAAKA,OAAc,SAAuB;AACtC,SAAK,IAAI,KAAKA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EAC1C;AAAA,EACA,IAAIA,OAAc,SAAuB;AACrC,SAAK,IAAI,IAAIA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EACzC;AAAA,EACA,OAAOA,OAAc,SAAuB;AACxC,SAAK,IAAI,OAAOA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EAC5C;AAAA,EACA,MAAMA,OAAc,SAAuB;AACvC,SAAK,IAAI,MAAMA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EAC3C;AAAA,EAEA,IAAI,eAAoC,SAAsB;AAC1D,QAAI,OAAO,kBAAkB,YAAY,SAAS;AAG7C,WAAK,IAAI,IAAI,eAAe,OAAO,GAAG,SAAS;AAE3C,cAAM,QAAQ,CAAC,GAAU,CAAC,GAAU,IAAI;AAAA,MAC5C,CAAC;AAAA,IACN,WAAW,OAAO,kBAAkB,YAAY;AAE3C,WAAK,IAAI,IAAI,KAAK,OAAO,GAAG,SAAS;AACjC,cAAM,cAAc,CAAC,GAAU,CAAC,GAAU,IAAI;AAAA,MAClD,CAAC;AAAA,IACN;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA,EAKA,MAAMA,OAAc,QAAc;AAC9B,SAAK,IAAI,MAAMA,OAAM,MAAM;AAAA,EAC/B;AAAA,EAGA,MAAM,OAAO,MAAc;AACvB,QAAI,KAAK,YAAY;AACjB,WAAK,IAAI,IAAI,UAAM,iCAAY,EAAE,MAAM,KAAK,WAAW,CAAC,CAAC;AAAA,IAC7D;AAEA,UAAM,aAAa,QAAQ,KAAK;AAChC,UAAM,aAAa;AAEnB,aAAS,UAAU,GAAG,UAAU,YAAY,WAAW;AACnD,YAAM,UAAU,aAAa;AAC7B,UAAI;AACA,cAAM,KAAK,UAAU,OAAO;AAC5B;AAAA,MACJ,SAAS,KAAU;AACf,YAAI,IAAI,SAAS,gBAAgB,UAAU,aAAa,GAAG;AACvD,cAAI,KAAK,UAAU,OAAO,KAAK,OAAO,UAAU,YAAY;AACxD,iBAAK,OAAO,MAAM;AAAA,UACtB;AACA;AAAA,QACJ;AACA,cAAM;AAAA,MACV;AAAA,IACJ;AAAA,EACJ;AAAA,EAEQ,UAAU,MAA6B;AAC3C,WAAO,IAAI,QAAc,CAACD,UAAS,WAAW;AAC1C,YAAM,aAAS,0BAAM;AAAA,QACjB,OAAO,KAAK,IAAI;AAAA,QAChB;AAAA,MACJ,GAAG,CAAC,SAAS;AACT,aAAK,gBAAgB,KAAK;AAC1B,QAAAA,SAAQ;AAAA,MACZ,CAAC;AACD,WAAK,SAAS;AACd,aAAO,GAAG,SAAS,CAAC,QAAa;AAC7B,eAAO,GAAG;AAAA,MACd,CAAC;AAAA,IACL,CAAC;AAAA,EACL;AAAA,EAEA,UAAU;AACN,WAAO,KAAK,iBAAiB,KAAK;AAAA,EACtC;AAAA;AAAA,EAGA,YAAY;AACR,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,QAAQ;AACV,QAAI,KAAK,UAAU,OAAO,KAAK,OAAO,UAAU,YAAY;AACxD,WAAK,OAAO,MAAM;AAAA,IACtB;AAAA,EACJ;AAGJ;;;ACtNA,IAAAE,uBAA4B;AAC5B,SAAoB;AACpB,WAAsB;AAkDf,IAAM,mBAAN,MAAyC;AAAA,EAa5C,YAAY,UAA6B,CAAC,GAAG;AAZ7C,gCAAO;AACP,gCAAO;AACP,mCAAU;AAOV,wBAAQ;AACR,wBAAQ;AAiBR;AAAA;AAAA;AAAA,gCAAO,OAAO,QAAuB;AACjC,UAAI,OAAO,MAAM,mCAAmC;AAAA,QAChD,MAAM,KAAK,QAAQ;AAAA,QACnB,YAAY,KAAK,QAAQ;AAAA,MAC7B,CAAC;AAID,UAAI,gBAAgB,eAAe,KAAK,MAAM;AAE9C,UAAI,gBAAgB,eAAe,KAAK,MAAM;AAC9C,UAAI,OAAO,MAAM,kCAAkC,EAAE,aAAa,cAAc,CAAC;AAAA,IACrF;AAKA;AAAA;AAAA;AAAA,iCAAQ,OAAO,QAAuB;AAClC,UAAI,OAAO,MAAM,6BAA6B;AAG9C,YAAM,SAAwB,KAAK,QAAQ,gBAAgB,CAAC;AAG5D,UAAI;AACA,cAAM,YAAY,IAAI,UAAU;AAChC,YAAI,UAAU,SAAS;AACnB,gBAAM,gBAAgB,UAAU,mBAAmB,MAC7C,MAAM,KAAK,UAAU,QAAQ,OAAO,CAAC,IACrC,MAAM,QAAQ,UAAU,OAAO,IAAI,UAAU,UAAU,OAAO,OAAO,UAAU,OAAO;AAE5F,qBAAW,UAAW,eAAyB;AAG3C,iBAAK,OAAO,SAAS,QAAQ,OAAO,SAAS,gBAAgB,OAAO,YAAY;AAE5E,oBAAM,OAAO,OAAO,QAAQ,OAAO,KAAK,MAAM,GAAG,EAAE,IAAI;AACvD,oBAAM,YAAY,IAAI,IAAI;AAE1B,kBAAI,OAAO,MAAM,4BAA4B,OAAO,IAAI,IAAI;AAAA,gBACxD,MAAM;AAAA,gBACN,MAAM,OAAO;AAAA,cACjB,CAAC;AAED,qBAAO,KAAK;AAAA,gBACR,MAAM,OAAO;AAAA,gBACb,MAAM;AAAA,gBACN,SAAS;AAAA;AAAA,gBACT,KAAK;AAAA,cACT,CAAC;AAGD,kBAAI,OAAO,WAAW,OAAO,WAAW;AACnC,sBAAM,SAAS,KAAK,OAAO,UAAU;AACrC,uBAAO,IAAI,KAAK,CAAC,MAAM,EAAE,SAAS,SAAS,CAAC;AAC5C,oBAAI,OAAO,MAAM,iCAAiC,SAAS,EAAE;AAAA,cAClE;AAAA,YACJ;AAAA,UACJ;AAAA,QACJ;AAAA,MACJ,SAAS,KAAU;AACf,YAAI,OAAO,KAAK,sCAAsC,EAAE,OAAO,IAAI,WAAW,IAAI,CAAC;AAAA,MACvF;AAGA,UAAI,KAAK,QAAQ,YAAY;AACzB,eAAO,KAAK;AAAA,UACR,MAAM,KAAK,QAAQ;AAAA,UACnB,MAAM;AAAA,UACN,SAAS;AAAA,UACT,KAAK,KAAK,QAAQ;AAAA,QACtB,CAAC;AAAA,MACL;AAEA,UAAI,OAAO,SAAS,GAAG;AACnB,cAAM,SAAS,KAAK,OAAO,UAAU;AAErC,mBAAW,SAAS,QAAQ;AACxB,gBAAM,YAAiB,aAAQ,QAAQ,IAAI,GAAG,MAAM,IAAI;AAExD,cAAI,CAAI,cAAW,SAAS,GAAG;AAC3B,gBAAI,OAAO,KAAK,gCAAgC,SAAS,aAAa;AACtE;AAAA,UACJ;AAEA,gBAAM,YAAY,MAAM,QAAQ;AAChC,gBAAM,iBAAiB,UAAU,WAAW,GAAG,IAAI,YAAY,IAAI,SAAS;AAC5E,gBAAM,eAAe,mBAAmB,MAAM,OAAO,GAAG,eAAe,QAAQ,OAAO,EAAE,CAAC;AAGzF,gBAAM,SAAS,mBAAmB,MAAM,CAAC,YAAY,IAAI,CAAC,gBAAgB,YAAY;AAEtF,cAAI,OAAO,MAAM,yBAAyB;AAAA,YACtC,IAAI;AAAA,YACJ,MAAM;AAAA,YACN,SAAS,MAAM;AAAA,YACf,KAAK,MAAM;AAAA,UACf,CAAC;AAED,iBAAO,QAAQ,WAAS;AAEpB,mBAAO;AAAA,cACH;AAAA,kBACA,kCAAY;AAAA,gBACR,MAAM,MAAM;AAAA,gBACZ,oBAAoB,CAAC,YAAY;AAC7B,sBAAI,MAAM,WAAW,mBAAmB,KAAK;AAEzC,wBAAI,QAAQ,WAAW,cAAc,GAAG;AACpC,6BAAO,QAAQ,UAAU,eAAe,MAAM,KAAK;AAAA,oBACvD;AAAA,kBACJ;AACA,yBAAO;AAAA,gBACX;AAAA,cACJ,CAAC;AAAA,YACL;AAGA,gBAAI,MAAM,KAAK;AACX,qBAAO,IAAI,OAAO,OAAO,GAAG,SAAS;AAEjC,sBAAM,SAAS,KAAK,QAAQ,cAAc,CAAC;AAC3C,sBAAM,WAAW,OAAO,KAAK,YAAY;AAEzC,oBAAI,EAAE,IAAI,KAAK,WAAW,QAAQ,GAAG;AACjC,yBAAO,KAAK;AAAA,gBAChB;AAEA,2BAAO,kCAAY;AAAA,kBACf,MAAM,MAAM;AAAA,kBACZ,oBAAoB,MAAM;AAAA,gBAC9B,CAAC,EAAE,GAAG,IAAI;AAAA,cACd,CAAC;AAAA,YACL;AAAA,UACJ,CAAC;AAAA,QACL;AAAA,MACJ;AAGA,UAAI,KAAK,gBAAgB,YAAY;AAEjC,YAAI,KAAK,QAAQ,2BAA2B;AACxC,eAAK,kCAAkC,GAAG;AAAA,QAC9C;AAEA,cAAM,OAAO,KAAK,QAAQ,QAAQ;AAClC,YAAI,OAAO,MAAM,wBAAwB,EAAE,KAAK,CAAC;AAEjD,cAAM,KAAK,OAAO,OAAO,IAAI;AAE7B,cAAM,aAAa,KAAK,OAAO,QAAQ;AACvC,YAAI,eAAe,MAAM;AACrB,cAAI,OAAO,KAAK,QAAQ,IAAI,0BAA0B,UAAU,UAAU;AAAA,QAC9E;AACA,YAAI,OAAO,KAAK,oCAAoC;AAAA,UAChD,MAAM;AAAA,UACN,KAAK,oBAAoB,UAAU;AAAA,QACvC,CAAC;AAAA,MACL,CAAC;AAAA,IACL;AA7KI,SAAK,UAAU;AAAA,MACX,MAAM;AAAA,MACN,2BAA2B;AAAA,MAC3B,gBAAgB;AAAA,MAChB,aAAa;AAAA,MACb,GAAG;AAAA,IACP;AAEA,SAAK,SAAS,IAAI,eAAe,KAAK,QAAQ,IAAI;AAAA,EACtD;AAAA;AAAA;AAAA;AAAA;AAAA,EA0KQ,kCAAkC,KAAoB;AAC1D,UAAM,SAAS,KAAK,OAAO,UAAU;AACrC,UAAM,SAAS;AAGf,UAAM,YAAY;AAAA,MACd,SAAS;AAAA,MACT,SAAS;AAAA,MACT,QAAQ;AAAA,QACJ,MAAe,GAAG,MAAM;AAAA,QACxB,UAAe,GAAG,MAAM;AAAA,QACxB,MAAe,GAAG,MAAM;AAAA,QACxB,UAAe,GAAG,MAAM;AAAA,QACxB,WAAe,GAAG,MAAM;AAAA,QACxB,UAAe,GAAG,MAAM;AAAA,QACxB,UAAe,GAAG,MAAM;AAAA,QACxB,YAAe,GAAG,MAAM;AAAA,QACxB,IAAe,GAAG,MAAM;AAAA,QACxB,eAAe,GAAG,MAAM;AAAA,QACxB,MAAe,GAAG,MAAM;AAAA,QACxB,SAAe,GAAG,MAAM;AAAA,QACxB,IAAe,GAAG,MAAM;AAAA,MAC5B;AAAA,IACJ;AAGA,WAAO,IAAI,4BAA4B,CAAC,MAAW,EAAE,SAAS,GAAG,MAAM,YAAY,CAAC;AACpF,WAAO,IAAI,GAAG,MAAM,cAAc,CAAC,MAAW,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC,CAAC;AAEzE,QAAI,OAAO,KAAK,kCAAkC,EAAE,OAAO,CAAC;AAG5D,UAAM,YAAY,MAAO,IAAI,UAAU,EAAU;AAGjD,WAAO,KAAK,GAAG,MAAM,iBAAiB,OAAO,MAAW;AACpD,YAAM,SAAS,UAAU;AACzB,UAAI,CAAC,OAAQ,QAAO,EAAE,KAAK,EAAE,OAAO,uBAAuB,GAAG,GAAG;AACjE,YAAM,SAAS,EAAE,IAAI,MAAM,QAAQ;AACnC,YAAM,OAAO,MAAM,EAAE,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AAChD,YAAM,SAAS,MAAM,OAAO,KAAK,eAAe,EAAE,QAAQ,KAAK,GAAG,CAAC,CAAC;AACpE,aAAO,EAAE,KAAK,MAAM;AAAA,IACxB,CAAC;AAGD,WAAO,IAAI,GAAG,MAAM,qBAAqB,OAAO,MAAW;AACvD,YAAM,SAAS,UAAU;AACzB,UAAI,CAAC,OAAQ,QAAO,EAAE,KAAK,EAAE,OAAO,uBAAuB,GAAG,GAAG;AACjE,YAAM,SAAS,EAAE,IAAI,MAAM,QAAQ;AACnC,YAAM,KAAK,EAAE,IAAI,MAAM,IAAI;AAC3B,YAAM,SAAS,MAAM,OAAO,KAAK,YAAY,EAAE,QAAQ,GAAG,GAAG,CAAC,CAAC;AAC/D,aAAO,SAAS,EAAE,KAAK,MAAM,IAAI,EAAE,KAAK,EAAE,OAAO,YAAY,GAAG,GAAG;AAAA,IACvE,CAAC;AAGD,WAAO,IAAI,GAAG,MAAM,iBAAiB,OAAO,MAAW;AACnD,YAAM,SAAS,UAAU;AACzB,UAAI,CAAC,OAAQ,QAAO,EAAE,KAAK,EAAE,OAAO,uBAAuB,GAAG,GAAG;AACjE,YAAM,SAAS,EAAE,IAAI,MAAM,QAAQ;AACnC,YAAM,UAAU,EAAE,IAAI,MAAM;AAC5B,YAAM,SAAS,MAAM,OAAO,KAAK,aAAa,EAAE,QAAQ,QAAQ,GAAG,CAAC,CAAC;AACrE,aAAO,EAAE,KAAK,MAAM;AAAA,IACxB,CAAC;AAED,QAAI,OAAO,MAAM,2CAA2C,EAAE,OAAO,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU;AACZ,SAAK,OAAO,MAAM;AAElB,YAAQ,IAAI,mCAAmC;AAAA,EACnD;AACJ;AAAA;AAtQI,cANS,kBAMe,6BAA4B;AACpD,cAPS,kBAOe,0BAAyB;AACjD,cARS,kBAQe,+BAA8B;;;AFhE1D,0BAAc,iBAHd;","names":["resolve","path","import_serve_static"]}
