@aaronsb/kg-cli 0.6.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +112 -0
- package/dist/api/client.d.ts +867 -0
- package/dist/api/client.d.ts.map +1 -0
- package/dist/api/client.js +1362 -0
- package/dist/api/client.js.map +1 -0
- package/dist/cli/admin/backup.d.ts +9 -0
- package/dist/cli/admin/backup.d.ts.map +1 -0
- package/dist/cli/admin/backup.js +363 -0
- package/dist/cli/admin/backup.js.map +1 -0
- package/dist/cli/admin/index.d.ts +7 -0
- package/dist/cli/admin/index.d.ts.map +1 -0
- package/dist/cli/admin/index.js +52 -0
- package/dist/cli/admin/index.js.map +1 -0
- package/dist/cli/admin/scheduler.d.ts +7 -0
- package/dist/cli/admin/scheduler.d.ts.map +1 -0
- package/dist/cli/admin/scheduler.js +125 -0
- package/dist/cli/admin/scheduler.js.map +1 -0
- package/dist/cli/admin/status.d.ts +7 -0
- package/dist/cli/admin/status.d.ts.map +1 -0
- package/dist/cli/admin/status.js +134 -0
- package/dist/cli/admin/status.js.map +1 -0
- package/dist/cli/admin/utils.d.ts +34 -0
- package/dist/cli/admin/utils.d.ts.map +1 -0
- package/dist/cli/admin/utils.js +441 -0
- package/dist/cli/admin/utils.js.map +1 -0
- package/dist/cli/ai-config/embedding.d.ts +11 -0
- package/dist/cli/ai-config/embedding.d.ts.map +1 -0
- package/dist/cli/ai-config/embedding.js +598 -0
- package/dist/cli/ai-config/embedding.js.map +1 -0
- package/dist/cli/ai-config/extraction.d.ts +11 -0
- package/dist/cli/ai-config/extraction.d.ts.map +1 -0
- package/dist/cli/ai-config/extraction.js +206 -0
- package/dist/cli/ai-config/extraction.js.map +1 -0
- package/dist/cli/ai-config/index.d.ts +21 -0
- package/dist/cli/ai-config/index.d.ts.map +1 -0
- package/dist/cli/ai-config/index.js +27 -0
- package/dist/cli/ai-config/index.js.map +1 -0
- package/dist/cli/ai-config/keys.d.ts +11 -0
- package/dist/cli/ai-config/keys.d.ts.map +1 -0
- package/dist/cli/ai-config/keys.js +182 -0
- package/dist/cli/ai-config/keys.js.map +1 -0
- package/dist/cli/ai-config/utils.d.ts +13 -0
- package/dist/cli/ai-config/utils.d.ts.map +1 -0
- package/dist/cli/ai-config/utils.js +84 -0
- package/dist/cli/ai-config/utils.js.map +1 -0
- package/dist/cli/artifact.d.ts +8 -0
- package/dist/cli/artifact.d.ts.map +1 -0
- package/dist/cli/artifact.js +296 -0
- package/dist/cli/artifact.js.map +1 -0
- package/dist/cli/auth-admin.d.ts +11 -0
- package/dist/cli/auth-admin.d.ts.map +1 -0
- package/dist/cli/auth-admin.js +415 -0
- package/dist/cli/auth-admin.js.map +1 -0
- package/dist/cli/colors.d.ts +105 -0
- package/dist/cli/colors.d.ts.map +1 -0
- package/dist/cli/colors.js +164 -0
- package/dist/cli/colors.js.map +1 -0
- package/dist/cli/commands.d.ts +6 -0
- package/dist/cli/commands.d.ts.map +1 -0
- package/dist/cli/commands.js +164 -0
- package/dist/cli/commands.js.map +1 -0
- package/dist/cli/config.d.ts +6 -0
- package/dist/cli/config.d.ts.map +1 -0
- package/dist/cli/config.js +694 -0
- package/dist/cli/config.js.map +1 -0
- package/dist/cli/curve-viz.d.ts +89 -0
- package/dist/cli/curve-viz.d.ts.map +1 -0
- package/dist/cli/curve-viz.js +228 -0
- package/dist/cli/curve-viz.js.map +1 -0
- package/dist/cli/database.d.ts +6 -0
- package/dist/cli/database.d.ts.map +1 -0
- package/dist/cli/database.js +324 -0
- package/dist/cli/database.js.map +1 -0
- package/dist/cli/document.d.ts +6 -0
- package/dist/cli/document.d.ts.map +1 -0
- package/dist/cli/document.js +458 -0
- package/dist/cli/document.js.map +1 -0
- package/dist/cli/group.d.ts +8 -0
- package/dist/cli/group.d.ts.map +1 -0
- package/dist/cli/group.js +174 -0
- package/dist/cli/group.js.map +1 -0
- package/dist/cli/health.d.ts +6 -0
- package/dist/cli/health.d.ts.map +1 -0
- package/dist/cli/health.js +34 -0
- package/dist/cli/health.js.map +1 -0
- package/dist/cli/help-formatter.d.ts +16 -0
- package/dist/cli/help-formatter.d.ts.map +1 -0
- package/dist/cli/help-formatter.js +248 -0
- package/dist/cli/help-formatter.js.map +1 -0
- package/dist/cli/help.d.ts +9 -0
- package/dist/cli/help.d.ts.map +1 -0
- package/dist/cli/help.js +227 -0
- package/dist/cli/help.js.map +1 -0
- package/dist/cli/ingest.d.ts +6 -0
- package/dist/cli/ingest.d.ts.map +1 -0
- package/dist/cli/ingest.js +722 -0
- package/dist/cli/ingest.js.map +1 -0
- package/dist/cli/jobs.d.ts +6 -0
- package/dist/cli/jobs.d.ts.map +1 -0
- package/dist/cli/jobs.js +663 -0
- package/dist/cli/jobs.js.map +1 -0
- package/dist/cli/login.d.ts +21 -0
- package/dist/cli/login.d.ts.map +1 -0
- package/dist/cli/login.js +221 -0
- package/dist/cli/login.js.map +1 -0
- package/dist/cli/logout.d.ts +16 -0
- package/dist/cli/logout.d.ts.map +1 -0
- package/dist/cli/logout.js +141 -0
- package/dist/cli/logout.js.map +1 -0
- package/dist/cli/mcp-config.d.ts +10 -0
- package/dist/cli/mcp-config.d.ts.map +1 -0
- package/dist/cli/mcp-config.js +358 -0
- package/dist/cli/mcp-config.js.map +1 -0
- package/dist/cli/oauth.d.ts +15 -0
- package/dist/cli/oauth.d.ts.map +1 -0
- package/dist/cli/oauth.js +296 -0
- package/dist/cli/oauth.js.map +1 -0
- package/dist/cli/ontology.d.ts +6 -0
- package/dist/cli/ontology.d.ts.map +1 -0
- package/dist/cli/ontology.js +231 -0
- package/dist/cli/ontology.js.map +1 -0
- package/dist/cli/polarity.d.ts +6 -0
- package/dist/cli/polarity.d.ts.map +1 -0
- package/dist/cli/polarity.js +295 -0
- package/dist/cli/polarity.js.map +1 -0
- package/dist/cli/projection.d.ts +8 -0
- package/dist/cli/projection.d.ts.map +1 -0
- package/dist/cli/projection.js +297 -0
- package/dist/cli/projection.js.map +1 -0
- package/dist/cli/query-def.d.ts +8 -0
- package/dist/cli/query-def.d.ts.map +1 -0
- package/dist/cli/query-def.js +163 -0
- package/dist/cli/query-def.js.map +1 -0
- package/dist/cli/rbac.d.ts +12 -0
- package/dist/cli/rbac.d.ts.map +1 -0
- package/dist/cli/rbac.js +615 -0
- package/dist/cli/rbac.js.map +1 -0
- package/dist/cli/search.d.ts +6 -0
- package/dist/cli/search.d.ts.map +1 -0
- package/dist/cli/search.js +829 -0
- package/dist/cli/search.js.map +1 -0
- package/dist/cli/source.d.ts +6 -0
- package/dist/cli/source.d.ts.map +1 -0
- package/dist/cli/source.js +202 -0
- package/dist/cli/source.js.map +1 -0
- package/dist/cli/verb-router.d.ts +25 -0
- package/dist/cli/verb-router.d.ts.map +1 -0
- package/dist/cli/verb-router.js +415 -0
- package/dist/cli/verb-router.js.map +1 -0
- package/dist/cli/vocabulary/config.d.ts +7 -0
- package/dist/cli/vocabulary/config.d.ts.map +1 -0
- package/dist/cli/vocabulary/config.js +201 -0
