@atcute/oauth-types 0.1.1 → 1.0.0

package/README.md

@@ -33,16 +33,17 @@ import {
 	oauthTokenResponseSchema,
 	atprotoAuthorizationServerMetadataSchema,
 } from '@atcute/oauth-types';
+import * as v from 'valibot';
 
 // validate client metadata
-const result = confidentialClientMetadataSchema.try(input);
-if (result.ok) {
-	console.log(result.value);
+const result = v.safeParse(confidentialClientMetadataSchema, input);
+if (result.success) {
+	console.log(result.output);
 }
 
 // validate token response
-const tokenResult = oauthTokenResponseSchema.try(response);
+const tokenResult = v.safeParse(oauthTokenResponseSchema, response);
 
 // validate authorization server metadata
-const asResult = atprotoAuthorizationServerMetadataSchema.try(metadata);
+const asResult = v.safeParse(atprotoAuthorizationServerMetadataSchema, metadata);
 ```

package/dist/build-client-metadata.d.ts

@@ -1,4 +1,7 @@
 import type { Keyset } from '@atcute/oauth-keyset';
+import { type ConfidentialClientMetadata } from './schemas/atcute-confidential-client-metadata.ts';
+import { type PublicClientMetadata } from './schemas/atcute-public-client-metadata.ts';
+import type { OAuthClientMetadata } from './schemas/oauth-client-metadata.ts';
 /**
  * builds an atproto client metadata for a confidential client.
  *
@@ -6,164 +9,7 @@ import type { Keyset } from '@atcute/oauth-keyset';
  * @param keyset available keys
  * @returns built client metadata
  */
-export declare const buildClientMetadata: (input: {
-    client_id: string;
-    redirect_uris: string[];
-    scope: string | string[];
-    client_uri?: string | undefined;
-    client_name?: string | undefined;
-    policy_uri?: string | undefined;
-    tos_uri?: string | undefined;
-    logo_uri?: string | undefined;
-    jwks_uri?: string | undefined;
-}, keyset: Keyset) => {
-    redirect_uris: string[];
-    response_types?: ("code" | "code id_token" | "code id_token token" | "code token" | "id_token" | "id_token token" | "none" | "token")[] | undefined;
-    grant_types?: ("authorization_code" | "client_credentials" | "implicit" | "password" | "refresh_token" | "urn:ietf:params:oauth:grant-type:jwt-bearer" | "urn:ietf:params:oauth:grant-type:saml2-bearer")[] | undefined;
-    scope?: string | undefined;
-    token_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
-    token_endpoint_auth_signing_alg?: string | undefined;
-    userinfo_signed_response_alg?: string | undefined;
-    userinfo_encrypted_response_alg?: string | undefined;
-    jwks_uri?: string | undefined;
-    jwks?: {
-        keys: ({
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "RSA";
-            alg?: "PS256" | "PS384" | "PS512" | "RS256" | "RS384" | "RS512" | undefined;
-            n: string;
-            e: string;
-            d?: string | undefined;
-            p?: string | undefined;
-            q?: string | undefined;
-            dp?: string | undefined;
-            dq?: string | undefined;
-            qi?: string | undefined;
-            oth?: {
-                r?: string | undefined;
-                d?: string | undefined;
-                t?: string | undefined;
-            }[] | undefined;
-        } | {
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "EC";
-            alg?: "ES256" | "ES384" | "ES512" | undefined;
-            crv: "P-256" | "P-384" | "P-521";
-            x: string;
-            y: string;
-            d?: string | undefined;
-        } | {
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "EC";
-            alg?: "ES256K" | undefined;
-            crv: "secp256k1";
-            x: string;
-            y: string;
-            d?: string | undefined;
-        } | {
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "OKP";
-            alg?: "EdDSA" | undefined;
-            crv: "Ed25519" | "Ed448";
-            x: string;
-            d?: string | undefined;
-        } | {
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "oct";
-            alg?: "HS256" | "HS384" | "HS512" | undefined;
-            k: string;
-        })[];
-    } | undefined;
-    application_type?: "native" | "web" | undefined;
-    subject_type?: "pairwise" | "public" | undefined;
-    request_object_signing_alg?: string | undefined;
-    id_token_signed_response_alg?: string | undefined;
-    authorization_signed_response_alg?: string | undefined;
-    authorization_encrypted_response_enc?: "A128CBC-HS256" | undefined;
-    authorization_encrypted_response_alg?: string | undefined;
-    client_id?: string | undefined;
-    client_name?: string | undefined;
-    client_uri?: string | undefined;
-    policy_uri?: string | undefined;
-    tos_uri?: string | undefined;
-    logo_uri?: string | undefined;
-    default_max_age?: number | undefined;
-    require_auth_time?: boolean | undefined;
-    contacts?: string[] | undefined;
-    tls_client_certificate_bound_access_tokens?: boolean | undefined;
-    dpop_bound_access_tokens?: boolean | undefined;
-    authorization_details_types?: string[] | undefined;
-};
+export declare const buildClientMetadata: (input: ConfidentialClientMetadata, keyset: Keyset) => OAuthClientMetadata;
 /**
  * builds an atproto client metadata for a public client.