1
+ {"version":3,"sources":["../src/index.ts","../src/adapter.ts","../src/hono-plugin.ts","../src/pattern-matcher.ts"],"sourcesContent":["// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nexport * from './hono-plugin';\nexport * from './adapter';\nexport * from './pattern-matcher';\n\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\n// Export IHttpServer from core\nexport * from '@objectstack/core';\n\nimport {\n IHttpServer,\n RouteHandler,\n Middleware\n} from '@objectstack/core';\nimport { Hono } from 'hono';\nimport { serve } from '@hono/node-server';\nimport { serveStatic } from '@hono/node-server/serve-static';\n\nexport interface HonoCorsOptions {\n enabled?: boolean;\n origins?: string | string[];\n methods?: string[];\n /**\n * Request headers allowed on preflight (`Access-Control-Allow-Headers`).\n *\n * Defaults to `['Content-Type', 'Authorization', 'X-Requested-With']`,\n * which is sufficient for cookie and bearer-token auth.\n */\n allowHeaders?: string[];\n /**\n * Response headers exposed to JS (`Access-Control-Expose-Headers`).\n *\n * Defaults to `['set-auth-token']` so that better-auth's `bearer()` plugin\n * can hand rotated session tokens to cross-origin clients. User-supplied\n * values are merged with this default — `set-auth-token` is always\n * exposed unless CORS is disabled entirely.\n */\n exposeHeaders?: string[];\n credentials?: boolean;\n maxAge?: number;\n}\n\n/**\n * Hono Implementation of IHttpServer\n */\nexport class HonoHttpServer implements IHttpServer {\n private app: Hono;\n private server: any;\n private listeningPort: number | undefined;\n\n constructor(\n private port: number = 3000,\n private staticRoot?: string\n ) {\n this.app = new Hono();\n }\n\n // internal helper to convert standard handler to Hono handler\n private wrap(handler: RouteHandler) {\n return async (c: any) => {\n let body: any = {};\n\n const contentType = c.req.header('content-type') ?? '';\n const isOctetStream = contentType.includes('application/octet-stream');\n\n // Try to parse JSON body first if content-type is JSON\n if (contentType.includes('application/json')) {\n try {\n body = await c.req.json();\n } catch(e) {\n // If JSON parsing fails, try parseBody\n try {\n body = await c.req.parseBody();\n } catch(e2) {}\n }\n } else if (!isOctetStream) {\n // For non-JSON / non-binary content types, use parseBody\n // (Skipping for octet-stream so the raw stream stays consumable\n // via `req.rawBody()` for binary uploads.)\n try {\n body = await c.req.parseBody();\n } catch(e) {}\n }\n\n const rawHeaders = c.req.header();\n // Fetch API `Request` objects don't expose the `Host` header\n // (it's a forbidden header — derived from the URL by the\n // transport). Hostname-based routing in REST/dispatcher\n // depends on it, so we backfill from `c.req.url`.\n if (!rawHeaders.host) {\n try {\n const u = new URL(c.req.url);\n if (u.host) rawHeaders.host = u.host;\n } catch { /* non-URL request, leave headers as-is */ }\n }\n\n const req = {\n params: c.req.param(),\n query: c.req.query(),\n body,\n headers: rawHeaders,\n method: c.req.method,\n path: c.req.path,\n rawBody: async () => {\n const ab = await c.req.arrayBuffer();\n return Buffer.from(ab);\n },\n };\n\n let capturedResponse: any;\n let streamController: ReadableStreamDefaultController | null = null;\n let streamEncoder: TextEncoder | null = null;\n let streamHeaders: Record<string, string> = {};\n let isStreaming = false;\n\n const res = {\n json: (data: any) => { capturedResponse = c.json(data); },\n send: (data: string) => { capturedResponse = c.html(data); },\n status: (code: number) => { c.status(code); return res; },\n header: (name: string, value: string) => {\n c.header(name, value);\n streamHeaders[name] = value;\n return res;\n },\n write: (chunk: string | Uint8Array) => {\n isStreaming = true;\n if (streamController && streamEncoder) {\n const data = typeof chunk === 'string' ? streamEncoder.encode(chunk) : chunk;\n streamController.enqueue(data);\n }\n },\n end: () => {\n if (streamController) {\n streamController.close();\n }\n },\n };\n\n // Create a streaming response wrapper — if handler calls res.write(),\n // we return a ReadableStream; otherwise fall back to capturedResponse.\n const streamPromise = new Promise<Response | null>((resolve) => {\n const stream = new ReadableStream({\n start(controller) {\n streamController = controller;\n streamEncoder = new TextEncoder();\n },\n });\n\n // Run the handler; once it's done, check if streaming was used\n const result = handler(req as any, res as any);\n const done = result instanceof Promise ? result : Promise.resolve(result);\n done.then(() => {\n if (isStreaming) {\n resolve(new Response(stream, {\n status: 200,\n headers: streamHeaders,\n }));\n } else {\n // Not streaming — close the unused stream and return null\n streamController?.close();\n resolve(null);\n }\n }).catch((err) => {\n streamController?.close();\n resolve(null);\n });\n });\n\n const streamResponse = await streamPromise;\n return streamResponse ?? capturedResponse ?? c.json({ error: 'No response from handler' }, 500);\n };\n }\n\n get(path: string, handler: RouteHandler) {\n this.app.get(path, this.wrap(handler));\n }\n post(path: string, handler: RouteHandler) {\n this.app.post(path, this.wrap(handler));\n }\n put(path: string, handler: RouteHandler) {\n this.app.put(path, this.wrap(handler));\n }\n delete(path: string, handler: RouteHandler) {\n this.app.delete(path, this.wrap(handler));\n }\n patch(path: string, handler: RouteHandler) {\n