- package/dist/cli/vocabulary/config.js.map +1 -0
- package/dist/cli/vocabulary/consolidate.d.ts +8 -0
- package/dist/cli/vocabulary/consolidate.d.ts.map +1 -0
- package/dist/cli/vocabulary/consolidate.js +192 -0
- package/dist/cli/vocabulary/consolidate.js.map +1 -0
- package/dist/cli/vocabulary/embeddings.d.ts +9 -0
- package/dist/cli/vocabulary/embeddings.d.ts.map +1 -0
- package/dist/cli/vocabulary/embeddings.js +205 -0
- package/dist/cli/vocabulary/embeddings.js.map +1 -0
- package/dist/cli/vocabulary/epistemic.d.ts +7 -0
- package/dist/cli/vocabulary/epistemic.d.ts.map +1 -0
- package/dist/cli/vocabulary/epistemic.js +315 -0
- package/dist/cli/vocabulary/epistemic.js.map +1 -0
- package/dist/cli/vocabulary/index.d.ts +7 -0
- package/dist/cli/vocabulary/index.d.ts.map +1 -0
- package/dist/cli/vocabulary/index.js +45 -0
- package/dist/cli/vocabulary/index.js.map +1 -0
- package/dist/cli/vocabulary/profiles.d.ts +7 -0
- package/dist/cli/vocabulary/profiles.d.ts.map +1 -0
- package/dist/cli/vocabulary/profiles.js +171 -0
- package/dist/cli/vocabulary/profiles.js.map +1 -0
- package/dist/cli/vocabulary/similarity.d.ts +9 -0
- package/dist/cli/vocabulary/similarity.d.ts.map +1 -0
- package/dist/cli/vocabulary/similarity.js +199 -0
- package/dist/cli/vocabulary/similarity.js.map +1 -0
- package/dist/cli/vocabulary/status.d.ts +8 -0
- package/dist/cli/vocabulary/status.d.ts.map +1 -0
- package/dist/cli/vocabulary/status.js +280 -0
- package/dist/cli/vocabulary/status.js.map +1 -0
- package/dist/cli/vocabulary/sync.d.ts +7 -0
- package/dist/cli/vocabulary/sync.d.ts.map +1 -0
- package/dist/cli/vocabulary/sync.js +111 -0
- package/dist/cli/vocabulary/sync.js.map +1 -0
- package/dist/index.d.ts +9 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +16 -0
- package/dist/index.js.map +1 -0
- package/dist/lib/auth/auth-client.d.ts +247 -0
- package/dist/lib/auth/auth-client.d.ts.map +1 -0
- package/dist/lib/auth/auth-client.js +305 -0
- package/dist/lib/auth/auth-client.js.map +1 -0
- package/dist/lib/auth/challenge.d.ts +39 -0
- package/dist/lib/auth/challenge.d.ts.map +1 -0
- package/dist/lib/auth/challenge.js +125 -0
- package/dist/lib/auth/challenge.js.map +1 -0
- package/dist/lib/auth/client-credentials-flow.d.ts +58 -0
- package/dist/lib/auth/client-credentials-flow.d.ts.map +1 -0
- package/dist/lib/auth/client-credentials-flow.js +118 -0
- package/dist/lib/auth/client-credentials-flow.js.map +1 -0
- package/dist/lib/auth/device-flow.d.ts +75 -0
- package/dist/lib/auth/device-flow.d.ts.map +1 -0
- package/dist/lib/auth/device-flow.js +177 -0
- package/dist/lib/auth/device-flow.js.map +1 -0
- package/dist/lib/auth/index.d.ts +14 -0
- package/dist/lib/auth/index.d.ts.map +1 -0
- package/dist/lib/auth/index.js +34 -0
- package/dist/lib/auth/index.js.map +1 -0
- package/dist/lib/auth/oauth-types.d.ts +69 -0
- package/dist/lib/auth/oauth-types.d.ts.map +1 -0
- package/dist/lib/auth/oauth-types.js +10 -0
- package/dist/lib/auth/oauth-types.js.map +1 -0
- package/dist/lib/auth/oauth-utils.d.ts +51 -0
- package/dist/lib/auth/oauth-utils.d.ts.map +1 -0
- package/dist/lib/auth/oauth-utils.js +110 -0
- package/dist/lib/auth/oauth-utils.js.map +1 -0
- package/dist/lib/auth/token-manager.d.ts +87 -0
- package/dist/lib/auth/token-manager.d.ts.map +1 -0
- package/dist/lib/auth/token-manager.js +139 -0
- package/dist/lib/auth/token-manager.js.map +1 -0
- package/dist/lib/auth/token-refresh.d.ts +63 -0
- package/dist/lib/auth/token-refresh.d.ts.map +1 -0
- package/dist/lib/auth/token-refresh.js +141 -0
- package/dist/lib/auth/token-refresh.js.map +1 -0
- package/dist/lib/config.d.ts +286 -0
- package/dist/lib/config.d.ts.map +1 -0
- package/dist/lib/config.js +537 -0
- package/dist/lib/config.js.map +1 -0
- package/dist/lib/job-stream.d.ts +53 -0
- package/dist/lib/job-stream.d.ts.map +1 -0
- package/dist/lib/job-stream.js +153 -0
- package/dist/lib/job-stream.js.map +1 -0
- package/dist/lib/mcp-allowlist.d.ts +101 -0
- package/dist/lib/mcp-allowlist.d.ts.map +1 -0
- package/dist/lib/mcp-allowlist.js +340 -0
- package/dist/lib/mcp-allowlist.js.map +1 -0
- package/dist/lib/table-example.d.ts +7 -0
- package/dist/lib/table-example.d.ts.map +1 -0
- package/dist/lib/table-example.js +105 -0
- package/dist/lib/table-example.js.map +1 -0
- package/dist/lib/table.d.ts +95 -0
- package/dist/lib/table.d.ts.map +1 -0
- package/dist/lib/table.js +263 -0
- package/dist/lib/table.js.map +1 -0
- package/dist/lib/terminal-images.d.ts +66 -0
- package/dist/lib/terminal-images.d.ts.map +1 -0
- package/dist/lib/terminal-images.js +268 -0
- package/dist/lib/terminal-images.js.map +1 -0
- package/dist/mcp/formatters.d.ts +100 -0
- package/dist/mcp/formatters.d.ts.map +1 -0
- package/dist/mcp/formatters.js +1411 -0
- package/dist/mcp/formatters.js.map +1 -0
- package/dist/mcp-server.d.ts +9 -0
- package/dist/mcp-server.d.ts.map +1 -0
- package/dist/mcp-server.js +1810 -0
- package/dist/mcp-server.js.map +1 -0
- package/dist/types/index.d.ts +742 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +6 -0
- package/dist/types/index.js.map +1 -0
- package/dist/version.d.ts +10 -0
- package/dist/version.d.ts.map +1 -0
- package/dist/version.js +13 -0
- package/dist/version.js.map +1 -0
- package/package.json +84 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-manager.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/token-manager.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,MAAM,WAAW,SAAS;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,qBAAa,YAAY;IACX,OAAO,CAAC,MAAM;gBAAN,MAAM,EAAE,aAAa;IAEzC;;;;OAIG;IACH,UAAU,CAAC,SAAS,EAAE,SAAS,GAAG,IAAI;IAWtC;;;;OAIG;IACH,QAAQ,IAAI,SAAS,GAAG,IAAI;IAsB5B;;;;;OAKG;IACH,cAAc,CAAC,SAAS,EAAE,SAAS,GAAG,OAAO;IAO7C;;OAEG;IACH,UAAU,IAAI,IAAI;IAIlB;;;;OAIG;IACH,UAAU,IAAI,OAAO;IAIrB;;;;OAIG;IACH,WAAW,IAAI,MAAM,GAAG,IAAI;IAK5B;;;;OAIG;IACH,OAAO,IAAI,MAAM,GAAG,IAAI;IAKxB;;;;OAIG;IACH,mBAAmB,IAAI,MAAM,GAAG,IAAI;IAUpC;;;;OAIG;IACH,yBAAyB,IAAI,MAAM,GAAG,IAAI;IAY1C;;;;;OAKG;IACH,MAAM,CAAC,iBAAiB,CAAC,aAAa,EAAE;QACtC,YAAY,EAAE,MAAM,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;QACnB,UAAU,EAAE,MAAM,CAAC;QACnB,IAAI,EAAE;YACJ,QAAQ,EAAE,MAAM,CAAC;YACjB,IAAI,EAAE,MAAM,CAAC;SACd,CAAC;KACH,GAAG,SAAS;CAWd"}
|
|
@@ -0,0 +1,139 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Token Manager
|
|
4
|
+
*
|
|
5
|
+
* Manages JWT token lifecycle: storage, retrieval, validation, expiration.
