{"version":3,"sources":["../../src/server/auth.ts","../../src/server/composite-auth.ts","../../src/server/base.ts","../../src/server/simple-auth.ts","../../src/server/index.ts"],"names":["MastraBase","provider","RegisteredLogger","MastraError"],"mappings":";;;;;;;AAkBO,IAAe,kBAAA,GAAf,cAA2DA,4BAAA,CAAW;AAAA,EACpE,SAAA;AAAA,EACA,MAAA;AAAA,EACA,mBAAA;AAAA,EAEP,YAAY,OAAA,EAA4C;AACtD,IAAA,KAAA,CAAM,EAAE,SAAA,EAAW,MAAA,EAAQ,IAAA,EAAM,OAAA,EAAS,MAAM,CAAA;AAEhD,IAAA,IAAI,SAAS,aAAA,EAAe;AAC1B,MAAA,IAAA,CAAK,aAAA,GAAgB,OAAA,CAAQ,aAAA,CAAc,IAAA,CAAK,IAAI,CAAA;AAAA,IACtD;AAEA,IAAA,IAAA,CAAK,YAAY,OAAA,EAAS,SAAA;AAC1B,IAAA,IAAA,CAAK,SAAS,OAAA,EAAS,MAAA;AACvB,IAAA,IAAA,CAAK,sBAAsB,OAAA,EAAS,mBAAA;AAAA,EACtC;AAAA,EAkBU,gBAAgB,IAAA,EAAyC;AACjE,IAAA,IAAI,MAAM,aAAA,EAAe;AACvB,MAAA,IAAA,CAAK,aAAA,GAAgB,IAAA,CAAK,aAAA,CAAc,IAAA,CAAK,IAAI,CAAA;AAAA,IACnD;AACA,IAAA,IAAI,MAAM,mBAAA,EAAqB;AAC7B,MAAA,IAAA,CAAK,sBAAsB,IAAA,CAAK,mBAAA;AAAA,IAClC;AACA,IAAA,IAAI,MAAM,SAAA,EAAW;AACnB,MAAA,IAAA,CAAK,YAAY,IAAA,CAAK,SAAA;AAAA,IACxB;AACA,IAAA,IAAI,MAAM,MAAA,EAAQ;AAChB,MAAA,IAAA,CAAK,SAAS,IAAA,CAAK,MAAA;AAAA,IACrB;AAAA,EACF;AACF;;;AClDA,SAAS,cAAc,CAAA,EAA+B;AACpD,EAAA,OAAO,MAAM,IAAA,IAAQ,OAAO,MAAM,QAAA,IAAY,aAAA,IAAiB,KAAK,gBAAA,IAAoB,CAAA;AAC1F;AAEA,SAAS,kBAAkB,CAAA,EAAmC;AAC5D,EAAA,OAAO,MAAM,IAAA,IAAQ,OAAO,MAAM,QAAA,IAAY,iBAAA,IAAqB,KAAK,eAAA,IAAmB,CAAA;AAC7F;AAEA,SAAS,eAAe,CAAA,EAAgC;AACtD,EAAA,OAAO,CAAA,KAAM,IAAA,IAAQ,OAAO,CAAA,KAAM,YAAY,gBAAA,IAAoB,CAAA;AACpE;AAEA,SAAS,aAAa,KAAA,EAAiC;AACrD,EAAA,OAAQ,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,KAAU,IAAA,IAAS,OAAO,KAAA,KAAU,UAAA;AAC3E;AAEO,IAAM,aAAA,GAAN,cACG,kBAAA,CAEV;AAAA,EACU,SAAA;AAAA,EACA,6BAAA,uBAAoC,OAAA,EAAoC;AAAA,EACxE,gCAAA,uBAAuC,GAAA,EAA2C;AAAA,EAE1F,YAAY,SAAA,EAAiC;AAC3C,IAAA,MAAM,iBAAiB,SAAA,CAAU,OAAA,CAAQ,cAAY,QAAA,CAAS,MAAA,IAAU,EAAE,CAAA;AAC1E,IAAA,MAAM,oBAAoB,SAAA,CAAU,OAAA,CAAQ,cAAY,QAAA,CAAS,SAAA,IAAa,EAAE,CAAA;AAEhF,IAAA,KAAA,CAAM;AAAA,MACJ,MAAA,EAAQ,cAAA;AAAA,MACR,SAAA,EAAW;AAAA,KACZ,CAAA;AAED,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA;AACjB,IAAA,IAAI,UAAU,IAAA,CAAK,CAAA,QAAA,KAAY,OAAO,QAAA,CAAS,mBAAA,KAAwB,UAAU,CAAA,EAAG;AAClF,MAAA,IAAA,CAAK,mBAAA,GAAsB,CAAA,IAAA,KAAQ,IAAA,CAAK,gCAAA,CAAiC,IAAI,CAAA;AAAA,IAC/E;AAAA,EACF;AAAA;AAAA,EAGQ,aAAgB,KAAA,EAA8C;AACpE,IAAA,OAAO,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,KAAK,CAAA;AAAA,EAClC;AAAA,EAEQ,6BAAA,CAA8B,MAAe,QAAA,EAAoC;AACvF,IAAA,IAAI,YAAA,CAAa,IAAI,CAAA,EAAG;AACtB,MAAA,IAAA,CAAK,6BAAA,CAA8B,GAAA,CAAI,IAAA,EAAM,QAAQ,CAAA;AACrD,MAAA;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,gCAAA,CAAiC,GAAA,CAAI,IAAA,EAA2B,QAAQ,CAAA;AAAA,EAC/E;AAAA,EAEQ,0BAA0B,IAAA,EAA+C;AAC/E,IAAA,IAAI,YAAA,CAAa,IAAI,CAAA,EAAG;AACtB,MAAA,MAAMC,SAAAA,GAAW,IAAA,CAAK,6BAAA,CAA8B,GAAA,CAAI,IAAI,CAAA;AAC5D,MAAA,IAAA,CAAK,6BAAA,CAA8B,OAAO,IAAI,CAAA;AAC9C,MAAA,OAAOA,SAAAA;AAAA,IACT;AAEA,IAAA,MAAM,aAAA,GAAgB,IAAA;AACtB,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,gCAAA,CAAiC,GAAA,CAAI,aAAa,CAAA;AACxE,IAAA,IAAA,CAAK,gCAAA,CAAiC,OAAO,aAAa,CAAA;AAC1D,IAAA,OAAO,QAAA;AAAA,EACT;AAAA,EAEQ,iCAAiC,IAAA,EAA0C;AACjF,IAAA,MAAM,QAAA,GAAW,IAAA,CAAK,yBAAA,CAA0B,IAAI,CAAA;AACpD,IAAA,OAAO,QAAA,EAAU,sBAAsB,IAAI,CAAA;AAAA,EAC7C;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,IAAI,iBAAA,GAA6B;AAC/B,IAAA,OAAO,KAAK,SAAA,CAAU,IAAA;AAAA,MACpB,CAAA,CAAA,KAAK,mBAAA,IAAuB,CAAA,IAAM,CAAA,CAAqC,iBAAA,KAAsB;AAAA,KAC/F;AAAA,EACF;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,YAAA,GAAwB;AAC1B,IAAA,OAAO,IAAA,CAAK,UAAU,IAAA,CAAK,CAAA,CAAA,KAAK,kBAAkB,CAAA,IAAM,CAAA,CAAgC,iBAAiB,IAAI,CAAA;AAAA,EAC/G;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,iBAAA,CAAkB,KAAA,EAAe,OAAA,EAA+C;AACpF,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI;AACF,QAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,iBAAA,CAAkB,OAAO,OAAO,CAAA;AAC5D,QAAA,IAAI,IAAA,EAAM;AACR,UAAA,IAAA,CAAK,6BAAA,CAA8B,MAAM,QAAQ,CAAA;AACjD,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,aAAA,CAAc,IAAA,EAAe,OAAA,EAAwC;AACzE,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,MAAM,UAAA,GAAa,MAAM,QAAA,CAAS,aAAA,CAAc,MAAM,OAAO,CAAA;AAC7D,MAAA,IAAI,UAAA,EAAY;AACd,QAAA,OAAO,IAAA;AAAA,MACT;AAAA,IACF;AACA,IAAA,OAAO,KAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAUA,wBAAwB,YAAA,EAAmC;AACzD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,YAAA,CAAa,aAAa,CAAA;AAC3C,IAAA,IAAI,GAAA,IAAO,OAAQ,GAAA,CAAY,uBAAA,KAA4B,UAAA,EAAY;AACrE,MAAC,GAAA,CAAY,wBAAwB,YAAY,CAAA;AAAA,IACnD;AAAA,EACF;AAAA,EAEA,WAAA,CAAY,aAAqB,KAAA,EAAuB;AACtD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,YAAA,CAAa,aAAa,CAAA;AAC3C,IAAA,IAAI,CAAC,GAAA,EAAK,MAAM,IAAI,MAAM,6CAA6C,CAAA;AACvE,IAAA,OAAO,GAAA,CAAI,WAAA,CAAY,WAAA,EAAa,KAAK,CAAA;AAAA,EAC3C;AAAA,EAEA,eAAA,CAAgB,aAAqB,KAAA,EAAqC;AACxE,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,YAAA,CAAa,aAAa,CAAA;AAC3C,IAAA,OAAO,GAAA,EAAK,eAAA,GAAkB,WAAA,EAAa,