@agent-relay/daemon 0.1.0

package/dist/agent-signing.js

@@ -0,0 +1,523 @@
+/**
+ * Agent Authentication via Cryptographic Signing
+ *
+ * Provides agent identity verification through message signing.
+ * Extends the existing UID/GID-based auth with cryptographic guarantees.
+ *
+ * Features:
+ * - HMAC-SHA256 for shared-secret signing (simpler deployment)
+ * - Ed25519 for asymmetric signing (zero-trust mode)
+ * - Message signature verification
+ * - Key rotation support
+ * - Agent identity attestation
+ */
+import { createHmac, randomBytes, createHash, generateKeyPairSync, sign, verify, createPrivateKey, createPublicKey, } from 'node:crypto';
+import fs from 'node:fs';
+import path from 'node:path';
+import os from 'node:os';
+// =============================================================================
+// Default Configuration
+// =============================================================================
+const DEFAULT_CONFIG = {
+    enabled: false,
+    algorithm: 'hmac-sha256',
+    requireSignatures: false,
+};
+const DEFAULT_KEY_DIR = path.join(os.homedir(), '.agent-relay', 'keys');
+// =============================================================================
+// Key Management
+// =============================================================================
+/**
+ * Generate a new agent key pair.
+ */
+export function generateAgentKey(agentName, algorithm = 'hmac-sha256', expiresInHours) {
+    const now = Date.now();
+    if (algorithm === 'hmac-sha256') {
+        // For HMAC, we generate a random secret
+        const secret = randomBytes(32).toString('hex');
+        const keyId = createHash('sha256')
+            .update(`${agentName}:${secret}:${now}`)
+            .digest('hex')
+            .substring(0, 16);
+        return {
+            agentName,
+            publicKey: keyId, // Key ID serves as public identifier
+            privateKey: secret,
+            createdAt: now,
+            expiresAt: expiresInHours ? now + expiresInHours * 3600000 : undefined,
+            algorithm,
+        };
+    }
+    // Ed25519 asymmetric key generation
+    const { publicKey: pubKeyObj, privateKey: privKeyObj } = generateKeyPairSync('ed25519');
+    // Export keys in PEM format for storage
+    const privateKeyPem = privKeyObj.export({ type: 'pkcs8', format: 'pem' });
+    const publicKeyPem = pubKeyObj.export({ type: 'spki', format: 'pem' });
+    // Create a key ID from the public key hash (for rotation tracking)
+    const _keyId = createHash('sha256')
+        .update(publicKeyPem)
+        .digest('hex')
+        .substring(0, 16);
+    return {
+        agentName,
+        publicKey: publicKeyPem,
+        privateKey: privateKeyPem,
+        createdAt: now,
+        expiresAt: expiresInHours ? now + expiresInHours * 3600000 : undefined,
+        algorithm,
+    };
+}
+/**
+ * Save agent key to disk (private key file).
+ */
+export function saveAgentKey(key, keyDir = DEFAULT_KEY_DIR) {
+    if (!fs.existsSync(keyDir)) {
+        fs.mkdirSync(keyDir, { recursive: true, mode: 0o700 });
+    }
+    const keyPath = path.join(keyDir, `${key.agentName}.key.json`);
+    fs.writeFileSync(keyPath, JSON.stringify(key, null, 2), {
+        mode: 0o600, // Owner read/write only
+    });
+}
+/**
+ * Load agent key from disk.
+ */
+export function loadAgentKey(agentName, keyDir = DEFAULT_KEY_DIR) {
+    const keyPath = path.join(keyDir, `${agentName}.key.json`);
+    if (!fs.existsSync(keyPath)) {
+        return null;
+    }
+    try {
+        const content = fs.readFileSync(keyPath, 'utf-8');
+        const key = JSON.parse(content);
+        // Check expiry
+        if (key.expiresAt && Date.now() > key.expiresAt) {
+            console.warn(`[signing] Key for ${agentName} has expired`);
+            return null;
+        }
+        return key;
+    }
+    catch (err) {
+        console.error(`[signing] Failed to load key for ${agentName}:`, err);
+        return null;
+    }
+}
+/**
+ * Load or generate agent key.
+ */
+export function getOrCreateAgentKey(agentName, config, keyDir = DEFAULT_KEY_DIR) {
+    let key = loadAgentKey(agentName, keyDir);
+    if (!key) {
+        key = generateAgentKey(agentName, config.algorithm, config.keyRotationHours);
+        saveAgentKey(key, keyDir);
+        console.log(`[signing] Generated new key for ${agentName}`);
+    }
+    return key;
+}
+// =============================================================================
+// Message Signing
+// =============================================================================
+/**
+ * Sign a message using the agent's private key.