|
|
6
|
+
* Tokens are stored in the user's config file (~/.config/kg/config.json).
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.TokenManager = void 0;
|
|
10
|
+
class TokenManager {
|
|
11
|
+
constructor(config) {
|
|
12
|
+
this.config = config;
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* Store JWT token with metadata
|
|
16
|
+
*
|
|
17
|
+
* @param tokenInfo Token information including access token, expiration, user details
|
|
18
|
+
*/
|
|
19
|
+
storeToken(tokenInfo) {
|
|
20
|
+
this.config.set('auth.token', tokenInfo.access_token);
|
|
21
|
+
this.config.set('auth.token_type', tokenInfo.token_type);
|
|
22
|
+
this.config.set('auth.expires_at', tokenInfo.expires_at);
|
|
23
|
+
this.config.set('auth.username', tokenInfo.username);
|
|
24
|
+
this.config.set('auth.role', tokenInfo.role);
|
|
25
|
+
// Also update top-level username for backwards compatibility
|
|
26
|
+
this.config.set('username', tokenInfo.username);
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Retrieve stored token (returns null if expired or not found)
|
|
30
|
+
*
|
|
31
|
+
* @returns Token information or null if not authenticated
|
|
32
|
+
*/
|
|
33
|
+
getToken() {
|
|
34
|
+
const token = this.config.get('auth.token');
|
|
35
|
+
if (!token) {
|
|
36
|
+
return null;
|
|
37
|
+
}
|
|
38
|
+
const tokenInfo = {
|
|
39
|
+
access_token: token,
|
|
40
|
+
token_type: this.config.get('auth.token_type') || 'bearer',
|
|
41
|
+
expires_at: this.config.get('auth.expires_at') || 0,
|
|
42
|
+
username: this.config.get('auth.username') || '',
|
|
43
|
+
role: this.config.get('auth.role') || ''
|
|
44
|
+
};
|
|
45
|
+
// Check if token is expired (with 5-minute buffer)
|
|
46
|
+
if (this.isTokenExpired(tokenInfo)) {
|
|
47
|
+
return null;
|
|
48
|
+
}
|
|
49
|
+
return tokenInfo;
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Check if token is expired (with 5-minute buffer for safety)
|
|
53
|
+
*
|
|
54
|
+
* @param tokenInfo Token information to check
|
|
55
|
+
* @returns true if token is expired or will expire within 5 minutes
|
|
56
|
+
*/
|
|
57
|
+
isTokenExpired(tokenInfo) {
|
|
58
|
+
const now = Math.floor(Date.now() / 1000);
|
|
59
|
+
const BUFFER_SECONDS = 5 * 60; // 5-minute buffer
|
|
60
|
+
return tokenInfo.expires_at <= now + BUFFER_SECONDS;
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Clear stored token (logout)
|
|
64
|
+
*/
|
|
65
|
+
clearToken() {
|
|
66
|
+
this.config.delete('auth');
|
|
67
|
+
}
|
|
68
|
+
/**
|
|
69
|
+
* Check if user is logged in (valid token exists)
|
|
70
|
+
*
|
|
71
|
+
* @returns true if user has a valid, non-expired token
|
|
72
|
+
*/
|
|
73
|
+
isLoggedIn() {
|
|
74
|
+
return this.getToken() !== null;
|
|
75
|
+
}
|
|
76
|
+
/**
|
|
77
|
+
* Get current username from token
|
|
78
|
+
*
|
|
79
|
+
* @returns Username or null if not logged in
|
|
80
|
+
*/
|
|
81
|
+
getUsername() {
|
|
82
|
+
const tokenInfo = this.getToken();
|
|
83
|
+
return tokenInfo ? tokenInfo.username : null;
|
|
84
|
+
}
|
|
85
|
+
/**
|
|
86
|
+
* Get current user role from token
|
|
87
|
+
*
|
|
88
|
+
* @returns User role or null if not logged in
|
|
89
|
+
*/
|
|
90
|
+
getRole() {
|
|
91
|
+
const tokenInfo = this.getToken();
|
|
92
|
+
return tokenInfo ? tokenInfo.role : null;
|
|
93
|
+
}
|
|
94
|
+
/**
|
|
95
|
+
* Get token expiration time as a human-readable string
|
|
96
|
+
*
|
|
97
|
+
* @returns Formatted expiration time or null if not logged in
|
|
98
|
+
*/
|
|
99
|
+
getExpirationString() {
|
|
100
|
+
const tokenInfo = this.getToken();
|
|
101
|
+
if (!tokenInfo) {
|
|
102
|
+
return null;
|
|
103
|
+
}
|
|
104
|
+
const expiresAt = new Date(tokenInfo.expires_at * 1000);
|
|
105
|
+
return expiresAt.toLocaleString();
|
|
106
|
+
}
|
|
107
|
+
/**
|
|
108
|
+
* Get minutes until token expiration
|
|
109
|
+
*
|
|
110
|
+
* @returns Minutes until expiration or null if not logged in
|
|
111
|
+
*/
|
|
112
|
+
getMinutesUntilExpiration() {
|
|
113
|
+
const tokenInfo = this.getToken();
|
|
114
|
+
if (!tokenInfo) {
|
|
115
|
+
return null;
|
|
116
|
+
}
|
|
117
|
+
const now = Math.floor(Date.now() / 1000);
|
|
118
|
+
const secondsUntilExpiration = tokenInfo.expires_at - now;
|
|
119
|
+
return Math.floor(secondsUntilExpiration / 60);
|
|
120
|
+
}
|
|
121
|
+
/**
|
|
122
|
+
* Create TokenInfo from login response
|
|
123
|
+
*
|
|
124
|
+
* @param loginResponse Response from /auth/login endpoint
|
|
125
|
+
* @returns TokenInfo object ready to be stored
|
|
126
|
+
*/
|
|
127
|
+
static fromLoginResponse(loginResponse) {
|
|
128
|
+
const now = Math.floor(Date.now() / 1000);
|
|
129
|
+
return {
|
|
130
|
+
access_token: loginResponse.access_token,
|
|
131
|
+
token_type: loginResponse.token_type,
|
|
132
|
+
expires_at: now + loginResponse.expires_in,
|
|
133
|
+
username: loginResponse.user.username,
|
|
134
|
+
role: loginResponse.user.role
|
|
135
|
+
};
|
|
136
|
+
}
|
|
137
|
+
}
|
|
138
|
+
exports.TokenManager = TokenManager;
|
|
139
|
+
//# sourceMappingURL=token-manager.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-manager.js","sourceRoot":"","sources":["../../../src/lib/auth/token-manager.