@openguardrails/gateway 1.0.0

package/dist/config.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Gateway configuration management
+ */
+import type { GatewayConfig } from "./types.js";
+/**
+ * Load gateway configuration from file or environment
+ */
+export declare function loadConfig(configPath?: string): GatewayConfig;
+/**
+ * Validate configuration
+ */
+export declare function validateConfig(config: GatewayConfig): void;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAIhD;;GAEG;AACH,wBAAgB,UAAU,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,aAAa,CAyB7D;AA6DD;;GAEG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,aAAa,GAAG,IAAI,CAkB1D"}

package/dist/config.js

@@ -0,0 +1,100 @@
+/**
+ * Gateway configuration management
+ */
+import { readFileSync, existsSync } from "node:fs";
+import { homedir } from "node:os";
+import { join } from "node:path";
+const DEFAULT_CONFIG_PATH = join(homedir(), ".openguardrails", "gateway.json");
+/**
+ * Load gateway configuration from file or environment
+ */
+export function loadConfig(configPath) {
+    const path = configPath || DEFAULT_CONFIG_PATH;
+    // Default configuration
+    const defaultConfig = {
+        port: parseInt(process.env.GATEWAY_PORT || "8900", 10),
+        backends: {},
+    };
+    // Try to load from file
+    if (existsSync(path)) {
+        try {
+            const fileContent = readFileSync(path, "utf-8");
+            const fileConfig = JSON.parse(fileContent);
+            return mergeConfig(defaultConfig, fileConfig);
+        }
+        catch (error) {
+            console.warn(`[ai-security-gateway] Failed to load config from ${path}:`, error);
+        }
+    }
+    // Load from environment variables
+    return loadFromEnv(defaultConfig);
+}
+/**
+ * Load backend configs from environment variables
+ */
+function loadFromEnv(config) {
+    // Anthropic
+    if (process.env.ANTHROPIC_API_KEY) {
+        config.backends.anthropic = {
+            baseUrl: process.env.ANTHROPIC_BASE_URL || "https://api.anthropic.com",
+            apiKey: process.env.ANTHROPIC_API_KEY,
+        };
+    }
+    // OpenAI
+    if (process.env.OPENAI_API_KEY) {
+        config.backends.openai = {
+            baseUrl: process.env.OPENAI_BASE_URL || "https://api.openai.com",
+            apiKey: process.env.OPENAI_API_KEY,
+        };
+    }
+    // Kimi (Moonshot)
+    if (process.env.KIMI_API_KEY || process.env.MOONSHOT_API_KEY) {
+        config.backends.openai = {
+            baseUrl: process.env.KIMI_BASE_URL || "https://api.moonshot.cn",
+            apiKey: process.env.KIMI_API_KEY || process.env.MOONSHOT_API_KEY || "",
+        };
+    }
+    // Gemini
+    if (process.env.GEMINI_API_KEY || process.env.GOOGLE_API_KEY) {
+        config.backends.gemini = {
+            baseUrl: process.env.GEMINI_BASE_URL ||
+                "https://generativelanguage.googleapis.com",
+            apiKey: process.env.GEMINI_API_KEY || process.env.GOOGLE_API_KEY || "",
+        };
+    }
+    return config;
+}
+/**
+ * Merge file config with default config
+ */
+function mergeConfig(defaultConfig, fileConfig) {
+    return {
+        port: fileConfig.port ?? defaultConfig.port,
+        backends: {
+            ...defaultConfig.backends,
+            ...fileConfig.backends,
+        },
+        routing: fileConfig.routing,
+    };
+}
+/**
+ * Validate configuration
+ */
+export function validateConfig(config) {
+    if (config.port < 1 || config.port > 65535) {