+ */
+export function signMessage(content, key) {
+    const signedAt = Date.now();
+    const dataToSign = `${key.agentName}:${signedAt}:${content}`;
+    let signature;
+    let keyId;
+    if (key.algorithm === 'hmac-sha256') {
+        signature = createHmac('sha256', key.privateKey)
+            .update(dataToSign)
+            .digest('hex');
+        keyId = key.publicKey; // For HMAC, publicKey is the key ID
+    }
+    else {
+        // Ed25519 signing using Node.js native crypto
+        const privateKeyObj = createPrivateKey(key.privateKey);
+        const signatureBuffer = sign(null, Buffer.from(dataToSign), privateKeyObj);
+        signature = signatureBuffer.toString('hex');
+        // For Ed25519, derive key ID from public key hash
+        keyId = createHash('sha256')
+            .update(key.publicKey)
+            .digest('hex')
+            .substring(0, 16);
+    }
+    return {
+        content,
+        signature,
+        signer: key.agentName,
+        signedAt,
+        keyId,
+        algorithm: key.algorithm,
+    };
+}
+/**
+ * Sign with shared secret (HMAC mode where all agents share a secret).
+ */
+export function signWithSharedSecret(content, agentName, sharedSecret) {
+    const signedAt = Date.now();
+    const dataToSign = `${agentName}:${signedAt}:${content}`;
+    const signature = createHmac('sha256', sharedSecret)
+        .update(dataToSign)
+        .digest('hex');
+    const keyId = createHash('sha256')
+        .update(sharedSecret)
+        .digest('hex')
+        .substring(0, 16);
+    return {
+        content,
+        signature,
+        signer: agentName,
+        signedAt,
+        keyId,
+        algorithm: 'hmac-sha256',
+    };
+}
+// =============================================================================
+// Message Verification
+// =============================================================================
+/**
+ * Verify a signed message using the agent's public key.
+ */
+export function verifyMessage(signed, key) {
+    // Check signer matches key
+    if (signed.signer !== key.agentName) {
+        return {
+            valid: false,
+            error: `Signer mismatch: expected ${key.agentName}, got ${signed.signer}`,
+        };
+    }
+    // Check key ID for HMAC, or derive it for Ed25519
+    const expectedKeyId = key.algorithm === 'hmac-sha256'
+        ? key.publicKey
+        : createHash('sha256').update(key.publicKey).digest('hex').substring(0, 16);
+    if (signed.keyId !== expectedKeyId) {
+        return {
+            valid: false,
+            error: `Key ID mismatch: expected ${expectedKeyId}, got ${signed.keyId}`,
+        };
+    }
+    // Check expiry
+    if (key.expiresAt && Date.now() > key.expiresAt) {
+        return {
+            valid: false,
+            error: 'Signing key has expired',
+        };
+    }
+    // Verify signature
+    const dataToVerify = `${signed.signer}:${signed.signedAt}:${signed.content}`;
+    if (key.algorithm === 'hmac-sha256') {
+        // HMAC verification: recompute and compare
+        const expectedSignature = createHmac('sha256', key.privateKey)
+            .update(dataToVerify)
+            .digest('hex');
+        if (signed.signature !== expectedSignature) {
+            return {
+                valid: false,
+                error: 'Invalid signature',
+            };
+        }
+    }
+    else {
+        // Ed25519 verification using public key only (true asymmetric verification)
+        try {
+            const publicKeyObj = createPublicKey(key.publicKey);
+            const signatureBuffer = Buffer.from(signed.signature, 'hex');
+            const isValid = verify(null, Buffer.from(dataToVerify), publicKeyObj, signatureBuffer);
+            if (!isValid) {
+                return {
+                    valid: false,
+                    error: 'Invalid signature',
+                };
+            }
+        }
+        catch (err) {
+            return {
+                valid: false,
+                error: `Signature verification failed: ${err instanceof Error ? err.message : 'unknown error'}`,
+            };
+        }
+    }
+    return {
+        valid: true,
+        signer: signed.signer,
+        signedAt: signed.signedAt,
+    };
+}
+/**
+ * Verify an Ed25519 signed message using only the public key.
+ * This is the key advantage of asymmetric signing - verifiers don't need the private key.