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAYH,MAAa,YAAY;IACvB,YAAoB,MAAqB;QAArB,WAAM,GAAN,MAAM,CAAe;IAAG,CAAC;IAE7C;;;;OAIG;IACH,UAAU,CAAC,SAAoB;QAC7B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC;QACtD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,iBAAiB,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC;QACzD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,iBAAiB,EAAE,SAAS,CAAC,UAAU,CAAC,CAAC;QACzD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC;QACrD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;QAE7C,6DAA6D;QAC7D,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,UAAU,EAAE,SAAS,CAAC,QAAQ,CAAC,CAAC;IAClD,CAAC;IAED;;;;OAIG;IACH,QAAQ;QACN,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC5C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAc;YAC3B,YAAY,EAAE,KAAK;YACnB,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,QAAQ;YAC1D,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,CAAC;YACnD,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE;YAChD,IAAI,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE;SACzC,CAAC;QAEF,mDAAmD;QACnD,IAAI,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;OAKG;IACH,cAAc,CAAC,SAAoB;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,cAAc,GAAG,CAAC,GAAG,EAAE,CAAC,CAAE,kBAAkB;QAElD,OAAO,SAAS,CAAC,UAAU,IAAI,GAAG,GAAG,cAAc,CAAC;IACtD,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAC7B,CAAC;IAED;;;;OAIG;IACH,UAAU;QACR,OAAO,IAAI,CAAC,QAAQ,EAAE,KAAK,IAAI,CAAC;IAClC,CAAC;IAED;;;;OAIG;IACH,WAAW;QACT,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClC,OAAO,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC/C,CAAC;IAED;;;;OAIG;IACH,OAAO;QACL,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClC,OAAO,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3C,CAAC;IAED;;;;OAIG;IACH,mBAAmB;QACjB,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,SAAS,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QACxD,OAAO,SAAS,CAAC,cAAc,EAAE,CAAC;IACpC,CAAC;IAED;;;;OAIG;IACH,yBAAyB;QACvB,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAC1C,MAAM,sBAAsB,GAAG,SAAS,CAAC,UAAU,GAAG,GAAG,CAAC;QAE1D,OAAO,IAAI,CAAC,KAAK,CAAC,sBAAsB,GAAG,EAAE,CAAC,CAAC;IACjD,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,iBAAiB,CAAC,aAQxB;QACC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAE1C,OAAO;YACL,YAAY,EAAE,aAAa,CAAC,YAAY;YACxC,UAAU,EAAE,aAAa,CAAC,UAAU;YACpC,UAAU,EAAE,GAAG,GAAG,aAAa,CAAC,UAAU;YAC1C,QAAQ,EAAE,aAAa,CAAC,IAAI,CAAC,QAAQ;YACrC,IAAI,EAAE,aAAa,CAAC,IAAI,CAAC,IAAI;SAC9B,CAAC;IACJ,CAAC;CACF;AAxJD,oCAwJC"}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* OAuth Token Refresh Manager (ADR-054)
|
|
3
|
+
*
|
|
4
|
+
* Handles automatic token refresh using refresh_token grant.
|
|
5
|
+
*
|
|
6
|
+
* Note: Only works with grants that return refresh tokens (device flow, authorization code).
|
|
7
|
+
* Client credentials grant does NOT receive refresh tokens - must re-authenticate instead.
|
|
8
|
+
*/
|
|
9
|
+
import type { OAuthTokenInfo } from './oauth-types';
|
|
10
|
+
export interface TokenRefreshCallbacks {
|
|
11
|
+
onRefreshStart?: () => void;
|
|
12
|
+
onRefreshSuccess?: (tokenInfo: OAuthTokenInfo) => void;
|
|
13
|
+
onRefreshError?: (error: Error) => void;
|
|
14
|
+
}
|
|
15
|
+
export declare class TokenRefreshManager {
|
|
16
|
+
private client;
|
|
17
|
+
constructor(apiUrl: string);
|
|
18
|
+
/**
|
|
19
|
+
* Refresh an expired access token using a refresh token
|
|
20
|
+
*
|
|
21
|
+
* POST /auth/oauth/token
|
|
22
|
+
* Body: grant_type=refresh_token&refresh_token=<token>&client_id=<client_id>
|
|
23
|
+
*
|
|
24
|
+
* Returns new access token and same refresh token
|
|
25
|
+
*
|
|
26
|
+
* @param tokenInfo - Current token information (must have refresh_token)
|
|
27
|
+
* @param callbacks - Optional callbacks for progress tracking
|
|
28
|
+
* @returns New token information with refreshed access token
|
|
29
|
+
*/
|
|
30
|
+
refreshToken(tokenInfo: OAuthTokenInfo, callbacks?: TokenRefreshCallbacks): Promise<OAuthTokenInfo>;
|
|
31
|
+
/**
|
|
32
|
+
* Automatically refresh token if expired or about to expire
|
|
33
|
+
*
|
|
34
|
+
* Checks if token is expired (or will expire within buffer period).
|
|
35
|
+
* If so, refreshes it. Otherwise, returns the original token.
|
|
36
|
+
*
|
|
37
|
+
* @param tokenInfo - Current token information
|
|
38
|
+
* @param bufferSeconds - Refresh if expiring within this many seconds (default: 60)
|
|
39
|
+
* @param callbacks - Optional callbacks for progress tracking
|
|
40
|
+
* @returns Token information (refreshed if needed)
|
|
41
|
+
*/
|
|
42
|
+
autoRefresh(tokenInfo: OAuthTokenInfo | null, bufferSeconds?: number, callbacks?: TokenRefreshCallbacks): Promise<OAuthTokenInfo>;
|
|
43
|
+
/**
|
|
44
|
+
* Revoke a token (access or refresh)
|
|
45
|
+
*
|
|
46
|
+
* POST /auth/oauth/revoke
|
|
47
|
+
* Body: token=<token>&token_type_hint=access_token|refresh_token&client_id=<client_id>
|
|
48
|
+
*
|
|
49
|
+
* @param token - Token to revoke (access_token or refresh_token)
|
|
50
|
+
* @param tokenTypeHint - Type of token ('access_token' or 'refresh_token')
|
|
51
|
+
* @param clientId - OAuth client ID
|
|
52
|
+
*/
|
|
53
|
+
revokeToken(token: string, tokenTypeHint?: 'access_token' | 'refresh_token', clientId?: string): Promise<void>;
|
|
54
|
+
/**
|
|
55
|
+
* Revoke all tokens for a user (access and refresh)
|
|
56
|
+
*
|
|
57
|
+
* Convenience method to revoke both access and refresh tokens
|
|
58
|
+
*
|
|
59
|
+
* @param tokenInfo - Token information
|
|
60
|
+
*/
|
|
61
|
+
revokeAll(tokenInfo: OAuthTokenInfo): Promise<void>;
|
|
62
|
+
}
|
|
63
|
+
//# sourceMappingURL=token-refresh.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-refresh.d.ts","sourceRoot":"","sources":["../../../src/lib/auth/token-refresh.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAsB,cAAc,EAAsB,MAAM,eAAe,CAAC;AAG5F,MAAM,WAAW,qBAAqB;IACpC,cAAc,CAAC,EAAE,MAAM,IAAI,CAAC;IAC5B,gBAAgB,CAAC,EAAE,CAAC,SAAS,EAAE,cAAc,KAAK,IAAI,CAAC;IACvD,cAAc,CAAC,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;CACzC;AAED,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,MAAM,CAAgB;gBAElB,MAAM,EAAE,MAAM;IAU1B;;;;;;;;;;;OAWG;IACG,YAAY,CAChB,SAAS,EAAE,cAAc,EACzB,SAAS,CAAC,EAAE,qBAAqB,GAChC,OAAO,CAAC,cAAc,CAAC;IA0C1B;;;;;;;;;;OAUG;IACG,WAAW,CACf,SAAS,EAAE,cAAc,GAAG,IAAI,EAChC,aAAa,GAAE,MAAW,EAC1B,SAAS,CAAC,EAAE,qBAAqB,GAChC,OAAO,CAAC,cAAc,CAAC;IAe1B;;;;;;;;;OASG;IACG,WAAW,CACf,KAAK,EAAE,MAAM,EACb,aAAa,CAAC,EAAE,cAAc,GAAG,eAAe,EAChD,QAAQ,CAAC,EAAE,MAAM,GAChB,OAAO,CAAC,IAAI,CAAC;IAqBhB;;;;;;OAMG;IACG,SAAS,CAAC,SAAS,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC;CAS1D"}
|
|
@@ -0,0 +1,141 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* OAuth Token Refresh Manager (ADR-054)
|
|
4
|
+
*
|
|
5
|
+
* Handles automatic token refresh using refresh_token grant.
