kavachos 0.0.3 → 0.0.5

package/dist/a2a/index.js

@@ -0,0 +1,821 @@
+import { generateId } from '../chunk-3AZDFCQF.js';
+import '../chunk-PZ5AY32C.js';
+import * as jose from 'jose';
+import { z } from 'zod';
+
+var A2A_PROTOCOL_VERSION = "0.3";
+var A2A_JSONRPC_VERSION = "2.0";
+var A2A_WELL_KNOWN_PATH = "/.well-known/agent.json";
+var A2A_ERROR_CODES = {
+  PARSE_ERROR: -32700,
+  INVALID_REQUEST: -32600,
+  METHOD_NOT_FOUND: -32601,
+  INVALID_PARAMS: -32602,
+  INTERNAL_ERROR: -32603,
+  // A2A-specific codes (application-defined range)
+  TASK_NOT_FOUND: -32001,
+  AGENT_NOT_FOUND: -32002,
+  AUTHENTICATION_REQUIRED: -32003,
+  PERMISSION_DENIED: -32004,
+  RATE_LIMITED: -32005,
+  TASK_ALREADY_COMPLETED: -32006
+};
+var A2A_METHODS = {
+  SEND_MESSAGE: "message/send",
+  SEND_STREAMING_MESSAGE: "message/stream",
+  GET_TASK: "tasks/get",
+  CANCEL_TASK: "tasks/cancel"
+};
+var A2ATextPartSchema = z.object({
+  type: z.literal("text"),
+  text: z.string()
+});
+var A2AFilePartSchema = z.object({
+  type: z.literal("file"),
+  fileUri: z.string(),
+  mimeType: z.string(),
+  name: z.string().optional()
+});
+var A2ADataPartSchema = z.object({
+  type: z.literal("data"),
+  mimeType: z.string(),
+  data: z.string()
+});
+var A2APartSchema = z.discriminatedUnion("type", [
+  A2ATextPartSchema,
+  A2AFilePartSchema,
+  A2ADataPartSchema
+]);
+var A2AMessageSchema = z.object({
+  id: z.string().min(1),
+  role: z.enum(["user", "agent"]),
+  parts: z.array(A2APartSchema).min(1),
+  createdAt: z.string(),
+  metadata: z.record(z.unknown()).optional(),
+  referenceTaskIds: z.array(z.string()).optional()
+});
+var A2ATaskStateSchema = z.enum([
+  "submitted",
+  "working",
+  "input-required",
+  "completed",
+  "failed",
+  "canceled",
+  "auth-required",
+  "rejected"
+]);
+var A2ATaskStatusSchema = z.object({
+  code: A2ATaskStateSchema,
+  message: z.string().optional(),
+  progress: z.number().min(0).max(100).optional()
+});
+var A2AArtifactSchema = z.object({
+  id: z.string().min(1),
+  name: z.string().optional(),
+  mimeType: z.string().optional(),
+  parts: z.array(A2APartSchema).min(1),
+  metadata: z.record(z.unknown()).optional(),
+  createdAt: z.string()
+});
+var A2ATaskSchema = z.object({
+  id: z.string().min(1),
+  contextId: z.string().min(1),
+  status: A2ATaskStatusSchema,
+  createdAt: z.string(),
+  updatedAt: z.string(),
+  history: z.array(A2AMessageSchema).optional(),
+  artifacts: z.array(A2AArtifactSchema).optional(),
+  metadata: z.record(z.unknown()).optional()
+});
+var A2AAgentSkillSchema = z.object({
+  id: z.string().min(1),
+  name: z.string().min(1),
+  description: z.string(),
+  inputSchema: z.record(z.unknown()).optional(),
+  outputSchema: z.record(z.unknown()).optional(),
+  supportedMediaTypes: z.array(z.string()).optional(),
+  tags: z.array(z.string()).optional()
+});
+var A2AAgentProviderSchema = z.object({
+  name: z.string().min(1),
+  email: z.string().optional(),
+  url: z.string().optional()
+});
+var A2AAgentCapabilitiesSchema = z.object({
+  streaming: z.boolean().optional(),
+  pushNotifications: z.boolean().optional(),
+  extendedAgentCard: z.boolean().optional()
+});
+var A2ASecuritySchemeBaseSchema = z.object({
+  description: z.string().optional()
+});
+var A2AApiKeySecuritySchemeSchema = A2ASecuritySchemeBaseSchema.extend({
+  type: z.literal("apiKey"),
+  name: z.string().min(1),
+  in: z.enum(["query", "header", "cookie"])
+});
+var A2AHttpSecuritySchemeSchema = A2ASecuritySchemeBaseSchema.extend({
+  type: z.literal("http"),
+  scheme: z.string().min(1),
+  bearerFormat: z.string().optional()
+});
+var A2AOAuth2FlowSchema = z.object({
+  authorizationUrl: z.string().optional(),
+  tokenUrl: z.string().optional(),