  *
@@ -176,166 +22,5 @@ export declare const buildClientMetadata: (input: {
  * @param input public client metadata
  * @returns built client metadata
  */
-export declare const buildPublicClientMetadata: (input: {
-    client_id?: undefined;
-    redirect_uris: string[];
-    scope: string | string[];
-} | {
-    client_id: string;
-    redirect_uris: string[];
-    scope: string | string[];
-    application_type?: "native" | "web" | undefined;
-    client_uri?: string | undefined;
-    client_name?: string | undefined;
-    policy_uri?: string | undefined;
-    tos_uri?: string | undefined;
-    logo_uri?: string | undefined;
-}) => {
-    redirect_uris: string[];
-    response_types?: ("code" | "code id_token" | "code id_token token" | "code token" | "id_token" | "id_token token" | "none" | "token")[] | undefined;
-    grant_types?: ("authorization_code" | "client_credentials" | "implicit" | "password" | "refresh_token" | "urn:ietf:params:oauth:grant-type:jwt-bearer" | "urn:ietf:params:oauth:grant-type:saml2-bearer")[] | undefined;
-    scope?: string | undefined;
-    token_endpoint_auth_method?: "client_secret_basic" | "client_secret_jwt" | "client_secret_post" | "none" | "private_key_jwt" | "self_signed_tls_client_auth" | "tls_client_auth" | undefined;
-    token_endpoint_auth_signing_alg?: string | undefined;
-    userinfo_signed_response_alg?: string | undefined;
-    userinfo_encrypted_response_alg?: string | undefined;
-    jwks_uri?: string | undefined;
-    jwks?: {
-        keys: ({
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "RSA";
-            alg?: "PS256" | "PS384" | "PS512" | "RS256" | "RS384" | "RS512" | undefined;
-            n: string;
-            e: string;
-            d?: string | undefined;
-            p?: string | undefined;
-            q?: string | undefined;
-            dp?: string | undefined;
-            dq?: string | undefined;
-            qi?: string | undefined;
-            oth?: {
-                r?: string | undefined;
-                d?: string | undefined;
-                t?: string | undefined;
-            }[] | undefined;
-        } | {
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "EC";
-            alg?: "ES256" | "ES384" | "ES512" | undefined;
-            crv: "P-256" | "P-384" | "P-521";
-            x: string;
-            y: string;
-            d?: string | undefined;
-        } | {
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "EC";
-            alg?: "ES256K" | undefined;
-            crv: "secp256k1";
-            x: string;
-            y: string;
-            d?: string | undefined;
-        } | {
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "OKP";
-            alg?: "EdDSA" | undefined;
-            crv: "Ed25519" | "Ed448";
-            x: string;
-            d?: string | undefined;
-        } | {
-            kid?: string | undefined;
-            use?: "enc" | "sig" | undefined;
-            key_ops?: ("decrypt" | "deriveBits" | "deriveKey" | "encrypt" | "sign" | "unwrapKey" | "verify" | "wrapKey")[] | undefined;
-            x5c?: string[] | undefined;
-            x5t?: string | undefined;
-            'x5t#S256'?: string | undefined;
-            x5u?: string | undefined;
-            ext?: boolean | undefined;
-            iat?: number | undefined;
-            exp?: number | undefined;
-            nbf?: number | undefined;
