@auth0/auth0-angular 1.8.2 → 1.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/README.md +31 -4
  2. package/auth0-auth0-angular.metadata.json +1 -1
  3. package/bundles/auth0-auth0-angular.umd.js +60 -4
  4. package/bundles/auth0-auth0-angular.umd.js.map +1 -1
  5. package/esm2015/lib/auth.client.js +5 -2
  6. package/esm2015/lib/auth.config.js +1 -1
  7. package/esm2015/lib/auth.service.js +45 -3
  8. package/esm2015/useragent.js +2 -2
  9. package/fesm2015/auth0-auth0-angular.js +48 -3
  10. package/fesm2015/auth0-auth0-angular.js.map +1 -1
  11. package/lib/auth.config.d.ts +21 -0
  12. package/lib/auth.service.d.ts +41 -3
  13. package/package.json +5 -5
package/esm2015/lib/auth.service.js CHANGED
@@ -4,7 +4,7 @@ import { of, from, Subject, iif, defer, ReplaySubject, throwError, } from 'rxjs'
4
4
  import { concatMap, tap, map, takeUntil, catchError, switchMap, withLatestFrom, } from 'rxjs/operators';
5
5
  import { Auth0ClientService } from './auth.client';
6
6
  import { AbstractNavigator } from './abstract-navigator';
7
- import { AuthClientConfig, } from './auth.config';
7
+ import { AuthClientConfig } from './auth.config';
8
8
  import { AuthState } from './auth.state';
9
9
  import * as i0 from "@angular/core";
10
10
  import * as i1 from "./auth.client";
@@ -50,8 +50,8 @@ export class AuthService {
50
50
  this.shouldHandleCallback()
51
51
  .pipe(switchMap((isCallback) => checkSessionOrCallback$(isCallback).pipe(catchError((error) => {
52
52
  const config = this.configFactory.get();
53
- this.authState.setError(error);
54
53
  this.navigator.navigateByUrl(config.errorPath || '/');
54
+ this.authState.setError(error);
55
55
  return of(undefined);
56
56
  }))), tap(() => {
57
57
  this.authState.setIsLoading(false);
@@ -180,6 +180,48 @@ export class AuthService {
180
180
  return throwError(error);
181
181
  }));
182
182
  }
183
+ /**
184
+ * ```js
185
+ * getUser(options).subscribe(user => ...);
186
+ * ```
187
+ *
188
+ * Returns the user information if available (decoded
189
+ * from the `id_token`).
190
+ *
191
+ * If you provide an audience or scope, they should match an existing Access Token
192
+ * (the SDK stores a corresponding ID Token with every Access Token, and uses the
193
+ * scope and audience to look up the ID Token)
194
+ *
195
+ * @remarks
196
+ *
197
+ * The returned observable will emit once and then complete.
198
+ *
199
+ * @typeparam TUser The type to return, has to extend {@link User}.
200
+ * @param options The options to get the user
201
+ */
202
+ getUser(options) {
203
+ return defer(() => this.auth0Client.getUser(options));
204
+ }
205
+ /**
206
+ * ```js
207
+ * getIdTokenClaims(options).subscribe(claims => ...);
208
+ * ```
209
+ *
210
+ * Returns all claims from the id_token if available.
211
+ *
212
+ * If you provide an audience or scope, they should match an existing Access Token
213
+ * (the SDK stores a corresponding ID Token with every Access Token, and uses the
214
+ * scope and audience to look up the ID Token)
215
+ *
216
+ * @remarks
217
+ *
218
+ * The returned observable will emit once and then complete.
219
+ *
220
+ * @param options The options to get the Id token claims
221
+ */
222
+ getIdTokenClaims(options) {
223
+ return defer(() => this.auth0Client.getIdTokenClaims(options));
224
+ }
183
225
  /**
184
226
  * ```js
185
227
  * handleRedirectCallback(url).subscribe(result => ...)
@@ -254,4 +296,4 @@ AuthService.ctorParameters = () => [
254
296
  { type: AbstractNavigator },
255
297
  { type: AuthState }
256
298
  ];
257
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXV0aC5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vcHJvamVjdHMvYXV0aDAtYW5ndWxhci9zcmMvbGliL2F1dGguc2VydmljZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBYSxNQUFNLGVBQWUsQ0FBQztBQUU5RCxPQUFPLEVBQ0wsV0FBVyxHQVVaLE1BQU0scUJBQXFCLENBQUM7QUFFN0IsT0FBTyxFQUNMLEVBQUUsRUFDRixJQUFJLEVBQ0osT0FBTyxFQUVQLEdBQUcsRUFDSCxLQUFLLEVBQ0wsYUFBYSxFQUNiLFVBQVUsR0FDWCxNQUFNLE1BQU0sQ0FBQztBQUVkLE9BQU8sRUFDTCxTQUFTLEVBQ1QsR0FBRyxFQUNILEdBQUcsRUFDSCxTQUFTLEVBQ1QsVUFBVSxFQUNWLFNBQVMsRUFDVCxjQUFjLEdBQ2YsTUFBTSxnQkFBZ0IsQ0FBQztBQUV4QixPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDbkQsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDekQsT0FBTyxFQUNMLGdCQUFnQixHQUVqQixNQUFNLGVBQWUsQ0FBQztBQUN2QixPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sY0FBYyxDQUFDOzs7Ozs7QUFLekMsTUFBTSxPQUFPLFdBQVc7SUFxQ3RCLFlBQ3NDLFdBQXdCLEVBQ3BELGFBQStCLEVBQy9CLFNBQTRCLEVBQzVCLFNBQW9CO1FBSFEsZ0JBQVcsR0FBWCxXQUFXLENBQWE7UUFDcEQsa0JBQWEsR0FBYixhQUFhLENBQWtCO1FBQy9CLGNBQVMsR0FBVCxTQUFTLENBQW1CO1FBQzVCLGNBQVMsR0FBVCxTQUFTLENBQVc7UUF4Q3RCLHFCQUFnQixHQUFHLElBQUksYUFBYSxDQUFZLENBQUMsQ0FBQyxDQUFDO1FBRTNELHVDQUF1QztRQUMvQixtQkFBYyxHQUFHLElBQUksT0FBTyxFQUFRLENBQUM7UUFDN0M7O1dBRUc7UUFDTSxlQUFVLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxVQUFVLENBQUM7UUFFaEQ7OztXQUdHO1FBQ00scUJBQWdCLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxnQkFBZ0IsQ0FBQztRQUU1RDs7V0FFRztRQUNNLFVBQUssR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLEtBQUssQ0FBQztRQUV0Qzs7V0FFRztRQUNNLG1CQUFjLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUM7UUFFeEQ7O1dBRUc7UUFDTSxXQUFNLEdBQUcsSUFBSSxDQUFDLFNBQVMsQ0FBQyxNQUFNLENBQUM7UUFFeEM7OztXQUdHO1FBQ00sY0FBUyxHQUFHLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQVF4RCxNQUFNLHVCQUF1QixHQUFHLENBQUMsVUFBbUIsRUFBRSxFQUFFLENBQ3RELEdBQUcsQ0FDRCxHQUFHLEVBQUUsQ0FBQyxVQUFVLEVBQ2hCLElBQUksQ0FBQyxzQkFBc0IsRUFBRSxFQUM3QixLQUFLLENBQUMsR0FBRyxFQUFFLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxZQUFZLEVBQUUsQ0FBQyxDQUM3QyxDQUFDO1FBRUosSUFBSSxDQUFDLG9CQUFvQixFQUFFO2FBQ3hCLElBQUksQ0FDSCxTQUFTLENBQUMsQ0FBQyxVQUFVLEVBQUUsRUFBRSxDQUN2Qix1QkFBdUIsQ0FBQyxVQUFVLENBQUMsQ0FBQyxJQUFJLENBQ3RDLFVBQVUsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFO1lBQ25CLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsR0FBRyxFQUFFLENBQUM7WUFDeEMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDL0IsSUFBSSxDQUFDLFNBQVMsQ0FBQyxhQUFhLENBQUMsTUFBTSxDQUFDLFNBQVMsSUFBSSxHQUFHLENBQUMsQ0FBQztZQUN0RCxPQUFPLEVBQUUsQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUN2QixDQUFDLENBQUMsQ0FDSCxDQUNGLEVBQ0QsR0FBRyxDQUFDLEdBQUcsRUFBRTtZQUNQLElBQUksQ0FBQyxTQUFTLENBQUMsWUFBWSxDQUFDLEtBQUssQ0FBQyxDQUFDO1FBQ3JDLENBQUMsQ0FBQyxFQUNGLFNBQVMsQ0FBQyxJQUFJLENBQUMsY0FBYyxDQUFDLENBQy9CO2FBQ0EsU0FBUyxFQUFFLENBQUM7SUFDakIsQ0FBQztJQUVEOztPQUVHO0lBQ0gsV0FBVztRQUNULHVDQUF1QztRQUN2QyxJQUFJLENBQUMsY0FBYyxDQUFDLElBQUksRUFBRSxDQUFDO1FBQzNCLElBQUksQ0FBQyxjQUFjLENBQUMsUUFBUSxFQUFFLENBQUM7SUFDakMsQ0FBQztJQUVEOzs7Ozs7Ozs7O09BVUc7SUFDSCxpQkFBaUIsQ0FBQyxPQUF5QztRQUN6RCxPQUFPLElBQUksQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7SUFDM0QsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7O09BZ0JHO0lBQ0gsY0FBYyxDQUNaLE9BQTJCLEVBQzNCLE1BQTJCO1FBRTNCLE9BQU8sSUFBSSxDQUNULElBQUksQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQyxJQUFJLENBQUMsR0FBRyxFQUFFO1lBQ3pELElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFLENBQUM7UUFDM0IsQ0FBQyxDQUFDLENBQ0gsQ0FBQztJQUNKLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7Ozs7T0FjRztJQUNILE1BQU0sQ0FBQyxPQUF1QjtRQUM1QixNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLENBQUMsSUFBSSxDQUFDLENBQUM7UUFFNUQsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDLFNBQVMsQ0FBQyxHQUFHLEVBQUU7WUFDMUIsSUFBSSxPQUFPLGFBQVAsT0FBTyx1QkFBUCxPQUFPLENBQUUsU0FBUyxFQUFFO2dCQUN0QixJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sRUFBRSxDQUFDO2FBQzFCO1FBQ0gsQ0FBQyxDQUFDLENBQUM7SUFDTCxDQUFDO0lBa0JEOzs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztPQTBCRztJQUNILHNCQUFzQixDQUNwQixVQUFtQyxFQUFFO1FBRXJDLE9BQU8sRUFBRSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQyxJQUFJLENBQzlCLFNBQVMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQ25CLE9BQU8sQ0FBQyxnQkFBZ0IsS0FBSyxJQUFJO1lBQy9CLENBQUMsQ0FBQyxNQUFNLENBQUMsZ0JBQWdCLGlDQUFNLE9BQU8sS0FBRSxnQkFBZ0IsRUFBRSxJQUFJLElBQUc7WUFDakUsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxPQUFPLENBQUMsQ0FDckMsRUFDRCxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUNaLElBQUksQ0FBQyxTQUFTLENBQUMsY0FBYyxDQUMzQixPQUFPLEtBQUssS0FBSyxRQUFRLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FDdkQsQ0FDRixFQUNELFVBQVUsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFO1lBQ25CLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO1lBQy9CLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDekIsT0FBTyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDM0IsQ0FBQyxDQUFDLENBQ0gsQ0FBQztJQUNKLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7T0FXRztJQUNILHVCQUF1QixDQUNyQixPQUFrQztRQUVsQyxPQUFPLEVBQUUsQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUMsSUFBSSxDQUM5QixTQUFTLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxPQUFPLENBQUMsQ0FBQyxFQUN4RCxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsY0FBYyxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQ3BELFVBQVUsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFO1lBQ25CLElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO1lBQy9CLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDekIsT0FBTyxVQUFVLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDM0IsQ0FBQyxDQUFDLENBQ0gsQ0FBQztJQUNKLENBQUM7SUFFRDs7Ozs7Ozs7Ozs7OztPQWFHO0lBQ0gsc0JBQXNCLENBQUMsR0FBWTtRQUNqQyxPQUFPLEtBQUssQ0FBQyxHQUFHLEVBQUUsQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLHNCQUFzQixDQUFZLEdBQUcsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUM5RSxjQUFjLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxVQUFVLENBQUMsRUFDekMsR0FBRyxDQUFDLENBQUMsQ0FBQyxNQUFNLEVBQUUsU0FBUyxDQUFDLEVBQUUsRUFBRTs7WUFDMUIsSUFBSSxDQUFDLFNBQVMsRUFBRTtnQkFDZCxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sRUFBRSxDQUFDO2FBQzFCO1lBQ0QsTUFBTSxRQUFRLEdBQUcsTUFBTSxhQUFOLE1BQU0sdUJBQU4sTUFBTSxDQUFFLFFBQVEsQ0FBQztZQUNsQyxNQUFNLE1BQU0sR0FBRyxNQUFBLFFBQVEsYUFBUixRQUFRLHVCQUFSLFFBQVEsQ0FBRSxNQUFNLG1DQUFJLEdBQUcsQ0FBQztZQUV2QyxJQUFJLFFBQVEsRUFBRTtnQkFDWixJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2FBQ3RDO1lBRUQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxhQUFhLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDdkMsQ0FBQyxDQUFDLEVBQ0YsR0FBRyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLENBQzFCLENBQUM7SUFDSixDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNILGlCQUFpQixDQUFDLE9BQThCO1FBQzlDLE9BQU8sS0FBSyxDQUFDLEdBQUcsRUFBRSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUNsRSxDQUFDO0lBRUQ7Ozs7Ozs7O09BUUc7SUFDSCxjQUFjLENBQUMsT0FBMEI7UUFDdkMsT0FBTyxFQUFFLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRU8sb0JBQW9CO1FBQzFCLE9BQU8sRUFBRSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsQ0FBQyxJQUFJLENBQzdCLEdBQUcsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFO1lBQ2IsT0FBTyxDQUNMLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxNQUFNLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUN2RCxNQUFNLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQztnQkFDekIsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLEdBQUcsRUFBRSxDQUFDLG9CQUFvQixDQUMvQyxDQUFDO1FBQ0osQ0FBQyxDQUFDLENBQ0gsQ0FBQztJQUNKLENBQUM7Ozs7WUF6VEYsVUFBVSxTQUFDO2dCQUNWLFVBQVUsRUFBRSxNQUFNO2FBQ25COzs7WUEzQ0MsV0FBVyx1QkFrRlIsTUFBTSxTQUFDLGtCQUFrQjtZQTlDNUIsZ0JBQWdCO1lBRlQsaUJBQWlCO1lBS2pCLFNBQVMiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBJbmplY3RhYmxlLCBJbmplY3QsIE9uRGVzdHJveSB9IGZyb20gJ0Bhbmd1bGFyL2NvcmUnO1xuXG5pbXBvcnQge1xuICBBdXRoMENsaWVudCxcbiAgUmVkaXJlY3RMb2dpbk9wdGlvbnMsXG4gIFBvcHVwTG9naW5PcHRpb25zLFxuICBQb3B1cENvbmZpZ09wdGlvbnMsXG4gIExvZ291dE9wdGlvbnMsXG4gIEdldFRva2VuU2lsZW50bHlPcHRpb25zLFxuICBHZXRUb2tlbldpdGhQb3B1cE9wdGlvbnMsXG4gIFJlZGlyZWN0TG9naW5SZXN1bHQsXG4gIExvZ291dFVybE9wdGlvbnMsXG4gIEdldFRva2VuU2lsZW50bHlWZXJib3NlUmVzcG9uc2UsXG59IGZyb20gJ0BhdXRoMC9hdXRoMC1zcGEtanMnO1xuXG5pbXBvcnQge1xuICBvZixcbiAgZnJvbSxcbiAgU3ViamVjdCxcbiAgT2JzZXJ2YWJsZSxcbiAgaWlmLFxuICBkZWZlcixcbiAgUmVwbGF5U3ViamVjdCxcbiAgdGhyb3dFcnJvcixcbn0gZnJvbSAncnhqcyc7XG5cbmltcG9ydCB7XG4gIGNvbmNhdE1hcCxcbiAgdGFwLFxuICBtYXAsXG4gIHRha2VVbnRpbCxcbiAgY2F0Y2hFcnJvcixcbiAgc3dpdGNoTWFwLFxuICB3aXRoTGF0ZXN0RnJvbSxcbn0gZnJvbSAncnhqcy9vcGVyYXRvcnMnO1xuXG5pbXBvcnQgeyBBdXRoMENsaWVudFNlcnZpY2UgfSBmcm9tICcuL2F1dGguY2xpZW50JztcbmltcG9ydCB7IEFic3RyYWN0TmF2aWdhdG9yIH0gZnJvbSAnLi9hYnN0cmFjdC1uYXZpZ2F0b3InO1xuaW1wb3J0IHtcbiAgQXV0aENsaWVudENvbmZpZyxcbiAgQXBwU3RhdGUsXG59IGZyb20gJy4vYXV0aC5jb25maWcnO1xuaW1wb3J0IHsgQXV0aFN0YXRlIH0gZnJvbSAnLi9hdXRoLnN0YXRlJztcblxuQEluamVjdGFibGUoe1xuICBwcm92aWRlZEluOiAncm9vdCcsXG59KVxuZXhwb3J0IGNsYXNzIEF1dGhTZXJ2aWNlPFRBcHBTdGF0ZSBleHRlbmRzIEFwcFN0YXRlID0gQXBwU3RhdGU+IGltcGxlbWVudHMgT25EZXN0cm95IHtcbiAgcHJpdmF0ZSBhcHBTdGF0ZVN1YmplY3QkID0gbmV3IFJlcGxheVN1YmplY3Q8VEFwcFN0YXRlPigxKTtcblxuICAvLyBodHRwczovL3N0YWNrb3ZlcmZsb3cuY29tL2EvNDExNzcxNjNcbiAgcHJpdmF0ZSBuZ1Vuc3Vic2NyaWJlJCA9IG5ldyBTdWJqZWN0PHZvaWQ+KCk7XG4gIC8qKlxuICAgKiBFbWl0cyBib29sZWFuIHZhbHVlcyBpbmRpY2F0aW5nIHRoZSBsb2FkaW5nIHN0YXRlIG9mIHRoZSBTREsuXG4gICAqL1xuICByZWFkb25seSBpc0xvYWRpbmckID0gdGhpcy5hdXRoU3RhdGUuaXNMb2FkaW5nJDtcblxuICAvKipcbiAgICogRW1pdHMgYm9vbGVhbiB2YWx1ZXMgaW5kaWNhdGluZyB0aGUgYXV0aGVudGljYXRpb24gc3RhdGUgb2YgdGhlIHVzZXIuIElmIGB0cnVlYCwgaXQgbWVhbnMgYSB1c2VyIGhhcyBhdXRoZW50aWNhdGVkLlxuICAgKiBUaGlzIGRlcGVuZHMgb24gdGhlIHZhbHVlIG9mIGBpc0xvYWRpbmckYCwgc28gdGhlcmUgaXMgbm8gbmVlZCB0byBtYW51YWxseSBjaGVjayB0aGUgbG9hZGluZyBzdGF0ZSBvZiB0aGUgU0RLLlxuICAgKi9cbiAgcmVhZG9ubHkgaXNBdXRoZW50aWNhdGVkJCA9IHRoaXMuYXV0aFN0YXRlLmlzQXV0aGVudGljYXRlZCQ7XG5cbiAgLyoqXG4gICAqIEVtaXRzIGRldGFpbHMgYWJvdXQgdGhlIGF1dGhlbnRpY2F0ZWQgdXNlciwgb3IgbnVsbCBpZiBub3QgYXV0aGVudGljYXRlZC5cbiAgICovXG4gIHJlYWRvbmx5IHVzZXIkID0gdGhpcy5hdXRoU3RhdGUudXNlciQ7XG5cbiAgLyoqXG4gICAqIEVtaXRzIElEIHRva2VuIGNsYWltcyB3aGVuIGF1dGhlbnRpY2F0ZWQsIG9yIG51bGwgaWYgbm90IGF1dGhlbnRpY2F0ZWQuXG4gICAqL1xuICByZWFkb25seSBpZFRva2VuQ2xhaW1zJCA9IHRoaXMuYXV0aFN0YXRlLmlkVG9rZW5DbGFpbXMkO1xuXG4gIC8qKlxuICAgKiBFbWl0cyBlcnJvcnMgdGhhdCBvY2N1ciBkdXJpbmcgbG9naW4sIG9yIHdoZW4gY2hlY2tpbmcgZm9yIGFuIGFjdGl2ZSBzZXNzaW9uIG9uIHN0YXJ0dXAuXG4gICAqL1xuICByZWFkb25seSBlcnJvciQgPSB0aGlzLmF1dGhTdGF0ZS5lcnJvciQ7XG5cbiAgLyoqXG4gICAqIEVtaXRzIHRoZSB2YWx1ZSAoaWYgYW55KSB0aGF0IHdhcyBwYXNzZWQgdG8gdGhlIGBsb2dpbldpdGhSZWRpcmVjdGAgbWV0aG9kIGNhbGxcbiAgICogYnV0IG9ubHkgKiphZnRlcioqIGBoYW5kbGVSZWRpcmVjdENhbGxiYWNrYCBpcyBmaXJzdCBjYWxsZWRcbiAgICovXG4gIHJlYWRvbmx5IGFwcFN0YXRlJCA9IHRoaXMuYXBwU3RhdGVTdWJqZWN0JC5hc09ic2VydmFibGUoKTtcblxuICBjb25zdHJ1Y3RvcihcbiAgICBASW5qZWN0KEF1dGgwQ2xpZW50U2VydmljZSkgcHJpdmF0ZSBhdXRoMENsaWVudDogQXV0aDBDbGllbnQsXG4gICAgcHJpdmF0ZSBjb25maWdGYWN0b3J5OiBBdXRoQ2xpZW50Q29uZmlnLFxuICAgIHByaXZhdGUgbmF2aWdhdG9yOiBBYnN0cmFjdE5hdmlnYXRvcixcbiAgICBwcml2YXRlIGF1dGhTdGF0ZTogQXV0aFN0YXRlXG4gICkge1xuICAgIGNvbnN0IGNoZWNrU2Vzc2lvbk9yQ2FsbGJhY2skID0gKGlzQ2FsbGJhY2s6IGJvb2xlYW4pID0+XG4gICAgICBpaWYoXG4gICAgICAgICgpID0+IGlzQ2FsbGJhY2ssXG4gICAgICAgIHRoaXMuaGFuZGxlUmVkaXJlY3RDYWxsYmFjaygpLFxuICAgICAgICBkZWZlcigoKSA9PiB0aGlzLmF1dGgwQ2xpZW50LmNoZWNrU2Vzc2lvbigpKVxuICAgICAgKTtcblxuICAgIHRoaXMuc2hvdWxkSGFuZGxlQ2FsbGJhY2soKVxuICAgICAgLnBpcGUoXG4gICAgICAgIHN3aXRjaE1hcCgoaXNDYWxsYmFjaykgPT5cbiAgICAgICAgICBjaGVja1Nlc3Npb25PckNhbGxiYWNrJChpc0NhbGxiYWNrKS5waXBlKFxuICAgICAgICAgICAgY2F0Y2hFcnJvcigoZXJyb3IpID0+IHtcbiAgICAgICAgICAgICAgY29uc3QgY29uZmlnID0gdGhpcy5jb25maWdGYWN0b3J5LmdldCgpO1xuICAgICAgICAgICAgICB0aGlzLmF1dGhTdGF0ZS5zZXRFcnJvcihlcnJvcik7XG4gICAgICAgICAgICAgIHRoaXMubmF2aWdhdG9yLm5hdmlnYXRlQnlVcmwoY29uZmlnLmVycm9yUGF0aCB8fCAnLycpO1xuICAgICAgICAgICAgICByZXR1cm4gb2YodW5kZWZpbmVkKTtcbiAgICAgICAgICAgIH0pXG4gICAgICAgICAgKVxuICAgICAgICApLFxuICAgICAgICB0YXAoKCkgPT4ge1xuICAgICAgICAgIHRoaXMuYXV0aFN0YXRlLnNldElzTG9hZGluZyhmYWxzZSk7XG4gICAgICAgIH0pLFxuICAgICAgICB0YWtlVW50aWwodGhpcy5uZ1Vuc3Vic2NyaWJlJClcbiAgICAgIClcbiAgICAgIC5zdWJzY3JpYmUoKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBDYWxsZWQgd2hlbiB0aGUgc2VydmljZSBpcyBkZXN0cm95ZWRcbiAgICovXG4gIG5nT25EZXN0cm95KCk6IHZvaWQge1xuICAgIC8vIGh0dHBzOi8vc3RhY2tvdmVyZmxvdy5jb20vYS80MTE3NzE2M1xuICAgIHRoaXMubmdVbnN1YnNjcmliZSQubmV4dCgpO1xuICAgIHRoaXMubmdVbnN1YnNjcmliZSQuY29tcGxldGUoKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBgYGBqc1xuICAgKiBsb2dpbldpdGhSZWRpcmVjdChvcHRpb25zKTtcbiAgICogYGBgXG4gICAqXG4gICAqIFBlcmZvcm1zIGEgcmVkaXJlY3QgdG8gYC9hdXRob3JpemVgIHVzaW5nIHRoZSBwYXJhbWV0ZXJzXG4gICAqIHByb3ZpZGVkIGFzIGFyZ3VtZW50cy4gUmFuZG9tIGFuZCBzZWN1cmUgYHN0YXRlYCBhbmQgYG5vbmNlYFxuICAgKiBwYXJhbWV0ZXJzIHdpbGwgYmUgYXV0by1nZW5lcmF0ZWQuXG4gICAqXG4gICAqIEBwYXJhbSBvcHRpb25zIFRoZSBsb2dpbiBvcHRpb25zXG4gICAqL1xuICBsb2dpbldpdGhSZWRpcmVjdChvcHRpb25zPzogUmVkaXJlY3RMb2dpbk9wdGlvbnM8VEFwcFN0YXRlPik6IE9ic2VydmFibGU8dm9pZD4ge1xuICAgIHJldHVybiBmcm9tKHRoaXMuYXV0aDBDbGllbnQubG9naW5XaXRoUmVkaXJlY3Qob3B0aW9ucykpO1xuICB9XG5cbiAgLyoqXG4gICAqIGBgYGpzXG4gICAqIGF3YWl0IGxvZ2luV2l0aFBvcHVwKG9wdGlvbnMpO1xuICAgKiBgYGBcbiAgICpcbiAgICogT3BlbnMgYSBwb3B1cCB3aXRoIHRoZSBgL2F1dGhvcml6ZWAgVVJMIHVzaW5nIHRoZSBwYXJhbWV0ZXJzXG4gICAqIHByb3ZpZGVkIGFzIGFyZ3VtZW50cy4gUmFuZG9tIGFuZCBzZWN1cmUgYHN0YXRlYCBhbmQgYG5vbmNlYFxuICAgKiBwYXJhbWV0ZXJzIHdpbGwgYmUgYXV0by1nZW5lcmF0ZWQuIElmIHRoZSByZXNwb25zZSBpcyBzdWNjZXNzZnVsLFxuICAgKiByZXN1bHRzIHdpbGwgYmUgdmFsaWQgYWNjb3JkaW5nIHRvIHRoZWlyIGV4cGlyYXRpb24gdGltZXMuXG4gICAqXG4gICAqIElNUE9SVEFOVDogVGhpcyBtZXRob2QgaGFzIHRvIGJlIGNhbGxlZCBmcm9tIGFuIGV2ZW50IGhhbmRsZXJcbiAgICogdGhhdCB3YXMgc3RhcnRlZCBieSB0aGUgdXNlciBsaWtlIGEgYnV0dG9uIGNsaWNrLCBmb3IgZXhhbXBsZSxcbiAgICogb3RoZXJ3aXNlIHRoZSBwb3B1cCB3aWxsIGJlIGJsb2NrZWQgaW4gbW9zdCBicm93c2Vycy5cbiAgICpcbiAgICogQHBhcmFtIG9wdGlvbnMgVGhlIGxvZ2luIG9wdGlvbnNcbiAgICogQHBhcmFtIGNvbmZpZyBDb25maWd1cmF0aW9uIGZvciB0aGUgcG9wdXAgd2luZG93XG4gICAqL1xuICBsb2dpbldpdGhQb3B1cChcbiAgICBvcHRpb25zPzogUG9wdXBMb2dpbk9wdGlvbnMsXG4gICAgY29uZmlnPzogUG9wdXBDb25maWdPcHRpb25zXG4gICk6IE9ic2VydmFibGU8dm9pZD4ge1xuICAgIHJldHVybiBmcm9tKFxuICAgICAgdGhpcy5hdXRoMENsaWVudC5sb2dpbldpdGhQb3B1cChvcHRpb25zLCBjb25maWcpLnRoZW4oKCkgPT4ge1xuICAgICAgICB0aGlzLmF1dGhTdGF0ZS5yZWZyZXNoKCk7XG4gICAgICB9KVxuICAgICk7XG4gIH1cblxuICAvKipcbiAgICogYGBganNcbiAgICogbG9nb3V0KCk7XG4gICAqIGBgYFxuICAgKlxuICAgKiBDbGVhcnMgdGhlIGFwcGxpY2F0aW9uIHNlc3Npb24gYW5kIHBlcmZvcm1zIGEgcmVkaXJlY3QgdG8gYC92Mi9sb2dvdXRgLCB1c2luZ1xuICAgKiB0aGUgcGFyYW1ldGVycyBwcm92aWRlZCBhcyBhcmd1bWVudHMsIHRvIGNsZWFyIHRoZSBBdXRoMCBzZXNzaW9uLlxuICAgKiBJZiB0aGUgYGZlZGVyYXRlZGAgb3B0aW9uIGlzIHNwZWNpZmllZCBpdCBhbHNvIGNsZWFycyB0aGUgSWRlbnRpdHkgUHJvdmlkZXIgc2Vzc2lvbi5cbiAgICogSWYgdGhlIGBsb2NhbE9ubHlgIG9wdGlvbiBpcyBzcGVjaWZpZWQsIGl0IG9ubHkgY2xlYXJzIHRoZSBhcHBsaWNhdGlvbiBzZXNzaW9uLlxuICAgKiBJdCBpcyBpbnZhbGlkIHRvIHNldCBib3RoIHRoZSBgZmVkZXJhdGVkYCBhbmQgYGxvY2FsT25seWAgb3B0aW9ucyB0byBgdHJ1ZWAsXG4gICAqIGFuZCBhbiBlcnJvciB3aWxsIGJlIHRocm93biBpZiB5b3UgZG8uXG4gICAqIFtSZWFkIG1vcmUgYWJvdXQgaG93IExvZ291dCB3b3JrcyBhdCBBdXRoMF0oaHR0cHM6Ly9hdXRoMC5jb20vZG9jcy9sb2dvdXQpLlxuICAgKlxuICAgKiBAcGFyYW0gb3B0aW9ucyBUaGUgbG9nb3V0IG9wdGlvbnNcbiAgICovXG4gIGxvZ291dChvcHRpb25zPzogTG9nb3V0T3B0aW9ucyk6IHZvaWQge1xuICAgIGNvbnN0IGxvZ291dCA9IHRoaXMuYXV0aDBDbGllbnQubG9nb3V0KG9wdGlvbnMpIHx8IG9mKG51bGwpO1xuXG4gICAgZnJvbShsb2dvdXQpLnN1YnNjcmliZSgoKSA9PiB7XG4gICAgICBpZiAob3B0aW9ucz8ubG9jYWxPbmx5KSB7XG4gICAgICAgIHRoaXMuYXV0aFN0YXRlLnJlZnJlc2goKTtcbiAgICAgIH1cbiAgICB9KTtcbiAgfVxuXG4gIC8qKlxuICAgKiBGZXRjaGVzIGEgbmV3IGFjY2VzcyB0b2tlbiBhbmQgcmV0dXJucyB0aGUgcmVzcG9uc2UgZnJvbSB0aGUgL29hdXRoL3Rva2VuIGVuZHBvaW50LCBvbWl0dGluZyB0aGUgcmVmcmVzaCB0b2tlbi5cbiAgICpcbiAgICogQHBhcmFtIG9wdGlvbnMgVGhlIG9wdGlvbnMgZm9yIGNvbmZpZ3VyaW5nIHRoZSB0b2tlbiBmZXRjaC5cbiAgICovXG4gIGdldEFjY2Vzc1Rva2VuU2lsZW50bHkoXG4gICAgb3B0aW9uczogR2V0VG9rZW5TaWxlbnRseU9wdGlvbnMgJiB7IGRldGFpbGVkUmVzcG9uc2U6IHRydWUgfVxuICApOiBPYnNlcnZhYmxlPEdldFRva2VuU2lsZW50bHlWZXJib3NlUmVzcG9uc2U+O1xuXG4gIC8qKlxuICAgKiBGZXRjaGVzIGEgbmV3IGFjY2VzcyB0b2tlbiBhbmQgcmV0dXJucyBpdC5cbiAgICpcbiAgICogQHBhcmFtIG9wdGlvbnMgVGhlIG9wdGlvbnMgZm9yIGNvbmZpZ3VyaW5nIHRoZSB0b2tlbiBmZXRjaC5cbiAgICovXG4gIGdldEFjY2Vzc1Rva2VuU2lsZW50bHkob3B0aW9ucz86IEdldFRva2VuU2lsZW50bHlPcHRpb25zKTogT2JzZXJ2YWJsZTxzdHJpbmc+O1xuXG4gIC8qKlxuICAgKiBgYGBqc1xuICAgKiBnZXRBY2Nlc3NUb2tlblNpbGVudGx5KG9wdGlvbnMpLnN1YnNjcmliZSh0b2tlbiA9PiAuLi4pXG4gICAqIGBgYFxuICAgKlxuICAgKiBJZiB0aGVyZSdzIGEgdmFsaWQgdG9rZW4gc3RvcmVkLCByZXR1cm4gaXQuIE90aGVyd2lzZSwgb3BlbnMgYW5cbiAgICogaWZyYW1lIHdpdGggdGhlIGAvYXV0aG9yaXplYCBVUkwgdXNpbmcgdGhlIHBhcmFtZXRlcnMgcHJvdmlkZWRcbiAgICogYXMgYXJndW1lbnRzLiBSYW5kb20gYW5kIHNlY3VyZSBgc3RhdGVgIGFuZCBgbm9uY2VgIHBhcmFtZXRlcnNcbiAgICogd2lsbCBiZSBhdXRvLWdlbmVyYXRlZC4gSWYgdGhlIHJlc3BvbnNlIGlzIHN1Y2Nlc3NmdWwsIHJlc3VsdHNcbiAgICogd2lsbCBiZSB2YWxpZCBhY2NvcmRpbmcgdG8gdGhlaXIgZXhwaXJhdGlvbiB0aW1lcy5cbiAgICpcbiAgICogSWYgcmVmcmVzaCB0b2tlbnMgYXJlIHVzZWQsIHRoZSB0b2tlbiBlbmRwb2ludCBpcyBjYWxsZWQgZGlyZWN0bHkgd2l0aCB0aGVcbiAgICogJ3JlZnJlc2hfdG9rZW4nIGdyYW50LiBJZiBubyByZWZyZXNoIHRva2VuIGlzIGF2YWlsYWJsZSB0byBtYWtlIHRoaXMgY2FsbCxcbiAgICogdGhlIFNESyBmYWxscyBiYWNrIHRvIHVzaW5nIGFuIGlmcmFtZSB0byB0aGUgJy9hdXRob3JpemUnIFVSTC5cbiAgICpcbiAgICogVGhpcyBtZXRob2QgbWF5IHVzZSBhIHdlYiB3b3JrZXIgdG8gcGVyZm9ybSB0aGUgdG9rZW4gY2FsbCBpZiB0aGUgaW4tbWVtb3J5XG4gICAqIGNhY2hlIGlzIHVzZWQuXG4gICAqXG4gICAqIElmIGFuIGBhdWRpZW5jZWAgdmFsdWUgaXMgZ2l2ZW4gdG8gdGhpcyBmdW5jdGlvbiwgdGhlIFNESyBhbHdheXMgZmFsbHNcbiAgICogYmFjayB0byB1c2luZyBhbiBpZnJhbWUgdG8gbWFrZSB0aGUgdG9rZW4gZXhjaGFuZ2UuXG4gICAqXG4gICAqIE5vdGUgdGhhdCBpbiBhbGwgY2FzZXMsIGZhbGxpbmcgYmFjayB0byBhbiBpZnJhbWUgcmVxdWlyZXMgYWNjZXNzIHRvXG4gICAqIHRoZSBgYXV0aDBgIGNvb2tpZSwgYW5kIHRodXMgd2lsbCBub3Qgd29yayBpbiBicm93c2VycyB0aGF0IGJsb2NrIHRoaXJkLXBhcnR5XG4gICAqIGNvb2tpZXMgYnkgZGVmYXVsdCAoU2FmYXJpLCBCcmF2ZSwgZXRjKS5cbiAgICpcbiAgICogQHBhcmFtIG9wdGlvbnMgVGhlIG9wdGlvbnMgZm9yIGNvbmZpZ3VyaW5nIHRoZSB0b2tlbiBmZXRjaC5cbiAgICovXG4gIGdldEFjY2Vzc1Rva2VuU2lsZW50bHkoXG4gICAgb3B0aW9uczogR2V0VG9rZW5TaWxlbnRseU9wdGlvbnMgPSB7fVxuICApOiBPYnNlcnZhYmxlPHN0cmluZyB8IEdldFRva2VuU2lsZW50bHlWZXJib3NlUmVzcG9uc2U+IHtcbiAgICByZXR1cm4gb2YodGhpcy5hdXRoMENsaWVudCkucGlwZShcbiAgICAgIGNvbmNhdE1hcCgoY2xpZW50KSA9PlxuICAgICAgICBvcHRpb25zLmRldGFpbGVkUmVzcG9uc2UgPT09IHRydWVcbiAgICAgICAgICA/IGNsaWVudC5nZXRUb2tlblNpbGVudGx5KHsgLi4ub3B0aW9ucywgZGV0YWlsZWRSZXNwb25zZTogdHJ1ZSB9KVxuICAgICAgICAgIDogY2xpZW50LmdldFRva2VuU2lsZW50bHkob3B0aW9ucylcbiAgICAgICksXG4gICAgICB0YXAoKHRva2VuKSA9PlxuICAgICAgICB0aGlzLmF1dGhTdGF0ZS5zZXRBY2Nlc3NUb2tlbihcbiAgICAgICAgICB0eXBlb2YgdG9rZW4gPT09ICdzdHJpbmcnID8gdG9rZW4gOiB0b2tlbi5hY2Nlc3NfdG9rZW5cbiAgICAgICAgKVxuICAgICAgKSxcbiAgICAgIGNhdGNoRXJyb3IoKGVycm9yKSA9PiB7XG4gICAgICAgIHRoaXMuYXV0aFN0YXRlLnNldEVycm9yKGVycm9yKTtcbiAgICAgICAgdGhpcy5hdXRoU3RhdGUucmVmcmVzaCgpO1xuICAgICAgICByZXR1cm4gdGhyb3dFcnJvcihlcnJvcik7XG4gICAgICB9KVxuICAgICk7XG4gIH1cblxuICAvKipcbiAgICogYGBganNcbiAgICogZ2V0VG9rZW5XaXRoUG9wdXAob3B0aW9ucykuc3Vic2NyaWJlKHRva2VuID0+IC4uLilcbiAgICogYGBgXG4gICAqXG4gICAqIEdldCBhbiBhY2Nlc3MgdG9rZW4gaW50ZXJhY3RpdmVseS5cbiAgICpcbiAgICogT3BlbnMgYSBwb3B1cCB3aXRoIHRoZSBgL2F1dGhvcml6ZWAgVVJMIHVzaW5nIHRoZSBwYXJhbWV0ZXJzXG4gICAqIHByb3ZpZGVkIGFzIGFyZ3VtZW50cy4gUmFuZG9tIGFuZCBzZWN1cmUgYHN0YXRlYCBhbmQgYG5vbmNlYFxuICAgKiBwYXJhbWV0ZXJzIHdpbGwgYmUgYXV0by1nZW5lcmF0ZWQuIElmIHRoZSByZXNwb25zZSBpcyBzdWNjZXNzZnVsLFxuICAgKiByZXN1bHRzIHdpbGwgYmUgdmFsaWQgYWNjb3JkaW5nIHRvIHRoZWlyIGV4cGlyYXRpb24gdGltZXMuXG4gICAqL1xuICBnZXRBY2Nlc3NUb2tlbldpdGhQb3B1cChcbiAgICBvcHRpb25zPzogR2V0VG9rZW5XaXRoUG9wdXBPcHRpb25zXG4gICk6IE9ic2VydmFibGU8c3RyaW5nPiB7XG4gICAgcmV0dXJuIG9mKHRoaXMuYXV0aDBDbGllbnQpLnBpcGUoXG4gICAgICBjb25jYXRNYXAoKGNsaWVudCkgPT4gY2xpZW50LmdldFRva2VuV2l0aFBvcHVwKG9wdGlvbnMpKSxcbiAgICAgIHRhcCgodG9rZW4pID0+IHRoaXMuYXV0aFN0YXRlLnNldEFjY2Vzc1Rva2VuKHRva2VuKSksXG4gICAgICBjYXRjaEVycm9yKChlcnJvcikgPT4ge1xuICAgICAgICB0aGlzLmF1dGhTdGF0ZS5zZXRFcnJvcihlcnJvcik7XG4gICAgICAgIHRoaXMuYXV0aFN0YXRlLnJlZnJlc2goKTtcbiAgICAgICAgcmV0dXJuIHRocm93RXJyb3IoZXJyb3IpO1xuICAgICAgfSlcbiAgICApO1xuICB9XG5cbiAgLyoqXG4gICAqIGBgYGpzXG4gICAqIGhhbmRsZVJlZGlyZWN0Q2FsbGJhY2sodXJsKS5zdWJzY3JpYmUocmVzdWx0ID0+IC4uLilcbiAgICogYGBgXG4gICAqXG4gICAqIEFmdGVyIHRoZSBicm93c2VyIHJlZGlyZWN0cyBiYWNrIHRvIHRoZSBjYWxsYmFjayBwYWdlLFxuICAgKiBjYWxsIGBoYW5kbGVSZWRpcmVjdENhbGxiYWNrYCB0byBoYW5kbGUgc3VjY2VzcyBhbmQgZXJyb3JcbiAgICogcmVzcG9uc2VzIGZyb20gQXV0aDAuIElmIHRoZSByZXNwb25zZSBpcyBzdWNjZXNzZnVsLCByZXN1bHRzXG4gICAqIHdpbGwgYmUgdmFsaWQgYWNjb3JkaW5nIHRvIHRoZWlyIGV4cGlyYXRpb24gdGltZXMuXG4gICAqXG4gICAqIENhbGxpbmcgdGhpcyBtZXRob2QgYWxzbyByZWZyZXNoZXMgdGhlIGF1dGhlbnRpY2F0aW9uIGFuZCB1c2VyIHN0YXRlcy5cbiAgICpcbiAgICogQHBhcmFtIHVybCBUaGUgVVJMIHRvIHRoYXQgc2hvdWxkIGJlIHVzZWQgdG8gcmV0cmlldmUgdGhlIGBzdGF0ZWAgYW5kIGBjb2RlYCB2YWx1ZXMuIERlZmF1bHRzIHRvIGB3aW5kb3cubG9jYXRpb24uaHJlZmAgaWYgbm90IGdpdmVuLlxuICAgKi9cbiAgaGFuZGxlUmVkaXJlY3RDYWxsYmFjayh1cmw/OiBzdHJpbmcpOiBPYnNlcnZhYmxlPFJlZGlyZWN0TG9naW5SZXN1bHQ8VEFwcFN0YXRlPj4ge1xuICAgIHJldHVybiBkZWZlcigoKSA9PiB0aGlzLmF1dGgwQ2xpZW50LmhhbmRsZVJlZGlyZWN0Q2FsbGJhY2s8VEFwcFN0YXRlPih1cmwpKS5waXBlKFxuICAgICAgd2l0aExhdGVzdEZyb20odGhpcy5hdXRoU3RhdGUuaXNMb2FkaW5nJCksXG4gICAgICB0YXAoKFtyZXN1bHQsIGlzTG9hZGluZ10pID0+IHtcbiAgICAgICAgaWYgKCFpc0xvYWRpbmcpIHtcbiAgICAgICAgICB0aGlzLmF1dGhTdGF0ZS5yZWZyZXNoKCk7XG4gICAgICAgIH1cbiAgICAgICAgY29uc3QgYXBwU3RhdGUgPSByZXN1bHQ/LmFwcFN0YXRlO1xuICAgICAgICBjb25zdCB0YXJnZXQgPSBhcHBTdGF0ZT8udGFyZ2V0ID8/ICcvJztcblxuICAgICAgICBpZiAoYXBwU3RhdGUpIHtcbiAgICAgICAgICB0aGlzLmFwcFN0YXRlU3ViamVjdCQubmV4dChhcHBTdGF0ZSk7XG4gICAgICAgIH1cblxuICAgICAgICB0aGlzLm5hdmlnYXRvci5uYXZpZ2F0ZUJ5VXJsKHRhcmdldCk7XG4gICAgICB9KSxcbiAgICAgIG1hcCgoW3Jlc3VsdF0pID0+IHJlc3VsdClcbiAgICApO1xuICB9XG5cbiAgLyoqXG4gICAqIGBgYGpzXG4gICAqIGJ1aWxkQXV0aG9yaXplVXJsKCkuc3Vic2NyaWJlKHVybCA9PiAuLi4pXG4gICAqIGBgYFxuICAgKlxuICAgKiBCdWlsZHMgYW4gYC9hdXRob3JpemVgIFVSTCBmb3IgbG9naW5XaXRoUmVkaXJlY3QgdXNpbmcgdGhlIHBhcmFtZXRlcnNcbiAgICogcHJvdmlkZWQgYXMgYXJndW1lbnRzLiBSYW5kb20gYW5kIHNlY3VyZSBgc3RhdGVgIGFuZCBgbm9uY2VgXG4gICAqIHBhcmFtZXRlcnMgd2lsbCBiZSBhdXRvLWdlbmVyYXRlZC5cbiAgICogQHBhcmFtIG9wdGlvbnMgVGhlIG9wdGlvbnNcbiAgICogQHJldHVybnMgQSBVUkwgdG8gdGhlIGF1dGhvcml6ZSBlbmRwb2ludFxuICAgKi9cbiAgYnVpbGRBdXRob3JpemVVcmwob3B0aW9ucz86IFJlZGlyZWN0TG9naW5PcHRpb25zKTogT2JzZXJ2YWJsZTxzdHJpbmc+IHtcbiAgICByZXR1cm4gZGVmZXIoKCkgPT4gdGhpcy5hdXRoMENsaWVudC5idWlsZEF1dGhvcml6ZVVybChvcHRpb25zKSk7XG4gIH1cblxuICAvKipcbiAgICogYGBganNcbiAgICogYnVpbGRMb2dvdXRVcmwoKS5zdWJzY3JpYmUodXJsID0+IC4uLilcbiAgICogYGBgXG4gICAqIEJ1aWxkcyBhIFVSTCB0byB0aGUgbG9nb3V0IGVuZHBvaW50LlxuICAgKlxuICAgKiBAcGFyYW0gb3B0aW9ucyBUaGUgb3B0aW9ucyB1c2VkIHRvIGNvbmZpZ3VyZSB0aGUgcGFyYW1ldGVycyB0aGF0IGFwcGVhciBpbiB0aGUgbG9nb3V0IGVuZHBvaW50IFVSTC5cbiAgICogQHJldHVybnMgYSBVUkwgdG8gdGhlIGxvZ291dCBlbmRwb2ludCB1c2luZyB0aGUgcGFyYW1ldGVycyBwcm92aWRlZCBhcyBhcmd1bWVudHMuXG4gICAqL1xuICBidWlsZExvZ291dFVybChvcHRpb25zPzogTG9nb3V0VXJsT3B0aW9ucyk6IE9ic2VydmFibGU8c3RyaW5nPiB7XG4gICAgcmV0dXJuIG9mKHRoaXMuYXV0aDBDbGllbnQuYnVpbGRMb2dvdXRVcmwob3B0aW9ucykpO1xuICB9XG5cbiAgcHJpdmF0ZSBzaG91bGRIYW5kbGVDYWxsYmFjaygpOiBPYnNlcnZhYmxlPGJvb2xlYW4+IHtcbiAgICByZXR1cm4gb2YobG9jYXRpb24uc2VhcmNoKS5waXBlKFxuICAgICAgbWFwKChzZWFyY2gpID0+IHtcbiAgICAgICAgcmV0dXJuIChcbiAgICAgICAgICAoc2VhcmNoLmluY2x1ZGVzKCdjb2RlPScpIHx8IHNlYXJjaC5pbmNsdWRlcygnZXJyb3I9JykpICYmXG4gICAgICAgICAgc2VhcmNoLmluY2x1ZGVzKCdzdGF0ZT0nKSAmJlxuICAgICAgICAgICF0aGlzLmNvbmZpZ0ZhY3RvcnkuZ2V0KCkuc2tpcFJlZGlyZWN0Q2FsbGJhY2tcbiAgICAgICAgKTtcbiAgICAgIH0pXG4gICAgKTtcbiAgfVxufVxuIl19
299
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXV0aC5zZXJ2aWNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vcHJvamVjdHMvYXV0aDAtYW5ndWxhci9zcmMvbGliL2F1dGguc2VydmljZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsVUFBVSxFQUFFLE1BQU0sRUFBYSxNQUFNLGVBQWUsQ0FBQztBQUU5RCxPQUFPLEVBQ0wsV0FBVyxHQWNaLE1BQU0scUJBQXFCLENBQUM7QUFFN0IsT0FBTyxFQUNMLEVBQUUsRUFDRixJQUFJLEVBQ0osT0FBTyxFQUVQLEdBQUcsRUFDSCxLQUFLLEVBQ0wsYUFBYSxFQUNiLFVBQVUsR0FDWCxNQUFNLE1BQU0sQ0FBQztBQUVkLE9BQU8sRUFDTCxTQUFTLEVBQ1QsR0FBRyxFQUNILEdBQUcsRUFDSCxTQUFTLEVBQ1QsVUFBVSxFQUNWLFNBQVMsRUFDVCxjQUFjLEdBQ2YsTUFBTSxnQkFBZ0IsQ0FBQztBQUV4QixPQUFPLEVBQUUsa0JBQWtCLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDbkQsT0FBTyxFQUFFLGlCQUFpQixFQUFFLE1BQU0sc0JBQXNCLENBQUM7QUFDekQsT0FBTyxFQUFFLGdCQUFnQixFQUFZLE1BQU0sZUFBZSxDQUFDO0FBQzNELE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxjQUFjLENBQUM7Ozs7OztBQUt6QyxNQUFNLE9BQU8sV0FBVztJQXNDdEIsWUFDc0MsV0FBd0IsRUFDcEQsYUFBK0IsRUFDL0IsU0FBNEIsRUFDNUIsU0FBb0I7UUFIUSxnQkFBVyxHQUFYLFdBQVcsQ0FBYTtRQUNwRCxrQkFBYSxHQUFiLGFBQWEsQ0FBa0I7UUFDL0IsY0FBUyxHQUFULFNBQVMsQ0FBbUI7UUFDNUIsY0FBUyxHQUFULFNBQVMsQ0FBVztRQXhDdEIscUJBQWdCLEdBQUcsSUFBSSxhQUFhLENBQVksQ0FBQyxDQUFDLENBQUM7UUFFM0QsdUNBQXVDO1FBQy9CLG1CQUFjLEdBQUcsSUFBSSxPQUFPLEVBQVEsQ0FBQztRQUM3Qzs7V0FFRztRQUNNLGVBQVUsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLFVBQVUsQ0FBQztRQUVoRDs7O1dBR0c7UUFDTSxxQkFBZ0IsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLGdCQUFnQixDQUFDO1FBRTVEOztXQUVHO1FBQ00sVUFBSyxHQUFHLElBQUksQ0FBQyxTQUFTLENBQUMsS0FBSyxDQUFDO1FBRXRDOztXQUVHO1FBQ00sbUJBQWMsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLGNBQWMsQ0FBQztRQUV4RDs7V0FFRztRQUNNLFdBQU0sR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLE1BQU0sQ0FBQztRQUV4Qzs7O1dBR0c7UUFDTSxjQUFTLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFlBQVksRUFBRSxDQUFDO1FBUXhELE1BQU0sdUJBQXVCLEdBQUcsQ0FBQyxVQUFtQixFQUFFLEVBQUUsQ0FDdEQsR0FBRyxDQUNELEdBQUcsRUFBRSxDQUFDLFVBQVUsRUFDaEIsSUFBSSxDQUFDLHNCQUFzQixFQUFFLEVBQzdCLEtBQUssQ0FBQyxHQUFHLEVBQUUsQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLFlBQVksRUFBRSxDQUFDLENBQzdDLENBQUM7UUFFSixJQUFJLENBQUMsb0JBQW9CLEVBQUU7YUFDeEIsSUFBSSxDQUNILFNBQVMsQ0FBQyxDQUFDLFVBQVUsRUFBRSxFQUFFLENBQ3ZCLHVCQUF1QixDQUFDLFVBQVUsQ0FBQyxDQUFDLElBQUksQ0FDdEMsVUFBVSxDQUFDLENBQUMsS0FBSyxFQUFFLEVBQUU7WUFDbkIsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQyxHQUFHLEVBQUUsQ0FBQztZQUN4QyxJQUFJLENBQUMsU0FBUyxDQUFDLGFBQWEsQ0FBQyxNQUFNLENBQUMsU0FBUyxJQUFJLEdBQUcsQ0FBQyxDQUFDO1lBQ3RELElBQUksQ0FBQyxTQUFTLENBQUMsUUFBUSxDQUFDLEtBQUssQ0FBQyxDQUFDO1lBQy9CLE9BQU8sRUFBRSxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBQ3ZCLENBQUMsQ0FBQyxDQUNILENBQ0YsRUFDRCxHQUFHLENBQUMsR0FBRyxFQUFFO1lBQ1AsSUFBSSxDQUFDLFNBQVMsQ0FBQyxZQUFZLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDckMsQ0FBQyxDQUFDLEVBQ0YsU0FBUyxDQUFDLElBQUksQ0FBQyxjQUFjLENBQUMsQ0FDL0I7YUFDQSxTQUFTLEVBQUUsQ0FBQztJQUNqQixDQUFDO0lBRUQ7O09BRUc7SUFDSCxXQUFXO1FBQ1QsdUNBQXVDO1FBQ3ZDLElBQUksQ0FBQyxjQUFjLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDM0IsSUFBSSxDQUFDLGNBQWMsQ0FBQyxRQUFRLEVBQUUsQ0FBQztJQUNqQyxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNILGlCQUFpQixDQUNmLE9BQXlDO1FBRXpDLE9BQU8sSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUMzRCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7T0FnQkc7SUFDSCxjQUFjLENBQ1osT0FBMkIsRUFDM0IsTUFBMkI7UUFFM0IsT0FBTyxJQUFJLENBQ1QsSUFBSSxDQUFDLFdBQVcsQ0FBQyxjQUFjLENBQUMsT0FBTyxFQUFFLE1BQU0sQ0FBQyxDQUFDLElBQUksQ0FBQyxHQUFHLEVBQUU7WUFDekQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUMzQixDQUFDLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7OztPQWNHO0lBQ0gsTUFBTSxDQUFDLE9BQXVCO1FBQzVCLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxJQUFJLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUU1RCxJQUFJLENBQUMsTUFBTSxDQUFDLENBQUMsU0FBUyxDQUFDLEdBQUcsRUFBRTtZQUMxQixJQUFJLE9BQU8sYUFBUCxPQUFPLHVCQUFQLE9BQU8sQ0FBRSxTQUFTLEVBQUU7Z0JBQ3RCLElBQUksQ0FBQyxTQUFTLENBQUMsT0FBTyxFQUFFLENBQUM7YUFDMUI7UUFDSCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFrQkQ7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7O09BMEJHO0lBQ0gsc0JBQXNCLENBQ3BCLFVBQW1DLEVBQUU7UUFFckMsT0FBTyxFQUFFLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDLElBQUksQ0FDOUIsU0FBUyxDQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FDbkIsT0FBTyxDQUFDLGdCQUFnQixLQUFLLElBQUk7WUFDL0IsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxnQkFBZ0IsaUNBQU0sT0FBTyxLQUFFLGdCQUFnQixFQUFFLElBQUksSUFBRztZQUNqRSxDQUFDLENBQUMsTUFBTSxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxDQUNyQyxFQUNELEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQ1osSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQzNCLE9BQU8sS0FBSyxLQUFLLFFBQVEsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUN2RCxDQUNGLEVBQ0QsVUFBVSxDQUFDLENBQUMsS0FBSyxFQUFFLEVBQUU7WUFDbkIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDL0IsSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUN6QixPQUFPLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUMzQixDQUFDLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQztJQUVEOzs7Ozs7Ozs7OztPQVdHO0lBQ0gsdUJBQXVCLENBQ3JCLE9BQWtDO1FBRWxDLE9BQU8sRUFBRSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQyxJQUFJLENBQzlCLFNBQVMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLGlCQUFpQixDQUFDLE9BQU8sQ0FBQyxDQUFDLEVBQ3hELEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxjQUFjLENBQUMsS0FBSyxDQUFDLENBQUMsRUFDcEQsVUFBVSxDQUFDLENBQUMsS0FBSyxFQUFFLEVBQUU7WUFDbkIsSUFBSSxDQUFDLFNBQVMsQ0FBQyxRQUFRLENBQUMsS0FBSyxDQUFDLENBQUM7WUFDL0IsSUFBSSxDQUFDLFNBQVMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUN6QixPQUFPLFVBQVUsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUMzQixDQUFDLENBQUMsQ0FDSCxDQUFDO0lBQ0osQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7Ozs7Ozs7T0FrQkc7SUFDSCxPQUFPLENBQ0wsT0FBd0I7UUFFeEIsT0FBTyxLQUFLLENBQUMsR0FBRyxFQUFFLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxPQUFPLENBQVEsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUMvRCxDQUFDO0lBRUQ7Ozs7Ozs7Ozs7Ozs7Ozs7T0FnQkc7SUFDSCxnQkFBZ0IsQ0FDZCxPQUFpQztRQUVqQyxPQUFPLEtBQUssQ0FBQyxHQUFHLEVBQUUsQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLGdCQUFnQixDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUM7SUFDakUsQ0FBQztJQUVEOzs7Ozs7Ozs7Ozs7O09BYUc7SUFDSCxzQkFBc0IsQ0FDcEIsR0FBWTtRQUVaLE9BQU8sS0FBSyxDQUFDLEdBQUcsRUFBRSxDQUNoQixJQUFJLENBQUMsV0FBVyxDQUFDLHNCQUFzQixDQUFZLEdBQUcsQ0FBQyxDQUN4RCxDQUFDLElBQUksQ0FDSixjQUFjLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxVQUFVLENBQUMsRUFDekMsR0FBRyxDQUFDLENBQUMsQ0FBQyxNQUFNLEVBQUUsU0FBUyxDQUFDLEVBQUUsRUFBRTs7WUFDMUIsSUFBSSxDQUFDLFNBQVMsRUFBRTtnQkFDZCxJQUFJLENBQUMsU0FBUyxDQUFDLE9BQU8sRUFBRSxDQUFDO2FBQzFCO1lBQ0QsTUFBTSxRQUFRLEdBQUcsTUFBTSxhQUFOLE1BQU0sdUJBQU4sTUFBTSxDQUFFLFFBQVEsQ0FBQztZQUNsQyxNQUFNLE1BQU0sR0FBRyxNQUFBLFFBQVEsYUFBUixRQUFRLHVCQUFSLFFBQVEsQ0FBRSxNQUFNLG1DQUFJLEdBQUcsQ0FBQztZQUV2QyxJQUFJLFFBQVEsRUFBRTtnQkFDWixJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2FBQ3RDO1lBRUQsSUFBSSxDQUFDLFNBQVMsQ0FBQyxhQUFhLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDdkMsQ0FBQyxDQUFDLEVBQ0YsR0FBRyxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsRUFBRSxFQUFFLENBQUMsTUFBTSxDQUFDLENBQzFCLENBQUM7SUFDSixDQUFDO0lBRUQ7Ozs7Ozs7Ozs7T0FVRztJQUNILGlCQUFpQixDQUFDLE9BQThCO1FBQzlDLE9BQU8sS0FBSyxDQUFDLEdBQUcsRUFBRSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsaUJBQWlCLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUNsRSxDQUFDO0lBRUQ7Ozs7Ozs7O09BUUc7SUFDSCxjQUFjLENBQUMsT0FBMEI7UUFDdkMsT0FBTyxFQUFFLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxjQUFjLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUN0RCxDQUFDO0lBRU8sb0JBQW9CO1FBQzFCLE9BQU8sRUFBRSxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsQ0FBQyxJQUFJLENBQzdCLEdBQUcsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFO1lBQ2IsT0FBTyxDQUNMLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxNQUFNLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxDQUFDO2dCQUN2RCxNQUFNLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQztnQkFDekIsQ0FBQyxJQUFJLENBQUMsYUFBYSxDQUFDLEdBQUcsRUFBRSxDQUFDLG9CQUFvQixDQUMvQyxDQUFDO1FBQ0osQ0FBQyxDQUFDLENBQ0gsQ0FBQztJQUNKLENBQUM7Ozs7WUFoWEYsVUFBVSxTQUFDO2dCQUNWLFVBQVUsRUFBRSxNQUFNO2FBQ25COzs7WUE1Q0MsV0FBVyx1QkFvRlIsTUFBTSxTQUFDLGtCQUFrQjtZQTdDckIsZ0JBQWdCO1lBRGhCLGlCQUFpQjtZQUVqQixTQUFTIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSW5qZWN0YWJsZSwgSW5qZWN0LCBPbkRlc3Ryb3kgfSBmcm9tICdAYW5ndWxhci9jb3JlJztcblxuaW1wb3J0IHtcbiAgQXV0aDBDbGllbnQsXG4gIFJlZGlyZWN0TG9naW5PcHRpb25zLFxuICBQb3B1cExvZ2luT3B0aW9ucyxcbiAgUG9wdXBDb25maWdPcHRpb25zLFxuICBMb2dvdXRPcHRpb25zLFxuICBHZXRUb2tlblNpbGVudGx5T3B0aW9ucyxcbiAgR2V0VG9rZW5XaXRoUG9wdXBPcHRpb25zLFxuICBSZWRpcmVjdExvZ2luUmVzdWx0LFxuICBMb2dvdXRVcmxPcHRpb25zLFxuICBHZXRUb2tlblNpbGVudGx5VmVyYm9zZVJlc3BvbnNlLFxuICBHZXRVc2VyT3B0aW9ucyxcbiAgVXNlcixcbiAgR2V0SWRUb2tlbkNsYWltc09wdGlvbnMsXG4gIElkVG9rZW4sXG59IGZyb20gJ0BhdXRoMC9hdXRoMC1zcGEtanMnO1xuXG5pbXBvcnQge1xuICBvZixcbiAgZnJvbSxcbiAgU3ViamVjdCxcbiAgT2JzZXJ2YWJsZSxcbiAgaWlmLFxuICBkZWZlcixcbiAgUmVwbGF5U3ViamVjdCxcbiAgdGhyb3dFcnJvcixcbn0gZnJvbSAncnhqcyc7XG5cbmltcG9ydCB7XG4gIGNvbmNhdE1hcCxcbiAgdGFwLFxuICBtYXAsXG4gIHRha2VVbnRpbCxcbiAgY2F0Y2hFcnJvcixcbiAgc3dpdGNoTWFwLFxuICB3aXRoTGF0ZXN0RnJvbSxcbn0gZnJvbSAncnhqcy9vcGVyYXRvcnMnO1xuXG5pbXBvcnQgeyBBdXRoMENsaWVudFNlcnZpY2UgfSBmcm9tICcuL2F1dGguY2xpZW50JztcbmltcG9ydCB7IEFic3RyYWN0TmF2aWdhdG9yIH0gZnJvbSAnLi9hYnN0cmFjdC1uYXZpZ2F0b3InO1xuaW1wb3J0IHsgQXV0aENsaWVudENvbmZpZywgQXBwU3RhdGUgfSBmcm9tICcuL2F1dGguY29uZmlnJztcbmltcG9ydCB7IEF1dGhTdGF0ZSB9IGZyb20gJy4vYXV0aC5zdGF0ZSc7XG5cbkBJbmplY3RhYmxlKHtcbiAgcHJvdmlkZWRJbjogJ3Jvb3QnLFxufSlcbmV4cG9ydCBjbGFzcyBBdXRoU2VydmljZTxUQXBwU3RhdGUgZXh0ZW5kcyBBcHBTdGF0ZSA9IEFwcFN0YXRlPlxuICBpbXBsZW1lbnRzIE9uRGVzdHJveSB7XG4gIHByaXZhdGUgYXBwU3RhdGVTdWJqZWN0JCA9IG5ldyBSZXBsYXlTdWJqZWN0PFRBcHBTdGF0ZT4oMSk7XG5cbiAgLy8gaHR0cHM6Ly9zdGFja292ZXJmbG93LmNvbS9hLzQxMTc3MTYzXG4gIHByaXZhdGUgbmdVbnN1YnNjcmliZSQgPSBuZXcgU3ViamVjdDx2b2lkPigpO1xuICAvKipcbiAgICogRW1pdHMgYm9vbGVhbiB2YWx1ZXMgaW5kaWNhdGluZyB0aGUgbG9hZGluZyBzdGF0ZSBvZiB0aGUgU0RLLlxuICAgKi9cbiAgcmVhZG9ubHkgaXNMb2FkaW5nJCA9IHRoaXMuYXV0aFN0YXRlLmlzTG9hZGluZyQ7XG5cbiAgLyoqXG4gICAqIEVtaXRzIGJvb2xlYW4gdmFsdWVzIGluZGljYXRpbmcgdGhlIGF1dGhlbnRpY2F0aW9uIHN0YXRlIG9mIHRoZSB1c2VyLiBJZiBgdHJ1ZWAsIGl0IG1lYW5zIGEgdXNlciBoYXMgYXV0aGVudGljYXRlZC5cbiAgICogVGhpcyBkZXBlbmRzIG9uIHRoZSB2YWx1ZSBvZiBgaXNMb2FkaW5nJGAsIHNvIHRoZXJlIGlzIG5vIG5lZWQgdG8gbWFudWFsbHkgY2hlY2sgdGhlIGxvYWRpbmcgc3RhdGUgb2YgdGhlIFNESy5cbiAgICovXG4gIHJlYWRvbmx5IGlzQXV0aGVudGljYXRlZCQgPSB0aGlzLmF1dGhTdGF0ZS5pc0F1dGhlbnRpY2F0ZWQkO1xuXG4gIC8qKlxuICAgKiBFbWl0cyBkZXRhaWxzIGFib3V0IHRoZSBhdXRoZW50aWNhdGVkIHVzZXIsIG9yIG51bGwgaWYgbm90IGF1dGhlbnRpY2F0ZWQuXG4gICAqL1xuICByZWFkb25seSB1c2VyJCA9IHRoaXMuYXV0aFN0YXRlLnVzZXIkO1xuXG4gIC8qKlxuICAgKiBFbWl0cyBJRCB0b2tlbiBjbGFpbXMgd2hlbiBhdXRoZW50aWNhdGVkLCBvciBudWxsIGlmIG5vdCBhdXRoZW50aWNhdGVkLlxuICAgKi9cbiAgcmVhZG9ubHkgaWRUb2tlbkNsYWltcyQgPSB0aGlzLmF1dGhTdGF0ZS5pZFRva2VuQ2xhaW1zJDtcblxuICAvKipcbiAgICogRW1pdHMgZXJyb3JzIHRoYXQgb2NjdXIgZHVyaW5nIGxvZ2luLCBvciB3aGVuIGNoZWNraW5nIGZvciBhbiBhY3RpdmUgc2Vzc2lvbiBvbiBzdGFydHVwLlxuICAgKi9cbiAgcmVhZG9ubHkgZXJyb3IkID0gdGhpcy5hdXRoU3RhdGUuZXJyb3IkO1xuXG4gIC8qKlxuICAgKiBFbWl0cyB0aGUgdmFsdWUgKGlmIGFueSkgdGhhdCB3YXMgcGFzc2VkIHRvIHRoZSBgbG9naW5XaXRoUmVkaXJlY3RgIG1ldGhvZCBjYWxsXG4gICAqIGJ1dCBvbmx5ICoqYWZ0ZXIqKiBgaGFuZGxlUmVkaXJlY3RDYWxsYmFja2AgaXMgZmlyc3QgY2FsbGVkXG4gICAqL1xuICByZWFkb25seSBhcHBTdGF0ZSQgPSB0aGlzLmFwcFN0YXRlU3ViamVjdCQuYXNPYnNlcnZhYmxlKCk7XG5cbiAgY29uc3RydWN0b3IoXG4gICAgQEluamVjdChBdXRoMENsaWVudFNlcnZpY2UpIHByaXZhdGUgYXV0aDBDbGllbnQ6IEF1dGgwQ2xpZW50LFxuICAgIHByaXZhdGUgY29uZmlnRmFjdG9yeTogQXV0aENsaWVudENvbmZpZyxcbiAgICBwcml2YXRlIG5hdmlnYXRvcjogQWJzdHJhY3ROYXZpZ2F0b3IsXG4gICAgcHJpdmF0ZSBhdXRoU3RhdGU6IEF1dGhTdGF0ZVxuICApIHtcbiAgICBjb25zdCBjaGVja1Nlc3Npb25PckNhbGxiYWNrJCA9IChpc0NhbGxiYWNrOiBib29sZWFuKSA9PlxuICAgICAgaWlmKFxuICAgICAgICAoKSA9PiBpc0NhbGxiYWNrLFxuICAgICAgICB0aGlzLmhhbmRsZVJlZGlyZWN0Q2FsbGJhY2soKSxcbiAgICAgICAgZGVmZXIoKCkgPT4gdGhpcy5hdXRoMENsaWVudC5jaGVja1Nlc3Npb24oKSlcbiAgICAgICk7XG5cbiAgICB0aGlzLnNob3VsZEhhbmRsZUNhbGxiYWNrKClcbiAgICAgIC5waXBlKFxuICAgICAgICBzd2l0Y2hNYXAoKGlzQ2FsbGJhY2spID0+XG4gICAgICAgICAgY2hlY2tTZXNzaW9uT3JDYWxsYmFjayQoaXNDYWxsYmFjaykucGlwZShcbiAgICAgICAgICAgIGNhdGNoRXJyb3IoKGVycm9yKSA9PiB7XG4gICAgICAgICAgICAgIGNvbnN0IGNvbmZpZyA9IHRoaXMuY29uZmlnRmFjdG9yeS5nZXQoKTtcbiAgICAgICAgICAgICAgdGhpcy5uYXZpZ2F0b3IubmF2aWdhdGVCeVVybChjb25maWcuZXJyb3JQYXRoIHx8ICcvJyk7XG4gICAgICAgICAgICAgIHRoaXMuYXV0aFN0YXRlLnNldEVycm9yKGVycm9yKTtcbiAgICAgICAgICAgICAgcmV0dXJuIG9mKHVuZGVmaW5lZCk7XG4gICAgICAgICAgICB9KVxuICAgICAgICAgIClcbiAgICAgICAgKSxcbiAgICAgICAgdGFwKCgpID0+IHtcbiAgICAgICAgICB0aGlzLmF1dGhTdGF0ZS5zZXRJc0xvYWRpbmcoZmFsc2UpO1xuICAgICAgICB9KSxcbiAgICAgICAgdGFrZVVudGlsKHRoaXMubmdVbnN1YnNjcmliZSQpXG4gICAgICApXG4gICAgICAuc3Vic2NyaWJlKCk7XG4gIH1cblxuICAvKipcbiAgICogQ2FsbGVkIHdoZW4gdGhlIHNlcnZpY2UgaXMgZGVzdHJveWVkXG4gICAqL1xuICBuZ09uRGVzdHJveSgpOiB2b2lkIHtcbiAgICAvLyBodHRwczovL3N0YWNrb3ZlcmZsb3cuY29tL2EvNDExNzcxNjNcbiAgICB0aGlzLm5nVW5zdWJzY3JpYmUkLm5leHQoKTtcbiAgICB0aGlzLm5nVW5zdWJzY3JpYmUkLmNvbXBsZXRlKCk7XG4gIH1cblxuICAvKipcbiAgICogYGBganNcbiAgICogbG9naW5XaXRoUmVkaXJlY3Qob3B0aW9ucyk7XG4gICAqIGBgYFxuICAgKlxuICAgKiBQZXJmb3JtcyBhIHJlZGlyZWN0IHRvIGAvYXV0aG9yaXplYCB1c2luZyB0aGUgcGFyYW1ldGVyc1xuICAgKiBwcm92aWRlZCBhcyBhcmd1bWVudHMuIFJhbmRvbSBhbmQgc2VjdXJlIGBzdGF0ZWAgYW5kIGBub25jZWBcbiAgICogcGFyYW1ldGVycyB3aWxsIGJlIGF1dG8tZ2VuZXJhdGVkLlxuICAgKlxuICAgKiBAcGFyYW0gb3B0aW9ucyBUaGUgbG9naW4gb3B0aW9uc1xuICAgKi9cbiAgbG9naW5XaXRoUmVkaXJlY3QoXG4gICAgb3B0aW9ucz86IFJlZGlyZWN0TG9naW5PcHRpb25zPFRBcHBTdGF0ZT5cbiAgKTogT2JzZXJ2YWJsZTx2b2lkPiB7XG4gICAgcmV0dXJuIGZyb20odGhpcy5hdXRoMENsaWVudC5sb2dpbldpdGhSZWRpcmVjdChvcHRpb25zKSk7XG4gIH1cblxuICAvKipcbiAgICogYGBganNcbiAgICogYXdhaXQgbG9naW5XaXRoUG9wdXAob3B0aW9ucyk7XG4gICAqIGBgYFxuICAgKlxuICAgKiBPcGVucyBhIHBvcHVwIHdpdGggdGhlIGAvYXV0aG9yaXplYCBVUkwgdXNpbmcgdGhlIHBhcmFtZXRlcnNcbiAgICogcHJvdmlkZWQgYXMgYXJndW1lbnRzLiBSYW5kb20gYW5kIHNlY3VyZSBgc3RhdGVgIGFuZCBgbm9uY2VgXG4gICAqIHBhcmFtZXRlcnMgd2lsbCBiZSBhdXRvLWdlbmVyYXRlZC4gSWYgdGhlIHJlc3BvbnNlIGlzIHN1Y2Nlc3NmdWwsXG4gICAqIHJlc3VsdHMgd2lsbCBiZSB2YWxpZCBhY2NvcmRpbmcgdG8gdGhlaXIgZXhwaXJhdGlvbiB0aW1lcy5cbiAgICpcbiAgICogSU1QT1JUQU5UOiBUaGlzIG1ldGhvZCBoYXMgdG8gYmUgY2FsbGVkIGZyb20gYW4gZXZlbnQgaGFuZGxlclxuICAgKiB0aGF0IHdhcyBzdGFydGVkIGJ5IHRoZSB1c2VyIGxpa2UgYSBidXR0b24gY2xpY2ssIGZvciBleGFtcGxlLFxuICAgKiBvdGhlcndpc2UgdGhlIHBvcHVwIHdpbGwgYmUgYmxvY2tlZCBpbiBtb3N0IGJyb3dzZXJzLlxuICAgKlxuICAgKiBAcGFyYW0gb3B0aW9ucyBUaGUgbG9naW4gb3B0aW9uc1xuICAgKiBAcGFyYW0gY29uZmlnIENvbmZpZ3VyYXRpb24gZm9yIHRoZSBwb3B1cCB3aW5kb3dcbiAgICovXG4gIGxvZ2luV2l0aFBvcHVwKFxuICAgIG9wdGlvbnM/OiBQb3B1cExvZ2luT3B0aW9ucyxcbiAgICBjb25maWc/OiBQb3B1cENvbmZpZ09wdGlvbnNcbiAgKTogT2JzZXJ2YWJsZTx2b2lkPiB7XG4gICAgcmV0dXJuIGZyb20oXG4gICAgICB0aGlzLmF1dGgwQ2xpZW50LmxvZ2luV2l0aFBvcHVwKG9wdGlvbnMsIGNvbmZpZykudGhlbigoKSA9PiB7XG4gICAgICAgIHRoaXMuYXV0aFN0YXRlLnJlZnJlc2goKTtcbiAgICAgIH0pXG4gICAgKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBgYGBqc1xuICAgKiBsb2dvdXQoKTtcbiAgICogYGBgXG4gICAqXG4gICAqIENsZWFycyB0aGUgYXBwbGljYXRpb24gc2Vzc2lvbiBhbmQgcGVyZm9ybXMgYSByZWRpcmVjdCB0byBgL3YyL2xvZ291dGAsIHVzaW5nXG4gICAqIHRoZSBwYXJhbWV0ZXJzIHByb3ZpZGVkIGFzIGFyZ3VtZW50cywgdG8gY2xlYXIgdGhlIEF1dGgwIHNlc3Npb24uXG4gICAqIElmIHRoZSBgZmVkZXJhdGVkYCBvcHRpb24gaXMgc3BlY2lmaWVkIGl0IGFsc28gY2xlYXJzIHRoZSBJZGVudGl0eSBQcm92aWRlciBzZXNzaW9uLlxuICAgKiBJZiB0aGUgYGxvY2FsT25seWAgb3B0aW9uIGlzIHNwZWNpZmllZCwgaXQgb25seSBjbGVhcnMgdGhlIGFwcGxpY2F0aW9uIHNlc3Npb24uXG4gICAqIEl0IGlzIGludmFsaWQgdG8gc2V0IGJvdGggdGhlIGBmZWRlcmF0ZWRgIGFuZCBgbG9jYWxPbmx5YCBvcHRpb25zIHRvIGB0cnVlYCxcbiAgICogYW5kIGFuIGVycm9yIHdpbGwgYmUgdGhyb3duIGlmIHlvdSBkby5cbiAgICogW1JlYWQgbW9yZSBhYm91dCBob3cgTG9nb3V0IHdvcmtzIGF0IEF1dGgwXShodHRwczovL2F1dGgwLmNvbS9kb2NzL2xvZ291dCkuXG4gICAqXG4gICAqIEBwYXJhbSBvcHRpb25zIFRoZSBsb2dvdXQgb3B0aW9uc1xuICAgKi9cbiAgbG9nb3V0KG9wdGlvbnM/OiBMb2dvdXRPcHRpb25zKTogdm9pZCB7XG4gICAgY29uc3QgbG9nb3V0ID0gdGhpcy5hdXRoMENsaWVudC5sb2dvdXQob3B0aW9ucykgfHwgb2YobnVsbCk7XG5cbiAgICBmcm9tKGxvZ291dCkuc3Vic2NyaWJlKCgpID0+IHtcbiAgICAgIGlmIChvcHRpb25zPy5sb2NhbE9ubHkpIHtcbiAgICAgICAgdGhpcy5hdXRoU3RhdGUucmVmcmVzaCgpO1xuICAgICAgfVxuICAgIH0pO1xuICB9XG5cbiAgLyoqXG4gICAqIEZldGNoZXMgYSBuZXcgYWNjZXNzIHRva2VuIGFuZCByZXR1cm5zIHRoZSByZXNwb25zZSBmcm9tIHRoZSAvb2F1dGgvdG9rZW4gZW5kcG9pbnQsIG9taXR0aW5nIHRoZSByZWZyZXNoIHRva2VuLlxuICAgKlxuICAgKiBAcGFyYW0gb3B0aW9ucyBUaGUgb3B0aW9ucyBmb3IgY29uZmlndXJpbmcgdGhlIHRva2VuIGZldGNoLlxuICAgKi9cbiAgZ2V0QWNjZXNzVG9rZW5TaWxlbnRseShcbiAgICBvcHRpb25zOiBHZXRUb2tlblNpbGVudGx5T3B0aW9ucyAmIHsgZGV0YWlsZWRSZXNwb25zZTogdHJ1ZSB9XG4gICk6IE9ic2VydmFibGU8R2V0VG9rZW5TaWxlbnRseVZlcmJvc2VSZXNwb25zZT47XG5cbiAgLyoqXG4gICAqIEZldGNoZXMgYSBuZXcgYWNjZXNzIHRva2VuIGFuZCByZXR1cm5zIGl0LlxuICAgKlxuICAgKiBAcGFyYW0gb3B0aW9ucyBUaGUgb3B0aW9ucyBmb3IgY29uZmlndXJpbmcgdGhlIHRva2VuIGZldGNoLlxuICAgKi9cbiAgZ2V0QWNjZXNzVG9rZW5TaWxlbnRseShvcHRpb25zPzogR2V0VG9rZW5TaWxlbnRseU9wdGlvbnMpOiBPYnNlcnZhYmxlPHN0cmluZz47XG5cbiAgLyoqXG4gICAqIGBgYGpzXG4gICAqIGdldEFjY2Vzc1Rva2VuU2lsZW50bHkob3B0aW9ucykuc3Vic2NyaWJlKHRva2VuID0+IC4uLilcbiAgICogYGBgXG4gICAqXG4gICAqIElmIHRoZXJlJ3MgYSB2YWxpZCB0b2tlbiBzdG9yZWQsIHJldHVybiBpdC4gT3RoZXJ3aXNlLCBvcGVucyBhblxuICAgKiBpZnJhbWUgd2l0aCB0aGUgYC9hdXRob3JpemVgIFVSTCB1c2luZyB0aGUgcGFyYW1ldGVycyBwcm92aWRlZFxuICAgKiBhcyBhcmd1bWVudHMuIFJhbmRvbSBhbmQgc2VjdXJlIGBzdGF0ZWAgYW5kIGBub25jZWAgcGFyYW1ldGVyc1xuICAgKiB3aWxsIGJlIGF1dG8tZ2VuZXJhdGVkLiBJZiB0aGUgcmVzcG9uc2UgaXMgc3VjY2Vzc2Z1bCwgcmVzdWx0c1xuICAgKiB3aWxsIGJlIHZhbGlkIGFjY29yZGluZyB0byB0aGVpciBleHBpcmF0aW9uIHRpbWVzLlxuICAgKlxuICAgKiBJZiByZWZyZXNoIHRva2VucyBhcmUgdXNlZCwgdGhlIHRva2VuIGVuZHBvaW50IGlzIGNhbGxlZCBkaXJlY3RseSB3aXRoIHRoZVxuICAgKiAncmVmcmVzaF90b2tlbicgZ3JhbnQuIElmIG5vIHJlZnJlc2ggdG9rZW4gaXMgYXZhaWxhYmxlIHRvIG1ha2UgdGhpcyBjYWxsLFxuICAgKiB0aGUgU0RLIGZhbGxzIGJhY2sgdG8gdXNpbmcgYW4gaWZyYW1lIHRvIHRoZSAnL2F1dGhvcml6ZScgVVJMLlxuICAgKlxuICAgKiBUaGlzIG1ldGhvZCBtYXkgdXNlIGEgd2ViIHdvcmtlciB0byBwZXJmb3JtIHRoZSB0b2tlbiBjYWxsIGlmIHRoZSBpbi1tZW1vcnlcbiAgICogY2FjaGUgaXMgdXNlZC5cbiAgICpcbiAgICogSWYgYW4gYGF1ZGllbmNlYCB2YWx1ZSBpcyBnaXZlbiB0byB0aGlzIGZ1bmN0aW9uLCB0aGUgU0RLIGFsd2F5cyBmYWxsc1xuICAgKiBiYWNrIHRvIHVzaW5nIGFuIGlmcmFtZSB0byBtYWtlIHRoZSB0b2tlbiBleGNoYW5nZS5cbiAgICpcbiAgICogTm90ZSB0aGF0IGluIGFsbCBjYXNlcywgZmFsbGluZyBiYWNrIHRvIGFuIGlmcmFtZSByZXF1aXJlcyBhY2Nlc3MgdG9cbiAgICogdGhlIGBhdXRoMGAgY29va2llLCBhbmQgdGh1cyB3aWxsIG5vdCB3b3JrIGluIGJyb3dzZXJzIHRoYXQgYmxvY2sgdGhpcmQtcGFydHlcbiAgICogY29va2llcyBieSBkZWZhdWx0IChTYWZhcmksIEJyYXZlLCBldGMpLlxuICAgKlxuICAgKiBAcGFyYW0gb3B0aW9ucyBUaGUgb3B0aW9ucyBmb3IgY29uZmlndXJpbmcgdGhlIHRva2VuIGZldGNoLlxuICAgKi9cbiAgZ2V0QWNjZXNzVG9rZW5TaWxlbnRseShcbiAgICBvcHRpb25zOiBHZXRUb2tlblNpbGVudGx5T3B0aW9ucyA9IHt9XG4gICk6IE9ic2VydmFibGU8c3RyaW5nIHwgR2V0VG9rZW5TaWxlbnRseVZlcmJvc2VSZXNwb25zZT4ge1xuICAgIHJldHVybiBvZih0aGlzLmF1dGgwQ2xpZW50KS5waXBlKFxuICAgICAgY29uY2F0TWFwKChjbGllbnQpID0+XG4gICAgICAgIG9wdGlvbnMuZGV0YWlsZWRSZXNwb25zZSA9PT0gdHJ1ZVxuICAgICAgICAgID8gY2xpZW50LmdldFRva2VuU2lsZW50bHkoeyAuLi5vcHRpb25zLCBkZXRhaWxlZFJlc3BvbnNlOiB0cnVlIH0pXG4gICAgICAgICAgOiBjbGllbnQuZ2V0VG9rZW5TaWxlbnRseShvcHRpb25zKVxuICAgICAgKSxcbiAgICAgIHRhcCgodG9rZW4pID0+XG4gICAgICAgIHRoaXMuYXV0aFN0YXRlLnNldEFjY2Vzc1Rva2VuKFxuICAgICAgICAgIHR5cGVvZiB0b2tlbiA9PT0gJ3N0cmluZycgPyB0b2tlbiA6IHRva2VuLmFjY2Vzc190b2tlblxuICAgICAgICApXG4gICAgICApLFxuICAgICAgY2F0Y2hFcnJvcigoZXJyb3IpID0+IHtcbiAgICAgICAgdGhpcy5hdXRoU3RhdGUuc2V0RXJyb3IoZXJyb3IpO1xuICAgICAgICB0aGlzLmF1dGhTdGF0ZS5yZWZyZXNoKCk7XG4gICAgICAgIHJldHVybiB0aHJvd0Vycm9yKGVycm9yKTtcbiAgICAgIH0pXG4gICAgKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBgYGBqc1xuICAgKiBnZXRUb2tlbldpdGhQb3B1cChvcHRpb25zKS5zdWJzY3JpYmUodG9rZW4gPT4gLi4uKVxuICAgKiBgYGBcbiAgICpcbiAgICogR2V0IGFuIGFjY2VzcyB0b2tlbiBpbnRlcmFjdGl2ZWx5LlxuICAgKlxuICAgKiBPcGVucyBhIHBvcHVwIHdpdGggdGhlIGAvYXV0aG9yaXplYCBVUkwgdXNpbmcgdGhlIHBhcmFtZXRlcnNcbiAgICogcHJvdmlkZWQgYXMgYXJndW1lbnRzLiBSYW5kb20gYW5kIHNlY3VyZSBgc3RhdGVgIGFuZCBgbm9uY2VgXG4gICAqIHBhcmFtZXRlcnMgd2lsbCBiZSBhdXRvLWdlbmVyYXRlZC4gSWYgdGhlIHJlc3BvbnNlIGlzIHN1Y2Nlc3NmdWwsXG4gICAqIHJlc3VsdHMgd2lsbCBiZSB2YWxpZCBhY2NvcmRpbmcgdG8gdGhlaXIgZXhwaXJhdGlvbiB0aW1lcy5cbiAgICovXG4gIGdldEFjY2Vzc1Rva2VuV2l0aFBvcHVwKFxuICAgIG9wdGlvbnM/OiBHZXRUb2tlbldpdGhQb3B1cE9wdGlvbnNcbiAgKTogT2JzZXJ2YWJsZTxzdHJpbmc+IHtcbiAgICByZXR1cm4gb2YodGhpcy5hdXRoMENsaWVudCkucGlwZShcbiAgICAgIGNvbmNhdE1hcCgoY2xpZW50KSA9PiBjbGllbnQuZ2V0VG9rZW5XaXRoUG9wdXAob3B0aW9ucykpLFxuICAgICAgdGFwKCh0b2tlbikgPT4gdGhpcy5hdXRoU3RhdGUuc2V0QWNjZXNzVG9rZW4odG9rZW4pKSxcbiAgICAgIGNhdGNoRXJyb3IoKGVycm9yKSA9PiB7XG4gICAgICAgIHRoaXMuYXV0aFN0YXRlLnNldEVycm9yKGVycm9yKTtcbiAgICAgICAgdGhpcy5hdXRoU3RhdGUucmVmcmVzaCgpO1xuICAgICAgICByZXR1cm4gdGhyb3dFcnJvcihlcnJvcik7XG4gICAgICB9KVxuICAgICk7XG4gIH1cblxuICAvKipcbiAgICogYGBganNcbiAgICogZ2V0VXNlcihvcHRpb25zKS5zdWJzY3JpYmUodXNlciA9PiAuLi4pO1xuICAgKiBgYGBcbiAgICpcbiAgICogUmV0dXJucyB0aGUgdXNlciBpbmZvcm1hdGlvbiBpZiBhdmFpbGFibGUgKGRlY29kZWRcbiAgICogZnJvbSB0aGUgYGlkX3Rva2VuYCkuXG4gICAqXG4gICAqIElmIHlvdSBwcm92aWRlIGFuIGF1ZGllbmNlIG9yIHNjb3BlLCB0aGV5IHNob3VsZCBtYXRjaCBhbiBleGlzdGluZyBBY2Nlc3MgVG9rZW5cbiAgICogKHRoZSBTREsgc3RvcmVzIGEgY29ycmVzcG9uZGluZyBJRCBUb2tlbiB3aXRoIGV2ZXJ5IEFjY2VzcyBUb2tlbiwgYW5kIHVzZXMgdGhlXG4gICAqIHNjb3BlIGFuZCBhdWRpZW5jZSB0byBsb29rIHVwIHRoZSBJRCBUb2tlbilcbiAgICpcbiAgICogQHJlbWFya3NcbiAgICpcbiAgICogVGhlIHJldHVybmVkIG9ic2VydmFibGUgd2lsbCBlbWl0IG9uY2UgYW5kIHRoZW4gY29tcGxldGUuXG4gICAqXG4gICAqIEB0eXBlcGFyYW0gVFVzZXIgVGhlIHR5cGUgdG8gcmV0dXJuLCBoYXMgdG8gZXh0ZW5kIHtAbGluayBVc2VyfS5cbiAgICogQHBhcmFtIG9wdGlvbnMgVGhlIG9wdGlvbnMgdG8gZ2V0IHRoZSB1c2VyXG4gICAqL1xuICBnZXRVc2VyPFRVc2VyIGV4dGVuZHMgVXNlcj4oXG4gICAgb3B0aW9ucz86IEdldFVzZXJPcHRpb25zXG4gICk6IE9ic2VydmFibGU8VFVzZXIgfCB1bmRlZmluZWQ+IHtcbiAgICByZXR1cm4gZGVmZXIoKCkgPT4gdGhpcy5hdXRoMENsaWVudC5nZXRVc2VyPFRVc2VyPihvcHRpb25zKSk7XG4gIH1cblxuICAvKipcbiAgICogYGBganNcbiAgICogZ2V0SWRUb2tlbkNsYWltcyhvcHRpb25zKS5zdWJzY3JpYmUoY2xhaW1zID0+IC4uLik7XG4gICAqIGBgYFxuICAgKlxuICAgKiBSZXR1cm5zIGFsbCBjbGFpbXMgZnJvbSB0aGUgaWRfdG9rZW4gaWYgYXZhaWxhYmxlLlxuICAgKlxuICAgKiBJZiB5b3UgcHJvdmlkZSBhbiBhdWRpZW5jZSBvciBzY29wZSwgdGhleSBzaG91bGQgbWF0Y2ggYW4gZXhpc3RpbmcgQWNjZXNzIFRva2VuXG4gICAqICh0aGUgU0RLIHN0b3JlcyBhIGNvcnJlc3BvbmRpbmcgSUQgVG9rZW4gd2l0aCBldmVyeSBBY2Nlc3MgVG9rZW4sIGFuZCB1c2VzIHRoZVxuICAgKiBzY29wZSBhbmQgYXVkaWVuY2UgdG8gbG9vayB1cCB0aGUgSUQgVG9rZW4pXG4gICAqXG4gICAqIEByZW1hcmtzXG4gICAqXG4gICAqIFRoZSByZXR1cm5lZCBvYnNlcnZhYmxlIHdpbGwgZW1pdCBvbmNlIGFuZCB0aGVuIGNvbXBsZXRlLlxuICAgKlxuICAgKiBAcGFyYW0gb3B0aW9ucyBUaGUgb3B0aW9ucyB0byBnZXQgdGhlIElkIHRva2VuIGNsYWltc1xuICAgKi9cbiAgZ2V0SWRUb2tlbkNsYWltcyhcbiAgICBvcHRpb25zPzogR2V0SWRUb2tlbkNsYWltc09wdGlvbnNcbiAgKTogT2JzZXJ2YWJsZTxJZFRva2VuIHwgdW5kZWZpbmVkPiB7XG4gICAgcmV0dXJuIGRlZmVyKCgpID0+IHRoaXMuYXV0aDBDbGllbnQuZ2V0SWRUb2tlbkNsYWltcyhvcHRpb25zKSk7XG4gIH1cblxuICAvKipcbiAgICogYGBganNcbiAgICogaGFuZGxlUmVkaXJlY3RDYWxsYmFjayh1cmwpLnN1YnNjcmliZShyZXN1bHQgPT4gLi4uKVxuICAgKiBgYGBcbiAgICpcbiAgICogQWZ0ZXIgdGhlIGJyb3dzZXIgcmVkaXJlY3RzIGJhY2sgdG8gdGhlIGNhbGxiYWNrIHBhZ2UsXG4gICAqIGNhbGwgYGhhbmRsZVJlZGlyZWN0Q2FsbGJhY2tgIHRvIGhhbmRsZSBzdWNjZXNzIGFuZCBlcnJvclxuICAgKiByZXNwb25zZXMgZnJvbSBBdXRoMC4gSWYgdGhlIHJlc3BvbnNlIGlzIHN1Y2Nlc3NmdWwsIHJlc3VsdHNcbiAgICogd2lsbCBiZSB2YWxpZCBhY2NvcmRpbmcgdG8gdGhlaXIgZXhwaXJhdGlvbiB0aW1lcy5cbiAgICpcbiAgICogQ2FsbGluZyB0aGlzIG1ldGhvZCBhbHNvIHJlZnJlc2hlcyB0aGUgYXV0aGVudGljYXRpb24gYW5kIHVzZXIgc3RhdGVzLlxuICAgKlxuICAgKiBAcGFyYW0gdXJsIFRoZSBVUkwgdG8gdGhhdCBzaG91bGQgYmUgdXNlZCB0byByZXRyaWV2ZSB0aGUgYHN0YXRlYCBhbmQgYGNvZGVgIHZhbHVlcy4gRGVmYXVsdHMgdG8gYHdpbmRvdy5sb2NhdGlvbi5ocmVmYCBpZiBub3QgZ2l2ZW4uXG4gICAqL1xuICBoYW5kbGVSZWRpcmVjdENhbGxiYWNrKFxuICAgIHVybD86IHN0cmluZ1xuICApOiBPYnNlcnZhYmxlPFJlZGlyZWN0TG9naW5SZXN1bHQ8VEFwcFN0YXRlPj4ge1xuICAgIHJldHVybiBkZWZlcigoKSA9PlxuICAgICAgdGhpcy5hdXRoMENsaWVudC5oYW5kbGVSZWRpcmVjdENhbGxiYWNrPFRBcHBTdGF0ZT4odXJsKVxuICAgICkucGlwZShcbiAgICAgIHdpdGhMYXRlc3RGcm9tKHRoaXMuYXV0aFN0YXRlLmlzTG9hZGluZyQpLFxuICAgICAgdGFwKChbcmVzdWx0LCBpc0xvYWRpbmddKSA9PiB7XG4gICAgICAgIGlmICghaXNMb2FkaW5nKSB7XG4gICAgICAgICAgdGhpcy5hdXRoU3RhdGUucmVmcmVzaCgpO1xuICAgICAgICB9XG4gICAgICAgIGNvbnN0IGFwcFN0YXRlID0gcmVzdWx0Py5hcHBTdGF0ZTtcbiAgICAgICAgY29uc3QgdGFyZ2V0ID0gYXBwU3RhdGU/LnRhcmdldCA/PyAnLyc7XG5cbiAgICAgICAgaWYgKGFwcFN0YXRlKSB7XG4gICAgICAgICAgdGhpcy5hcHBTdGF0ZVN1YmplY3QkLm5leHQoYXBwU3RhdGUpO1xuICAgICAgICB9XG5cbiAgICAgICAgdGhpcy5uYXZpZ2F0b3IubmF2aWdhdGVCeVVybCh0YXJnZXQpO1xuICAgICAgfSksXG4gICAgICBtYXAoKFtyZXN1bHRdKSA9PiByZXN1bHQpXG4gICAgKTtcbiAgfVxuXG4gIC8qKlxuICAgKiBgYGBqc1xuICAgKiBidWlsZEF1dGhvcml6ZVVybCgpLnN1YnNjcmliZSh1cmwgPT4gLi4uKVxuICAgKiBgYGBcbiAgICpcbiAgICogQnVpbGRzIGFuIGAvYXV0aG9yaXplYCBVUkwgZm9yIGxvZ2luV2l0aFJlZGlyZWN0IHVzaW5nIHRoZSBwYXJhbWV0ZXJzXG4gICAqIHByb3ZpZGVkIGFzIGFyZ3VtZW50cy4gUmFuZG9tIGFuZCBzZWN1cmUgYHN0YXRlYCBhbmQgYG5vbmNlYFxuICAgKiBwYXJhbWV0ZXJzIHdpbGwgYmUgYXV0by1nZW5lcmF0ZWQuXG4gICAqIEBwYXJhbSBvcHRpb25zIFRoZSBvcHRpb25zXG4gICAqIEByZXR1cm5zIEEgVVJMIHRvIHRoZSBhdXRob3JpemUgZW5kcG9pbnRcbiAgICovXG4gIGJ1aWxkQXV0aG9yaXplVXJsKG9wdGlvbnM/OiBSZWRpcmVjdExvZ2luT3B0aW9ucyk6IE9ic2VydmFibGU8c3RyaW5nPiB7XG4gICAgcmV0dXJuIGRlZmVyKCgpID0+IHRoaXMuYXV0aDBDbGllbnQuYnVpbGRBdXRob3JpemVVcmwob3B0aW9ucykpO1xuICB9XG5cbiAgLyoqXG4gICAqIGBgYGpzXG4gICAqIGJ1aWxkTG9nb3V0VXJsKCkuc3Vic2NyaWJlKHVybCA9PiAuLi4pXG4gICAqIGBgYFxuICAgKiBCdWlsZHMgYSBVUkwgdG8gdGhlIGxvZ291dCBlbmRwb2ludC5cbiAgICpcbiAgICogQHBhcmFtIG9wdGlvbnMgVGhlIG9wdGlvbnMgdXNlZCB0byBjb25maWd1cmUgdGhlIHBhcmFtZXRlcnMgdGhhdCBhcHBlYXIgaW4gdGhlIGxvZ291dCBlbmRwb2ludCBVUkwuXG4gICAqIEByZXR1cm5zIGEgVVJMIHRvIHRoZSBsb2dvdXQgZW5kcG9pbnQgdXNpbmcgdGhlIHBhcmFtZXRlcnMgcHJvdmlkZWQgYXMgYXJndW1lbnRzLlxuICAgKi9cbiAgYnVpbGRMb2dvdXRVcmwob3B0aW9ucz86IExvZ291dFVybE9wdGlvbnMpOiBPYnNlcnZhYmxlPHN0cmluZz4ge1xuICAgIHJldHVybiBvZih0aGlzLmF1dGgwQ2xpZW50LmJ1aWxkTG9nb3V0VXJsKG9wdGlvbnMpKTtcbiAgfVxuXG4gIHByaXZhdGUgc2hvdWxkSGFuZGxlQ2FsbGJhY2soKTogT2JzZXJ2YWJsZTxib29sZWFuPiB7XG4gICAgcmV0dXJuIG9mKGxvY2F0aW9uLnNlYXJjaCkucGlwZShcbiAgICAgIG1hcCgoc2VhcmNoKSA9PiB7XG4gICAgICAgIHJldHVybiAoXG4gICAgICAgICAgKHNlYXJjaC5pbmNsdWRlcygnY29kZT0nKSB8fCBzZWFyY2guaW5jbHVkZXMoJ2Vycm9yPScpKSAmJlxuICAgICAgICAgIHNlYXJjaC5pbmNsdWRlcygnc3RhdGU9JykgJiZcbiAgICAgICAgICAhdGhpcy5jb25maWdGYWN0b3J5LmdldCgpLnNraXBSZWRpcmVjdENhbGxiYWNrXG4gICAgICAgICk7XG4gICAgICB9KVxuICAgICk7XG4gIH1cbn1cbiJdfQ==
package/esm2015/useragent.js CHANGED
@@ -1,2 +1,2 @@
1
- export default { name: '@auth0/auth0-angular', version: '1.8.2' };
2
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXNlcmFnZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vcHJvamVjdHMvYXV0aDAtYW5ndWxhci9zcmMvdXNlcmFnZW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLGVBQWUsRUFBRSxJQUFJLEVBQUUsc0JBQXNCLEVBQUUsT0FBTyxFQUFFLE9BQU8sRUFBRSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGRlZmF1bHQgeyBuYW1lOiAnQGF1dGgwL2F1dGgwLWFuZ3VsYXInLCB2ZXJzaW9uOiAnMS44LjInIH07XG4iXX0=
1
+ export default { name: '@auth0/auth0-angular', version: '1.10.1' };
2
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXNlcmFnZW50LmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vcHJvamVjdHMvYXV0aDAtYW5ndWxhci9zcmMvdXNlcmFnZW50LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLGVBQWUsRUFBRSxJQUFJLEVBQUUsc0JBQXNCLEVBQUUsT0FBTyxFQUFFLFFBQVEsRUFBRSxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiZXhwb3J0IGRlZmF1bHQgeyBuYW1lOiAnQGF1dGgwL2F1dGgwLWFuZ3VsYXInLCB2ZXJzaW9uOiAnMS4xMC4xJyB9O1xuIl19
package/fesm2015/auth0-auth0-angular.js CHANGED
@@ -1,5 +1,5 @@
1
1
  import * as i0 from '@angular/core';
2
- import { InjectionToken, Injectable, Injector, Optional, Inject, NgModule } from '@angular/core';
2
+ import { VERSION, InjectionToken, Injectable, Injector, Optional, Inject, NgModule } from '@angular/core';
3
3
  import { Auth0Client } from '@auth0/auth0-spa-js';
4
4
  export { InMemoryCache, LocalStorageCache, User } from '@auth0/auth0-spa-js';
5
5
  import { BehaviorSubject, Subject, ReplaySubject, merge, defer, of, iif, from, throwError } from 'rxjs';
@@ -9,7 +9,7 @@ import { Router } from '@angular/router';
9
9
  import * as i1 from '@angular/common';
10
10
  import { Location } from '@angular/common';
11
11
 
12
- var useragent = { name: '@auth0/auth0-angular', version: '1.8.2' };
12
+ var useragent = { name: '@auth0/auth0-angular', version: '1.10.1' };
13
13
 
14
14
  class Auth0ClientFactory {
15
15
  static createClient(configFactory) {
@@ -21,6 +21,9 @@ class Auth0ClientFactory {
21
21
  return new Auth0Client(Object.assign(Object.assign({ redirect_uri: redirectUri || window.location.origin, client_id: clientId, max_age: maxAge }, rest), { auth0Client: {
22
22
  name: useragent.name,
23
23
  version: useragent.version,
24
+ env: {
25
+ 'angular/core': VERSION.full,
26
+ },
24
27
  } }));
25
28
  }
26
29
  }
@@ -277,8 +280,8 @@ class AuthService {
277
280
  this.shouldHandleCallback()
278
281
  .pipe(switchMap((isCallback) => checkSessionOrCallback$(isCallback).pipe(catchError((error) => {
279
282
  const config = this.configFactory.get();
280
- this.authState.setError(error);
281
283
  this.navigator.navigateByUrl(config.errorPath || '/');
284
+ this.authState.setError(error);
282
285
  return of(undefined);
283
286
  }))), tap(() => {
284
287
  this.authState.setIsLoading(false);
@@ -407,6 +410,48 @@ class AuthService {
407
410
  return throwError(error);
408
411
  }));
409
412
  }
413
+ /**
414
+ * ```js
415
+ * getUser(options).subscribe(user => ...);
416
+ * ```
417
+ *
418
+ * Returns the user information if available (decoded
419
+ * from the `id_token`).
420
+ *
421
+ * If you provide an audience or scope, they should match an existing Access Token
422
+ * (the SDK stores a corresponding ID Token with every Access Token, and uses the
423
+ * scope and audience to look up the ID Token)
424
+ *
425
+ * @remarks
426
+ *
427
+ * The returned observable will emit once and then complete.
428
+ *
429
+ * @typeparam TUser The type to return, has to extend {@link User}.
430
+ * @param options The options to get the user
431
+ */
432
+ getUser(options) {
433
+ return defer(() => this.auth0Client.getUser(options));
434
+ }
435
+ /**
436
+ * ```js
437
+ * getIdTokenClaims(options).subscribe(claims => ...);
438
+ * ```
439
+ *
440
+ * Returns all claims from the id_token if available.
441
+ *
442
+ * If you provide an audience or scope, they should match an existing Access Token
443
+ * (the SDK stores a corresponding ID Token with every Access Token, and uses the
444
+ * scope and audience to look up the ID Token)
445
+ *
446
+ * @remarks
447
+ *
448
+ * The returned observable will emit once and then complete.
449
+ *
450
+ * @param options The options to get the Id token claims
451
+ */
452
+ getIdTokenClaims(options) {
453
+ return defer(() => this.auth0Client.getIdTokenClaims(options));
454
+ }
410
455
  /**
411
456
  * ```js
412
457
  * handleRedirectCallback(url).subscribe(result => ...)
package/fesm2015/auth0-auth0-angular.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"auth0-auth0-angular.js","sources":["../../../projects/auth0-angular/src/useragent.ts","../../../projects/auth0-angular/src/lib/auth.client.ts","../../../projects/auth0-angular/src/lib/abstract-navigator.ts","../../../projects/auth0-angular/src/lib/auth.config.ts","../../../projects/auth0-angular/src/lib/auth.state.ts","../../../projects/auth0-angular/src/lib/auth.service.ts","../../../projects/auth0-angular/src/lib/auth.guard.ts","../../../projects/auth0-angular/src/lib/auth.module.ts","../../../projects/auth0-angular/src/lib/auth.interceptor.ts","../../../projects/auth0-angular/src/public-api.ts","../../../projects/auth0-angular/src/auth0-auth0-angular.ts"],"sourcesContent":["export default { name: '@auth0/auth0-angular', version: '1.8.2' };\n","import { InjectionToken } from '@angular/core';\nimport { Auth0Client } from '@auth0/auth0-spa-js';\nimport { AuthClientConfig } from './auth.config';\nimport useragent from '../useragent';\n\nexport class Auth0ClientFactory {\n static createClient(configFactory: AuthClientConfig): Auth0Client {\n const config = configFactory.get();\n\n if (!config) {\n throw new Error(\n 'Configuration must be specified either through AuthModule.forRoot or through AuthClientConfig.set'\n );\n }\n\n const { redirectUri, clientId, maxAge, httpInterceptor, ...rest } = config;\n\n return new Auth0Client({\n redirect_uri: redirectUri || window.location.origin,\n client_id: clientId,\n max_age: maxAge,\n ...rest,\n auth0Client: {\n name: useragent.name,\n version: useragent.version,\n },\n });\n }\n}\n\nexport const Auth0ClientService = new InjectionToken<Auth0Client>(\n 'auth0.client'\n);\n","import { Injectable, Injector } from '@angular/core';\nimport { Router } from '@angular/router';\nimport { Location } from '@angular/common';\n\n@Injectable({\n providedIn: 'root',\n})\nexport class AbstractNavigator {\n private readonly router?: Router;\n\n constructor(private location: Location, injector: Injector) {\n try {\n this.router = injector.get(Router);\n } catch {}\n }\n\n /**\n * Navigates to the specified url. The router will be used if one is available, otherwise it falls back\n * to `window.history.replaceState`.