diff --git a/CHANGELOG.md b/CHANGELOG.md index e4d2ff8..4feb6bf 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ +## [1.4.1](https://github.com/PlusAuth/oidc-client-js/compare/v1.4.0...v1.4.1) (2023-10-17) + + +### Bug Fixes + +* access token renewal wont start on inital load ([c5f09f4](https://github.com/PlusAuth/oidc-client-js/commit/c5f09f456fd1903885a536f476a4fce9eead237d)) +* synchronizer events not fired when localStorage is disabled ([0cfae29](https://github.com/PlusAuth/oidc-client-js/commit/0cfae292c69b06e17a7cb574aef947000617594c)) + # [1.4.0](https://github.com/PlusAuth/oidc-client-js/compare/v1.3.0...v1.4.0) (2023-09-08) diff --git a/dist/oidc-client.esm.js b/dist/oidc-client.esm.js index 737b88b..b23a687 100644 --- a/dist/oidc-client.esm.js +++ b/dist/oidc-client.esm.js @@ -1,5 +1,5 @@ /*! - * @plusauth/oidc-client-js v1.4.0 + * @plusauth/oidc-client-js v1.4.1 * https://github.com/PlusAuth/oidc-client-js * (c) 2023 @plusauth/oidc-client-js Contributors * Released under the MIT License @@ -836,7 +836,10 @@ class TabUtils { try { handlers[messageId](eventData); } catch (x) {} - if (!window.localStorage) return; //no local storage. old browser + if (!window.localStorage) { + this.events.emit(messageId, eventData); + return; //no local storage. old browser + } const data = { data: eventData, timeStamp: new Date().getTime() @@ -850,7 +853,10 @@ class TabUtils { } OnBroadcastMessage(messageId, fn) { handlers[messageId] = fn; - if (!window.localStorage) return; //no local storage. old browser + if (!window.localStorage) { + this.events.on(messageId, fn); + return; //no local storage. old browser + } //first register a handler for "storage" event that we trigger above window.addEventListener('storage', (ev)=>{ if (ev.key != `${this.keyPrefix}event${messageId}`) return; // ignore other keys @@ -859,9 +865,11 @@ class TabUtils { fn(messageData.data); }); } - constructor(kid){ + constructor(kid, fallbackEvents){ _define_property$1(this, "keyPrefix", void 0); + _define_property$1(this, "events", void 0); this.keyPrefix = kid; + this.events = fallbackEvents; } } @@ -1492,17 +1500,22 @@ function _define_property(obj, key, value) { } if (expires_in !== undefined && this.options.autoSilentRenew) { const expiration = Number(expires_in) - this.options.secondsToRefreshAccessTokenBeforeExp; + const renew = ()=>{ + this.synchronizer.CallOnce('silent-login', async ()=>{ + try { + await this.silentLogin(); + this.emit(Events.SILENT_RENEW_SUCCESS, null); + } catch (e) { + this.emit(Events.SILENT_RENEW_ERROR, e); + } + }); + }; if (expiration >= 0) { this._accessTokenExpireTimer.start(expiration, async ()=>{ - this.synchronizer.CallOnce('silent-login', async ()=>{ - try { - await this.silentLogin(); - this.emit(Events.SILENT_RENEW_SUCCESS, null); - } catch (e) { - this.emit(Events.SILENT_RENEW_ERROR, e); - } - }); + renew(); }); + } else { + renew(); } } } @@ -1528,7 +1541,7 @@ function _define_property(obj, key, value) { if (!isValidIssuer(options.issuer)) { throw new OIDCClientError('"issuer" must be a valid uri.'); } - this.synchronizer = new TabUtils(btoa(options.issuer)); + this.synchronizer = new TabUtils(btoa(options.issuer), this); this.options = mergeObjects({ secondsToRefreshAccessTokenBeforeExp: 60, autoSilentRenew: true, diff --git a/dist/oidc-client.esm.js.map b/dist/oidc-client.esm.js.map index 808369c..97c4c17 100644 --- a/dist/oidc-client.esm.js.map +++ b/dist/oidc-client.esm.js.map @@ -1 +1 @@ -{"version":3,"file":"oidc-client.esm.js","sources":["../src/constants/events.ts","../src/errors.ts","../src/helpers/state_manager/state_store.ts","../src/helpers/state_manager/local_storage.ts","../src/helpers/state_manager/in_memory.ts","../src/helpers/event_emitter.ts","../src/helpers/timer.ts","../src/utils/iframe.ts","../node_modules/.pnpm/base64-js@1.5.1/node_modules/base64-js/index.js","../src/utils/url.ts","../src/utils/request.ts","../src/utils/jose.ts","../src/utils/check_session_iframe.ts","../src/utils/object.ts","../src/utils/oidc.ts","../src/utils/popup.ts","../src/utils/tab_utils.ts","../src/client.ts","../src/index.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/indent */\nexport const Events = {\n USER_LOGOUT: 'user_logout',\n USER_LOGIN: 'user_login',\n SILENT_RENEW_SUCCESS: 'silent_renew_success',\n SILENT_RENEW_ERROR: 'silent_renew_error',\n SESSION_CHANGE: 'session_change'\n} as const\n\nexport type EventTypes = 'user_logout' | 'user_login' | 'silent_renew_success' |\n 'silent_renew_error' | 'session_change' | 'session_error'\n","export class OIDCClientError extends Error {\n error: string;\n\n error_description?: string;\n\n public constructor( error: string, error_description?: string ) {\n super( `${ error }${ error_description && ` - ${ error_description }` || '' }` );\n this.name = 'OIDCClientError'\n this.error = error\n this.error_description = error_description\n }\n}\n\nexport class AuthenticationError extends OIDCClientError {\n state?: string;\n\n error_uri?: string;\n\n constructor( error: string, error_description?: string, state?: string, error_uri?: string ) {\n super( error, error_description );\n this.name = 'AuthenticationError'\n this.state = state;\n this.error_uri = error_uri;\n }\n}\n\nexport class StateNotFound extends AuthenticationError {\n state?: string;\n\n constructor( error: string, state?: string ) {\n super( error );\n this.name = 'StateNotFound'\n this.state = state;\n }\n}\n\nexport class InvalidJWTError extends OIDCClientError {\n constructor( details: string ) {\n super( details );\n this.name = 'InvalidJWTError'\n this.error_description = details\n }\n}\n\nexport class InvalidIdTokenError extends InvalidJWTError {\n constructor( details: string ) {\n super( details );\n this.name = 'InvalidIdTokenError'\n }\n}\n\nexport class InteractionCancelled extends OIDCClientError {\n constructor( details: string ) {\n super( details );\n this.name = 'InteractionCancelled'\n }\n}\n","export interface StateStore> {\n init?(): Promise>\n}\n// eslint-disable-next-line @typescript-eslint/no-unsafe-declaration-merging\nexport abstract class StateStore> {\n prefix: string;\n\n constructor( prefix = '' ) {\n this.prefix = prefix\n }\n\n public abstract get( key: string ): Promise;\n\n public abstract set( key: string, value: T ): Promise;\n\n public abstract del( key: string ): Promise;\n\n public abstract clear( maxAge?: number ): Promise;\n}\n","import { StateStore } from './state_store';\n\nexport class LocalStorageStateStore extends StateStore {\n constructor( prefix = 'pa_oidc.' ) {\n super( prefix )\n }\n\n get( key: string ) {\n return new Promise( ( resolve ) => {\n const value = window.localStorage.getItem( this.prefix + key );\n if ( value ) {\n resolve( JSON.parse( value ) );\n } else {\n resolve( null );\n }\n } );\n }\n\n set( key: string, value: T ) {\n return new Promise( ( resolve ) => {\n window.localStorage.setItem( this.prefix + key, JSON.stringify( value ) );\n resolve();\n } );\n }\n\n del( key: string ) {\n return new Promise( ( resolve ) => {\n window.localStorage.removeItem( this.prefix + key );\n resolve();\n } );\n }\n\n clear( before?: number ): Promise {\n return new Promise( ( resolve ) => {\n let i;\n const storedKeys: string[] = [];\n for ( i = 0; i < window.localStorage.length; i++ ) {\n const key = window.localStorage.key( i )\n // items only created by oidc client\n if ( key?.substring( 0, this.prefix.length ) == this.prefix ) {\n storedKeys.push( key );\n }\n }\n for ( i = 0; i < storedKeys.length; i++ ) {\n if ( before ) {\n try {\n const storedItem = JSON.parse( window.localStorage.getItem( storedKeys[i] )! )\n if ( storedItem.created_at < before ) {\n window.localStorage.removeItem( storedKeys[i] )\n }\n } catch ( e ) {\n }\n } else {\n window.localStorage.removeItem( storedKeys[i] )\n }\n }\n resolve();\n } );\n }\n}\n","import { StateStore } from './state_store';\n\nexport class InMemoryStateStore extends StateStore {\n map = new Map()\n\n clear( before?: number ) {\n if ( before ){\n this.map.forEach( ( val, ind ) => {\n if ( val.created_at < before ){\n this.map.delete( ind )\n }\n } )\n return Promise.resolve()\n } else {\n return Promise.resolve( this.map.clear() );\n }\n }\n\n del( key: string ) {\n this.map.delete( key )\n return Promise.resolve( );\n }\n\n get( key: string ) {\n return Promise.resolve( this.map.get( key ) || null );\n }\n\n set( key: string, value: any ) {\n this.map.set( key, value )\n return Promise.resolve();\n }\n}\n","export type Listener = ( ...args: any ) => void\n\nexport class EventEmitter{\n callbacks: Record;\n\n constructor(){\n this.callbacks = {}\n }\n\n once( event: T, fn: ( ...args: any[] ) => void ){\n function on( this: EventEmitter, ...onArgs: any[] ) {\n this.off( event, on );\n fn.apply( this, onArgs );\n }\n on.fn = fn\n this.on( event, on );\n return this;\n }\n\n on( event: T, cb: ( ...args: any[] ) => void ){\n if ( !this.callbacks[`$${ event }`] ) this.callbacks[`$${ event }`] = [];\n this.callbacks[`$${ event }`].push( cb )\n return this\n }\n\n off( event?: T, fn?: ( ...args: any[] ) => void ){\n if ( !event ) {\n this.callbacks = {};\n return this;\n }\n\n // specific event\n const callbacks = this.callbacks[`$${ event }`];\n if ( !callbacks ) return this;\n\n // remove all handlers\n if ( !fn ) {\n delete this.callbacks[`$${ event }`];\n return this;\n }\n\n for ( let i = 0; i < callbacks.length; i++ ) {\n const cb = callbacks[i];\n if ( cb === fn || cb.fn === fn ) {\n callbacks.splice( i, 1 );\n break;\n }\n }\n\n // Remove event specific arrays for event types that no\n // one is subscribed for to avoid memory leak.\n if ( callbacks.length === 0 ) {\n delete this.callbacks[`$${ event }`];\n }\n\n return this;\n }\n\n emit( event: T, ...args: any[] ){\n let cbs = this.callbacks[`$${ event }`]\n if ( cbs ) {\n cbs = cbs.slice( 0 );\n for ( let i = 0, len = cbs.length; i < len; ++i ) {\n cbs[i].apply( this, args );\n }\n }\n return this\n }\n}\n","export class Timer {\n private now: () => number;\n\n private _timerHandle: any;\n\n private _expiration!: number;\n\n constructor( currentTimeInMillisFunc = () => Date.now() ) {\n this.now = currentTimeInMillisFunc\n }\n\n start( duration: number, callback: () => void ){\n if ( duration <= 0 ) {\n duration = 1;\n }\n const expiration = this.now() / 1000 + duration;\n if ( this._expiration === expiration && this._timerHandle ) {\n return;\n }\n\n this.stop();\n\n this._expiration = expiration;\n\n // prevent device sleep and delayed timers\n let timerDuration = 5;\n if ( duration < timerDuration ) {\n timerDuration = duration;\n }\n this._timerHandle = setInterval( ()=>{\n if ( this._expiration <= this.now() / 1000 ) {\n this.stop();\n callback()\n }\n }, timerDuration * 1000 );\n }\n\n stop() {\n if ( this._timerHandle ) {\n clearInterval( this._timerHandle );\n this._timerHandle = null;\n }\n }\n}\n","import { AuthenticationError, OIDCClientError } from '../errors';\nimport type { IFrameOptions } from '../interfaces';\n\nexport function createHiddenFrame() {\n const iframe = window.document.createElement( 'iframe' );\n iframe.style.width = '0';\n iframe.style.height = '0';\n iframe.style.position = 'absolute';\n iframe.style.visibility = 'hidden';\n iframe.style.display = 'none';\n\n iframe.title = '__pa_helper__hidden'\n iframe.ariaHidden = 'true'\n\n return iframe\n}\n\nexport function runIframe(\n url: string,\n options: IFrameOptions\n) {\n return new Promise( ( resolve, reject ) => {\n let onLoadTimeoutId: any = null;\n const iframe = createHiddenFrame()\n\n const timeoutSetTimeoutId = setTimeout( () => {\n reject( new OIDCClientError( 'Timed out' ) );\n removeIframe();\n }, ( options.timeout || 10 ) * 1000 );\n\n const iframeEventHandler = ( e: MessageEvent ) => {\n if ( e.origin != options.eventOrigin ) return;\n if ( !e.data || e.data.type !== 'authorization_response' ) return;\n const eventSource = e.source;\n if ( eventSource ) {\n ( eventSource ).close();\n }\n\n const resp = e.data.response || e.data\n resp.error\n ? reject( new AuthenticationError( resp.error, resp.error_description, resp.state, resp.error_uri ) )\n : resolve( e.data );\n clearTimeout( timeoutSetTimeoutId );\n removeIframe();\n };\n\n const removeIframe = () => {\n if ( onLoadTimeoutId != null ){\n clearTimeout( onLoadTimeoutId )\n }\n if ( window.document.body.contains( iframe ) ) {\n window.document.body.removeChild( iframe );\n }\n window.removeEventListener( 'message', iframeEventHandler, false );\n };\n\n const onLoadTimeout = () => setTimeout( ()=>{\n reject( new OIDCClientError( 'Could not complete silent authentication', url ) )\n removeIframe();\n }, 300 )\n\n\n\n window.addEventListener( 'message', iframeEventHandler, false );\n window.document.body.appendChild( iframe );\n iframe.setAttribute( 'src', url );\n\n /**\n * In case of wrong client id, wrong redirect_uri, in short when redirect did not happen\n * we assume flow failed.\n */\n iframe.onload = function () {\n onLoadTimeoutId = onLoadTimeout()\n }\n } );\n}\n","'use strict'\n\nexports.byteLength = byteLength\nexports.toByteArray = toByteArray\nexports.fromByteArray = fromByteArray\n\nvar lookup = []\nvar revLookup = []\nvar Arr = typeof Uint8Array !== 'undefined' ? Uint8Array : Array\n\nvar code = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'\nfor (var i = 0, len = code.length; i < len; ++i) {\n lookup[i] = code[i]\n revLookup[code.charCodeAt(i)] = i\n}\n\n// Support decoding URL-safe base64 strings, as Node.js does.\n// See: https://en.wikipedia.org/wiki/Base64#URL_applications\nrevLookup['-'.charCodeAt(0)] = 62\nrevLookup['_'.charCodeAt(0)] = 63\n\nfunction getLens (b64) {\n var len = b64.length\n\n if (len % 4 > 0) {\n throw new Error('Invalid string. Length must be a multiple of 4')\n }\n\n // Trim off extra bytes after placeholder bytes are found\n // See: https://github.com/beatgammit/base64-js/issues/42\n var validLen = b64.indexOf('=')\n if (validLen === -1) validLen = len\n\n var placeHoldersLen = validLen === len\n ? 0\n : 4 - (validLen % 4)\n\n return [validLen, placeHoldersLen]\n}\n\n// base64 is 4/3 + up to two characters of the original data\nfunction byteLength (b64) {\n var lens = getLens(b64)\n var validLen = lens[0]\n var placeHoldersLen = lens[1]\n return ((validLen + placeHoldersLen) * 3 / 4) - placeHoldersLen\n}\n\nfunction _byteLength (b64, validLen, placeHoldersLen) {\n return ((validLen + placeHoldersLen) * 3 / 4) - placeHoldersLen\n}\n\nfunction toByteArray (b64) {\n var tmp\n var lens = getLens(b64)\n var validLen = lens[0]\n var placeHoldersLen = lens[1]\n\n var arr = new Arr(_byteLength(b64, validLen, placeHoldersLen))\n\n var curByte = 0\n\n // if there are placeholders, only get up to the last complete 4 chars\n var len = placeHoldersLen > 0\n ? validLen - 4\n : validLen\n\n var i\n for (i = 0; i < len; i += 4) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 18) |\n (revLookup[b64.charCodeAt(i + 1)] << 12) |\n (revLookup[b64.charCodeAt(i + 2)] << 6) |\n revLookup[b64.charCodeAt(i + 3)]\n arr[curByte++] = (tmp >> 16) & 0xFF\n arr[curByte++] = (tmp >> 8) & 0xFF\n arr[curByte++] = tmp & 0xFF\n }\n\n if (placeHoldersLen === 2) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 2) |\n (revLookup[b64.charCodeAt(i + 1)] >> 4)\n arr[curByte++] = tmp & 0xFF\n }\n\n if (placeHoldersLen === 1) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 10) |\n (revLookup[b64.charCodeAt(i + 1)] << 4) |\n (revLookup[b64.charCodeAt(i + 2)] >> 2)\n arr[curByte++] = (tmp >> 8) & 0xFF\n arr[curByte++] = tmp & 0xFF\n }\n\n return arr\n}\n\nfunction tripletToBase64 (num) {\n return lookup[num >> 18 & 0x3F] +\n lookup[num >> 12 & 0x3F] +\n lookup[num >> 6 & 0x3F] +\n lookup[num & 0x3F]\n}\n\nfunction encodeChunk (uint8, start, end) {\n var tmp\n var output = []\n for (var i = start; i < end; i += 3) {\n tmp =\n ((uint8[i] << 16) & 0xFF0000) +\n ((uint8[i + 1] << 8) & 0xFF00) +\n (uint8[i + 2] & 0xFF)\n output.push(tripletToBase64(tmp))\n }\n return output.join('')\n}\n\nfunction fromByteArray (uint8) {\n var tmp\n var len = uint8.length\n var extraBytes = len % 3 // if we have 1 byte left, pad 2 bytes\n var parts = []\n var maxChunkLength = 16383 // must be multiple of 3\n\n // go through the array every three bytes, we'll deal with trailing stuff later\n for (var i = 0, len2 = len - extraBytes; i < len2; i += maxChunkLength) {\n parts.push(encodeChunk(uint8, i, (i + maxChunkLength) > len2 ? len2 : (i + maxChunkLength)))\n }\n\n // pad the end with zeros, but make sure to not forget the extra bytes\n if (extraBytes === 1) {\n tmp = uint8[len - 1]\n parts.push(\n lookup[tmp >> 2] +\n lookup[(tmp << 4) & 0x3F] +\n '=='\n )\n } else if (extraBytes === 2) {\n tmp = (uint8[len - 2] << 8) + uint8[len - 1]\n parts.push(\n lookup[tmp >> 10] +\n lookup[(tmp >> 4) & 0x3F] +\n lookup[(tmp << 2) & 0x3F] +\n '='\n )\n }\n\n return parts.join('')\n}\n","import { fromByteArray } from 'base64-js';\n\nexport function isValidIssuer( issuer: string ){\n try {\n const url = new URL( issuer )\n if ( !['http:', 'https:'].includes( url.protocol ) ){\n return false\n }\n if ( url.search !== '' || url.hash !== '' ){\n return false\n }\n return true\n } catch ( e ){\n return false\n }\n}\nexport function buildEncodedQueryString( obj?: Record,\n appendable = true, ) {\n if ( !obj ) return '';\n const ret: string[] = [];\n for ( const d in obj ) {\n if ( obj.hasOwnProperty( d ) && obj[d] ) {\n ret.push( `${\n encodeURIComponent( d )\n }=${\n encodeURIComponent( typeof obj[d] === 'object' ? JSON.stringify( obj[d] ) : obj[d]! )\n }` );\n }\n }\n return `${ appendable ? '?' : '' }${ ret.join( '&' ) }`;\n}\n\nexport function parseQueryUrl( value: string ) {\n const result: Record = {};\n value = value.trim().replace( /^(\\?|#|&)/, '' );\n const params = value.split( '&' );\n for ( let i = 0; i < params.length; i += 1 ) {\n const paramAndValue = params[i];\n const parts = paramAndValue.split( '=' );\n const key = decodeURIComponent( parts.shift()! );\n const value = parts.length > 0 ? parts.join( '=' ) : '';\n result[key] = decodeURIComponent( value );\n }\n return result;\n}\n\nexport function urlSafe( buffer: Uint8Array ): string {\n const encoded = fromByteArray( new Uint8Array( buffer ) );\n return encoded.replace( /\\+/g, '-' ).replace( /\\//g, '_' ).replace( /=/g, '' );\n}\n","import { buildEncodedQueryString } from './url';\n\nexport interface RequestOptions {\n body?: Record;\n headers?: Record,\n method: 'GET' | 'POST' | 'PATCH' | 'TRACE' | 'OPTIONS' | 'HEAD',\n requestType?: 'form' | 'json',\n url: string\n}\n\nexport function request( options: RequestOptions ): Promise{\n let body: any = null\n let headers = options.headers || {}\n if ( options.method === 'POST' ){\n headers = {\n 'Content-Type': options.requestType === 'form' ? 'application/x-www-form-urlencoded;charset=UTF-8' :\n 'application/json;charset=UTF-8',\n ...headers\n }\n }\n if ( options.body ){\n body = options.requestType === 'form' ? buildEncodedQueryString( options.body, false )\n : JSON.stringify( options.body )\n }\n\n return new Promise( ( resolve, reject ) => {\n fetch( options.url, {\n method: options.method,\n body: body,\n headers\n } )\n .then( ( value: Response ) => resolve( value.json() ) )\n .catch( reject )\n } )\n}\n","import { InvalidIdTokenError, InvalidJWTError, OIDCClientError } from '../errors';\nimport type { IPlusAuthClientOptions, JWTValidationOptions, ParsedJWT } from '../interfaces';\n\nimport { urlSafe } from './url';\n\nconst CHARSET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';\n\nfunction getRandomBytes( n: number ){\n // @ts-ignore\n const crypto = self.crypto || self.msCrypto, QUOTA = 65536;\n const a = new Uint8Array( n );\n for ( let i = 0; i < n; i += QUOTA ) {\n crypto.getRandomValues( a.subarray( i, i + Math.min( n - i, QUOTA ) ) );\n }\n return a;\n}\n\nexport function generateRandom( length: number ){\n let out = '';\n const charsLen = CHARSET.length;\n const maxByte = 256 - 256 % charsLen;\n while ( length > 0 ) {\n const buf = getRandomBytes( Math.ceil( length * 256 / maxByte ) );\n for ( let i = 0; i < buf.length && length > 0; i++ ) {\n const randomByte = buf[i];\n if ( randomByte < maxByte ) {\n out += CHARSET.charAt( randomByte % charsLen );\n length--;\n }\n }\n }\n return out;\n}\n\n\nexport function deriveChallenge( code: string ): Promise{\n if ( code.length < 43 || code.length > 128 ) {\n return Promise.reject( new OIDCClientError( `Invalid code length: ${ code.length }` ) );\n }\n\n return new Promise( ( resolve, reject ) => {\n crypto.subtle.digest( 'SHA-256', new TextEncoder().encode( code ) )\n .then( buffer => {\n return resolve( urlSafe( new Uint8Array( buffer ) ) );\n }, function ( error ) {\n /* istanbul ignore next */\n return reject( error );\n } );\n } );\n}\n// https://datatracker.ietf.org/doc/html/rfc4648#section-5\nexport const urlDecodeB64 = ( input: string ) => decodeURIComponent(\n atob( input.replace( /_/g, '/' ).replace( /-/g, '+' ) )\n .split( '' )\n .map( c => {\n return `%${ `00${ c.charCodeAt( 0 ).toString( 16 ) }`.slice( -2 ) }`;\n } )\n .join( '' )\n);\n\n\n\nexport function parseJwt( jwt: string ): ParsedJWT {\n try {\n const parts = jwt.split( '.' )\n if ( parts.length !== 3 ){\n throw new Error( 'Wrong JWT format' )\n }\n return {\n header: JSON.parse( urlDecodeB64( parts[0] ) ),\n payload: JSON.parse( urlDecodeB64( parts[1] ) )\n }\n } catch ( e ){\n throw new InvalidJWTError( 'Failed to parse jwt' )\n }\n}\n\nexport function validateIdToken( id_token: string, nonce: string, options: IPlusAuthClientOptions ) {\n if ( !nonce ) {\n throw new OIDCClientError( 'No nonce on state' );\n }\n\n try {\n const jwt = parseJwt( id_token );\n\n if ( nonce !== jwt.payload.nonce ) {\n throw new Error( `Invalid nonce in id_token: ${ jwt.payload.nonce }` );\n }\n\n validateJwt( id_token, options, true )\n\n // @ts-ignore\n if ( !jwt.payload['sub'] ) {\n throw new Error( 'No Subject (sub) present in id_token' );\n }\n\n return jwt.payload;\n } catch ( e ){\n throw new InvalidIdTokenError( e.message )\n }\n}\n\nexport function validateJwt( jwt: string, options: JWTValidationOptions, isIdToken = false ) {\n // eslint-disable-next-line prefer-const\n let { clockSkew, currentTimeInMillis, issuer, audience, client_id } = options\n if ( !clockSkew ){\n clockSkew = 0\n }\n const now = ( currentTimeInMillis && currentTimeInMillis() || Date.now() ) / 1000;\n\n const payload = parseJwt( jwt ).payload;\n\n if ( !payload.iss ) {\n throw new InvalidJWTError( 'Issuer (iss) was not provided' );\n }\n if ( payload.iss !== issuer ) {\n throw new InvalidJWTError( `Invalid Issuer (iss) in token: ${ payload.iss }` );\n }\n\n if ( !payload.aud ) {\n throw new InvalidJWTError( 'Audience (aud) was not provided' );\n }\n\n // Audience must be equal to client_id in id_token\n // https://openid.net/specs/openid-connect-core-1_0.html#IDToken\n if ( Array.isArray( payload.aud ) ?\n payload.aud.indexOf( isIdToken ? client_id : audience || client_id ) == -1 :\n payload.aud !== ( isIdToken ? client_id : audience || client_id )\n ) {\n throw new InvalidJWTError( `Invalid Audience (aud) in token: ${ payload.aud }` );\n }\n\n if ( payload.azp && payload.azp !== client_id ) {\n throw new InvalidJWTError( `Invalid Authorized Party (azp) in token: ${ payload.azp }` );\n }\n\n const lowerNow = Math.ceil( now + clockSkew );\n const upperNow = Math.floor( now - clockSkew );\n\n if ( !payload.iat ) {\n throw new InvalidJWTError( 'Issued At (iat) was not provided' );\n }\n\n if ( lowerNow < Number( payload.iat ) ) {\n throw new InvalidJWTError( `Issued At (iat) is in the future: ${ payload.iat }` );\n }\n\n if ( payload.nbf && lowerNow < Number( payload.nbf ) ) {\n throw new InvalidJWTError( `Not Before time (nbf) is in the future: ${ payload.nbf }` );\n }\n\n if ( !payload.exp ) {\n throw new InvalidJWTError( 'Expiration Time (exp) was not provided' );\n }\n if ( Number( payload.exp ) < upperNow ) {\n throw new InvalidJWTError( `Expiration Time (exp) is in the past: ${ payload.exp }` );\n }\n\n return payload;\n}\n\n// Retrieved from https://www.iana.org/assignments/jwt/jwt.xhtml\nexport const nonUserClaims = [\n 'iss',\n // 'sub',\n 'aud',\n 'exp',\n 'nbf',\n 'iat',\n 'jti',\n 'azp',\n 'nonce',\n 'auth_time',\n 'at_hash',\n 'c_hash',\n 'acr',\n 'amr',\n 'sub_jwk',\n 'cnf',\n 'sip_from_tag',\n 'sip_date',\n 'sip_callid',\n 'sip_cseq_num',\n 'sip_via_branch',\n 'orig',\n 'dest',\n 'mky',\n 'events',\n 'toe',\n 'txn',\n 'rph',\n 'sid',\n 'vot',\n 'vtm',\n 'attest',\n 'origid',\n 'act',\n 'scope',\n 'client_id',\n 'may_act',\n 'jcard',\n 'at_use_nbr',\n] as const\n","import type { SessionChecker, SessionCheckerOptions } from '../interfaces';\n\nimport { createHiddenFrame } from './iframe';\n\nconst DEFAULT_CHECK_INTERVAL = 2000\n\nexport function createSessionCheckerFrame( options: SessionCheckerOptions ): SessionChecker{\n const { url, callback, client_id, checkInterval } = options\n let internalSessionState: string | null;\n const idx = url.indexOf( '/', url.indexOf( '//' ) + 2 );\n const frameOrigin = url.substr( 0, idx );\n\n const frame = createHiddenFrame()\n\n let timer: any\n\n const load = () => {\n return new Promise( resolve => {\n window.document.body.appendChild( frame );\n window.addEventListener( 'message', iframeEventHandler, false );\n frame.onload = () => {\n resolve( null )\n }\n } )\n }\n\n const start = ( sessionState: string ) => {\n load().then( () => {\n if ( sessionState && internalSessionState !== sessionState ) {\n stop();\n internalSessionState = sessionState;\n const send = () => {\n frame.contentWindow!.postMessage( `${ client_id } ${ internalSessionState }`, frameOrigin );\n };\n send();\n timer = window.setInterval( send, checkInterval || DEFAULT_CHECK_INTERVAL );\n }\n } )\n }\n\n const stop = () => {\n internalSessionState = null;\n if ( timer ) {\n window.clearInterval( timer );\n timer = null;\n }\n }\n\n const iframeEventHandler = ( e: MessageEvent ) => {\n if ( e.origin === frameOrigin && e.source === frame.contentWindow ) {\n if ( e.data === 'error' ) {\n stop();\n callback( e.data );\n } else if ( e.data === 'changed' ) {\n stop();\n callback();\n }\n }\n }\n\n frame.setAttribute( 'src', url );\n\n return {\n stop,\n start\n }\n}\n","type RequiredAndNotNull = {\n [P in keyof T]-?: Exclude\n}\n\n/**\n * not suitable for every object but it is enough for this library\n * @param object\n */\nexport function cleanUndefined>( object: T ) {\n if ( !object || typeof object !== 'object' ) {\n return object\n }\n return JSON.parse( JSON.stringify( object ) ) as RequiredAndNotNull\n}\n\nfunction merge( previousValue: any, currentValue: any ) {\n for ( const p in currentValue ) {\n if ( currentValue[p] !== undefined ) {\n if ( typeof currentValue[p] === 'object' && currentValue[p].constructor.name === 'Object' ) {\n previousValue[p] = merge( previousValue[p] || {}, currentValue[p] );\n } else {\n previousValue[p] = currentValue[p];\n }\n }\n }\n return previousValue\n}\nexport function mergeObjects( obj1: T, obj2: U ): RequiredAndNotNull;\nexport function mergeObjects( obj1: T, obj2: U, obj3: K ): RequiredAndNotNull;\nexport function mergeObjects( ...objects: any[] ) {\n return objects.reduce( ( previousValue, currentValue ) => {\n return merge( previousValue || {}, currentValue )\n }, {} ) as any\n}\n","export const isResponseType = ( type: string, response_type?: string ) =>\n response_type && response_type.split( /\\s+/g ).filter( rt => rt === type ).length > 0\n\nexport const isScopeIncluded = ( scope: string, scopes?: string ) =>\n scopes && scopes.split( ' ' ).indexOf( scope ) > -1\n","import { InteractionCancelled, OIDCClientError } from '../errors';\nimport type { PopupOptions } from '../interfaces';\n\nconst openPopup = ( url: string, width = 400, height = 600 ) => {\n const left = window.screenX + ( window.innerWidth - width ) / 2;\n const top = window.screenY + ( window.innerHeight - height ) / 2;\n\n return window.open(\n url,\n 'oidc-login-popup',\n `left=${ left },top=${ top },width=${ width },height=${ height },resizable,scrollbars=yes,status=1`\n );\n};\n\nexport function runPopup( url: string, options: PopupOptions ) {\n let popup = options.popup;\n\n if ( popup ) {\n popup.location.href = url;\n } else {\n popup = openPopup( url );\n }\n\n if ( !popup ) {\n /* istanbul ignore next */\n throw new Error( 'Could not open popup' );\n }\n\n let timeoutId: any ;\n let closeId: any ;\n\n return new Promise<{ response: any, state: string }>( ( resolve, reject ) => {\n function clearHandlers(){\n clearInterval( closeId );\n clearTimeout( timeoutId )\n window.removeEventListener( 'message', messageListener )\n }\n\n timeoutId = setTimeout( () => {\n clearHandlers()\n reject( new OIDCClientError( 'Timed out' ) );\n }, options.timeout || 60 * 1000 )\n\n closeId = setInterval( function () {\n if ( popup!.closed ) {\n clearHandlers()\n reject( new InteractionCancelled( 'user closed popup' ) )\n }\n }, 300 );\n\n window.addEventListener( 'message', messageListener );\n\n function messageListener( e: MessageEvent ){\n if ( !e.data || e.data.type !== 'authorization_response' ) return;\n clearHandlers();\n popup!.close();\n const data = e.data.response || e.data\n data.error ? reject( new OIDCClientError( data.error, data.error_description ) )\n : resolve( e.data );\n }\n } );\n}\n","/*\nJitbit TabUtils - helper for multiple browser tabs. version 1.0\nhttps://github.com/jitbit/TabUtils\n- executing \"interlocked\" function call - only once per multiple tabs\n- broadcasting a message to all tabs (including the current one) with some message \"data\"\n- handling a broadcasted message\nMIT license: https://github.com/jitbit/TabUtils/blob/master/LICENSE\n*/\n\nconst currentTabId = `${ performance.now() }:${ Math.random() * 1000000000 | 0 }`;\nconst handlers: Record = {};\n\nexport class TabUtils {\n keyPrefix: string;\n\n constructor( kid: string ) {\n this.keyPrefix = kid;\n }\n\n //runs code only once in multiple tabs\n //the lock holds for 4 seconds (in case the function is async and returns right away, for example, an ajax call intiated)\n //then it is cleared\n CallOnce( lockname: string, fn: () => void, timeout = 3000 ): void{\n if ( !lockname ) throw 'empty lockname';\n\n if ( !window.localStorage ) { //no local storage. old browser. screw it, just run the function\n fn();\n return;\n }\n\n const localStorageKey = this.keyPrefix + lockname;\n\n localStorage.setItem( localStorageKey, currentTabId );\n //re-read after a delay (after all tabs have saved their tabIDs into ls)\n setTimeout( () => {\n if ( localStorage.getItem( localStorageKey ) == currentTabId )\n fn();\n }, 150 );\n\n //cleanup - release the lock after 3 seconds and on window unload (just in case user closed the window while the lock is still held)\n setTimeout( function () { localStorage.removeItem( localStorageKey ); }, timeout );\n }\n\n BroadcastMessageToAllTabs( messageId: string, eventData: any ): void{\n //now we also need to manually execute handler in the current tab too, because current tab does not get 'storage' events\n try { handlers[messageId]( eventData ); } //\"try\" in case handler not found\n catch ( x ) { }\n\n if ( !window.localStorage ) return; //no local storage. old browser\n\n const data = {\n data: eventData,\n timeStamp: new Date().getTime()\n }; //add timestamp because overwriting same data does not trigger the event\n\n //this triggers 'storage' event for all other tabs except the current tab\n localStorage.setItem( `${ this.keyPrefix }event${ messageId }`, JSON.stringify( data ) );\n\n //cleanup\n setTimeout( () => { localStorage.removeItem( `${ this.keyPrefix }event${ messageId }` ); }, 3000 );\n }\n\n OnBroadcastMessage( messageId: string, fn: ( data: any ) => void ): void{\n handlers[messageId] = fn;\n if ( !window.localStorage ) return; //no local storage. old browser\n\n //first register a handler for \"storage\" event that we trigger above\n window.addEventListener( 'storage', ( ev ) => {\n if ( ev.key != `${ this.keyPrefix }event${ messageId }` ) return; // ignore other keys\n if ( !ev.newValue ) return; //called by cleanup?\n const messageData = JSON.parse( ev.newValue );\n fn( messageData.data );\n } );\n }\n}\n","import type { EventTypes } from './constants';\nimport { Events } from './constants';\n\nimport {\n AuthenticationError, InvalidIdTokenError,\n OIDCClientError, StateNotFound\n} from './errors';\n\nimport type {\n StateStore } from './helpers';\nimport {\n EventEmitter,\n InMemoryStateStore,\n LocalStorageStateStore\n} from './helpers';\n\n\n\nimport { Timer } from './helpers/timer';\nimport type { AuthRecord,\n AuthRequestOptions, IEndpointConfiguration,\n IPlusAuthClientOptions,\n LogoutRequestOptions, PopupOptions, RevokeOptions, SessionChecker,\n SessionMonitorOptions, StateRecord,\n TokenRequestOption, TokenResponse, TokenType\n} from './interfaces';\n\nimport type {\n RequestOptions } from './utils';\nimport {\n request,\n runIframe,\n buildEncodedQueryString,\n parseQueryUrl,\n validateIdToken,\n createSessionCheckerFrame,\n nonUserClaims, generateRandom, deriveChallenge, isValidIssuer,\n} from './utils';\nimport { cleanUndefined, mergeObjects } from './utils/object';\n\nimport { isResponseType, isScopeIncluded } from './utils/oidc';\nimport { runPopup } from './utils/popup';\nimport { TabUtils } from './utils/tab_utils';\n\n/**\n * `OIDCClient` provides methods for interacting with OIDC/OAuth2 authorization server. Those methods are signing a\n * user in, signing out, managing the user's claims, checking session and managing tokens returned from the\n * OIDC/OAuth2 provider.\n *\n */\nexport class OIDCClient extends EventEmitter{\n options: IPlusAuthClientOptions\n\n user?: any;\n\n scopes?: string[];\n\n accessToken?: string;\n\n refreshToken?: string;\n\n idToken?: string;\n\n idTokenRaw?: string;\n\n issuer_metadata?: Record;\n\n private readonly http: ( options: RequestOptions ) => Promise | never;\n\n private synchronizer: TabUtils;\n\n private stateStore: StateStore\n\n private authStore: StateStore;\n\n private sessionCheckerFrame?: SessionChecker\n\n private _accessTokenExpireTimer?: Timer;\n\n private initialized!: boolean;\n\n private __initializePromise!: Promise | undefined;\n\n constructor( options: IPlusAuthClientOptions ) {\n super()\n if ( !isValidIssuer( options.issuer ) ){\n throw new OIDCClientError( '\"issuer\" must be a valid uri.' )\n }\n\n this.synchronizer = new TabUtils( btoa( options.issuer ) )\n\n this.options = mergeObjects( {\n secondsToRefreshAccessTokenBeforeExp: 60,\n autoSilentRenew: true,\n checkSession: true,\n stateLength: 10,\n nonceLength: 10\n }, options, {\n // remove last slash for consistency across the lib\n issuer: options.issuer.endsWith( '/' ) ? options.issuer.slice( 0, -1 ) : options.issuer\n } )\n\n this.http = this.options.httpClient || request\n this.stateStore = this.options.stateStore || new LocalStorageStateStore( 'pa_oidc.state.' )\n this.authStore = this.options.authStore || new InMemoryStateStore()\n\n\n if ( this.options.autoSilentRenew ){\n this._accessTokenExpireTimer = new Timer()\n }\n\n this.on( Events.USER_LOGOUT, async ()=>{\n this.user = undefined\n this.scopes = undefined;\n this.accessToken = undefined\n this.idToken = undefined\n this.refreshToken = undefined\n await this.authStore.clear()\n } )\n\n this.synchronizer.OnBroadcastMessage( Events.USER_LOGIN, this.onUserLogin.bind( this ) )\n }\n\n /**\n * Initialize the library with this method. It resolves issuer configuration, jwks keys which are necessary for\n * validating tokens returned from provider and checking if a user is already authenticated in provider.\n *\n * @param checkLogin Make this `false` if you don't want to check user authorization status in provider while\n * initializing. Defaults to `true`\n */\n async initialize( checkLogin = true ): Promise | never {\n if ( this.initialized ){\n return this\n }\n\n if ( this.__initializePromise ){\n return this.__initializePromise\n } else {\n this.__initializePromise = new Promise( async ( resolve, reject ) => {\n try {\n if ( this.stateStore.init ){\n await this.stateStore.init()\n }\n if ( this.authStore.init ){\n await this.authStore.init()\n }\n\n if ( !this.options.endpoints || Object.keys( this.options.endpoints ).length === 0 ){\n await this.fetchFromIssuer()\n }\n this.initialized = true\n\n try {\n if ( checkLogin ){\n if ( !window?.frameElement ){\n await this.silentLogin()\n }\n }\n } catch ( e ) {\n this.emit( Events.SILENT_RENEW_ERROR, e )\n await this.authStore.clear()\n }\n resolve( this )\n } catch ( e ) {\n if ( e instanceof OIDCClientError ){\n reject( e )\n } else {\n reject( new OIDCClientError( e.message ) )\n }\n } finally {\n this.__initializePromise = undefined\n }\n } )\n }\n\n return this.__initializePromise\n }\n\n /**\n * Redirect to provider's authorization endpoint using provided parameters. You can override any parameter defined\n * in `OIDCClient`. If you don't provide `state`, `nonce` or `code_verifier` they will be generated automatically\n * in a random and secure way.\n *\n * @param options\n * @param localState\n */\n async login( options: Partial = {}, localState: Record = {} ){\n window.location.assign( await this.createAuthRequest( options, localState ) )\n }\n\n /**\n * Open a popup with the provider's authorization endpoint using provided parameters. You can override any\n * parameter defined in `OIDCClient`. If you don't provide `state`, `nonce` or `code_verifier` they will be\n * generated automatically in a random and secure way. You can also override popup options.\n *\n * NOTE: Most browsers block popups if they are not happened as a result of user actions. In order to display\n * login popup you must call this method in an event handler listening for a user action like button click.\n *\n * @param options\n * @param popupOptions\n */\n async loginWithPopup( options: Partial = {}, popupOptions: PopupOptions = {} ){\n const url = await this.createAuthRequest( {\n response_mode: 'fragment',\n ...options,\n display: 'popup',\n request_type: 'p'\n } )\n const { response, state } = await runPopup( url, popupOptions )\n const { authParams, localState } = !state || typeof state === 'string' ?\n await this.loadState( state || response.state )\n : state;\n const tokenResult = await this.handleAuthResponse( response, authParams, localState )\n const authObject = await this.handleTokenResult(\n tokenResult,\n authParams,\n mergeObjects( this.options, authParams )\n )\n authObject.session_state= response.session_state;\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return localState\n }\n\n /**\n * After a user successfully authorizes an application, the authorization server will redirect the user back to\n * the application with either an authorization code or access token in the URL. In the callback page you should\n * call this method.\n *\n * @param url Full url which contains authorization request result parameters. Defaults to `window.location.href`\n */\n async loginCallback( url: string= window?.location?.href ){\n if ( !url ){\n return Promise.reject( new OIDCClientError( 'Url must be passed to handle login redirect' ) )\n }\n let parsedUrl: URL;\n try {\n parsedUrl = new URL( url )\n } catch ( e ){\n return Promise.reject( new OIDCClientError( `Invalid callback url passed: \"${ url }\"` ) )\n }\n\n const responseParams = parseQueryUrl( parsedUrl.search || parsedUrl.hash )\n const rawStoredState = await this.loadState( responseParams.state )\n const { authParams, localState, request_type } = rawStoredState\n url = url || window.location.href;\n switch ( request_type ) {\n case 's':\n if ( window?.frameElement ) {\n if ( url ) {\n window.parent.postMessage( {\n type: 'authorization_response',\n response: responseParams,\n state: rawStoredState\n }, `${ location.protocol }//${ location.host }` );\n }\n }\n return\n case 'p':\n if ( window.opener && url ){\n window.opener.postMessage( {\n type: 'authorization_response',\n response: responseParams,\n state: rawStoredState\n }, `${ location.protocol }//${ location.host }` );\n }\n return\n default:\n if ( responseParams.error ){\n return Promise.reject( new AuthenticationError( responseParams.error, responseParams.error_description ) )\n }\n const tokenResult = await this.handleAuthResponse( responseParams, authParams, localState )\n const authObject = await this.handleTokenResult(\n tokenResult,\n authParams,\n mergeObjects( this.options, authParams )\n )\n authObject.session_state= responseParams.session_state;\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return localState\n }\n }\n\n /**\n * Redirect to provider's `end_session_endpoint` with provided parameters. After logout provider will redirect to\n * provided `post_logout_redirect_uri` if it provided.\n * @param options\n */\n async logout( options: LogoutRequestOptions = {} ){\n if ( !options.localOnly ) {\n const storedAuth = await this.authStore.get( 'auth' )\n const id_token_hint = options.id_token_hint || storedAuth?.id_token_raw\n window.location.assign( await this.createLogoutRequest( {\n ...options,\n id_token_hint\n } ) )\n }\n await this.authStore.clear()\n }\n\n /**\n * OAuth2 token revocation implementation method. See more at [tools.ietf.org/html/rfc7009](https://tools.ietf.org/html/rfc7009)\n * @param token Token to be revoked\n * @param type Passed token's type. It will be used to provide `token_type_hint` parameter.\n * @param options If necessary override options passed to `OIDCClient` by defining them here.\n */\n async revokeToken( token: string, type: TokenType = 'access_token', options: RevokeOptions = {} ){\n if ( !this.options.endpoints!.revocation_endpoint ){\n return Promise.reject( new OIDCClientError( '\"revocation_endpoint\" doesn\\'t exist' ) )\n }\n const finalOptions = {\n client_id: options.client_id || this.options.client_id,\n client_secret: options.client_secret || this.options.client_secret,\n token_type_hint: type,\n token: token\n }\n\n return this.http( {\n method: 'POST',\n requestType: 'form',\n url: this.options.endpoints!.revocation_endpoint,\n body: finalOptions\n } )\n }\n\n /**\n * Login without having an interaction. If refresh tokens are used and there is a stored refresh token it will\n * exchange refresh token to receive new access token. If not it silently makes a request the provider's\n * authorization endpoint using provided parameters. You can override any parameter defined in `OIDCClient`. If\n * you don't provide `state`, `nonce` or `code_verifier` they will be generated automatically in a random and\n * secure way.\n *\n * @param options\n * @param localState\n */\n async silentLogin( options: AuthRequestOptions = {}, localState: Record = {} ){\n await this.initialize( false )\n let tokenResult: any;\n let finalState: any = {}\n\n const storedAuth = await this.authStore.get( 'auth' ) || {}\n\n const finalOptions = mergeObjects( {\n response_mode: 'query',\n display: 'page',\n prompt: 'none'\n }, this.options, options )\n\n if ( finalOptions.silent_redirect_uri ){\n finalOptions.redirect_uri = finalOptions.silent_redirect_uri\n }\n\n if ( this.options.useRefreshToken && storedAuth?.refresh_token ){\n finalState.authParams = mergeObjects( storedAuth?.authParams || {}, finalState.authParams || {} )\n tokenResult = await this.exchangeRefreshToken( {\n ...finalOptions,\n refresh_token: storedAuth.refresh_token,\n } )\n } else {\n const authUrl = await this.createAuthRequest( {\n ...finalOptions,\n request_type: 's'\n }, localState )\n\n const { response, state } = await runIframe( authUrl, {\n timeout: finalOptions.silentRequestTimeout,\n eventOrigin: window.location.origin\n } )\n tokenResult = await this.handleAuthResponse( response, finalOptions, localState )\n storedAuth.session_state = response.session_state;\n finalState = state\n }\n\n const authObject = await this.handleTokenResult( tokenResult, finalState.authParams, finalOptions )\n authObject.session_state = storedAuth.session_state\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return finalState.localState\n }\n\n /**\n * Retrieve logged in user's access token if it exists.\n */\n async getAccessToken(){\n return ( await this.authStore.get( 'auth' ) )?.access_token\n }\n\n\n /**\n * Retrieve logged in user's refresh token if it exists.\n */\n async getRefreshToken(){\n return ( await this.authStore.get( 'auth' ) )?.refresh_token\n }\n\n /**\n * Retrieve logged in user's parsed id token if it exists.\n */\n async getIdToken(){\n return ( await this.authStore.get( 'auth' ) )?.id_token\n }\n\n /**\n * Retrieve access token's expiration.\n */\n async getExpiresIn(){\n return ( await this.authStore.get( 'auth' ) )?.expires_in\n }\n\n /**\n * Retrieve logged in user's id token in raw format if it exists.\n */\n async getIdTokenRaw(){\n return ( await this.authStore.get( 'auth' ) )?.id_token_raw\n }\n\n\n /**\n * Retrieve logged in user's scopes if it exists.\n */\n async getScopes(){\n return ( await this.authStore.get( 'auth' ) )?.scope?.split( ' ' )\n }\n\n\n /**\n * Retrieve logged in user's profile.\n */\n async getUser(){\n return ( await this.authStore.get( 'auth' ) )?.user\n }\n\n /**\n * If there is a user stored locally return true. Otherwise it will make a silentLogin to check if End-User is\n * logged in provider.\n *\n * @param localOnly Don't check provider\n */\n async isLoggedIn( localOnly = false ){\n const existsOnLocal = !!await this.getUser()\n if ( !existsOnLocal && !localOnly ){\n try {\n await this.silentLogin()\n return true\n } catch ( e ){\n return false\n }\n }\n return existsOnLocal\n }\n\n /**\n * Create authorization request with provided options.\n *\n * @param options\n * @param localState\n * @private\n */\n private async createAuthRequest( options: Partial = {},\n localState: Record = {} ): Promise{\n if ( !this.options.endpoints?.authorization_endpoint ){\n await this.initialize( false )\n }\n // TODO: deep merge for extra params\n const finalOptions = Object.assign( {}, this.options, options )\n localState.code_verifier = generateRandom( 72 )\n\n const authParams = {\n client_id: finalOptions.client_id,\n state: generateRandom( finalOptions.stateLength! ),\n scope: finalOptions.scope,\n audience: finalOptions.audience,\n redirect_uri: finalOptions.redirect_uri,\n response_mode: finalOptions.response_mode,\n response_type: finalOptions.response_type || 'code',\n ui_locales: finalOptions.ui_locales,\n prompt: finalOptions.prompt,\n display: finalOptions.display,\n claims: finalOptions.claims,\n claims_locales: finalOptions.claims_locales,\n acr_values: finalOptions.acr_values,\n registration: finalOptions.registration,\n login_hint: finalOptions.login_hint,\n id_token_hint: finalOptions.id_token_hint,\n web_message_uri: finalOptions.web_message_uri,\n web_message_target: finalOptions.web_message_target,\n ...finalOptions.extraParams && finalOptions.extraParams\n } as AuthRequestOptions;\n\n if ( isResponseType( 'id_token', authParams.response_type ) ||\n isScopeIncluded( 'openid', authParams.scope ) ){\n authParams.nonce = generateRandom( finalOptions.nonceLength! )\n }\n\n if ( isResponseType( 'code', authParams.response_type ) ){\n authParams.code_challenge= await deriveChallenge( localState.code_verifier )\n authParams.code_challenge_method= finalOptions.code_challenge_method || 'S256'\n }\n\n const now = this.options.currentTimeInMillis && this.options.currentTimeInMillis() || Date.now()\n const fragment = finalOptions.fragment ? `#${ finalOptions.fragment }` : '';\n const authParamsString = buildEncodedQueryString( authParams )\n const url = `${ this.options.endpoints!.authorization_endpoint }${ authParamsString }${ fragment }`\n\n // clear 1 day old state entries\n this.stateStore.clear( now - 86400000 )\n\n\n await this.stateStore.set( authParams.state!, cleanUndefined( {\n created_at: now,\n authParams,\n localState,\n request_type: finalOptions.request_type\n } ) )\n return url\n }\n\n /**\n * Create a logout request with given options\n *\n * @param options\n * @private\n */\n private async createLogoutRequest( options: LogoutRequestOptions = {} ){\n if ( !this.options.endpoints?.end_session_endpoint ){\n await this.fetchFromIssuer();\n }\n const finalOptions = mergeObjects( this.options, options )\n const logoutParams = {\n id_token_hint: finalOptions.id_token_hint,\n post_logout_redirect_uri: finalOptions.post_logout_redirect_uri,\n ...finalOptions.extraLogoutParams || {}\n }\n return `${ this.options.endpoints!.end_session_endpoint }${ buildEncodedQueryString( logoutParams ) }`\n }\n\n /**\n * Exchange authorization code retrieved from auth request result.\n * @param options\n * @private\n */\n private async exchangeAuthorizationCode( options: TokenRequestOption ){\n if ( !this.options.endpoints?.token_endpoint ){\n await this.fetchFromIssuer();\n }\n const finalOptions = mergeObjects( this.options, options )\n const { extraTokenHeaders, extraTokenParams, ...rest } = finalOptions\n const mergedOptions = {\n ...rest,\n ...extraTokenParams || {},\n grant_type: 'authorization_code',\n }\n\n for ( const req of ['code', 'redirect_uri', 'code_verifier', 'client_id'] as const ){\n if ( !mergedOptions[req] ){\n return Promise.reject( new Error( `\"${ req }\" is required` ) );\n }\n }\n\n return this.http( {\n url: `${ this.options.endpoints!.token_endpoint }`,\n method: 'POST',\n requestType: 'form',\n body: mergedOptions as any,\n headers: extraTokenHeaders\n } )\n }\n\n /**\n * Exchange refresh token with given options\n * @param options\n * @private\n */\n private async exchangeRefreshToken( options: Partial ) {\n if ( !this.options.endpoints?.token_endpoint ){\n await this.fetchFromIssuer();\n }\n const { extraTokenHeaders, extraTokenParams, ...rest } = options\n const mergedOptions = {\n grant_type: 'refresh_token',\n client_id: this.options.client_id,\n client_secret: this.options.client_secret,\n ...rest,\n ...extraTokenParams || {}\n }\n\n for ( const req of ['refresh_token', 'client_id'] as const ){\n if ( !mergedOptions[req] ){\n return Promise.reject( new Error( `\"${ req }\" is required` ) );\n }\n }\n\n return this.http( {\n url: `${ this.options.endpoints!.token_endpoint }`,\n method: 'POST',\n requestType: 'form',\n body: mergedOptions as any,\n headers: extraTokenHeaders\n } );\n }\n\n /**\n * Fetch OIDC configuration from the issuer.\n */\n private async fetchFromIssuer(): Promise>{\n try {\n const requestUrl = `${ this.options.issuer }/.well-known/openid-configuration`\n const response = await this.http( {\n url: requestUrl,\n method: 'GET',\n requestType: 'json'\n } )\n this.issuer_metadata = response as Record\n const endpoints = {} as any\n for ( const prop of Object.keys( this.issuer_metadata ) ) {\n if ( prop.endsWith( '_endpoint' ) || prop.indexOf( '_session' ) > -1 || prop.indexOf( '_uri' ) > -1 ) {\n endpoints[prop as keyof IEndpointConfiguration] = this.issuer_metadata[prop];\n }\n }\n this.options.endpoints = endpoints\n return this.issuer_metadata;\n } catch ( e ) {\n throw new OIDCClientError( 'Loading metadata failed', e.message )\n }\n }\n\n /**\n * Handle auth request result. If there is `code` exchange it.\n * @param response\n * @param finalOptions\n * @param localState\n * @private\n */\n private async handleAuthResponse(\n response: any,\n finalOptions: AuthRequestOptions,\n localState: Record = {}\n ){\n if ( response.code ){\n return this.exchangeAuthorizationCode( {\n redirect_uri: finalOptions.redirect_uri,\n client_id: finalOptions.client_id,\n code_verifier: localState.code_verifier,\n grant_type: 'authorization_code',\n code: response.code,\n } );\n } else {\n return response\n }\n }\n\n /**\n * Handle OAuth2 auth request result\n * @param tokenResult\n * @param authParams\n * @param finalOptions\n * @private\n */\n private async handleTokenResult( tokenResult: TokenResponse, authParams: AuthRequestOptions,\n finalOptions: IPlusAuthClientOptions ){\n await this.initialize( false )\n let user: any = {}\n if ( tokenResult.error ){\n throw new AuthenticationError( tokenResult.error, tokenResult.error_description )\n }\n let parsedIDToken: any;\n if ( tokenResult.id_token ){\n parsedIDToken = await validateIdToken( tokenResult.id_token, authParams.nonce!, finalOptions )\n if ( finalOptions.idTokenValidator && !await finalOptions.idTokenValidator( tokenResult.id_token ) ){\n return Promise.reject( new InvalidIdTokenError( 'Id Token validation failed' ) )\n }\n Object.keys( parsedIDToken ).forEach( key => {\n if ( !nonUserClaims.includes( key as any ) ){\n user[key] = parsedIDToken[key]\n }\n } )\n }\n\n if ( tokenResult.access_token ) {\n if ( finalOptions.requestUserInfo && this.options.endpoints?.userinfo_endpoint ) {\n const userInfoResult = await this.fetchUserInfo( tokenResult.access_token )\n if ( !userInfoResult.error ){\n user = { ...user, ...userInfoResult }\n }\n }\n }\n\n return {\n authParams,\n user,\n ...tokenResult,\n id_token: parsedIDToken,\n id_token_raw: tokenResult.id_token,\n scope: tokenResult.scope || authParams.scope,\n }\n }\n\n /**\n * Load stored state\n *\n * @param state\n * @private\n */\n private async loadState( state: string ){\n const rawStoredState = await this.stateStore.get( state )\n if ( !rawStoredState ){\n return Promise.reject( new StateNotFound( 'Local state not found', state ) )\n } else {\n await this.stateStore.del( state )\n }\n return rawStoredState\n }\n\n /**\n * Load user info by making request to providers `userinfo_endpoint`\n *\n * @param accessToken\n * @private\n */\n private async fetchUserInfo( accessToken: string ){\n return this.http( {\n method: 'GET',\n url: `${ this.options.endpoints!.userinfo_endpoint }`,\n requestType: 'json',\n headers: {\n 'Authorization': `Bearer ${ accessToken }`\n }\n } )\n }\n\n /**\n * Start monitoring End-User's session if the OIDC provider supports session management. See more at [OIDC Session\n * Management](https://openid.net/specs/openid-connect-session-1_0.html)\n *\n * @param sub End-User's id to for monitoring session\n * @param session_state string that represents the End-User's login state at the OP\n */\n private monitorSession( { sub, session_state }: SessionMonitorOptions ){\n const { client_id, endpoints } = this.options\n\n if ( !endpoints?.check_session_iframe ){\n console.warn( '\"check_session_iframe\" endpoint missing or session management is not supported by provider' )\n return\n }\n if ( !this.sessionCheckerFrame ){\n const sessionCheckCallback = async ( err: any )=>{\n if ( err ){\n this.emit( Events.USER_LOGOUT )\n } else {\n this.emit( Events.SESSION_CHANGE )\n try {\n await this.silentLogin( {}, {} )\n const storedAuth = await this.authStore.get( 'auth' )\n if ( storedAuth ){\n if ( storedAuth.user?.sub === sub && storedAuth.session_state ){\n this.sessionCheckerFrame!.start( storedAuth.session_state )\n }\n } else {\n this.emit( Events.USER_LOGOUT, null )\n }\n } catch ( e ) {\n this.emit( Events.USER_LOGOUT )\n return\n }\n }\n }\n\n this.sessionCheckerFrame = createSessionCheckerFrame( {\n url: endpoints.check_session_iframe,\n client_id: client_id,\n callback: sessionCheckCallback,\n checkInterval: this.options.checkSessionInterval,\n } )\n }\n\n this.sessionCheckerFrame.start( session_state )\n }\n\n private async onUserLogin( authObj: any ){\n const { expires_in, user, scope, access_token, id_token, refresh_token, session_state, id_token_raw } = authObj\n await this.authStore.set( 'auth', authObj )\n\n this.user = user\n this.scopes = scope?.split( ' ' );\n this.accessToken = access_token\n this.idToken = id_token\n this.idTokenRaw = id_token_raw\n this.refreshToken = refresh_token\n\n this.emit( Events.USER_LOGIN, authObj )\n if ( !window?.frameElement ) {\n if ( this.options.checkSession ) {\n this.monitorSession( { sub: user.sub || user.id, session_state } )\n }\n\n if ( expires_in !== undefined && this.options.autoSilentRenew ){\n const expiration = Number( expires_in ) - this.options.secondsToRefreshAccessTokenBeforeExp!\n if ( expiration >= 0 ){\n this._accessTokenExpireTimer!.start( expiration, async ()=> {\n this.synchronizer.CallOnce( 'silent-login', async () => {\n try {\n await this.silentLogin()\n this.emit( Events.SILENT_RENEW_SUCCESS, null )\n } catch ( e ) {\n this.emit( Events.SILENT_RENEW_ERROR, e )\n }\n } )\n } )\n }\n }\n }\n }\n}\n","import { OIDCClient } from './client';\nimport type { IPlusAuthClientOptions } from './interfaces';\n\nexport * from './interfaces'\nexport * from './client'\nexport * from './constants'\nexport * from './helpers'\nexport * from './errors'\n\n/**\n * Create OIDC client with initializing it. It resolves issuer metadata, jwks keys and check if user is\n * authenticated in OpenId Connect provider.