this.app.patch(path, this.wrap(handler));\n }\n\n use(pathOrHandler: string | Middleware, handler?: Middleware) {\n if (typeof pathOrHandler === 'string' && handler) {\n this.app.use(pathOrHandler, async (c, next) => {\n let nextCalled = false;\n const wrappedNext = () => { nextCalled = true; return next(); };\n await handler({} as any, {} as any, wrappedNext);\n if (!nextCalled) await next();\n });\n } else if (typeof pathOrHandler === 'function') {\n this.app.use('*', async (c, next) => {\n let nextCalled = false;\n const wrappedNext = () => { nextCalled = true; return next(); };\n await pathOrHandler({} as any, {} as any, wrappedNext);\n if (!nextCalled) await next();\n });\n }\n }\n\n /**\n * Mount a sub-application or router\n */\n mount(path: string, subApp: Hono) {\n this.app.route(path, subApp);\n }\n\n\n async listen(port: number) {\n if (this.staticRoot) {\n this.app.get('/*', serveStatic({ root: this.staticRoot }));\n }\n\n const targetPort = port || this.port;\n const maxRetries = 20;\n\n for (let attempt = 0; attempt < maxRetries; attempt++) {\n const tryPort = targetPort + attempt;\n try {\n await this.tryListen(tryPort);\n return;\n } catch (err: any) {\n if (err.code === 'EADDRINUSE' && attempt < maxRetries - 1) {\n if (this.server && typeof this.server.close === 'function') {\n this.server.close();\n }\n continue;\n }\n throw err;\n }\n }\n }\n\n private tryListen(port: number): Promise<void> {\n return new Promise<void>((resolve, reject) => {\n const server = serve({\n fetch: this.app.fetch,\n port\n }, (info) => {\n this.listeningPort = info.port;\n resolve();\n });\n this.server = server;\n server.on('error', (err: any) => {\n reject(err);\n });\n });\n }\n\n getPort() {\n return this.listeningPort || this.port;\n }\n\n // Expose raw app for scenarios where standard interface is not enough\n getRawApp() {\n return this.app;\n }\n\n async close() {\n if (!this.server) return;\n // Destroy all keep-alive sockets so the server stops immediately\n if (typeof this.server.closeAllConnections === 'function') {\n this.server.closeAllConnections();\n }\n await new Promise<void>((resolve, reject) => {\n this.server.close((err: any) => (err ? reject(err) : resolve()));\n });\n }\n}\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\nimport { Plugin, PluginContext, IHttpServer, IDataEngine } from '@objectstack/core';\nimport {\n RestServerConfig,\n} from '@objectstack/spec/api';\nimport { HonoHttpServer, HonoCorsOptions } from './adapter';\nimport { cors } from 'hono/cors';\nimport { serveStatic } from '@hono/node-server/serve-static';\nimport * as fs from 'fs';\nimport * as path from 'path';\nimport { createOriginMatcher, hasWildcardPattern, isLocalhostOrigin } from './pattern-matcher';\n\nexport interface StaticMount {\n root: string;\n path?: string;\n rewrite?: boolean;\n spa?: boolean;\n}\n\nexport interface HonoPluginOptions {\n port?: number;\n staticRoot?: string;\n /**\n * Multiple static resource mounts\n */\n staticMounts?: StaticMount[];\n /**\n * REST server configuration\n * Controls automatic endpoint generation and API behavior\n */\n restConfig?: RestServerConfig;\n /**\n * Whether to register standard ObjectStack CRUD endpoints\n * @default true\n */\n registerStandardEndpoints?: boolean;\n /**\n * Whether to load endpoints from API Registry\n * @default true\n */\n useApiRegistry?: boolean;\n\n /**\n * Whether to enable SPA fallback\n * If true, returns index.html for non-API 404s\n * @default false\n */\n spaFallback?: boolean;\n\n /**\n * CORS configuration. Set to `false` to disable entirely.\n * Enabled by default with origin '*'.\n * Can also be controlled via environment variables:\n * CORS_ENABLED, CORS_ORIGIN, CORS_CREDENTIALS, CORS_MAX_AGE\n */\n cors?: HonoCorsOptions | false;\n}\n\n/**\n * Hono Server Plugin\n *\n * Provides HTTP server capabilities using Hono framework.\n * Registers the IHttpServer service so other plugins can register routes.\n *\n * Route registration is handled by plugins:\n * - `@objectstack/rest` → CRUD, metadata, discovery, UI, batch\n * - `createDispatcherPlugin()` → auth, graphql, analytics, packages, etc.\n */\nexport class HonoServerPlugin implements Plugin {\n name = 'com.objectstack.server.hono';\n type = 'server';\n version = '0.9.0';\n\n // Constants\n private static readonly DEFAULT_ENDPOINT_PRIORITY = 100;\n private static readonly CORE_ENDPOINT_PRIORITY = 950;\n private static readonly DISCOVERY_ENDPOINT_PRIORITY = 900;\n\n private options: HonoPluginOptions;\n private server: HonoHttpServer;\n\n constructor(options: HonoPluginOptions = {}) {\n this.options = {\n port: 3000,\n registerStandardEndpoints: true,\n useApiRegistry: true,\n spaFallback: false,\n ...options\n };\n // We handle static root manually in start() to support SPA fallback\n this.server = new HonoHttpServer(this.options.port);\n }\n\n /**\n * Init phase - Setup HTTP server and register as service\n */\n init = async (ctx: PluginContext) => {\n ctx.logger.debug('Initializing Hono server plugin', {\n port: this.options.port,\n staticRoot: this.options.staticRoot\n });\n\n // Register HTTP server service as IHttpServer\n // Register as 'http.server' to match core requirements\n ctx.registerService('http.server', this.server);\n // Alias 'http-server' for backward compatibility\n ctx.registerService('http-server', this.server);\n ctx.logger.debug('HTTP server service registered', { serviceName: 'http.server' });\n\n // ─── CORS Middleware ──────────────────────────────────────────────────\n // Enabled by default. Controlled via options.cors or environment variables.\n const corsDisabledByEnv = process.env.CORS_ENABLED === 'false';\n if (this.options.cors !== false && !corsDisabledByEnv) {\n const corsOpts = typeof this.options.cors === 'object' ? this.options.cors : {};\n const enabled = corsOpts.enabled ?? true;\n\n if (enabled) {\n let configuredOrigin: string | string[];\n if (corsOpts.origins) {\n configuredOrigin = corsOpts.origins;\n } else if (process.env.CORS_ORIGIN) {\n const envOrigin = process.env.CORS_ORIGIN.trim();\n configuredOrigin = envOrigin.includes(',') ? envOrigin.split(',').map(s => s.trim()) : envOrigin;\n } else {\n configuredOrigin = '*';\n }\n\n const credentials = corsOpts.credentials ?? (process.env.CORS_CREDENTIALS !