+        throw new Error(`Invalid port: ${config.port}`);
+    }
+    // Note: Backends are now optional. Gateway will act as transparent proxy.
+    // If no backends configured, gateway will forward requests based on routing rules
+    // or pass through to the original target.
+    // Validate each backend (if any)
+    for (const [name, backend] of Object.entries(config.backends)) {
+        if (!backend.baseUrl) {
+            throw new Error(`Backend ${name} missing baseUrl`);
+        }
+        if (!backend.apiKey) {
+            throw new Error(`Backend ${name} missing apiKey`);
+        }
+    }
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAGjC,MAAM,mBAAmB,GAAG,IAAI,CAAC,OAAO,EAAE,EAAE,iBAAiB,EAAE,cAAc,CAAC,CAAC;AAE/E;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,UAAmB;IAC5C,MAAM,IAAI,GAAG,UAAU,IAAI,mBAAmB,CAAC;IAE/C,wBAAwB;IACxB,MAAM,aAAa,GAAkB;QACnC,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,MAAM,EAAE,EAAE,CAAC;QACtD,QAAQ,EAAE,EAAE;KACb,CAAC;IAEF,wBAAwB;IACxB,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACrB,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAC3C,OAAO,WAAW,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;QAChD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CACV,oDAAoD,IAAI,GAAG,EAC3D,KAAK,CACN,CAAC;QACJ,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,OAAO,WAAW,CAAC,aAAa,CAAC,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,MAAqB;IACxC,YAAY;IACZ,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,CAAC;QAClC,MAAM,CAAC,QAAQ,CAAC,SAAS,GAAG;YAC1B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,2BAA2B;YACtE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB;SACtC,CAAC;IACJ,CAAC;IAED,SAAS;IACT,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;QAC/B,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG;YACvB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,wBAAwB;YAChE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc;SACnC,CAAC;IACJ,CAAC;IAED,kBAAkB;IAClB,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QAC7D,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG;YACvB,OAAO,EACL,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,yBAAyB;YACxD,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,EAAE;SACvE,CAAC;IACJ,CAAC;IAED,SAAS;IACT,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,CAAC;QAC7D,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG;YACvB,OAAO,EACL,OAAO,CAAC,GAAG,CAAC,eAAe;gBAC3B,2CAA2C;YAC7C,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,IAAI,EAAE;SACvE,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAClB,aAA4B,EAC5B,UAAkC;IAElC,OAAO;QACL,IAAI,EAAE,UAAU,CAAC,IAAI,IAAI,aAAa,CAAC,IAAI;QAC3C,QAAQ,EAAE;YACR,GAAG,aAAa,CAAC,QAAQ;YACzB,GAAG,UAAU,CAAC,QAAQ;SACvB;QACD,OAAO,EAAE,UAAU,CAAC,OAAO;KAC5B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,MAAqB;IAClD,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,IAAI,MAAM,CAAC,IAAI,GAAG,KAAK,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,iBAAiB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,0EAA0E;IAC1E,kFAAkF;IAClF,0CAA0C;IAE1C,iCAAiC;IACjC,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9D,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACrB,MAAM,IAAI,KAAK,CAAC,WAAW,IAAI,kBAAkB,CAAC,CAAC;QACrD,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;YACpB,MAAM,IAAI,KAAK,CAAC,WAAW,IAAI,iBAAiB,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/handlers/anthropic.d.ts

