{"version":3,"sources":["../../src/server/request-types.ts","../../src/server/base.ts","../../src/server/index.ts"],"names":["MastraBase","RegisteredLogger","MastraError","ErrorDomain","ErrorCategory"],"mappings":";;;;;;;;AAgBO,SAAS,gBAAA,CAAiB,SAA4B,IAAA,EAA6B;AACxF,EAAA,IAAI,mBAAmB,OAAA,EAAS;AAC9B,IAAA,OAAO,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,IAAI,CAAA;AAAA,EACjC;AAEA,EAAA,OAAO,OAAA,CAAQ,GAAA,EAAK,OAAA,CAAQ,GAAA,CAAI,IAAI,CAAA,IAAK,OAAA,CAAQ,OAAA,EAAS,GAAA,CAAI,IAAI,CAAA,IAAK,OAAA,CAAQ,MAAA,CAAO,IAAI,CAAA,IAAK,IAAA;AACjG;AAEO,SAAS,cAAc,OAAA,EAAiD;AAC7E,EAAA,IAAI,mBAAmB,OAAA,EAAS;AAC9B,IAAA,OAAO,OAAA;AAAA,EACT;AAEA,EAAA,OAAO,OAAA,CAAQ,GAAA,YAAe,OAAA,GAAU,OAAA,CAAQ,GAAA,GAAM,MAAA;AACxD;;;ACPO,IAAe,gBAAA,GAAf,cAAwDA,4BAAA,CAAW;AAAA,EACxE,IAAA;AAAA,EAEA,WAAA,CAAY,EAAE,GAAA,EAAK,IAAA,EAAK,EAAiC;AACvD,IAAA,KAAA,CAAM,EAAE,SAAA,EAAWC,kCAAA,CAAiB,QAAQ,IAAA,EAAM,IAAA,IAAQ,UAAU,CAAA;AACpE,IAAA,IAAA,CAAK,IAAA,GAAO,GAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAkBA,MAAA,GAAsB;AACpB,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAc,GAAA,GAAY;AACxB,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd;AACF;;;ACiBA,SAAS,eAAA,CAAkC,MAAS,OAAA,EAA2C;AAC7F,EAAA,IAAI,OAAA,CAAQ,WAAW,MAAA,EAAW;AAChC,IAAA,MAAM,IAAIC,6BAAA,CAAY;AAAA,MACpB,EAAA,EAAI,yCAAA;AAAA,MACJ,IAAA,EAAM,8BAA8B,IAAI,CAAA,4BAAA,CAAA;AAAA,MACxC,QAAQC,6BAAA,CAAY,aAAA;AAAA,MACpB,UAAUC,+BAAA,CAAc;AAAA,KACzB,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAA,CAAQ,OAAA,KAAY,MAAA,IAAa,OAAA,CAAQ,kBAAkB,MAAA,EAAW;AACxE,IAAA,MAAM,IAAIF,6BAAA,CAAY;AAAA,MACpB,EAAA,EAAI,yCAAA;AAAA,MACJ,IAAA,EAAM,8BAA8B,IAAI,CAAA,0DAAA,CAAA;AAAA,MACxC,QAAQC,6BAAA,CAAY,aAAA;AAAA,MACpB,UAAUC,+BAAA,CAAc;AAAA,KACzB,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,OAAA,CAAQ,OAAA,KAAY,MAAA,IAAa,OAAA,CAAQ,kBAAkB,MAAA,EAAW;AACxE,IAAA,MAAM,IAAIF,6BAAA,CAAY;AAAA,MACpB,EAAA,EAAI,yCAAA;AAAA,MACJ,IAAA,EAAM,8BAA8B,IAAI,CAAA,oFAAA,CAAA;AAAA,MACxC,QAAQC,6BAAA,CAAY,aAAA;AAAA,MACpB,UAAUC,+BAAA,CAAc;AAAA,KACzB,CAAA;AAAA,EACH;AACF;AAEO,SAAS,gBAAA,CAAmC,MAAS,OAAA,EAA+C;AACzG,EAAA,eAAA,CAAgB,MAAM,OAAO,CAAA;AAE7B,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,QAAQ,OAAA,CAAQ,MAAA;AAAA,IAChB,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,eAAe,OAAA,CAAQ,aAAA;AAAA,IACvB,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,YAAY,OAAA,CAAQ,UAAA;AAAA,IACpB,MAAM,OAAA,CAAQ,IAAA;AAAA,IACd,cAAc,OAAA,CAAQ,YAAA;AAAA,IACtB,oBAAoB,OAAA,CAAQ,kBAAA;AAAA,IAC5B,KAAK,OAAA,CAAQ;AAAA,GACf;AACF;AAEO,SAAS,WAAkB,MAAA,EAA0D;AAC1F,EAAA,OAAO,MAAA;AACT","file":"index.cjs","sourcesContent":["export interface HonoRequestLike {\n  raw?: Request;\n  headers?: Headers;\n  header(name: string): string | undefined;\n}\n\nexport type MastraAuthRequest = Request | HonoRequestLike;\n\nexport type AuthenticateTokenFn<TUser, TResult = Promise<TUser | null>> = {\n  bivarianceHack(token: string, request: MastraAuthRequest): TResult;\n}['bivarianceHack'];\n\nexport type AuthorizeUserFn<TUser, TResult = Promise<boolean> | boolean> = {\n  bivarianceHack(user: TUser, request: MastraAuthRequest): TResult;\n}['bivarianceHack'];\n\nexport function getRequestHeader(request: MastraAuthRequest, name: string): string | null {\n  if (request instanceof Request) {\n    return request.headers.get(name);\n  }\n\n  return request.raw?.headers.get(name) ?? request.headers?.get(name) ?? request.header(name) ?? null;\n}\n\nexport function getWebRequest(request: MastraAuthRequest): Request | undefined {\n  if (request instanceof Request) {\n    return request;\n  }\n\n  return request.raw instanceof Request ? request.raw : undefined;\n}\n","import { MastraBase } from '../base';\nimport { RegisteredLogger } from '../logger/constants';\n\n/**\n * Base class for server adapters that provides app storage and retrieval.