+  refreshUrl: z.string().optional(),
+  scopes: z.record(z.string())
+});
+var A2AOAuth2SecuritySchemeSchema = A2ASecuritySchemeBaseSchema.extend({
+  type: z.literal("oauth2"),
+  flows: z.object({
+    implicit: A2AOAuth2FlowSchema.optional(),
+    password: A2AOAuth2FlowSchema.optional(),
+    clientCredentials: A2AOAuth2FlowSchema.optional(),
+    authorizationCode: A2AOAuth2FlowSchema.optional(),
+    deviceCode: A2AOAuth2FlowSchema.optional()
+  })
+});
+var A2AOidcSecuritySchemeSchema = A2ASecuritySchemeBaseSchema.extend({
+  type: z.literal("openIdConnect"),
+  openIdConnectUrl: z.string().min(1)
+});
+var A2AMutualTlsSecuritySchemeSchema = A2ASecuritySchemeBaseSchema.extend({
+  type: z.literal("mutualTls")
+});
+var A2ASecuritySchemeSchema = z.discriminatedUnion("type", [
+  A2AApiKeySecuritySchemeSchema,
+  A2AHttpSecuritySchemeSchema,
+  A2AOAuth2SecuritySchemeSchema,
+  A2AOidcSecuritySchemeSchema,
+  A2AMutualTlsSecuritySchemeSchema
+]);
+var A2AAgentCardSignatureSchema = z.object({
+  algorithm: z.string().min(1),
+  signature: z.string().min(1),
+  keyId: z.string().min(1)
+});
+var A2AAgentCardSchema = z.object({
+  id: z.string().min(1),
+  name: z.string().min(1),
+  description: z.string(),
+  version: z.string().min(1),
+  protocolVersion: z.string().min(1),
+  url: z.string().url(),
+  provider: A2AAgentProviderSchema.optional(),
+  capabilities: A2AAgentCapabilitiesSchema.optional(),
+  skills: z.array(A2AAgentSkillSchema).min(1),
+  securitySchemes: z.record(A2ASecuritySchemeSchema).optional(),
+  security: z.array(z.record(z.array(z.string()))).optional(),
+  defaultInputModes: z.array(z.string()).optional(),
+  defaultOutputModes: z.array(z.string()).optional(),
+  documentationUrl: z.string().url().optional(),
+  signature: A2AAgentCardSignatureSchema.optional(),
+  metadata: z.record(z.unknown()).optional()
+});
+var A2ASendMessageConfigurationSchema = z.object({
+  acceptedOutputModes: z.array(z.string()).optional(),
+  historyLength: z.number().int().min(0).optional(),
+  returnImmediately: z.boolean().optional()
+});
+var A2ASendMessageParamsSchema = z.object({
+  message: A2AMessageSchema,
+  configuration: A2ASendMessageConfigurationSchema.optional(),
+  metadata: z.record(z.unknown()).optional()
+});
+var A2AGetTaskParamsSchema = z.object({
+  id: z.string().min(1),
+  historyLength: z.number().int().min(0).optional()
+});
+var A2ACancelTaskParamsSchema = z.object({
+  id: z.string().min(1),
+  metadata: z.record(z.unknown()).optional()
+});
+var A2AJsonRpcRequestSchema = z.object({
+  jsonrpc: z.literal("2.0"),
+  id: z.union([z.string(), z.number()]),
+  method: z.string().min(1),
+  params: z.unknown()
+});
+
+// src/a2a/agent-card.ts
+function createAgentCard(input) {
+  const card = {
+    id: input.agent.id,
+    name: input.agent.name,
+    description: input.description,
+    version: input.version,
+    protocolVersion: A2A_PROTOCOL_VERSION,
+    url: input.url,
+    skills: input.skills
+  };
+  if (input.provider) card.provider = input.provider;
+  if (input.capabilities) card.capabilities = input.capabilities;
+  if (input.securitySchemes) card.securitySchemes = input.securitySchemes;
+  if (input.security) card.security = input.security;
+  if (input.defaultInputModes) card.defaultInputModes = input.defaultInputModes;
+  if (input.defaultOutputModes) card.defaultOutputModes = input.defaultOutputModes;
+  if (input.documentationUrl) card.documentationUrl = input.documentationUrl;
+  if (input.metadata) card.metadata = input.metadata;
+  return card;
+}
+function validateAgentCard(card) {
+  const parsed = A2AAgentCardSchema.safeParse(card);
+  if (!parsed.success) {
+    const issues = parsed.error.issues.map((i) => `${i.path.join(".")}: ${i.message}`);