+ */
+export function verifyEd25519WithPublicKey(signed, publicKeyPem, expectedSigner) {
+    if (signed.algorithm !== 'ed25519') {
+        return {
+            valid: false,
+            error: `Algorithm mismatch: expected ed25519, got ${signed.algorithm}`,
+        };
+    }
+    if (signed.signer !== expectedSigner) {
+        return {
+            valid: false,
+            error: `Signer mismatch: expected ${expectedSigner}, got ${signed.signer}`,
+        };
+    }
+    const expectedKeyId = createHash('sha256')
+        .update(publicKeyPem)
+        .digest('hex')
+        .substring(0, 16);
+    if (signed.keyId !== expectedKeyId) {
+        return {
+            valid: false,
+            error: `Key ID mismatch: expected ${expectedKeyId}, got ${signed.keyId}`,
+        };
+    }
+    const dataToVerify = `${signed.signer}:${signed.signedAt}:${signed.content}`;
+    try {
+        const publicKeyObj = createPublicKey(publicKeyPem);
+        const signatureBuffer = Buffer.from(signed.signature, 'hex');
+        const isValid = verify(null, Buffer.from(dataToVerify), publicKeyObj, signatureBuffer);
+        if (!isValid) {
+            return {
+                valid: false,
+                error: 'Invalid signature',
+            };
+        }
+    }
+    catch (err) {
+        return {
+            valid: false,
+            error: `Signature verification failed: ${err instanceof Error ? err.message : 'unknown error'}`,
+        };
+    }
+    return {
+        valid: true,
+        signer: signed.signer,
+        signedAt: signed.signedAt,
+    };
+}
+/**
+ * Verify with shared secret.
+ */
+export function verifyWithSharedSecret(signed, sharedSecret) {
+    const dataToSign = `${signed.signer}:${signed.signedAt}:${signed.content}`;
+    const expectedSignature = createHmac('sha256', sharedSecret)
+        .update(dataToSign)
+        .digest('hex');
+    if (signed.signature !== expectedSignature) {
+        return {
+            valid: false,
+            error: 'Invalid signature',
+        };
+    }
+    return {
+        valid: true,
+        signer: signed.signer,
+        signedAt: signed.signedAt,
+    };
+}
+// =============================================================================
+// Agent Signing Manager
+// =============================================================================
+/**
+ * Manages agent signing keys and verification.
+ */
+export class AgentSigningManager {
+    config;
+    keyDir;
+    keys = new Map();
+    constructor(config = {}, keyDir) {
+        this.config = { ...DEFAULT_CONFIG, ...config };
+        this.keyDir = keyDir ?? DEFAULT_KEY_DIR;
+    }
+    /**
+     * Check if signing is enabled.
+     */
+    get enabled() {
+        return this.config.enabled;
+    }
+    /**
+     * Get or load key for an agent.
+     */
+    getKey(agentName) {
+        // Check cache
+        const cached = this.keys.get(agentName);
+        if (cached) {
+            // Check expiry
+            if (cached.expiresAt && Date.now() > cached.expiresAt) {
+                this.keys.delete(agentName);
+            }
+            else {
+                return cached;
+            }
+        }
+        // Load from disk
+        const key = loadAgentKey(agentName, this.keyDir);
+        if (key) {
+            this.keys.set(agentName, key);
+        }
+        return key;
+    }
+    /**
+     * Register a new agent (generate and save key).
+     */
+    registerAgent(agentName) {
+        const key = getOrCreateAgentKey(agentName, this.config, this.keyDir);
+        this.keys.set(agentName, key);
+        return key;
+    }
+    /**
+     * Sign a message for an agent.
+     */
+    sign(agentName, content) {
+        if (!this.config.enabled) {
+            return null;
+        }
+        // Shared secret mode
+        if (this.config.sharedSecret) {
+            return signWithSharedSecret(content, agentName, this.config.sharedSecret);
+        }
+        // Per-agent key mode
+        const key = this.getKey(agentName);
+        if (!key) {
+            console.warn(`[signing] No key found for ${agentName}, cannot sign`);
+            return null;
+        }
+        return signMessage(content, key);
+    }
+    /**
+     * Verify a signed message.
+     */
+    verify(signed) {
+        if (!this.config.enabled) {
+            return { valid: true }; // Signing disabled, accept all
+        }
+        // Check if unsigned messages are allowed from this agent
+        if (this.config.allowUnsignedFrom?.includes(signed.signer)) {
+            return { valid: true, signer: signed.signer };
+        }
+        // Shared secret mode
+        if (this.config.sharedSecret) {
+            return verifyWithSharedSecret(signed, this.config.sharedSecret);
+        }
+        // Per-agent key mode
+        const key = this.getKey(signed.signer);
+        if (!key) {
+            if (this.config.requireSignatures) {
+                return {
+                    valid: false,
+                    error: `No key found for signer ${signed.signer}`,
+                };
+            }
+            // Key not found but signatures not required
+            return { valid: true, signer: signed.signer };
+        }
+        return verifyMessage(signed, key);
+    }
+    /**
+     * Check if a message requires verification.