-            revoked?: {
-                revoked_at: number;
-                reason?: string | undefined;
-            } | undefined;
-            kty: "oct";
-            alg?: "HS256" | "HS384" | "HS512" | undefined;
-            k: string;
-        })[];
-    } | undefined;
-    application_type?: "native" | "web" | undefined;
-    subject_type?: "pairwise" | "public" | undefined;
-    request_object_signing_alg?: string | undefined;
-    id_token_signed_response_alg?: string | undefined;
-    authorization_signed_response_alg?: string | undefined;
-    authorization_encrypted_response_enc?: "A128CBC-HS256" | undefined;
-    authorization_encrypted_response_alg?: string | undefined;
-    client_id?: string | undefined;
-    client_name?: string | undefined;
-    client_uri?: string | undefined;
-    policy_uri?: string | undefined;
-    tos_uri?: string | undefined;
-    logo_uri?: string | undefined;
-    default_max_age?: number | undefined;
-    require_auth_time?: boolean | undefined;
-    contacts?: string[] | undefined;
-    tls_client_certificate_bound_access_tokens?: boolean | undefined;
-    dpop_bound_access_tokens?: boolean | undefined;
-    authorization_details_types?: string[] | undefined;
-};
+export declare const buildPublicClientMetadata: (input: PublicClientMetadata) => OAuthClientMetadata;
 //# sourceMappingURL=build-client-metadata.d.ts.map

package/dist/build-client-metadata.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"build-client-metadata.d.ts","sourceRoot":"","sources":["../lib/build-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAcnD;;;;;;GAMG;AACH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAsD/B,CAAC;AA6BF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAuCrC,CAAC"}
+{"version":3,"file":"build-client-metadata.d.ts","sourceRoot":"","sources":["../lib/build-client-metadata.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAKnD,OAAO,EAEN,KAAK,0BAA0B,EAC/B,MAAM,kDAAkD,CAAC;AAC1D,OAAO,EAEN,KAAK,oBAAoB,EACzB,MAAM,4CAA4C,CAAC;AAEpD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,oCAAoC,CAAC;AAE9E;;;;;;GAMG;AACH,eAAO,MAAM,mBAAmB,UACxB,0BAA0B,UACzB,MAAM,KACZ,mBAmDF,CAAC;AA6BF;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,yBAAyB,UAAW,oBAAoB,KAAG,mBAuCvE,CAAC"}

package/dist/build-client-metadata.js

@@ -1,3 +1,4 @@
+import * as v from 'valibot';
 import { FALLBACK_ALG } from './constants.js';
 import { confidentialClientMetadataSchema, } from './schemas/atcute-confidential-client-metadata.js';
 import { publicClientMetadataSchema, } from './schemas/atcute-public-client-metadata.js';
@@ -11,7 +12,7 @@ import { DEFAULT_ATPROTO_OAUTH_SCOPE } from './schemas/atproto-oauth-scope.js';
  */
 export const buildClientMetadata = (input, keyset) => {
     // validate user-facing schema is correct
-    const conf = confidentialClientMetadataSchema.parse(input, { mode: 'passthrough' });
+    const conf = v.parse(confidentialClientMetadataSchema, input);
     // build full OAuth client metadata (atproto defaults and requirements)
     const metadata = {
         client_id: conf.client_id,
@@ -86,7 +87,7 @@ const buildLoopbackClientId = (redirectUris, scope) => {
  * @returns built client metadata
  */
 export const buildPublicClientMetadata = (input) => {
-    const parsed = publicClientMetadataSchema.parse(input, { mode: 'passthrough' });
+    const parsed = v.parse(publicClientMetadataSchema, input);