+    return {
+      success: false,
+      error: {
+        code: "A2A_INVALID_AGENT_CARD",
+        message: `Invalid Agent Card: ${issues.join("; ")}`,
+        details: { issues }
+      }
+    };
+  }
+  return { success: true, data: parsed.data };
+}
+async function signAgentCard(options) {
+  const { card, privateKey, algorithm = "ES256", keyId } = options;
+  try {
+    const { signature: _ignored, ...cardWithoutSignature } = card;
+    const payload = new TextEncoder().encode(JSON.stringify(cardWithoutSignature));
+    const key = "kty" in privateKey ? await jose.importJWK(privateKey, algorithm) : privateKey;
+    const kid = keyId ?? generateId();
+    const jws = await new jose.CompactSign(payload).setProtectedHeader({ alg: algorithm, kid }).sign(key);
+    const signedCard = {
+      ...card,
+      signature: {
+        algorithm,
+        signature: jws,
+        keyId: kid
+      }
+    };
+    return { success: true, data: signedCard };
+  } catch (err) {
+    return {
+      success: false,
+      error: {
+        code: "A2A_SIGN_FAILED",
+        message: err instanceof Error ? err.message : "Failed to sign agent card"
+      }
+    };
+  }
+}
+async function verifyAgentCard(options) {
+  const { card, publicKey } = options;
+  if (!card.signature) {
+    return {
+      success: false,
+      error: {
+        code: "A2A_NO_SIGNATURE",
+        message: "Agent Card has no signature to verify"
+      }
+    };
+  }
+  try {
+    const { signature, ...cardWithoutSignature } = card;
+    const algorithm = signature.algorithm;
+    const key = "kty" in publicKey ? await jose.importJWK(publicKey, algorithm) : publicKey;
+    const { payload } = await jose.compactVerify(signature.signature, key);
+    const decoded = new TextDecoder().decode(payload);
+    const signedContent = JSON.parse(decoded);
+    const currentContent = JSON.stringify(cardWithoutSignature);
+    const parsedCurrentContent = JSON.parse(currentContent);
+    const matches = JSON.stringify(signedContent) === JSON.stringify(parsedCurrentContent);
+    return {
+      success: true,
+      data: { valid: matches, card }
+    };
+  } catch (err) {
+    return {
+      success: false,
+      error: {
+        code: "A2A_VERIFY_FAILED",
+        message: err instanceof Error ? err.message : "Failed to verify agent card signature"
+      }
+    };
+  }
+}
+
+// src/a2a/client.ts
+function createA2AClient(config) {
+  const fetchFn = config.fetch ?? globalThis.fetch;
+  const timeout = config.timeout ?? 3e4;
+  let cachedCard;
+  function getBaseUrl() {
+    if (typeof config.agent === "string") {
+      return config.agent.replace(/\/$/, "");
+    }
+    return config.agent.url.replace(/\/$/, "");
+  }
+  if (typeof config.agent !== "string") {
+    cachedCard = config.agent;
+  }
+  async function getAuthHeaders() {
+    if (!config.getAuthToken) return {};
+    const token = await config.getAuthToken();
+    return { Authorization: `Bearer ${token}` };
+  }
+  async function jsonRpcCall(method, params) {
+    const baseUrl = cachedCard?.url ?? getBaseUrl();
+    const authHeaders = await getAuthHeaders();
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), timeout);
+    try {
+      const response = await fetchFn(baseUrl, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          ...authHeaders
+        },
+        body: JSON.stringify({
+          jsonrpc: A2A_JSONRPC_VERSION,
+          id: generateId(),
+          method,
+          params
+        }),
+        signal: controller.signal
+      });
+      if (!response.ok) {
+        return {
+          success: false,
+          error: {
+            code: "A2A_HTTP_ERROR",
+            message: `HTTP ${response.status}: ${response.statusText}`