\n */\nexport default function createOIDCClient( options: IPlusAuthClientOptions ): Promise{\n return new OIDCClient( options ).initialize()\n}\n"],"names":["Events","USER_LOGOUT","USER_LOGIN","SILENT_RENEW_SUCCESS","SILENT_RENEW_ERROR","SESSION_CHANGE","OIDCClientError","Error","error","error_description","name","AuthenticationError","constructor","state","error_uri","StateNotFound","InvalidJWTError","details","InvalidIdTokenError","InteractionCancelled","StateStore","prefix","LocalStorageStateStore","get","key","Promise","resolve","value","window","localStorage","getItem","JSON","parse","set","setItem","stringify","del","removeItem","clear","before","i","storedKeys","length","substring","push","storedItem","created_at","e","InMemoryStateStore","map","forEach","val","ind","delete","Map","EventEmitter","once","event","fn","on","onArgs","off","apply","cb","callbacks","splice","emit","args","cbs","slice","len","Timer","start","duration","callback","expiration","now","_expiration","_timerHandle","stop","timerDuration","setInterval","clearInterval","currentTimeInMillisFunc","Date","_define_property","createHiddenFrame","iframe","document","createElement","style","width","height","position","visibility","display","title","ariaHidden","runIframe","url","options","reject","onLoadTimeoutId","timeoutSetTimeoutId","setTimeout","removeIframe","timeout","iframeEventHandler","origin","eventOrigin","data","type","eventSource","source","close","resp","response","clearTimeout","body","contains","removeChild","removeEventListener","onLoadTimeout","addEventListener","appendChild","setAttribute","onload","isValidIssuer","issuer","URL","includes","protocol","search","hash","buildEncodedQueryString","obj","appendable","ret","d","hasOwnProperty","encodeURIComponent","join","parseQueryUrl","result","trim","replace","params","split","paramAndValue","parts","decodeURIComponent","shift","urlSafe","buffer","encoded","fromByteArray","Uint8Array","request","headers","method","requestType","fetch","then","json","catch","CHARSET","getRandomBytes","n","crypto","self","msCrypto","QUOTA","a","getRandomValues","subarray","Math","min","generateRandom","out","charsLen","maxByte","buf","ceil","randomByte","charAt","deriveChallenge","code","subtle","digest","TextEncoder","encode","urlDecodeB64","input","atob","c","charCodeAt","toString","parseJwt","jwt","header","payload","validateIdToken","id_token","nonce","validateJwt","message","isIdToken","clockSkew","currentTimeInMillis","audience","client_id","iss","aud","Array","isArray","indexOf","azp","lowerNow","upperNow","floor","iat","Number","nbf","exp","nonUserClaims","DEFAULT_CHECK_INTERVAL","createSessionCheckerFrame","checkInterval","internalSessionState","idx","frameOrigin","substr","frame","timer","load","sessionState","send","contentWindow","postMessage","cleanUndefined","object","merge","previousValue","currentValue","p","undefined","mergeObjects","objects","reduce","isResponseType","response_type","filter","rt","isScopeIncluded","scope","scopes","openPopup","left","screenX","innerWidth","top","screenY","innerHeight","open","runPopup","popup","location","href","timeoutId","closeId","clearHandlers","messageListener","closed","currentTabId","performance","random","handlers","TabUtils","CallOnce","lockname","localStorageKey","keyPrefix","BroadcastMessageToAllTabs","messageId","eventData","x","timeStamp","getTime","OnBroadcastMessage","ev","newValue","messageData","kid","OIDCClient","initialize","checkLogin","initialized","__initializePromise","stateStore","init","authStore","endpoints","Object","keys","fetchFromIssuer","frameElement","silentLogin","login","localState","assign","createAuthRequest","loginWithPopup","popupOptions","response_mode","request_type","authParams","loadState","tokenResult","handleAuthResponse","authObject","handleTokenResult","session_state","synchronizer","loginCallback","parsedUrl","responseParams","rawStoredState","parent","host","opener","logout","localOnly","storedAuth","id_token_hint","id_token_raw","createLogoutRequest","revokeToken","token","revocation_endpoint","finalOptions","client_secret","token_type_hint","http","finalState","prompt","silent_redirect_uri","redirect_uri","useRefreshToken","refresh_token","exchangeRefreshToken","authUrl","silentRequestTimeout","getAccessToken","access_token","getRefreshToken","getIdToken","getExpiresIn","expires_in","getIdTokenRaw","getScopes","getUser","user","isLoggedIn","existsOnLocal","authorization_endpoint","code_verifier","stateLength","ui_locales","claims","claims_locales","acr_values","registration","login_hint","web_message_uri","web_message_target","extraParams","nonceLength","code_challenge","code_challenge_method","fragment","authParamsString","end_session_endpoint","logoutParams","post_logout_redirect_uri","extraLogoutParams","exchangeAuthorizationCode","token_endpoint","extraTokenHeaders","extraTokenParams","rest","mergedOptions","grant_type","req","requestUrl","issuer_metadata","prop","endsWith","parsedIDToken","idTokenValidator","requestUserInfo","userinfo_endpoint","userInfoResult","fetchUserInfo","accessToken","sub","check_session_iframe","console","warn","sessionCheckerFrame","sessionCheckCallback","err","checkSessionInterval","onUserLogin","authObj","idToken","idTokenRaw","refreshToken","checkSession","monitorSession","id","autoSilentRenew","secondsToRefreshAccessTokenBeforeExp","_accessTokenExpireTimer","btoa","httpClient","bind","createOIDCClient"],"mappings":";;;;;;AAAA,+CACO,MAAMA,MAAS,GAAA;IACpBC,WAAsB,EAAA,aAAA;IACtBC,UAAsB,EAAA,YAAA;IACtBC,oBAAsB,EAAA,sBAAA;IACtBC,kBAAsB,EAAA,oBAAA;IACtBC,cAAsB,EAAA,gBAAA;AACxB;;;;;;;;;;;;;;;ACPO,MAAMC,eAAwBC,SAAAA,KAAAA,CAAAA;IAKnC,WAAoBC,CAAAA,KAAa,EAAEC,iBAA0B,CAAG;AAC9D,QAAA,KAAK,CAAE,CAAC,EAAGD,KAAAA,CAAO,EAAGC,iBAAAA,IAAqB,CAAC,GAAG,EAAGA,iBAAAA,CAAmB,CAAC,IAAI,GAAI,CAAC,CAAA,CAAA;AALhFD,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,SAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAC,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,qBAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAIE,IAAI,CAACC,IAAI,GAAG,iBAAA,CAAA;QACZ,IAAI,CAACF,KAAK,GAAGA,KAAAA,CAAAA;QACb,IAAI,CAACC,iBAAiB,GAAGA,iBAAAA,CAAAA;AAC3B,KAAA;AACF,CAAA;AAEO,MAAME,mBAA4BL,SAAAA,eAAAA,CAAAA;AAKvCM,IAAAA,WAAAA,CAAaJ,KAAa,EAAEC,iBAA0B,EAAEI,KAAc,EAAEC,SAAkB,CAAG;AAC3F,QAAA,KAAK,CAAEN,KAAOC,EAAAA,iBAAAA,CAAAA,CAAAA;AALhBI,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,SAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAC,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,aAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAIE,IAAI,CAACJ,IAAI,GAAG,qBAAA,CAAA;QACZ,IAAI,CAACG,KAAK,GAAGA,KAAAA,CAAAA;QACb,IAAI,CAACC,SAAS,GAAGA,SAAAA,CAAAA;AACnB,KAAA;AACF,CAAA;AAEO,MAAMC,aAAsBJ,SAAAA,mBAAAA,CAAAA;IAGjCC,WAAaJ,CAAAA,KAAa,EAAEK,KAAc,CAAG;AAC3C,QAAA,KAAK,CAAEL,KAAAA,CAAAA,CAAAA;AAHTK,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,SAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAIE,IAAI,CAACH,IAAI,GAAG,eAAA,CAAA;QACZ,IAAI,CAACG,KAAK,GAAGA,KAAAA,CAAAA;AACf,KAAA;AACF,CAAA;AAEO,MAAMG,eAAwBV,SAAAA,eAAAA,CAAAA;AACnCM,IAAAA,WAAAA,CAAaK,OAAe,CAAG;AAC7B,QAAA,KAAK,CAAEA,OAAAA,CAAAA,CAAAA;QACP,IAAI,CAACP,IAAI,GAAG,iBAAA,CAAA;QACZ,IAAI,CAACD,iBAAiB,GAAGQ,OAAAA,CAAAA;AAC3B,KAAA;AACF,CAAA;AAEO,MAAMC,mBAA4BF,SAAAA,eAAAA,CAAAA;AACvCJ,IAAAA,WAAAA,CAAaK,OAAe,CAAG;AAC7B,QAAA,KAAK,CAAEA,OAAAA,CAAAA,CAAAA;QACP,IAAI,CAACP,IAAI,GAAG,qBAAA,CAAA;AACd,KAAA;AACF,CAAA;AAEO,MAAMS,oBAA6Bb,SAAAA,eAAAA,CAAAA;AACxCM,IAAAA,WAAAA,CAAaK,OAAe,CAAG;AAC7B,QAAA,KAAK,CAAEA,OAAAA,CAAAA,CAAAA;QACP,IAAI,CAACP,IAAI,GAAG,sBAAA,CAAA;AACd,KAAA;AACF;;;;;;;;;;;;;;;ACrDA;AACO,MAAeU,UAAAA,CAAAA;IAGpBR,WAAaS,CAAAA,MAAAA,GAAS,EAAE,CAAG;AAF3BA,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,UAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAGE,IAAI,CAACA,MAAM,GAAGA,MAAAA,CAAAA;AAChB,KAAA;AASF;;AChBO,MAAMC,sBAAwCF,SAAAA,UAAAA,CAAAA;AAKnDG,IAAAA,GAAAA,CAAKC,GAAW,EAAG;QACjB,OAAO,IAAIC,QAAmB,CAAEC,OAAAA,GAAAA;YAC9B,MAAMC,KAAAA,GAAQC,OAAOC,YAAY,CAACC,OAAO,CAAE,IAAI,CAACT,MAAM,GAAGG,GAAAA,CAAAA,CAAAA;AACzD,YAAA,IAAKG,KAAQ,EAAA;gBACXD,OAASK,CAAAA,IAAAA,CAAKC,KAAK,CAAEL,KAAAA,CAAAA,CAAAA,CAAAA;aAChB,MAAA;gBACLD,OAAS,CAAA,IAAA,CAAA,CAAA;AACX,aAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;IAEAO,GAAKT,CAAAA,GAAW,EAAEG,KAAQ,EAAG;QAC3B,OAAO,IAAIF,QAAe,CAAEC,OAAAA,GAAAA;YAC1BE,MAAOC,CAAAA,YAAY,CAACK,OAAO,CAAE,IAAI,CAACb,MAAM,GAAGG,GAAAA,EAAKO,IAAKI,CAAAA,SAAS,CAAER,KAAAA,CAAAA,CAAAA,CAAAA;AAChED,YAAAA,OAAAA,EAAAA,CAAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;AAEAU,IAAAA,GAAAA,CAAKZ,GAAW,EAAG;QACjB,OAAO,IAAIC,QAAe,CAAEC,OAAAA,GAAAA;AAC1BE,YAAAA,MAAAA,CAAOC,YAAY,CAACQ,UAAU,CAAE,IAAI,CAAChB,MAAM,GAAGG,GAAAA,CAAAA,CAAAA;AAC9CE,YAAAA,OAAAA,EAAAA,CAAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;AAEAY,IAAAA,KAAAA,CAAOC,MAAe,EAAkB;QACtC,OAAO,IAAId,QAAe,CAAEC,OAAAA,GAAAA;YAC1B,IAAIc,CAAAA,CAAAA;AACJ,YAAA,MAAMC,aAAuB,EAAE,CAAA;YAC/B,IAAMD,CAAAA,GAAI,GAAGA,CAAIZ,GAAAA,MAAAA,CAAOC,YAAY,CAACa,MAAM,EAAEF,CAAM,EAAA,CAAA;AAG5ChB,gBAAAA,IAAAA,IAAAA,CAAAA;AAFL,gBAAA,MAAMA,GAAMI,GAAAA,MAAAA,CAAOC,YAAY,CAACL,GAAG,CAAEgB,CAAAA,CAAAA,CAAAA;;AAErC,gBAAA,IAAKhB,EAAAA,IAAAA,GAAAA,GAAAA,MAAAA,IAAAA,IAAAA,IAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,IAAAA,CAAKmB,SAAS,CAAE,CAAA,EAAG,IAAI,CAACtB,MAAM,CAACqB,MAAM,MAAM,IAAI,CAACrB,MAAM,EAAG;AAC5DoB,oBAAAA,UAAAA,CAAWG,IAAI,CAAEpB,GAAAA,CAAAA,CAAAA;AACnB,iBAAA;AACF,aAAA;AACA,YAAA,IAAMgB,IAAI,CAAGA,EAAAA,CAAAA,GAAIC,UAAWC,CAAAA,MAAM,EAAEF,CAAM,EAAA,CAAA;AACxC,gBAAA,IAAKD,MAAS,EAAA;oBACZ,IAAI;wBACF,MAAMM,UAAAA,GAAad,IAAKC,CAAAA,KAAK,CAAEJ,MAAAA,CAAOC,YAAY,CAACC,OAAO,CAAEW,UAAU,CAACD,CAAE,CAAA,CAAA,CAAA,CAAA;wBACzE,IAAKK,UAAAA,CAAWC,UAAU,GAAGP,MAAS,EAAA;AACpCX,4BAAAA,MAAAA,CAAOC,YAAY,CAACQ,UAAU,CAAEI,UAAU,CAACD,CAAE,CAAA,CAAA,CAAA;AAC/C,yBAAA;qBACA,CAAA,OAAQO,GAAI,EACd;iBACK,MAAA;AACLnB,oBAAAA,MAAAA,CAAOC,YAAY,CAACQ,UAAU,CAAEI,UAAU,CAACD,CAAE,CAAA,CAAA,CAAA;AAC/C,iBAAA;AACF,aAAA;AACAd,YAAAA,OAAAA,EAAAA,CAAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;IAvDAd,WAAaS,CAAAA,MAAAA,GAAS,UAAU,CAAG;AACjC,QAAA,KAAK,CAAEA,MAAAA,CAAAA,CAAAA;AACT,KAAA;AAsDF;;;;;;;;;;;;;;;ACzDO,MAAM2B,kBAAoC5B,SAAAA,UAAAA,CAAAA;AAG/CkB,IAAAA,KAAAA,CAAOC,MAAe,EAAG;AACvB,QAAA,IAAKA,MAAQ,EAAA;AACX,YAAA,IAAI,CAACU,GAAG,CAACC,OAAO,CAAE,CAAEC,GAAKC,EAAAA,GAAAA,GAAAA;gBACvB,IAAKD,GAAAA,CAAIL,UAAU,GAAGP,MAAQ,EAAA;AAC5B,oBAAA,IAAI,CAACU,GAAG,CAACI,MAAM,CAAED,GAAAA,CAAAA,CAAAA;AACnB,iBAAA;AACF,aAAA,CAAA,CAAA;AACA,YAAA,OAAO3B,QAAQC,OAAO,EAAA,CAAA;SACjB,MAAA;AACL,YAAA,OAAOD,QAAQC,OAAO,CAAE,IAAI,CAACuB,GAAG,CAACX,KAAK,EAAA,CAAA,CAAA;AACxC,SAAA;AACF,KAAA;AAEAF,IAAAA,GAAAA,CAAKZ,GAAW,EAAG;AACjB,QAAA,IAAI,CAACyB,GAAG,CAACI,MAAM,CAAE7B,GAAAA,CAAAA,CAAAA;AACjB,QAAA,OAAOC,QAAQC,OAAO,EAAA,CAAA;AACxB,KAAA;AAEAH,IAAAA,GAAAA,CAAKC,GAAW,EAAG;QACjB,OAAOC,OAAAA,CAAQC,OAAO,CAAE,IAAI,CAACuB,GAAG,CAAC1B,GAAG,CAAEC,GAAS,CAAA,IAAA,IAAA,CAAA,CAAA;AACjD,KAAA;IAEAS,GAAKT,CAAAA,GAAW,EAAEG,KAAU,EAAG;AAC7B,QAAA,IAAI,CAACsB,GAAG,CAAChB,GAAG,CAAET,GAAKG,EAAAA,KAAAA,CAAAA,CAAAA;AACnB,QAAA,OAAOF,QAAQC,OAAO,EAAA,CAAA;AACxB,KAAA;;;AA3BAuB,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,OAAM,IAAIK,GAAAA,EAAAA,CAAAA,CAAAA;;AA4BZ;;;;;;;;;;;;;;;AC7BO,MAAMC,YAAAA,CAAAA;IAOXC,IAAMC,CAAAA,KAAQ,EAAEC,EAA8B,EAAE;QAC9C,SAASC,EAAAA,CAA6B,GAAGC,MAAa,EAAA;YACpD,IAAI,CAACC,GAAG,CAAEJ,KAAOE,EAAAA,EAAAA,CAAAA,CAAAA;YACjBD,EAAGI,CAAAA,KAAK,CAAE,IAAI,EAAEF,MAAAA,CAAAA,CAAAA;AAClB,SAAA;AACAD,QAAAA,EAAAA,CAAGD,EAAE,GAAGA,EAAAA,CAAAA;QACR,IAAI,CAACC,EAAE,CAAEF,KAAOE,EAAAA,EAAAA,CAAAA,CAAAA;AAChB,QAAA,OAAO,IAAI,CAAA;AACb,KAAA;IAEAA,EAAIF,CAAAA,KAAQ,EAAEM,EAA8B,EAAE;QAC5C,IAAK,CAAC,IAAI,CAACC,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAAA,CAAO,CAAC,CAAC,EAAG,IAAI,CAACO,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,GAAG,EAAE,CAAA;QACxE,IAAI,CAACO,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAAA,CAAO,CAAC,CAAC,CAACb,IAAI,CAAEmB,EAAAA,CAAAA,CAAAA;AACpC,QAAA,OAAO,IAAI,CAAA;AACb,KAAA;IAEAF,GAAKJ,CAAAA,KAAS,EAAEC,EAA+B,EAAE;AAC/C,QAAA,IAAK,CAACD,KAAQ,EAAA;YACZ,IAAI,CAACO,SAAS,GAAG,EAAC,CAAA;AAClB,YAAA,OAAO,IAAI,CAAA;AACb,SAAA;;QAGA,MAAMA,SAAAA,GAAY,IAAI,CAACA,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,CAAA;QAC/C,IAAK,CAACO,SAAY,EAAA,OAAO,IAAI,CAAA;;AAG7B,QAAA,IAAK,CAACN,EAAK,EAAA;YACT,OAAO,IAAI,CAACM,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,CAAA;AACpC,YAAA,OAAO,IAAI,CAAA;AACb,SAAA;AAEA,QAAA,IAAM,IAAIjB,CAAI,GAAA,CAAA,EAAGA,IAAIwB,SAAUtB,CAAAA,MAAM,EAAEF,CAAM,EAAA,CAAA;YAC3C,MAAMuB,EAAAA,GAAKC,SAAS,CAACxB,CAAE,CAAA,CAAA;AACvB,YAAA,IAAKuB,EAAOL,KAAAA,EAAAA,IAAMK,EAAGL,CAAAA,EAAE,KAAKA,EAAK,EAAA;gBAC/BM,SAAUC,CAAAA,MAAM,CAAEzB,CAAG,EAAA,CAAA,CAAA,CAAA;AACrB,gBAAA,MAAA;AACF,aAAA;AACF,SAAA;;;QAIA,IAAKwB,SAAAA,CAAUtB,MAAM,KAAK,CAAI,EAAA;YAC5B,OAAO,IAAI,CAACsB,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,CAAA;AACtC,SAAA;AAEA,QAAA,OAAO,IAAI,CAAA;AACb,KAAA;AAEAS,IAAAA,IAAAA,CAAMT,KAAQ,EAAE,GAAGU,IAAW,EAAE;QAC9B,IAAIC,GAAAA,GAAM,IAAI,CAACJ,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,CAAA;AACvC,QAAA,IAAKW,GAAM,EAAA;YACTA,GAAMA,GAAAA,GAAAA,CAAIC,KAAK,CAAE,CAAA,CAAA,CAAA;YACjB,IAAM,IAAI7B,CAAI,GAAA,CAAA,EAAG8B,GAAMF,GAAAA,GAAAA,CAAI1B,MAAM,EAAEF,CAAAA,GAAI8B,GAAK,EAAA,EAAE9B,CAAI,CAAA;AAChD4B,gBAAAA,GAAG,CAAC5B,CAAE,CAAA,CAACsB,KAAK,CAAE,IAAI,EAAEK,IAAAA,CAAAA,CAAAA;AACtB,aAAA;AACF,SAAA;AACA,QAAA,OAAO,IAAI,CAAA;AACb,KAAA;IA9DAvD,WAAa,EAAA;AAFboD,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,aAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAGE,IAAI,CAACA,SAAS,GAAG,EAAC,CAAA;AACpB,KAAA;AA6DF;;;;;;;;;;;;;;;ACpEO,MAAMO,KAAAA,CAAAA;IAWXC,KAAOC,CAAAA,QAAgB,EAAEC,QAAoB,EAAE;AAC7C,QAAA,IAAKD,YAAY,CAAI,EAAA;YACnBA,QAAW,GAAA,CAAA,CAAA;AACb,SAAA;AACA,QAAA,MAAME,UAAa,GAAA,IAAI,CAACC,GAAG,KAAK,IAAOH,GAAAA,QAAAA,CAAAA;QACvC,IAAK,IAAI,CAACI,WAAW,KAAKF,cAAc,IAAI,CAACG,YAAY,EAAG;AAC1D,YAAA,OAAA;AACF,SAAA;AAEA,QAAA,IAAI,CAACC,IAAI,EAAA,CAAA;QAET,IAAI,CAACF,WAAW,GAAGF,UAAAA,CAAAA;;AAGnB,QAAA,IAAIK,aAAgB,GAAA,CAAA,CAAA;AACpB,QAAA,IAAKP,WAAWO,aAAgB,EAAA;YAC9BA,aAAgBP,GAAAA,QAAAA,CAAAA;AAClB,SAAA;QACA,IAAI,CAACK,YAAY,GAAGG,WAAa,CAAA,IAAA;YAC/B,IAAK,IAAI,CAACJ,WAAW,IAAI,IAAI,CAACD,GAAG,KAAK,IAAO,EAAA;AAC3C,gBAAA,IAAI,CAACG,IAAI,EAAA,CAAA;AACTL,gBAAAA,QAAAA,EAAAA,CAAAA;AACF,aAAA;AACF,SAAA,EAAGM,aAAgB,GAAA,IAAA,CAAA,CAAA;AACrB,KAAA;IAEAD,IAAO,GAAA;QACL,IAAK,IAAI,CAACD,YAAY,EAAG;YACvBI,aAAe,CAAA,IAAI,CAACJ,YAAY,CAAA,CAAA;YAChC,IAAI,CAACA,YAAY,GAAG,IAAA,CAAA;AACtB,SAAA;AACF,KAAA;AAnCAlE,IAAAA,WAAAA,CAAauE,uBAA0B,GAAA,IAAMC,IAAKR,CAAAA,GAAG,EAAE,CAAG;AAN1D,QAAAS,kBAAA,CAAA,IAAA,EAAQT,OAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAAS,kBAAA,CAAA,IAAA,EAAQP,gBAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAAO,kBAAA,CAAA,IAAA,EAAQR,eAAR,KAAA,CAAA,CAAA,CAAA;QAGE,IAAI,CAACD,GAAG,GAAGO,uBAAAA,CAAAA;AACb,KAAA;AAkCF;;ACxCO,SAASG,iBAAAA,GAAAA;AACd,IAAA,MAAMC,MAAS3D,GAAAA,MAAAA,CAAO4D,QAAQ,CAACC,aAAa,CAAE,QAAA,CAAA,CAAA;IAC9CF,MAAOG,CAAAA,KAAK,CAACC,KAAK,GAAG,GAAA,CAAA;IACrBJ,MAAOG,CAAAA,KAAK,CAACE,MAAM,GAAG,GAAA,CAAA;IACtBL,MAAOG,CAAAA,KAAK,CAACG,QAAQ,GAAG,UAAA,CAAA;IACxBN,MAAOG,CAAAA,KAAK,CAACI,UAAU,GAAG,QAAA,CAAA;IAC1BP,MAAOG,CAAAA,KAAK,CAACK,OAAO,GAAG,MAAA,CAAA;AAEvBR,IAAAA,MAAAA,CAAOS,KAAK,GAAG,qBAAA,CAAA;AACfT,IAAAA,MAAAA,CAAOU,UAAU,GAAG,MAAA,CAAA;IAEpB,OAAOV,MAAAA,CAAAA;AACT,CAAA;AAEO,SAASW,SAAAA,CACdC,GAAW,EACXC,OAAsB,EAAA;IAEtB,OAAO,IAAI3E,OAAc,CAAA,CAAEC,OAAS2E,EAAAA,MAAAA,GAAAA;AAClC,QAAA,IAAIC,eAAuB,GAAA,IAAA,CAAA;AAC3B,QAAA,MAAMf,MAASD,GAAAA,iBAAAA,EAAAA,CAAAA;AAEf,QAAA,MAAMiB,sBAAsBC,UAAY,CAAA,IAAA;AACtCH,YAAAA,MAAAA,CAAQ,IAAI/F,eAAiB,CAAA,WAAA,CAAA,CAAA,CAAA;AAC7BmG,YAAAA,YAAAA,EAAAA,CAAAA;AACF,SAAA,EAAG,CAAEL,OAAAA,CAAQM,OAAO,IAAI,EAAC,IAAM,IAAA,CAAA,CAAA;AAE/B,QAAA,MAAMC,qBAAsB,CAAE5D,CAAAA,GAAAA;AAC5B,YAAA,IAAKA,CAAE6D,CAAAA,MAAM,IAAIR,OAAAA,CAAQS,WAAW,EAAG,OAAA;YACvC,IAAK,CAAC9D,EAAE+D,IAAI,IAAI/D,EAAE+D,IAAI,CAACC,IAAI,KAAK,wBAA2B,EAAA,OAAA;YAC3D,MAAMC,WAAAA,GAAcjE,EAAEkE,MAAM,CAAA;AAC5B,YAAA,IAAKD,WAAc,EAAA;AACVA,gBAAAA,WAAAA,CAAcE,KAAK,EAAA,CAAA;AAC5B,aAAA;AAEA,YAAA,MAAMC,OAAOpE,CAAE+D,CAAAA,IAAI,CAACM,QAAQ,IAAIrE,EAAE+D,IAAI,CAAA;AACtCK,YAAAA,IAAAA,CAAK3G,KAAK,GACN6F,MAAAA,CAAQ,IAAI1F,mBAAqBwG,CAAAA,IAAAA,CAAK3G,KAAK,EAAE2G,IAAAA,CAAK1G,iBAAiB,EAAE0G,IAAAA,CAAKtG,KAAK,EAAEsG,IAAAA,CAAKrG,SAAS,CAC/FY,CAAAA,GAAAA,OAAAA,CAASqB,EAAE+D,IAAI,CAAA,CAAA;YACnBO,YAAcd,CAAAA,mBAAAA,CAAAA,CAAAA;AACdE,YAAAA,YAAAA,EAAAA,CAAAA;AACF,SAAA,CAAA;AAEA,QAAA,MAAMA,YAAe,GAAA,IAAA;AACnB,YAAA,IAAKH,mBAAmB,IAAM,EAAA;gBAC5Be,YAAcf,CAAAA,eAAAA,CAAAA,CAAAA;AAChB,aAAA;AACA,YAAA,IAAK1E,OAAO4D,QAAQ,CAAC8B,IAAI,CAACC,QAAQ,CAAEhC,MAAW,CAAA,EAAA;AAC7C3D,gBAAAA,MAAAA,CAAO4D,QAAQ,CAAC8B,IAAI,CAACE,WAAW,CAAEjC,MAAAA,CAAAA,CAAAA;AACpC,aAAA;YACA3D,MAAO6F,CAAAA,mBAAmB,CAAE,SAAA,EAAWd,kBAAoB,EAAA,KAAA,CAAA,CAAA;AAC7D,SAAA,CAAA;QAEA,MAAMe,aAAAA,GAAgB,IAAMlB,UAAY,CAAA,IAAA;gBACtCH,MAAQ,CAAA,IAAI/F,gBAAiB,0CAA4C6F,EAAAA,GAAAA,CAAAA,CAAAA,CAAAA;AACzEM,gBAAAA,YAAAA,EAAAA,CAAAA;aACC,EAAA,GAAA,CAAA,CAAA;QAIH7E,MAAO+F,CAAAA,gBAAgB,CAAE,SAAA,EAAWhB,kBAAoB,EAAA,KAAA,CAAA,CAAA;AACxD/E,QAAAA,MAAAA,CAAO4D,QAAQ,CAAC8B,IAAI,CAACM,WAAW,CAAErC,MAAAA,CAAAA,CAAAA;QAClCA,MAAOsC,CAAAA,YAAY,CAAE,KAAO1B,EAAAA,GAAAA,CAAAA,CAAAA;AAE5B;;;QAIAZ,MAAAA,CAAOuC,MAAM,GAAG,WAAA;YACdxB,eAAkBoB,GAAAA,aAAAA,EAAAA,CAAAA;AACpB,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AACF;;ACvEA,IAAA,eAAA,GAAwB,cAAa;AACrC;AACA,IAAI,MAAM,GAAG,GAAE;AAGf;AACA,IAAI,IAAI,GAAG,mEAAkE;AAC7E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,EAAE;AACjD,EAAE,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAC;AAErB,CAAC;AAmFD;AACA,SAAS,eAAe,EAAE,GAAG,EAAE;AAC/B,EAAE,OAAO,MAAM,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC;AACjC,IAAI,MAAM,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC;AAC5B,IAAI,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;AAC3B,IAAI,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC;AACtB,CAAC;AACD;AACA,SAAS,WAAW,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE;AACzC,EAAE,IAAI,IAAG;AACT,EAAE,IAAI,MAAM,GAAG,GAAE;AACjB,EAAE,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE;AACvC,IAAI,GAAG;AACP,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,QAAQ;AAClC,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC;AACpC,OAAO,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,EAAC;AAC3B,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAC;AACrC,GAAG;AACH,EAAE,OAAO,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;AACxB,CAAC;AACD;AACA,SAAS,aAAa,EAAE,KAAK,EAAE;AAC/B,EAAE,IAAI,IAAG;AACT,EAAE,IAAI,GAAG,GAAG,KAAK,CAAC,OAAM;AACxB,EAAE,IAAI,UAAU,GAAG,GAAG,GAAG,EAAC;AAC1B,EAAE,IAAI,KAAK,GAAG,GAAE;AAChB,EAAE,IAAI,cAAc,GAAG,MAAK;AAC5B;AACA;AACA,EAAE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,GAAG,GAAG,GAAG,UAAU,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,IAAI,cAAc,EAAE;AAC1E,IAAI,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,cAAc,IAAI,IAAI,GAAG,IAAI,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC,EAAC;AAChG,GAAG;AACH;AACA;AACA,EAAE,IAAI,UAAU,KAAK,CAAC,EAAE;AACxB,IAAI,GAAG,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,EAAC;AACxB,IAAI,KAAK,CAAC,IAAI;AACd,MAAM,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC;AACtB,MAAM,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC;AAC/B,MAAM,IAAI;AACV,MAAK;AACL,GAAG,MAAM,IAAI,UAAU,KAAK,CAAC,EAAE;AAC/B,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,EAAC;AAChD,IAAI,KAAK,CAAC,IAAI;AACd,MAAM,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC;AACvB,MAAM,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC;AAC/B,MAAM,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC;AAC/B,MAAM,GAAG;AACT,MAAK;AACL,GAAG;AACH;AACA,EAAE,OAAO,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;AACvB;;ACnJO,SAASK,cAAeC,MAAc,EAAA;IAC3C,IAAI;QACF,MAAM7B,GAAAA,GAAM,IAAI8B,GAAKD,CAAAA,MAAAA,CAAAA,CAAAA;AACrB,QAAA,IAAK,CAAC;AAAC,YAAA,OAAA;AAAS,YAAA,QAAA;AAAS,SAAA,CAACE,QAAQ,CAAE/B,GAAIgC,CAAAA,QAAQ,CAAI,EAAA;YAClD,OAAO,KAAA,CAAA;AACT,SAAA;AACA,QAAA,IAAKhC,IAAIiC,MAAM,KAAK,MAAMjC,GAAIkC,CAAAA,IAAI,KAAK,EAAI,EAAA;YACzC,OAAO,KAAA,CAAA;AACT,SAAA;QACA,OAAO,IAAA,CAAA;AACT,KAAA,CAAE,OAAQtF,CAAG,EAAA;QACX,OAAO,KAAA,CAAA;AACT,KAAA;AACF,CAAA;AACO,SAASuF,uBAAAA,CAAyBC,GAAyB,EACzBC,aAAa,IAAI,EAAA;IACxD,IAAK,CAACD,KAAM,OAAO,EAAA,CAAA;AACnB,IAAA,MAAME,MAAgB,EAAE,CAAA;IACxB,IAAM,MAAMC,KAAKH,GAAM,CAAA;AACrB,QAAA,IAAKA,IAAII,cAAc,CAAED,MAAOH,GAAG,CAACG,EAAE,EAAG;YACvCD,GAAI7F,CAAAA,IAAI,CAAE,CAAC,EACTgG,kBAAAA,CAAoBF,CACrB,CAAA,CAAA,CAAC,EACAE,kBAAAA,CAAoB,OAAOL,GAAG,CAACG,CAAAA,CAAE,KAAK,QAAW3G,GAAAA,IAAAA,CAAKI,SAAS,CAAEoG,GAAG,CAACG,CAAE,CAAA,CAAA,GAAKH,GAAG,CAACG,CAAE,CAAA,CAAA,CACnF,CAAC,CAAA,CAAA;AACJ,SAAA;AACF,KAAA;IACA,OAAO,CAAC,EAAGF,UAAAA,GAAa,GAAM,GAAA,EAAA,CAAI,EAAGC,GAAII,CAAAA,IAAI,CAAE,GAAA,CAAA,CAAO,CAAC,CAAA;AACzD,CAAA;AAEO,SAASC,cAAenH,KAAa,EAAA;AAC1C,IAAA,MAAMoH,SAAiC,EAAC,CAAA;AACxCpH,IAAAA,KAAAA,GAAQA,KAAMqH,CAAAA,IAAI,EAAGC,CAAAA,OAAO,CAAE,WAAa,EAAA,EAAA,CAAA,CAAA;IAC3C,MAAMC,MAAAA,GAASvH,KAAMwH,CAAAA,KAAK,CAAE,GAAA,CAAA,CAAA;IAC5B,IAAM,IAAI3G,IAAI,CAAGA,EAAAA,CAAAA,GAAI0G,OAAOxG,MAAM,EAAEF,KAAK,CAAI,CAAA;QAC3C,MAAM4G,aAAAA,GAAgBF,MAAM,CAAC1G,CAAE,CAAA,CAAA;QAC/B,MAAM6G,KAAAA,GAAQD,aAAcD,CAAAA,KAAK,CAAE,GAAA,CAAA,CAAA;QACnC,MAAM3H,GAAAA,GAAM8H,kBAAoBD,CAAAA,KAAAA,CAAME,KAAK,EAAA,CAAA,CAAA;QAC3C,MAAM5H,KAAAA,GAAQ0H,MAAM3G,MAAM,GAAG,IAAI2G,KAAMR,CAAAA,IAAI,CAAE,GAAQ,CAAA,GAAA,EAAA,CAAA;QACrDE,MAAM,CAACvH,GAAI,CAAA,GAAG8H,kBAAoB3H,CAAAA,KAAAA,CAAAA,CAAAA;AACpC,KAAA;IACA,OAAOoH,MAAAA,CAAAA;AACT,CAAA;AAEO,SAASS,QAASC,MAAkB,EAAA;IACzC,MAAMC,OAAAA,GAAUC,eAAe,CAAA,IAAIC,UAAYH,CAAAA,MAAAA,CAAAA,CAAAA,CAAAA;IAC/C,OAAOC,OAAAA,CAAQT,OAAO,CAAE,KAAO,EAAA,GAAA,CAAA,CAAMA,OAAO,CAAE,KAAO,EAAA,GAAA,CAAA,CAAMA,OAAO,CAAE,IAAM,EAAA,EAAA,CAAA,CAAA;AAC5E;;ACvCO,SAASY,QAASzD,OAAuB,EAAA;AAC9C,IAAA,IAAIkB,IAAY,GAAA,IAAA,CAAA;AAChB,IAAA,IAAIwC,OAAU1D,GAAAA,OAAAA,CAAQ0D,OAAO,IAAI,EAAC,CAAA;IAClC,IAAK1D,OAAAA,CAAQ2D,MAAM,KAAK,MAAQ,EAAA;QAC9BD,OAAU,GAAA;AACR,YAAA,cAAA,EAAgB1D,OAAQ4D,CAAAA,WAAW,KAAK,MAAA,GAAS,iDAC/C,GAAA,gCAAA;AACF,YAAA,GAAGF,OAAO;AACZ,SAAA,CAAA;AACF,KAAA;IACA,IAAK1D,OAAAA,CAAQkB,IAAI,EAAE;AACjBA,QAAAA,IAAAA,GAAOlB,OAAQ4D,CAAAA,WAAW,KAAK,MAAA,GAAS1B,uBAAyBlC,CAAAA,OAAAA,CAAQkB,IAAI,EAAE,KAC3EvF,CAAAA,GAAAA,IAAAA,CAAKI,SAAS,CAAEiE,QAAQkB,IAAI,CAAA,CAAA;AAClC,KAAA;IAEA,OAAO,IAAI7F,OAAS,CAAA,CAAEC,OAAS2E,EAAAA,MAAAA,GAAAA;QAC7B4D,KAAO7D,CAAAA,OAAAA,CAAQD,GAAG,EAAE;AAClB4D,YAAAA,MAAAA,EAAQ3D,QAAQ2D,MAAM;YACtBzC,IAAQA,EAAAA,IAAAA;AACRwC,YAAAA,OAAAA;SAECI,CAAAA,CAAAA,IAAI,CAAE,CAAEvI,KAAAA,GAAqBD,QAASC,KAAMwI,CAAAA,IAAI,EAChDC,CAAAA,CAAAA,CAAAA,KAAK,CAAE/D,MAAAA,CAAAA,CAAAA;AACZ,KAAA,CAAA,CAAA;AACF;;AC7BA,MAAMgE,OAAU,GAAA,gEAAA,CAAA;AAEhB,SAASC,eAAgBC,CAAS,EAAA;;AAEhC,IAAA,MAAMC,UAASC,IAAKD,CAAAA,MAAM,IAAIC,IAAKC,CAAAA,QAAQ,EAAEC,KAAQ,GAAA,KAAA,CAAA;IACrD,MAAMC,CAAAA,GAAI,IAAIhB,UAAYW,CAAAA,CAAAA,CAAAA,CAAAA;AAC1B,IAAA,IAAM,IAAI/H,CAAI,GAAA,CAAA,EAAGA,CAAI+H,GAAAA,CAAAA,EAAG/H,KAAKmI,KAAQ,CAAA;QACnCH,OAAOK,CAAAA,eAAe,CAAED,CAAAA,CAAEE,QAAQ,CAAEtI,CAAGA,EAAAA,CAAAA,GAAIuI,IAAKC,CAAAA,GAAG,CAAET,CAAAA,GAAI/H,CAAGmI,EAAAA,KAAAA,CAAAA,CAAAA,CAAAA,CAAAA;AAC9D,KAAA;IACA,OAAOC,CAAAA,CAAAA;AACT,CAAA;AAEO,SAASK,eAAgBvI,MAAc,EAAA;AAC5C,IAAA,IAAIwI,GAAM,GAAA,EAAA,CAAA;IACV,MAAMC,QAAAA,GAAWd,QAAQ3H,MAAM,CAAA;IAC/B,MAAM0I,OAAAA,GAAU,MAAM,GAAMD,GAAAA,QAAAA,CAAAA;AAC5B,IAAA,MAAQzI,SAAS,CAAI,CAAA;AACnB,QAAA,MAAM2I,MAAMf,cAAgBS,CAAAA,IAAAA,CAAKO,IAAI,CAAE5I,SAAS,GAAM0I,GAAAA,OAAAA,CAAAA,CAAAA,CAAAA;QACtD,IAAM,IAAI5I,IAAI,CAAGA,EAAAA,CAAAA,GAAI6I,IAAI3I,MAAM,IAAIA,MAAS,GAAA,CAAA,EAAGF,CAAM,EAAA,CAAA;YACnD,MAAM+I,UAAAA,GAAaF,GAAG,CAAC7I,CAAE,CAAA,CAAA;AACzB,YAAA,IAAK+I,aAAaH,OAAU,EAAA;gBAC1BF,GAAOb,IAAAA,OAAAA,CAAQmB,MAAM,CAAED,UAAaJ,GAAAA,QAAAA,CAAAA,CAAAA;AACpCzI,gBAAAA,MAAAA,EAAAA,CAAAA;AACF,aAAA;AACF,SAAA;AACF,KAAA;IACA,OAAOwI,GAAAA,CAAAA;AACT,CAAA;AAGO,SAASO,gBAAiBC,IAAY,EAAA;AAC3C,IAAA,IAAKA,KAAKhJ,MAAM,GAAG,MAAMgJ,IAAKhJ,CAAAA,MAAM,GAAG,GAAM,EAAA;QAC3C,OAAOjB,OAAAA,CAAQ4E,MAAM,CAAE,IAAI/F,eAAAA,CAAiB,CAAC,qBAAqB,EAAGoL,IAAAA,CAAKhJ,MAAM,CAAE,CAAC,CAAA,CAAA,CAAA;AACrF,KAAA;IAEA,OAAO,IAAIjB,OAAS,CAAA,CAAEC,OAAS2E,EAAAA,MAAAA,GAAAA;AAC7BmE,QAAAA,MAAAA,CAAOmB,MAAM,CAACC,MAAM,CAAE,SAAW,EAAA,IAAIC,WAAcC,EAAAA,CAAAA,MAAM,CAAEJ,IAAAA,CAAAA,CAAAA,CACxDxB,IAAI,CAAET,CAAAA,MAAAA,GAAAA;YACL,OAAO/H,OAAAA,CAAS8H,OAAS,CAAA,IAAII,UAAYH,CAAAA,MAAAA,CAAAA,CAAAA,CAAAA,CAAAA;AAC3C,SAAA,EAAG,SAAWjJ,KAAK,EAAA;uCAEjB,OAAO6F,MAAQ7F,CAAAA,KAAAA,CAAAA,CAAAA;AACjB,SAAA,CAAA,CAAA;AACJ,KAAA,CAAA,CAAA;AACF,CAAA;AACA;AACO,MAAMuL,eAAe,CAAEC,KAAAA,GAAmB1C,mBAC/C2C,IAAMD,CAAAA,KAAAA,CAAM/C,OAAO,CAAE,IAAA,EAAM,KAAMA,OAAO,CAAE,MAAM,GAC7CE,CAAAA,CAAAA,CAAAA,KAAK,CAAE,EACPlG,CAAAA,CAAAA,GAAG,CAAEiJ,CAAAA,CAAAA,GAAAA;AACJ,QAAA,OAAO,CAAC,CAAC,EAAG,CAAC,EAAE,EAAGA,EAAEC,UAAU,CAAE,GAAIC,QAAQ,CAAE,IAAM,CAAC,CAAC/H,KAAK,CAAE,CAAC,GAAK,CAAC,CAAA;KAErEwE,CAAAA,CAAAA,IAAI,CAAE,EACT,CAAA,CAAA,CAAA;AAIK,SAASwD,SAAUC,GAAW,EAAA;IACnC,IAAI;QACF,MAAMjD,KAAAA,GAAQiD,GAAInD,CAAAA,KAAK,CAAE,GAAA,CAAA,CAAA;QACzB,IAAKE,KAAAA,CAAM3G,MAAM,KAAK,CAAG,EAAA;AACvB,YAAA,MAAM,IAAInC,KAAO,CAAA,kBAAA,CAAA,CAAA;AACnB,SAAA;QACA,OAAO;AACLgM,YAAAA,MAAAA,EAASxK,KAAKC,KAAK,CAAE+J,YAAc1C,CAAAA,KAAK,CAAC,CAAE,CAAA,CAAA,CAAA;AAC3CmD,YAAAA,OAAAA,EAASzK,KAAKC,KAAK,CAAE+J,YAAc1C,CAAAA,KAAK,CAAC,CAAE,CAAA,CAAA,CAAA;AAC7C,SAAA,CAAA;AACF,KAAA,CAAE,OAAQtG,CAAG,EAAA;AACX,QAAA,MAAM,IAAI/B,eAAiB,CAAA,qBAAA,CAAA,CAAA;AAC7B,KAAA;AACF,CAAA;AAEO,SAASyL,eAAiBC,CAAAA,QAAgB,EAAEC,KAAa,EAAEvG,OAA+B,EAAA;AAC/F,IAAA,IAAK,CAACuG,KAAQ,EAAA;AACZ,QAAA,MAAM,IAAIrM,eAAiB,CAAA,mBAAA,CAAA,CAAA;AAC7B,KAAA;IAEA,IAAI;AACF,QAAA,MAAMgM,MAAMD,QAAUK,CAAAA,QAAAA,CAAAA,CAAAA;AAEtB,QAAA,IAAKC,KAAUL,KAAAA,GAAAA,CAAIE,OAAO,CAACG,KAAK,EAAG;YACjC,MAAM,IAAIpM,KAAO,CAAA,CAAC,2BAA2B,EAAG+L,IAAIE,OAAO,CAACG,KAAK,CAAE,CAAC,CAAA,CAAA;AACtE,SAAA;AAEAC,QAAAA,WAAAA,CAAaF,UAAUtG,OAAS,EAAA,IAAA,CAAA,CAAA;;AAGhC,QAAA,IAAK,CAACkG,GAAAA,CAAIE,OAAO,CAAC,MAAM,EAAG;AACzB,YAAA,MAAM,IAAIjM,KAAO,CAAA,sCAAA,CAAA,CAAA;AACnB,SAAA;AAEA,QAAA,OAAO+L,IAAIE,OAAO,CAAA;AACpB,KAAA,CAAE,OAAQzJ,CAAG,EAAA;QACX,MAAM,IAAI7B,mBAAqB6B,CAAAA,CAAAA,CAAE8J,OAAO,CAAA,CAAA;AAC1C,KAAA;AACF,CAAA;AAEO,SAASD,WAAaN,CAAAA,GAAW,EAAElG,OAA6B,EAAE0G,YAAY,KAAK,EAAA;;IAExF,IAAI,EAAEC,SAAS,EAAEC,mBAAmB,EAAEhF,MAAM,EAAEiF,QAAQ,EAAEC,SAAS,EAAE,GAAG9G,OAAAA,CAAAA;AACtE,IAAA,IAAK,CAAC2G,SAAW,EAAA;QACfA,SAAY,GAAA,CAAA,CAAA;AACd,KAAA;IACA,MAAMnI,GAAAA,GAAM,CAAEoI,mBAAAA,IAAuBA,yBAAyB5H,IAAKR,CAAAA,GAAG,EAAC,IAAM,IAAA,CAAA;IAE7E,MAAM4H,OAAAA,GAAUH,QAAUC,CAAAA,GAAAA,CAAAA,CAAME,OAAO,CAAA;IAEvC,IAAK,CAACA,OAAQW,CAAAA,GAAG,EAAG;AAClB,QAAA,MAAM,IAAInM,eAAiB,CAAA,+BAAA,CAAA,CAAA;AAC7B,KAAA;IACA,IAAKwL,OAAAA,CAAQW,GAAG,KAAKnF,MAAS,EAAA;QAC5B,MAAM,IAAIhH,gBAAiB,CAAC,+BAA+B,EAAGwL,OAAQW,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AAC9E,KAAA;IAEA,IAAK,CAACX,OAAQY,CAAAA,GAAG,EAAG;AAClB,QAAA,MAAM,IAAIpM,eAAiB,CAAA,iCAAA,CAAA,CAAA;AAC7B,KAAA;;;IAIA,IAAKqM,KAAAA,CAAMC,OAAO,CAAEd,OAAQY,CAAAA,GAAG,IAC7BZ,OAAQY,CAAAA,GAAG,CAACG,OAAO,CAAET,SAAAA,GAAYI,YAAYD,QAAYC,IAAAA,SAAAA,CAAAA,IAAe,CAAC,CAAA,GACzEV,OAAQY,CAAAA,GAAG,MAAON,SAAYI,GAAAA,SAAAA,GAAYD,QAAYC,IAAAA,SAAQ,CAC9D,EAAA;QACA,MAAM,IAAIlM,gBAAiB,CAAC,iCAAiC,EAAGwL,OAAQY,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AAChF,KAAA;AAEA,IAAA,IAAKZ,QAAQgB,GAAG,IAAIhB,OAAQgB,CAAAA,GAAG,KAAKN,SAAY,EAAA;QAC9C,MAAM,IAAIlM,gBAAiB,CAAC,yCAAyC,EAAGwL,OAAQgB,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AACxF,KAAA;AAEA,IAAA,MAAMC,QAAW1C,GAAAA,IAAAA,CAAKO,IAAI,CAAE1G,GAAMmI,GAAAA,SAAAA,CAAAA,CAAAA;AAClC,IAAA,MAAMW,QAAW3C,GAAAA,IAAAA,CAAK4C,KAAK,CAAE/I,GAAMmI,GAAAA,SAAAA,CAAAA,CAAAA;IAEnC,IAAK,CAACP,OAAQoB,CAAAA,GAAG,EAAG;AAClB,QAAA,MAAM,IAAI5M,eAAiB,CAAA,kCAAA,CAAA,CAAA;AAC7B,KAAA;AAEA,IAAA,IAAKyM,QAAWI,GAAAA,MAAAA,CAAQrB,OAAQoB,CAAAA,GAAG,CAAK,EAAA;QACtC,MAAM,IAAI5M,gBAAiB,CAAC,kCAAkC,EAAGwL,OAAQoB,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AACjF,KAAA;AAEA,IAAA,IAAKpB,QAAQsB,GAAG,IAAIL,WAAWI,MAAQrB,CAAAA,OAAAA,CAAQsB,GAAG,CAAK,EAAA;QACrD,MAAM,IAAI9M,gBAAiB,CAAC,wCAAwC,EAAGwL,OAAQsB,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AACvF,KAAA;IAEA,IAAK,CAACtB,OAAQuB,CAAAA,GAAG,EAAG;AAClB,QAAA,MAAM,IAAI/M,eAAiB,CAAA,wCAAA,CAAA,CAAA;AAC7B,KAAA;AACA,IAAA,IAAK6M,MAAQrB,CAAAA,OAAAA,CAAQuB,GAAG,CAAA,GAAKL,QAAW,EAAA;QACtC,MAAM,IAAI1M,gBAAiB,CAAC,sCAAsC,EAAGwL,OAAQuB,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AACrF,KAAA;IAEA,OAAOvB,OAAAA,CAAAA;AACT,CAAA;AAEA;AACO,MAAMwB,aAAgB,GAAA;AAC3B,IAAA,KAAA;;AAEA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,OAAA;AACA,IAAA,WAAA;AACA,IAAA,SAAA;AACA,IAAA,QAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,SAAA;AACA,IAAA,KAAA;AACA,IAAA,cAAA;AACA,IAAA,UAAA;AACA,IAAA,YAAA;AACA,IAAA,cAAA;AACA,IAAA,gBAAA;AACA,IAAA,MAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,QAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,QAAA;AACA,IAAA,QAAA;AACA,IAAA,KAAA;AACA,IAAA,OAAA;AACA,IAAA,WAAA;AACA,IAAA,SAAA;AACA,IAAA,OAAA;AACA,IAAA,YAAA;CACD;;ACtMD,MAAMC,sBAAyB,GAAA,IAAA,CAAA;AAExB,SAASC,0BAA2B9H,OAA8B,EAAA;IACvE,MAAM,EAAED,GAAG,EAAEzB,QAAQ,EAAEwI,SAAS,EAAEiB,aAAa,EAAE,GAAG/H,OAAAA,CAAAA;IACpD,IAAIgI,oBAAAA,CAAAA;IACJ,MAAMC,GAAAA,GAAMlI,IAAIoH,OAAO,CAAE,KAAKpH,GAAIoH,CAAAA,OAAO,CAAE,IAAS,CAAA,GAAA,CAAA,CAAA,CAAA;AACpD,IAAA,MAAMe,WAAcnI,GAAAA,GAAAA,CAAIoI,MAAM,CAAE,CAAGF,EAAAA,GAAAA,CAAAA,CAAAA;AAEnC,IAAA,MAAMG,KAAQlJ,GAAAA,iBAAAA,EAAAA,CAAAA;IAEd,IAAImJ,KAAAA,CAAAA;AAEJ,IAAA,MAAMC,IAAO,GAAA,IAAA;QACX,OAAO,IAAIjN,QAASC,CAAAA,OAAAA,GAAAA;AAClBE,YAAAA,MAAAA,CAAO4D,QAAQ,CAAC8B,IAAI,CAACM,WAAW,CAAE4G,KAAAA,CAAAA,CAAAA;YAClC5M,MAAO+F,CAAAA,gBAAgB,CAAE,SAAA,EAAWhB,kBAAoB,EAAA,KAAA,CAAA,CAAA;AACxD6H,YAAAA,KAAAA,CAAM1G,MAAM,GAAG,IAAA;gBACbpG,OAAS,CAAA,IAAA,CAAA,CAAA;AACX,aAAA,CAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA,CAAA;AAEA,IAAA,MAAM8C,QAAQ,CAAEmK,YAAAA,GAAAA;AACdD,QAAAA,IAAAA,EAAAA,CAAOxE,IAAI,CAAE,IAAA;YACX,IAAKyE,YAAAA,IAAgBP,yBAAyBO,YAAe,EAAA;AAC3D5J,gBAAAA,IAAAA,EAAAA,CAAAA;gBACAqJ,oBAAuBO,GAAAA,YAAAA,CAAAA;AACvB,gBAAA,MAAMC,IAAO,GAAA,IAAA;oBACXJ,KAAMK,CAAAA,aAAa,CAAEC,WAAW,CAAE,CAAC,EAAG5B,SAAAA,CAAW,CAAC,EAAGkB,oBAAsB,CAAA,CAAC,EAAEE,WAAAA,CAAAA,CAAAA;AAChF,iBAAA,CAAA;AACAM,gBAAAA,IAAAA,EAAAA,CAAAA;AACAH,gBAAAA,KAAAA,GAAQ7M,MAAOqD,CAAAA,WAAW,CAAE2J,IAAAA,EAAMT,aAAiBF,IAAAA,sBAAAA,CAAAA,CAAAA;AACrD,aAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA,CAAA;AAEA,IAAA,MAAMlJ,IAAO,GAAA,IAAA;QACXqJ,oBAAuB,GAAA,IAAA,CAAA;AACvB,QAAA,IAAKK,KAAQ,EAAA;AACX7M,YAAAA,MAAAA,CAAOsD,aAAa,CAAEuJ,KAAAA,CAAAA,CAAAA;YACtBA,KAAQ,GAAA,IAAA,CAAA;AACV,SAAA;AACF,KAAA,CAAA;AAEA,IAAA,MAAM9H,qBAAqB,CAAE5D,CAAAA,GAAAA;QAC3B,IAAKA,CAAAA,CAAE6D,MAAM,KAAK0H,WAAAA,IAAevL,EAAEkE,MAAM,KAAKuH,KAAMK,CAAAA,aAAa,EAAG;YAClE,IAAK9L,CAAAA,CAAE+D,IAAI,KAAK,OAAU,EAAA;AACxB/B,gBAAAA,IAAAA,EAAAA,CAAAA;AACAL,gBAAAA,QAAAA,CAAU3B,EAAE+D,IAAI,CAAA,CAAA;AAClB,aAAA,MAAO,IAAK/D,CAAAA,CAAE+D,IAAI,KAAK,SAAY,EAAA;AACjC/B,gBAAAA,IAAAA,EAAAA,CAAAA;AACAL,gBAAAA,QAAAA,EAAAA,CAAAA;AACF,aAAA;AACF,SAAA;AACF,KAAA,CAAA;IAEA8J,KAAM3G,CAAAA,YAAY,CAAE,KAAO1B,EAAAA,GAAAA,CAAAA,CAAAA;IAE3B,OAAO;AACLpB,QAAAA,IAAAA;AACAP,QAAAA,KAAAA;AACF,KAAA,CAAA;AACF;;AC9DA;;;IAIO,SAASuK,cAAAA,CAA+CC,MAAS,EAAA;AACtE,IAAA,IAAK,CAACA,MAAAA,IAAU,OAAOA,MAAAA,KAAW,QAAW,EAAA;QAC3C,OAAOA,MAAAA,CAAAA;AACT,KAAA;AACA,IAAA,OAAOjN,IAAKC,CAAAA,KAAK,CAAED,IAAAA,CAAKI,SAAS,CAAE6M,MAAAA,CAAAA,CAAAA,CAAAA;AACrC,CAAA;AAEA,SAASC,KAAAA,CAAOC,aAAkB,EAAEC,YAAiB,EAAA;IACnD,IAAM,MAAMC,KAAKD,YAAe,CAAA;AAC9B,QAAA,IAAKA,YAAY,CAACC,CAAE,CAAA,KAAKC,SAAY,EAAA;AACnC,YAAA,IAAK,OAAOF,YAAY,CAACC,CAAAA,CAAE,KAAK,QAAYD,IAAAA,YAAY,CAACC,CAAAA,CAAE,CAACxO,WAAW,CAACF,IAAI,KAAK,QAAW,EAAA;AAC1FwO,gBAAAA,aAAa,CAACE,CAAAA,CAAE,GAAGH,KAAAA,CAAOC,aAAa,CAACE,CAAE,CAAA,IAAI,EAAC,EAAGD,YAAY,CAACC,CAAE,CAAA,CAAA,CAAA;aAC5D,MAAA;AACLF,gBAAAA,aAAa,CAACE,CAAAA,CAAE,GAAGD,YAAY,CAACC,CAAE,CAAA,CAAA;AACpC,aAAA;AACF,SAAA;AACF,KAAA;IACA,OAAOF,aAAAA,CAAAA;AACT,CAAA;AAGO,SAASI,YAAc,CAAA,GAAGC,OAAc,EAAA;AAC7C,IAAA,OAAOA,OAAQC,CAAAA,MAAM,CAAE,CAAEN,aAAeC,EAAAA,YAAAA,GAAAA;QACtC,OAAOF,KAAAA,CAAOC,aAAiB,IAAA,EAAIC,EAAAA,YAAAA,CAAAA,CAAAA;AACrC,KAAA,EAAG,EAAC,CAAA,CAAA;AACN;;ACjCO,MAAMM,cAAiB,GAAA,CAAE1I,MAAc2I,aAC5CA,GAAAA,aAAAA,IAAiBA,cAAcvG,KAAK,CAAE,MAASwG,CAAAA,CAAAA,MAAM,CAAEC,CAAAA,EAAAA,GAAMA,OAAO7I,IAAOrE,CAAAA,CAAAA,MAAM,GAAG,CAAC,CAAA;AAEhF,MAAMmN,eAAAA,GAAkB,CAAEC,KAAAA,EAAeC,SAC9CA,MAAUA,IAAAA,MAAAA,CAAO5G,KAAK,CAAE,GAAMoE,CAAAA,CAAAA,OAAO,CAAEuC,KAAAA,CAAAA,GAAU,CAAC,CAAC;;ACDrD,MAAME,YAAY,CAAE7J,GAAAA,EAAaR,QAAQ,GAAG,EAAEC,SAAS,GAAG,GAAA;IACxD,MAAMqK,IAAAA,GAAOrO,MAAOsO,CAAAA,OAAO,GAAKtO,CAAAA,MAAOuO,CAAAA,UAAU,GAAGxK,KAAI,IAAM,CAAA,CAAA;IAC9D,MAAMyK,GAAAA,GAAMxO,MAAOyO,CAAAA,OAAO,GAAKzO,CAAAA,MAAO0O,CAAAA,WAAW,GAAG1K,MAAK,IAAM,CAAA,CAAA;AAE/D,IAAA,OAAOhE,OAAO2O,IAAI,CAChBpK,KACA,kBACA,EAAA,CAAC,KAAK,EAAG8J,IAAAA,CAAM,KAAK,EAAGG,GAAAA,CAAK,OAAO,EAAGzK,KAAAA,CAAO,QAAQ,EAAGC,MAAAA,CAAQ,kCAAkC,CAAC,CAAA,CAAA;AAEvG,CAAA,CAAA;AAEO,SAAS4K,QAAAA,CAAUrK,GAAW,EAAEC,OAAqB,EAAA;IAC1D,IAAIqK,KAAAA,GAAQrK,QAAQqK,KAAK,CAAA;AAEzB,IAAA,IAAKA,KAAQ,EAAA;QACXA,KAAMC,CAAAA,QAAQ,CAACC,IAAI,GAAGxK,GAAAA,CAAAA;KACjB,MAAA;AACLsK,QAAAA,KAAAA,GAAQT,SAAW7J,CAAAA,GAAAA,CAAAA,CAAAA;AACrB,KAAA;AAEA,IAAA,IAAK,CAACsK,KAAQ,EAAA;mCAEZ,MAAM,IAAIlQ,KAAO,CAAA,sBAAA,CAAA,CAAA;AACnB,KAAA;IAEA,IAAIqQ,SAAAA,CAAAA;IACJ,IAAIC,OAAAA,CAAAA;IAEJ,OAAO,IAAIpP,OAA2C,CAAA,CAAEC,OAAS2E,EAAAA,MAAAA,GAAAA;QAC/D,SAASyK,aAAAA,GAAAA;YACP5L,aAAe2L,CAAAA,OAAAA,CAAAA,CAAAA;YACfxJ,YAAcuJ,CAAAA,SAAAA,CAAAA,CAAAA;YACdhP,MAAO6F,CAAAA,mBAAmB,CAAE,SAAWsJ,EAAAA,eAAAA,CAAAA,CAAAA;AACzC,SAAA;AAEAH,QAAAA,SAAAA,GAAYpK,UAAY,CAAA,IAAA;AACtBsK,YAAAA,aAAAA,EAAAA,CAAAA;AACAzK,YAAAA,MAAAA,CAAQ,IAAI/F,eAAiB,CAAA,WAAA,CAAA,CAAA,CAAA;SAC5B8F,EAAAA,OAAAA,CAAQM,OAAO,IAAI,EAAK,GAAA,IAAA,CAAA,CAAA;AAE3BmK,QAAAA,OAAAA,GAAU5L,WAAa,CAAA,WAAA;YACrB,IAAKwL,KAAAA,CAAOO,MAAM,EAAG;AACnBF,gBAAAA,aAAAA,EAAAA,CAAAA;AACAzK,gBAAAA,MAAAA,CAAQ,IAAIlF,oBAAsB,CAAA,mBAAA,CAAA,CAAA,CAAA;AACpC,aAAA;SACC,EAAA,GAAA,CAAA,CAAA;QAEHS,MAAO+F,CAAAA,gBAAgB,CAAE,SAAWoJ,EAAAA,eAAAA,CAAAA,CAAAA;AAEpC,QAAA,SAASA,gBAAiBhO,CAAe,EAAA;YACvC,IAAK,CAACA,EAAE+D,IAAI,IAAI/D,EAAE+D,IAAI,CAACC,IAAI,KAAK,wBAA2B,EAAA,OAAA;AAC3D+J,YAAAA,aAAAA,EAAAA,CAAAA;AACAL,YAAAA,KAAAA,CAAOvJ,KAAK,EAAA,CAAA;AACZ,YAAA,MAAMJ,OAAO/D,CAAE+D,CAAAA,IAAI,CAACM,QAAQ,IAAIrE,EAAE+D,IAAI,CAAA;AACtCA,YAAAA,IAAAA,CAAKtG,KAAK,GAAG6F,MAAQ,CAAA,IAAI/F,eAAiBwG,CAAAA,IAAAA,CAAKtG,KAAK,EAAEsG,IAAKrG,CAAAA,iBAAiB,CACxEiB,CAAAA,GAAAA,OAAAA,CAASqB,EAAE+D,IAAI,CAAA,CAAA;AACrB,SAAA;AACF,KAAA,CAAA,CAAA;AACF;;AC7DA;;;;;;;AAOA,GAAA,SAAAzB,kBAAA,CAAA,GAAA,EAAA,GAAA,EAAA,KAAA,EAAA;;;;;;;;;;;;;AAEA,MAAM4L,YAAe,GAAA,CAAC,EAAGC,WAAAA,CAAYtM,GAAG,EAAA,CAAI,CAAC,EAAGmG,IAAKoG,CAAAA,MAAM,EAAK,GAAA,UAAA,GAAa,EAAG,CAAC,CAAA;AACjF,MAAMC,WAAgC,EAAC,CAAA;AAEhC,MAAMC,QAAAA,CAAAA;;;;AAUXC,IAAAA,QAAAA,CAAUC,QAAgB,EAAE7N,EAAc,EAAEgD,OAAAA,GAAU,IAAI,EAAQ;QAChE,IAAK,CAAC6K,UAAW,MAAM,gBAAA,CAAA;QAEvB,IAAK,CAAC3P,MAAOC,CAAAA,YAAY,EAAG;AAC1B6B,YAAAA,EAAAA,EAAAA,CAAAA;AACA,YAAA,OAAA;AACF,SAAA;AAEA,QAAA,MAAM8N,eAAkB,GAAA,IAAI,CAACC,SAAS,GAAGF,QAAAA,CAAAA;QAEzC1P,YAAaK,CAAAA,OAAO,CAAEsP,eAAiBP,EAAAA,YAAAA,CAAAA,CAAAA;;QAEvCzK,UAAY,CAAA,IAAA;AACV,YAAA,IAAK3E,YAAaC,CAAAA,OAAO,CAAE0P,eAAAA,CAAAA,IAAqBP,YAC9CvN,EAAAA,EAAAA,EAAAA,CAAAA;SACD,EAAA,GAAA,CAAA,CAAA;;QAGH8C,UAAY,CAAA,WAAA;AAAc3E,YAAAA,YAAAA,CAAaQ,UAAU,CAAEmP,eAAAA,CAAAA,CAAAA;SAAsB9K,EAAAA,OAAAA,CAAAA,CAAAA;AAC3E,KAAA;IAEAgL,yBAA2BC,CAAAA,SAAiB,EAAEC,SAAc,EAAQ;;QAElE,IAAI;YAAER,QAAQ,CAACO,UAAU,CAAEC,SAAAA,CAAAA,CAAAA;SAC3B,CAAA,OAAQC,GAAI,EAAE;AAEd,QAAA,IAAK,CAACjQ,MAAAA,CAAOC,YAAY,EAAG;AAE5B,QAAA,MAAMiF,IAAO,GAAA;YACXA,IAAW8K,EAAAA,SAAAA;YACXE,SAAW,EAAA,IAAI1M,OAAO2M,OAAO,EAAA;AAC/B,SAAA,CAAA;;AAGAlQ,QAAAA,YAAAA,CAAaK,OAAO,CAAE,CAAC,EAAG,IAAI,CAACuP,SAAS,CAAE,KAAK,EAAGE,SAAW,CAAA,CAAC,EAAE5P,IAAAA,CAAKI,SAAS,CAAE2E,IAAAA,CAAAA,CAAAA,CAAAA;;QAGhFN,UAAY,CAAA,IAAA;YAAQ3E,YAAaQ,CAAAA,UAAU,CAAE,CAAC,EAAG,IAAI,CAACoP,SAAS,CAAE,KAAK,EAAGE,SAAAA,CAAW,CAAC,CAAA,CAAA;SAAO,EAAA,IAAA,CAAA,CAAA;AAC9F,KAAA;IAEAK,kBAAoBL,CAAAA,SAAiB,EAAEjO,EAAyB,EAAQ;QACtE0N,QAAQ,CAACO,UAAU,GAAGjO,EAAAA,CAAAA;AACtB,QAAA,IAAK,CAAC9B,MAAAA,CAAOC,YAAY,EAAG;;QAG5BD,MAAO+F,CAAAA,gBAAgB,CAAE,SAAA,EAAW,CAAEsK,EAAAA,GAAAA;AACpC,YAAA,IAAKA,EAAGzQ,CAAAA,GAAG,IAAI,CAAC,EAAG,IAAI,CAACiQ,SAAS,CAAE,KAAK,EAAGE,SAAAA,CAAW,CAAC,EAAG;AAC1D,YAAA,IAAK,CAACM,EAAAA,CAAGC,QAAQ,EAAG;AACpB,YAAA,MAAMC,WAAcpQ,GAAAA,IAAAA,CAAKC,KAAK,CAAEiQ,GAAGC,QAAQ,CAAA,CAAA;AAC3CxO,YAAAA,EAAAA,CAAIyO,YAAYrL,IAAI,CAAA,CAAA;AACtB,SAAA,CAAA,CAAA;AACF,KAAA;AA1DAlG,IAAAA,WAAAA,CAAawR,GAAW,CAAG;AAF3BX,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,aAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAGE,IAAI,CAACA,SAAS,GAAGW,GAAAA,CAAAA;AACnB,KAAA;AAyDF;;;;;;;;;;;;;;;AC9BA;;;;;IAMO,MAAMC,UAAmB9O,SAAAA,YAAAA,CAAAA;AAyE9B;;;;;;AAMC,MACD,MAAM+O,UAAAA,CAAYC,UAAa,GAAA,IAAI,EAAgC;QACjE,IAAK,IAAI,CAACC,WAAW,EAAE;AACrB,YAAA,OAAO,IAAI,CAAA;AACb,SAAA;QAEA,IAAK,IAAI,CAACC,mBAAmB,EAAE;YAC7B,OAAO,IAAI,CAACA,mBAAmB,CAAA;SAC1B,MAAA;AACL,YAAA,IAAI,CAACA,mBAAmB,GAAG,IAAIhR,OAAAA,CAAS,OAAQC,OAAS2E,EAAAA,MAAAA,GAAAA;gBACvD,IAAI;AACF,oBAAA,IAAK,IAAI,CAACqM,UAAU,CAACC,IAAI,EAAE;AACzB,wBAAA,MAAM,IAAI,CAACD,UAAU,CAACC,IAAI,EAAA,CAAA;AAC5B,qBAAA;AACA,oBAAA,IAAK,IAAI,CAACC,SAAS,CAACD,IAAI,EAAE;AACxB,wBAAA,MAAM,IAAI,CAACC,SAAS,CAACD,IAAI,EAAA,CAAA;AAC3B,qBAAA;AAEA,oBAAA,IAAK,CAAC,IAAI,CAACvM,OAAO,CAACyM,SAAS,IAAIC,MAAOC,CAAAA,IAAI,CAAE,IAAI,CAAC3M,OAAO,CAACyM,SAAS,CAAGnQ,CAAAA,MAAM,KAAK,CAAG,EAAA;wBAClF,MAAM,IAAI,CAACsQ,eAAe,EAAA,CAAA;AAC5B,qBAAA;oBACA,IAAI,CAACR,WAAW,GAAG,IAAA,CAAA;oBAEnB,IAAI;AACF,wBAAA,IAAKD,UAAY,EAAA;AACT3Q,4BAAAA,IAAAA,OAAAA,CAAAA;AAAN,4BAAA,IAAK,GAACA,OAAAA,GAAAA,MAAAA,MAAAA,IAAAA,IAAAA,OAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,OAAAA,CAAQqR,YAAY,CAAE,EAAA;gCAC1B,MAAM,IAAI,CAACC,WAAW,EAAA,CAAA;AACxB,6BAAA;AACF,yBAAA;AACF,qBAAA,CAAE,OAAQnQ,CAAI,EAAA;AACZ,wBAAA,IAAI,CAACmB,IAAI,CAAElE,MAAAA,CAAOI,kBAAkB,EAAE2C,CAAAA,CAAAA,CAAAA;AACtC,wBAAA,MAAM,IAAI,CAAC6P,SAAS,CAACtQ,KAAK,EAAA,CAAA;AAC5B,qBAAA;AACAZ,oBAAAA,OAAAA,CAAS,IAAI,CAAA,CAAA;AACf,iBAAA,CAAE,OAAQqB,CAAI,EAAA;AACZ,oBAAA,IAAKA,aAAazC,eAAiB,EAAA;wBACjC+F,MAAQtD,CAAAA,CAAAA,CAAAA,CAAAA;qBACH,MAAA;wBACLsD,MAAQ,CAAA,IAAI/F,eAAiByC,CAAAA,CAAAA,CAAE8J,OAAO,CAAA,CAAA,CAAA;AACxC,qBAAA;iBACQ,QAAA;oBACR,IAAI,CAAC4F,mBAAmB,GAAGpD,SAAAA,CAAAA;AAC7B,iBAAA;AACF,aAAA,CAAA,CAAA;AACF,SAAA;QAEA,OAAO,IAAI,CAACoD,mBAAmB,CAAA;AACjC,KAAA;AAEA;;;;;;;MAQA,MAAMU,MAAO/M,OAAuC,GAAA,EAAE,EAAEgN,UAAAA,GAAkC,EAAE,EAAE;QAC5FxR,MAAO8O,CAAAA,QAAQ,CAAC2C,MAAM,CAAE,MAAM,IAAI,CAACC,iBAAiB,CAAElN,OAASgN,EAAAA,UAAAA,CAAAA,CAAAA,CAAAA;AACjE,KAAA;AAEA;;;;;;;;;;MAWA,MAAMG,eAAgBnN,OAAuC,GAAA,EAAE,EAAEoN,YAAAA,GAA6B,EAAE,EAAE;AAChG,QAAA,MAAMrN,GAAM,GAAA,MAAM,IAAI,CAACmN,iBAAiB,CAAE;YACxCG,aAAe,EAAA,UAAA;AACf,YAAA,GAAGrN,OAAO;YACVL,OAAe,EAAA,OAAA;YACf2N,YAAe,EAAA,GAAA;AACjB,SAAA,CAAA,CAAA;QACA,MAAM,EAAEtM,QAAQ,EAAEvG,KAAK,EAAE,GAAG,MAAM2P,SAAUrK,GAAKqN,EAAAA,YAAAA,CAAAA,CAAAA;AACjD,QAAA,MAAM,EAAEG,UAAU,EAAEP,UAAU,EAAE,GAAG,CAACvS,KAAS,IAAA,OAAOA,UAAU,QAC5D,GAAA,MAAM,IAAI,CAAC+S,SAAS,CAAE/S,KAASuG,IAAAA,QAAAA,CAASvG,KAAK,CAC3CA,GAAAA,KAAAA,CAAAA;AACJ,QAAA,MAAMgT,cAAc,MAAM,IAAI,CAACC,kBAAkB,CAAE1M,UAAUuM,UAAYP,EAAAA,UAAAA,CAAAA,CAAAA;AACzE,QAAA,MAAMW,UAAa,GAAA,MAAM,IAAI,CAACC,iBAAiB,CAC7CH,WACAF,EAAAA,UAAAA,EACArE,YAAc,CAAA,IAAI,CAAClJ,OAAO,EAAEuN,UAAAA,CAAAA,CAAAA,CAAAA;QAE9BI,UAAWE,CAAAA,aAAa,GAAE7M,QAAAA,CAAS6M,aAAa,CAAA;AAChD,QAAA,IAAI,CAACC,YAAY,CAACxC,yBAAyB,CAAE1R,MAAAA,CAAOE,UAAU,EAAE6T,UAAAA,CAAAA,CAAAA;QAChE,OAAOX,UAAAA,CAAAA;AACT,KAAA;AAEA;;;;;;AAMC,MACD,MAAMe,aAAehO,CAAAA,GAAAA,GAAAA,CAAAA,IAAAA;YAAavE,gBAAAA,EAAAA,OAAAA,CAAAA;gBAAAA,OAAAA,GAAAA,MAAAA,MAAAA,IAAAA,IAAAA,+BAAAA,gBAAAA,GAAAA,OAAAA,CAAQ8O,QAAQ,MAAhB9O,IAAAA,IAAAA,gBAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,iBAAkB+O,IAAI,CAAA;QAAA,EAAE;AACxD,QAAA,IAAK,CAACxK,GAAK,EAAA;AACT,YAAA,OAAO1E,OAAQ4E,CAAAA,MAAM,CAAE,IAAI/F,eAAiB,CAAA,6CAAA,CAAA,CAAA,CAAA;AAC9C,SAAA;QACA,IAAI8T,SAAAA,CAAAA;QACJ,IAAI;AACFA,YAAAA,SAAAA,GAAY,IAAInM,GAAK9B,CAAAA,GAAAA,CAAAA,CAAAA;AACvB,SAAA,CAAE,OAAQpD,CAAG,EAAA;YACX,OAAOtB,OAAAA,CAAQ4E,MAAM,CAAE,IAAI/F,eAAAA,CAAiB,CAAC,8BAA8B,EAAG6F,GAAK,CAAA,CAAC,CAAC,CAAA,CAAA,CAAA;AACvF,SAAA;AAEA,QAAA,MAAMkO,iBAAiBvL,aAAesL,CAAAA,SAAAA,CAAUhM,MAAM,IAAIgM,UAAU/L,IAAI,CAAA,CAAA;AACxE,QAAA,MAAMiM,iBAAiB,MAAM,IAAI,CAACV,SAAS,CAAES,eAAexT,KAAK,CAAA,CAAA;AACjE,QAAA,MAAM,EAAE8S,UAAU,EAAEP,UAAU,EAAEM,YAAY,EAAE,GAAGY,cAAAA,CAAAA;AACjDnO,QAAAA,GAAAA,GAAMA,GAAOvE,IAAAA,MAAAA,CAAO8O,QAAQ,CAACC,IAAI,CAAA;QACjC,OAAS+C,YAAAA;YACP,KAAK,GAAA;AACE9R,gBAAAA,IAAAA,OAAAA,CAAAA;AAAL,gBAAA,IAAA,CAAKA,OAAAA,GAAAA,MAAAA,MAAAA,IAAAA,IAAAA,OAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,OAAAA,CAAQqR,YAAY,EAAG;AAC1B,oBAAA,IAAK9M,GAAM,EAAA;wBACTvE,MAAO2S,CAAAA,MAAM,CAACzF,WAAW,CAAE;4BACzB/H,IAAU,EAAA,wBAAA;4BACVK,QAAUiN,EAAAA,cAAAA;4BACVxT,KAAUyT,EAAAA,cAAAA;yBACT,EAAA,CAAC,EAAG5D,QAAAA,CAASvI,QAAQ,CAAE,EAAE,EAAGuI,QAAAA,CAAS8D,IAAI,CAAE,CAAC,CAAA,CAAA;AACjD,qBAAA;AACF,iBAAA;AACA,gBAAA,OAAA;YACF,KAAK,GAAA;gBACH,IAAK5S,MAAAA,CAAO6S,MAAM,IAAItO,GAAK,EAAA;oBACzBvE,MAAO6S,CAAAA,MAAM,CAAC3F,WAAW,CAAE;wBACzB/H,IAAU,EAAA,wBAAA;wBACVK,QAAUiN,EAAAA,cAAAA;wBACVxT,KAAUyT,EAAAA,cAAAA;qBACT,EAAA,CAAC,EAAG5D,QAAAA,CAASvI,QAAQ,CAAE,EAAE,EAAGuI,QAAAA,CAAS8D,IAAI,CAAE,CAAC,CAAA,CAAA;AACjD,iBAAA;AACA,gBAAA,OAAA;AACF,YAAA;gBACE,IAAKH,cAAAA,CAAe7T,KAAK,EAAE;oBACzB,OAAOiB,OAAAA,CAAQ4E,MAAM,CAAE,IAAI1F,oBAAqB0T,cAAe7T,CAAAA,KAAK,EAAE6T,cAAAA,CAAe5T,iBAAiB,CAAA,CAAA,CAAA;AACxG,iBAAA;AACA,gBAAA,MAAMoT,cAAc,MAAM,IAAI,CAACC,kBAAkB,CAAEO,gBAAgBV,UAAYP,EAAAA,UAAAA,CAAAA,CAAAA;AAC/E,gBAAA,MAAMW,UAAa,GAAA,MAAM,IAAI,CAACC,iBAAiB,CAC7CH,WACAF,EAAAA,UAAAA,EACArE,YAAc,CAAA,IAAI,CAAClJ,OAAO,EAAEuN,UAAAA,CAAAA,CAAAA,CAAAA;gBAE9BI,UAAWE,CAAAA,aAAa,GAAEI,cAAAA,CAAeJ,aAAa,CAAA;AACtD,gBAAA,IAAI,CAACC,YAAY,CAACxC,yBAAyB,CAAE1R,MAAAA,CAAOE,UAAU,EAAE6T,UAAAA,CAAAA,CAAAA;gBAChE,OAAOX,UAAAA,CAAAA;AACX,SAAA;AACF,KAAA;AAEA;;;;AAIC,MACD,MAAMsB,MAAAA,CAAQtO,OAAgC,GAAA,EAAE,EAAE;QAChD,IAAK,CAACA,OAAQuO,CAAAA,SAAS,EAAG;AAEuBC,YAAAA,IAAAA,WAAAA,CAAAA;AAD/C,YAAA,MAAMA,aAAa,MAAM,IAAI,CAAChC,SAAS,CAACrR,GAAG,CAAE,MAAA,CAAA,CAAA;YAC7C,MAAMsT,aAAAA,GAAgBzO,QAAQyO,aAAa,KAAA,CAAID,cAAAA,UAAAA,MAAAA,IAAAA,IAAAA,WAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,YAAYE,YAAY,CAAA,CAAA;YACvElT,MAAO8O,CAAAA,QAAQ,CAAC2C,MAAM,CAAE,MAAM,IAAI,CAAC0B,mBAAmB,CAAE;AACtD,gBAAA,GAAG3O,OAAO;AACVyO,gBAAAA,aAAAA;AACF,aAAA,CAAA,CAAA,CAAA;AACF,SAAA;AACA,QAAA,MAAM,IAAI,CAACjC,SAAS,CAACtQ,KAAK,EAAA,CAAA;AAC5B,KAAA;AAEA;;;;;MAMA,MAAM0S,WAAaC,CAAAA,KAAa,EAAElO,IAAAA,GAAkB,cAAc,EAAEX,OAAAA,GAAyB,EAAE,EAAE;QAC/F,IAAK,CAAC,IAAI,CAACA,OAAO,CAACyM,SAAS,CAAEqC,mBAAmB,EAAE;AACjD,YAAA,OAAOzT,OAAQ4E,CAAAA,MAAM,CAAE,IAAI/F,eAAiB,CAAA,sCAAA,CAAA,CAAA,CAAA;AAC9C,SAAA;AACA,QAAA,MAAM6U,YAAe,GAAA;AACnBjI,YAAAA,SAAAA,EAAiB9G,QAAQ8G,SAAS,IAAI,IAAI,CAAC9G,OAAO,CAAC8G,SAAS;AAC5DkI,YAAAA,aAAAA,EAAiBhP,QAAQgP,aAAa,IAAI,IAAI,CAAChP,OAAO,CAACgP,aAAa;YACpEC,eAAiBtO,EAAAA,IAAAA;YACjBkO,KAAiBA,EAAAA,KAAAA;AACnB,SAAA,CAAA;QAEA,OAAO,IAAI,CAACK,IAAI,CAAE;YAChBvL,MAAa,EAAA,MAAA;YACbC,WAAa,EAAA,MAAA;AACb7D,YAAAA,GAAAA,EAAa,IAAI,CAACC,OAAO,CAACyM,SAAS,CAAEqC,mBAAmB;YACxD5N,IAAa6N,EAAAA,YAAAA;AACf,SAAA,CAAA,CAAA;AACF,KAAA;AAEA;;;;;;;;;MAUA,MAAMjC,YAAa9M,OAA8B,GAAA,EAAE,EAAEgN,UAAAA,GAAkC,EAAE,EAAE;AAiBpDwB,QAAAA,IAAAA,WAAAA,CAAAA;QAhBrC,MAAM,IAAI,CAACtC,UAAU,CAAE,KAAA,CAAA,CAAA;QACvB,IAAIuB,WAAAA,CAAAA;AACJ,QAAA,IAAI0B,aAAkB,EAAC,CAAA;QAEvB,MAAMX,UAAAA,GAAa,MAAM,IAAI,CAAChC,SAAS,CAACrR,GAAG,CAAE,MAAA,CAAA,IAAY,EAAC,CAAA;AAE1D,QAAA,MAAM4T,eAAe7F,YAAc,CAAA;YACjCmE,aAAe,EAAA,OAAA;YACf1N,OAAe,EAAA,MAAA;YACfyP,MAAe,EAAA,MAAA;SACd,EAAA,IAAI,CAACpP,OAAO,EAAEA,OAAAA,CAAAA,CAAAA;QAEjB,IAAK+O,YAAAA,CAAaM,mBAAmB,EAAE;YACrCN,YAAaO,CAAAA,YAAY,GAAGP,YAAAA,CAAaM,mBAAmB,CAAA;AAC9D,SAAA;QAEA,IAAK,IAAI,CAACrP,OAAO,CAACuP,eAAe,KAAIf,CAAAA,WAAAA,GAAAA,UAAAA,MAAAA,IAAAA,IAAAA,WAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,WAAYgB,CAAAA,aAAa,CAAE,EAAA;AACxBhB,YAAAA,IAAAA,YAAAA,CAAAA;AAAtCW,YAAAA,UAAAA,CAAW5B,UAAU,GAAGrE,YAAcsF,CAAAA,CAAAA,CAAAA,eAAAA,UAAAA,MAAAA,IAAAA,IAAAA,YAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,YAAYjB,CAAAA,UAAU,KAAI,EAAC,EAAG4B,UAAW5B,CAAAA,UAAU,IAAI,EAAC,CAAA,CAAA;AAC9FE,YAAAA,WAAAA,GAAc,MAAM,IAAI,CAACgC,oBAAoB,CAAE;AAC7C,gBAAA,GAAGV,YAAY;AACfS,gBAAAA,aAAAA,EAAehB,WAAWgB,aAAa;AACzC,aAAA,CAAA,CAAA;SACK,MAAA;AACL,YAAA,MAAME,OAAU,GAAA,MAAM,IAAI,CAACxC,iBAAiB,CAAE;AAC5C,gBAAA,GAAG6B,YAAY;gBACfzB,YAAc,EAAA,GAAA;aACbN,EAAAA,UAAAA,CAAAA,CAAAA;YAEH,MAAM,EAAEhM,QAAQ,EAAEvG,KAAK,EAAE,GAAG,MAAMqF,UAAW4P,OAAS,EAAA;AACpDpP,gBAAAA,OAAAA,EAAayO,aAAaY,oBAAoB;gBAC9ClP,WAAajF,EAAAA,MAAAA,CAAO8O,QAAQ,CAAC9J,MAAM;AACrC,aAAA,CAAA,CAAA;AACAiN,YAAAA,WAAAA,GAAc,MAAM,IAAI,CAACC,kBAAkB,CAAE1M,UAAU+N,YAAc/B,EAAAA,UAAAA,CAAAA,CAAAA;YACrEwB,UAAWX,CAAAA,aAAa,GAAG7M,QAAAA,CAAS6M,aAAa,CAAA;YACjDsB,UAAa1U,GAAAA,KAAAA,CAAAA;AACf,SAAA;QAEA,MAAMkT,UAAAA,GAAa,MAAM,IAAI,CAACC,iBAAiB,CAAEH,WAAAA,EAAa0B,UAAW5B,CAAAA,UAAU,EAAEwB,YAAAA,CAAAA,CAAAA;QACrFpB,UAAWE,CAAAA,aAAa,GAAGW,UAAAA,CAAWX,aAAa,CAAA;AACnD,QAAA,IAAI,CAACC,YAAY,CAACxC,yBAAyB,CAAE1R,MAAAA,CAAOE,UAAU,EAAE6T,UAAAA,CAAAA,CAAAA;AAChE,QAAA,OAAOwB,WAAWnC,UAAU,CAAA;AAC9B,KAAA;AAEA;;AAEC,MACD,MAAM4C,cAAgB,GAAA;AACX,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAACpD,SAAS,CAACrR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsC0U,YAAY,CAAA;AAC7D,KAAA;AAGA;;AAEC,MACD,MAAMC,eAAiB,GAAA;AACZ,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAACtD,SAAS,CAACrR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCqU,aAAa,CAAA;AAC9D,KAAA;AAEA;;AAEC,MACD,MAAMO,UAAY,GAAA;AACP,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAACvD,SAAS,CAACrR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCmL,QAAQ,CAAA;AACzD,KAAA;AAEA;;AAEC,MACD,MAAM0J,YAAc,GAAA;AACT,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAACxD,SAAS,CAACrR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsC8U,UAAU,CAAA;AAC3D,KAAA;AAEA;;AAEC,MACD,MAAMC,aAAe,GAAA;AACV,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAAC1D,SAAS,CAACrR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCuT,YAAY,CAAA;AAC7D,KAAA;AAGA;;AAEC,MACD,MAAMyB,SAAW,GAAA;YACR,MAAE,EAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,QAAA,MAAM,IAAI,CAAC3D,SAAS,CAACrR,GAAG,CAAE,MAAA,CAAA,MAAA,IAAA,IAA1B,KAAF,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,CAAA,MAAA,GAAA,KAAwCuO,CAAAA,KAAK,cAA7C,MAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,MAAA,CAA+C3G,KAAK,CAAE,GAAA,CAAA,CAAA;AAC/D,KAAA;AAGA;;AAEC,MACD,MAAMqN,OAAS,GAAA;AACJ,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAAC5D,SAAS,CAACrR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCkV,IAAI,CAAA;AACrD,KAAA;AAEA;;;;;AAKC,MACD,MAAMC,UAAAA,CAAY/B,SAAY,GAAA,KAAK,EAAE;AACnC,QAAA,MAAMgC,gBAAgB,CAAC,CAAC,MAAM,IAAI,CAACH,OAAO,EAAA,CAAA;QAC1C,IAAK,CAACG,aAAiB,IAAA,CAAChC,SAAW,EAAA;YACjC,IAAI;gBACF,MAAM,IAAI,CAACzB,WAAW,EAAA,CAAA;gBACtB,OAAO,IAAA,CAAA;AACT,aAAA,CAAE,OAAQnQ,CAAG,EAAA;gBACX,OAAO,KAAA,CAAA;AACT,aAAA;AACF,SAAA;QACA,OAAO4T,aAAAA,CAAAA;AACT,KAAA;AAEA;;;;;;MAOA,MAAcrD,kBAAmBlN,OAAuC,GAAA,EAAE,EACxEgN,UAAAA,GAAkC,EAAE,EAAmB;AACjD,QAAA,IAAA,uBAAA,CAAA;QAAN,IAAK,EAAA,CAAC,uBAAA,GAAA,IAAI,CAAChN,OAAO,CAACyM,SAAS,MAAtB,IAAA,IAAA,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAwB+D,CAAAA,sBAAsB,CAAE,EAAA;YACpD,MAAM,IAAI,CAACtE,UAAU,CAAE,KAAA,CAAA,CAAA;AACzB,SAAA;;QAEA,MAAM6C,YAAAA,GAAerC,OAAOO,MAAM,CAAE,EAAI,EAAA,IAAI,CAACjN,OAAO,EAAEA,OAAAA,CAAAA,CAAAA;QACtDgN,UAAWyD,CAAAA,aAAa,GAAG5L,cAAgB,CAAA,EAAA,CAAA,CAAA;AAE3C,QAAA,MAAM0I,UAAa,GAAA;AACjBzG,YAAAA,SAAAA,EAAoBiI,aAAajI,SAAS;YAC1CrM,KAAoBoK,EAAAA,cAAAA,CAAgBkK,aAAa2B,WAAW,CAAA;AAC5DhH,YAAAA,KAAAA,EAAoBqF,aAAarF,KAAK;AACtC7C,YAAAA,QAAAA,EAAoBkI,aAAalI,QAAQ;AACzCyI,YAAAA,YAAAA,EAAoBP,aAAaO,YAAY;AAC7CjC,YAAAA,aAAAA,EAAoB0B,aAAa1B,aAAa;YAC9C/D,aAAoByF,EAAAA,YAAAA,CAAazF,aAAa,IAAI,MAAA;AAClDqH,YAAAA,UAAAA,EAAoB5B,aAAa4B,UAAU;AAC3CvB,YAAAA,MAAAA,EAAoBL,aAAaK,MAAM;AACvCzP,YAAAA,OAAAA,EAAoBoP,aAAapP,OAAO;AACxCiR,YAAAA,MAAAA,EAAoB7B,aAAa6B,MAAM;AACvCC,YAAAA,cAAAA,EAAoB9B,aAAa8B,cAAc;AAC/CC,YAAAA,UAAAA,EAAoB/B,aAAa+B,UAAU;AAC3CC,YAAAA,YAAAA,EAAoBhC,aAAagC,YAAY;AAC7CC,YAAAA,UAAAA,EAAoBjC,aAAaiC,UAAU;AAC3CvC,YAAAA,aAAAA,EAAoBM,aAAaN,aAAa;AAC9CwC,YAAAA,eAAAA,EAAoBlC,aAAakC,eAAe;AAChDC,YAAAA,kBAAAA,EAAoBnC,aAAamC,kBAAkB;AACnD,YAAA,GAAGnC,YAAaoC,CAAAA,WAAW,IAAIpC,YAAAA,CAAaoC,WAAW;AACzD,SAAA,CAAA;QAEA,IAAK9H,cAAAA,CAAgB,YAAYkE,UAAWjE,CAAAA,aAAa,KACvDG,eAAiB,CAAA,QAAA,EAAU8D,UAAW7D,CAAAA,KAAK,CAAI,EAAA;AAC/C6D,YAAAA,UAAAA,CAAWhH,KAAK,GAAG1B,cAAgBkK,CAAAA,YAAAA,CAAaqC,WAAW,CAAA,CAAA;AAC7D,SAAA;AAEA,QAAA,IAAK/H,cAAgB,CAAA,MAAA,EAAQkE,UAAWjE,CAAAA,aAAa,CAAI,EAAA;AACvDiE,YAAAA,UAAAA,CAAW8D,cAAc,GAAE,MAAMhM,eAAAA,CAAiB2H,WAAWyD,aAAa,CAAA,CAAA;AAC1ElD,YAAAA,UAAAA,CAAW+D,qBAAqB,GAAEvC,YAAauC,CAAAA,qBAAqB,IAAI,MAAA,CAAA;AAC1E,SAAA;AAEA,QAAA,MAAM9S,GAAM,GAAA,IAAI,CAACwB,OAAO,CAAC4G,mBAAmB,IAAI,IAAI,CAAC5G,OAAO,CAAC4G,mBAAmB,EAAA,IAAM5H,KAAKR,GAAG,EAAA,CAAA;QAC9F,MAAM+S,QAAAA,GAAWxC,YAAawC,CAAAA,QAAQ,GAAG,CAAC,CAAC,EAAGxC,YAAawC,CAAAA,QAAQ,CAAE,CAAC,GAAG,EAAA,CAAA;AACzE,QAAA,MAAMC,mBAAmBtP,uBAAyBqL,CAAAA,UAAAA,CAAAA,CAAAA;AAClD,QAAA,MAAMxN,GAAM,GAAA,CAAC,EAAG,IAAI,CAACC,OAAO,CAACyM,SAAS,CAAE+D,sBAAsB,CAAE,EAAGgB,gBAAkB,CAAA,EAAGD,SAAU,CAAC,CAAA;;AAGnG,QAAA,IAAI,CAACjF,UAAU,CAACpQ,KAAK,CAAEsC,GAAM,GAAA,QAAA,CAAA,CAAA;QAG7B,MAAM,IAAI,CAAC8N,UAAU,CAACzQ,GAAG,CAAE0R,UAAAA,CAAW9S,KAAK,EAAGkO,cAAgB,CAAA;YAC5DjM,UAAc8B,EAAAA,GAAAA;AACd+O,YAAAA,UAAAA;AACAP,YAAAA,UAAAA;AACAM,YAAAA,YAAAA,EAAcyB,aAAazB,YAAY;AACzC,SAAA,CAAA,CAAA,CAAA;QACA,OAAOvN,GAAAA,CAAAA;AACT,KAAA;AAEA;;;;;AAKC,MACD,MAAc4O,mBAAAA,CAAqB3O,OAAgC,GAAA,EAAE,EAAE;AAC/D,QAAA,IAAA,uBAAA,CAAA;QAAN,IAAK,EAAA,CAAC,uBAAA,GAAA,IAAI,CAACA,OAAO,CAACyM,SAAS,MAAtB,IAAA,IAAA,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAwBgF,CAAAA,oBAAoB,CAAE,EAAA;YAClD,MAAM,IAAI,CAAC7E,eAAe,EAAA,CAAA;AAC5B,SAAA;AACA,QAAA,MAAMmC,YAAe7F,GAAAA,YAAAA,CAAc,IAAI,CAAClJ,OAAO,EAAEA,OAAAA,CAAAA,CAAAA;AACjD,QAAA,MAAM0R,YAAe,GAAA;AACnBjD,YAAAA,aAAAA,EAA0BM,aAAaN,aAAa;AACpDkD,YAAAA,wBAAAA,EAA0B5C,aAAa4C,wBAAwB;AAC/D,YAAA,GAAG5C,YAAa6C,CAAAA,iBAAiB,IAAI,EAAE;AACzC,SAAA,CAAA;AACA,QAAA,OAAO,CAAC,EAAG,IAAI,CAAC5R,OAAO,CAACyM,SAAS,CAAEgF,oBAAoB,CAAE,EAAGvP,uBAAAA,CAAyBwP,cAAgB,CAAC,CAAA;AACxG,KAAA;AAEA;;;;MAKA,MAAcG,yBAA2B7R,CAAAA,OAA2B,EAAE;AAC9D,QAAA,IAAA,uBAAA,CAAA;QAAN,IAAK,EAAA,CAAC,uBAAA,GAAA,IAAI,CAACA,OAAO,CAACyM,SAAS,MAAtB,IAAA,IAAA,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAwBqF,CAAAA,cAAc,CAAE,EAAA;YAC5C,MAAM,IAAI,CAAClF,eAAe,EAAA,CAAA;AAC5B,SAAA;AACA,QAAA,MAAMmC,YAAe7F,GAAAA,YAAAA,CAAc,IAAI,CAAClJ,OAAO,EAAEA,OAAAA,CAAAA,CAAAA;AACjD,QAAA,MAAM,EAAE+R,iBAAiB,EAAEC,gBAAgB,EAAE,GAAGC,MAAM,GAAGlD,YAAAA,CAAAA;AACzD,QAAA,MAAMmD,aAAgB,GAAA;AACpB,YAAA,GAAGD,IAAI;YACP,GAAGD,gBAAAA,IAAoB,EAAE;YACzBG,UAAY,EAAA,oBAAA;AACd,SAAA,CAAA;AAEA,QAAA,KAAM,MAAMC,GAAO,IAAA;AAAC,YAAA,MAAA;AAAQ,YAAA,cAAA;AAAgB,YAAA,eAAA;AAAiB,YAAA,WAAA;SAAY,CAAW;AAClF,YAAA,IAAK,CAACF,aAAa,CAACE,GAAAA,CAAI,EAAE;gBACxB,OAAO/W,OAAAA,CAAQ4E,MAAM,CAAE,IAAI9F,KAAAA,CAAO,CAAC,CAAC,EAAGiY,GAAK,CAAA,aAAa,CAAC,CAAA,CAAA,CAAA;AAC5D,aAAA;AACF,SAAA;QAEA,OAAO,IAAI,CAAClD,IAAI,CAAE;YAChBnP,GAAa,EAAA,CAAC,EAAG,IAAI,CAACC,OAAO,CAACyM,SAAS,CAAEqF,cAAc,CAAE,CAAC;YAC1DnO,MAAa,EAAA,MAAA;YACbC,WAAa,EAAA,MAAA;YACb1C,IAAagR,EAAAA,aAAAA;YACbxO,OAAaqO,EAAAA,iBAAAA;AACf,SAAA,CAAA,CAAA;AACF,KAAA;AAEA;;;;MAKA,MAActC,oBAAsBzP,CAAAA,OAAoC,EAAG;AACnE,QAAA,IAAA,uBAAA,CAAA;QAAN,IAAK,EAAA,CAAC,uBAAA,GAAA,IAAI,CAACA,OAAO,CAACyM,SAAS,MAAtB,IAAA,IAAA,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAwBqF,CAAAA,cAAc,CAAE,EAAA;YAC5C,MAAM,IAAI,CAAClF,eAAe,EAAA,CAAA;AAC5B,SAAA;AACA,QAAA,MAAM,EAAEmF,iBAAiB,EAAEC,gBAAgB,EAAE,GAAGC,MAAM,GAAGjS,OAAAA,CAAAA;AACzD,QAAA,MAAMkS,aAAgB,GAAA;YACpBC,UAAe,EAAA,eAAA;AACfrL,YAAAA,SAAAA,EAAe,IAAI,CAAC9G,OAAO,CAAC8G,SAAS;AACrCkI,YAAAA,aAAAA,EAAe,IAAI,CAAChP,OAAO,CAACgP,aAAa;AACzC,YAAA,GAAGiD,IAAI;YACP,GAAGD,gBAAAA,IAAoB,EAAE;AAC3B,SAAA,CAAA;AAEA,QAAA,KAAM,MAAMI,GAAO,IAAA;AAAC,YAAA,eAAA;AAAiB,YAAA,WAAA;SAAY,CAAW;AAC1D,YAAA,IAAK,CAACF,aAAa,CAACE,GAAAA,CAAI,EAAE;gBACxB,OAAO/W,OAAAA,CAAQ4E,MAAM,CAAE,IAAI9F,KAAAA,CAAO,CAAC,CAAC,EAAGiY,GAAK,CAAA,aAAa,CAAC,CAAA,CAAA,CAAA;AAC5D,aAAA;AACF,SAAA;QAEA,OAAO,IAAI,CAAClD,IAAI,CAAE;YAChBnP,GAAa,EAAA,CAAC,EAAG,IAAI,CAACC,OAAO,CAACyM,SAAS,CAAEqF,cAAc,CAAE,CAAC;YAC1DnO,MAAa,EAAA,MAAA;YACbC,WAAa,EAAA,MAAA;YACb1C,IAAagR,EAAAA,aAAAA;YACbxO,OAAaqO,EAAAA,iBAAAA;AACf,SAAA,CAAA,CAAA;AACF,KAAA;AAEA;;AAEC,MACD,MAAcnF,eAA+C,GAAA;QAC3D,IAAI;YACF,MAAMyF,UAAAA,GAAa,CAAC,EAAG,IAAI,CAACrS,OAAO,CAAC4B,MAAM,CAAE,iCAAiC,CAAC,CAAA;AAC9E,YAAA,MAAMZ,QAAW,GAAA,MAAM,IAAI,CAACkO,IAAI,CAAE;gBAChCnP,GAAasS,EAAAA,UAAAA;gBACb1O,MAAa,EAAA,KAAA;gBACbC,WAAa,EAAA,MAAA;AACf,aAAA,CAAA,CAAA;YACA,IAAI,CAAC0O,eAAe,GAAGtR,QAAAA,CAAAA;AACvB,YAAA,MAAMyL,YAAY,EAAC,CAAA;YACnB,KAAM,MAAM8F,QAAQ7F,MAAOC,CAAAA,IAAI,CAAE,IAAI,CAAC2F,eAAe,CAAK,CAAA;AACxD,gBAAA,IAAKC,IAAKC,CAAAA,QAAQ,CAAE,WAAA,CAAA,IAAiBD,KAAKpL,OAAO,CAAE,UAAe,CAAA,GAAA,CAAC,KAAKoL,IAAKpL,CAAAA,OAAO,CAAE,MAAA,CAAA,GAAW,CAAC,CAAI,EAAA;AACpGsF,oBAAAA,SAAS,CAAC8F,IAAqC,CAAA,GAAG,IAAI,CAACD,eAAe,CAACC,IAAK,CAAA,CAAA;AAC9E,iBAAA;AACF,aAAA;AACA,YAAA,IAAI,CAACvS,OAAO,CAACyM,SAAS,GAAGA,SAAAA,CAAAA;YACzB,OAAO,IAAI,CAAC6F,eAAe,CAAA;AAC7B,SAAA,CAAE,OAAQ3V,CAAI,EAAA;AACZ,YAAA,MAAM,IAAIzC,eAAAA,CAAiB,yBAA2ByC,EAAAA,CAAAA,CAAE8J,OAAO,CAAA,CAAA;AACjE,SAAA;AACF,KAAA;AAEA;;;;;;MAOA,MAAciH,mBACZ1M,QAAa,EACb+N,YAAgC,EAChC/B,UAAAA,GAAkC,EAAE,EACrC;QACC,IAAKhM,QAAAA,CAASsE,IAAI,EAAE;YAClB,OAAO,IAAI,CAACuM,yBAAyB,CAAE;AACrCvC,gBAAAA,YAAAA,EAAeP,aAAaO,YAAY;AACxCxI,gBAAAA,SAAAA,EAAeiI,aAAajI,SAAS;AACrC2J,gBAAAA,aAAAA,EAAezD,WAAWyD,aAAa;gBACvC0B,UAAe,EAAA,oBAAA;AACf7M,gBAAAA,IAAAA,EAAetE,SAASsE,IAAI;AAC9B,aAAA,CAAA,CAAA;SACK,MAAA;YACL,OAAOtE,QAAAA,CAAAA;AACT,SAAA;AACF,KAAA;AAEA;;;;;;AAMC,MACD,MAAc4M,iBAAmBH,CAAAA,WAA0B,EAAEF,UAA8B,EACzFwB,YAAoC,EAAE;QACtC,MAAM,IAAI,CAAC7C,UAAU,CAAE,KAAA,CAAA,CAAA;AACvB,QAAA,IAAImE,OAAY,EAAC,CAAA;QACjB,IAAK5C,WAAAA,CAAYrT,KAAK,EAAE;AACtB,YAAA,MAAM,IAAIG,mBAAqBkT,CAAAA,WAAAA,CAAYrT,KAAK,EAAEqT,YAAYpT,iBAAiB,CAAA,CAAA;AACjF,SAAA;QACA,IAAIoY,aAAAA,CAAAA;QACJ,IAAKhF,WAAAA,CAAYnH,QAAQ,EAAE;AACzBmM,YAAAA,aAAAA,GAAgB,MAAMpM,eAAiBoH,CAAAA,WAAAA,CAAYnH,QAAQ,EAAEiH,UAAAA,CAAWhH,KAAK,EAAGwI,YAAAA,CAAAA,CAAAA;YAChF,IAAKA,YAAAA,CAAa2D,gBAAgB,IAAI,CAAC,MAAM3D,aAAa2D,gBAAgB,CAAEjF,WAAYnH,CAAAA,QAAQ,CAAI,EAAA;AAClG,gBAAA,OAAOjL,OAAQ4E,CAAAA,MAAM,CAAE,IAAInF,mBAAqB,CAAA,4BAAA,CAAA,CAAA,CAAA;AAClD,aAAA;AACA4R,YAAAA,MAAAA,CAAOC,IAAI,CAAE8F,aAAgB3V,CAAAA,CAAAA,OAAO,CAAE1B,CAAAA,GAAAA,GAAAA;AACpC,gBAAA,IAAK,CAACwM,aAAAA,CAAc9F,QAAQ,CAAE1G,GAAc,CAAA,EAAA;AAC1CiV,oBAAAA,IAAI,CAACjV,GAAAA,CAAI,GAAGqX,aAAa,CAACrX,GAAI,CAAA,CAAA;AAChC,iBAAA;AACF,aAAA,CAAA,CAAA;AACF,SAAA;QAEA,IAAKqS,WAAAA,CAAYoC,YAAY,EAAG;AACO,YAAA,IAAA,uBAAA,CAAA;AAArC,YAAA,IAAKd,YAAa4D,CAAAA,eAAe,KAAI,CAAA,uBAAA,GAAA,IAAI,CAAC3S,OAAO,CAACyM,SAAS,MAAA,IAAA,IAAtB,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAA,CAAwBmG,iBAAiB,CAAG,EAAA;AAC/E,gBAAA,MAAMC,iBAAiB,MAAM,IAAI,CAACC,aAAa,CAAErF,YAAYoC,YAAY,CAAA,CAAA;gBACzE,IAAK,CAACgD,cAAezY,CAAAA,KAAK,EAAE;oBAC1BiW,IAAO,GAAA;AAAE,wBAAA,GAAGA,IAAI;AAAE,wBAAA,GAAGwC,cAAc;AAAC,qBAAA,CAAA;AACtC,iBAAA;AACF,aAAA;AACF,SAAA;QAEA,OAAO;AACLtF,YAAAA,UAAAA;AACA8C,YAAAA,IAAAA;AACA,YAAA,GAAG5C,WAAW;YACdnH,QAAcmM,EAAAA,aAAAA;AACd/D,YAAAA,YAAAA,EAAcjB,YAAYnH,QAAQ;AAClCoD,YAAAA,KAAAA,EAAc+D,WAAY/D,CAAAA,KAAK,IAAI6D,UAAAA,CAAW7D,KAAK;AACrD,SAAA,CAAA;AACF,KAAA;AAEA;;;;;MAMA,MAAc8D,SAAW/S,CAAAA,KAAa,EAAE;AACtC,QAAA,MAAMyT,iBAAiB,MAAM,IAAI,CAAC5B,UAAU,CAACnR,GAAG,CAAEV,KAAAA,CAAAA,CAAAA;AAClD,QAAA,IAAK,CAACyT,cAAgB,EAAA;AACpB,YAAA,OAAO7S,OAAQ4E,CAAAA,MAAM,CAAE,IAAItF,cAAe,uBAAyBF,EAAAA,KAAAA,CAAAA,CAAAA,CAAAA;SAC9D,MAAA;AACL,YAAA,MAAM,IAAI,CAAC6R,UAAU,CAACtQ,GAAG,CAAEvB,KAAAA,CAAAA,CAAAA;AAC7B,SAAA;QACA,OAAOyT,cAAAA,CAAAA;AACT,KAAA;AAEA;;;;;MAMA,MAAc4E,aAAeC,CAAAA,WAAmB,EAAE;QAChD,OAAO,IAAI,CAAC7D,IAAI,CAAE;YAChBvL,MAAa,EAAA,KAAA;YACb5D,GAAa,EAAA,CAAC,EAAG,IAAI,CAACC,OAAO,CAACyM,SAAS,CAAEmG,iBAAiB,CAAE,CAAC;YAC7DhP,WAAa,EAAA,MAAA;YACbF,OAAa,EAAA;AACX,gBAAA,eAAA,EAAiB,CAAC,OAAO,EAAGqP,WAAAA,CAAa,CAAC;AAC5C,aAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;AAEA;;;;;;AAMC,MACD,cAAwB,CAAA,EAAEC,GAAG,EAAEnF,aAAa,EAAyB,EAAE;AAG/DpB,QAAAA,IAAAA,UAAAA,CAAAA;QAFN,MAAM,EAAE3F,SAAS,EAAE2F,SAAS,EAAE,GAAG,IAAI,CAACzM,OAAO,CAAA;AAE7C,QAAA,IAAK,GAACyM,UAAAA,GAAAA,SAAAA,MAAAA,IAAAA,IAAAA,UAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,UAAAA,CAAWwG,oBAAoB,CAAE,EAAA;AACrCC,YAAAA,OAAAA,CAAQC,IAAI,CAAE,4FAAA,CAAA,CAAA;AACd,YAAA,OAAA;AACF,SAAA;AACA,QAAA,IAAK,CAAC,IAAI,CAACC,mBAAmB,EAAE;AAC9B,YAAA,MAAMC,uBAAuB,OAAQC,GAAAA,GAAAA;AACnC,gBAAA,IAAKA,GAAK,EAAA;AACR,oBAAA,IAAI,CAACxV,IAAI,CAAElE,MAAAA,CAAOC,WAAW,CAAA,CAAA;iBACxB,MAAA;AACL,oBAAA,IAAI,CAACiE,IAAI,CAAElE,MAAAA,CAAOK,cAAc,CAAA,CAAA;oBAChC,IAAI;AACF,wBAAA,MAAM,IAAI,CAAC6S,WAAW,CAAE,IAAI,EAAC,CAAA,CAAA;AAC7B,wBAAA,MAAM0B,aAAa,MAAM,IAAI,CAAChC,SAAS,CAACrR,GAAG,CAAE,MAAA,CAAA,CAAA;AAC7C,wBAAA,IAAKqT,UAAY,EAAA;AACVA,4BAAAA,IAAAA,gBAAAA,CAAAA;AAAL,4BAAA,IAAKA,CAAAA,CAAAA,gBAAAA,GAAAA,UAAW6B,CAAAA,IAAI,MAAf7B,IAAAA,IAAAA,gBAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,gBAAiBwE,CAAAA,GAAG,MAAKA,GAAAA,IAAOxE,UAAWX,CAAAA,aAAa,EAAE;AAC7D,gCAAA,IAAI,CAACuF,mBAAmB,CAAEhV,KAAK,CAAEoQ,WAAWX,aAAa,CAAA,CAAA;AAC3D,6BAAA;yBACK,MAAA;AACL,4BAAA,IAAI,CAAC/P,IAAI,CAAElE,MAAAA,CAAOC,WAAW,EAAE,IAAA,CAAA,CAAA;AACjC,yBAAA;AACF,qBAAA,CAAE,OAAQ8C,CAAI,EAAA;AACZ,wBAAA,IAAI,CAACmB,IAAI,CAAElE,MAAAA,CAAOC,WAAW,CAAA,CAAA;AAC7B,wBAAA,OAAA;AACF,qBAAA;AACF,iBAAA;AACF,aAAA,CAAA;YAEA,IAAI,CAACuZ,mBAAmB,GAAGtL,yBAA2B,CAAA;AACpD/H,gBAAAA,GAAAA,EAAe0M,UAAUwG,oBAAoB;gBAC7CnM,SAAeA,EAAAA,SAAAA;gBACfxI,QAAe+U,EAAAA,oBAAAA;AACftL,gBAAAA,aAAAA,EAAe,IAAI,CAAC/H,OAAO,CAACuT,oBAAoB;AAClD,aAAA,CAAA,CAAA;AACF,SAAA;AAEA,QAAA,IAAI,CAACH,mBAAmB,CAAChV,KAAK,CAAEyP,aAAAA,CAAAA,CAAAA;AAClC,KAAA;IAEA,MAAc2F,WAAAA,CAAaC,OAAY,EAAE;YAKzB/J,MAORlO,EAAAA,OAAAA,CAAAA;AAXN,QAAA,MAAM,EAAEyU,UAAU,EAAEI,IAAI,EAAE3G,KAAK,EAAEmG,YAAY,EAAEvJ,QAAQ,EAAEkJ,aAAa,EAAE3B,aAAa,EAAEa,YAAY,EAAE,GAAG+E,OAAAA,CAAAA;AACxG,QAAA,MAAM,IAAI,CAACjH,SAAS,CAAC3Q,GAAG,CAAE,MAAQ4X,EAAAA,OAAAA,CAAAA,CAAAA;QAElC,IAAI,CAACpD,IAAI,GAAGA,IAAAA,CAAAA;QACZ,IAAI,CAAC1G,MAAM,GAAGD,CAAAA,MAAAA,GAAAA,mBAAAA,MAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,MAAAA,CAAO3G,KAAK,CAAE,GAAA,CAAA,CAAA;QAC5B,IAAI,CAACgQ,WAAW,GAAGlD,YAAAA,CAAAA;QACnB,IAAI,CAAC6D,OAAO,GAAGpN,QAAAA,CAAAA;QACf,IAAI,CAACqN,UAAU,GAAGjF,YAAAA,CAAAA;QAClB,IAAI,CAACkF,YAAY,GAAGpE,aAAAA,CAAAA;AAEpB,QAAA,IAAI,CAAC1R,IAAI,CAAElE,MAAAA,CAAOE,UAAU,EAAE2Z,OAAAA,CAAAA,CAAAA;AAC9B,QAAA,IAAK,GAACjY,OAAAA,GAAAA,MAAAA,MAAAA,IAAAA,IAAAA,OAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,OAAAA,CAAQqR,YAAY,CAAG,EAAA;AAC3B,YAAA,IAAK,IAAI,CAAC7M,OAAO,CAAC6T,YAAY,EAAG;gBAC/B,IAAI,CAACC,cAAc,CAAE;AAAEd,oBAAAA,GAAAA,EAAK3C,IAAK2C,CAAAA,GAAG,IAAI3C,IAAAA,CAAK0D,EAAE;AAAElG,oBAAAA,aAAAA;AAAc,iBAAA,CAAA,CAAA;AACjE,aAAA;AAEA,YAAA,IAAKoC,eAAehH,SAAa,IAAA,IAAI,CAACjJ,OAAO,CAACgU,eAAe,EAAE;AAC7D,gBAAA,MAAMzV,aAAakJ,MAAQwI,CAAAA,UAAAA,CAAAA,GAAe,IAAI,CAACjQ,OAAO,CAACiU,oCAAoC,CAAA;AAC3F,gBAAA,IAAK1V,cAAc,CAAG,EAAA;AACpB,oBAAA,IAAI,CAAC2V,uBAAuB,CAAE9V,KAAK,CAAEG,UAAY,EAAA,UAAA;AAC/C,wBAAA,IAAI,CAACuP,YAAY,CAAC5C,QAAQ,CAAE,cAAgB,EAAA,UAAA;4BAC1C,IAAI;gCACF,MAAM,IAAI,CAAC4B,WAAW,EAAA,CAAA;AACtB,gCAAA,IAAI,CAAChP,IAAI,CAAElE,MAAAA,CAAOG,oBAAoB,EAAE,IAAA,CAAA,CAAA;AAC1C,6BAAA,CAAE,OAAQ4C,CAAI,EAAA;AACZ,gCAAA,IAAI,CAACmB,IAAI,CAAElE,MAAAA,CAAOI,kBAAkB,EAAE2C,CAAAA,CAAAA,CAAAA;AACxC,6BAAA;AACF,yBAAA,CAAA,CAAA;AACF,qBAAA,CAAA,CAAA;AACF,iBAAA;AACF,aAAA;AACF,SAAA;AACF,KAAA;AAttBAnC,IAAAA,WAAAA,CAAawF,OAA+B,CAAG;QAC7C,KAAK,EAAA,CAAA;AAjCPA,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,WAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAqQ,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,QAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEA1G,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,UAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAoJ,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,eAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAa,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,gBAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAF,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,WAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAC,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,cAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEArB,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,mBAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAiBpD,QAAjB,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQpB,gBAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQxB,cAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQE,aAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQ4G,uBAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQc,2BAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQ9H,eAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQC,uBAAR,KAAA,CAAA,CAAA,CAAA;AAIE,QAAA,IAAK,CAAC1K,aAAAA,CAAe3B,OAAQ4B,CAAAA,MAAM,CAAI,EAAA;AACrC,YAAA,MAAM,IAAI1H,eAAiB,CAAA,+BAAA,CAAA,CAAA;AAC7B,SAAA;AAEA,QAAA,IAAI,CAAC4T,YAAY,GAAG,IAAI7C,QAAUkJ,CAAAA,IAAAA,CAAMnU,QAAQ4B,MAAM,CAAA,CAAA,CAAA;QAEtD,IAAI,CAAC5B,OAAO,GAAGkJ,YAAc,CAAA;YAC3B+K,oCAAsC,EAAA,EAAA;YACtCD,eAAsC,EAAA,IAAA;YACtCH,YAAsC,EAAA,IAAA;YACtCnD,WAAsC,EAAA,EAAA;YACtCU,WAAsC,EAAA,EAAA;AACxC,SAAA,EAAGpR,OAAS,EAAA;;AAEV4B,YAAAA,MAAAA,EAAQ5B,OAAQ4B,CAAAA,MAAM,CAAC4Q,QAAQ,CAAE,GAAQxS,CAAAA,GAAAA,OAAAA,CAAQ4B,MAAM,CAAC3D,KAAK,CAAE,CAAA,EAAG,CAAC,CAAA,CAAA,GAAM+B,QAAQ4B,MAAM;AACzF,SAAA,CAAA,CAAA;QAEA,IAAI,CAACsN,IAAI,GAAG,IAAI,CAAClP,OAAO,CAACoU,UAAU,IAAI3Q,OAAAA,CAAAA;QACvC,IAAI,CAAC6I,UAAU,GAAG,IAAI,CAACtM,OAAO,CAACsM,UAAU,IAAI,IAAIpR,sBAAqC,CAAA,gBAAA,CAAA,CAAA;QACtF,IAAI,CAACsR,SAAS,GAAG,IAAI,CAACxM,OAAO,CAACwM,SAAS,IAAI,IAAI5P,kBAAAA,EAAAA,CAAAA;AAG/C,QAAA,IAAK,IAAI,CAACoD,OAAO,CAACgU,eAAe,EAAE;YACjC,IAAI,CAACE,uBAAuB,GAAG,IAAI/V,KAAAA,EAAAA,CAAAA;AACrC,SAAA;AAEA,QAAA,IAAI,CAACZ,EAAE,CAAE3D,MAAAA,CAAOC,WAAW,EAAE,UAAA;YAC3B,IAAI,CAACwW,IAAI,GAAGpH,SAAAA,CAAAA;YACZ,IAAI,CAACU,MAAM,GAAGV,SAAAA,CAAAA;YACd,IAAI,CAAC8J,WAAW,GAAG9J,SAAAA,CAAAA;YACnB,IAAI,CAACyK,OAAO,GAAGzK,SAAAA,CAAAA;YACf,IAAI,CAAC2K,YAAY,GAAG3K,SAAAA,CAAAA;AACpB,YAAA,MAAM,IAAI,CAACuD,SAAS,CAACtQ,KAAK,EAAA,CAAA;AAC5B,SAAA,CAAA,CAAA;AAEA,QAAA,IAAI,CAAC4R,YAAY,CAAClC,kBAAkB,CAAEhS,MAAOE,CAAAA,UAAU,EAAE,IAAI,CAAC0Z,WAAW,CAACa,IAAI,CAAE,IAAI,CAAA,CAAA,CAAA;AACtF,KAAA;AAirBF;;ACjyBA;;;IAIe,SAASC,gBAAAA,CAAkBtU,OAA+B,EAAA;IACvE,OAAO,IAAIiM,UAAYjM,CAAAA,OAAAA,CAAAA,CAAUkM,UAAU,EAAA,CAAA;AAC7C;;;;","x_google_ignoreList":[8]} \ No newline at end of file +{"version":3,"file":"oidc-client.esm.js","sources":["../src/constants/events.ts","../src/errors.ts","../src/helpers/state_manager/state_store.ts","../src/helpers/state_manager/local_storage.ts","../src/helpers/state_manager/in_memory.ts","../src/helpers/event_emitter.ts","../src/helpers/timer.ts","../src/utils/iframe.ts","../node_modules/.pnpm/base64-js@1.5.1/node_modules/base64-js/index.js","../src/utils/url.ts","../src/utils/request.ts","../src/utils/jose.ts","../src/utils/check_session_iframe.ts","../src/utils/object.ts","../src/utils/oidc.ts","../src/utils/popup.ts","../src/utils/tab_utils.ts","../src/client.ts","../src/index.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/indent */\nexport const Events = {\n USER_LOGOUT: 'user_logout',\n USER_LOGIN: 'user_login',\n SILENT_RENEW_SUCCESS: 'silent_renew_success',\n SILENT_RENEW_ERROR: 'silent_renew_error',\n SESSION_CHANGE: 'session_change'\n} as const\n\nexport type EventTypes = 'user_logout' | 'user_login' | 'silent_renew_success' |\n 'silent_renew_error' | 'session_change' | 'session_error'\n","export class OIDCClientError extends Error {\n error: string;\n\n error_description?: string;\n\n public constructor( error: string, error_description?: string ) {\n super( `${ error }${ error_description && ` - ${ error_description }` || '' }` );\n this.name = 'OIDCClientError'\n this.error = error\n this.error_description = error_description\n }\n}\n\nexport class AuthenticationError extends OIDCClientError {\n state?: string;\n\n error_uri?: string;\n\n constructor( error: string, error_description?: string, state?: string, error_uri?: string ) {\n super( error, error_description );\n this.name = 'AuthenticationError'\n this.state = state;\n this.error_uri = error_uri;\n }\n}\n\nexport class StateNotFound extends AuthenticationError {\n state?: string;\n\n constructor( error: string, state?: string ) {\n super( error );\n this.name = 'StateNotFound'\n this.state = state;\n }\n}\n\nexport class InvalidJWTError extends OIDCClientError {\n constructor( details: string ) {\n super( details );\n this.name = 'InvalidJWTError'\n this.error_description = details\n }\n}\n\nexport class InvalidIdTokenError extends InvalidJWTError {\n constructor( details: string ) {\n super( details );\n this.name = 'InvalidIdTokenError'\n }\n}\n\nexport class InteractionCancelled extends OIDCClientError {\n constructor( details: string ) {\n super( details );\n this.name = 'InteractionCancelled'\n }\n}\n","export interface StateStore> {\n init?(): Promise>\n}\n// eslint-disable-next-line @typescript-eslint/no-unsafe-declaration-merging\nexport abstract class StateStore> {\n prefix: string;\n\n constructor( prefix = '' ) {\n this.prefix = prefix\n }\n\n public abstract get( key: string ): Promise;\n\n public abstract set( key: string, value: T ): Promise;\n\n public abstract del( key: string ): Promise;\n\n public abstract clear( maxAge?: number ): Promise;\n}\n","import { StateStore } from './state_store';\n\nexport class LocalStorageStateStore extends StateStore {\n constructor( prefix = 'pa_oidc.' ) {\n super( prefix )\n }\n\n get( key: string ) {\n return new Promise( ( resolve ) => {\n const value = window.localStorage.getItem( this.prefix + key );\n if ( value ) {\n resolve( JSON.parse( value ) );\n } else {\n resolve( null );\n }\n } );\n }\n\n set( key: string, value: T ) {\n return new Promise( ( resolve ) => {\n window.localStorage.setItem( this.prefix + key, JSON.stringify( value ) );\n resolve();\n } );\n }\n\n del( key: string ) {\n return new Promise( ( resolve ) => {\n window.localStorage.removeItem( this.prefix + key );\n resolve();\n } );\n }\n\n clear( before?: number ): Promise {\n return new Promise( ( resolve ) => {\n let i;\n const storedKeys: string[] = [];\n for ( i = 0; i < window.localStorage.length; i++ ) {\n const key = window.localStorage.key( i )\n // items only created by oidc client\n if ( key?.substring( 0, this.prefix.length ) == this.prefix ) {\n storedKeys.push( key );\n }\n }\n for ( i = 0; i < storedKeys.length; i++ ) {\n if ( before ) {\n try {\n const storedItem = JSON.parse( window.localStorage.getItem( storedKeys[i] )! )\n if ( storedItem.created_at < before ) {\n window.localStorage.removeItem( storedKeys[i] )\n }\n } catch ( e ) {\n }\n } else {\n window.localStorage.removeItem( storedKeys[i] )\n }\n }\n resolve();\n } );\n }\n}\n","import { StateStore } from './state_store';\n\nexport class InMemoryStateStore extends StateStore {\n map = new Map()\n\n clear( before?: number ) {\n if ( before ){\n this.map.forEach( ( val, ind ) => {\n if ( val.created_at < before ){\n this.map.delete( ind )\n }\n } )\n return Promise.resolve()\n } else {\n return Promise.resolve( this.map.clear() );\n }\n }\n\n del( key: string ) {\n this.map.delete( key )\n return Promise.resolve( );\n }\n\n get( key: string ) {\n return Promise.resolve( this.map.get( key ) || null );\n }\n\n set( key: string, value: any ) {\n this.map.set( key, value )\n return Promise.resolve();\n }\n}\n","export type Listener = ( ...args: any ) => void\n\nexport class EventEmitter{\n callbacks: Record;\n\n constructor(){\n this.callbacks = {}\n }\n\n once( event: T, fn: ( ...args: any[] ) => void ){\n function on( this: EventEmitter, ...onArgs: any[] ) {\n this.off( event, on );\n fn.apply( this, onArgs );\n }\n on.fn = fn\n this.on( event, on );\n return this;\n }\n\n on( event: T, cb: ( ...args: any[] ) => void ){\n if ( !this.callbacks[`$${ event }`] ) this.callbacks[`$${ event }`] = [];\n this.callbacks[`$${ event }`].push( cb )\n return this\n }\n\n off( event?: T, fn?: ( ...args: any[] ) => void ){\n if ( !event ) {\n this.callbacks = {};\n return this;\n }\n\n // specific event\n const callbacks = this.callbacks[`$${ event }`];\n if ( !callbacks ) return this;\n\n // remove all handlers\n if ( !fn ) {\n delete this.callbacks[`$${ event }`];\n return this;\n }\n\n for ( let i = 0; i < callbacks.length; i++ ) {\n const cb = callbacks[i];\n if ( cb === fn || cb.fn === fn ) {\n callbacks.splice( i, 1 );\n break;\n }\n }\n\n // Remove event specific arrays for event types that no\n // one is subscribed for to avoid memory leak.\n if ( callbacks.length === 0 ) {\n delete this.callbacks[`$${ event }`];\n }\n\n return this;\n }\n\n emit( event: T, ...args: any[] ){\n let cbs = this.callbacks[`$${ event }`]\n if ( cbs ) {\n cbs = cbs.slice( 0 );\n for ( let i = 0, len = cbs.length; i < len; ++i ) {\n cbs[i].apply( this, args );\n }\n }\n return this\n }\n}\n","export class Timer {\n private now: () => number;\n\n private _timerHandle: any;\n\n private _expiration!: number;\n\n constructor( currentTimeInMillisFunc = () => Date.now() ) {\n this.now = currentTimeInMillisFunc\n }\n\n start( duration: number, callback: () => void ){\n if ( duration <= 0 ) {\n duration = 1;\n }\n const expiration = this.now() / 1000 + duration;\n if ( this._expiration === expiration && this._timerHandle ) {\n return;\n }\n\n this.stop();\n\n this._expiration = expiration;\n\n // prevent device sleep and delayed timers\n let timerDuration = 5;\n if ( duration < timerDuration ) {\n timerDuration = duration;\n }\n this._timerHandle = setInterval( ()=>{\n if ( this._expiration <= this.now() / 1000 ) {\n this.stop();\n callback()\n }\n }, timerDuration * 1000 );\n }\n\n stop() {\n if ( this._timerHandle ) {\n clearInterval( this._timerHandle );\n this._timerHandle = null;\n }\n }\n}\n","import { AuthenticationError, OIDCClientError } from '../errors';\nimport type { IFrameOptions } from '../interfaces';\n\nexport function createHiddenFrame() {\n const iframe = window.document.createElement( 'iframe' );\n iframe.style.width = '0';\n iframe.style.height = '0';\n iframe.style.position = 'absolute';\n iframe.style.visibility = 'hidden';\n iframe.style.display = 'none';\n\n iframe.title = '__pa_helper__hidden'\n iframe.ariaHidden = 'true'\n\n return iframe\n}\n\nexport function runIframe(\n url: string,\n options: IFrameOptions\n) {\n return new Promise( ( resolve, reject ) => {\n let onLoadTimeoutId: any = null;\n const iframe = createHiddenFrame()\n\n const timeoutSetTimeoutId = setTimeout( () => {\n reject( new OIDCClientError( 'Timed out' ) );\n removeIframe();\n }, ( options.timeout || 10 ) * 1000 );\n\n const iframeEventHandler = ( e: MessageEvent ) => {\n if ( e.origin != options.eventOrigin ) return;\n if ( !e.data || e.data.type !== 'authorization_response' ) return;\n const eventSource = e.source;\n if ( eventSource ) {\n ( eventSource ).close();\n }\n\n const resp = e.data.response || e.data\n resp.error\n ? reject( new AuthenticationError( resp.error, resp.error_description, resp.state, resp.error_uri ) )\n : resolve( e.data );\n clearTimeout( timeoutSetTimeoutId );\n removeIframe();\n };\n\n const removeIframe = () => {\n if ( onLoadTimeoutId != null ){\n clearTimeout( onLoadTimeoutId )\n }\n if ( window.document.body.contains( iframe ) ) {\n window.document.body.removeChild( iframe );\n }\n window.removeEventListener( 'message', iframeEventHandler, false );\n };\n\n const onLoadTimeout = () => setTimeout( ()=>{\n reject( new OIDCClientError( 'Could not complete silent authentication', url ) )\n removeIframe();\n }, 300 )\n\n\n\n window.addEventListener( 'message', iframeEventHandler, false );\n window.document.body.appendChild( iframe );\n iframe.setAttribute( 'src', url );\n\n /**\n * In case of wrong client id, wrong redirect_uri, in short when redirect did not happen\n * we assume flow failed.\n */\n iframe.onload = function () {\n onLoadTimeoutId = onLoadTimeout()\n }\n } );\n}\n","'use strict'\n\nexports.byteLength = byteLength\nexports.toByteArray = toByteArray\nexports.fromByteArray = fromByteArray\n\nvar lookup = []\nvar revLookup = []\nvar Arr = typeof Uint8Array !== 'undefined' ? Uint8Array : Array\n\nvar code = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'\nfor (var i = 0, len = code.length; i < len; ++i) {\n lookup[i] = code[i]\n revLookup[code.charCodeAt(i)] = i\n}\n\n// Support decoding URL-safe base64 strings, as Node.js does.\n// See: https://en.wikipedia.org/wiki/Base64#URL_applications\nrevLookup['-'.charCodeAt(0)] = 62\nrevLookup['_'.charCodeAt(0)] = 63\n\nfunction getLens (b64) {\n var len = b64.length\n\n if (len % 4 > 0) {\n throw new Error('Invalid string. Length must be a multiple of 4')\n }\n\n // Trim off extra bytes after placeholder bytes are found\n // See: https://github.com/beatgammit/base64-js/issues/42\n var validLen = b64.indexOf('=')\n if (validLen === -1) validLen = len\n\n var placeHoldersLen = validLen === len\n ? 0\n : 4 - (validLen % 4)\n\n return [validLen, placeHoldersLen]\n}\n\n// base64 is 4/3 + up to two characters of the original data\nfunction byteLength (b64) {\n var lens = getLens(b64)\n var validLen = lens[0]\n var placeHoldersLen = lens[1]\n return ((validLen + placeHoldersLen) * 3 / 4) - placeHoldersLen\n}\n\nfunction _byteLength (b64, validLen, placeHoldersLen) {\n return ((validLen + placeHoldersLen) * 3 / 4) - placeHoldersLen\n}\n\nfunction toByteArray (b64) {\n var tmp\n var lens = getLens(b64)\n var validLen = lens[0]\n var placeHoldersLen = lens[1]\n\n var arr = new Arr(_byteLength(b64, validLen, placeHoldersLen))\n\n var curByte = 0\n\n // if there are placeholders, only get up to the last complete 4 chars\n var len = placeHoldersLen > 0\n ? validLen - 4\n : validLen\n\n var i\n for (i = 0; i < len; i += 4) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 18) |\n (revLookup[b64.charCodeAt(i + 1)] << 12) |\n (revLookup[b64.charCodeAt(i + 2)] << 6) |\n revLookup[b64.charCodeAt(i + 3)]\n arr[curByte++] = (tmp >> 16) & 0xFF\n arr[curByte++] = (tmp >> 8) & 0xFF\n arr[curByte++] = tmp & 0xFF\n }\n\n if (placeHoldersLen === 2) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 2) |\n (revLookup[b64.charCodeAt(i + 1)] >> 4)\n arr[curByte++] = tmp & 0xFF\n }\n\n if (placeHoldersLen === 1) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 10) |\n (revLookup[b64.charCodeAt(i + 1)] << 4) |\n (revLookup[b64.charCodeAt(i + 2)] >> 2)\n arr[curByte++] = (tmp >> 8) & 0xFF\n arr[curByte++] = tmp & 0xFF\n }\n\n return arr\n}\n\nfunction tripletToBase64 (num) {\n return lookup[num >> 18 & 0x3F] +\n lookup[num >> 12 & 0x3F] +\n lookup[num >> 6 & 0x3F] +\n lookup[num & 0x3F]\n}\n\nfunction encodeChunk (uint8, start, end) {\n var tmp\n var output = []\n for (var i = start; i < end; i += 3) {\n tmp =\n ((uint8[i] << 16) & 0xFF0000) +\n ((uint8[i + 1] << 8) & 0xFF00) +\n (uint8[i + 2] & 0xFF)\n output.push(tripletToBase64(tmp))\n }\n return output.join('')\n}\n\nfunction fromByteArray (uint8) {\n var tmp\n var len = uint8.length\n var extraBytes = len % 3 // if we have 1 byte left, pad 2 bytes\n var parts = []\n var maxChunkLength = 16383 // must be multiple of 3\n\n // go through the array every three bytes, we'll deal with trailing stuff later\n for (var i = 0, len2 = len - extraBytes; i < len2; i += maxChunkLength) {\n parts.push(encodeChunk(uint8, i, (i + maxChunkLength) > len2 ? len2 : (i + maxChunkLength)))\n }\n\n // pad the end with zeros, but make sure to not forget the extra bytes\n if (extraBytes === 1) {\n tmp = uint8[len - 1]\n parts.push(\n lookup[tmp >> 2] +\n lookup[(tmp << 4) & 0x3F] +\n '=='\n )\n } else if (extraBytes === 2) {\n tmp = (uint8[len - 2] << 8) + uint8[len - 1]\n parts.push(\n lookup[tmp >> 10] +\n lookup[(tmp >> 4) & 0x3F] +\n lookup[(tmp << 2) & 0x3F] +\n '='\n )\n }\n\n return parts.join('')\n}\n","import { fromByteArray } from 'base64-js';\n\nexport function isValidIssuer( issuer: string ){\n try {\n const url = new URL( issuer )\n if ( !['http:', 'https:'].includes( url.protocol ) ){\n return false\n }\n if ( url.search !