     const scope = Array.isArray(parsed.scope) ? parsed.scope.join(' ') : parsed.scope;
     if (parsed.client_id === undefined) {
         // loopback client - server generates metadata from client_id URL

package/dist/build-client-metadata.js.map

@@ -1 +1 @@
-{"version":3,"file":"build-client-metadata.js","sourceRoot":"","sources":["../lib/build-client-metadata.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EACN,gCAAgC,GAEhC,MAAM,kDAAkD,CAAC;AAC1D,OAAO,EACN,0BAA0B,GAE1B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAG/E;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAClC,KAAiC,EACjC,MAAc,EACQ,EAAE,CAAC;IACzB,yCAAyC;IACzC,MAAM,IAAI,GAAG,gCAAgC,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC,CAAC;IAEpF,uEAAuE;IACvE,MAAM,QAAQ,GAAwB;QACrC,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK;QAEpE,gBAAgB,EAAE,KAAK;QACvB,YAAY,EAAE,QAAQ;QACtB,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAEpD,0BAA0B,EAAE,iBAAiB;QAC7C,+BAA+B,EAAE,YAAY;QAC7C,wBAAwB,EAAE,IAAI;QAE9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAE,MAAM,CAAC,UAA0C;KACpF,CAAC;IAEF,0DAA0D;IAC1D,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,YAAY,CAAC,EAAE,CAAC;QAC1D,MAAM,IAAI,SAAS,CAAC,4CAA4C,YAAY,eAAe,CAAC,CAAC;IAC9F,CAAC;IAED,+DAA+D;IAC/D,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnB,MAAM,QAAQ,GAAG,IAAI,GAAG,CACvB,QAAQ,CAAC,IAAI,CAAC,IAAI;aAChB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;aACzB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;aACjB,MAAM,CAAC,OAAO,CAAC,CACjB,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5B,MAAM,IAAI,SAAS,CAAC,gBAAgB,GAAG,CAAC,GAAG,qBAAqB,CAAC,CAAC;YACnE,CAAC;QACF,CAAC;IACF,CAAC;IAED,OAAO,QAAQ,CAAC;AAAA,CAChB,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,qBAAqB,GAAG,CAAC,YAA+B,EAAE,KAAa,EAAU,EAAE,CAAC;IACzF,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IAErC,wCAAwC;IACxC,IAAI,KAAK,KAAK,2BAA2B,EAAE,CAAC;QAC3C,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;IAED,wBAAwB;IACxB,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;IACpC,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,oBAAoB,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IAChD,CAAC;IAED,OAAO,kBAAkB,CAAC;AAAA,CAC1B,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,KAA2B,EAAuB,EAAE,CAAC;IAC9F,MAAM,MAAM,GAAG,0BAA0B,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC,CAAC;IAChF,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IAElF,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACpC,iEAAiE;QACjE,OAAO;YACN,SAAS,EAAE,qBAAqB,CAAC,MAAM,CAAC,aAAa,EAAE,KAAK,CAAC;YAC7D,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,KAAK;YAEL,gBAAgB,EAAE,QAAQ;YAC1B,cAAc,EAAE,CAAC,MAAM,CAAC;YACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;YAEpD,0BAA0B,EAAE,MAAM;YAClC,wBAAwB,EAAE,IAAI;SAC9B,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,OAAO;QACN,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,KAAK;QAEL,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,KAAK;QAClD,YAAY,EAAE,QAAQ;QACtB,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAEpD,0BAA0B,EAAE,MAAM;QAClC,wBAAwB,EAAE,IAAI;KAC9B,CAAC;AAAA,CACF,CAAC"}
