npm - @ackplus/nest-auth - Versions diffs - 0.0.38 → 0.0.40 - Mend

@ackplus/nest-auth 0.0.38 → 0.0.40

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (178) hide show

package/src/lib/auth/services/auth.service.js ADDED Viewed

@@ -0,0 +1,396 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.AuthService = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const typeorm_1 = require("@nestjs/typeorm");
+const typeorm_2 = require("typeorm");
+const user_entity_1 = require("../../user/entities/user.entity");
+const otp_entity_1 = require("../../auth/entities/otp.entity");
+const otp_interface_1 = require("../../core/interfaces/otp.interface");
+const auth_constants_1 = require("../../auth.constants");
+const typeorm_3 = require("typeorm");
+const mfa_service_1 = require("./mfa.service");
+const jwt_service_1 = require("../../core/services/jwt.service");
+const event_emitter_1 = require("@nestjs/event-emitter");
+const base_session_service_1 = require("../../session/services/base-session.service");
+const request_context_1 = require("../../request-context/request-context");
+const otp_1 = require("../../utils/otp");
+const user_registered_event_1 = require("../../user/events/user-registered.event");
+const user_logged_in_event_1 = require("../events/user-logged-in.event");
+const user_2fa_verified_event_1 = require("../events/user-2fa-verified.event");
+const user_refresh_token_event_1 = require("../events/user-refresh-token.event");
+const logged_out_event_1 = require("../events/logged-out.event");
+const logged_out_all_event_1 = require("../events/logged-out-all.event");
+const password_reset_requested_event_1 = require("../events/password-reset-requested.event");
+const password_reset_event_1 = require("../events/password-reset.event");
+let AuthService = class AuthService {
+    constructor(userRepository, otpRepository, authProviders, mfaService, sessionService, jwtService, eventEmitter) {
+        this.userRepository = userRepository;
+        this.otpRepository = otpRepository;
+        this.authProviders = authProviders;
+        this.mfaService = mfaService;
+        this.sessionService = sessionService;
+        this.jwtService = jwtService;
+        this.eventEmitter = eventEmitter;
+    }
+    getUserWithRolesAndPermissions(userId, relations = []) {
+        return this.userRepository.findOne({
+            where: { id: userId },
+            relations: [
+                'roles',
+                'roles.permissions',
+                ...relations
+            ],
+        });
+    }
+    async getUser() {
+        const user = request_context_1.RequestContext.currentUser();
+        if (!user) {
+            return null;
+        }
+        return this.getUserWithRolesAndPermissions(user.id);
+    }
+    async signup(input) {
+        const { email, phone, password, tenantId = null } = input;
+        if (!email && !phone) {
+            throw new common_1.BadRequestException('Either email or phone must be provided');
+        }
+        let provider = null;
+        let providerUserId = null;
+        if (email) {
+            provider = this.authProviders.find(p => p.providerId === auth_constants_1.EMAIL_AUTH_PROVIDER);
+            providerUserId = email;
+        }
+        else if (phone) {
+            provider = this.authProviders.find(p => p.providerId === auth_constants_1.PHONE_AUTH_PROVIDER);
+            providerUserId = phone;
+        }
+        if (!provider) {
+            throw new common_1.InternalServerErrorException('Phone or email authentication is not enabled');
+        }
+        const identity = await provider.findIdentity(providerUserId);
+        if (identity) {
+            if (email) {
+                throw new common_1.BadRequestException('Email already exists in this tenant');
+            }
+            if (phone) {
+                throw new common_1.BadRequestException('Phone number already exists in this tenant');
+            }
+        }
+        let user = this.userRepository.create({
+            email,
+            phone,
+            tenantId,
+            isVerified: false,
+        });
+        await user.setPassword(password);