+          }
+        };
+      }
+      const body = await response.json();
+      if (body.error) {
+        return {
+          success: false,
+          error: {
+            code: `A2A_RPC_${body.error.code}`,
+            message: body.error.message,
+            details: body.error.data ? { data: body.error.data } : void 0
+          }
+        };
+      }
+      return { success: true, data: body.result };
+    } catch (err) {
+      if (err instanceof DOMException && err.name === "AbortError") {
+        return {
+          success: false,
+          error: {
+            code: "A2A_TIMEOUT",
+            message: `Request timed out after ${timeout}ms`
+          }
+        };
+      }
+      return {
+        success: false,
+        error: {
+          code: "A2A_REQUEST_FAILED",
+          message: err instanceof Error ? err.message : "Request failed"
+        }
+      };
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+  async function discover() {
+    if (cachedCard) {
+      return { success: true, data: cachedCard };
+    }
+    const baseUrl = getBaseUrl();
+    const url = `${baseUrl}${A2A_WELL_KNOWN_PATH}`;
+    const authHeaders = await getAuthHeaders();
+    const controller = new AbortController();
+    const timer = setTimeout(() => controller.abort(), timeout);
+    try {
+      const response = await fetchFn(url, {
+        method: "GET",
+        headers: authHeaders,
+        signal: controller.signal
+      });
+      if (!response.ok) {
+        return {
+          success: false,
+          error: {
+            code: "A2A_DISCOVERY_FAILED",
+            message: `Discovery failed: HTTP ${response.status}`
+          }
+        };
+      }
+      const body = await response.json();
+      const parsed = A2AAgentCardSchema.safeParse(body);
+      if (!parsed.success) {
+        return {
+          success: false,
+          error: {
+            code: "A2A_INVALID_AGENT_CARD",
+            message: `Invalid agent card: ${parsed.error.issues.map((i) => i.message).join("; ")}`
+          }
+        };
+      }
+      cachedCard = parsed.data;
+      return { success: true, data: cachedCard };
+    } catch (err) {
+      return {
+        success: false,
+        error: {
+          code: "A2A_DISCOVERY_FAILED",
+          message: err instanceof Error ? err.message : "Discovery request failed"
+        }
+      };
+    } finally {
+      clearTimeout(timer);
+    }
+  }
+  async function sendMessage(params) {
+    return jsonRpcCall(A2A_METHODS.SEND_MESSAGE, params);
+  }
+  async function getTask(params) {
+    return jsonRpcCall(A2A_METHODS.GET_TASK, params);
+  }
+  async function cancelTask(params) {
+    return jsonRpcCall(A2A_METHODS.CANCEL_TASK, params);
+  }
+  async function* sendStreamingMessage(params) {
+    const baseUrl = cachedCard?.url ?? getBaseUrl();
+    const authHeaders = await getAuthHeaders();
+    const response = await fetchFn(baseUrl, {
+      method: "POST",
+      headers: {
+        "Content-Type": "application/json",
+        Accept: "text/event-stream",
+        ...authHeaders
+      },
+      body: JSON.stringify({
+        jsonrpc: A2A_JSONRPC_VERSION,
+        id: generateId(),
+        method: A2A_METHODS.SEND_STREAMING_MESSAGE,
+        params
+      })
+    });
+    if (!response.ok || !response.body) {
+      throw new Error(`Streaming request failed: HTTP ${response.status}`);
+    }
+    const reader = response.body.getReader();
+    const decoder = new TextDecoder();
+    let buffer = "";
+    try {
+      while (true) {
+        const { done, value } = await reader.read();
+        if (done) break;
+        buffer += decoder.decode(value, { stream: true });
+        const lines = buffer.split("\n");
