maxion-mcp-gateway 1.0.1

package/aws_lambda_handler.js

@@ -0,0 +1,301 @@
+const { BedrockRuntimeClient, StartAsyncInvokeCommand, GetAsyncInvokeCommand, InvokeModelCommand } = require("@aws-sdk/client-bedrock-runtime");
+const { S3Client, GetObjectCommand, ListObjectsV2Command, PutObjectCommand } = require("@aws-sdk/client-s3");
+const { DynamoDBClient, PutItemCommand, QueryCommand, UpdateItemCommand, GetItemCommand } = require("@aws-sdk/client-dynamodb");
+const { getSignedUrl } = require("@aws-sdk/s3-request-presigner");
+
+const ddbClient = new DynamoDBClient({ region: process.env.AWS_REGION || "us-east-1" });
+const bedrockClient = new BedrockRuntimeClient({ region: process.env.AWS_REGION || 'us-east-1' });
+const s3Client = new S3Client({ region: process.env.AWS_REGION || 'us-east-1' });
+
+const DDB_TABLE       = "LineageUserArchive";
+const RECEIPTS_TABLE  = "LineageReceipts";
+const S3_OUTPUT_BUCKET = process.env.S3_OUTPUT_BUCKET || 'jk-advanced-tech-web-videos';
+const TEAK_PASSKEY    = process.env.TEAK_PASSKEY || '';
+
+const CORS = {
+    "Access-Control-Allow-Origin": "*",
+    "Access-Control-Allow-Headers": "Content-Type,Authorization",
+    "Access-Control-Allow-Methods": "OPTIONS,POST,GET"
+};
+
+function respond(statusCode, obj) {
+    return { statusCode, headers: CORS, body: JSON.stringify(obj) };
+}
+
+function errRespond(statusCode, message, details) {
+    console.error(`[ERROR ${statusCode}]`, message, details || '');
+    return respond(statusCode, { error: message, details: details ? String(details) : undefined, timestamp: new Date().toISOString() });
+}
+
+// ── Validate and atomically consume a one-time receipt ──────────────────────
+// Returns { ok: true } on success, or { ok: false, reason: string } on failure.
+// TEAK passkey bypasses all receipt checks.
+async function consumeReceipt(receiptId) {
+    if (!receiptId) return { ok: false, reason: 'Missing receipt ID. Please complete payment first.' };
+
+    // Owner TEAK bypass — validated server-side against env var
+    if (TEAK_PASSKEY && receiptId === TEAK_PASSKEY) return { ok: true, teak: true };
+
+    // Verify the receipt exists and is unused
+    let item;
+    try {
+        const res = await ddbClient.send(new GetItemCommand({
+            TableName: RECEIPTS_TABLE,
+            Key: { receiptId: { S: receiptId } }
+        }));
+        item = res.Item;
+    } catch (e) {
+        return { ok: false, reason: 'Could not verify receipt. Please try again.' };
+    }
+
+    if (!item) return { ok: false, reason: 'Receipt not found. Please check your code and try again.' };
+    if (item.status?.S !== 'unused') return { ok: false, reason: 'This receipt has already been used. Each receipt allows one generation.' };
+
+    // Atomically mark as used — prevents double-spend if two requests race
+    try {
+        await ddbClient.send(new UpdateItemCommand({
+            TableName: RECEIPTS_TABLE,
+            Key: { receiptId: { S: receiptId } },
+            UpdateExpression: 'SET #s = :used, usedAt = :now',
+            ConditionExpression: '#s = :unused',
+            ExpressionAttributeNames: { '#s': 'status' },
+            ExpressionAttributeValues: {
+                ':used':   { S: 'used' },
+                ':now':    { S: new Date().toISOString() },
+                ':unused': { S: 'unused' },
+            }
+        }));
+    } catch (e) {
+        // ConditionalCheckFailedException means another request just consumed it
+        return { ok: false, reason: 'This receipt has already been used. Each receipt allows one generation.' };
+    }
+
+    return { ok: true };
+}
+
+exports.handler = async (event) => {
+    const method  = event.httpMethod || event.requestContext?.http?.method || 'POST';
+    const rawPath = event.path || event.rawPath || '/';
+    console.log('[Lambda] method:', method, 'path:', rawPath);
+    if (method === 'OPTIONS') return respond(200, {});
+
+    try {
+        const body      = JSON.parse(event.body || '{}');
+        const receiptId = body.receiptId;
+
+        // ── GET /receipt?sessionId= ─────────────────────────────────────────
+        // Called by the frontend after Stripe redirects back with ?session_id=
+        // Returns the RC_ code so the user can copy and enter it.