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAM,cAAA,CAAe,IAAA,EAAc,KAAA,EAAiD;AAClF,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,YAAA,CAAa,aAAa,CAAA;AAC3C,IAAA,IAAI,CAAC,GAAA,EAAK,MAAM,IAAI,MAAM,6CAA6C,CAAA;AACvE,IAAA,OAAO,GAAA,CAAI,cAAA,CAAe,IAAA,EAAM,KAAK,CAAA;AAAA,EACvC;AAAA,EAEA,oBAAA,GAAuC;AACrC,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,YAAA,CAAa,aAAa,CAAA;AAC3C,IAAA,IAAI,CAAC,GAAA,EAAK,OAAO,EAAE,QAAA,EAAU,SAAA,EAAW,MAAM,SAAA,EAAU;AACxD,IAAA,OAAO,IAAI,oBAAA,EAAqB;AAAA,EAClC;AAAA,EAEA,MAAM,YAAA,CAAa,WAAA,EAAqB,OAAA,EAA2C;AAEjF,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI,aAAA,CAAc,QAAQ,CAAA,IAAK,QAAA,CAAS,YAAA,EAAc;AACpD,QAAA,IAAI;AACF,UAAA,MAAM,GAAA,GAAM,MAAM,QAAA,CAAS,YAAA,CAAa,aAAa,OAAO,CAAA;AAC5D,UAAA,IAAI,KAAK,OAAO,GAAA;AAAA,QAClB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,aAAA,CAAc,MAAA,EAAgB,QAAA,EAAsD;AACxF,IAAA,MAAM,OAAA,GAAU,IAAA,CAAK,YAAA,CAAa,iBAAiB,CAAA;AACnD,IAAA,IAAI,CAAC,OAAA,EAAS,MAAM,IAAI,MAAM,iDAAiD,CAAA;AAC/E,IAAA,OAAO,OAAA,CAAQ,aAAA,CAAc,MAAA,EAAQ,QAAQ,CAAA;AAAA,EAC/C;AAAA,EAEA,MAAM,gBAAgB,SAAA,EAA4C;AAEhE,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC/B,QAAA,IAAI;AACF,UAAA,MAAM,OAAA,GAAU,MAAM,QAAA,CAAS,eAAA,CAAgB,SAAS,CAAA;AACxD,UAAA,IAAI,SAAS,OAAO,OAAA;AAAA,QACtB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,eAAe,SAAA,EAAkC;AAErD,IAAA,MAAM,kBAAmC,EAAC;AAC1C,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC/B,QAAA,eAAA,CAAgB,IAAA;AAAA,UACd,QAAA,CAAS,cAAA,CAAe,SAAS,CAAA,CAAE,MAAM,MAAM;AAAA,UAE/C,CAAC;AAAA,SACH;AAAA,MACF;AAAA,IACF;AACA,IAAA,MAAM,OAAA,CAAQ,IAAI,eAAe,CAAA;AAAA,EACnC;AAAA,EAEA,MAAM,eAAe,SAAA,EAA4C;AAE/D,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC/B,QAAA,IAAI;AACF,UAAA,MAAM,OAAA,GAAU,MAAM,QAAA,CAAS,cAAA,CAAe,SAAS,CAAA;AACvD,UAAA,IAAI,SAAS,OAAO,OAAA;AAAA,QACtB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,wBAAwB,OAAA,EAAiC;AAEvD,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC/B,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAY,QAAA,CAAS,uBAAA,CAAwB,OAAO,CAAA;AAC1D,UAAA,IAAI,WAAW,OAAO,SAAA;AAAA,QACxB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,kBAAkB,OAAA,EAA0C;AAI1D,IAAA,MAAM,eAAA,GAAkB,IAAA,CAAK,YAAA,CAAa,iBAAiB,CAAA;AAC3D,IAAA,OAAO,eAAA,EAAiB,iBAAA,CAAkB,OAAO,CAAA,IAAK,EAAC;AAAA,EACzD;AAAA,EAEA,sBAAA,GAAiD;AAE/C,IAAA,MAAM,UAAkC,EAAC;AACzC,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI,iBAAA,CAAkB,QAAQ,CAAA,EAAG;AAC/B,QAAA,IAAI;AACF,UAAA,MAAM,eAAA,GAAkB,SAAS,sBAAA,EAAuB;AACxD,UAAA,MAAA,CAAO,MAAA,CAAO,SAAS,eAAe,CAAA;AAAA,QACxC,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AACA,IAAA,OAAO,OAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,MAAM,eAAe,OAAA,EAAwC;AAC3D,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI,cAAA,CAAe,QAAQ,CAAA,EAAG;AAC5B,QAAA,IAAI;AACF,UAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,cAAA,CAAe,OAAO,CAAA;AAClD,UAAA,IAAI,MAAM,OAAO,IAAA;AAAA,QACnB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,MAAM,QAAQ,MAAA,EAAsC;AAClD,IAAA,KAAA,MAAW,QAAA,IAAY,KAAK,SAAA,EAAW;AACrC,MAAA,IAAI,cAAA,CAAe,QAAQ,CAAA,EAAG;AAC5B,QAAA,IAAI;AACF,UAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,OAAA,CAAQ,MAAM,CAAA;AAC1C,UAAA,IAAI,MAAM,OAAO,IAAA;AAAA,QACnB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AACF;;;ACpSO,IAAe,gBAAA,GAAf,cAAwDD,4BAAA,CAAW;AAAA,EACxE,IAAA;AAAA,EAEA,WAAA,CAAY,EAAE,GAAA,EAAK,IAAA,EAAK,EAAiC;AACvD,IAAA,KAAA,CAAM,EAAE,SAAA,EAAWE,kCAAA,CAAiB,QAAQ,IAAA,EAAM,IAAA,IAAQ,UAAU,CAAA;AACpE,IAAA,IAAA,CAAK,IAAA,GAAO,GAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAkBA,MAAA,GAAsB;AACpB,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,IAAc,GAAA,GAAY;AACxB,IAAA,OAAO,IAAA,CAAK,IAAA;AAAA,EACd;AACF;;;ACrDA,IAAM,eAAA,GAAkB,CAAC,eAAA,EAAiB,qBAAqB,CAAA;AAgBxD,IAAM,UAAA,GAAN,cAAgC,kBAAA,CAA0B;AAAA;AAAA;AAAA;AAAA;AAAA,EAKtD,YAAA,GAAe,IAAA;AAAA,EAEhB,MAAA;AAAA,EACA,OAAA;AAAA,EACA,KAAA;AAAA,EACA,QAAA;AAAA,EAER,YAAY,OAAA,EAAmC;AAC7C,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,SAAS,OAAA,CAAQ,MAAA;AACtB,IAAA,IAAA,CAAK,KAAA,GAAQ,MAAA,CAAO,MAAA,CAAO,IAAA,CAAK,MAAM,CAAA;AACtC,IAAA,IAAA,CAAK,OAAA,GAAU,CAAC,GAAG,eAAe,EAAE,MAAA,CAAO,OAAA,CAAQ,OAAA,IAAW,EAAE,CAAA;AAChE,IAAA,IAAA,CAAK,QAAA,GAAW,IAAI,GAAA,CAAI,IAAA,CAAK,MAAM,GAAA,CAAI,CAAA,CAAA,KAAK,CAAC,MAAA,CAAQ,CAAA,EAAW,EAAE,CAAA,EAAG,CAAC,CAAC,CAAC,CAAA;AAAA,EAC1E;AAAA,EAEA,MAAM,iBAAA,CAAkB,KAAA,EAAe,OAAA,EAA6C;AAClF,IAAA,MAAM,aAAA,GAAgB,IAAA,CAAK,oBAAA,CAAqB,KAAA,EAAO,OAAO,CAAA;AAE9D,IAAA,KAAA,MAAW,gBAAgB,aAAA,EAAe;AACxC,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,MAAA,CAAO,YAAY,CAAA;AAC5C,MAAA,IAAI,WAAA,EAAa;AACf,QAAA,OAAO,WAAA;AAAA,MACT;AAAA,IACF;AAEA,IAAA,OAAO,KAAK,iBAAA,CAAkB,IAAA,CAAK,gBAAA,CAAiB,OAAA,EAAS,QAAQ,CAAC,CAAA;AAAA,EACxE;AAAA,EAEA,MAAM,aAAA,CAAc,IAAA,EAAa,QAAA,EAAyC;AACxE,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,QAAA,CAAS,IAAI,CAAA;AAAA,EACjC;AAAA;AAAA,EAGA,MAAM,eAAe,OAAA,EAAyC;AAE5D,IAAA,KAAA,MAAW,UAAA,IAAc,KAAK,OAAA,EAAS;AACrC,MAAA,MAAM,WAAA,GAAc,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,UAAU,CAAA;AAClD,MAAA,IAAI,WAAA,EAAa;AACf,QAAA,MAAM,KAAA,GAAQ,IAAA,CAAK,iBAAA,CAAkB,WAAW,CAAA;AAChD,QAAA,MAAM,IAAA,GAAO,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA;AAC9B,QAAA,IAAI,IAAA,EAAM;AACR,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAAA,IACF;AAEA,IAAA,OAAO,KAAK,iBAAA,CAAkB,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,QAAQ,CAAC,CAAA;AAAA,EAC7D;AAAA,EAEQ,kBAAkB,YAAA,EAAuD;AAC/E,IAAA,IAAI,CAAC,cAAc,OAAO,IAAA;AAE1B,IAAA,MAAM,OAAA,GAAU,aAAa,KAAA,CAAM,GAAG,EAAE,GAAA,CAAI,CAAA,CAAA,KAAK,CAAA,CAAE,IAAA,EAAM,CAAA;AACzD,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,IAAI,MAAA,CAAO,UAAA,CAAW,eAAe,CAAA,EAAG;AACtC,QAAA,MAAM,KAAA,GAAQ,MAAA,CAAO,KAAA,CAAM,eAAA,CAAgB,MAAM,CAAA;AACjD,QAAA,MAAM,IAAA,GAAO,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA;AAC9B,QAAA,IAAI,IAAA,EAAM;AACR,UAAA,OAAO,IAAA;AAAA,QACT;AAAA,MACF;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA;AAAA,EAGA,MAAM,QAAQ,MAAA,EAAuC;AACnD,IAAA,OAAO,IAAA,CAAK,QAAA,CAAS,GAAA,CAAI,MAAM,CAAA,IAAK,IAAA;AAAA,EACtC;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,MAAM,MAAA,CAAO,MAAA,EAAgB,QAAA,EAAkB,QAAA,EAAsD;AACnG,IAAA,MAAM,KAAA,GAAQ,QAAA;AACd,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,MAAA,CAAO,KAAK,CAAA;AAE9B,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,MAAM,IAAI,MAAM,eAAe,CAAA;AAAA,IACjC;AAGA,IAAA,MAAM,MAAA,GAAS,gBAAgB,KAAK,CAAA,+CAAA,CAAA;AAEpC,IAAA,OAAO;AAAA,MACL,IAAA;AAAA,MACA,KAAA;AAAA,MACA,OAAA,EAAS,CAAC,MAAM;AAAA,KAClB;AAAA,EACF;AAAA,EAEA,MAAM,MAAA,GAA4C;AAChD,IAAA,MAAM,IAAI,MAAM,sEAAsE,CAAA;AAAA,EACxF;AAAA,EAEA,eAAA,GAA2B;AACzB,IAAA,OAAO,KAAA;AAAA,EACT;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,sBAAA,GAAiD;AAC/C,IAAA,OAAO;AAAA,MACL,YAAA,EAAc;AAAA,KAChB;AAAA,EACF;AAAA,EAEQ,kBAAkB,KAAA,EAAuB;AAC/C,IAAA,OAAO,MAAM,UAAA,CAAW,SAAS,IAAI,KAAA,CAAM,KAAA,CAAM,CAAC,CAAA,GAAI,KAAA;AAAA,EACxD;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAOQ,gBAAA,CAAiB,SAAgC,IAAA,EAAkC;AACzF,IAAA,IAAI,OAAQ,OAAA,CAAgB,MAAA,KAAW,UAAA,EAAY;AACjD,MAAA,OAAQ,OAAA,CAAwB,OAAO,IAAI,CAAA;AAAA,IAC7C;AACA,IAAA,OAAQ,OAAA,CAAoB,OAAA,EAAS,GAAA,CAAI,IAAI,CAAA,IAAK,MAAA;AAAA,EACpD;AAAA,EAEQ,oBAAA,CAAqB,OAAe,OAAA,EAAgC;AAC1E,IAAA,MAAM,MAAA,GAAS,CAAC,KAAK,CAAA;AACrB,IAAA,KAAA,MAAW,UAAA,IAAc,KAAK,OAAA,EAAS;AACrC,MAAA,MAAM,WAAA,GAAc,IAAA,CAAK,gBAAA,CAAiB,OAAA,EAAS,UAAU,CAAA;AAC7D,MAAA,IAAI,WAAA,EAAa;AACf,QAAA,MAAA,CAAO,IAAA,CAAK,IAAA,CAAK,iBAAA,CAAkB,WAAW,CAAC,CAAA;AAAA,MACjD;AAAA,IACF;AACA,IAAA,OAAO,MAAA;AAAA,EACT;AACF;;;AChGA,SAAS,eAAA,CACP,MACA,OAAA,EAC+C;AAC/C,EAAA,MAAM,IAAA,GAAO,OAAA;AAEb,EAAA,IAAI,IAAA,CAAK,WAAW,MAAA,EAAW;AAC7B,IAAA,MAAM,IAAIC,6BAAA,CAAY;AAAA,MACpB,EAAA,EAAI,yCAAA;AAAA,MACJ,IAAA,EAAM,8BAA8B,IAAI,CAAA,4BAAA,CAAA;AAAA,MACxC,MAAA,EAAA,eAAA;AAAA,MACA,QAAA,EAAA,MAAA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,IAAA,CAAK,OAAA,KAAY,MAAA,IAAa,IAAA,CAAK,kBAAkB,MAAA,EAAW;AAClE,IAAA,MAAM,IAAIA,6BAAA,CAAY;AAAA,MACpB,EAAA,EAAI,yCAAA;AAAA,MACJ,IAAA,EAAM,8BAA8B,IAAI,CAAA,0DAAA,CAAA;AAAA,MACxC,MAAA,EAAA,eAAA;AAAA,MACA,QAAA,EAAA,MAAA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,IAAI,IAAA,CAAK,OAAA,KAAY,MAAA,IAAa,IAAA,CAAK,kBAAkB,MAAA,EAAW;AAClE,IAAA,MAAM,IAAIA,6BAAA,CAAY;AAAA,MACpB,EAAA,EAAI,yCAAA;AAAA,MACJ,IAAA,EAAM,8BAA8B,IAAI,CAAA,oFAAA,CAAA;AAAA,MACxC,MAAA,EAAA,eAAA;AAAA,MACA,QAAA,EAAA,MAAA;AAAA,KACD,CAAA;AAAA,EACH;AACF;AAEO,SAAS,gBAAA,CACd,MACA,OAAA,EAC2B;AAC3B,EAAA,IAAI,IAAA,CAAK,UAAA,CAAW,OAAO,CAAA,EAAG;AAC5B,IAAA,MAAM,IAAIA,6BAAA,CAAY;AAAA,MACpB,EAAA,EAAI,iCAAA;AAAA,MACJ,IAAA,EAAM,CAAA,sEAAA,CAAA;AAAA,MACN,MAAA,EAAA,eAAA;AAAA,MACA,QAAA,EAAA,MAAA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,eAAA,CAAgB,MAAM,OAAO,CAAA;AAE7B,EAAA,OAAO;AAAA,IACL,IAAA;AAAA,IACA,QAAQ,OAAA,CAAQ,MAAA;AAAA,IAChB,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,eAAe,OAAA,CAAQ,aAAA;AAAA,IACvB,SAAS,OAAA,CAAQ,OAAA;AAAA,IACjB,YAAY,OAAA,CAAQ,UAAA;AAAA,IACpB,cAAc,OAAA,CAAQ;AAAA,GACxB;AACF;AAEO,SAAS,WAAkB,MAAA,EAA0D;AAC1F,EAAA,OAAO,MAAA;AACT","file":"index.cjs","sourcesContent":["import type { HonoRequest } from 'hono';\nimport { MastraBase } from '../base';\nimport type { MastraAuthConfig } from './types';\n\nexport interface MastraAuthProviderOptions<TUser = unknown> {\n  name?: string;\n  authorizeUser?: (user: TUser, request: HonoRequest) => Promise<boolean> | boolean;\n  mapUserToResourceId?: (user: TUser) => string | undefined | null;\n  /**\n   * Protected paths for the auth provider\n   */\n  protected?: MastraAuthConfig['protected'];\n  /**\n   * Public paths for the auth provider\n   */\n  public?: MastraAuthConfig['public'];\n}\n\nexport abstract class MastraAuthProvider<TUser = unknown> extends MastraBase {\n  public protected?: MastraAuthConfig['protected'];\n  public