@ackplus/nest-auth 1.1.18 → 1.1.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/lib/admin-console/static/index.html +697 -177
- package/src/lib/auth/controllers/mfa.controller.js +5 -5
- package/src/lib/auth/dto/responses/mfa-status.response.dto.d.ts +2 -2
- package/src/lib/auth/dto/responses/mfa-status.response.dto.d.ts.map +1 -1
- package/src/lib/auth/dto/responses/mfa-status.response.dto.js +5 -5
- package/src/lib/auth/guards/auth.guard.d.ts.map +1 -1
- package/src/lib/auth/guards/auth.guard.js +28 -13
- package/src/lib/auth/services/auth.service.d.ts.map +1 -1
- package/src/lib/auth/services/auth.service.js +188 -61
- package/src/lib/auth/services/mfa.service.d.ts.map +1 -1
- package/src/lib/auth/services/mfa.service.js +19 -8
- package/src/lib/auth.constants.d.ts +178 -8
- package/src/lib/auth.constants.d.ts.map +1 -1
- package/src/lib/auth.constants.js +139 -10
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts +170 -0
- package/src/lib/core/interfaces/auth-module-options.interface.d.ts.map +1 -1
- package/src/lib/core/interfaces/session-options.interface.d.ts +52 -0
- package/src/lib/core/interfaces/session-options.interface.d.ts.map +1 -1
- package/src/lib/core/interfaces/token-payload.interface.d.ts +14 -6
- package/src/lib/core/interfaces/token-payload.interface.d.ts.map +1 -1
- package/src/lib/session/services/session-manager.service.d.ts +3 -3
- package/src/lib/session/services/session-manager.service.d.ts.map +1 -1
- package/src/lib/session/services/session-manager.service.js +27 -17
- package/src/lib/user/services/user.service.d.ts +3 -1
- package/src/lib/user/services/user.service.d.ts.map +1 -1
- package/src/lib/user/services/user.service.js +17 -4
|
@@ -30,13 +30,13 @@ let MfaController = class MfaController {
|
|
|
30
30
|
const user = this.getCurrentUserOrThrow();
|
|
31
31
|
const config = this.mfaService.mfaConfig;
|
|
32
32
|
const globallyEnabled = config?.enabled ?? false;
|
|
33
|
-
let
|
|
33
|
+
let verifiedMethods = [];
|
|
34
34
|
let totpDevices = [];
|
|
35
35
|
let hasRecoveryCode = false;
|
|
36
36
|
let isEnabled = false;
|
|
37
37
|
if (globallyEnabled) {
|
|
38
|
-
[
|
|
39
|
-
this.mfaService.
|
|
38
|
+
[verifiedMethods, totpDevices, hasRecoveryCode, isEnabled] = await Promise.all([
|
|
39
|
+
this.mfaService.getVerifiedMethods(user.id),
|
|
40
40
|
this.mfaService.getTotpDevices(user.id),
|
|
41
41
|
this.mfaService.hasRecoveryCode(user.id),
|
|
42
42
|
this.mfaService.isMfaEnabled(user.id),
|
|
@@ -44,8 +44,8 @@ let MfaController = class MfaController {
|
|
|
44
44
|
}
|
|
45
45
|
return {
|
|
46
46
|
isEnabled,
|
|
47
|
-
|
|
48
|
-
|
|
47
|
+
verifiedMethods, // Methods user has verified/can use
|
|
48
|
+
configuredMethods: this.mfaService.getAvailableMethods(), // Methods configured in app
|
|
49
49
|
allowUserToggle: config?.allowUserToggle ?? false,
|
|
50
50
|
allowMethodSelection: config?.allowMethodSelection ?? false,
|
|
51
51
|
totpDevices,
|
|
@@ -9,8 +9,8 @@ export declare class MfaDeviceDto {
|
|
|
9
9
|
}
|
|
10
10
|
export declare class MfaStatusResponseDto {
|
|
11
11
|
isEnabled: boolean;
|
|
12
|
-
|
|
13
|
-
|
|
12
|
+
verifiedMethods: MFAMethodEnum[];
|
|
13
|
+
configuredMethods: MFAMethodEnum[];
|
|
14
14
|
allowUserToggle: boolean;
|
|
15
15
|
allowMethodSelection: boolean;
|
|
16
16
|