@@ -0,0 +1,12 @@
+/**
+ * AI Security Gateway - Anthropic Messages API handler
+ *
+ * Handles POST /v1/messages requests in Anthropic's native format.
+ */
+import type { IncomingMessage, ServerResponse } from "node:http";
+import type { GatewayConfig } from "../types.js";
+/**
+ * Handle Anthropic API request
+ */
+export declare function handleAnthropicRequest(req: IncomingMessage, res: ServerResponse, config: GatewayConfig): Promise<void>;
+//# sourceMappingURL=anthropic.d.ts.map

package/dist/handlers/anthropic.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"anthropic.d.ts","sourceRoot":"","sources":["../../src/handlers/anthropic.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,KAAK,EAAE,aAAa,EAAgB,MAAM,aAAa,CAAC;AAI/D;;GAEG;AACH,wBAAsB,sBAAsB,CAC1C,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,aAAa,GACpB,OAAO,CAAC,IAAI,CAAC,CAmFf"}

package/dist/handlers/anthropic.js

@@ -0,0 +1,150 @@
+/**
+ * AI Security Gateway - Anthropic Messages API handler
+ *
+ * Handles POST /v1/messages requests in Anthropic's native format.
+ */
+import { sanitize } from "../sanitizer.js";
+import { restore, restoreSSELine } from "../restorer.js";
+/**
+ * Handle Anthropic API request
+ */
+export async function handleAnthropicRequest(req, res, config) {
+    try {
+        // 1. Parse request body
+        const body = await readBody(req);
+        const requestData = JSON.parse(body);
+        const { model, messages, system, tools, max_tokens, temperature, stream = false, ...rest } = requestData;
+        // 2. Sanitize messages
+        const { sanitized: sanitizedMessages, mappingTable } = sanitize(messages);
+        // 3. Sanitize system prompt if present
+        const sanitizedSystem = system
+            ? sanitize(system).sanitized
+            : system;
+        // Note: We reuse the same mapping table so placeholders are consistent
+        // 4. Build sanitized request
+        const sanitizedRequest = {
+            model,
+            messages: sanitizedMessages,
+            ...(system && { system: sanitizedSystem }),
+            ...(tools && { tools }),
+            max_tokens,
+            ...(temperature !== undefined && { temperature }),
+            stream,
+            ...rest,
+        };
+        // 5. Get backend config
+        const backend = config.backends.anthropic;
+        if (!backend) {
+            res.writeHead(500, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Anthropic backend not configured" }));
+            return;
+        }
+        // 6. Forward to real Anthropic API
+        const apiUrl = `${backend.baseUrl}/v1/messages`;
+        const response = await fetch(apiUrl, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                "anthropic-version": req.headers["anthropic-version"] || "2023-06-01",
+                "x-api-key": backend.apiKey,
+            },
+            body: JSON.stringify(sanitizedRequest),
+        });
+        if (!response.ok) {
+            // Forward error response
+            res.writeHead(response.status, { "Content-Type": "application/json" });
+            const errorBody = await response.text();
+            res.end(errorBody);
+            return;
+        }
+        // 7. Handle streaming response
+        if (stream) {
+            await handleAnthropicStream(response, res, mappingTable);
+        }
+        else {
+            await handleAnthropicNonStream(response, res, mappingTable);
+        }
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] Anthropic handler error:", error);
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({
+            error: "Internal gateway error",
+            message: error instanceof Error ? error.message : String(error),
+        }));
+    }
+}
+/**
+ * Handle streaming response
+ */
+async function handleAnthropicStream(response, res, mappingTable) {
+    // Set SSE headers
+    res.writeHead(200, {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        "Connection": "keep-alive",
+    });
+    const reader = response.body?.getReader();
+    if (!reader) {
+        res.end();
+        return;
+    }
+    const decoder = new TextDecoder();
+    let buffer = "";
+    try {
+        while (true) {
+            const { done, value } = await reader.read();
+            if (done)
+                break;
+            // Decode chunk
+            buffer += decoder.decode(value, { stream: true });
+            // Process complete lines
+            const lines = buffer.split("\n");
+            buffer = lines.pop() || ""; // Keep incomplete line in buffer
+            for (const line of lines) {
+                if (!line.trim()) {
+                    res.write("\n");
+                    continue;
+                }
+                // Restore placeholders in SSE line
+                const restoredLine = restoreSSELine(line, mappingTable);
+                res.write(restoredLine + "\n");
+            }
+        }
+        // Write any remaining buffer
+        if (buffer.trim()) {
+            const restoredLine = restoreSSELine(buffer, mappingTable);
+            res.write(restoredLine + "\n");
+        }
+        res.end();
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] Stream error:", error);
+        res.end();
+    }
+}
+/**
+ * Handle non-streaming response
+ */
+async function handleAnthropicNonStream(response, res, mappingTable) {
+    const responseBody = await response.text();
+    const responseData = JSON.parse(responseBody);
+    // Restore placeholders in response
+    const restoredData = restore(responseData, mappingTable);
+    res.writeHead(200, { "Content-Type": "application/json" });
+    res.end(JSON.stringify(restoredData));
+}
+/**
+ * Read request body as string
+ */
+function readBody(req) {
+    return new Promise((resolve, reject) => {
+        let body = "";
+        req.on("data", (chunk) => {
+            body += chunk.toString();
+        });
+        req.on("end", () => resolve(body));
+        req.on("error", reject);
+    });
+}
+//# sourceMappingURL=anthropic.js.map