public?: MastraAuthConfig['public'];\n  public mapUserToResourceId?: (user: TUser) => string | undefined | null;\n\n  constructor(options?: MastraAuthProviderOptions<TUser>) {\n    super({ component: 'AUTH', name: options?.name });\n\n    if (options?.authorizeUser) {\n      this.authorizeUser = options.authorizeUser.bind(this);\n    }\n\n    this.protected = options?.protected;\n    this.public = options?.public;\n    this.mapUserToResourceId = options?.mapUserToResourceId;\n  }\n\n  /**\n   * Authenticate a token and return the payload\n   * @param token - The token to authenticate\n   * @param request - The request\n   * @returns The payload\n   */\n  abstract authenticateToken(token: string, request: HonoRequest): Promise<TUser | null>;\n\n  /**\n   * Authorize a user for a path and method\n   * @param user - The user to authorize\n   * @param request - The request\n   * @returns The authorization result\n   */\n  abstract authorizeUser(user: TUser, request: HonoRequest): Promise<boolean> | boolean;\n\n  protected registerOptions(opts?: MastraAuthProviderOptions<TUser>) {\n    if (opts?.authorizeUser) {\n      this.authorizeUser = opts.authorizeUser.bind(this);\n    }\n    if (opts?.mapUserToResourceId) {\n      this.mapUserToResourceId = opts.mapUserToResourceId;\n    }\n    if (opts?.protected) {\n      this.protected = opts.protected;\n    }\n    if (opts?.public) {\n      this.public = opts.public;\n    }\n  }\n}\n","import type { HonoRequest } from 'hono';\nimport type {\n  ISSOProvider,\n  ISessionProvider,\n  IUserProvider,\n  User,\n  Session,\n  SSOCallbackResult,\n  SSOLoginConfig,\n} from '../auth';\nimport { MastraAuthProvider } from './auth';\n\ntype PrimitiveAuthUser = string | number | boolean | bigint | symbol | null | undefined;\n\n// Type guards for interface detection\nfunction isSSOProvider(p: unknown): p is ISSOProvider {\n  return p !== null && typeof p === 'object' && 'getLoginUrl' in p && 'handleCallback' in p;\n}\n\nfunction isSessionProvider(p: unknown): p is ISessionProvider {\n  return p !== null && typeof p === 'object' && 'validateSession' in p && 'createSession' in p;\n}\n\nfunction isUserProvider(p: unknown): p is IUserProvider {\n  return p !== null && typeof p === 'object' && 'getCurrentUser' in p;\n}\n\nfunction isObjectLike(value: unknown): value is object {\n  return (typeof value === 'object' && value !== null) || typeof value === 'function';\n}\n\nexport class CompositeAuth\n  extends MastraAuthProvider\n  implements ISSOProvider<User>, ISessionProvider<Session>, IUserProvider<User>\n{\n  private providers: MastraAuthProvider[];\n  private authenticatedProviderByObject = new WeakMap<object, MastraAuthProvider>();\n  private authenticatedProviderByPrimitive = new Map<PrimitiveAuthUser, MastraAuthProvider>();\n\n  constructor(providers: MastraAuthProvider[]) {\n    const combinedPublic = providers.flatMap(provider => provider.public ?? []);\n    const combinedProtected = providers.flatMap(provider => provider.protected ?? []);\n\n    super({\n      public: combinedPublic,\n      protected: combinedProtected,\n    });\n\n    this.providers = providers;\n    if (providers.some(provider => typeof provider.mapUserToResourceId === 'function')) {\n      this.mapUserToResourceId = user => this.mapAuthenticatedUserToResourceId(user);\n    }\n  }\n\n  // Find first provider implementing an interface\n  private findProvider<T>(check: (p: unknown) => p is T): T | undefined {\n    return this.providers.find(check) as T | undefined;\n  }\n\n  private rememberAuthenticatedProvider(user: unknown, provider: MastraAuthProvider): void {\n    if (isObjectLike(user)) {\n      this.authenticatedProviderByObject.set(user, provider);\n      return;\n    }\n\n    this.authenticatedProviderByPrimitive.set(user as PrimitiveAuthUser, provider);\n  }\n\n  private takeAuthenticatedProvider(user: unknown): MastraAuthProvider | undefined {\n    if (isObjectLike(user)) {\n      const provider = this.authenticatedProviderByObject.get(user);\n      this.authenticatedProviderByObject.delete(user);\n      return provider;\n    }\n\n    const primitiveUser = user as PrimitiveAuthUser;\n    const provider = this.authenticatedProviderByPrimitive.get(primitiveUser);\n    this.authenticatedProviderByPrimitive.delete(primitiveUser);\n    return provider;\n  }\n\n  private mapAuthenticatedUserToResourceId(user: unknown): string | undefined | null {\n    const provider = this.takeAuthenticatedProvider(user);\n    return provider?.mapUserToResourceId?.(user);\n  }\n\n  // ============================================================================\n  // License Exemption Markers\n  // Expose these if any underlying provider has them\n  // ============================================================================\n\n  /**\n   * True if any provider is MastraCloudAuth (exempt from license requirement).