+        buffer = lines.pop() ?? "";
+        for (const line of lines) {
+          if (line.startsWith("data: ")) {
+            const data = line.slice(6).trim();
+            if (data === "[DONE]") return;
+            try {
+              yield JSON.parse(data);
+            } catch {
+            }
+          }
+        }
+      }
+    } finally {
+      reader.releaseLock();
+    }
+  }
+  return {
+    discover,
+    sendMessage,
+    getTask,
+    cancelTask,
+    sendStreamingMessage
+  };
+}
+
+// src/a2a/server.ts
+function createInMemoryTaskStore() {
+  const tasks = /* @__PURE__ */ new Map();
+  return {
+    async get(taskId) {
+      return tasks.get(taskId);
+    },
+    async set(taskId, task) {
+      tasks.set(taskId, task);
+    },
+    async delete(taskId) {
+      return tasks.delete(taskId);
+    }
+  };
+}
+function jsonRpcError(id, error) {
+  const body = {
+    jsonrpc: A2A_JSONRPC_VERSION,
+    id: id ?? 0,
+    error
+  };
+  return new Response(JSON.stringify(body), {
+    status: 200,
+    // JSON-RPC always returns 200
+    headers: { "Content-Type": "application/json" }
+  });
+}
+function jsonRpcSuccess(id, result) {
+  const body = {
+    jsonrpc: A2A_JSONRPC_VERSION,
+    id,
+    result
+  };
+  return new Response(JSON.stringify(body), {
+    status: 200,
+    headers: { "Content-Type": "application/json" }
+  });
+}
+function createA2AServer(config) {
+  const taskStore = config.taskStore ?? createInMemoryTaskStore();
+  async function audit(event) {
+    if (config.onAudit) {
+      await config.onAudit({
+        ...event,
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      });
+    }
+  }
+  async function authenticate(request) {
+    if (!config.authenticate) {
+      return { agentId: null, error: null };
+    }
+    const agentId = await config.authenticate(request);
+    if (agentId === null) {
+      return {
+        agentId: null,
+        error: jsonRpcError(0, {
+          code: A2A_ERROR_CODES.AUTHENTICATION_REQUIRED,
+          message: "Authentication required"
+        })
+      };
+    }
+    return { agentId, error: null };
+  }
+  async function handleSendMessage(id, params, agentId) {
+    const parsed = A2ASendMessageParamsSchema.safeParse(params);
+    if (!parsed.success) {
+      await audit({
+        method: A2A_METHODS.SEND_MESSAGE,
+        agentId,
+        success: false,
+        error: "Invalid params"
+      });
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.INVALID_PARAMS,
+        message: `Invalid params: ${parsed.error.issues.map((i) => i.message).join("; ")}`
+      });
+    }
+    try {
+      const task = await config.handler.onMessage(parsed.data.message, parsed.data.configuration);
+      await taskStore.set(task.id, task);
+      await audit({
+        method: A2A_METHODS.SEND_MESSAGE,
+        agentId,
+        taskId: task.id,
+        success: true
+      });
+      return jsonRpcSuccess(id, task);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : "Internal error";
+      await audit({
+        method: A2A_METHODS.SEND_MESSAGE,
+        agentId,
+        success: false,
+        error: message
+      });
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.INTERNAL_ERROR,
+        message
+      });
+    }
+  }
+  async function handleGetTask(id, params, agentId) {
+    const parsed = A2AGetTaskParamsSchema.safeParse(params);
+    if (!parsed.success) {
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.INVALID_PARAMS,
+        message: "Invalid params: id is required"
+      });
+    }
+    const task = await taskStore.get(parsed.data.id);
+    if (!task) {
+      await audit({
+        method: A2A_METHODS.GET_TASK,
+        agentId,
+        taskId: parsed.data.id,
+        success: false,