== '' || url.hash !== '' ){\n return false\n }\n return true\n } catch ( e ){\n return false\n }\n}\nexport function buildEncodedQueryString( obj?: Record,\n appendable = true, ) {\n if ( !obj ) return '';\n const ret: string[] = [];\n for ( const d in obj ) {\n if ( obj.hasOwnProperty( d ) && obj[d] ) {\n ret.push( `${\n encodeURIComponent( d )\n }=${\n encodeURIComponent( typeof obj[d] === 'object' ? JSON.stringify( obj[d] ) : obj[d]! )\n }` );\n }\n }\n return `${ appendable ? '?' : '' }${ ret.join( '&' ) }`;\n}\n\nexport function parseQueryUrl( value: string ) {\n const result: Record = {};\n value = value.trim().replace( /^(\\?|#|&)/, '' );\n const params = value.split( '&' );\n for ( let i = 0; i < params.length; i += 1 ) {\n const paramAndValue = params[i];\n const parts = paramAndValue.split( '=' );\n const key = decodeURIComponent( parts.shift()! );\n const value = parts.length > 0 ? parts.join( '=' ) : '';\n result[key] = decodeURIComponent( value );\n }\n return result;\n}\n\nexport function urlSafe( buffer: Uint8Array ): string {\n const encoded = fromByteArray( new Uint8Array( buffer ) );\n return encoded.replace( /\\+/g, '-' ).replace( /\\//g, '_' ).replace( /=/g, '' );\n}\n","import { buildEncodedQueryString } from './url';\n\nexport interface RequestOptions {\n body?: Record;\n headers?: Record,\n method: 'GET' | 'POST' | 'PATCH' | 'TRACE' | 'OPTIONS' | 'HEAD',\n requestType?: 'form' | 'json',\n url: string\n}\n\nexport function request( options: RequestOptions ): Promise{\n let body: any = null\n let headers = options.headers || {}\n if ( options.method === 'POST' ){\n headers = {\n 'Content-Type': options.requestType === 'form' ? 'application/x-www-form-urlencoded;charset=UTF-8' :\n 'application/json;charset=UTF-8',\n ...headers\n }\n }\n if ( options.body ){\n body = options.requestType === 'form' ? buildEncodedQueryString( options.body, false )\n : JSON.stringify( options.body )\n }\n\n return new Promise( ( resolve, reject ) => {\n fetch( options.url, {\n method: options.method,\n body: body,\n headers\n } )\n .then( ( value: Response ) => resolve( value.json() ) )\n .catch( reject )\n } )\n}\n","import { InvalidIdTokenError, InvalidJWTError, OIDCClientError } from '../errors';\nimport type { IPlusAuthClientOptions, JWTValidationOptions, ParsedJWT } from '../interfaces';\n\nimport { urlSafe } from './url';\n\nconst CHARSET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';\n\nfunction getRandomBytes( n: number ){\n // @ts-ignore\n const crypto = self.crypto || self.msCrypto, QUOTA = 65536;\n const a = new Uint8Array( n );\n for ( let i = 0; i < n; i += QUOTA ) {\n crypto.getRandomValues( a.subarray( i, i + Math.min( n - i, QUOTA ) ) );\n }\n return a;\n}\n\nexport function generateRandom( length: number ){\n let out = '';\n const charsLen = CHARSET.length;\n const maxByte = 256 - 256 % charsLen;\n while ( length > 0 ) {\n const buf = getRandomBytes( Math.ceil( length * 256 / maxByte ) );\n for ( let i = 0; i < buf.length && length > 0; i++ ) {\n const randomByte = buf[i];\n if ( randomByte < maxByte ) {\n out += CHARSET.charAt( randomByte % charsLen );\n length--;\n }\n }\n }\n return out;\n}\n\n\nexport function deriveChallenge( code: string ): Promise{\n if ( code.length < 43 || code.length > 128 ) {\n return Promise.reject( new OIDCClientError( `Invalid code length: ${ code.length }` ) );\n }\n\n return new Promise( ( resolve, reject ) => {\n crypto.subtle.digest( 'SHA-256', new TextEncoder().encode( code ) )\n .then( buffer => {\n return resolve( urlSafe( new Uint8Array( buffer ) ) );\n }, function ( error ) {\n /* istanbul ignore next */\n return reject( error );\n } );\n } );\n}\n// https://datatracker.ietf.org/doc/html/rfc4648#section-5\nexport const urlDecodeB64 = ( input: string ) => decodeURIComponent(\n atob( input.replace( /_/g, '/' ).replace( /-/g, '+' ) )\n .split( '' )\n .map( c => {\n return `%${ `00${ c.charCodeAt( 0 ).toString( 16 ) }`.slice( -2 ) }`;\n } )\n .join( '' )\n);\n\n\n\nexport function parseJwt( jwt: string ): ParsedJWT {\n try {\n const parts = jwt.split( '.' )\n if ( parts.length !== 3 ){\n throw new Error( 'Wrong JWT format' )\n }\n return {\n header: JSON.parse( urlDecodeB64( parts[0] ) ),\n payload: JSON.parse( urlDecodeB64( parts[1] ) )\n }\n } catch ( e ){\n throw new InvalidJWTError( 'Failed to parse jwt' )\n }\n}\n\nexport function validateIdToken( id_token: string, nonce: string, options: IPlusAuthClientOptions ) {\n if ( !nonce ) {\n throw new OIDCClientError( 'No nonce on state' );\n }\n\n try {\n const jwt = parseJwt( id_token );\n\n if ( nonce !== jwt.payload.nonce ) {\n throw new Error( `Invalid nonce in id_token: ${ jwt.payload.nonce }` );\n }\n\n validateJwt( id_token, options, true )\n\n // @ts-ignore\n if ( !jwt.payload['sub'] ) {\n throw new Error( 'No Subject (sub) present in id_token' );\n }\n\n return jwt.payload;\n } catch ( e ){\n throw new InvalidIdTokenError( e.message )\n }\n}\n\nexport function validateJwt( jwt: string, options: JWTValidationOptions, isIdToken = false ) {\n // eslint-disable-next-line prefer-const\n let { clockSkew, currentTimeInMillis, issuer, audience, client_id } = options\n if ( !clockSkew ){\n clockSkew = 0\n }\n const now = ( currentTimeInMillis && currentTimeInMillis() || Date.now() ) / 1000;\n\n const payload = parseJwt( jwt ).payload;\n\n if ( !payload.iss ) {\n throw new InvalidJWTError( 'Issuer (iss) was not provided' );\n }\n if ( payload.iss !== issuer ) {\n throw new InvalidJWTError( `Invalid Issuer (iss) in token: ${ payload.iss }` );\n }\n\n if ( !payload.aud ) {\n throw new InvalidJWTError( 'Audience (aud) was not provided' );\n }\n\n // Audience must be equal to client_id in id_token\n // https://openid.net/specs/openid-connect-core-1_0.html#IDToken\n if ( Array.isArray( payload.aud ) ?\n payload.aud.indexOf( isIdToken ? client_id : audience || client_id ) == -1 :\n payload.aud !== ( isIdToken ? client_id : audience || client_id )\n ) {\n throw new InvalidJWTError( `Invalid Audience (aud) in token: ${ payload.aud }` );\n }\n\n if ( payload.azp && payload.azp !== client_id ) {\n throw new InvalidJWTError( `Invalid Authorized Party (azp) in token: ${ payload.azp }` );\n }\n\n const lowerNow = Math.ceil( now + clockSkew );\n const upperNow = Math.floor( now - clockSkew );\n\n if ( !payload.iat ) {\n throw new InvalidJWTError( 'Issued At (iat) was not provided' );\n }\n\n if ( lowerNow < Number( payload.iat ) ) {\n throw new InvalidJWTError( `Issued At (iat) is in the future: ${ payload.iat }` );\n }\n\n if ( payload.nbf && lowerNow < Number( payload.nbf ) ) {\n throw new InvalidJWTError( `Not Before time (nbf) is in the future: ${ payload.nbf }` );\n }\n\n if ( !payload.exp ) {\n throw new InvalidJWTError( 'Expiration Time (exp) was not provided' );\n }\n if ( Number( payload.exp ) < upperNow ) {\n throw new InvalidJWTError( `Expiration Time (exp) is in the past: ${ payload.exp }` );\n }\n\n return payload;\n}\n\n// Retrieved from https://www.iana.org/assignments/jwt/jwt.xhtml\nexport const nonUserClaims = [\n 'iss',\n // 'sub',\n 'aud',\n 'exp',\n 'nbf',\n 'iat',\n 'jti',\n 'azp',\n 'nonce',\n 'auth_time',\n 'at_hash',\n 'c_hash',\n 'acr',\n 'amr',\n 'sub_jwk',\n 'cnf',\n 'sip_from_tag',\n 'sip_date',\n 'sip_callid',\n 'sip_cseq_num',\n 'sip_via_branch',\n 'orig',\n 'dest',\n 'mky',\n 'events',\n 'toe',\n 'txn',\n 'rph',\n 'sid',\n 'vot',\n 'vtm',\n 'attest',\n 'origid',\n 'act',\n 'scope',\n 'client_id',\n 'may_act',\n 'jcard',\n 'at_use_nbr',\n] as const\n","import type { SessionChecker, SessionCheckerOptions } from '../interfaces';\n\nimport { createHiddenFrame } from './iframe';\n\nconst DEFAULT_CHECK_INTERVAL = 2000\n\nexport function createSessionCheckerFrame( options: SessionCheckerOptions ): SessionChecker{\n const { url, callback, client_id, checkInterval } = options\n let internalSessionState: string | null;\n const idx = url.indexOf( '/', url.indexOf( '//' ) + 2 );\n const frameOrigin = url.substr( 0, idx );\n\n const frame = createHiddenFrame()\n\n let timer: any\n\n const load = () => {\n return new Promise( resolve => {\n window.document.body.appendChild( frame );\n window.addEventListener( 'message', iframeEventHandler, false );\n frame.onload = () => {\n resolve( null )\n }\n } )\n }\n\n const start = ( sessionState: string ) => {\n load().then( () => {\n if ( sessionState && internalSessionState !== sessionState ) {\n stop();\n internalSessionState = sessionState;\n const send = () => {\n frame.contentWindow!.postMessage( `${ client_id } ${ internalSessionState }`, frameOrigin );\n };\n send();\n timer = window.setInterval( send, checkInterval || DEFAULT_CHECK_INTERVAL );\n }\n } )\n }\n\n const stop = () => {\n internalSessionState = null;\n if ( timer ) {\n window.clearInterval( timer );\n timer = null;\n }\n }\n\n const iframeEventHandler = ( e: MessageEvent ) => {\n if ( e.origin === frameOrigin && e.source === frame.contentWindow ) {\n if ( e.data === 'error' ) {\n stop();\n callback( e.data );\n } else if ( e.data === 'changed' ) {\n stop();\n callback();\n }\n }\n }\n\n frame.setAttribute( 'src', url );\n\n return {\n stop,\n start\n }\n}\n","type RequiredAndNotNull = {\n [P in keyof T]-?: Exclude\n}\n\n/**\n * not suitable for every object but it is enough for this library\n * @param object\n */\nexport function cleanUndefined>( object: T ) {\n if ( !object || typeof object !== 'object' ) {\n return object\n }\n return JSON.parse( JSON.stringify( object ) ) as RequiredAndNotNull\n}\n\nfunction merge( previousValue: any, currentValue: any ) {\n for ( const p in currentValue ) {\n if ( currentValue[p] !== undefined ) {\n if ( typeof currentValue[p] === 'object' && currentValue[p].constructor.name === 'Object' ) {\n previousValue[p] = merge( previousValue[p] || {}, currentValue[p] );\n } else {\n previousValue[p] = currentValue[p];\n }\n }\n }\n return previousValue\n}\nexport function mergeObjects( obj1: T, obj2: U ): RequiredAndNotNull;\nexport function mergeObjects( obj1: T, obj2: U, obj3: K ): RequiredAndNotNull;\nexport function mergeObjects( ...objects: any[] ) {\n return objects.reduce( ( previousValue, currentValue ) => {\n return merge( previousValue || {}, currentValue )\n }, {} ) as any\n}\n","export const isResponseType = ( type: string, response_type?: string ) =>\n response_type && response_type.split( /\\s+/g ).filter( rt => rt === type ).length > 0\n\nexport const isScopeIncluded = ( scope: string, scopes?: string ) =>\n scopes && scopes.split( ' ' ).indexOf( scope ) > -1\n","import { InteractionCancelled, OIDCClientError } from '../errors';\nimport type { PopupOptions } from '../interfaces';\n\nconst openPopup = ( url: string, width = 400, height = 600 ) => {\n const left = window.screenX + ( window.innerWidth - width ) / 2;\n const top = window.screenY + ( window.innerHeight - height ) / 2;\n\n return window.open(\n url,\n 'oidc-login-popup',\n `left=${ left },top=${ top },width=${ width },height=${ height },resizable,scrollbars=yes,status=1`\n );\n};\n\nexport function runPopup( url: string, options: PopupOptions ) {\n let popup = options.popup;\n\n if ( popup ) {\n popup.location.href = url;\n } else {\n popup = openPopup( url );\n }\n\n if ( !popup ) {\n /* istanbul ignore next */\n throw new Error( 'Could not open popup' );\n }\n\n let timeoutId: any ;\n let closeId: any ;\n\n return new Promise<{ response: any, state: string }>( ( resolve, reject ) => {\n function clearHandlers(){\n clearInterval( closeId );\n clearTimeout( timeoutId )\n window.removeEventListener( 'message', messageListener )\n }\n\n timeoutId = setTimeout( () => {\n clearHandlers()\n reject( new OIDCClientError( 'Timed out' ) );\n }, options.timeout || 60 * 1000 )\n\n closeId = setInterval( function () {\n if ( popup!.closed ) {\n clearHandlers()\n reject( new InteractionCancelled( 'user closed popup' ) )\n }\n }, 300 );\n\n window.addEventListener( 'message', messageListener );\n\n function messageListener( e: MessageEvent ){\n if ( !e.data || e.data.type !== 'authorization_response' ) return;\n clearHandlers();\n popup!.close();\n const data = e.data.response || e.data\n data.error ? reject( new OIDCClientError( data.error, data.error_description ) )\n : resolve( e.data );\n }\n } );\n}\n","/*\nJitbit TabUtils - helper for multiple browser tabs. version 1.0\nhttps://github.com/jitbit/TabUtils\n- executing \"interlocked\" function call - only once per multiple tabs\n- broadcasting a message to all tabs (including the current one) with some message \"data\"\n- handling a broadcasted message\nMIT license: https://github.com/jitbit/TabUtils/blob/master/LICENSE\n*/\n\nimport type { EventEmitter } from '../helpers';\n\nconst currentTabId = `${ performance.now() }:${ Math.random() * 1000000000 | 0 }`;\nconst handlers: Record = {};\n\nexport class TabUtils {\n keyPrefix: string;\n\n private events: EventEmitter;\n\n constructor( kid: string, fallbackEvents: EventEmitter ) {\n this.keyPrefix = kid;\n this.events = fallbackEvents\n }\n\n //runs code only once in multiple tabs\n //the lock holds for 4 seconds (in case the function is async and returns right away, for example, an ajax call intiated)\n //then it is cleared\n CallOnce( lockname: string, fn: () => void, timeout = 3000 ): void{\n if ( !lockname ) throw 'empty lockname';\n\n if ( !window.localStorage ) { //no local storage. old browser. screw it, just run the function\n fn();\n return;\n }\n\n const localStorageKey = this.keyPrefix + lockname;\n\n localStorage.setItem( localStorageKey, currentTabId );\n //re-read after a delay (after all tabs have saved their tabIDs into ls)\n setTimeout( () => {\n if ( localStorage.getItem( localStorageKey ) == currentTabId )\n fn();\n }, 150 );\n\n //cleanup - release the lock after 3 seconds and on window unload (just in case user closed the window while the lock is still held)\n setTimeout( function () { localStorage.removeItem( localStorageKey ); }, timeout );\n }\n\n BroadcastMessageToAllTabs( messageId: string, eventData: any ): void{\n //now we also need to manually execute handler in the current tab too, because current tab does not get 'storage' events\n try { handlers[messageId]( eventData ); } //\"try\" in case handler not found\n catch ( x ) { }\n\n if ( !window.localStorage ){\n this.events.emit( messageId, eventData )\n return; //no local storage. old browser\n }\n\n const data = {\n data: eventData,\n timeStamp: new Date().getTime()\n }; //add timestamp because overwriting same data does not trigger the event\n\n //this triggers 'storage' event for all other tabs except the current tab\n localStorage.setItem( `${ this.keyPrefix }event${ messageId }`, JSON.stringify( data ) );\n\n //cleanup\n setTimeout( () => { localStorage.removeItem( `${ this.keyPrefix }event${ messageId }` ); }, 3000 );\n }\n\n OnBroadcastMessage( messageId: string, fn: ( data: any ) => void ): void{\n handlers[messageId] = fn;\n if ( !window.localStorage ){\n this.events.on( messageId, fn )\n return; //no local storage. old browser\n }\n\n //first register a handler for \"storage\" event that we trigger above\n window.addEventListener( 'storage', ( ev ) => {\n if ( ev.key != `${ this.keyPrefix }event${ messageId }` ) return; // ignore other keys\n if ( !ev.newValue ) return; //called by cleanup?\n const messageData = JSON.parse( ev.newValue );\n fn( messageData.data );\n } );\n }\n}\n","import type { EventTypes } from './constants';\nimport { Events } from './constants';\n\nimport {\n AuthenticationError, InvalidIdTokenError,\n OIDCClientError, StateNotFound\n} from './errors';\n\nimport type {\n StateStore } from './helpers';\nimport {\n EventEmitter,\n InMemoryStateStore,\n LocalStorageStateStore\n} from './helpers';\n\n\n\nimport { Timer } from './helpers/timer';\nimport type { AuthRecord,\n AuthRequestOptions, IEndpointConfiguration,\n IPlusAuthClientOptions,\n LogoutRequestOptions, PopupOptions, RevokeOptions, SessionChecker,\n SessionMonitorOptions, StateRecord,\n TokenRequestOption, TokenResponse, TokenType\n} from './interfaces';\n\nimport type {\n RequestOptions } from './utils';\nimport {\n request,\n runIframe,\n buildEncodedQueryString,\n parseQueryUrl,\n validateIdToken,\n createSessionCheckerFrame,\n nonUserClaims, generateRandom, deriveChallenge, isValidIssuer,\n} from './utils';\nimport { cleanUndefined, mergeObjects } from './utils/object';\n\nimport { isResponseType, isScopeIncluded } from './utils/oidc';\nimport { runPopup } from './utils/popup';\nimport { TabUtils } from './utils/tab_utils';\n\n/**\n * `OIDCClient` provides methods for interacting with OIDC/OAuth2 authorization server. Those methods are signing a\n * user in, signing out, managing the user's claims, checking session and managing tokens returned from the\n * OIDC/OAuth2 provider.\n *\n */\nexport class OIDCClient extends EventEmitter{\n options: IPlusAuthClientOptions\n\n user?: any;\n\n scopes?: string[];\n\n accessToken?: string;\n\n refreshToken?: string;\n\n idToken?: string;\n\n idTokenRaw?: string;\n\n issuer_metadata?: Record;\n\n private readonly http: ( options: RequestOptions ) => Promise | never;\n\n private synchronizer: TabUtils;\n\n private stateStore: StateStore\n\n private authStore: StateStore;\n\n private sessionCheckerFrame?: SessionChecker\n\n private _accessTokenExpireTimer?: Timer;\n\n private initialized!: boolean;\n\n private __initializePromise!: Promise | undefined;\n\n constructor( options: IPlusAuthClientOptions ) {\n super()\n if ( !isValidIssuer( options.issuer ) ){\n throw new OIDCClientError( '\"issuer\" must be a valid uri.' )\n }\n\n this.synchronizer = new TabUtils( btoa( options.issuer ), this )\n\n this.options = mergeObjects( {\n secondsToRefreshAccessTokenBeforeExp: 60,\n autoSilentRenew: true,\n checkSession: true,\n stateLength: 10,\n nonceLength: 10\n }, options, {\n // remove last slash for consistency across the lib\n issuer: options.issuer.endsWith( '/' ) ? options.issuer.slice( 0, -1 ) : options.issuer\n } )\n\n this.http = this.options.httpClient || request\n this.stateStore = this.options.stateStore || new LocalStorageStateStore( 'pa_oidc.state.' )\n this.authStore = this.options.authStore || new InMemoryStateStore()\n\n\n if ( this.options.autoSilentRenew ){\n this._accessTokenExpireTimer = new Timer()\n }\n\n this.on( Events.USER_LOGOUT, async ()=>{\n this.user = undefined\n this.scopes = undefined;\n this.accessToken = undefined\n this.idToken = undefined\n this.refreshToken = undefined\n await this.authStore.clear()\n } )\n\n this.synchronizer.OnBroadcastMessage( Events.USER_LOGIN, this.onUserLogin.bind( this ) )\n }\n\n /**\n * Initialize the library with this method. It resolves issuer configuration, jwks keys which are necessary for\n * validating tokens returned from provider and checking if a user is already authenticated in provider.\n *\n * @param checkLogin Make this `false` if you don't want to check user authorization status in provider while\n * initializing. Defaults to `true`\n */\n async initialize( checkLogin = true ): Promise | never {\n if ( this.initialized ){\n return this\n }\n\n if ( this.__initializePromise ){\n return this.__initializePromise\n } else {\n this.__initializePromise = new Promise( async ( resolve, reject ) => {\n try {\n if ( this.stateStore.init ){\n await this.stateStore.init()\n }\n if ( this.authStore.init ){\n await this.authStore.init()\n }\n\n if ( !this.options.endpoints || Object.keys( this.options.endpoints ).length === 0 ){\n await this.fetchFromIssuer()\n }\n this.initialized = true\n\n try {\n if ( checkLogin ){\n if ( !window?.frameElement ){\n await this.silentLogin()\n }\n }\n } catch ( e ) {\n this.emit( Events.SILENT_RENEW_ERROR, e )\n await this.authStore.clear()\n }\n resolve( this )\n } catch ( e ) {\n if ( e instanceof OIDCClientError ){\n reject( e )\n } else {\n reject( new OIDCClientError( e.message ) )\n }\n } finally {\n this.__initializePromise = undefined\n }\n } )\n }\n\n return this.__initializePromise\n }\n\n /**\n * Redirect to provider's authorization endpoint using provided parameters. You can override any parameter defined\n * in `OIDCClient`. If you don't provide `state`, `nonce` or `code_verifier` they will be generated automatically\n * in a random and secure way.\n *\n * @param options\n * @param localState\n */\n async login( options: Partial = {}, localState: Record = {} ){\n window.location.assign( await this.createAuthRequest( options, localState ) )\n }\n\n /**\n * Open a popup with the provider's authorization endpoint using provided parameters. You can override any\n * parameter defined in `OIDCClient`. If you don't provide `state`, `nonce` or `code_verifier` they will be\n * generated automatically in a random and secure way. You can also override popup options.\n *\n * NOTE: Most browsers block popups if they are not happened as a result of user actions. In order to display\n * login popup you must call this method in an event handler listening for a user action like button click.\n *\n * @param options\n * @param popupOptions\n */\n async loginWithPopup( options: Partial = {}, popupOptions: PopupOptions = {} ){\n const url = await this.createAuthRequest( {\n response_mode: 'fragment',\n ...options,\n display: 'popup',\n request_type: 'p'\n } )\n const { response, state } = await runPopup( url, popupOptions )\n const { authParams, localState } = !state || typeof state === 'string' ?\n await this.loadState( state || response.state )\n : state;\n const tokenResult = await this.handleAuthResponse( response, authParams, localState )\n const authObject = await this.handleTokenResult(\n tokenResult,\n authParams,\n mergeObjects( this.options, authParams )\n )\n authObject.session_state= response.session_state;\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return localState\n }\n\n /**\n * After a user successfully authorizes an application, the authorization server will redirect the user back to\n * the application with either an authorization code or access token in the URL. In the callback page you should\n * call this method.\n *\n * @param url Full url which contains authorization request result parameters. Defaults to `window.location.href`\n */\n async loginCallback( url: string= window?.location?.href ){\n if ( !url ){\n return Promise.reject( new OIDCClientError( 'Url must be passed to handle login redirect' ) )\n }\n let parsedUrl: URL;\n try {\n parsedUrl = new URL( url )\n } catch ( e ){\n return Promise.reject( new OIDCClientError( `Invalid callback url passed: \"${ url }\"` ) )\n }\n\n const responseParams = parseQueryUrl( parsedUrl.search || parsedUrl.hash )\n const rawStoredState = await this.loadState( responseParams.state )\n const { authParams, localState, request_type } = rawStoredState\n url = url || window.location.href;\n switch ( request_type ) {\n case 's':\n if ( window?.frameElement ) {\n if ( url ) {\n window.parent.postMessage( {\n type: 'authorization_response',\n response: responseParams,\n state: rawStoredState\n }, `${ location.protocol }//${ location.host }` );\n }\n }\n return\n case 'p':\n if ( window.opener && url ){\n window.opener.postMessage( {\n type: 'authorization_response',\n response: responseParams,\n state: rawStoredState\n }, `${ location.protocol }//${ location.host }` );\n }\n return\n default:\n if ( responseParams.error ){\n return Promise.reject( new AuthenticationError( responseParams.error, responseParams.error_description ) )\n }\n const tokenResult = await this.handleAuthResponse( responseParams, authParams, localState )\n const authObject = await this.handleTokenResult(\n tokenResult,\n authParams,\n mergeObjects( this.options, authParams )\n )\n authObject.session_state= responseParams.session_state;\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return localState\n }\n }\n\n /**\n * Redirect to provider's `end_session_endpoint` with provided parameters. After logout provider will redirect to\n * provided `post_logout_redirect_uri` if it provided.\n * @param options\n */\n async logout( options: LogoutRequestOptions = {} ){\n if ( !options.localOnly ) {\n const storedAuth = await this.authStore.get( 'auth' )\n const id_token_hint = options.id_token_hint || storedAuth?.id_token_raw\n window.location.assign( await this.createLogoutRequest( {\n ...options,\n id_token_hint\n } ) )\n }\n await this.authStore.clear()\n }\n\n /**\n * OAuth2 token revocation implementation method. See more at [tools.ietf.org/html/rfc7009](https://tools.ietf.org/html/rfc7009)\n * @param token Token to be revoked\n * @param type Passed token's type. It will be used to provide `token_type_hint` parameter.\n * @param options If necessary override options passed to `OIDCClient` by defining them here.\n */\n async revokeToken( token: string, type: TokenType = 'access_token', options: RevokeOptions = {} ){\n if ( !this.options.endpoints!.revocation_endpoint ){\n return Promise.reject( new OIDCClientError( '\"revocation_endpoint\" doesn\\'t exist' ) )\n }\n const finalOptions = {\n client_id: options.client_id || this.options.client_id,\n client_secret: options.client_secret || this.options.client_secret,\n token_type_hint: type,\n token: token\n }\n\n return this.http( {\n method: 'POST',\n requestType: 'form',\n url: this.options.endpoints!.revocation_endpoint,\n body: finalOptions\n } )\n }\n\n /**\n * Login without having an interaction. If refresh tokens are used and there is a stored refresh token it will\n * exchange refresh token to receive new access token. If not it silently makes a request the provider's\n * authorization endpoint using provided parameters. You can override any parameter defined in `OIDCClient`. If\n * you don't provide `state`, `nonce` or `code_verifier` they will be generated automatically in a random and\n * secure way.\n *\n * @param options\n * @param localState\n */\n async silentLogin( options: AuthRequestOptions = {}, localState: Record = {} ){\n await this.initialize( false )\n let tokenResult: any;\n let finalState: any = {}\n\n const storedAuth = await this.authStore.get( 'auth' ) || {}\n\n const finalOptions = mergeObjects( {\n response_mode: 'query',\n display: 'page',\n prompt: 'none'\n }, this.options, options )\n\n if ( finalOptions.silent_redirect_uri ){\n finalOptions.redirect_uri = finalOptions.silent_redirect_uri\n }\n\n if ( this.options.useRefreshToken && storedAuth?.refresh_token ){\n finalState.authParams = mergeObjects( storedAuth?.authParams || {}, finalState.authParams || {} )\n tokenResult = await this.exchangeRefreshToken( {\n ...finalOptions,\n refresh_token: storedAuth.refresh_token,\n } )\n } else {\n const authUrl = await this.createAuthRequest( {\n ...finalOptions,\n request_type: 's'\n }, localState )\n\n const { response, state } = await runIframe( authUrl, {\n timeout: finalOptions.silentRequestTimeout,\n eventOrigin: window.location.origin\n } )\n tokenResult = await this.handleAuthResponse( response, finalOptions, localState )\n storedAuth.session_state = response.session_state;\n finalState = state\n }\n\n const authObject = await this.handleTokenResult( tokenResult, finalState.authParams, finalOptions )\n authObject.session_state = storedAuth.session_state\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return finalState.localState\n }\n\n /**\n * Retrieve logged in user's access token if it exists.\n */\n async getAccessToken(){\n return ( await this.authStore.get( 'auth' ) )?.access_token\n }\n\n\n /**\n * Retrieve logged in user's refresh token if it exists.\n */\n async getRefreshToken(){\n return ( await this.authStore.get( 'auth' ) )?.refresh_token\n }\n\n /**\n * Retrieve logged in user's parsed id token if it exists.\n */\n async getIdToken(){\n return ( await this.authStore.get( 'auth' ) )?.id_token\n }\n\n /**\n * Retrieve access token's expiration.\n */\n async getExpiresIn(){\n return ( await this.authStore.get( 'auth' ) )?.expires_in\n }\n\n /**\n * Retrieve logged in user's id token in raw format if it exists.\n */\n async getIdTokenRaw(){\n return ( await this.authStore.get( 'auth' ) )?.id_token_raw\n }\n\n\n /**\n * Retrieve logged in user's scopes if it exists.\n */\n async getScopes(){\n return ( await this.authStore.get( 'auth' ) )?.scope?.split( ' ' )\n }\n\n\n /**\n * Retrieve logged in user's profile.\n */\n async getUser(){\n return ( await this.authStore.get( 'auth' ) )?.user\n }\n\n /**\n * If there is a user stored locally return true. Otherwise it will make a silentLogin to check if End-User is\n * logged in provider.\n *\n * @param localOnly Don't check provider\n */\n async isLoggedIn( localOnly = false ){\n const existsOnLocal = !!await this.getUser()\n if ( !existsOnLocal && !localOnly ){\n try {\n await this.silentLogin()\n return true\n } catch ( e ){\n return false\n }\n }\n return existsOnLocal\n }\n\n /**\n * Create authorization request with provided options.\n *\n * @param options\n * @param localState\n * @private\n */\n private async createAuthRequest( options: Partial = {},\n localState: Record = {} ): Promise{\n if ( !this.options.endpoints?.authorization_endpoint ){\n await this.initialize( false )\n }\n // TODO: deep merge for extra params\n const finalOptions = Object.assign( {}, this.options, options )\n localState.code_verifier = generateRandom( 72 )\n\n const authParams = {\n client_id: finalOptions.client_id,\n state: generateRandom( finalOptions.stateLength! ),\n scope: finalOptions.scope,\n audience: finalOptions.audience,\n redirect_uri: finalOptions.redirect_uri,\n response_mode: finalOptions.response_mode,\n response_type: finalOptions.response_type || 'code',\n ui_locales: finalOptions.ui_locales,\n prompt: finalOptions.prompt,\n display: finalOptions.display,\n claims: finalOptions.claims,\n claims_locales: finalOptions.claims_locales,\n acr_values: finalOptions.acr_values,\n registration: finalOptions.registration,\n login_hint: finalOptions.login_hint,\n id_token_hint: finalOptions.id_token_hint,\n web_message_uri: finalOptions.web_message_uri,\n web_message_target: finalOptions.web_message_target,\n ...finalOptions.extraParams && finalOptions.extraParams\n } as AuthRequestOptions;\n\n if ( isResponseType( 'id_token', authParams.response_type ) ||\n isScopeIncluded( 'openid', authParams.scope ) ){\n authParams.nonce = generateRandom( finalOptions.nonceLength! )\n }\n\n if ( isResponseType( 'code', authParams.response_type ) ){\n authParams.code_challenge= await deriveChallenge( localState.code_verifier )\n authParams.code_challenge_method= finalOptions.code_challenge_method || 'S256'\n }\n\n const now = this.options.currentTimeInMillis && this.options.currentTimeInMillis() || Date.now()\n const fragment = finalOptions.fragment ? `#${ finalOptions.fragment }` : '';\n const authParamsString = buildEncodedQueryString( authParams )\n const url = `${ this.options.endpoints!.authorization_endpoint }${ authParamsString }${ fragment }`\n\n // clear 1 day old state entries\n this.stateStore.clear( now - 86400000 )\n\n\n await this.stateStore.set( authParams.state!, cleanUndefined( {\n created_at: now,\n authParams,\n localState,\n request_type: finalOptions.request_type\n } ) )\n return url\n }\n\n /**\n * Create a logout request with given options\n *\n * @param options\n * @private\n */\n private async createLogoutRequest( options: LogoutRequestOptions = {} ){\n if ( !this.options.endpoints?.end_session_endpoint ){\n await this.fetchFromIssuer();\n }\n const finalOptions = mergeObjects( this.options, options )\n const logoutParams = {\n id_token_hint: finalOptions.id_token_hint,\n post_logout_redirect_uri: finalOptions.post_logout_redirect_uri,\n ...finalOptions.extraLogoutParams || {}\n }\n return `${ this.options.endpoints!.end_session_endpoint }${ buildEncodedQueryString( logoutParams ) }`\n }\n\n /**\n * Exchange authorization code retrieved from auth request result.\n * @param options\n * @private\n */\n private async exchangeAuthorizationCode( options: TokenRequestOption ){\n if ( !this.options.endpoints?.token_endpoint ){\n await this.fetchFromIssuer();\n }\n const finalOptions = mergeObjects( this.options, options )\n const { extraTokenHeaders, extraTokenParams, ...rest } = finalOptions\n const mergedOptions = {\n ...rest,\n ...extraTokenParams || {},\n grant_type: 'authorization_code',\n }\n\n for ( const req of ['code', 'redirect_uri', 'code_verifier', 'client_id'] as const ){\n if ( !mergedOptions[req] ){\n return Promise.reject( new Error( `\"${ req }\" is required` ) );\n }\n }\n\n return this.http( {\n url: `${ this.options.endpoints!.token_endpoint }`,\n method: 'POST',\n requestType: 'form',\n body: mergedOptions as any,\n headers: extraTokenHeaders\n } )\n }\n\n /**\n * Exchange refresh token with given options\n * @param options\n * @private\n */\n private async exchangeRefreshToken( options: Partial ) {\n if ( !this.options.endpoints?.token_endpoint ){\n await this.fetchFromIssuer();\n }\n const { extraTokenHeaders, extraTokenParams, ...rest } = options\n const mergedOptions = {\n grant_type: 'refresh_token',\n client_id: this.options.client_id,\n client_secret: this.options.client_secret,\n ...rest,\n ...extraTokenParams || {}\n }\n\n for ( const req of ['refresh_token', 'client_id'] as const ){\n if ( !mergedOptions[req] ){\n return Promise.reject( new Error( `\"${ req }\" is required` ) );\n }\n }\n\n return this.http( {\n url: `${ this.options.endpoints!.token_endpoint }`,\n method: 'POST',\n requestType: 'form',\n body: mergedOptions as any,\n headers: extraTokenHeaders\n } );\n }\n\n /**\n * Fetch OIDC configuration from the issuer.\n */\n private async fetchFromIssuer(): Promise>{\n try {\n const requestUrl = `${ this.options.issuer }/.well-known/openid-configuration`\n const response = await this.http( {\n url: requestUrl,\n method: 'GET',\n requestType: 'json'\n } )\n this.issuer_metadata = response as Record\n const endpoints = {} as any\n for ( const prop of Object.keys( this.issuer_metadata ) ) {\n if ( prop.endsWith( '_endpoint' ) || prop.indexOf( '_session' ) > -1 || prop.indexOf( '_uri' ) > -1 ) {\n endpoints[prop as keyof IEndpointConfiguration] = this.issuer_metadata[prop];\n }\n }\n this.options.endpoints = endpoints\n return this.issuer_metadata;\n } catch ( e ) {\n throw new OIDCClientError( 'Loading metadata failed', e.message )\n }\n }\n\n /**\n * Handle auth request result. If there is `code` exchange it.\n * @param response\n * @param finalOptions\n * @param localState\n * @private\n */\n private async handleAuthResponse(\n response: any,\n finalOptions: AuthRequestOptions,\n localState: Record = {}\n ){\n if ( response.code ){\n return this.exchangeAuthorizationCode( {\n redirect_uri: finalOptions.redirect_uri,\n client_id: finalOptions.client_id,\n code_verifier: localState.code_verifier,\n grant_type: 'authorization_code',\n code: response.code,\n } );\n } else {\n return response\n }\n }\n\n /**\n * Handle OAuth2 auth request result\n * @param tokenResult\n * @param authParams\n * @param finalOptions\n * @private\n */\n private async handleTokenResult( tokenResult: TokenResponse, authParams: AuthRequestOptions,\n finalOptions: IPlusAuthClientOptions ){\n await this.initialize( false )\n let user: any = {}\n if ( tokenResult.error ){\n throw new AuthenticationError( tokenResult.error, tokenResult.error_description )\n }\n let parsedIDToken: any;\n if ( tokenResult.id_token ){\n parsedIDToken = await validateIdToken( tokenResult.id_token, authParams.nonce!, finalOptions )\n if ( finalOptions.idTokenValidator && !await finalOptions.idTokenValidator( tokenResult.id_token ) ){\n return Promise.reject( new InvalidIdTokenError( 'Id Token validation failed' ) )\n }\n Object.keys( parsedIDToken ).forEach( key => {\n if ( !nonUserClaims.includes( key as any ) ){\n user[key] = parsedIDToken[key]\n }\n } )\n }\n\n if ( tokenResult.access_token ) {\n if ( finalOptions.requestUserInfo && this.options.endpoints?.userinfo_endpoint ) {\n const userInfoResult = await this.fetchUserInfo( tokenResult.access_token )\n if ( !userInfoResult.error ){\n user = { ...user, ...userInfoResult }\n }\n }\n }\n\n return {\n authParams,\n user,\n ...tokenResult,\n id_token: parsedIDToken,\n id_token_raw: tokenResult.id_token,\n scope: tokenResult.scope || authParams.scope,\n }\n }\n\n /**\n * Load stored state\n *\n * @param state\n * @private\n */\n private async loadState( state: string ){\n const rawStoredState = await this.stateStore.get( state )\n if ( !rawStoredState ){\n return Promise.reject( new StateNotFound( 'Local state not found', state ) )\n } else {\n await this.stateStore.del( state )\n }\n return rawStoredState\n }\n\n /**\n * Load user info by making request to providers `userinfo_endpoint`\n *\n * @param accessToken\n * @private\n */\n private async fetchUserInfo( accessToken: string ){\n return this.http( {\n method: 'GET',\n url: `${ this.options.endpoints!.userinfo_endpoint }`,\n requestType: 'json',\n headers: {\n 'Authorization': `Bearer ${ accessToken }`\n }\n } )\n }\n\n /**\n * Start monitoring End-User's session if the OIDC provider supports session management. See more at [OIDC Session\n * Management](https://openid.net/specs/openid-connect-session-1_0.html)\n *\n * @param sub End-User's id to for monitoring session\n * @param session_state string that represents the End-User's login state at the OP\n */\n private monitorSession( { sub, session_state }: SessionMonitorOptions ){\n const { client_id, endpoints } = this.options\n\n if ( !endpoints?.check_session_iframe ){\n console.warn( '\"check_session_iframe\" endpoint missing or session management is not supported by provider' )\n return\n }\n if ( !this.sessionCheckerFrame ){\n const sessionCheckCallback = async ( err: any )=>{\n if ( err ){\n this.emit( Events.USER_LOGOUT )\n } else {\n this.emit( Events.SESSION_CHANGE )\n try {\n await this.silentLogin( {}, {} )\n const storedAuth = await this.authStore.get( 'auth' )\n if ( storedAuth ){\n if ( storedAuth.user?.sub === sub && storedAuth.session_state ){\n this.sessionCheckerFrame!.start( storedAuth.session_state )\n }\n } else {\n this.emit( Events.USER_LOGOUT, null )\n }\n } catch ( e ) {\n this.emit( Events.USER_LOGOUT )\n return\n }\n }\n }\n\n this.sessionCheckerFrame = createSessionCheckerFrame( {\n url: endpoints.check_session_iframe,\n client_id: client_id,\n callback: sessionCheckCallback,\n checkInterval: this.options.checkSessionInterval,\n } )\n }\n\n this.sessionCheckerFrame.start( session_state )\n }\n\n private async onUserLogin( authObj: any ){\n const { expires_in, user, scope, access_token, id_token, refresh_token, session_state, id_token_raw } = authObj\n await this.authStore.set( 'auth', authObj )\n\n this.user = user\n this.scopes = scope?.split( ' ' );\n this.accessToken = access_token\n this.idToken = id_token\n this.idTokenRaw = id_token_raw\n this.refreshToken = refresh_token\n\n this.emit( Events.USER_LOGIN, authObj )\n if ( !window?.frameElement ) {\n if ( this.options.checkSession ) {\n this.monitorSession( { sub: user.sub || user.id, session_state } )\n }\n\n if ( expires_in !== undefined && this.options.autoSilentRenew ){\n const expiration = Number( expires_in ) - this.options.secondsToRefreshAccessTokenBeforeExp!\n const renew = () => {\n this.synchronizer.CallOnce( 'silent-login', async () => {\n try {\n await this.silentLogin()\n this.emit( Events.SILENT_RENEW_SUCCESS, null )\n } catch ( e ) {\n this.emit( Events.SILENT_RENEW_ERROR, e )\n }\n } )\n }\n if ( expiration >= 0 ){\n this._accessTokenExpireTimer!.start( expiration, async ()=> {\n renew()\n } )\n } else {\n renew()\n }\n }\n }\n }\n}\n","import { OIDCClient } from './client';\nimport type { IPlusAuthClientOptions } from './interfaces';\n\nexport * from './interfaces'\nexport * from './client'\nexport * from './constants'\nexport * from './helpers'\nexport * from './errors'\n\n/**\n * Create OIDC client with initializing it. It resolves issuer metadata, jwks keys and check if user is\n * authenticated in OpenId Connect provider.\n */\nexport default function createOIDCClient( options: IPlusAuthClientOptions ): Promise{\n return new OIDCClient( options ).initialize()\n}\n"],"names":["Events","USER_LOGOUT","USER_LOGIN","SILENT_RENEW_SUCCESS","SILENT_RENEW_ERROR","SESSION_CHANGE","OIDCClientError","Error","error","error_description","name","AuthenticationError","constructor","state","error_uri","StateNotFound","InvalidJWTError","details","InvalidIdTokenError","InteractionCancelled","StateStore","prefix","LocalStorageStateStore","get","key","Promise","resolve","value","window","localStorage","getItem","JSON","parse","set","setItem","stringify","del","removeItem","clear","before","i","storedKeys","length","substring","push","storedItem","created_at","e","InMemoryStateStore","map","forEach","val","ind","delete","Map","EventEmitter","once","event","fn","on","onArgs","off","apply","cb","callbacks","splice","emit","args","cbs","slice","len","Timer","start","duration","callback","expiration","now","_expiration","_timerHandle","stop","timerDuration","setInterval","clearInterval","currentTimeInMillisFunc","Date","_define_property","createHiddenFrame","iframe","document","createElement","style","width","height","position","visibility","display","title","ariaHidden","runIframe","url","options","reject","onLoadTimeoutId","timeoutSetTimeoutId","setTimeout","removeIframe","timeout","iframeEventHandler","origin","eventOrigin","data","type","eventSource","source","close","resp","response","clearTimeout","body","contains","removeChild","removeEventListener","onLoadTimeout","addEventListener","appendChild","setAttribute","onload","isValidIssuer","issuer","URL","includes","protocol","search","hash","buildEncodedQueryString","obj","appendable","ret","d","hasOwnProperty","encodeURIComponent","join","parseQueryUrl","result","trim","replace","params","split","paramAndValue","parts","decodeURIComponent","shift","urlSafe","buffer","encoded","fromByteArray","Uint8Array","request","headers","method","requestType","fetch","then","json","catch","CHARSET","getRandomBytes","n","crypto","self","msCrypto","QUOTA","a","getRandomValues","subarray","Math","min","generateRandom","out","charsLen","maxByte","buf","ceil","randomByte","charAt","deriveChallenge","code","subtle","digest","TextEncoder","encode","urlDecodeB64","input","atob","c","charCodeAt","toString","parseJwt","jwt","header","payload","validateIdToken","id_token","nonce","validateJwt","message","isIdToken","clockSkew","currentTimeInMillis","audience","client_id","iss","aud","Array","isArray","indexOf","azp","lowerNow","upperNow","floor","iat","Number","nbf","exp","nonUserClaims","DEFAULT_CHECK_INTERVAL","createSessionCheckerFrame","checkInterval","internalSessionState","idx","frameOrigin","substr","frame","timer","load","sessionState","send","contentWindow","postMessage","cleanUndefined","object","merge","previousValue","currentValue","p","undefined","mergeObjects","objects","reduce","isResponseType","response_type","filter","rt","isScopeIncluded","scope","scopes","openPopup","left","screenX","innerWidth","top","screenY","innerHeight","open","runPopup","popup","location","href","timeoutId","closeId","clearHandlers","messageListener","closed","currentTabId","performance","random","handlers","TabUtils","CallOnce","lockname","localStorageKey","keyPrefix","BroadcastMessageToAllTabs","messageId","eventData","x","events","timeStamp","getTime","OnBroadcastMessage","ev","newValue","messageData","kid","fallbackEvents","OIDCClient","initialize","checkLogin","initialized","__initializePromise","stateStore","init","authStore","endpoints","Object","keys","fetchFromIssuer","frameElement","silentLogin","login","localState","assign","createAuthRequest","loginWithPopup","popupOptions","response_mode","request_type","authParams","loadState","tokenResult","handleAuthResponse","authObject","handleTokenResult","session_state","synchronizer","loginCallback","parsedUrl","responseParams","rawStoredState","parent","host","opener","logout","localOnly","storedAuth","id_token_hint","id_token_raw","createLogoutRequest","revokeToken","token","revocation_endpoint","finalOptions","client_secret","token_type_hint","http","finalState","prompt","silent_redirect_uri","redirect_uri","useRefreshToken","refresh_token","exchangeRefreshToken","authUrl","silentRequestTimeout","getAccessToken","access_token","getRefreshToken","getIdToken","getExpiresIn","expires_in","getIdTokenRaw","getScopes","getUser","user","isLoggedIn","existsOnLocal","authorization_endpoint","code_verifier","stateLength","ui_locales","claims","claims_locales","acr_values","registration","login_hint","web_message_uri","web_message_target","extraParams","nonceLength","code_challenge","code_challenge_method","fragment","authParamsString","end_session_endpoint","logoutParams","post_logout_redirect_uri","extraLogoutParams","exchangeAuthorizationCode","token_endpoint","extraTokenHeaders","extraTokenParams","rest","mergedOptions","grant_type","req","requestUrl","issuer_metadata","prop","endsWith","parsedIDToken","idTokenValidator","requestUserInfo","userinfo_endpoint","userInfoResult","fetchUserInfo","accessToken","sub","check_session_iframe","console","warn","sessionCheckerFrame","sessionCheckCallback","err","checkSessionInterval","onUserLogin","authObj","idToken","idTokenRaw","refreshToken","checkSession","monitorSession","id","autoSilentRenew","secondsToRefreshAccessTokenBeforeExp","renew","_accessTokenExpireTimer","btoa","httpClient","bind","createOIDCClient"],"mappings":";;;;;;AAAA,+CACO,MAAMA,MAAS,GAAA;IACpBC,WAAsB,EAAA,aAAA;IACtBC,UAAsB,EAAA,YAAA;IACtBC,oBAAsB,EAAA,sBAAA;IACtBC,kBAAsB,EAAA,oBAAA;IACtBC,cAAsB,EAAA,gBAAA;AACxB;;;;;;;;;;;;;;;ACPO,MAAMC,eAAwBC,SAAAA,KAAAA,CAAAA;IAKnC,WAAoBC,CAAAA,KAAa,EAAEC,iBAA0B,CAAG;AAC9D,QAAA,KAAK,CAAE,CAAC,EAAGD,KAAAA,CAAO,EAAGC,iBAAAA,IAAqB,CAAC,GAAG,EAAGA,iBAAAA,CAAmB,CAAC,IAAI,GAAI,CAAC,CAAA,CAAA;AALhFD,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,SAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAC,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,qBAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAIE,IAAI,CAACC,IAAI,GAAG,iBAAA,CAAA;QACZ,IAAI,CAACF,KAAK,GAAGA,KAAAA,CAAAA;QACb,IAAI,CAACC,iBAAiB,GAAGA,iBAAAA,CAAAA;AAC3B,KAAA;AACF,CAAA;AAEO,MAAME,mBAA4BL,SAAAA,eAAAA,CAAAA;AAKvCM,IAAAA,WAAAA,CAAaJ,KAAa,EAAEC,iBAA0B,EAAEI,KAAc,EAAEC,SAAkB,CAAG;AAC3F,QAAA,KAAK,CAAEN,KAAOC,EAAAA,iBAAAA,CAAAA,CAAAA;AALhBI,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,SAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAC,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,aAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAIE,IAAI,CAACJ,IAAI,GAAG,qBAAA,CAAA;QACZ,IAAI,CAACG,KAAK,GAAGA,KAAAA,CAAAA;QACb,IAAI,CAACC,SAAS,GAAGA,SAAAA,CAAAA;AACnB,KAAA;AACF,CAAA;AAEO,MAAMC,aAAsBJ,SAAAA,mBAAAA,CAAAA;IAGjCC,WAAaJ,CAAAA,KAAa,EAAEK,KAAc,CAAG;AAC3C,QAAA,KAAK,CAAEL,KAAAA,CAAAA,CAAAA;AAHTK,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,SAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAIE,IAAI,CAACH,IAAI,GAAG,eAAA,CAAA;QACZ,IAAI,CAACG,KAAK,GAAGA,KAAAA,CAAAA;AACf,KAAA;AACF,CAAA;AAEO,MAAMG,eAAwBV,SAAAA,eAAAA,CAAAA;AACnCM,IAAAA,WAAAA,CAAaK,OAAe,CAAG;AAC7B,QAAA,KAAK,CAAEA,OAAAA,CAAAA,CAAAA;QACP,IAAI,CAACP,IAAI,GAAG,iBAAA,CAAA;QACZ,IAAI,CAACD,iBAAiB,GAAGQ,OAAAA,CAAAA;AAC3B,KAAA;AACF,CAAA;AAEO,MAAMC,mBAA4BF,SAAAA,eAAAA,CAAAA;AACvCJ,IAAAA,WAAAA,CAAaK,OAAe,CAAG;AAC7B,QAAA,KAAK,CAAEA,OAAAA,CAAAA,CAAAA;QACP,IAAI,CAACP,IAAI,GAAG,qBAAA,CAAA;AACd,KAAA;AACF,CAAA;AAEO,MAAMS,oBAA6Bb,SAAAA,eAAAA,CAAAA;AACxCM,IAAAA,WAAAA,CAAaK,OAAe,CAAG;AAC7B,QAAA,KAAK,CAAEA,OAAAA,CAAAA,CAAAA;QACP,IAAI,CAACP,IAAI,GAAG,sBAAA,CAAA;AACd,KAAA;AACF;;;;;;;;;;;;;;;ACrDA;AACO,MAAeU,UAAAA,CAAAA;IAGpBR,WAAaS,CAAAA,MAAAA,GAAS,EAAE,CAAG;AAF3BA,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,UAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAGE,IAAI,CAACA,MAAM,GAAGA,MAAAA,CAAAA;AAChB,KAAA;AASF;;AChBO,MAAMC,sBAAwCF,SAAAA,UAAAA,CAAAA;AAKnDG,IAAAA,GAAAA,CAAKC,GAAW,EAAG;QACjB,OAAO,IAAIC,QAAmB,CAAEC,OAAAA,GAAAA;YAC9B,MAAMC,KAAAA,GAAQC,OAAOC,YAAY,CAACC,OAAO,CAAE,IAAI,CAACT,MAAM,GAAGG,GAAAA,CAAAA,CAAAA;AACzD,YAAA,IAAKG,KAAQ,EAAA;gBACXD,OAASK,CAAAA,IAAAA,CAAKC,KAAK,CAAEL,KAAAA,CAAAA,CAAAA,CAAAA;aAChB,MAAA;gBACLD,OAAS,CAAA,IAAA,CAAA,CAAA;AACX,aAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;IAEAO,GAAKT,CAAAA,GAAW,EAAEG,KAAQ,EAAG;QAC3B,OAAO,IAAIF,QAAe,CAAEC,OAAAA,GAAAA;YAC1BE,MAAOC,CAAAA,YAAY,CAACK,OAAO,CAAE,IAAI,CAACb,MAAM,GAAGG,GAAAA,EAAKO,IAAKI,CAAAA,SAAS,CAAER,KAAAA,CAAAA,CAAAA,CAAAA;AAChED,YAAAA,OAAAA,EAAAA,CAAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;AAEAU,IAAAA,GAAAA,CAAKZ,GAAW,EAAG;QACjB,OAAO,IAAIC,QAAe,CAAEC,OAAAA,GAAAA;AAC1BE,YAAAA,MAAAA,CAAOC,YAAY,CAACQ,UAAU,CAAE,IAAI,CAAChB,MAAM,GAAGG,GAAAA,CAAAA,CAAAA;AAC9CE,YAAAA,OAAAA,EAAAA,CAAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;AAEAY,IAAAA,KAAAA,CAAOC,MAAe,EAAkB;QACtC,OAAO,IAAId,QAAe,CAAEC,OAAAA,GAAAA;YAC1B,IAAIc,CAAAA,CAAAA;AACJ,YAAA,MAAMC,aAAuB,EAAE,CAAA;YAC/B,IAAMD,CAAAA,GAAI,GAAGA,CAAIZ,GAAAA,MAAAA,CAAOC,YAAY,CAACa,MAAM,EAAEF,CAAM,EAAA,CAAA;AAG5ChB,gBAAAA,IAAAA,IAAAA,CAAAA;AAFL,gBAAA,MAAMA,GAAMI,GAAAA,MAAAA,CAAOC,YAAY,CAACL,GAAG,CAAEgB,CAAAA,CAAAA,CAAAA;;AAErC,gBAAA,IAAKhB,EAAAA,IAAAA,GAAAA,GAAAA,MAAAA,IAAAA,IAAAA,IAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,IAAAA,CAAKmB,SAAS,CAAE,CAAA,EAAG,IAAI,CAACtB,MAAM,CAACqB,MAAM,MAAM,IAAI,CAACrB,MAAM,EAAG;AAC5DoB,oBAAAA,UAAAA,CAAWG,IAAI,CAAEpB,GAAAA,CAAAA,CAAAA;AACnB,iBAAA;AACF,aAAA;AACA,YAAA,IAAMgB,IAAI,CAAGA,EAAAA,CAAAA,GAAIC,UAAWC,CAAAA,MAAM,EAAEF,CAAM,EAAA,CAAA;AACxC,gBAAA,IAAKD,MAAS,EAAA;oBACZ,IAAI;wBACF,MAAMM,UAAAA,GAAad,IAAKC,CAAAA,KAAK,CAAEJ,MAAAA,CAAOC,YAAY,CAACC,OAAO,CAAEW,UAAU,CAACD,CAAE,CAAA,CAAA,CAAA,CAAA;wBACzE,IAAKK,UAAAA,CAAWC,UAAU,GAAGP,MAAS,EAAA;AACpCX,4BAAAA,MAAAA,CAAOC,YAAY,CAACQ,UAAU,CAAEI,UAAU,CAACD,CAAE,CAAA,CAAA,CAAA;AAC/C,yBAAA;qBACA,CAAA,OAAQO,GAAI,EACd;iBACK,MAAA;AACLnB,oBAAAA,MAAAA,CAAOC,YAAY,CAACQ,UAAU,CAAEI,UAAU,CAACD,CAAE,CAAA,CAAA,CAAA;AAC/C,iBAAA;AACF,aAAA;AACAd,YAAAA,OAAAA,EAAAA,CAAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;IAvDAd,WAAaS,CAAAA,MAAAA,GAAS,UAAU,CAAG;AACjC,QAAA,KAAK,CAAEA,MAAAA,CAAAA,CAAAA;AACT,KAAA;AAsDF;;;;;;;;;;;;;;;ACzDO,MAAM2B,kBAAoC5B,SAAAA,UAAAA,CAAAA;AAG/CkB,IAAAA,KAAAA,CAAOC,MAAe,EAAG;AACvB,QAAA,IAAKA,MAAQ,EAAA;AACX,YAAA,IAAI,CAACU,GAAG,CAACC,OAAO,CAAE,CAAEC,GAAKC,EAAAA,GAAAA,GAAAA;gBACvB,IAAKD,GAAAA,CAAIL,UAAU,GAAGP,MAAQ,EAAA;AAC5B,oBAAA,IAAI,CAACU,GAAG,CAACI,MAAM,CAAED,GAAAA,CAAAA,CAAAA;AACnB,iBAAA;AACF,aAAA,CAAA,CAAA;AACA,YAAA,OAAO3B,QAAQC,OAAO,EAAA,CAAA;SACjB,MAAA;AACL,YAAA,OAAOD,QAAQC,OAAO,CAAE,IAAI,CAACuB,GAAG,CAACX,KAAK,EAAA,CAAA,CAAA;AACxC,SAAA;AACF,KAAA;AAEAF,IAAAA,GAAAA,CAAKZ,GAAW,EAAG;AACjB,QAAA,IAAI,CAACyB,GAAG,CAACI,MAAM,CAAE7B,GAAAA,CAAAA,CAAAA;AACjB,QAAA,OAAOC,QAAQC,OAAO,EAAA,CAAA;AACxB,KAAA;AAEAH,IAAAA,GAAAA,CAAKC,GAAW,EAAG;QACjB,OAAOC,OAAAA,CAAQC,OAAO,CAAE,IAAI,CAACuB,GAAG,CAAC1B,GAAG,CAAEC,GAAS,CAAA,IAAA,IAAA,CAAA,CAAA;AACjD,KAAA;IAEAS,GAAKT,CAAAA,GAAW,EAAEG,KAAU,EAAG;AAC7B,QAAA,IAAI,CAACsB,GAAG,CAAChB,GAAG,CAAET,GAAKG,EAAAA,KAAAA,CAAAA,CAAAA;AACnB,QAAA,OAAOF,QAAQC,OAAO,EAAA,CAAA;AACxB,KAAA;;;AA3BAuB,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,OAAM,IAAIK,GAAAA,EAAAA,CAAAA,CAAAA;;AA4BZ;;;;;;;;;;;;;;;AC7BO,MAAMC,YAAAA,CAAAA;IAOXC,IAAMC,CAAAA,KAAQ,EAAEC,EAA8B,EAAE;QAC9C,SAASC,EAAAA,CAA6B,GAAGC,MAAa,EAAA;YACpD,IAAI,CAACC,GAAG,CAAEJ,KAAOE,EAAAA,EAAAA,CAAAA,CAAAA;YACjBD,EAAGI,CAAAA,KAAK,CAAE,IAAI,EAAEF,MAAAA,CAAAA,CAAAA;AAClB,SAAA;AACAD,QAAAA,EAAAA,CAAGD,EAAE,GAAGA,EAAAA,CAAAA;QACR,IAAI,CAACC,EAAE,CAAEF,KAAOE,EAAAA,EAAAA,CAAAA,CAAAA;AAChB,QAAA,OAAO,IAAI,CAAA;AACb,KAAA;IAEAA,EAAIF,CAAAA,KAAQ,EAAEM,EAA8B,EAAE;QAC5C,IAAK,CAAC,IAAI,CAACC,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAAA,CAAO,CAAC,CAAC,EAAG,IAAI,CAACO,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,GAAG,EAAE,CAAA;QACxE,IAAI,CAACO,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAAA,CAAO,CAAC,CAAC,CAACb,IAAI,CAAEmB,EAAAA,CAAAA,CAAAA;AACpC,QAAA,OAAO,IAAI,CAAA;AACb,KAAA;IAEAF,GAAKJ,CAAAA,KAAS,EAAEC,EAA+B,EAAE;AAC/C,QAAA,IAAK,CAACD,KAAQ,EAAA;YACZ,IAAI,CAACO,SAAS,GAAG,EAAC,CAAA;AAClB,YAAA,OAAO,IAAI,CAAA;AACb,SAAA;;QAGA,MAAMA,SAAAA,GAAY,IAAI,CAACA,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,CAAA;QAC/C,IAAK,CAACO,SAAY,EAAA,OAAO,IAAI,CAAA;;AAG7B,QAAA,IAAK,CAACN,EAAK,EAAA;YACT,OAAO,IAAI,CAACM,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,CAAA;AACpC,YAAA,OAAO,IAAI,CAAA;AACb,SAAA;AAEA,QAAA,IAAM,IAAIjB,CAAI,GAAA,CAAA,EAAGA,IAAIwB,SAAUtB,CAAAA,MAAM,EAAEF,CAAM,EAAA,CAAA;YAC3C,MAAMuB,EAAAA,GAAKC,SAAS,CAACxB,CAAE,CAAA,CAAA;AACvB,YAAA,IAAKuB,EAAOL,KAAAA,EAAAA,IAAMK,EAAGL,CAAAA,EAAE,KAAKA,EAAK,EAAA;gBAC/BM,SAAUC,CAAAA,MAAM,CAAEzB,CAAG,EAAA,CAAA,CAAA,CAAA;AACrB,gBAAA,MAAA;AACF,aAAA;AACF,SAAA;;;QAIA,IAAKwB,SAAAA,CAAUtB,MAAM,KAAK,CAAI,EAAA;YAC5B,OAAO,IAAI,CAACsB,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,CAAA;AACtC,SAAA;AAEA,QAAA,OAAO,IAAI,CAAA;AACb,KAAA;AAEAS,IAAAA,IAAAA,CAAMT,KAAQ,EAAE,GAAGU,IAAW,EAAE;QAC9B,IAAIC,GAAAA,GAAM,IAAI,CAACJ,SAAS,CAAC,CAAC,CAAC,EAAGP,KAAO,CAAA,CAAC,CAAC,CAAA;AACvC,QAAA,IAAKW,GAAM,EAAA;YACTA,GAAMA,GAAAA,GAAAA,CAAIC,KAAK,CAAE,CAAA,CAAA,CAAA;YACjB,IAAM,IAAI7B,CAAI,GAAA,CAAA,EAAG8B,GAAMF,GAAAA,GAAAA,CAAI1B,MAAM,EAAEF,CAAAA,GAAI8B,GAAK,EAAA,EAAE9B,CAAI,CAAA;AAChD4B,gBAAAA,GAAG,CAAC5B,CAAE,CAAA,CAACsB,KAAK,CAAE,IAAI,EAAEK,IAAAA,CAAAA,CAAAA;AACtB,aAAA;AACF,SAAA;AACA,QAAA,OAAO,IAAI,CAAA;AACb,KAAA;IA9DAvD,WAAa,EAAA;AAFboD,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,aAAAA,KAAAA,CAAAA,CAAAA,CAAAA;QAGE,IAAI,CAACA,SAAS,GAAG,EAAC,CAAA;AACpB,KAAA;AA6DF;;;;;;;;;;;;;;;ACpEO,MAAMO,KAAAA,CAAAA;IAWXC,KAAOC,CAAAA,QAAgB,EAAEC,QAAoB,EAAE;AAC7C,QAAA,IAAKD,YAAY,CAAI,EAAA;YACnBA,QAAW,GAAA,CAAA,CAAA;AACb,SAAA;AACA,QAAA,MAAME,UAAa,GAAA,IAAI,CAACC,GAAG,KAAK,IAAOH,GAAAA,QAAAA,CAAAA;QACvC,IAAK,IAAI,CAACI,WAAW,KAAKF,cAAc,IAAI,CAACG,YAAY,EAAG;AAC1D,YAAA,OAAA;AACF,SAAA;AAEA,QAAA,IAAI,CAACC,IAAI,EAAA,CAAA;QAET,IAAI,CAACF,WAAW,GAAGF,UAAAA,CAAAA;;AAGnB,QAAA,IAAIK,aAAgB,GAAA,CAAA,CAAA;AACpB,QAAA,IAAKP,WAAWO,aAAgB,EAAA;YAC9BA,aAAgBP,GAAAA,QAAAA,CAAAA;AAClB,SAAA;QACA,IAAI,CAACK,YAAY,GAAGG,WAAa,CAAA,IAAA;YAC/B,IAAK,IAAI,CAACJ,WAAW,IAAI,IAAI,CAACD,GAAG,KAAK,IAAO,EAAA;AAC3C,gBAAA,IAAI,CAACG,IAAI,EAAA,CAAA;AACTL,gBAAAA,QAAAA,EAAAA,CAAAA;AACF,aAAA;AACF,SAAA,EAAGM,aAAgB,GAAA,IAAA,CAAA,CAAA;AACrB,KAAA;IAEAD,IAAO,GAAA;QACL,IAAK,IAAI,CAACD,YAAY,EAAG;YACvBI,aAAe,CAAA,IAAI,CAACJ,YAAY,CAAA,CAAA;YAChC,IAAI,CAACA,YAAY,GAAG,IAAA,CAAA;AACtB,SAAA;AACF,KAAA;AAnCAlE,IAAAA,WAAAA,CAAauE,uBAA0B,GAAA,IAAMC,IAAKR,CAAAA,GAAG,EAAE,CAAG;AAN1D,QAAAS,kBAAA,CAAA,IAAA,EAAQT,OAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAAS,kBAAA,CAAA,IAAA,EAAQP,gBAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAAO,kBAAA,CAAA,IAAA,EAAQR,eAAR,KAAA,CAAA,CAAA,CAAA;QAGE,IAAI,CAACD,GAAG,GAAGO,uBAAAA,CAAAA;AACb,KAAA;AAkCF;;ACxCO,SAASG,iBAAAA,GAAAA;AACd,IAAA,MAAMC,MAAS3D,GAAAA,MAAAA,CAAO4D,QAAQ,CAACC,aAAa,CAAE,QAAA,CAAA,CAAA;IAC9CF,MAAOG,CAAAA,KAAK,CAACC,KAAK,GAAG,GAAA,CAAA;IACrBJ,MAAOG,CAAAA,KAAK,CAACE,MAAM,GAAG,GAAA,CAAA;IACtBL,MAAOG,CAAAA,KAAK,CAACG,QAAQ,GAAG,UAAA,CAAA;IACxBN,MAAOG,CAAAA,KAAK,CAACI,UAAU,GAAG,QAAA,CAAA;IAC1BP,MAAOG,CAAAA,KAAK,CAACK,OAAO,GAAG,MAAA,CAAA;AAEvBR,IAAAA,MAAAA,CAAOS,KAAK,GAAG,qBAAA,CAAA;AACfT,IAAAA,MAAAA,CAAOU,UAAU,GAAG,MAAA,CAAA;IAEpB,OAAOV,MAAAA,CAAAA;AACT,CAAA;AAEO,SAASW,SAAAA,CACdC,GAAW,EACXC,OAAsB,EAAA;IAEtB,OAAO,IAAI3E,OAAc,CAAA,CAAEC,OAAS2E,EAAAA,MAAAA,GAAAA;AAClC,QAAA,IAAIC,eAAuB,GAAA,IAAA,CAAA;AAC3B,QAAA,MAAMf,MAASD,GAAAA,iBAAAA,EAAAA,CAAAA;AAEf,QAAA,MAAMiB,sBAAsBC,UAAY,CAAA,IAAA;AACtCH,YAAAA,MAAAA,CAAQ,IAAI/F,eAAiB,CAAA,WAAA,CAAA,CAAA,CAAA;AAC7BmG,YAAAA,YAAAA,EAAAA,CAAAA;AACF,SAAA,EAAG,CAAEL,OAAAA,CAAQM,OAAO,IAAI,EAAC,IAAM,IAAA,CAAA,CAAA;AAE/B,QAAA,MAAMC,qBAAsB,CAAE5D,CAAAA,GAAAA;AAC5B,YAAA,IAAKA,CAAE6D,CAAAA,MAAM,IAAIR,OAAAA,CAAQS,WAAW,EAAG,OAAA;YACvC,IAAK,CAAC9D,EAAE+D,IAAI,IAAI/D,EAAE+D,IAAI,CAACC,IAAI,KAAK,wBAA2B,EAAA,OAAA;YAC3D,MAAMC,WAAAA,GAAcjE,EAAEkE,MAAM,CAAA;AAC5B,YAAA,IAAKD,WAAc,EAAA;AACVA,gBAAAA,WAAAA,CAAcE,KAAK,EAAA,CAAA;AAC5B,aAAA;AAEA,YAAA,MAAMC,OAAOpE,CAAE+D,CAAAA,IAAI,CAACM,QAAQ,IAAIrE,EAAE+D,IAAI,CAAA;AACtCK,YAAAA,IAAAA,CAAK3G,KAAK,GACN6F,MAAAA,CAAQ,IAAI1F,mBAAqBwG,CAAAA,IAAAA,CAAK3G,KAAK,EAAE2G,IAAAA,CAAK1G,iBAAiB,EAAE0G,IAAAA,CAAKtG,KAAK,EAAEsG,IAAAA,CAAKrG,SAAS,CAC/FY,CAAAA,GAAAA,OAAAA,CAASqB,EAAE+D,IAAI,CAAA,CAAA;YACnBO,YAAcd,CAAAA,mBAAAA,CAAAA,CAAAA;AACdE,YAAAA,YAAAA,EAAAA,CAAAA;AACF,SAAA,CAAA;AAEA,QAAA,MAAMA,YAAe,GAAA,IAAA;AACnB,YAAA,IAAKH,mBAAmB,IAAM,EAAA;gBAC5Be,YAAcf,CAAAA,eAAAA,CAAAA,CAAAA;AAChB,aAAA;AACA,YAAA,IAAK1E,OAAO4D,QAAQ,CAAC8B,IAAI,CAACC,QAAQ,CAAEhC,MAAW,CAAA,EAAA;AAC7C3D,gBAAAA,MAAAA,CAAO4D,QAAQ,CAAC8B,IAAI,CAACE,WAAW,CAAEjC,MAAAA,CAAAA,CAAAA;AACpC,aAAA;YACA3D,MAAO6F,CAAAA,mBAAmB,CAAE,SAAA,EAAWd,kBAAoB,EAAA,KAAA,CAAA,CAAA;AAC7D,SAAA,CAAA;QAEA,MAAMe,aAAAA,GAAgB,IAAMlB,UAAY,CAAA,IAAA;gBACtCH,MAAQ,CAAA,IAAI/F,gBAAiB,0CAA4C6F,EAAAA,GAAAA,CAAAA,CAAAA,CAAAA;AACzEM,gBAAAA,YAAAA,EAAAA,CAAAA;aACC,EAAA,GAAA,CAAA,CAAA;QAIH7E,MAAO+F,CAAAA,gBAAgB,CAAE,SAAA,EAAWhB,kBAAoB,EAAA,KAAA,CAAA,CAAA;AACxD/E,QAAAA,MAAAA,CAAO4D,QAAQ,CAAC8B,IAAI,CAACM,WAAW,CAAErC,MAAAA,CAAAA,CAAAA;QAClCA,MAAOsC,CAAAA,YAAY,CAAE,KAAO1B,EAAAA,GAAAA,CAAAA,CAAAA;AAE5B;;;QAIAZ,MAAAA,CAAOuC,MAAM,GAAG,WAAA;YACdxB,eAAkBoB,GAAAA,aAAAA,EAAAA,CAAAA;AACpB,SAAA,CAAA;AACF,KAAA,CAAA,CAAA;AACF;;ACvEA,IAAA,eAAA,GAAwB,cAAa;AACrC;AACA,IAAI,MAAM,GAAG,GAAE;AAGf;AACA,IAAI,IAAI,GAAG,mEAAkE;AAC7E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC,EAAE;AACjD,EAAE,MAAM,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,EAAC;AAErB,CAAC;AAmFD;AACA,SAAS,eAAe,EAAE,GAAG,EAAE;AAC/B,EAAE,OAAO,MAAM,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC;AACjC,IAAI,MAAM,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC;AAC5B,IAAI,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC;AAC3B,IAAI,MAAM,CAAC,GAAG,GAAG,IAAI,CAAC;AACtB,CAAC;AACD;AACA,SAAS,WAAW,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE;AACzC,EAAE,IAAI,IAAG;AACT,EAAE,IAAI,MAAM,GAAG,GAAE;AACjB,EAAE,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,EAAE;AACvC,IAAI,GAAG;AACP,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,QAAQ;AAClC,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC;AACpC,OAAO,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,IAAI,EAAC;AAC3B,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAC;AACrC,GAAG;AACH,EAAE,OAAO,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;AACxB,CAAC;AACD;AACA,SAAS,aAAa,EAAE,KAAK,EAAE;AAC/B,EAAE,IAAI,IAAG;AACT,EAAE,IAAI,GAAG,GAAG,KAAK,CAAC,OAAM;AACxB,EAAE,IAAI,UAAU,GAAG,GAAG,GAAG,EAAC;AAC1B,EAAE,IAAI,KAAK,GAAG,GAAE;AAChB,EAAE,IAAI,cAAc,GAAG,MAAK;AAC5B;AACA;AACA,EAAE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,GAAG,GAAG,GAAG,UAAU,EAAE,CAAC,GAAG,IAAI,EAAE,CAAC,IAAI,cAAc,EAAE;AAC1E,IAAI,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC,EAAE,CAAC,CAAC,GAAG,cAAc,IAAI,IAAI,GAAG,IAAI,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC,EAAC;AAChG,GAAG;AACH;AACA;AACA,EAAE,IAAI,UAAU,KAAK,CAAC,EAAE;AACxB,IAAI,GAAG,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,EAAC;AACxB,IAAI,KAAK,CAAC,IAAI;AACd,MAAM,MAAM,CAAC,GAAG,IAAI,CAAC,CAAC;AACtB,MAAM,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC;AAC/B,MAAM,IAAI;AACV,MAAK;AACL,GAAG,MAAM,IAAI,UAAU,KAAK,CAAC,EAAE;AAC/B,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,GAAG,GAAG,CAAC,EAAC;AAChD,IAAI,KAAK,CAAC,IAAI;AACd,MAAM,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC;AACvB,MAAM,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC;AAC/B,MAAM,MAAM,CAAC,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC;AAC/B,MAAM,GAAG;AACT,MAAK;AACL,GAAG;AACH;AACA,EAAE,OAAO,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;AACvB;;ACnJO,SAASK,cAAeC,MAAc,EAAA;IAC3C,IAAI;QACF,MAAM7B,GAAAA,GAAM,IAAI8B,GAAKD,CAAAA,MAAAA,CAAAA,CAAAA;AACrB,QAAA,IAAK,CAAC;AAAC,YAAA,OAAA;AAAS,YAAA,QAAA;AAAS,SAAA,CAACE,QAAQ,CAAE/B,GAAIgC,CAAAA,QAAQ,CAAI,EAAA;YAClD,OAAO,KAAA,CAAA;AACT,SAAA;AACA,QAAA,IAAKhC,IAAIiC,MAAM,KAAK,MAAMjC,GAAIkC,CAAAA,IAAI,KAAK,EAAI,EAAA;YACzC,OAAO,KAAA,CAAA;AACT,SAAA;QACA,OAAO,IAAA,CAAA;AACT,KAAA,CAAE,OAAQtF,CAAG,EAAA;QACX,OAAO,KAAA,CAAA;AACT,KAAA;AACF,CAAA;AACO,SAASuF,uBAAAA,CAAyBC,GAAyB,EACzBC,aAAa,IAAI,EAAA;IACxD,IAAK,CAACD,KAAM,OAAO,EAAA,CAAA;AACnB,IAAA,MAAME,MAAgB,EAAE,CAAA;IACxB,IAAM,MAAMC,KAAKH,GAAM,CAAA;AACrB,QAAA,IAAKA,IAAII,cAAc,CAAED,MAAOH,GAAG,CAACG,EAAE,EAAG;YACvCD,GAAI7F,CAAAA,IAAI,CAAE,CAAC,EACTgG,kBAAAA,CAAoBF,CACrB,CAAA,CAAA,CAAC,EACAE,kBAAAA,CAAoB,OAAOL,GAAG,CAACG,CAAAA,CAAE,KAAK,QAAW3G,GAAAA,IAAAA,CAAKI,SAAS,CAAEoG,GAAG,CAACG,CAAE,CAAA,CAAA,GAAKH,GAAG,CAACG,CAAE,CAAA,CAAA,CACnF,CAAC,CAAA,CAAA;AACJ,SAAA;AACF,KAAA;IACA,OAAO,CAAC,EAAGF,UAAAA,GAAa,GAAM,GAAA,EAAA,CAAI,EAAGC,GAAII,CAAAA,IAAI,CAAE,GAAA,CAAA,CAAO,CAAC,CAAA;AACzD,CAAA;AAEO,SAASC,cAAenH,KAAa,EAAA;AAC1C,IAAA,MAAMoH,SAAiC,EAAC,CAAA;AACxCpH,IAAAA,KAAAA,GAAQA,KAAMqH,CAAAA,IAAI,EAAGC,CAAAA,OAAO,CAAE,WAAa,EAAA,EAAA,CAAA,CAAA;IAC3C,MAAMC,MAAAA,GAASvH,KAAMwH,CAAAA,KAAK,CAAE,GAAA,CAAA,CAAA;IAC5B,IAAM,IAAI3G,IAAI,CAAGA,EAAAA,CAAAA,GAAI0G,OAAOxG,MAAM,EAAEF,KAAK,CAAI,CAAA;QAC3C,MAAM4G,aAAAA,GAAgBF,MAAM,CAAC1G,CAAE,CAAA,CAAA;QAC/B,MAAM6G,KAAAA,GAAQD,aAAcD,CAAAA,KAAK,CAAE,GAAA,CAAA,CAAA;QACnC,MAAM3H,GAAAA,GAAM8H,kBAAoBD,CAAAA,KAAAA,CAAME,KAAK,EAAA,CAAA,CAAA;QAC3C,MAAM5H,KAAAA,GAAQ0H,MAAM3G,MAAM,GAAG,IAAI2G,KAAMR,CAAAA,IAAI,CAAE,GAAQ,CAAA,GAAA,EAAA,CAAA;QACrDE,MAAM,CAACvH,GAAI,CAAA,GAAG8H,kBAAoB3H,CAAAA,KAAAA,CAAAA,CAAAA;AACpC,KAAA;IACA,OAAOoH,MAAAA,CAAAA;AACT,CAAA;AAEO,SAASS,QAASC,MAAkB,EAAA;IACzC,MAAMC,OAAAA,GAAUC,eAAe,CAAA,IAAIC,UAAYH,CAAAA,MAAAA,CAAAA,CAAAA,CAAAA;IAC/C,OAAOC,OAAAA,CAAQT,OAAO,CAAE,KAAO,EAAA,GAAA,CAAA,CAAMA,OAAO,CAAE,KAAO,EAAA,GAAA,CAAA,CAAMA,OAAO,CAAE,IAAM,EAAA,EAAA,CAAA,CAAA;AAC5E;;ACvCO,SAASY,QAASzD,OAAuB,EAAA;AAC9C,IAAA,IAAIkB,IAAY,GAAA,IAAA,CAAA;AAChB,IAAA,IAAIwC,OAAU1D,GAAAA,OAAAA,CAAQ0D,OAAO,IAAI,EAAC,CAAA;IAClC,IAAK1D,OAAAA,CAAQ2D,MAAM,KAAK,MAAQ,EAAA;QAC9BD,OAAU,GAAA;AACR,YAAA,cAAA,EAAgB1D,OAAQ4D,CAAAA,WAAW,KAAK,MAAA,GAAS,iDAC/C,GAAA,gCAAA;AACF,YAAA,GAAGF,OAAO;AACZ,SAAA,CAAA;AACF,KAAA;IACA,IAAK1D,OAAAA,CAAQkB,IAAI,EAAE;AACjBA,QAAAA,IAAAA,GAAOlB,OAAQ4D,CAAAA,WAAW,KAAK,MAAA,GAAS1B,uBAAyBlC,CAAAA,OAAAA,CAAQkB,IAAI,EAAE,KAC3EvF,CAAAA,GAAAA,IAAAA,CAAKI,SAAS,CAAEiE,QAAQkB,IAAI,CAAA,CAAA;AAClC,KAAA;IAEA,OAAO,IAAI7F,OAAS,CAAA,CAAEC,OAAS2E,EAAAA,MAAAA,GAAAA;QAC7B4D,KAAO7D,CAAAA,OAAAA,CAAQD,GAAG,EAAE;AAClB4D,YAAAA,MAAAA,EAAQ3D,QAAQ2D,MAAM;YACtBzC,IAAQA,EAAAA,IAAAA;AACRwC,YAAAA,OAAAA;SAECI,CAAAA,CAAAA,IAAI,CAAE,CAAEvI,KAAAA,GAAqBD,QAASC,KAAMwI,CAAAA,IAAI,EAChDC,CAAAA,CAAAA,CAAAA,KAAK,CAAE/D,MAAAA,CAAAA,CAAAA;AACZ,KAAA,CAAA,CAAA;AACF;;AC7BA,MAAMgE,OAAU,GAAA,gEAAA,CAAA;AAEhB,SAASC,eAAgBC,CAAS,EAAA;;AAEhC,IAAA,MAAMC,UAASC,IAAKD,CAAAA,MAAM,IAAIC,IAAKC,CAAAA,QAAQ,EAAEC,KAAQ,GAAA,KAAA,CAAA;IACrD,MAAMC,CAAAA,GAAI,IAAIhB,UAAYW,CAAAA,CAAAA,CAAAA,CAAAA;AAC1B,IAAA,IAAM,IAAI/H,CAAI,GAAA,CAAA,EAAGA,CAAI+H,GAAAA,CAAAA,EAAG/H,KAAKmI,KAAQ,CAAA;QACnCH,OAAOK,CAAAA,eAAe,CAAED,CAAAA,CAAEE,QAAQ,CAAEtI,CAAGA,EAAAA,CAAAA,GAAIuI,IAAKC,CAAAA,GAAG,CAAET,CAAAA,GAAI/H,CAAGmI,EAAAA,KAAAA,CAAAA,CAAAA,CAAAA,CAAAA;AAC9D,KAAA;IACA,OAAOC,CAAAA,CAAAA;AACT,CAAA;AAEO,SAASK,eAAgBvI,MAAc,EAAA;AAC5C,IAAA,IAAIwI,GAAM,GAAA,EAAA,CAAA;IACV,MAAMC,QAAAA,GAAWd,QAAQ3H,MAAM,CAAA;IAC/B,MAAM0I,OAAAA,GAAU,MAAM,GAAMD,GAAAA,QAAAA,CAAAA;AAC5B,IAAA,MAAQzI,SAAS,CAAI,CAAA;AACnB,QAAA,MAAM2I,MAAMf,cAAgBS,CAAAA,IAAAA,CAAKO,IAAI,CAAE5I,SAAS,GAAM0I,GAAAA,OAAAA,CAAAA,CAAAA,CAAAA;QACtD,IAAM,IAAI5I,IAAI,CAAGA,EAAAA,CAAAA,GAAI6I,IAAI3I,MAAM,IAAIA,MAAS,GAAA,CAAA,EAAGF,CAAM,EAAA,CAAA;YACnD,MAAM+I,UAAAA,GAAaF,GAAG,CAAC7I,CAAE,CAAA,CAAA;AACzB,YAAA,IAAK+I,aAAaH,OAAU,EAAA;gBAC1BF,GAAOb,IAAAA,OAAAA,CAAQmB,MAAM,CAAED,UAAaJ,GAAAA,QAAAA,CAAAA,CAAAA;AACpCzI,gBAAAA,MAAAA,EAAAA,CAAAA;AACF,aAAA;AACF,SAAA;AACF,KAAA;IACA,OAAOwI,GAAAA,CAAAA;AACT,CAAA;AAGO,SAASO,gBAAiBC,IAAY,EAAA;AAC3C,IAAA,IAAKA,KAAKhJ,MAAM,GAAG,MAAMgJ,IAAKhJ,CAAAA,MAAM,GAAG,GAAM,EAAA;QAC3C,OAAOjB,OAAAA,CAAQ4E,MAAM,CAAE,IAAI/F,eAAAA,CAAiB,CAAC,qBAAqB,EAAGoL,IAAAA,CAAKhJ,MAAM,CAAE,CAAC,CAAA,CAAA,CAAA;AACrF,KAAA;IAEA,OAAO,IAAIjB,OAAS,CAAA,CAAEC,OAAS2E,EAAAA,MAAAA,GAAAA;AAC7BmE,QAAAA,MAAAA,CAAOmB,MAAM,CAACC,MAAM,CAAE,SAAW,EAAA,IAAIC,WAAcC,EAAAA,CAAAA,MAAM,CAAEJ,IAAAA,CAAAA,CAAAA,CACxDxB,IAAI,CAAET,CAAAA,MAAAA,GAAAA;YACL,OAAO/H,OAAAA,CAAS8H,OAAS,CAAA,IAAII,UAAYH,CAAAA,MAAAA,CAAAA,CAAAA,CAAAA,CAAAA;AAC3C,SAAA,EAAG,SAAWjJ,KAAK,EAAA;uCAEjB,OAAO6F,MAAQ7F,CAAAA,KAAAA,CAAAA,CAAAA;AACjB,SAAA,CAAA,CAAA;AACJ,KAAA,CAAA,CAAA;AACF,CAAA;AACA;AACO,MAAMuL,eAAe,CAAEC,KAAAA,GAAmB1C,mBAC/C2C,IAAMD,CAAAA,KAAAA,CAAM/C,OAAO,CAAE,IAAA,EAAM,KAAMA,OAAO,CAAE,MAAM,GAC7CE,CAAAA,CAAAA,CAAAA,KAAK,CAAE,EACPlG,CAAAA,CAAAA,GAAG,CAAEiJ,CAAAA,CAAAA,GAAAA;AACJ,QAAA,OAAO,CAAC,CAAC,EAAG,CAAC,EAAE,EAAGA,EAAEC,UAAU,CAAE,GAAIC,QAAQ,CAAE,IAAM,CAAC,CAAC/H,KAAK,CAAE,CAAC,GAAK,CAAC,CAAA;KAErEwE,CAAAA,CAAAA,IAAI,CAAE,EACT,CAAA,CAAA,CAAA;AAIK,SAASwD,SAAUC,GAAW,EAAA;IACnC,IAAI;QACF,MAAMjD,KAAAA,GAAQiD,GAAInD,CAAAA,KAAK,CAAE,GAAA,CAAA,CAAA;QACzB,IAAKE,KAAAA,CAAM3G,MAAM,KAAK,CAAG,EAAA;AACvB,YAAA,MAAM,IAAInC,KAAO,CAAA,kBAAA,CAAA,CAAA;AACnB,SAAA;QACA,OAAO;AACLgM,YAAAA,MAAAA,EAASxK,KAAKC,KAAK,CAAE+J,YAAc1C,CAAAA,KAAK,CAAC,CAAE,CAAA,CAAA,CAAA;AAC3CmD,YAAAA,OAAAA,EAASzK,KAAKC,KAAK,CAAE+J,YAAc1C,CAAAA,KAAK,CAAC,CAAE,CAAA,CAAA,CAAA;AAC7C,SAAA,CAAA;AACF,KAAA,CAAE,OAAQtG,CAAG,EAAA;AACX,QAAA,MAAM,IAAI/B,eAAiB,CAAA,qBAAA,CAAA,CAAA;AAC7B,KAAA;AACF,CAAA;AAEO,SAASyL,eAAiBC,CAAAA,QAAgB,EAAEC,KAAa,EAAEvG,OAA+B,EAAA;AAC/F,IAAA,IAAK,CAACuG,KAAQ,EAAA;AACZ,QAAA,MAAM,IAAIrM,eAAiB,CAAA,mBAAA,CAAA,CAAA;AAC7B,KAAA;IAEA,IAAI;AACF,QAAA,MAAMgM,MAAMD,QAAUK,CAAAA,QAAAA,CAAAA,CAAAA;AAEtB,QAAA,IAAKC,KAAUL,KAAAA,GAAAA,CAAIE,OAAO,CAACG,KAAK,EAAG;YACjC,MAAM,IAAIpM,KAAO,CAAA,CAAC,2BAA2B,EAAG+L,IAAIE,OAAO,CAACG,KAAK,CAAE,CAAC,CAAA,CAAA;AACtE,SAAA;AAEAC,QAAAA,WAAAA,CAAaF,UAAUtG,OAAS,EAAA,IAAA,CAAA,CAAA;;AAGhC,QAAA,IAAK,CAACkG,GAAAA,CAAIE,OAAO,CAAC,MAAM,EAAG;AACzB,YAAA,MAAM,IAAIjM,KAAO,CAAA,sCAAA,CAAA,CAAA;AACnB,SAAA;AAEA,QAAA,OAAO+L,IAAIE,OAAO,CAAA;AACpB,KAAA,CAAE,OAAQzJ,CAAG,EAAA;QACX,MAAM,IAAI7B,mBAAqB6B,CAAAA,CAAAA,CAAE8J,OAAO,CAAA,CAAA;AAC1C,KAAA;AACF,CAAA;AAEO,SAASD,WAAaN,CAAAA,GAAW,EAAElG,OAA6B,EAAE0G,YAAY,KAAK,EAAA;;IAExF,IAAI,EAAEC,SAAS,EAAEC,mBAAmB,EAAEhF,MAAM,EAAEiF,QAAQ,EAAEC,SAAS,EAAE,GAAG9G,OAAAA,CAAAA;AACtE,IAAA,IAAK,CAAC2G,SAAW,EAAA;QACfA,SAAY,GAAA,CAAA,CAAA;AACd,KAAA;IACA,MAAMnI,GAAAA,GAAM,CAAEoI,mBAAAA,IAAuBA,yBAAyB5H,IAAKR,CAAAA,GAAG,EAAC