\n *\n * This class extends MastraBase to get logging capabilities and provides\n * a framework-agnostic way to store and retrieve the server app instance\n * (e.g., Hono, Express).\n *\n * Server adapters (like MastraServer from @mastra/hono or @mastra/express) extend this\n * base class to inherit the app storage functionality while adding their\n * framework-specific route registration and middleware handling.\n *\n * @template TApp - The type of the server app (e.g., Hono, Express Application)\n *\n * @example\n * ```typescript\n * // After server creation, the app is accessible via Mastra\n * const app = mastra.getServerApp<Hono>();\n * const response = await app.fetch(new Request('http://localhost/health'));\n * ```\n */\nexport abstract class MastraServerBase<TApp = unknown> extends MastraBase {\n  #app: TApp;\n\n  constructor({ app, name }: { app: TApp; name?: string }) {\n    super({ component: RegisteredLogger.SERVER, name: name ?? 'Server' });\n    this.#app = app;\n  }\n\n  /**\n   * Get the app instance.\n   *\n   * Returns the server app that was passed to the constructor. This allows users\n   * to access the underlying server framework's app for direct operations\n   * like calling routes via app.fetch() (Hono) or using the app for testing.\n   *\n   * @template T - The expected type of the app (defaults to TApp)\n   * @returns The app instance cast to T. Callers are responsible for ensuring T matches the actual app type.\n   *\n   * @example\n   * ```typescript\n   * const app = adapter.getApp<Hono>();\n   * const response = await app.fetch(new Request('http://localhost/api/agents'));\n   * ```\n   */\n  getApp<T = TApp>(): T {\n    return this.#app as unknown as T;\n  }\n\n  /**\n   * Protected getter for subclasses to access the app.\n   * This allows subclasses to use `this.app` naturally.\n   */\n  protected get app(): TApp {\n    return this.#app;\n  }\n}\n","import type { Context, Handler, MiddlewareHandler } from 'hono';\nimport type { DescribeRouteOptions } from 'hono-openapi';\nimport { MastraError, ErrorDomain, ErrorCategory } from '../error';\nimport type { Mastra } from '../mastra';\nimport type { RequestContext } from '../request-context';\nimport type { ApiRoute, ApiRouteHandler, MastraAuthConfig, Methods } from './types';\n\nexport type {\n  MastraAuthConfig,\n  A2AAgentCardSigningConfig,\n  A2AConfig,\n  ContextWithMastra,\n  CorsOptions,\n  ApiRoute,\n  ApiRouteHandler,\n  HttpLoggingConfig,\n  ValidationErrorContext,\n  ValidationErrorResponse,\n  ValidationErrorHook,\n  StudioConfig,\n  Middleware,\n} from './types';\nexport { MastraAuthProvider } from './auth';\nexport type { IMastraAuthProvider, MastraAuthProviderOptions } from './auth';\nexport type { HonoRequestLike, MastraAuthRequest } from './request-types';\nexport { getRequestHeader, getWebRequest } from './request-types';\nexport { CompositeAuth } from './composite-auth';\nexport { MastraServerBase } from './base';\nexport { SimpleAuth } from './simple-auth';\nexport type { SimpleAuthOptions } from './simple-auth';\n\n// Helper type for inferring parameters from a path\ntype ParamsFromPath<P extends string> = {\n  [K in P extends `${string}:${infer Param}/${string}` | `${string}:${infer Param}` ? Param : never]: string;\n};\n\n/**\n * Variables available in the Hono context for custom API route handlers.\n * These are set by the server middleware and available via c.get().\n */\ntype CustomRouteVariables = {\n  mastra: Mastra;\n  requestContext: RequestContext;\n};\n\ntype RegisterApiRouteOptions<P extends string> = {\n  method: Methods;\n  openapi?: DescribeRouteOptions;\n  handler?: Handler<\n    {\n      Variables: CustomRouteVariables;\n    },\n    P,\n    ParamsFromPath<P>\n  >;\n  createHandler?: (c: Context) => Promise<ApiRouteHandler>;\n  middleware?: MiddlewareHandler | MiddlewareHandler[];\n  /**\n   * Route-specific CORS configuration.\n   */\n  cors?: ApiRoute['cors'];\n  /**\n   * When false, skips Mastra auth for this route (defaults to true)\n   */\n  requiresAuth?: boolean;\n  /**\n   * Explicit RBAC permission for the route.\n   */\n  requiresPermission?: ApiRoute['requiresPermission'];\n  /**\n   * Optional FGA configuration for resource-level authorization.\n   */\n  fga?: ApiRoute['fga'];\n};\n\nfunction validateOptions<P extends string>(path: P, options: RegisterApiRouteOptions<P>): void {\n  if (options.method === undefined) {\n    throw new MastraError({\n      id: 'MASTRA_SERVER_API_INVALID_ROUTE_OPTIONS',\n      text: `Invalid options for route \"${path}\", missing \"method\" property`,\n      domain: ErrorDomain.MASTRA_SERVER,\n      category: ErrorCategory.USER,\n    });\n  }\n\n  if (options.handler === undefined && options.createHandler === undefined) {\n    throw new MastraError({\n      id: 'MASTRA_SERVER_API_INVALID_ROUTE_OPTIONS',\n      text: `Invalid options for route \"${path}\", you must define a \"handler\" or \"createHandler\" property`,\n      domain: ErrorDomain.MASTRA_SERVER,\n      category: ErrorCategory.USER,\n    });\n  }\n\n  if (options.handler !== undefined && options.createHandler !== undefined) {\n    throw new MastraError({\n      id: 'MASTRA_SERVER_API_INVALID_ROUTE_OPTIONS',\n      text: `Invalid options for route \"${path}\", you can only define one of the following properties: \"handler\" or \"createHandler\"`,\n      domain: ErrorDomain.MASTRA_SERVER,\n      category: ErrorCategory.USER,\n    });\n  }\n}\n\nexport function registerApiRoute<P extends string>(path: P, options: RegisterApiRouteOptions<P>): ApiRoute {\n  validateOptions(path, options);\n\n  return {\n    path,\n    method: options.method,\n    handler: options.handler,\n    createHandler: options.createHandler,\n    openapi: options.openapi,\n    middleware: options.middleware,\n    cors: options.cors,\n    requiresAuth: options.requiresAuth,\n    requiresPermission: options.requiresPermission,\n    fga: options.fga,\n  } as ApiRoute;\n}\n\nexport function defineAuth<TUser>(config: MastraAuthConfig<TUser>): MastraAuthConfig<TUser> {\n  return config;\n}\n"]}