totpDevices: MfaDeviceDto[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mfa-status.response.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/responses/mfa-status.response.dto.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,qBAAa,YAAY;IAKrB,EAAE,EAAE,MAAM,CAAC;IAMX,UAAU,EAAE,MAAM,CAAC;IAOnB,MAAM,EAAE,aAAa,CAAC;IAMtB,UAAU,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAMzB,QAAQ,EAAE,OAAO,CAAC;IAMlB,SAAS,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;CAC3B;AAED,qBAAa,oBAAoB;IAK7B,SAAS,EAAE,OAAO,CAAC;IAQnB,
|
|
1
|
+
{"version":3,"file":"mfa-status.response.dto.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/nest-auth/src/lib/auth/dto/responses/mfa-status.response.dto.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAE9C,qBAAa,YAAY;IAKrB,EAAE,EAAE,MAAM,CAAC;IAMX,UAAU,EAAE,MAAM,CAAC;IAOnB,MAAM,EAAE,aAAa,CAAC;IAMtB,UAAU,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;IAMzB,QAAQ,EAAE,OAAO,CAAC;IAMlB,SAAS,CAAC,EAAE,IAAI,GAAG,IAAI,CAAC;CAC3B;AAED,qBAAa,oBAAoB;IAK7B,SAAS,EAAE,OAAO,CAAC;IAQnB,eAAe,EAAE,aAAa,EAAE,CAAC;IAQjC,iBAAiB,EAAE,aAAa,EAAE,CAAC;IAMnC,eAAe,EAAE,OAAO,CAAC;IAMzB,oBAAoB,EAAE,OAAO,CAAC;IAM9B,WAAW,EAAE,YAAY,EAAE,CAAC;IAM5B,eAAe,EAAE,OAAO,CAAC;CAC5B"}
|
|
@@ -62,22 +62,22 @@ tslib_1.__decorate([
|
|
|
62
62
|
], MfaStatusResponseDto.prototype, "isEnabled", void 0);
|
|
63
63
|
tslib_1.__decorate([
|
|
64
64
|
(0, swagger_1.ApiProperty)({
|
|
65
|
-
description: 'MFA methods currently
|
|
65
|
+
description: 'MFA methods the user has verified and can currently use (includes EMAIL/SMS if configured, and TOTP if user has verified device)',
|
|
66
66
|
enum: core_1.MFAMethodEnum,
|
|
67
67
|
isArray: true,
|
|
68
68
|
example: [core_1.MFAMethodEnum.EMAIL, core_1.MFAMethodEnum.TOTP],
|
|
69
69
|
}),
|
|
70
70
|
tslib_1.__metadata("design:type", Array)
|
|
71
|
-
], MfaStatusResponseDto.prototype, "
|
|
71
|
+
], MfaStatusResponseDto.prototype, "verifiedMethods", void 0);
|
|
72
72
|
tslib_1.__decorate([
|
|
73
73
|
(0, swagger_1.ApiProperty)({
|
|
74
|
-
description: 'All MFA methods available
|
|
74
|
+
description: 'All MFA methods configured and available in the application (methods user can potentially set up)',
|
|
75
75
|
enum: core_1.MFAMethodEnum,
|
|
76
76
|
isArray: true,
|
|
77
|
-
example: [core_1.MFAMethodEnum.EMAIL, core_1.MFAMethodEnum.TOTP],
|
|
77
|
+
example: [core_1.MFAMethodEnum.EMAIL, core_1.MFAMethodEnum.TOTP, core_1.MFAMethodEnum.SMS],
|
|
78
78
|
}),
|
|
79
79
|
tslib_1.__metadata("design:type", Array)
|
|
80
|
-
], MfaStatusResponseDto.prototype, "
|
|
80
|
+
], MfaStatusResponseDto.prototype, "configuredMethods", void 0);
|
|
81
81
|
tslib_1.__decorate([
|
|
82
82
|
(0, swagger_1.ApiProperty)({
|
|
83
83
|
description: 'Indicates if MFA toggling is allowed for the user',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.guard.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/guards/auth.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAA6C,MAAM,gBAAgB,CAAC;AAEtH,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,gDAAgD,CAAC;AACvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,wCAAwC,CAAC;AAO1E,eAAO,MAAM,iBAAiB,kBAAkB,CAAC;AAEjD;;;;;;;;;;;;;GAaG;AACH,qBACa,iBAAkB,YAAW,WAAW;IAE7C,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,gBAAgB;gBAHhB,SAAS,EAAE,SAAS,EACpB,UAAU,EAAE,UAAU,EACtB,cAAc,EAAE,qBAAqB,EACrC,gBAAgB,EAAE,gBAAgB;IAGxC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;YAyFhD,aAAa;YA2Cb,gBAAgB;YAqDhB,QAAQ;IA0BtB;;OAEG;YACW,kBAAkB;
|
|
1
|
+