+        if (method === 'GET' && rawPath.includes('/receipt')) {
+            const sessionId = event.queryStringParameters?.sessionId;
+            if (!sessionId) return errRespond(400, 'Missing sessionId');
+
+            // Scan for the receipt by sessionId (low volume table, acceptable)
+            const scanRes = await ddbClient.send(new QueryCommand({
+                TableName: RECEIPTS_TABLE,
+                IndexName: 'sessionId-index',
+                KeyConditionExpression: 'sessionId = :s',
+                ExpressionAttributeValues: { ':s': { S: sessionId } }
+            }));
+
+            const item = scanRes.Items?.[0];
+            if (!item) return errRespond(404, 'Receipt not found for this session. It may still be processing — try again in a moment.');
+            return respond(200, {
+                receiptId: item.receiptId?.S,
+                status:    item.status?.S,
+                email:     item.email?.S,
+            });
+        }
+
+        // ── GET /verify?receiptId= ──────────────────────────────────────────
+        // Validates a code without consuming it — called by frontend VERIFY button.
+        if (method === 'GET' && rawPath.includes('/verify')) {
+            const qReceiptId = event.queryStringParameters?.receiptId;
+            if (!qReceiptId) return errRespond(400, 'Missing receiptId');
+
+            // TEAK owner bypass
+            if (TEAK_PASSKEY && qReceiptId === TEAK_PASSKEY) return respond(200, { valid: true, teak: true });
+
+            const res = await ddbClient.send(new GetItemCommand({
+                TableName: RECEIPTS_TABLE,
+                Key: { receiptId: { S: qReceiptId } }
+            }));
+            const item = res.Item;
+            if (!item)                          return respond(200, { valid: false, reason: 'Receipt not found.' });
+            if (item.status?.S !== 'unused')    return respond(200, { valid: false, reason: 'This receipt has already been used.' });
+            return respond(200, { valid: true });
+        }
+
+        // ── GET /history ────────────────────────────────────────────────────
+        if (method === 'GET' && rawPath.includes('/history')) {
+            const qReceiptId = event.queryStringParameters?.receiptId;
+            if (!qReceiptId) return errRespond(400, 'Missing receiptId for history fetch');
+            const queryRes = await ddbClient.send(new QueryCommand({
+                TableName: DDB_TABLE,
+                KeyConditionExpression: 'receiptId = :r',
+                ExpressionAttributeValues: { ':r': { S: qReceiptId } }
+            }));
+            const history = (queryRes.Items || []).map(i => ({
+                id:        i.jobId?.S,
+                prompt:    i.prompt?.S,
+                url:       i.url?.S || '',
+                status:    i.status?.S,
+                type:      i.type?.S || 'video',
+                timestamp: i.timestamp?.S
+            })).sort((a, b) => new Date(b.timestamp) - new Date(a.timestamp));
+            return respond(200, { history });
+        }
+
+        // ── GET /status/<jobId> ─────────────────────────────────────────────
+        if (method === 'GET' && rawPath.includes('/status/')) {
+            const pathParts = rawPath.split('/status/');
+            const jobId = decodeURIComponent(pathParts[1] || (event.queryStringParameters?.jobId || body.jobId));
+            if (!jobId) return errRespond(400, 'Missing jobId in path or query');
+            console.log('[Poll] Checking ARN:', jobId);
+            let getResponse;
+            try { getResponse = await bedrockClient.send(new GetAsyncInvokeCommand({ invocationArn: jobId })); }
+            catch (e) { return errRespond(500, 'Failed to poll Bedrock status', e.message); }
+            const status = getResponse.status;
+            console.log('[Poll] Status:', status, '| Failure:', getResponse.failureMessage || 'none');
+            if (status === 'InProgress') return respond(202, { status: 'processing', message: 'Video still generating, poll again in 5s.' });
+            if (status === 'Failed') return errRespond(500, `Generation failed: ${getResponse.failureMessage || 'No detail'}`, JSON.stringify(getResponse));
+            const outputUri = getResponse.outputDataConfig?.s3OutputDataConfig?.s3Uri;