,IAAM,IAAA,CAAA;IAE7E,MAAM4H,OAAAA,GAAUH,QAAUC,CAAAA,GAAAA,CAAAA,CAAME,OAAO,CAAA;IAEvC,IAAK,CAACA,OAAQW,CAAAA,GAAG,EAAG;AAClB,QAAA,MAAM,IAAInM,eAAiB,CAAA,+BAAA,CAAA,CAAA;AAC7B,KAAA;IACA,IAAKwL,OAAAA,CAAQW,GAAG,KAAKnF,MAAS,EAAA;QAC5B,MAAM,IAAIhH,gBAAiB,CAAC,+BAA+B,EAAGwL,OAAQW,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AAC9E,KAAA;IAEA,IAAK,CAACX,OAAQY,CAAAA,GAAG,EAAG;AAClB,QAAA,MAAM,IAAIpM,eAAiB,CAAA,iCAAA,CAAA,CAAA;AAC7B,KAAA;;;IAIA,IAAKqM,KAAAA,CAAMC,OAAO,CAAEd,OAAQY,CAAAA,GAAG,IAC7BZ,OAAQY,CAAAA,GAAG,CAACG,OAAO,CAAET,SAAAA,GAAYI,YAAYD,QAAYC,IAAAA,SAAAA,CAAAA,IAAe,CAAC,CAAA,GACzEV,OAAQY,CAAAA,GAAG,MAAON,SAAYI,GAAAA,SAAAA,GAAYD,QAAYC,IAAAA,SAAQ,CAC9D,EAAA;QACA,MAAM,IAAIlM,gBAAiB,CAAC,iCAAiC,EAAGwL,OAAQY,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AAChF,KAAA;AAEA,IAAA,IAAKZ,QAAQgB,GAAG,IAAIhB,OAAQgB,CAAAA,GAAG,KAAKN,SAAY,EAAA;QAC9C,MAAM,IAAIlM,gBAAiB,CAAC,yCAAyC,EAAGwL,OAAQgB,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AACxF,KAAA;AAEA,IAAA,MAAMC,QAAW1C,GAAAA,IAAAA,CAAKO,IAAI,CAAE1G,GAAMmI,GAAAA,SAAAA,CAAAA,CAAAA;AAClC,IAAA,MAAMW,QAAW3C,GAAAA,IAAAA,CAAK4C,KAAK,CAAE/I,GAAMmI,GAAAA,SAAAA,CAAAA,CAAAA;IAEnC,IAAK,CAACP,OAAQoB,CAAAA,GAAG,EAAG;AAClB,QAAA,MAAM,IAAI5M,eAAiB,CAAA,kCAAA,CAAA,CAAA;AAC7B,KAAA;AAEA,IAAA,IAAKyM,QAAWI,GAAAA,MAAAA,CAAQrB,OAAQoB,CAAAA,GAAG,CAAK,EAAA;QACtC,MAAM,IAAI5M,gBAAiB,CAAC,kCAAkC,EAAGwL,OAAQoB,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AACjF,KAAA;AAEA,IAAA,IAAKpB,QAAQsB,GAAG,IAAIL,WAAWI,MAAQrB,CAAAA,OAAAA,CAAQsB,GAAG,CAAK,EAAA;QACrD,MAAM,IAAI9M,gBAAiB,CAAC,wCAAwC,EAAGwL,OAAQsB,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AACvF,KAAA;IAEA,IAAK,CAACtB,OAAQuB,CAAAA,GAAG,EAAG;AAClB,QAAA,MAAM,IAAI/M,eAAiB,CAAA,wCAAA,CAAA,CAAA;AAC7B,KAAA;AACA,IAAA,IAAK6M,MAAQrB,CAAAA,OAAAA,CAAQuB,GAAG,CAAA,GAAKL,QAAW,EAAA;QACtC,MAAM,IAAI1M,gBAAiB,CAAC,sCAAsC,EAAGwL,OAAQuB,CAAAA,GAAG,CAAE,CAAC,CAAA,CAAA;AACrF,KAAA;IAEA,OAAOvB,OAAAA,CAAAA;AACT,CAAA;AAEA;AACO,MAAMwB,aAAgB,GAAA;AAC3B,IAAA,KAAA;;AAEA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,OAAA;AACA,IAAA,WAAA;AACA,IAAA,SAAA;AACA,IAAA,QAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,SAAA;AACA,IAAA,KAAA;AACA,IAAA,cAAA;AACA,IAAA,UAAA;AACA,IAAA,YAAA;AACA,IAAA,cAAA;AACA,IAAA,gBAAA;AACA,IAAA,MAAA;AACA,IAAA,MAAA;AACA,IAAA,KAAA;AACA,IAAA,QAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,KAAA;AACA,IAAA,QAAA;AACA,IAAA,QAAA;AACA,IAAA,KAAA;AACA,IAAA,OAAA;AACA,IAAA,WAAA;AACA,IAAA,SAAA;AACA,IAAA,OAAA;AACA,IAAA,YAAA;CACD;;ACtMD,MAAMC,sBAAyB,GAAA,IAAA,CAAA;AAExB,SAASC,0BAA2B9H,OAA8B,EAAA;IACvE,MAAM,EAAED,GAAG,EAAEzB,QAAQ,EAAEwI,SAAS,EAAEiB,aAAa,EAAE,GAAG/H,OAAAA,CAAAA;IACpD,IAAIgI,oBAAAA,CAAAA;IACJ,MAAMC,GAAAA,GAAMlI,IAAIoH,OAAO,CAAE,KAAKpH,GAAIoH,CAAAA,OAAO,CAAE,IAAS,CAAA,GAAA,CAAA,CAAA,CAAA;AACpD,IAAA,MAAMe,WAAcnI,GAAAA,GAAAA,CAAIoI,MAAM,CAAE,CAAGF,EAAAA,GAAAA,CAAAA,CAAAA;AAEnC,IAAA,MAAMG,KAAQlJ,GAAAA,iBAAAA,EAAAA,CAAAA;IAEd,IAAImJ,KAAAA,CAAAA;AAEJ,IAAA,MAAMC,IAAO,GAAA,IAAA;QACX,OAAO,IAAIjN,QAASC,CAAAA,OAAAA,GAAAA;AAClBE,YAAAA,MAAAA,CAAO4D,QAAQ,CAAC8B,IAAI,CAACM,WAAW,CAAE4G,KAAAA,CAAAA,CAAAA;YAClC5M,MAAO+F,CAAAA,gBAAgB,CAAE,SAAA,EAAWhB,kBAAoB,EAAA,KAAA,CAAA,CAAA;AACxD6H,YAAAA,KAAAA,CAAM1G,MAAM,GAAG,IAAA;gBACbpG,OAAS,CAAA,IAAA,CAAA,CAAA;AACX,aAAA,CAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA,CAAA;AAEA,IAAA,MAAM8C,QAAQ,CAAEmK,YAAAA,GAAAA;AACdD,QAAAA,IAAAA,EAAAA,CAAOxE,IAAI,CAAE,IAAA;YACX,IAAKyE,YAAAA,IAAgBP,yBAAyBO,YAAe,EAAA;AAC3D5J,gBAAAA,IAAAA,EAAAA,CAAAA;gBACAqJ,oBAAuBO,GAAAA,YAAAA,CAAAA;AACvB,gBAAA,MAAMC,IAAO,GAAA,IAAA;oBACXJ,KAAMK,CAAAA,aAAa,CAAEC,WAAW,CAAE,CAAC,EAAG5B,SAAAA,CAAW,CAAC,EAAGkB,oBAAsB,CAAA,CAAC,EAAEE,WAAAA,CAAAA,CAAAA;AAChF,iBAAA,CAAA;AACAM,gBAAAA,IAAAA,EAAAA,CAAAA;AACAH,gBAAAA,KAAAA,GAAQ7M,MAAOqD,CAAAA,WAAW,CAAE2J,IAAAA,EAAMT,aAAiBF,IAAAA,sBAAAA,CAAAA,CAAAA;AACrD,aAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA,CAAA;AAEA,IAAA,MAAMlJ,IAAO,GAAA,IAAA;QACXqJ,oBAAuB,GAAA,IAAA,CAAA;AACvB,QAAA,IAAKK,KAAQ,EAAA;AACX7M,YAAAA,MAAAA,CAAOsD,aAAa,CAAEuJ,KAAAA,CAAAA,CAAAA;YACtBA,KAAQ,GAAA,IAAA,CAAA;AACV,SAAA;AACF,KAAA,CAAA;AAEA,IAAA,MAAM9H,qBAAqB,CAAE5D,CAAAA,GAAAA;QAC3B,IAAKA,CAAAA,CAAE6D,MAAM,KAAK0H,WAAAA,IAAevL,EAAEkE,MAAM,KAAKuH,KAAMK,CAAAA,aAAa,EAAG;YAClE,IAAK9L,CAAAA,CAAE+D,IAAI,KAAK,OAAU,EAAA;AACxB/B,gBAAAA,IAAAA,EAAAA,CAAAA;AACAL,gBAAAA,QAAAA,CAAU3B,EAAE+D,IAAI,CAAA,CAAA;AAClB,aAAA,MAAO,IAAK/D,CAAAA,CAAE+D,IAAI,KAAK,SAAY,EAAA;AACjC/B,gBAAAA,IAAAA,EAAAA,CAAAA;AACAL,gBAAAA,QAAAA,EAAAA,CAAAA;AACF,aAAA;AACF,SAAA;AACF,KAAA,CAAA;IAEA8J,KAAM3G,CAAAA,YAAY,CAAE,KAAO1B,EAAAA,GAAAA,CAAAA,CAAAA;IAE3B,OAAO;AACLpB,QAAAA,IAAAA;AACAP,QAAAA,KAAAA;AACF,KAAA,CAAA;AACF;;AC9DA;;;IAIO,SAASuK,cAAAA,CAA+CC,MAAS,EAAA;AACtE,IAAA,IAAK,CAACA,MAAAA,IAAU,OAAOA,MAAAA,KAAW,QAAW,EAAA;QAC3C,OAAOA,MAAAA,CAAAA;AACT,KAAA;AACA,IAAA,OAAOjN,IAAKC,CAAAA,KAAK,CAAED,IAAAA,CAAKI,SAAS,CAAE6M,MAAAA,CAAAA,CAAAA,CAAAA;AACrC,CAAA;AAEA,SAASC,KAAAA,CAAOC,aAAkB,EAAEC,YAAiB,EAAA;IACnD,IAAM,MAAMC,KAAKD,YAAe,CAAA;AAC9B,QAAA,IAAKA,YAAY,CAACC,CAAE,CAAA,KAAKC,SAAY,EAAA;AACnC,YAAA,IAAK,OAAOF,YAAY,CAACC,CAAAA,CAAE,KAAK,QAAYD,IAAAA,YAAY,CAACC,CAAAA,CAAE,CAACxO,WAAW,CAACF,IAAI,KAAK,QAAW,EAAA;AAC1FwO,gBAAAA,aAAa,CAACE,CAAAA,CAAE,GAAGH,KAAAA,CAAOC,aAAa,CAACE,CAAE,CAAA,IAAI,EAAC,EAAGD,YAAY,CAACC,CAAE,CAAA,CAAA,CAAA;aAC5D,MAAA;AACLF,gBAAAA,aAAa,CAACE,CAAAA,CAAE,GAAGD,YAAY,CAACC,CAAE,CAAA,CAAA;AACpC,aAAA;AACF,SAAA;AACF,KAAA;IACA,OAAOF,aAAAA,CAAAA;AACT,CAAA;AAGO,SAASI,YAAc,CAAA,GAAGC,OAAc,EAAA;AAC7C,IAAA,OAAOA,OAAQC,CAAAA,MAAM,CAAE,CAAEN,aAAeC,EAAAA,YAAAA,GAAAA;QACtC,OAAOF,KAAAA,CAAOC,aAAiB,IAAA,EAAIC,EAAAA,YAAAA,CAAAA,CAAAA;AACrC,KAAA,EAAG,EAAC,CAAA,CAAA;AACN;;ACjCO,MAAMM,cAAiB,GAAA,CAAE1I,MAAc2I,aAC5CA,GAAAA,aAAAA,IAAiBA,cAAcvG,KAAK,CAAE,MAASwG,CAAAA,CAAAA,MAAM,CAAEC,CAAAA,EAAAA,GAAMA,OAAO7I,IAAOrE,CAAAA,CAAAA,MAAM,GAAG,CAAC,CAAA;AAEhF,MAAMmN,eAAAA,GAAkB,CAAEC,KAAAA,EAAeC,SAC9CA,MAAUA,IAAAA,MAAAA,CAAO5G,KAAK,CAAE,GAAMoE,CAAAA,CAAAA,OAAO,CAAEuC,KAAAA,CAAAA,GAAU,CAAC,CAAC;;ACDrD,MAAME,YAAY,CAAE7J,GAAAA,EAAaR,QAAQ,GAAG,EAAEC,SAAS,GAAG,GAAA;IACxD,MAAMqK,IAAAA,GAAOrO,MAAOsO,CAAAA,OAAO,GAAKtO,CAAAA,MAAOuO,CAAAA,UAAU,GAAGxK,KAAI,IAAM,CAAA,CAAA;IAC9D,MAAMyK,GAAAA,GAAMxO,MAAOyO,CAAAA,OAAO,GAAKzO,CAAAA,MAAO0O,CAAAA,WAAW,GAAG1K,MAAK,IAAM,CAAA,CAAA;AAE/D,IAAA,OAAOhE,OAAO2O,IAAI,CAChBpK,KACA,kBACA,EAAA,CAAC,KAAK,EAAG8J,IAAAA,CAAM,KAAK,EAAGG,GAAAA,CAAK,OAAO,EAAGzK,KAAAA,CAAO,QAAQ,EAAGC,MAAAA,CAAQ,kCAAkC,CAAC,CAAA,CAAA;AAEvG,CAAA,CAAA;AAEO,SAAS4K,QAAAA,CAAUrK,GAAW,EAAEC,OAAqB,EAAA;IAC1D,IAAIqK,KAAAA,GAAQrK,QAAQqK,KAAK,CAAA;AAEzB,IAAA,IAAKA,KAAQ,EAAA;QACXA,KAAMC,CAAAA,QAAQ,CAACC,IAAI,GAAGxK,GAAAA,CAAAA;KACjB,MAAA;AACLsK,QAAAA,KAAAA,GAAQT,SAAW7J,CAAAA,GAAAA,CAAAA,CAAAA;AACrB,KAAA;AAEA,IAAA,IAAK,CAACsK,KAAQ,EAAA;mCAEZ,MAAM,IAAIlQ,KAAO,CAAA,sBAAA,CAAA,CAAA;AACnB,KAAA;IAEA,IAAIqQ,SAAAA,CAAAA;IACJ,IAAIC,OAAAA,CAAAA;IAEJ,OAAO,IAAIpP,OAA2C,CAAA,CAAEC,OAAS2E,EAAAA,MAAAA,GAAAA;QAC/D,SAASyK,aAAAA,GAAAA;YACP5L,aAAe2L,CAAAA,OAAAA,CAAAA,CAAAA;YACfxJ,YAAcuJ,CAAAA,SAAAA,CAAAA,CAAAA;YACdhP,MAAO6F,CAAAA,mBAAmB,CAAE,SAAWsJ,EAAAA,eAAAA,CAAAA,CAAAA;AACzC,SAAA;AAEAH,QAAAA,SAAAA,GAAYpK,UAAY,CAAA,IAAA;AACtBsK,YAAAA,aAAAA,EAAAA,CAAAA;AACAzK,YAAAA,MAAAA,CAAQ,IAAI/F,eAAiB,CAAA,WAAA,CAAA,CAAA,CAAA;SAC5B8F,EAAAA,OAAAA,CAAQM,OAAO,IAAI,EAAK,GAAA,IAAA,CAAA,CAAA;AAE3BmK,QAAAA,OAAAA,GAAU5L,WAAa,CAAA,WAAA;YACrB,IAAKwL,KAAAA,CAAOO,MAAM,EAAG;AACnBF,gBAAAA,aAAAA,EAAAA,CAAAA;AACAzK,gBAAAA,MAAAA,CAAQ,IAAIlF,oBAAsB,CAAA,mBAAA,CAAA,CAAA,CAAA;AACpC,aAAA;SACC,EAAA,GAAA,CAAA,CAAA;QAEHS,MAAO+F,CAAAA,gBAAgB,CAAE,SAAWoJ,EAAAA,eAAAA,CAAAA,CAAAA;AAEpC,QAAA,SAASA,gBAAiBhO,CAAe,EAAA;YACvC,IAAK,CAACA,EAAE+D,IAAI,IAAI/D,EAAE+D,IAAI,CAACC,IAAI,KAAK,wBAA2B,EAAA,OAAA;AAC3D+J,YAAAA,aAAAA,EAAAA,CAAAA;AACAL,YAAAA,KAAAA,CAAOvJ,KAAK,EAAA,CAAA;AACZ,YAAA,MAAMJ,OAAO/D,CAAE+D,CAAAA,IAAI,CAACM,QAAQ,IAAIrE,EAAE+D,IAAI,CAAA;AACtCA,YAAAA,IAAAA,CAAKtG,KAAK,GAAG6F,MAAQ,CAAA,IAAI/F,eAAiBwG,CAAAA,IAAAA,CAAKtG,KAAK,EAAEsG,IAAKrG,CAAAA,iBAAiB,CACxEiB,CAAAA,GAAAA,OAAAA,CAASqB,EAAE+D,IAAI,CAAA,CAAA;AACrB,SAAA;AACF,KAAA,CAAA,CAAA;AACF;;AC7DA;;;;;;;AAOA,GAAA,SAAAzB,kBAAA,CAAA,GAAA,EAAA,GAAA,EAAA,KAAA,EAAA;;;;;;;;;;;;;AAIA,MAAM4L,YAAe,GAAA,CAAC,EAAGC,WAAAA,CAAYtM,GAAG,EAAA,CAAI,CAAC,EAAGmG,IAAKoG,CAAAA,MAAM,EAAK,GAAA,UAAA,GAAa,EAAG,CAAC,CAAA;AACjF,MAAMC,WAAgC,EAAC,CAAA;AAEhC,MAAMC,QAAAA,CAAAA;;;;AAaXC,IAAAA,QAAAA,CAAUC,QAAgB,EAAE7N,EAAc,EAAEgD,OAAAA,GAAU,IAAI,EAAQ;QAChE,IAAK,CAAC6K,UAAW,MAAM,gBAAA,CAAA;QAEvB,IAAK,CAAC3P,MAAOC,CAAAA,YAAY,EAAG;AAC1B6B,YAAAA,EAAAA,EAAAA,CAAAA;AACA,YAAA,OAAA;AACF,SAAA;AAEA,QAAA,MAAM8N,eAAkB,GAAA,IAAI,CAACC,SAAS,GAAGF,QAAAA,CAAAA;QAEzC1P,YAAaK,CAAAA,OAAO,CAAEsP,eAAiBP,EAAAA,YAAAA,CAAAA,CAAAA;;QAEvCzK,UAAY,CAAA,IAAA;AACV,YAAA,IAAK3E,YAAaC,CAAAA,OAAO,CAAE0P,eAAAA,CAAAA,IAAqBP,YAC9CvN,EAAAA,EAAAA,EAAAA,CAAAA;SACD,EAAA,GAAA,CAAA,CAAA;;QAGH8C,UAAY,CAAA,WAAA;AAAc3E,YAAAA,YAAAA,CAAaQ,UAAU,CAAEmP,eAAAA,CAAAA,CAAAA;SAAsB9K,EAAAA,OAAAA,CAAAA,CAAAA;AAC3E,KAAA;IAEAgL,yBAA2BC,CAAAA,SAAiB,EAAEC,SAAc,EAAQ;;QAElE,IAAI;YAAER,QAAQ,CAACO,UAAU,CAAEC,SAAAA,CAAAA,CAAAA;SAC3B,CAAA,OAAQC,GAAI,EAAE;QAEd,IAAK,CAACjQ,MAAOC,CAAAA,YAAY,EAAE;AACzB,YAAA,IAAI,CAACiQ,MAAM,CAAC5N,IAAI,CAAEyN,SAAWC,EAAAA,SAAAA,CAAAA,CAAAA;AAC7B,YAAA,OAAA;AACF,SAAA;AAEA,QAAA,MAAM9K,IAAO,GAAA;YACXA,IAAW8K,EAAAA,SAAAA;YACXG,SAAW,EAAA,IAAI3M,OAAO4M,OAAO,EAAA;AAC/B,SAAA,CAAA;;AAGAnQ,QAAAA,YAAAA,CAAaK,OAAO,CAAE,CAAC,EAAG,IAAI,CAACuP,SAAS,CAAE,KAAK,EAAGE,SAAW,CAAA,CAAC,EAAE5P,IAAAA,CAAKI,SAAS,CAAE2E,IAAAA,CAAAA,CAAAA,CAAAA;;QAGhFN,UAAY,CAAA,IAAA;YAAQ3E,YAAaQ,CAAAA,UAAU,CAAE,CAAC,EAAG,IAAI,CAACoP,SAAS,CAAE,KAAK,EAAGE,SAAAA,CAAW,CAAC,CAAA,CAAA;SAAO,EAAA,IAAA,CAAA,CAAA;AAC9F,KAAA;IAEAM,kBAAoBN,CAAAA,SAAiB,EAAEjO,EAAyB,EAAQ;QACtE0N,QAAQ,CAACO,UAAU,GAAGjO,EAAAA,CAAAA;QACtB,IAAK,CAAC9B,MAAOC,CAAAA,YAAY,EAAE;AACzB,YAAA,IAAI,CAACiQ,MAAM,CAACnO,EAAE,CAAEgO,SAAWjO,EAAAA,EAAAA,CAAAA,CAAAA;AAC3B,YAAA,OAAA;AACF,SAAA;;QAGA9B,MAAO+F,CAAAA,gBAAgB,CAAE,SAAA,EAAW,CAAEuK,EAAAA,GAAAA;AACpC,YAAA,IAAKA,EAAG1Q,CAAAA,GAAG,IAAI,CAAC,EAAG,IAAI,CAACiQ,SAAS,CAAE,KAAK,EAAGE,SAAAA,CAAW,CAAC,EAAG;AAC1D,YAAA,IAAK,CAACO,EAAAA,CAAGC,QAAQ,EAAG;AACpB,YAAA,MAAMC,WAAcrQ,GAAAA,IAAAA,CAAKC,KAAK,CAAEkQ,GAAGC,QAAQ,CAAA,CAAA;AAC3CzO,YAAAA,EAAAA,CAAI0O,YAAYtL,IAAI,CAAA,CAAA;AACtB,SAAA,CAAA,CAAA;AACF,KAAA;IAjEAlG,WAAayR,CAAAA,GAAW,EAAEC,cAAiC,CAAG;AAJ9Db,QAAAA,kBAAAA,CAAAA,IAAAA,EAAAA,aAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEA,QAAApM,kBAAA,CAAA,IAAA,EAAQyM,UAAR,KAAA,CAAA,CAAA,CAAA;QAGE,IAAI,CAACL,SAAS,GAAGY,GAAAA,CAAAA;QACjB,IAAI,CAACP,MAAM,GAAGQ,cAAAA,CAAAA;AAChB,KAAA;AA+DF;;;;;;;;;;;;;;;ACzCA;;;;;IAMO,MAAMC,UAAmBhP,SAAAA,YAAAA,CAAAA;AAyE9B;;;;;;AAMC,MACD,MAAMiP,UAAAA,CAAYC,UAAa,GAAA,IAAI,EAAgC;QACjE,IAAK,IAAI,CAACC,WAAW,EAAE;AACrB,YAAA,OAAO,IAAI,CAAA;AACb,SAAA;QAEA,IAAK,IAAI,CAACC,mBAAmB,EAAE;YAC7B,OAAO,IAAI,CAACA,mBAAmB,CAAA;SAC1B,MAAA;AACL,YAAA,IAAI,CAACA,mBAAmB,GAAG,IAAIlR,OAAAA,CAAS,OAAQC,OAAS2E,EAAAA,MAAAA,GAAAA;gBACvD,IAAI;AACF,oBAAA,IAAK,IAAI,CAACuM,UAAU,CAACC,IAAI,EAAE;AACzB,wBAAA,MAAM,IAAI,CAACD,UAAU,CAACC,IAAI,EAAA,CAAA;AAC5B,qBAAA;AACA,oBAAA,IAAK,IAAI,CAACC,SAAS,CAACD,IAAI,EAAE;AACxB,wBAAA,MAAM,IAAI,CAACC,SAAS,CAACD,IAAI,EAAA,CAAA;AAC3B,qBAAA;AAEA,oBAAA,IAAK,CAAC,IAAI,CAACzM,OAAO,CAAC2M,SAAS,IAAIC,MAAOC,CAAAA,IAAI,CAAE,IAAI,CAAC7M,OAAO,CAAC2M,SAAS,CAAGrQ,CAAAA,MAAM,KAAK,CAAG,EAAA;wBAClF,MAAM,IAAI,CAACwQ,eAAe,EAAA,CAAA;AAC5B,qBAAA;oBACA,IAAI,CAACR,WAAW,GAAG,IAAA,CAAA;oBAEnB,IAAI;AACF,wBAAA,IAAKD,UAAY,EAAA;AACT7Q,4BAAAA,IAAAA,OAAAA,CAAAA;AAAN,4BAAA,IAAK,GAACA,OAAAA,GAAAA,MAAAA,MAAAA,IAAAA,IAAAA,OAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,OAAAA,CAAQuR,YAAY,CAAE,EAAA;gCAC1B,MAAM,IAAI,CAACC,WAAW,EAAA,CAAA;AACxB,6BAAA;AACF,yBAAA;AACF,qBAAA,CAAE,OAAQrQ,CAAI,EAAA;AACZ,wBAAA,IAAI,CAACmB,IAAI,CAAElE,MAAAA,CAAOI,kBAAkB,EAAE2C,CAAAA,CAAAA,CAAAA;AACtC,wBAAA,MAAM,IAAI,CAAC+P,SAAS,CAACxQ,KAAK,EAAA,CAAA;AAC5B,qBAAA;AACAZ,oBAAAA,OAAAA,CAAS,IAAI,CAAA,CAAA;AACf,iBAAA,CAAE,OAAQqB,CAAI,EAAA;AACZ,oBAAA,IAAKA,aAAazC,eAAiB,EAAA;wBACjC+F,MAAQtD,CAAAA,CAAAA,CAAAA,CAAAA;qBACH,MAAA;wBACLsD,MAAQ,CAAA,IAAI/F,eAAiByC,CAAAA,CAAAA,CAAE8J,OAAO,CAAA,CAAA,CAAA;AACxC,qBAAA;iBACQ,QAAA;oBACR,IAAI,CAAC8F,mBAAmB,GAAGtD,SAAAA,CAAAA;AAC7B,iBAAA;AACF,aAAA,CAAA,CAAA;AACF,SAAA;QAEA,OAAO,IAAI,CAACsD,mBAAmB,CAAA;AACjC,KAAA;AAEA;;;;;;;MAQA,MAAMU,MAAOjN,OAAuC,GAAA,EAAE,EAAEkN,UAAAA,GAAkC,EAAE,EAAE;QAC5F1R,MAAO8O,CAAAA,QAAQ,CAAC6C,MAAM,CAAE,MAAM,IAAI,CAACC,iBAAiB,CAAEpN,OAASkN,EAAAA,UAAAA,CAAAA,CAAAA,CAAAA;AACjE,KAAA;AAEA;;;;;;;;;;MAWA,MAAMG,eAAgBrN,OAAuC,GAAA,EAAE,EAAEsN,YAAAA,GAA6B,EAAE,EAAE;AAChG,QAAA,MAAMvN,GAAM,GAAA,MAAM,IAAI,CAACqN,iBAAiB,CAAE;YACxCG,aAAe,EAAA,UAAA;AACf,YAAA,GAAGvN,OAAO;YACVL,OAAe,EAAA,OAAA;YACf6N,YAAe,EAAA,GAAA;AACjB,SAAA,CAAA,CAAA;QACA,MAAM,EAAExM,QAAQ,EAAEvG,KAAK,EAAE,GAAG,MAAM2P,SAAUrK,GAAKuN,EAAAA,YAAAA,CAAAA,CAAAA;AACjD,QAAA,MAAM,EAAEG,UAAU,EAAEP,UAAU,EAAE,GAAG,CAACzS,KAAS,IAAA,OAAOA,UAAU,QAC5D,GAAA,MAAM,IAAI,CAACiT,SAAS,CAAEjT,KAASuG,IAAAA,QAAAA,CAASvG,KAAK,CAC3CA,GAAAA,KAAAA,CAAAA;AACJ,QAAA,MAAMkT,cAAc,MAAM,IAAI,CAACC,kBAAkB,CAAE5M,UAAUyM,UAAYP,EAAAA,UAAAA,CAAAA,CAAAA;AACzE,QAAA,MAAMW,UAAa,GAAA,MAAM,IAAI,CAACC,iBAAiB,CAC7CH,WACAF,EAAAA,UAAAA,EACAvE,YAAc,CAAA,IAAI,CAAClJ,OAAO,EAAEyN,UAAAA,CAAAA,CAAAA,CAAAA;QAE9BI,UAAWE,CAAAA,aAAa,GAAE/M,QAAAA,CAAS+M,aAAa,CAAA;AAChD,QAAA,IAAI,CAACC,YAAY,CAAC1C,yBAAyB,CAAE1R,MAAAA,CAAOE,UAAU,EAAE+T,UAAAA,CAAAA,CAAAA;QAChE,OAAOX,UAAAA,CAAAA;AACT,KAAA;AAEA;;;;;;AAMC,MACD,MAAMe,aAAelO,CAAAA,GAAAA,GAAAA,CAAAA,IAAAA;YAAavE,gBAAAA,EAAAA,OAAAA,CAAAA;gBAAAA,OAAAA,GAAAA,MAAAA,MAAAA,IAAAA,IAAAA,+BAAAA,gBAAAA,GAAAA,OAAAA,CAAQ8O,QAAQ,MAAhB9O,IAAAA,IAAAA,gBAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,iBAAkB+O,IAAI,CAAA;QAAA,EAAE;AACxD,QAAA,IAAK,CAACxK,GAAK,EAAA;AACT,YAAA,OAAO1E,OAAQ4E,CAAAA,MAAM,CAAE,IAAI/F,eAAiB,CAAA,6CAAA,CAAA,CAAA,CAAA;AAC9C,SAAA;QACA,IAAIgU,SAAAA,CAAAA;QACJ,IAAI;AACFA,YAAAA,SAAAA,GAAY,IAAIrM,GAAK9B,CAAAA,GAAAA,CAAAA,CAAAA;AACvB,SAAA,CAAE,OAAQpD,CAAG,EAAA;YACX,OAAOtB,OAAAA,CAAQ4E,MAAM,CAAE,IAAI/F,eAAAA,CAAiB,CAAC,8BAA8B,EAAG6F,GAAK,CAAA,CAAC,CAAC,CAAA,CAAA,CAAA;AACvF,SAAA;AAEA,QAAA,MAAMoO,iBAAiBzL,aAAewL,CAAAA,SAAAA,CAAUlM,MAAM,IAAIkM,UAAUjM,IAAI,CAAA,CAAA;AACxE,QAAA,MAAMmM,iBAAiB,MAAM,IAAI,CAACV,SAAS,CAAES,eAAe1T,KAAK,CAAA,CAAA;AACjE,QAAA,MAAM,EAAEgT,UAAU,EAAEP,UAAU,EAAEM,YAAY,EAAE,GAAGY,cAAAA,CAAAA;AACjDrO,QAAAA,GAAAA,GAAMA,GAAOvE,IAAAA,MAAAA,CAAO8O,QAAQ,CAACC,IAAI,CAAA;QACjC,OAASiD,YAAAA;YACP,KAAK,GAAA;AACEhS,gBAAAA,IAAAA,OAAAA,CAAAA;AAAL,gBAAA,IAAA,CAAKA,OAAAA,GAAAA,MAAAA,MAAAA,IAAAA,IAAAA,OAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,OAAAA,CAAQuR,YAAY,EAAG;AAC1B,oBAAA,IAAKhN,GAAM,EAAA;wBACTvE,MAAO6S,CAAAA,MAAM,CAAC3F,WAAW,CAAE;4BACzB/H,IAAU,EAAA,wBAAA;4BACVK,QAAUmN,EAAAA,cAAAA;4BACV1T,KAAU2T,EAAAA,cAAAA;yBACT,EAAA,CAAC,EAAG9D,QAAAA,CAASvI,QAAQ,CAAE,EAAE,EAAGuI,QAAAA,CAASgE,IAAI,CAAE,CAAC,CAAA,CAAA;AACjD,qBAAA;AACF,iBAAA;AACA,gBAAA,OAAA;YACF,KAAK,GAAA;gBACH,IAAK9S,MAAAA,CAAO+S,MAAM,IAAIxO,GAAK,EAAA;oBACzBvE,MAAO+S,CAAAA,MAAM,CAAC7F,WAAW,CAAE;wBACzB/H,IAAU,EAAA,wBAAA;wBACVK,QAAUmN,EAAAA,cAAAA;wBACV1T,KAAU2T,EAAAA,cAAAA;qBACT,EAAA,CAAC,EAAG9D,QAAAA,CAASvI,QAAQ,CAAE,EAAE,EAAGuI,QAAAA,CAASgE,IAAI,CAAE,CAAC,CAAA,CAAA;AACjD,iBAAA;AACA,gBAAA,OAAA;AACF,YAAA;gBACE,IAAKH,cAAAA,CAAe/T,KAAK,EAAE;oBACzB,OAAOiB,OAAAA,CAAQ4E,MAAM,CAAE,IAAI1F,oBAAqB4T,cAAe/T,CAAAA,KAAK,EAAE+T,cAAAA,CAAe9T,iBAAiB,CAAA,CAAA,CAAA;AACxG,iBAAA;AACA,gBAAA,MAAMsT,cAAc,MAAM,IAAI,CAACC,kBAAkB,CAAEO,gBAAgBV,UAAYP,EAAAA,UAAAA,CAAAA,CAAAA;AAC/E,gBAAA,MAAMW,UAAa,GAAA,MAAM,IAAI,CAACC,iBAAiB,CAC7CH,WACAF,EAAAA,UAAAA,EACAvE,YAAc,CAAA,IAAI,CAAClJ,OAAO,EAAEyN,UAAAA,CAAAA,CAAAA,CAAAA;gBAE9BI,UAAWE,CAAAA,aAAa,GAAEI,cAAAA,CAAeJ,aAAa,CAAA;AACtD,gBAAA,IAAI,CAACC,YAAY,CAAC1C,yBAAyB,CAAE1R,MAAAA,CAAOE,UAAU,EAAE+T,UAAAA,CAAAA,CAAAA;gBAChE,OAAOX,UAAAA,CAAAA;AACX,SAAA;AACF,KAAA;AAEA;;;;AAIC,MACD,MAAMsB,MAAAA,CAAQxO,OAAgC,GAAA,EAAE,EAAE;QAChD,IAAK,CAACA,OAAQyO,CAAAA,SAAS,EAAG;AAEuBC,YAAAA,IAAAA,WAAAA,CAAAA;AAD/C,YAAA,MAAMA,aAAa,MAAM,IAAI,CAAChC,SAAS,CAACvR,GAAG,CAAE,MAAA,CAAA,CAAA;YAC7C,MAAMwT,aAAAA,GAAgB3O,QAAQ2O,aAAa,KAAA,CAAID,cAAAA,UAAAA,MAAAA,IAAAA,IAAAA,WAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,YAAYE,YAAY,CAAA,CAAA;YACvEpT,MAAO8O,CAAAA,QAAQ,CAAC6C,MAAM,CAAE,MAAM,IAAI,CAAC0B,mBAAmB,CAAE;AACtD,gBAAA,GAAG7O,OAAO;AACV2O,gBAAAA,aAAAA;AACF,aAAA,CAAA,CAAA,CAAA;AACF,SAAA;AACA,QAAA,MAAM,IAAI,CAACjC,SAAS,CAACxQ,KAAK,EAAA,CAAA;AAC5B,KAAA;AAEA;;;;;MAMA,MAAM4S,WAAaC,CAAAA,KAAa,EAAEpO,IAAAA,GAAkB,cAAc,EAAEX,OAAAA,GAAyB,EAAE,EAAE;QAC/F,IAAK,CAAC,IAAI,CAACA,OAAO,CAAC2M,SAAS,CAAEqC,mBAAmB,EAAE;AACjD,YAAA,OAAO3T,OAAQ4E,CAAAA,MAAM,CAAE,IAAI/F,eAAiB,CAAA,sCAAA,CAAA,CAAA,CAAA;AAC9C,SAAA;AACA,QAAA,MAAM+U,YAAe,GAAA;AACnBnI,YAAAA,SAAAA,EAAiB9G,QAAQ8G,SAAS,IAAI,IAAI,CAAC9G,OAAO,CAAC8G,SAAS;AAC5DoI,YAAAA,aAAAA,EAAiBlP,QAAQkP,aAAa,IAAI,IAAI,CAAClP,OAAO,CAACkP,aAAa;YACpEC,eAAiBxO,EAAAA,IAAAA;YACjBoO,KAAiBA,EAAAA,KAAAA;AACnB,SAAA,CAAA;QAEA,OAAO,IAAI,CAACK,IAAI,CAAE;YAChBzL,MAAa,EAAA,MAAA;YACbC,WAAa,EAAA,MAAA;AACb7D,YAAAA,GAAAA,EAAa,IAAI,CAACC,OAAO,CAAC2M,SAAS,CAAEqC,mBAAmB;YACxD9N,IAAa+N,EAAAA,YAAAA;AACf,SAAA,CAAA,CAAA;AACF,KAAA;AAEA;;;;;;;;;MAUA,MAAMjC,YAAahN,OAA8B,GAAA,EAAE,EAAEkN,UAAAA,GAAkC,EAAE,EAAE;AAiBpDwB,QAAAA,IAAAA,WAAAA,CAAAA;QAhBrC,MAAM,IAAI,CAACtC,UAAU,CAAE,KAAA,CAAA,CAAA;QACvB,IAAIuB,WAAAA,CAAAA;AACJ,QAAA,IAAI0B,aAAkB,EAAC,CAAA;QAEvB,MAAMX,UAAAA,GAAa,MAAM,IAAI,CAAChC,SAAS,CAACvR,GAAG,CAAE,MAAA,CAAA,IAAY,EAAC,CAAA;AAE1D,QAAA,MAAM8T,eAAe/F,YAAc,CAAA;YACjCqE,aAAe,EAAA,OAAA;YACf5N,OAAe,EAAA,MAAA;YACf2P,MAAe,EAAA,MAAA;SACd,EAAA,IAAI,CAACtP,OAAO,EAAEA,OAAAA,CAAAA,CAAAA;QAEjB,IAAKiP,YAAAA,CAAaM,mBAAmB,EAAE;YACrCN,YAAaO,CAAAA,YAAY,GAAGP,YAAAA,CAAaM,mBAAmB,CAAA;AAC9D,SAAA;QAEA,IAAK,IAAI,CAACvP,OAAO,CAACyP,eAAe,KAAIf,CAAAA,WAAAA,GAAAA,UAAAA,MAAAA,IAAAA,IAAAA,WAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,WAAYgB,CAAAA,aAAa,CAAE,EAAA;AACxBhB,YAAAA,IAAAA,YAAAA,CAAAA;AAAtCW,YAAAA,UAAAA,CAAW5B,UAAU,GAAGvE,YAAcwF,CAAAA,CAAAA,CAAAA,eAAAA,UAAAA,MAAAA,IAAAA,IAAAA,YAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,YAAYjB,CAAAA,UAAU,KAAI,EAAC,EAAG4B,UAAW5B,CAAAA,UAAU,IAAI,EAAC,CAAA,CAAA;AAC9FE,YAAAA,WAAAA,GAAc,MAAM,IAAI,CAACgC,oBAAoB,CAAE;AAC7C,gBAAA,GAAGV,YAAY;AACfS,gBAAAA,aAAAA,EAAehB,WAAWgB,aAAa;AACzC,aAAA,CAAA,CAAA;SACK,MAAA;AACL,YAAA,MAAME,OAAU,GAAA,MAAM,IAAI,CAACxC,iBAAiB,CAAE;AAC5C,gBAAA,GAAG6B,YAAY;gBACfzB,YAAc,EAAA,GAAA;aACbN,EAAAA,UAAAA,CAAAA,CAAAA;YAEH,MAAM,EAAElM,QAAQ,EAAEvG,KAAK,EAAE,GAAG,MAAMqF,UAAW8P,OAAS,EAAA;AACpDtP,gBAAAA,OAAAA,EAAa2O,aAAaY,oBAAoB;gBAC9CpP,WAAajF,EAAAA,MAAAA,CAAO8O,QAAQ,CAAC9J,MAAM;AACrC,aAAA,CAAA,CAAA;AACAmN,YAAAA,WAAAA,GAAc,MAAM,IAAI,CAACC,kBAAkB,CAAE5M,UAAUiO,YAAc/B,EAAAA,UAAAA,CAAAA,CAAAA;YACrEwB,UAAWX,CAAAA,aAAa,GAAG/M,QAAAA,CAAS+M,aAAa,CAAA;YACjDsB,UAAa5U,GAAAA,KAAAA,CAAAA;AACf,SAAA;QAEA,MAAMoT,UAAAA,GAAa,MAAM,IAAI,CAACC,iBAAiB,CAAEH,WAAAA,EAAa0B,UAAW5B,CAAAA,UAAU,EAAEwB,YAAAA,CAAAA,CAAAA;QACrFpB,UAAWE,CAAAA,aAAa,GAAGW,UAAAA,CAAWX,aAAa,CAAA;AACnD,QAAA,IAAI,CAACC,YAAY,CAAC1C,yBAAyB,CAAE1R,MAAAA,CAAOE,UAAU,EAAE+T,UAAAA,CAAAA,CAAAA;AAChE,QAAA,OAAOwB,WAAWnC,UAAU,CAAA;AAC9B,KAAA;AAEA;;AAEC,MACD,MAAM4C,cAAgB,GAAA;AACX,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAACpD,SAAS,CAACvR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsC4U,YAAY,CAAA;AAC7D,KAAA;AAGA;;AAEC,MACD,MAAMC,eAAiB,GAAA;AACZ,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAACtD,SAAS,CAACvR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCuU,aAAa,CAAA;AAC9D,KAAA;AAEA;;AAEC,MACD,MAAMO,UAAY,GAAA;AACP,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAACvD,SAAS,CAACvR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCmL,QAAQ,CAAA;AACzD,KAAA;AAEA;;AAEC,MACD,MAAM4J,YAAc,GAAA;AACT,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAACxD,SAAS,CAACvR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCgV,UAAU,CAAA;AAC3D,KAAA;AAEA;;AAEC,MACD,MAAMC,aAAe,GAAA;AACV,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAAC1D,SAAS,CAACvR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCyT,YAAY,CAAA;AAC7D,KAAA;AAGA;;AAEC,MACD,MAAMyB,SAAW,GAAA;YACR,MAAE,EAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,QAAA,MAAM,IAAI,CAAC3D,SAAS,CAACvR,GAAG,CAAE,MAAA,CAAA,MAAA,IAAA,IAA1B,KAAF,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,CAAA,MAAA,GAAA,KAAwCuO,CAAAA,KAAK,cAA7C,MAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,MAAA,CAA+C3G,KAAK,CAAE,GAAA,CAAA,CAAA;AAC/D,KAAA;AAGA;;AAEC,MACD,MAAMuN,OAAS,GAAA;AACJ,QAAA,IAAA,KAAA,CAAA;AAAT,QAAA,OAAA,CAAS,KAAA,GAAA,MAAM,IAAI,CAAC5D,SAAS,CAACvR,GAAG,CAAE,MAA1B,CAAA,MAAA,IAAA,IAAA,KAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAF,KAAE,CAAsCoV,IAAI,CAAA;AACrD,KAAA;AAEA;;;;;AAKC,MACD,MAAMC,UAAAA,CAAY/B,SAAY,GAAA,KAAK,EAAE;AACnC,QAAA,MAAMgC,gBAAgB,CAAC,CAAC,MAAM,IAAI,CAACH,OAAO,EAAA,CAAA;QAC1C,IAAK,CAACG,aAAiB,IAAA,CAAChC,SAAW,EAAA;YACjC,IAAI;gBACF,MAAM,IAAI,CAACzB,WAAW,EAAA,CAAA;gBACtB,OAAO,IAAA,CAAA;AACT,aAAA,CAAE,OAAQrQ,CAAG,EAAA;gBACX,OAAO,KAAA,CAAA;AACT,aAAA;AACF,SAAA;QACA,OAAO8T,aAAAA,CAAAA;AACT,KAAA;AAEA;;;;;;MAOA,MAAcrD,kBAAmBpN,OAAuC,GAAA,EAAE,EACxEkN,UAAAA,GAAkC,EAAE,EAAmB;AACjD,QAAA,IAAA,uBAAA,CAAA;QAAN,IAAK,EAAA,CAAC,uBAAA,GAAA,IAAI,CAAClN,OAAO,CAAC2M,SAAS,MAAtB,IAAA,IAAA,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAwB+D,CAAAA,sBAAsB,CAAE,EAAA;YACpD,MAAM,IAAI,CAACtE,UAAU,CAAE,KAAA,CAAA,CAAA;AACzB,SAAA;;QAEA,MAAM6C,YAAAA,GAAerC,OAAOO,MAAM,CAAE,EAAI,EAAA,IAAI,CAACnN,OAAO,EAAEA,OAAAA,CAAAA,CAAAA;QACtDkN,UAAWyD,CAAAA,aAAa,GAAG9L,cAAgB,CAAA,EAAA,CAAA,CAAA;AAE3C,QAAA,MAAM4I,UAAa,GAAA;AACjB3G,YAAAA,SAAAA,EAAoBmI,aAAanI,SAAS;YAC1CrM,KAAoBoK,EAAAA,cAAAA,CAAgBoK,aAAa2B,WAAW,CAAA;AAC5DlH,YAAAA,KAAAA,EAAoBuF,aAAavF,KAAK;AACtC7C,YAAAA,QAAAA,EAAoBoI,aAAapI,QAAQ;AACzC2I,YAAAA,YAAAA,EAAoBP,aAAaO,YAAY;AAC7CjC,YAAAA,aAAAA,EAAoB0B,aAAa1B,aAAa;YAC9CjE,aAAoB2F,EAAAA,YAAAA,CAAa3F,aAAa,IAAI,MAAA;AAClDuH,YAAAA,UAAAA,EAAoB5B,aAAa4B,UAAU;AAC3CvB,YAAAA,MAAAA,EAAoBL,aAAaK,MAAM;AACvC3P,YAAAA,OAAAA,EAAoBsP,aAAatP,OAAO;AACxCmR,YAAAA,MAAAA,EAAoB7B,aAAa6B,MAAM;AACvCC,YAAAA,cAAAA,EAAoB9B,aAAa8B,cAAc;AAC/CC,YAAAA,UAAAA,EAAoB/B,aAAa+B,UAAU;AAC3CC,YAAAA,YAAAA,EAAoBhC,aAAagC,YAAY;AAC7CC,YAAAA,UAAAA,EAAoBjC,aAAaiC,UAAU;AAC3CvC,YAAAA,aAAAA,EAAoBM,aAAaN,aAAa;AAC9CwC,YAAAA,eAAAA,EAAoBlC,aAAakC,eAAe;AAChDC,YAAAA,kBAAAA,EAAoBnC,aAAamC,kBAAkB;AACnD,YAAA,GAAGnC,YAAaoC,CAAAA,WAAW,IAAIpC,YAAAA,CAAaoC,WAAW;AACzD,SAAA,CAAA;QAEA,IAAKhI,cAAAA,CAAgB,YAAYoE,UAAWnE,CAAAA,aAAa,KACvDG,eAAiB,CAAA,QAAA,EAAUgE,UAAW/D,CAAAA,KAAK,CAAI,EAAA;AAC/C+D,YAAAA,UAAAA,CAAWlH,KAAK,GAAG1B,cAAgBoK,CAAAA,YAAAA,CAAaqC,WAAW,CAAA,CAAA;AAC7D,SAAA;AAEA,QAAA,IAAKjI,cAAgB,CAAA,MAAA,EAAQoE,UAAWnE,CAAAA,aAAa,CAAI,EAAA;AACvDmE,YAAAA,UAAAA,CAAW8D,cAAc,GAAE,MAAMlM,eAAAA,CAAiB6H,WAAWyD,aAAa,CAAA,CAAA;AAC1ElD,YAAAA,UAAAA,CAAW+D,qBAAqB,GAAEvC,YAAauC,CAAAA,qBAAqB,IAAI,MAAA,CAAA;AAC1E,SAAA;AAEA,QAAA,MAAMhT,GAAM,GAAA,IAAI,CAACwB,OAAO,CAAC4G,mBAAmB,IAAI,IAAI,CAAC5G,OAAO,CAAC4G,mBAAmB,EAAA,IAAM5H,KAAKR,GAAG,EAAA,CAAA;QAC9F,MAAMiT,QAAAA,GAAWxC,YAAawC,CAAAA,QAAQ,GAAG,CAAC,CAAC,EAAGxC,YAAawC,CAAAA,QAAQ,CAAE,CAAC,GAAG,EAAA,CAAA;AACzE,QAAA,MAAMC,mBAAmBxP,uBAAyBuL,CAAAA,UAAAA,CAAAA,CAAAA;AAClD,QAAA,MAAM1N,GAAM,GAAA,CAAC,EAAG,IAAI,CAACC,OAAO,CAAC2M,SAAS,CAAE+D,sBAAsB,CAAE,EAAGgB,gBAAkB,CAAA,EAAGD,SAAU,CAAC,CAAA;;AAGnG,QAAA,IAAI,CAACjF,UAAU,CAACtQ,KAAK,CAAEsC,GAAM,GAAA,QAAA,CAAA,CAAA;QAG7B,MAAM,IAAI,CAACgO,UAAU,CAAC3Q,GAAG,CAAE4R,UAAAA,CAAWhT,KAAK,EAAGkO,cAAgB,CAAA;YAC5DjM,UAAc8B,EAAAA,GAAAA;AACdiP,YAAAA,UAAAA;AACAP,YAAAA,UAAAA;AACAM,YAAAA,YAAAA,EAAcyB,aAAazB,YAAY;AACzC,SAAA,CAAA,CAAA,CAAA;QACA,OAAOzN,GAAAA,CAAAA;AACT,KAAA;AAEA;;;;;AAKC,MACD,MAAc8O,mBAAAA,CAAqB7O,OAAgC,GAAA,EAAE,EAAE;AAC/D,QAAA,IAAA,uBAAA,CAAA;QAAN,IAAK,EAAA,CAAC,uBAAA,GAAA,IAAI,CAACA,OAAO,CAAC2M,SAAS,MAAtB,IAAA,IAAA,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAwBgF,CAAAA,oBAAoB,CAAE,EAAA;YAClD,MAAM,IAAI,CAAC7E,eAAe,EAAA,CAAA;AAC5B,SAAA;AACA,QAAA,MAAMmC,YAAe/F,GAAAA,YAAAA,CAAc,IAAI,CAAClJ,OAAO,EAAEA,OAAAA,CAAAA,CAAAA;AACjD,QAAA,MAAM4R,YAAe,GAAA;AACnBjD,YAAAA,aAAAA,EAA0BM,aAAaN,aAAa;AACpDkD,YAAAA,wBAAAA,EAA0B5C,aAAa4C,wBAAwB;AAC/D,YAAA,GAAG5C,YAAa6C,CAAAA,iBAAiB,IAAI,EAAE;AACzC,SAAA,CAAA;AACA,QAAA,OAAO,CAAC,EAAG,IAAI,CAAC9R,OAAO,CAAC2M,SAAS,CAAEgF,oBAAoB,CAAE,EAAGzP,uBAAAA,CAAyB0P,cAAgB,CAAC,CAAA;AACxG,KAAA;AAEA;;;;MAKA,MAAcG,yBAA2B/R,CAAAA,OAA2B,EAAE;AAC9D,QAAA,IAAA,uBAAA,CAAA;QAAN,IAAK,EAAA,CAAC,uBAAA,GAAA,IAAI,CAACA,OAAO,CAAC2M,SAAS,MAAtB,IAAA,IAAA,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAwBqF,CAAAA,cAAc,CAAE,EAAA;YAC5C,MAAM,IAAI,CAAClF,eAAe,EAAA,CAAA;AAC5B,SAAA;AACA,QAAA,MAAMmC,YAAe/F,GAAAA,YAAAA,CAAc,IAAI,CAAClJ,OAAO,EAAEA,OAAAA,CAAAA,CAAAA;AACjD,QAAA,MAAM,EAAEiS,iBAAiB,EAAEC,gBAAgB,EAAE,GAAGC,MAAM,GAAGlD,YAAAA,CAAAA;AACzD,QAAA,MAAMmD,aAAgB,GAAA;AACpB,YAAA,GAAGD,IAAI;YACP,GAAGD,gBAAAA,IAAoB,EAAE;YACzBG,UAAY,EAAA,oBAAA;AACd,SAAA,CAAA;AAEA,QAAA,KAAM,MAAMC,GAAO,IAAA;AAAC,YAAA,MAAA;AAAQ,YAAA,cAAA;AAAgB,YAAA,eAAA;AAAiB,YAAA,WAAA;SAAY,CAAW;AAClF,YAAA,IAAK,CAACF,aAAa,CAACE,GAAAA,CAAI,EAAE;gBACxB,OAAOjX,OAAAA,CAAQ4E,MAAM,CAAE,IAAI9F,KAAAA,CAAO,CAAC,CAAC,EAAGmY,GAAK,CAAA,aAAa,CAAC,CAAA,CAAA,CAAA;AAC5D,aAAA;AACF,SAAA;QAEA,OAAO,IAAI,CAAClD,IAAI,CAAE;YAChBrP,GAAa,EAAA,CAAC,EAAG,IAAI,CAACC,OAAO,CAAC2M,SAAS,CAAEqF,cAAc,CAAE,CAAC;YAC1DrO,MAAa,EAAA,MAAA;YACbC,WAAa,EAAA,MAAA;YACb1C,IAAakR,EAAAA,aAAAA;YACb1O,OAAauO,EAAAA,iBAAAA;AACf,SAAA,CAAA,CAAA;AACF,KAAA;AAEA;;;;MAKA,MAActC,oBAAsB3P,CAAAA,OAAoC,EAAG;AACnE,QAAA,IAAA,uBAAA,CAAA;QAAN,IAAK,EAAA,CAAC,uBAAA,GAAA,IAAI,CAACA,OAAO,CAAC2M,SAAS,MAAtB,IAAA,IAAA,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAwBqF,CAAAA,cAAc,CAAE,EAAA;YAC5C,MAAM,IAAI,CAAClF,eAAe,EAAA,CAAA;AAC5B,SAAA;AACA,QAAA,MAAM,EAAEmF,iBAAiB,EAAEC,gBAAgB,EAAE,GAAGC,MAAM,GAAGnS,OAAAA,CAAAA;AACzD,QAAA,MAAMoS,aAAgB,GAAA;YACpBC,UAAe,EAAA,eAAA;AACfvL,YAAAA,SAAAA,EAAe,IAAI,CAAC9G,OAAO,CAAC8G,SAAS;AACrCoI,YAAAA,aAAAA,EAAe,IAAI,CAAClP,OAAO,CAACkP,aAAa;AACzC,YAAA,GAAGiD,IAAI;YACP,GAAGD,gBAAAA,IAAoB,EAAE;AAC3B,SAAA,CAAA;AAEA,QAAA,KAAM,MAAMI,GAAO,IAAA;AAAC,YAAA,eAAA;AAAiB,YAAA,WAAA;SAAY,CAAW;AAC1D,YAAA,IAAK,CAACF,aAAa,CAACE,GAAAA,CAAI,EAAE;gBACxB,OAAOjX,OAAAA,CAAQ4E,MAAM,CAAE,IAAI9F,KAAAA,CAAO,CAAC,CAAC,EAAGmY,GAAK,CAAA,aAAa,CAAC,CAAA,CAAA,CAAA;AAC5D,aAAA;AACF,SAAA;QAEA,OAAO,IAAI,CAAClD,IAAI,CAAE;YAChBrP,GAAa,EAAA,CAAC,EAAG,IAAI,CAACC,OAAO,CAAC2M,SAAS,CAAEqF,cAAc,CAAE,CAAC;YAC1DrO,MAAa,EAAA,MAAA;YACbC,WAAa,EAAA,MAAA;YACb1C,IAAakR,EAAAA,aAAAA;YACb1O,OAAauO,EAAAA,iBAAAA;AACf,SAAA,CAAA,CAAA;AACF,KAAA;AAEA;;AAEC,MACD,MAAcnF,eAA+C,GAAA;QAC3D,IAAI;YACF,MAAMyF,UAAAA,GAAa,CAAC,EAAG,IAAI,CAACvS,OAAO,CAAC4B,MAAM,CAAE,iCAAiC,CAAC,CAAA;AAC9E,YAAA,MAAMZ,QAAW,GAAA,MAAM,IAAI,CAACoO,IAAI,CAAE;gBAChCrP,GAAawS,EAAAA,UAAAA;gBACb5O,MAAa,EAAA,KAAA;gBACbC,WAAa,EAAA,MAAA;AACf,aAAA,CAAA,CAAA;YACA,IAAI,CAAC4O,eAAe,GAAGxR,QAAAA,CAAAA;AACvB,YAAA,MAAM2L,YAAY,EAAC,CAAA;YACnB,KAAM,MAAM8F,QAAQ7F,MAAOC,CAAAA,IAAI,CAAE,IAAI,CAAC2F,eAAe,CAAK,CAAA;AACxD,gBAAA,IAAKC,IAAKC,CAAAA,QAAQ,CAAE,WAAA,CAAA,IAAiBD,KAAKtL,OAAO,CAAE,UAAe,CAAA,GAAA,CAAC,KAAKsL,IAAKtL,CAAAA,OAAO,CAAE,MAAA,CAAA,GAAW,CAAC,CAAI,EAAA;AACpGwF,oBAAAA,SAAS,CAAC8F,IAAqC,CAAA,GAAG,IAAI,CAACD,eAAe,CAACC,IAAK,CAAA,CAAA;AAC9E,iBAAA;AACF,aAAA;AACA,YAAA,IAAI,CAACzS,OAAO,CAAC2M,SAAS,GAAGA,SAAAA,CAAAA;YACzB,OAAO,IAAI,CAAC6F,eAAe,CAAA;AAC7B,SAAA,CAAE,OAAQ7V,CAAI,EAAA;AACZ,YAAA,MAAM,IAAIzC,eAAAA,CAAiB,yBAA2ByC,EAAAA,CAAAA,CAAE8J,OAAO,CAAA,CAAA;AACjE,SAAA;AACF,KAAA;AAEA;;;;;;MAOA,MAAcmH,mBACZ5M,QAAa,EACbiO,YAAgC,EAChC/B,UAAAA,GAAkC,EAAE,EACrC;QACC,IAAKlM,QAAAA,CAASsE,IAAI,EAAE;YAClB,OAAO,IAAI,CAACyM,yBAAyB,CAAE;AACrCvC,gBAAAA,YAAAA,EAAeP,aAAaO,YAAY;AACxC1I,gBAAAA,SAAAA,EAAemI,aAAanI,SAAS;AACrC6J,gBAAAA,aAAAA,EAAezD,WAAWyD,aAAa;gBACvC0B,UAAe,EAAA,oBAAA;AACf/M,gBAAAA,IAAAA,EAAetE,SAASsE,IAAI;AAC9B,aAAA,CAAA,CAAA;SACK,MAAA;YACL,OAAOtE,QAAAA,CAAAA;AACT,SAAA;AACF,KAAA;AAEA;;;;;;AAMC,MACD,MAAc8M,iBAAmBH,CAAAA,WAA0B,EAAEF,UAA8B,EACzFwB,YAAoC,EAAE;QACtC,MAAM,IAAI,CAAC7C,UAAU,CAAE,KAAA,CAAA,CAAA;AACvB,QAAA,IAAImE,OAAY,EAAC,CAAA;QACjB,IAAK5C,WAAAA,CAAYvT,KAAK,EAAE;AACtB,YAAA,MAAM,IAAIG,mBAAqBoT,CAAAA,WAAAA,CAAYvT,KAAK,EAAEuT,YAAYtT,iBAAiB,CAAA,CAAA;AACjF,SAAA;QACA,IAAIsY,aAAAA,CAAAA;QACJ,IAAKhF,WAAAA,CAAYrH,QAAQ,EAAE;AACzBqM,YAAAA,aAAAA,GAAgB,MAAMtM,eAAiBsH,CAAAA,WAAAA,CAAYrH,QAAQ,EAAEmH,UAAAA,CAAWlH,KAAK,EAAG0I,YAAAA,CAAAA,CAAAA;YAChF,IAAKA,YAAAA,CAAa2D,gBAAgB,IAAI,CAAC,MAAM3D,aAAa2D,gBAAgB,CAAEjF,WAAYrH,CAAAA,QAAQ,CAAI,EAAA;AAClG,gBAAA,OAAOjL,OAAQ4E,CAAAA,MAAM,CAAE,IAAInF,mBAAqB,CAAA,4BAAA,CAAA,CAAA,CAAA;AAClD,aAAA;AACA8R,YAAAA,MAAAA,CAAOC,IAAI,CAAE8F,aAAgB7V,CAAAA,CAAAA,OAAO,CAAE1B,CAAAA,GAAAA,GAAAA;AACpC,gBAAA,IAAK,CAACwM,aAAAA,CAAc9F,QAAQ,CAAE1G,GAAc,CAAA,EAAA;AAC1CmV,oBAAAA,IAAI,CAACnV,GAAAA,CAAI,GAAGuX,aAAa,CAACvX,GAAI,CAAA,CAAA;AAChC,iBAAA;AACF,aAAA,CAAA,CAAA;AACF,SAAA;QAEA,IAAKuS,WAAAA,CAAYoC,YAAY,EAAG;AACO,YAAA,IAAA,uBAAA,CAAA;AAArC,YAAA,IAAKd,YAAa4D,CAAAA,eAAe,KAAI,CAAA,uBAAA,GAAA,IAAI,CAAC7S,OAAO,CAAC2M,SAAS,MAAA,IAAA,IAAtB,uBAAA,KAAA,KAAA,CAAA,GAAA,KAAA,CAAA,GAAA,uBAAA,CAAwBmG,iBAAiB,CAAG,EAAA;AAC/E,gBAAA,MAAMC,iBAAiB,MAAM,IAAI,CAACC,aAAa,CAAErF,YAAYoC,YAAY,CAAA,CAAA;gBACzE,IAAK,CAACgD,cAAe3Y,CAAAA,KAAK,EAAE;oBAC1BmW,IAAO,GAAA;AAAE,wBAAA,GAAGA,IAAI;AAAE,wBAAA,GAAGwC,cAAc;AAAC,qBAAA,CAAA;AACtC,iBAAA;AACF,aAAA;AACF,SAAA;QAEA,OAAO;AACLtF,YAAAA,UAAAA;AACA8C,YAAAA,IAAAA;AACA,YAAA,GAAG5C,WAAW;YACdrH,QAAcqM,EAAAA,aAAAA;AACd/D,YAAAA,YAAAA,EAAcjB,YAAYrH,QAAQ;AAClCoD,YAAAA,KAAAA,EAAciE,WAAYjE,CAAAA,KAAK,IAAI+D,UAAAA,CAAW/D,KAAK;AACrD,SAAA,CAAA;AACF,KAAA;AAEA;;;;;MAMA,MAAcgE,SAAWjT,CAAAA,KAAa,EAAE;AACtC,QAAA,MAAM2T,iBAAiB,MAAM,IAAI,CAAC5B,UAAU,CAACrR,GAAG,CAAEV,KAAAA,CAAAA,CAAAA;AAClD,QAAA,IAAK,CAAC2T,cAAgB,EAAA;AACpB,YAAA,OAAO/S,OAAQ4E,CAAAA,MAAM,CAAE,IAAItF,cAAe,uBAAyBF,EAAAA,KAAAA,CAAAA,CAAAA,CAAAA;SAC9D,MAAA;AACL,YAAA,MAAM,IAAI,CAAC+R,UAAU,CAACxQ,GAAG,CAAEvB,KAAAA,CAAAA,CAAAA;AAC7B,SAAA;QACA,OAAO2T,cAAAA,CAAAA;AACT,KAAA;AAEA;;;;;MAMA,MAAc4E,aAAeC,CAAAA,WAAmB,EAAE;QAChD,OAAO,IAAI,CAAC7D,IAAI,CAAE;YAChBzL,MAAa,EAAA,KAAA;YACb5D,GAAa,EAAA,CAAC,EAAG,IAAI,CAACC,OAAO,CAAC2M,SAAS,CAAEmG,iBAAiB,CAAE,CAAC;YAC7DlP,WAAa,EAAA,MAAA;YACbF,OAAa,EAAA;AACX,gBAAA,eAAA,EAAiB,CAAC,OAAO,EAAGuP,WAAAA,CAAa,CAAC;AAC5C,aAAA;AACF,SAAA,CAAA,CAAA;AACF,KAAA;AAEA;;;;;;AAMC,MACD,cAAwB,CAAA,EAAEC,GAAG,EAAEnF,aAAa,EAAyB,EAAE;AAG/DpB,QAAAA,IAAAA,UAAAA,CAAAA;QAFN,MAAM,EAAE7F,SAAS,EAAE6F,SAAS,EAAE,GAAG,IAAI,CAAC3M,OAAO,CAAA;AAE7C,QAAA,IAAK,GAAC2M,UAAAA,GAAAA,SAAAA,MAAAA,IAAAA,IAAAA,UAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,UAAAA,CAAWwG,oBAAoB,CAAE,EAAA;AACrCC,YAAAA,OAAAA,CAAQC,IAAI,CAAE,4FAAA,CAAA,CAAA;AACd,YAAA,OAAA;AACF,SAAA;AACA,QAAA,IAAK,CAAC,IAAI,CAACC,mBAAmB,EAAE;AAC9B,YAAA,MAAMC,uBAAuB,OAAQC,GAAAA,GAAAA;AACnC,gBAAA,IAAKA,GAAK,EAAA;AACR,oBAAA,IAAI,CAAC1V,IAAI,CAAElE,MAAAA,CAAOC,WAAW,CAAA,CAAA;iBACxB,MAAA;AACL,oBAAA,IAAI,CAACiE,IAAI,CAAElE,MAAAA,CAAOK,cAAc,CAAA,CAAA;oBAChC,IAAI;AACF,wBAAA,MAAM,IAAI,CAAC+S,WAAW,CAAE,IAAI,EAAC,CAAA,CAAA;AAC7B,wBAAA,MAAM0B,aAAa,MAAM,IAAI,CAAChC,SAAS,CAACvR,GAAG,CAAE,MAAA,CAAA,CAAA;AAC7C,wBAAA,IAAKuT,UAAY,EAAA;AACVA,4BAAAA,IAAAA,gBAAAA,CAAAA;AAAL,4BAAA,IAAKA,CAAAA,CAAAA,gBAAAA,GAAAA,UAAW6B,CAAAA,IAAI,MAAf7B,IAAAA,IAAAA,gBAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,gBAAiBwE,CAAAA,GAAG,MAAKA,GAAAA,IAAOxE,UAAWX,CAAAA,aAAa,EAAE;AAC7D,gCAAA,IAAI,CAACuF,mBAAmB,CAAElV,KAAK,CAAEsQ,WAAWX,aAAa,CAAA,CAAA;AAC3D,6BAAA;yBACK,MAAA;AACL,4BAAA,IAAI,CAACjQ,IAAI,CAAElE,MAAAA,CAAOC,WAAW,EAAE,IAAA,CAAA,CAAA;AACjC,yBAAA;AACF,qBAAA,CAAE,OAAQ8C,CAAI,EAAA;AACZ,wBAAA,IAAI,CAACmB,IAAI,CAAElE,MAAAA,CAAOC,WAAW,CAAA,CAAA;AAC7B,wBAAA,OAAA;AACF,qBAAA;AACF,iBAAA;AACF,aAAA,CAAA;YAEA,IAAI,CAACyZ,mBAAmB,GAAGxL,yBAA2B,CAAA;AACpD/H,gBAAAA,GAAAA,EAAe4M,UAAUwG,oBAAoB;gBAC7CrM,SAAeA,EAAAA,SAAAA;gBACfxI,QAAeiV,EAAAA,oBAAAA;AACfxL,gBAAAA,aAAAA,EAAe,IAAI,CAAC/H,OAAO,CAACyT,oBAAoB;AAClD,aAAA,CAAA,CAAA;AACF,SAAA;AAEA,QAAA,IAAI,CAACH,mBAAmB,CAAClV,KAAK,CAAE2P,aAAAA,CAAAA,CAAAA;AAClC,KAAA;IAEA,MAAc2F,WAAAA,CAAaC,OAAY,EAAE;YAKzBjK,MAORlO,EAAAA,OAAAA,CAAAA;AAXN,QAAA,MAAM,EAAE2U,UAAU,EAAEI,IAAI,EAAE7G,KAAK,EAAEqG,YAAY,EAAEzJ,QAAQ,EAAEoJ,aAAa,EAAE3B,aAAa,EAAEa,YAAY,EAAE,GAAG+E,OAAAA,CAAAA;AACxG,QAAA,MAAM,IAAI,CAACjH,SAAS,CAAC7Q,GAAG,CAAE,MAAQ8X,EAAAA,OAAAA,CAAAA,CAAAA;QAElC,IAAI,CAACpD,IAAI,GAAGA,IAAAA,CAAAA;QACZ,IAAI,CAAC5G,MAAM,GAAGD,CAAAA,MAAAA,GAAAA,mBAAAA,MAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,MAAAA,CAAO3G,KAAK,CAAE,GAAA,CAAA,CAAA;QAC5B,IAAI,CAACkQ,WAAW,GAAGlD,YAAAA,CAAAA;QACnB,IAAI,CAAC6D,OAAO,GAAGtN,QAAAA,CAAAA;QACf,IAAI,CAACuN,UAAU,GAAGjF,YAAAA,CAAAA;QAClB,IAAI,CAACkF,YAAY,GAAGpE,aAAAA,CAAAA;AAEpB,QAAA,IAAI,CAAC5R,IAAI,CAAElE,MAAAA,CAAOE,UAAU,EAAE6Z,OAAAA,CAAAA,CAAAA;AAC9B,QAAA,IAAK,GAACnY,OAAAA,GAAAA,MAAAA,MAAAA,IAAAA,IAAAA,OAAAA,KAAAA,KAAAA,CAAAA,GAAAA,KAAAA,CAAAA,GAAAA,OAAAA,CAAQuR,YAAY,CAAG,EAAA;AAC3B,YAAA,IAAK,IAAI,CAAC/M,OAAO,CAAC+T,YAAY,EAAG;gBAC/B,IAAI,CAACC,cAAc,CAAE;AAAEd,oBAAAA,GAAAA,EAAK3C,IAAK2C,CAAAA,GAAG,IAAI3C,IAAAA,CAAK0D,EAAE;AAAElG,oBAAAA,aAAAA;AAAc,iBAAA,CAAA,CAAA;AACjE,aAAA;AAEA,YAAA,IAAKoC,eAAelH,SAAa,IAAA,IAAI,CAACjJ,OAAO,CAACkU,eAAe,EAAE;AAC7D,gBAAA,MAAM3V,aAAakJ,MAAQ0I,CAAAA,UAAAA,CAAAA,GAAe,IAAI,CAACnQ,OAAO,CAACmU,oCAAoC,CAAA;AAC3F,gBAAA,MAAMC,KAAQ,GAAA,IAAA;AACZ,oBAAA,IAAI,CAACpG,YAAY,CAAC9C,QAAQ,CAAE,cAAgB,EAAA,UAAA;wBAC1C,IAAI;4BACF,MAAM,IAAI,CAAC8B,WAAW,EAAA,CAAA;AACtB,4BAAA,IAAI,CAAClP,IAAI,CAAElE,MAAAA,CAAOG,oBAAoB,EAAE,IAAA,CAAA,CAAA;AAC1C,yBAAA,CAAE,OAAQ4C,CAAI,EAAA;AACZ,4BAAA,IAAI,CAACmB,IAAI,CAAElE,MAAAA,CAAOI,kBAAkB,EAAE2C,CAAAA,CAAAA,CAAAA;AACxC,yBAAA;AACF,qBAAA,CAAA,CAAA;AACF,iBAAA,CAAA;AACA,gBAAA,IAAK4B,cAAc,CAAG,EAAA;AACpB,oBAAA,IAAI,CAAC8V,uBAAuB,CAAEjW,KAAK,CAAEG,UAAY,EAAA,UAAA;AAC/C6V,wBAAAA,KAAAA,EAAAA,CAAAA;AACF,qBAAA,CAAA,CAAA;iBACK,MAAA;AACLA,oBAAAA,KAAAA,EAAAA,CAAAA;AACF,iBAAA;AACF,aAAA;AACF,SAAA;AACF,KAAA;AA3tBA5Z,IAAAA,WAAAA,CAAawF,OAA+B,CAAG;QAC7C,KAAK,EAAA,CAAA;AAjCPA,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,WAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAuQ,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,QAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEA5G,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,UAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAsJ,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,eAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAa,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,gBAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAF,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,WAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEAC,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,cAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEArB,QAAAA,gBAAAA,CAAAA,IAAAA,EAAAA,mBAAAA,KAAAA,CAAAA,CAAAA,CAAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAiBpD,QAAjB,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQpB,gBAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQxB,cAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQE,aAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQ4G,uBAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQe,2BAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQ/H,eAAR,KAAA,CAAA,CAAA,CAAA;AAEA,QAAA,gBAAA,CAAA,IAAA,EAAQC,uBAAR,KAAA,CAAA,CAAA,CAAA;AAIE,QAAA,IAAK,CAAC5K,aAAAA,CAAe3B,OAAQ4B,CAAAA,MAAM,CAAI,EAAA;AACrC,YAAA,MAAM,IAAI1H,eAAiB,CAAA,+BAAA,CAAA,CAAA;AAC7B,SAAA;QAEA,IAAI,CAAC8T,YAAY,GAAG,IAAI/C,SAAUqJ,IAAMtU,CAAAA,OAAAA,CAAQ4B,MAAM,CAAA,EAAI,IAAI,CAAA,CAAA;QAE9D,IAAI,CAAC5B,OAAO,GAAGkJ,YAAc,CAAA;YAC3BiL,oCAAsC,EAAA,EAAA;YACtCD,eAAsC,EAAA,IAAA;YACtCH,YAAsC,EAAA,IAAA;YACtCnD,WAAsC,EAAA,EAAA;YACtCU,WAAsC,EAAA,EAAA;AACxC,SAAA,EAAGtR,OAAS,EAAA;;AAEV4B,YAAAA,MAAAA,EAAQ5B,OAAQ4B,CAAAA,MAAM,CAAC8Q,QAAQ,CAAE,GAAQ1S,CAAAA,GAAAA,OAAAA,CAAQ4B,MAAM,CAAC3D,KAAK,CAAE,CAAA,EAAG,CAAC,CAAA,CAAA,GAAM+B,QAAQ4B,MAAM;AACzF,SAAA,CAAA,CAAA;QAEA,IAAI,CAACwN,IAAI,GAAG,IAAI,CAACpP,OAAO,CAACuU,UAAU,IAAI9Q,OAAAA,CAAAA;QACvC,IAAI,CAAC+I,UAAU,GAAG,IAAI,CAACxM,OAAO,CAACwM,UAAU,IAAI,IAAItR,sBAAqC,CAAA,gBAAA,CAAA,CAAA;QACtF,IAAI,CAACwR,SAAS,GAAG,IAAI,CAAC1M,OAAO,CAAC0M,SAAS,IAAI,IAAI9P,kBAAAA,EAAAA,CAAAA;AAG/C,QAAA,IAAK,IAAI,CAACoD,OAAO,CAACkU,eAAe,EAAE;YACjC,IAAI,CAACG,uBAAuB,GAAG,IAAIlW,KAAAA,EAAAA,CAAAA;AACrC,SAAA;AAEA,QAAA,IAAI,CAACZ,EAAE,CAAE3D,MAAAA,CAAOC,WAAW,EAAE,UAAA;YAC3B,IAAI,CAAC0W,IAAI,GAAGtH,SAAAA,CAAAA;YACZ,IAAI,CAACU,MAAM,GAAGV,SAAAA,CAAAA;YACd,IAAI,CAACgK,WAAW,GAAGhK,SAAAA,CAAAA;YACnB,IAAI,CAAC2K,OAAO,GAAG3K,SAAAA,CAAAA;YACf,IAAI,CAAC6K,YAAY,GAAG7K,SAAAA,CAAAA;AACpB,YAAA,MAAM,IAAI,CAACyD,SAAS,CAACxQ,KAAK,EAAA,CAAA;AAC5B,SAAA,CAAA,CAAA;AAEA,QAAA,IAAI,CAAC8R,YAAY,CAACnC,kBAAkB,CAAEjS,MAAOE,CAAAA,UAAU,EAAE,IAAI,CAAC4Z,WAAW,CAACc,IAAI,CAAE,IAAI,CAAA,CAAA,CAAA;AACtF,KAAA;AAsrBF;;ACtyBA;;;IAIe,SAASC,gBAAAA,CAAkBzU,OAA+B,EAAA;IACvE,OAAO,IAAImM,UAAYnM,CAAAA,OAAAA,CAAAA,CAAUoM,UAAU,EAAA,CAAA;AAC7C;;;;","x_google_ignoreList":[8]} \ No newline at end of file diff --git a/dist/oidc-client.min.js b/dist/oidc-client.min.js index aae0333..a503e19 100644 --- a/dist/oidc-client.min.js +++ b/dist/oidc-client.min.js @@ -1,2 +1,2 @@ -!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).PlusAuthOIDCClient={})}(this,function(e){"use strict";let t={USER_LOGOUT:"user_logout",USER_LOGIN:"user_login",SILENT_RENEW_SUCCESS:"silent_renew_success",SILENT_RENEW_ERROR:"silent_renew_error",SESSION_CHANGE:"session_change"};function i(e,t,i){return t in e?Object.defineProperty(e,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[t]=i,e}class s extends Error{constructor(e,t){super(`${e}${t&&` - ${t}`||""}`),i(this,"error",void 0),i(this,"error_description",void 0),this.name="OIDCClientError",this.error=e,this.error_description=t}}class n extends s{constructor(e,t,s,n){super(e,t),i(this,"state",void 0),i(this,"error_uri",void 0),this.name="AuthenticationError",this.state=s,this.error_uri=n}}class o extends n{constructor(e,t){super(e),i(this,"state",void 0),this.name="StateNotFound",this.state=t}}class r extends s{constructor(e){super(e),this.name="InvalidJWTError",this.error_description=e}}class a extends r{constructor(e){super(e),this.name="InvalidIdTokenError"}}class l extends s{constructor(e){super(e),this.name="InteractionCancelled"}}class h{constructor(e=""){var t,i;i=void 0,(t="prefix")in this?Object.defineProperty(this,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):this[t]=i,this.prefix=e}}class c extends h{get(e){return new Promise(t=>{let i=window.localStorage.getItem(this.prefix+e);t(i?JSON.parse(i):null)})}set(e,t){return new Promise(i=>{window.localStorage.setItem(this.prefix+e,JSON.stringify(t)),i()})}del(e){return new Promise(t=>{window.localStorage.removeItem(this.prefix+e),t()})}clear(e){return new Promise(t=>{let i;let s=[];for(i=0;i{t.created_at{this._expiration<=this.now()/1e3&&(this.stop(),t())},1e3*s)}stop(){this._timerHandle&&(clearInterval(this._timerHandle),this._timerHandle=null)}constructor(e=()=>Date.now()){p(this,"now",void 0),p(this,"_timerHandle",void 0),p(this,"_expiration",void 0),this.now=e}}function _(){let e=window.document.createElement("iframe");return e.style.width="0",e.style.height="0",e.style.position="absolute",e.style.visibility="hidden",e.style.display="none",e.title="__pa_helper__hidden",e.ariaHidden="true",e}for(var f,m,v=[],g="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",y=0,S=g.length;y{fetch(e.url,{method:e.method,body:t,headers:i}).then(e=>s(e.json())).catch(n)})}let T="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";function E(e){let t="",i=T.length,s=256-256%i;for(;e>0;){let n=function(e){let t=self.crypto||self.msCrypto,i=new Uint8Array(e);for(let s=0;s0;o++){let r=n[o];rdecodeURIComponent(atob(e.replace(/_/g,"/").replace(/-/g,"+")).split("").map(e=>`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`).join(""));function O(e){try{let t=e.split(".");if(3!==t.length)throw Error("Wrong JWT format");return{header:JSON.parse(I(t[0])),payload:JSON.parse(I(t[1]))}}catch(e){throw new r("Failed to parse jwt")}}let x=["iss","aud","exp","nbf","iat","jti","azp","nonce","auth_time","at_hash","c_hash","acr","amr","sub_jwk","cnf","sip_from_tag","sip_date","sip_callid","sip_cseq_num","sip_via_branch","orig","dest","mky","events","toe","txn","rph","sid","vot","vtm","attest","origid","act","scope","client_id","may_act","jcard","at_use_nbr"];function $(...e){return e.reduce((e,t)=>(function e(t,i){for(let s in i)void 0!==i[s]&&("object"==typeof i[s]&&"Object"===i[s].constructor.name?t[s]=e(t[s]||{},i[s]):t[s]=i[s]);return t})(e||{},t),{})}let R=(e,t)=>t&&t.split(/\s+/g).filter(t=>t===e).length>0,P=(e,t)=>t&&t.split(" ").indexOf(e)>-1,L=(e,t=400,i=600)=>{let s=window.screenX+(window.innerWidth-t)/2,n=window.screenY+(window.innerHeight-i)/2;return window.open(e,"oidc-login-popup",`left=${s},top=${n},width=${t},height=${i},resizable,scrollbars=yes,status=1`)},C=`${performance.now()}:${1e9*Math.random()|0}`,N={};class j{CallOnce(e,t,i=3e3){if(!e)throw"empty lockname";if(!window.localStorage){t();return}let s=this.keyPrefix+e;localStorage.setItem(s,C),setTimeout(()=>{localStorage.getItem(s)==C&&t()},150),setTimeout(function(){localStorage.removeItem(s)},i)}BroadcastMessageToAllTabs(e,t){try{N[e](t)}catch(e){}if(!window.localStorage)return;let i={data:t,timeStamp:new Date().getTime()};localStorage.setItem(`${this.keyPrefix}event${e}`,JSON.stringify(i)),setTimeout(()=>{localStorage.removeItem(`${this.keyPrefix}event${e}`)},3e3)}OnBroadcastMessage(e,t){N[e]=t,window.localStorage&&window.addEventListener("storage",i=>{if(i.key!=`${this.keyPrefix}event${e}`||!i.newValue)return;let s=JSON.parse(i.newValue);t(s.data)})}constructor(e){var t,i;i=void 0,(t="keyPrefix")in this?Object.defineProperty(this,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):this[t]=i,this.keyPrefix=e}}function z(e,t,i){return t in e?Object.defineProperty(e,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[t]=i,e}class A extends u{async initialize(e=!0){return this.initialized?this:(this.__initializePromise||(this.__initializePromise=new Promise(async(i,n)=>{try{this.stateStore.init&&await this.stateStore.init(),this.authStore.init&&await this.authStore.init(),this.options.endpoints&&0!==Object.keys(this.options.endpoints).length||await this.fetchFromIssuer(),this.initialized=!0;try{if(e){var o;(null===(o=window)||void 0===o?void 0:o.frameElement)||await this.silentLogin()}}catch(e){this.emit(t.SILENT_RENEW_ERROR,e),await this.authStore.clear()}i(this)}catch(e){n(e instanceof s?e:new s(e.message))}finally{this.__initializePromise=void 0}})),this.__initializePromise)}async login(e={},t={}){window.location.assign(await this.createAuthRequest(e,t))}async loginWithPopup(e={},i={}){let n=await this.createAuthRequest({response_mode:"fragment",...e,display:"popup",request_type:"p"}),{response:o,state:r}=await function(e,t){let i,n,o=t.popup;if(o?o.location.href=e:o=L(e),!o)throw Error("Could not open popup");return new Promise((e,r)=>{function a(){clearInterval(n),clearTimeout(i),window.removeEventListener("message",h)}function h(t){if(!t.data||"authorization_response"!==t.data.type)return;a(),o.close();let i=t.data.response||t.data;i.error?r(new s(i.error,i.error_description)):e(t.data)}i=setTimeout(()=>{a(),r(new s("Timed out"))},t.timeout||6e4),n=setInterval(function(){o.closed&&(a(),r(new l("user closed popup")))},300),window.addEventListener("message",h)})}(n,i),{authParams:a,localState:h}=r&&"string"!=typeof r?r:await this.loadState(r||o.state),c=await this.handleAuthResponse(o,a,h),d=await this.handleTokenResult(c,a,$(this.options,a));return d.session_state=o.session_state,this.synchronizer.BroadcastMessageToAllTabs(t.USER_LOGIN,d),h}async loginCallback(e=null===(m=window)||void 0===m?void 0:null===(f=m.location)||void 0===f?void 0:f.href){let i;if(!e)return Promise.reject(new s("Url must be passed to handle login redirect"));try{i=new URL(e)}catch(t){return Promise.reject(new s(`Invalid callback url passed: "${e}"`))}let o=function(e){let t={};e=e.trim().replace(/^(\?|#|&)/,"");let i=e.split("&");for(let e=0;e0?n.join("="):"";t[o]=decodeURIComponent(r)}return t}(i.search||i.hash),r=await this.loadState(o.state),{authParams:a,localState:l,request_type:h}=r;switch(e=e||window.location.href,h){case"s":var c;(null===(c=window)||void 0===c?void 0:c.frameElement)&&e&&window.parent.postMessage({type:"authorization_response",response:o,state:r},`${location.protocol}//${location.host}`);return;case"p":window.opener&&e&&window.opener.postMessage({type:"authorization_response",response:o,state:r},`${location.protocol}//${location.host}`);return;default:if(o.error)return Promise.reject(new n(o.error,o.error_description));let d=await this.handleAuthResponse(o,a,l),u=await this.handleTokenResult(d,a,$(this.options,a));return u.session_state=o.session_state,this.synchronizer.BroadcastMessageToAllTabs(t.USER_LOGIN,u),l}}async logout(e={}){if(!e.localOnly){let t=await this.authStore.get("auth"),i=e.id_token_hint||(null==t?void 0:t.id_token_raw);window.location.assign(await this.createLogoutRequest({...e,id_token_hint:i}))}await this.authStore.clear()}async revokeToken(e,t="access_token",i={}){if(!this.options.endpoints.revocation_endpoint)return Promise.reject(new s('"revocation_endpoint" doesn\'t exist'));let n={client_id:i.client_id||this.options.client_id,client_secret:i.client_secret||this.options.client_secret,token_type_hint:t,token:e};return this.http({method:"POST",requestType:"form",url:this.options.endpoints.revocation_endpoint,body:n})}async silentLogin(e={},i={}){let o;await this.initialize(!1);let r={},a=await this.authStore.get("auth")||{},l=$({response_mode:"query",display:"page",prompt:"none"},this.options,e);if(l.silent_redirect_uri&&(l.redirect_uri=l.silent_redirect_uri),this.options.useRefreshToken&&(null==a?void 0:a.refresh_token))r.authParams=$((null==a?void 0:a.authParams)||{},r.authParams||{}),o=await this.exchangeRefreshToken({...l,refresh_token:a.refresh_token});else{var h;let e=await this.createAuthRequest({...l,request_type:"s"},i),{response:t,state:c}=await (h={timeout:l.silentRequestTimeout,eventOrigin:window.location.origin},new Promise((t,i)=>{let o=null,r=_(),a=setTimeout(()=>{i(new s("Timed out")),c()},1e3*(h.timeout||10)),l=e=>{if(e.origin!=h.eventOrigin||!e.data||"authorization_response"!==e.data.type)return;let s=e.source;s&&s.close();let o=e.data.response||e.data;o.error?i(new n(o.error,o.error_description,o.state,o.error_uri)):t(e.data),clearTimeout(a),c()},c=()=>{null!=o&&clearTimeout(o),window.document.body.contains(r)&&window.document.body.removeChild(r),window.removeEventListener("message",l,!1)},d=()=>setTimeout(()=>{i(new s("Could not complete silent authentication",e)),c()},300);window.addEventListener("message",l,!1),window.document.body.appendChild(r),r.setAttribute("src",e),r.onload=function(){o=d()}}));o=await this.handleAuthResponse(t,l,i),a.session_state=t.session_state,r=c}let c=await this.handleTokenResult(o,r.authParams,l);return c.session_state=a.session_state,this.synchronizer.BroadcastMessageToAllTabs(t.USER_LOGIN,c),r.localState}async getAccessToken(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.access_token}async getRefreshToken(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.refresh_token}async getIdToken(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.id_token}async getExpiresIn(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.expires_in}async getIdTokenRaw(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.id_token_raw}async getScopes(){var e,t;return null===(t=await this.authStore.get("auth"))||void 0===t?void 0:null===(e=t.scope)||void 0===e?void 0:e.split(" ")}async getUser(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.user}async isLoggedIn(e=!1){let t=!!await this.getUser();if(!t&&!e)try{return await this.silentLogin(),!0}catch(e){return!1}return t}async createAuthRequest(e={},t={}){var i,n;(null===(i=this.options.endpoints)||void 0===i?void 0:i.authorization_endpoint)||await this.initialize(!1);let o=Object.assign({},this.options,e);t.code_verifier=E(72);let r={client_id:o.client_id,state:E(o.stateLength),scope:o.scope,audience:o.audience,redirect_uri:o.redirect_uri,response_mode:o.response_mode,response_type:o.response_type||"code",ui_locales:o.ui_locales,prompt:o.prompt,display:o.display,claims:o.claims,claims_locales:o.claims_locales,acr_values:o.acr_values,registration:o.registration,login_hint:o.login_hint,id_token_hint:o.id_token_hint,web_message_uri:o.web_message_uri,web_message_target:o.web_message_target,...o.extraParams&&o.extraParams};(R("id_token",r.response_type)||P("openid",r.scope))&&(r.nonce=E(o.nonceLength)),R("code",r.response_type)&&(r.code_challenge=await ((n=t.code_verifier).length<43||n.length>128?Promise.reject(new s(`Invalid code length: ${n.length}`)):new Promise((e,t)=>{crypto.subtle.digest("SHA-256",new TextEncoder().encode(n)).then(t=>e(function(e){let t=function(e){for(var t,i=e.length,s=i%3,n=[],o=0,r=i-s;o>18&63]+v[s>>12&63]+v[s>>6&63]+v[63&s]);return n.join("")}(e,o,o+16383>r?r:o+16383));return 1===s?n.push(v[(t=e[i-1])>>2]+v[t<<4&63]+"=="):2===s&&n.push(v[(t=(e[i-2]<<8)+e[i-1])>>10]+v[t>>4&63]+v[t<<2&63]+"="),n.join("")}(new Uint8Array(e));return t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}(new Uint8Array(t))),function(e){return t(e)})})),r.code_challenge_method=o.code_challenge_method||"S256");let a=this.options.currentTimeInMillis&&this.options.currentTimeInMillis()||Date.now(),l=o.fragment?`#${o.fragment}`:"",h=k(r),c=`${this.options.endpoints.authorization_endpoint}${h}${l}`;return this.stateStore.clear(a-864e5),await this.stateStore.set(r.state,JSON.parse(JSON.stringify({created_at:a,authParams:r,localState:t,request_type:o.request_type}))),c}async createLogoutRequest(e={}){var t;(null===(t=this.options.endpoints)||void 0===t?void 0:t.end_session_endpoint)||await this.fetchFromIssuer();let i=$(this.options,e),s={id_token_hint:i.id_token_hint,post_logout_redirect_uri:i.post_logout_redirect_uri,...i.extraLogoutParams||{}};return`${this.options.endpoints.end_session_endpoint}${k(s)}`}async exchangeAuthorizationCode(e){var t;(null===(t=this.options.endpoints)||void 0===t?void 0:t.token_endpoint)||await this.fetchFromIssuer();let i=$(this.options,e),{extraTokenHeaders:s,extraTokenParams:n,...o}=i,r={...o,...n||{},grant_type:"authorization_code"};for(let e of["code","redirect_uri","code_verifier","client_id"])if(!r[e])return Promise.reject(Error(`"${e}" is required`));return this.http({url:`${this.options.endpoints.token_endpoint}`,method:"POST",requestType:"form",body:r,headers:s})}async exchangeRefreshToken(e){var t;(null===(t=this.options.endpoints)||void 0===t?void 0:t.token_endpoint)||await this.fetchFromIssuer();let{extraTokenHeaders:i,extraTokenParams:s,...n}=e,o={grant_type:"refresh_token",client_id:this.options.client_id,client_secret:this.options.client_secret,...n,...s||{}};for(let e of["refresh_token","client_id"])if(!o[e])return Promise.reject(Error(`"${e}" is required`));return this.http({url:`${this.options.endpoints.token_endpoint}`,method:"POST",requestType:"form",body:o,headers:i})}async fetchFromIssuer(){try{let e=`${this.options.issuer}/.well-known/openid-configuration`,t=await this.http({url:e,method:"GET",requestType:"json"});this.issuer_metadata=t;let i={};for(let e of Object.keys(this.issuer_metadata))(e.endsWith("_endpoint")||e.indexOf("_session")>-1||e.indexOf("_uri")>-1)&&(i[e]=this.issuer_metadata[e]);return this.options.endpoints=i,this.issuer_metadata}catch(e){throw new s("Loading metadata failed",e.message)}}async handleAuthResponse(e,t,i={}){return e.code?this.exchangeAuthorizationCode({redirect_uri:t.redirect_uri,client_id:t.client_id,code_verifier:i.code_verifier,grant_type:"authorization_code",code:e.code}):e}async handleTokenResult(e,t,i){let o;await this.initialize(!1);let l={};if(e.error)throw new n(e.error,e.error_description);if(e.id_token){if(o=await function(e,t,i){if(!t)throw new s("No nonce on state");try{let s=O(e);if(t!==s.payload.nonce)throw Error(`Invalid nonce in id_token: ${s.payload.nonce}`);if(function(e,t,i=!1){let{clockSkew:s,currentTimeInMillis:n,issuer:o,audience:a,client_id:l}=t;s||(s=0);let h=(n&&n()||Date.now())/1e3,c=O(e).payload;if(!c.iss)throw new r("Issuer (iss) was not provided");if(c.iss!==o)throw new r(`Invalid Issuer (iss) in token: ${c.iss}`);if(!c.aud)throw new r("Audience (aud) was not provided");if(Array.isArray(c.aud)?-1==c.aud.indexOf(i?l:a||l):c.aud!==(i?l:a||l))throw new r(`Invalid Audience (aud) in token: ${c.aud}`);if(c.azp&&c.azp!==l)throw new r(`Invalid Authorized Party (azp) in token: ${c.azp}`);let d=Math.ceil(h+s),u=Math.floor(h-s);if(!c.iat)throw new r("Issued At (iat) was not provided");if(d{x.includes(e)||(l[e]=o[e])})}if(e.access_token){var h;if(i.requestUserInfo&&(null===(h=this.options.endpoints)||void 0===h?void 0:h.userinfo_endpoint)){let t=await this.fetchUserInfo(e.access_token);t.error||(l={...l,...t})}}return{authParams:t,user:l,...e,id_token:o,id_token_raw:e.id_token,scope:e.scope||t.scope}}async loadState(e){let t=await this.stateStore.get(e);return t?(await this.stateStore.del(e),t):Promise.reject(new o("Local state not found",e))}async fetchUserInfo(e){return this.http({method:"GET",url:`${this.options.endpoints.userinfo_endpoint}`,requestType:"json",headers:{Authorization:`Bearer ${e}`}})}monitorSession({sub:e,session_state:i}){let{client_id:s,endpoints:n}=this.options;if(!(null==n?void 0:n.check_session_iframe)){console.warn('"check_session_iframe" endpoint missing or session management is not supported by provider');return}if(!this.sessionCheckerFrame){let i=async i=>{if(i)this.emit(t.USER_LOGOUT);else{this.emit(t.SESSION_CHANGE);try{await this.silentLogin({},{});let i=await this.authStore.get("auth");if(i){var s;(null===(s=i.user)||void 0===s?void 0:s.sub)===e&&i.session_state&&this.sessionCheckerFrame.start(i.session_state)}else this.emit(t.USER_LOGOUT,null)}catch(e){this.emit(t.USER_LOGOUT);return}}};this.sessionCheckerFrame=function(e){let t,i;let{url:s,callback:n,client_id:o,checkInterval:r}=e,a=s.indexOf("/",s.indexOf("//")+2),l=s.substr(0,a),h=_(),c=()=>new Promise(e=>{window.document.body.appendChild(h),window.addEventListener("message",u,!1),h.onload=()=>{e(null)}}),d=()=>{t=null,i&&(window.clearInterval(i),i=null)},u=e=>{e.origin===l&&e.source===h.contentWindow&&("error"===e.data?(d(),n(e.data)):"changed"===e.data&&(d(),n()))};return h.setAttribute("src",s),{stop:d,start:e=>{c().then(()=>{if(e&&t!==e){d(),t=e;let s=()=>{h.contentWindow.postMessage(`${o} ${t}`,l)};s(),i=window.setInterval(s,r||2e3)}})}}}({url:n.check_session_iframe,client_id:s,callback:i,checkInterval:this.options.checkSessionInterval})}this.sessionCheckerFrame.start(i)}async onUserLogin(e){var i;let{expires_in:s,user:n,scope:o,access_token:r,id_token:a,refresh_token:l,session_state:h,id_token_raw:c}=e;if(await this.authStore.set("auth",e),this.user=n,this.scopes=null==o?void 0:o.split(" "),this.accessToken=r,this.idToken=a,this.idTokenRaw=c,this.refreshToken=l,this.emit(t.USER_LOGIN,e),!(null===(i=window)||void 0===i?void 0:i.frameElement)&&(this.options.checkSession&&this.monitorSession({sub:n.sub||n.id,session_state:h}),void 0!==s&&this.options.autoSilentRenew)){let e=Number(s)-this.options.secondsToRefreshAccessTokenBeforeExp;e>=0&&this._accessTokenExpireTimer.start(e,async()=>{this.synchronizer.CallOnce("silent-login",async()=>{try{await this.silentLogin(),this.emit(t.SILENT_RENEW_SUCCESS,null)}catch(e){this.emit(t.SILENT_RENEW_ERROR,e)}})})}}constructor(e){if(super(),z(this,"options",void 0),z(this,"user",void 0),z(this,"scopes",void 0),z(this,"accessToken",void 0),z(this,"refreshToken",void 0),z(this,"idToken",void 0),z(this,"idTokenRaw",void 0),z(this,"issuer_metadata",void 0),z(this,"http",void 0),z(this,"synchronizer",void 0),z(this,"stateStore",void 0),z(this,"authStore",void 0),z(this,"sessionCheckerFrame",void 0),z(this,"_accessTokenExpireTimer",void 0),z(this,"initialized",void 0),z(this,"__initializePromise",void 0),!function(e){try{let t=new URL(e);if(!["http:","https:"].includes(t.protocol)||""!==t.search||""!==t.hash)return!1;return!0}catch(e){return!1}}(e.issuer))throw new s('"issuer" must be a valid uri.');this.synchronizer=new j(btoa(e.issuer)),this.options=$({secondsToRefreshAccessTokenBeforeExp:60,autoSilentRenew:!0,checkSession:!0,stateLength:10,nonceLength:10},e,{issuer:e.issuer.endsWith("/")?e.issuer.slice(0,-1):e.issuer}),this.http=this.options.httpClient||b,this.stateStore=this.options.stateStore||new c("pa_oidc.state."),this.authStore=this.options.authStore||new d,this.options.autoSilentRenew&&(this._accessTokenExpireTimer=new w),this.on(t.USER_LOGOUT,async()=>{this.user=void 0,this.scopes=void 0,this.accessToken=void 0,this.idToken=void 0,this.refreshToken=void 0,await this.authStore.clear()}),this.synchronizer.OnBroadcastMessage(t.USER_LOGIN,this.onUserLogin.bind(this))}}e.AuthenticationError=n,e.EventEmitter=u,e.Events=t,e.InMemoryStateStore=d,e.InteractionCancelled=l,e.InvalidIdTokenError=a,e.InvalidJWTError=r,e.LocalStorageStateStore=c,e.OIDCClient=A,e.OIDCClientError=s,e.StateNotFound=o,e.StateStore=h,e.default=function(e){return new A(e).initialize()},Object.defineProperty(e,"__esModule",{value:!0})}); +!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).PlusAuthOIDCClient={})}(this,function(e){"use strict";let t={USER_LOGOUT:"user_logout",USER_LOGIN:"user_login",SILENT_RENEW_SUCCESS:"silent_renew_success",SILENT_RENEW_ERROR:"silent_renew_error",SESSION_CHANGE:"session_change"};function i(e,t,i){return t in e?Object.defineProperty(e,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[t]=i,e}class s extends Error{constructor(e,t){super(`${e}${t&&` - ${t}`||""}`),i(this,"error",void 0),i(this,"error_description",void 0),this.name="OIDCClientError",this.error=e,this.error_description=t}}class n extends s{constructor(e,t,s,n){super(e,t),i(this,"state",void 0),i(this,"error_uri",void 0),this.name="AuthenticationError",this.state=s,this.error_uri=n}}class o extends n{constructor(e,t){super(e),i(this,"state",void 0),this.name="StateNotFound",this.state=t}}class r extends s{constructor(e){super(e),this.name="InvalidJWTError",this.error_description=e}}class a extends r{constructor(e){super(e),this.name="InvalidIdTokenError"}}class l extends s{constructor(e){super(e),this.name="InteractionCancelled"}}class h{constructor(e=""){var t,i;i=void 0,(t="prefix")in this?Object.defineProperty(this,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):this[t]=i,this.prefix=e}}class c extends h{get(e){return new Promise(t=>{let i=window.localStorage.getItem(this.prefix+e);t(i?JSON.parse(i):null)})}set(e,t){return new Promise(i=>{window.localStorage.setItem(this.prefix+e,JSON.stringify(t)),i()})}del(e){return new Promise(t=>{window.localStorage.removeItem(this.prefix+e),t()})}clear(e){return new Promise(t=>{let i;let s=[];for(i=0;i{t.created_at{this._expiration<=this.now()/1e3&&(this.stop(),t())},1e3*s)}stop(){this._timerHandle&&(clearInterval(this._timerHandle),this._timerHandle=null)}constructor(e=()=>Date.now()){p(this,"now",void 0),p(this,"_timerHandle",void 0),p(this,"_expiration",void 0),this.now=e}}function _(){let e=window.document.createElement("iframe");return e.style.width="0",e.style.height="0",e.style.position="absolute",e.style.visibility="hidden",e.style.display="none",e.title="__pa_helper__hidden",e.ariaHidden="true",e}for(var f,m,v=[],g="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",y=0,S=g.length;y{fetch(e.url,{method:e.method,body:t,headers:i}).then(e=>s(e.json())).catch(n)})}let T="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";function E(e){let t="",i=T.length,s=256-256%i;for(;e>0;){let n=function(e){let t=self.crypto||self.msCrypto,i=new Uint8Array(e);for(let s=0;s0;o++){let r=n[o];rdecodeURIComponent(atob(e.replace(/_/g,"/").replace(/-/g,"+")).split("").map(e=>`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`).join(""));function O(e){try{let t=e.split(".");if(3!==t.length)throw Error("Wrong JWT format");return{header:JSON.parse(I(t[0])),payload:JSON.parse(I(t[1]))}}catch(e){throw new r("Failed to parse jwt")}}let x=["iss","aud","exp","nbf","iat","jti","azp","nonce","auth_time","at_hash","c_hash","acr","amr","sub_jwk","cnf","sip_from_tag","sip_date","sip_callid","sip_cseq_num","sip_via_branch","orig","dest","mky","events","toe","txn","rph","sid","vot","vtm","attest","origid","act","scope","client_id","may_act","jcard","at_use_nbr"];function $(...e){return e.reduce((e,t)=>(function e(t,i){for(let s in i)void 0!==i[s]&&("object"==typeof i[s]&&"Object"===i[s].constructor.name?t[s]=e(t[s]||{},i[s]):t[s]=i[s]);return t})(e||{},t),{})}let R=(e,t)=>t&&t.split(/\s+/g).filter(t=>t===e).length>0,P=(e,t)=>t&&t.split(" ").indexOf(e)>-1,L=(e,t=400,i=600)=>{let s=window.screenX+(window.innerWidth-t)/2,n=window.screenY+(window.innerHeight-i)/2;return window.open(e,"oidc-login-popup",`left=${s},top=${n},width=${t},height=${i},resizable,scrollbars=yes,status=1`)};function C(e,t,i){return t in e?Object.defineProperty(e,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[t]=i,e}let N=`${performance.now()}:${1e9*Math.random()|0}`,j={};class z{CallOnce(e,t,i=3e3){if(!e)throw"empty lockname";if(!window.localStorage){t();return}let s=this.keyPrefix+e;localStorage.setItem(s,N),setTimeout(()=>{localStorage.getItem(s)==N&&t()},150),setTimeout(function(){localStorage.removeItem(s)},i)}BroadcastMessageToAllTabs(e,t){try{j[e](t)}catch(e){}if(!window.localStorage){this.events.emit(e,t);return}let i={data:t,timeStamp:new Date().getTime()};localStorage.setItem(`${this.keyPrefix}event${e}`,JSON.stringify(i)),setTimeout(()=>{localStorage.removeItem(`${this.keyPrefix}event${e}`)},3e3)}OnBroadcastMessage(e,t){if(j[e]=t,!window.localStorage){this.events.on(e,t);return}window.addEventListener("storage",i=>{if(i.key!=`${this.keyPrefix}event${e}`||!i.newValue)return;let s=JSON.parse(i.newValue);t(s.data)})}constructor(e,t){C(this,"keyPrefix",void 0),C(this,"events",void 0),this.keyPrefix=e,this.events=t}}function A(e,t,i){return t in e?Object.defineProperty(e,t,{value:i,enumerable:!0,configurable:!0,writable:!0}):e[t]=i,e}class U extends u{async initialize(e=!0){return this.initialized?this:(this.__initializePromise||(this.__initializePromise=new Promise(async(i,n)=>{try{this.stateStore.init&&await this.stateStore.init(),this.authStore.init&&await this.authStore.init(),this.options.endpoints&&0!==Object.keys(this.options.endpoints).length||await this.fetchFromIssuer(),this.initialized=!0;try{if(e){var o;(null===(o=window)||void 0===o?void 0:o.frameElement)||await this.silentLogin()}}catch(e){this.emit(t.SILENT_RENEW_ERROR,e),await this.authStore.clear()}i(this)}catch(e){n(e instanceof s?e:new s(e.message))}finally{this.__initializePromise=void 0}})),this.__initializePromise)}async login(e={},t={}){window.location.assign(await this.createAuthRequest(e,t))}async loginWithPopup(e={},i={}){let n=await this.createAuthRequest({response_mode:"fragment",...e,display:"popup",request_type:"p"}),{response:o,state:r}=await function(e,t){let i,n,o=t.popup;if(o?o.location.href=e:o=L(e),!o)throw Error("Could not open popup");return new Promise((e,r)=>{function a(){clearInterval(n),clearTimeout(i),window.removeEventListener("message",h)}function h(t){if(!t.data||"authorization_response"!==t.data.type)return;a(),o.close();let i=t.data.response||t.data;i.error?r(new s(i.error,i.error_description)):e(t.data)}i=setTimeout(()=>{a(),r(new s("Timed out"))},t.timeout||6e4),n=setInterval(function(){o.closed&&(a(),r(new l("user closed popup")))},300),window.addEventListener("message",h)})}(n,i),{authParams:a,localState:h}=r&&"string"!=typeof r?r:await this.loadState(r||o.state),c=await this.handleAuthResponse(o,a,h),d=await this.handleTokenResult(c,a,$(this.options,a));return d.session_state=o.session_state,this.synchronizer.BroadcastMessageToAllTabs(t.USER_LOGIN,d),h}async loginCallback(e=null===(m=window)||void 0===m?void 0:null===(f=m.location)||void 0===f?void 0:f.href){let i;if(!e)return Promise.reject(new s("Url must be passed to handle login redirect"));try{i=new URL(e)}catch(t){return Promise.reject(new s(`Invalid callback url passed: "${e}"`))}let o=function(e){let t={};e=e.trim().replace(/^(\?|#|&)/,"");let i=e.split("&");for(let e=0;e0?n.join("="):"";t[o]=decodeURIComponent(r)}return t}(i.search||i.hash),r=await this.loadState(o.state),{authParams:a,localState:l,request_type:h}=r;switch(e=e||window.location.href,h){case"s":var c;(null===(c=window)||void 0===c?void 0:c.frameElement)&&e&&window.parent.postMessage({type:"authorization_response",response:o,state:r},`${location.protocol}//${location.host}`);return;case"p":window.opener&&e&&window.opener.postMessage({type:"authorization_response",response:o,state:r},`${location.protocol}//${location.host}`);return;default:if(o.error)return Promise.reject(new n(o.error,o.error_description));let d=await this.handleAuthResponse(o,a,l),u=await this.handleTokenResult(d,a,$(this.options,a));return u.session_state=o.session_state,this.synchronizer.BroadcastMessageToAllTabs(t.USER_LOGIN,u),l}}async logout(e={}){if(!e.localOnly){let t=await this.authStore.get("auth"),i=e.id_token_hint||(null==t?void 0:t.id_token_raw);window.location.assign(await this.createLogoutRequest({...e,id_token_hint:i}))}await this.authStore.clear()}async revokeToken(e,t="access_token",i={}){if(!this.options.endpoints.revocation_endpoint)return Promise.reject(new s('"revocation_endpoint" doesn\'t exist'));let n={client_id:i.client_id||this.options.client_id,client_secret:i.client_secret||this.options.client_secret,token_type_hint:t,token:e};return this.http({method:"POST",requestType:"form",url:this.options.endpoints.revocation_endpoint,body:n})}async silentLogin(e={},i={}){let o;await this.initialize(!1);let r={},a=await this.authStore.get("auth")||{},l=$({response_mode:"query",display:"page",prompt:"none"},this.options,e);if(l.silent_redirect_uri&&(l.redirect_uri=l.silent_redirect_uri),this.options.useRefreshToken&&(null==a?void 0:a.refresh_token))r.authParams=$((null==a?void 0:a.authParams)||{},r.authParams||{}),o=await this.exchangeRefreshToken({...l,refresh_token:a.refresh_token});else{var h;let e=await this.createAuthRequest({...l,request_type:"s"},i),{response:t,state:c}=await (h={timeout:l.silentRequestTimeout,eventOrigin:window.location.origin},new Promise((t,i)=>{let o=null,r=_(),a=setTimeout(()=>{i(new s("Timed out")),c()},1e3*(h.timeout||10)),l=e=>{if(e.origin!=h.eventOrigin||!e.data||"authorization_response"!==e.data.type)return;let s=e.source;s&&s.close();let o=e.data.response||e.data;o.error?i(new n(o.error,o.error_description,o.state,o.error_uri)):t(e.data),clearTimeout(a),c()},c=()=>{null!