+{"version":3,"file":"build-client-metadata.js","sourceRoot":"","sources":["../lib/build-client-metadata.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EACN,gCAAgC,GAEhC,MAAM,kDAAkD,CAAC;AAC1D,OAAO,EACN,0BAA0B,GAE1B,MAAM,4CAA4C,CAAC;AACpD,OAAO,EAAE,2BAA2B,EAAE,MAAM,kCAAkC,CAAC;AAG/E;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAClC,KAAiC,EACjC,MAAc,EACQ,EAAE;IACxB,yCAAyC;IACzC,MAAM,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,gCAAgC,EAAE,KAAK,CAAC,CAAC;IAE9D,uEAAuE;IACvE,MAAM,QAAQ,GAAwB;QACrC,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK;QAEpE,gBAAgB,EAAE,KAAK;QACvB,YAAY,EAAE,QAAQ;QACtB,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAEpD,0BAA0B,EAAE,iBAAiB;QAC7C,+BAA+B,EAAE,YAAY;QAC7C,wBAAwB,EAAE,IAAI;QAE9B,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAE,MAAM,CAAC,UAA0C;KACpF,CAAC;IAEF,0DAA0D;IAC1D,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACvC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,KAAK,YAAY,CAAC,EAAE,CAAC;QAC1D,MAAM,IAAI,SAAS,CAAC,4CAA4C,YAAY,eAAe,CAAC,CAAC;IAC9F,CAAC;IAED,+DAA+D;IAC/D,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnB,MAAM,QAAQ,GAAG,IAAI,GAAG,CACvB,QAAQ,CAAC,IAAI,CAAC,IAAI;aAChB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;aACzB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;aACjB,MAAM,CAAC,OAAO,CAAC,CACjB,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5B,MAAM,IAAI,SAAS,CAAC,gBAAgB,GAAG,CAAC,GAAG,qBAAqB,CAAC,CAAC;YACnE,CAAC;QACF,CAAC;IACF,CAAC;IAED,OAAO,QAAQ,CAAC;AACjB,CAAC,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,qBAAqB,GAAG,CAAC,YAA+B,EAAE,KAAa,EAAU,EAAE;IACxF,MAAM,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;IAErC,wCAAwC;IACxC,IAAI,KAAK,KAAK,2BAA2B,EAAE,CAAC;QAC3C,MAAM,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;IAED,wBAAwB;IACxB,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,CAAC,MAAM,CAAC,cAAc,EAAE,GAAG,CAAC,CAAC;IACpC,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,oBAAoB,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;IAChD,CAAC;IAED,OAAO,kBAAkB,CAAC;AAC3B,CAAC,CAAC;AAEF;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,KAA2B,EAAuB,EAAE;IAC7F,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,0BAA0B,EAAE,KAAK,CAAC,CAAC;IAC1D,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;IAElF,IAAI,MAAM,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;QACpC,iEAAiE;QACjE,OAAO;YACN,SAAS,EAAE,qBAAqB,CAAC,MAAM,CAAC,aAAa,EAAE,KAAK,CAAC;YAC7D,aAAa,EAAE,MAAM,CAAC,aAAa;YACnC,KAAK;YAEL,gBAAgB,EAAE,QAAQ;YAC1B,cAAc,EAAE,CAAC,MAAM,CAAC;YACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;YAEpD,0BAA0B,EAAE,MAAM;YAClC,wBAAwB,EAAE,IAAI;SAC9B,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,OAAO;QACN,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,KAAK;QAEL,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,IAAI,KAAK;QAClD,YAAY,EAAE,QAAQ;QACtB,cAAc,EAAE,CAAC,MAAM,CAAC;QACxB,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;QAEpD,0BAA0B,EAAE,MAAM;QAClC,wBAAwB,EAAE,IAAI;KAC9B,CAAC;AACH,CAAC,CAAC"}

package/dist/index.d.ts

@@ -1,32 +1,32 @@
-export { buildClientMetadata, buildPublicClientMetadata } from './build-client-metadata.js';
-export { CLIENT_ASSERTION_TYPE_JWT_BEARER, FALLBACK_ALG } from './constants.js';
-export * as scope from './scope.js';
-export { confidentialClientMetadataSchema, type ConfidentialClientMetadata, } from './schemas/atcute-confidential-client-metadata.js';
-export { discoverablePublicClientMetadataSchema, loopbackClientMetadataSchema, publicClientMetadataSchema, type DiscoverablePublicClientMetadata, type LoopbackClientMetadata, type PublicClientMetadata, } from './schemas/atcute-public-client-metadata.js';
