@aep-foundation/service 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1 @@
1
+ {"version":3,"sources":["../src/index.ts"],"sourcesContent":["import {\n AEP_AUTH_SCHEME,\n AEP_BINDINGS,\n AEP_BUILT_IN_GRANT_TYPES,\n AEP_IDENTITY_METHOD_DID_WEB,\n AEP_MEDIA_TYPE,\n AEP_PROBLEM_MEDIA_TYPE,\n AEP_SIGNING_ALGORITHMS,\n AEP_VERSION,\n DEFAULT_HTTP_ENDPOINT_BASE,\n createProblemDetails,\n decodeJwtUnverified,\n parseBuiltInGrantResponse,\n parseClientAssertionClaims,\n parseEnrollRequest,\n parseGrantRequest,\n parseInspectDocument,\n parseRevokeRequest,\n resolveDidWebPublicKey,\n verifyClientAssertionJwt\n} from \"@aep-foundation/core\";\nimport type {\n AepCommand,\n AepClientAssertionClaims,\n AepEnrollmentStatus,\n AepBuiltInGrantResponse,\n AepBuiltInGrantType,\n AepGrantType,\n AepIdentityMethod,\n AepProblemDetails,\n AepSigningAlgorithm,\n AepImportableJoseKey,\n DidWebFetchLike,\n ApiKeyGrantResponse,\n BasicGrantResponse,\n EnrollRequest,\n EnrollResponse,\n GrantRequest,\n InspectDocument,\n OAuthBearerGrantResponse,\n RevokeRequest,\n RevokeResponse\n} from \"@aep-foundation/core\";\n\nexport type Awaitable<T> = T | Promise<T>;\n\nexport interface AepIdentityMethodDefinition {\n method: AepIdentityMethod;\n}\n\nexport interface AepGrantTypeDefinition {\n grantType: AepGrantType;\n config?: Record<string, unknown>;\n handler?: AepGrantTypeHandler;\n}\n\nexport interface AepGrantContext {\n agentDid: string;\n enrollment: AepEnrollmentRecord;\n grantType: AepGrantType;\n}\n\nexport interface AepRevokeContext {\n agentDid: string;\n enrollment: AepEnrollmentRecord;\n grantType: AepGrantType;\n}\n\nexport interface AepGrantTypeHandler {\n grant(request: GrantRequest, context: AepGrantContext): Awaitable<Record<string, unknown>>;\n revoke(request: RevokeRequest, context: AepRevokeContext): Awaitable<void>;\n}\n\nexport interface AepServiceCredentialRecord {\n agentDid: string;\n createdAt: string;\n credential: AepBuiltInGrantResponse;\n credentialId: string;\n expiresAt: string;\n grantType: AepBuiltInGrantType;\n revokedAt?: string;\n}\n\nexport interface AepServiceCredentialStore {\n findCredential(\n agentDid: string,\n grantType: AepBuiltInGrantType,\n credentialId: string\n ): Awaitable<AepServiceCredentialRecord | undefined>;\n listCredentials(\n agentDid: string,\n grantType?: AepBuiltInGrantType\n ): Awaitable<AepServiceCredentialRecord[]>;\n revokeCredential(\n agentDid: string,\n grantType: AepBuiltInGrantType,\n credentialId: string,\n revokedAt: string\n ): Awaitable<void>;\n revokeGrantType(\n agentDid: string,\n grantType: AepBuiltInGrantType,\n revokedAt: string\n ): Awaitable<void>;\n saveCredential(record: AepServiceCredentialRecord): Awaitable<AepServiceCredentialRecord>;\n}\n\nexport type AepBuiltInCredentialIssuer<TCredential extends AepBuiltInGrantResponse> = (\n request: GrantRequest,\n context: AepGrantContext\n) => Awaitable<TCredential>;\n\nexport interface AepStoredCredentialGrantTypeOptions<TCredential extends AepBuiltInGrantResponse> {\n clock?: () => Date;\n config?: Record<string, unknown>;\n issue: AepBuiltInCredentialIssuer<TCredential>;\n store: AepServiceCredentialStore;\n}\n\nexport interface AepServiceClaimsConfig {\n required?: string[];\n preferred?: string[];\n optional?: string[];\n}\n\nexport interface AepServiceOptions {\n clock?: () => Date;\n clientAssertion?: AepClientAssertionConfig;\n commandIdempotencyStore?: AepCommandIdempotencyStore;\n clientAssertionVerifier?: AepClientAssertionVerifier;\n serviceDid: string;\n endpointBase?: string;\n identityMethods: AepIdentityMethodDefinition[];\n grantTypes?: AepGrantTypeDefinition[];\n claims?: AepServiceClaimsConfig;\n enrollmentPolicy?: AepEnrollmentPolicy;\n enrollmentStore?: AepEnrollmentStore;\n replayStore?: AepClientAssertionReplayStore;\n signingAlgorithms?: AepSigningAlgorithm[];\n extensions?: string[];\n}\n\nexport interface AepEnrollmentDecision {\n ownerActionRequired?: boolean;\n requirementsPending?: string[];\n status?: AepEnrollmentStatus;\n}\n\nexport interface AepEnrollmentPolicyContext {\n now: Date;\n}\n\nexport interface AepEnrollmentPolicy {\n decideEnrollment(\n request: EnrollRequest,\n context: AepEnrollmentPolicyContext\n ): Awaitable<AepEnrollmentDecision>;\n}\n\nexport interface AepClientAssertionConfig {\n clock?: () => Date;\n clockSkewSeconds?: number;\n maxTtlSeconds?: number;\n}\n\nexport interface AepClientAssertionVerificationContext {\n clientAssertion: string;\n command: AuthenticatedServiceCommand;\n serviceDid: string;\n signingAlgorithms: AepSigningAlgorithm[];\n}\n\nexport type AepClientAssertionVerifier = (\n clientAssertion: string,\n context: AepClientAssertionVerificationContext\n) => Awaitable<AepClientAssertionClaims>;\n\nexport interface JwtClientAssertionVerifierOptions {\n algorithms?: AepSigningAlgorithm[];\n clockTolerance?: number | string;\n currentDate?: Date;\n key: AepImportableJoseKey;\n}\n\nexport interface DidWebClientAssertionVerifierOptions {\n fetch?: DidWebFetchLike;\n}\n\nexport type HostedPlatformVerificationFetchLike = (\n input: URL | string,\n init?: RequestInit\n) => Promise<HostedPlatformVerificationResponseLike>;\n\nexport interface HostedPlatformVerificationResponseLike {\n ok: boolean;\n status: number;\n json(): Promise<unknown>;\n}\n\nexport interface HostedPlatformClientAssertionVerifierOptions {\n authorization?: string;\n endpoint: string | URL;\n fetch?: HostedPlatformVerificationFetchLike;\n}\n\nexport interface HostedPlatformVerificationResponse {\n agent_did?: string;\n agent_identity_id?: string;\n op?: AuthenticatedServiceCommand;\n reason: string;\n service_did: string;\n status?: string;\n verified: boolean;\n}\n\nexport interface AepClientAssertionReplayRecord {\n expiresAt: number;\n jti: string;\n sub: string;\n}\n\nexport interface AepClientAssertionReplayStore {\n consumeReplay(record: AepClientAssertionReplayRecord, now: number): Awaitable<boolean>;\n}\n\nexport interface AepEnrollmentRecord {\n agentDid: string;\n claims: Record<string, unknown>;\n createdAt: string;\n ownerActionRequired: boolean;\n requirementsPending: string[];\n since: string;\n status: AepEnrollmentStatus;\n updatedAt: string;\n}\n\nexport interface AepEnrollmentStore {\n findEnrollment(agentDid: string): Awaitable<AepEnrollmentRecord | undefined>;\n saveEnrollment(record: AepEnrollmentRecord): Awaitable<AepEnrollmentRecord>;\n}\n\nexport interface AepCommandIdempotencyRecord<TBody = unknown> {\n agentDid: string;\n body: TBody;\n command: AuthenticatedServiceCommand;\n contentType: string;\n createdAt: string;\n idempotencyKey: string;\n requestHash: string;\n status: number;\n}\n\nexport interface AepCommandIdempotencyInput {\n agentDid: string;\n command: AuthenticatedServiceCommand;\n idempotencyKey: string;\n requestHash: string;\n}\n\nexport type AepCommandIdempotencyResult<TBody = unknown> =\n | {\n record: AepCommandIdempotencyRecord;\n state: \"replayed\";\n }\n | {\n response: AepServiceResponse<TBody>;\n state: \"created\";\n }\n | {\n state: \"conflict\";\n };\n\nexport interface AepCommandIdempotencyStore {\n executeIdempotentCommand<TBody>(\n