+     */
+    requiresVerification(agentName) {
+        if (!this.config.enabled)
+            return false;
+        if (!this.config.requireSignatures)
+            return false;
+        if (this.config.allowUnsignedFrom?.includes(agentName))
+            return false;
+        return true;
+    }
+    /**
+     * Rotate key for an agent.
+     */
+    rotateKey(agentName) {
+        // Generate new key
+        const newKey = generateAgentKey(agentName, this.config.algorithm, this.config.keyRotationHours);
+        // Save and cache
+        saveAgentKey(newKey, this.keyDir);
+        this.keys.set(agentName, newKey);
+        console.log(`[signing] Rotated key for ${agentName}`);
+        return newKey;
+    }
+    /**
+     * Export public key for an agent (for sharing with other systems).
+     */
+    exportPublicKey(agentName) {
+        const key = this.getKey(agentName);
+        if (!key)
+            return null;
+        return {
+            agentName: key.agentName,
+            publicKey: key.publicKey,
+            algorithm: key.algorithm,
+        };
+    }
+}
+// =============================================================================
+// Integration Helpers
+// =============================================================================
+/**
+ * Attach signature to protocol envelope.
+ */
+export function attachSignature(envelope, signed) {
+    return {
+        ...envelope,
+        _sig: {
+            s: signed.signature,
+            k: signed.keyId,
+            t: signed.signedAt,
+            a: signed.algorithm,
+        },
+    };
+}
+/**
+ * Extract signature from protocol envelope.
+ */
+export function extractSignature(envelope) {
+    const sig = envelope._sig;
+    if (!sig || !sig.s || !sig.k || !sig.t) {
+        return null;
+    }
+    // Reconstruct the signed content (envelope without _sig)
+    const { _sig, ...rest } = envelope;
+    const content = JSON.stringify(rest);
+    // Safely extract signer from envelope
+    const signer = typeof envelope.from === 'string' ? envelope.from : 'unknown';
+    // Validate algorithm value
+    const algorithm = sig.a === 'ed25519' ? 'ed25519' : 'hmac-sha256';
+    return {
+        content,
+        signature: sig.s,
+        signer,
+        signedAt: sig.t,
+        keyId: sig.k,
+        algorithm,
+    };
+}
+// =============================================================================
+// Configuration Loading
+// =============================================================================
+const SIGNING_CONFIG_PATHS = [
+    path.join(os.homedir(), '.agent-relay', 'signing.json'),
+    path.join(os.homedir(), '.config', 'agent-relay', 'signing.json'),
+    '/etc/agent-relay/signing.json',
+];
+/**
+ * Load signing configuration from file.
+ */
+export function loadSigningConfig(configPath) {
+    const paths = configPath ? [configPath] : SIGNING_CONFIG_PATHS;
+    for (const p of paths) {
+        if (fs.existsSync(p)) {
+            try {
+                const content = fs.readFileSync(p, 'utf-8');
+                const config = JSON.parse(content);
+                console.log(`[signing] Loaded config from ${p}`);
+                return { ...DEFAULT_CONFIG, ...config };
+            }
+            catch (err) {
+                console.error(`[signing] Failed to parse ${p}:`, err);
+            }
+        }
+    }
+    return DEFAULT_CONFIG;
+}
+//# sourceMappingURL=agent-signing.js.map

package/dist/agent-signing.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-signing.js","sourceRoot":"","sources":["../src/agent-signing.