=o&&clearTimeout(o),window.document.body.contains(r)&&window.document.body.removeChild(r),window.removeEventListener("message",l,!1)},d=()=>setTimeout(()=>{i(new s("Could not complete silent authentication",e)),c()},300);window.addEventListener("message",l,!1),window.document.body.appendChild(r),r.setAttribute("src",e),r.onload=function(){o=d()}}));o=await this.handleAuthResponse(t,l,i),a.session_state=t.session_state,r=c}let c=await this.handleTokenResult(o,r.authParams,l);return c.session_state=a.session_state,this.synchronizer.BroadcastMessageToAllTabs(t.USER_LOGIN,c),r.localState}async getAccessToken(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.access_token}async getRefreshToken(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.refresh_token}async getIdToken(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.id_token}async getExpiresIn(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.expires_in}async getIdTokenRaw(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.id_token_raw}async getScopes(){var e,t;return null===(t=await this.authStore.get("auth"))||void 0===t?void 0:null===(e=t.scope)||void 0===e?void 0:e.split(" ")}async getUser(){var e;return null===(e=await this.authStore.get("auth"))||void 0===e?void 0:e.user}async isLoggedIn(e=!1){let t=!!await this.getUser();if(!t&&!e)try{return await this.silentLogin(),!0}catch(e){return!1}return t}async createAuthRequest(e={},t={}){var i,n;(null===(i=this.options.endpoints)||void 0===i?void 0:i.authorization_endpoint)||await this.initialize(!1);let o=Object.assign({},this.options,e);t.code_verifier=E(72);let r={client_id:o.client_id,state:E(o.stateLength),scope:o.scope,audience:o.audience,redirect_uri:o.redirect_uri,response_mode:o.response_mode,response_type:o.response_type||"code",ui_locales:o.ui_locales,prompt:o.prompt,display:o.display,claims:o.claims,claims_locales:o.claims_locales,acr_values:o.acr_values,registration:o.registration,login_hint:o.login_hint,id_token_hint:o.id_token_hint,web_message_uri:o.web_message_uri,web_message_target:o.web_message_target,...o.extraParams&&o.extraParams};(R("id_token",r.response_type)||P("openid",r.scope))&&(r.nonce=E(o.nonceLength)),R("code",r.response_type)&&(r.code_challenge=await ((n=t.code_verifier).length<43||n.length>128?Promise.reject(new s(`Invalid code length: ${n.length}`)):new Promise((e,t)=>{crypto.subtle.digest("SHA-256",new TextEncoder().encode(n)).then(t=>e(function(e){let t=function(e){for(var t,i=e.length,s=i%3,n=[],o=0,r=i-s;o>18&63]+v[s>>12&63]+v[s>>6&63]+v[63&s]);return n.join("")}(e,o,o+16383>r?r:o+16383));return 1===s?n.push(v[(t=e[i-1])>>2]+v[t<<4&63]+"=="):2===s&&n.push(v[(t=(e[i-2]<<8)+e[i-1])>>10]+v[t>>4&63]+v[t<<2&63]+"="),n.join("")}(new Uint8Array(e));return t.replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}(new Uint8Array(t))),function(e){return t(e)})})),r.code_challenge_method=o.code_challenge_method||"S256");let a=this.options.currentTimeInMillis&&this.options.currentTimeInMillis()||Date.now(),l=o.fragment?`#${o.fragment}`:"",h=k(r),c=`${this.options.endpoints.authorization_endpoint}${h}${l}`;return this.stateStore.clear(a-864e5),await this.stateStore.set(r.state,JSON.parse(JSON.stringify({created_at:a,authParams:r,localState:t,request_type:o.request_type}))),c}async createLogoutRequest(e={}){var t;(null===(t=this.options.endpoints)||void 0===t?void 0:t.end_session_endpoint)||await this.fetchFromIssuer();let i=$(this.options,e),s={id_token_hint:i.id_token_hint,post_logout_redirect_uri:i.post_logout_redirect_uri,...i.extraLogoutParams||{}};return`${this.options.endpoints.end_session_endpoint}${k(s)}`}async exchangeAuthorizationCode(e){var t;(null===(t=this.options.endpoints)||void 0===t?void 0:t.token_endpoint)||await this.fetchFromIssuer();let i=$(this.options,e),{extraTokenHeaders:s,extraTokenParams:n,...o}=i,r={...o,...n||{},grant_type:"authorization_code"};for(let e of["code","redirect_uri","code_verifier","client_id"])if(!r[e])return Promise.reject(Error(`"${e}" is required`));return this.http({url:`${this.options.endpoints.token_endpoint}`,method:"POST",requestType:"form",body:r,headers:s})}async exchangeRefreshToken(e){var t;(null===(t=this.options.endpoints)||void 0===t?void 0:t.token_endpoint)||await this.fetchFromIssuer();let{extraTokenHeaders:i,extraTokenParams:s,...n}=e,o={grant_type:"refresh_token",client_id:this.options.client_id,client_secret:this.options.client_secret,...n,...s||{}};for(let e of["refresh_token","client_id"])if(!o[e])return Promise.reject(Error(`"${e}" is required`));return this.http({url:`${this.options.endpoints.token_endpoint}`,method:"POST",requestType:"form",body:o,headers:i})}async fetchFromIssuer(){try{let e=`${this.options.issuer}/.well-known/openid-configuration`,t=await this.http({url:e,method:"GET",requestType:"json"});this.issuer_metadata=t;let i={};for(let e of Object.keys(this.issuer_metadata))(e.endsWith("_endpoint")||e.indexOf("_session")>-1||e.indexOf("_uri")>-1)&&(i[e]=this.issuer_metadata[e]);return this.options.endpoints=i,this.issuer_metadata}catch(e){throw new s("Loading metadata failed",e.message)}}async handleAuthResponse(e,t,i={}){return e.code?this.exchangeAuthorizationCode({redirect_uri:t.redirect_uri,client_id:t.client_id,code_verifier:i.code_verifier,grant_type:"authorization_code",code:e.code}):e}async handleTokenResult(e,t,i){let o;await this.initialize(!1);let l={};if(e.error)throw new n(e.error,e.error_description);if(e.id_token){if(o=await function(e,t,i){if(!t)throw new s("No nonce on state");try{let s=O(e);if(t!==s.payload.nonce)throw Error(`Invalid nonce in id_token: ${s.payload.nonce}`);if(function(e,t,i=!1){let{clockSkew:s,currentTimeInMillis:n,issuer:o,audience:a,client_id:l}=t;s||(s=0);let h=(n&&n()||Date.now())/1e3,c=O(e).payload;if(!c.iss)throw new r("Issuer (iss) was not provided");if(c.iss!==o)throw new r(`Invalid Issuer (iss) in token: ${c.iss}`);if(!c.aud)throw new r("Audience (aud) was not provided");if(Array.isArray(c.aud)?-1==c.aud.indexOf(i?l:a||l):c.aud!==(i?l:a||l))throw new r(`Invalid Audience (aud) in token: ${c.aud}`);if(c.azp&&c.azp!==l)throw new r(`Invalid Authorized Party (azp) in token: ${c.azp}`);let d=Math.ceil(h+s),u=Math.floor(h-s);if(!c.iat)throw new r("Issued At (iat) was not provided");if(d{x.includes(e)||(l[e]=o[e])})}if(e.access_token){var h;if(i.requestUserInfo&&(null===(h=this.options.endpoints)||void 0===h?void 0:h.userinfo_endpoint)){let t=await this.fetchUserInfo(e.access_token);t.error||(l={...l,...t})}}return{authParams:t,user:l,...e,id_token:o,id_token_raw:e.id_token,scope:e.scope||t.scope}}async loadState(e){let t=await this.stateStore.get(e);return t?(await this.stateStore.del(e),t):Promise.reject(new o("Local state not found",e))}async fetchUserInfo(e){return this.http({method:"GET",url:`${this.options.endpoints.userinfo_endpoint}`,requestType:"json",headers:{Authorization:`Bearer ${e}`}})}monitorSession({sub:e,session_state:i}){let{client_id:s,endpoints:n}=this.options;if(!(null==n?void 0:n.check_session_iframe)){console.warn('"check_session_iframe" endpoint missing or session management is not supported by provider');return}if(!this.sessionCheckerFrame){let i=async i=>{if(i)this.emit(t.USER_LOGOUT);else{this.emit(t.SESSION_CHANGE);try{await this.silentLogin({},{});let i=await this.authStore.get("auth");if(i){var s;(null===(s=i.user)||void 0===s?void 0:s.sub)===e&&i.session_state&&this.sessionCheckerFrame.start(i.session_state)}else this.emit(t.USER_LOGOUT,null)}catch(e){this.emit(t.USER_LOGOUT);return}}};this.sessionCheckerFrame=function(e){let t,i;let{url:s,callback:n,client_id:o,checkInterval:r}=e,a=s.indexOf("/",s.indexOf("//")+2),l=s.substr(0,a),h=_(),c=()=>new Promise(e=>{window.document.body.appendChild(h),window.addEventListener("message",u,!1),h.onload=()=>{e(null)}}),d=()=>{t=null,i&&(window.clearInterval(i),i=null)},u=e=>{e.origin===l&&e.source===h.contentWindow&&("error"===e.data?(d(),n(e.data)):"changed"===e.data&&(d(),n()))};return h.setAttribute("src",s),{stop:d,start:e=>{c().then(()=>{if(e&&t!==e){d(),t=e;let s=()=>{h.contentWindow.postMessage(`${o} ${t}`,l)};s(),i=window.setInterval(s,r||2e3)}})}}}({url:n.check_session_iframe,client_id:s,callback:i,checkInterval:this.options.checkSessionInterval})}this.sessionCheckerFrame.start(i)}async onUserLogin(e){var i;let{expires_in:s,user:n,scope:o,access_token:r,id_token:a,refresh_token:l,session_state:h,id_token_raw:c}=e;if(await this.authStore.set("auth",e),this.user=n,this.scopes=null==o?void 0:o.split(" "),this.accessToken=r,this.idToken=a,this.idTokenRaw=c,this.refreshToken=l,this.emit(t.USER_LOGIN,e),!(null===(i=window)||void 0===i?void 0:i.frameElement)&&(this.options.checkSession&&this.monitorSession({sub:n.sub||n.id,session_state:h}),void 0!==s&&this.options.autoSilentRenew)){let e=Number(s)-this.options.secondsToRefreshAccessTokenBeforeExp,i=()=>{this.synchronizer.CallOnce("silent-login",async()=>{try{await this.silentLogin(),this.emit(t.SILENT_RENEW_SUCCESS,null)}catch(e){this.emit(t.SILENT_RENEW_ERROR,e)}})};e>=0?this._accessTokenExpireTimer.start(e,async()=>{i()}):i()}}constructor(e){if(super(),A(this,"options",void 0),A(this,"user",void 0),A(this,"scopes",void 0),A(this,"accessToken",void 0),A(this,"refreshToken",void 0),A(this,"idToken",void 0),A(this,"idTokenRaw",void 0),A(this,"issuer_metadata",void 0),A(this,"http",void 0),A(this,"synchronizer",void 0),A(this,"stateStore",void 0),A(this,"authStore",void 0),A(this,"sessionCheckerFrame",void 0),A(this,"_accessTokenExpireTimer",void 0),A(this,"initialized",void 0),A(this,"__initializePromise",void 0),!function(e){try{let t=new URL(e);if(!["http:","https:"].includes(t.protocol)||""!==t.search||""!==t.hash)return!1;return!0}catch(e){return!1}}(e.issuer))throw new s('"issuer" must be a valid uri.');this.synchronizer=new z(btoa(e.issuer),this),this.options=$({secondsToRefreshAccessTokenBeforeExp:60,autoSilentRenew:!0,checkSession:!0,stateLength:10,nonceLength:10},e,{issuer:e.issuer.endsWith("/")?e.issuer.slice(0,-1):e.issuer}),this.http=this.options.httpClient||b,this.stateStore=this.options.stateStore||new c("pa_oidc.state."),this.authStore=this.options.authStore||new d,this.options.autoSilentRenew&&(this._accessTokenExpireTimer=new w),this.on(t.USER_LOGOUT,async()=>{this.user=void 0,this.scopes=void 0,this.accessToken=void 0,this.idToken=void 0,this.refreshToken=void 0,await this.authStore.clear()}),this.synchronizer.OnBroadcastMessage(t.USER_LOGIN,this.onUserLogin.bind(this))}}e.AuthenticationError=n,e.EventEmitter=u,e.Events=t,e.InMemoryStateStore=d,e.InteractionCancelled=l,e.InvalidIdTokenError=a,e.InvalidJWTError=r,e.LocalStorageStateStore=c,e.OIDCClient=U,e.OIDCClientError=s,e.StateNotFound=o,e.StateStore=h,e.default=function(e){return new U(e).initialize()},Object.defineProperty(e,"__esModule",{value:!0})}); //# sourceMappingURL=oidc-client.min.js.map diff --git a/dist/oidc-client.min.js.map b/dist/oidc-client.min.js.map index 7db6d37..cec754e 100644 --- a/dist/oidc-client.min.js.map +++ b/dist/oidc-client.min.js.map @@ -1 +1 @@ -{"version":3,"file":"oidc-client.min.js","sources":["../src/constants/events.ts","../src/errors.ts","../src/helpers/state_manager/state_store.ts","../src/helpers/state_manager/local_storage.ts","../src/helpers/state_manager/in_memory.ts","../src/helpers/event_emitter.ts","../src/helpers/timer.ts","../src/utils/iframe.ts","../node_modules/.pnpm/base64-js@1.5.1/node_modules/base64-js/index.js","../src/client.ts","../src/utils/url.ts","../src/utils/request.ts","../src/utils/jose.ts","../src/utils/object.ts","../src/utils/oidc.ts","../src/utils/popup.ts","../src/utils/tab_utils.ts","../src/utils/check_session_iframe.ts","../src/index.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/indent */\nexport const Events = {\n USER_LOGOUT: 'user_logout',\n USER_LOGIN: 'user_login',\n SILENT_RENEW_SUCCESS: 'silent_renew_success',\n SILENT_RENEW_ERROR: 'silent_renew_error',\n SESSION_CHANGE: 'session_change'\n} as const\n\nexport type EventTypes = 'user_logout' | 'user_login' | 'silent_renew_success' |\n 'silent_renew_error' | 'session_change' | 'session_error'\n","export class OIDCClientError extends Error {\n error: string;\n\n error_description?: string;\n\n public constructor( error: string, error_description?: string ) {\n super( `${ error }${ error_description && ` - ${ error_description }` || '' }` );\n this.name = 'OIDCClientError'\n this.error = error\n this.error_description = error_description\n }\n}\n\nexport class AuthenticationError extends OIDCClientError {\n state?: string;\n\n error_uri?: string;\n\n constructor( error: string, error_description?: string, state?: string, error_uri?: string ) {\n super( error, error_description );\n this.name = 'AuthenticationError'\n this.state = state;\n this.error_uri = error_uri;\n }\n}\n\nexport class StateNotFound extends AuthenticationError {\n state?: string;\n\n constructor( error: string, state?: string ) {\n super( error );\n this.name = 'StateNotFound'\n this.state = state;\n }\n}\n\nexport class InvalidJWTError extends OIDCClientError {\n constructor( details: string ) {\n super( details );\n this.name = 'InvalidJWTError'\n this.error_description = details\n }\n}\n\nexport class InvalidIdTokenError extends InvalidJWTError {\n constructor( details: string ) {\n super( details );\n this.name = 'InvalidIdTokenError'\n }\n}\n\nexport class InteractionCancelled extends OIDCClientError {\n constructor( details: string ) {\n super( details );\n this.name = 'InteractionCancelled'\n }\n}\n","export interface StateStore> {\n init?(): Promise>\n}\n// eslint-disable-next-line @typescript-eslint/no-unsafe-declaration-merging\nexport abstract class StateStore> {\n prefix: string;\n\n constructor( prefix = '' ) {\n this.prefix = prefix\n }\n\n public abstract get( key: string ): Promise;\n\n public abstract set( key: string, value: T ): Promise;\n\n public abstract del( key: string ): Promise;\n\n public abstract clear( maxAge?: number ): Promise;\n}\n","import { StateStore } from './state_store';\n\nexport class LocalStorageStateStore extends StateStore {\n constructor( prefix = 'pa_oidc.' ) {\n super( prefix )\n }\n\n get( key: string ) {\n return new Promise( ( resolve ) => {\n const value = window.localStorage.getItem( this.prefix + key );\n if ( value ) {\n resolve( JSON.parse( value ) );\n } else {\n resolve( null );\n }\n } );\n }\n\n set( key: string, value: T ) {\n return new Promise( ( resolve ) => {\n window.localStorage.setItem( this.prefix + key, JSON.stringify( value ) );\n resolve();\n } );\n }\n\n del( key: string ) {\n return new Promise( ( resolve ) => {\n window.localStorage.removeItem( this.prefix + key );\n resolve();\n } );\n }\n\n clear( before?: number ): Promise {\n return new Promise( ( resolve ) => {\n let i;\n const storedKeys: string[] = [];\n for ( i = 0; i < window.localStorage.length; i++ ) {\n const key = window.localStorage.key( i )\n // items only created by oidc client\n if ( key?.substring( 0, this.prefix.length ) == this.prefix ) {\n storedKeys.push( key );\n }\n }\n for ( i = 0; i < storedKeys.length; i++ ) {\n if ( before ) {\n try {\n const storedItem = JSON.parse( window.localStorage.getItem( storedKeys[i] )! )\n if ( storedItem.created_at < before ) {\n window.localStorage.removeItem( storedKeys[i] )\n }\n } catch ( e ) {\n }\n } else {\n window.localStorage.removeItem( storedKeys[i] )\n }\n }\n resolve();\n } );\n }\n}\n","import { StateStore } from './state_store';\n\nexport class InMemoryStateStore extends StateStore {\n map = new Map()\n\n clear( before?: number ) {\n if ( before ){\n this.map.forEach( ( val, ind ) => {\n if ( val.created_at < before ){\n this.map.delete( ind )\n }\n } )\n return Promise.resolve()\n } else {\n return Promise.resolve( this.map.clear() );\n }\n }\n\n del( key: string ) {\n this.map.delete( key )\n return Promise.resolve( );\n }\n\n get( key: string ) {\n return Promise.resolve( this.map.get( key ) || null );\n }\n\n set( key: string, value: any ) {\n this.map.set( key, value )\n return Promise.resolve();\n }\n}\n","export type Listener = ( ...args: any ) => void\n\nexport class EventEmitter{\n callbacks: Record;\n\n constructor(){\n this.callbacks = {}\n }\n\n once( event: T, fn: ( ...args: any[] ) => void ){\n function on( this: EventEmitter, ...onArgs: any[] ) {\n this.off( event, on );\n fn.apply( this, onArgs );\n }\n on.fn = fn\n this.on( event, on );\n return this;\n }\n\n on( event: T, cb: ( ...args: any[] ) => void ){\n if ( !this.callbacks[`$${ event }`] ) this.callbacks[`$${ event }`] = [];\n this.callbacks[`$${ event }`].push( cb )\n return this\n }\n\n off( event?: T, fn?: ( ...args: any[] ) => void ){\n if ( !event ) {\n this.callbacks = {};\n return this;\n }\n\n // specific event\n const callbacks = this.callbacks[`$${ event }`];\n if ( !callbacks ) return this;\n\n // remove all handlers\n if ( !fn ) {\n delete this.callbacks[`$${ event }`];\n return this;\n }\n\n for ( let i = 0; i < callbacks.length; i++ ) {\n const cb = callbacks[i];\n if ( cb === fn || cb.fn === fn ) {\n callbacks.splice( i, 1 );\n break;\n }\n }\n\n // Remove event specific arrays for event types that no\n // one is subscribed for to avoid memory leak.\n if ( callbacks.length === 0 ) {\n delete this.callbacks[`$${ event }`];\n }\n\n return this;\n }\n\n emit( event: T, ...args: any[] ){\n let cbs = this.callbacks[`$${ event }`]\n if ( cbs ) {\n cbs = cbs.slice( 0 );\n for ( let i = 0, len = cbs.length; i < len; ++i ) {\n cbs[i].apply( this, args );\n }\n }\n return this\n }\n}\n","export class Timer {\n private now: () => number;\n\n private _timerHandle: any;\n\n private _expiration!: number;\n\n constructor( currentTimeInMillisFunc = () => Date.now() ) {\n this.now = currentTimeInMillisFunc\n }\n\n start( duration: number, callback: () => void ){\n if ( duration <= 0 ) {\n duration = 1;\n }\n const expiration = this.now() / 1000 + duration;\n if ( this._expiration === expiration && this._timerHandle ) {\n return;\n }\n\n this.stop();\n\n this._expiration = expiration;\n\n // prevent device sleep and delayed timers\n let timerDuration = 5;\n if ( duration < timerDuration ) {\n timerDuration = duration;\n }\n this._timerHandle = setInterval( ()=>{\n if ( this._expiration <= this.now() / 1000 ) {\n this.stop();\n callback()\n }\n }, timerDuration * 1000 );\n }\n\n stop() {\n if ( this._timerHandle ) {\n clearInterval( this._timerHandle );\n this._timerHandle = null;\n }\n }\n}\n","import { AuthenticationError, OIDCClientError } from '../errors';\nimport type { IFrameOptions } from '../interfaces';\n\nexport function createHiddenFrame() {\n const iframe = window.document.createElement( 'iframe' );\n iframe.style.width = '0';\n iframe.style.height = '0';\n iframe.style.position = 'absolute';\n iframe.style.visibility = 'hidden';\n iframe.style.display = 'none';\n\n iframe.title = '__pa_helper__hidden'\n iframe.ariaHidden = 'true'\n\n return iframe\n}\n\nexport function runIframe(\n url: string,\n options: IFrameOptions\n) {\n return new Promise( ( resolve, reject ) => {\n let onLoadTimeoutId: any = null;\n const iframe = createHiddenFrame()\n\n const timeoutSetTimeoutId = setTimeout( () => {\n reject( new OIDCClientError( 'Timed out' ) );\n removeIframe();\n }, ( options.timeout || 10 ) * 1000 );\n\n const iframeEventHandler = ( e: MessageEvent ) => {\n if ( e.origin != options.eventOrigin ) return;\n if ( !e.data || e.data.type !== 'authorization_response' ) return;\n const eventSource = e.source;\n if ( eventSource ) {\n ( eventSource ).close();\n }\n\n const resp = e.data.response || e.data\n resp.error\n ? reject( new AuthenticationError( resp.error, resp.error_description, resp.state, resp.error_uri ) )\n : resolve( e.data );\n clearTimeout( timeoutSetTimeoutId );\n removeIframe();\n };\n\n const removeIframe = () => {\n if ( onLoadTimeoutId != null ){\n clearTimeout( onLoadTimeoutId )\n }\n if ( window.document.body.contains( iframe ) ) {\n window.document.body.removeChild( iframe );\n }\n window.removeEventListener( 'message', iframeEventHandler, false );\n };\n\n const onLoadTimeout = () => setTimeout( ()=>{\n reject( new OIDCClientError( 'Could not complete silent authentication', url ) )\n removeIframe();\n }, 300 )\n\n\n\n window.addEventListener( 'message', iframeEventHandler, false );\n window.document.body.appendChild( iframe );\n iframe.setAttribute( 'src', url );\n\n /**\n * In case of wrong client id, wrong redirect_uri, in short when redirect did not happen\n * we assume flow failed.\n */\n iframe.onload = function () {\n onLoadTimeoutId = onLoadTimeout()\n }\n } );\n}\n","'use strict'\n\nexports.byteLength = byteLength\nexports.toByteArray = toByteArray\nexports.fromByteArray = fromByteArray\n\nvar lookup = []\nvar revLookup = []\nvar Arr = typeof Uint8Array !== 'undefined' ? Uint8Array : Array\n\nvar code = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'\nfor (var i = 0, len = code.length; i < len; ++i) {\n lookup[i] = code[i]\n revLookup[code.charCodeAt(i)] = i\n}\n\n// Support decoding URL-safe base64 strings, as Node.js does.\n// See: https://en.wikipedia.org/wiki/Base64#URL_applications\nrevLookup['-'.charCodeAt(0)] = 62\nrevLookup['_'.charCodeAt(0)] = 63\n\nfunction getLens (b64) {\n var len = b64.length\n\n if (len % 4 > 0) {\n throw new Error('Invalid string. Length must be a multiple of 4')\n }\n\n // Trim off extra bytes after placeholder bytes are found\n // See: https://github.com/beatgammit/base64-js/issues/42\n var validLen = b64.indexOf('=')\n if (validLen === -1) validLen = len\n\n var placeHoldersLen = validLen === len\n ? 0\n : 4 - (validLen % 4)\n\n return [validLen, placeHoldersLen]\n}\n\n// base64 is 4/3 + up to two characters of the original data\nfunction byteLength (b64) {\n var lens = getLens(b64)\n var validLen = lens[0]\n var placeHoldersLen = lens[1]\n return ((validLen + placeHoldersLen) * 3 / 4) - placeHoldersLen\n}\n\nfunction _byteLength (b64, validLen, placeHoldersLen) {\n return ((validLen + placeHoldersLen) * 3 / 4) - placeHoldersLen\n}\n\nfunction toByteArray (b64) {\n var tmp\n var lens = getLens(b64)\n var validLen = lens[0]\n var placeHoldersLen = lens[1]\n\n var arr = new Arr(_byteLength(b64, validLen, placeHoldersLen))\n\n var curByte = 0\n\n // if there are placeholders, only get up to the last complete 4 chars\n var len = placeHoldersLen > 0\n ? validLen - 4\n : validLen\n\n var i\n for (i = 0; i < len; i += 4) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 18) |\n (revLookup[b64.charCodeAt(i + 1)] << 12) |\n (revLookup[b64.charCodeAt(i + 2)] << 6) |\n revLookup[b64.charCodeAt(i + 3)]\n arr[curByte++] = (tmp >> 16) & 0xFF\n arr[curByte++] = (tmp >> 8) & 0xFF\n arr[curByte++] = tmp & 0xFF\n }\n\n if (placeHoldersLen === 2) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 2) |\n (revLookup[b64.charCodeAt(i + 1)] >> 4)\n arr[curByte++] = tmp & 0xFF\n }\n\n if (placeHoldersLen === 1) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 10) |\n (revLookup[b64.charCodeAt(i + 1)] << 4) |\n (revLookup[b64.charCodeAt(i + 2)] >> 2)\n arr[curByte++] = (tmp >> 8) & 0xFF\n arr[curByte++] = tmp & 0xFF\n }\n\n return arr\n}\n\nfunction tripletToBase64 (num) {\n return lookup[num >> 18 & 0x3F] +\n lookup[num >> 12 & 0x3F] +\n lookup[num >> 6 & 0x3F] +\n lookup[num & 0x3F]\n}\n\nfunction encodeChunk (uint8, start, end) {\n var tmp\n var output = []\n for (var i = start; i < end; i += 3) {\n tmp =\n ((uint8[i] << 16) & 0xFF0000) +\n ((uint8[i + 1] << 8) & 0xFF00) +\n (uint8[i + 2] & 0xFF)\n output.push(tripletToBase64(tmp))\n }\n return output.join('')\n}\n\nfunction fromByteArray (uint8) {\n var tmp\n var len = uint8.length\n var extraBytes = len % 3 // if we have 1 byte left, pad 2 bytes\n var parts = []\n var maxChunkLength = 16383 // must be multiple of 3\n\n // go through the array every three bytes, we'll deal with trailing stuff later\n for (var i = 0, len2 = len - extraBytes; i < len2; i += maxChunkLength) {\n parts.push(encodeChunk(uint8, i, (i + maxChunkLength) > len2 ? len2 : (i + maxChunkLength)))\n }\n\n // pad the end with zeros, but make sure to not forget the extra bytes\n if (extraBytes === 1) {\n tmp = uint8[len - 1]\n parts.push(\n lookup[tmp >> 2] +\n lookup[(tmp << 4) & 0x3F] +\n '=='\n )\n } else if (extraBytes === 2) {\n tmp = (uint8[len - 2] << 8) + uint8[len - 1]\n parts.push(\n lookup[tmp >> 10] +\n lookup[(tmp >> 4) & 0x3F] +\n lookup[(tmp << 2) & 0x3F] +\n '='\n )\n }\n\n return parts.join('')\n}\n","import type { EventTypes } from './constants';\nimport { Events } from './constants';\n\nimport {\n AuthenticationError, InvalidIdTokenError,\n OIDCClientError, StateNotFound\n} from './errors';\n\nimport type {\n StateStore } from './helpers';\nimport {\n EventEmitter,\n InMemoryStateStore,\n LocalStorageStateStore\n} from './helpers';\n\n\n\nimport { Timer } from './helpers/timer';\nimport type { AuthRecord,\n AuthRequestOptions, IEndpointConfiguration,\n IPlusAuthClientOptions,\n LogoutRequestOptions, PopupOptions, RevokeOptions, SessionChecker,\n SessionMonitorOptions, StateRecord,\n TokenRequestOption, TokenResponse, TokenType\n} from './interfaces';\n\nimport type {\n RequestOptions } from './utils';\nimport {\n request,\n runIframe,\n buildEncodedQueryString,\n parseQueryUrl,\n validateIdToken,\n createSessionCheckerFrame,\n nonUserClaims, generateRandom, deriveChallenge, isValidIssuer,\n} from './utils';\nimport { cleanUndefined, mergeObjects } from './utils/object';\n\nimport { isResponseType, isScopeIncluded } from './utils/oidc';\nimport { runPopup } from './utils/popup';\nimport { TabUtils } from './utils/tab_utils';\n\n/**\n * `OIDCClient` provides methods for interacting with OIDC/OAuth2 authorization server. Those methods are signing a\n * user in, signing out, managing the user's claims, checking session and managing tokens returned from the\n * OIDC/OAuth2 provider.\n *\n */\nexport class OIDCClient extends EventEmitter{\n options: IPlusAuthClientOptions\n\n user?: any;\n\n scopes?: string[];\n\n accessToken?: string;\n\n refreshToken?: string;\n\n idToken?: string;\n\n idTokenRaw?: string;\n\n issuer_metadata?: Record;\n\n private readonly http: ( options: RequestOptions ) => Promise | never;\n\n private synchronizer: TabUtils;\n\n private stateStore: StateStore\n\n private authStore: StateStore;\n\n private sessionCheckerFrame?: SessionChecker\n\n private _accessTokenExpireTimer?: Timer;\n\n private initialized!: boolean;\n\n private __initializePromise!: Promise | undefined;\n\n constructor( options: IPlusAuthClientOptions ) {\n super()\n if ( !isValidIssuer( options.issuer ) ){\n throw new OIDCClientError( '\"issuer\" must be a valid uri.' )\n }\n\n this.synchronizer = new TabUtils( btoa( options.issuer ) )\n\n this.options = mergeObjects( {\n secondsToRefreshAccessTokenBeforeExp: 60,\n autoSilentRenew: true,\n checkSession: true,\n stateLength: 10,\n nonceLength: 10\n }, options, {\n // remove last slash for consistency across the lib\n issuer: options.issuer.endsWith( '/' ) ? options.issuer.slice( 0, -1 ) : options.issuer\n } )\n\n this.http = this.options.httpClient || request\n this.stateStore = this.options.stateStore || new LocalStorageStateStore( 'pa_oidc.state.' )\n this.authStore = this.options.authStore || new InMemoryStateStore()\n\n\n if ( this.options.autoSilentRenew ){\n this._accessTokenExpireTimer = new Timer()\n }\n\n this.on( Events.USER_LOGOUT, async ()=>{\n this.user = undefined\n this.scopes = undefined;\n this.accessToken = undefined\n this.idToken = undefined\n this.refreshToken = undefined\n await this.authStore.clear()\n } )\n\n this.synchronizer.OnBroadcastMessage( Events.USER_LOGIN, this.onUserLogin.bind( this ) )\n }\n\n /**\n * Initialize the library with this method. It resolves issuer configuration, jwks keys which are necessary for\n * validating tokens returned from provider and checking if a user is already authenticated in provider.\n *\n * @param checkLogin Make this `false` if you don't want to check user authorization status in provider while\n * initializing. Defaults to `true`\n */\n async initialize( checkLogin = true ): Promise | never {\n if ( this.initialized ){\n return this\n }\n\n if ( this.__initializePromise ){\n return this.__initializePromise\n } else {\n this.__initializePromise = new Promise( async ( resolve, reject ) => {\n try {\n if ( this.stateStore.init ){\n await this.stateStore.init()\n }\n if ( this.authStore.init ){\n await this.authStore.init()\n }\n\n if ( !this.options.endpoints || Object.keys( this.options.endpoints ).length === 0 ){\n await this.fetchFromIssuer()\n }\n this.initialized = true\n\n try {\n if ( checkLogin ){\n if ( !window?.frameElement ){\n await this.silentLogin()\n }\n }\n } catch ( e ) {\n this.emit( Events.SILENT_RENEW_ERROR, e )\n await this.authStore.clear()\n }\n resolve( this )\n } catch ( e ) {\n if ( e instanceof OIDCClientError ){\n reject( e )\n } else {\n reject( new OIDCClientError( e.message ) )\n }\n } finally {\n this.__initializePromise = undefined\n }\n } )\n }\n\n return this.__initializePromise\n }\n\n /**\n * Redirect to provider's authorization endpoint using provided parameters. You can override any parameter defined\n * in `OIDCClient`. If you don't provide `state`, `nonce` or `code_verifier` they will be generated automatically\n * in a random and secure way.\n *\n * @param options\n * @param localState\n */\n async login( options: Partial = {}, localState: Record = {} ){\n window.location.assign( await this.createAuthRequest( options, localState ) )\n }\n\n /**\n * Open a popup with the provider's authorization endpoint using provided parameters. You can override any\n * parameter defined in `OIDCClient`. If you don't provide `state`, `nonce` or `code_verifier` they will be\n * generated automatically in a random and secure way. You can also override popup options.\n *\n * NOTE: Most browsers block popups if they are not happened as a result of user actions. In order to display\n * login popup you must call this method in an event handler listening for a user action like button click.\n *\n * @param options\n * @param popupOptions\n */\n async loginWithPopup( options: Partial = {}, popupOptions: PopupOptions = {} ){\n const url = await this.createAuthRequest( {\n response_mode: 'fragment',\n ...options,\n display: 'popup',\n request_type: 'p'\n } )\n const { response, state } = await runPopup( url, popupOptions )\n const { authParams, localState } = !state || typeof state === 'string' ?\n await this.loadState( state || response.state )\n : state;\n const tokenResult = await this.handleAuthResponse( response, authParams, localState )\n const authObject = await this.handleTokenResult(\n tokenResult,\n authParams,\n mergeObjects( this.options, authParams )\n )\n authObject.session_state= response.session_state;\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return localState\n }\n\n /**\n * After a user successfully authorizes an application, the authorization server will redirect the user back to\n * the application with either an authorization code or access token in the URL. In the callback page you should\n * call this method.\n *\n * @param url Full url which contains authorization request result parameters. Defaults to `window.location.href`\n */\n async loginCallback( url: string= window?.location?.href ){\n if ( !url ){\n return Promise.reject( new OIDCClientError( 'Url must be passed to handle login redirect' ) )\n }\n let parsedUrl: URL;\n try {\n parsedUrl = new URL( url )\n } catch ( e ){\n return Promise.reject( new OIDCClientError( `Invalid callback url passed: \"${ url }\"` ) )\n }\n\n const responseParams = parseQueryUrl( parsedUrl.search || parsedUrl.hash )\n const rawStoredState = await this.loadState( responseParams.state )\n const { authParams, localState, request_type } = rawStoredState\n url = url || window.location.href;\n switch ( request_type ) {\n case 's':\n if ( window?.frameElement ) {\n if ( url ) {\n window.parent.postMessage( {\n type: 'authorization_response',\n response: responseParams,\n state: rawStoredState\n }, `${ location.protocol }//${ location.host }` );\n }\n }\n return\n case 'p':\n if ( window.opener && url ){\n window.opener.postMessage( {\n type: 'authorization_response',\n response: responseParams,\n state: rawStoredState\n }, `${ location.protocol }//${ location.host }` );\n }\n return\n default:\n if ( responseParams.error ){\n return Promise.reject( new AuthenticationError( responseParams.error, responseParams.error_description ) )\n }\n const tokenResult = await this.handleAuthResponse( responseParams, authParams, localState )\n const authObject = await this.handleTokenResult(\n tokenResult,\n authParams,\n mergeObjects( this.options, authParams )\n )\n authObject.session_state= responseParams.session_state;\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return localState\n }\n }\n\n /**\n * Redirect to provider's `end_session_endpoint` with provided parameters. After logout provider will redirect to\n * provided `post_logout_redirect_uri` if it provided.\n * @param options\n */\n async logout( options: LogoutRequestOptions = {} ){\n if ( !options.localOnly ) {\n const storedAuth = await this.authStore.get( 'auth' )\n const id_token_hint = options.id_token_hint || storedAuth?.id_token_raw\n window.location.assign( await this.createLogoutRequest( {\n ...options,\n id_token_hint\n } ) )\n }\n await this.authStore.clear()\n }\n\n /**\n * OAuth2 token revocation implementation method. See more at [tools.ietf.org/html/rfc7009](https://tools.ietf.org/html/rfc7009)\n * @param token Token to be revoked\n * @param type Passed token's type. It will be used to provide `token_type_hint` parameter.\n * @param options If necessary override options passed to `OIDCClient` by defining them here.\n */\n async revokeToken( token: string, type: TokenType = 'access_token', options: RevokeOptions = {} ){\n if ( !this.options.endpoints!.revocation_endpoint ){\n return Promise.reject( new OIDCClientError( '\"revocation_endpoint\" doesn\\'t exist' ) )\n }\n const finalOptions = {\n client_id: options.client_id || this.options.client_id,\n client_secret: options.client_secret || this.options.client_secret,\n token_type_hint: type,\n token: token\n }\n\n return this.http( {\n method: 'POST',\n requestType: 'form',\n url: this.options.endpoints!.revocation_endpoint,\n body: finalOptions\n } )\n }\n\n /**\n * Login without having an interaction. If refresh tokens are used and there is a stored refresh token it will\n * exchange refresh token to receive new access token. If not it silently makes a request the provider's\n * authorization endpoint using provided parameters. You can override any parameter defined in `OIDCClient`. If\n * you don't provide `state`, `nonce` or `code_verifier` they will be generated automatically in a random and\n * secure way.\n *\n * @param options\n * @param localState\n */\n async silentLogin( options: AuthRequestOptions = {}, localState: Record = {} ){\n await this.initialize( false )\n let tokenResult: any;\n let finalState: any = {}\n\n const storedAuth = await this.authStore.get( 'auth' ) || {}\n\n const finalOptions = mergeObjects( {\n response_mode: 'query',\n display: 'page',\n prompt: 'none'\n }, this.options, options )\n\n if ( finalOptions.silent_redirect_uri ){\n finalOptions.redirect_uri = finalOptions.silent_redirect_uri\n }\n\n if ( this.options.useRefreshToken && storedAuth?.refresh_token ){\n finalState.authParams = mergeObjects( storedAuth?.authParams || {}, finalState.authParams || {} )\n tokenResult = await this.exchangeRefreshToken( {\n ...finalOptions,\n refresh_token: storedAuth.refresh_token,\n } )\n } else {\n const authUrl = await this.createAuthRequest( {\n ...finalOptions,\n request_type: 's'\n }, localState )\n\n const { response, state } = await runIframe( authUrl, {\n timeout: finalOptions.silentRequestTimeout,\n eventOrigin: window.location.origin\n } )\n tokenResult = await this.handleAuthResponse( response, finalOptions, localState )\n storedAuth.session_state = response.session_state;\n finalState = state\n }\n\n const authObject = await this.handleTokenResult( tokenResult, finalState.authParams, finalOptions )\n authObject.session_state = storedAuth.session_state\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return finalState.localState\n }\n\n /**\n * Retrieve logged in user's access token if it exists.\n */\n async getAccessToken(){\n return ( await this.authStore.get( 'auth' ) )?.access_token\n }\n\n\n /**\n * Retrieve logged in user's refresh token if it exists.\n */\n async getRefreshToken(){\n return ( await this.authStore.get( 'auth' ) )?.refresh_token\n }\n\n /**\n * Retrieve logged in user's parsed id token if it exists.\n */\n async getIdToken(){\n return ( await this.authStore.get( 'auth' ) )?.id_token\n }\n\n /**\n * Retrieve access token's expiration.\n */\n async getExpiresIn(){\n return ( await this.authStore.get( 'auth' ) )?.expires_in\n }\n\n /**\n * Retrieve logged in user's id token in raw format if it exists.\n */\n async getIdTokenRaw(){\n return ( await this.authStore.get( 'auth' ) )?.id_token_raw\n }\n\n\n /**\n * Retrieve logged in user's scopes if it exists.\n */\n async getScopes(){\n return ( await this.authStore.get( 'auth' ) )?.scope?.split( ' ' )\n }\n\n\n /**\n * Retrieve logged in user's profile.\n */\n async getUser(){\n return ( await this.authStore.get( 'auth' ) )?.user\n }\n\n /**\n * If there is a user stored locally return true. Otherwise it will make a silentLogin to check if End-User is\n * logged in provider.\n *\n * @param localOnly Don't check provider\n */\n async isLoggedIn( localOnly = false ){\n const existsOnLocal = !!await this.getUser()\n if ( !existsOnLocal && !localOnly ){\n try {\n await this.silentLogin()\n return true\n } catch ( e ){\n return false\n }\n }\n return existsOnLocal\n }\n\n /**\n * Create authorization request with provided options.\n *\n * @param options\n * @param localState\n * @private\n */\n private async createAuthRequest( options: Partial = {},\n localState: Record = {} ): Promise{\n if ( !this.options.endpoints?.authorization_endpoint ){\n await this.initialize( false )\n }\n // TODO: deep merge for extra params\n const finalOptions = Object.assign( {}, this.options, options )\n localState.code_verifier = generateRandom( 72 )\n\n const authParams = {\n client_id: finalOptions.client_id,\n state: generateRandom( finalOptions.stateLength! ),\n scope: finalOptions.scope,\n audience: finalOptions.audience,\n redirect_uri: finalOptions.redirect_uri,\n response_mode: finalOptions.response_mode,\n response_type: finalOptions.response_type || 'code',\n ui_locales: finalOptions.ui_locales,\n prompt: finalOptions.prompt,\n display: finalOptions.display,\n claims: finalOptions.claims,\n claims_locales: finalOptions.claims_locales,\n acr_values: finalOptions.acr_values,\n registration: finalOptions.registration,\n login_hint: finalOptions.login_hint,\n id_token_hint: finalOptions.id_token_hint,\n web_message_uri: finalOptions.web_message_uri,\n web_message_target: finalOptions.web_message_target,\n ...finalOptions.extraParams && finalOptions.extraParams\n } as AuthRequestOptions;\n\n if ( isResponseType( 'id_token', authParams.response_type ) ||\n isScopeIncluded( 'openid', authParams.scope ) ){\n authParams.nonce = generateRandom( finalOptions.nonceLength! )\n }\n\n if ( isResponseType( 'code', authParams.response_type ) ){\n authParams.code_challenge= await deriveChallenge( localState.code_verifier )\n authParams.code_challenge_method= finalOptions.code_challenge_method || 'S256'\n }\n\n const now = this.options.currentTimeInMillis && this.options.currentTimeInMillis() || Date.now()\n const fragment = finalOptions.fragment ? `#${ finalOptions.fragment }` : '';\n const authParamsString = buildEncodedQueryString( authParams )\n const url = `${ this.options.endpoints!.authorization_endpoint }${ authParamsString }${ fragment }`\n\n // clear 1 day old state entries\n this.stateStore.clear( now - 86400000 )\n\n\n await this.stateStore.set( authParams.state!, cleanUndefined( {\n created_at: now,\n authParams,\n localState,\n request_type: finalOptions.request_type\n } ) )\n return url\n }\n\n /**\n * Create a logout request with given options\n *\n * @param options\n * @private\n */\n private async createLogoutRequest( options: LogoutRequestOptions = {} ){\n if ( !this.options.endpoints?.end_session_endpoint ){\n await this.fetchFromIssuer();\n }\n const finalOptions = mergeObjects( this.options, options )\n const logoutParams = {\n id_token_hint: finalOptions.id_token_hint,\n post_logout_redirect_uri: finalOptions.post_logout_redirect_uri,\n ...finalOptions.extraLogoutParams || {}\n }\n return `${ this.options.endpoints!.end_session_endpoint }${ buildEncodedQueryString( logoutParams ) }`\n }\n\n /**\n * Exchange authorization code retrieved from auth request result.\n * @param options\n * @private\n */\n private async exchangeAuthorizationCode( options: TokenRequestOption ){\n if ( !this.options.endpoints?.token_endpoint ){\n await this.fetchFromIssuer();\n }\n const finalOptions = mergeObjects( this.options, options )\n const { extraTokenHeaders, extraTokenParams, ...rest } = finalOptions\n const mergedOptions = {\n ...rest,\n ...extraTokenParams || {},\n grant_type: 'authorization_code',\n }\n\n for ( const req of ['code', 'redirect_uri', 'code_verifier', 'client_id'] as const ){\n if ( !mergedOptions[req] ){\n return Promise.reject( new Error( `\"${ req }\" is required` ) );\n }\n }\n\n return this.http( {\n url: `${ this.options.endpoints!.token_endpoint }`,\n method: 'POST',\n requestType: 'form',\n body: mergedOptions as any,\n headers: extraTokenHeaders\n } )\n }\n\n /**\n * Exchange refresh token with given options\n * @param options\n * @private\n */\n private async exchangeRefreshToken( options: Partial ) {\n if ( !this.options.endpoints?.token_endpoint ){\n await this.fetchFromIssuer();\n }\n const { extraTokenHeaders, extraTokenParams, ...rest } = options\n const mergedOptions = {\n grant_type: 'refresh_token',\n client_id: this.options.client_id,\n client_secret: this.options.client_secret,\n ...rest,\n ...extraTokenParams || {}\n }\n\n for ( const req of ['refresh_token', 'client_id'] as const ){\n if ( !mergedOptions[req] ){\n return Promise.reject( new Error( `\"${ req }\" is required` ) );\n }\n }\n\n return this.http( {\n url: `${ this.options.endpoints!.token_endpoint }`,\n method: 'POST',\n requestType: 'form',\n body: mergedOptions as any,\n headers: extraTokenHeaders\n } );\n }\n\n /**\n * Fetch OIDC configuration from the issuer.\n */\n private async fetchFromIssuer(): Promise>{\n try {\n const requestUrl = `${ this.options.issuer }/.well-known/openid-configuration`\n const response = await this.http( {\n url: requestUrl,\n method: 'GET',\n requestType: 'json'\n } )\n this.issuer_metadata = response as Record\n const endpoints = {} as any\n for ( const prop of Object.keys( this.issuer_metadata ) ) {\n if ( prop.endsWith( '_endpoint' ) || prop.indexOf( '_session' ) > -1 || prop.indexOf( '_uri' ) > -1 ) {\n endpoints[prop as keyof IEndpointConfiguration] = this.issuer_metadata[prop];\n }\n }\n this.options.endpoints = endpoints\n return this.issuer_metadata;\n } catch ( e ) {\n throw new OIDCClientError( 'Loading metadata failed', e.message )\n }\n }\n\n /**\n * Handle auth request result. If there is `code` exchange it.\n * @param response\n * @param finalOptions\n * @param localState\n * @private\n */\n private async handleAuthResponse(\n response: any,\n finalOptions: AuthRequestOptions,\n localState: Record = {}\n ){\n if ( response.code ){\n return this.exchangeAuthorizationCode( {\n redirect_uri: finalOptions.redirect_uri,\n client_id: finalOptions.client_id,\n code_verifier: localState.code_verifier,\n grant_type: 'authorization_code',\n code: response.code,\n } );\n } else {\n return response\n }\n }\n\n /**\n * Handle OAuth2 auth request result\n * @param tokenResult\n * @param authParams\n * @param finalOptions\n * @private\n */\n private async handleTokenResult( tokenResult: TokenResponse, authParams: AuthRequestOptions,\n finalOptions: IPlusAuthClientOptions ){\n await this.initialize( false )\n let user: any = {}\n if ( tokenResult.error ){\n throw new AuthenticationError( tokenResult.error, tokenResult.error_description )\n }\n let parsedIDToken: any;\n if ( tokenResult.id_token ){\n parsedIDToken = await validateIdToken( tokenResult.id_token, authParams.nonce!, finalOptions )\n if ( finalOptions.idTokenValidator && !await finalOptions.idTokenValidator( tokenResult.id_token ) ){\n return Promise.reject( new InvalidIdTokenError( 'Id Token validation failed' ) )\n }\n Object.keys( parsedIDToken ).forEach( key => {\n if ( !nonUserClaims.includes( key as any ) ){\n user[key] = parsedIDToken[key]\n }\n } )\n }\n\n if ( tokenResult.access_token ) {\n if ( finalOptions.requestUserInfo && this.options.endpoints?.userinfo_endpoint ) {\n const userInfoResult = await this.fetchUserInfo( tokenResult.access_token )\n if ( !userInfoResult.error ){\n user = { ...user, ...userInfoResult }\n }\n }\n }\n\n return {\n authParams,\n user,\n ...tokenResult,\n id_token: parsedIDToken,\n id_token_raw: tokenResult.id_token,\n scope: tokenResult.scope || authParams.scope,\n }\n }\n\n /**\n * Load stored state\n *\n * @param state\n * @private\n */\n private async loadState( state: string ){\n const rawStoredState = await this.stateStore.get( state )\n if ( !rawStoredState ){\n return Promise.reject( new StateNotFound( 'Local state not found', state ) )\n } else {\n await this.stateStore.del( state )\n }\n return rawStoredState\n }\n\n /**\n * Load user info by making request to providers `userinfo_endpoint`\n *\n * @param accessToken\n * @private\n */\n private async fetchUserInfo( accessToken: string ){\n return this.http( {\n method: 'GET',\n url: `${ this.options.endpoints!.userinfo_endpoint }`,\n requestType: 'json',\n headers: {\n 'Authorization': `Bearer ${ accessToken }`\n }\n } )\n }\n\n /**\n * Start monitoring End-User's session if the OIDC provider supports session management. See more at [OIDC Session\n * Management](https://openid.net/specs/openid-connect-session-1_0.html)\n *\n * @param sub End-User's id to for monitoring session\n * @param session_state string that represents the End-User's login state at the OP\n */\n private monitorSession( { sub, session_state }: SessionMonitorOptions ){\n const { client_id, endpoints } = this.options\n\n if ( !endpoints?.check_session_iframe ){\n console.warn( '\"check_session_iframe\" endpoint missing or session management is not supported by provider' )\n return\n }\n if ( !this.sessionCheckerFrame ){\n const sessionCheckCallback = async ( err: any )=>{\n if ( err ){\n this.emit( Events.USER_LOGOUT )\n } else {\n this.emit( Events.SESSION_CHANGE )\n try {\n await this.silentLogin( {}, {} )\n const storedAuth = await this.authStore.get( 'auth' )\n if ( storedAuth ){\n if ( storedAuth.user?.sub === sub && storedAuth.session_state ){\n this.sessionCheckerFrame!.start( storedAuth.session_state )\n }\n } else {\n this.emit( Events.USER_LOGOUT, null )\n }\n } catch ( e ) {\n this.emit( Events.USER_LOGOUT )\n return\n }\n }\n }\n\n this.sessionCheckerFrame = createSessionCheckerFrame( {\n url: endpoints.check_session_iframe,\n client_id: client_id,\n callback: sessionCheckCallback,\n checkInterval: this.options.checkSessionInterval,\n } )\n }\n\n this.sessionCheckerFrame.start( session_state )\n }\n\n private async onUserLogin( authObj: any ){\n const { expires_in, user, scope, access_token, id_token, refresh_token, session_state, id_token_raw } = authObj\n await this.authStore.set( 'auth', authObj )\n\n this.user = user\n this.scopes = scope?.split( ' ' );\n this.accessToken = access_token\n this.idToken = id_token\n this.idTokenRaw = id_token_raw\n this.refreshToken = refresh_token\n\n this.emit( Events.USER_LOGIN, authObj )\n if ( !window?.frameElement ) {\n if ( this.options.checkSession ) {\n this.monitorSession( { sub: user.sub || user.id, session_state } )\n }\n\n if ( expires_in !== undefined && this.options.autoSilentRenew ){\n const expiration = Number( expires_in ) - this.options.secondsToRefreshAccessTokenBeforeExp!\n if ( expiration >= 0 ){\n this._accessTokenExpireTimer!.start( expiration, async ()=> {\n this.synchronizer.CallOnce( 'silent-login', async () => {\n try {\n await this.silentLogin()\n this.emit( Events.SILENT_RENEW_SUCCESS, null )\n } catch ( e ) {\n this.emit( Events.SILENT_RENEW_ERROR, e )\n }\n } )\n } )\n }\n }\n }\n }\n}\n","import { fromByteArray } from 'base64-js';\n\nexport function isValidIssuer( issuer: string ){\n try {\n const url = new URL( issuer )\n if ( !['http:', 'https:'].includes( url.protocol ) ){\n return false\n }\n if ( url.search !== '' || url.hash !== '' ){\n return false\n }\n return true\n } catch ( e ){\n return false\n }\n}\nexport function buildEncodedQueryString( obj?: Record,\n appendable = true, ) {\n if ( !obj ) return '';\n const ret: string[] = [];\n for ( const d in obj ) {\n if ( obj.hasOwnProperty( d ) && obj[d] ) {\n ret.push( `${\n encodeURIComponent( d )\n }=${\n encodeURIComponent( typeof obj[d] === 'object' ? JSON.stringify( obj[d] ) : obj[d]! )\n }` );\n }\n }\n return `${ appendable ? '?' : '' }${ ret.join( '&' ) }`;\n}\n\nexport function parseQueryUrl( value: string ) {\n const result: Record = {};\n value = value.trim().replace( /^(\\?|#|&)/, '' );\n const params = value.split( '&' );\n for ( let i = 0; i < params.length; i += 1 ) {\n const paramAndValue = params[i];\n const parts = paramAndValue.split( '=' );\n const key = decodeURIComponent( parts.shift()! );\n const value = parts.length > 0 ? parts.join( '=' ) : '';\n result[key] = decodeURIComponent( value );\n }\n return result;\n}\n\nexport function urlSafe( buffer: Uint8Array ): string {\n const encoded = fromByteArray( new Uint8Array( buffer ) );\n return encoded.replace( /\\+/g, '-' ).replace( /\\//g, '_' ).replace( /=/g, '' );\n}\n","import { buildEncodedQueryString } from './url';\n\nexport interface RequestOptions {\n body?: Record;\n headers?: Record,\n method: 'GET' | 'POST' | 'PATCH' | 'TRACE' | 'OPTIONS' | 'HEAD',\n requestType?: 'form' | 'json',\n url: string\n}\n\nexport function request( options: RequestOptions ): Promise{\n let body: any = null\n let headers = options.headers || {}\n if ( options.method === 'POST' ){\n headers = {\n 'Content-Type': options.requestType === 'form' ? 'application/x-www-form-urlencoded;charset=UTF-8' :\n 'application/json;charset=UTF-8',\n ...headers\n }\n }\n if ( options.body ){\n body = options.requestType === 'form' ? buildEncodedQueryString( options.body, false )\n : JSON.stringify( options.body )\n }\n\n return new Promise( ( resolve, reject ) => {\n fetch( options.url, {\n method: options.method,\n body: body,\n headers\n } )\n .then( ( value: Response ) => resolve( value.json() ) )\n .catch( reject )\n } )\n}\n","import { InvalidIdTokenError, InvalidJWTError, OIDCClientError } from '../errors';\nimport type { IPlusAuthClientOptions, JWTValidationOptions, ParsedJWT } from '../interfaces';\n\nimport { urlSafe } from './url';\n\nconst CHARSET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';\n\nfunction getRandomBytes( n: number ){\n // @ts-ignore\n const crypto = self.crypto || self.msCrypto, QUOTA = 65536;\n const a = new Uint8Array( n );\n for ( let i = 0; i < n; i += QUOTA ) {\n crypto.getRandomValues( a.subarray( i, i + Math.min( n - i, QUOTA ) ) );\n }\n return a;\n}\n\nexport function generateRandom( length: number ){\n let out = '';\n const charsLen = CHARSET.length;\n const maxByte = 256 - 256 % charsLen;\n while ( length > 0 ) {\n const buf = getRandomBytes( Math.ceil( length * 256 / maxByte ) );\n for ( let i = 0; i < buf.length && length > 0; i++ ) {\n const randomByte = buf[i];\n if ( randomByte < maxByte ) {\n out += CHARSET.charAt( randomByte % charsLen );\n length--;\n }\n }\n }\n return out;\n}\n\n\nexport function deriveChallenge( code: string ): Promise{\n if ( code.length < 43 || code.length > 128 ) {\n return Promise.reject( new OIDCClientError( `Invalid code length: ${ code.length }` ) );\n }\n\n return new Promise( ( resolve, reject ) => {\n crypto.subtle.digest( 'SHA-256', new TextEncoder().encode( code ) )\n .then( buffer => {\n return resolve( urlSafe( new Uint8Array( buffer ) ) );\n }, function ( error ) {\n /* istanbul ignore next */\n return reject( error );\n } );\n } );\n}\n// https://datatracker.ietf.org/doc/html/rfc4648#section-5\nexport const urlDecodeB64 = ( input: string ) => decodeURIComponent(\n atob( input.replace( /_/g, '/' ).replace( /-/g, '+' ) )\n .split( '' )\n .map( c => {\n return `%${ `00${ c.charCodeAt( 0 ).toString( 16 ) }`.slice( -2 ) }`;\n } )\n .join( '' )\n);\n\n\n\nexport function parseJwt( jwt: string ): ParsedJWT {\n try {\n const parts = jwt.split( '.' )\n if ( parts.length !== 3 ){\n throw new Error( 'Wrong JWT format' )\n }\n return {\n header: JSON.parse( urlDecodeB64( parts[0] ) ),\n payload: JSON.parse( urlDecodeB64( parts[1] ) )\n }\n } catch ( e ){\n throw new InvalidJWTError( 'Failed to parse jwt' )\n }\n}\n\nexport function validateIdToken( id_token: string, nonce: string, options: IPlusAuthClientOptions ) {\n if ( !nonce ) {\n throw new OIDCClientError( 'No nonce on state' );\n }\n\n try {\n const jwt = parseJwt( id_token );\n\n if ( nonce !== jwt.payload.nonce ) {\n throw new Error( `Invalid nonce in id_token: ${ jwt.payload.nonce }` );\n }\n\n validateJwt( id_token, options, true )\n\n // @ts-ignore\n if ( !jwt.payload['sub'] ) {\n throw new Error( 'No Subject (sub) present in id_token' );\n }\n\n return jwt.payload;\n } catch ( e ){\n throw new InvalidIdTokenError( e.message )\n }\n}\n\nexport function validateJwt( jwt: string, options: JWTValidationOptions, isIdToken = false ) {\n // eslint-disable-next-line prefer-const\n let { clockSkew, currentTimeInMillis, issuer, audience, client_id } = options\n if ( !clockSkew ){\n clockSkew = 0\n }\n const now = ( currentTimeInMillis && currentTimeInMillis() || Date.now() ) / 1000;\n\n const payload = parseJwt( jwt ).payload;\n\n if ( !payload.iss ) {\n throw new InvalidJWTError( 'Issuer (iss) was not provided' );\n }\n if ( payload.iss !== issuer ) {\n throw new InvalidJWTError( `Invalid Issuer (iss) in token: ${ payload.iss }` );\n }\n\n if ( !payload.aud ) {\n throw new InvalidJWTError( 'Audience (aud) was not provided' );\n }\n\n // Audience must be equal to client_id in id_token\n // https://openid.net/specs/openid-connect-core-1_0.html#IDToken\n if ( Array.isArray( payload.aud ) ?\n payload.aud.indexOf( isIdToken ? client_id : audience || client_id ) == -1 :\n payload.aud !== ( isIdToken ? client_id : audience || client_id )\n ) {\n throw new InvalidJWTError( `Invalid Audience (aud) in token: ${ payload.aud }` );\n }\n\n if ( payload.azp && payload.azp !== client_id ) {\n throw new InvalidJWTError( `Invalid Authorized Party (azp) in token: ${ payload.azp }` );\n }\n\n const lowerNow = Math.ceil( now + clockSkew );\n const upperNow = Math.floor( now - clockSkew );\n\n if ( !payload.iat ) {\n throw new InvalidJWTError( 'Issued At (iat) was not provided' );\n }\n\n if ( lowerNow < Number( payload.iat ) ) {\n throw new InvalidJWTError( `Issued At (iat) is in the future: ${ payload.iat }` );\n }\n\n if ( payload.nbf && lowerNow < Number( payload.nbf ) ) {\n throw new InvalidJWTError( `Not Before time (nbf) is in the future: ${ payload.nbf }` );\n }\n\n if ( !payload.exp ) {\n throw new InvalidJWTError( 'Expiration Time (exp) was not provided' );\n }\n if ( Number( payload.exp ) < upperNow ) {\n throw new InvalidJWTError( `Expiration Time (exp) is in the past: ${ payload.exp }` );\n }\n\n return payload;\n}\n\n// Retrieved from https://www.iana.org/assignments/jwt/jwt.xhtml\nexport const nonUserClaims = [\n 'iss',\n // 'sub',\n 'aud',\n 'exp',\n 'nbf',\n 'iat',\n 'jti',\n 'azp',\n 'nonce',\n 'auth_time',\n 'at_hash',\n 'c_hash',\n 'acr',\n 'amr',\n 'sub_jwk',\n 'cnf',\n 'sip_from_tag',\n 'sip_date',\n 'sip_callid',\n 'sip_cseq_num',\n 'sip_via_branch',\n 'orig',\n 'dest',\n 'mky',\n 'events',\n 'toe',\n 'txn',\n 'rph',\n 'sid',\n 'vot',\n 'vtm',\n 'attest',\n 'origid',\n 'act',\n 'scope',\n 'client_id',\n 'may_act',\n 'jcard',\n 'at_use_nbr',\n] as const\n","type RequiredAndNotNull = {\n [P in keyof T]-?: Exclude\n}\n\n/**\n * not suitable for every object but it is enough for this library\n * @param object\n */\nexport function cleanUndefined>( object: T ) {\n if ( !object || typeof object !== 'object' ) {\n return object\n }\n return JSON.parse( JSON.stringify( object ) ) as RequiredAndNotNull\n}\n\nfunction merge( previousValue: any, currentValue: any ) {\n for ( const p in currentValue ) {\n if ( currentValue[p] !== undefined ) {\n if ( typeof currentValue[p] === 'object' && currentValue[p].constructor.name === 'Object' ) {\n previousValue[p] = merge( previousValue[p] || {}, currentValue[p] );\n } else {\n previousValue[p] = currentValue[p];\n }\n }\n }\n return previousValue\n}\nexport function mergeObjects( obj1: T, obj2: U ): RequiredAndNotNull;\nexport function mergeObjects( obj1: T, obj2: U, obj3: K ): RequiredAndNotNull;\nexport function mergeObjects( ...objects: any[] ) {\n return objects.reduce( ( previousValue, currentValue ) => {\n return merge( previousValue || {}, currentValue )\n }, {} ) as any\n}\n","export const isResponseType = ( type: string, response_type?: string ) =>\n response_type && response_type.split( /\\s+/g ).filter( rt => rt === type ).length > 0\n\nexport const isScopeIncluded = ( scope: string, scopes?: string ) =>\n scopes && scopes.split( ' ' ).indexOf( scope ) > -1\n","import { InteractionCancelled, OIDCClientError } from '../errors';\nimport type { PopupOptions } from '../interfaces';\n\nconst openPopup = ( url: string, width = 400, height = 600 ) => {\n const left = window.screenX + ( window.innerWidth - width ) / 2;\n const top = window.screenY + ( window.innerHeight - height ) / 2;\n\n return window.open(\n url,\n 'oidc-login-popup',\n `left=${ left },top=${ top },width=${ width },height=${ height },resizable,scrollbars=yes,status=1`\n );\n};\n\nexport function runPopup( url: string, options: PopupOptions ) {\n let popup = options.popup;\n\n if ( popup ) {\n popup.location.href = url;\n } else {\n popup = openPopup( url );\n }\n\n if ( !popup ) {\n /* istanbul ignore next */\n throw new Error( 'Could not open popup' );\n }\n\n let timeoutId: any ;\n let closeId: any ;\n\n return new Promise<{ response: any, state: string }>( ( resolve, reject ) => {\n function clearHandlers(){\n clearInterval( closeId );\n clearTimeout( timeoutId )\n window.removeEventListener( 'message', messageListener )\n }\n\n timeoutId = setTimeout( () => {\n clearHandlers()\n reject( new OIDCClientError( 'Timed out' ) );\n }, options.timeout || 60 * 1000 )\n\n closeId = setInterval( function () {\n if ( popup!.closed ) {\n clearHandlers()\n reject( new InteractionCancelled( 'user closed popup' ) )\n }\n }, 300 );\n\n window.addEventListener( 'message', messageListener );\n\n function messageListener( e: MessageEvent ){\n if ( !e.data || e.data.type !== 'authorization_response' ) return;\n clearHandlers();\n popup!.close();\n const data = e.data.response || e.data\n data.error ? reject( new OIDCClientError( data.error, data.error_description ) )\n : resolve( e.data );\n }\n } );\n}\n","/*\nJitbit TabUtils - helper for multiple browser tabs. version 1.0\nhttps://github.com/jitbit/TabUtils\n- executing \"interlocked\" function call - only once per multiple tabs\n- broadcasting a message to all tabs (including the current one) with some message \"data\"\n- handling a broadcasted message\nMIT license: https://github.com/jitbit/TabUtils/blob/master/LICENSE\n*/\n\nconst currentTabId = `${ performance.now() }:${ Math.random() * 1000000000 | 0 }`;\nconst handlers: Record = {};\n\nexport class TabUtils {\n keyPrefix: string;\n\n constructor( kid: string ) {\n this.keyPrefix = kid;\n }\n\n //runs code only once in multiple tabs\n //the lock holds for 4 seconds (in case the function is async and returns right away, for example, an ajax call intiated)\n //then it is cleared\n CallOnce( lockname: string, fn: () => void, timeout = 3000 ): void{\n if ( !lockname ) throw 'empty lockname';\n\n if ( !window.localStorage ) { //no local storage. old browser. screw it, just run the function\n fn();\n return;\n }\n\n const localStorageKey = this.keyPrefix + lockname;\n\n localStorage.setItem( localStorageKey, currentTabId );\n //re-read after a delay (after all tabs have saved their tabIDs into ls)\n setTimeout( () => {\n if ( localStorage.getItem( localStorageKey ) == currentTabId )\n fn();\n }, 150 );\n\n //cleanup - release the lock after 3 seconds and on window unload (just in case user closed the window while the lock is still held)\n setTimeout( function () { localStorage.removeItem( localStorageKey ); }, timeout );\n }\n\n BroadcastMessageToAllTabs( messageId: string, eventData: any ): void{\n //now we also need to manually execute handler in the current tab too, because current tab does not get 'storage' events\n try { handlers[messageId]( eventData ); } //\"try\" in case handler not found\n catch ( x ) { }\n\n if ( !window.localStorage ) return; //no local storage. old browser\n\n const data = {\n data: eventData,\n timeStamp: new Date().getTime()\n }; //add timestamp because overwriting same data does not trigger the event\n\n //this triggers 'storage' event for all other tabs except the current tab\n localStorage.setItem( `${ this.keyPrefix }event${ messageId }`, JSON.stringify( data ) );\n\n //cleanup\n setTimeout( () => { localStorage.removeItem( `${ this.keyPrefix }event${ messageId }` ); }, 3000 );\n }\n\n OnBroadcastMessage( messageId: string, fn: ( data: any ) => void ): void{\n handlers[messageId] = fn;\n if ( !window.localStorage ) return; //no local storage. old browser\n\n //first register a handler for \"storage\" event that we trigger above\n window.addEventListener( 'storage', ( ev ) => {\n if ( ev.key != `${ this.keyPrefix }event${ messageId }` ) return; // ignore other keys\n if ( !ev.newValue ) return; //called by cleanup?\n const messageData = JSON.parse( ev.newValue );\n fn( messageData.data );\n } );\n }\n}\n","import type { SessionChecker, SessionCheckerOptions } from '../interfaces';\n\nimport { createHiddenFrame } from './iframe';\n\nconst DEFAULT_CHECK_INTERVAL = 2000\n\nexport function createSessionCheckerFrame( options: SessionCheckerOptions ): SessionChecker{\n const { url, callback, client_id, checkInterval } = options\n let internalSessionState: string | null;\n const idx = url.indexOf( '/', url.indexOf( '//' ) + 2 );\n const frameOrigin = url.substr( 0, idx );\n\n const frame = createHiddenFrame()\n\n let timer: any\n\n const load = () => {\n return new Promise( resolve => {\n window.document.body.appendChild( frame );\n window.addEventListener( 'message', iframeEventHandler, false );\n frame.onload = () => {\n resolve( null )\n }\n } )\n }\n\n const start = ( sessionState: string ) => {\n load().then( () => {\n if ( sessionState && internalSessionState !== sessionState ) {\n stop();\n internalSessionState = sessionState;\n const send = () => {\n frame.contentWindow!.postMessage( `${ client_id } ${ internalSessionState }`, frameOrigin );\n };\n send();\n timer = window.setInterval( send, checkInterval || DEFAULT_CHECK_INTERVAL );\n }\n } )\n }\n\n const stop = () => {\n internalSessionState = null;\n if ( timer ) {\n window.clearInterval( timer );\n timer = null;\n }\n }\n\n const iframeEventHandler = ( e: MessageEvent ) => {\n if ( e.origin === frameOrigin && e.source === frame.contentWindow ) {\n if ( e.data === 'error' ) {\n stop();\n callback( e.data );\n } else if ( e.data === 'changed' ) {\n stop();\n callback();\n }\n }\n }\n\n frame.setAttribute( 'src', url );\n\n return {\n stop,\n start\n }\n}\n","import { OIDCClient } from './client';\nimport type { IPlusAuthClientOptions } from './interfaces';\n\nexport * from './interfaces'\nexport * from './client'\nexport * from './constants'\nexport * from './helpers'\nexport * from './errors'\n\n/**\n * Create OIDC client with initializing it. It resolves issuer metadata, jwks keys and check if user is\n * authenticated in OpenId Connect provider.