input: AepCommandIdempotencyInput,\n execute: () => Awaitable<AepServiceResponse<TBody>>\n ): Awaitable<AepCommandIdempotencyResult<TBody>>;\n}\n\nexport interface AepServiceResponse<TBody = unknown> {\n body: TBody;\n contentType: string;\n status: number;\n}\n\nexport interface AepAuthenticatedServiceOptions {\n clientAssertion: string;\n idempotencyKey?: string;\n}\n\nexport type AuthenticatedServiceCommand = Exclude<AepCommand, \"inspect\">;\n\nexport interface AepService {\n enroll(\n request: unknown,\n options: AepAuthenticatedServiceOptions\n ): Promise<AepServiceResponse<EnrollResponse | AepProblemDetails>>;\n grant(\n request: unknown,\n options: AepAuthenticatedServiceOptions\n ): Promise<AepServiceResponse<Record<string, unknown> | AepProblemDetails>>;\n inspectDocument(): InspectDocument;\n revoke(\n request: unknown,\n options: AepAuthenticatedServiceOptions\n ): Promise<AepServiceResponse<RevokeResponse | AepProblemDetails>>;\n status(\n options: AepAuthenticatedServiceOptions\n ): Promise<AepServiceResponse<StatusResponseBody | AepProblemDetails>>;\n}\n\nexport function createAepService(options: AepServiceOptions): AepService {\n const inspectDocument = buildInspectDocument(options);\n const commandIdempotencyStore =\n options.commandIdempotencyStore ?? createInMemoryCommandIdempotencyStore();\n const enrollmentPolicy = options.enrollmentPolicy ?? createStaticEnrollmentPolicy();\n const enrollmentStore = options.enrollmentStore ?? createInMemoryEnrollmentStore();\n const grantHandlers = createGrantHandlerMap(options.grantTypes ?? []);\n const replayStore = options.replayStore ?? createInMemoryClientAssertionReplayStore();\n const signingAlgorithms = [...(options.signingAlgorithms ?? AEP_SIGNING_ALGORITHMS)];\n const authenticationOptions = (): AuthenticateClientAssertionOptions => ({\n replayStore,\n serviceDid: options.serviceDid,\n signingAlgorithms,\n ...(options.clientAssertion === undefined ? {} : { config: options.clientAssertion }),\n ...(options.clientAssertionVerifier === undefined\n ? {}\n : { verifier: options.clientAssertionVerifier })\n });\n\n return {\n enroll: async (request, commandOptions) => {\n const authentication = await authenticateClientAssertion(\n \"enroll\",\n commandOptions,\n authenticationOptions()\n );\n\n if (!authentication.ok) {\n return authentication.response;\n }\n\n try {\n if (parseEnrollRequest(request).agent_did !== authentication.agentDid) {\n return problem(\"not_recognized\", \"Not recognized\", 401);\n }\n } catch {\n return problem(\"invalid_request\", \"Invalid request\", 400);\n }\n\n return handleEnrollRequest(request, {\n commandIdempotencyStore,\n store: enrollmentStore,\n ...(options.clock === undefined ? {} : { clock: options.clock }),\n policy: enrollmentPolicy,\n ...(commandOptions.idempotencyKey === undefined\n ? {}\n : { idempotencyKey: commandOptions.idempotencyKey })\n });\n },\n grant: async (request, commandOptions) => {\n const authentication = await authenticateClientAssertion(\n \"grant\",\n commandOptions,\n authenticationOptions()\n );\n\n if (!authentication.ok) {\n return authentication.response;\n }\n\n return handleGrantRequest(request, {\n agentDid: authentication.agentDid,\n commandIdempotencyStore,\n handlers: grantHandlers,\n store: enrollmentStore,\n ...(commandOptions.idempotencyKey === undefined\n ? {}\n : { idempotencyKey: commandOptions.idempotencyKey })\n });\n },\n inspectDocument: () => structuredClone(inspectDocument),\n revoke: async (request, commandOptions) => {\n const authentication = await authenticateClientAssertion(\n \"revoke\",\n commandOptions,\n authenticationOptions()\n );\n\n if (!authentication.ok) {\n return authentication.response;\n }\n\n return handleRevokeRequest(request, {\n agentDid: authentication.agentDid,\n commandIdempotencyStore,\n handlers: grantHandlers,\n store: enrollmentStore,\n ...(commandOptions.idempotencyKey === undefined\n ? {}\n : { idempotencyKey: commandOptions.idempotencyKey })\n });\n },\n status: async (commandOptions) => {\n const authentication = await authenticateClientAssertion(\n \"status\",\n commandOptions,\n authenticationOptions()\n );\n\n if (!authentication.ok) {\n return authentication.response;\n }\n\n return handleStatusRequest(authentication.agentDid, {\n store: enrollmentStore\n });\n }\n };\n}\n\nexport function buildInspectDocument(options: AepServiceOptions): InspectDocument {\n const identityMethods = uniqueBy(options.identityMethods, \"method\", \"identity method\").map(\n (definition) => definition.method\n );\n const grantTypes = uniqueBy(options.grantTypes ?? [], \"grantType\", \"grant type\");\n const supportedCommands: AepCommand[] =\n grantTypes.length > 0\n ? [\"enroll\", \"grant\", \"inspect\", \"revoke\", \"status\"]\n : [\"enroll\", \"inspect\", \"status\"];\n\n if (identityMethods.length === 0) {\n throw new TypeError(\"AEP Services must enable at least one identity method.\");\n }\n\n const grantTypeConfig = Object.fromEntries(\n grantTypes\n .filter((definition) => definition.config !== undefined)\n .map((definition) => [definition.grantType, definition.config])\n );\n\n const document: InspectDocument = {\n aep_version: AEP_VERSION,\n bindings: {\n supported: [...AEP_BINDINGS]\n },\n claims: {\n required: [...(options.claims?.required ?? [])],\n preferred: [...(options.claims?.preferred ?? [])],\n optional: [...(options.claims?.optional ?? [])]\n },\n commands: {\n supported: supportedCommands,\n ...(grantTypes.length > 0\n ? {\n grant_types: grantTypes.map((definition) => definition.grantType)\n }\n : {}),\n ...(Object.keys(grantTypeConfig).length > 0\n ? {\n grant_types_config: grantTypeConfig\n }\n : {})\n },\n core: {\n signing_algorithms: [...(options.signingAlgorithms ?? AEP_SIGNING_ALGORITHMS)]\n },\n extensions: {\n supported: [...(options.extensions ?? [])]\n },\n http: {\n endpoint_base: options.endpointBase ?? DEFAULT_HTTP_ENDPOINT_BASE\n },\n identity: {\n methods: identityMethods\n },\n service: {\n did: options.serviceDid\n }\n };\n\n return parseInspectDocument(document);\n}\n\nexport function didWebIdentityMethod(): AepIdentityMethodDefinition {\n return {\n method: AEP_IDENTITY_METHOD_DID_WEB\n };\n}\n\nexport function oauthBearerGrantType(config?: Record<string, unknown>): AepGrantTypeDefinition {\n return grantType(AEP_BUILT_IN_GRANT_TYPES[0], config);\n}\n\nexport function apiKeyGrantType(config?: Record<string, unknown>): AepGrantTypeDefinition {\n return grantType(AEP_BUILT_IN_GRANT_TYPES[1], config);\n}\n\nexport function basicGrantType(config?: Record<string, unknown>): AepGrantTypeDefinition {\n return grantType(AEP_BUILT_IN_GRANT_TYPES[2], config);\n}\n\nexport function grantType(\n grantType: AepGrantType,\n config?: Record<string, unknown>,\n handler?: AepGrantTypeHandler\n): AepGrantTypeDefinition {\n return {\n grantType,\n ...(config === undefined ? {} : { config }),\n ...