{"version":3,"file":"auth.guard.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/guards/auth.guard.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,WAAW,EAAE,gBAAgB,EAA6C,MAAM,gBAAgB,CAAC;AAEtH,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,gDAAgD,CAAC;AACvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,wCAAwC,CAAC;AAO1E,eAAO,MAAM,iBAAiB,kBAAkB,CAAC;AAEjD;;;;;;;;;;;;;GAaG;AACH,qBACa,iBAAkB,YAAW,WAAW;IAE7C,OAAO,CAAC,SAAS;IACjB,OAAO,CAAC,UAAU;IAClB,OAAO,CAAC,cAAc;IACtB,OAAO,CAAC,gBAAgB;gBAHhB,SAAS,EAAE,SAAS,EACpB,UAAU,EAAE,UAAU,EACtB,cAAc,EAAE,qBAAqB,EACrC,gBAAgB,EAAE,gBAAgB;IAGxC,WAAW,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,OAAO,CAAC;YAyFhD,aAAa;YA2Cb,gBAAgB;YAqDhB,QAAQ;IA0BtB;;OAEG;YACW,kBAAkB;IA+BhC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAc9B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAcxB;;OAEG;IACH,OAAO,CAAC,UAAU;IAyBlB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IA4BxB;;OAEG;IACH,OAAO,CAAC,kBAAkB;CAiB7B"}
|
|
@@ -58,7 +58,7 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
58
58
|
// Required auth: throw error
|
|
59
59
|
throw new common_1.UnauthorizedException({
|
|
60
60
|
message: 'No authentication provided',
|
|
61
|
-
code:
|
|
61
|
+
code: auth_constants_1.ERROR_CODES.NO_AUTH_PROVIDED
|
|
62
62
|
});
|
|
63
63
|
}
|
|
64
64
|
}
|
|
@@ -70,7 +70,7 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
70
70
|
else {
|
|
71
71
|
throw new common_1.UnauthorizedException({
|
|
72
72
|
message: 'Invalid authentication format',
|
|
73
|
-
code:
|
|
73
|
+
code: auth_constants_1.ERROR_CODES.INVALID_AUTH_FORMAT
|
|
74
74
|
});
|
|
75
75
|
}
|
|
76
76
|
}
|
|
@@ -92,7 +92,7 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
92
92
|
else {
|
|
93
93
|
throw new common_1.UnauthorizedException({
|
|
94
94
|
message: 'Invalid authentication type',
|
|
95
|
-
code:
|
|
95
|
+
code: auth_constants_1.ERROR_CODES.INVALID_AUTH_TYPE
|
|
96
96
|
});
|
|
97
97
|
}
|
|
98
98
|
}
|
|
@@ -136,7 +136,7 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
136
136
|
else {
|
|
137
137
|
throw new common_1.UnauthorizedException({
|
|
138
138
|
message: 'Session not found',
|
|
139
|
-
code: auth_constants_1.
|
|
139
|
+
code: auth_constants_1.ERROR_CODES.SESSION_NOT_FOUND
|
|
140
140
|
});
|
|
141
141
|
}
|
|
142
142
|
}
|
|
@@ -155,7 +155,7 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
155
155
|
else {
|
|
156
156
|
throw new common_1.UnauthorizedException({
|
|
157
157
|
message: 'Invalid or expired token',
|
|
158
|
-
code: auth_constants_1.
|
|
158
|
+
code: auth_constants_1.ERROR_CODES.INVALID_TOKEN
|
|
159
159
|
});
|
|
160
160
|
}
|
|
161
161
|
}
|
|
@@ -171,7 +171,7 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
171
171
|
else {
|
|
172
172
|
throw new common_1.UnauthorizedException({
|
|
173
173
|
message: 'Invalid API key format',
|
|
174
|
-
code:
|
|
174
|
+
code: auth_constants_1.ERROR_CODES.INVALID_API_KEY_FORMAT
|
|
175
175
|
});
|
|
176
176
|
}
|
|
177
177
|
}
|
|
@@ -186,7 +186,7 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
186
186
|
else {
|
|
187
187
|
throw new common_1.UnauthorizedException({
|
|
188
188
|
message: 'Invalid API key',
|
|
189
|
-
code:
|
|
189
|
+
code: auth_constants_1.ERROR_CODES.INVALID_API_KEY
|
|
190
190
|
});
|
|
191
191
|
}
|
|
192
192
|
}
|
|
@@ -229,7 +229,7 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
229
229
|
else {
|
|
230
230
|
throw new common_1.UnauthorizedException({
|
|
231
231
|
message: 'Multi-factor authentication is required',
|
|
232
|
-
code: auth_constants_1.