\n   */\n  get isMastraCloudAuth(): boolean {\n    return this.providers.some(\n      p => 'isMastraCloudAuth' in p && (p as { isMastraCloudAuth: boolean }).isMastraCloudAuth === true,\n    );\n  }\n\n  /**\n   * True if any provider is SimpleAuth (exempt from license requirement).\n   */\n  get isSimpleAuth(): boolean {\n    return this.providers.some(p => 'isSimpleAuth' in p && (p as { isSimpleAuth: boolean }).isSimpleAuth === true);\n  }\n\n  // ============================================================================\n  // MastraAuthProvider Implementation\n  // ============================================================================\n\n  async authenticateToken(token: string, request: HonoRequest): Promise<unknown | null> {\n    for (const provider of this.providers) {\n      try {\n        const user = await provider.authenticateToken(token, request);\n        if (user) {\n          this.rememberAuthenticatedProvider(user, provider);\n          return user;\n        }\n      } catch {\n        // ignore error, try next provider\n      }\n    }\n    return null;\n  }\n\n  async authorizeUser(user: unknown, request: HonoRequest): Promise<boolean> {\n    for (const provider of this.providers) {\n      const authorized = await provider.authorizeUser(user, request);\n      if (authorized) {\n        return true;\n      }\n    }\n    return false;\n  }\n\n  // ============================================================================\n  // ISSOProvider Implementation\n  // ============================================================================\n\n  /**\n   * Forward cookie header to SSO provider for PKCE validation.\n   * Called by auth handler before handleCallback().\n   */\n  setCallbackCookieHeader(cookieHeader: string | null): void {\n    const sso = this.findProvider(isSSOProvider);\n    if (sso && typeof (sso as any).setCallbackCookieHeader === 'function') {\n      (sso as any).setCallbackCookieHeader(cookieHeader);\n    }\n  }\n\n  getLoginUrl(redirectUri: string, state: string): string {\n    const sso = this.findProvider(isSSOProvider);\n    if (!sso) throw new Error('No SSO provider configured in CompositeAuth');\n    return sso.getLoginUrl(redirectUri, state);\n  }\n\n  getLoginCookies(redirectUri: string, state: string): string[] | undefined {\n    const sso = this.findProvider(isSSOProvider);\n    return sso?.getLoginCookies?.(redirectUri, state);\n  }\n\n  async handleCallback(code: string, state: string): Promise<SSOCallbackResult<User>> {\n    const sso = this.findProvider(isSSOProvider);\n    if (!sso) throw new Error('No SSO provider configured in CompositeAuth');\n    return sso.handleCallback(code, state) as Promise<SSOCallbackResult<User>>;\n  }\n\n  getLoginButtonConfig(): SSOLoginConfig {\n    const sso = this.findProvider(isSSOProvider);\n    if (!sso) return { provider: 'unknown', text: 'Sign in' };\n    return sso.getLoginButtonConfig();\n  }\n\n  async getLogoutUrl(redirectUri: string, request?: Request): Promise<string | null> {\n    // Try each SSO provider until one returns a logout URL\n    for (const provider of this.providers) {\n      if (isSSOProvider(provider) && provider.getLogoutUrl) {\n        try {\n          const url = await provider.getLogoutUrl(redirectUri, request);\n          if (url) return url;\n        } catch {\n          // Try next provider\n        }\n      }\n    }\n    return null;\n  }\n\n  // ============================================================================\n  // ISessionProvider Implementation\n  // ============================================================================\n\n  async createSession(userId: string, metadata?: Record<string, unknown>): Promise<Session> {\n    const session = this.findProvider(isSessionProvider);\n    if (!session) throw new Error('No session provider configured in CompositeAuth');\n    return session.createSession(userId, metadata);\n  }\n\n  async validateSession(sessionId: string): Promise<Session | null> {\n    // Try each session provider until one validates\n    for (const provider of this.providers) {\n      if (isSessionProvider(provider)) {\n        try {\n          const session = await provider.validateSession(sessionId);\n          if (session) return session;\n        } catch {\n          // Try next provider\n        }\n      }\n    }\n    return null;\n  }\n\n  async destroySession(sessionId: string): Promise<void> {\n    // Destroy session on ALL providers (user may have sessions in multiple stores)\n    const destroyPromises: Promise<void>[] = [];\n    for (const provider of this.providers) {\n      if (isSessionProvider(provider)) {\n        destroyPromises.push(\n          provider.destroySession(sessionId).catch(() => {\n            // Ignore