(handler === undefined ? {} : { handler })\n };\n}\n\nexport function storedOAuthBearerGrantType(\n options: AepStoredCredentialGrantTypeOptions<OAuthBearerGrantResponse>\n): AepGrantTypeDefinition {\n return storedBuiltInGrantType(AEP_BUILT_IN_GRANT_TYPES[0], options);\n}\n\nexport function storedApiKeyGrantType(\n options: AepStoredCredentialGrantTypeOptions<ApiKeyGrantResponse>\n): AepGrantTypeDefinition {\n return storedBuiltInGrantType(AEP_BUILT_IN_GRANT_TYPES[1], options);\n}\n\nexport function storedBasicGrantType(\n options: AepStoredCredentialGrantTypeOptions<BasicGrantResponse>\n): AepGrantTypeDefinition {\n return storedBuiltInGrantType(AEP_BUILT_IN_GRANT_TYPES[2], options);\n}\n\nexport function createInMemoryEnrollmentStore(\n records: AepEnrollmentRecord[] = []\n): AepEnrollmentStore {\n const enrollments = new Map<string, AepEnrollmentRecord>();\n\n records.forEach((record) => enrollments.set(record.agentDid, cloneEnrollmentRecord(record)));\n\n return {\n findEnrollment(agentDid) {\n const record = enrollments.get(agentDid);\n return record === undefined ? undefined : cloneEnrollmentRecord(record);\n },\n saveEnrollment(record) {\n const cloned = cloneEnrollmentRecord(record);\n enrollments.set(cloned.agentDid, cloned);\n return cloneEnrollmentRecord(cloned);\n }\n };\n}\n\nexport function createInMemoryClientAssertionReplayStore(): AepClientAssertionReplayStore {\n const records = new Map<string, AepClientAssertionReplayRecord>();\n\n return {\n consumeReplay(record, now) {\n for (const [key, existing] of records) {\n if (existing.expiresAt <= now) {\n records.delete(key);\n }\n }\n\n if (records.has(replayKey(record.sub, record.jti))) {\n return false;\n }\n\n records.set(replayKey(record.sub, record.jti), { ...record });\n return true;\n }\n };\n}\n\nexport function createInMemoryCommandIdempotencyStore(\n records: AepCommandIdempotencyRecord[] = []\n): AepCommandIdempotencyStore {\n const idempotency = new Map<string, AepCommandIdempotencyRecord>();\n const pending = new Map<string, Promise<void>>();\n\n records.forEach((record) =>\n idempotency.set(\n idempotencyLookupKey(record.agentDid, record.command, record.idempotencyKey),\n cloneIdempotencyResponseRecord(record)\n )\n );\n\n return {\n async executeIdempotentCommand(input, execute) {\n const key = idempotencyLookupKey(input.agentDid, input.command, input.idempotencyKey);\n\n for (;;) {\n const existing = idempotency.get(key);\n\n if (existing !== undefined) {\n if (existing.requestHash !== input.requestHash) {\n return {\n state: \"conflict\"\n };\n }\n\n return {\n record: cloneIdempotencyResponseRecord(existing),\n state: \"replayed\"\n };\n }\n\n const pendingCommand = pending.get(key);\n\n if (pendingCommand === undefined) {\n break;\n }\n\n await pendingCommand;\n }\n\n let releasePending: (() => void) | undefined;\n const pendingCommand = new Promise<void>((resolve) => {\n releasePending = resolve;\n });\n\n pending.set(key, pendingCommand);\n\n try {\n const response = await execute();\n const record: AepCommandIdempotencyRecord = {\n agentDid: input.agentDid,\n body: structuredClone(response.body),\n command: input.command,\n contentType: response.contentType,\n createdAt: new Date().toISOString(),\n idempotencyKey: input.idempotencyKey,\n requestHash: input.requestHash,\n status: response.status\n };\n\n idempotency.set(key, cloneIdempotencyResponseRecord(record));\n\n return {\n response,\n state: \"created\"\n };\n } finally {\n pending.delete(key);\n releasePending?.();\n }\n }\n };\n}\n\nexport function createStaticEnrollmentPolicy(\n decision: AepEnrollmentDecision = {}\n): AepEnrollmentPolicy {\n return {\n decideEnrollment: () => ({\n ownerActionRequired: decision.ownerActionRequired ?? false,\n requirementsPending: [...(decision.requirementsPending ?? [])],\n status: decision.status ?? \"active\"\n })\n };\n}\n\nexport function createJwtClientAssertionVerifier(\n options: JwtClientAssertionVerifierOptions\n): AepClientAssertionVerifier {\n return (clientAssertion, context) =>\n verifyClientAssertionJwt(clientAssertion, {\n algorithms: options.algorithms ?? context.signingAlgorithms,\n audience: context.serviceDid,\n key: options.key,\n ...(options.clockTolerance === undefined ? {} : { clockTolerance: options.clockTolerance }),\n ...(options.currentDate === undefined ? {} : { currentDate: options.currentDate })\n });\n}\n\nexport function createDidWebClientAssertionVerifier(\n options: DidWebClientAssertionVerifierOptions = {}\n): AepClientAssertionVerifier {\n return async (clientAssertion, context) => {\n const untrusted = decodeJwtUnverified(clientAssertion);\n const issuer = stringField(untrusted.payload, \"iss\");\n const key = await resolveDidWebPublicKey({\n did: issuer,\n ...(options.fetch === undefined ? {} : { fetch: options.fetch }),\n ...(typeof untrusted.header[\"kid\"] === \"string\" ? { kid: untrusted.header[\"kid\"] } : {})\n });\n\n return verifyClientAssertionJwt(clientAssertion, {\n algorithms: context.signingAlgorithms,\n audience: context.serviceDid,\n key\n });\n };\n}\n\nexport function createHostedPlatformClientAssertionVerifier(\n options: HostedPlatformClientAssertionVerifierOptions\n): AepClientAssertionVerifier {\n const fetchImpl = platformVerificationFetch(options.fetch);\n\n return async (clientAssertion, context) => {\n const response = await fetchImpl(options.endpoint, {\n body: JSON.stringify({\n client_assertion: clientAssertion,\n op: context.command,\n service_did: context.serviceDid\n }),\n headers: {\n Accept: AEP_MEDIA_TYPE,\n ...(options.authorization === undefined ? {} : { Authorization: options.authorization }),\n \"Content-Type\": AEP_MEDIA_TYPE\n },\n method: \"POST\"\n });\n\n if (!response.ok) {\n throw new Error(`AEP hosted verification failed with HTTP ${response.status}.`);\n }\n\n const verification = parseHostedPlatformVerificationResponse(await response.json());\n const claims = parseClientAssertionClaims(decodeJwtUnverified(clientAssertion).payload);\n\n if (\n !verification.verified ||\n verification.agent_did !== claims.sub ||\n verification.op !== context.command ||\n verification.service_did !== context.serviceDid\n ) {\n throw new Error(\"AEP hosted verification did not recognize the client assertion.\");\n }\n\n return claims;\n };\n}\n\nexport function clientAssertionFromAepAuthorization(\n authorization: string | null | undefined\n): string {\n const prefix = `${AEP_AUTH_SCHEME} `;\n\n if (authorization?.startsWith(prefix)) {\n return authorization.slice(prefix.length);\n }\n\n return \"\";\n}\n\nexport async function authenticateProtectedResource(\n service: Pick<AepService, \"status\">,\n authorization: string | null | undefined\n): Promise<AepServiceResponse<StatusResponseBody | AepProblemDetails>> {\n return service.status({\n clientAssertion: clientAssertionFromAepAuthorization(authorization)\n });\n}\n\nexport function isActiveProtectedResourceAuthentication(result: AepServiceResponse): boolean {\n return isRecord(result.body) && result.body[\"status\"] === \"active\";\n}\n\nexport function createInMemoryServiceCredentialStore(\n records: AepServiceCredentialRecord[] = []\n): AepServiceCredentialStore {\n const credentials = new Map<string, AepServiceCredentialRecord>();\n\n records.forEach((record) =>\n credentials.set(serviceCredentialKey(record), cloneCredential(record))\n );\n\n return {\n findCredential(agentDid, grantTypeName, credentialId) {\n const record = credentials.get(\n serviceCredentialLookupKey(agentDid, grantTypeName, credentialId)\n );\n\n return record === undefined ? undefined : cloneCredential(record);\n },\n listCredentials(agentDid, grantTypeName) {\n return [...credentials.values()]\n .filter(\n (record) =>\n record.agentDid === agentDid &&\n (grantTypeName === undefined || record.grantType === grantTypeName)\n )\n .map(cloneCredential);\n },\n revokeCredential(agentDid, grantTypeName, credentialId, revokedAt) {\n const key = serviceCredentialLookupKey(agentDid, grantTypeName, credentialId);\n const record = credentials.get(key);\n\n if (record !