package/dist/handlers/anthropic.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"anthropic.js","sourceRoot":"","sources":["../../src/handlers/anthropic.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEzD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,GAAoB,EACpB,GAAmB,EACnB,MAAqB;IAErB,IAAI,CAAC;QACH,wBAAwB;QACxB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAErC,MAAM,EACJ,KAAK,EACL,QAAQ,EACR,MAAM,EACN,KAAK,EACL,UAAU,EACV,WAAW,EACX,MAAM,GAAG,KAAK,EACd,GAAG,IAAI,EACR,GAAG,WAAW,CAAC;QAEhB,uBAAuB;QACvB,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAE1E,uCAAuC;QACvC,MAAM,eAAe,GAAG,MAAM;YAC5B,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,SAAS;YAC5B,CAAC,CAAC,MAAM,CAAC;QAEX,uEAAuE;QAEvE,6BAA6B;QAC7B,MAAM,gBAAgB,GAAG;YACvB,KAAK;YACL,QAAQ,EAAE,iBAAiB;YAC3B,GAAG,CAAC,MAAM,IAAI,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;YAC1C,GAAG,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,CAAC;YACvB,UAAU;YACV,GAAG,CAAC,WAAW,KAAK,SAAS,IAAI,EAAE,WAAW,EAAE,CAAC;YACjD,MAAM;YACN,GAAG,IAAI;SACR,CAAC;QAEF,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC1C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,kCAAkC,EAAE,CAAC,CAAC,CAAC;YACvE,OAAO;QACT,CAAC;QAED,mCAAmC;QACnC,MAAM,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,cAAc,CAAC;QAChD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,EAAE;YACnC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,mBAAmB,EAAE,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAW,IAAI,YAAY;gBAC/E,WAAW,EAAE,OAAO,CAAC,MAAM;aAC5B;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC;SACvC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,yBAAyB;YACzB,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YACvE,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACnB,OAAO;QACT,CAAC;QAED,+BAA+B;QAC/B,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,qBAAqB,CAAC,QAAQ,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QAC3D,CAAC;aAAM,CAAC;YACN,MAAM,wBAAwB,CAAC,QAAQ,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,gDAAgD,EAAE,KAAK,CAAC,CAAC;QACvE,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CACL,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,wBAAwB;YAC/B,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC,CACH,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,qBAAqB,CAClC,QAAkB,EAClB,GAAmB,EACnB,YAA0B;IAE1B,kBAAkB;IAClB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;QACjB,cAAc,EAAE,mBAAmB;QACnC,eAAe,EAAE,UAAU;QAC3B,YAAY,EAAE,YAAY;KAC3B,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC;IAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,GAAG,CAAC,GAAG,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,IAAI,CAAC;QACH,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,IAAI;gBAAE,MAAM;YAEhB,eAAe;YACf,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;YAElD,yBAAyB;YACzB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,iCAAiC;YAE7D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;oBACjB,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAChB,SAAS;gBACX,CAAC;gBAED,mCAAmC;gBACnC,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;gBACxD,GAAG,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QAED,6BAA6B;QAC7B,IAAI,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YAClB,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;YAC1D,GAAG,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,CAAC;QAC5D,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,wBAAwB,CACrC,QAAkB,EAClB,GAAmB,EACnB,YAA0B;IAE1B,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAE9C,mCAAmC;IACnC,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IAEzD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;IAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,GAAoB;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;YACvB,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/handlers/gemini.d.ts