|
|
6
|
+
*
|
|
7
|
+
* Note: Only works with grants that return refresh tokens (device flow, authorization code).
|
|
8
|
+
* Client credentials grant does NOT receive refresh tokens - must re-authenticate instead.
|
|
9
|
+
*/
|
|
10
|
+
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
11
|
+
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
12
|
+
};
|
|
13
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
14
|
+
exports.TokenRefreshManager = void 0;
|
|
15
|
+
const axios_1 = __importDefault(require("axios"));
|
|
16
|
+
const oauth_utils_1 = require("./oauth-utils");
|
|
17
|
+
class TokenRefreshManager {
|
|
18
|
+
constructor(apiUrl) {
|
|
19
|
+
this.client = axios_1.default.create({
|
|
20
|
+
baseURL: apiUrl,
|
|
21
|
+
headers: {
|
|
22
|
+
'Content-Type': 'application/x-www-form-urlencoded',
|
|
23
|
+
},
|
|
24
|
+
timeout: 10000, // 10 seconds
|
|
25
|
+
});
|
|
26
|
+
}
|
|
27
|
+
/**
|
|
28
|
+
* Refresh an expired access token using a refresh token
|
|
29
|
+
*
|
|
30
|
+
* POST /auth/oauth/token
|
|
31
|
+
* Body: grant_type=refresh_token&refresh_token=<token>&client_id=<client_id>
|
|
32
|
+
*
|
|
33
|
+
* Returns new access token and same refresh token
|
|
34
|
+
*
|
|
35
|
+
* @param tokenInfo - Current token information (must have refresh_token)
|
|
36
|
+
* @param callbacks - Optional callbacks for progress tracking
|
|
37
|
+
* @returns New token information with refreshed access token
|
|
38
|
+
*/
|
|
39
|
+
async refreshToken(tokenInfo, callbacks) {
|
|
40
|
+
if (!tokenInfo.refresh_token) {
|
|
41
|
+
throw new Error('Cannot refresh token: No refresh token available (client_credentials grant?)');
|
|
42
|
+
}
|
|
43
|
+
callbacks?.onRefreshStart?.();
|
|
44
|
+
try {
|
|
45
|
+
const params = new URLSearchParams({
|
|
46
|
+
grant_type: 'refresh_token',
|
|
47
|
+
refresh_token: tokenInfo.refresh_token,
|
|
48
|
+
client_id: tokenInfo.client_id,
|
|
49
|
+
});
|
|
50
|
+
const response = await this.client.post('/auth/oauth/token', params.toString());
|
|
51
|
+
// Convert response and preserve client_id
|
|
52
|
+
const newTokenInfo = (0, oauth_utils_1.convertTokenResponse)(response.data, tokenInfo.client_id);
|
|
53
|
+
callbacks?.onRefreshSuccess?.(newTokenInfo);
|
|
54
|
+
return newTokenInfo;
|
|
55
|
+
}
|
|
56
|
+
catch (error) {
|
|
57
|
+
if (axios_1.default.isAxiosError(error)) {
|
|
58
|
+
const axiosError = error;
|
|
59
|
+
const errorMessage = axiosError.response?.data?.error_description ||
|
|
60
|
+
axiosError.response?.data?.error ||
|
|
61
|
+
axiosError.message;
|
|
62
|
+
const err = new Error(`Token refresh failed: ${errorMessage}`);
|
|
63
|
+
callbacks?.onRefreshError?.(err);
|
|
64
|
+
throw err;
|
|
65
|
+
}
|
|
66
|
+
const err = error instanceof Error ? error : new Error('Unknown error during token refresh');
|
|
67
|
+
callbacks?.onRefreshError?.(err);
|
|
68
|
+
throw err;
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
/**
|
|
72
|
+
* Automatically refresh token if expired or about to expire
|
|
73
|
+
*
|
|
74
|
+
* Checks if token is expired (or will expire within buffer period).
|
|
75
|
+
* If so, refreshes it. Otherwise, returns the original token.
|
|
76
|
+
*
|
|
77
|
+
* @param tokenInfo - Current token information
|
|
78
|
+
* @param bufferSeconds - Refresh if expiring within this many seconds (default: 60)
|
|
79
|
+
* @param callbacks - Optional callbacks for progress tracking
|
|
80
|
+
* @returns Token information (refreshed if needed)
|
|
81
|
+
*/
|
|
82
|
+
async autoRefresh(tokenInfo, bufferSeconds = 60, callbacks) {
|
|
83
|
+
if (!tokenInfo) {
|
|
84
|
+
throw new Error('Cannot refresh token: No token information available');
|
|
85
|
+
}
|
|
86
|
+
// Check if token needs refresh
|
|
87
|
+
if (!(0, oauth_utils_1.isTokenExpired)(tokenInfo, bufferSeconds)) {
|
|
88
|
+
// Token is still valid, no refresh needed
|
|
89
|
+
return tokenInfo;
|
|
90
|
+
}
|
|
91
|
+
// Token expired or about to expire - refresh it
|
|
92
|
+
return await this.refreshToken(tokenInfo, callbacks);
|
|
93
|
+
}
|
|
94
|
+
/**
|
|
95
|
+
* Revoke a token (access or refresh)
|
|
96
|
+
*
|
|
97
|
+
* POST /auth/oauth/revoke
|
|
98
|
+
* Body: token=<token>&token_type_hint=access_token|refresh_token&client_id=<client_id>
|
|
99
|
+
*
|
|
100
|
+
* @param token - Token to revoke (access_token or refresh_token)
|
|
101
|
+
* @param tokenTypeHint - Type of token ('access_token' or 'refresh_token')
|
|
102
|
+
* @param clientId - OAuth client ID
|
|
103
|
+
*/
|
|
104
|
+
async revokeToken(token, tokenTypeHint, clientId) {
|
|
105
|
+
try {
|
|
106
|
+
const params = new URLSearchParams({
|
|
107
|
+
token: token,
|
|
108
|
+
...(tokenTypeHint && { token_type_hint: tokenTypeHint }),
|
|
109
|
+
...(clientId && { client_id: clientId }),
|
|
110
|
+
});
|
|
111
|
+
await this.client.post('/auth/oauth/revoke', params.toString());
|
|
112
|
+
}
|
|
113
|
+
catch (error) {
|
|
114
|
+
if (axios_1.default.isAxiosError(error)) {
|
|
115
|
+
const axiosError = error;
|
|
116
|
+
const errorMessage = axiosError.response?.data?.error_description ||
|
|
117
|
+
axiosError.response?.data?.error ||
|
|
118
|
+
axiosError.message;
|
|
119
|
+
throw new Error(`Token revocation failed: ${errorMessage}`);
|
|
120
|
+
}
|
|
121
|
+
throw error;
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
/**
|
|
125
|
+
* Revoke all tokens for a user (access and refresh)
|
|
126
|
+
*
|
|
127
|
+
* Convenience method to revoke both access and refresh tokens
|
|
128
|
+
*
|
|
129
|
+
* @param tokenInfo - Token information
|