\n * @param url The url to navigate to\n */\n navigateByUrl(url: string): void {\n if (this.router) {\n this.router.navigateByUrl(url);\n\n return;\n }\n\n this.location.replaceState(url);\n }\n}\n","import {\n CacheLocation,\n GetTokenSilentlyOptions,\n ICache,\n} from '@auth0/auth0-spa-js';\n\nimport { InjectionToken, Injectable, Optional, Inject } from '@angular/core';\n\n/**\n * Defines a common set of HTTP methods.\n */\nexport const enum HttpMethod {\n Get = 'GET',\n Post = 'POST',\n Put = 'PUT',\n Patch = 'PATCH',\n Delete = 'DELETE',\n Head = 'HEAD',\n}\n\n/**\n * Defines the type for a route config entry. Can either be:\n *\n * - an object of type HttpInterceptorRouteConfig\n * - a string\n */\nexport type ApiRouteDefinition = HttpInterceptorRouteConfig | string;\n\n/**\n * A custom type guard to help identify route definitions that are actually HttpInterceptorRouteConfig types.\n * @param def The route definition type\n */\nexport function isHttpInterceptorRouteConfig(\n def: ApiRouteDefinition\n): def is HttpInterceptorRouteConfig {\n return typeof def !== 'string';\n}\n\n/**\n * Configuration for the HttpInterceptor\n */\nexport interface HttpInterceptorConfig {\n allowedList: ApiRouteDefinition[];\n}\n\n/**\n * Configuration for a single interceptor route\n */\nexport interface HttpInterceptorRouteConfig {\n /**\n * The URL to test, by supplying the URL to match.\n * If `test` is a match for the current request path from the HTTP client, then\n * an access token is attached to the request in the\n * [\"Authorization\" header](https://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-20#section-2.1).\n *\n * If the test does not pass, the request proceeds without the access token attached.\n *\n * A wildcard character can be used to match only the start of the URL.\n *\n * @usagenotes\n *\n * '/api' - exactly match the route /api\n * '/api/*' - match any route that starts with /api/\n */\n uri?: string;\n\n /**\n * A function that will be called with the HttpRequest.url value, allowing you to do\n * any kind of flexible matching.\n *\n * If this function returns true, then\n * an access token is attached to the request in the\n * [\"Authorization\" header](https://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-20#section-2.1).\n *\n * If it returns false, the request proceeds without the access token attached.\n */\n uriMatcher?: (uri: string) => boolean;\n\n /**\n * The options that are passed to the SDK when retrieving the\n * access token to attach to the outgoing request.\n */\n tokenOptions?: GetTokenSilentlyOptions;\n\n /**\n * The HTTP method to match on. If specified, the HTTP method of\n * the outgoing request will be checked against this. If there is no match, the\n * Authorization header is not attached.\n *\n * The HTTP method name is case-sensitive.\n */\n httpMethod?: HttpMethod | string;\n\n /**\n * Allow the HTTP call to be executed anonymously, when no token is available.\n *\n * When omitted (or set to false), calls that match the configuration will fail when no token is available.\n */\n allowAnonymous?: boolean;\n}\n\n/**\n * Configuration for the authentication service\n */\nexport interface AuthConfig {\n /**\n * Your Auth0 account domain such as `'example.auth0.com'`,\n * `'example.eu.auth0.com'` or , `'example.mycompany.com'`\n * (when using [custom domains](https://auth0.com/docs/custom-domains))\n */\n domain: string;\n\n /**\n * The issuer to be used for validation of JWTs, optionally defaults to the domain above\n */\n issuer?: string;\n\n /**\n * The Client ID found on your Application settings page\n */\n clientId: string;\n\n /**\n * The default URL where Auth0 will redirect your browser to with\n * the authentication result. It must be added to the\n * \"Allowed Callback URLs\" field in your Auth0 Application's\n * settings. If not provided here, it should be provided in the other\n * methods that provide authentication.\n */\n redirectUri?: string;\n\n /**\n * By default, if the page URL has code and state parameters, the SDK will assume they are for\n * an Auth0 application and attempt to exchange the code for a token.\n * In some cases the code might be for something else (e.g. another OAuth SDK). In these\n * instances you can instruct the client to ignore them by setting `skipRedirectCallback`.\n *\n * ```js\n * AuthModule.forRoot({\n * skipRedirectCallback: window.location.pathname === '/other-callback'\n * })\n * ```\n *\n * **Note**: In the above example, `/other-callback` is an existing route that will be called\n * by any other OAuth provider with a `code` (or `error` in case when something went wrong) and `state`.\n *\n */\n skipRedirectCallback?: boolean;\n\n /**\n * The value in seconds used to account for clock skew in JWT expirations.\n * Typically, this value is no more than a minute or two at maximum.\n * Defaults to 60s.\n */\n leeway?: number;\n\n /**\n * The location to use when storing cache data. Valid values are `memory` or `localstorage`.\n * The default setting is `memory`.\n */\n cacheLocation?: CacheLocation;\n\n /**\n * Specify a custom cache implementation to use for token storage and retrieval.\n * This setting takes precedence over `cacheLocation` if they are both specified.\n *\n * Read more about [creating a custom cache](https://github.com/auth0/auth0-spa-js#creating-a-custom-cache)\n */\n cache?: ICache;\n\n /**\n * If true, refresh tokens are used to fetch new access tokens from the Auth0 server.\n * If false, the legacy technique of using a hidden iframe and the `authorization_code` grant with `prompt=none` is used.\n * The default setting is `false`.\n *\n * **Note**: Use of refresh tokens must be enabled by an administrator on your Auth0 client application.\n */\n useRefreshTokens?: boolean;\n\n /**\n * A maximum number of seconds to wait before declaring background calls to /authorize as failed for timeout\n * Defaults to 60s.\n */\n authorizeTimeoutInSeconds?: number;\n\n /**\n * Changes to recommended defaults, like defaultScope\n */\n advancedOptions?: {\n /**\n * The default scope to be included with all requests.\n * If not provided, 'openid profile email' is used. This can be set to `null` in order to effectively remove the default scopes.\n *\n * Note: The `openid` scope is **always applied** regardless of this setting.\n */\n defaultScope?: string;\n };\n\n /**\n * Maximum allowable elapsed time (in seconds) since authentication.\n * If the last time the user authenticated is greater than this value,\n * the user must be reauthenticated.\n */\n maxAge?: string | number;\n\n /**\n * The default scope to be used on authentication requests.\n * The defaultScope defined in the Auth0Client is included\n * along with this scope\n */\n scope?: string;\n\n /**\n * The default audience to be used for requesting API access.\n */\n audience?: string;\n\n /**\n * Configuration for the built-in Http Interceptor, used for\n * automatically attaching access tokens.\n */\n httpInterceptor?: HttpInterceptorConfig;\n\n /**\n * Path in your application to redirect to when the Authorization server\n * returns an error. Defaults to `/`\n */\n errorPath?: string;\n\n /**\n * The Id of an organization to log in to\n *\n * This will specify an `organization` parameter in your user's login request and will add a step to validate\n * the `org_id` claim in your user's ID Token.\n */\n organization?: string;\n\n /**\n * The Id of an invitation to accept.\n *\n * This is available from the user invitation URL that is given when participating in a user invitation flow.\n */\n invitation?: string;\n\n /**\n * The name of the connection configured for your application.\n * If null, it will redirect to the Auth0 Login Page and show\n * the Login Widget.\n */\n connection?: string;\n\n /**\n * Modify the value used as the current time during the token validation.\n *\n * **Note**: Using this improperly can potentially compromise the token validation.\n */\n nowProvider?: () => Promise<number> | number;\n\n /**\n * If you need to send custom parameters to the Authorization Server,\n * make sure to use the original parameter name.\n */\n [key: string]: any;\n}\n\n/**\n * Angular specific state to be stored before redirect\n */\nexport interface AppState {\n /**\n * Target path the app gets routed to after\n * handling the callback from Auth0 (defaults to '/')\n */\n target?: string;\n\n /**\n * Any custom parameter to be stored in appState\n */\n [key: string]: any;\n}\n\n/**\n * Gets and sets configuration for the internal Auth0 client. This can be\n * used to provide configuration outside of using AuthModule.forRoot, i.e. from\n * a factory provided by APP_INITIALIZER.\n *\n * @usage\n *\n * ```js\n * // app.module.ts\n * // ---------------------------\n * import { AuthModule, AuthClientConfig } from '@auth0/auth0-angular';\n *\n * // Provide an initializer function that returns a Promise\n * function configInitializer(\n * http: HttpClient,\n * config: AuthClientConfig\n * ) {\n * return () =>\n * http\n * .get('/config')\n * .toPromise()\n * .then((loadedConfig: any) => config.set(loadedConfig)); // Set the config that was loaded asynchronously here\n * }\n *\n * // Provide APP_INITIALIZER with this function. Note that there is no config passed to AuthModule.forRoot\n * imports: [\n * // other imports..