errors, session may not exist in this provider\n          }),\n        );\n      }\n    }\n    await Promise.all(destroyPromises);\n  }\n\n  async refreshSession(sessionId: string): Promise<Session | null> {\n    // Try each session provider until one refreshes\n    for (const provider of this.providers) {\n      if (isSessionProvider(provider)) {\n        try {\n          const session = await provider.refreshSession(sessionId);\n          if (session) return session;\n        } catch {\n          // Try next provider\n        }\n      }\n    }\n    return null;\n  }\n\n  getSessionIdFromRequest(request: Request): string | null {\n    // Try each session provider until one finds a session ID\n    for (const provider of this.providers) {\n      if (isSessionProvider(provider)) {\n        try {\n          const sessionId = provider.getSessionIdFromRequest(request);\n          if (sessionId) return sessionId;\n        } catch {\n          // Try next provider\n        }\n      }\n    }\n    return null;\n  }\n\n  getSessionHeaders(session: Session): Record<string, string> {\n    // Intentionally uses only the first session provider: a session is created by one\n    // provider, so we only set its cookie. clearSession clears ALL providers to ensure\n    // no stale cookies remain.\n    const sessionProvider = this.findProvider(isSessionProvider);\n    return sessionProvider?.getSessionHeaders(session) ?? {};\n  }\n\n  getClearSessionHeaders(): Record<string, string> {\n    // Merge clear headers from ALL providers to ensure no stale session cookies remain\n    const headers: Record<string, string> = {};\n    for (const provider of this.providers) {\n      if (isSessionProvider(provider)) {\n        try {\n          const providerHeaders = provider.getClearSessionHeaders();\n          Object.assign(headers, providerHeaders);\n        } catch {\n          // Ignore errors\n        }\n      }\n    }\n    return headers;\n  }\n\n  // ============================================================================\n  // IUserProvider Implementation\n  // Try each provider until one returns a user (like authenticateToken)\n  // ============================================================================\n\n  async getCurrentUser(request: Request): Promise<User | null> {\n    for (const provider of this.providers) {\n      if (isUserProvider(provider)) {\n        try {\n          const user = await provider.getCurrentUser(request);\n          if (user) return user;\n        } catch {\n          // Try next provider\n        }\n      }\n    }\n    return null;\n  }\n\n  async getUser(userId: string): Promise<User | null> {\n    for (const provider of this.providers) {\n      if (isUserProvider(provider)) {\n        try {\n          const user = await provider.getUser(userId);\n          if (user) return user;\n        } catch {\n          // Try next provider\n        }\n      }\n    }\n    return null;\n  }\n}\n","import { MastraBase } from '../base';\nimport { RegisteredLogger } from '../logger/constants';\n\n/**\n * Base class for server adapters that provides app storage and retrieval.\n *\n * This class extends MastraBase to get logging capabilities and provides\n * a framework-agnostic way to store and retrieve the server app instance\n * (e.g., Hono, Express).\n *\n * Server adapters (like MastraServer from @mastra/hono or @mastra/express) extend this\n * base class to inherit the app storage functionality while adding their\n * framework-specific route registration and middleware handling.\n *\n * @template TApp - The type of the server app (e.g., Hono, Express Application)\n *\n * @example\n * ```typescript\n * // After server creation, the app is accessible via Mastra\n * const app = mastra.getServerApp<Hono>();\n * const response = await app.fetch(new Request('http://localhost/health'));\n * ```\n */\nexport abstract class MastraServerBase<TApp = unknown> extends MastraBase {\n  #app: TApp;\n\n  constructor({ app, name }: { app: TApp; name?: string }) {\n    super({ component: RegisteredLogger.SERVER, name: name ?? 'Server' });\n    this.#app = app;\n  }\n\n  /**\n   * Get the app instance.\n   *\n   * Returns the server app that was passed to the constructor. This allows users\n   * to access the underlying server framework's app for direct operations\n   * like calling routes via app.fetch() (Hono) or using the app for testing.\n   *\n   * @template T - The expected type of the app (defaults to TApp)\n   * @returns The app instance cast to T. Callers are responsible for ensuring T matches the actual app type.\n   *\n   * @example\n   * ```typescript\n   * const app = adapter.getApp<Hono>();\n   * const response = await app.fetch(new Request('http://localhost/api/agents'));\n   * ```\n   */\n  getApp<T = TApp>(): T {\n    return this.