@@ -0,0 +1,12 @@
+/**
+ * AI Security Gateway - Google Gemini API handler
+ *
+ * Handles POST /v1/models/:model:generateContent requests in Gemini's format.
+ */
+import type { IncomingMessage, ServerResponse } from "node:http";
+import type { GatewayConfig } from "../types.js";
+/**
+ * Handle Gemini API request
+ */
+export declare function handleGeminiRequest(req: IncomingMessage, res: ServerResponse, config: GatewayConfig, modelName: string): Promise<void>;
+//# sourceMappingURL=gemini.d.ts.map

package/dist/handlers/gemini.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"gemini.d.ts","sourceRoot":"","sources":["../../src/handlers/gemini.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,KAAK,EAAE,aAAa,EAAgB,MAAM,aAAa,CAAC;AAI/D;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,aAAa,EACrB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC,CAiEf"}

package/dist/handlers/gemini.js

@@ -0,0 +1,80 @@
+/**
+ * AI Security Gateway - Google Gemini API handler
+ *
+ * Handles POST /v1/models/:model:generateContent requests in Gemini's format.
+ */
+import { sanitize } from "../sanitizer.js";
+import { restore } from "../restorer.js";
+/**
+ * Handle Gemini API request
+ */
+export async function handleGeminiRequest(req, res, config, modelName) {
+    try {
+        // 1. Parse request body
+        const body = await readBody(req);
+        const requestData = JSON.parse(body);
+        const { contents, tools, generationConfig, ...rest } = requestData;
+        // 2. Sanitize contents (Gemini uses "contents" instead of "messages")
+        const { sanitized: sanitizedContents, mappingTable } = sanitize(contents);
+        // 3. Build sanitized request
+        const sanitizedRequest = {
+            contents: sanitizedContents,
+            ...(tools && { tools }),
+            ...(generationConfig && { generationConfig }),
+            ...rest,
+        };
+        // 4. Get backend config
+        const backend = config.backends.gemini;
+        if (!backend) {
+            res.writeHead(500, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "Gemini backend not configured" }));
+            return;
+        }
+        // 5. Forward to Gemini API
+        const apiUrl = `${backend.baseUrl}/v1/models/${modelName}:generateContent`;
+        const response = await fetch(apiUrl, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                "x-goog-api-key": backend.apiKey,
+            },
+            body: JSON.stringify(sanitizedRequest),
+        });
+        if (!response.ok) {
+            // Forward error response
+            res.writeHead(response.status, { "Content-Type": "application/json" });
+            const errorBody = await response.text();
+            res.end(errorBody);
+            return;
+        }
+        // 6. Handle response (Gemini typically doesn't stream in same way)
+        const responseBody = await response.text();
+        const responseData = JSON.parse(responseBody);
+        // Restore placeholders in response
+        const restoredData = restore(responseData, mappingTable);
+        res.writeHead(200, { "Content-Type": "application/json" });
+        res.end(JSON.stringify(restoredData));
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] Gemini handler error:", error);
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({
+            error: "Internal gateway error",
+            message: error instanceof Error ? error.message : String(error),
+        }));
+    }
+}
+/**
+ * Read request body as string
+ */
+function readBody(req) {
+    return new Promise((resolve, reject) => {
+        let body = "";
+        req.on("data", (chunk) => {
+            body += chunk.toString();
+        });
+        req.on("end", () => resolve(body));
+        req.on("error", reject);
+    });
+}
+//# sourceMappingURL=gemini.js.map