|
130
|
+
*/
|
|
131
|
+
async revokeAll(tokenInfo) {
|
|
132
|
+
// Revoke access token
|
|
133
|
+
await this.revokeToken(tokenInfo.access_token, 'access_token', tokenInfo.client_id);
|
|
134
|
+
// Revoke refresh token if present
|
|
135
|
+
if (tokenInfo.refresh_token) {
|
|
136
|
+
await this.revokeToken(tokenInfo.refresh_token, 'refresh_token', tokenInfo.client_id);
|
|
137
|
+
}
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
exports.TokenRefreshManager = TokenRefreshManager;
|
|
141
|
+
//# sourceMappingURL=token-refresh.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"token-refresh.js","sourceRoot":"","sources":["../../../src/lib/auth/token-refresh.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;AAEH,kDAAyD;AAEzD,+CAAqE;AAQrE,MAAa,mBAAmB;IAG9B,YAAY,MAAc;QACxB,IAAI,CAAC,MAAM,GAAG,eAAK,CAAC,MAAM,CAAC;YACzB,OAAO,EAAE,MAAM;YACf,OAAO,EAAE;gBACP,cAAc,EAAE,mCAAmC;aACpD;YACD,OAAO,EAAE,KAAK,EAAG,aAAa;SAC/B,CAAC,CAAC;IACL,CAAC;IAED;;;;;;;;;;;OAWG;IACH,KAAK,CAAC,YAAY,CAChB,SAAyB,EACzB,SAAiC;QAEjC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC;YAC7B,MAAM,IAAI,KAAK,CAAC,8EAA8E,CAAC,CAAC;QAClG,CAAC;QAED,SAAS,EAAE,cAAc,EAAE,EAAE,CAAC;QAE9B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;gBACjC,UAAU,EAAE,eAAe;gBAC3B,aAAa,EAAE,SAAS,CAAC,aAAa;gBACtC,SAAS,EAAE,SAAS,CAAC,SAAS;aAC/B,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CACrC,mBAAmB,EACnB,MAAM,CAAC,QAAQ,EAAE,CAClB,CAAC;YAEF,0CAA0C;YAC1C,MAAM,YAAY,GAAG,IAAA,kCAAoB,EAAC,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;YAC9E,SAAS,EAAE,gBAAgB,EAAE,CAAC,YAAY,CAAC,CAAC;YAC5C,OAAO,YAAY,CAAC;QAEtB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,eAAK,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,UAAU,GAAG,KAAuC,CAAC;gBAC3D,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,EAAE,IAAI,EAAE,iBAAiB;oBAC7C,UAAU,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK;oBAChC,UAAU,CAAC,OAAO,CAAC;gBAEvC,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,yBAAyB,YAAY,EAAE,CAAC,CAAC;gBAC/D,SAAS,EAAE,cAAc,EAAE,CAAC,GAAG,CAAC,CAAC;gBACjC,MAAM,GAAG,CAAC;YACZ,CAAC;YAED,MAAM,GAAG,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC;YAC7F,SAAS,EAAE,cAAc,EAAE,CAAC,GAAG,CAAC,CAAC;YACjC,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,WAAW,CACf,SAAgC,EAChC,gBAAwB,EAAE,EAC1B,SAAiC;QAEjC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;QAC1E,CAAC;QAED,+BAA+B;QAC/B,IAAI,CAAC,IAAA,4BAAc,EAAC,SAAS,EAAE,aAAa,CAAC,EAAE,CAAC;YAC9C,0CAA0C;YAC1C,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,gDAAgD;QAChD,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IACvD,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,WAAW,CACf,KAAa,EACb,aAAgD,EAChD,QAAiB;QAEjB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;gBACjC,KAAK,EAAE,KAAK;gBACZ,GAAG,CAAC,aAAa,IAAI,EAAE,eAAe,EAAE,aAAa,EAAE,CAAC;gBACxD,GAAG,CAAC,QAAQ,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;aACzC,CAAC,CAAC;YAEH,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAClE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,eAAK,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,MAAM,UAAU,GAAG,KAAuC,CAAC;gBAC3D,MAAM,YAAY,GAAG,UAAU,CAAC,QAAQ,EAAE,IAAI,EAAE,iBAAiB;oBAC7C,UAAU,CAAC,QAAQ,EAAE,IAAI,EAAE,KAAK;oBAChC,UAAU,CAAC,OAAO,CAAC;gBACvC,MAAM,IAAI,KAAK,CAAC,4BAA4B,YAAY,EAAE,CAAC,CAAC;YAC9D,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,SAAS,CAAC,SAAyB;QACvC,sBAAsB;QACtB,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,YAAY,EAAE,cAAc,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;QAEpF,kCAAkC;QAClC,IAAI,SAAS,CAAC,aAAa,EAAE,CAAC;YAC5B,MAAM,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,aAAa,EAAE,eAAe,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;QACxF,CAAC;IACH,CAAC;CACF;AAvJD,kDAuJC"}
|
|
@@ -0,0 +1,286 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Configuration Manager for kg CLI
|
|
3
|
+
*
|
|
4
|
+
* Manages user configuration stored at ~/.config/kg/config.json
|
|
5
|
+
*
|
|
6
|
+
* ADR-054: OAuth 2.0 Authentication
|
|
7
|
+
* - All authentication uses personal OAuth clients (GitHub CLI-style)
|
|
8
|
+
* - Client credentials (client_id + client_secret) are long-lived
|
|
9
|
+
* - Fresh access tokens obtained on-demand via client credentials grant
|
|
10
|
+
* - JWT support removed (OAuth-only)
|
|
11
|
+
*/
|
|
12
|
+
export interface AuthTokenConfig {
|
|
13
|
+
oauth_client_id?: string;
|
|
14
|
+
oauth_client_secret?: string;
|
|
15
|
+
oauth_client_name?: string;
|
|
16
|
+
oauth_scopes?: string[];
|
|
17
|
+
oauth_created_at?: string;
|
|
18
|
+
token_type?: string;
|
|
19
|
+
username?: string;
|
|
20
|
+
role?: string;
|
|
21
|
+
}
|
|
22
|
+
export interface DisplayConfig {
|
|
23
|
+
enableChafa?: boolean;
|
|
24
|
+
chafaWidth?: number;
|
|
25
|
+
chafaScale?: number;
|
|
26
|
+
chafaAlign?: 'left' | 'center' | 'right';
|
|
27
|
+
chafaColors?: '256' | '16' | '2' | 'full';
|
|
28
|
+
}
|
|
29
|
+
export interface SearchConfig {
|
|
30
|
+
showEvidence?: boolean;
|
|
31
|
+
showImages?: boolean;
|
|
32
|
+
}
|
|
33
|
+
export interface KgConfig {
|
|
34
|
+
username?: string;
|
|
35
|
+
secret?: string;
|
|
36
|
+
api_url?: string;
|
|
37
|
+
backup_dir?: string;
|
|
38
|
+
auto_approve?: boolean;
|
|
39
|
+
auth?: AuthTokenConfig;
|
|
40
|
+
aliases?: Record<string, string[]>;
|
|
41
|
+
display?: DisplayConfig;
|
|
42
|
+
search?: SearchConfig;
|
|
43
|
+
}
|
|
44
|
+
export declare class ConfigManager {
|
|
45
|
+
private configDir;
|
|
46
|
+
private configPath;
|
|
47
|
+
private config;
|
|
48
|
+
constructor();
|
|
49
|
+
/**
|
|
50
|
+