== undefined) {\n credentials.set(key, {\n ...record,\n revokedAt\n });\n }\n },\n revokeGrantType(agentDid, grantTypeName, revokedAt) {\n for (const [key, record] of credentials) {\n if (record.agentDid === agentDid && record.grantType === grantTypeName) {\n credentials.set(key, {\n ...record,\n revokedAt\n });\n }\n }\n },\n saveCredential(record) {\n const parsed = credentialRecordWithParsedCredential(record);\n credentials.set(serviceCredentialKey(parsed), cloneCredential(parsed));\n return cloneCredential(parsed);\n }\n };\n}\n\nexport interface HandleEnrollRequestOptions {\n clock?: () => Date;\n commandIdempotencyStore?: AepCommandIdempotencyStore;\n idempotencyKey?: string;\n policy: AepEnrollmentPolicy;\n store: AepEnrollmentStore;\n}\n\nexport async function handleEnrollRequest(\n request: unknown,\n options: HandleEnrollRequestOptions\n): Promise<AepServiceResponse<EnrollResponse | AepProblemDetails>> {\n let parsed: EnrollRequest;\n\n try {\n parsed = parseEnrollRequest(request);\n } catch {\n return problem(\"invalid_request\", \"Invalid request\", 400);\n }\n\n if (options.idempotencyKey !== undefined && options.idempotencyKey !== parsed.idempotency_key) {\n return problem(\"invalid_request\", \"Invalid request\", 400);\n }\n\n return withIdempotency(\n \"enroll\",\n parsed.agent_did,\n parsed.idempotency_key,\n parsed,\n options.commandIdempotencyStore,\n async () => {\n const now = options.clock ?? (() => new Date());\n const nowDate = now();\n const nowIso = nowDate.toISOString();\n const decision = await options.policy.decideEnrollment(parsed, { now: nowDate });\n const record = await options.store.saveEnrollment({\n agentDid: parsed.agent_did,\n claims: structuredClone(parsed.claims ?? {}),\n createdAt: nowIso,\n ownerActionRequired: decision.ownerActionRequired ?? false,\n requirementsPending: [...(decision.requirementsPending ?? [])],\n since: nowIso,\n status: decision.status ?? \"active\",\n updatedAt: nowIso\n });\n\n return aepResponse(200, enrollmentResponseFromRecord(record));\n }\n );\n}\n\nexport interface HandleStatusRequestOptions {\n store: AepEnrollmentStore;\n}\n\nexport type StatusResponseBody = {\n owner_action_required: \"true\" | \"false\";\n requirements_pending: string[];\n since: string;\n status: AepEnrollmentRecord[\"status\"];\n};\n\nexport async function handleStatusRequest(\n agentDid: string,\n options: HandleStatusRequestOptions\n): Promise<AepServiceResponse<StatusResponseBody | AepProblemDetails>> {\n const record = await options.store.findEnrollment(agentDid);\n\n if (record === undefined) {\n return problem(\"not_recognized\", \"Not recognized\", 401);\n }\n\n return aepResponse(200, statusResponseFromRecord(record));\n}\n\nexport interface HandleGrantRequestOptions {\n agentDid: string;\n commandIdempotencyStore?: AepCommandIdempotencyStore;\n handlers: ReadonlyMap<AepGrantType, AepGrantTypeHandler>;\n idempotencyKey?: string;\n store: AepEnrollmentStore;\n}\n\nexport async function handleGrantRequest(\n request: unknown,\n options: HandleGrantRequestOptions\n): Promise<AepServiceResponse<Record<string, unknown> | AepProblemDetails>> {\n let parsed: GrantRequest;\n\n try {\n parsed = parseGrantRequest(request);\n } catch {\n return problem(\"invalid_request\", \"Invalid request\", 400);\n }\n\n const enrollment = await options.store.findEnrollment(options.agentDid);\n\n if (enrollment === undefined) {\n return problem(\"not_recognized\", \"Not recognized\", 401);\n }\n\n if (enrollment.status !== \"active\") {\n return problem(\"verification_pending\", \"Verification pending\", 403);\n }\n\n const handler = options.handlers.get(parsed.grant_type);\n\n if (handler === undefined) {\n return problem(\"unsupported_grant_type\", \"Unsupported grant type\", 400);\n }\n\n return withIdempotency(\n \"grant\",\n options.agentDid,\n options.idempotencyKey,\n parsed,\n options.commandIdempotencyStore,\n async () =>\n aepResponse(\n 200,\n await handler.grant(parsed, {\n agentDid: options.agentDid,\n enrollment,\n grantType: parsed.grant_type\n })\n )\n );\n}\n\nexport interface HandleRevokeRequestOptions {\n agentDid: string;\n commandIdempotencyStore?: AepCommandIdempotencyStore;\n handlers: ReadonlyMap<AepGrantType, AepGrantTypeHandler>;\n idempotencyKey?: string;\n store: AepEnrollmentStore;\n}\n\nexport async function handleRevokeRequest(\n request: unknown,\n options: HandleRevokeRequestOptions\n): Promise<AepServiceResponse<RevokeResponse | AepProblemDetails>> {\n let parsed: RevokeRequest;\n\n try {\n parsed = parseRevokeRequest(request);\n } catch {\n return problem(\"invalid_request\", \"Invalid request\", 400);\n }\n\n const enrollment = await options.store.findEnrollment(options.agentDid);\n\n if (enrollment === undefined) {\n return problem(\"not_recognized\", \"Not recognized\", 401);\n }\n\n if (\"grant_type\" in parsed) {\n const grantTypeName = parsed.grant_type;\n const handler = options.handlers.get(grantTypeName);\n\n if (handler === undefined) {\n return problem(\"unsupported_grant_type\", \"Unsupported grant type\", 400);\n }\n\n return withIdempotency(\n \"revoke\",\n options.agentDid,\n options.idempotencyKey,\n parsed,\n options.commandIdempotencyStore,\n async () => {\n await handler.revoke(parsed, {\n agentDid: options.agentDid,\n enrollment,\n grantType: grantTypeName\n });\n return aepResponse(200, {});\n }\n );\n }\n\n return withIdempotency(\n \"revoke\",\n options.agentDid,\n options.idempotencyKey,\n parsed,\n options.commandIdempotencyStore,\n async () => {\n for (const [grantTypeName, handler] of options.handlers) {\n await handler.revoke(parsed, {\n agentDid: options.agentDid,\n enrollment,\n grantType: grantTypeName\n });\n }\n\n return aepResponse(200, {});\n }\n );\n}\n\ninterface AuthenticateClientAssertionOptions {\n config?: AepClientAssertionConfig;\n replayStore: AepClientAssertionReplayStore;\n serviceDid: string;\n signingAlgorithms: AepSigningAlgorithm[];\n verifier?: AepClientAssertionVerifier;\n}\n\ntype AuthenticateClientAssertionResult =\n | {\n agentDid: string;\n claims: AepClientAssertionClaims;\n ok: true;\n }\n | {\n ok: false;\n response: AepServiceResponse<AepProblemDetails>;\n };\n\nasync function authenticateClientAssertion(\n command: AuthenticatedServiceCommand,\n commandOptions: AepAuthenticatedServiceOptions,\n options: AuthenticateClientAssertionOptions\n): Promise<AuthenticateClientAssertionResult> {\n if (options.verifier === undefined) {\n return notRecognized();\n }\n\n let claims: AepClientAssertionClaims;\n\n try {\n claims = parseClientAssertionClaims(\n await options.verifier(commandOptions.clientAssertion, {\n clientAssertion: commandOptions.clientAssertion,\n command,\n serviceDid: options.serviceDid,\n signingAlgorithms: options.signingAlgorithms\n })\n );\n } catch {\n return notRecognized();\n }\n\n if (!validateClientAssertionClaimsForCommand(claims, command, options)) {\n return notRecognized();\n }\n\n const clock = options.config?.clock ?? (() => new Date());\n const now = Math.floor(clock().getTime() / 1000);\n const consumed = await options.replayStore.consumeReplay(\n {\n expiresAt: claims.exp + (options.config?.clockSkewSeconds ?? 