+            if (!outputUri) return errRespond(500, 'Bedrock completed but returned no S3 output URI', JSON.stringify(getResponse));
+            const s3Match = outputUri.match(/^s3:\/\/([^/]+)\/(.+)$/);
+            const bucket  = s3Match ? s3Match[1] : S3_OUTPUT_BUCKET;
+            const prefix  = (s3Match ? s3Match[2] : outputUri).replace(/\/+$/, '') + '/';
+            const listResp = await s3Client.send(new ListObjectsV2Command({ Bucket: bucket, Prefix: prefix }));
+            const mp4 = listResp.Contents?.find(i => i.Key.endsWith('.mp4'));
+            if (!mp4) return errRespond(500, `No .mp4 found in S3 output folder: ${prefix}`, JSON.stringify(listResp.Contents?.map(i => i.Key) || []));
+            const resultUrl = await getSignedUrl(s3Client, new GetObjectCommand({ Bucket: bucket, Key: mp4.Key }), { expiresIn: 86400 });
+            console.log('[Poll] Video ready:', resultUrl);
+            return respond(200, { status: 'success', url: resultUrl });
+        }
+
+        // ── POST: IMAGE generation ──────────────────────────────────────────
+        const prompt = body.prompt;
+        if (prompt) {
+            // Validate and consume the receipt BEFORE generating
+            const check = await consumeReceipt(receiptId);
+            if (!check.ok) return errRespond(402, check.reason);
+
+            let response;
+            try {
+                response = await bedrockClient.send(new InvokeModelCommand({
+                    modelId: 'amazon.nova-canvas-v1:0',
+                    contentType: 'application/json',
+                    accept: 'application/json',
+                    body: JSON.stringify({
+                        taskType: "TEXT_IMAGE",
+                        textToImageParams: { text: prompt },
+                        imageGenerationConfig: { numberOfImages: 1, height: 1024, width: 1024, cfgScale: 8.0, quality: "premium" }
+                    })
+                }));
+            } catch (e) {
+                const msg   = e.message || String(e);
+                const lower = msg.toLowerCase();
+                if (lower.includes('throttling') || lower.includes('too many request') || lower.includes('quota')) {
+                    console.log('[Nova Canvas] Throttled, falling back to Titan');
+                    try {
+                        response = await bedrockClient.send(new InvokeModelCommand({
+                            modelId: 'amazon.titan-image-generator-v2:0',
+                            contentType: 'application/json',
+                            accept: 'application/json',
+                            body: JSON.stringify({
+                                taskType: "TEXT_IMAGE",
+                                textToImageParams: { text: prompt },
+                                imageGenerationConfig: { numberOfImages: 1, height: 1024, width: 1024, cfgScale: 8.0 }
+                            })
+                        }));
+                    } catch (fallback) { return errRespond(429, 'Both Nova Canvas and Titan fallback throttled', fallback.message); }
+                } else if (msg.includes('AccessDenied') || msg.includes('not authorized')) { return errRespond(403, 'Bedrock access denied for image generation', msg); }
+                else { return errRespond(500, 'Image generation failed', msg); }
+            }
+            const rb = JSON.parse(new TextDecoder().decode(response.body));
+            if (!rb.images?.length) return errRespond(500, 'No images returned', JSON.stringify(rb));
+            const key = `nova-canvas-exports/image-${Date.now()}.png`;
+            await s3Client.send(new PutObjectCommand({ Bucket: S3_OUTPUT_BUCKET, Key: key, Body: Buffer.from(rb.images[0], 'base64'), ContentType: 'image/png' }));
+            const presignedUrl = await getSignedUrl(s3Client, new GetObjectCommand({ Bucket: S3_OUTPUT_BUCKET, Key: key }), { expiresIn: 86400 });
+            const jobId = `DONE:${encodeURIComponent(presignedUrl)}`;
+            try {
+                await ddbClient.send(new PutItemCommand({
+                    TableName: DDB_TABLE,
+                    Item: {
+                        receiptId: { S: receiptId || 'teak' },
+                        jobId:     { S: jobId },