+        error: "Task not found"
+      });
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.TASK_NOT_FOUND,
+        message: `Task ${parsed.data.id} not found`
+      });
+    }
+    let result = task;
+    if (parsed.data.historyLength !== void 0 && task.history) {
+      const len = parsed.data.historyLength;
+      result = {
+        ...task,
+        history: len === 0 ? [] : task.history.slice(-len)
+      };
+    }
+    await audit({
+      method: A2A_METHODS.GET_TASK,
+      agentId,
+      taskId: task.id,
+      success: true
+    });
+    return jsonRpcSuccess(id, result);
+  }
+  async function handleCancelTask(id, params, agentId) {
+    const parsed = A2ACancelTaskParamsSchema.safeParse(params);
+    if (!parsed.success) {
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.INVALID_PARAMS,
+        message: "Invalid params: id is required"
+      });
+    }
+    const existing = await taskStore.get(parsed.data.id);
+    if (!existing) {
+      await audit({
+        method: A2A_METHODS.CANCEL_TASK,
+        agentId,
+        taskId: parsed.data.id,
+        success: false,
+        error: "Task not found"
+      });
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.TASK_NOT_FOUND,
+        message: `Task ${parsed.data.id} not found`
+      });
+    }
+    if (existing.status.code === "completed" || existing.status.code === "failed" || existing.status.code === "canceled") {
+      await audit({
+        method: A2A_METHODS.CANCEL_TASK,
+        agentId,
+        taskId: existing.id,
+        success: false,
+        error: "Task already in terminal state"
+      });
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.TASK_ALREADY_COMPLETED,
+        message: `Task ${parsed.data.id} is already ${existing.status.code}`
+      });
+    }
+    if (config.handler.onCancel) {
+      try {
+        const canceled2 = await config.handler.onCancel(parsed.data.id);
+        await taskStore.set(canceled2.id, canceled2);
+        await audit({
+          method: A2A_METHODS.CANCEL_TASK,
+          agentId,
+          taskId: canceled2.id,
+          success: true
+        });
+        return jsonRpcSuccess(id, canceled2);
+      } catch (err) {
+        const message = err instanceof Error ? err.message : "Cancel failed";
+        await audit({
+          method: A2A_METHODS.CANCEL_TASK,
+          agentId,
+          taskId: parsed.data.id,
+          success: false,
+          error: message
+        });
+        return jsonRpcError(id, {
+          code: A2A_ERROR_CODES.INTERNAL_ERROR,
+          message
+        });
+      }
+    }
+    const canceled = {
+      ...existing,
+      status: { code: "canceled", message: "Canceled by client" },
+      updatedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    await taskStore.set(canceled.id, canceled);
+    await audit({
+      method: A2A_METHODS.CANCEL_TASK,
+      agentId,
+      taskId: canceled.id,
+      success: true
+    });
+    return jsonRpcSuccess(id, canceled);
+  }
+  function handleStreamingMessage(id, params, agentId) {
+    if (!config.handler.onMessageStream) {
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.METHOD_NOT_FOUND,
+        message: "Streaming not supported by this agent"
+      });
+    }
+    const parsed = A2ASendMessageParamsSchema.safeParse(params);
+    if (!parsed.success) {
+      return jsonRpcError(id, {
+        code: A2A_ERROR_CODES.INVALID_PARAMS,
+        message: "Invalid params"
+      });
+    }
+    const stream = config.handler.onMessageStream(parsed.data.message, parsed.data.configuration);
+    const encoder = new TextEncoder();
+    const readable = new ReadableStream({
+      async start(controller) {
+        try {
+          for await (const event of stream) {