+        await this.userRepository.save(user);
+        user = await this.getUserWithRolesAndPermissions(user.id);
+        await provider.linkToUser(user.id, providerUserId);
+        const session = await this.sessionService.createSessionFromUser(user);
+        const tokens = await this.generateTokensFromSession(session);
+        const isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.REGISTERED, new user_registered_event_1.UserRegisteredEvent({
+            user,
+            tenantId: user.tenantId,
+            input,
+            provider,
+            session,
+            tokens,
+            isRequiresMfa
+        }));
+        return {
+            accessToken: tokens.accessToken,
+            refreshToken: tokens.refreshToken,
+            isRequiresMfa: isRequiresMfa,
+        };
+    }
+    async login(input) {
+        const { credentials, providerId, tenantId = null, createUserIfNotExists = false } = input;
+        const provider = this.authProviders.find(p => p.providerId === providerId);
+        if (!provider) {
+            throw new common_1.UnauthorizedException('Invalid authentication providerId or provider is not enabled');
+        }
+        const requiredFields = provider.getRequiredFields();
+        if (!requiredFields.every(field => credentials[field])) {
+            throw new common_1.BadRequestException(`Missing ${requiredFields.join(', ')} required fields`);
+        }
+        const authProviderUser = await provider.validate(credentials);
+        const identity = await provider.findIdentity(authProviderUser.userId);
+        let user = identity?.user || null;
+        if (!user) {
+            if (!createUserIfNotExists) {
+                throw new common_1.UnauthorizedException('Invalid credentials');
+            }
+            user = await this.handleSocialLogin(provider, authProviderUser);
+        }
+        if (user.isActive === false) {
+            throw new common_1.UnauthorizedException({
+                message: 'Your account is suspended, please contact support',
+                code: auth_constants_1.USER_NOT_ACTIVE_ERROR,
+            });
+        }
+        user = await this.getUserWithRolesAndPermissions(user.id);
+        const session = await this.sessionService.createSessionFromUser(user);
+        const tokens = await this.generateTokensFromSession(session);
+        const isRequiresMfa = await this.mfaService.isRequiresMfa(user.id);
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_IN, new user_logged_in_event_1.UserLoggedInEvent({
+            user,
+            tenantId: user.tenantId,
+            input,
+            provider,
+            session,
+            tokens,
+            isRequiresMfa
+        }));
+        return {
+            accessToken: tokens.accessToken,
+            refreshToken: tokens.refreshToken,
+            isRequiresMfa: isRequiresMfa,
+        };
+    }
+    async verify2fa(input) {
+        const session = request_context_1.RequestContext.currentSession();
+        if (!session) {
+            throw new common_1.UnauthorizedException({
+                message: 'Session not found',
+                code: auth_constants_1.SESSION_NOT_FOUND_ERROR,
+            });
+        }
+        const isValid = await this.mfaService.verifyMfa(session.userId, input.otp, input.method);
+        if (!isValid) {
+            throw new common_1.UnauthorizedException({
+                message: 'Invalid MFA code',
+                code: auth_constants_1.INVALID_MFA_EXCEPTION_CODE,
+            });
+        }
+        const payload = await this.sessionService.updateSession(session.id, {
+            data: {
+                ...session.data,
+                isMfaVerified: true,
+            }
+        });
+        const tokens = await this.generateTokensFromSession(payload);
+        const user = await this.getUser();
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.TWO_FACTOR_VERIFIED, new user_2fa_verified_event_1.User2faVerifiedEvent({
+            user,
+            tenantId: user.tenantId,
+            input,
+            session,
+            tokens
+        }));