\n */\nexport default function createOIDCClient( options: IPlusAuthClientOptions ): Promise{\n return new OIDCClient( options ).initialize()\n}\n"],"names":["Events","USER_LOGOUT","USER_LOGIN","SILENT_RENEW_SUCCESS","SILENT_RENEW_ERROR","SESSION_CHANGE","OIDCClientError","Error","constructor","error","error_description","name","AuthenticationError","state","error_uri","StateNotFound","InvalidJWTError","details","InvalidIdTokenError","InteractionCancelled","StateStore","prefix","LocalStorageStateStore","get","key","Promise","resolve","value","window","localStorage","getItem","JSON","parse","set","setItem","stringify","del","removeItem","clear","before","i","storedKeys","length","substring","push","storedItem","created_at","e","InMemoryStateStore","map","forEach","val","ind","delete","Map","EventEmitter","once","event","fn","on","onArgs","off","apply","cb","callbacks","splice","emit","args","cbs","slice","len","Timer","start","duration","callback","expiration","now","_expiration","_timerHandle","stop","timerDuration","setInterval","clearInterval","currentTimeInMillisFunc","Date","_define_property","createHiddenFrame","iframe","document","createElement","style","width","height","position","visibility","display","title","ariaHidden","lookup","code","buildEncodedQueryString","obj","appendable","ret","d","hasOwnProperty","encodeURIComponent","join","request","options","body","headers","method","requestType","reject","fetch","url","then","json","catch","CHARSET","generateRandom","out","charsLen","maxByte","buf","getRandomBytes","n","crypto","self","msCrypto","a","Uint8Array","getRandomValues","subarray","Math","min","ceil","randomByte","charAt","urlDecodeB64","input","decodeURIComponent","atob","replace","split","c","charCodeAt","toString","parseJwt","jwt","parts","header","payload","nonUserClaims","mergeObjects","objects","reduce","previousValue","currentValue","merge","p","undefined","isResponseType","type","response_type","filter","rt","isScopeIncluded","scope","scopes","indexOf","openPopup","left","screenX","innerWidth","top","screenY","innerHeight","open","currentTabId","performance","random","handlers","TabUtils","CallOnce","lockname","timeout","localStorageKey","keyPrefix","setTimeout","BroadcastMessageToAllTabs","messageId","eventData","x","data","timeStamp","getTime","OnBroadcastMessage","addEventListener","ev","newValue","messageData","kid","OIDCClient","initialize","checkLogin","initialized","__initializePromise","stateStore","init","authStore","endpoints","Object","keys","fetchFromIssuer","frameElement","silentLogin","message","login","localState","location","assign","createAuthRequest","loginWithPopup","popupOptions","response_mode","request_type","response","runPopup","timeoutId","closeId","popup","href","clearHandlers","clearTimeout","removeEventListener","messageListener","close","closed","authParams","loadState","tokenResult","handleAuthResponse","authObject","handleTokenResult","session_state","synchronizer","loginCallback","parsedUrl","URL","responseParams","parseQueryUrl","result","trim","params","paramAndValue","shift","search","hash","rawStoredState","parent","postMessage","protocol","host","opener","logout","localOnly","storedAuth","id_token_hint","id_token_raw","createLogoutRequest","revokeToken","token","revocation_endpoint","finalOptions","client_id","client_secret","token_type_hint","http","finalState","prompt","silent_redirect_uri","redirect_uri","useRefreshToken","refresh_token","exchangeRefreshToken","authUrl","silentRequestTimeout","eventOrigin","origin","onLoadTimeoutId","timeoutSetTimeoutId","removeIframe","iframeEventHandler","eventSource","source","resp","contains","removeChild","onLoadTimeout","appendChild","setAttribute","onload","getAccessToken","_this","access_token","getRefreshToken","getIdToken","id_token","getExpiresIn","expires_in","getIdTokenRaw","getScopes","_scope","getUser","user","isLoggedIn","existsOnLocal","_this_options_endpoints","authorization_endpoint","code_verifier","stateLength","audience","ui_locales","claims","claims_locales","acr_values","registration","login_hint","web_message_uri","web_message_target","extraParams","nonce","nonceLength","code_challenge","subtle","digest","TextEncoder","encode","buffer","urlSafe","encoded","fromByteArray","uint8","tmp","extraBytes","len2","encodeChunk","end","output","num","code_challenge_method","currentTimeInMillis","fragment","authParamsString","end_session_endpoint","logoutParams","post_logout_redirect_uri","extraLogoutParams","exchangeAuthorizationCode","token_endpoint","extraTokenHeaders","extraTokenParams","rest","mergedOptions","grant_type","req","requestUrl","issuer","issuer_metadata","prop","endsWith","parsedIDToken","validateIdToken","validateJwt","isIdToken","clockSkew","iss","aud","Array","isArray","azp","lowerNow","upperNow","floor","iat","Number","nbf","exp","idTokenValidator","includes","requestUserInfo","userinfo_endpoint","userInfoResult","fetchUserInfo","accessToken","monitorSession","sub","check_session_iframe","console","warn","sessionCheckerFrame","sessionCheckCallback","err","createSessionCheckerFrame","internalSessionState","timer","checkInterval","idx","frameOrigin","substr","frame","load","contentWindow","sessionState","send","checkSessionInterval","onUserLogin","authObj","idToken","idTokenRaw","refreshToken","checkSession","id","autoSilentRenew","secondsToRefreshAccessTokenBeforeExp","_accessTokenExpireTimer","isValidIssuer","btoa","httpClient","bind"],"mappings":"yPACO,IAAMA,EAAS,CACpBC,YAAsB,cACtBC,WAAsB,aACtBC,qBAAsB,uBACtBC,mBAAsB,qBACtBC,eAAsB,gBACxB,0HCPO,MAAMC,UAAwBC,MAKnCC,YAAoBC,CAAa,CAAEC,CAA0B,CAAG,CAC9D,KAAK,CAAE,CAAC,EAAGD,EAAO,EAAGC,GAAqB,CAAC,GAAG,EAAGA,EAAmB,CAAC,EAAI,GAAI,CAAC,EALhFD,EAAAA,IAAAA,CAAAA,QAAAA,KAAAA,GAEAC,EAAAA,IAAAA,CAAAA,oBAAAA,KAAAA,GAIE,IAAI,CAACC,IAAI,CAAG,kBACZ,IAAI,CAACF,KAAK,CAAGA,EACb,IAAI,CAACC,iBAAiB,CAAGA,CAC3B,CACF,CAEO,MAAME,UAA4BN,EAKvCE,YAAaC,CAAa,CAAEC,CAA0B,CAAEG,CAAc,CAAEC,CAAkB,CAAG,CAC3F,KAAK,CAAEL,EAAOC,GALhBG,EAAAA,IAAAA,CAAAA,QAAAA,KAAAA,GAEAC,EAAAA,IAAAA,CAAAA,YAAAA,KAAAA,GAIE,IAAI,CAACH,IAAI,CAAG,sBACZ,IAAI,CAACE,KAAK,CAAGA,EACb,IAAI,CAACC,SAAS,CAAGA,CACnB,CACF,CAEO,MAAMC,UAAsBH,EAGjCJ,YAAaC,CAAa,CAAEI,CAAc,CAAG,CAC3C,KAAK,CAAEJ,GAHTI,EAAAA,IAAAA,CAAAA,QAAAA,KAAAA,GAIE,IAAI,CAACF,IAAI,CAAG,gBACZ,IAAI,CAACE,KAAK,CAAGA,CACf,CACF,CAEO,MAAMG,UAAwBV,EACnCE,YAAaS,CAAe,CAAG,CAC7B,KAAK,CAAEA,GACP,IAAI,CAACN,IAAI,CAAG,kBACZ,IAAI,CAACD,iBAAiB,CAAGO,CAC3B,CACF,CAEO,MAAMC,UAA4BF,EACvCR,YAAaS,CAAe,CAAG,CAC7B,KAAK,CAAEA,GACP,IAAI,CAACN,IAAI,CAAG,qBACd,CACF,CAEO,MAAMQ,UAA6Bb,EACxCE,YAAaS,CAAe,CAAG,CAC7B,KAAK,CAAEA,GACP,IAAI,CAACN,IAAI,CAAG,sBACd,CACF,CCpDO,MAAeS,EAGpBZ,YAAaa,EAAS,EAAE,CAAG,WAF3BA,KAAAA,KAAAA,YAAAA,IAAAA,uBAAAA,IAAAA,wDAAAA,IAAAA,MAGE,IAAI,CAACA,MAAM,CAAGA,CAChB,CASF,CChBO,MAAMC,UAAwCF,EAKnDG,IAAKC,CAAW,CAAG,CACjB,OAAO,IAAIC,QAAmB,AAAEC,IAC9B,IAAMC,EAAQC,OAAOC,YAAY,CAACC,OAAO,CAAE,IAAI,CAACT,MAAM,CAAGG,GAEvDE,EAASK,AADNJ,EACMI,KAAKC,KAAK,CAAEL,GAEZ,KAEb,EACF,CAEAM,IAAKT,CAAW,CAAEG,CAAQ,CAAG,CAC3B,OAAO,IAAIF,QAAe,AAAEC,IAC1BE,OAAOC,YAAY,CAACK,OAAO,CAAE,IAAI,CAACb,MAAM,CAAGG,EAAKO,KAAKI,SAAS,CAAER,IAChED,GACF,EACF,CAEAU,IAAKZ,CAAW,CAAG,CACjB,OAAO,IAAIC,QAAe,AAAEC,IAC1BE,OAAOC,YAAY,CAACQ,UAAU,CAAE,IAAI,CAAChB,MAAM,CAAGG,GAC9CE,GACF,EACF,CAEAY,MAAOC,CAAe,CAAkB,CACtC,OAAO,IAAId,QAAe,AAAEC,QACtBc,EACJ,IAAMC,EAAuB,EAAE,CAC/B,IAAMD,EAAI,EAAGA,EAAIZ,OAAOC,YAAY,CAACa,MAAM,CAAEF,IAAM,CACjD,IAAMhB,EAAMI,OAAOC,YAAY,CAACL,GAAG,CAAEgB,UAEhChB,EAAAA,KAAAA,EAAAA,AAAAA,EAAKmB,SAAS,CAAE,EAAG,IAAI,CAACtB,MAAM,CAACqB,MAAM,CAAA,GAAM,IAAI,CAACrB,MAAM,EACzDoB,EAAWG,IAAI,CAAEpB,EAErB,CACA,IAAMgB,EAAI,EAAGA,EAAIC,EAAWC,MAAM,CAAEF,IAClC,GAAKD,EACH,GAAI,CACF,IAAMM,EAAad,KAAKC,KAAK,CAAEJ,OAAOC,YAAY,CAACC,OAAO,CAAEW,CAAU,CAACD,EAAE,EACpEK,CAAAA,EAAWC,UAAU,CAAGP,GAC3BX,OAAOC,YAAY,CAACQ,UAAU,CAAEI,CAAU,CAACD,EAAE,EAE/C,MAAQO,EAAI,CACd,MAEAnB,OAAOC,YAAY,CAACQ,UAAU,CAAEI,CAAU,CAACD,EAAE,EAGjDd,GACF,EACF,CAvDAlB,YAAaa,EAAS,UAAU,CAAG,CACjC,KAAK,CAAEA,EACT,CAsDF,CCzDO,MAAM2B,UAAoC5B,EAG/CkB,MAAOC,CAAe,CAAG,QACvB,AAAKA,GACH,IAAI,CAACU,GAAG,CAACC,OAAO,CAAE,CAAEC,EAAKC,KAClBD,EAAIL,UAAU,CAAGP,GACpB,IAAI,CAACU,GAAG,CAACI,MAAM,CAAED,EAErB,GACO3B,QAAQC,OAAO,IAEfD,QAAQC,OAAO,CAAE,IAAI,CAACuB,GAAG,CAACX,KAAK,GAE1C,CAEAF,IAAKZ,CAAW,CAAG,CAEjB,OADA,IAAI,CAACyB,GAAG,CAACI,MAAM,CAAE7B,GACVC,QAAQC,OAAO,EACxB,CAEAH,IAAKC,CAAW,CAAG,CACjB,OAAOC,QAAQC,OAAO,CAAE,IAAI,CAACuB,GAAG,CAAC1B,GAAG,CAAEC,IAAS,KACjD,CAEAS,IAAKT,CAAW,CAAEG,CAAU,CAAG,CAE7B,OADA,IAAI,CAACsB,GAAG,CAAChB,GAAG,CAAET,EAAKG,GACZF,QAAQC,OAAO,EACxB,uCA3BM,IAAI4B,IAAVL,QAAAA,IAAAA,uBAAAA,IAAAA,CAAAA,2DAAAA,IAAAA,CAAAA,MA4BF,CC7BO,MAAMM,EAOXC,KAAMC,CAAQ,CAAEC,CAA8B,CAAE,CAC9C,SAASC,EAA6B,GAAGC,CAAa,EACpD,IAAI,CAACC,GAAG,CAAEJ,EAAOE,GACjBD,EAAGI,KAAK,CAAE,IAAI,CAAEF,EAClB,CAGA,OAFAD,EAAGD,EAAE,CAAGA,EACR,IAAI,CAACC,EAAE,CAAEF,EAAOE,GACT,IAAI,AACb,CAEAA,GAAIF,CAAQ,CAAEM,CAA8B,CAAE,CAG5C,OAFM,IAAI,CAACC,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,EAAG,CAAA,IAAI,CAACO,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAAG,EAAE,AAAF,EACtE,IAAI,CAACO,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAACb,IAAI,CAAEmB,GAC7B,IAAI,AACb,CAEAF,IAAKJ,CAAS,CAAEC,CAA+B,CAAE,CAC/C,GAAK,CAACD,EAEJ,OADA,IAAI,CAACO,SAAS,CAAG,GACV,IAAI,CAIb,IAAMA,EAAY,IAAI,CAACA,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAC/C,GAAK,CAACO,EAAY,OAAO,IAAI,CAG7B,GAAK,CAACN,EAEJ,OADA,OAAO,IAAI,CAACM,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAC7B,IAAI,CAGb,IAAM,IAAIjB,EAAI,EAAGA,EAAIwB,EAAUtB,MAAM,CAAEF,IAAM,CAC3C,IAAMuB,EAAKC,CAAS,CAACxB,EAAE,CACvB,GAAKuB,IAAOL,GAAMK,EAAGL,EAAE,GAAKA,EAAK,CAC/BM,EAAUC,MAAM,CAAEzB,EAAG,GACrB,KACF,CACF,CAQA,OAJ0B,IAArBwB,EAAUtB,MAAM,EACnB,OAAO,IAAI,CAACsB,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAG/B,IAAI,AACb,CAEAS,KAAMT,CAAQ,CAAE,GAAGU,CAAW,CAAE,CAC9B,IAAIC,EAAM,IAAI,CAACJ,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CACvC,GAAKW,EAAM,CACTA,EAAMA,EAAIC,KAAK,CAAE,GACjB,IAAM,IAAI7B,EAAI,EAAG8B,EAAMF,EAAI1B,MAAM,CAAEF,EAAI8B,EAAK,EAAE9B,EAC5C4B,CAAG,CAAC5B,EAAE,CAACsB,KAAK,CAAE,IAAI,CAAEK,EAExB,CACA,OAAO,IAAI,AACb,CA9DA3D,aAAa,WAFbwD,KAAAA,KAAAA,eAAAA,IAAAA,uBAAAA,IAAAA,wDAAAA,IAAAA,MAGE,IAAI,CAACA,SAAS,CAAG,EACnB,CA6DF,yHCpEO,MAAMO,EAWXC,MAAOC,CAAgB,CAAEC,CAAoB,CAAE,CACxCD,GAAY,GACfA,CAAAA,EAAW,CAAA,EAEb,IAAME,EAAa,IAAI,CAACC,GAAG,GAAK,IAAOH,EACvC,GAAK,IAAI,CAACI,WAAW,GAAKF,GAAc,IAAI,CAACG,YAAY,CACvD,OAGF,IAAI,CAACC,IAAI,GAET,IAAI,CAACF,WAAW,CAAGF,EAGnB,IAAIK,EAAgB,EACfP,EADe,GAElBO,CAAAA,EAAgBP,CAAAA,EAElB,IAAI,CAACK,YAAY,CAAGG,YAAa,KAC1B,IAAI,CAACJ,WAAW,EAAI,IAAI,CAACD,GAAG,GAAK,MACpC,IAAI,CAACG,IAAI,GACTL,IAEJ,EAAGM,AAAgB,IAAhBA,EACL,CAEAD,MAAO,CACA,IAAI,CAACD,YAAY,GACpBI,cAAe,IAAI,CAACJ,YAAY,EAChC,IAAI,CAACA,YAAY,CAAG,KAExB,CAnCAtE,YAAa2E,EAA0B,IAAMC,KAAKR,GAAG,EAAE,CAAG,CAN1DS,EAAA,IAAA,CAAQT,MAAR,KAAA,GAEAS,EAAA,IAAA,CAAQP,eAAR,KAAA,GAEAO,EAAA,IAAA,CAAQR,cAAR,KAAA,GAGE,IAAI,CAACD,GAAG,CAAGO,CACb,CAkCF,CCxCO,SAASG,IACd,IAAMC,EAAS3D,OAAO4D,QAAQ,CAACC,aAAa,CAAE,UAU9C,OATAF,EAAOG,KAAK,CAACC,KAAK,CAAG,IACrBJ,EAAOG,KAAK,CAACE,MAAM,CAAG,IACtBL,EAAOG,KAAK,CAACG,QAAQ,CAAG,WACxBN,EAAOG,KAAK,CAACI,UAAU,CAAG,SAC1BP,EAAOG,KAAK,CAACK,OAAO,CAAG,OAEvBR,EAAOS,KAAK,CAAG,sBACfT,EAAOU,UAAU,CAAG,OAEbV,CACT,CCJA,IAAK,IC2N+B3D,EAAAA,EDhOhCsE,EAAS,EAAE,CAIXC,EAAO,mEACF3D,EAAI,EAAG8B,EAAM6B,EAAKzD,MAAM,CAAEF,EAAI8B,EAAK,EAAE9B,EAC5C0D,CAAM,CAAC1D,EAAE,CAAG2D,CAAI,CAAC3D,EAAE,CEId,SAAS4D,EAAyBC,CAAyB,CACzBC,EAAa,CAAA,CAAI,EACxD,GAAK,CAACD,EAAM,MAAO,GACnB,IAAME,EAAgB,EAAE,CACxB,IAAM,IAAMC,KAAKH,EACVA,EAAII,cAAc,CAAED,IAAOH,CAAG,CAACG,EAAE,EACpCD,EAAI3D,IAAI,CAAE,CAAC,EACT8D,mBAAoBF,GACrB,CAAC,EACAE,mBAAoB,AAAkB,UAAlB,OAAOL,CAAG,CAACG,EAAE,CAAgBzE,KAAKI,SAAS,CAAEkE,CAAG,CAACG,EAAE,EAAKH,CAAG,CAACG,EAAE,EACnF,CAAC,EAGN,MAAO,CAAC,EAAGF,EAAa,IAAM,GAAI,EAAGC,EAAII,IAAI,CAAE,KAAO,CAAC,AACzD,CCpBO,SAASC,EAASC,CAAuB,EAC9C,IAAIC,EAAY,KACZC,EAAUF,EAAQE,OAAO,EAAI,GAajC,MAZwB,SAAnBF,EAAQG,MAAM,EACjBD,CAAAA,EAAU,CACR,eAAgBF,AAAwB,SAAxBA,EAAQI,WAAW,CAAc,kDAC/C,iCACF,GAAGF,CAAO,AACZ,CAAA,EAEGF,EAAQC,IAAI,EACfA,CAAAA,EAAOD,AAAwB,SAAxBA,EAAQI,WAAW,CAAcb,EAAyBS,EAAQC,IAAI,CAAE,CAAA,GAC3E/E,KAAKI,SAAS,CAAE0E,EAAQC,IAAI,CAAA,EAG3B,IAAIrF,QAAS,CAAEC,EAASwF,KAC7BC,MAAON,EAAQO,GAAG,CAAE,CAClBJ,OAAQH,EAAQG,MAAM,CACtBF,KAAQA,EACRC,QAAAA,CAECM,GAAAA,IAAI,CAAE,AAAE1F,GAAqBD,EAASC,EAAM2F,IAAI,KAChDC,KAAK,CAAEL,EACZ,EACF,CC7BA,IAAMM,EAAU,iEAYT,SAASC,EAAgB/E,CAAc,EAC5C,IAAIgF,EAAM,GACJC,EAAWH,EAAQ9E,MAAM,CACzBkF,EAAU,IAAM,IAAMD,EAC5B,KAAQjF,EAAS,GAAI,CACnB,IAAMmF,EAAMC,AAfhB,SAAyBC,CAAS,EAEhC,IAAMC,EAASC,KAAKD,MAAM,EAAIC,KAAKC,QAAQ,CACrCC,EAAI,IAAIC,WAAYL,GAC1B,IAAM,IAAIvF,EAAI,EAAGA,EAAIuF,EAAGvF,GAF6B,MAGnDwF,EAAOK,eAAe,CAAEF,EAAEG,QAAQ,CAAE9F,EAAGA,EAAI+F,KAAKC,GAAG,CAAET,EAAIvF,EAHN,SAKrD,OAAO2F,CACT,EAOgCI,KAAKE,IAAI,CAAE/F,AAAS,IAATA,EAAekF,IACtD,IAAM,IAAIpF,EAAI,EAAGA,EAAIqF,EAAInF,MAAM,EAAIA,EAAS,EAAGF,IAAM,CACnD,IAAMkG,EAAab,CAAG,CAACrF,EAAE,CACpBkG,EAAad,IAChBF,GAAOF,EAAQmB,MAAM,CAAED,EAAaf,GACpCjF,IAEJ,CACF,CACA,OAAOgF,CACT,CAmBO,IAAMkB,EAAe,AAAEC,GAAmBC,mBAC/CC,KAAMF,EAAMG,OAAO,CAAE,KAAM,KAAMA,OAAO,CAAE,KAAM,MAC7CC,KAAK,CAAE,IACPhG,GAAG,CAAEiG,AAAAA,GACG,CAAC,CAAC,EAAG,CAAC,EAAE,EAAGA,EAAEC,UAAU,CAAE,GAAIC,QAAQ,CAAE,IAAM,CAAC,CAAC/E,KAAK,CAAE,IAAM,CAAC,EAErEsC,IAAI,CAAE,KAKJ,SAAS0C,EAAUC,CAAW,EACnC,GAAI,CACF,IAAMC,EAAQD,EAAIL,KAAK,CAAE,KACzB,GAAKM,AAAiB,IAAjBA,EAAM7G,MAAM,CACf,MAAM,AAAInC,MAAO,oBAEnB,MAAO,CACLiJ,OAASzH,KAAKC,KAAK,CAAE4G,EAAcW,CAAK,CAAC,EAAE,GAC3CE,QAAS1H,KAAKC,KAAK,CAAE4G,EAAcW,CAAK,CAAC,EAAE,EAC7C,CACF,CAAE,MAAQxG,EAAG,CACX,MAAM,IAAI/B,EAAiB,sBAC7B,CACF,CAuFO,IAAM0I,EAAgB,CAC3B,MAEA,MACA,MACA,MACA,MACA,MACA,MACA,QACA,YACA,UACA,SACA,MACA,MACA,UACA,MACA,eACA,WACA,aACA,eACA,iBACA,OACA,OACA,MACA,SACA,MACA,MACA,MACA,MACA,MACA,MACA,SACA,SACA,MACA,QACA,YACA,UACA,QACA,aACD,CC7KM,SAASC,EAAc,GAAGC,CAAc,EAC7C,OAAOA,EAAQC,MAAM,CAAE,CAAEC,EAAeC,IAC/BC,AAhBX,CAAA,SAASA,EAAOF,CAAkB,CAAEC,CAAiB,EACnD,IAAM,IAAME,KAAKF,EACUG,KAAAA,IAApBH,CAAY,CAACE,EAAE,GACb,AAA2B,UAA3B,OAAOF,CAAY,CAACE,EAAE,EAAiBF,AAAqC,WAArCA,CAAY,CAACE,EAAE,CAACzJ,WAAW,CAACG,IAAI,CAC1EmJ,CAAa,CAACG,EAAE,CAAGD,EAAOF,CAAa,CAACG,EAAE,EAAI,GAAIF,CAAY,CAACE,EAAE,EAEjEH,CAAa,CAACG,EAAE,CAAGF,CAAY,CAACE,EAAE,EAIxC,OAAOH,CACT,CAAA,EAKkBA,GAAiB,CAAIC,EAAAA,GAClC,CAAC,EACN,CCjCO,IAAMI,EAAiB,CAAEC,EAAcC,IAC5CA,GAAiBA,EAAcpB,KAAK,CAAE,QAASqB,MAAM,CAAEC,AAAAA,GAAMA,IAAOH,GAAO1H,MAAM,CAAG,EAEzE8H,EAAkB,CAAEC,EAAeC,IAC9CA,GAAUA,EAAOzB,KAAK,CAAE,KAAM0B,OAAO,CAAEF,GAAU,GCD7CG,EAAY,CAAExD,EAAazB,EAAQ,GAAG,CAAEC,EAAS,GAAG,IACxD,IAAMiF,EAAOjJ,OAAOkJ,OAAO,CAAKlJ,AAAAA,CAAAA,OAAOmJ,UAAU,CAAGpF,CAAI,EAAM,EACxDqF,EAAMpJ,OAAOqJ,OAAO,CAAKrJ,AAAAA,CAAAA,OAAOsJ,WAAW,CAAGtF,CAAK,EAAM,EAE/D,OAAOhE,OAAOuJ,IAAI,CAChB/D,EACA,mBACA,CAAC,KAAK,EAAGyD,EAAM,KAAK,EAAGG,EAAK,OAAO,EAAGrF,EAAO,QAAQ,EAAGC,EAAQ,kCAAkC,CAAC,CAEvG,ECHMwF,EAAe,CAAC,EAAGC,YAAYzG,GAAG,GAAI,CAAC,EAAG2D,AAAgB,IAAhBA,KAAK+C,MAAM,GAAkB,EAAG,CAAC,CAC3EC,EAAgC,CAAA,CAE/B,OAAMC,EAUXC,SAAUC,CAAgB,CAAEhI,CAAc,CAAEiI,EAAU,GAAI,CAAQ,CAChE,GAAK,CAACD,EAAW,KAAM,iBAEvB,GAAK,CAAC9J,OAAOC,YAAY,CAAG,CAC1B6B,IACA,MACF,CAEA,IAAMkI,EAAkB,IAAI,CAACC,SAAS,CAAGH,EAEzC7J,aAAaK,OAAO,CAAE0J,EAAiBR,GAEvCU,WAAY,KACLjK,aAAaC,OAAO,CAAE8J,IAAqBR,GAC9C1H,GACD,EAAA,KAGHoI,WAAY,WAAcjK,aAAaQ,UAAU,CAAEuJ,EAAsBD,EAAAA,EAC3E,CAEAI,0BAA2BC,CAAiB,CAAEC,CAAc,CAAQ,CAElE,GAAI,CAAEV,CAAQ,CAACS,EAAU,CAAEC,GAC3B,MAAQC,EAAI,CAAE,CAEd,GAAK,CAACtK,OAAOC,YAAY,CAAG,OAE5B,IAAMsK,EAAO,CACXA,KAAWF,EACXG,UAAW,IAAIhH,OAAOiH,OAAO,EAC/B,EAGAxK,aAAaK,OAAO,CAAE,CAAC,EAAG,IAAI,CAAC2J,SAAS,CAAE,KAAK,EAAGG,EAAW,CAAC,CAAEjK,KAAKI,SAAS,CAAEgK,IAGhFL,WAAY,KAAQjK,aAAaQ,UAAU,CAAE,CAAC,EAAG,IAAI,CAACwJ,SAAS,CAAE,KAAK,EAAGG,EAAW,CAAC,CAAO,EAAA,IAC9F,CAEAM,mBAAoBN,CAAiB,CAAEtI,CAAyB,CAAQ,CACtE6H,CAAQ,CAACS,EAAU,CAAGtI,EAChB9B,OAAOC,YAAY,EAGzBD,OAAO2K,gBAAgB,CAAE,UAAW,AAAEC,IACpC,GAAKA,EAAGhL,GAAG,EAAI,CAAC,EAAG,IAAI,CAACqK,SAAS,CAAE,KAAK,EAAGG,EAAW,CAAC,EAClD,CAACQ,EAAGC,QAAQ,CADyC,OAE1D,IAAMC,EAAc3K,KAAKC,KAAK,CAAEwK,EAAGC,QAAQ,EAC3C/I,EAAIgJ,EAAYP,IAAI,CACtB,EACF,CA1DA3L,YAAamM,CAAW,CAAG,KAR7BnL,EAAAG,EAAAA,EAMEkK,KAAAA,GANFrK,EAMEqK,eAAAA,IAAAA,uBAAAA,IAAAA,wDAAAA,IAAAA,MAGE,IAAI,CAACA,SAAS,CAAGc,CACnB,CAyDF,yHPxBO,MAAMC,UAAmBrJ,EAgF9B,MAAMsJ,WAAYC,EAAa,CAAA,CAAI,CAAgC,QACjE,AAAK,IAAI,CAACC,WAAW,CACZ,IAAI,EAGR,IAAI,CAACC,mBAAmB,EAG3B,CAAA,IAAI,CAACA,mBAAmB,CAAG,IAAIvL,QAAS,MAAQC,EAASwF,KACvD,GAAI,CACG,IAAI,CAAC+F,UAAU,CAACC,IAAI,EACvB,MAAM,IAAI,CAACD,UAAU,CAACC,IAAI,GAEvB,IAAI,CAACC,SAAS,CAACD,IAAI,EACtB,MAAM,IAAI,CAACC,SAAS,CAACD,IAAI,GAGrB,IAAI,CAACrG,OAAO,CAACuG,SAAS,EAAIC,AAAiD,IAAjDA,OAAOC,IAAI,CAAE,IAAI,CAACzG,OAAO,CAACuG,SAAS,EAAG1K,MAAM,EAC1E,MAAM,IAAI,CAAC6K,eAAe,GAE5B,IAAI,CAACR,WAAW,CAAG,CAAA,EAEnB,GAAI,CACF,GAAKD,EAAY,CACTlL,IAAAA,GAAAA,OAAAA,CAAAA,EAAAA,MAAAA,GAAAA,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAQ4L,YAAY,AAAA,GACxB,MAAM,IAAI,CAACC,WAAW,EAE1B,CACF,CAAE,MAAQ1K,EAAI,CACZ,IAAI,CAACmB,IAAI,CAAElE,EAAOI,kBAAkB,CAAE2C,GACtC,MAAM,IAAI,CAACoK,SAAS,CAAC7K,KAAK,EAC5B,CACAZ,EAAS,IAAI,CACf,CAAE,MAAQqB,EAAI,CAEVmE,EAAQnE,AADLA,aAAazC,EACRyC,EAEA,IAAIzC,EAAiByC,EAAE2K,OAAO,UAEhC,CACR,IAAI,CAACV,mBAAmB,CAAG9C,KAAAA,CAC7B,CACF,EAAA,EAGK,IAAI,CAAC8C,mBAAmB,CACjC,CAUA,MAAMW,MAAO9G,EAAuC,EAAE,CAAE+G,EAAkC,CAAA,CAAE,CAAE,CAC5FhM,OAAOiM,QAAQ,CAACC,MAAM,CAAE,MAAM,IAAI,CAACC,iBAAiB,CAAElH,EAAS+G,GACjE,CAaA,MAAMI,eAAgBnH,EAAuC,EAAE,CAAEoH,EAA6B,CAAA,CAAE,CAAE,CAChG,IAAM7G,EAAM,MAAM,IAAI,CAAC2G,iBAAiB,CAAE,CACxCG,cAAe,WACf,GAAGrH,CAAO,CACVd,QAAe,QACfoI,aAAe,GACjB,GACM,CAAEC,SAAAA,CAAQ,CAAEvN,MAAAA,CAAK,CAAE,CAAG,MAAMwN,AMlM/B,SAAmBjH,CAAW,CAAEP,CAAqB,EAC1D,IAaIyH,EACAC,EAdAC,EAAQ3H,EAAQ2H,KAAK,CAQzB,GANKA,EACHA,EAAMX,QAAQ,CAACY,IAAI,CAAGrH,EAEtBoH,EAAQ5D,EAAWxD,GAGhB,CAACoH,EAEJ,MAAM,AAAIjO,MAAO,wBAMnB,OAAO,IAAIkB,QAA2C,CAAEC,EAASwF,KAC/D,SAASwH,IACPxJ,cAAeqJ,GACfI,aAAcL,GACd1M,OAAOgN,mBAAmB,CAAE,UAAWC,EACzC,CAgBA,SAASA,EAAiB9L,CAAe,EACvC,GAAK,CAACA,EAAEoJ,IAAI,EAAIpJ,AAAgB,2BAAhBA,EAAEoJ,IAAI,CAAC/B,IAAI,CAAgC,OAC3DsE,IACAF,EAAOM,KAAK,GACZ,IAAM3C,EAAOpJ,EAAEoJ,IAAI,CAACiC,QAAQ,EAAIrL,EAAEoJ,IAAI,AACtCA,CAAAA,EAAK1L,KAAK,CAAGyG,EAAQ,IAAI5G,EAAiB6L,EAAK1L,KAAK,CAAE0L,EAAKzL,iBAAiB,GACxEgB,EAASqB,EAAEoJ,IAAI,CACrB,CArBAmC,EAAYxC,WAAY,KACtB4C,IACAxH,EAAQ,IAAI5G,EAAiB,aAC5BuG,EAAAA,EAAQ8E,OAAO,EAAI,KAEtB4C,EAAUtJ,YAAa,WAChBuJ,EAAOO,MAAM,GAChBL,IACAxH,EAAQ,IAAI/F,EAAsB,sBAEnC,EAAA,KAEHS,OAAO2K,gBAAgB,CAAE,UAAWsC,EAUtC,EACF,ENmJgDzH,EAAK6G,GAC3C,CAAEe,WAAAA,CAAU,CAAEpB,WAAAA,CAAU,CAAE,CAAG,AAAC/M,GAAS,AAAiB,UAAjB,OAAOA,EAEhDA,EADF,MAAM,IAAI,CAACoO,SAAS,CAAEpO,GAASuN,EAASvN,KAAK,EAEzCqO,EAAc,MAAM,IAAI,CAACC,kBAAkB,CAAEf,EAAUY,EAAYpB,GACnEwB,EAAa,MAAM,IAAI,CAACC,iBAAiB,CAC7CH,EACAF,EACArF,EAAc,IAAI,CAAC9C,OAAO,CAAEmI,IAI9B,OAFAI,EAAWE,aAAa,CAAElB,EAASkB,aAAa,CAChD,IAAI,CAACC,YAAY,CAACxD,yBAAyB,CAAE/L,EAAOE,UAAU,CAAEkP,GACzDxB,CACT,CASA,MAAM4B,cAAepI,EAAaxF,OAAAA,CAAAA,EAAAA,MAAAA,GAAAA,SAAAA,SAAAA,OAAAA,CAAAA,EAAAA,EAAQiM,QAAQ,AAAA,GAAhBjM,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAkB6M,IAAI,AAAA,CAAE,KAIpDgB,EAHJ,GAAK,CAACrI,EACJ,OAAO3F,QAAQyF,MAAM,CAAE,IAAI5G,EAAiB,gDAG9C,GAAI,CACFmP,EAAY,IAAIC,IAAKtI,EACvB,CAAE,MAAQrE,EAAG,CACX,OAAOtB,QAAQyF,MAAM,CAAE,IAAI5G,EAAiB,CAAC,8BAA8B,EAAG8G,EAAK,CAAC,CAAC,EACvF,CAEA,IAAMuI,EAAiBC,ACjNpB,SAAwBjO,CAAa,EAC1C,IAAMkO,EAAiC,CAAA,EACvClO,EAAQA,EAAMmO,IAAI,GAAG9G,OAAO,CAAE,YAAa,IAC3C,IAAM+G,EAASpO,EAAMsH,KAAK,CAAE,KAC5B,IAAM,IAAIzG,EAAI,EAAGA,EAAIuN,EAAOrN,MAAM,CAAEF,GAAK,EAAI,CAC3C,IAAMwN,EAAgBD,CAAM,CAACvN,EAAE,CACzB+G,EAAQyG,EAAc/G,KAAK,CAAE,KAC7BzH,EAAMsH,mBAAoBS,EAAM0G,KAAK,IACrCtO,EAAQ4H,EAAM7G,MAAM,CAAG,EAAI6G,EAAM5C,IAAI,CAAE,KAAQ,EACrDkJ,CAAAA,CAAM,CAACrO,EAAI,CAAGsH,mBAAoBnH,EACpC,CACA,OAAOkO,CACT,EDqM0CJ,EAAUS,MAAM,EAAIT,EAAUU,IAAI,EAClEC,EAAiB,MAAM,IAAI,CAACnB,SAAS,CAAEU,EAAe9O,KAAK,EAC3D,CAAEmO,WAAAA,CAAU,CAAEpB,WAAAA,CAAU,CAAEO,aAAAA,CAAY,CAAE,CAAGiC,EAEjD,OADAhJ,EAAMA,GAAOxF,OAAOiM,QAAQ,CAACY,IAAI,CACxBN,GACP,IAAK,IACEvM,IAAAA,EAAL,CAAA,AAAKA,OAAAA,CAAAA,EAAAA,MAAAA,GAAAA,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAQ4L,YAAY,GAClBpG,GACHxF,OAAOyO,MAAM,CAACC,WAAW,CAAE,CACzBlG,KAAU,yBACVgE,SAAUuB,EACV9O,MAAUuP,GACT,CAAC,EAAGvC,SAAS0C,QAAQ,CAAE,EAAE,EAAG1C,SAAS2C,IAAI,CAAE,CAAC,EAGnD,MACF,KAAK,IACE5O,OAAO6O,MAAM,EAAIrJ,GACpBxF,OAAO6O,MAAM,CAACH,WAAW,CAAE,CACzBlG,KAAU,yBACVgE,SAAUuB,EACV9O,MAAUuP,GACT,CAAC,EAAGvC,SAAS0C,QAAQ,CAAE,EAAE,EAAG1C,SAAS2C,IAAI,CAAE,CAAC,EAEjD,MACF,SACE,GAAKb,EAAelP,KAAK,CACvB,OAAOgB,QAAQyF,MAAM,CAAE,IAAItG,EAAqB+O,EAAelP,KAAK,CAAEkP,EAAejP,iBAAiB,GAExG,IAAMwO,EAAc,MAAM,IAAI,CAACC,kBAAkB,CAAEQ,EAAgBX,EAAYpB,GACzEwB,EAAa,MAAM,IAAI,CAACC,iBAAiB,CAC7CH,EACAF,EACArF,EAAc,IAAI,CAAC9C,OAAO,CAAEmI,IAI9B,OAFAI,EAAWE,aAAa,CAAEK,EAAeL,aAAa,CACtD,IAAI,CAACC,YAAY,CAACxD,yBAAyB,CAAE/L,EAAOE,UAAU,CAAEkP,GACzDxB,CACX,CACF,CAOA,MAAM8C,OAAQ7J,EAAgC,EAAE,CAAE,CAChD,GAAK,CAACA,EAAQ8J,SAAS,CAAG,CACxB,IAAMC,EAAa,MAAM,IAAI,CAACzD,SAAS,CAAC5L,GAAG,CAAE,QACvCsP,EAAgBhK,EAAQgK,aAAa,EAAA,CAAA,MAAID,EAAAA,KAAAA,EAAAA,AAAAA,EAAYE,YAAY,AAAA,EACvElP,OAAOiM,QAAQ,CAACC,MAAM,CAAE,MAAM,IAAI,CAACiD,mBAAmB,CAAE,CACtD,GAAGlK,CAAO,CACVgK,cAAAA,CACF,GACF,CACA,MAAM,IAAI,CAAC1D,SAAS,CAAC7K,KAAK,EAC5B,CAQA,MAAM0O,YAAaC,CAAa,CAAE7G,EAAkB,cAAc,CAAEvD,EAAyB,CAAA,CAAE,CAAE,CAC/F,GAAK,CAAC,IAAI,CAACA,OAAO,CAACuG,SAAS,CAAE8D,mBAAmB,CAC/C,OAAOzP,QAAQyF,MAAM,CAAE,IAAI5G,EAAiB,yCAE9C,IAAM6Q,EAAe,CACnBC,UAAiBvK,EAAQuK,SAAS,EAAI,IAAI,CAACvK,OAAO,CAACuK,SAAS,CAC5DC,cAAiBxK,EAAQwK,aAAa,EAAI,IAAI,CAACxK,OAAO,CAACwK,aAAa,CACpEC,gBAAiBlH,EACjB6G,MAAiBA,CACnB,EAEA,OAAO,IAAI,CAACM,IAAI,CAAE,CAChBvK,OAAa,OACbC,YAAa,OACbG,IAAa,IAAI,CAACP,OAAO,CAACuG,SAAS,CAAE8D,mBAAmB,CACxDpK,KAAaqK,CACf,EACF,CAYA,MAAM1D,YAAa5G,EAA8B,EAAE,CAAE+G,EAAkC,CAAA,CAAE,CAAE,KAErFsB,CADJ,OAAM,IAAI,CAACrC,UAAU,CAAE,CAAA,GAEvB,IAAI2E,EAAkB,CAAA,EAEhBZ,EAAa,MAAM,IAAI,CAACzD,SAAS,CAAC5L,GAAG,CAAE,SAAY,GAEnD4P,EAAexH,EAAc,CACjCuE,cAAe,QACfnI,QAAe,OACf0L,OAAe,QACd,IAAI,CAAC5K,OAAO,CAAEA,GAMjB,GAJKsK,EAAaO,mBAAmB,EACnCP,CAAAA,EAAaQ,YAAY,CAAGR,EAAaO,mBAAmB,EAGzD,IAAI,CAAC7K,OAAO,CAAC+K,eAAe,EAAIhB,CAAAA,MAAAA,EAAAA,KAAAA,EAAAA,AAAAA,EAAYiB,aAAa,AAAA,EAC5DL,EAAWxC,UAAU,CAAGrF,EAAciH,AAAAA,CAAAA,MAAAA,EAAAA,KAAAA,EAAAA,AAAAA,EAAY5B,UAAU,AAAA,GAAI,CAAC,EAAGwC,EAAWxC,UAAU,EAAI,CAAA,GAC7FE,EAAc,MAAM,IAAI,CAAC4C,oBAAoB,CAAE,CAC7C,GAAGX,CAAY,CACfU,cAAejB,EAAWiB,aAAa,AACzC,OACK,KFlVThL,EEmVI,IAAMkL,EAAU,MAAM,IAAI,CAAChE,iBAAiB,CAAE,CAC5C,GAAGoD,CAAY,CACfhD,aAAc,GACbP,EAAAA,GAEG,CAAEQ,SAAAA,CAAQ,CAAEvN,MAAAA,CAAK,CAAE,CAAG,OFxVhCgG,EEwV0D,CACpD8E,QAAawF,EAAaa,oBAAoB,CAC9CC,YAAarQ,OAAOiM,QAAQ,CAACqE,MAAM,AACrC,EFzVG,IAAIzQ,QAAc,CAAEC,EAASwF,KAClC,IAAIiL,EAAuB,KACrB5M,EAASD,IAET8M,EAAsBtG,WAAY,KACtC5E,EAAQ,IAAI5G,EAAiB,cAC7B+R,GACF,EAAG,AAA4B,IAA1BxL,CAAAA,EAAQ8E,OAAO,EAAI,EAAC,GAEnB2G,EAAsB,AAAEvP,IAC5B,GAAKA,EAAEmP,MAAM,EAAIrL,EAAQoL,WAAW,EAC/B,CAAClP,EAAEoJ,IAAI,EAAIpJ,AAAgB,2BAAhBA,EAAEoJ,IAAI,CAAC/B,IAAI,CADY,OAEvC,IAAMmI,EAAcxP,EAAEyP,MAAM,CACvBD,GACIA,EAAczD,KAAK,GAG5B,IAAM2D,EAAO1P,EAAEoJ,IAAI,CAACiC,QAAQ,EAAIrL,EAAEoJ,IAAI,AACtCsG,CAAAA,EAAKhS,KAAK,CACNyG,EAAQ,IAAItG,EAAqB6R,EAAKhS,KAAK,CAAEgS,EAAK/R,iBAAiB,CAAE+R,EAAK5R,KAAK,CAAE4R,EAAK3R,SAAS,GAC/FY,EAASqB,EAAEoJ,IAAI,EACnBwC,aAAcyD,GACdC,GACF,EAEMA,EAAe,KACK,MAAnBF,GACHxD,aAAcwD,GAEXvQ,OAAO4D,QAAQ,CAACsB,IAAI,CAAC4L,QAAQ,CAAEnN,IAClC3D,OAAO4D,QAAQ,CAACsB,IAAI,CAAC6L,WAAW,CAAEpN,GAEpC3D,OAAOgN,mBAAmB,CAAE,UAAW0D,EAAoB,CAAA,EAC7D,EAEMM,EAAgB,IAAM9G,WAAY,KACtC5E,EAAQ,IAAI5G,EAAiB,2CEkTgByR,IFjT7CM,GACC,EAAA,KAIHzQ,OAAO2K,gBAAgB,CAAE,UAAW+F,EAAoB,CAAA,GACxD1Q,OAAO4D,QAAQ,CAACsB,IAAI,CAAC+L,WAAW,CAAEtN,GAClCA,EAAOuN,YAAY,CAAE,ME0S0Bf,GFpS/CxM,EAAOwN,MAAM,CAAG,WACdZ,EAAkBS,GACpB,CACF,IEqSI1D,EAAc,MAAM,IAAI,CAACC,kBAAkB,CAAEf,EAAU+C,EAAcvD,GACrEgD,EAAWtB,aAAa,CAAGlB,EAASkB,aAAa,CACjDkC,EAAa3Q,CACf,CAEA,IAAMuO,EAAa,MAAM,IAAI,CAACC,iBAAiB,CAAEH,EAAasC,EAAWxC,UAAU,CAAEmC,GAGrF,OAFA/B,EAAWE,aAAa,CAAGsB,EAAWtB,aAAa,CACnD,IAAI,CAACC,YAAY,CAACxD,yBAAyB,CAAE/L,EAAOE,UAAU,CAAEkP,GACzDoC,EAAW5D,UAAU,AAC9B,CAKA,MAAMoF,gBAAgB,CACX,IAAAC,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC5L,GAAG,CAAE,OAA1B,GAAA0R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCC,YAAY,AAC7D,CAMA,MAAMC,iBAAiB,CACZ,IAAAF,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC5L,GAAG,CAAE,OAA1B,GAAA0R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCpB,aAAa,AAC9D,CAKA,MAAMuB,YAAY,CACP,IAAAH,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC5L,GAAG,CAAE,OAA1B,GAAA0R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCI,QAAQ,AACzD,CAKA,MAAMC,cAAc,CACT,IAAAL,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC5L,GAAG,CAAE,OAA1B,GAAA0R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCM,UAAU,AAC3D,CAKA,MAAMC,eAAe,CACV,IAAAP,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC5L,GAAG,CAAE,OAA1B,GAAA0R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCnC,YAAY,AAC7D,CAMA,MAAM2C,WAAW,KACRC,EAAET,EAAT,OAAA,AAAmC,OAA1BA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC5L,GAAG,CAAE,OAAA,GAA1B0R,AAAF,KAAA,IAAEA,EAAF,KAAA,EAAA,OAAAS,CAAAA,EAAAT,EAAwCxI,KAAK,GAA7CiJ,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAA+CzK,KAAK,CAAE,IAC/D,CAMA,MAAM0K,SAAS,CACJ,IAAAV,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC5L,GAAG,CAAE,OAA1B,GAAA0R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCW,IAAI,AACrD,CAQA,MAAMC,WAAYlD,EAAY,CAAA,CAAK,CAAE,CACnC,IAAMmD,EAAgB,CAAC,CAAC,MAAM,IAAI,CAACH,OAAO,GAC1C,GAAK,CAACG,GAAiB,CAACnD,EACtB,GAAI,CAEF,OADA,MAAM,IAAI,CAAClD,WAAW,GACf,CAAA,CACT,CAAE,MAAQ1K,EAAG,CACX,MAAO,CAAA,CACT,CAEF,OAAO+Q,CACT,CASA,MAAc/F,kBAAmBlH,EAAuC,EAAE,CACxE+G,EAAkC,CAAA,CAAE,CAAmB,KACjDmG,EGvauB5N,EHuaxB,CAAA,AAAC,OAAA4N,CAAAA,EAAA,IAAI,CAAClN,OAAO,CAACuG,SAAS,AAATA,GAAb2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwBC,sBAAsB,AAAA,GAClD,MAAM,IAAI,CAACnH,UAAU,CAAE,CAAA,GAGzB,IAAMsE,EAAe9D,OAAOS,MAAM,CAAE,CAAI,EAAA,IAAI,CAACjH,OAAO,CAAEA,EACtD+G,CAAAA,EAAWqG,aAAa,CAAGxM,EAAgB,IAE3C,IAAMuH,EAAa,CACjBoC,UAAoBD,EAAaC,SAAS,CAC1CvQ,MAAoB4G,EAAgB0J,EAAa+C,WAAW,EAC5DzJ,MAAoB0G,EAAa1G,KAAK,CACtC0J,SAAoBhD,EAAagD,QAAQ,CACzCxC,aAAoBR,EAAaQ,YAAY,CAC7CzD,cAAoBiD,EAAajD,aAAa,CAC9C7D,cAAoB8G,EAAa9G,aAAa,EAAI,OAClD+J,WAAoBjD,EAAaiD,UAAU,CAC3C3C,OAAoBN,EAAaM,MAAM,CACvC1L,QAAoBoL,EAAapL,OAAO,CACxCsO,OAAoBlD,EAAakD,MAAM,CACvCC,eAAoBnD,EAAamD,cAAc,CAC/CC,WAAoBpD,EAAaoD,UAAU,CAC3CC,aAAoBrD,EAAaqD,YAAY,CAC7CC,WAAoBtD,EAAasD,UAAU,CAC3C5D,cAAoBM,EAAaN,aAAa,CAC9C6D,gBAAoBvD,EAAauD,eAAe,CAChDC,mBAAoBxD,EAAawD,kBAAkB,CACnD,GAAGxD,EAAayD,WAAW,EAAIzD,EAAayD,WAAW,AACzD,EAEKzK,CAAAA,EAAgB,WAAY6E,EAAW3E,aAAa,GACvDG,EAAiB,SAAUwE,EAAWvE,KAAK,CAAA,GAC3CuE,CAAAA,EAAW6F,KAAK,CAAGpN,EAAgB0J,EAAa2D,WAAW,CAAA,EAGxD3K,EAAgB,OAAQ6E,EAAW3E,aAAa,IACnD2E,EAAW+F,cAAc,CAAE,MGzc/B,CAAA,AAAK5O,CAD0BA,EH0cuByH,EAAWqG,aAAa,EGzcpEvR,MAAM,CAAG,IAAMyD,EAAKzD,MAAM,CAAG,IAC9BjB,QAAQyF,MAAM,CAAE,IAAI5G,EAAiB,CAAC,qBAAqB,EAAG6F,EAAKzD,MAAM,CAAE,CAAC,GAG9E,IAAIjB,QAAS,CAAEC,EAASwF,KAC7Bc,OAAOgN,MAAM,CAACC,MAAM,CAAE,UAAW,IAAIC,cAAcC,MAAM,CAAEhP,IACxDkB,IAAI,CAAE+N,AAAAA,GACE1T,EAAS2T,AFGjB,SAAkBD,CAAkB,EACzC,IAAME,EAAUC,AFuElB,SAAwBC,CAAK,EAQ3B,IAAK,IAPDC,EACAnR,EAAMkR,EAAM9S,MAAM,CAClBgT,EAAapR,EAAM,EACnBiF,EAAQ,EAAE,CAIL/G,EAAI,EAAGmT,EAAOrR,EAAMoR,EAAYlT,EAAImT,EAAMnT,GAH9B,MAInB+G,EAAM3G,IAAI,CAACgT,AAtBf,SAAsBJ,CAAK,CAAEhR,CAAK,CAAEqR,CAAG,EAGrC,IAAK,IAFDJ,EACAK,EAAS,EAAE,CACNtT,EAAIgC,EAAOhC,EAAIqT,EAAKrT,GAAK,EAKhCsT,EAAOlT,IAAI,CAdNsD,CAAM,CAAC6P,AAUZN,CAAAA,EACE,AAAC,CAAA,AAACD,CAAK,CAAChT,EAAE,EAAI,GAAM,QAAQ,EAC3B,CAAA,AAACgT,CAAK,CAAChT,EAAI,EAAE,EAAI,EAAK,KAAA,EACtBgT,CAAAA,AAAe,IAAfA,CAAK,CAAChT,EAAI,EAAE,CAAO,GAbH,GAAK,GAAK,CAC7B0D,CAAM,CAAC6P,AAaqBN,GAbd,GAAK,GAAK,CACxBvP,CAAM,CAAC6P,AAYqBN,GAZd,EAAI,GAAK,CACvBvP,CAAM,CAAC6P,AAAM,GAWeN,EAXV,EAapB,OAAOK,EAAOnP,IAAI,CAAC,GACrB,EAW2B6O,EAAOhT,EAAG,AAACA,EAJf,MAIqCmT,EAAOA,EAAQnT,EAJpD,QAyBrB,OAjBIkT,AAAe,IAAfA,EAEFnM,EAAM3G,IAAI,CACRsD,CAAM,CAACuP,AAFTA,CAAAA,EAAMD,CAAK,CAAClR,EAAM,EAAE,AAAD,GAEH,EAAE,CAChB4B,CAAM,CAAC,AAACuP,GAAO,EAAK,GAAK,CACzB,MAEsB,IAAfC,GAETnM,EAAM3G,IAAI,CACRsD,CAAM,CAACuP,AAFTA,CAAAA,EAAM,AAACD,CAAAA,CAAK,CAAClR,EAAM,EAAE,EAAI,CAAA,EAAKkR,CAAK,CAAClR,EAAM,EAAE,AAAD,GAE3B,GAAG,CACjB4B,CAAM,CAAC,AAACuP,GAAO,EAAK,GAAK,CACzBvP,CAAM,CAAC,AAACuP,GAAO,EAAK,GAAK,CACzB,KAIGlM,EAAM5C,IAAI,CAAC,GACpB,EEtGiC,IAAIyB,WAAYgN,IAC/C,OAAOE,EAAQtM,OAAO,CAAE,MAAO,KAAMA,OAAO,CAAE,MAAO,KAAMA,OAAO,CAAE,KAAM,GAC5E,EENiC,IAAIZ,WAAYgN,KACxC,SAAW3U,CAAK,EAEjB,OAAOyG,EAAQzG,EACjB,EACJ,EAVA,EHwcIuO,EAAWgH,qBAAqB,CAAE7E,EAAa6E,qBAAqB,EAAI,QAG1E,IAAMpR,EAAM,IAAI,CAACiC,OAAO,CAACoP,mBAAmB,EAAI,IAAI,CAACpP,OAAO,CAACoP,mBAAmB,IAAM7Q,KAAKR,GAAG,GACxFsR,EAAW/E,EAAa+E,QAAQ,CAAG,CAAC,CAAC,EAAG/E,EAAa+E,QAAQ,CAAE,CAAC,CAAG,GACnEC,EAAmB/P,EAAyB4I,GAC5C5H,EAAM,CAAC,EAAG,IAAI,CAACP,OAAO,CAACuG,SAAS,CAAE4G,sBAAsB,CAAE,EAAGmC,EAAkB,EAAGD,EAAU,CAAC,CAYnG,OATA,IAAI,CAACjJ,UAAU,CAAC3K,KAAK,CAAEsC,EAAM,OAG7B,MAAM,IAAI,CAACqI,UAAU,CAAChL,GAAG,CAAE+M,EAAWnO,KAAK,CI9etCkB,KAAKC,KAAK,CAAED,KAAKI,SAAS,CJ8e+B,CAC5DW,WAAc8B,EACdoK,WAAAA,EACApB,WAAAA,EACAO,aAAcgD,EAAahD,YAAY,AACzC,KACO/G,CACT,CAQA,MAAc2J,oBAAqBlK,EAAgC,EAAE,CAAE,CAC/D,IAAAkN,EAAD,CAAA,AAAC,OAAAA,CAAAA,EAAA,IAAI,CAAClN,OAAO,CAACuG,SAAS,AAATA,GAAb2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwBqC,oBAAoB,AAAA,GAChD,MAAM,IAAI,CAAC7I,eAAe,GAE5B,IAAM4D,EAAexH,EAAc,IAAI,CAAC9C,OAAO,CAAEA,GAC3CwP,EAAe,CACnBxF,cAA0BM,EAAaN,aAAa,CACpDyF,yBAA0BnF,EAAamF,wBAAwB,CAC/D,GAAGnF,EAAaoF,iBAAiB,EAAI,CAAE,CAAA,AACzC,EACA,MAAO,CAAC,EAAG,IAAI,CAAC1P,OAAO,CAACuG,SAAS,CAAEgJ,oBAAoB,CAAE,EAAGhQ,EAAyBiQ,GAAgB,CAAC,AACxG,CAOA,MAAcG,0BAA2B3P,CAA2B,CAAE,CAC9D,IAAAkN,EAAD,CAAA,AAAC,OAAAA,CAAAA,EAAA,IAAI,CAAClN,OAAO,CAACuG,SAAS,AAATA,GAAb2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwB0C,cAAc,AAAA,GAC1C,MAAM,IAAI,CAAClJ,eAAe,GAE5B,IAAM4D,EAAexH,EAAc,IAAI,CAAC9C,OAAO,CAAEA,GAC3C,CAAE6P,kBAAAA,CAAiB,CAAEC,iBAAAA,CAAgB,CAAE,GAAGC,EAAM,CAAGzF,EACnD0F,EAAgB,CACpB,GAAGD,CAAI,CACP,GAAGD,GAAoB,CAAE,CAAA,CACzBG,WAAY,oBACd,EAEA,IAAM,IAAMC,IAAO,CAAC,OAAQ,eAAgB,gBAAiB,YAAY,CACvE,GAAK,CAACF,CAAa,CAACE,EAAI,CACtB,OAAOtV,QAAQyF,MAAM,CAAE,AAAI3G,MAAO,CAAC,CAAC,EAAGwW,EAAK,aAAa,CAAC,GAI9D,OAAO,IAAI,CAACxF,IAAI,CAAE,CAChBnK,IAAa,CAAC,EAAG,IAAI,CAACP,OAAO,CAACuG,SAAS,CAAEqJ,cAAc,CAAE,CAAC,CAC1DzP,OAAa,OACbC,YAAa,OACbH,KAAa+P,EACb9P,QAAa2P,CACf,EACF,CAOA,MAAc5E,qBAAsBjL,CAAoC,CAAG,CACnE,IAAAkN,EAAD,CAAA,AAAC,OAAAA,CAAAA,EAAA,IAAI,CAAClN,OAAO,CAACuG,SAAS,AAATA,GAAb2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwB0C,cAAc,AAAA,GAC1C,MAAM,IAAI,CAAClJ,eAAe,GAE5B,GAAM,CAAEmJ,kBAAAA,CAAiB,CAAEC,iBAAAA,CAAgB,CAAE,GAAGC,EAAM,CAAG/P,EACnDgQ,EAAgB,CACpBC,WAAe,gBACf1F,UAAe,IAAI,CAACvK,OAAO,CAACuK,SAAS,CACrCC,cAAe,IAAI,CAACxK,OAAO,CAACwK,aAAa,CACzC,GAAGuF,CAAI,CACP,GAAGD,GAAoB,CAAE,CAAA,AAC3B,EAEA,IAAM,IAAMI,IAAO,CAAC,gBAAiB,YAAY,CAC/C,GAAK,CAACF,CAAa,CAACE,EAAI,CACtB,OAAOtV,QAAQyF,MAAM,CAAE,AAAI3G,MAAO,CAAC,CAAC,EAAGwW,EAAK,aAAa,CAAC,GAI9D,OAAO,IAAI,CAACxF,IAAI,CAAE,CAChBnK,IAAa,CAAC,EAAG,IAAI,CAACP,OAAO,CAACuG,SAAS,CAAEqJ,cAAc,CAAE,CAAC,CAC1DzP,OAAa,OACbC,YAAa,OACbH,KAAa+P,EACb9P,QAAa2P,CACf,EACF,CAKA,MAAcnJ,iBAA+C,CAC3D,GAAI,CACF,IAAMyJ,EAAa,CAAC,EAAG,IAAI,CAACnQ,OAAO,CAACoQ,MAAM,CAAE,iCAAiC,CAAC,CACxE7I,EAAW,MAAM,IAAI,CAACmD,IAAI,CAAE,CAChCnK,IAAa4P,EACbhQ,OAAa,MACbC,YAAa,MACf,EACA,CAAA,IAAI,CAACiQ,eAAe,CAAG9I,EACvB,IAAMhB,EAAY,CAAA,EAClB,IAAM,IAAM+J,KAAQ9J,OAAOC,IAAI,CAAE,IAAI,CAAC4J,eAAe,EAC9CC,CAAAA,EAAKC,QAAQ,CAAE,cAAiBD,EAAKxM,OAAO,CAAE,YAAe,IAAMwM,EAAKxM,OAAO,CAAE,QAAW,EAAC,GAChGyC,CAAAA,CAAS,CAAC+J,EAAqC,CAAG,IAAI,CAACD,eAAe,CAACC,EAAK,AAAA,EAIhF,OADA,IAAI,CAACtQ,OAAO,CAACuG,SAAS,CAAGA,EAClB,IAAI,CAAC8J,eAAe,AAC7B,CAAE,MAAQnU,EAAI,CACZ,MAAM,IAAIzC,EAAiB,0BAA2ByC,EAAE2K,OAAO,CACjE,CACF,CASA,MAAcyB,mBACZf,CAAa,CACb+C,CAAgC,CAChCvD,EAAkC,CAAA,CAAE,CACrC,QACC,AAAKQ,EAASjI,IAAI,CACT,IAAI,CAACqQ,yBAAyB,CAAE,CACrC7E,aAAeR,EAAaQ,YAAY,CACxCP,UAAeD,EAAaC,SAAS,CACrC6C,cAAerG,EAAWqG,aAAa,CACvC6C,WAAe,qBACf3Q,KAAeiI,EAASjI,IAAI,AAC9B,GAEOiI,CAEX,CASA,MAAciB,kBAAmBH,CAA0B,CAAEF,CAA8B,CACzFmC,CAAoC,CAAE,KAMlCkG,CALJ,OAAM,IAAI,CAACxK,UAAU,CAAE,CAAA,GACvB,IAAI+G,EAAY,CAAA,EAChB,GAAK1E,EAAYzO,KAAK,CACpB,MAAM,IAAIG,EAAqBsO,EAAYzO,KAAK,CAAEyO,EAAYxO,iBAAiB,EAGjF,GAAKwO,EAAYmE,QAAQ,CAAE,CAEzB,GADAgE,EAAgB,MAAMC,AG5kBrB,SAA0BjE,CAAgB,CAAEwB,CAAa,CAAEhO,CAA+B,EAC/F,GAAK,CAACgO,EACJ,MAAM,IAAIvU,EAAiB,qBAG7B,GAAI,CACF,IAAMgJ,EAAMD,EAAUgK,GAEtB,GAAKwB,IAAUvL,EAAIG,OAAO,CAACoL,KAAK,CAC9B,MAAM,AAAItU,MAAO,CAAC,2BAA2B,EAAG+I,EAAIG,OAAO,CAACoL,KAAK,CAAE,CAAC,EAMtE,GAHA0C,AAaG,SAAsBjO,CAAW,CAAEzC,CAA6B,CAAE2Q,EAAY,CAAA,CAAK,EAExF,GAAI,CAAEC,UAAAA,CAAS,CAAExB,oBAAAA,CAAmB,CAAEgB,OAAAA,CAAM,CAAE9C,SAAAA,CAAQ,CAAE/C,UAAAA,CAAS,CAAE,CAAGvK,EAChE4Q,GACJA,CAAAA,EAAY,CAAA,EAEd,IAAM7S,EAAM,AAAEqR,CAAAA,GAAuBA,KAAyB7Q,KAAKR,GAAG,EAAC,EAAM,IAEvE6E,EAAUJ,EAAUC,GAAMG,OAAO,CAEvC,GAAK,CAACA,EAAQiO,GAAG,CACf,MAAM,IAAI1W,EAAiB,iCAE7B,GAAKyI,EAAQiO,GAAG,GAAKT,EACnB,MAAM,IAAIjW,EAAiB,CAAC,+BAA+B,EAAGyI,EAAQiO,GAAG,CAAE,CAAC,EAG9E,GAAK,CAACjO,EAAQkO,GAAG,CACf,MAAM,IAAI3W,EAAiB,mCAK7B,GAAK4W,MAAMC,OAAO,CAAEpO,EAAQkO,GAAG,EAC7BlO,AAAwE,IAAxEA,EAAQkO,GAAG,CAAChN,OAAO,CAAE6M,EAAYpG,EAAY+C,GAAY/C,GACzD3H,EAAQkO,GAAG,GAAOH,CAAAA,EAAYpG,EAAY+C,GAAY/C,CAAAA,EAEtD,MAAM,IAAIpQ,EAAiB,CAAC,iCAAiC,EAAGyI,EAAQkO,GAAG,CAAE,CAAC,EAGhF,GAAKlO,EAAQqO,GAAG,EAAIrO,EAAQqO,GAAG,GAAK1G,EAClC,MAAM,IAAIpQ,EAAiB,CAAC,yCAAyC,EAAGyI,EAAQqO,GAAG,CAAE,CAAC,EAGxF,IAAMC,EAAWxP,KAAKE,IAAI,CAAE7D,EAAM6S,GAC5BO,EAAWzP,KAAK0P,KAAK,CAAErT,EAAM6S,GAEnC,GAAK,CAAChO,EAAQyO,GAAG,CACf,MAAM,IAAIlX,EAAiB,oCAG7B,GAAK+W,EAAWI,OAAQ1O,EAAQyO,GAAG,EACjC,MAAM,IAAIlX,EAAiB,CAAC,kCAAkC,EAAGyI,EAAQyO,GAAG,CAAE,CAAC,EAGjF,GAAKzO,EAAQ2O,GAAG,EAAIL,EAAWI,OAAQ1O,EAAQ2O,GAAG,EAChD,MAAM,IAAIpX,EAAiB,CAAC,wCAAwC,EAAGyI,EAAQ2O,GAAG,CAAE,CAAC,EAGvF,GAAK,CAAC3O,EAAQ4O,GAAG,CACf,MAAM,IAAIrX,EAAiB,0CAE7B,GAAKmX,OAAQ1O,EAAQ4O,GAAG,EAAKL,EAC3B,MAAM,IAAIhX,EAAiB,CAAC,sCAAsC,EAAGyI,EAAQ4O,GAAG,CAAE,CAAC,CAIvF,EAtEiBhF,EAAUxM,EAAS,CAAA,GAG3B,CAACyC,EAAIG,OAAO,CAAC,GAAM,CACtB,MAAM,AAAIlJ,MAAO,wCAGnB,OAAO+I,EAAIG,OAAO,AACpB,CAAE,MAAQ1G,EAAG,CACX,MAAM,IAAI7B,EAAqB6B,EAAE2K,OAAO,CAC1C,CACF,EHqjB6CwB,EAAYmE,QAAQ,CAAErE,EAAW6F,KAAK,CAAG1D,GAC3EA,EAAamH,gBAAgB,EAAI,CAAC,MAAMnH,EAAamH,gBAAgB,CAAEpJ,EAAYmE,QAAQ,EAC9F,OAAO5R,QAAQyF,MAAM,CAAE,IAAIhG,EAAqB,+BAElDmM,OAAOC,IAAI,CAAE+J,GAAgBnU,OAAO,CAAE1B,AAAAA,IAC9BkI,EAAc6O,QAAQ,CAAE/W,IAC5BoS,CAAAA,CAAI,CAACpS,EAAI,CAAG6V,CAAa,CAAC7V,EAAI,AAAA,CAElC,EACF,CAEA,GAAK0N,EAAYgE,YAAY,CAAG,CACO,IAAAa,EAArC,GAAK5C,EAAaqH,eAAe,EAAI,CAAA,AAAsB,OAAtBzE,CAAAA,EAAA,IAAI,CAAClN,OAAO,CAACuG,SAAS,AAAA,GAAtB2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwB0E,iBAAiB,AAAA,EAAG,CAC/E,IAAMC,EAAiB,MAAM,IAAI,CAACC,aAAa,CAAEzJ,EAAYgE,YAAY,CACnEwF,CAAAA,EAAejY,KAAK,EACxBmT,CAAAA,EAAO,CAAE,GAAGA,CAAI,CAAE,GAAG8E,CAAc,AAAC,CAAA,CAExC,CACF,CAEA,MAAO,CACL1J,WAAAA,EACA4E,KAAAA,EACA,GAAG1E,CAAW,CACdmE,SAAcgE,EACdvG,aAAc5B,EAAYmE,QAAQ,CAClC5I,MAAcyE,EAAYzE,KAAK,EAAIuE,EAAWvE,KAAK,AACrD,CACF,CAQA,MAAcwE,UAAWpO,CAAa,CAAE,CACtC,IAAMuP,EAAiB,MAAM,IAAI,CAACnD,UAAU,CAAC1L,GAAG,CAAEV,UAClD,AAAMuP,GAGJ,MAAM,IAAI,CAACnD,UAAU,CAAC7K,GAAG,CAAEvB,GAEtBuP,GAJE3O,QAAQyF,MAAM,CAAE,IAAInG,EAAe,wBAAyBF,GAKvE,CAQA,MAAc8X,cAAeC,CAAmB,CAAE,CAChD,OAAO,IAAI,CAACrH,IAAI,CAAE,CAChBvK,OAAa,MACbI,IAAa,CAAC,EAAG,IAAI,CAACP,OAAO,CAACuG,SAAS,CAAEqL,iBAAiB,CAAE,CAAC,CAC7DxR,YAAa,OACbF,QAAa,CACX,cAAiB,CAAC,OAAO,EAAG6R,EAAa,CAAC,AAC5C,CACF,EACF,CASAC,eAAwB,CAAEC,IAAAA,CAAG,CAAExJ,cAAAA,CAAa,CAAyB,CAAE,CACrE,GAAM,CAAE8B,UAAAA,CAAS,CAAEhE,UAAAA,CAAS,CAAE,CAAG,IAAI,CAACvG,OAAO,CAE7C,GAAK,QAACuG,EAAAA,KAAAA,EAAAA,AAAAA,EAAW2L,oBAAoB,AAAA,EAAE,CACrCC,QAAQC,IAAI,CAAE,8FACd,MACF,CACA,GAAK,CAAC,IAAI,CAACC,mBAAmB,CAAE,CAC9B,IAAMC,EAAuB,MAAQC,IACnC,GAAKA,EACH,IAAI,CAAClV,IAAI,CAAElE,EAAOC,WAAW,MACxB,CACL,IAAI,CAACiE,IAAI,CAAElE,EAAOK,cAAc,EAChC,GAAI,CACF,MAAM,IAAI,CAACoN,WAAW,CAAE,GAAI,CAAC,GAC7B,IAAMmD,EAAa,MAAM,IAAI,CAACzD,SAAS,CAAC5L,GAAG,CAAE,QAC7C,GAAKqP,EAAY,CACVA,IAAAA,EAAAA,CAAAA,AAAAA,OAAAA,CAAAA,EAAAA,EAAWgD,IAAI,AAAJA,GAAXhD,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAiBkI,GAAG,AAAHA,IAAQA,GAAOlI,EAAWtB,aAAa,EAC3D,IAAI,CAAC4J,mBAAmB,CAAE1U,KAAK,CAAEoM,EAAWtB,aAAa,OAG3D,IAAI,CAACpL,IAAI,CAAElE,EAAOC,WAAW,CAAE,KAEnC,CAAE,MAAQ8C,EAAI,CACZ,IAAI,CAACmB,IAAI,CAAElE,EAAOC,WAAW,EAC7B,MACF,CACF,CACF,CAEA,CAAA,IAAI,CAACiZ,mBAAmB,CAAGG,AQvvB1B,SAAoCxS,CAA8B,MAEnEyS,EAMAC,EAPJ,GAAM,CAAEnS,IAAAA,CAAG,CAAE1C,SAAAA,CAAQ,CAAE0M,UAAAA,CAAS,CAAEoI,cAAAA,CAAa,CAAE,CAAG3S,EAE9C4S,EAAMrS,EAAIuD,OAAO,CAAE,IAAKvD,EAAIuD,OAAO,CAAE,MAAS,GAC9C+O,EAActS,EAAIuS,MAAM,CAAE,EAAGF,GAE7BG,EAAQtU,IAIRuU,EAAO,IACJ,IAAIpY,QAASC,AAAAA,IAClBE,OAAO4D,QAAQ,CAACsB,IAAI,CAAC+L,WAAW,CAAE+G,GAClChY,OAAO2K,gBAAgB,CAAE,UAAW+F,EAAoB,CAAA,GACxDsH,EAAM7G,MAAM,CAAG,KACbrR,EAAS,KACX,CACF,GAiBIqD,EAAO,KACXuU,EAAuB,KAClBC,IACH3X,OAAOsD,aAAa,CAAEqU,GACtBA,EAAQ,KAEZ,EAEMjH,EAAqB,AAAEvP,IACtBA,EAAEmP,MAAM,GAAKwH,GAAe3W,EAAEyP,MAAM,GAAKoH,EAAME,aAAa,GAC1D/W,AAAW,UAAXA,EAAEoJ,IAAI,EACTpH,IACAL,EAAU3B,EAAEoJ,IAAI,GACK,YAAXpJ,EAAEoJ,IAAI,GAChBpH,IACAL,KAGN,EAIA,OAFAkV,EAAM9G,YAAY,CAAE,MAAO1L,GAEpB,CACLrC,KAAAA,EACAP,MAtCY,AAAEuV,IACdF,IAAOxS,IAAI,CAAE,KACX,GAAK0S,GAAgBT,IAAyBS,EAAe,CAC3DhV,IACAuU,EAAuBS,EACvB,IAAMC,EAAO,KACXJ,EAAME,aAAa,CAAExJ,WAAW,CAAE,CAAC,EAAGc,EAAW,CAAC,EAAGkI,EAAsB,CAAC,CAAEI,EAChF,EACAM,IACAT,EAAQ3X,OAAOqD,WAAW,CAAE+U,EAAMR,GA/BX,IAgCzB,CACF,EACF,CA2BA,CACF,ER2rB4D,CACpDpS,IAAegG,EAAU2L,oBAAoB,CAC7C3H,UAAeA,EACf1M,SAAeyU,EACfK,cAAe,IAAI,CAAC3S,OAAO,CAACoT,oBAAoB,AAClD,EACF,CAEA,IAAI,CAACf,mBAAmB,CAAC1U,KAAK,CAAE8K,EAClC,CAEA,MAAc4K,YAAaC,CAAY,CAAE,KAYjCvY,EAXN,GAAM,CAAE2R,WAAAA,CAAU,CAAEK,KAAAA,CAAI,CAAEnJ,MAAAA,CAAK,CAAEyI,aAAAA,CAAY,CAAEG,SAAAA,CAAQ,CAAExB,cAAAA,CAAa,CAAEvC,cAAAA,CAAa,CAAEwB,aAAAA,CAAY,CAAE,CAAGqJ,EAWxG,GAVA,MAAM,IAAI,CAAChN,SAAS,CAAClL,GAAG,CAAE,OAAQkY,GAElC,IAAI,CAACvG,IAAI,CAAGA,EACZ,IAAI,CAAClJ,MAAM,CAAGD,MAAAA,EAAAA,KAAAA,EAAAA,AAAAA,EAAOxB,KAAK,CAAE,KAC5B,IAAI,CAAC2P,WAAW,CAAG1F,EACnB,IAAI,CAACkH,OAAO,CAAG/G,EACf,IAAI,CAACgH,UAAU,CAAGvJ,EAClB,IAAI,CAACwJ,YAAY,CAAGzI,EAEpB,IAAI,CAAC3N,IAAI,CAAElE,EAAOE,UAAU,CAAEia,GACzB,EAACvY,OAAAA,CAAAA,EAAAA,MAAAA,GAAAA,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAQ4L,YAAY,AAAA,IACnB,IAAI,CAAC3G,OAAO,CAAC0T,YAAY,EAC5B,IAAI,CAAC1B,cAAc,CAAE,CAAEC,IAAKlF,EAAKkF,GAAG,EAAIlF,EAAK4G,EAAE,CAAElL,cAAAA,CAAc,GAG5DiE,AAAerJ,KAAAA,IAAfqJ,GAA4B,IAAI,CAAC1M,OAAO,CAAC4T,eAAe,EAAE,CAC7D,IAAM9V,EAAawT,OAAQ5E,GAAe,IAAI,CAAC1M,OAAO,CAAC6T,oCAAoC,CACtF/V,GAAc,GACjB,IAAI,CAACgW,uBAAuB,CAAEnW,KAAK,CAAEG,EAAY,UAC/C,IAAI,CAAC4K,YAAY,CAAC9D,QAAQ,CAAE,eAAgB,UAC1C,GAAI,CACF,MAAM,IAAI,CAACgC,WAAW,GACtB,IAAI,CAACvJ,IAAI,CAAElE,EAAOG,oBAAoB,CAAE,KAC1C,CAAE,MAAQ4C,EAAI,CACZ,IAAI,CAACmB,IAAI,CAAElE,EAAOI,kBAAkB,CAAE2C,EACxC,CACF,EACF,EAEJ,CAEJ,CAttBAvC,YAAaqG,CAA+B,CAAG,CAE7C,GADA,KAAK,GAjCPA,EAAAA,IAAAA,CAAAA,UAAAA,KAAAA,GAEA+M,EAAAA,IAAAA,CAAAA,OAAAA,KAAAA,GAEAlJ,EAAAA,IAAAA,CAAAA,SAAAA,KAAAA,GAEAkO,EAAAA,IAAAA,CAAAA,cAAAA,KAAAA,GAEA0B,EAAAA,IAAAA,CAAAA,eAAAA,KAAAA,GAEAF,EAAAA,IAAAA,CAAAA,UAAAA,KAAAA,GAEAC,EAAAA,IAAAA,CAAAA,aAAAA,KAAAA,GAEAnD,EAAAA,IAAAA,CAAAA,kBAAAA,KAAAA,GAEA7R,EAAA,IAAA,CAAiBkM,OAAjB,KAAA,GAEAlM,EAAA,IAAA,CAAQkK,eAAR,KAAA,GAEAlK,EAAA,IAAA,CAAQ4H,aAAR,KAAA,GAEA5H,EAAA,IAAA,CAAQ8H,YAAR,KAAA,GAEA9H,EAAA,IAAA,CAAQ6T,sBAAR,KAAA,GAEA7T,EAAA,IAAA,CAAQsV,0BAAR,KAAA,GAEAtV,EAAA,IAAA,CAAQ0H,cAAR,KAAA,GAEA1H,EAAA,IAAA,CAAQ2H,sBAAR,KAAA,GAIO,CAAC4N,ACnFH,SAAwB3D,CAAc,EAC3C,GAAI,CACF,IAAM7P,EAAM,IAAIsI,IAAKuH,GACrB,GAAK,CAAC,CAAC,QAAS,SAAS,CAACsB,QAAQ,CAAEnR,EAAImJ,QAAQ,GAG3CnJ,AAAe,KAAfA,EAAI8I,MAAM,EAAW9I,AAAa,KAAbA,EAAI+I,IAAI,CAFhC,MAAO,CAAA,EAKT,MAAO,CAAA,CACT,CAAE,MAAQpN,EAAG,CACX,MAAO,CAAA,CACT,CACF,EDsEyB8D,EAAQoQ,MAAM,EACjC,MAAM,IAAI3W,EAAiB,gCAG7B,CAAA,IAAI,CAACiP,YAAY,CAAG,IAAI/D,EAAUqP,KAAMhU,EAAQoQ,MAAM,GAEtD,IAAI,CAACpQ,OAAO,CAAG8C,EAAc,CAC3B+Q,qCAAsC,GACtCD,gBAAsC,CAAA,EACtCF,aAAsC,CAAA,EACtCrG,YAAsC,GACtCY,YAAsC,EACxC,EAAGjO,EAAS,CAEVoQ,OAAQpQ,EAAQoQ,MAAM,CAACG,QAAQ,CAAE,KAAQvQ,EAAQoQ,MAAM,CAAC5S,KAAK,CAAE,EAAG,IAAOwC,EAAQoQ,MAAM,AACzF,GAEA,IAAI,CAAC1F,IAAI,CAAG,IAAI,CAAC1K,OAAO,CAACiU,UAAU,EAAIlU,EACvC,IAAI,CAACqG,UAAU,CAAG,IAAI,CAACpG,OAAO,CAACoG,UAAU,EAAI,IAAI3L,EAAqC,kBACtF,IAAI,CAAC6L,SAAS,CAAG,IAAI,CAACtG,OAAO,CAACsG,SAAS,EAAI,IAAInK,EAG1C,IAAI,CAAC6D,OAAO,CAAC4T,eAAe,EAC/B,CAAA,IAAI,CAACE,uBAAuB,CAAG,IAAIpW,GAGrC,IAAI,CAACZ,EAAE,CAAE3D,EAAOC,WAAW,CAAE,UAC3B,IAAI,CAAC2T,IAAI,CAAG1J,KAAAA,EACZ,IAAI,CAACQ,MAAM,CAAGR,KAAAA,EACd,IAAI,CAAC0O,WAAW,CAAG1O,KAAAA,EACnB,IAAI,CAACkQ,OAAO,CAAGlQ,KAAAA,EACf,IAAI,CAACoQ,YAAY,CAAGpQ,KAAAA,EACpB,MAAM,IAAI,CAACiD,SAAS,CAAC7K,KAAK,EAC5B,GAEA,IAAI,CAACiN,YAAY,CAACjD,kBAAkB,CAAEtM,EAAOE,UAAU,CAAE,IAAI,CAACga,WAAW,CAACa,IAAI,CAAE,IAAI,EACtF,CAirBF,0PS7xBe,SAA2BlU,CAA+B,EACvE,OAAO,IAAI+F,EAAY/F,GAAUgG,UAAU,EAC7C","x_google_ignoreList":[8]} \ No newline at end of file +{"version":3,"file":"oidc-client.min.js","sources":["../src/constants/events.ts","../src/errors.ts","../src/helpers/state_manager/state_store.ts","../src/helpers/state_manager/local_storage.ts","../src/helpers/state_manager/in_memory.ts","../src/helpers/event_emitter.ts","../src/helpers/timer.ts","../src/utils/iframe.ts","../node_modules/.pnpm/base64-js@1.5.1/node_modules/base64-js/index.js","../src/client.ts","../src/utils/url.ts","../src/utils/request.ts","../src/utils/jose.ts","../src/utils/object.ts","../src/utils/oidc.ts","../src/utils/popup.ts","../src/utils/tab_utils.ts","../src/utils/check_session_iframe.ts","../src/index.ts"],"sourcesContent":["/* eslint-disable @typescript-eslint/indent */\nexport const Events = {\n USER_LOGOUT: 'user_logout',\n USER_LOGIN: 'user_login',\n SILENT_RENEW_SUCCESS: 'silent_renew_success',\n SILENT_RENEW_ERROR: 'silent_renew_error',\n SESSION_CHANGE: 'session_change'\n} as const\n\nexport type EventTypes = 'user_logout' | 'user_login' | 'silent_renew_success' |\n 'silent_renew_error' | 'session_change' | 'session_error'\n","export class OIDCClientError extends Error {\n error: string;\n\n error_description?: string;\n\n public constructor( error: string, error_description?: string ) {\n super( `${ error }${ error_description && ` - ${ error_description }` || '' }` );\n this.name = 'OIDCClientError'\n this.error = error\n this.error_description = error_description\n }\n}\n\nexport class AuthenticationError extends OIDCClientError {\n state?: string;\n\n error_uri?: string;\n\n constructor( error: string, error_description?: string, state?: string, error_uri?: string ) {\n super( error, error_description );\n this.name = 'AuthenticationError'\n this.state = state;\n this.error_uri = error_uri;\n }\n}\n\nexport class StateNotFound extends AuthenticationError {\n state?: string;\n\n constructor( error: string, state?: string ) {\n super( error );\n this.name = 'StateNotFound'\n this.state = state;\n }\n}\n\nexport class InvalidJWTError extends OIDCClientError {\n constructor( details: string ) {\n super( details );\n this.name = 'InvalidJWTError'\n this.error_description = details\n }\n}\n\nexport class InvalidIdTokenError extends InvalidJWTError {\n constructor( details: string ) {\n super( details );\n this.name = 'InvalidIdTokenError'\n }\n}\n\nexport class InteractionCancelled extends OIDCClientError {\n constructor( details: string ) {\n super( details );\n this.name = 'InteractionCancelled'\n }\n}\n","export interface StateStore> {\n init?(): Promise>\n}\n// eslint-disable-next-line @typescript-eslint/no-unsafe-declaration-merging\nexport abstract class StateStore> {\n prefix: string;\n\n constructor( prefix = '' ) {\n this.prefix = prefix\n }\n\n public abstract get( key: string ): Promise;\n\n public abstract set( key: string, value: T ): Promise;\n\n public abstract del( key: string ): Promise;\n\n public abstract clear( maxAge?: number ): Promise;\n}\n","import { StateStore } from './state_store';\n\nexport class LocalStorageStateStore extends StateStore {\n constructor( prefix = 'pa_oidc.' ) {\n super( prefix )\n }\n\n get( key: string ) {\n return new Promise( ( resolve ) => {\n const value = window.localStorage.getItem( this.prefix + key );\n if ( value ) {\n resolve( JSON.parse( value ) );\n } else {\n resolve( null );\n }\n } );\n }\n\n set( key: string, value: T ) {\n return new Promise( ( resolve ) => {\n window.localStorage.setItem( this.prefix + key, JSON.stringify( value ) );\n resolve();\n } );\n }\n\n del( key: string ) {\n return new Promise( ( resolve ) => {\n window.localStorage.removeItem( this.prefix + key );\n resolve();\n } );\n }\n\n clear( before?: number ): Promise {\n return new Promise( ( resolve ) => {\n let i;\n const storedKeys: string[] = [];\n for ( i = 0; i < window.localStorage.length; i++ ) {\n const key = window.localStorage.key( i )\n // items only created by oidc client\n if ( key?.substring( 0, this.prefix.length ) == this.prefix ) {\n storedKeys.push( key );\n }\n }\n for ( i = 0; i < storedKeys.length; i++ ) {\n if ( before ) {\n try {\n const storedItem = JSON.parse( window.localStorage.getItem( storedKeys[i] )! )\n if ( storedItem.created_at < before ) {\n window.localStorage.removeItem( storedKeys[i] )\n }\n } catch ( e ) {\n }\n } else {\n window.localStorage.removeItem( storedKeys[i] )\n }\n }\n resolve();\n } );\n }\n}\n","import { StateStore } from './state_store';\n\nexport class InMemoryStateStore extends StateStore {\n map = new Map()\n\n clear( before?: number ) {\n if ( before ){\n this.map.forEach( ( val, ind ) => {\n if ( val.created_at < before ){\n this.map.delete( ind )\n }\n } )\n return Promise.resolve()\n } else {\n return Promise.resolve( this.map.clear() );\n }\n }\n\n del( key: string ) {\n this.map.delete( key )\n return Promise.resolve( );\n }\n\n get( key: string ) {\n return Promise.resolve( this.map.get( key ) || null );\n }\n\n set( key: string, value: any ) {\n this.map.set( key, value )\n return Promise.resolve();\n }\n}\n","export type Listener = ( ...args: any ) => void\n\nexport class EventEmitter{\n callbacks: Record;\n\n constructor(){\n this.callbacks = {}\n }\n\n once( event: T, fn: ( ...args: any[] ) => void ){\n function on( this: EventEmitter, ...onArgs: any[] ) {\n this.off( event, on );\n fn.apply( this, onArgs );\n }\n on.fn = fn\n this.on( event, on );\n return this;\n }\n\n on( event: T, cb: ( ...args: any[] ) => void ){\n if ( !this.callbacks[`$${ event }`] ) this.callbacks[`$${ event }`] = [];\n this.callbacks[`$${ event }`].push( cb )\n return this\n }\n\n off( event?: T, fn?: ( ...args: any[] ) => void ){\n if ( !event ) {\n this.callbacks = {};\n return this;\n }\n\n // specific event\n const callbacks = this.callbacks[`$${ event }`];\n if ( !callbacks ) return this;\n\n // remove all handlers\n if ( !fn ) {\n delete this.callbacks[`$${ event }`];\n return this;\n }\n\n for ( let i = 0; i < callbacks.length; i++ ) {\n const cb = callbacks[i];\n if ( cb === fn || cb.fn === fn ) {\n callbacks.splice( i, 1 );\n break;\n }\n }\n\n // Remove event specific arrays for event types that no\n // one is subscribed for to avoid memory leak.\n if ( callbacks.length === 0 ) {\n delete this.callbacks[`$${ event }`];\n }\n\n return this;\n }\n\n emit( event: T, ...args: any[] ){\n let cbs = this.callbacks[`$${ event }`]\n if ( cbs ) {\n cbs = cbs.slice( 0 );\n for ( let i = 0, len = cbs.length; i < len; ++i ) {\n cbs[i].apply( this, args );\n }\n }\n return this\n }\n}\n","export class Timer {\n private now: () => number;\n\n private _timerHandle: any;\n\n private _expiration!: number;\n\n constructor( currentTimeInMillisFunc = () => Date.now() ) {\n this.now = currentTimeInMillisFunc\n }\n\n start( duration: number, callback: () => void ){\n if ( duration <= 0 ) {\n duration = 1;\n }\n const expiration = this.now() / 1000 + duration;\n if ( this._expiration === expiration && this._timerHandle ) {\n return;\n }\n\n this.stop();\n\n this._expiration = expiration;\n\n // prevent device sleep and delayed timers\n let timerDuration = 5;\n if ( duration < timerDuration ) {\n timerDuration = duration;\n }\n this._timerHandle = setInterval( ()=>{\n if ( this._expiration <= this.now() / 1000 ) {\n this.stop();\n callback()\n }\n }, timerDuration * 1000 );\n }\n\n stop() {\n if ( this._timerHandle ) {\n clearInterval( this._timerHandle );\n this._timerHandle = null;\n }\n }\n}\n","import { AuthenticationError, OIDCClientError } from '../errors';\nimport type { IFrameOptions } from '../interfaces';\n\nexport function createHiddenFrame() {\n const iframe = window.document.createElement( 'iframe' );\n iframe.style.width = '0';\n iframe.style.height = '0';\n iframe.style.position = 'absolute';\n iframe.style.visibility = 'hidden';\n iframe.style.display = 'none';\n\n iframe.title = '__pa_helper__hidden'\n iframe.ariaHidden = 'true'\n\n return iframe\n}\n\nexport function runIframe(\n url: string,\n options: IFrameOptions\n) {\n return new Promise( ( resolve, reject ) => {\n let onLoadTimeoutId: any = null;\n const iframe = createHiddenFrame()\n\n const timeoutSetTimeoutId = setTimeout( () => {\n reject( new OIDCClientError( 'Timed out' ) );\n removeIframe();\n }, ( options.timeout || 10 ) * 1000 );\n\n const iframeEventHandler = ( e: MessageEvent ) => {\n if ( e.origin != options.eventOrigin ) return;\n if ( !e.data || e.data.type !== 'authorization_response' ) return;\n const eventSource = e.source;\n if ( eventSource ) {\n ( eventSource ).close();\n }\n\n const resp = e.data.response || e.data\n resp.error\n ? reject( new AuthenticationError( resp.error, resp.error_description, resp.state, resp.error_uri ) )\n : resolve( e.data );\n clearTimeout( timeoutSetTimeoutId );\n removeIframe();\n };\n\n const removeIframe = () => {\n if ( onLoadTimeoutId != null ){\n clearTimeout( onLoadTimeoutId )\n }\n if ( window.document.body.contains( iframe ) ) {\n window.document.body.removeChild( iframe );\n }\n window.removeEventListener( 'message', iframeEventHandler, false );\n };\n\n const onLoadTimeout = () => setTimeout( ()=>{\n reject( new OIDCClientError( 'Could not complete silent authentication', url ) )\n removeIframe();\n }, 300 )\n\n\n\n window.addEventListener( 'message', iframeEventHandler, false );\n window.document.body.appendChild( iframe );\n iframe.setAttribute( 'src', url );\n\n /**\n * In case of wrong client id, wrong redirect_uri, in short when redirect did not happen\n * we assume flow failed.\n */\n iframe.onload = function () {\n onLoadTimeoutId = onLoadTimeout()\n }\n } );\n}\n","'use strict'\n\nexports.byteLength = byteLength\nexports.toByteArray = toByteArray\nexports.fromByteArray = fromByteArray\n\nvar lookup = []\nvar revLookup = []\nvar Arr = typeof Uint8Array !== 'undefined' ? Uint8Array : Array\n\nvar code = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'\nfor (var i = 0, len = code.length; i < len; ++i) {\n lookup[i] = code[i]\n revLookup[code.charCodeAt(i)] = i\n}\n\n// Support decoding URL-safe base64 strings, as Node.js does.\n// See: https://en.wikipedia.org/wiki/Base64#URL_applications\nrevLookup['-'.charCodeAt(0)] = 62\nrevLookup['_'.charCodeAt(0)] = 63\n\nfunction getLens (b64) {\n var len = b64.length\n\n if (len % 4 > 0) {\n throw new Error('Invalid string. Length must be a multiple of 4')\n }\n\n // Trim off extra bytes after placeholder bytes are found\n // See: https://github.com/beatgammit/base64-js/issues/42\n var validLen = b64.indexOf('=')\n if (validLen === -1) validLen = len\n\n var placeHoldersLen = validLen === len\n ? 0\n : 4 - (validLen % 4)\n\n return [validLen, placeHoldersLen]\n}\n\n// base64 is 4/3 + up to two characters of the original data\nfunction byteLength (b64) {\n var lens = getLens(b64)\n var validLen = lens[0]\n var placeHoldersLen = lens[1]\n return ((validLen + placeHoldersLen) * 3 / 4) - placeHoldersLen\n}\n\nfunction _byteLength (b64, validLen, placeHoldersLen) {\n return ((validLen + placeHoldersLen) * 3 / 4) - placeHoldersLen\n}\n\nfunction toByteArray (b64) {\n var tmp\n var lens = getLens(b64)\n var validLen = lens[0]\n var placeHoldersLen = lens[1]\n\n var arr = new Arr(_byteLength(b64, validLen, placeHoldersLen))\n\n var curByte = 0\n\n // if there are placeholders, only get up to the last complete 4 chars\n var len = placeHoldersLen > 0\n ? validLen - 4\n : validLen\n\n var i\n for (i = 0; i < len; i += 4) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 18) |\n (revLookup[b64.charCodeAt(i + 1)] << 12) |\n (revLookup[b64.charCodeAt(i + 2)] << 6) |\n revLookup[b64.charCodeAt(i + 3)]\n arr[curByte++] = (tmp >> 16) & 0xFF\n arr[curByte++] = (tmp >> 8) & 0xFF\n arr[curByte++] = tmp & 0xFF\n }\n\n if (placeHoldersLen === 2) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 2) |\n (revLookup[b64.charCodeAt(i + 1)] >> 4)\n arr[curByte++] = tmp & 0xFF\n }\n\n if (placeHoldersLen === 1) {\n tmp =\n (revLookup[b64.charCodeAt(i)] << 10) |\n (revLookup[b64.charCodeAt(i + 1)] << 4) |\n (revLookup[b64.charCodeAt(i + 2)] >> 2)\n arr[curByte++] = (tmp >> 8) & 0xFF\n arr[curByte++] = tmp & 0xFF\n }\n\n return arr\n}\n\nfunction tripletToBase64 (num) {\n return lookup[num >> 18 & 0x3F] +\n lookup[num >> 12 & 0x3F] +\n lookup[num >> 6 & 0x3F] +\n lookup[num & 0x3F]\n}\n\nfunction encodeChunk (uint8, start, end) {\n var tmp\n var output = []\n for (var i = start; i < end; i += 3) {\n tmp =\n ((uint8[i] << 16) & 0xFF0000) +\n ((uint8[i + 1] << 8) & 0xFF00) +\n (uint8[i + 2] & 0xFF)\n output.push(tripletToBase64(tmp))\n }\n return output.join('')\n}\n\nfunction fromByteArray (uint8) {\n var tmp\n var len = uint8.length\n var extraBytes = len % 3 // if we have 1 byte left, pad 2 bytes\n var parts = []\n var maxChunkLength = 16383 // must be multiple of 3\n\n // go through the array every three bytes, we'll deal with trailing stuff later\n for (var i = 0, len2 = len - extraBytes; i < len2; i += maxChunkLength) {\n parts.push(encodeChunk(uint8, i, (i + maxChunkLength) > len2 ? len2 : (i + maxChunkLength)))\n }\n\n // pad the end with zeros, but make sure to not forget the extra bytes\n if (extraBytes === 1) {\n tmp = uint8[len - 1]\n parts.push(\n lookup[tmp >> 2] +\n lookup[(tmp << 4) & 0x3F] +\n '=='\n )\n } else if (extraBytes === 2) {\n tmp = (uint8[len - 2] << 8) + uint8[len - 1]\n parts.push(\n lookup[tmp >> 10] +\n lookup[(tmp >> 4) & 0x3F] +\n lookup[(tmp << 2) & 0x3F] +\n '='\n )\n }\n\n return parts.join('')\n}\n","import type { EventTypes } from './constants';\nimport { Events } from './constants';\n\nimport {\n AuthenticationError, InvalidIdTokenError,\n OIDCClientError, StateNotFound\n} from './errors';\n\nimport type {\n StateStore } from './helpers';\nimport {\n EventEmitter,\n InMemoryStateStore,\n LocalStorageStateStore\n} from './helpers';\n\n\n\nimport { Timer } from './helpers/timer';\nimport type { AuthRecord,\n AuthRequestOptions, IEndpointConfiguration,\n IPlusAuthClientOptions,\n LogoutRequestOptions, PopupOptions, RevokeOptions, SessionChecker,\n SessionMonitorOptions, StateRecord,\n TokenRequestOption, TokenResponse, TokenType\n} from './interfaces';\n\nimport type {\n RequestOptions } from './utils';\nimport {\n request,\n runIframe,\n buildEncodedQueryString,\n parseQueryUrl,\n validateIdToken,\n createSessionCheckerFrame,\n nonUserClaims, generateRandom, deriveChallenge, isValidIssuer,\n} from './utils';\nimport { cleanUndefined, mergeObjects } from './utils/object';\n\nimport { isResponseType, isScopeIncluded } from './utils/oidc';\nimport { runPopup } from './utils/popup';\nimport { TabUtils } from './utils/tab_utils';\n\n/**\n * `OIDCClient` provides methods for interacting with OIDC/OAuth2 authorization server. Those methods are signing a\n * user in, signing out, managing the user's claims, checking session and managing tokens returned from the\n * OIDC/OAuth2 provider.\n *\n */\nexport class OIDCClient extends EventEmitter{\n options: IPlusAuthClientOptions\n\n user?: any;\n\n scopes?: string[];\n\n accessToken?: string;\n\n refreshToken?: string;\n\n idToken?: string;\n\n idTokenRaw?: string;\n\n issuer_metadata?: Record;\n\n private readonly http: ( options: RequestOptions ) => Promise | never;\n\n private synchronizer: TabUtils;\n\n private stateStore: StateStore\n\n private authStore: StateStore;\n\n private sessionCheckerFrame?: SessionChecker\n\n private _accessTokenExpireTimer?: Timer;\n\n private initialized!: boolean;\n\n private __initializePromise!: Promise | undefined;\n\n constructor( options: IPlusAuthClientOptions ) {\n super()\n if ( !isValidIssuer( options.issuer ) ){\n throw new OIDCClientError( '\"issuer\" must be a valid uri.' )\n }\n\n this.synchronizer = new TabUtils( btoa( options.issuer ), this )\n\n this.options = mergeObjects( {\n secondsToRefreshAccessTokenBeforeExp: 60,\n autoSilentRenew: true,\n checkSession: true,\n stateLength: 10,\n nonceLength: 10\n }, options, {\n // remove last slash for consistency across the lib\n issuer: options.issuer.endsWith( '/' ) ? options.issuer.slice( 0, -1 ) : options.issuer\n } )\n\n this.http = this.options.httpClient || request\n this.stateStore = this.options.stateStore || new LocalStorageStateStore( 'pa_oidc.state.' )\n this.authStore = this.options.authStore || new InMemoryStateStore()\n\n\n if ( this.options.autoSilentRenew ){\n this._accessTokenExpireTimer = new Timer()\n }\n\n this.on( Events.USER_LOGOUT, async ()=>{\n this.user = undefined\n this.scopes = undefined;\n this.accessToken = undefined\n this.idToken = undefined\n this.refreshToken = undefined\n await this.authStore.clear()\n } )\n\n this.synchronizer.OnBroadcastMessage( Events.USER_LOGIN, this.onUserLogin.bind( this ) )\n }\n\n /**\n * Initialize the library with this method. It resolves issuer configuration, jwks keys which are necessary for\n * validating tokens returned from provider and checking if a user is already authenticated in provider.\n *\n * @param checkLogin Make this `false` if you don't want to check user authorization status in provider while\n * initializing. Defaults to `true`\n */\n async initialize( checkLogin = true ): Promise | never {\n if ( this.initialized ){\n return this\n }\n\n if ( this.__initializePromise ){\n return this.__initializePromise\n } else {\n this.__initializePromise = new Promise( async ( resolve, reject ) => {\n try {\n if ( this.stateStore.init ){\n await this.stateStore.init()\n }\n if ( this.authStore.init ){\n await this.authStore.init()\n }\n\n if ( !this.options.endpoints || Object.keys( this.options.endpoints ).length === 0 ){\n await this.fetchFromIssuer()\n }\n this.initialized = true\n\n try {\n if ( checkLogin ){\n if ( !window?.frameElement ){\n await this.silentLogin()\n }\n }\n } catch ( e ) {\n this.emit( Events.SILENT_RENEW_ERROR, e )\n await this.authStore.clear()\n }\n resolve( this )\n } catch ( e ) {\n if ( e instanceof OIDCClientError ){\n reject( e )\n } else {\n reject( new OIDCClientError( e.message ) )\n }\n } finally {\n this.__initializePromise = undefined\n }\n } )\n }\n\n return this.__initializePromise\n }\n\n /**\n * Redirect to provider's authorization endpoint using provided parameters. You can override any parameter defined\n * in `OIDCClient`. If you don't provide `state`, `nonce` or `code_verifier` they will be generated automatically\n * in a random and secure way.\n *\n * @param options\n * @param localState\n */\n async login( options: Partial = {}, localState: Record = {} ){\n window.location.assign( await this.createAuthRequest( options, localState ) )\n }\n\n /**\n * Open a popup with the provider's authorization endpoint using provided parameters. You can override any\n * parameter defined in `OIDCClient`. If you don't provide `state`, `nonce` or `code_verifier` they will be\n * generated automatically in a random and secure way. You can also override popup options.\n *\n * NOTE: Most browsers block popups if they are not happened as a result of user actions. In order to display\n * login popup you must call this method in an event handler listening for a user action like button click.\n *\n * @param options\n * @param popupOptions\n */\n async loginWithPopup( options: Partial = {}, popupOptions: PopupOptions = {} ){\n const url = await this.createAuthRequest( {\n response_mode: 'fragment',\n ...options,\n display: 'popup',\n request_type: 'p'\n } )\n const { response, state } = await runPopup( url, popupOptions )\n const { authParams, localState } = !state || typeof state === 'string' ?\n await this.loadState( state || response.state )\n : state;\n const tokenResult = await this.handleAuthResponse( response, authParams, localState )\n const authObject = await this.handleTokenResult(\n tokenResult,\n authParams,\n mergeObjects( this.options, authParams )\n )\n authObject.session_state= response.session_state;\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return localState\n }\n\n /**\n * After a user successfully authorizes an application, the authorization server will redirect the user back to\n * the application with either an authorization code or access token in the URL. In the callback page you should\n * call this method.\n *\n * @param url Full url which contains authorization request result parameters. Defaults to `window.location.href`\n */\n async loginCallback( url: string= window?.location?.href ){\n if ( !url ){\n return Promise.reject( new OIDCClientError( 'Url must be passed to handle login redirect' ) )\n }\n let parsedUrl: URL;\n try {\n parsedUrl = new URL( url )\n } catch ( e ){\n return Promise.reject( new OIDCClientError( `Invalid callback url passed: \"${ url }\"` ) )\n }\n\n const responseParams = parseQueryUrl( parsedUrl.search || parsedUrl.hash )\n const rawStoredState = await this.loadState( responseParams.state )\n const { authParams, localState, request_type } = rawStoredState\n url = url || window.location.href;\n switch ( request_type ) {\n case 's':\n if ( window?.frameElement ) {\n if ( url ) {\n window.parent.postMessage( {\n type: 'authorization_response',\n response: responseParams,\n state: rawStoredState\n }, `${ location.protocol }//${ location.host }` );\n }\n }\n return\n case 'p':\n if ( window.opener && url ){\n window.opener.postMessage( {\n type: 'authorization_response',\n response: responseParams,\n state: rawStoredState\n }, `${ location.protocol }//${ location.host }` );\n }\n return\n default:\n if ( responseParams.error ){\n return Promise.reject( new AuthenticationError( responseParams.error, responseParams.error_description ) )\n }\n const tokenResult = await this.handleAuthResponse( responseParams, authParams, localState )\n const authObject = await this.handleTokenResult(\n tokenResult,\n authParams,\n mergeObjects( this.options, authParams )\n )\n authObject.session_state= responseParams.session_state;\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return localState\n }\n }\n\n /**\n * Redirect to provider's `end_session_endpoint` with provided parameters. After logout provider will redirect to\n * provided `post_logout_redirect_uri` if it provided.\n * @param options\n */\n async logout( options: LogoutRequestOptions = {} ){\n if ( !options.localOnly ) {\n const storedAuth = await this.authStore.get( 'auth' )\n const id_token_hint = options.id_token_hint || storedAuth?.id_token_raw\n window.location.assign( await this.createLogoutRequest( {\n ...options,\n id_token_hint\n } ) )\n }\n await this.authStore.clear()\n }\n\n /**\n * OAuth2 token revocation implementation method. See more at [tools.ietf.org/html/rfc7009](https://tools.ietf.org/html/rfc7009)\n * @param token Token to be revoked\n * @param type Passed token's type. It will be used to provide `token_type_hint` parameter.\n * @param options If necessary override options passed to `OIDCClient` by defining them here.\n */\n async revokeToken( token: string, type: TokenType = 'access_token', options: RevokeOptions = {} ){\n if ( !this.options.endpoints!.revocation_endpoint ){\n return Promise.reject( new OIDCClientError( '\"revocation_endpoint\" doesn\\'t exist' ) )\n }\n const finalOptions = {\n client_id: options.client_id || this.options.client_id,\n client_secret: options.client_secret || this.options.client_secret,\n token_type_hint: type,\n token: token\n }\n\n return this.http( {\n method: 'POST',\n requestType: 'form',\n url: this.options.endpoints!.revocation_endpoint,\n body: finalOptions\n } )\n }\n\n /**\n * Login without having an interaction. If refresh tokens are used and there is a stored refresh token it will\n * exchange refresh token to receive new access token. If not it silently makes a request the provider's\n * authorization endpoint using provided parameters. You can override any parameter defined in `OIDCClient`. If\n * you don't provide `state`, `nonce` or `code_verifier` they will be generated automatically in a random and\n * secure way.\n *\n * @param options\n * @param localState\n */\n async silentLogin( options: AuthRequestOptions = {}, localState: Record = {} ){\n await this.initialize( false )\n let tokenResult: any;\n let finalState: any = {}\n\n const storedAuth = await this.authStore.get( 'auth' ) || {}\n\n const finalOptions = mergeObjects( {\n response_mode: 'query',\n display: 'page',\n prompt: 'none'\n }, this.options, options )\n\n if ( finalOptions.silent_redirect_uri ){\n finalOptions.redirect_uri = finalOptions.silent_redirect_uri\n }\n\n if ( this.options.useRefreshToken && storedAuth?.refresh_token ){\n finalState.authParams = mergeObjects( storedAuth?.authParams || {}, finalState.authParams || {} )\n tokenResult = await this.exchangeRefreshToken( {\n ...finalOptions,\n refresh_token: storedAuth.refresh_token,\n } )\n } else {\n const authUrl = await this.createAuthRequest( {\n ...finalOptions,\n request_type: 's'\n }, localState )\n\n const { response, state } = await runIframe( authUrl, {\n timeout: finalOptions.silentRequestTimeout,\n eventOrigin: window.location.origin\n } )\n tokenResult = await this.handleAuthResponse( response, finalOptions, localState )\n storedAuth.session_state = response.session_state;\n finalState = state\n }\n\n const authObject = await this.handleTokenResult( tokenResult, finalState.authParams, finalOptions )\n authObject.session_state = storedAuth.session_state\n this.synchronizer.BroadcastMessageToAllTabs( Events.USER_LOGIN, authObject )\n return finalState.localState\n }\n\n /**\n * Retrieve logged in user's access token if it exists.\n */\n async getAccessToken(){\n return ( await this.authStore.get( 'auth' ) )?.access_token\n }\n\n\n /**\n * Retrieve logged in user's refresh token if it exists.\n */\n async getRefreshToken(){\n return ( await this.authStore.get( 'auth' ) )?.refresh_token\n }\n\n /**\n * Retrieve logged in user's parsed id token if it exists.\n */\n async getIdToken(){\n return ( await this.authStore.get( 'auth' ) )?.id_token\n }\n\n /**\n * Retrieve access token's expiration.\n */\n async getExpiresIn(){\n return ( await this.authStore.get( 'auth' ) )?.expires_in\n }\n\n /**\n * Retrieve logged in user's id token in raw format if it exists.\n */\n async getIdTokenRaw(){\n return ( await this.authStore.get( 'auth' ) )?.id_token_raw\n }\n\n\n /**\n * Retrieve logged in user's scopes if it exists.\n */\n async getScopes(){\n return ( await this.authStore.get( 'auth' ) )?.scope?.split( ' ' )\n }\n\n\n /**\n * Retrieve logged in user's profile.\n */\n async getUser(){\n return ( await this.authStore.get( 'auth' ) )?.user\n }\n\n /**\n * If there is a user stored locally return true. Otherwise it will make a silentLogin to check if End-User is\n * logged in provider.\n *\n * @param localOnly Don't check provider\n */\n async isLoggedIn( localOnly = false ){\n const existsOnLocal = !!await this.getUser()\n if ( !existsOnLocal && !localOnly ){\n try {\n await this.silentLogin()\n return true\n } catch ( e ){\n return false\n }\n }\n return existsOnLocal\n }\n\n /**\n * Create authorization request with provided options.