#app as unknown as T;\n  }\n\n  /**\n   * Protected getter for subclasses to access the app.\n   * This allows subclasses to use `this.app` naturally.\n   */\n  protected get app(): TApp {\n    return this.#app;\n  }\n}\n","import type { HonoRequest } from 'hono';\nimport type { CredentialsResult } from '../auth';\nimport type { MastraAuthProviderOptions } from './auth';\nimport { MastraAuthProvider } from './auth';\n\nconst DEFAULT_HEADERS = ['Authorization', 'X-Playground-Access'];\n\ntype TokenToUser<TUser> = Record<string, TUser>;\n\nexport interface SimpleAuthOptions<TUser> extends MastraAuthProviderOptions<TUser> {\n  /**\n   * Valid tokens to authenticate against\n   */\n  tokens: TokenToUser<TUser>;\n  /**\n   * Headers to check for authentication\n   * @default ['Authorization', 'X-Playground-Access']\n   */\n  headers?: string | string[];\n}\n\nexport class SimpleAuth<TUser> extends MastraAuthProvider<TUser> {\n  /**\n   * Marker to exempt SimpleAuth from EE license requirement.\n   * SimpleAuth is for development/testing and should work without a license.\n   */\n  readonly isSimpleAuth = true;\n\n  private tokens: TokenToUser<TUser>;\n  private headers: string[];\n  private users: TUser[];\n  private userById: Map<string, TUser>;\n\n  constructor(options: SimpleAuthOptions<TUser>) {\n    super(options);\n    this.tokens = options.tokens;\n    this.users = Object.values(this.tokens);\n    this.headers = [...DEFAULT_HEADERS].concat(options.headers || []);\n    this.userById = new Map(this.users.map(u => [String((u as any)?.id), u]));\n  }\n\n  async authenticateToken(token: string, request: HonoRequest): Promise<TUser | null> {\n    const requestTokens = this.getTokensFromHeaders(token, request);\n\n    for (const requestToken of requestTokens) {\n      const tokenToUser = this.tokens[requestToken];\n      if (tokenToUser) {\n        return tokenToUser;\n      }\n    }\n\n    return this.getUserFromCookie(this.getRequestHeader(request, 'Cookie'));\n  }\n\n  async authorizeUser(user: TUser, _request: HonoRequest): Promise<boolean> {\n    return this.users.includes(user);\n  }\n\n  /** Get current user from request headers or cookie. */\n  async getCurrentUser(request: Request): Promise<TUser | null> {\n    // Check headers first\n    for (const headerName of this.headers) {\n      const headerValue = request.headers.get(headerName);\n      if (headerValue) {\n        const token = this.stripBearerPrefix(headerValue);\n        const user = this.tokens[token];\n        if (user) {\n          return user;\n        }\n      }\n    }\n\n    return this.getUserFromCookie(request.headers.get('Cookie'));\n  }\n\n  private getUserFromCookie(cookieHeader: string | null | undefined): TUser | null {\n    if (!cookieHeader) return null;\n\n    const cookies = cookieHeader.split(';').map(c => c.trim());\n    for (const cookie of cookies) {\n      if (cookie.startsWith('mastra-token=')) {\n        const token = cookie.slice('mastra-token='.length);\n        const user = this.tokens[token];\n        if (user) {\n          return user;\n        }\n      }\n    }\n    return null;\n  }\n\n  /** Get user by ID. */\n  async getUser(userId: string): Promise<TUser | null> {\n    return this.userById.get(userId) ?? null;\n  }\n\n  /**\n   * Sign in with token (passed as password field).\n   * The email field is ignored - only the token matters.\n   */\n  async signIn(_email: string, password: string, _request: Request): Promise<CredentialsResult<TUser>> {\n    const token = password;\n    const user = this.tokens[token];\n\n    if (!user) {\n      throw new Error('Invalid token');\n    }\n\n    // Set cookie so the token persists across requests\n    const cookie = `mastra-token=${token}; Path=/; HttpOnly; SameSite=Lax; Max-Age=86400`;\n\n    return {\n      user,\n      token,\n      cookies: [cookie],\n    };\n  }\n\n  async signUp(): Promise<CredentialsResult<TUser>> {\n    throw new Error('Sign up is not supported with SimpleAuth. Use pre-configured tokens.');\n  }\n\n  isSignUpEnabled(): boolean {\n    return false;\n  }\n\n  /**\n   * Get headers to clear the session cookie on logout.\n   * Partial ISessionProvider implementation for logout support.\n   */\n  getClearSessionHeaders(): Record<string, string> {\n    return {\n      'Set-Cookie': 'mastra-token=; Path=/; HttpOnly; SameSite=Lax; Max-Age=0',\n    };\n  }\n\n  private stripBearerPrefix(token: string): string {\n    return token.startsWith('Bearer ') ? token.slice(7) : token;\n  }\n\n  /**\n   * Get a header value from either a HonoRequest or standard Request.\n   * The auth middleware passes a raw Request (c.req.raw), not a HonoRequest,\n   * so we need to handle both APIs.