+        return {
+            accessToken: tokens.accessToken,
+            refreshToken: tokens.refreshToken,
+        };
+    }
+    async send2faCode(userId, method) {
+        const user = await this.userRepository.findOne({ where: { id: userId } });
+        if (!user) {
+            throw new common_1.UnauthorizedException('User not found');
+        }
+        await this.mfaService.sendMfaCode(user.id, method);
+        return true;
+    }
+    async handleSocialLogin(provider, providerUser) {
+        let identity = await provider.findIdentity(providerUser.userId);
+        if (identity) {
+            return identity.user;
+        }
+        const linkUserWith = provider.linkUserWith();
+        let user = await this.userRepository.findOne({ where: { [linkUserWith]: providerUser.userId } });
+        if (!user) {
+            user = this.userRepository.create({
+                [linkUserWith]: providerUser.userId,
+                isVerified: true,
+                metadata: providerUser.metadata || {},
+            });
+            await this.userRepository.save(user);
+        }
+        await provider.linkToUser(user.id, providerUser.userId, providerUser.metadata || {});
+        return user;
+    }
+    async refreshToken(refreshToken) {
+        if (!refreshToken) {
+            throw new common_1.UnauthorizedException({
+                message: 'No refresh token provided',
+                code: auth_constants_1.REFRESH_TOKEN_INVALID,
+            });
+        }
+        let payload;
+        try {
+            payload = await this.jwtService.verifyToken(refreshToken);
+        }
+        catch (error) {
+            throw new common_1.UnauthorizedException({
+                message: 'Invalid or expired refresh token',
+                code: auth_constants_1.REFRESH_TOKEN_EXPIRED,
+            });
+        }
+        const session = await this.sessionService.getSession(payload.sessionId);
+        if (!session) {
+            throw new common_1.UnauthorizedException({
+                message: 'Invalid refresh token',
+                code: auth_constants_1.REFRESH_TOKEN_INVALID,
+            });
+        }
+        const newSession = await this.sessionService.createSessionFromSession(session);
+        await this.sessionService.revokeSession(session.id);
+        const tokens = await this.generateTokensFromSession(newSession);
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.REFRESH_TOKEN, new user_refresh_token_event_1.UserRefreshTokenEvent({
+            oldRefreshToken: refreshToken,
+            session: newSession,
+            tokens,
+        }));
+        return tokens;
+    }
+    async forgotPassword(input) {
+        const { email, phone, tenantId = null } = input;
+        let provider = null;
+        if (phone) {
+            provider = this.authProviders.find(p => p.providerId === auth_constants_1.PHONE_AUTH_PROVIDER);
+        }
+        else if (email) {
+            provider = this.authProviders.find(p => p.providerId === auth_constants_1.EMAIL_AUTH_PROVIDER);
+        }
+        else {
+            throw new common_1.BadRequestException('Either email or phone must be provided');
+        }
+        if (!provider) {
+            throw new common_1.BadRequestException('Phone or email authentication is not enabled');
+        }
+        if (!provider.enabled) {
+            if (email) {
+                throw new common_1.BadRequestException('Email authentication is not enabled');
+            }
+            else if (phone) {
+                throw new common_1.BadRequestException('Phone authentication is not enabled');
+            }
+        }
+        const identity = await provider.findIdentity(email || phone);
+        if (!identity) {
+            return { message: 'If the account exists, a password reset code has been sent' };
+        }
+        const otp = (0, otp_1.generateOtp)();
+        const expiresAt = new Date();
+        expiresAt.setMinutes(expiresAt.getMinutes() + 15);
+        const otpEntity = await this.otpRepository.save({
+            userId: identity.user?.id,
+            code: otp,
+            expiresAt,