30),\n jti: claims.jti,\n sub: claims.sub\n },\n now\n );\n\n if (!consumed) {\n return notRecognized();\n }\n\n return {\n agentDid: claims.sub,\n claims,\n ok: true\n };\n}\n\nfunction validateClientAssertionClaimsForCommand(\n claims: AepClientAssertionClaims,\n command: AuthenticatedServiceCommand,\n options: AuthenticateClientAssertionOptions\n): boolean {\n const clock = options.config?.clock ?? (() => new Date());\n const clockSkewSeconds = options.config?.clockSkewSeconds ?? 30;\n const maxTtlSeconds = options.config?.maxTtlSeconds ?? 300;\n const now = Math.floor(clock().getTime() / 1000);\n\n return (\n claims.iss === claims.sub &&\n claims.aud === options.serviceDid &&\n claims.op === command &&\n claims.exp > claims.iat &&\n claims.exp - claims.iat <= maxTtlSeconds &&\n claims.iat <= now + clockSkewSeconds &&\n claims.exp >= now - clockSkewSeconds\n );\n}\n\nfunction platformVerificationFetch(\n fetchImpl: HostedPlatformVerificationFetchLike | undefined\n): HostedPlatformVerificationFetchLike {\n const resolved: unknown = fetchImpl ?? globalThis.fetch;\n\n if (typeof resolved !== \"function\") {\n throw new TypeError(\"AEP hosted Platform verification requires a fetch implementation.\");\n }\n\n return resolved as HostedPlatformVerificationFetchLike;\n}\n\nfunction parseHostedPlatformVerificationResponse(\n value: unknown\n): HostedPlatformVerificationResponse {\n if (!isRecord(value)) {\n throw new TypeError(\"AEP hosted verification response must be an object.\");\n }\n\n return {\n ...(typeof value[\"agent_did\"] === \"string\" ? { agent_did: value[\"agent_did\"] } : {}),\n ...(typeof value[\"agent_identity_id\"] === \"string\"\n ? { agent_identity_id: value[\"agent_identity_id\"] }\n : {}),\n ...(isAuthenticatedServiceCommand(value[\"op\"]) ? { op: value[\"op\"] } : {}),\n reason: stringField(value, \"reason\"),\n service_did: stringField(value, \"service_did\"),\n ...(typeof value[\"status\"] === \"string\" ? { status: value[\"status\"] } : {}),\n verified: booleanField(value, \"verified\")\n };\n}\n\nfunction uniqueBy<T extends Record<K, string>, K extends keyof T>(\n items: T[],\n key: K,\n label: string\n): T[] {\n const seen = new Set<string>();\n\n return items.map((item) => {\n const value = item[key];\n\n if (seen.has(value)) {\n throw new TypeError(`Duplicate AEP ${label}: ${value}.`);\n }\n\n seen.add(value);\n return item;\n });\n}\n\nfunction createGrantHandlerMap(\n grantTypes: AepGrantTypeDefinition[]\n): ReadonlyMap<AepGrantType, AepGrantTypeHandler> {\n const handlers = new Map<AepGrantType, AepGrantTypeHandler>();\n\n for (const definition of grantTypes) {\n if (definition.handler !== undefined) {\n handlers.set(definition.grantType, definition.handler);\n }\n }\n\n return handlers;\n}\n\nfunction storedBuiltInGrantType<TCredential extends AepBuiltInGrantResponse>(\n grantTypeName: AepBuiltInGrantType,\n options: AepStoredCredentialGrantTypeOptions<TCredential>\n): AepGrantTypeDefinition {\n return grantType(grantTypeName, options.config, {\n async grant(request, context) {\n const credential = parseBuiltInGrantResponse(\n grantTypeName,\n await options.issue(request, context)\n );\n const record = await options.store.saveCredential({\n agentDid: context.agentDid,\n createdAt: (options.clock ?? (() => new Date()))().toISOString(),\n credential,\n credentialId: credential.credential_id,\n expiresAt: credential.expires_at,\n grantType: grantTypeName\n });\n\n return structuredClone(record.credential);\n },\n async revoke(request, context) {\n const revokedAt = (options.clock ?? (() => new Date()))().toISOString();\n\n if (\"credential_id\" in request) {\n await options.store.revokeCredential(\n context.agentDid,\n grantTypeName,\n request.credential_id,\n revokedAt\n );\n return;\n }\n\n await options.store.revokeGrantType(context.agentDid, grantTypeName, revokedAt);\n }\n });\n}\n\nfunction enrollmentResponseFromRecord(record: AepEnrollmentRecord): EnrollResponse {\n return {\n status: record.status,\n ...(record.ownerActionRequired\n ? {\n owner_action_required: \"true\" as const\n }\n : {}),\n ...(record.requirementsPending.length > 0\n ? {\n requirements_pending: [...record.requirementsPending]\n }\n : {})\n };\n}\n\nfunction statusResponseFromRecord(record: AepEnrollmentRecord): StatusResponseBody {\n return {\n owner_action_required: record.ownerActionRequired ? \"true\" : \"false\",\n requirements_pending: [...record.requirementsPending],\n since: record.since,\n status: record.status\n };\n}\n\nfunction aepResponse<TBody>(status: number, body: TBody): AepServiceResponse<TBody> {\n return {\n body,\n contentType: AEP_MEDIA_TYPE,\n status\n };\n}\n\nfunction problem(\n code: string,\n title: string,\n status: number\n): AepServiceResponse<AepProblemDetails> {\n return {\n body: createProblemDetails({\n code,\n status,\n title\n }),\n contentType: AEP_PROBLEM_MEDIA_TYPE,\n status\n };\n}\n\nfunction notRecognized(): AuthenticateClientAssertionResult {\n return {\n ok: false,\n response: problem(\"not_recognized\", \"Not recognized\", 401)\n };\n}\n\nasync function withIdempotency<TBody>(\n command: AuthenticatedServiceCommand,\n agentDid: string,\n idempotencyKey: string | undefined,\n request: unknown,\n store: AepCommandIdempotencyStore | undefined,\n execute: () => Promise<AepServiceResponse<TBody>>\n): Promise<AepServiceResponse<TBody | AepProblemDetails>> {\n if (idempotencyKey === undefined || store === undefined) {\n return execute();\n }\n\n const requestHash = hashRequest(request);\n const result = await store.executeIdempotentCommand(\n {\n agentDid,\n command,\n idempotencyKey,\n requestHash\n },\n execute\n );\n\n if (result.state === \"replayed\") {\n return {\n body: structuredClone(result.record.body) as TBody,\n contentType: result.record.contentType,\n status: result.record.status\n };\n }\n\n if (result.state === \"conflict\") {\n return problem(\"idempotency_conflict\", \"Idempotency conflict\", 409);\n }\n\n return result.response;\n}\n\nfunction replayKey(sub: string, jti: string): string {\n return `${sub}\\u0000${jti}`;\n}\n\nfunction idempotencyLookupKey(\n agentDid: string,\n command: AuthenticatedServiceCommand,\n idempotencyKey: string\n): string {\n return command === \"enroll\"\n ? `${command}\\u0000${idempotencyKey}`\n : `${agentDid}\\u0000${command}\\u0000${idempotencyKey}`;\n}\n\nfunction cloneEnrollmentRecord(record: AepEnrollmentRecord): AepEnrollmentRecord {\n return {\n ...record,\n claims: structuredClone(record.claims),\n requirementsPending: [...record.requirementsPending]\n };\n}\n\nfunction cloneIdempotencyResponseRecord(\n record: AepCommandIdempotencyRecord\n): AepCommandIdempotencyRecord {\n return {\n ...record,\n body: structuredClone(record.body)\n };\n}\n\nfunction serviceCredentialLookupKey(\n agentDid: string,\n grantTypeName: AepBuiltInGrantType,\n credentialId: string\n): string {\n return `${agentDid}\\u0000${grantTypeName}\\u0000${credentialId}`;\n}\n\nfunction serviceCredentialKey(record: AepServiceCredentialRecord): string {\n return serviceCredentialLookupKey(record.agentDid, record.grantType, record.credentialId);\n}\n\nfunction cloneCredential(record: AepServiceCredentialRecord): AepServiceCredentialRecord {\n return {\n ...record,\n credential: structuredClone(record.credential)\n };\n}\n\nfunction credentialRecordWithParsedCredential(\n record: AepServiceCredentialRecord\n): AepServiceCredentialRecord {\n const credential = parseBuiltInGrantResponse(record.grantType, record.credential);\n\n if (credential.credential_id !== record.credentialId) {\n throw new TypeError(\"AEP credential record credentialId does not match credential body.\");\n }\n\n if (credential.expires_at !== record.expiresAt) {\n throw new TypeError(\"AEP credential record expiresAt does not match credential body.\");\n }\n\n return {\n ...record,\n credential\n };\n}\n\nfunction hashRequest(request: unknown): string {\n return `json:${stableStringify(request)}`;\n}\n\nfunction stableStringify(value: unknown): string {\n if (Array.isArray(value)) {\n return `[${value.map(stableStringify).join(\",\")}]`;\n }\n\n if (value !== null && typeof value === \"object\") {\n const record = value as Record<string, unknown>;\n return `{${Object.keys(record)\n .sort()\n .map((key) => `${JSON.stringify(key)}:${stableStringify(record[key])}`)\n .join(\",\")}}`;\n }\n\n return JSON.stringify(value);\n}\n\nfunction stringField(value: unknown, field: string): string {\n if (!isRecord(value) || typeof value[field] !== \"string\") {\n throw new Error(`Expected string field: ${field}`);\n }\n\n return value[field];\n}\n\nfunction booleanField(value: unknown, field: string): boolean {\n if (!isRecord(value) || typeof value[field] !== \"boolean\") {\n throw new Error(`Expected boolean field: ${field}`);\n }\n\n return value[field];\n}\n\nfunction isAuthenticatedServiceCommand(value: unknown): value is AuthenticatedServiceCommand {\n return value === \"enroll\" || value === \"grant\" || value === \"revoke\" || value === \"status\";\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return typeof value === \"object\" && value !== null && !Array.isArray(value);\n}\n"],"mappings":";AAAA;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AAmSA,SAAS,iBAAiB,SAAwC;AACvE,QAAM,kBAAkB,qBAAqB,OAAO;AACpD,QAAM,0BACJ,QAAQ,2BAA2B,sCAAsC;AAC3E,QAAM,mBAAmB,QAAQ,oBAAoB,6BAA6B;AAClF,QAAM,kBAAkB,QAAQ,mBAAmB,8BAA8B;AACjF,QAAM,gBAAgB,sBAAsB,QAAQ,cAAc,CAAC,CAAC;AACpE,QAAM,cAAc,QAAQ,eAAe,yCAAyC;AACpF,QAAM,oBAAoB,CAAC,GAAI,QAAQ,qBAAqB,sBAAuB;AACnF,QAAM,wBAAwB,OAA2C;AAAA,IACvE;AAAA,IACA,YAAY,QAAQ;AAAA,IACpB;AAAA,IACA,GAAI,QAAQ,oBAAoB,SAAY,CAAC,IAAI,EAAE,QAAQ,QAAQ,gBAAgB;AAAA,IACnF,GAAI,QAAQ,4BAA4B,SACpC,CAAC,IACD,EAAE,UAAU,QAAQ,wBAAwB;AAAA,EAClD;AAEA,SAAO;AAAA,IACL,QAAQ,OAAO,SAAS,mBAAmB;AACzC,YAAM,iBAAiB,MAAM;AAAA,QAC3B;AAAA,QACA;AAAA,QACA,sBAAsB;AAAA,MACxB;AAEA,UAAI,CAAC,eAAe,IAAI;AACtB,eAAO,eAAe;AAAA,MACxB;AAEA,UAAI;AACF,YAAI,mBAAmB,OAAO,EAAE,cAAc,eAAe,UAAU;AACrE,iBAAO,QAAQ,kBAAkB,kBAAkB,GAAG;AAAA,QACxD;AAAA,MACF,QAAQ;AACN,eAAO,QAAQ,mBAAmB,mBAAmB,GAAG;AAAA,MAC1D;AAEA,aAAO,oBAAoB,SAAS;AAAA,QAClC;AAAA,QACA,OAAO;AAAA,QACP,GAAI,QAAQ,UAAU,SAAY,CAAC,IAAI,EAAE,OAAO,QAAQ,MAAM;AAAA,QAC9D,QAAQ;AAAA,QACR,GAAI,eAAe,mBAAmB,SAClC,CAAC,IACD,EAAE,gBAAgB,eAAe,eAAe;AAAA,MACtD,CAAC;AAAA,IACH;AAAA,IACA,OAAO,OAAO,SAAS,mBAAmB;AACxC,YAAM,iBAAiB,MAAM;AAAA,QAC3B;AAAA,QACA;AAAA,QACA,sBAAsB;AAAA,MACxB;AAEA,UAAI,CAAC,eAAe,IAAI;AACtB,eAAO,eAAe;AAAA,MACxB;AAEA,aAAO,mBAAmB,SAAS;AAAA,QACjC,UAAU,eAAe;AAAA,QACzB;AAAA,QACA,UAAU;AAAA,QACV,OAAO;AAAA,QACP,GAAI,eAAe,mBAAmB,SAClC,CAAC,IACD,EAAE,gBAAgB,eAAe,eAAe;AAAA,MACtD,CAAC;AAAA,IACH;AAAA,IACA,iBAAiB,MAAM,gBAAgB,eAAe;AAAA,IACtD,QAAQ,OAAO,SAAS,mBAAmB;AACzC,YAAM,iBAAiB,MAAM;AAAA,QAC3B;AAAA,QACA;AAAA,QACA,sBAAsB;AAAA,MACxB;AAEA,UAAI,CAAC,eAAe,IAAI;AACtB,eAAO,eAAe;AAAA,MACxB;AAEA,aAAO,oBAAoB,SAAS;AAAA,QAClC,UAAU,eAAe;AAAA,QACzB;AAAA,QACA,UAAU;AAAA,QACV,OAAO;AAAA,QACP,GAAI,eAAe,mBAAmB,SAClC,CAAC,IACD,EAAE,gBAAgB,eAAe,eAAe;AAAA,MACtD,CAAC;AAAA,IACH;AAAA,IACA,QAAQ,OAAO,mBAAmB;AAChC,YAAM,iBAAiB,MAAM;AAAA,QAC3B;AAAA,QACA;AAAA,QACA,sBAAsB;AAAA,MACxB;AAEA,UAAI,CAAC,eAAe,IAAI;AACtB,eAAO,eAAe;AAAA,MACxB;AAEA,aAAO,oBAAoB,eAAe,UAAU;AAAA,QAClD,OAAO;AAAA,MACT,CAAC;AAAA,IACH;AAAA,EACF;AACF;AAEO,SAAS,qBAAqB,SAA6C;AAChF,QAAM,kBAAkB,SAAS,QAAQ,iBAAiB,UAAU,iBAAiB,EAAE;AAAA,IACrF,CAAC,eAAe,WAAW;AAAA,EAC7B;AACA,QAAM,aAAa,SAAS,QAAQ,cAAc,CAAC,GAAG,aAAa,YAAY;AAC/E,QAAM,oBACJ,WAAW,SAAS,IAChB,CAAC,UAAU,SAAS,WAAW,UAAU,QAAQ,IACjD,CAAC,UAAU,WAAW,QAAQ;AAEpC,MAAI,gBAAgB,WAAW,GAAG;AAChC,UAAM,IAAI,UAAU,wDAAwD;AAAA,EAC9E;AAEA,QAAM,kBAAkB,OAAO;AAAA,IAC7B,WACG,OAAO,CAAC,eAAe,WAAW,WAAW,MAAS,EACtD,IAAI,CAAC,eAAe,CAAC,WAAW,WAAW,WAAW,MAAM,CAAC;AAAA,EAClE;AAEA,QAAM,WAA4B;AAAA,IAChC,aAAa;AAAA,IACb,UAAU;AAAA,MACR,WAAW,CAAC,GAAG,YAAY;AAAA,IAC7B;AAAA,IACA,QAAQ;AAAA,MACN,UAAU,CAAC,GAAI,QAAQ,QAAQ,YAAY,CAAC,CAAE;AAAA,MAC9C,WAAW,CAAC,GAAI,QAAQ,QAAQ,aAAa,CAAC,CAAE;AAAA,MAChD,UAAU,CAAC,GAAI,QAAQ,QAAQ,YAAY,CAAC,CAAE;AAAA,IAChD;AAAA,IACA,UAAU;AAAA,MACR,WAAW;AAAA,MACX,GAAI,WAAW,SAAS,IACpB;AAAA,QACE,aAAa,WAAW,IAAI,CAAC,eAAe,WAAW,SAAS;AAAA,MAClE,IACA,CAAC;AAAA,MACL,GAAI,OAAO,KAAK,eAAe,EAAE,SAAS,IACtC;AAAA,QACE,oBAAoB;AAAA,MACtB,IACA,CAAC;AAAA,IACP;AAAA,IACA,MAAM;AAAA,MACJ,oBAAoB,CAAC,GAAI,QAAQ,qBAAqB,sBAAuB;AAAA,IAC/E;AAAA,IACA,YAAY;AAAA,MACV,WAAW,CAAC,GAAI,QAAQ,cAAc,CAAC,CAAE;AAAA,IAC3C;AAAA,IACA,MAAM;AAAA,MACJ,eAAe,QAAQ,gBAAgB;AAAA,IACzC;AAAA,IACA,UAAU;AAAA,MACR,SAAS;AAAA,IACX;AAAA,IACA,SAAS;AAAA,MACP,KAAK,QAAQ;AAAA,IACf;AAAA,EACF;AAEA,SAAO,qBAAqB,QAAQ;AACtC;AAEO,SAAS,uBAAoD;AAClE,SAAO;AAAA,IACL,QAAQ;AAAA,EACV;AACF;AAEO,SAAS,qBAAqB,QAA0D;AAC7F,SAAO,UAAU,yBAAyB,CAAC,GAAG,MAAM;AACtD;AAEO,SAAS,gBAAgB,QAA0D;AACxF,SAAO,UAAU,yBAAyB,CAAC,GAAG,MAAM;AACtD;AAEO,SAAS,eAAe,QAA0D;AACvF,SAAO,UAAU,yBAAyB,CAAC,GAAG,MAAM;AACtD;AAEO,SAAS,UACdA,YACA,QACA,SACwB;AACxB,SAAO;AAAA,IACL,WAAAA;AAAA,IACA,GAAI,WAAW,SAAY,CAAC,IAAI,EAAE,OAAO;AAAA,IACzC,GAAI,YAAY,SAAY,CAAC,IAAI,EAAE,QAAQ;AAAA,EAC7C;AACF;AAEO,SAAS,2BACd,SACwB;AACxB,SAAO,uBAAuB,yBAAyB,CAAC,GAAG,OAAO;AACpE;AAEO,SAAS,sBACd,SACwB;AACxB,SAAO,uBAAuB,yBAAyB,CAAC,GAAG,OAAO;AACpE;AAEO,SAAS,qBACd,SACwB;AACxB,SAAO,uBAAuB,yBAAyB,CAAC,GAAG,OAAO;AACpE;AAEO,SAAS,8BACd,UAAiC,CAAC,GACd;AACpB,QAAM,cAAc,oBAAI,IAAiC;AAEzD,UAAQ,QAAQ,CAAC,WAAW,YAAY,IAAI,OAAO,UAAU,sBAAsB,MAAM,CAAC,CAAC;AAE3F,SAAO;AAAA,IACL,eAAe,UAAU;AACvB,YAAM,SAAS,YAAY,IAAI,QAAQ;AACvC,aAAO,WAAW,SAAY,SAAY,sBAAsB,MAAM;AAAA,IACxE;AAAA,IACA,eAAe,QAAQ;AACrB,YAAM,SAAS,sBAAsB,MAAM;AAC3C,kBAAY,IAAI,OAAO,UAAU,MAAM;AACvC,aAAO,sBAAsB,MAAM;AAAA,IACrC;AAAA,EACF;AACF;AAEO,SAAS,2CAA0E;AACxF,QAAM,UAAU,oBAAI,IAA4C;AAEhE,SAAO;AAAA,IACL,cAAc,QAAQ,KAAK;AACzB,iBAAW,CAAC,KAAK,QAAQ,KAAK,