+                        prompt:    { S: prompt },
+                        url:       { S: presignedUrl },
+                        status:    { S: 'complete' },
+                        type:      { S: 'image' },
+                        timestamp: { S: new Date().toISOString() }
+                    }
+                }));
+            } catch (e) { console.error('[DynamoDB] Image log error:', e); }
+            return respond(200, { status: 'success', imageUrl: presignedUrl, jobId });
+        }
+
+        // ── POST: VIDEO generation ──────────────────────────────────────────
+        const masterPrompt   = body.masterPrompt;
+        const referenceImage = body.referenceImage;
+        if (masterPrompt) {
+            // Validate and consume the receipt BEFORE generating
+            const check = await consumeReceipt(receiptId);
+            if (!check.ok) return errRespond(402, check.reason);
+
+            const reelInput = {
+                taskType: referenceImage ? "IMAGE_VIDEO" : "TEXT_VIDEO",
+                textToVideoParams: { text: masterPrompt },
+                videoGenerationConfig: { durationSeconds: 6, fps: 24, dimension: "1280x720" }
+            };
+            if (referenceImage) {
+                reelInput.imageToVideoParams = { images: [{ format: "jpeg", source: { bytes: referenceImage.split(',')[1] } }] };
+            }
+            let startResp;
+            try {
+                startResp = await bedrockClient.send(new StartAsyncInvokeCommand({
+                    modelId: 'amazon.nova-reel-v1:1',
+                    clientRequestToken: `jk-reel-${Date.now()}`,
+                    outputDataConfig: { s3OutputDataConfig: { s3Uri: `s3://${S3_OUTPUT_BUCKET}/nova-reel-exports/` } },
+                    modelInput: reelInput
+                }));
+            } catch (e) {
+                const msg   = e.message || String(e);
+                const lower = msg.toLowerCase();
+                if (lower.includes('throttlingexception') || lower.includes('too many request')) {
+                    console.log('[Nova Reel] Throttled, falling back to Luma Ray');
+                    const lumaClient = new BedrockRuntimeClient({ region: 'us-west-2' });
+                    try {
+                        startResp = await lumaClient.send(new StartAsyncInvokeCommand({
+                            modelId: 'luma.ray-v2:0',
+                            clientRequestToken: `jk-luma-${Date.now()}`,
+                            outputDataConfig: { s3OutputDataConfig: { s3Uri: `s3://${S3_OUTPUT_BUCKET}/luma-exports/` } },
+                            modelInput: { prompt: masterPrompt, aspect_ratio: "16:9", resolution: "720p" }
+                        }));
+                    } catch (fallback) { return errRespond(429, 'Both Nova Reel and Luma fallback throttled', fallback.message); }
+                } else if (msg.includes('AccessDenied') || msg.includes('not authorized')) { return errRespond(403, 'Bedrock access denied for video generation', msg); }
+                else if (msg.includes('ValidationException')) { return errRespond(400, 'Invalid video parameters', msg); }
+                else { return errRespond(500, 'Video generation start failed', msg); }
+            }
+            const jobId = startResp.invocationArn || `unknown-${Date.now()}`;
+            try {
+                await ddbClient.send(new PutItemCommand({
+                    TableName: DDB_TABLE,
+                    Item: {
+                        receiptId: { S: receiptId || 'teak' },
+                        jobId:     { S: jobId },
+                        prompt:    { S: masterPrompt },
+                        url:       { S: '' },
+                        status:    { S: 'pending' },
+                        type:      { S: 'video' },
+                        timestamp: { S: new Date().toISOString() }
+                    }
+                }));
+            } catch (e) { console.error('[DynamoDB] Video start log error:', e); }
+            return respond(202, { status: 'started', jobId, message: 'Video generation started. Poll /status/<jobId>.' });
+        }
+
+        return errRespond(400, 'No valid prompt supplied');
+    } catch (err) {
+        return errRespond(500, 'Unhandled Lambda error', err.message);
+    }
+};