+            type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET
+        });
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_RESET_REQUESTED, new password_reset_requested_event_1.PasswordResetRequestedEvent({
+            user: identity.user,
+            tenantId: identity.user?.tenantId,
+            input,
+            otp: otpEntity,
+            provider,
+        }));
+        return true;
+    }
+    async resetPassword(input) {
+        const { email, phone, otp, newPassword, tenantId = null } = input;
+        if (!email && !phone) {
+            throw new common_1.BadRequestException('Either email or phone must be provided');
+        }
+        const user = await this.userRepository.findOne({
+            where: [
+                ...(email ? [{ email, tenantId }] : []),
+                ...(phone ? [{ phone, tenantId }] : [])
+            ]
+        });
+        if (!user) {
+            throw new common_1.BadRequestException('Invalid reset request');
+        }
+        const validOtp = await this.otpRepository.findOne({
+            where: {
+                userId: user.id,
+                code: otp,
+                type: otp_interface_1.OTPTypeEnum.PASSWORD_RESET,
+                expiresAt: (0, typeorm_3.MoreThan)(new Date()),
+                used: false
+            }
+        });
+        if (!validOtp) {
+            throw new common_1.BadRequestException('Invalid or expired OTP');
+        }
+        await user.setPassword(newPassword);
+        await this.userRepository.save(user);
+        validOtp.used = true;
+        await this.otpRepository.save(validOtp);
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.PASSWORD_RESET, new password_reset_event_1.PasswordResetEvent({
+            user,
+            tenantId: user.tenantId,
+            input,
+        }));
+        return true;
+    }
+    async logout(logoutType = 'user', reason) {
+        const session = request_context_1.RequestContext.currentSession();
+        const user = await this.getUser();
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_OUT, new logged_out_event_1.LoggedOutEvent({
+            user,
+            tenantId: user?.tenantId,
+            session,
+            logoutType,
+            reason,
+        }));
+        if (session) {
+            await this.sessionService.revokeSession(session.id);
+        }
+        return true;
+    }
+    async logoutAll(userId, logoutType = 'user', reason) {
+        const session = request_context_1.RequestContext.currentSession();
+        if (!session) {
+            throw new common_1.UnauthorizedException('Session not found');
+        }
+        const sessions = await this.sessionService.getUserSessions(userId);
+        await this.sessionService.revokeUserSessions(userId);
+        const user = await this.getUser();
+        await this.eventEmitter.emitAsync(auth_constants_1.NestAuthEvents.LOGGED_OUT_ALL, new logged_out_all_event_1.LoggedOutAllEvent({
+            user,
+            tenantId: user?.tenantId,
+            logoutType,
+            reason,
+            currentSessionId: session.id,
+            sessions,
+        }));
+        return true;
+    }
+    generateTokensPayload(session, otherPayload = {}) {
+        const payload = {
+            sub: session.userId,
+            sessionId: session.id,
+            email: session.data?.user?.email,
+            phone: session.data?.user?.phone,
+            isVerified: session.data?.user?.isVerified,
+            roles: session.data?.roles,
+            tenantId: session.data?.user?.tenantId,
+            isMfaEnabled: session.data?.user?.isMfaEnabled,
+            isMfaVerified: session.data?.isMfaVerified,
+            ...otherPayload,
+        };
+        return payload;
+    }
+    async generateTokensFromSession(session) {
+        const payload = this.generateTokensPayload(session);
+        const tokens = await this.jwtService.generateTokens(payload);
+        return tokens;
+    }
+};
+exports.AuthService = AuthService;
+exports.AuthService = AuthService = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(0, (0, typeorm_1.InjectRepository)(user_entity_1.User)),