== 'false');\n const maxAge = corsOpts.maxAge ?? (process.env.CORS_MAX_AGE ? parseInt(process.env.CORS_MAX_AGE, 10) : 86400);\n\n // Determine origin handler based on configuration.\n // Always use a function so that localhost origins are\n // automatically allowed regardless of the configured\n // pattern list (handled inside matchOriginPattern /\n // createOriginMatcher).\n let origin: string | string[] | ((origin: string) => string | undefined | null);\n\n // When credentials is true, browsers reject wildcard '*' for Access-Control-Allow-Origin.\n // For wildcard patterns (like \"https://*.example.com\"), always use a matcher function.\n // For exact origins, we can pass them directly as string/array.\n if (configuredOrigin === '*' && credentials) {\n // Credentials mode with '*' - reflect the request origin\n origin = (requestOrigin: string) => requestOrigin || '*';\n } else if (hasWildcardPattern(configuredOrigin)) {\n // Wildcard patterns (including better-auth style patterns like \"https://*.objectui.org\")\n // Use pattern matcher to support subdomain and port wildcards\n origin = createOriginMatcher(configuredOrigin);\n } else {\n // Exact origin(s) — wrap in a function so localhost is\n // still auto-allowed via the matcher.\n const matcher = createOriginMatcher(configuredOrigin);\n origin = (requestOrigin: string) => matcher(requestOrigin);\n }\n\n const rawApp = this.server.getRawApp();\n // Always include `set-auth-token` in exposed headers so that\n // the better-auth `bearer()` plugin can deliver rotated\n // session tokens to cross-origin clients (see plugin-auth).\n // User-supplied exposeHeaders are merged with this default.\n const defaultAllowHeaders = ['Content-Type', 'Authorization', 'X-Requested-With', 'X-Tenant-ID', 'X-Project-Id'];\n const defaultExposeHeaders = ['set-auth-token'];\n const allowHeaders = corsOpts.allowHeaders ?? defaultAllowHeaders;\n const exposeHeaders = Array.from(new Set([\n ...defaultExposeHeaders,\n ...(corsOpts.exposeHeaders ?? []),\n ]));\n\n rawApp.use('*', cors({\n origin: origin as any,\n allowMethods: corsOpts.methods || ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'HEAD', 'OPTIONS'],\n allowHeaders,\n exposeHeaders,\n credentials,\n maxAge,\n }));\n\n ctx.logger.debug('CORS middleware enabled', { origin: configuredOrigin, credentials });\n }\n }\n }\n\n /**\n * Start phase - Configure static files and start listening\n */\n start = async (ctx: PluginContext) => {\n ctx.logger.debug('Starting Hono server plugin');\n\n // Configure Static Files & SPA Fallback\n const mounts: StaticMount[] = this.options.staticMounts || [];\n\n // Auto-discover UI Plugins\n try {\n const rawKernel = ctx.getKernel() as any;\n if (rawKernel.plugins) {\n const loadedPlugins = rawKernel.plugins instanceof Map\n ? Array.from(rawKernel.plugins.values())\n : Array.isArray(rawKernel.plugins) ? rawKernel.plugins : Object.values(rawKernel.plugins);\n\n for (const plugin of (loadedPlugins as any[])) {\n // Check for UI Plugin signature\n // Support legacy 'ui-plugin' and new 'ui' type\n if ((plugin.type === 'ui' || plugin.type === 'ui-plugin') && plugin.staticPath) {\n // Derive base route from name: @org/console -> console\n const slug = plugin.slug || plugin.name.split('/').pop();\n const baseRoute = `/${slug}`;\n\n ctx.logger.debug(`Auto-mounting UI Plugin: ${plugin.name}`, {\n path: baseRoute,\n root: plugin.staticPath\n });\n\n mounts.push({\n root: plugin.staticPath,\n path: baseRoute,\n rewrite: true, // Strip prefix: /console/assets/x -> /assets/x\n spa: true\n });\n\n // Handle Default Plugin Redirect\n if (plugin.default || plugin.isDefault) {\n const rawApp = this.server.getRawApp();\n rawApp.get('/', (c) => c.redirect(baseRoute));\n ctx.logger.debug(`Set default UI redirect: / -> ${baseRoute}`);\n }\n }\n }\n }\n } catch (err: any) {\n ctx.logger.warn('Failed to auto-discover UI plugins', { error: err.message || err });\n }\n\n // Backward compatibility for staticRoot\n if (this.options.staticRoot) {\n mounts.push({\n root: this.options.staticRoot,\n path: '/',\n rewrite: false,\n spa: this.options.spaFallback\n });\n }\n\n if (mounts.length > 0) {\n const rawApp = this.server.getRawApp();\n\n for (const mount of mounts) {\n const mountRoot = path.resolve(process.cwd(), mount.root);\n\n if (!fs.existsSync(mountRoot)) {\n ctx.logger.warn(`Static mount root not found: ${mountRoot}. Skipping.`);\n continue;\n }\n\n const mountPath = mount.path || '/';\n const normalizedPath = mountPath.startsWith('/') ? mountPath : `/${mountPath}`;\n const routePattern = normalizedPath === '/' ? '/*' : `${normalizedPath.replace(/\\/$/, '')}/*`;\n\n // Routes to register: both /mount and /mount/*\n const routes = normalizedPath === '/' ? [routePattern] : [normalizedPath, routePattern];\n\n ctx.logger.debug('Mounting static files', {\n to: routes,\n from: mountRoot,\n rewrite: mount.rewrite,\n spa: mount.spa\n });\n\n routes.forEach(route => {\n // 1. Serve Static Files\n rawApp.get(\n route,\n serveStatic({\n root: mount.root,\n rewriteRequestPath: (reqPath) => {\n if (mount.rewrite && normalizedPath !== '/') {\n // /console/assets/style.css -> /assets/style.css\n if (reqPath.startsWith(normalizedPath)) {\n return reqPath.substring(normalizedPath.length) || '/';\n }\n }\n return reqPath;\n }\n })\n );\n\n // 2. SPA Fallback (Scoped)\n if (mount.spa) {\n rawApp.get(route, async (c, next) => {\n // Skip if API path check\n const config = this.options.restConfig || {};\n const basePath = config.api?.basePath || '/api';\n\n if (c.req.path.startsWith(basePath)) {\n return next();\n }\n\n return serveStatic({\n root: mount.root,\n rewriteRequestPath: () => 'index.html'\n })(c, next);\n });\n }\n });\n }\n }\n\n // Catch-all: ensure unmatched requests always get a proper Response\n // (prevents Hono \"Context is not finalized\" error)\n const rawAppForNotFound = this.server.getRawApp();\n if (typeof rawAppForNotFound.notFound === 'function') {\n rawAppForNotFound.notFound((c: any) => c.json({ error: 'Not found' }, 404));\n }\n\n // Start server on kernel:ready hook\n ctx.hook('kernel:ready', async () => {\n // Register standard endpoints before starting to listen\n if (this.options.registerStandardEndpoints) {\n this.registerDiscoveryAndCrudEndpoints(ctx);\n }\n\n const port = this.options.port ?? 