\n *\n * @param options\n * @param localState\n * @private\n */\n private async createAuthRequest( options: Partial = {},\n localState: Record = {} ): Promise{\n if ( !this.options.endpoints?.authorization_endpoint ){\n await this.initialize( false )\n }\n // TODO: deep merge for extra params\n const finalOptions = Object.assign( {}, this.options, options )\n localState.code_verifier = generateRandom( 72 )\n\n const authParams = {\n client_id: finalOptions.client_id,\n state: generateRandom( finalOptions.stateLength! ),\n scope: finalOptions.scope,\n audience: finalOptions.audience,\n redirect_uri: finalOptions.redirect_uri,\n response_mode: finalOptions.response_mode,\n response_type: finalOptions.response_type || 'code',\n ui_locales: finalOptions.ui_locales,\n prompt: finalOptions.prompt,\n display: finalOptions.display,\n claims: finalOptions.claims,\n claims_locales: finalOptions.claims_locales,\n acr_values: finalOptions.acr_values,\n registration: finalOptions.registration,\n login_hint: finalOptions.login_hint,\n id_token_hint: finalOptions.id_token_hint,\n web_message_uri: finalOptions.web_message_uri,\n web_message_target: finalOptions.web_message_target,\n ...finalOptions.extraParams && finalOptions.extraParams\n } as AuthRequestOptions;\n\n if ( isResponseType( 'id_token', authParams.response_type ) ||\n isScopeIncluded( 'openid', authParams.scope ) ){\n authParams.nonce = generateRandom( finalOptions.nonceLength! )\n }\n\n if ( isResponseType( 'code', authParams.response_type ) ){\n authParams.code_challenge= await deriveChallenge( localState.code_verifier )\n authParams.code_challenge_method= finalOptions.code_challenge_method || 'S256'\n }\n\n const now = this.options.currentTimeInMillis && this.options.currentTimeInMillis() || Date.now()\n const fragment = finalOptions.fragment ? `#${ finalOptions.fragment }` : '';\n const authParamsString = buildEncodedQueryString( authParams )\n const url = `${ this.options.endpoints!.authorization_endpoint }${ authParamsString }${ fragment }`\n\n // clear 1 day old state entries\n this.stateStore.clear( now - 86400000 )\n\n\n await this.stateStore.set( authParams.state!, cleanUndefined( {\n created_at: now,\n authParams,\n localState,\n request_type: finalOptions.request_type\n } ) )\n return url\n }\n\n /**\n * Create a logout request with given options\n *\n * @param options\n * @private\n */\n private async createLogoutRequest( options: LogoutRequestOptions = {} ){\n if ( !this.options.endpoints?.end_session_endpoint ){\n await this.fetchFromIssuer();\n }\n const finalOptions = mergeObjects( this.options, options )\n const logoutParams = {\n id_token_hint: finalOptions.id_token_hint,\n post_logout_redirect_uri: finalOptions.post_logout_redirect_uri,\n ...finalOptions.extraLogoutParams || {}\n }\n return `${ this.options.endpoints!.end_session_endpoint }${ buildEncodedQueryString( logoutParams ) }`\n }\n\n /**\n * Exchange authorization code retrieved from auth request result.\n * @param options\n * @private\n */\n private async exchangeAuthorizationCode( options: TokenRequestOption ){\n if ( !this.options.endpoints?.token_endpoint ){\n await this.fetchFromIssuer();\n }\n const finalOptions = mergeObjects( this.options, options )\n const { extraTokenHeaders, extraTokenParams, ...rest } = finalOptions\n const mergedOptions = {\n ...rest,\n ...extraTokenParams || {},\n grant_type: 'authorization_code',\n }\n\n for ( const req of ['code', 'redirect_uri', 'code_verifier', 'client_id'] as const ){\n if ( !mergedOptions[req] ){\n return Promise.reject( new Error( `\"${ req }\" is required` ) );\n }\n }\n\n return this.http( {\n url: `${ this.options.endpoints!.token_endpoint }`,\n method: 'POST',\n requestType: 'form',\n body: mergedOptions as any,\n headers: extraTokenHeaders\n } )\n }\n\n /**\n * Exchange refresh token with given options\n * @param options\n * @private\n */\n private async exchangeRefreshToken( options: Partial ) {\n if ( !this.options.endpoints?.token_endpoint ){\n await this.fetchFromIssuer();\n }\n const { extraTokenHeaders, extraTokenParams, ...rest } = options\n const mergedOptions = {\n grant_type: 'refresh_token',\n client_id: this.options.client_id,\n client_secret: this.options.client_secret,\n ...rest,\n ...extraTokenParams || {}\n }\n\n for ( const req of ['refresh_token', 'client_id'] as const ){\n if ( !mergedOptions[req] ){\n return Promise.reject( new Error( `\"${ req }\" is required` ) );\n }\n }\n\n return this.http( {\n url: `${ this.options.endpoints!.token_endpoint }`,\n method: 'POST',\n requestType: 'form',\n body: mergedOptions as any,\n headers: extraTokenHeaders\n } );\n }\n\n /**\n * Fetch OIDC configuration from the issuer.\n */\n private async fetchFromIssuer(): Promise>{\n try {\n const requestUrl = `${ this.options.issuer }/.well-known/openid-configuration`\n const response = await this.http( {\n url: requestUrl,\n method: 'GET',\n requestType: 'json'\n } )\n this.issuer_metadata = response as Record\n const endpoints = {} as any\n for ( const prop of Object.keys( this.issuer_metadata ) ) {\n if ( prop.endsWith( '_endpoint' ) || prop.indexOf( '_session' ) > -1 || prop.indexOf( '_uri' ) > -1 ) {\n endpoints[prop as keyof IEndpointConfiguration] = this.issuer_metadata[prop];\n }\n }\n this.options.endpoints = endpoints\n return this.issuer_metadata;\n } catch ( e ) {\n throw new OIDCClientError( 'Loading metadata failed', e.message )\n }\n }\n\n /**\n * Handle auth request result. If there is `code` exchange it.\n * @param response\n * @param finalOptions\n * @param localState\n * @private\n */\n private async handleAuthResponse(\n response: any,\n finalOptions: AuthRequestOptions,\n localState: Record = {}\n ){\n if ( response.code ){\n return this.exchangeAuthorizationCode( {\n redirect_uri: finalOptions.redirect_uri,\n client_id: finalOptions.client_id,\n code_verifier: localState.code_verifier,\n grant_type: 'authorization_code',\n code: response.code,\n } );\n } else {\n return response\n }\n }\n\n /**\n * Handle OAuth2 auth request result\n * @param tokenResult\n * @param authParams\n * @param finalOptions\n * @private\n */\n private async handleTokenResult( tokenResult: TokenResponse, authParams: AuthRequestOptions,\n finalOptions: IPlusAuthClientOptions ){\n await this.initialize( false )\n let user: any = {}\n if ( tokenResult.error ){\n throw new AuthenticationError( tokenResult.error, tokenResult.error_description )\n }\n let parsedIDToken: any;\n if ( tokenResult.id_token ){\n parsedIDToken = await validateIdToken( tokenResult.id_token, authParams.nonce!, finalOptions )\n if ( finalOptions.idTokenValidator && !await finalOptions.idTokenValidator( tokenResult.id_token ) ){\n return Promise.reject( new InvalidIdTokenError( 'Id Token validation failed' ) )\n }\n Object.keys( parsedIDToken ).forEach( key => {\n if ( !nonUserClaims.includes( key as any ) ){\n user[key] = parsedIDToken[key]\n }\n } )\n }\n\n if ( tokenResult.access_token ) {\n if ( finalOptions.requestUserInfo && this.options.endpoints?.userinfo_endpoint ) {\n const userInfoResult = await this.fetchUserInfo( tokenResult.access_token )\n if ( !userInfoResult.error ){\n user = { ...user, ...userInfoResult }\n }\n }\n }\n\n return {\n authParams,\n user,\n ...tokenResult,\n id_token: parsedIDToken,\n id_token_raw: tokenResult.id_token,\n scope: tokenResult.scope || authParams.scope,\n }\n }\n\n /**\n * Load stored state\n *\n * @param state\n * @private\n */\n private async loadState( state: string ){\n const rawStoredState = await this.stateStore.get( state )\n if ( !rawStoredState ){\n return Promise.reject( new StateNotFound( 'Local state not found', state ) )\n } else {\n await this.stateStore.del( state )\n }\n return rawStoredState\n }\n\n /**\n * Load user info by making request to providers `userinfo_endpoint`\n *\n * @param accessToken\n * @private\n */\n private async fetchUserInfo( accessToken: string ){\n return this.http( {\n method: 'GET',\n url: `${ this.options.endpoints!.userinfo_endpoint }`,\n requestType: 'json',\n headers: {\n 'Authorization': `Bearer ${ accessToken }`\n }\n } )\n }\n\n /**\n * Start monitoring End-User's session if the OIDC provider supports session management. See more at [OIDC Session\n * Management](https://openid.net/specs/openid-connect-session-1_0.html)\n *\n * @param sub End-User's id to for monitoring session\n * @param session_state string that represents the End-User's login state at the OP\n */\n private monitorSession( { sub, session_state }: SessionMonitorOptions ){\n const { client_id, endpoints } = this.options\n\n if ( !endpoints?.check_session_iframe ){\n console.warn( '\"check_session_iframe\" endpoint missing or session management is not supported by provider' )\n return\n }\n if ( !this.sessionCheckerFrame ){\n const sessionCheckCallback = async ( err: any )=>{\n if ( err ){\n this.emit( Events.USER_LOGOUT )\n } else {\n this.emit( Events.SESSION_CHANGE )\n try {\n await this.silentLogin( {}, {} )\n const storedAuth = await this.authStore.get( 'auth' )\n if ( storedAuth ){\n if ( storedAuth.user?.sub === sub && storedAuth.session_state ){\n this.sessionCheckerFrame!.start( storedAuth.session_state )\n }\n } else {\n this.emit( Events.USER_LOGOUT, null )\n }\n } catch ( e ) {\n this.emit( Events.USER_LOGOUT )\n return\n }\n }\n }\n\n this.sessionCheckerFrame = createSessionCheckerFrame( {\n url: endpoints.check_session_iframe,\n client_id: client_id,\n callback: sessionCheckCallback,\n checkInterval: this.options.checkSessionInterval,\n } )\n }\n\n this.sessionCheckerFrame.start( session_state )\n }\n\n private async onUserLogin( authObj: any ){\n const { expires_in, user, scope, access_token, id_token, refresh_token, session_state, id_token_raw } = authObj\n await this.authStore.set( 'auth', authObj )\n\n this.user = user\n this.scopes = scope?.split( ' ' );\n this.accessToken = access_token\n this.idToken = id_token\n this.idTokenRaw = id_token_raw\n this.refreshToken = refresh_token\n\n this.emit( Events.USER_LOGIN, authObj )\n if ( !window?.frameElement ) {\n if ( this.options.checkSession ) {\n this.monitorSession( { sub: user.sub || user.id, session_state } )\n }\n\n if ( expires_in !== undefined && this.options.autoSilentRenew ){\n const expiration = Number( expires_in ) - this.options.secondsToRefreshAccessTokenBeforeExp!\n const renew = () => {\n this.synchronizer.CallOnce( 'silent-login', async () => {\n try {\n await this.silentLogin()\n this.emit( Events.SILENT_RENEW_SUCCESS, null )\n } catch ( e ) {\n this.emit( Events.SILENT_RENEW_ERROR, e )\n }\n } )\n }\n if ( expiration >= 0 ){\n this._accessTokenExpireTimer!.start( expiration, async ()=> {\n renew()\n } )\n } else {\n renew()\n }\n }\n }\n }\n}\n","import { fromByteArray } from 'base64-js';\n\nexport function isValidIssuer( issuer: string ){\n try {\n const url = new URL( issuer )\n if ( !['http:', 'https:'].includes( url.protocol ) ){\n return false\n }\n if ( url.search !== '' || url.hash !== '' ){\n return false\n }\n return true\n } catch ( e ){\n return false\n }\n}\nexport function buildEncodedQueryString( obj?: Record,\n appendable = true, ) {\n if ( !obj ) return '';\n const ret: string[] = [];\n for ( const d in obj ) {\n if ( obj.hasOwnProperty( d ) && obj[d] ) {\n ret.push( `${\n encodeURIComponent( d )\n }=${\n encodeURIComponent( typeof obj[d] === 'object' ? JSON.stringify( obj[d] ) : obj[d]! )\n }` );\n }\n }\n return `${ appendable ? '?' : '' }${ ret.join( '&' ) }`;\n}\n\nexport function parseQueryUrl( value: string ) {\n const result: Record = {};\n value = value.trim().replace( /^(\\?|#|&)/, '' );\n const params = value.split( '&' );\n for ( let i = 0; i < params.length; i += 1 ) {\n const paramAndValue = params[i];\n const parts = paramAndValue.split( '=' );\n const key = decodeURIComponent( parts.shift()! );\n const value = parts.length > 0 ? parts.join( '=' ) : '';\n result[key] = decodeURIComponent( value );\n }\n return result;\n}\n\nexport function urlSafe( buffer: Uint8Array ): string {\n const encoded = fromByteArray( new Uint8Array( buffer ) );\n return encoded.replace( /\\+/g, '-' ).replace( /\\//g, '_' ).replace( /=/g, '' );\n}\n","import { buildEncodedQueryString } from './url';\n\nexport interface RequestOptions {\n body?: Record;\n headers?: Record,\n method: 'GET' | 'POST' | 'PATCH' | 'TRACE' | 'OPTIONS' | 'HEAD',\n requestType?: 'form' | 'json',\n url: string\n}\n\nexport function request( options: RequestOptions ): Promise{\n let body: any = null\n let headers = options.headers || {}\n if ( options.method === 'POST' ){\n headers = {\n 'Content-Type': options.requestType === 'form' ? 'application/x-www-form-urlencoded;charset=UTF-8' :\n 'application/json;charset=UTF-8',\n ...headers\n }\n }\n if ( options.body ){\n body = options.requestType === 'form' ? buildEncodedQueryString( options.body, false )\n : JSON.stringify( options.body )\n }\n\n return new Promise( ( resolve, reject ) => {\n fetch( options.url, {\n method: options.method,\n body: body,\n headers\n } )\n .then( ( value: Response ) => resolve( value.json() ) )\n .catch( reject )\n } )\n}\n","import { InvalidIdTokenError, InvalidJWTError, OIDCClientError } from '../errors';\nimport type { IPlusAuthClientOptions, JWTValidationOptions, ParsedJWT } from '../interfaces';\n\nimport { urlSafe } from './url';\n\nconst CHARSET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';\n\nfunction getRandomBytes( n: number ){\n // @ts-ignore\n const crypto = self.crypto || self.msCrypto, QUOTA = 65536;\n const a = new Uint8Array( n );\n for ( let i = 0; i < n; i += QUOTA ) {\n crypto.getRandomValues( a.subarray( i, i + Math.min( n - i, QUOTA ) ) );\n }\n return a;\n}\n\nexport function generateRandom( length: number ){\n let out = '';\n const charsLen = CHARSET.length;\n const maxByte = 256 - 256 % charsLen;\n while ( length > 0 ) {\n const buf = getRandomBytes( Math.ceil( length * 256 / maxByte ) );\n for ( let i = 0; i < buf.length && length > 0; i++ ) {\n const randomByte = buf[i];\n if ( randomByte < maxByte ) {\n out += CHARSET.charAt( randomByte % charsLen );\n length--;\n }\n }\n }\n return out;\n}\n\n\nexport function deriveChallenge( code: string ): Promise{\n if ( code.length < 43 || code.length > 128 ) {\n return Promise.reject( new OIDCClientError( `Invalid code length: ${ code.length }` ) );\n }\n\n return new Promise( ( resolve, reject ) => {\n crypto.subtle.digest( 'SHA-256', new TextEncoder().encode( code ) )\n .then( buffer => {\n return resolve( urlSafe( new Uint8Array( buffer ) ) );\n }, function ( error ) {\n /* istanbul ignore next */\n return reject( error );\n } );\n } );\n}\n// https://datatracker.ietf.org/doc/html/rfc4648#section-5\nexport const urlDecodeB64 = ( input: string ) => decodeURIComponent(\n atob( input.replace( /_/g, '/' ).replace( /-/g, '+' ) )\n .split( '' )\n .map( c => {\n return `%${ `00${ c.charCodeAt( 0 ).toString( 16 ) }`.slice( -2 ) }`;\n } )\n .join( '' )\n);\n\n\n\nexport function parseJwt( jwt: string ): ParsedJWT {\n try {\n const parts = jwt.split( '.' )\n if ( parts.length !== 3 ){\n throw new Error( 'Wrong JWT format' )\n }\n return {\n header: JSON.parse( urlDecodeB64( parts[0] ) ),\n payload: JSON.parse( urlDecodeB64( parts[1] ) )\n }\n } catch ( e ){\n throw new InvalidJWTError( 'Failed to parse jwt' )\n }\n}\n\nexport function validateIdToken( id_token: string, nonce: string, options: IPlusAuthClientOptions ) {\n if ( !nonce ) {\n throw new OIDCClientError( 'No nonce on state' );\n }\n\n try {\n const jwt = parseJwt( id_token );\n\n if ( nonce !== jwt.payload.nonce ) {\n throw new Error( `Invalid nonce in id_token: ${ jwt.payload.nonce }` );\n }\n\n validateJwt( id_token, options, true )\n\n // @ts-ignore\n if ( !jwt.payload['sub'] ) {\n throw new Error( 'No Subject (sub) present in id_token' );\n }\n\n return jwt.payload;\n } catch ( e ){\n throw new InvalidIdTokenError( e.message )\n }\n}\n\nexport function validateJwt( jwt: string, options: JWTValidationOptions, isIdToken = false ) {\n // eslint-disable-next-line prefer-const\n let { clockSkew, currentTimeInMillis, issuer, audience, client_id } = options\n if ( !clockSkew ){\n clockSkew = 0\n }\n const now = ( currentTimeInMillis && currentTimeInMillis() || Date.now() ) / 1000;\n\n const payload = parseJwt( jwt ).payload;\n\n if ( !payload.iss ) {\n throw new InvalidJWTError( 'Issuer (iss) was not provided' );\n }\n if ( payload.iss !== issuer ) {\n throw new InvalidJWTError( `Invalid Issuer (iss) in token: ${ payload.iss }` );\n }\n\n if ( !payload.aud ) {\n throw new InvalidJWTError( 'Audience (aud) was not provided' );\n }\n\n // Audience must be equal to client_id in id_token\n // https://openid.net/specs/openid-connect-core-1_0.html#IDToken\n if ( Array.isArray( payload.aud ) ?\n payload.aud.indexOf( isIdToken ? client_id : audience || client_id ) == -1 :\n payload.aud !== ( isIdToken ? client_id : audience || client_id )\n ) {\n throw new InvalidJWTError( `Invalid Audience (aud) in token: ${ payload.aud }` );\n }\n\n if ( payload.azp && payload.azp !== client_id ) {\n throw new InvalidJWTError( `Invalid Authorized Party (azp) in token: ${ payload.azp }` );\n }\n\n const lowerNow = Math.ceil( now + clockSkew );\n const upperNow = Math.floor( now - clockSkew );\n\n if ( !payload.iat ) {\n throw new InvalidJWTError( 'Issued At (iat) was not provided' );\n }\n\n if ( lowerNow < Number( payload.iat ) ) {\n throw new InvalidJWTError( `Issued At (iat) is in the future: ${ payload.iat }` );\n }\n\n if ( payload.nbf && lowerNow < Number( payload.nbf ) ) {\n throw new InvalidJWTError( `Not Before time (nbf) is in the future: ${ payload.nbf }` );\n }\n\n if ( !payload.exp ) {\n throw new InvalidJWTError( 'Expiration Time (exp) was not provided' );\n }\n if ( Number( payload.exp ) < upperNow ) {\n throw new InvalidJWTError( `Expiration Time (exp) is in the past: ${ payload.exp }` );\n }\n\n return payload;\n}\n\n// Retrieved from https://www.iana.org/assignments/jwt/jwt.xhtml\nexport const nonUserClaims = [\n 'iss',\n // 'sub',\n 'aud',\n 'exp',\n 'nbf',\n 'iat',\n 'jti',\n 'azp',\n 'nonce',\n 'auth_time',\n 'at_hash',\n 'c_hash',\n 'acr',\n 'amr',\n 'sub_jwk',\n 'cnf',\n 'sip_from_tag',\n 'sip_date',\n 'sip_callid',\n 'sip_cseq_num',\n 'sip_via_branch',\n 'orig',\n 'dest',\n 'mky',\n 'events',\n 'toe',\n 'txn',\n 'rph',\n 'sid',\n 'vot',\n 'vtm',\n 'attest',\n 'origid',\n 'act',\n 'scope',\n 'client_id',\n 'may_act',\n 'jcard',\n 'at_use_nbr',\n] as const\n","type RequiredAndNotNull = {\n [P in keyof T]-?: Exclude\n}\n\n/**\n * not suitable for every object but it is enough for this library\n * @param object\n */\nexport function cleanUndefined>( object: T ) {\n if ( !object || typeof object !== 'object' ) {\n return object\n }\n return JSON.parse( JSON.stringify( object ) ) as RequiredAndNotNull\n}\n\nfunction merge( previousValue: any, currentValue: any ) {\n for ( const p in currentValue ) {\n if ( currentValue[p] !== undefined ) {\n if ( typeof currentValue[p] === 'object' && currentValue[p].constructor.name === 'Object' ) {\n previousValue[p] = merge( previousValue[p] || {}, currentValue[p] );\n } else {\n previousValue[p] = currentValue[p];\n }\n }\n }\n return previousValue\n}\nexport function mergeObjects( obj1: T, obj2: U ): RequiredAndNotNull;\nexport function mergeObjects( obj1: T, obj2: U, obj3: K ): RequiredAndNotNull;\nexport function mergeObjects( ...objects: any[] ) {\n return objects.reduce( ( previousValue, currentValue ) => {\n return merge( previousValue || {}, currentValue )\n }, {} ) as any\n}\n","export const isResponseType = ( type: string, response_type?: string ) =>\n response_type && response_type.split( /\\s+/g ).filter( rt => rt === type ).length > 0\n\nexport const isScopeIncluded = ( scope: string, scopes?: string ) =>\n scopes && scopes.split( ' ' ).indexOf( scope ) > -1\n","import { InteractionCancelled, OIDCClientError } from '../errors';\nimport type { PopupOptions } from '../interfaces';\n\nconst openPopup = ( url: string, width = 400, height = 600 ) => {\n const left = window.screenX + ( window.innerWidth - width ) / 2;\n const top = window.screenY + ( window.innerHeight - height ) / 2;\n\n return window.open(\n url,\n 'oidc-login-popup',\n `left=${ left },top=${ top },width=${ width },height=${ height },resizable,scrollbars=yes,status=1`\n );\n};\n\nexport function runPopup( url: string, options: PopupOptions ) {\n let popup = options.popup;\n\n if ( popup ) {\n popup.location.href = url;\n } else {\n popup = openPopup( url );\n }\n\n if ( !popup ) {\n /* istanbul ignore next */\n throw new Error( 'Could not open popup' );\n }\n\n let timeoutId: any ;\n let closeId: any ;\n\n return new Promise<{ response: any, state: string }>( ( resolve, reject ) => {\n function clearHandlers(){\n clearInterval( closeId );\n clearTimeout( timeoutId )\n window.removeEventListener( 'message', messageListener )\n }\n\n timeoutId = setTimeout( () => {\n clearHandlers()\n reject( new OIDCClientError( 'Timed out' ) );\n }, options.timeout || 60 * 1000 )\n\n closeId = setInterval( function () {\n if ( popup!.closed ) {\n clearHandlers()\n reject( new InteractionCancelled( 'user closed popup' ) )\n }\n }, 300 );\n\n window.addEventListener( 'message', messageListener );\n\n function messageListener( e: MessageEvent ){\n if ( !e.data || e.data.type !== 'authorization_response' ) return;\n clearHandlers();\n popup!.close();\n const data = e.data.response || e.data\n data.error ? reject( new OIDCClientError( data.error, data.error_description ) )\n : resolve( e.data );\n }\n } );\n}\n","/*\nJitbit TabUtils - helper for multiple browser tabs. version 1.0\nhttps://github.com/jitbit/TabUtils\n- executing \"interlocked\" function call - only once per multiple tabs\n- broadcasting a message to all tabs (including the current one) with some message \"data\"\n- handling a broadcasted message\nMIT license: https://github.com/jitbit/TabUtils/blob/master/LICENSE\n*/\n\nimport type { EventEmitter } from '../helpers';\n\nconst currentTabId = `${ performance.now() }:${ Math.random() * 1000000000 | 0 }`;\nconst handlers: Record = {};\n\nexport class TabUtils {\n keyPrefix: string;\n\n private events: EventEmitter;\n\n constructor( kid: string, fallbackEvents: EventEmitter ) {\n this.keyPrefix = kid;\n this.events = fallbackEvents\n }\n\n //runs code only once in multiple tabs\n //the lock holds for 4 seconds (in case the function is async and returns right away, for example, an ajax call intiated)\n //then it is cleared\n CallOnce( lockname: string, fn: () => void, timeout = 3000 ): void{\n if ( !lockname ) throw 'empty lockname';\n\n if ( !window.localStorage ) { //no local storage. old browser. screw it, just run the function\n fn();\n return;\n }\n\n const localStorageKey = this.keyPrefix + lockname;\n\n localStorage.setItem( localStorageKey, currentTabId );\n //re-read after a delay (after all tabs have saved their tabIDs into ls)\n setTimeout( () => {\n if ( localStorage.getItem( localStorageKey ) == currentTabId )\n fn();\n }, 150 );\n\n //cleanup - release the lock after 3 seconds and on window unload (just in case user closed the window while the lock is still held)\n setTimeout( function () { localStorage.removeItem( localStorageKey ); }, timeout );\n }\n\n BroadcastMessageToAllTabs( messageId: string, eventData: any ): void{\n //now we also need to manually execute handler in the current tab too, because current tab does not get 'storage' events\n try { handlers[messageId]( eventData ); } //\"try\" in case handler not found\n catch ( x ) { }\n\n if ( !window.localStorage ){\n this.events.emit( messageId, eventData )\n return; //no local storage. old browser\n }\n\n const data = {\n data: eventData,\n timeStamp: new Date().getTime()\n }; //add timestamp because overwriting same data does not trigger the event\n\n //this triggers 'storage' event for all other tabs except the current tab\n localStorage.setItem( `${ this.keyPrefix }event${ messageId }`, JSON.stringify( data ) );\n\n //cleanup\n setTimeout( () => { localStorage.removeItem( `${ this.keyPrefix }event${ messageId }` ); }, 3000 );\n }\n\n OnBroadcastMessage( messageId: string, fn: ( data: any ) => void ): void{\n handlers[messageId] = fn;\n if ( !window.localStorage ){\n this.events.on( messageId, fn )\n return; //no local storage. old browser\n }\n\n //first register a handler for \"storage\" event that we trigger above\n window.addEventListener( 'storage', ( ev ) => {\n if ( ev.key != `${ this.keyPrefix }event${ messageId }` ) return; // ignore other keys\n if ( !ev.newValue ) return; //called by cleanup?\n const messageData = JSON.parse( ev.newValue );\n fn( messageData.data );\n } );\n }\n}\n","import type { SessionChecker, SessionCheckerOptions } from '../interfaces';\n\nimport { createHiddenFrame } from './iframe';\n\nconst DEFAULT_CHECK_INTERVAL = 2000\n\nexport function createSessionCheckerFrame( options: SessionCheckerOptions ): SessionChecker{\n const { url, callback, client_id, checkInterval } = options\n let internalSessionState: string | null;\n const idx = url.indexOf( '/', url.indexOf( '//' ) + 2 );\n const frameOrigin = url.substr( 0, idx );\n\n const frame = createHiddenFrame()\n\n let timer: any\n\n const load = () => {\n return new Promise( resolve => {\n window.document.body.appendChild( frame );\n window.addEventListener( 'message', iframeEventHandler, false );\n frame.onload = () => {\n resolve( null )\n }\n } )\n }\n\n const start = ( sessionState: string ) => {\n load().then( () => {\n if ( sessionState && internalSessionState !== sessionState ) {\n stop();\n internalSessionState = sessionState;\n const send = () => {\n frame.contentWindow!.postMessage( `${ client_id } ${ internalSessionState }`, frameOrigin );\n };\n send();\n timer = window.setInterval( send, checkInterval || DEFAULT_CHECK_INTERVAL );\n }\n } )\n }\n\n const stop = () => {\n internalSessionState = null;\n if ( timer ) {\n window.clearInterval( timer );\n timer = null;\n }\n }\n\n const iframeEventHandler = ( e: MessageEvent ) => {\n if ( e.origin === frameOrigin && e.source === frame.contentWindow ) {\n if ( e.data === 'error' ) {\n stop();\n callback( e.data );\n } else if ( e.data === 'changed' ) {\n stop();\n callback();\n }\n }\n }\n\n frame.setAttribute( 'src', url );\n\n return {\n stop,\n start\n }\n}\n","import { OIDCClient } from './client';\nimport type { IPlusAuthClientOptions } from './interfaces';\n\nexport * from './interfaces'\nexport * from './client'\nexport * from './constants'\nexport * from './helpers'\nexport * from './errors'\n\n/**\n * Create OIDC client with initializing it. It resolves issuer metadata, jwks keys and check if user is\n * authenticated in OpenId Connect provider.\n */\nexport default function createOIDCClient( options: IPlusAuthClientOptions ): Promise{\n return new OIDCClient( options ).initialize()\n}\n"],"names":["Events","USER_LOGOUT","USER_LOGIN","SILENT_RENEW_SUCCESS","SILENT_RENEW_ERROR","SESSION_CHANGE","OIDCClientError","Error","constructor","error","error_description","name","AuthenticationError","state","error_uri","StateNotFound","InvalidJWTError","details","InvalidIdTokenError","InteractionCancelled","StateStore","prefix","LocalStorageStateStore","get","key","Promise","resolve","value","window","localStorage","getItem","JSON","parse","set","setItem","stringify","del","removeItem","clear","before","i","storedKeys","length","substring","push","storedItem","created_at","e","InMemoryStateStore","map","forEach","val","ind","delete","Map","EventEmitter","once","event","fn","on","onArgs","off","apply","cb","callbacks","splice","emit","args","cbs","slice","len","Timer","start","duration","callback","expiration","now","_expiration","_timerHandle","stop","timerDuration","setInterval","clearInterval","currentTimeInMillisFunc","Date","_define_property","createHiddenFrame","iframe","document","createElement","style","width","height","position","visibility","display","title","ariaHidden","lookup","code","buildEncodedQueryString","obj","appendable","ret","d","hasOwnProperty","encodeURIComponent","join","request","options","body","headers","method","requestType","reject","fetch","url","then","json","catch","CHARSET","generateRandom","out","charsLen","maxByte","buf","getRandomBytes","n","crypto","self","msCrypto","a","Uint8Array","getRandomValues","subarray","Math","min","ceil","randomByte","charAt","urlDecodeB64","input","decodeURIComponent","atob","replace","split","c","charCodeAt","toString","parseJwt","jwt","parts","header","payload","nonUserClaims","mergeObjects","objects","reduce","previousValue","currentValue","merge","p","undefined","isResponseType","type","response_type","filter","rt","isScopeIncluded","scope","scopes","indexOf","openPopup","left","screenX","innerWidth","top","screenY","innerHeight","open","currentTabId","performance","random","handlers","TabUtils","CallOnce","lockname","timeout","localStorageKey","keyPrefix","setTimeout","BroadcastMessageToAllTabs","messageId","eventData","x","events","data","timeStamp","getTime","OnBroadcastMessage","addEventListener","ev","newValue","messageData","kid","fallbackEvents","OIDCClient","initialize","checkLogin","initialized","__initializePromise","stateStore","init","authStore","endpoints","Object","keys","fetchFromIssuer","frameElement","silentLogin","message","login","localState","location","assign","createAuthRequest","loginWithPopup","popupOptions","response_mode","request_type","response","runPopup","timeoutId","closeId","popup","href","clearHandlers","clearTimeout","removeEventListener","messageListener","close","closed","authParams","loadState","tokenResult","handleAuthResponse","authObject","handleTokenResult","session_state","synchronizer","loginCallback","parsedUrl","URL","responseParams","parseQueryUrl","result","trim","params","paramAndValue","shift","search","hash","rawStoredState","parent","postMessage","protocol","host","opener","logout","localOnly","storedAuth","id_token_hint","id_token_raw","createLogoutRequest","revokeToken","token","revocation_endpoint","finalOptions","client_id","client_secret","token_type_hint","http","finalState","prompt","silent_redirect_uri","redirect_uri","useRefreshToken","refresh_token","exchangeRefreshToken","authUrl","silentRequestTimeout","eventOrigin","origin","onLoadTimeoutId","timeoutSetTimeoutId","removeIframe","iframeEventHandler","eventSource","source","resp","contains","removeChild","onLoadTimeout","appendChild","setAttribute","onload","getAccessToken","_this","access_token","getRefreshToken","getIdToken","id_token","getExpiresIn","expires_in","getIdTokenRaw","getScopes","_scope","getUser","user","isLoggedIn","existsOnLocal","_this_options_endpoints","authorization_endpoint","code_verifier","stateLength","audience","ui_locales","claims","claims_locales","acr_values","registration","login_hint","web_message_uri","web_message_target","extraParams","nonce","nonceLength","code_challenge","subtle","digest","TextEncoder","encode","buffer","urlSafe","encoded","fromByteArray","uint8","tmp","extraBytes","len2","encodeChunk","end","output","num","code_challenge_method","currentTimeInMillis","fragment","authParamsString","end_session_endpoint","logoutParams","post_logout_redirect_uri","extraLogoutParams","exchangeAuthorizationCode","token_endpoint","extraTokenHeaders","extraTokenParams","rest","mergedOptions","grant_type","req","requestUrl","issuer","issuer_metadata","prop","endsWith","parsedIDToken","validateIdToken","validateJwt","isIdToken","clockSkew","iss","aud","Array","isArray","azp","lowerNow","upperNow","floor","iat","Number","nbf","exp","idTokenValidator","includes","requestUserInfo","userinfo_endpoint","userInfoResult","fetchUserInfo","accessToken","monitorSession","sub","check_session_iframe","console","warn","sessionCheckerFrame","sessionCheckCallback","err","createSessionCheckerFrame","internalSessionState","timer","checkInterval","idx","frameOrigin","substr","frame","load","contentWindow","sessionState","send","checkSessionInterval","onUserLogin","authObj","idToken","idTokenRaw","refreshToken","checkSession","id","autoSilentRenew","secondsToRefreshAccessTokenBeforeExp","renew","_accessTokenExpireTimer","isValidIssuer","btoa","httpClient","bind"],"mappings":"yPACO,IAAMA,EAAS,CACpBC,YAAsB,cACtBC,WAAsB,aACtBC,qBAAsB,uBACtBC,mBAAsB,qBACtBC,eAAsB,gBACxB,0HCPO,MAAMC,UAAwBC,MAKnCC,YAAoBC,CAAa,CAAEC,CAA0B,CAAG,CAC9D,KAAK,CAAE,CAAC,EAAGD,EAAO,EAAGC,GAAqB,CAAC,GAAG,EAAGA,EAAmB,CAAC,EAAI,GAAI,CAAC,EALhFD,EAAAA,IAAAA,CAAAA,QAAAA,KAAAA,GAEAC,EAAAA,IAAAA,CAAAA,oBAAAA,KAAAA,GAIE,IAAI,CAACC,IAAI,CAAG,kBACZ,IAAI,CAACF,KAAK,CAAGA,EACb,IAAI,CAACC,iBAAiB,CAAGA,CAC3B,CACF,CAEO,MAAME,UAA4BN,EAKvCE,YAAaC,CAAa,CAAEC,CAA0B,CAAEG,CAAc,CAAEC,CAAkB,CAAG,CAC3F,KAAK,CAAEL,EAAOC,GALhBG,EAAAA,IAAAA,CAAAA,QAAAA,KAAAA,GAEAC,EAAAA,IAAAA,CAAAA,YAAAA,KAAAA,GAIE,IAAI,CAACH,IAAI,CAAG,sBACZ,IAAI,CAACE,KAAK,CAAGA,EACb,IAAI,CAACC,SAAS,CAAGA,CACnB,CACF,CAEO,MAAMC,UAAsBH,EAGjCJ,YAAaC,CAAa,CAAEI,CAAc,CAAG,CAC3C,KAAK,CAAEJ,GAHTI,EAAAA,IAAAA,CAAAA,QAAAA,KAAAA,GAIE,IAAI,CAACF,IAAI,CAAG,gBACZ,IAAI,CAACE,KAAK,CAAGA,CACf,CACF,CAEO,MAAMG,UAAwBV,EACnCE,YAAaS,CAAe,CAAG,CAC7B,KAAK,CAAEA,GACP,IAAI,CAACN,IAAI,CAAG,kBACZ,IAAI,CAACD,iBAAiB,CAAGO,CAC3B,CACF,CAEO,MAAMC,UAA4BF,EACvCR,YAAaS,CAAe,CAAG,CAC7B,KAAK,CAAEA,GACP,IAAI,CAACN,IAAI,CAAG,qBACd,CACF,CAEO,MAAMQ,UAA6Bb,EACxCE,YAAaS,CAAe,CAAG,CAC7B,KAAK,CAAEA,GACP,IAAI,CAACN,IAAI,CAAG,sBACd,CACF,CCpDO,MAAeS,EAGpBZ,YAAaa,EAAS,EAAE,CAAG,WAF3BA,KAAAA,KAAAA,YAAAA,IAAAA,uBAAAA,IAAAA,wDAAAA,IAAAA,MAGE,IAAI,CAACA,MAAM,CAAGA,CAChB,CASF,CChBO,MAAMC,UAAwCF,EAKnDG,IAAKC,CAAW,CAAG,CACjB,OAAO,IAAIC,QAAmB,AAAEC,IAC9B,IAAMC,EAAQC,OAAOC,YAAY,CAACC,OAAO,CAAE,IAAI,CAACT,MAAM,CAAGG,GAEvDE,EAASK,AADNJ,EACMI,KAAKC,KAAK,CAAEL,GAEZ,KAEb,EACF,CAEAM,IAAKT,CAAW,CAAEG,CAAQ,CAAG,CAC3B,OAAO,IAAIF,QAAe,AAAEC,IAC1BE,OAAOC,YAAY,CAACK,OAAO,CAAE,IAAI,CAACb,MAAM,CAAGG,EAAKO,KAAKI,SAAS,CAAER,IAChED,GACF,EACF,CAEAU,IAAKZ,CAAW,CAAG,CACjB,OAAO,IAAIC,QAAe,AAAEC,IAC1BE,OAAOC,YAAY,CAACQ,UAAU,CAAE,IAAI,CAAChB,MAAM,CAAGG,GAC9CE,GACF,EACF,CAEAY,MAAOC,CAAe,CAAkB,CACtC,OAAO,IAAId,QAAe,AAAEC,QACtBc,EACJ,IAAMC,EAAuB,EAAE,CAC/B,IAAMD,EAAI,EAAGA,EAAIZ,OAAOC,YAAY,CAACa,MAAM,CAAEF,IAAM,CACjD,IAAMhB,EAAMI,OAAOC,YAAY,CAACL,GAAG,CAAEgB,UAEhChB,EAAAA,KAAAA,EAAAA,AAAAA,EAAKmB,SAAS,CAAE,EAAG,IAAI,CAACtB,MAAM,CAACqB,MAAM,CAAA,GAAM,IAAI,CAACrB,MAAM,EACzDoB,EAAWG,IAAI,CAAEpB,EAErB,CACA,IAAMgB,EAAI,EAAGA,EAAIC,EAAWC,MAAM,CAAEF,IAClC,GAAKD,EACH,GAAI,CACF,IAAMM,EAAad,KAAKC,KAAK,CAAEJ,OAAOC,YAAY,CAACC,OAAO,CAAEW,CAAU,CAACD,EAAE,EACpEK,CAAAA,EAAWC,UAAU,CAAGP,GAC3BX,OAAOC,YAAY,CAACQ,UAAU,CAAEI,CAAU,CAACD,EAAE,EAE/C,MAAQO,EAAI,CACd,MAEAnB,OAAOC,YAAY,CAACQ,UAAU,CAAEI,CAAU,CAACD,EAAE,EAGjDd,GACF,EACF,CAvDAlB,YAAaa,EAAS,UAAU,CAAG,CACjC,KAAK,CAAEA,EACT,CAsDF,CCzDO,MAAM2B,UAAoC5B,EAG/CkB,MAAOC,CAAe,CAAG,QACvB,AAAKA,GACH,IAAI,CAACU,GAAG,CAACC,OAAO,CAAE,CAAEC,EAAKC,KAClBD,EAAIL,UAAU,CAAGP,GACpB,IAAI,CAACU,GAAG,CAACI,MAAM,CAAED,EAErB,GACO3B,QAAQC,OAAO,IAEfD,QAAQC,OAAO,CAAE,IAAI,CAACuB,GAAG,CAACX,KAAK,GAE1C,CAEAF,IAAKZ,CAAW,CAAG,CAEjB,OADA,IAAI,CAACyB,GAAG,CAACI,MAAM,CAAE7B,GACVC,QAAQC,OAAO,EACxB,CAEAH,IAAKC,CAAW,CAAG,CACjB,OAAOC,QAAQC,OAAO,CAAE,IAAI,CAACuB,GAAG,CAAC1B,GAAG,CAAEC,IAAS,KACjD,CAEAS,IAAKT,CAAW,CAAEG,CAAU,CAAG,CAE7B,OADA,IAAI,CAACsB,GAAG,CAAChB,GAAG,CAAET,EAAKG,GACZF,QAAQC,OAAO,EACxB,uCA3BM,IAAI4B,IAAVL,QAAAA,IAAAA,uBAAAA,IAAAA,CAAAA,2DAAAA,IAAAA,CAAAA,MA4BF,CC7BO,MAAMM,EAOXC,KAAMC,CAAQ,CAAEC,CAA8B,CAAE,CAC9C,SAASC,EAA6B,GAAGC,CAAa,EACpD,IAAI,CAACC,GAAG,CAAEJ,EAAOE,GACjBD,EAAGI,KAAK,CAAE,IAAI,CAAEF,EAClB,CAGA,OAFAD,EAAGD,EAAE,CAAGA,EACR,IAAI,CAACC,EAAE,CAAEF,EAAOE,GACT,IAAI,AACb,CAEAA,GAAIF,CAAQ,CAAEM,CAA8B,CAAE,CAG5C,OAFM,IAAI,CAACC,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,EAAG,CAAA,IAAI,CAACO,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAAG,EAAE,AAAF,EACtE,IAAI,CAACO,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAACb,IAAI,CAAEmB,GAC7B,IAAI,AACb,CAEAF,IAAKJ,CAAS,CAAEC,CAA+B,CAAE,CAC/C,GAAK,CAACD,EAEJ,OADA,IAAI,CAACO,SAAS,CAAG,GACV,IAAI,CAIb,IAAMA,EAAY,IAAI,CAACA,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAC/C,GAAK,CAACO,EAAY,OAAO,IAAI,CAG7B,GAAK,CAACN,EAEJ,OADA,OAAO,IAAI,CAACM,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAC7B,IAAI,CAGb,IAAM,IAAIjB,EAAI,EAAGA,EAAIwB,EAAUtB,MAAM,CAAEF,IAAM,CAC3C,IAAMuB,EAAKC,CAAS,CAACxB,EAAE,CACvB,GAAKuB,IAAOL,GAAMK,EAAGL,EAAE,GAAKA,EAAK,CAC/BM,EAAUC,MAAM,CAAEzB,EAAG,GACrB,KACF,CACF,CAQA,OAJ0B,IAArBwB,EAAUtB,MAAM,EACnB,OAAO,IAAI,CAACsB,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CAG/B,IAAI,AACb,CAEAS,KAAMT,CAAQ,CAAE,GAAGU,CAAW,CAAE,CAC9B,IAAIC,EAAM,IAAI,CAACJ,SAAS,CAAC,CAAC,CAAC,EAAGP,EAAO,CAAC,CAAC,CACvC,GAAKW,EAAM,CACTA,EAAMA,EAAIC,KAAK,CAAE,GACjB,IAAM,IAAI7B,EAAI,EAAG8B,EAAMF,EAAI1B,MAAM,CAAEF,EAAI8B,EAAK,EAAE9B,EAC5C4B,CAAG,CAAC5B,EAAE,CAACsB,KAAK,CAAE,IAAI,CAAEK,EAExB,CACA,OAAO,IAAI,AACb,CA9DA3D,aAAa,WAFbwD,KAAAA,KAAAA,eAAAA,IAAAA,uBAAAA,IAAAA,wDAAAA,IAAAA,MAGE,IAAI,CAACA,SAAS,CAAG,EACnB,CA6DF,yHCpEO,MAAMO,EAWXC,MAAOC,CAAgB,CAAEC,CAAoB,CAAE,CACxCD,GAAY,GACfA,CAAAA,EAAW,CAAA,EAEb,IAAME,EAAa,IAAI,CAACC,GAAG,GAAK,IAAOH,EACvC,GAAK,IAAI,CAACI,WAAW,GAAKF,GAAc,IAAI,CAACG,YAAY,CACvD,OAGF,IAAI,CAACC,IAAI,GAET,IAAI,CAACF,WAAW,CAAGF,EAGnB,IAAIK,EAAgB,EACfP,EADe,GAElBO,CAAAA,EAAgBP,CAAAA,EAElB,IAAI,CAACK,YAAY,CAAGG,YAAa,KAC1B,IAAI,CAACJ,WAAW,EAAI,IAAI,CAACD,GAAG,GAAK,MACpC,IAAI,CAACG,IAAI,GACTL,IAEJ,EAAGM,AAAgB,IAAhBA,EACL,CAEAD,MAAO,CACA,IAAI,CAACD,YAAY,GACpBI,cAAe,IAAI,CAACJ,YAAY,EAChC,IAAI,CAACA,YAAY,CAAG,KAExB,CAnCAtE,YAAa2E,EAA0B,IAAMC,KAAKR,GAAG,EAAE,CAAG,CAN1DS,EAAA,IAAA,CAAQT,MAAR,KAAA,GAEAS,EAAA,IAAA,CAAQP,eAAR,KAAA,GAEAO,EAAA,IAAA,CAAQR,cAAR,KAAA,GAGE,IAAI,CAACD,GAAG,CAAGO,CACb,CAkCF,CCxCO,SAASG,IACd,IAAMC,EAAS3D,OAAO4D,QAAQ,CAACC,aAAa,CAAE,UAU9C,OATAF,EAAOG,KAAK,CAACC,KAAK,CAAG,IACrBJ,EAAOG,KAAK,CAACE,MAAM,CAAG,IACtBL,EAAOG,KAAK,CAACG,QAAQ,CAAG,WACxBN,EAAOG,KAAK,CAACI,UAAU,CAAG,SAC1BP,EAAOG,KAAK,CAACK,OAAO,CAAG,OAEvBR,EAAOS,KAAK,CAAG,sBACfT,EAAOU,UAAU,CAAG,OAEbV,CACT,CCJA,IAAK,IC2N+B3D,EAAAA,EDhOhCsE,EAAS,EAAE,CAIXC,EAAO,mEACF3D,EAAI,EAAG8B,EAAM6B,EAAKzD,MAAM,CAAEF,EAAI8B,EAAK,EAAE9B,EAC5C0D,CAAM,CAAC1D,EAAE,CAAG2D,CAAI,CAAC3D,EAAE,CEId,SAAS4D,EAAyBC,CAAyB,CACzBC,EAAa,CAAA,CAAI,EACxD,GAAK,CAACD,EAAM,MAAO,GACnB,IAAME,EAAgB,EAAE,CACxB,IAAM,IAAMC,KAAKH,EACVA,EAAII,cAAc,CAAED,IAAOH,CAAG,CAACG,EAAE,EACpCD,EAAI3D,IAAI,CAAE,CAAC,EACT8D,mBAAoBF,GACrB,CAAC,EACAE,mBAAoB,AAAkB,UAAlB,OAAOL,CAAG,CAACG,EAAE,CAAgBzE,KAAKI,SAAS,CAAEkE,CAAG,CAACG,EAAE,EAAKH,CAAG,CAACG,EAAE,EACnF,CAAC,EAGN,MAAO,CAAC,EAAGF,EAAa,IAAM,GAAI,EAAGC,EAAII,IAAI,CAAE,KAAO,CAAC,AACzD,CCpBO,SAASC,EAASC,CAAuB,EAC9C,IAAIC,EAAY,KACZC,EAAUF,EAAQE,OAAO,EAAI,GAajC,MAZwB,SAAnBF,EAAQG,MAAM,EACjBD,CAAAA,EAAU,CACR,eAAgBF,AAAwB,SAAxBA,EAAQI,WAAW,CAAc,kDAC/C,iCACF,GAAGF,CAAO,AACZ,CAAA,EAEGF,EAAQC,IAAI,EACfA,CAAAA,EAAOD,AAAwB,SAAxBA,EAAQI,WAAW,CAAcb,EAAyBS,EAAQC,IAAI,CAAE,CAAA,GAC3E/E,KAAKI,SAAS,CAAE0E,EAAQC,IAAI,CAAA,EAG3B,IAAIrF,QAAS,CAAEC,EAASwF,KAC7BC,MAAON,EAAQO,GAAG,CAAE,CAClBJ,OAAQH,EAAQG,MAAM,CACtBF,KAAQA,EACRC,QAAAA,CAECM,GAAAA,IAAI,CAAE,AAAE1F,GAAqBD,EAASC,EAAM2F,IAAI,KAChDC,KAAK,CAAEL,EACZ,EACF,CC7BA,IAAMM,EAAU,iEAYT,SAASC,EAAgB/E,CAAc,EAC5C,IAAIgF,EAAM,GACJC,EAAWH,EAAQ9E,MAAM,CACzBkF,EAAU,IAAM,IAAMD,EAC5B,KAAQjF,EAAS,GAAI,CACnB,IAAMmF,EAAMC,AAfhB,SAAyBC,CAAS,EAEhC,IAAMC,EAASC,KAAKD,MAAM,EAAIC,KAAKC,QAAQ,CACrCC,EAAI,IAAIC,WAAYL,GAC1B,IAAM,IAAIvF,EAAI,EAAGA,EAAIuF,EAAGvF,GAF6B,MAGnDwF,EAAOK,eAAe,CAAEF,EAAEG,QAAQ,CAAE9F,EAAGA,EAAI+F,KAAKC,GAAG,CAAET,EAAIvF,EAHN,SAKrD,OAAO2F,CACT,EAOgCI,KAAKE,IAAI,CAAE/F,AAAS,IAATA,EAAekF,IACtD,IAAM,IAAIpF,EAAI,EAAGA,EAAIqF,EAAInF,MAAM,EAAIA,EAAS,EAAGF,IAAM,CACnD,IAAMkG,EAAab,CAAG,CAACrF,EAAE,CACpBkG,EAAad,IAChBF,GAAOF,EAAQmB,MAAM,CAAED,EAAaf,GACpCjF,IAEJ,CACF,CACA,OAAOgF,CACT,CAmBO,IAAMkB,EAAe,AAAEC,GAAmBC,mBAC/CC,KAAMF,EAAMG,OAAO,CAAE,KAAM,KAAMA,OAAO,CAAE,KAAM,MAC7CC,KAAK,CAAE,IACPhG,GAAG,CAAEiG,AAAAA,GACG,CAAC,CAAC,EAAG,CAAC,EAAE,EAAGA,EAAEC,UAAU,CAAE,GAAIC,QAAQ,CAAE,IAAM,CAAC,CAAC/E,KAAK,CAAE,IAAM,CAAC,EAErEsC,IAAI,CAAE,KAKJ,SAAS0C,EAAUC,CAAW,EACnC,GAAI,CACF,IAAMC,EAAQD,EAAIL,KAAK,CAAE,KACzB,GAAKM,AAAiB,IAAjBA,EAAM7G,MAAM,CACf,MAAM,AAAInC,MAAO,oBAEnB,MAAO,CACLiJ,OAASzH,KAAKC,KAAK,CAAE4G,EAAcW,CAAK,CAAC,EAAE,GAC3CE,QAAS1H,KAAKC,KAAK,CAAE4G,EAAcW,CAAK,CAAC,EAAE,EAC7C,CACF,CAAE,MAAQxG,EAAG,CACX,MAAM,IAAI/B,EAAiB,sBAC7B,CACF,CAuFO,IAAM0I,EAAgB,CAC3B,MAEA,MACA,MACA,MACA,MACA,MACA,MACA,QACA,YACA,UACA,SACA,MACA,MACA,UACA,MACA,eACA,WACA,aACA,eACA,iBACA,OACA,OACA,MACA,SACA,MACA,MACA,MACA,MACA,MACA,MACA,SACA,SACA,MACA,QACA,YACA,UACA,QACA,aACD,CC7KM,SAASC,EAAc,GAAGC,CAAc,EAC7C,OAAOA,EAAQC,MAAM,CAAE,CAAEC,EAAeC,IAC/BC,AAhBX,CAAA,SAASA,EAAOF,CAAkB,CAAEC,CAAiB,EACnD,IAAM,IAAME,KAAKF,EACUG,KAAAA,IAApBH,CAAY,CAACE,EAAE,GACb,AAA2B,UAA3B,OAAOF,CAAY,CAACE,EAAE,EAAiBF,AAAqC,WAArCA,CAAY,CAACE,EAAE,CAACzJ,WAAW,CAACG,IAAI,CAC1EmJ,CAAa,CAACG,EAAE,CAAGD,EAAOF,CAAa,CAACG,EAAE,EAAI,GAAIF,CAAY,CAACE,EAAE,EAEjEH,CAAa,CAACG,EAAE,CAAGF,CAAY,CAACE,EAAE,EAIxC,OAAOH,CACT,CAAA,EAKkBA,GAAiB,CAAIC,EAAAA,GAClC,CAAC,EACN,CCjCO,IAAMI,EAAiB,CAAEC,EAAcC,IAC5CA,GAAiBA,EAAcpB,KAAK,CAAE,QAASqB,MAAM,CAAEC,AAAAA,GAAMA,IAAOH,GAAO1H,MAAM,CAAG,EAEzE8H,EAAkB,CAAEC,EAAeC,IAC9CA,GAAUA,EAAOzB,KAAK,CAAE,KAAM0B,OAAO,CAAEF,GAAU,GCD7CG,EAAY,CAAExD,EAAazB,EAAQ,GAAG,CAAEC,EAAS,GAAG,IACxD,IAAMiF,EAAOjJ,OAAOkJ,OAAO,CAAKlJ,AAAAA,CAAAA,OAAOmJ,UAAU,CAAGpF,CAAI,EAAM,EACxDqF,EAAMpJ,OAAOqJ,OAAO,CAAKrJ,AAAAA,CAAAA,OAAOsJ,WAAW,CAAGtF,CAAK,EAAM,EAE/D,OAAOhE,OAAOuJ,IAAI,CAChB/D,EACA,mBACA,CAAC,KAAK,EAAGyD,EAAM,KAAK,EAAGG,EAAK,OAAO,EAAGrF,EAAO,QAAQ,EAAGC,EAAQ,kCAAkC,CAAC,CAEvG,ECLA,SAAAP,EAAAgB,CAAA,CAAA7E,CAAA,CAAAG,CAAA,wGAIA,IAAMyJ,EAAe,CAAC,EAAGC,YAAYzG,GAAG,GAAI,CAAC,EAAG2D,AAAgB,IAAhBA,KAAK+C,MAAM,GAAkB,EAAG,CAAC,CAC3EC,EAAgC,CAAA,CAE/B,OAAMC,EAaXC,SAAUC,CAAgB,CAAEhI,CAAc,CAAEiI,EAAU,GAAI,CAAQ,CAChE,GAAK,CAACD,EAAW,KAAM,iBAEvB,GAAK,CAAC9J,OAAOC,YAAY,CAAG,CAC1B6B,IACA,MACF,CAEA,IAAMkI,EAAkB,IAAI,CAACC,SAAS,CAAGH,EAEzC7J,aAAaK,OAAO,CAAE0J,EAAiBR,GAEvCU,WAAY,KACLjK,aAAaC,OAAO,CAAE8J,IAAqBR,GAC9C1H,GACD,EAAA,KAGHoI,WAAY,WAAcjK,aAAaQ,UAAU,CAAEuJ,EAAsBD,EAAAA,EAC3E,CAEAI,0BAA2BC,CAAiB,CAAEC,CAAc,CAAQ,CAElE,GAAI,CAAEV,CAAQ,CAACS,EAAU,CAAEC,GAC3B,MAAQC,EAAI,CAAE,CAEd,GAAK,CAACtK,OAAOC,YAAY,CAAE,CACzB,IAAI,CAACsK,MAAM,CAACjI,IAAI,CAAE8H,EAAWC,GAC7B,MACF,CAEA,IAAMG,EAAO,CACXA,KAAWH,EACXI,UAAW,IAAIjH,OAAOkH,OAAO,EAC/B,EAGAzK,aAAaK,OAAO,CAAE,CAAC,EAAG,IAAI,CAAC2J,SAAS,CAAE,KAAK,EAAGG,EAAW,CAAC,CAAEjK,KAAKI,SAAS,CAAEiK,IAGhFN,WAAY,KAAQjK,aAAaQ,UAAU,CAAE,CAAC,EAAG,IAAI,CAACwJ,SAAS,CAAE,KAAK,EAAGG,EAAW,CAAC,CAAO,EAAA,IAC9F,CAEAO,mBAAoBP,CAAiB,CAAEtI,CAAyB,CAAQ,CAEtE,GADA6H,CAAQ,CAACS,EAAU,CAAGtI,EACjB,CAAC9B,OAAOC,YAAY,CAAE,CACzB,IAAI,CAACsK,MAAM,CAACxI,EAAE,CAAEqI,EAAWtI,GAC3B,MACF,CAGA9B,OAAO4K,gBAAgB,CAAE,UAAW,AAAEC,IACpC,GAAKA,EAAGjL,GAAG,EAAI,CAAC,EAAG,IAAI,CAACqK,SAAS,CAAE,KAAK,EAAGG,EAAW,CAAC,EAClD,CAACS,EAAGC,QAAQ,CADyC,OAE1D,IAAMC,EAAc5K,KAAKC,KAAK,CAAEyK,EAAGC,QAAQ,EAC3ChJ,EAAIiJ,EAAYP,IAAI,CACtB,EACF,CAjEA5L,YAAaoM,CAAW,CAAEC,CAAiC,CAAG,CAJ9DhB,EAAAA,IAAAA,CAAAA,YAAAA,KAAAA,GAEAxG,EAAA,IAAA,CAAQ8G,SAAR,KAAA,GAGE,IAAI,CAACN,SAAS,CAAGe,EACjB,IAAI,CAACT,MAAM,CAAGU,CAChB,CA+DF,yHPnCO,MAAMC,UAAmBvJ,EAgF9B,MAAMwJ,WAAYC,EAAa,CAAA,CAAI,CAAgC,QACjE,AAAK,IAAI,CAACC,WAAW,CACZ,IAAI,EAGR,IAAI,CAACC,mBAAmB,EAG3B,CAAA,IAAI,CAACA,mBAAmB,CAAG,IAAIzL,QAAS,MAAQC,EAASwF,KACvD,GAAI,CACG,IAAI,CAACiG,UAAU,CAACC,IAAI,EACvB,MAAM,IAAI,CAACD,UAAU,CAACC,IAAI,GAEvB,IAAI,CAACC,SAAS,CAACD,IAAI,EACtB,MAAM,IAAI,CAACC,SAAS,CAACD,IAAI,GAGrB,IAAI,CAACvG,OAAO,CAACyG,SAAS,EAAIC,AAAiD,IAAjDA,OAAOC,IAAI,CAAE,IAAI,CAAC3G,OAAO,CAACyG,SAAS,EAAG5K,MAAM,EAC1E,MAAM,IAAI,CAAC+K,eAAe,GAE5B,IAAI,CAACR,WAAW,CAAG,CAAA,EAEnB,GAAI,CACF,GAAKD,EAAY,CACTpL,IAAAA,GAAAA,OAAAA,CAAAA,EAAAA,MAAAA,GAAAA,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAQ8L,YAAY,AAAA,GACxB,MAAM,IAAI,CAACC,WAAW,EAE1B,CACF,CAAE,MAAQ5K,EAAI,CACZ,IAAI,CAACmB,IAAI,CAAElE,EAAOI,kBAAkB,CAAE2C,GACtC,MAAM,IAAI,CAACsK,SAAS,CAAC/K,KAAK,EAC5B,CACAZ,EAAS,IAAI,CACf,CAAE,MAAQqB,EAAI,CAEVmE,EAAQnE,AADLA,aAAazC,EACRyC,EAEA,IAAIzC,EAAiByC,EAAE6K,OAAO,UAEhC,CACR,IAAI,CAACV,mBAAmB,CAAGhD,KAAAA,CAC7B,CACF,EAAA,EAGK,IAAI,CAACgD,mBAAmB,CACjC,CAUA,MAAMW,MAAOhH,EAAuC,EAAE,CAAEiH,EAAkC,CAAA,CAAE,CAAE,CAC5FlM,OAAOmM,QAAQ,CAACC,MAAM,CAAE,MAAM,IAAI,CAACC,iBAAiB,CAAEpH,EAASiH,GACjE,CAaA,MAAMI,eAAgBrH,EAAuC,EAAE,CAAEsH,EAA6B,CAAA,CAAE,CAAE,CAChG,IAAM/G,EAAM,MAAM,IAAI,CAAC6G,iBAAiB,CAAE,CACxCG,cAAe,WACf,GAAGvH,CAAO,CACVd,QAAe,QACfsI,aAAe,GACjB,GACM,CAAEC,SAAAA,CAAQ,CAAEzN,MAAAA,CAAK,CAAE,CAAG,MAAM0N,AMlM/B,SAAmBnH,CAAW,CAAEP,CAAqB,EAC1D,IAaI2H,EACAC,EAdAC,EAAQ7H,EAAQ6H,KAAK,CAQzB,GANKA,EACHA,EAAMX,QAAQ,CAACY,IAAI,CAAGvH,EAEtBsH,EAAQ9D,EAAWxD,GAGhB,CAACsH,EAEJ,MAAM,AAAInO,MAAO,wBAMnB,OAAO,IAAIkB,QAA2C,CAAEC,EAASwF,KAC/D,SAAS0H,IACP1J,cAAeuJ,GACfI,aAAcL,GACd5M,OAAOkN,mBAAmB,CAAE,UAAWC,EACzC,CAgBA,SAASA,EAAiBhM,CAAe,EACvC,GAAK,CAACA,EAAEqJ,IAAI,EAAIrJ,AAAgB,2BAAhBA,EAAEqJ,IAAI,CAAChC,IAAI,CAAgC,OAC3DwE,IACAF,EAAOM,KAAK,GACZ,IAAM5C,EAAOrJ,EAAEqJ,IAAI,CAACkC,QAAQ,EAAIvL,EAAEqJ,IAAI,AACtCA,CAAAA,EAAK3L,KAAK,CAAGyG,EAAQ,IAAI5G,EAAiB8L,EAAK3L,KAAK,CAAE2L,EAAK1L,iBAAiB,GACxEgB,EAASqB,EAAEqJ,IAAI,CACrB,CArBAoC,EAAY1C,WAAY,KACtB8C,IACA1H,EAAQ,IAAI5G,EAAiB,aAC5BuG,EAAAA,EAAQ8E,OAAO,EAAI,KAEtB8C,EAAUxJ,YAAa,WAChByJ,EAAOO,MAAM,GAChBL,IACA1H,EAAQ,IAAI/F,EAAsB,sBAEnC,EAAA,KAEHS,OAAO4K,gBAAgB,CAAE,UAAWuC,EAUtC,EACF,ENmJgD3H,EAAK+G,GAC3C,CAAEe,WAAAA,CAAU,CAAEpB,WAAAA,CAAU,CAAE,CAAG,AAACjN,GAAS,AAAiB,UAAjB,OAAOA,EAEhDA,EADF,MAAM,IAAI,CAACsO,SAAS,CAAEtO,GAASyN,EAASzN,KAAK,EAEzCuO,EAAc,MAAM,IAAI,CAACC,kBAAkB,CAAEf,EAAUY,EAAYpB,GACnEwB,EAAa,MAAM,IAAI,CAACC,iBAAiB,CAC7CH,EACAF,EACAvF,EAAc,IAAI,CAAC9C,OAAO,CAAEqI,IAI9B,OAFAI,EAAWE,aAAa,CAAElB,EAASkB,aAAa,CAChD,IAAI,CAACC,YAAY,CAAC1D,yBAAyB,CAAE/L,EAAOE,UAAU,CAAEoP,GACzDxB,CACT,CASA,MAAM4B,cAAetI,EAAaxF,OAAAA,CAAAA,EAAAA,MAAAA,GAAAA,SAAAA,SAAAA,OAAAA,CAAAA,EAAAA,EAAQmM,QAAQ,AAAA,GAAhBnM,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAkB+M,IAAI,AAAA,CAAE,KAIpDgB,EAHJ,GAAK,CAACvI,EACJ,OAAO3F,QAAQyF,MAAM,CAAE,IAAI5G,EAAiB,gDAG9C,GAAI,CACFqP,EAAY,IAAIC,IAAKxI,EACvB,CAAE,MAAQrE,EAAG,CACX,OAAOtB,QAAQyF,MAAM,CAAE,IAAI5G,EAAiB,CAAC,8BAA8B,EAAG8G,EAAK,CAAC,CAAC,EACvF,CAEA,IAAMyI,EAAiBC,ACjNpB,SAAwBnO,CAAa,EAC1C,IAAMoO,EAAiC,CAAA,EACvCpO,EAAQA,EAAMqO,IAAI,GAAGhH,OAAO,CAAE,YAAa,IAC3C,IAAMiH,EAAStO,EAAMsH,KAAK,CAAE,KAC5B,IAAM,IAAIzG,EAAI,EAAGA,EAAIyN,EAAOvN,MAAM,CAAEF,GAAK,EAAI,CAC3C,IAAM0N,EAAgBD,CAAM,CAACzN,EAAE,CACzB+G,EAAQ2G,EAAcjH,KAAK,CAAE,KAC7BzH,EAAMsH,mBAAoBS,EAAM4G,KAAK,IACrCxO,EAAQ4H,EAAM7G,MAAM,CAAG,EAAI6G,EAAM5C,IAAI,CAAE,KAAQ,EACrDoJ,CAAAA,CAAM,CAACvO,EAAI,CAAGsH,mBAAoBnH,EACpC,CACA,OAAOoO,CACT,EDqM0CJ,EAAUS,MAAM,EAAIT,EAAUU,IAAI,EAClEC,EAAiB,MAAM,IAAI,CAACnB,SAAS,CAAEU,EAAehP,KAAK,EAC3D,CAAEqO,WAAAA,CAAU,CAAEpB,WAAAA,CAAU,CAAEO,aAAAA,CAAY,CAAE,CAAGiC,EAEjD,OADAlJ,EAAMA,GAAOxF,OAAOmM,QAAQ,CAACY,IAAI,CACxBN,GACP,IAAK,IACEzM,IAAAA,EAAL,CAAA,AAAKA,OAAAA,CAAAA,EAAAA,MAAAA,GAAAA,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAQ8L,YAAY,GAClBtG,GACHxF,OAAO2O,MAAM,CAACC,WAAW,CAAE,CACzBpG,KAAU,yBACVkE,SAAUuB,EACVhP,MAAUyP,GACT,CAAC,EAAGvC,SAAS0C,QAAQ,CAAE,EAAE,EAAG1C,SAAS2C,IAAI,CAAE,CAAC,EAGnD,MACF,KAAK,IACE9O,OAAO+O,MAAM,EAAIvJ,GACpBxF,OAAO+O,MAAM,CAACH,WAAW,CAAE,CACzBpG,KAAU,yBACVkE,SAAUuB,EACVhP,MAAUyP,GACT,CAAC,EAAGvC,SAAS0C,QAAQ,CAAE,EAAE,EAAG1C,SAAS2C,IAAI,CAAE,CAAC,EAEjD,MACF,SACE,GAAKb,EAAepP,KAAK,CACvB,OAAOgB,QAAQyF,MAAM,CAAE,IAAItG,EAAqBiP,EAAepP,KAAK,CAAEoP,EAAenP,iBAAiB,GAExG,IAAM0O,EAAc,MAAM,IAAI,CAACC,kBAAkB,CAAEQ,EAAgBX,EAAYpB,GACzEwB,EAAa,MAAM,IAAI,CAACC,iBAAiB,CAC7CH,EACAF,EACAvF,EAAc,IAAI,CAAC9C,OAAO,CAAEqI,IAI9B,OAFAI,EAAWE,aAAa,CAAEK,EAAeL,aAAa,CACtD,IAAI,CAACC,YAAY,CAAC1D,yBAAyB,CAAE/L,EAAOE,UAAU,CAAEoP,GACzDxB,CACX,CACF,CAOA,MAAM8C,OAAQ/J,EAAgC,EAAE,CAAE,CAChD,GAAK,CAACA,EAAQgK,SAAS,CAAG,CACxB,IAAMC,EAAa,MAAM,IAAI,CAACzD,SAAS,CAAC9L,GAAG,CAAE,QACvCwP,EAAgBlK,EAAQkK,aAAa,EAAA,CAAA,MAAID,EAAAA,KAAAA,EAAAA,AAAAA,EAAYE,YAAY,AAAA,EACvEpP,OAAOmM,QAAQ,CAACC,MAAM,CAAE,MAAM,IAAI,CAACiD,mBAAmB,CAAE,CACtD,GAAGpK,CAAO,CACVkK,cAAAA,CACF,GACF,CACA,MAAM,IAAI,CAAC1D,SAAS,CAAC/K,KAAK,EAC5B,CAQA,MAAM4O,YAAaC,CAAa,CAAE/G,EAAkB,cAAc,CAAEvD,EAAyB,CAAA,CAAE,CAAE,CAC/F,GAAK,CAAC,IAAI,CAACA,OAAO,CAACyG,SAAS,CAAE8D,mBAAmB,CAC/C,OAAO3P,QAAQyF,MAAM,CAAE,IAAI5G,EAAiB,yCAE9C,IAAM+Q,EAAe,CACnBC,UAAiBzK,EAAQyK,SAAS,EAAI,IAAI,CAACzK,OAAO,CAACyK,SAAS,CAC5DC,cAAiB1K,EAAQ0K,aAAa,EAAI,IAAI,CAAC1K,OAAO,CAAC0K,aAAa,CACpEC,gBAAiBpH,EACjB+G,MAAiBA,CACnB,EAEA,OAAO,IAAI,CAACM,IAAI,CAAE,CAChBzK,OAAa,OACbC,YAAa,OACbG,IAAa,IAAI,CAACP,OAAO,CAACyG,SAAS,CAAE8D,mBAAmB,CACxDtK,KAAauK,CACf,EACF,CAYA,MAAM1D,YAAa9G,EAA8B,EAAE,CAAEiH,EAAkC,CAAA,CAAE,CAAE,KAErFsB,CADJ,OAAM,IAAI,CAACrC,UAAU,CAAE,CAAA,GAEvB,IAAI2E,EAAkB,CAAA,EAEhBZ,EAAa,MAAM,IAAI,CAACzD,SAAS,CAAC9L,GAAG,CAAE,SAAY,GAEnD8P,EAAe1H,EAAc,CACjCyE,cAAe,QACfrI,QAAe,OACf4L,OAAe,QACd,IAAI,CAAC9K,OAAO,CAAEA,GAMjB,GAJKwK,EAAaO,mBAAmB,EACnCP,CAAAA,EAAaQ,YAAY,CAAGR,EAAaO,mBAAmB,EAGzD,IAAI,CAAC/K,OAAO,CAACiL,eAAe,EAAIhB,CAAAA,MAAAA,EAAAA,KAAAA,EAAAA,AAAAA,EAAYiB,aAAa,AAAA,EAC5DL,EAAWxC,UAAU,CAAGvF,EAAcmH,AAAAA,CAAAA,MAAAA,EAAAA,KAAAA,EAAAA,AAAAA,EAAY5B,UAAU,AAAA,GAAI,CAAC,EAAGwC,EAAWxC,UAAU,EAAI,CAAA,GAC7FE,EAAc,MAAM,IAAI,CAAC4C,oBAAoB,CAAE,CAC7C,GAAGX,CAAY,CACfU,cAAejB,EAAWiB,aAAa,AACzC,OACK,KFlVTlL,EEmVI,IAAMoL,EAAU,MAAM,IAAI,CAAChE,iBAAiB,CAAE,CAC5C,GAAGoD,CAAY,CACfhD,aAAc,GACbP,EAAAA,GAEG,CAAEQ,SAAAA,CAAQ,CAAEzN,MAAAA,CAAK,CAAE,CAAG,OFxVhCgG,EEwV0D,CACpD8E,QAAa0F,EAAaa,oBAAoB,CAC9CC,YAAavQ,OAAOmM,QAAQ,CAACqE,MAAM,AACrC,EFzVG,IAAI3Q,QAAc,CAAEC,EAASwF,KAClC,IAAImL,EAAuB,KACrB9M,EAASD,IAETgN,EAAsBxG,WAAY,KACtC5E,EAAQ,IAAI5G,EAAiB,cAC7BiS,GACF,EAAG,AAA4B,IAA1B1L,CAAAA,EAAQ8E,OAAO,EAAI,EAAC,GAEnB6G,EAAsB,AAAEzP,IAC5B,GAAKA,EAAEqP,MAAM,EAAIvL,EAAQsL,WAAW,EAC/B,CAACpP,EAAEqJ,IAAI,EAAIrJ,AAAgB,2BAAhBA,EAAEqJ,IAAI,CAAChC,IAAI,CADY,OAEvC,IAAMqI,EAAc1P,EAAE2P,MAAM,CACvBD,GACIA,EAAczD,KAAK,GAG5B,IAAM2D,EAAO5P,EAAEqJ,IAAI,CAACkC,QAAQ,EAAIvL,EAAEqJ,IAAI,AACtCuG,CAAAA,EAAKlS,KAAK,CACNyG,EAAQ,IAAItG,EAAqB+R,EAAKlS,KAAK,CAAEkS,EAAKjS,iBAAiB,CAAEiS,EAAK9R,KAAK,CAAE8R,EAAK7R,SAAS,GAC/FY,EAASqB,EAAEqJ,IAAI,EACnByC,aAAcyD,GACdC,GACF,EAEMA,EAAe,KACK,MAAnBF,GACHxD,aAAcwD,GAEXzQ,OAAO4D,QAAQ,CAACsB,IAAI,CAAC8L,QAAQ,CAAErN,IAClC3D,OAAO4D,QAAQ,CAACsB,IAAI,CAAC+L,WAAW,CAAEtN,GAEpC3D,OAAOkN,mBAAmB,CAAE,UAAW0D,EAAoB,CAAA,EAC7D,EAEMM,EAAgB,IAAMhH,WAAY,KACtC5E,EAAQ,IAAI5G,EAAiB,2CEkTgB2R,IFjT7CM,GACC,EAAA,KAIH3Q,OAAO4K,gBAAgB,CAAE,UAAWgG,EAAoB,CAAA,GACxD5Q,OAAO4D,QAAQ,CAACsB,IAAI,CAACiM,WAAW,CAAExN,GAClCA,EAAOyN,YAAY,CAAE,ME0S0Bf,GFpS/C1M,EAAO0N,MAAM,CAAG,WACdZ,EAAkBS,GACpB,CACF,IEqSI1D,EAAc,MAAM,IAAI,CAACC,kBAAkB,CAAEf,EAAU+C,EAAcvD,GACrEgD,EAAWtB,aAAa,CAAGlB,EAASkB,aAAa,CACjDkC,EAAa7Q,CACf,CAEA,IAAMyO,EAAa,MAAM,IAAI,CAACC,iBAAiB,CAAEH,EAAasC,EAAWxC,UAAU,CAAEmC,GAGrF,OAFA/B,EAAWE,aAAa,CAAGsB,EAAWtB,aAAa,CACnD,IAAI,CAACC,YAAY,CAAC1D,yBAAyB,CAAE/L,EAAOE,UAAU,CAAEoP,GACzDoC,EAAW5D,UAAU,AAC9B,CAKA,MAAMoF,gBAAgB,CACX,IAAAC,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC9L,GAAG,CAAE,OAA1B,GAAA4R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCC,YAAY,AAC7D,CAMA,MAAMC,iBAAiB,CACZ,IAAAF,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC9L,GAAG,CAAE,OAA1B,GAAA4R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCpB,aAAa,AAC9D,CAKA,MAAMuB,YAAY,CACP,IAAAH,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC9L,GAAG,CAAE,OAA1B,GAAA4R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCI,QAAQ,AACzD,CAKA,MAAMC,cAAc,CACT,IAAAL,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC9L,GAAG,CAAE,OAA1B,GAAA4R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCM,UAAU,AAC3D,CAKA,MAAMC,eAAe,CACV,IAAAP,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC9L,GAAG,CAAE,OAA1B,GAAA4R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCnC,YAAY,AAC7D,CAMA,MAAM2C,WAAW,KACRC,EAAET,EAAT,OAAA,AAAmC,OAA1BA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC9L,GAAG,CAAE,OAAA,GAA1B4R,AAAF,KAAA,IAAEA,EAAF,KAAA,EAAA,OAAAS,CAAAA,EAAAT,EAAwC1I,KAAK,GAA7CmJ,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAA+C3K,KAAK,CAAE,IAC/D,CAMA,MAAM4K,SAAS,CACJ,IAAAV,EAAT,OAAA,AAAS,OAAAA,CAAAA,EAAA,MAAM,IAAI,CAAC9F,SAAS,CAAC9L,GAAG,CAAE,OAA1B,GAAA4R,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAFA,EAAwCW,IAAI,AACrD,CAQA,MAAMC,WAAYlD,EAAY,CAAA,CAAK,CAAE,CACnC,IAAMmD,EAAgB,CAAC,CAAC,MAAM,IAAI,CAACH,OAAO,GAC1C,GAAK,CAACG,GAAiB,CAACnD,EACtB,GAAI,CAEF,OADA,MAAM,IAAI,CAAClD,WAAW,GACf,CAAA,CACT,CAAE,MAAQ5K,EAAG,CACX,MAAO,CAAA,CACT,CAEF,OAAOiR,CACT,CASA,MAAc/F,kBAAmBpH,EAAuC,EAAE,CACxEiH,EAAkC,CAAA,CAAE,CAAmB,KACjDmG,EGvauB9N,EHuaxB,CAAA,AAAC,OAAA8N,CAAAA,EAAA,IAAI,CAACpN,OAAO,CAACyG,SAAS,AAATA,GAAb2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwBC,sBAAsB,AAAA,GAClD,MAAM,IAAI,CAACnH,UAAU,CAAE,CAAA,GAGzB,IAAMsE,EAAe9D,OAAOS,MAAM,CAAE,CAAI,EAAA,IAAI,CAACnH,OAAO,CAAEA,EACtDiH,CAAAA,EAAWqG,aAAa,CAAG1M,EAAgB,IAE3C,IAAMyH,EAAa,CACjBoC,UAAoBD,EAAaC,SAAS,CAC1CzQ,MAAoB4G,EAAgB4J,EAAa+C,WAAW,EAC5D3J,MAAoB4G,EAAa5G,KAAK,CACtC4J,SAAoBhD,EAAagD,QAAQ,CACzCxC,aAAoBR,EAAaQ,YAAY,CAC7CzD,cAAoBiD,EAAajD,aAAa,CAC9C/D,cAAoBgH,EAAahH,aAAa,EAAI,OAClDiK,WAAoBjD,EAAaiD,UAAU,CAC3C3C,OAAoBN,EAAaM,MAAM,CACvC5L,QAAoBsL,EAAatL,OAAO,CACxCwO,OAAoBlD,EAAakD,MAAM,CACvCC,eAAoBnD,EAAamD,cAAc,CAC/CC,WAAoBpD,EAAaoD,UAAU,CAC3CC,aAAoBrD,EAAaqD,YAAY,CAC7CC,WAAoBtD,EAAasD,UAAU,CAC3C5D,cAAoBM,EAAaN,aAAa,CAC9C6D,gBAAoBvD,EAAauD,eAAe,CAChDC,mBAAoBxD,EAAawD,kBAAkB,CACnD,GAAGxD,EAAayD,WAAW,EAAIzD,EAAayD,WAAW,AACzD,EAEK3K,CAAAA,EAAgB,WAAY+E,EAAW7E,aAAa,GACvDG,EAAiB,SAAU0E,EAAWzE,KAAK,CAAA,GAC3CyE,CAAAA,EAAW6F,KAAK,CAAGtN,EAAgB4J,EAAa2D,WAAW,CAAA,EAGxD7K,EAAgB,OAAQ+E,EAAW7E,aAAa,IACnD6E,EAAW+F,cAAc,CAAE,MGzc/B,CAAA,AAAK9O,CAD0BA,EH0cuB2H,EAAWqG,aAAa,EGzcpEzR,MAAM,CAAG,IAAMyD,EAAKzD,MAAM,CAAG,IAC9BjB,QAAQyF,MAAM,CAAE,IAAI5G,EAAiB,CAAC,qBAAqB,EAAG6F,EAAKzD,MAAM,CAAE,CAAC,GAG9E,IAAIjB,QAAS,CAAEC,EAASwF,KAC7Bc,OAAOkN,MAAM,CAACC,MAAM,CAAE,UAAW,IAAIC,cAAcC,MAAM,CAAElP,IACxDkB,IAAI,CAAEiO,AAAAA,GACE5T,EAAS6T,AFGjB,SAAkBD,CAAkB,EACzC,IAAME,EAAUC,AFuElB,SAAwBC,CAAK,EAQ3B,IAAK,IAPDC,EACArR,EAAMoR,EAAMhT,MAAM,CAClBkT,EAAatR,EAAM,EACnBiF,EAAQ,EAAE,CAIL/G,EAAI,EAAGqT,EAAOvR,EAAMsR,EAAYpT,EAAIqT,EAAMrT,GAH9B,MAInB+G,EAAM3G,IAAI,CAACkT,AAtBf,SAAsBJ,CAAK,CAAElR,CAAK,CAAEuR,CAAG,EAGrC,IAAK,IAFDJ,EACAK,EAAS,EAAE,CACNxT,EAAIgC,EAAOhC,EAAIuT,EAAKvT,GAAK,EAKhCwT,EAAOpT,IAAI,CAdNsD,CAAM,CAAC+P,AAUZN,CAAAA,EACE,AAAC,CAAA,AAACD,CAAK,CAAClT,EAAE,EAAI,GAAM,QAAQ,EAC3B,CAAA,AAACkT,CAAK,CAAClT,EAAI,EAAE,EAAI,EAAK,KAAA,EACtBkT,CAAAA,AAAe,IAAfA,CAAK,CAAClT,EAAI,EAAE,CAAO,GAbH,GAAK,GAAK,CAC7B0D,CAAM,CAAC+P,AAaqBN,GAbd,GAAK,GAAK,CACxBzP,CAAM,CAAC+P,AAYqBN,GAZd,EAAI,GAAK,CACvBzP,CAAM,CAAC+P,AAAM,GAWeN,EAXV,EAapB,OAAOK,EAAOrP,IAAI,CAAC,GACrB,EAW2B+O,EAAOlT,EAAG,AAACA,EAJf,MAIqCqT,EAAOA,EAAQrT,EAJpD,QAyBrB,OAjBIoT,AAAe,IAAfA,EAEFrM,EAAM3G,IAAI,CACRsD,CAAM,CAACyP,AAFTA,CAAAA,EAAMD,CAAK,CAACpR,EAAM,EAAE,AAAD,GAEH,EAAE,CAChB4B,CAAM,CAAC,AAACyP,GAAO,EAAK,GAAK,CACzB,MAEsB,IAAfC,GAETrM,EAAM3G,IAAI,CACRsD,CAAM,CAACyP,AAFTA,CAAAA,EAAM,AAACD,CAAAA,CAAK,CAACpR,EAAM,EAAE,EAAI,CAAA,EAAKoR,CAAK,CAACpR,EAAM,EAAE,AAAD,GAE3B,GAAG,CACjB4B,CAAM,CAAC,AAACyP,GAAO,EAAK,GAAK,CACzBzP,CAAM,CAAC,AAACyP,GAAO,EAAK,GAAK,CACzB,KAIGpM,EAAM5C,IAAI,CAAC,GACpB,EEtGiC,IAAIyB,WAAYkN,IAC/C,OAAOE,EAAQxM,OAAO,CAAE,MAAO,KAAMA,OAAO,CAAE,MAAO,KAAMA,OAAO,CAAE,KAAM,GAC5E,EENiC,IAAIZ,WAAYkN,KACxC,SAAW7U,CAAK,EAEjB,OAAOyG,EAAQzG,EACjB,EACJ,EAVA,EHwcIyO,EAAWgH,qBAAqB,CAAE7E,EAAa6E,qBAAqB,EAAI,QAG1E,IAAMtR,EAAM,IAAI,CAACiC,OAAO,CAACsP,mBAAmB,EAAI,IAAI,CAACtP,OAAO,CAACsP,mBAAmB,IAAM/Q,KAAKR,GAAG,GACxFwR,EAAW/E,EAAa+E,QAAQ,CAAG,CAAC,CAAC,EAAG/E,EAAa+E,QAAQ,CAAE,CAAC,CAAG,GACnEC,EAAmBjQ,EAAyB8I,GAC5C9H,EAAM,CAAC,EAAG,IAAI,CAACP,OAAO,CAACyG,SAAS,CAAE4G,sBAAsB,CAAE,EAAGmC,EAAkB,EAAGD,EAAU,CAAC,CAYnG,OATA,IAAI,CAACjJ,UAAU,CAAC7K,KAAK,CAAEsC,EAAM,OAG7B,MAAM,IAAI,CAACuI,UAAU,CAAClL,GAAG,CAAEiN,EAAWrO,KAAK,CI9etCkB,KAAKC,KAAK,CAAED,KAAKI,SAAS,CJ8e+B,CAC5DW,WAAc8B,EACdsK,WAAAA,EACApB,WAAAA,EACAO,aAAcgD,EAAahD,YAAY,AACzC,KACOjH,CACT,CAQA,MAAc6J,oBAAqBpK,EAAgC,EAAE,CAAE,CAC/D,IAAAoN,EAAD,CAAA,AAAC,OAAAA,CAAAA,EAAA,IAAI,CAACpN,OAAO,CAACyG,SAAS,AAATA,GAAb2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwBqC,oBAAoB,AAAA,GAChD,MAAM,IAAI,CAAC7I,eAAe,GAE5B,IAAM4D,EAAe1H,EAAc,IAAI,CAAC9C,OAAO,CAAEA,GAC3C0P,EAAe,CACnBxF,cAA0BM,EAAaN,aAAa,CACpDyF,yBAA0BnF,EAAamF,wBAAwB,CAC/D,GAAGnF,EAAaoF,iBAAiB,EAAI,CAAE,CAAA,AACzC,EACA,MAAO,CAAC,EAAG,IAAI,CAAC5P,OAAO,CAACyG,SAAS,CAAEgJ,oBAAoB,CAAE,EAAGlQ,EAAyBmQ,GAAgB,CAAC,AACxG,CAOA,MAAcG,0BAA2B7P,CAA2B,CAAE,CAC9D,IAAAoN,EAAD,CAAA,AAAC,OAAAA,CAAAA,EAAA,IAAI,CAACpN,OAAO,CAACyG,SAAS,AAATA,GAAb2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwB0C,cAAc,AAAA,GAC1C,MAAM,IAAI,CAAClJ,eAAe,GAE5B,IAAM4D,EAAe1H,EAAc,IAAI,CAAC9C,OAAO,CAAEA,GAC3C,CAAE+P,kBAAAA,CAAiB,CAAEC,iBAAAA,CAAgB,CAAE,GAAGC,EAAM,CAAGzF,EACnD0F,EAAgB,CACpB,GAAGD,CAAI,CACP,GAAGD,GAAoB,CAAE,CAAA,CACzBG,WAAY,oBACd,EAEA,IAAM,IAAMC,IAAO,CAAC,OAAQ,eAAgB,gBAAiB,YAAY,CACvE,GAAK,CAACF,CAAa,CAACE,EAAI,CACtB,OAAOxV,QAAQyF,MAAM,CAAE,AAAI3G,MAAO,CAAC,CAAC,EAAG0W,EAAK,aAAa,CAAC,GAI9D,OAAO,IAAI,CAACxF,IAAI,CAAE,CAChBrK,IAAa,CAAC,EAAG,IAAI,CAACP,OAAO,CAACyG,SAAS,CAAEqJ,cAAc,CAAE,CAAC,CAC1D3P,OAAa,OACbC,YAAa,OACbH,KAAaiQ,EACbhQ,QAAa6P,CACf,EACF,CAOA,MAAc5E,qBAAsBnL,CAAoC,CAAG,CACnE,IAAAoN,EAAD,CAAA,AAAC,OAAAA,CAAAA,EAAA,IAAI,CAACpN,OAAO,CAACyG,SAAS,AAATA,GAAb2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwB0C,cAAc,AAAA,GAC1C,MAAM,IAAI,CAAClJ,eAAe,GAE5B,GAAM,CAAEmJ,kBAAAA,CAAiB,CAAEC,iBAAAA,CAAgB,CAAE,GAAGC,EAAM,CAAGjQ,EACnDkQ,EAAgB,CACpBC,WAAe,gBACf1F,UAAe,IAAI,CAACzK,OAAO,CAACyK,SAAS,CACrCC,cAAe,IAAI,CAAC1K,OAAO,CAAC0K,aAAa,CACzC,GAAGuF,CAAI,CACP,GAAGD,GAAoB,CAAE,CAAA,AAC3B,EAEA,IAAM,IAAMI,IAAO,CAAC,gBAAiB,YAAY,CAC/C,GAAK,CAACF,CAAa,CAACE,EAAI,CACtB,OAAOxV,QAAQyF,MAAM,CAAE,AAAI3G,MAAO,CAAC,CAAC,EAAG0W,EAAK,aAAa,CAAC,GAI9D,OAAO,IAAI,CAACxF,IAAI,CAAE,CAChBrK,IAAa,CAAC,EAAG,IAAI,CAACP,OAAO,CAACyG,SAAS,CAAEqJ,cAAc,CAAE,CAAC,CAC1D3P,OAAa,OACbC,YAAa,OACbH,KAAaiQ,EACbhQ,QAAa6P,CACf,EACF,CAKA,MAAcnJ,iBAA+C,CAC3D,GAAI,CACF,IAAMyJ,EAAa,CAAC,EAAG,IAAI,CAACrQ,OAAO,CAACsQ,MAAM,CAAE,iCAAiC,CAAC,CACxE7I,EAAW,MAAM,IAAI,CAACmD,IAAI,CAAE,CAChCrK,IAAa8P,EACblQ,OAAa,MACbC,YAAa,MACf,EACA,CAAA,IAAI,CAACmQ,eAAe,CAAG9I,EACvB,IAAMhB,EAAY,CAAA,EAClB,IAAM,IAAM+J,KAAQ9J,OAAOC,IAAI,CAAE,IAAI,CAAC4J,eAAe,EAC9CC,CAAAA,EAAKC,QAAQ,CAAE,cAAiBD,EAAK1M,OAAO,CAAE,YAAe,IAAM0M,EAAK1M,OAAO,CAAE,QAAW,EAAC,GAChG2C,CAAAA,CAAS,CAAC+J,EAAqC,CAAG,IAAI,CAACD,eAAe,CAACC,EAAK,AAAA,EAIhF,OADA,IAAI,CAACxQ,OAAO,CAACyG,SAAS,CAAGA,EAClB,IAAI,CAAC8J,eAAe,AAC7B,CAAE,MAAQrU,EAAI,CACZ,MAAM,IAAIzC,EAAiB,0BAA2ByC,EAAE6K,OAAO,CACjE,CACF,CASA,MAAcyB,mBACZf,CAAa,CACb+C,CAAgC,CAChCvD,EAAkC,CAAA,CAAE,CACrC,QACC,AAAKQ,EAASnI,IAAI,CACT,IAAI,CAACuQ,yBAAyB,CAAE,CACrC7E,aAAeR,EAAaQ,YAAY,CACxCP,UAAeD,EAAaC,SAAS,CACrC6C,cAAerG,EAAWqG,aAAa,CACvC6C,WAAe,qBACf7Q,KAAemI,EAASnI,IAAI,AAC9B,GAEOmI,CAEX,CASA,MAAciB,kBAAmBH,CAA0B,CAAEF,CAA8B,CACzFmC,CAAoC,CAAE,KAMlCkG,CALJ,OAAM,IAAI,CAACxK,UAAU,CAAE,CAAA,GACvB,IAAI+G,EAAY,CAAA,EAChB,GAAK1E,EAAY3O,KAAK,CACpB,MAAM,IAAIG,EAAqBwO,EAAY3O,KAAK,CAAE2O,EAAY1O,iBAAiB,EAGjF,GAAK0O,EAAYmE,QAAQ,CAAE,CAEzB,GADAgE,EAAgB,MAAMC,AG5kBrB,SAA0BjE,CAAgB,CAAEwB,CAAa,CAAElO,CAA+B,EAC/F,GAAK,CAACkO,EACJ,MAAM,IAAIzU,EAAiB,qBAG7B,GAAI,CACF,IAAMgJ,EAAMD,EAAUkK,GAEtB,GAAKwB,IAAUzL,EAAIG,OAAO,CAACsL,KAAK,CAC9B,MAAM,AAAIxU,MAAO,CAAC,2BAA2B,EAAG+I,EAAIG,OAAO,CAACsL,KAAK,CAAE,CAAC,EAMtE,GAHA0C,AAaG,SAAsBnO,CAAW,CAAEzC,CAA6B,CAAE6Q,EAAY,CAAA,CAAK,EAExF,GAAI,CAAEC,UAAAA,CAAS,CAAExB,oBAAAA,CAAmB,CAAEgB,OAAAA,CAAM,CAAE9C,SAAAA,CAAQ,CAAE/C,UAAAA,CAAS,CAAE,CAAGzK,EAChE8Q,GACJA,CAAAA,EAAY,CAAA,EAEd,IAAM/S,EAAM,AAAEuR,CAAAA,GAAuBA,KAAyB/Q,KAAKR,GAAG,EAAC,EAAM,IAEvE6E,EAAUJ,EAAUC,GAAMG,OAAO,CAEvC,GAAK,CAACA,EAAQmO,GAAG,CACf,MAAM,IAAI5W,EAAiB,iCAE7B,GAAKyI,EAAQmO,GAAG,GAAKT,EACnB,MAAM,IAAInW,EAAiB,CAAC,+BAA+B,EAAGyI,EAAQmO,GAAG,CAAE,CAAC,EAG9E,GAAK,CAACnO,EAAQoO,GAAG,CACf,MAAM,IAAI7W,EAAiB,mCAK7B,GAAK8W,MAAMC,OAAO,CAAEtO,EAAQoO,GAAG,EAC7BpO,AAAwE,IAAxEA,EAAQoO,GAAG,CAAClN,OAAO,CAAE+M,EAAYpG,EAAY+C,GAAY/C,GACzD7H,EAAQoO,GAAG,GAAOH,CAAAA,EAAYpG,EAAY+C,GAAY/C,CAAAA,EAEtD,MAAM,IAAItQ,EAAiB,CAAC,iCAAiC,EAAGyI,EAAQoO,GAAG,CAAE,CAAC,EAGhF,GAAKpO,EAAQuO,GAAG,EAAIvO,EAAQuO,GAAG,GAAK1G,EAClC,MAAM,IAAItQ,EAAiB,CAAC,yCAAyC,EAAGyI,EAAQuO,GAAG,CAAE,CAAC,EAGxF,IAAMC,EAAW1P,KAAKE,IAAI,CAAE7D,EAAM+S,GAC5BO,EAAW3P,KAAK4P,KAAK,CAAEvT,EAAM+S,GAEnC,GAAK,CAAClO,EAAQ2O,GAAG,CACf,MAAM,IAAIpX,EAAiB,oCAG7B,GAAKiX,EAAWI,OAAQ5O,EAAQ2O,GAAG,EACjC,MAAM,IAAIpX,EAAiB,CAAC,kCAAkC,EAAGyI,EAAQ2O,GAAG,CAAE,CAAC,EAGjF,GAAK3O,EAAQ6O,GAAG,EAAIL,EAAWI,OAAQ5O,EAAQ6O,GAAG,EAChD,MAAM,IAAItX,EAAiB,CAAC,wCAAwC,EAAGyI,EAAQ6O,GAAG,CAAE,CAAC,EAGvF,GAAK,CAAC7O,EAAQ8O,GAAG,CACf,MAAM,IAAIvX,EAAiB,0CAE7B,GAAKqX,OAAQ5O,EAAQ8O,GAAG,EAAKL,EAC3B,MAAM,IAAIlX,EAAiB,CAAC,sCAAsC,EAAGyI,EAAQ8O,GAAG,CAAE,CAAC,CAIvF,EAtEiBhF,EAAU1M,EAAS,CAAA,GAG3B,CAACyC,EAAIG,OAAO,CAAC,GAAM,CACtB,MAAM,AAAIlJ,MAAO,wCAGnB,OAAO+I,EAAIG,OAAO,AACpB,CAAE,MAAQ1G,EAAG,CACX,MAAM,IAAI7B,EAAqB6B,EAAE6K,OAAO,CAC1C,CACF,EHqjB6CwB,EAAYmE,QAAQ,CAAErE,EAAW6F,KAAK,CAAG1D,GAC3EA,EAAamH,gBAAgB,EAAI,CAAC,MAAMnH,EAAamH,gBAAgB,CAAEpJ,EAAYmE,QAAQ,EAC9F,OAAO9R,QAAQyF,MAAM,CAAE,IAAIhG,EAAqB,+BAElDqM,OAAOC,IAAI,CAAE+J,GAAgBrU,OAAO,CAAE1B,AAAAA,IAC9BkI,EAAc+O,QAAQ,CAAEjX,IAC5BsS,CAAAA,CAAI,CAACtS,EAAI,CAAG+V,CAAa,CAAC/V,EAAI,AAAA,CAElC,EACF,CAEA,GAAK4N,EAAYgE,YAAY,CAAG,CACO,IAAAa,EAArC,GAAK5C,EAAaqH,eAAe,EAAI,CAAA,AAAsB,OAAtBzE,CAAAA,EAAA,IAAI,CAACpN,OAAO,CAACyG,SAAS,AAAA,GAAtB2G,AAAA,KAAA,IAAAA,EAAA,KAAA,EAAAA,EAAwB0E,iBAAiB,AAAA,EAAG,CAC/E,IAAMC,EAAiB,MAAM,IAAI,CAACC,aAAa,CAAEzJ,EAAYgE,YAAY,CACnEwF,CAAAA,EAAenY,KAAK,EACxBqT,CAAAA,EAAO,CAAE,GAAGA,CAAI,CAAE,GAAG8E,CAAc,AAAC,CAAA,CAExC,CACF,CAEA,MAAO,CACL1J,WAAAA,EACA4E,KAAAA,EACA,GAAG1E,CAAW,CACdmE,SAAcgE,EACdvG,aAAc5B,EAAYmE,QAAQ,CAClC9I,MAAc2E,EAAY3E,KAAK,EAAIyE,EAAWzE,KAAK,AACrD,CACF,CAQA,MAAc0E,UAAWtO,CAAa,CAAE,CACtC,IAAMyP,EAAiB,MAAM,IAAI,CAACnD,UAAU,CAAC5L,GAAG,CAAEV,UAClD,AAAMyP,GAGJ,MAAM,IAAI,CAACnD,UAAU,CAAC/K,GAAG,CAAEvB,GAEtByP,GAJE7O,QAAQyF,MAAM,CAAE,IAAInG,EAAe,wBAAyBF,GAKvE,CAQA,MAAcgY,cAAeC,CAAmB,CAAE,CAChD,OAAO,IAAI,CAACrH,IAAI,CAAE,CAChBzK,OAAa,MACbI,IAAa,CAAC,EAAG,IAAI,CAACP,OAAO,CAACyG,SAAS,CAAEqL,iBAAiB,CAAE,CAAC,CAC7D1R,YAAa,OACbF,QAAa,CACX,cAAiB,CAAC,OAAO,EAAG+R,EAAa,CAAC,AAC5C,CACF,EACF,CASAC,eAAwB,CAAEC,IAAAA,CAAG,CAAExJ,cAAAA,CAAa,CAAyB,CAAE,CACrE,GAAM,CAAE8B,UAAAA,CAAS,CAAEhE,UAAAA,CAAS,CAAE,CAAG,IAAI,CAACzG,OAAO,CAE7C,GAAK,QAACyG,EAAAA,KAAAA,EAAAA,AAAAA,EAAW2L,oBAAoB,AAAA,EAAE,CACrCC,QAAQC,IAAI,CAAE,8FACd,MACF,CACA,GAAK,CAAC,IAAI,CAACC,mBAAmB,CAAE,CAC9B,IAAMC,EAAuB,MAAQC,IACnC,GAAKA,EACH,IAAI,CAACpV,IAAI,CAAElE,EAAOC,WAAW,MACxB,CACL,IAAI,CAACiE,IAAI,CAAElE,EAAOK,cAAc,EAChC,GAAI,CACF,MAAM,IAAI,CAACsN,WAAW,CAAE,GAAI,CAAC,GAC7B,IAAMmD,EAAa,MAAM,IAAI,CAACzD,SAAS,CAAC9L,GAAG,CAAE,QAC7C,GAAKuP,EAAY,CACVA,IAAAA,EAAAA,CAAAA,AAAAA,OAAAA,CAAAA,EAAAA,EAAWgD,IAAI,AAAJA,GAAXhD,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAiBkI,GAAG,AAAHA,IAAQA,GAAOlI,EAAWtB,aAAa,EAC3D,IAAI,CAAC4J,mBAAmB,CAAE5U,KAAK,CAAEsM,EAAWtB,aAAa,OAG3D,IAAI,CAACtL,IAAI,CAAElE,EAAOC,WAAW,CAAE,KAEnC,CAAE,MAAQ8C,EAAI,CACZ,IAAI,CAACmB,IAAI,CAAElE,EAAOC,WAAW,EAC7B,MACF,CACF,CACF,CAEA,CAAA,IAAI,CAACmZ,mBAAmB,CAAGG,AQvvB1B,SAAoC1S,CAA8B,MAEnE2S,EAMAC,EAPJ,GAAM,CAAErS,IAAAA,CAAG,CAAE1C,SAAAA,CAAQ,CAAE4M,UAAAA,CAAS,CAAEoI,cAAAA,CAAa,CAAE,CAAG7S,EAE9C8S,EAAMvS,EAAIuD,OAAO,CAAE,IAAKvD,EAAIuD,OAAO,CAAE,MAAS,GAC9CiP,EAAcxS,EAAIyS,MAAM,CAAE,EAAGF,GAE7BG,EAAQxU,IAIRyU,EAAO,IACJ,IAAItY,QAASC,AAAAA,IAClBE,OAAO4D,QAAQ,CAACsB,IAAI,CAACiM,WAAW,CAAE+G,GAClClY,OAAO4K,gBAAgB,CAAE,UAAWgG,EAAoB,CAAA,GACxDsH,EAAM7G,MAAM,CAAG,KACbvR,EAAS,KACX,CACF,GAiBIqD,EAAO,KACXyU,EAAuB,KAClBC,IACH7X,OAAOsD,aAAa,CAAEuU,GACtBA,EAAQ,KAEZ,EAEMjH,EAAqB,AAAEzP,IACtBA,EAAEqP,MAAM,GAAKwH,GAAe7W,EAAE2P,MAAM,GAAKoH,EAAME,aAAa,GAC1DjX,AAAW,UAAXA,EAAEqJ,IAAI,EACTrH,IACAL,EAAU3B,EAAEqJ,IAAI,GACK,YAAXrJ,EAAEqJ,IAAI,GAChBrH,IACAL,KAGN,EAIA,OAFAoV,EAAM9G,YAAY,CAAE,MAAO5L,GAEpB,CACLrC,KAAAA,EACAP,MAtCY,AAAEyV,IACdF,IAAO1S,IAAI,CAAE,KACX,GAAK4S,GAAgBT,IAAyBS,EAAe,CAC3DlV,IACAyU,EAAuBS,EACvB,IAAMC,EAAO,KACXJ,EAAME,aAAa,CAAExJ,WAAW,CAAE,CAAC,EAAGc,EAAW,CAAC,EAAGkI,EAAsB,CAAC,CAAEI,EAChF,EACAM,IACAT,EAAQ7X,OAAOqD,WAAW,CAAEiV,EAAMR,GA/BX,IAgCzB,CACF,EACF,CA2BA,CACF,ER2rB4D,CACpDtS,IAAekG,EAAU2L,oBAAoB,CAC7C3H,UAAeA,EACf5M,SAAe2U,EACfK,cAAe,IAAI,CAAC7S,OAAO,CAACsT,oBAAoB,AAClD,EACF,CAEA,IAAI,CAACf,mBAAmB,CAAC5U,KAAK,CAAEgL,EAClC,CAEA,MAAc4K,YAAaC,CAAY,CAAE,KAYjCzY,EAXN,GAAM,CAAE6R,WAAAA,CAAU,CAAEK,KAAAA,CAAI,CAAErJ,MAAAA,CAAK,CAAE2I,aAAAA,CAAY,CAAEG,SAAAA,CAAQ,CAAExB,cAAAA,CAAa,CAAEvC,cAAAA,CAAa,CAAEwB,aAAAA,CAAY,CAAE,CAAGqJ,EAWxG,GAVA,MAAM,IAAI,CAAChN,SAAS,CAACpL,GAAG,CAAE,OAAQoY,GAElC,IAAI,CAACvG,IAAI,CAAGA,EACZ,IAAI,CAACpJ,MAAM,CAAGD,MAAAA,EAAAA,KAAAA,EAAAA,AAAAA,EAAOxB,KAAK,CAAE,KAC5B,IAAI,CAAC6P,WAAW,CAAG1F,EACnB,IAAI,CAACkH,OAAO,CAAG/G,EACf,IAAI,CAACgH,UAAU,CAAGvJ,EAClB,IAAI,CAACwJ,YAAY,CAAGzI,EAEpB,IAAI,CAAC7N,IAAI,CAAElE,EAAOE,UAAU,CAAEma,GACzB,EAACzY,OAAAA,CAAAA,EAAAA,MAAAA,GAAAA,AAAAA,KAAAA,IAAAA,EAAAA,KAAAA,EAAAA,EAAQ8L,YAAY,AAAA,IACnB,IAAI,CAAC7G,OAAO,CAAC4T,YAAY,EAC5B,IAAI,CAAC1B,cAAc,CAAE,CAAEC,IAAKlF,EAAKkF,GAAG,EAAIlF,EAAK4G,EAAE,CAAElL,cAAAA,CAAc,GAG5DiE,AAAevJ,KAAAA,IAAfuJ,GAA4B,IAAI,CAAC5M,OAAO,CAAC8T,eAAe,EAAE,CAC7D,IAAMhW,EAAa0T,OAAQ5E,GAAe,IAAI,CAAC5M,OAAO,CAAC+T,oCAAoC,CACrFC,EAAQ,KACZ,IAAI,CAACpL,YAAY,CAAChE,QAAQ,CAAE,eAAgB,UAC1C,GAAI,CACF,MAAM,IAAI,CAACkC,WAAW,GACtB,IAAI,CAACzJ,IAAI,CAAElE,EAAOG,oBAAoB,CAAE,KAC1C,CAAE,MAAQ4C,EAAI,CACZ,IAAI,CAACmB,IAAI,CAAElE,EAAOI,kBAAkB,CAAE2C,EACxC,CACF,EACF,CACK4B,CAAAA,GAAc,EACjB,IAAI,CAACmW,uBAAuB,CAAEtW,KAAK,CAAEG,EAAY,UAC/CkW,GACF,GAEAA,GAEJ,CAEJ,CA3tBAra,YAAaqG,CAA+B,CAAG,CAE7C,GADA,KAAK,GAjCPA,EAAAA,IAAAA,CAAAA,UAAAA,KAAAA,GAEAiN,EAAAA,IAAAA,CAAAA,OAAAA,KAAAA,GAEApJ,EAAAA,IAAAA,CAAAA,SAAAA,KAAAA,GAEAoO,EAAAA,IAAAA,CAAAA,cAAAA,KAAAA,GAEA0B,EAAAA,IAAAA,CAAAA,eAAAA,KAAAA,GAEAF,EAAAA,IAAAA,CAAAA,UAAAA,KAAAA,GAEAC,EAAAA,IAAAA,CAAAA,aAAAA,KAAAA,GAEAnD,EAAAA,IAAAA,CAAAA,kBAAAA,KAAAA,GAEA/R,EAAA,IAAA,CAAiBoM,OAAjB,KAAA,GAEApM,EAAA,IAAA,CAAQoK,eAAR,KAAA,GAEApK,EAAA,IAAA,CAAQ8H,aAAR,KAAA,GAEA9H,EAAA,IAAA,CAAQgI,YAAR,KAAA,GAEAhI,EAAA,IAAA,CAAQ+T,sBAAR,KAAA,GAEA/T,EAAA,IAAA,CAAQyV,0BAAR,KAAA,GAEAzV,EAAA,IAAA,CAAQ4H,cAAR,KAAA,GAEA5H,EAAA,IAAA,CAAQ6H,sBAAR,KAAA,GAIO,CAAC6N,ACnFH,SAAwB5D,CAAc,EAC3C,GAAI,CACF,IAAM/P,EAAM,IAAIwI,IAAKuH,GACrB,GAAK,CAAC,CAAC,QAAS,SAAS,CAACsB,QAAQ,CAAErR,EAAIqJ,QAAQ,GAG3CrJ,AAAe,KAAfA,EAAIgJ,MAAM,EAAWhJ,AAAa,KAAbA,EAAIiJ,IAAI,CAFhC,MAAO,CAAA,EAKT,MAAO,CAAA,CACT,CAAE,MAAQtN,EAAG,CACX,MAAO,CAAA,CACT,CACF,EDsEyB8D,EAAQsQ,MAAM,EACjC,MAAM,IAAI7W,EAAiB,gCAG7B,CAAA,IAAI,CAACmP,YAAY,CAAG,IAAIjE,EAAUwP,KAAMnU,EAAQsQ,MAAM,EAAI,IAAI,EAE9D,IAAI,CAACtQ,OAAO,CAAG8C,EAAc,CAC3BiR,qCAAsC,GACtCD,gBAAsC,CAAA,EACtCF,aAAsC,CAAA,EACtCrG,YAAsC,GACtCY,YAAsC,EACxC,EAAGnO,EAAS,CAEVsQ,OAAQtQ,EAAQsQ,MAAM,CAACG,QAAQ,CAAE,KAAQzQ,EAAQsQ,MAAM,CAAC9S,KAAK,CAAE,EAAG,IAAOwC,EAAQsQ,MAAM,AACzF,GAEA,IAAI,CAAC1F,IAAI,CAAG,IAAI,CAAC5K,OAAO,CAACoU,UAAU,EAAIrU,EACvC,IAAI,CAACuG,UAAU,CAAG,IAAI,CAACtG,OAAO,CAACsG,UAAU,EAAI,IAAI7L,EAAqC,kBACtF,IAAI,CAAC+L,SAAS,CAAG,IAAI,CAACxG,OAAO,CAACwG,SAAS,EAAI,IAAIrK,EAG1C,IAAI,CAAC6D,OAAO,CAAC8T,eAAe,EAC/B,CAAA,IAAI,CAACG,uBAAuB,CAAG,IAAIvW,GAGrC,IAAI,CAACZ,EAAE,CAAE3D,EAAOC,WAAW,CAAE,UAC3B,IAAI,CAAC6T,IAAI,CAAG5J,KAAAA,EACZ,IAAI,CAACQ,MAAM,CAAGR,KAAAA,EACd,IAAI,CAAC4O,WAAW,CAAG5O,KAAAA,EACnB,IAAI,CAACoQ,OAAO,CAAGpQ,KAAAA,EACf,IAAI,CAACsQ,YAAY,CAAGtQ,KAAAA,EACpB,MAAM,IAAI,CAACmD,SAAS,CAAC/K,KAAK,EAC5B,GAEA,IAAI,CAACmN,YAAY,CAAClD,kBAAkB,CAAEvM,EAAOE,UAAU,CAAE,IAAI,CAACka,WAAW,CAACc,IAAI,CAAE,IAAI,EACtF,CAsrBF,0PSlyBe,SAA2BrU,CAA+B,EACvE,OAAO,IAAIiG,EAAYjG,GAAUkG,UAAU,EAC7C","x_google_ignoreList":[8]} \ No newline at end of file diff --git a/docs/classes/AuthenticationError.html b/docs/classes/AuthenticationError.html index 1ba8678..5218286 100644 --- a/docs/classes/AuthenticationError.html +++ b/docs/classes/AuthenticationError.html @@ -24,7 +24,7 @@