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EACL,UAAU,EACV,WAAW,EACX,UAAU,EACV,mBAAmB,EACnB,IAAI,EACJ,MAAM,EACN,gBAAgB,EAChB,eAAe,GAChB,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AA4DzB,gFAAgF;AAChF,wBAAwB;AACxB,gFAAgF;AAEhF,MAAM,cAAc,GAAuB;IACzC,OAAO,EAAE,KAAK;IACd,SAAS,EAAE,aAAa;IACxB,iBAAiB,EAAE,KAAK;CACzB,CAAC;AAEF,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,cAAc,EAAE,MAAM,CAAC,CAAC;AAExE,gFAAgF;AAChF,iBAAiB;AACjB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,SAAiB,EACjB,YAAuC,aAAa,EACpD,cAAuB;IAEvB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEvB,IAAI,SAAS,KAAK,aAAa,EAAE,CAAC;QAChC,wCAAwC;QACxC,MAAM,MAAM,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC/C,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC;aAC/B,MAAM,CAAC,GAAG,SAAS,IAAI,MAAM,IAAI,GAAG,EAAE,CAAC;aACvC,MAAM,CAAC,KAAK,CAAC;aACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEpB,OAAO;YACL,SAAS;YACT,SAAS,EAAE,KAAK,EAAE,qCAAqC;YACvD,UAAU,EAAE,MAAM;YAClB,SAAS,EAAE,GAAG;YACd,SAAS,EAAE,cAAc,CAAC,CAAC,CAAC,GAAG,GAAG,cAAc,GAAG,OAAO,CAAC,CAAC,CAAC,SAAS;YACtE,SAAS;SACV,CAAC;IACJ,CAAC;IAED,oCAAoC;IACpC,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,mBAAmB,CAAC,SAAS,CAAC,CAAC;IAExF,wCAAwC;IACxC,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAW,CAAC;IACpF,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAW,CAAC;IAEjF,mEAAmE;IACnE,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC;SAChC,MAAM,CAAC,YAAY,CAAC;SACpB,MAAM,CAAC,KAAK,CAAC;SACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEpB,OAAO;QACL,SAAS;QACT,SAAS,EAAE,YAAY;QACvB,UAAU,EAAE,aAAa;QACzB,SAAS,EAAE,GAAG;QACd,SAAS,EAAE,cAAc,CAAC,CAAC,CAAC,GAAG,GAAG,cAAc,GAAG,OAAO,CAAC,CAAC,CAAC,SAAS;QACtE,SAAS;KACV,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,GAAiB,EAAE,SAAiB,eAAe;IAC9E,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3B,EAAE,CAAC,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,CAAC,SAAS,WAAW,CAAC,CAAC;IAC/D,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;QACtD,IAAI,EAAE,KAAK,EAAE,wBAAwB;KACtC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,SAAiB,EAAE,SAAiB,eAAe;IAC9E,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,SAAS,WAAW,CAAC,CAAC;IAE3D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAClD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAiB,CAAC;QAEhD,eAAe;QACf,IAAI,GAAG,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,SAAS,EAAE,CAAC;YAChD,OAAO,CAAC,IAAI,CAAC,qBAAqB,SAAS,cAAc,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,oCAAoC,SAAS,GAAG,EAAE,GAAG,CAAC,CAAC;QACrE,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,SAAiB,EACjB,MAA0B,EAC1B,SAAiB,eAAe;IAEhC,IAAI,GAAG,GAAG,YAAY,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAE1C,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,GAAG,GAAG,gBAAgB,CAAC,SAAS,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAC7E,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,mCAAmC,SAAS,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO,GAAG,CAAC;AACb,CAAC;AAED,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,OAAe,EACf,GAAiB;IAEjB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC5B,MAAM,UAAU,GAAG,GAAG,GAAG,CAAC,SAAS,IAAI,QAAQ,IAAI,OAAO,EAAE,CAAC;IAE7D,IAAI,SAAiB,CAAC;IACtB,IAAI,KAAa,CAAC;IAElB,IAAI,GAAG,CAAC,SAAS,KAAK,aAAa,EAAE,CAAC;QACpC,SAAS,GAAG,UAAU,CAAC,QAAQ,EAAE,GAAG,CAAC,UAAU,CAAC;aAC7C,MAAM,CAAC,UAAU,CAAC;aAClB,MAAM,CAAC,KAAK,CAAC,CAAC;QACjB,KAAK,GAAG,GAAG,CAAC,SAAS,CAAC,CAAC,oCAAoC;IAC7D,CAAC;SAAM,CAAC;QACN,8CAA8C;QAC9C,MAAM,aAAa,GAAG,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACvD,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,aAAa,CAAC,CAAC;QAC3E,SAAS,GAAG,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC5C,kDAAkD;QAClD,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC;aACzB,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC;aACrB,MAAM,CAAC,KAAK,CAAC;aACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACtB,CAAC;IAED,OAAO;QACL,OAAO;QACP,SAAS;QACT,MAAM,EAAE,GAAG,CAAC,SAAS;QACrB,QAAQ;QACR,KAAK;QACL,SAAS,EAAE,GAAG,CAAC,SAAS;KACzB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAClC,OAAe,EACf,SAAiB,EACjB,YAAoB;IAEpB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC5B,MAAM,UAAU,GAAG,GAAG,SAAS,IAAI,QAAQ,IAAI,OAAO,EAAE,CAAC;IAEzD,MAAM,SAAS,GAAG,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC;SACjD,MAAM,CAAC,UAAU,CAAC;SAClB,MAAM,CAAC,KAAK,CAAC,CAAC;IAEjB,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC;SAC/B,MAAM,CAAC,YAAY,CAAC;SACpB,MAAM,CAAC,KAAK,CAAC;SACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEpB,OAAO;QACL,OAAO;QACP,SAAS;QACT,MAAM,EAAE,SAAS;QACjB,QAAQ;QACR,KAAK;QACL,SAAS,EAAE,aAAa;KACzB,CAAC;AACJ,CAAC;AAED,gFAAgF;AAChF,uBAAuB;AACvB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,UAAU,aAAa,CAC3B,MAAqB,EACrB,GAAiB;IAEjB,2BAA2B;IAC3B,IAAI,