|
|
232
|
+
code: auth_constants_1.ERROR_CODES.MFA_REQUIRED
|
|
233
233
|
});
|
|
234
234
|
}
|
|
235
235
|
}
|
|
@@ -248,7 +248,10 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
248
248
|
const user = request.user;
|
|
249
249
|
// Check if user exists
|
|
250
250
|
if (!user) {
|
|
251
|
-
throw new common_1.ForbiddenException(
|
|
251
|
+
throw new common_1.ForbiddenException({
|
|
252
|
+
message: 'Access denied: User not authenticated',
|
|
253
|
+
code: auth_constants_1.ERROR_CODES.UNAUTHORIZED,
|
|
254
|
+
});
|
|
252
255
|
}
|
|
253
256
|
// Check roles if required
|
|
254
257
|
if (requiredRoles.length > 0) {
|
|
@@ -286,7 +289,10 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
286
289
|
*/
|
|
287
290
|
checkRoles(user, requiredRoles) {
|
|
288
291
|
if (!user.roles || !Array.isArray(user.roles)) {
|
|
289
|
-
throw new common_1.ForbiddenException(
|
|
292
|
+
throw new common_1.ForbiddenException({
|
|
293
|
+
message: 'Access denied: No roles assigned',
|
|
294
|
+
code: auth_constants_1.ERROR_CODES.NO_ROLES_ASSIGNED,
|
|
295
|
+
});
|
|
290
296
|
}
|
|
291
297
|
// Get active role names
|
|
292
298
|
const userRoleNames = user.roles
|
|
@@ -296,7 +302,10 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
296
302
|
const hasAllRoles = requiredRoles.every(role => userRoleNames.includes(role));
|
|
297
303
|
if (!hasAllRoles) {
|
|
298
304
|
const missingRoles = requiredRoles.filter(role => !userRoleNames.includes(role));
|
|
299
|
-
throw new common_1.ForbiddenException(
|
|
305
|
+
throw new common_1.ForbiddenException({
|
|
306
|
+
message: `Access denied: Missing required roles: ${missingRoles.join(', ')}`,
|
|
307
|
+
code: auth_constants_1.ERROR_CODES.MISSING_REQUIRED_ROLES,
|
|
308
|
+
});
|
|
300
309
|
}
|
|
301
310
|
}
|
|
302
311
|
/**
|
|
@@ -304,7 +313,10 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
304
313
|
*/
|
|
305
314
|
checkPermissions(user, requiredPermissions) {
|
|
306
315
|
if (!user.roles || !Array.isArray(user.roles)) {
|
|
307
|
-
throw new common_1.ForbiddenException(
|
|
316
|
+
throw new common_1.ForbiddenException({
|
|
317
|
+
message: 'Access denied: No roles assigned for permission check',
|
|
318
|
+
code: auth_constants_1.ERROR_CODES.NO_ROLES_ASSIGNED,
|
|
319
|
+
});
|
|
308
320
|
}
|
|
309
321
|
// Get all permissions from user's roles
|
|
310
322
|
const userPermissions = this.getUserPermissions(user.roles);
|
|
@@ -312,7 +324,10 @@ let NestAuthAuthGuard = class NestAuthAuthGuard {
|
|
|
312
324
|
const hasAllPermissions = requiredPermissions.every(permission => userPermissions.includes(permission));
|
|
313
325
|
if (!hasAllPermissions) {
|
|
314
326
|
const missingPermissions = requiredPermissions.filter(permission => !userPermissions.includes(permission));
|
|
315
|
-
throw new common_1.ForbiddenException(
|
|
327
|
+
throw new common_1.ForbiddenException({
|
|
328
|
+
message: `Access denied: Missing required permissions: ${missingPermissions.join(', ')}`,
|
|
329
|
+