package/dist/handlers/gemini.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"gemini.js","sourceRoot":"","sources":["../../src/handlers/gemini.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAEzC;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,GAAoB,EACpB,GAAmB,EACnB,MAAqB,EACrB,SAAiB;IAEjB,IAAI,CAAC;QACH,wBAAwB;QACxB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAErC,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE,GAAG,IAAI,EAAE,GAAG,WAAW,CAAC;QAEnE,sEAAsE;QACtE,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAE1E,6BAA6B;QAC7B,MAAM,gBAAgB,GAAG;YACvB,QAAQ,EAAE,iBAAiB;YAC3B,GAAG,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,CAAC;YACvB,GAAG,CAAC,gBAAgB,IAAI,EAAE,gBAAgB,EAAE,CAAC;YAC7C,GAAG,IAAI;SACR,CAAC;QAEF,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC,CAAC,CAAC;YACpE,OAAO;QACT,CAAC;QAED,2BAA2B;QAC3B,MAAM,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,cAAc,SAAS,kBAAkB,CAAC;QAC3E,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,EAAE;YACnC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,gBAAgB,EAAE,OAAO,CAAC,MAAM;aACjC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC;SACvC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,yBAAyB;YACzB,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YACvE,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACnB,OAAO;QACT,CAAC;QAED,mEAAmE;QACnE,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAE9C,mCAAmC;QACnC,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;QAEzD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC;IACxC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;QACpE,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CACL,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,wBAAwB;YAC/B,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC,CACH,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,GAAoB;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;YACvB,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/handlers/openai.d.ts

@@ -0,0 +1,13 @@
+/**
+ * AI Security Gateway - OpenAI Chat Completions API handler
+ *
+ * Handles POST /v1/chat/completions requests in OpenAI's format.
+ * Also compatible with OpenAI-compatible APIs (Kimi, DeepSeek, etc.)
+ */
+import type { IncomingMessage, ServerResponse } from "node:http";
+import type { GatewayConfig } from "../types.js";
+/**
+ * Handle OpenAI API request
+ */
+export declare function handleOpenAIRequest(req: IncomingMessage, res: ServerResponse, config: GatewayConfig): Promise<void>;
+//# sourceMappingURL=openai.d.ts.map

package/dist/handlers/openai.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"openai.d.ts","sourceRoot":"","sources":["../../src/handlers/openai.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AACjE,OAAO,KAAK,EAAE,aAAa,EAAgB,MAAM,aAAa,CAAC;AAI/D;;GAEG;AACH,wBAAsB,mBAAmB,CACvC,GAAG,EAAE,eAAe,EACpB,GAAG,EAAE,cAAc,EACnB,MAAM,EAAE,aAAa,GACpB,OAAO,CAAC,IAAI,CAAC,CA2Ef"}