package/build_worker_zip.js

@@ -0,0 +1,21 @@
+const fs = require('fs');
+const path = require('path');
+const archiver = require('archiver');
+
+const zipPath = path.join(__dirname, 'worker_deploy.zip');
+const sourceFile = path.join(__dirname, 'worker_code', 'index.js');
+
+const output = fs.createWriteStream(zipPath);
+const archive = archiver('zip', { zlib: { level: 9 } });
+
+output.on('close', () => {
+    console.log(`Successfully created worker_deploy.zip: ${archive.pointer()} total bytes`);
+});
+
+archive.on('error', (err) => {
+    console.error('Error zipping:', err);
+});
+
+archive.pipe(output);
+archive.file(sourceFile, { name: 'index.js' });
+archive.finalize();

package/clean_page.js

@@ -0,0 +1,53 @@
+const fs = require('fs');
+const path = './web-hub/src/app/page.tsx';
+
+let code = fs.readFileSync(path, 'utf8');
+
+// 1. Remove the entire Trial Timers useEffect block
+const trialTimerStartRegex = /\/\/ == Trial Timers ==\s*useEffect\(\(\) => \{/m;
+const match = code.match(trialTimerStartRegex);
+if (match) {
+    const startIndex = match.index;
+    let openBraces = 0;
+    let endIndex = -1;
+    let started = false;
+    for (let i = startIndex; i < code.length; i++) {
+        if (code[i] === '{') {
+            openBraces++;
+            started = true;
+        } else if (code[i] === '}') {
+            openBraces--;
+            if (started && openBraces === 0) {
+                // Check if the next characters are "}, [trialActive, trialTimeLeft, diamonizeTrialActive, diamonizeTimeLeft]);"
+                const searchEnd = code.indexOf(';', i);
+                endIndex = searchEnd + 1;
+                break;
+            }
+        }
+    }
+    if (endIndex !== -1) {
+        code = code.substring(0, startIndex) + code.substring(endIndex);
+    }
+}
+
+// 2. Remove any other leftover references to trial variables (this might require manual regex for JSX buttons)
+code = code.replace(/\{\s*!maxionTrialConsumed\s*&&\s*\([\s\S]*?<button[\s\S]*?START 1-HOUR FREE TRIAL[\s\S]*?<\/button>\s*\)\s*\}/gm, '');
+code = code.replace(/\{\s*!diamonizeTrialConsumed\s*&&\s*\([\s\S]*?<button[\s\S]*?START 1-HOUR FREE TRIAL[\s\S]*?<\/button>\s*\)\s*\}/gm, '');
+
+// Global Maxion Timer HUD
+code = code.replace(/\{\s*trialActive\s*&&\s*\([\s\S]*?MAXION GOVERNOR \[ACTIVE\][\s\S]*?<\/div>\s*\)\s*\}/gm, '');
+
+// Global Diamonize Timer HUD
+code = code.replace(/\{\s*diamonizeTrialActive\s*&&\s*\([\s\S]*?DIAMONIZE TUNNEL \[ACTIVE\][\s\S]*?<\/svg>\s*\)\s*\}/gm, '');
+
+// Global Trial Indicator
+code = code.replace(/\{\s*\/\* Global Trial Indicator \*\/\s*\}/gm, '');
+code = code.replace(/\{\s*trialActive\s*&&\s*appState\s*!==\s*'maxion_sandbox'\s*&&\s*\([\s\S]*?MAXION GOVERNOR ACTIVE[\s\S]*?<\/div>\s*\)\s*\}/gm, '');
+
+// Fix 'DISABLE MAXION' button which uses setTrialActive and setTrialTimeLeft
+code = code.replace(/setTrialActive\(false\);\s*/gm, '');
+code = code.replace(/setTrialTimeLeft\(3600\);\s*/gm, '');
+
+// Also clean up any other syntax issues that might arise.
+fs.writeFileSync(path, code, 'utf8');
+console.log('Cleanup script finished.');