code: auth_constants_1.ERROR_CODES.MISSING_REQUIRED_PERMISSIONS,
|
|
330
|
+
});
|
|
316
331
|
}
|
|
317
332
|
}
|
|
318
333
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/auth.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;
|
|
1
|
+
{"version":3,"file":"auth.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/nest-auth/src/lib/auth/services/auth.service.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC/D,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAU7D,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,iCAAiC,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gDAAgD,CAAC;AAEvF,OAAO,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AACtE,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,eAAe,EAAE,MAAM,mCAAmC,CAAC;AACpE,OAAO,EAAE,mBAAmB,EAAE,MAAM,wCAAwC,CAAC;AAC7E,OAAO,EACH,aAAa,EAChB,MAAM,6CAA6C,CAAC;AAErD,OAAO,EAAE,wBAAwB,EAAE,MAAM,6CAA6C,CAAC;AAEvF,OAAO,EAAE,uBAAuB,EAAE,MAAM,4CAA4C,CAAC;AAUrF,OAAO,EAAE,2BAA2B,EAAE,MAAM,oDAAoD,CAAC;AACjG,OAAO,EAAE,aAAa,EAAE,MAAM,sCAAsC,CAAC;AACrE,OAAO,EAAE,kBAAkB,EAAE,MAAM,0CAA0C,CAAC;AAE9E,OAAO,EAAE,iCAAiC,EAAE,MAAM,wDAAwD,CAAC;AAC3G,OAAO,EAAE,gCAAgC,EAAE,MAAM,uDAAuD,CAAC;AACzG,OAAO,EAAE,wBAAwB,EAAE,MAAM,6CAA6C,CAAC;AACvF,OAAO,EAAE,oBAAoB,EAAE,MAAM,0CAA0C,CAAC;AAChF,OAAO,EAAE,+BAA+B,EAAE,MAAM,qDAAqD,CAAC;AACtG,OAAO,EAAE,qBAAqB,EAAE,MAAM,0CAA0C,CAAC;AACjF,OAAO,EAAE,iBAAiB,EAAE,MAAM,yCAAyC,CAAC;AAG5E,qBACa,WAAW;IAIhB,OAAO,CAAC,QAAQ,CAAC,cAAc;IAG/B,OAAO,CAAC,aAAa;IAErB,OAAO,CAAC,QAAQ,CAAC,oBAAoB;IAErC,OAAO,CAAC,QAAQ,CAAC,UAAU;IAE3B,OAAO,CAAC,QAAQ,CAAC,cAAc;IAE/B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAE3B,OAAO,CAAC,QAAQ,CAAC,YAAY;IAE7B,OAAO,CAAC,QAAQ,CAAC,aAAa;IAE9B,OAAO,CAAC,QAAQ,CAAC,WAAW;IAE5B,OAAO,CAAC,QAAQ,CAAC,iBAAiB;gBAnBjB,cAAc,EAAE,UAAU,CAAC,YAAY,CAAC,EAGjD,aAAa,EAAE,UAAU,CAAC,WAAW,CAAC,EAE7B,oBAAoB,EAAE,2BAA2B,EAEjD,UAAU,EAAE,UAAU,EAEtB,cAAc,EAAE,qBAAqB,EAErC,UAAU,EAAE,UAAU,EAEtB,YAAY,EAAE,aAAa,EAE3B,aAAa,EAAE,aAAa,EAE5B,WAAW,EAAE,kBAAkB,EAE/B,iBAAiB,EAAE,iBAAiB;IAKzD,8BAA8B,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,GAAE,MAAM,EAAO,GAAG,OAAO,CAAC,YAAY,CAAC;IAUzF,OAAO;IAQP,MAAM,CAAC,KAAK,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IA6HzD,KAAK,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,eAAe,CAAC;IA6GvD,SAAS,CAAC,KAAK,EAAE,mBAAmB;;;;;IAqEpC,WAAW,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa;YAezC,iBAAiB;IAiCzB,YAAY,CAAC,YAAY,EAAE,MAAM;qBAupBkD,MAAM;sBAAgB,MAAM;;IA1lB/G,cAAc,CAAC,KAAK,EAAE,wBAAwB,GAAG,OAAO,CAAC,eAAe,CAAC;IA6DzE,cAAc,CAAC,KAAK,EAAE,wBAAwB;;;IAqF9C,uBAAuB,CAAC,KAAK,EAAE,iCAAiC,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAwFhG,aAAa,CAAC,KAAK,EAAE,uBAAuB;IA8E5C,sBAAsB,CAAC,KAAK,EAAE,gCAAgC;IAqE9D,MAAM,CAAC,UAAU,GAAE,MAAM,GAAG,OAAO,GAAG,QAAiB,EAAE,MAAM,CAAC,EAAE,MAAM;IAwBxE,SAAS,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,GAAE,MAAM,GAAG,OAAO,GAAG,QAAiB,EAAE,MAAM,CAAC,EAAE,MAAM;IA+B3F,qBAAqB,CAAC,KAAK,EAAE,+BAA+B;;;IA4D5D,WAAW,CAAC,KAAK,EAAE,qBAAqB;;;YAiFhC,qBAAqB;YAyBrB,yBAAyB;CAK1C"}
|