package/dist/handlers/openai.js

@@ -0,0 +1,145 @@
+/**
+ * AI Security Gateway - OpenAI Chat Completions API handler
+ *
+ * Handles POST /v1/chat/completions requests in OpenAI's format.
+ * Also compatible with OpenAI-compatible APIs (Kimi, DeepSeek, etc.)
+ */
+import { sanitize } from "../sanitizer.js";
+import { restore, restoreSSELine } from "../restorer.js";
+/**
+ * Handle OpenAI API request
+ */
+export async function handleOpenAIRequest(req, res, config) {
+    try {
+        // 1. Parse request body
+        const body = await readBody(req);
+        const requestData = JSON.parse(body);
+        const { model, messages, tools, tool_choice, temperature, max_tokens, stream = false, ...rest } = requestData;
+        // 2. Sanitize messages
+        const { sanitized: sanitizedMessages, mappingTable } = sanitize(messages);
+        // 3. Build sanitized request
+        const sanitizedRequest = {
+            model,
+            messages: sanitizedMessages,
+            ...(tools && { tools }),
+            ...(tool_choice && { tool_choice }),
+            ...(temperature !== undefined && { temperature }),
+            ...(max_tokens && { max_tokens }),
+            stream,
+            ...rest,
+        };
+        // 4. Get backend config
+        const backend = config.backends.openai;
+        if (!backend) {
+            res.writeHead(500, { "Content-Type": "application/json" });
+            res.end(JSON.stringify({ error: "OpenAI backend not configured" }));
+            return;
+        }
+        // 5. Forward to OpenAI (or compatible) API
+        const apiUrl = `${backend.baseUrl}/v1/chat/completions`;
+        const response = await fetch(apiUrl, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json",
+                "Authorization": `Bearer ${backend.apiKey}`,
+            },
+            body: JSON.stringify(sanitizedRequest),
+        });
+        if (!response.ok) {
+            // Forward error response
+            res.writeHead(response.status, { "Content-Type": "application/json" });
+            const errorBody = await response.text();
+            res.end(errorBody);
+            return;
+        }
+        // 6. Handle streaming or non-streaming response
+        if (stream) {
+            await handleOpenAIStream(response, res, mappingTable);
+        }
+        else {
+            await handleOpenAINonStream(response, res, mappingTable);
+        }
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] OpenAI handler error:", error);
+        res.writeHead(500, { "Content-Type": "application/json" });
+        res.end(JSON.stringify({
+            error: "Internal gateway error",
+            message: error instanceof Error ? error.message : String(error),
+        }));
+    }
+}
+/**
+ * Handle streaming response (SSE)
+ */
+async function handleOpenAIStream(response, res, mappingTable) {
+    // Set SSE headers
+    res.writeHead(200, {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        "Connection": "keep-alive",
+    });
+    const reader = response.body?.getReader();
+    if (!reader) {
+        res.end();
+        return;
+    }
+    const decoder = new TextDecoder();
+    let buffer = "";
+    try {
+        while (true) {
+            const { done, value } = await reader.read();
+            if (done)
+                break;
+            // Decode chunk
+            buffer += decoder.decode(value, { stream: true });
+            // Process complete lines
+            const lines = buffer.split("\n");
+            buffer = lines.pop() || ""; // Keep incomplete line in buffer
+            for (const line of lines) {
+                if (!line.trim()) {
+                    res.write("\n");
+                    continue;
+                }
+                // Restore placeholders in SSE line
+                const restoredLine = restoreSSELine(line, mappingTable);
+                res.write(restoredLine + "\n");
+            }
+        }
+        // Write any remaining buffer
+        if (buffer.trim()) {
+            const restoredLine = restoreSSELine(buffer, mappingTable);
+            res.write(restoredLine + "\n");
+        }
+        res.end();
+    }
+    catch (error) {
+        console.error("[ai-security-gateway] Stream error:", error);
+        res.end();
+    }
+}
+/**
+ * Handle non-streaming response
+ */
+async function handleOpenAINonStream(response, res, mappingTable) {
+    const responseBody = await response.text();
+    const responseData = JSON.parse(responseBody);
+    // Restore placeholders in response
+    const restoredData = restore(responseData, mappingTable);
+    res.writeHead(200, { "Content-Type": "application/json" });
+    res.end(JSON.stringify(restoredData));
+}
+/**
+ * Read request body as string
+ */
+function readBody(req) {
+    return new Promise((resolve, reject) => {
+        let body = "";
+        req.on("data", (chunk) => {
+            body += chunk.toString();
+        });
+        req.on("end", () => resolve(body));
+        req.on("error", reject);
+    });
+}
+//# sourceMappingURL=openai.js.map