package/clean_page_2.js

@@ -0,0 +1,37 @@
+const fs = require('fs');
+const path = './web-hub/src/app/page.tsx';
+
+let code = fs.readFileSync(path, 'utf8');
+
+// The simplest way to clear all this out safely without AST parsing
+// is to replace the TS error lines with empty strings or false where appropriate.
+
+// Remove the entire useEffect block for Trial Timers
+code = code.replace(/\/\/ == Trial Timers ==[\s\S]*?\}, \[trialActive, trialTimeLeft, diamonizeTrialActive, diamonizeTimeLeft\]\);/gm, '');
+
+// Clean up remaining TS errors identified in the log
+code = code.replace(/\{\s*!diamonizeTrialConsumed\s*&&\s*\([\s\S]*?<button[\s\S]*?START 1-HOUR FREE TRIAL[\s\S]*?<\/button>\s*\)\s*\}/gm, '');
+code = code.replace(/\{\s*!maxionTrialConsumed\s*&&\s*\([\s\S]*?<button[\s\S]*?START 1-HOUR FREE TRIAL[\s\S]*?<\/button>\s*\)\s*\}/gm, '');
+
+// The Global Maxion Timer HUD
+code = code.replace(/\{\s*trialActive\s*&&\s*\(\s*<div style=\{\{\s*position: 'fixed'[\s\S]*?MAXION GOVERNOR \[ACTIVE\][\s\S]*?<\/div>\s*\)\s*\}/gm, '');
+
+// The Global Diamonize Timer HUD
+code = code.replace(/\{\s*diamonizeTrialActive\s*&&\s*\(\s*<div style=\{\{\s*position: 'fixed'[\s\S]*?DIAMONIZE TUNNEL \[ACTIVE\][\s\S]*?<\/div>\s*\)\s*\}/gm, '');
+
+// Global Trial Indicator
+code = code.replace(/\{\s*\/\* Global Trial Indicator \*\/\s*\}/gm, '');
+code = code.replace(/\{\s*trialActive\s*&&\s*appState\s*!==\s*'maxion_sandbox'\s*&&\s*\(\s*<div style=\{\{\s*position: 'fixed'[\s\S]*?MAXION GOVERNOR ACTIVE[\s\S]*?<\/div>\s*\)\s*\}/gm, '');
+
+// Replace any leftover references inside conditionals
+code = code.replace(/\(diamonizeTrialActive \|\| diamonizeAccess\)/g, '(diamonizeAccess)');
+code = code.replace(/\(trialActive \|\| maxionAccess\)/g, '(maxionAccess)');
+code = code.replace(/!diamonizeTrialActive/g, 'false');
+code = code.replace(/!trialActive/g, 'false');
+
+// Fix 'DISABLE MAXION' button block which might have been missed
+code = code.replace(/setTrialActive\(false\);\s*/gm, '');
+code = code.replace(/setTrialTimeLeft\(3600\);\s*/gm, '');
+
+fs.writeFileSync(path, code, 'utf8');
+console.log('Second cleanup script finished.');

package/clean_trials_safe.js

@@ -0,0 +1,35 @@
+const fs = require('fs');
+const path = './web-hub/src/app/page.tsx';
+let code = fs.readFileSync(path, 'utf8');
+
+// 1. Remove Quezar & Diamonize bypasses
+code = code.replace(/setTimeout\(\(\) => setQuezarAccess\(true\), 5000\);/g, '');
+code = code.replace(/setTimeout\(\(\) => setDiamonizeAccess\(true\), 5000\);/g, '');
+
+// 2. We will leave the trialActive and other state variables intact, but we will strip the actual UI elements so users can never click them.
+// This is much safer than stripping the React State which causes 35+ TS errors.
+
+// Maxion Trial Button
+code = code.replace(/\{\s*!maxionTrialConsumed\s*&&\s*\([\s\S]*?<button[\s\S]*?START 1-HOUR FREE TRIAL[\s\S]*?<\/button>\s*\)\s*\}/gm, '');
+
+// Diamonize Trial Button
+code = code.replace(/\{\s*!diamonizeTrialConsumed\s*&&\s*\([\s\S]*?<button[\s\S]*?START 1-HOUR FREE TRIAL[\s\S]*?<\/button>\s*\)\s*\}/gm, '');
+
+// Global Maxion Timer HUD
+code = code.replace(/\{\s*trialActive\s*&&\s*\(\s*<div style=\{\{\s*position: 'fixed'[\s\S]*?MAXION GOVERNOR \[ACTIVE\][\s\S]*?<\/div>\s*\)\s*\}/gm, '');
+
+// Global Diamonize Timer HUD
+code = code.replace(/\{\s*diamonizeTrialActive\s*&&\s*\(\s*<div style=\{\{\s*position: 'fixed'[\s\S]*?DIAMONIZE TUNNEL \[ACTIVE\][\s\S]*?<\/div>\s*\)\s*\}/gm, '');
+
+// Global Trial Indicator
+code = code.replace(/\{\s*\/\* Global Trial Indicator \*\/\s*\}/gm, '');
+code = code.replace(/\{\s*trialActive\s*&&\s*appState\s*!==\s*'maxion_sandbox'\s*&&\s*\(\s*<div style=\{\{\s*position: 'fixed'[\s\S]*?MAXION GOVERNOR ACTIVE[\s\S]*?<\/div>\s*\)\s*\}/gm, '');
+
+// Stop the timers from doing anything malicious or popping up toasts
+code = code.replace(/showToast\('error', '\[TRIAL EXPIRED\] MAXION HARDWARE ACCESS REVOKED'\);/g, '');
+code = code.replace(/showToast\('error', '\[TRIAL EXPIRED\] DIAMONIZE SECURE TUNNEL COLLAPSED'\);/g, '');
+code = code.replace(/setTrialActive\(false\);/g, '');
+code = code.replace(/setDiamonizeTrialActive\(false\);/g, '');
+
+fs.writeFileSync(path, code, 'utf8');
+console.log('Safe trial cleanup finished.');