+            const data = JSON.stringify(event);
+            controller.enqueue(encoder.encode(`data: ${data}
+
+`));
+          }
+          controller.enqueue(encoder.encode("data: [DONE]\n\n"));
+          controller.close();
+        } catch (err) {
+          const errorData = JSON.stringify({
+            type: "error",
+            error: {
+              code: A2A_ERROR_CODES.INTERNAL_ERROR,
+              message: err instanceof Error ? err.message : "Stream error"
+            }
+          });
+          controller.enqueue(encoder.encode(`data: ${errorData}
+
+`));
+          controller.close();
+        }
+        void audit({
+          method: A2A_METHODS.SEND_STREAMING_MESSAGE,
+          agentId,
+          success: true
+        });
+      }
+    });
+    return new Response(readable, {
+      status: 200,
+      headers: {
+        "Content-Type": "text/event-stream",
+        "Cache-Control": "no-cache",
+        Connection: "keep-alive"
+      }
+    });
+  }
+  async function handleRequest(request) {
+    const url = new URL(request.url);
+    if (request.method === "GET" && url.pathname.endsWith(A2A_WELL_KNOWN_PATH)) {
+      return new Response(JSON.stringify(config.agentCard), {
+        status: 200,
+        headers: { "Content-Type": "application/json" }
+      });
+    }
+    if (request.method !== "POST") {
+      return new Response("Method Not Allowed", { status: 405 });
+    }
+    const auth = await authenticate(request);
+    if (auth.error) return auth.error;
+    const agentId = auth.agentId;
+    let body;
+    try {
+      body = await request.json();
+    } catch {
+      return jsonRpcError(null, {
+        code: A2A_ERROR_CODES.PARSE_ERROR,
+        message: "Invalid JSON"
+      });
+    }
+    const envelope = A2AJsonRpcRequestSchema.safeParse(body);
+    if (!envelope.success) {
+      return jsonRpcError(null, {
+        code: A2A_ERROR_CODES.INVALID_REQUEST,
+        message: "Invalid JSON-RPC request"
+      });
+    }
+    const { id: reqId, method, params } = envelope.data;
+    switch (method) {
+      case A2A_METHODS.SEND_MESSAGE:
+        return handleSendMessage(reqId, params, agentId);
+      case A2A_METHODS.GET_TASK:
+        return handleGetTask(reqId, params, agentId);
+      case A2A_METHODS.CANCEL_TASK:
+        return handleCancelTask(reqId, params, agentId);
+      case A2A_METHODS.SEND_STREAMING_MESSAGE:
+        return handleStreamingMessage(reqId, params, agentId);
+      default:
+        await audit({
+          method,
+          agentId,
+          success: false,
+          error: "Method not found"
+        });
+        return jsonRpcError(reqId, {
+          code: A2A_ERROR_CODES.METHOD_NOT_FOUND,
+          message: `Unknown method: ${method}`
+        });
+    }
+  }
+  return { handleRequest, taskStore };
+}
+
+export { A2AAgentCapabilitiesSchema, A2AAgentCardSchema, A2AAgentCardSignatureSchema, A2AAgentProviderSchema, A2AAgentSkillSchema, A2AApiKeySecuritySchemeSchema, A2AArtifactSchema, A2ACancelTaskParamsSchema, A2ADataPartSchema, A2AFilePartSchema, A2AGetTaskParamsSchema, A2AHttpSecuritySchemeSchema, A2AJsonRpcRequestSchema, A2AMessageSchema, A2AMutualTlsSecuritySchemeSchema, A2AOAuth2FlowSchema, A2AOAuth2SecuritySchemeSchema, A2AOidcSecuritySchemeSchema, A2APartSchema, A2ASecuritySchemeSchema, A2ASendMessageConfigurationSchema, A2ASendMessageParamsSchema, A2ATaskSchema, A2ATaskStateSchema, A2ATaskStatusSchema, A2ATextPartSchema, A2A_ERROR_CODES, A2A_JSONRPC_VERSION, A2A_METHODS, A2A_PROTOCOL_VERSION, A2A_WELL_KNOWN_PATH, createA2AClient, createA2AServer, createAgentCard, signAgentCard, validateAgentCard, verifyAgentCard };
+//# sourceMappingURL=index.js.map
+//# sourceMappingURL=index.js.map