3000;\n ctx.logger.debug('Starting HTTP server', { port });\n\n await this.server.listen(port);\n\n const actualPort = this.server.getPort();\n if (actualPort !== port) {\n ctx.logger.warn(`Port ${port} is in use, using port ${actualPort} instead`);\n }\n ctx.logger.info('HTTP server started successfully', {\n port: actualPort,\n url: `http://localhost:${actualPort}`\n });\n });\n }\n\n /**\n * Register discovery and basic CRUD endpoints.\n * Called when `registerStandardEndpoints` is true, before the server starts listening.\n */\n private registerDiscoveryAndCrudEndpoints(ctx: PluginContext) {\n const rawApp = this.server.getRawApp();\n const prefix = '/api/v1';\n\n // Build the standard discovery response\n const discovery = {\n version: 'v1',\n apiName: 'ObjectStack API',\n routes: {\n data: `${prefix}/data`,\n metadata: `${prefix}/meta`,\n auth: `${prefix}/auth`,\n packages: `${prefix}/packages`,\n analytics: `${prefix}/analytics`,\n realtime: `${prefix}/realtime`,\n workflow: `${prefix}/workflow`,\n automation: `${prefix}/automation`,\n ai: `${prefix}/ai`,\n notifications: `${prefix}/notifications`,\n i18n: `${prefix}/i18n`,\n storage: `${prefix}/storage`,\n ui: `${prefix}/ui`,\n },\n };\n\n // Discovery endpoints\n rawApp.get('/.well-known/objectstack', (c: any) => c.redirect(`${prefix}/discovery`));\n rawApp.get(`${prefix}/discovery`, (c: any) => c.json({ data: discovery }));\n\n ctx.logger.info('Registered discovery endpoints', { prefix });\n\n // Basic CRUD data endpoints — delegate to ObjectQL service directly\n const getObjectQL = () => ctx.getService<IDataEngine>('objectql');\n\n // Helper: resolve ExecutionContext from request headers (cookie session\n // or API key). Mirrors the runtime's resolveExecutionContext but\n // self-contained to avoid a cross-package dep. We DO query the\n // `sys_user_permission_set` link tables because hardcoding a single\n // permission set name (e.g. `member_default`) would silently ignore\n // any explicit admin / role assignment — including the platform-admin\n // promotion seeded by `bootstrapPlatformAdmin`.\n const resolveCtx = async (c: any): Promise<any | undefined> => {\n try {\n const authService: any = ctx.getService('auth');\n if (!authService) return undefined;\n let api: any = authService.api;\n if (!api && typeof authService.getApi === 'function') {\n api = await authService.getApi();\n }\n if (!api?.getSession) return undefined;\n const session = await api.getSession({ headers: c.req.raw.headers });\n if (!session?.user?.id) return undefined;\n const userId = session.user.id;\n const tenantId = session.session?.activeOrganizationId ?? undefined;\n const permissions: string[] = [];\n const roles: string[] = [];\n try {\n const ql = getObjectQL();\n const sysCtx = { context: { isSystem: true } };\n // Roles via sys_member (org-scoped if active org).\n const memberRows = await ql?.find?.(\n 'sys_member',\n {\n where: tenantId\n ? { user_id: userId, organization_id: tenantId }\n : { user_id: userId },\n limit: 50,\n ...sysCtx,\n } as any,\n ).catch(() => []);\n for (const m of (memberRows ?? []) as any[]) {\n if (typeof m.role === 'string') {\n for (const r of m.role.split(',').map((s: string) => s.trim()).filter(Boolean)) {\n if (!roles.includes(r)) roles.push(r);\n }\n }\n }\n // User-scoped permission sets — match BOTH (a) the active\n // org's link rows and (b) the cross-tenant rows\n // (organization_id IS NULL) so the platform-admin\n // promotion seeded by `bootstrapPlatformAdmin` applies\n // regardless of the user's active org.\n const upsRows = await ql?.find?.(\n 'sys_user_permission_set',\n { where: { user_id: userId }, limit: 100, ...sysCtx } as any,\n ).catch(() => []);\n const psIds = new Set<string>();\n for (const r of (upsRows ?? []) as any[]) {\n const orgScope = r.organization_id ?? null;\n if (!orgScope || (tenantId && orgScope === tenantId)) {\n const pid = r.permission_set_id ?? r.permissionSetId;\n if (pid) psIds.add(pid);\n }\n }\n if (psIds.size > 0) {\n const psRows = await ql?.find?.(\n 'sys_permission_set',\n { where: { id: { $in: Array.from(psIds) } }, limit: 500, ...sysCtx } as any,\n ).catch(() => []);\n for (const ps of (psRows ?? []) as any[]) {\n if (ps.name && !permissions.includes(ps.name)) permissions.push(ps.name);\n }\n }\n } catch {\n /* fall through with whatever we resolved so far */\n }\n return {\n userId,\n tenantId,\n roles,\n permissions,\n isSystem: false,\n };\n } catch {\n return undefined;\n }\n };\n\n // Create\n rawApp.post(`${prefix}/data/:object`, async (c: any) => {\n const ql = getObjectQL();\n if (!ql) return c.json({ error: 'Data service not available' }, 503);\n const object = c.req.param('object');\n const data = await c.req.json().catch(() => ({}));\n const execCtx = await resolveCtx(c);\n try {\n const res = await ql.insert(object, data, { context: execCtx } as any);\n const record = { ...data, ...res };\n return c.json({ object, id: record.id, record });\n } catch (err: any) {\n if (err?.code === 'PERMISSION_DENIED' || err?.name === 'PermissionDeniedError') {\n return c.json({ error: err.message ?? 'Forbidden' }, 403);\n }\n throw err;\n }\n });\n\n // Get by ID\n rawApp.get(`${prefix}/data/:object/:id`, async (c: any) => {\n const ql = getObjectQL();\n if (!ql) return c.json({ error: 'Data service not available' }, 503);\n const object = c.req.param('object');\n const id = c.req.param('id');\n const execCtx = await resolveCtx(c);\n try {\n let all = await ql.find(object, { context: execCtx } as any);\n if (!all) all = [];\n const match = all.find((i: any) => i.id === id);\n return match ? c.json({ object, id, record: match }) : c.json({ error: 'Not found' }, 404);\n } catch (err: any) {\n if (err?.code === 'PERMISSION_DENIED' || err?.name === 'PermissionDeniedError') {\n return c.json({ error: err.message ?? 'Forbidden' }, 403);\n }\n throw err;\n }\n });\n\n // Find / List\n rawApp.get(`${prefix}/data/:object`, async (c: any) => {\n const ql = getObjectQL();\n if (!ql) return c.json({ error: 'Data service not available' }, 503);\n const object = c.req.param('object');\n const execCtx = await resolveCtx(c);\n try {\n let all = await ql.find(object, { context: execCtx } as any);\n if (!Array.isArray(all) && all && (all as any).value) all = (all as any).value;\n if (!all) all = [];\n return c.json({ object, records: all, total: all.length });\n } catch (err: any) {\n if (err?.code === 'PERMISSION_DENIED' || err?.name === 'PermissionDeniedError') {\n return c.json({ error: err.message ?? 