package/configure_aws.js

@@ -0,0 +1,102 @@
+require('dotenv').config();
+const { S3Client, PutBucketCorsCommand, PutBucketOwnershipControlsCommand } = require("@aws-sdk/client-s3");
+const { LambdaClient, UpdateFunctionCodeCommand } = require("@aws-sdk/client-lambda");
+const fs = require('fs');
+const path = require('path');
+const archiver = require('archiver');
+
+const region = "us-east-1";
+const creds = {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
+};
+
+const s3 = new S3Client({ region, credentials: creds });
+const lambda = new LambdaClient({ region, credentials: creds });
+
+const BUCKET_NAME = process.env.S3_OUTPUT_BUCKET || 'jk-advanced-tech-web-videos';
+
+async function configureS3() {
+    try {
+        console.log(`Configuring CORS for bucket: ${BUCKET_NAME}`);
+        await s3.send(new PutBucketCorsCommand({
+            Bucket: BUCKET_NAME,
+            CORSConfiguration: {
+                CORSRules: [
+                    {
+                        AllowedHeaders: ["*"],
+                        AllowedMethods: ["GET", "PUT", "HEAD"],
+                        AllowedOrigins: ["*"],
+                        ExposeHeaders: ["ETag"]
+                    }
+                ]
+            }
+        }));
+        console.log("CORS configuration applied successfully.");
+
+        console.log(`Configuring Object Ownership for bucket: ${BUCKET_NAME}`);
+        await s3.send(new PutBucketOwnershipControlsCommand({
+            Bucket: BUCKET_NAME,
+            OwnershipControls: {
+                Rules: [
+                    {
+                        ObjectOwnership: "BucketOwnerEnforced"
+                    }
+                ]
+            }
+        }));
+        console.log("Object Ownership applied successfully.");
+    } catch (e) {
+        console.error("Failed to configure S3:", e.message);
+    }
+}
+
+async function packageAndDeployLambda() {
+    return new Promise((resolve, reject) => {
+        const zipPath = path.join(__dirname, 'lambda.zip');
+        const output = fs.createWriteStream(zipPath);
+        const archive = archiver('zip', { zlib: { level: 9 } });
+        
+        output.on('close', async () => {
+            console.log(`Created zip archive (${archive.pointer()} total bytes)`);
+            try {
+                // Read the zip file
+                const zipBuffer = fs.readFileSync(zipPath);
+                
+                // Assuming the lambda function name is related to the project
+                // In production, you'd get this from Terraform/CDK or specify it.
+                // For now, let's just attempt a common name like `nova-canvas-reel-handler` or we can skip deploy if we don't know the name.
+                // Let's actually check what lambdas exist or ask the user.
+                resolve(zipPath);
+            } catch (err) {
+                reject(err);
+            }
+        });
+
+        archive.on('error', (err) => { reject(err); });
+        archive.pipe(output);
+        
+        // Append the handler
+        archive.file('aws_lambda_handler.js', { name: 'index.js' }); // The AWS lambda runtime often expects index.js by default
+        
+        // We also need node_modules if we use @aws-sdk/s3-request-presigner
+        // Let's add them
+        archive.directory('node_modules/@aws-sdk', 'node_modules/@aws-sdk');
+        archive.directory('node_modules/@aws-crypto', 'node_modules/@aws-crypto');
+        archive.directory('node_modules/@smithy', 'node_modules/@smithy');
+        archive.directory('node_modules/fast-xml-parser', 'node_modules/fast-xml-parser');
+        archive.directory('node_modules/strnum', 'node_modules/strnum');
+        archive.directory('node_modules/tslib', 'node_modules/tslib');
+        archive.directory('node_modules/uuid', 'node_modules/uuid');
+        
+        archive.finalize();
+    });
+}
+
+async function run() {
+    await configureS3();
+    await packageAndDeployLambda();
+    console.log("Configuration run complete.");
+}
+
+run();