+    tslib_1.__param(1, (0, typeorm_1.InjectRepository)(otp_entity_1.OTP)),
+    tslib_1.__param(2, (0, common_1.Inject)(auth_constants_1.ENABLED_AUTH_PROVIDERS)),
+    tslib_1.__metadata("design:paramtypes", [typeorm_2.Repository,
+        typeorm_2.Repository, Array, mfa_service_1.MfaService,
+        base_session_service_1.BaseSessionService,
+        jwt_service_1.JwtService,
+        event_emitter_1.EventEmitter2])
+], AuthService);
+//# sourceMappingURL=auth.service.js.map

package/src/lib/auth/services/auth.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"auth.service.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/auth.service.ts"],"names":[],"mappings":";;;;AAAA,2CAAkJ;AAClJ,6CAAmD;AACnD,qCAAqC;AACrC,iEAAuD;AACvD,+DAAqD;AACrD,uEAAkE;AAClE,yDAU8B;AAC9B,qCAAmC;AACnC,+CAA2C;AAC3C,iEAA6D;AAC7D,yDAAsD;AACtD,sFAAiF;AACjF,2EAAuE;AAQvE,yCAA8C;AAE9C,mFAA8E;AAC9E,yEAAmE;AACnE,+EAAyE;AACzE,iFAA2E;AAC3E,iEAA4D;AAC5D,yEAAmE;AACnE,6FAAuF;AACvF,yEAAoE;AAI7D,IAAM,WAAW,GAAjB,MAAM,WAAW;IAEpB,YAEqB,cAAgC,EAGzC,aAA8B,EAGrB,aAAiC,EAEjC,UAAsB,EAEtB,cAAkC,EAElC,UAAsB,EAEtB,YAA2B;QAd3B,mBAAc,GAAd,cAAc,CAAkB;QAGzC,kBAAa,GAAb,aAAa,CAAiB;QAGrB,kBAAa,GAAb,aAAa,CAAoB;QAEjC,eAAU,GAAV,UAAU,CAAY;QAEtB,mBAAc,GAAd,cAAc,CAAoB;QAElC,eAAU,GAAV,UAAU,CAAY;QAEtB,iBAAY,GAAZ,YAAY,CAAe;IAGhD,CAAC;IAED,8BAA8B,CAAC,MAAc,EAAE,YAAsB,EAAE;QACnE,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC/B,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE;YACrB,SAAS,EAAE;gBACP,OAAO;gBACP,mBAAmB;gBACnB,GAAG,SAAS;aACf;SACJ,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,OAAO;QACT,MAAM,IAAI,GAAG,gCAAc,CAAC,WAAW,EAAE,CAAC;QAC1C,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,OAAO,IAAI,CAAA;QACf,CAAC;QACD,OAAO,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,KAAuB;QAChC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,QAAQ,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;QAE1D,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,IAAI,4BAAmB,CAAC,wCAAwC,CAAC,CAAC;QAC5E,CAAC;QAED,IAAI,QAAQ,GAA4B,IAAI,CAAC;QAC7C,IAAI,cAAc,GAAkB,IAAI,CAAC;QAEzC,IAAI,KAAK,EAAE,CAAC;YACR,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,oCAAmB,CAAC,CAAC;YAC9E,cAAc,GAAG,KAAK,CAAC;QAC3B,CAAC;aAAM,IAAI,KAAK,EAAE,CAAC;YACf,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,oCAAmB,CAAC,CAAC;YAC9E,cAAc,GAAG,KAAK,CAAC;QAC3B,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACZ,MAAM,IAAI,qCAA4B,CAAC,8CAA8C,CAAC,CAAC;QAC3F,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,cAAc,CAAC,CAAC;QAE7D,IAAI,QAAQ,EAAE,CAAC;YACX,IAAI,KAAK,EAAE,CAAC;gBACR,MAAM,IAAI,4BAAmB,CAAC,qCAAqC,CAAC,CAAC;YACzE,CAAC;YACD,IAAI,KAAK,EAAE,CAAC;gBACR,MAAM,IAAI,4BAAmB,CAAC,4CAA4C,CAAC,CAAC;YAChF,CAAC;QACL,CAAC;QAED,IAAI,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC;YAClC,KAAK;YACL,KAAK;YACL,QAAQ;YACR,UAAU,EAAE,KAAK;SACpB,CAAC,CAAC;QACH,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QACjC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAErC,IAAI,GAAG,MAAM,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAE1D,MAAM,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,cAAc,CAAC,CAAC;QAEnD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;QACtE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAGnE,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,+BAAc,CAAC,UAAU,EACzB,IAAI,2CAAmB,CAAC;YACpB,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK;YACL,QAAQ;YACR,OAAO;YACP,MAAM;YACN,aAAa;SAChB,CAAC,CACL,CAAC;QAEF,OAAO;YACH,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,aAAa,EAAE,aAAa;SAC/B,CAAC;IACN,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,KAAsB;QAC9B,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,QAAQ,GAAG,IAAI,EAAE,qBAAqB,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC;QAE1F,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,UAAU,CAAC,CAAC;QAE3E,IAAI,CAAC,QAAQ,EAAE,CAAC;YACZ,MAAM,IAAI,8BAAqB,CAAC,8DAA8D,CAAC,CAAC;QACpG,CAAC;QAED,MAAM,cAAc,GAAG,QAAQ,CAAC,iBAAiB,EAAE,CAAC;QAEpD,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;YACrD,MAAM,IAAI,4BAAmB,CAAC,WAAW,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAC1F,CAAC;QAED,MAAM,gBAAgB,GAAG,MAAM,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QAE9D,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAEtE,IAAI,IAAI,GAAgB,QAAQ,EAAE,IAAI,IAAI,IAAI,CAAC;QAE/C,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBACzB,MAAM,IAAI,8BAAqB,CAAC,qBAAqB,CAAC,CAAC;YAC3D,CAAC;YAED,IAAI,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,IAAI,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;YAC1B,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,mDAAmD;gBAC5D,IAAI,EAAE,sCAAqB;aAC9B,CAAC,CAAC;QACP,CAAC;QAED,IAAI,GAAG,MAAM,IAAI,CAAC,8BAA8B,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAE1D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;QACtE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAE7D,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAGnE,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,+BAAc,CAAC,SAAS,EACxB,IAAI,wCAAiB,CAAC;YAClB,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK;YACL,QAAQ;YACR,OAAO;YACP,MAAM;YACN,aAAa;SAChB,CAAC,CACL,CAAC;QAEF,OAAO;YACH,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,aAAa,EAAE,aAAa;SAC/B,CAAC;IACN,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,KAA0B;QACtC,MAAM,OAAO,GAAG,gCAAc,CAAC,cAAc,EAAE,CAAC;QAEhD,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,mBAAmB;gBAC5B,IAAI,EAAE,wCAAuB;aAChC,CAAC,CAAC;QACP,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;QACzF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,kBAAkB;gBAC3B,IAAI,EAAE,2CAA0B;aACnC,CAAC,CAAC;QACP,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,EAAE;YAChE,IAAI,EAAE;gBACF,GAAG,OAAO,CAAC,IAAI;gBACf,aAAa,EAAE,IAAI;aACtB;SACJ,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAE7D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAGlC,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,+BAAc,CAAC,mBAAmB,EAClC,IAAI,8CAAoB,CAAC;YACrB,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK;YACL,OAAO;YACP,MAAM;SACT,CAAC,CACL,CAAC;QAEF,OAAO;YACH,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;SACpC,CAAC;IACN,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,MAAc,EAAE,MAAqB;QACnD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAE1E,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,8BAAqB,CAAC,gBAAgB,CAAC,CAAC;QACtD,CAAC;QAED,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;QAEnD,OAAO,IAAI,CAAC;IAChB,CAAC;IAEO,KAAK,CAAC,iBAAiB,CAC3B,QAA0B,EAC1B,YAA8B;QAI9B,IAAI,QAAQ,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAEhE,IAAI,QAAQ,EAAE,CAAC;YACX,OAAO,QAAQ,CAAC,IAAI,CAAC;QACzB,CAAC;QAED,MAAM,YAAY,GAAG,QAAQ,CAAC,YAAY,EAAE,CAAC;QAE7C,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAEjG,IAAI,CAAC,IAAI,EAAE,CAAC;YAER,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC;gBAC9B,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC,MAAM;gBACnC,UAAU,EAAE,IAAI;gBAChB,QAAQ,EAAE,YAAY,CAAC,QAAQ,IAAI,EAAE;aACxC,CAAC,CAAC;YACH,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,CAAC;QAED,MAAM,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,CAAC,MAAM,EAAE,YAAY,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;QAErF,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,YAAoB;QACnC,IAAI,CAAC,YAAY,EAAE,CAAC;YAChB,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,2BAA2B;gBACpC,IAAI,EAAE,sCAAqB;aAC9B,CAAC,CAAC;QACP,CAAC;QAED,IAAI,OAAwB,CAAC;QAC7B,IAAI,CAAC;YACD,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;QAC9D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,kCAAkC;gBAC3C,IAAI,EAAE,sCAAqB;aAC9B,CAAC,CAAC;QACP,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAExE,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC;gBAC5B,OAAO,EAAE,uBAAuB;gBAChC,IAAI,EAAE,sCAAqB;aAC9B,CAAC,CAAC;QACP,CAAC;QAGD,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC;QAG/E,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAGpD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,yBAAyB,CAAC,UAAU,CAAC,CAAC;QAIhE,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,+BAAc,CAAC,aAAa,EAC5B,IAAI,gDAAqB,CAAC;YACtB,eAAe,EAAE,YAAY;YAC7B,OAAO,EAAE,UAAU;YACnB,MAAM;SACT,CAAC,CACL,CAAC;QAEF,OAAO,MAAM,CAAC;IAClB,CAAC;IAGD,KAAK,CAAC,cAAc,CAAC,KAA+B;QAChD,