SAAS;AACrC,YAAI,SAAS,aAAa,KAAK;AAC7B,kBAAQ,OAAO,GAAG;AAAA,QACpB;AAAA,MACF;AAEA,UAAI,QAAQ,IAAI,UAAU,OAAO,KAAK,OAAO,GAAG,CAAC,GAAG;AAClD,eAAO;AAAA,MACT;AAEA,cAAQ,IAAI,UAAU,OAAO,KAAK,OAAO,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC;AAC5D,aAAO;AAAA,IACT;AAAA,EACF;AACF;AAEO,SAAS,sCACd,UAAyC,CAAC,GACd;AAC5B,QAAM,cAAc,oBAAI,IAAyC;AACjE,QAAM,UAAU,oBAAI,IAA2B;AAE/C,UAAQ;AAAA,IAAQ,CAAC,WACf,YAAY;AAAA,MACV,qBAAqB,OAAO,UAAU,OAAO,SAAS,OAAO,cAAc;AAAA,MAC3E,+BAA+B,MAAM;AAAA,IACvC;AAAA,EACF;AAEA,SAAO;AAAA,IACL,MAAM,yBAAyB,OAAO,SAAS;AAC7C,YAAM,MAAM,qBAAqB,MAAM,UAAU,MAAM,SAAS,MAAM,cAAc;AAEpF,iBAAS;AACP,cAAM,WAAW,YAAY,IAAI,GAAG;AAEpC,YAAI,aAAa,QAAW;AAC1B,cAAI,SAAS,gBAAgB,MAAM,aAAa;AAC9C,mBAAO;AAAA,cACL,OAAO;AAAA,YACT;AAAA,UACF;AAEA,iBAAO;AAAA,YACL,QAAQ,+BAA+B,QAAQ;AAAA,YAC/C,OAAO;AAAA,UACT;AAAA,QACF;AAEA,cAAMC,kBAAiB,QAAQ,IAAI,GAAG;AAEtC,YAAIA,oBAAmB,QAAW;AAChC;AAAA,QACF;AAEA,cAAMA;AAAA,MACR;AAEA,UAAI;AACJ,YAAM,iBAAiB,IAAI,QAAc,CAAC,YAAY;AACpD,yBAAiB;AAAA,MACnB,CAAC;AAED,cAAQ,IAAI,KAAK,cAAc;AAE/B,UAAI;AACF,cAAM,WAAW,MAAM,QAAQ;AAC/B,cAAM,SAAsC;AAAA,UAC1C,UAAU,MAAM;AAAA,UAChB,MAAM,gBAAgB,SAAS,IAAI;AAAA,UACnC,SAAS,MAAM;AAAA,UACf,aAAa,SAAS;AAAA,UACtB,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,UAClC,gBAAgB,MAAM;AAAA,UACtB,aAAa,MAAM;AAAA,UACnB,QAAQ,SAAS;AAAA,QACnB;AAEA,oBAAY,IAAI,KAAK,+BAA+B,MAAM,CAAC;AAE3D,eAAO;AAAA,UACL;AAAA,UACA,OAAO;AAAA,QACT;AAAA,MACF,UAAE;AACA,gBAAQ,OAAO,GAAG;AAClB,yBAAiB;AAAA,MACnB;AAAA,IACF;AAAA,EACF;AACF;AAEO,SAAS,6BACd,WAAkC,CAAC,GACd;AACrB,SAAO;AAAA,IACL,kBAAkB,OAAO;AAAA,MACvB,qBAAqB,SAAS,uBAAuB;AAAA,MACrD,qBAAqB,CAAC,GAAI,SAAS,uBAAuB,CAAC,CAAE;AAAA,MAC7D,QAAQ,SAAS,UAAU;AAAA,IAC7B;AAAA,EACF;AACF;AAEO,SAAS,iCACd,SAC4B;AAC5B,SAAO,CAAC,iBAAiB,YACvB,yBAAyB,iBAAiB;AAAA,IACxC,YAAY,QAAQ,cAAc,QAAQ;AAAA,IAC1C,UAAU,QAAQ;AAAA,IAClB,KAAK,QAAQ;AAAA,IACb,GAAI,QAAQ,mBAAmB,SAAY,CAAC,IAAI,EAAE,gBAAgB,QAAQ,eAAe;AAAA,IACzF,GAAI,QAAQ,gBAAgB,SAAY,CAAC,IAAI,EAAE,aAAa,QAAQ,YAAY;AAAA,EAClF,CAAC;AACL;AAEO,SAAS,oCACd,UAAgD,CAAC,GACrB;AAC5B,SAAO,OAAO,iBAAiB,YAAY;AACzC,UAAM,YAAY,oBAAoB,eAAe;AACrD,UAAM,SAAS,YAAY,UAAU,SAAS,KAAK;AACnD,UAAM,MAAM,MAAM,uBAAuB;AAAA,MACvC,KAAK;AAAA,MACL,GAAI,QAAQ,UAAU,SAAY,CAAC,IAAI,EAAE,OAAO,QAAQ,MAAM;AAAA,MAC9D,GAAI,OAAO,UAAU,OAAO,KAAK,MAAM,WAAW,EAAE,KAAK,UAAU,OAAO,KAAK,EAAE,IAAI,CAAC;AAAA,IACxF,CAAC;AAED,WAAO,yBAAyB,iBAAiB;AAAA,MAC/C,YAAY,QAAQ;AAAA,MACpB,UAAU,QAAQ;AAAA,MAClB;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAEO,SAAS,4CACd,SAC4B;AAC5B,QAAM,YAAY,0BAA0B,QAAQ,KAAK;AAEzD,SAAO,OAAO,iBAAiB,YAAY;AACzC,UAAM,WAAW,MAAM,UAAU,QAAQ,UAAU;AAAA,MACjD,MAAM,KAAK,UAAU;AAAA,QACnB,kBAAkB;AAAA,QAClB,IAAI,QAAQ;AAAA,QACZ,aAAa,QAAQ;AAAA,MACvB,CAAC;AAAA,MACD,SAAS;AAAA,QACP,QAAQ;AAAA,QACR,GAAI,QAAQ,kBAAkB,SAAY,CAAC,IAAI,EAAE,eAAe,QAAQ,cAAc;AAAA,QACtF,gBAAgB;AAAA,MAClB;AAAA,MACA,QAAQ;AAAA,IACV,CAAC;AAED,QAAI,CAAC,SAAS,IAAI;AAChB,YAAM,IAAI,MAAM,4CAA4C,SAAS,MAAM,GAAG;AAAA,IAChF;AAEA,UAAM,eAAe,wCAAwC,MAAM,SAAS,KAAK,CAAC;AAClF,UAAM,SAAS,2BAA2B,oBAAoB,eAAe,EAAE,OAAO;AAEtF,QACE,CAAC,aAAa,YACd,aAAa,cAAc,OAAO,OAClC,aAAa,OAAO,QAAQ,WAC5B,aAAa,gBAAgB,QAAQ,YACrC;AACA,YAAM,IAAI,MAAM,iEAAiE;AAAA,IACnF;AAEA,WAAO;AAAA,EACT;AACF;AAEO,SAAS,oCACd,eACQ;AACR,QAAM,SAAS,GAAG,eAAe;AAEjC,MAAI,eAAe,WAAW,MAAM,GAAG;AACrC,WAAO,cAAc,MAAM,OAAO,MAAM;AAAA,EAC1C;AAEA,SAAO;AACT;AAEA,eAAsB,8BACpB,SACA,eACqE;AACrE,SAAO,QAAQ,OAAO;AAAA,IACpB,iBAAiB,oCAAoC,aAAa;AAAA,EACpE,CAAC;AACH;AAEO,SAAS,wCAAwC,QAAqC;AAC3F,SAAO,SAAS,OAAO,IAAI,KAAK,OAAO,KAAK,QAAQ,MAAM;AAC5D;AAEO,SAAS,qCACd,UAAwC,CAAC,GACd;AAC3B,QAAM,cAAc,oBAAI,IAAwC;AAEhE,UAAQ;AAAA,IAAQ,CAAC,WACf,YAAY,IAAI,qBAAqB,MAAM,GAAG,gBAAgB,MAAM,CAAC;AAAA,EACvE;AAEA,SAAO;AAAA,IACL,eAAe,UAAU,eAAe,cAAc;AACpD,YAAM,SAAS,YAAY;AAAA,QACzB,2BAA2B,UAAU,eAAe,YAAY;AAAA,MAClE;AAEA,aAAO,WAAW,SAAY,SAAY,gBAAgB,MAAM;AAAA,IAClE;AAAA,IACA,gBAAgB,UAAU,eAAe;AACvC,aAAO,CAAC,GAAG,YAAY,OAAO,CAAC,EAC5B;AAAA,QACC,CAAC,WACC,OAAO,aAAa,aACnB,kBAAkB,UAAa,OAAO,cAAc;AAAA,MACzD,EACC,IAAI,eAAe;AAAA,IACxB;AAAA,IACA,iBAAiB,UAAU,eAAe,cAAc,WAAW;AACjE,YAAM,MAAM,2BAA2B,UAAU,eAAe,YAAY;AAC5E,YAAM,SAAS,YAAY,IAAI,GAAG;AAElC,UAAI,WAAW,QAAW;AACxB,oBAAY,IAAI,KAAK;AAAA,UACnB,GAAG;AAAA,UACH;AAAA,QACF,CAAC;AAAA,MACH;AAAA,IACF;AAAA,IACA,gBAAgB,UAAU,eAAe,WAAW;AAClD,iBAAW,CAAC,KAAK,MAAM,KAAK,aAAa;AACvC,YAAI,OAAO,aAAa,YAAY,OAAO,cAAc,eAAe;AACtE,sBAAY,IAAI,KAAK;AAAA,YACnB,GAAG;AAAA,YACH;AAAA,UACF,CAAC;AAAA,QACH;AAAA,MACF;AAAA,IACF;AAAA,IACA,eAAe,QAAQ;AACrB,YAAM,SAAS,qCAAqC,MAAM;AAC1D,kBAAY,IAAI,qBAAqB,MAAM,GAAG,gBAAgB,MAAM,CAAC;AACrE,aAAO,gBAAgB,MAAM;AAAA,IAC/B;AAAA,EACF;AACF;AAUA,eAAsB,oBACpB,SACA,SACiE;AACjE,MAAI;AAEJ,MAAI;AACF,aAAS,mBAAmB,OAAO;AAAA,EACrC,QAAQ;AACN,WAAO,QAAQ,mBAAmB,mBAAmB,GAAG;AAAA,EAC1D;AAEA,MAAI,QAAQ,mBAAmB,UAAa,QAAQ,mBAAmB,OAAO,iBAAiB;AAC7F,WAAO,QAAQ,mBAAmB,mBAAmB,GAAG;AAAA,EAC1D;AAEA,SAAO;AAAA,IACL;AAAA,IACA,OAAO;AAAA,IACP,OAAO;AAAA,IACP;AAAA,IACA,QAAQ;AAAA,IACR,YAAY;AACV,YAAM,MAAM,QAAQ,UAAU,MAAM,oBAAI,KAAK;AAC7C,YAAM,UAAU,IAAI;AACpB,YAAM,SAAS,QAAQ,YAAY;AACnC,YAAM,WAAW,MAAM,QAAQ,OAAO,iBAAiB,QAAQ,EAAE,KAAK,QAAQ,CAAC;AAC/E,YAAM,SAAS,MAAM,QAAQ,MAAM,eAAe;AAAA,QAChD,UAAU,OAAO;AAAA,QACjB,QAAQ,gBAAgB,OAAO,UAAU,CAAC,CAAC;AAAA,QAC3C,WAAW;AAAA,QACX,qBAAqB,SAAS,uBAAuB;AAAA,QACrD,qBAAqB,CAAC,GAAI,SAAS,uBAAuB,CAAC,CAAE;AAAA,QAC7D,OAAO;AAAA,QACP,QAAQ,SAAS,UAAU;AAAA,QAC3B,WAAW;AAAA,MACb,CAAC;AAED,aAAO,YAAY,KAAK,6BAA6B,MAAM,CAAC;AAAA,IAC9D;AAAA,EACF;AACF;AAaA,eAAsB,oBACpB,UACA,SACqE;AACrE,QAAM,SAAS,MAAM,QAAQ,MAAM,eAAe,QAAQ;AAE1D,MAAI,WAAW,QAAW;AACxB,WAAO,QAAQ,kBAAkB,kBAAkB,GAAG;AAAA,EACxD;AAEA,SAAO,YAAY,KAAK,yBAAyB,MAAM,CAAC;AAC1D;AAUA,eAAsB,mBACpB,SACA,SAC0E;AAC1E,MAAI;AAEJ,MAAI;AACF,aAAS,kBAAkB,OAAO;AAAA,EACpC,QAAQ;AACN,WAAO,QAAQ,mBAAmB,mBAAmB,GAAG;AAAA,EAC1D;AAEA,QAAM,aAAa,MAAM,QAAQ,MAAM,eAAe,QAAQ,QAAQ;AAEtE,MAAI,eAAe,QAAW;AAC5B,WAAO,QAAQ,kBAAkB,kBAAkB,GAAG;AAAA,EACxD;AAEA,MAAI,WAAW,WAAW,UAAU;AAClC,WAAO,QAAQ,wBAAwB,wBAAwB,GAAG;AAAA,EACpE;AAEA,QAAM,UAAU,QAAQ,SAAS,IAAI,OAAO,UAAU;AAEtD,MAAI,YAAY,QAAW;AACzB,WAAO,QAAQ,0BAA0B,0BAA0B,GAAG;AAAA,EACxE;AAEA,SAAO;AAAA,IACL;AAAA,IACA,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR;AAAA,IACA,QAAQ;AAAA,IACR,YACE;AAAA,MACE;AAAA,MACA,MAAM,QAAQ,MAAM,QAAQ;AAAA,QAC1B,UAAU,QAAQ;AAAA,QAClB;AAAA,QACA,WAAW,OAAO;AAAA,MACpB,CAAC;AAAA,IACH;AAAA,EACJ;AACF;AAUA,eAAsB,oBACpB,SACA,SACiE;AACjE,MAAI;AAEJ,MAAI;AACF,aAAS,mBAAmB,OAAO;AAAA,EACrC,QAAQ;AACN,WAAO,QAAQ,mBAAmB,mBAAmB,GAAG;AAAA,EAC1D;AAEA,QAAM,aAAa,MAAM,QAAQ,MAAM,eAAe,QAAQ,QAAQ;AAEtE,MAAI,eAAe,QAAW;AAC5B,WAAO,QAAQ,kBAAkB,kBAAkB,GAAG;AAAA,EACxD;AAEA,MAAI,gBAAgB,QAAQ;AAC1B,UAAM,gBAAgB,OAAO;AAC7B,UAAM,UAAU,QAAQ,SAAS,IAAI,aAAa;AAElD,QAAI,YAAY,QAAW;AACzB,aAAO,QAAQ,0BAA0B,0BAA0B,GAAG;AAAA,IACxE;AAEA,WAAO;AAAA,MACL;AAAA,MACA,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR;AAAA,MACA,QAAQ;AAAA,MACR,YAAY;AACV,cAAM,QAAQ,OAAO,QAAQ;AAAA,UAC3B,UAAU,QAAQ;AAAA,UAClB;AAAA,UACA,WAAW;AAAA,QACb,CAAC;AACD,eAAO,YAAY,KAAK,CAAC,CAAC;AAAA,MAC5B;AAAA,IACF;AAAA,EACF;AAEA,SAAO;AAAA,IACL;AAAA,IACA,QAAQ;AAAA,IACR,QAAQ;AAAA,IACR;AAAA,IACA,QAAQ;AAAA,IACR,YAAY;AACV,iBAAW,CAAC,eAAe,OAAO,KAAK,QAAQ,UAAU;AACvD,cAAM,QAAQ,OAAO,QAAQ;AAAA,UAC3B,UAAU,QAAQ;AAAA,UAClB;AAAA,UACA,WAAW;AAAA,QACb,CAAC;AAAA,MACH;AAEA,aAAO,YAAY,KAAK,CAAC,CAAC;AAAA,IAC5B;AAAA,EACF;AACF;AAqBA,eAAe,4BACb,SACA,gBACA,SAC4C;AAC5C,MAAI,QAAQ,aAAa,QAAW;AAClC,WAAO,cAAc;AAAA,EACvB;AAEA,MAAI;AAEJ,MAAI;AACF,aAAS;AAAA,MACP,MAAM,QAAQ,SAAS,eAAe,iBAAiB;AAAA,QACrD,iBAAiB,eAAe;AAAA,QAChC;AAAA,QACA,YAAY,QAAQ;AAAA,QACpB,mBAAmB,QAAQ;AAAA,MAC7B,CAAC;AAAA,IACH;AAAA,EACF,QAAQ;AACN,WAAO,cAAc;AAAA,EACvB;AAEA,MAAI,CAAC,wCAAwC,QAAQ,SAAS,OAAO,GAAG;AACtE,WAAO,cAAc;AAAA,EACvB;AAEA,QAAM,QAAQ,QAAQ,QAAQ,UAAU,MAAM,oBAAI,KAAK;AACvD,QAAM,MAAM,KAAK,MAAM,MAAM,EAAE,QAAQ,IAAI,GAAI;AAC/C,QAAM,WAAW,MAAM,QAAQ,YAAY;AAAA,IACzC;AAAA,MACE,WAAW,OAAO,OAAO,QAAQ,QAAQ,oBAAoB;AAAA,MAC7D,KAAK,OAAO;AAAA,MACZ,KAAK,OAAO;AAAA,IACd;AAAA,IACA;AAAA,EACF;AAEA,MAAI,CAAC,UAAU;AACb,WAAO,cAAc;AAAA,EACvB;AAEA,SAAO;AAAA,IACL,UAAU,OAAO;AAAA,IACjB;AAAA,IACA,IAAI;AAAA,EACN;AACF;AAEA,SAAS,wCACP,QACA,SACA,SACS;AACT,QAAM,QAAQ,QAAQ,QAAQ,UAAU,MAAM,oBAAI,KAAK;AACvD,QAAM,mBAAmB,QAAQ,QAAQ,oBAAoB;AAC7D,QAAM,gBAAgB,QAAQ,QAAQ,iBAAiB;AACvD,QAAM,MAAM,KAAK,MAAM,MAAM,EAAE,QAAQ,IAAI,GAAI;AAE/C,SACE,OAAO,QAAQ,OAAO,OACtB,OAAO,QAAQ,QAAQ,cACvB,OAAO,OAAO,WACd,OAAO,MAAM,OAAO,OACpB,OAAO,MAAM,OAAO,OAAO,iBAC3B,OAAO,OAAO,MAAM,oBACpB,OAAO,OAAO,MAAM;AAExB;AAEA,SAAS,0BACP,WACqC;AACrC,QAAM,WAAoB,aAAa,WAAW;AAElD,MAAI,OAAO,aAAa,YAAY;AAClC,UAAM,IAAI,UAAU,mEAAmE;AAAA,EACzF;AAEA,SAAO;AACT;AAEA,SAAS,wCACP,OACoC;AACpC,MAAI,CAAC,SAAS,KAAK,GAAG;AACpB,UAAM,IAAI,UAAU,qDAAqD;AAAA,EAC3E;AAEA,SAAO;AAAA,IACL,GAAI,OAAO,MAAM,WAAW,MAAM,WAAW,EAAE,WAAW,MAAM,WAAW,EAAE,IAAI,CAAC;AAAA,IAClF,GAAI,OAAO,MAAM,mBAAmB,MAAM,WACtC,EAAE,mBAAmB,MAAM,mBAAmB,EAAE,IAChD,CAAC;AAAA,IACL,GAAI,8BAA8B,MAAM,IAAI,CAAC,IAAI,EAAE,IAAI,MAAM,IAAI,EAAE,IAAI,CAAC;AAAA,IACxE,QAAQ,YAAY,OAAO,QAAQ;AAAA,IACnC,aAAa,YAAY,OAAO,aAAa;AAAA,IAC7C,GAAI,OAAO,MAAM,QAAQ,MAAM,WAAW,EAAE,QAAQ,MAAM,QAAQ,EAAE,IAAI,CAAC;AAAA,IACzE,UAAU,aAAa,OAAO,UAAU;AAAA,EAC1C;AACF;AAEA,SAAS,SACP,OACA,KACA,OACK;AACL,QAAM,OAAO,oBAAI,IAAY;AAE7B,SAAO,MAAM,IAAI,CAAC,SAAS;AACzB,UAAM,QAAQ,KAAK,GAAG;AAEtB,QAAI,KAAK,IAAI,KAAK,GAAG;AACnB,YAAM,IAAI,UAAU,iBAAiB,KAAK,KAAK,KAAK,GAAG;AAAA,IACzD;AAEA,SAAK,IAAI,KAAK;AACd,WAAO;AAAA,EACT,CAAC;AACH;AAEA,SAAS,sBACP,YACgD;AAChD,QAAM,WAAW,oBAAI,IAAuC;AAE5D,aAAW,cAAc,YAAY;AACnC,QAAI,WAAW,YAAY,QAAW;AACpC,eAAS,IAAI,WAAW,WAAW,WAAW,OAAO;AAAA,IACvD;AAAA,EACF;AAEA,SAAO;AACT;AAEA,SAAS,uBACP,eACA,SACwB;AACxB,SAAO,UAAU,eAAe,QAAQ,QAAQ;AAAA,IAC9C,MAAM,MAAM,SAAS,SAAS;AAC5B,YAAM,aAAa;AAAA,QACjB;AAAA,QACA,MAAM,QAAQ,MAAM,SAAS,OAAO;AAAA,MACtC;AACA,YAAM,SAAS,MAAM,QAAQ,MAAM,eAAe;AAAA,QAChD,UAAU,QAAQ;AAAA,QAClB,YAAY,QAAQ,UAAU,MAAM,oBAAI,KAAK,IAAI,EAAE,YAAY;AAAA,QAC/D;AAAA,QACA,cAAc,WAAW;AAAA,QACzB,WAAW,WAAW;AAAA,QACtB,WAAW;AAAA,MACb,CAAC;AAED,aAAO,gBAAgB,OAAO,UAAU;AAAA,IAC1C;AAAA,IACA,MAAM,OAAO,SAAS,SAAS;AAC7B,YAAM,aAAa,QAAQ,UAAU,MAAM,oBAAI,KAAK,IAAI,EAAE,YAAY;AAEtE,UAAI,mBAAmB,SAAS;AAC9B,cAAM,QAAQ,MAAM;AAAA,UAClB,QAAQ;AAAA,UACR;AAAA,UACA,QAAQ;AAAA,UACR;AAAA,QACF;AACA;AAAA,MACF;AAEA,YAAM,QAAQ,MAAM,gBAAgB,QAAQ,UAAU,eAAe,SAAS;AAAA,IAChF;AAAA,EACF,CAAC;AACH;AAEA,SAAS,6BAA6B,QAA6C;AACjF,SAAO;AAAA,IACL,QAAQ,OAAO;AAAA,IACf,GAAI,OAAO,sBACP;AAAA,MACE,uBAAuB;AAAA,IACzB,IACA,CAAC;AAAA,IACL,GAAI,OAAO,oBAAoB,SAAS,IACpC;AAAA,MACE,sBAAsB,CAAC,GAAG,OAAO,mBAAmB;AAAA,IACtD,IACA,CAAC;AAAA,EACP;AACF;AAEA,SAAS,yBAAyB,QAAiD;AACjF,SAAO;AAAA,IACL,uBAAuB,OAAO,sBAAsB,SAAS;AAAA,IAC7D,sBAAsB,CAAC,GAAG,OAAO,mBAAmB;AAAA,IACpD,OAAO,OAAO;AAAA,IACd,QAAQ,OAAO;AAAA,EACjB;AACF;AAEA,SAAS,YAAmB,QAAgB,MAAwC;AAClF,SAAO;AAAA,IACL;AAAA,IACA,aAAa;AAAA,IACb;AAAA,EACF;AACF;AAEA,SAAS,QACP,MACA,OACA,QACuC;AACvC,SAAO;AAAA,IACL,MAAM,qBAAqB;AAAA,MACzB;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC;AAAA,IACD,aAAa;AAAA,IACb;AAAA,EACF;AACF;AAEA,SAAS,gBAAmD;AAC1D,SAAO;AAAA,IACL,IAAI;AAAA,IACJ,UAAU,QAAQ,kBAAkB,kBAAkB,GAAG;AAAA,EAC3D;AACF;AAEA,eAAe,gBACb,SACA,UACA,gBACA,SACA,OACA,SACwD;AACxD,MAAI,mBAAmB,UAAa,UAAU,QAAW;AACvD,WAAO,QAAQ;AAAA,EACjB;AAEA,QAAM,cAAc,YAAY,OAAO;AACvC,QAAM,SAAS,MAAM,MAAM;AAAA,IACzB;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,IACA;AAAA,EACF;AAEA,MAAI,OAAO,UAAU,YAAY;AAC/B,WAAO;AAAA,MACL,MAAM,gBAAgB,OAAO,OAAO,IAAI;AAAA,MACxC,aAAa,OAAO,OAAO;AAAA,MAC3B,QAAQ,OAAO,OAAO;AAAA,IACxB;AAAA,EACF;AAEA,MAAI,OAAO,UAAU,YAAY;AAC/B,WAAO,QAAQ,wBAAwB,wBAAwB,GAAG;AAAA,EACpE;AAEA,SAAO,OAAO;AAChB;AAEA,SAAS,UAAU,KAAa,KAAqB;AACnD,SAAO,GAAG,GAAG,KAAS,GAAG;AAC3B;AAEA,SAAS,qBACP,UACA,SACA,gBACQ;AACR,SAAO,YAAY,WACf,GAAG,OAAO,KAAS,cAAc,KACjC,GAAG,QAAQ,KAAS,OAAO,KAAS,cAAc;AACxD;AAEA,SAAS,sBAAsB,QAAkD;AAC/E,SAAO;AAAA,IACL,GAAG;AAAA,IACH,QAAQ,gBAAgB,OAAO,MAAM;AAAA,IACrC,qBAAqB,CAAC,GAAG,OAAO,mBAAmB;AAAA,EACrD;AACF;AAEA,SAAS,+BACP,QAC6B;AAC7B,SAAO;AAAA,IACL,GAAG;AAAA,IACH,MAAM,gBAAgB,OAAO,IAAI;AAAA,EACnC;AACF;AAEA,SAAS,2BACP,UACA,eACA,cACQ;AACR,SAAO,GAAG,QAAQ,KAAS,aAAa,KAAS,YAAY;AAC/D;AAEA,SAAS,qBAAqB,QAA4C;AACxE,SAAO,2BAA2B,OAAO,UAAU,OAAO,WAAW,OAAO,YAAY;AAC1F;AAEA,SAAS,gBAAgB,QAAgE;AACvF,SAAO;AAAA,IACL,GAAG;AAAA,IACH,YAAY,gBAAgB,OAAO,UAAU;AAAA,EAC/C;AACF;AAEA,SAAS,qCACP,QAC4B;AAC5B,QAAM,aAAa,0BAA0B,OAAO,WAAW,OAAO,UAAU;AAEhF,MAAI,WAAW,kBAAkB,OAAO,cAAc;AACpD,UAAM,IAAI,UAAU,oEAAoE;AAAA,EAC1F;AAEA,MAAI,WAAW,eAAe,OAAO,WAAW;AAC9C,UAAM,IAAI,UAAU,iEAAiE;AAAA,EACvF;AAEA,SAAO;AAAA,IACL,GAAG;AAAA,IACH;AAAA,EACF;AACF;AAEA,SAAS,YAAY,SAA0B;AAC7C,SAAO,QAAQ,gBAAgB,OAAO,CAAC;AACzC;AAEA,SAAS,gBAAgB,OAAwB;AAC/C,MAAI,MAAM,QAAQ,KAAK,GAAG;AACxB,WAAO,IAAI,MAAM,IAAI,eAAe,EAAE,KAAK,GAAG,CAAC;AAAA,EACjD;AAEA,MAAI,UAAU,QAAQ,OAAO,UAAU,UAAU;AAC/C,UAAM,SAAS;AACf,WAAO,IAAI,OAAO,KAAK,MAAM,EAC1B,KAAK,EACL,IAAI,CAAC,QAAQ,GAAG,KAAK,UAAU,GAAG,CAAC,IAAI,gBAAgB,OAAO,GAAG,CAAC,CAAC,EAAE,EACrE,KAAK,GAAG,CAAC;AAAA,EACd;AAEA,SAAO,KAAK,UAAU,KAAK;AAC7B;AAEA,SAAS,YAAY,OAAgB,OAAuB;AAC1D,MAAI,CAAC,SAAS,KAAK,KAAK,OAAO,MAAM,KAAK,MAAM,UAAU;AACxD,UAAM,IAAI,MAAM,0BAA0B,KAAK,EAAE;AAAA,EACnD;AAEA,SAAO,MAAM,KAAK;AACpB;AAEA,SAAS,aAAa,OAAgB,OAAwB;AAC5D,MAAI,CAAC,SAAS,KAAK,KAAK,OAAO,MAAM,KAAK,MAAM,WAAW;AACzD,UAAM,IAAI,MAAM,2BAA2B,KAAK,EAAE;AAAA,EACpD;AAEA,SAAO,MAAM,KAAK;AACpB;AAEA,SAAS,8BAA8B,OAAsD;AAC3F,SAAO,UAAU,YAAY,UAAU,WAAW,UAAU,YAAY,UAAU;AACpF;AAEA,SAAS,SAAS,OAAkD;AAClE,SAAO,OAAO,UAAU,YAAY,UAAU,QAAQ,CAAC,MAAM,QAAQ,KAAK;AAC5E;","names":["grantType","pendingCommand"]}
package/package.json ADDED
@@ -0,0 +1,52 @@
1
+ {
2
+ "name": "@aep-foundation/service",
3
+ "version": "0.1.0",
4
+ "description": "Service-side workflows for the Agent Enrollment Protocol.",
5
+ "type": "module",
6
+ "main": "./dist/index.cjs",
7
+ "module": "./dist/index.js",
8
+ "types": "./dist/index.d.ts",
9
+ "sideEffects": false,
10
+ "exports": {
11
+ ".": {
12
+ "types": "./dist/index.d.ts",
13
+ "node": {
14
+ "import": "./dist/index.js",
15
+ "require": "./dist/index.cjs"
16
+ },
17
+ "default": "./dist/index.js"
18
+ },
19
+ "./package.json": "./package.json"
20
+ },
21
+ "files": [
22
+ "dist",
23
+ "CHANGELOG.md",
24
+ "README.md",
25
+ "LICENSE"
26
+ ],
27
+ "engines": {
28
+ "node": ">=22.0.0"
29
+ },
30
+ "license": "MIT",
31
+ "dependencies": {
32
+ "@aep-foundation/core": "^0.1.0"
33
+ },
34
+ "publishConfig": {
35
+ "access": "public",
36
+ "provenance": true
37
+ },
38
+ "repository": {
39
+ "type": "git",
40
+ "url": "git+https://github.com/aep-foundation/aep-node.git",
41
+ "directory": "packages/service"
42
+ },
43
+ "scripts": {
44
+ "build": "tsup",
45
+ "dev": "tsup --watch",
46
+ "test": "vitest run --coverage",
47
+ "test:watch": "vitest",
48
+ "lint": "eslint src test --max-warnings 0",
49
+ "typecheck": "tsc --noEmit && tsc --noEmit -p tsconfig.test.json",
50
+ "clean": "rm -rf dist .turbo coverage"
51
+ }
52
+ }