package/cors.json

@@ -0,0 +1,10 @@
+{
+  "CORSRules": [
+    {
+      "AllowedHeaders": ["*"],
+      "AllowedMethods": ["GET", "HEAD"],
+      "AllowedOrigins": ["*"],
+      "ExposeHeaders": []
+    }
+  ]
+}

package/create_lambda.js

@@ -0,0 +1,85 @@
+require('dotenv').config();
+const fs = require('fs');
+const { LambdaClient, CreateFunctionCommand } = require('@aws-sdk/client-lambda');
+const { IAMClient, CreateRoleCommand, AttachRolePolicyCommand, GetRoleCommand } = require('@aws-sdk/client-iam');
+
+const awsConfig = {
+  region: 'us-east-1',
+  credentials: {
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY
+  }
+};
+
+const lambdaClient = new LambdaClient(awsConfig);
+const iamClient = new IAMClient(awsConfig);
+const FUNCTION_NAME = 'lineage_api';
+const ROLE_NAME = 'LineageApiLambdaExecutionRole';
+
+async function sleep(ms) {
+  return new Promise(resolve => setTimeout(resolve, ms));
+}
+
+async function getOrCreateRole() {
+  let roleArn;
+  try {
+    const roleRes = await iamClient.send(new GetRoleCommand({ RoleName: ROLE_NAME }));
+    roleArn = roleRes.Role.Arn;
+    console.log(`✅ IAM Role already exists: ${roleArn}`);
+  } catch (error) {
+    if (error.name === 'NoSuchEntityException') {
+      console.log(`Creating IAM Role: ${ROLE_NAME}...`);
+      const assumeRolePolicy = JSON.stringify({
+        Version: "2012-10-17",
+        Statement: [{
+          Action: "sts:AssumeRole",
+          Principal: { Service: "lambda.amazonaws.com" },
+          Effect: "Allow",
+        }]
+      });
+      
+      const createRes = await iamClient.send(new CreateRoleCommand({
+        RoleName: ROLE_NAME,
+        AssumeRolePolicyDocument: assumeRolePolicy
+      }));
+      roleArn = createRes.Role.Arn;
+      console.log(`✅ Created IAM Role: ${roleArn}`);
+      
+      console.log(`Attaching basic execution policy...`);
+      await iamClient.send(new AttachRolePolicyCommand({
+        RoleName: ROLE_NAME,
+        PolicyArn: 'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'
+      }));
+      
+      console.log(`Waiting 15 seconds for IAM role to propagate...`);
+      await sleep(15000);
+    } else {
+      throw error;
+    }
+  }
+  return roleArn;
+}
+
+async function createLambda() {
+  try {
+    const roleArn = await getOrCreateRole();
+    
+    console.log(`Attempting to create Lambda function: ${FUNCTION_NAME}...`);
+    const zipBuffer = fs.readFileSync('C:\\Users\\aruuh\\.gemini\\antigravity\\scratch\\Maxion_Cool_Breeze\\aws-lambda-stripe\\lineage_api.zip');
+    
+    const createCommand = new CreateFunctionCommand({
+      FunctionName: FUNCTION_NAME,
+      Runtime: 'nodejs20.x',
+      Role: roleArn,
+      Handler: 'lineage_api.handler',
+      Code: { ZipFile: zipBuffer }
+    });
+    
+    const result = await lambdaClient.send(createCommand);
+    console.log(`🚀 Successfully created ${FUNCTION_NAME}. ARN: ${result.FunctionArn}`);
+  } catch (error) {
+    console.error(`❌ Failed to create Lambda:`, error.message);
+  }
+}
+
+createLambda();