'Forbidden' }, 403);\n }\n throw err;\n }\n });\n\n ctx.logger.debug('Registered standard CRUD data endpoints', { prefix });\n }\n\n /**\n * Destroy phase - Stop server\n */\n async destroy() {\n this.server.close();\n // Note: Can't use ctx.logger here since we're in destroy\n console.log('[HonoServerPlugin] Server stopped');\n }\n}\n","// Copyright (c) 2025 ObjectStack. Licensed under the Apache-2.0 license.\n\n/**\n * CORS origin pattern matching utilities.\n *\n * Supports the same wildcard syntax as better-auth's `trustedOrigins`:\n * - `*` → matches any origin\n * - `https://*.example.com` → matches any subdomain\n * - `http://localhost:*` → matches any port\n * - Comma-separated list of the above\n *\n * These helpers are shared between the Hono plugin's CORS middleware and\n * consumers that need to apply CORS headers outside the Hono request\n * pipeline (e.g., the Vercel serverless entrypoint's preflight\n * short-circuit in `apps/objectos`). Keeping a single implementation\n * ensures both paths stay consistent — divergence caused bug where\n * wildcard `CORS_ORIGIN` values worked locally but produced browser\n * CORS errors on Vercel.\n */\n\n/**\n * Returns true when the origin points to localhost (any port, http or https).\n *\n * Matches:\n * - `http://localhost`\n * - `http://localhost:3000`\n * - `https://localhost:8443`\n * - `http://127.0.0.1:5173`\n * - `http://[::1]:3000`\n */\nexport function isLocalhostOrigin(origin: string): boolean {\n return /^https?:\\/\\/(localhost|127\\.0\\.0\\.1|\\[::1\\])(:\\d+)?$/.test(origin);\n}\n\n/**\n * Check if an origin matches a pattern with wildcards.\n *\n * Localhost origins (`http(s)://localhost:<any-port>`, `127.0.0.1`, `[::1]`)\n * are **always allowed** regardless of the pattern — this removes the need to\n * enumerate every development port in `CORS_ORIGIN`.\n *\n * @param origin The origin to check (e.g., `https://app.example.com`)\n * @param pattern The pattern to match against (supports `*` wildcard)\n * @returns true if origin matches the pattern\n */\nexport function matchOriginPattern(origin: string, pattern: string): boolean {\n // Always allow localhost for development convenience\n if (isLocalhostOrigin(origin)) return true;\n\n if (pattern === '*') return true;\n if (pattern === origin) return true;\n\n // Convert wildcard pattern to regex:\n // 1. Escape regex special chars EXCEPT `*`\n // 2. Replace `*` with `.*`\n const regexPattern = pattern\n .replace(/[.+?^${}()|[\\]\\\\]/g, '\\\\$&')\n .replace(/\\*/g, '.*');\n\n const regex = new RegExp(`^${regexPattern}$`);\n return regex.test(origin);\n}\n\n/**\n * Normalize a single string / comma-separated string / array into a\n * trimmed array of non-empty patterns.\n */\nexport function normalizeOriginPatterns(patterns: string | string[]): string[] {\n if (Array.isArray(patterns)) {\n return patterns.map(p => p.trim()).filter(Boolean);\n }\n return patterns.includes(',')\n ? patterns.split(',').map(s => s.trim()).filter(Boolean)\n : [patterns.trim()].filter(Boolean);\n}\n\n/**\n * Create a CORS origin matcher function that supports wildcard patterns.\n *\n * The returned function follows Hono's `cors({ origin })` contract:\n * given the request's `Origin` header, it returns the origin to echo\n * back in `Access-Control-Allow-Origin`, or `null` if the origin is not\n * allowed.\n *\n * @param patterns Single pattern, array of patterns, or comma-separated patterns\n */\nexport function createOriginMatcher(\n patterns: string | string[]\n): (origin: string) => string | null {\n const patternList = normalizeOriginPatterns(patterns);\n\n return (requestOrigin: string) => {\n if (!requestOrigin) return null;\n for (const pattern of patternList) {\n if (matchOriginPattern(requestOrigin, pattern)) {\n return requestOrigin;\n }\n }\n return null;\n };\n}\n\n/**\n * True if any pattern in the given list contains a `*` wildcard.\n */\nexport function hasWildcardPattern(patterns: string | string[]): boolean {\n const list = Array.isArray(patterns) ? patterns : [patterns];\n return list.some(p => p.includes('*'));\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA;AAAA;AAAA;AAAA;AAGA,4BAAc;AAOd,kBAAqB;AACrB,yBAAsB;AACtB,0BAA4B;AA6BrB,IAAM,iBAAN,MAA4C;AAAA,EAK/C,YACY,OAAe,KACf,YACV;AAFU;AACA;AANZ,wBAAQ;AACR,wBAAQ;AACR,wBAAQ;AAMJ,SAAK,MAAM,IAAI,iBAAK;AAAA,EACxB;AAAA;AAAA,EAGQ,KAAK,SAAuB;AAChC,WAAO,OAAO,MAAW;AACrB,UAAI,OAAY,CAAC;AAEjB,YAAM,cAAc,EAAE,IAAI,OAAO,cAAc,KAAK;AACpD,YAAM,gBAAgB,YAAY,SAAS,0BAA0B;AAGrE,UAAI,YAAY,SAAS,kBAAkB,GAAG;AAC1C,YAAI;AACA,iBAAO,MAAM,EAAE,IAAI,KAAK;AAAA,QAC5B,SAAQ,GAAG;AAEP,cAAI;AACA,mBAAO,MAAM,EAAE,IAAI,UAAU;AAAA,UACjC,SAAQ,IAAI;AAAA,UAAC;AAAA,QACjB;AAAA,MACJ,WAAW,CAAC,eAAe;AAIvB,YAAI;AACA,iBAAO,MAAM,EAAE,IAAI,UAAU;AAAA,QACjC,SAAQ,GAAG;AAAA,QAAC;AAAA,MAChB;AAEA,YAAM,aAAa,EAAE,IAAI,OAAO;AAKhC,UAAI,CAAC,WAAW,MAAM;AAClB,YAAI;AACA,gBAAM,IAAI,IAAI,IAAI,EAAE,IAAI,GAAG;AAC3B,cAAI,EAAE,KAAM,YAAW,OAAO,EAAE;AAAA,QACpC,QAAQ;AAAA,QAA6C;AAAA,MACzD;AAEA,YAAM,MAAM;AAAA,QACR,QAAQ,EAAE,IAAI,MAAM;AAAA,QACpB,OAAO,EAAE,IAAI,MAAM;AAAA,QACnB;AAAA,QACA,SAAS;AAAA,QACT,QAAQ,EAAE,IAAI;AAAA,QACd,MAAM,EAAE,IAAI;AAAA,QACZ,SAAS,YAAY;AACjB,gBAAM,KAAK,MAAM,EAAE,IAAI,YAAY;AACnC,iBAAO,OAAO,KAAK,EAAE;AAAA,QACzB;AAAA,MACJ;AAEA,UAAI;AACJ,UAAI,mBAA2D;AAC/D,UAAI,gBAAoC;AACxC,UAAI,gBAAwC,CAAC;AAC7C,UAAI,cAAc;AAElB,YAAM,MAAM;AAAA,QACR,MAAM,CAAC,SAAc;AAAE,6BAAmB,EAAE,KAAK,IAAI;AAAA,QAAG;AAAA,QACxD,MAAM,CAAC,SAAiB;AAAE,6BAAmB,EAAE,KAAK,IAAI;AAAA,QAAG;AAAA,QAC3D,QAAQ,CAAC,SAAiB;AAAE,YAAE,OAAO,IAAI;AAAG,iBAAO;AAAA,QAAK;AAAA,QACxD,QAAQ,CAAC,MAAc,UAAkB;AACrC,YAAE,OAAO,MAAM,KAAK;AACpB,wBAAc,IAAI,IAAI;AACtB,iBAAO;AAAA,QACX;AAAA,QACA,OAAO,CAAC,UAA+B;AACnC,wBAAc;AACd,cAAI,oBAAoB,eAAe;AACnC,kBAAM,OAAO,OAAO,UAAU,WAAW,cAAc,OAAO,KAAK,IAAI;AACvE,6BAAiB,QAAQ,IAAI;AAAA,UACjC;AAAA,QACJ;AAAA,QACA,KAAK,MAAM;AACP,cAAI,kBAAkB;AAClB,6BAAiB,MAAM;AAAA,UAC3B;AAAA,QACJ;AAAA,MACJ;AAIA,YAAM,gBAAgB,IAAI,QAAyB,CAACA,aAAY;AAC5D,cAAM,SAAS,IAAI,eAAe;AAAA,UAC9B,MAAM,YAAY;AACd,+BAAmB;AACnB,4BAAgB,IAAI,YAAY;AAAA,UACpC;AAAA,QACJ,CAAC;AAGD,cAAM,SAAS,QAAQ,KAAY,GAAU;AAC7C,cAAM,OAAO,kBAAkB,UAAU,SAAS,QAAQ,QAAQ,MAAM;AACxE,aAAK,KAAK,MAAM;AACZ,cAAI,aAAa;AACb,YAAAA,SAAQ,IAAI,SAAS,QAAQ;AAAA,cACzB,QAAQ;AAAA,cACR,SAAS;AAAA