-export { atprotoOAuthScopeSchema, ATPROTO_SCOPE_VALUE, DEFAULT_ATPROTO_OAUTH_SCOPE, type AtprotoOAuthScope, } from './schemas/atproto-oauth-scope.js';
-export { jwkPubSchema, jwkSchema, keyUsageSchema, publicKeyUsageSchema, type Jwk, type JwkPub, type KeyUsage, } from './schemas/jwk.js';
-export { jwksPubSchema, jwksSchema, type Jwks, type JwksPub } from './schemas/jwks.js';
-export { oauthClientIdDiscoverableSchema } from './schemas/oauth-client-id-discoverable.js';
-export { oauthClientIdSchema, type OAuthClientId } from './schemas/oauth-client-id.js';
-export { oauthClientMetadataSchema, type OAuthClientMetadata } from './schemas/oauth-client-metadata.js';
-export { oauthEndpointAuthMethodSchema, type OAuthEndpointAuthMethod, } from './schemas/oauth-endpoint-auth-method.js';
-export { oauthGrantTypeSchema, type OAuthGrantType } from './schemas/oauth-grant-type.js';
-export { loopbackRedirectUriSchema, oauthRedirectUriSchema, type LoopbackRedirectUri, type OAuthRedirectUri, } from './schemas/oauth-redirect-uri.js';
-export { oauthResponseTypeSchema, type OAuthResponseType } from './schemas/oauth-response-type.js';
-export { isOAuthScope, OAUTH_SCOPE_REGEXP, oauthScopeSchema, type OAuthScope, } from './schemas/oauth-scope.js';
-export { httpsUriSchema, loopbackUriSchema, nonLocalWebUriSchema, privateUseUriSchema, urlSchema, webUriSchema, } from './schemas/uri.js';
-export { extractUrlPath, isHostnameIP, isLastOccurrence, isLocalHostname, isLoopbackHost, isSpaceSeparatedValue, } from './schemas/utils.js';
-export { oauthTokenTypeSchema, type OAuthTokenType } from './schemas/oauth-token-type.js';
-export { oauthTokenResponseSchema, type OAuthTokenResponse } from './schemas/oauth-token-response.js';
-export { atprotoOAuthTokenResponseSchema, type AtprotoOAuthTokenResponse, } from './schemas/atproto-oauth-token-response.js';
-export { oauthParResponseSchema, type OAuthParResponse } from './schemas/oauth-par-response.js';
-export { oauthCodeChallengeMethodSchema, type OAuthCodeChallengeMethod, } from './schemas/oauth-code-challenge-method.js';
-export { oauthResponseModeSchema, type OAuthResponseMode } from './schemas/oauth-response-mode.js';
-export { oauthPromptSchema, type OAuthPrompt } from './schemas/oauth-prompt.js';
-export { oauthAuthorizationDetailSchema, oauthAuthorizationDetailsSchema, type OAuthAuthorizationDetail, type OAuthAuthorizationDetails, } from './schemas/oauth-authorization-details.js';
-export { oauthIssuerIdentifierSchema, type OAuthIssuerIdentifier, } from './schemas/oauth-issuer-identifier.js';
-export { oauthAuthorizationServerMetadataSchema, oauthAuthorizationServerMetadataValidator, type OAuthAuthorizationServerMetadata, } from './schemas/oauth-authorization-server-metadata.js';
-export { atprotoAuthorizationServerMetadataValidator, type AtprotoAuthorizationServerMetadata, } from './schemas/atproto-authorization-server-metadata.js';
-export { oauthBearerMethodSchema, oauthProtectedResourceMetadataSchema, oauthProtectedResourceMetadataValidator, type OAuthBearerMethod, type OAuthProtectedResourceMetadata, } from './schemas/oauth-protected-resource-metadata.js';
-export { atprotoProtectedResourceMetadataValidator, type AtprotoProtectedResourceMetadata, } from './schemas/atproto-protected-resource-metadata.js';