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;QAChD,IAAI,QAAQ,GAA4B,IAAI,CAAC;QAE7C,IAAI,KAAK,EAAE,CAAC;YACR,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,oCAAmB,CAAC,CAAC;QAClF,CAAC;aAAM,IAAI,KAAK,EAAE,CAAC;YACf,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,oCAAmB,CAAC,CAAC;QAClF,CAAC;aAAM,CAAC;YACJ,MAAM,IAAI,4BAAmB,CAAC,wCAAwC,CAAC,CAAC;QAC5E,CAAC;QAED,IAAI,CAAC,QAAQ,EAAE,CAAC;YACZ,MAAM,IAAI,4BAAmB,CAAC,8CAA8C,CAAC,CAAC;QAClF,CAAC;QAED,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;YACpB,IAAI,KAAK,EAAE,CAAC;gBACR,MAAM,IAAI,4BAAmB,CAAC,qCAAqC,CAAC,CAAC;YACzE,CAAC;iBAAM,IAAI,KAAK,EAAE,CAAC;gBACf,MAAM,IAAI,4BAAmB,CAAC,qCAAqC,CAAC,CAAC;YACzE,CAAC;QACL,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,YAAY,CAAC,KAAK,IAAI,KAAK,CAAC,CAAC;QAE7D,IAAI,CAAC,QAAQ,EAAE,CAAC;YAEZ,OAAO,EAAE,OAAO,EAAE,4DAA4D,EAAE,CAAC;QACrF,CAAC;QAGD,MAAM,GAAG,GAAG,IAAA,iBAAW,GAAE,CAAC;QAC1B,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;QAC7B,SAAS,CAAC,UAAU,CAAC,SAAS,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;QAGlD,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC;YAC5C,MAAM,EAAE,QAAQ,CAAC,IAAI,EAAE,EAAE;YACzB,IAAI,EAAE,GAAG;YACT,SAAS;YACT,IAAI,EAAE,2BAAW,CAAC,cAAc;SACnC,CAAC,CAAC;QAIH,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,+BAAc,CAAC,wBAAwB,EACvC,IAAI,4DAA2B,CAAC;YAC5B,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,QAAQ,EAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ;YACjC,KAAK;YACL,GAAG,EAAE,SAAS;YACd,QAAQ;SACX,CAAC,CACL,CAAC;QAEF,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,KAA8B;QAC9C,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,WAAW,EAAE,QAAQ,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;QAElE,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,IAAI,4BAAmB,CAAC,wCAAwC,CAAC,CAAC;QAC5E,CAAC;QAGD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC;YAC3C,KAAK,EAAE;gBACH,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;aAC1C;SACJ,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,EAAE,CAAC;YACR,MAAM,IAAI,4BAAmB,CAAC,uBAAuB,CAAC,CAAC;QAC3D,CAAC;QAGD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;YAC9C,KAAK,EAAE;gBACH,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,IAAI,EAAE,GAAG;gBACT,IAAI,EAAE,2BAAW,CAAC,cAAc;gBAChC,SAAS,EAAE,IAAA,kBAAQ,EAAC,IAAI,IAAI,EAAE,CAAC;gBAC/B,IAAI,EAAE,KAAK;aACd;SACJ,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,EAAE,CAAC;YACZ,MAAM,IAAI,4BAAmB,CAAC,wBAAwB,CAAC,CAAC;QAC5D,CAAC;QAGD,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QACpC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAGrC,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAC;QACrB,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAGxC,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,+BAAc,CAAC,cAAc,EAC7B,IAAI,yCAAkB,CAAC;YACnB,IAAI;YACJ,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,KAAK;SACR,CAAC,CACL,CAAC;QAEF,OAAO,IAAI,CAAC;IAChB,CAAC;IAGD,KAAK,CAAC,MAAM,CAAC,aAA0C,MAAM,EAAE,MAAe;QAC1E,MAAM,OAAO,GAAG,gCAAc,CAAC,cAAc,EAAE,CAAC;QAEhD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAGlC,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,+BAAc,CAAC,UAAU,EACzB,IAAI,iCAAc,CAAC;YACf,IAAI;YACJ,QAAQ,EAAE,IAAI,EAAE,QAAQ;YACxB,OAAO;YACP,UAAU;YACV,MAAM;SACT,CAAC,CACL,CAAC;QAEF,IAAI,OAAO,EAAE,CAAC;YACV,MAAM,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACxD,CAAC;QAED,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,MAAc,EAAE,aAA0C,MAAM,EAAE,MAAe;QAC7F,MAAM,OAAO,GAAG,gCAAc,CAAC,cAAc,EAAE,CAAC;QAChD,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,8BAAqB,CAAC,mBAAmB,CAAC,CAAC;QACzD,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QAEnE,MAAM,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QAErD,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAGlC,MAAM,IAAI,CAAC,YAAY,CAAC,SAAS,CAC7B,+BAAc,CAAC,cAAc,EAC7B,IAAI,wCAAiB,CAAC;YAClB,IAAI;YACJ,QAAQ,EAAE,IAAI,EAAE,QAAQ;YACxB,UAAU;YACV,MAAM;YACN,gBAAgB,EAAE,OAAO,CAAC,EAAE;YAC5B,QAAQ;SACX,CAAC,CACL,CAAC;QAEF,OAAO,IAAI,CAAC;IAChB,CAAC;IAIO,qBAAqB,CAAC,OAAuB,EAAE,eAAyC,EAAE;QAE9F,MAAM,OAAO,GAAoB;YAC7B,GAAG,EAAE,OAAO,CAAC,MAAM;YACnB,SAAS,EAAE,OAAO,CAAC,EAAE;YACrB,KAAK,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK;YAChC,KAAK,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK;YAChC,UAAU,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU;YAC1C,KAAK,EAAE,OAAO,CAAC,IAAI,EAAE,KAAK;YAC1B,QAAQ,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ;YACtC,YAAY,EAAE,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,YAAY;YAC9C,aAAa,EAAE,OAAO,CAAC,IAAI,EAAE,aAAa;YAC1C,GAAG,YAAY;SAClB,CAAC;QAEF,OAAO,OAAO,CAAC;IACnB,CAAC;IAEO,KAAK,CAAC,yBAAyB,CAAC,OAAuB;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACpD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAC7D,OAAO,MAAM,CAAA;IACjB,CAAC;CACJ,CAAA;AA9fY,kCAAW;sBAAX,WAAW;IADvB,IAAA,mBAAU,GAAE;IAIJ,mBAAA,IAAA,0BAAgB,EAAC,kBAAI,CAAC,CAAA;IAGtB,mBAAA,IAAA,0BAAgB,EAAC,gBAAG,CAAC,CAAA;IAGrB,mBAAA,IAAA,eAAM,EAAC,uCAAsB,CAAC,CAAA;6CALE,oBAAU;QAGpB,oBAAU,SAKJ,wBAAU;QAEN,yCAAkB;QAEtB,wBAAU;QAER,6BAAa;GAlBvC,WAAW,CA8fvB"}

package/src/lib/auth/services/cookie.service.js ADDED Viewed

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CookieService = void 0;
+const tslib_1 = require("tslib");
+const common_1 = require("@nestjs/common");
+const auth_constants_1 = require("../../auth.constants");
+const ms_1 = tslib_1.__importDefault(require("ms"));
+let CookieService = class CookieService {
+    constructor(options) {
+        this.options = options;
+    }
+    setAccessTokenCookie(response, token) {
+        response.cookie(auth_constants_1.ACCESS_TOKEN_COOKIE_NAME, token, {
+            httpOnly: true,
+            secure: this.options.cookieOptions.secure,
+            sameSite: this.options.cookieOptions.sameSite,
+            maxAge: (0, ms_1.default)(this.options.session.sessionExpiry),
+        });
+    }
+    setRefreshTokenCookie(response, token) {
+        response.cookie(auth_constants_1.REFRESH_TOKEN_COOKIE_NAME, token, {
+            httpOnly: true,
+            secure: this.options.cookieOptions.secure,
+            sameSite: this.options.cookieOptions.sameSite,
+            maxAge: (0, ms_1.default)(this.options.session.refreshTokenExpiry),
+        });
+    }
+    clearCookies(response) {
+        response.clearCookie(auth_constants_1.ACCESS_TOKEN_COOKIE_NAME);
+        response.clearCookie(auth_constants_1.REFRESH_TOKEN_COOKIE_NAME);
+    }
+    setTokens(response, accessToken, refreshToken) {
+        this.setAccessTokenCookie(response, accessToken);
+        this.setRefreshTokenCookie(response, refreshToken);
+    }
+};
+exports.CookieService = CookieService;
+exports.CookieService = CookieService = tslib_1.__decorate([
+    (0, common_1.Injectable)(),
+    tslib_1.__param(0, (0, common_1.Inject)(auth_constants_1.AUTH_MODULE_OPTIONS)),
+    tslib_1.__metadata("design:paramtypes", [Object])
+], CookieService);
+//# sourceMappingURL=cookie.service.js.map

package/src/lib/auth/services/cookie.service.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cookie.service.js","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/cookie.service.ts"],"names":[],"mappings":";;;;AAAA,2CAAoD;AAEpD,yDAAgH;AAEhH,oDAAoB;AAGb,IAAM,aAAa,GAAnB,MAAM,aAAa;IACtB,YAEY,OAA0B;QAA1B,YAAO,GAAP,OAAO,CAAmB;IAClC,CAAC;IAEL,oBAAoB,CAAC,QAAkB,EAAE,KAAa;QAClD,QAAQ,CAAC,MAAM,CAAC,yCAAwB,EAAE,KAAK,EAAE;YAC7C,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM;YACzC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ;YAC7C,MAAM,EAAE,IAAA,YAAE,EAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;SACjD,CAAC,CAAC;IACP,CAAC;IAED,qBAAqB,CAAC,QAAkB,EAAE,KAAa;QACnD,QAAQ,CAAC,MAAM,CAAC,0CAAyB,EAAE,KAAK,EAAE;YAC9C,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM;YACzC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,QAAQ;YAC7C,MAAM,EAAE,IAAA,YAAE,EAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAkB,CAAC;SACtD,CAAC,CAAC;IACP,CAAC;IAED,YAAY,CAAC,QAAkB;QAC3B,QAAQ,CAAC,WAAW,CAAC,yCAAwB,CAAC,CAAC;QAC/C,QAAQ,CAAC,WAAW,CAAC,0CAAyB,CAAC,CAAC;IACpD,CAAC;IAED,SAAS,CAAC,QAAkB,EAAE,WAAmB,EAAE,YAAoB;QACnE,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QACjD,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACvD,CAAC;CACJ,CAAA;AAjCY,sCAAa;wBAAb,aAAa;IADzB,IAAA,mBAAU,GAAE;IAGJ,mBAAA,IAAA,eAAM,EAAC,oCAAmB,CAAC,CAAA;;GAFvB,aAAa,CAiCzB"}