* Get configuration directory path
|
|
51
|
+
*/
|
|
52
|
+
getConfigDir(): string;
|
|
53
|
+
/**
|
|
54
|
+
* Get configuration file path
|
|
55
|
+
*/
|
|
56
|
+
getConfigPath(): string;
|
|
57
|
+
/**
|
|
58
|
+
* Load configuration from disk
|
|
59
|
+
*/
|
|
60
|
+
private load;
|
|
61
|
+
/**
|
|
62
|
+
* Get default configuration
|
|
63
|
+
*/
|
|
64
|
+
private getDefaultConfig;
|
|
65
|
+
/**
|
|
66
|
+
* Save configuration to disk
|
|
67
|
+
*/
|
|
68
|
+
save(): void;
|
|
69
|
+
/**
|
|
70
|
+
* Get entire configuration
|
|
71
|
+
*/
|
|
72
|
+
getAll(): KgConfig;
|
|
73
|
+
/**
|
|
74
|
+
* Get a configuration value by key (supports nested keys with dot notation)
|
|
75
|
+
*/
|
|
76
|
+
get(key: string): any;
|
|
77
|
+
/**
|
|
78
|
+
* Set a configuration value by key (supports nested keys with dot notation)
|
|
79
|
+
*/
|
|
80
|
+
set(key: string, value: any): void;
|
|
81
|
+
/**
|
|
82
|
+
* Delete a configuration key
|
|
83
|
+
*/
|
|
84
|
+
delete(key: string): void;
|
|
85
|
+
/**
|
|
86
|
+
* Check if config file exists
|
|
87
|
+
*/
|
|
88
|
+
exists(): boolean;
|
|
89
|
+
/**
|
|
90
|
+
* Initialize config with defaults and save
|
|
91
|
+
*/
|
|
92
|
+
init(): void;
|
|
93
|
+
/**
|
|
94
|
+
* Reset configuration to defaults
|
|
95
|
+
*/
|
|
96
|
+
reset(): void;
|
|
97
|
+
/**
|
|
98
|
+
* Get API URL (from config or environment variable)
|
|
99
|
+
*/
|
|
100
|
+
getApiUrl(): string;
|
|
101
|
+
/**
|
|
102
|
+
* Get client ID (from config or environment variable)
|
|
103
|
+
*/
|
|
104
|
+
getClientId(): string | undefined;
|
|
105
|
+
/**
|
|
106
|
+
* Get API key/secret (from config or environment variable)
|
|
107
|
+
*/
|
|
108
|
+
getApiKey(): string | undefined;
|
|
109
|
+
/**
|
|
110
|
+
* Get backup directory (expands ~ to home directory)
|
|
111
|
+
*/
|
|
112
|
+
getBackupDir(): string;
|
|
113
|
+
/**
|
|
114
|
+
* Ensure backup directory exists
|
|
115
|
+
*/
|
|
116
|
+
ensureBackupDir(): string;
|
|
117
|
+
/**
|
|
118
|
+
* Get auto-approve setting (ADR-014)
|
|
119
|
+
*/
|
|
120
|
+
getAutoApprove(): boolean;
|
|
121
|
+
/**
|
|
122
|
+
* Set auto-approve setting (ADR-014)
|
|
123
|
+
*/
|
|
124
|
+
setAutoApprove(value: boolean): void;
|
|
125
|
+
/**
|
|
126
|
+
* Store OAuth client credentials (ADR-054 - personal OAuth clients)
|
|
127
|
+
*
|
|
128
|
+
* Stores long-lived client_id + client_secret for client credentials grant.
|
|
129
|
+
* This is the preferred authentication method for CLI tools.
|
|
130
|
+
*
|
|
131
|
+
* @param credentials OAuth client credentials
|
|
132
|
+
*/
|
|
133
|
+
storeOAuthCredentials(credentials: {
|
|
134
|
+
client_id: string;
|
|
135
|
+
client_secret: string;
|
|
136
|
+
client_name: string;
|
|
137
|
+
scopes: string[];
|
|
138
|
+
created_at: string;
|
|
139
|
+
username?: string;
|
|
140
|
+
}): void;
|
|
141
|
+
/**
|
|
142
|
+
* Get OAuth client credentials (ADR-054)
|
|
143
|
+
*
|
|
144
|
+
* @returns OAuth client credentials or null if not stored
|
|
145
|
+
*/
|
|
146
|
+
getOAuthCredentials(): {
|
|
147
|
+
client_id: string;
|
|
148
|
+
client_secret: string;
|
|
149
|
+
client_name: string;
|
|
150
|
+
scopes: string[];
|
|
151
|
+
created_at: string;
|
|
152
|
+
username?: string;
|
|
153
|
+
} | null;
|
|
154
|
+
/**
|
|
155
|
+
* Clear authentication token
|
|
156
|
+
*/
|
|
157
|
+
clearAuthToken(): void;
|
|
158
|
+
/**
|
|
159
|
+
* Check if user is authenticated (has OAuth client credentials)
|
|
160
|
+
*
|
|
161
|
+
* OAuth client credentials are long-lived and do not expire.
|
|
162
|
+
* Fresh access tokens are obtained on-demand via client credentials grant.
|
|
163
|
+
*
|
|
164
|
+
* @returns true if user has OAuth client credentials
|
|
165
|
+
*/
|
|
166
|
+
isAuthenticated(): boolean;
|
|
167
|
+
/**
|
|
168
|
+
* Get command aliases from config
|
|
169
|
+
*
|
|
170
|
+
* @returns Record mapping command names to their aliases
|
|
171
|
+
*/
|
|
172
|
+
getAliases(): Record<string, string[]>;
|
|
173
|
+
/**
|
|
174
|
+
* Get aliases for a specific command
|
|
175
|
+
*
|
|
176
|
+
* @param commandName Name of the command
|
|
177
|
+
* @returns Array of aliases for this command
|
|
178
|
+
*/
|
|
179
|
+
getCommandAliases(commandName: string): string[];
|
|
180
|
+
/**
|
|
181
|
+
* Add an alias for a command
|
|
182
|
+
*
|
|
183
|
+
* @param commandName Name of the command
|
|
184
|
+
* @param alias Alias to add
|
|
185
|
+
*/
|
|
186
|
+
addAlias(commandName: string, alias: string): void;
|
|
187
|
+
/**
|
|
188
|
+
* Remove an alias for a command
|
|
189
|
+
*
|
|
190
|
+
* @param commandName Name of the command
|
|
191
|
+
* @param alias Alias to remove
|
|
192
|
+
*/
|
|
193
|
+
removeAlias(commandName: string, alias: string): void;
|
|
194
|
+
/**
|
|
195
|
+
* Check if chafa terminal image display is enabled
|
|
196
|
+
* If not explicitly set, defaults to true (will check for chafa availability at runtime)
|
|
197
|
+
*
|
|
198
|
+
* @returns true if chafa display is enabled in config
|
|
199
|
+
*/
|
|
200
|
+
isChafaEnabled(): boolean;
|
|
201
|
+
/**
|
|
202
|
+
* Enable or disable chafa terminal image display
|
|
203
|
+
*
|
|
204
|
+
* @param enabled Whether to enable chafa
|
|
205
|
+
*/
|
|
206
|
+
setChafaEnabled(enabled: boolean): void;
|
|
207
|
+
/**
|
|
208
|
+
* Get chafa display width
|
|
209
|
+
*
|
|
210
|
+
* @returns Width in characters, or undefined for auto-sizing
|
|
211
|
+
*/
|
|
212
|
+
getChafaWidth(): number | undefined;
|
|
213
|
+
/**
|
|
214
|
+
* Set chafa display width
|
|
215
|
+
*
|
|
216
|
+