+export { buildClientMetadata, buildPublicClientMetadata } from './build-client-metadata.ts';
+export { CLIENT_ASSERTION_TYPE_JWT_BEARER, FALLBACK_ALG } from './constants.ts';
+export * as scope from './scope.ts';
+export { confidentialClientMetadataSchema, type ConfidentialClientMetadata, } from './schemas/atcute-confidential-client-metadata.ts';
+export { discoverablePublicClientMetadataSchema, loopbackClientMetadataSchema, publicClientMetadataSchema, type DiscoverablePublicClientMetadata, type LoopbackClientMetadata, type PublicClientMetadata, } from './schemas/atcute-public-client-metadata.ts';
+export { atprotoOAuthScopeSchema, ATPROTO_SCOPE_VALUE, DEFAULT_ATPROTO_OAUTH_SCOPE, type AtprotoOAuthScope, } from './schemas/atproto-oauth-scope.ts';
+export { jwkPubSchema, jwkSchema, keyUsageSchema, publicKeyUsageSchema, type Jwk, type JwkPub, type KeyUsage, } from './schemas/jwk.ts';
+export { jwksPubSchema, jwksSchema, type Jwks, type JwksPub } from './schemas/jwks.ts';
+export { oauthClientIdDiscoverableSchema } from './schemas/oauth-client-id-discoverable.ts';
+export { oauthClientIdSchema, type OAuthClientId } from './schemas/oauth-client-id.ts';
+export { oauthClientMetadataSchema, type OAuthClientMetadata } from './schemas/oauth-client-metadata.ts';
+export { oauthEndpointAuthMethodSchema, type OAuthEndpointAuthMethod, } from './schemas/oauth-endpoint-auth-method.ts';
+export { oauthGrantTypeSchema, type OAuthGrantType } from './schemas/oauth-grant-type.ts';
+export { loopbackRedirectUriSchema, oauthRedirectUriSchema, type LoopbackRedirectUri, type OAuthRedirectUri, } from './schemas/oauth-redirect-uri.ts';
+export { oauthResponseTypeSchema, type OAuthResponseType } from './schemas/oauth-response-type.ts';
+export { isOAuthScope, OAUTH_SCOPE_REGEXP, oauthScopeSchema, type OAuthScope, } from './schemas/oauth-scope.ts';
+export { httpsUriSchema, loopbackUriSchema, nonLocalWebUriSchema, privateUseUriSchema, urlSchema, webUriSchema, } from './schemas/uri.ts';
+export { extractUrlPath, isHostnameIP, isLastOccurrence, isLocalHostname, isLoopbackHost, isSpaceSeparatedValue, } from './schemas/utils.ts';
+export { oauthTokenTypeSchema, type OAuthTokenType } from './schemas/oauth-token-type.ts';
+export { oauthTokenResponseSchema, type OAuthTokenResponse } from './schemas/oauth-token-response.ts';
+export { atprotoOAuthTokenResponseSchema, type AtprotoOAuthTokenResponse, } from './schemas/atproto-oauth-token-response.ts';
+export { oauthParResponseSchema, type OAuthParResponse } from './schemas/oauth-par-response.ts';
+export { oauthCodeChallengeMethodSchema, type OAuthCodeChallengeMethod, } from './schemas/oauth-code-challenge-method.ts';
+export { oauthResponseModeSchema, type OAuthResponseMode } from './schemas/oauth-response-mode.ts';
+export { oauthPromptSchema, type OAuthPrompt } from './schemas/oauth-prompt.ts';
+export { oauthAuthorizationDetailSchema, oauthAuthorizationDetailsSchema, type OAuthAuthorizationDetail, type OAuthAuthorizationDetails, } from './schemas/oauth-authorization-details.ts';
+export { oauthIssuerIdentifierSchema, type OAuthIssuerIdentifier, } from './schemas/oauth-issuer-identifier.ts';
+export { oauthAuthorizationServerMetadataSchema, oauthAuthorizationServerMetadataValidator, type OAuthAuthorizationServerMetadata, } from './schemas/oauth-authorization-server-metadata.ts';