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC,SAAS,EAAE,CAAC;QACpC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,6BAA6B,GAAG,CAAC,SAAS,SAAS,MAAM,CAAC,MAAM,EAAE;SAC1E,CAAC;IACJ,CAAC;IAED,kDAAkD;IAClD,MAAM,aAAa,GAAG,GAAG,CAAC,SAAS,KAAK,aAAa;QACnD,CAAC,CAAC,GAAG,CAAC,SAAS;QACf,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAE9E,IAAI,MAAM,CAAC,KAAK,KAAK,aAAa,EAAE,CAAC;QACnC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,6BAA6B,aAAa,SAAS,MAAM,CAAC,KAAK,EAAE;SACzE,CAAC;IACJ,CAAC;IAED,eAAe;IACf,IAAI,GAAG,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,CAAC,SAAS,EAAE,CAAC;QAChD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,yBAAyB;SACjC,CAAC;IACJ,CAAC;IAED,mBAAmB;IACnB,MAAM,YAAY,GAAG,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;IAE7E,IAAI,GAAG,CAAC,SAAS,KAAK,aAAa,EAAE,CAAC;QACpC,2CAA2C;QAC3C,MAAM,iBAAiB,GAAG,UAAU,CAAC,QAAQ,EAAE,GAAG,CAAC,UAAU,CAAC;aAC3D,MAAM,CAAC,YAAY,CAAC;aACpB,MAAM,CAAC,KAAK,CAAC,CAAC;QAEjB,IAAI,MAAM,CAAC,SAAS,KAAK,iBAAiB,EAAE,CAAC;YAC3C,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,mBAAmB;aAC3B,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,4EAA4E;QAC5E,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACpD,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAC7D,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC;YAEvF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,mBAAmB;iBAC3B,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,kCAAkC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;aAChG,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CACxC,MAAqB,EACrB,YAAoB,EACpB,cAAsB;IAEtB,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACnC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,6CAA6C,MAAM,CAAC,SAAS,EAAE;SACvE,CAAC;IACJ,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,cAAc,EAAE,CAAC;QACrC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,6BAA6B,cAAc,SAAS,MAAM,CAAC,MAAM,EAAE;SAC3E,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,UAAU,CAAC,QAAQ,CAAC;SACvC,MAAM,CAAC,YAAY,CAAC;SACpB,MAAM,CAAC,KAAK,CAAC;SACb,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAEpB,IAAI,MAAM,CAAC,KAAK,KAAK,aAAa,EAAE,CAAC;QACnC,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,6BAA6B,aAAa,SAAS,MAAM,CAAC,KAAK,EAAE;SACzE,CAAC;IACJ,CAAC;IAED,MAAM,YAAY,GAAG,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;IAE7E,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,eAAe,CAAC,YAAY,CAAC,CAAC;QACnD,MAAM,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC7D,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,YAAY,EAAE,eAAe,CAAC,CAAC;QAEvF,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO;gBACL,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,mBAAmB;aAC3B,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,kCAAkC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;SAChG,CAAC;IACJ,CAAC;IAED,OAAO;QACL,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CACpC,MAAqB,EACrB,YAAoB;IAEpB,MAAM,UAAU,GAAG,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;IAE3E,MAAM,iBAAiB,GAAG,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC;SACzD,MAAM,CAAC,UAAU,CAAC;SAClB,MAAM,CAAC,KAAK,CAAC,CAAC;IAEjB,IAAI,MAAM,CAAC,SAAS,KAAK,iBAAiB,EAAE,CAAC;QAC3C,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,mBAAmB;SAC3B,CAAC;IACJ,CAAC;IAED,OAAO;QACL,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAC;AACJ,CAAC;AAED,gFAAgF;AAChF,wBAAwB;AACxB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,OAAO,mBAAmB;IACtB,MAAM,CAAqB;IAC3B,MAAM,CAAS;IACf,IAAI,GAA8B,IAAI,GAAG,EAAE,CAAC;IAEpD,YAAY,SAAsC,EAAE,EAAE,MAAe;QACnE,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;QAC/C,IAAI,CAAC,MAAM,GAAG,MAAM,IAAI,eAAe,CAAC;IAC1C,CAAC;IAED;;OAEG;IACH,IAAI,OAAO;QACT,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC;IAC7B,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,SAAiB;QACtB,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,eAAe;YACf,IAAI,MAAM,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;gBACtD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QAED,iBAAiB;QACjB,MAAM,GAAG,GAAG,YAAY,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACjD,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAChC,CAAC;QAED,