* @param width Width in characters (undefined for auto)
|
|
217
|
+
*/
|
|
218
|
+
setChafaWidth(width: number | undefined): void;
|
|
219
|
+
/**
|
|
220
|
+
* Get chafa color mode
|
|
221
|
+
*
|
|
222
|
+
* @returns Color mode ('256', '16', '2', or 'full')
|
|
223
|
+
*/
|
|
224
|
+
getChafaColors(): '256' | '16' | '2' | 'full';
|
|
225
|
+
/**
|
|
226
|
+
* Set chafa color mode
|
|
227
|
+
*
|
|
228
|
+
* @param colors Color mode
|
|
229
|
+
*/
|
|
230
|
+
setChafaColors(colors: '256' | '16' | '2' | 'full'): void;
|
|
231
|
+
/**
|
|
232
|
+
* Get chafa scale factor
|
|
233
|
+
*
|
|
234
|
+
* @returns Scale factor (0.0-1.0, e.g., 0.3 for 1/3 width)
|
|
235
|
+
*/
|
|
236
|
+
getChafaScale(): number;
|
|
237
|
+
/**
|
|
238
|
+
* Set chafa scale factor
|
|
239
|
+
*
|
|
240
|
+
* @param scale Scale factor (0.0-1.0)
|
|
241
|
+
*/
|
|
242
|
+
setChafaScale(scale: number): void;
|
|
243
|
+
/**
|
|
244
|
+
* Get chafa alignment
|
|
245
|
+
*
|
|
246
|
+
* @returns Alignment ('left', 'center', or 'right')
|
|
247
|
+
*/
|
|
248
|
+
getChafaAlign(): 'left' | 'center' | 'right';
|
|
249
|
+
/**
|
|
250
|
+
* Set chafa alignment
|
|
251
|
+
*
|
|
252
|
+
* @param align Alignment
|
|
253
|
+
*/
|
|
254
|
+
setChafaAlign(align: 'left' | 'center' | 'right'): void;
|
|
255
|
+
/**
|
|
256
|
+
* Check if search should show evidence by default
|
|
257
|
+
* Defaults to true for rich terminal experience
|
|
258
|
+
*
|
|
259
|
+
* @returns true if evidence should be shown by default
|
|
260
|
+
*/
|
|
261
|
+
getSearchShowEvidence(): boolean;
|
|
262
|
+
/**
|
|
263
|
+
* Set whether search should show evidence by default
|
|
264
|
+
*
|
|
265
|
+
* @param enabled Whether to show evidence by default
|
|
266
|
+
*/
|
|
267
|
+
setSearchShowEvidence(enabled: boolean): void;
|
|
268
|
+
/**
|
|
269
|
+
* Check if search should show images by default
|
|
270
|
+
* Defaults to true for rich terminal experience
|
|
271
|
+
*
|
|
272
|
+
* @returns true if images should be shown by default
|
|
273
|
+
*/
|
|
274
|
+
getSearchShowImages(): boolean;
|
|
275
|
+
/**
|
|
276
|
+
* Set whether search should show images by default
|
|
277
|
+
*
|
|
278
|
+
* @param enabled Whether to show images by default
|
|
279
|
+
*/
|
|
280
|
+
setSearchShowImages(enabled: boolean): void;
|
|
281
|
+
}
|
|
282
|
+
/**
|
|
283
|
+
* Get or create global config instance
|
|
284
|
+
*/
|
|
285
|
+
export declare function getConfig(): ConfigManager;
|
|
286
|
+
//# sourceMappingURL=config.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/lib/config.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAMH,MAAM,WAAW,eAAe;IAE9B,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAG1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,aAAa;IAE5B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAC;IACzC,WAAW,CAAC,EAAE,KAAK,GAAG,IAAI,GAAG,GAAG,GAAG,MAAM,CAAC;CAC3C;AAED,MAAM,WAAW,YAAY;IAE3B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,IAAI,CAAC,EAAE,eAAe,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IACnC,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,MAAM,CAAC,EAAE,YAAY,CAAC;CACvB;AAED,qBAAa,aAAa;IACxB,OAAO,CAAC,SAAS,CAAS;IAC1B,OAAO,CAAC,UAAU,CAAS;IAC3B,OAAO,CAAC,MAAM,CAAW;;IAUzB;;OAEG;IACH,YAAY,IAAI,MAAM;IAItB;;OAEG;IACH,aAAa,IAAI,MAAM;IAIvB;;OAEG;IACH,OAAO,CAAC,IAAI;IAcZ;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAwBxB;;OAEG;IACH,IAAI,IAAI,IAAI;IAkBZ;;OAEG;IACH,MAAM,IAAI,QAAQ;IAIlB;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG;IAerB;;OAEG;IACH,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,GAAG,IAAI;IAiBlC;;OAEG;IACH,MAAM,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAiBzB;;OAEG;IACH,MAAM,IAAI,OAAO;IAIjB;;OAEG;IACH,IAAI,IAAI,IAAI;IAOZ;;OAEG;IACH,KAAK,IAAI,IAAI;IAKb;;OAEG;IACH,SAAS,IAAI,MAAM;IAInB;;OAEG;IACH,WAAW,IAAI,MAAM,GAAG,SAAS;IAIjC;;OAEG;IACH,SAAS,IAAI,MAAM,GAAG,SAAS;IAI/B;;OAEG;IACH,YAAY,IAAI,MAAM;IAKtB;;OAEG;IACH,eAAe,IAAI,MAAM;IAQzB;;OAEG;IACH,cAAc,IAAI,OAAO;IAIzB;;OAEG;IACH,cAAc,CAAC,KAAK,EAAE,OAAO,GAAG,IAAI;IAOpC;;;;;;;OAOG;IACH,qBAAqB,CAAC,WAAW,EAAE;QACjC,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GAAG,IAAI;IAsBR;;;;OAIG;IACH,mBAAmB,IAAI;QACrB,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,UAAU,EAAE,MAAM,CAAC;QACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,GAAG,IAAI;IAmBR;;OAEG;IACH,cAAc,IAAI,IAAI;IAItB;;;;;;;OAOG;IACH,eAAe,IAAI,OAAO;IAM1B;;;;OAIG;IACH,UAAU,IAAI,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC;IAItC;;;;;OAKG;IACH,iBAAiB,CAAC,WAAW,EAAE,MAAM,GAAG,MAAM,EAAE;IAIhD;;;;;OAKG;IACH,QAAQ,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAelD;;;;;OAKG;IACH,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,IAAI;IAoBrD;;;;;OAKG;IACH,cAAc,IAAI,OAAO;IAIzB;;;;OAIG;IACH,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAQvC;;;;OAIG;IACH,aAAa,IAAI,MAAM,GAAG,SAAS;IAInC;;;;OAIG;IACH,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,GAAG,IAAI;IAQ9C;;;;OAIG;IACH,cAAc,IAAI,KAAK,GAAG,IAAI,GAAG,GAAG,GAAG,MAAM;IAI7C;;;;OAIG;IACH,cAAc,CAAC,MAAM,EAAE,KAAK,GAAG,IAAI,GAAG,GAAG,GAAG,MAAM,GAAG,IAAI;IAQzD;;;;OAIG;IACH,aAAa,IAAI,MAAM;IAIvB;;;;OAIG;IACH,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAQlC;;;;OAIG;IACH,aAAa,IAAI,MAAM,GAAG,QAAQ,GAAG,OAAO;IAI5C;;;;OAIG;IACH,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,QAAQ,GAAG,OAAO,GAAG,IAAI;IAUvD;;;;;OAKG;IACH,qBAAqB,IAAI,OAAO;IAIhC;;;;OAIG;IACH,qBAAqB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAQ7C;;;;;OAKG;IACH,mBAAmB,IAAI,OAAO;IAI9B;;;;OAIG;IACH,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;CAO5C;AAOD;;GAEG;AACH,wBAAgB,SAAS,IAAI,aAAa,CAKzC"}
|