,YACb,CAAC,CAAC;AAAA,UACN,OAAO;AAEH,8BAAkB,MAAM;AACxB,YAAAA,SAAQ,IAAI;AAAA,UAChB;AAAA,QACJ,CAAC,EAAE,MAAM,CAAC,QAAQ;AACd,4BAAkB,MAAM;AACxB,UAAAA,SAAQ,IAAI;AAAA,QAChB,CAAC;AAAA,MACL,CAAC;AAED,YAAM,iBAAiB,MAAM;AAC7B,aAAO,kBAAkB,oBAAoB,EAAE,KAAK,EAAE,OAAO,2BAA2B,GAAG,GAAG;AAAA,IAClG;AAAA,EACJ;AAAA,EAEA,IAAIC,OAAc,SAAuB;AACrC,SAAK,IAAI,IAAIA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EACzC;AAAA,EACA,KAAKA,OAAc,SAAuB;AACtC,SAAK,IAAI,KAAKA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EAC1C;AAAA,EACA,IAAIA,OAAc,SAAuB;AACrC,SAAK,IAAI,IAAIA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EACzC;AAAA,EACA,OAAOA,OAAc,SAAuB;AACxC,SAAK,IAAI,OAAOA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EAC5C;AAAA,EACA,MAAMA,OAAc,SAAuB;AACvC,SAAK,IAAI,MAAMA,OAAM,KAAK,KAAK,OAAO,CAAC;AAAA,EAC3C;AAAA,EAEA,IAAI,eAAoC,SAAsB;AAC1D,QAAI,OAAO,kBAAkB,YAAY,SAAS;AAC7C,WAAK,IAAI,IAAI,eAAe,OAAO,GAAG,SAAS;AAC3C,YAAI,aAAa;AACjB,cAAM,cAAc,MAAM;AAAE,uBAAa;AAAM,iBAAO,KAAK;AAAA,QAAG;AAC9D,cAAM,QAAQ,CAAC,GAAU,CAAC,GAAU,WAAW;AAC/C,YAAI,CAAC,WAAY,OAAM,KAAK;AAAA,MAChC,CAAC;AAAA,IACN,WAAW,OAAO,kBAAkB,YAAY;AAC3C,WAAK,IAAI,IAAI,KAAK,OAAO,GAAG,SAAS;AACjC,YAAI,aAAa;AACjB,cAAM,cAAc,MAAM;AAAE,uBAAa;AAAM,iBAAO,KAAK;AAAA,QAAG;AAC9D,cAAM,cAAc,CAAC,GAAU,CAAC,GAAU,WAAW;AACrD,YAAI,CAAC,WAAY,OAAM,KAAK;AAAA,MAChC,CAAC;AAAA,IACN;AAAA,EACJ;AAAA;AAAA;AAAA;AAAA,EAKA,MAAMA,OAAc,QAAc;AAC9B,SAAK,IAAI,MAAMA,OAAM,MAAM;AAAA,EAC/B;AAAA,EAGA,MAAM,OAAO,MAAc;AACvB,QAAI,KAAK,YAAY;AACjB,WAAK,IAAI,IAAI,UAAM,iCAAY,EAAE,MAAM,KAAK,WAAW,CAAC,CAAC;AAAA,IAC7D;AAEA,UAAM,aAAa,QAAQ,KAAK;AAChC,UAAM,aAAa;AAEnB,aAAS,UAAU,GAAG,UAAU,YAAY,WAAW;AACnD,YAAM,UAAU,aAAa;AAC7B,UAAI;AACA,cAAM,KAAK,UAAU,OAAO;AAC5B;AAAA,MACJ,SAAS,KAAU;AACf,YAAI,IAAI,SAAS,gBAAgB,UAAU,aAAa,GAAG;AACvD,cAAI,KAAK,UAAU,OAAO,KAAK,OAAO,UAAU,YAAY;AACxD,iBAAK,OAAO,MAAM;AAAA,UACtB;AACA;AAAA,QACJ;AACA,cAAM;AAAA,MACV;AAAA,IACJ;AAAA,EACJ;AAAA,EAEQ,UAAU,MAA6B;AAC3C,WAAO,IAAI,QAAc,CAACD,UAAS,WAAW;AAC1C,YAAM,aAAS,0BAAM;AAAA,QACjB,OAAO,KAAK,IAAI;AAAA,QAChB;AAAA,MACJ,GAAG,CAAC,SAAS;AACT,aAAK,gBAAgB,KAAK;AAC1B,QAAAA,SAAQ;AAAA,MACZ,CAAC;AACD,WAAK,SAAS;AACd,aAAO,GAAG,SAAS,CAAC,QAAa;AAC7B,eAAO,GAAG;AAAA,MACd,CAAC;AAAA,IACL,CAAC;AAAA,EACL;AAAA,EAEA,UAAU;AACN,WAAO,KAAK,iBAAiB,KAAK;AAAA,EACtC;AAAA;AAAA,EAGA,YAAY;AACR,WAAO,KAAK;AAAA,EAChB;AAAA,EAEA,MAAM,QAAQ;AACV,QAAI,CAAC,KAAK,OAAQ;AAElB,QAAI,OAAO,KAAK,OAAO,wBAAwB,YAAY;AACvD,WAAK,OAAO,oBAAoB;AAAA,IACpC;AACA,UAAM,IAAI,QAAc,CAACA,UAAS,WAAW;AACzC,WAAK,OAAO,MAAM,CAAC,QAAc,MAAM,OAAO,GAAG,IAAIA,SAAQ,CAAE;AAAA,IACnE,CAAC;AAAA,EACL;AACJ;;;ACxQA,kBAAqB;AACrB,IAAAE,uBAA4B;AAC5B,SAAoB;AACpB,WAAsB;;;ACoBf,SAAS,kBAAkB,QAAyB;AACvD,SAAO,uDAAuD,KAAK,MAAM;AAC7E;AAaO,SAAS,mBAAmB,QAAgB,SAA0B;AAEzE,MAAI,kBAAkB,MAAM,EAAG,QAAO;AAEtC,MAAI,YAAY,IAAK,QAAO;AAC5B,MAAI,YAAY,OAAQ,QAAO;AAK/B,QAAM,eAAe,QAChB,QAAQ,sBAAsB,MAAM,EACpC,QAAQ,OAAO,IAAI;AAExB,QAAM,QAAQ,IAAI,OAAO,IAAI,YAAY,GAAG;AAC5C,SAAO,MAAM,KAAK,MAAM;AAC5B;AAMO,SAAS,wBAAwB,UAAuC;AAC3E,MAAI,MAAM,QAAQ,QAAQ,GAAG;AACzB,WAAO,SAAS,IAAI,OAAK,EAAE,KAAK,CAAC,EAAE,OAAO,OAAO;AAAA,EACrD;AACA,SAAO,SAAS,SAAS,GAAG,IACtB,SAAS,MAAM,GAAG,EAAE,IAAI,OAAK,EAAE,KAAK,CAAC,EAAE,OAAO,OAAO,IACrD,CAAC,SAAS,KAAK,CAAC,EAAE,OAAO,OAAO;AAC1C;AAYO,SAAS,oBACZ,UACiC;AACjC,QAAM,cAAc,wBAAwB,QAAQ;AAEpD,SAAO,CAAC,kBAA0B;AAC9B,QAAI,CAAC,cAAe,QAAO;AAC3B,eAAW,WAAW,aAAa;AAC/B,UAAI,mBAAmB,eAAe,OAAO,GAAG;AAC5C,eAAO;AAAA,MACX;AAAA,IACJ;AACA,WAAO;AAAA,EACX;AACJ;AAKO,SAAS,mBAAmB,UAAsC;AACrE,QAAM,OAAO,MAAM,QAAQ,QAAQ,IAAI,WAAW,CAAC,QAAQ;AAC3D,SAAO,KAAK,KAAK,OAAK,EAAE,SAAS,GAAG,CAAC;AACzC;;;ADvCO,IAAM,mBAAN,MAAyC;AAAA,EAa5C,YAAY,UAA6B,CAAC,GAAG;AAZ7C,gCAAO;AACP,gCAAO;AACP,mCAAU;AAOV,wBAAQ;AACR,wBAAQ;AAiBR;AAAA;AAAA;AAAA,gCAAO,OAAO,QAAuB;AACjC,UAAI,OAAO,MAAM,mCAAmC;AAAA,QAChD,MAAM,KAAK,QAAQ;AAAA,QACnB,YAAY,KAAK,QAAQ;AAAA,MAC7B,CAAC;AAID,UAAI,gBAAgB,eAAe,KAAK,MAAM;AAE9C,UAAI,gBAAgB,eAAe,KAAK,MAAM;AAC9C,UAAI,OAAO,MAAM,kCAAkC,EAAE,aAAa,cAAc,CAAC;AAIjF,YAAM,oBAAoB,QAAQ,IAAI,iBAAiB;AACvD,UAAI,KAAK,QAAQ,SAAS,SAAS,CAAC,mBAAmB;AACnD,cAAM,WAAW,OAAO,KAAK,QAAQ,SAAS,WAAW,KAAK,QAAQ,OAAO,CAAC;AAC9E,cAAM,UAAU,SAAS,WAAW;AAEpC,YAAI,SAAS;AACT,cAAI;AACJ,cAAI,SAAS,SAAS;AAClB,+BAAmB,SAAS;AAAA,UAChC,WAAW,QAAQ,IAAI,aAAa;AAChC,kBAAM,YAAY,QAAQ,IAAI,YAAY,KAAK;AAC/C,+BAAmB,UAAU,SAAS,GAAG,IAAI,UAAU,MAAM,GAAG,EAAE,IAAI,OAAK,EAAE,KAAK,CAAC,IAAI;AAAA,UAC3F,OAAO;AACH,+BAAmB;AAAA,UACvB;AAEA,gBAAM,cAAc,SAAS,eAAgB,QAAQ,IAAI,qBAAqB;AAC9E,gBAAM,SAAS,SAAS,WAAW,QAAQ,IAAI,eAAe,SAAS,QAAQ,IAAI,cAAc,EAAE,IAAI;AAOvG,cAAI;AAKJ,cAAI,qBAAqB,OAAO,aAAa;AAEzC,qBAAS,CAAC,kBAA0B,iBAAiB;AAAA,UACzD,WAAW,mBAAmB,gBAAgB,GAAG;AAG7C,qBAAS,oBAAoB,gBAAgB;AAAA,UACjD,OAAO;AAGH,kBAAM,UAAU,oBAAoB,gBAAgB;AACpD,qBAAS,CAAC,kBAA0B,QAAQ,aAAa;AAAA,UAC7D;AAEA,gBAAM,SAAS,KAAK,OAAO,UAAU;AAKrC,gBAAM,sBAAsB,CAAC,gBAAgB,iBAAiB,oBAAoB,eAAe,cAAc;AAC/G,gBAAM,uBAAuB,CAAC,gBAAgB;AAC9C,gBAAM,eAAe,SAAS,gBAAgB;AAC9C,gBAAM,gBAAgB,MAAM,KAAK,oBAAI,IAAI;AAAA,YACrC,GAAG;AAAA,YACH,GAAI,SAAS,iBAAiB,CAAC;AAAA,UACnC,CAAC,CAAC;AAEF,iBAAO,IAAI,SAAK,kBAAK;AAAA,YACjB;AAAA,YACA,cAAc,SAAS,WAAW,CAAC,OAAO,QAAQ,OAAO,UAAU,SAAS,QAAQ,SAAS;AAAA,YAC7F;AAAA,YACA;AAAA,YACA;AAAA,YACA;AAAA,UACJ,CAAC,CAAC;AAEF,cAAI,OAAO,MAAM,2BAA2B,EAAE,QAAQ,kBAAkB,YAAY,CAAC;AAAA,QACzF;AAAA,MACJ;AAAA,IACJ;AAKA;AAAA;AAAA;AAAA,iCAAQ,OAAO,QAAuB;AAClC,UAAI,OAAO,MAAM,6BAA6B;AAG9C,YAAM,SAAwB,KAAK,QAAQ,gBAAgB,CAAC;AAG5D,UAAI;AACA,cAAM,YAAY,IAAI,UAAU;AAChC,YAAI,UAAU,SAAS;AACnB,gBAAM,gBAAgB,UAAU,mBAAmB,MAC7C,MAAM,KAAK,UAAU,QAAQ,OAAO,CAAC,IACrC,MAAM,QAAQ,UAAU,OAAO,IAAI,UAAU,UAAU,OAAO,OAAO,UAAU,OAAO;AAE5F,qBAAW,UAAW,eAAyB;AAG3C,iBAAK,OAAO,SAAS,QAAQ,OAAO,SAAS,gBAAgB,OAAO,YAAY;AAE5E,oBAAM,OAAO,OAAO,QAAQ,OAAO,KAAK,MAAM,GAAG,EAAE,IAAI;AACvD,oBAAM,YAAY,IAAI,IAAI;AAE1B,kBAAI,OAAO,MAAM,4BAA4B,OAAO,IAAI,IAAI;AAAA,gBACxD,MAAM;AAAA,gBACN,MAAM,OAAO;AAAA,cACjB,CAAC;AAED,qBAAO,KAAK;AAAA,gBACR,MAAM,OAAO;AAAA,gBACb,MAAM;AAAA,gBACN,SAAS;AAAA;AAAA,gBACT,KAAK;AAAA,cACT,CAAC;AAGD,kBAAI,OAAO,WAAW,OAAO,WAAW;AACnC,sBAAM,SAAS,KAAK,OAAO,UAAU;AACrC,uBAAO,IAAI,KAAK,CAAC,MAAM,EAAE,SAAS,SAAS,CAAC;AAC5C,oBAAI,OAAO,MAAM,iCAAiC,SAAS,EAAE;AAAA,cAClE;AAAA,YACJ;AAAA,UACJ;AAAA,QACJ;AAAA,MACJ,SAAS,KAAU;AACf,YAAI,OAAO,KAAK,sCAAsC,EAAE,OAAO,IAAI,WAAW,IAAI,CAAC;AAAA,MACvF;AAGA,UAAI,KAAK,QAAQ,YAAY;AACzB,eAAO,KAAK;AAAA,UACR,MAAM,KAAK,QAAQ;AAAA,UACnB,MAAM;AAAA,UACN,SAAS;AAAA,UACT,KAAK,KAAK,QAAQ;AAAA,QACtB,CAAC;AAAA,MACL;AAEA,UAAI,OAAO,SAAS,GAAG;AACnB,cAAM,SAAS,KAAK,OAAO,UAAU;AAErC,mBAAW,SAAS,QAAQ;AACxB,gBAAM,YAAiB,aAAQ,QAAQ,IAAI,GAAG,MAAM,IAAI;AAExD,cAAI,CAAI,cAAW,SAAS,GAAG;AAC3B,gBAAI,OAAO,KAAK,gCAAgC,SAAS,aAAa;AACtE;AAAA,UACJ;AAEA,gBAAM,YAAY,MAAM,QAAQ;AAChC,gBAAM,iBAAiB,UAAU,WAAW,GAAG,IAAI,YAAY,IAAI,SAAS;AAC5E,gBAAM,eAAe,mBAAmB,MAAM,OAAO,GAAG,eAAe,QAAQ,OAAO,EAAE,CAAC;AAGzF,gBAAM,SAAS,mBAAmB,MAAM,CAAC,YAAY,IAAI,CAAC,gBAAgB,YAAY;AAEtF,cAAI,OAAO,MAAM,yBAAyB;AAAA,YACtC,IAAI;AAAA,YACJ,MAAM;AAAA,YACN,SAAS,MAAM;AAAA,YACf,KAAK,MAAM;AAAA,UACf,CAAC;AAED,iBAAO,QAAQ,WAAS;AAEpB,mBAAO;AAAA,cACH;AAAA,kBACA,kCAAY;AAAA,gBACR,MAAM,MAAM;AAAA,gBACZ,oBAAoB,CAAC,YAAY;AAC7B,sBAAI,MAAM,WAAW,mBAAmB,KAAK;AAEzC,wBAAI,QAAQ,WAAW,cAAc,GAAG;AACpC,6BAAO,QAAQ,UAAU,eAAe,MAAM,KAAK;AAAA,oBACvD;AAAA,kBACJ;AACA,yBAAO;AAAA,gBACX;AAAA,cACJ,CAAC;AAAA,YACL;AAGA,gBAAI,MAAM,KAAK;AACX,qBAAO,IAAI,OAAO,OAAO,GAAG,SAAS;AAEjC,sBAAM,SAAS,KAAK,QAAQ,cAAc,CAAC;AAC3C,sBAAM,WAAW,OAAO,KAAK,YAAY;AAEzC,oBAAI,EAAE,IAAI,KAAK,WAAW,QAAQ,GAAG;AACjC,yBAAO,KAAK;AAAA,gBAChB;AAEA,2BAAO,kCAAY;AAAA,kBACf,MAAM,MAAM;AAAA,kBACZ,oBAAoB,MAAM;AAAA,gBAC9B,CAAC,EAAE,GAAG,IAAI;AAAA,cACd,CAAC;AAAA,YACL;AAAA,UACJ,CAAC;AAAA,QACL;AAAA,MACJ;AAIA,YAAM,oBAAoB,KAAK,OAAO,UAAU;AAChD,UAAI,OAAO,kBAAkB,aAAa,YAAY;AAClD,0BAAkB,SAAS,CAAC,MAAW,EAAE,KAAK,EAAE,OAAO,YAAY,GAAG,GAAG,CAAC;AAAA,MAC9E;AAGA,UAAI,KAAK,gBAAgB,YAAY;AAEjC,YAAI,KAAK,QAAQ,2BAA2B;AACxC,eAAK,kCAAkC,GAAG;AAAA,QAC9C;AAEA,cAAM,OAAO,KAAK,QAAQ,QAAQ;AAClC,YAAI,OAAO,MAAM,wBAAwB,EAAE,KAAK,CAAC;AAEjD,cAAM,KAAK,OAAO,OAAO,IAAI;AAE7B,cAAM,aAAa,KAAK,OAAO,QAAQ;AACvC,YAAI,eAAe,MAAM;AACrB,cAAI,OAAO,KAAK,QAAQ,IAAI,0BAA0B,UAAU,UAAU;AAAA,QAC9E;AACA,YAAI,OAAO,KAAK,oCAAoC;AAAA,UAChD,MAAM;AAAA,UACN,KAAK,oBAAoB,UAAU;AAAA,QACvC,CAAC;AAAA,MACL,CAAC;AAAA,IACL;AA3PI,SAAK,UAAU;AAAA,MACX,MAAM;AAAA,MACN,2BAA2B;AAAA,MAC3B,gBAAgB;AAAA,MAChB,aAAa;AAAA,MACb,GAAG;AAAA,IACP;AAEA,SAAK,SAAS,IAAI,eAAe,KAAK,QAAQ,IAAI;AAAA,EACtD;AAAA;AAAA;AAAA;AAAA;AAAA,EAwPQ,kCAAkC,KAAoB;AAC1D,UAAM,SAAS,KAAK,OAAO,UAAU;AACrC,UAAM,SAAS;AAGf,UAAM,YAAY;AAAA,MACd,SAAS;AAAA,MACT,SAAS;AAAA,MACT,QAAQ;AAAA,QACJ,MAAe,GAAG,MAAM;AAAA,QACxB,UAAe,GAAG,MAAM;AAAA,QACxB,MAAe,GAAG,MAAM;AAAA,QACxB,UAAe,GAAG,MAAM;AAAA,QACxB,WAAe,GAAG,MAAM;AAAA,QACxB,UAAe,GAAG,MAAM;AAAA,QACxB,UAAe,GAAG,MAAM;AAAA,QACxB,YAAe,GAAG,MAAM;AAAA,QACxB,IAAe,GAAG,MAAM;AAAA,QACxB,eAAe,GAAG,MAAM;AAAA,QACxB,MAAe,GAAG,MAAM;AAAA,QACxB,SAAe,GAAG,MAAM;AAAA,QACxB,IAAe,GAAG,MAAM;AAAA,MAC5B;AAAA,IACJ;AAGA,WAAO,IAAI,4BAA4B,CAAC,MAAW,EAAE,SAAS,GAAG,MAAM,YAAY,CAAC;AACpF,WAAO,IAAI,GAAG,MAAM,cAAc,CAAC,MAAW,EAAE,KAAK,EAAE,MAAM,UAAU,CAAC,CAAC;AAEzE,QAAI,OAAO,KAAK,kCAAkC,EAAE,OAAO,CAAC;AAG5D,UAAM,cAAc,MAAM,IAAI,WAAwB,UAAU;AAShE,UAAM,aAAa,OAAO,MAAqC;AAC3D,UAAI;AACA,cAAM,cAAmB,IAAI,WAAW,MAAM;AAC9C,YAAI,CAAC,YAAa,QAAO;AACzB,YAAI,MAAW,YAAY;AAC3B,YAAI,CAAC,OAAO,OAAO,YAAY,WAAW,YAAY;AAClD,gBAAM,MAAM,YAAY,OAAO;AAAA,QACnC;AACA,YAAI,CAAC,KAAK,WAAY,QAAO;AAC7B,cAAM,UAAU,MAAM,IAAI,WAAW,EAAE,SAAS,EAAE,IAAI,IAAI,QAAQ,CAAC;AACnE,YAAI,CAAC,SAAS,MAAM,GAAI,QAAO;AAC/B,cAAM,SAAS,QAAQ,KAAK;AAC5B,cAAM,WAAW,QAAQ,SAAS,wBAAwB;AAC1D,cAAM,cAAwB,CAAC;AAC/B,cAAM,QAAkB,CAAC;AACzB,YAAI;AACA,gBAAM,KAAK,YAAY;AACvB,gBAAM,SAAS,EAAE,SAAS,EAAE,UAAU,KAAK,EAAE;AAE7C,gBAAM,aAAa,MAAM,IAAI;AAAA,YACzB;AAAA,YACA;AAAA,cACI,OAAO,WACD,EAAE,SAAS,QAAQ,iBAAiB,SAAS,IAC7C,EAAE,SAAS,OAAO;AAAA,cACxB,OAAO;AAAA,cACP,GAAG;AAAA,YACP;AAAA,UACJ,EAAE,MAAM,MAAM,CAAC,CAAC;AAChB,qBAAW,KAAM,cAAc,CAAC,GAAa;AACzC,gBAAI,OAAO,EAAE,SAAS,UAAU;AAC5B,yBAAW,KAAK,EAAE,KAAK,MAAM,GAAG,EAAE,IAAI,CAAC,MAAc,EAAE,KAAK,CAAC,EAAE,OAAO,OAAO,GAAG;AAC5E,oBAAI,CAAC,MAAM,SAAS,CAAC,EAAG,OAAM,KAAK,CAAC;AAAA,cACxC;AAAA,YACJ;AAAA,UACJ;AAMA,gBAAM,UAAU,MAAM,IAAI;AAAA,YACtB;AAAA,YACA,EAAE,OAAO,EAAE,SAAS,OAAO,GAAG,OAAO,KAAK,GAAG,OAAO;AAAA,UACxD,EAAE,MAAM,MAAM,CAAC,CAAC;AAChB,gBAAM,QAAQ,oBAAI,IAAY;AAC9B,qBAAW,KAAM,WAAW,CAAC,GAAa;AACtC,kBAAM,WAAW,EAAE,mBAAmB;AACtC,gBAAI,CAAC,YAAa,YAAY,aAAa,UAAW;AAClD,oBAAM,MAAM,EAAE,qBAAqB,EAAE;AACrC,kBAAI,IAAK,OAAM,IAAI,GAAG;AAAA,YAC1B;AAAA,UACJ;AACA,cAAI,MAAM,OAAO,GAAG;AAChB,kBAAM,SAAS,MAAM,IAAI;AAAA,cACrB;AAAA,cACA,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,MAAM,KAAK,KAAK,EAAE,EAAE,GAAG,OAAO,KAAK,GAAG,OAAO;AAAA,YACvE,EAAE,MAAM,MAAM,CAAC,CAAC;AAChB,uBAAW,MAAO,UAAU,CAAC,GAAa;AACtC,kBAAI,GAAG,QAAQ,CAAC,YAAY,SAAS,GAAG,IAAI,EAAG,aAAY,KAAK,GAAG,IAAI;AAAA,YAC3E;AAAA,UACJ;AAAA,QACJ,QAAQ;AAAA,QAER;AACA,eAAO;AAAA,UACH;AAAA,UACA;AAAA,UACA;AAAA,UACA;AAAA,UACA,UAAU;AAAA,QACd;AAAA,MACJ,QAAQ;AACJ,eAAO;AAAA,MACX;AAAA,IACJ;AAGA,WAAO,KAAK,GAAG,MAAM,iBAAiB,OAAO,MAAW;AACpD,YAAM,KAAK,YAAY;AACvB,UAAI,CAAC,GAAI,QAAO,EAAE,KAAK,EAAE,OAAO,6BAA6B,GAAG,GAAG;AACnE,YAAM,SAAS,EAAE,IAAI,MAAM,QAAQ;AACnC,YAAM,OAAO,MAAM,EAAE,IAAI,KAAK,EAAE,MAAM,OAAO,CAAC,EAAE;AAChD,YAAM,UAAU,MAAM,WAAW,CAAC;AAClC,UAAI;AACA,cAAM,MAAM,MAAM,GAAG,OAAO,QAAQ,MAAM,EAAE,SAAS,QAAQ,CAAQ;AACrE,cAAM,SAAS,EAAE,GAAG,MAAM,GAAG,IAAI;AACjC,eAAO,EAAE,KAAK,EAAE,QAAQ,IAAI,OAAO,IAAI,OAAO,CAAC;AAAA,MACnD,SAAS,KAAU;AACf,YAAI,KAAK,SAAS,uBAAuB,KAAK,SAAS,yBAAyB;AAC5E,iBAAO,EAAE,KAAK,EAAE,OAAO,IAAI,WAAW,YAAY,GAAG,GAAG;AAAA,QAC5D;AACA,cAAM;AAAA,MACV;AAAA,IACJ,CAAC;AAGD,WAAO,IAAI,GAAG,MAAM,qBAAqB,OAAO,MAAW;AACvD,YAAM,KAAK,YAAY;AACvB,UAAI,CAAC,GAAI,QAAO,EAAE,KAAK,EAAE,OAAO,6BAA6B,GAAG,GAAG;AACnE,YAAM,SAAS,EAAE,IAAI,MAAM,QAAQ;AACnC,YAAM,KAAK,EAAE,IAAI,MAAM,IAAI;AAC3B,YAAM,UAAU,MAAM,WAAW,CAAC;AAClC,UAAI;AACA,YAAI,MAAM,MAAM,GAAG,KAAK,QAAQ,EAAE,SAAS,QAAQ,CAAQ;AAC3D,YAAI,CAAC,IAAK,OAAM,CAAC;AACjB,cAAM,QAAQ,IAAI,KAAK,CAAC,MAAW,EAAE,OAAO,EAAE;AAC9C,eAAO,QAAQ,EAAE,KAAK,EAAE,QAAQ,IAAI,QAAQ,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,OAAO,YAAY,GAAG,GAAG;AAAA,MAC7F,SAAS,KAAU;AACf,YAAI,KAAK,SAAS,uBAAuB,KAAK,SAAS,yBAAyB;AAC5E,iBAAO,EAAE,KAAK,EAAE,OAAO,IAAI,WAAW,YAAY,GAAG,GAAG;AAAA,QAC5D;AACA,cAAM;AAAA,MACV;AAAA,IACJ,CAAC;AAGD,WAAO,IAAI,GAAG,MAAM,iBAAiB,OAAO,MAAW;AACnD,YAAM,KAAK,YAAY;AACvB,UAAI,CAAC,GAAI,QAAO,EAAE,KAAK,EAAE,OAAO,6BAA6B,GAAG,GAAG;AACnE,YAAM,SAAS,EAAE,IAAI,MAAM,QAAQ;AACnC,YAAM,UAAU,MAAM,WAAW,CAAC;AAClC,UAAI;AACA,YAAI,MAAM,MAAM,GAAG,KAAK,QAAQ,EAAE,SAAS,QAAQ,CAAQ;AAC3D,YAAI,CAAC,MAAM,QAAQ,GAAG,KAAK,OAAQ,IAAY,MAAO,OAAO,IAAY;AACzE,YAAI,CAAC,IAAK,OAAM,CAAC;AACjB,eAAO,EAAE,KAAK,EAAE,QAAQ,SAAS,KAAK,OAAO,IAAI,OAAO,CAAC;AAAA,MAC7D,SAAS,KAAU;AACf,YAAI,KAAK,SAAS,uBAAuB,KAAK,SAAS,yBAAyB;AAC5E,iBAAO,EAAE,KAAK,EAAE,OAAO,IAAI,WAAW,YAAY,GAAG,GAAG;AAAA,QAC5D;AACA,cAAM;AAAA,MACV;AAAA,IACJ,CAAC;AAED,QAAI,OAAO,MAAM,2CAA2C,EAAE,OAAO,CAAC;AAAA,EAC1E;AAAA;AAAA;AAAA;AAAA,EAKA,MAAM,UAAU;AACZ,SAAK,OAAO,MAAM;AAElB,YAAQ,IAAI,mCAAmC;AAAA,EACnD;AACJ;AAAA;AApcI,cANS,kBAMe,6BAA4B;AACpD,cAPS,kBAOe,0BAAyB;AACjD,cARS,kBAQe,+BAA8B;;;AF1E1D,0BAAc,iBAHd;","names":["resolve","path","import_serve_static"]}