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,SAAiB;QAC7B,MAAM,GAAG,GAAG,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACrE,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAC9B,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACH,IAAI,CAAC,SAAiB,EAAE,OAAe;QACrC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,qBAAqB;QACrB,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7B,OAAO,oBAAoB,CAAC,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC5E,CAAC;QAED,qBAAqB;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,OAAO,CAAC,IAAI,CAAC,8BAA8B,SAAS,eAAe,CAAC,CAAC;YACrE,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,WAAW,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IACnC,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,MAAqB;QAC1B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,+BAA+B;QACzD,CAAC;QAED,yDAAyD;QACzD,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3D,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC;QAChD,CAAC;QAED,qBAAqB;QACrB,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7B,OAAO,sBAAsB,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAClE,CAAC;QAED,qBAAqB;QACrB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAClC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,2BAA2B,MAAM,CAAC,MAAM,EAAE;iBAClD,CAAC;YACJ,CAAC;YACD,4CAA4C;YAC5C,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC;QAChD,CAAC;QAED,OAAO,aAAa,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IACpC,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,SAAiB;QACpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAAE,OAAO,KAAK,CAAC;QACjD,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,QAAQ,CAAC,SAAS,CAAC;YAAE,OAAO,KAAK,CAAC;QACrE,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,SAAiB;QACzB,mBAAmB;QACnB,MAAM,MAAM,GAAG,gBAAgB,CAC7B,SAAS,EACT,IAAI,CAAC,MAAM,CAAC,SAAS,EACrB,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAC7B,CAAC;QAEF,iBAAiB;QACjB,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QAEjC,OAAO,CAAC,GAAG,CAAC,6BAA6B,SAAS,EAAE,CAAC,CAAC;QACtD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,SAAiB;QAC/B,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACnC,IAAI,CAAC,GAAG;YAAE,OAAO,IAAI,CAAC;QAEtB,OAAO;YACL,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,SAAS,EAAE,GAAG,CAAC,SAAS;SACzB,CAAC;IACJ,CAAC;CACF;AAED,gFAAgF;AAChF,sBAAsB;AACtB,gFAAgF;AAEhF;;GAEG;AACH,MAAM,UAAU,eAAe,CAC7B,QAAiC,EACjC,MAAqB;IAErB,OAAO;QACL,GAAG,QAAQ;QACX,IAAI,EAAE;YACJ,CAAC,EAAE,MAAM,CAAC,SAAS;YACnB,CAAC,EAAE,MAAM,CAAC,KAAK;YACf,CAAC,EAAE,MAAM,CAAC,QAAQ;YAClB,CAAC,EAAE,MAAM,CAAC,SAAS;SACpB;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,QAAiC;IAEjC,MAAM,GAAG,GAAG,QAAQ,CAAC,IAKR,CAAC;IAEd,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QACvC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,yDAAyD;IACzD,MAAM,EAAE,IAAI,EAAE,GAAG,IAAI,EAAE,GAAG,QAAQ,CAAC;IACnC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAErC,sCAAsC;IACtC,MAAM,MAAM,GAAG,OAAO,QAAQ,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;IAE7E,2BAA2B;IAC3B,MAAM,SAAS,GACb,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC;IAElD,OAAO;QACL,OAAO;QACP,SAAS,EAAE,GAAG,CAAC,CAAC;QAChB,MAAM;QACN,QAAQ,EAAE,GAAG,CAAC,CAAC;QACf,KAAK,EAAE,GAAG,CAAC,CAAC;QACZ,SAAS;KACV,CAAC;AACJ,CAAC;AAED,gFAAgF;AAChF,wBAAwB;AACxB,gFAAgF;AAEhF,MAAM,oBAAoB,GAAG;IAC3B,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,cAAc,EAAE,cAAc,CAAC;IACvD,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,cAAc,CAAC;IACjE,+BAA+B;CAChC,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,UAAmB;IACnD,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,oBAAoB,CAAC;IAE/D,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YACrB,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;gBAC5C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAgC,CAAC;gBAClE,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,EAAE,CAAC,CAAC;gBACjD,OAAO,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;YAC1C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACxD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,cAAc,CAAC;AACxB,CAAC"}

package/dist/api.d.ts

@@ -0,0 +1,106 @@
+/**
+ * Daemon API
+ * REST and WebSocket API for dashboard communication.