Hierarchy

+
  • Defined in src/errors.ts:14
    • @@ -71,7 +71,7 @@
    Optional Returns AuthenticationError
    +
  • Defined in src/errors.ts:19

    • Properties

    @@ -79,18 +79,18 @@

    errorerror: string

    +
  • Defined in src/errors.ts:2

    • Optional error_description

    error_description?: string
    +
  • Defined in src/errors.ts:4

    • Optional error_uri

    error_uri?: string
    +
  • Defined in src/errors.ts:17

    • message

    message: string
    +
  • Defined in src/errors.ts:15

    • Static Optional prepareStackTrace

    prepareStackTrace?: ((err, stackTraces) => any)
    diff --git a/docs/classes/EventEmitter.html b/docs/classes/EventEmitter.html index 59c5819..d235720 100644 --- a/docs/classes/EventEmitter.html +++ b/docs/classes/EventEmitter.html @@ -27,7 +27,7 @@

    Hierarchy

    +
  • Defined in src/helpers/event_emitter.ts:3
    • @@ -62,14 +62,14 @@

    Type Parameters

    T extends string

    Returns EventEmitter<T>

    +
  • Defined in src/helpers/event_emitter.ts:6

    • Properties

    callbacks

    callbacks: Record<string, any[]>
    +
  • Defined in src/helpers/event_emitter.ts:4

    • Methods

    @@ -86,7 +86,7 @@
    event: Rest ...args: any[]

    Returns EventEmitter<T>

    +
  • Defined in src/helpers/event_emitter.ts:59

    • off

      @@ -112,7 +112,7 @@
      Rest Returns void

    Returns EventEmitter<T>

    +
  • Defined in src/helpers/event_emitter.ts:26

    • on

      @@ -138,7 +138,7 @@
      Rest Returns void

    Returns EventEmitter<T>

    +
  • Defined in src/helpers/event_emitter.ts:20

    • once

      @@ -164,7 +164,7 @@
      Rest Returns void

    Returns EventEmitter<T>

    +
  • Defined in src/helpers/event_emitter.ts:10
    • diff --git a/docs/classes/InMemoryStateStore.html b/docs/classes/InMemoryStateStore.html index 933ce54..9f3d32e 100644 --- a/docs/classes/InMemoryStateStore.html +++ b/docs/classes/InMemoryStateStore.html @@ -27,7 +27,7 @@

    Hierarchy

    • InMemoryStateStore
    +
  • Defined in src/helpers/state_manager/in_memory.ts:3
    • @@ -70,20 +70,20 @@
    prefix: Returns InMemoryStateStore<T>
    +
  • Defined in src/helpers/state_manager/state_store.ts:8

    • Properties

    map

    map: Map<any, any> = ...
    +
  • Defined in src/helpers/state_manager/in_memory.ts:4

    • prefix

    prefix: string
    +
  • Defined in src/helpers/state_manager/state_store.ts:6

    • Methods

    @@ -99,7 +99,7 @@
    Optional Returns Promise<void>
    +
  • Defined in src/helpers/state_manager/in_memory.ts:6

    • del

    +
  • Defined in src/helpers/state_manager/in_memory.ts:19

    • get

    +
  • Defined in src/helpers/state_manager/in_memory.ts:24

    • Optional init

    +
  • Defined in src/helpers/state_manager/state_store.ts:2

    • set

    +
  • Defined in src/helpers/state_manager/in_memory.ts:28
    • diff --git a/docs/classes/InteractionCancelled.html b/docs/classes/InteractionCancelled.html index 5716546..1bb502e 100644 --- a/docs/classes/InteractionCancelled.html +++ b/docs/classes/InteractionCancelled.html @@ -22,7 +22,7 @@

    Hierarchy

    • InteractionCancelled
    +
  • Defined in src/errors.ts:52
    • @@ -61,7 +61,7 @@
    details: Returns InteractionCancelled
    +
  • Defined in src/errors.ts:53

    • Properties

    @@ -69,13 +69,13 @@

    errorerror: string

    +
  • Defined in src/errors.ts:2

    • Optional error_description

    error_description?: string
    +
  • Defined in src/errors.ts:4

    • message

    message: string
    +
  • Defined in src/errors.ts:45
    • @@ -61,7 +61,7 @@
    details: Returns InvalidIdTokenError
    +
  • Defined in src/errors.ts:46

    • Properties

    @@ -69,13 +69,13 @@

    errorerror: string

    +
  • Defined in src/errors.ts:2

    • Optional error_description

    error_description?: string
    +
  • Defined in src/errors.ts:4

    • message

    message: string
    +
  • Defined in src/errors.ts:37
    • @@ -63,7 +63,7 @@
    details: Returns InvalidJWTError
    +
  • Defined in src/errors.ts:38

    • Properties

    @@ -71,13 +71,13 @@

    errorerror: string

    +
  • Defined in src/errors.ts:2

    • Optional error_description

    error_description?: string
    +
  • Defined in src/errors.ts:4

    • message

    message: string
    +
  • Defined in src/helpers/state_manager/local_storage.ts:3
    • @@ -69,7 +69,7 @@
    prefix: Returns LocalStorageStateStore<T>
    +
  • Defined in src/helpers/state_manager/local_storage.ts:4

    • Properties

    @@ -77,7 +77,7 @@

    prefixprefix: string

    +
  • Defined in src/helpers/state_manager/state_store.ts:6

    • Methods

    @@ -93,7 +93,7 @@
    Optional Returns Promise<void>
    +
  • Defined in src/helpers/state_manager/local_storage.ts:33

    • del

    +
  • Defined in src/helpers/state_manager/local_storage.ts:26

    • get

    +
  • Defined in src/helpers/state_manager/local_storage.ts:8

    • Optional init

    +
  • Defined in src/helpers/state_manager/state_store.ts:2

    • set

    +
  • Defined in src/helpers/state_manager/local_storage.ts:19
    • diff --git a/docs/classes/OIDCClient.html b/docs/classes/OIDCClient.html index 8287f83..8cf012d 100644 --- a/docs/classes/OIDCClient.html +++ b/docs/classes/OIDCClient.html @@ -28,7 +28,7 @@

    Hierarchy

    • OIDCClient
    +
  • Defined in src/client.ts:51
    • @@ -87,55 +87,55 @@
    options: Returns OIDCClient
    +
  • Defined in src/client.ts:84

    • Properties

    Optional accessToken

    accessToken?: string
    +
  • Defined in src/client.ts:58

    • callbacks

    callbacks: Record<string, any[]>
    +
  • Defined in src/helpers/event_emitter.ts:4

    • Optional idToken

    idToken?: string
    +
  • Defined in src/client.ts:62

    • Optional idTokenRaw

    idTokenRaw?: string
    +
  • Defined in src/client.ts:64

    • Optional issuer_metadata

    issuer_metadata?: Record<string, any>
    +
  • Defined in src/client.ts:66

    • options

    options: IPlusAuthClientOptions
    +
  • Defined in src/client.ts:52

    • Optional refreshToken

    refreshToken?: string
    +
  • Defined in src/client.ts:60

    • Optional scopes

    scopes?: string[]
    +
  • Defined in src/client.ts:56

    • Optional user

    user?: any
    +
  • Defined in src/client.ts:54

    • Methods

    @@ -153,7 +153,7 @@
    Rest Returns OIDCClient
    +
  • Defined in src/helpers/event_emitter.ts:59

    • getAccessToken

    +
  • Defined in src/client.ts:382

    • getExpiresIn

    +
  • Defined in src/client.ts:404

    • getIdToken

    +
  • Defined in src/client.ts:397

    • getIdTokenRaw

    +
  • Defined in src/client.ts:411

    • getRefreshToken

    +
  • Defined in src/client.ts:390

    • getScopes

    +
  • Defined in src/client.ts:419

    • getUser

    +
  • Defined in src/client.ts:427

    • initialize

    +
  • Defined in src/client.ts:131

    • isLoggedIn

      @@ -271,7 +271,7 @@
      localOnly: Returns Promise<boolean>
    +
  • Defined in src/client.ts:437

    • login

    +
  • Defined in src/client.ts:187

    • loginCallback

      @@ -314,7 +314,7 @@
      url: Returns Promise<undefined | Record<string, any>>
    +
  • Defined in src/client.ts:231

    • loginWithPopup

    +
  • Defined in src/client.ts:202

    • logout

    +
  • Defined in src/client.ts:288

    • off

    +
  • Defined in src/helpers/event_emitter.ts:26

    • on

    +
  • Defined in src/helpers/event_emitter.ts:20

    • once

    +
  • Defined in src/helpers/event_emitter.ts:10

    • revokeToken

    +
  • Defined in src/client.ts:306

    • silentLogin

    +
  • Defined in src/client.ts:335
    • diff --git a/docs/classes/OIDCClientError.html b/docs/classes/OIDCClientError.html index d2107f5..eb02f45 100644 --- a/docs/classes/OIDCClientError.html +++ b/docs/classes/OIDCClientError.html @@ -26,7 +26,7 @@

    Hierarchy

  • InvalidJWTError
  • InteractionCancelled
    • +
  • Defined in src/errors.ts:1
    • @@ -67,19 +67,19 @@
    Optional Returns OIDCClientError
    +
  • Defined in src/errors.ts:6

    • Properties

    error

    error: string
    +
  • Defined in src/errors.ts:2

    • Optional error_description

    error_description?: string
    +
  • Defined in src/errors.ts:4

    • message

    message: string
    +
  • Defined in src/helpers/state_manager/state_store.ts:1
    • +
  • Defined in src/helpers/state_manager/state_store.ts:5
    • @@ -70,14 +70,14 @@

    Parameters

    prefix: string = ''

    Returns StateStore<T>

    +
  • Defined in src/helpers/state_manager/state_store.ts:8

    • Properties

    prefix

    prefix: string
    +
  • Defined in src/helpers/state_manager/state_store.ts:6

    • Methods

    @@ -92,7 +92,7 @@

    Parameters

    Optional maxAge: number

    Returns Promise<void>

    +
  • Defined in src/helpers/state_manager/state_store.ts:18

    • Abstract del

      @@ -105,7 +105,7 @@

      Parameters

      key: string

    Returns Promise<void>

    +
  • Defined in src/helpers/state_manager/state_store.ts:16

    • Abstract get

      @@ -118,7 +118,7 @@

      Parameters

      key: string

    Returns Promise<null | T>

    +
  • Defined in src/helpers/state_manager/state_store.ts:12

    • Optional init

    +
  • Defined in src/helpers/state_manager/state_store.ts:2

    • Abstract set

      @@ -141,7 +141,7 @@
      key: value: T

    Returns Promise<void>

    +
  • Defined in src/helpers/state_manager/state_store.ts:14
    • diff --git a/docs/functions/default.html b/docs/functions/default.html index 075222c..e05ca89 100644 --- a/docs/functions/default.html +++ b/docs/functions/default.html @@ -30,7 +30,7 @@
    options: Returns Promise<OIDCClient>
    +
  • Defined in src/index.ts:14
    • diff --git a/docs/interfaces/AuthRequestOptions.html b/docs/interfaces/AuthRequestOptions.html index fb35850..cdfedcf 100644 --- a/docs/interfaces/AuthRequestOptions.html +++ b/docs/interfaces/AuthRequestOptions.html @@ -20,7 +20,7 @@

    Hierarchy

    • AuthRequestOptions
    +
  • Defined in src/interfaces/index.ts:9
    • @@ -60,47 +60,47 @@

    Properties

    Optional acr_values

    acr_values?: string
    +
  • Defined in src/interfaces/index.ts:10

    • Optional audience

    audience?: string
    +
  • Defined in src/interfaces/index.ts:11

    • Optional claims

    claims?: Record<string, any>
    +
  • Defined in src/interfaces/index.ts:12

    • Optional claims_locales

    claims_locales?: string
    +
  • Defined in src/interfaces/index.ts:13

    • Optional client_id

    client_id?: string
    +
  • Defined in src/interfaces/index.ts:14

    • Optional code_challenge

    code_challenge?: string
    +
  • Defined in src/interfaces/index.ts:15

    • Optional code_challenge_method

    code_challenge_method?: string
    +
  • Defined in src/interfaces/index.ts:16

    • Optional code_verifier

    code_verifier?: string
    +
  • Defined in src/interfaces/index.ts:17

    • Optional display

    display?: string
    +
  • Defined in src/interfaces/index.ts:18

    • Optional extraParams

    extraParams?: {
        [key: string]: any;
    }
    @@ -110,82 +110,82 @@

    Type declaration

  • [key: string]: any
    • +
  • Defined in src/interfaces/index.ts:19

    • Optional fragment

    fragment?: string
    +
  • Defined in src/interfaces/index.ts:20

    • Optional id_token_hint

    id_token_hint?: string
    +
  • Defined in src/interfaces/index.ts:21

    • Optional login_hint

    login_hint?: string
    +
  • Defined in src/interfaces/index.ts:22

    • Optional nonce

    nonce?: string
    +
  • Defined in src/interfaces/index.ts:23

    • Optional prompt

    prompt?: string
    +
  • Defined in src/interfaces/index.ts:24

    • Optional redirect_uri

    redirect_uri?: string
    +
  • Defined in src/interfaces/index.ts:25

    • Optional registration

    registration?: string
    +
  • Defined in src/interfaces/index.ts:26

    • Optional request_type

    request_type?: "p" | "s" | "d"
    +
  • Defined in src/interfaces/index.ts:27

    • Optional response_mode

    response_mode?: string
    +
  • Defined in src/interfaces/index.ts:28

    • Optional response_type

    response_type?: string
    +
  • Defined in src/interfaces/index.ts:29

    • Optional scope

    scope?: string
    +
  • Defined in src/interfaces/index.ts:30

    • Optional state

    state?: string
    +
  • Defined in src/interfaces/index.ts:31

    • Optional ui_locales

    ui_locales?: string
    +
  • Defined in src/interfaces/index.ts:32

    • Optional web_message_target

    web_message_target?: string
    +
  • Defined in src/interfaces/index.ts:33

    • Optional web_message_uri

    web_message_uri?: string
    +
  • Defined in src/interfaces/index.ts:34
    • diff --git a/docs/interfaces/IEndpointConfiguration.html b/docs/interfaces/IEndpointConfiguration.html index 479bdbd..7d3c31a 100644 --- a/docs/interfaces/IEndpointConfiguration.html +++ b/docs/interfaces/IEndpointConfiguration.html @@ -20,7 +20,7 @@

    Hierarchy

    • IEndpointConfiguration
    +
  • Defined in src/interfaces/index.ts:49
    • @@ -46,57 +46,57 @@

    Properties

    Optional authorization_endpoint

    authorization_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:50

    • Optional check_session_iframe

    check_session_iframe?: string
    +
  • Defined in src/interfaces/index.ts:51

    • Optional device_authorization_endpoint

    device_authorization_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:52

    • Optional end_session_endpoint

    end_session_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:53

    • Optional introspection_endpoint

    introspection_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:54

    • Optional jwks_uri

    jwks_uri?: string
    +
  • Defined in src/interfaces/index.ts:55

    • Optional mfa_endpoint

    mfa_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:56

    • Optional registration_endpoint

    registration_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:57

    • Optional revocation_endpoint

    revocation_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:58

    • Optional token_endpoint

    token_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:59

    • Optional userinfo_endpoint

    userinfo_endpoint?: string
    +
  • Defined in src/interfaces/index.ts:60
    • diff --git a/docs/interfaces/IFrameOptions.html b/docs/interfaces/IFrameOptions.html index e76ec3e..eae79c1 100644 --- a/docs/interfaces/IFrameOptions.html +++ b/docs/interfaces/IFrameOptions.html @@ -20,7 +20,7 @@

    Hierarchy

    • IFrameOptions
    +
  • Defined in src/interfaces/index.ts:173
    • @@ -37,7 +37,7 @@

    Properties

    eventOrigin

    eventOrigin: string
    +
  • Defined in src/interfaces/index.ts:174

    • Optional timeout

    timeout?: number
    @@ -48,7 +48,7 @@

    Default

    60000
    +
  • Defined in src/interfaces/index.ts:179
    • diff --git a/docs/interfaces/IPlusAuthClientOptions.html b/docs/interfaces/IPlusAuthClientOptions.html index 45dd3d9..e3e627f 100644 --- a/docs/interfaces/IPlusAuthClientOptions.html +++ b/docs/interfaces/IPlusAuthClientOptions.html @@ -23,7 +23,7 @@

    Hierarchy

    • IPlusAuthClientOptions
    +
  • Defined in src/interfaces/index.ts:63
    • @@ -84,18 +84,18 @@

    Optionalacr_values?: string

    +
  • Defined in src/interfaces/index.ts:10

    • Optional audience

    audience?: string
    +
  • Defined in src/interfaces/index.ts:11

    • Optional authStore

    authStore?: StateStore<any>
    +
  • Defined in src/interfaces/index.ts:65

    • Optional autoSilentRenew

    autoSilentRenew?: boolean
    @@ -105,7 +105,7 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:72

    • Optional checkSession

    checkSession?: boolean
    @@ -113,7 +113,7 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:76

    • Optional checkSessionInterval

    checkSessionInterval?: number
    @@ -121,30 +121,30 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:81

    • Optional claims

    claims?: Record<string, any>
    +
  • Defined in src/interfaces/index.ts:12

    • Optional claims_locales

    claims_locales?: string
    +
  • Defined in src/interfaces/index.ts:13

    • client_id

    client_id: string
    +
  • Defined in src/interfaces/index.ts:83

    • Optional client_secret

    client_secret?: string
    +
  • Defined in src/interfaces/index.ts:85

    • Optional clockSkew

    clockSkew?: number
    @@ -152,25 +152,25 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:89

    • Optional code_challenge

    code_challenge?: string
    +
  • Defined in src/interfaces/index.ts:15

    • Optional code_challenge_method

    code_challenge_method?: string
    +
  • Defined in src/interfaces/index.ts:16

    • Optional code_verifier

    code_verifier?: string
    +
  • Defined in src/interfaces/index.ts:17

    • Optional currentTimeInMillis

    currentTimeInMillis?: (() => number)
    @@ -189,18 +189,18 @@

    Type declaration

    Returns number

    +
  • Defined in src/interfaces/index.ts:97

    • Optional display

    display?: string
    +
  • Defined in src/interfaces/index.ts:18

    • Optional endpoints

    endpoints?: IEndpointConfiguration
    +
  • Defined in src/interfaces/index.ts:99

    • Optional extraLogoutParams

    extraLogoutParams?: {
        [key: string]: string;
    }
    @@ -211,7 +211,7 @@

    Type declaration

    [key: string]: string
    +
  • Defined in src/interfaces/index.ts:43

    • Optional extraParams

    extraParams?: {
        [key: string]: any;
    }
    @@ -222,13 +222,13 @@

    Type declaration

    [key: string]: any
    +
  • Defined in src/interfaces/index.ts:19

    • Optional fragment

    fragment?: string
    +
  • Defined in src/interfaces/index.ts:20

    • Optional httpClient

    httpClient?: ((options) => Promise<any>)
    @@ -246,7 +246,7 @@

    Parameters

    options: RequestOptions

    Returns Promise<any>

    +
  • Defined in src/interfaces/index.ts:101

    • Optional idTokenValidator

    idTokenValidator?: ((idToken) => Promise<boolean>)
    @@ -271,30 +271,30 @@
    idToken: Returns Promise<boolean>
    +
  • Defined in src/interfaces/index.ts:108

    • Optional id_token_hint

    id_token_hint?: string
    +
  • Defined in src/interfaces/index.ts:21

    • issuer

    issuer: string
    +
  • Defined in src/interfaces/index.ts:109

    • Optional login_hint

    login_hint?: string
    +
  • Defined in src/interfaces/index.ts:22

    • Optional nonce

    nonce?: string
    +
  • Defined in src/interfaces/index.ts:23

    • Optional nonceLength

    nonceLength?: number
    @@ -305,31 +305,31 @@

    Default

    10
    +
  • Defined in src/interfaces/index.ts:115

    • Optional post_logout_redirect_uri

    post_logout_redirect_uri?: string
    +
  • Defined in src/interfaces/index.ts:46

    • Optional prompt

    prompt?: string
    +
  • Defined in src/interfaces/index.ts:24

    • Optional redirect_uri

    redirect_uri?: string
    +
  • Defined in src/interfaces/index.ts:25

    • Optional registration

    registration?: string
    +
  • Defined in src/interfaces/index.ts:26

    • Optional requestUserInfo

    requestUserInfo?: boolean
    @@ -339,25 +339,25 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:122

    • Optional response_mode

    response_mode?: string
    +
  • Defined in src/interfaces/index.ts:28

    • Optional response_type

    response_type?: string
    +
  • Defined in src/interfaces/index.ts:29

    • Optional scope

    scope?: string
    +
  • Defined in src/interfaces/index.ts:30

    • Optional secondsToRefreshAccessTokenBeforeExp

    secondsToRefreshAccessTokenBeforeExp?: number
    @@ -365,7 +365,7 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:127

    • Optional silentRequestTimeout

    silentRequestTimeout?: number
    @@ -373,18 +373,18 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:132

    • Optional silent_redirect_uri

    silent_redirect_uri?: string
    +
  • Defined in src/interfaces/index.ts:134

    • Optional state

    state?: string
    +
  • Defined in src/interfaces/index.ts:31

    • Optional stateLength

    stateLength?: number
    @@ -395,7 +395,7 @@

    Default

    10
    +
  • Defined in src/interfaces/index.ts:140

    • Optional stateStore

    stateStore?: StateStore<any>
    @@ -403,13 +403,13 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:144

    • Optional ui_locales

    ui_locales?: string
    +
  • Defined in src/interfaces/index.ts:32

    • Optional useRefreshToken

    useRefreshToken?: boolean
    @@ -418,19 +418,19 @@

    Optional

    +
  • Defined in src/interfaces/index.ts:149

    • Optional web_message_target

    web_message_target?: string
    +
  • Defined in src/interfaces/index.ts:33

    • Optional web_message_uri

    web_message_uri?: string
    +
  • Defined in src/interfaces/index.ts:34
    • diff --git a/docs/interfaces/JWTValidationOptions.html b/docs/interfaces/JWTValidationOptions.html index 5d52775..c778844 100644 --- a/docs/interfaces/JWTValidationOptions.html +++ b/docs/interfaces/JWTValidationOptions.html @@ -20,7 +20,7 @@

    Hierarchy

    • JWTValidationOptions
    +
  • Defined in src/interfaces/index.ts:207
    • @@ -40,17 +40,17 @@

    Properties

    Optional audience

    audience?: string
    +
  • Defined in src/interfaces/index.ts:208

    • client_id

    client_id: string
    +
  • Defined in src/interfaces/index.ts:209

    • Optional clockSkew

    clockSkew?: number
    +
  • Defined in src/interfaces/index.ts:210

    • Optional currentTimeInMillis

    currentTimeInMillis?: (() => number)
    @@ -63,12 +63,12 @@

    Type declaration

  • Returns number

    • +
  • Defined in src/interfaces/index.ts:211

    • issuer

    issuer: string
    +
  • Defined in src/interfaces/index.ts:212
    • diff --git a/docs/interfaces/LogoutRequestOptions.html b/docs/interfaces/LogoutRequestOptions.html index 4224883..c1765a8 100644 --- a/docs/interfaces/LogoutRequestOptions.html +++ b/docs/interfaces/LogoutRequestOptions.html @@ -20,7 +20,7 @@

    Hierarchy

    • LogoutRequestOptions
    +
  • Defined in src/interfaces/index.ts:42
    • @@ -44,22 +44,22 @@

    Type declaration

  • [key: string]: string
    • +
  • Defined in src/interfaces/index.ts:43

    • Optional id_token_hint

    id_token_hint?: string
    +
  • Defined in src/interfaces/index.ts:44

    • Optional localOnly

    localOnly?: boolean
    +
  • Defined in src/interfaces/index.ts:45

    • Optional post_logout_redirect_uri

    post_logout_redirect_uri?: string
    +
  • Defined in src/interfaces/index.ts:46
    • diff --git a/docs/interfaces/ParsedJWT.html b/docs/interfaces/ParsedJWT.html index b2df7b2..e0d08eb 100644 --- a/docs/interfaces/ParsedJWT.html +++ b/docs/interfaces/ParsedJWT.html @@ -20,7 +20,7 @@

    Hierarchy

    • ParsedJWT
    +
  • Defined in src/interfaces/index.ts:183
    • @@ -38,17 +38,17 @@

    Properties

    header

    header: Partial<Record<JWTHeaderField, any>>
    +
  • Defined in src/interfaces/index.ts:184

    • payload

    payload: Readonly<Record<"nonce" | "exp" | "iss" | "aud" | "nbf" | "iat" | "jti" | "azp" | "auth_time" | "at_hash" | "c_hash" | "acr" | "amr" | "sub_jwk" | "cnf" | "sip_from_tag" | "sip_date" | "sip_callid" | "sip_cseq_num" | "sip_via_branch" | "orig" | "dest" | "mky" | "events" | "toe" | "txn" | "rph" | "sid" | "vot" | "vtm" | "attest" | "origid" | "act" | "scope" | "client_id" | "may_act" | "jcard" | "at_use_nbr", string | number>>
    +
  • Defined in src/interfaces/index.ts:185

    • Optional signature

    signature?: string
    +
  • Defined in src/interfaces/index.ts:186
    • diff --git a/docs/interfaces/PopupOptions.html b/docs/interfaces/PopupOptions.html index 8d214cf..bf995c4 100644 --- a/docs/interfaces/PopupOptions.html +++ b/docs/interfaces/PopupOptions.html @@ -20,7 +20,7 @@

    Hierarchy

    • PopupOptions
    +
  • Defined in src/interfaces/index.ts:164
    • @@ -37,7 +37,7 @@

    Properties

    Optional popup

    popup?: null | Window
    +
  • Defined in src/interfaces/index.ts:165

    • Optional timeout

    timeout?: number
    @@ -48,7 +48,7 @@

    Default

    60000
    +
  • Defined in src/interfaces/index.ts:170
    • diff --git a/docs/interfaces/RevokeOptions.html b/docs/interfaces/RevokeOptions.html index 73c23a9..84a00e3 100644 --- a/docs/interfaces/RevokeOptions.html +++ b/docs/interfaces/RevokeOptions.html @@ -20,7 +20,7 @@

    Hierarchy

    • RevokeOptions
    +
  • Defined in src/interfaces/index.ts:191
    • @@ -37,12 +37,12 @@

    Properties

    Optional client_id

    client_id?: string
    +
  • Defined in src/interfaces/index.ts:192

    • Optional client_secret

    client_secret?: string
    +
  • Defined in src/interfaces/index.ts:193
    • diff --git a/docs/interfaces/SessionCheckerOptions.html b/docs/interfaces/SessionCheckerOptions.html index c9bcd0f..cd45cae 100644 --- a/docs/interfaces/SessionCheckerOptions.html +++ b/docs/interfaces/SessionCheckerOptions.html @@ -20,7 +20,7 @@

    Hierarchy

    • SessionCheckerOptions
    +
  • Defined in src/interfaces/index.ts:215
    • @@ -52,22 +52,22 @@

    Parameters

    Rest ...args: any

    Returns void

    +
  • Defined in src/interfaces/index.ts:216

    • Optional checkInterval

    checkInterval?: number
    +
  • Defined in src/interfaces/index.ts:217

    • client_id

    client_id: string
    +
  • Defined in src/interfaces/index.ts:218

    • url

    url: string
    +
  • Defined in src/interfaces/index.ts:219
    • diff --git a/docs/interfaces/SessionMonitorOptions.html b/docs/interfaces/SessionMonitorOptions.html index f578dbe..1d36c61 100644 --- a/docs/interfaces/SessionMonitorOptions.html +++ b/docs/interfaces/SessionMonitorOptions.html @@ -20,7 +20,7 @@

    Hierarchy

    • SessionMonitorOptions
    +
  • Defined in src/interfaces/index.ts:37
    • @@ -37,12 +37,12 @@

    Properties

    session_state

    session_state: string
    +
  • Defined in src/interfaces/index.ts:38

    • sub

    sub: string
    +
  • Defined in src/interfaces/index.ts:39
    • diff --git a/docs/interfaces/TokenRequestOption.html b/docs/interfaces/TokenRequestOption.html index 13cea02..4621a8c 100644 --- a/docs/interfaces/TokenRequestOption.html +++ b/docs/interfaces/TokenRequestOption.html @@ -20,7 +20,7 @@

    Hierarchy

    • TokenRequestOption
    +
  • Defined in src/interfaces/index.ts:152
    • @@ -44,47 +44,47 @@

    Properties

    Optional client_id

    client_id?: string
    +
  • Defined in src/interfaces/index.ts:153

    • Optional client_secret

    client_secret?: string
    +
  • Defined in src/interfaces/index.ts:154

    • Optional code

    code?: string
    +
  • Defined in src/interfaces/index.ts:155

    • Optional code_verifier

    code_verifier?: string
    +
  • Defined in src/interfaces/index.ts:156

    • Optional extraTokenHeaders

    extraTokenHeaders?: Record<string, string>
    +
  • Defined in src/interfaces/index.ts:157

    • Optional extraTokenParams

    extraTokenParams?: Record<string, string>
    +
  • Defined in src/interfaces/index.ts:158

    • Optional grant_type

    grant_type?: string
    +
  • Defined in src/interfaces/index.ts:159

    • Optional redirect_uri

    redirect_uri?: string
    +
  • Defined in src/interfaces/index.ts:160

    • Optional refresh_token

    refresh_token?: string
    +
  • Defined in src/interfaces/index.ts:161
    • diff --git a/docs/interfaces/TokenResponse.html b/docs/interfaces/TokenResponse.html index 11a12bb..8e17672 100644 --- a/docs/interfaces/TokenResponse.html +++ b/docs/interfaces/TokenResponse.html @@ -20,7 +20,7 @@

    Hierarchy

    • TokenResponse
    +
  • Defined in src/interfaces/index.ts:196
    • @@ -43,42 +43,42 @@

    Properties

    Optional access_token

    access_token?: string
    +
  • Defined in src/interfaces/index.ts:197

    • Optional error

    error?: string
    +
  • Defined in src/interfaces/index.ts:198

    • Optional error_description

    error_description?: string
    +
  • Defined in src/interfaces/index.ts:199

    • Optional expires_in

    expires_in?: number
    +
  • Defined in src/interfaces/index.ts:200

    • Optional id_token

    id_token?: string
    +
  • Defined in src/interfaces/index.ts:201

    • Optional refresh_token

    refresh_token?: string
    +
  • Defined in src/interfaces/index.ts:202

    • Optional scope

    scope?: string
    +
  • Defined in src/interfaces/index.ts:203

    • Optional session_state

    session_state?: string
    +
  • Defined in src/interfaces/index.ts:204
    • diff --git a/docs/variables/Events.html b/docs/variables/Events.html index 2d7b64e..23cd714 100644 --- a/docs/variables/Events.html +++ b/docs/variables/Events.html @@ -30,7 +30,7 @@
    Readonly
    Readonly USER_LOGOUT: "user_logout"
    +
  • Defined in src/constants/events.ts:2
    • diff --git a/package.json b/package.json index ba2469a..e71edbc 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@plusauth/oidc-client-js", "description": "OpenID Connect (OIDC) and OAuth2 library for browser based JavaScript applications.", - "version": "1.4.0", + "version": "1.4.1", "homepage": "https://github.com/PlusAuth/oidc-client-js", "license": "MIT", "main": "./dist/oidc-client.esm.js",