package/dist/handlers/openai.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"openai.js","sourceRoot":"","sources":["../../src/handlers/openai.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAEzD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,GAAoB,EACpB,GAAmB,EACnB,MAAqB;IAErB,IAAI,CAAC;QACH,wBAAwB;QACxB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAErC,MAAM,EACJ,KAAK,EACL,QAAQ,EACR,KAAK,EACL,WAAW,EACX,WAAW,EACX,UAAU,EACV,MAAM,GAAG,KAAK,EACd,GAAG,IAAI,EACR,GAAG,WAAW,CAAC;QAEhB,uBAAuB;QACvB,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,YAAY,EAAE,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAE1E,6BAA6B;QAC7B,MAAM,gBAAgB,GAAG;YACvB,KAAK;YACL,QAAQ,EAAE,iBAAiB;YAC3B,GAAG,CAAC,KAAK,IAAI,EAAE,KAAK,EAAE,CAAC;YACvB,GAAG,CAAC,WAAW,IAAI,EAAE,WAAW,EAAE,CAAC;YACnC,GAAG,CAAC,WAAW,KAAK,SAAS,IAAI,EAAE,WAAW,EAAE,CAAC;YACjD,GAAG,CAAC,UAAU,IAAI,EAAE,UAAU,EAAE,CAAC;YACjC,MAAM;YACN,GAAG,IAAI;SACR,CAAC;QAEF,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QACvC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,+BAA+B,EAAE,CAAC,CAAC,CAAC;YACpE,OAAO;QACT,CAAC;QAED,2CAA2C;QAC3C,MAAM,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,sBAAsB,CAAC;QACxD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,MAAM,EAAE;YACnC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,eAAe,EAAE,UAAU,OAAO,CAAC,MAAM,EAAE;aAC5C;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC;SACvC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,yBAAyB;YACzB,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;YACvE,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACxC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACnB,OAAO;QACT,CAAC;QAED,gDAAgD;QAChD,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,kBAAkB,CAAC,QAAQ,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QACxD,CAAC;aAAM,CAAC;YACN,MAAM,qBAAqB,CAAC,QAAQ,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,6CAA6C,EAAE,KAAK,CAAC,CAAC;QACpE,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3D,GAAG,CAAC,GAAG,CACL,IAAI,CAAC,SAAS,CAAC;YACb,KAAK,EAAE,wBAAwB;YAC/B,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC,CACH,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,kBAAkB,CAC/B,QAAkB,EAClB,GAAmB,EACnB,YAA0B;IAE1B,kBAAkB;IAClB,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;QACjB,cAAc,EAAE,mBAAmB;QACnC,eAAe,EAAE,UAAU;QAC3B,YAAY,EAAE,YAAY;KAC3B,CAAC,CAAC;IAEH,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,SAAS,EAAE,CAAC;IAC1C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,GAAG,CAAC,GAAG,EAAE,CAAC;QACV,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,WAAW,EAAE,CAAC;IAClC,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,IAAI,CAAC;QACH,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;YAC5C,IAAI,IAAI;gBAAE,MAAM;YAEhB,eAAe;YACf,MAAM,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;YAElD,yBAAyB;YACzB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,iCAAiC;YAE7D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;oBACjB,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAChB,SAAS;gBACX,CAAC;gBAED,mCAAmC;gBACnC,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;gBACxD,GAAG,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QAED,6BAA6B;QAC7B,IAAI,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YAClB,MAAM,YAAY,GAAG,cAAc,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;YAC1D,GAAG,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,CAAC;QAC5D,GAAG,CAAC,GAAG,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,qBAAqB,CAClC,QAAkB,EAClB,GAAmB,EACnB,YAA0B;IAE1B,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;IAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAE9C,mCAAmC;IACnC,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,EAAE,YAAY,CAAC,CAAC;IAEzD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;IAC3D,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,GAAoB;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE;YACvB,IAAI,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC3B,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACnC,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,16 @@
+#!/usr/bin/env node
+/**
+ * OpenGuardrails AI Security Gateway
+ *
+ * Local HTTP proxy that intercepts LLM API calls, sanitizes sensitive data
+ * before sending to providers, and restores it in responses.
+ * Supports Anthropic, OpenAI, and Gemini protocols.
+ */
+/**
+ * Start gateway server
+ */
+export declare function startGateway(configPath?: string): void;
+export { sanitize, sanitizeMessages } from "./sanitizer.js";
+export { restore, restoreJSON, restoreSSELine } from "./restorer.js";
+export type { GatewayConfig, MappingTable, SanitizeResult, EntityMatch } from "./types.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;;;;GAMG;AAuFH;;GAEG;AACH,wBAAgB,YAAY,CAAC,UAAU,CAAC,EAAE,MAAM,GAAG,IAAI,CAkDtD;AAGD,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACrE,YAAY,EAAE,aAAa,EAAE,YAAY,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC"}