+ */
+import { EventEmitter } from 'events';
+import type { ApiDaemonConfig } from './types.js';
+export declare class DaemonApi extends EventEmitter {
+    private server?;
+    private wss?;
+    private workspaceManager;
+    private agentManager;
+    private sessions;
+    private routes;
+    private config;
+    private allowedOrigins;
+    private allowAllOrigins;
+    private outputSubscribers;
+    private wsSubscriptions;
+    private clientAlive;
+    private pingInterval?;
+    constructor(config: ApiDaemonConfig);
+    /**
+     * Resolve allowed origins from config/env (comma-separated list).
+     * Empty list means no cross-origin access is permitted.
+     */
+    private loadAllowedOrigins;
+    /**
+     * Return allowed origin for CORS or null if explicitly blocked.
+     * Undefined means no CORS header will be set (same-origin/server-to-server).
+     */
+    private resolveAllowedOrigin;
+    /**
+     * Track an output subscription for a client/agent pair
+     */
+    private addOutputSubscription;
+    /**
+     * Remove output subscriptions for a client. If agentId is provided, only that
+     * subscription is removed.
+     */
+    private removeOutputSubscription;
+    /**
+     * Send a snapshot of recent output to the client.
+     */
+    private sendOutputSnapshot;
+    /**
+     * Broadcast output events only to subscribed clients
+     */
+    private broadcastOutputEvent;
+    /**
+     * Clamp and normalize requested output limit
+     */
+    private normalizeLimit;
+    /**
+     * Start the API server
+     */
+    start(): Promise<void>;
+    /**
+     * Stop the API server
+     */
+    stop(): Promise<void>;
+    /**
+     * Setup API routes
+     */
+    private setupRoutes;
+    /**
+     * Handle HTTP request
+     */
+    private handleRequest;
+    /**
+     * Parse incoming request
+     */
+    private parseRequest;
+    /**
+     * Parse request body
+     */
+    private parseBody;
+    /**
+     * Route request to handler
+     */
+    private routeRequest;
+    /**
+     * Match route pattern against request
+     */
+    private matchRoute;
+    /**
+     * Handle WebSocket connection
+     */
+    private handleWebSocketConnection;
+    /**
+     * Send initial state to WebSocket client
+     */
+    private sendInitialState;
+    /**
+     * Handle WebSocket message from client
+     */
+    private handleWebSocketMessage;
+    /**
+     * Send message to WebSocket client
+     */
+    private sendToClient;
+    /**
+     * Broadcast event to all WebSocket clients
+     */
+    private broadcastEvent;
+}
+//# sourceMappingURL=api.d.ts.map

package/dist/api.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AAItC,OAAO,KAAK,EACV,eAAe,EAOhB,MAAM,YAAY,CAAC;AA4BpB,qBAAa,SAAU,SAAQ,YAAY;IACzC,OAAO,CAAC,MAAM,CAAC,CAAc;IAC7B,OAAO,CAAC,GAAG,CAAC,CAAkB;IAC9B,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,YAAY,CAAe;IACnC,OAAO,CAAC,QAAQ,CAA8B;IAC9C,OAAO,CAAC,MAAM,CAAmC;IACjD,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,cAAc,CAAc;IACpC,OAAO,CAAC,eAAe,CAAU;IAEjC,OAAO,CAAC,iBAAiB,CAA8B;IACvD,OAAO,CAAC,eAAe,CAAkC;IAGzD,OAAO,CAAC,WAAW,CAA8B;IACjD,OAAO,CAAC,YAAY,CAAC,CAAiB;gBAE1B,MAAM,EAAE,eAAe;IAqBnC;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAW1B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAqB5B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAU7B;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAuBhC;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAoB1B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAwB5B;;OAEG;IACH,OAAO,CAAC,cAAc;IAOtB;;OAEG;IACG,KAAK,IAAI,OAAO,CAAC,IAAI,CAAC;IAkC5B;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IA6B3B;;OAEG;IACH,OAAO,CAAC,WAAW;IA2bnB;;OAEG;YACW,aAAa;IAqD3B;;OAEG;YACW,YAAY;IAsB1B;;OAEG;IACH,OAAO,CAAC,SAAS;IAiBjB;;OAEG;YACW,YAAY;IAY1B;;OAEG;IACH,OAAO,CAAC,UAAU;IAkClB;;OAEG;IACH,OAAO,CAAC,yBAAyB;IA0CjC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAexB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IA4B9B;;OAEG;IACH,OAAO,CAAC,YAAY;IAMpB;;OAEG;IACH,OAAO,CAAC,cAAc;CAWvB"}