+export { atprotoAuthorizationServerMetadataValidator, type AtprotoAuthorizationServerMetadata, } from './schemas/atproto-authorization-server-metadata.ts';
+export { oauthBearerMethodSchema, oauthProtectedResourceMetadataSchema, oauthProtectedResourceMetadataValidator, type OAuthBearerMethod, type OAuthProtectedResourceMetadata, } from './schemas/oauth-protected-resource-metadata.ts';
+export { atprotoProtectedResourceMetadataValidator, type AtprotoProtectedResourceMetadata, } from './schemas/atproto-protected-resource-metadata.ts';
 //# sourceMappingURL=index.d.ts.map

package/dist/schemas/atcute-client-shared.d.ts

@@ -0,0 +1,8 @@
+import * as v from 'valibot';
+/**
+ * OAuth scope - either:
+ * - a space-separated string (must include "atproto")
+ * - an array of scope strings ('atproto' is added automatically)
+ */
+export declare const scopeSchema: v.UnionSchema<[v.SchemaWithPipe<readonly [v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.CheckAction<string, "invalid atproto OAuth scope">]>, v.CheckAction<string, "duplicate scope">]>, v.SchemaWithPipe<readonly [v.ArraySchema<v.SchemaWithPipe<readonly [v.StringSchema<undefined>, v.RegexAction<string, "invalid OAuth scope">]>, undefined>, v.TransformAction<string[], string[]>, v.CheckItemsAction<string[], "duplicate scope">]>], undefined>;
+//# sourceMappingURL=atcute-client-shared.d.ts.map

package/dist/schemas/atcute-client-shared.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atcute-client-shared.d.ts","sourceRoot":"","sources":["../../lib/schemas/atcute-client-shared.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAS7B;;;;GAIG;AACH,eAAO,MAAM,WAAW,scAUtB,CAAC"}

package/dist/schemas/atcute-client-shared.js

@@ -0,0 +1,15 @@
+import * as v from 'valibot';
+import { atprotoOAuthScopeSchema } from './atproto-oauth-scope.js';
+import { isLastOccurrence } from './utils.js';
+const SINGLE_SCOPE_RE = /^[\x21\x23-\x5B\x5D-\x7E]+$/;
+const singleScopeSchema = v.pipe(v.string(), v.regex(SINGLE_SCOPE_RE, `invalid OAuth scope`));
+/**
+ * OAuth scope - either:
+ * - a space-separated string (must include "atproto")
+ * - an array of scope strings ('atproto' is added automatically)
+ */
+export const scopeSchema = v.union([
+    v.pipe(atprotoOAuthScopeSchema, v.check((input) => input.split(/\s+/).every(isLastOccurrence), `duplicate scope`)),
+    v.pipe(v.array(singleScopeSchema), v.transform((input) => (input.includes('atproto') ? input : ['atproto', ...input])), v.checkItems(isLastOccurrence, `duplicate scope`)),
+]);
+//# sourceMappingURL=atcute-client-shared.js.map

package/dist/schemas/atcute-client-shared.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atcute-client-shared.js","sourceRoot":"","sources":["../../lib/schemas/atcute-client-shared.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,CAAC,MAAM,SAAS,CAAC;AAE7B,OAAO,EAAE,uBAAuB,EAAE,MAAM,0BAA0B,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAE9C,MAAM,eAAe,GAAG,6BAA6B,CAAC;AAEtD,MAAM,iBAAiB,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,eAAe,EAAE,qBAAqB,CAAC,CAAC,CAAC;AAE9F;;;;GAIG;AACH,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC;IAClC,CAAC,CAAC,IAAI,CACL,uBAAuB,EACvB,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,iBAAiB,CAAC,CACjF;IACD,CAAC,CAAC,IAAI,CACL,CAAC,CAAC,KAAK,CAAC,iBAAiB,CAAC,EAC1B,CAAC,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,EACnF,CAAC,CAAC,UAAU,CAAC,gBAAgB,EAAE,iBAAiB,CAAC,CACjD;CACD,CAAC,CAAC"}