\n   */\n  private getRequestHeader(request: HonoRequest | Request, name: string): string | undefined {\n    if (typeof (request as any).header === 'function') {\n      return (request as HonoRequest).header(name);\n    }\n    return (request as Request).headers?.get(name) ?? undefined;\n  }\n\n  private getTokensFromHeaders(token: string, request: HonoRequest): string[] {\n    const tokens = [token];\n    for (const headerName of this.headers) {\n      const headerValue = this.getRequestHeader(request, headerName);\n      if (headerValue) {\n        tokens.push(this.stripBearerPrefix(headerValue));\n      }\n    }\n    return tokens;\n  }\n}\n","import type { Context, Handler, MiddlewareHandler } from 'hono';\nimport type { DescribeRouteOptions } from 'hono-openapi';\nimport { MastraError, ErrorDomain, ErrorCategory } from '../error';\nimport type { Mastra } from '../mastra';\nimport type { RequestContext } from '../request-context';\nimport type { ApiRoute, MastraAuthConfig, Methods } from './types';\n\nexport type {\n  MastraAuthConfig,\n  ContextWithMastra,\n  ApiRoute,\n  HttpLoggingConfig,\n  ValidationErrorContext,\n  ValidationErrorResponse,\n  ValidationErrorHook,\n} from './types';\nexport { MastraAuthProvider } from './auth';\nexport type { MastraAuthProviderOptions } from './auth';\nexport { CompositeAuth } from './composite-auth';\nexport { MastraServerBase } from './base';\nexport { SimpleAuth } from './simple-auth';\nexport type { SimpleAuthOptions } from './simple-auth';\n\n// Helper type for inferring parameters from a path\ntype ParamsFromPath<P extends string> = {\n  [K in P extends `${string}:${infer Param}/${string}` | `${string}:${infer Param}` ? Param : never]: string;\n};\n\ntype RegisterApiRoutePathError = `Param 'path' must not start with '/api', it is reserved for internal API routes.`;\ntype ValidatePath<P extends string, T> = P extends `/api/${string}` ? RegisterApiRoutePathError : T;\n\n/**\n * Variables available in the Hono context for custom API route handlers.\n * These are set by the server middleware and available via c.get().\n */\ntype CustomRouteVariables = {\n  mastra: Mastra;\n  requestContext: RequestContext;\n};\n\ntype RegisterApiRouteOptions<P extends string> = {\n  method: Methods;\n  openapi?: DescribeRouteOptions;\n  handler?: Handler<\n    {\n      Variables: CustomRouteVariables;\n    },\n    P,\n    ParamsFromPath<P>\n  >;\n  createHandler?: (c: Context) => Promise<\n    Handler<\n      {\n        Variables: CustomRouteVariables;\n      },\n      P,\n      ParamsFromPath<P>\n    >\n  >;\n  middleware?: MiddlewareHandler | MiddlewareHandler[];\n  /**\n   * When false, skips Mastra auth for this route (defaults to true)\n   */\n  requiresAuth?: boolean;\n};\n\nfunction validateOptions<P extends string>(\n  path: P,\n  options: RegisterApiRoutePathError | RegisterApiRouteOptions<P>,\n): asserts options is RegisterApiRouteOptions<P> {\n  const opts = options as RegisterApiRouteOptions<P>;\n\n  if (opts.method === undefined) {\n    throw new MastraError({\n      id: 'MASTRA_SERVER_API_INVALID_ROUTE_OPTIONS',\n      text: `Invalid options for route \"${path}\", missing \"method\" property`,\n      domain: ErrorDomain.MASTRA_SERVER,\n      category: ErrorCategory.USER,\n    });\n  }\n\n  if (opts.handler === undefined && opts.createHandler === undefined) {\n    throw new MastraError({\n      id: 'MASTRA_SERVER_API_INVALID_ROUTE_OPTIONS',\n      text: `Invalid options for route \"${path}\", you must define a \"handler\" or \"createHandler\" property`,\n      domain: ErrorDomain.MASTRA_SERVER,\n      category: ErrorCategory.USER,\n    });\n  }\n\n  if (opts.handler !== undefined && opts.createHandler !== undefined) {\n    throw new MastraError({\n      id: 'MASTRA_SERVER_API_INVALID_ROUTE_OPTIONS',\n      text: `Invalid options for route \"${path}\", you can only define one of the following properties: \"handler\" or \"createHandler\"`,\n      domain: ErrorDomain.MASTRA_SERVER,\n      category: ErrorCategory.USER,\n    });\n  }\n}\n\nexport function registerApiRoute<P extends string>(\n  path: P,\n  options: ValidatePath<P, RegisterApiRouteOptions<P>>,\n): ValidatePath<P, ApiRoute> {\n  if (path.startsWith('/api/')) {\n    throw new MastraError({\n      id: 'MASTRA_SERVER_API_PATH_RESERVED',\n      text: 'Path must not start with \"/api\", it\\'s reserved for internal API routes',\n      domain: ErrorDomain.MASTRA_SERVER,\n      category: ErrorCategory.USER,\n    });\n  }\n\n  validateOptions(path, options);\n\n  return {\n    path,\n    method: options.method,\n    handler: options.handler,\n    createHandler: options.createHandler,\n    openapi: options.openapi,\n    middleware: options.middleware,\n    requiresAuth: options.requiresAuth,\n  } as unknown as ValidatePath<P, ApiRoute>;\n}\n\nexport function defineAuth<TUser>(config: MastraAuthConfig<TUser>): MastraAuthConfig<TUser> {\n  return config;\n}\n"]}