\n *\n * HttpClientModule,\n * AuthModule.forRoot(), //<- don't pass any config here\n * ],\n * providers: [\n * {\n * provide: APP_INITIALIZER,\n * useFactory: configInitializer, // <- pass your initializer function here\n * deps: [HttpClient, AuthClientConfig],\n * multi: true,\n * },\n * ],\n * ```\n *\n */\n@Injectable({ providedIn: 'root' })\nexport class AuthClientConfig {\n private config?: AuthConfig;\n\n constructor(@Optional() @Inject(AuthConfigService) config?: AuthConfig) {\n if (config) {\n this.set(config);\n }\n }\n\n /**\n * Sets configuration to be read by other consumers of the service (see usage notes)\n * @param config The configuration to set\n */\n set(config: AuthConfig): void {\n this.config = config;\n }\n\n /**\n * Gets the config that has been set by other consumers of the service\n */\n get(): AuthConfig {\n return this.config as AuthConfig;\n }\n}\n\n/**\n * Injection token for accessing configuration.\n *\n * @usageNotes\n *\n * Use the `Inject` decorator to access the configuration from a service or component:\n *\n * ```\n * class MyService(@Inject(AuthConfigService) config: AuthConfig) {}\n * ```\n */\nexport const AuthConfigService = new InjectionToken<AuthConfig>(\n 'auth0-angular.config'\n);\n","import { Inject, Injectable } from '@angular/core';\nimport { Auth0Client } from '@auth0/auth0-spa-js';\nimport {\n BehaviorSubject,\n defer,\n merge,\n of,\n ReplaySubject,\n Subject,\n} from 'rxjs';\nimport {\n concatMap,\n distinctUntilChanged,\n filter,\n mergeMap,\n scan,\n shareReplay,\n switchMap,\n} from 'rxjs/operators';\nimport { Auth0ClientService } from './auth.client';\n\n/**\n * Tracks the Authentication State for the SDK\n */\n@Injectable({ providedIn: 'root' })\nexport class AuthState {\n private isLoadingSubject$ = new BehaviorSubject<boolean>(true);\n private refresh$ = new Subject<void>();\n private accessToken$ = new ReplaySubject<string>(1);\n private errorSubject$ = new ReplaySubject<Error>(1);\n\n /**\n * Emits boolean values indicating the loading state of the SDK.\n */\n public readonly isLoading$ = this.isLoadingSubject$.asObservable();\n\n /**\n * Trigger used to pull User information from the Auth0Client.\n * Triggers when the access token has changed.\n */\n private accessTokenTrigger$ = this.accessToken$.pipe(\n scan(\n (\n acc: { current: string | null; previous: string | null },\n current: string | null\n ) => {\n return {\n previous: acc.current,\n current,\n };\n },\n { current: null, previous: null }\n ),\n filter(({ previous, current }) => previous !== current)\n );\n\n /**\n * Trigger used to pull User information from the Auth0Client.\n * Triggers when an event occurs that needs to retrigger the User Profile information.\n * Events: Login, Access Token change and Logout\n */\n private readonly isAuthenticatedTrigger$ = this.isLoading$.pipe(\n filter((loading) => !loading),\n distinctUntilChanged(),\n switchMap(() =>\n // To track the value of isAuthenticated over time, we need to merge:\n // - the current value\n // - the value whenever the access token changes. (this should always be true of there is an access token\n // but it is safer to pass this through this.auth0Client.isAuthenticated() nevertheless)\n // - the value whenever refreshState$ emits\n merge(\n defer(() => this.auth0Client.isAuthenticated()),\n this.accessTokenTrigger$.pipe(\n mergeMap(() => this.auth0Client.isAuthenticated())\n ),\n this.refresh$.pipe(mergeMap(() => this.auth0Client.isAuthenticated()))\n )\n )\n );\n\n /**\n * Emits boolean values indicating the authentication state of the user. If `true`, it means a user has authenticated.\n * This depends on the value of `isLoading$`, so there is no need to manually check the loading state of the SDK.\n */\n readonly isAuthenticated$ = this.isAuthenticatedTrigger$.pipe(\n distinctUntilChanged(),\n shareReplay(1)\n );\n\n /**\n * Emits details about the authenticated user, or null if not authenticated.\n */\n readonly user$ = this.isAuthenticatedTrigger$.pipe(\n concatMap((authenticated) =>\n authenticated ? this.auth0Client.getUser() : of(null)\n )\n );\n\n /**\n * Emits ID token claims when authenticated, or null if not authenticated.\n */\n readonly idTokenClaims$ = this.isAuthenticatedTrigger$.pipe(\n concatMap((authenticated) =>\n authenticated ? this.auth0Client.getIdTokenClaims() : of(null)\n )\n );\n\n /**\n * Emits errors that occur during login, or when checking for an active session on startup.\n */\n public readonly error$ = this.errorSubject$.asObservable();\n\n constructor(@Inject(Auth0ClientService) private auth0Client: Auth0Client) {}\n\n /**\n * Update the isLoading state using the provided value\n * @param isLoading The new value for isLoading\n */\n public setIsLoading(isLoading: boolean): void {\n this.isLoadingSubject$.next(isLoading);\n }\n\n /**\n * Refresh the state to ensure the `isAuthenticated`, `user$` and `idTokenClaims$`\n * reflect the most up-to-date values from Auth0Client.\n */\n public refresh(): void {\n this.refresh$.next();\n }\n\n /**\n * Update the access token, doing so will also refresh the state.\n * @param accessToken The new Access Token\n */\n public setAccessToken(accessToken: string): void {\n this.accessToken$.next(accessToken);\n }\n\n /**\n * Emits the error in the `error$` observable.\n * @param error The new error\n */\n public setError(error: any): void {\n this.errorSubject$.next(error);\n }\n}\n","import { Injectable, Inject, OnDestroy } from '@angular/core';\n\nimport {\n Auth0Client,\n RedirectLoginOptions,\n PopupLoginOptions,\n PopupConfigOptions,\n LogoutOptions,\n GetTokenSilentlyOptions,\n GetTokenWithPopupOptions,\n RedirectLoginResult,\n LogoutUrlOptions,\n GetTokenSilentlyVerboseResponse,\n} from '@auth0/auth0-spa-js';\n\nimport {\n of,\n from,\n Subject,\n Observable,\n iif,\n defer,\n ReplaySubject,\n throwError,\n} from 'rxjs';\n\nimport {\n concatMap,\n tap,\n map,\n takeUntil,\n catchError,\n switchMap,\n withLatestFrom,\n} from 'rxjs/operators';\n\nimport { Auth0ClientService } from './auth.client';\nimport { AbstractNavigator } from './abstract-navigator';\nimport {\n AuthClientConfig,\n AppState,\n} from './auth.config';\nimport { AuthState } from './auth.state';\n\n@Injectable({\n providedIn: 'root',\n})\nexport class AuthService<TAppState extends AppState = AppState> implements OnDestroy {\n private appStateSubject$ = new ReplaySubject<TAppState>(1);\n\n // https://stackoverflow.com/a/41177163\n private ngUnsubscribe$ = new Subject<void>();\n /**\n * Emits boolean values indicating the loading state of the SDK.\n */\n readonly isLoading$ = this.authState.isLoading$;\n\n /**\n * Emits boolean values indicating the authentication state of the user. If `true`, it means a user has authenticated.\n * This depends on the value of `isLoading$`, so there is no need to manually check the loading state of the SDK.\n */\n readonly isAuthenticated$ = this.authState.isAuthenticated$;\n\n /**\n * Emits details about the authenticated user, or null if not authenticated.\n */\n readonly user$ = this.authState.user$;\n\n /**\n * Emits ID token claims when authenticated, or null if not authenticated.\n */\n readonly idTokenClaims$ = this.authState.idTokenClaims$;\n\n /**\n * Emits errors that occur during login, or when checking for an active session on startup.\n */\n readonly error$ = this.authState.error$;\n\n /**\n * Emits the value (if any) that was passed to the `loginWithRedirect` method call\n * but only **after** `handleRedirectCallback` is first called\n */\n readonly appState$ = this.appStateSubject$.asObservable();\n\n constructor(\n @Inject(Auth0ClientService) private auth0Client: Auth0Client,\n private configFactory: AuthClientConfig,\n private navigator: AbstractNavigator,\n private authState: AuthState\n ) {\n const checkSessionOrCallback$ = (isCallback: boolean) =>\n iif(\n () => isCallback,\n this.handleRedirectCallback(),\n defer(() => this.auth0Client.checkSession())\n );\n\n this.shouldHandleCallback()\n .pipe(\n switchMap((isCallback) =>\n checkSessionOrCallback$(isCallback).pipe(\n catchError((error) => {\n const config = this.configFactory.get();\n this.authState.setError(error);\n this.navigator.navigateByUrl(config.errorPath || '/');\n return of(undefined);\n })\n )\n ),\n tap(() => {\n this.authState.setIsLoading(false);\n }),\n takeUntil(this.ngUnsubscribe$)\n )\n .subscribe();\n }\n\n /**\n * Called when the service is destroyed\n */\n ngOnDestroy(): void {\n // https://stackoverflow.com/a/41177163\n this.ngUnsubscribe$.next();\n this.ngUnsubscribe$.complete();\n }\n\n /**\n * ```js\n * loginWithRedirect(options);\n * ```\n *\n * Performs a redirect to `/authorize` using the parameters\n * provided as arguments. Random and secure `state` and `nonce`\n * parameters will be auto-generated.\n *\n * @param options The login options\n */\n loginWithRedirect(options?: RedirectLoginOptions<TAppState>): Observable<void> {\n return from(this.auth0Client.loginWithRedirect(options));\n }\n\n /**\n * ```js\n * await loginWithPopup(options);\n * ```\n *\n * Opens a popup with the `/authorize` URL using the parameters\n * provided as arguments. Random and secure `state` and `nonce`\n * parameters will be auto-generated. If the response is successful,\n * results will be valid according to their expiration times.\n *\n * IMPORTANT: This method has to be called from an event handler\n * that was started by the user like a button click, for example,\n * otherwise the popup will be blocked in most browsers.\n *\n * @param options The login options\n * @param config Configuration for the popup window\n */\n loginWithPopup(\n options?: PopupLoginOptions,\n config?: PopupConfigOptions\n ): Observable<void> {\n return from(\n this.auth0Client.loginWithPopup(options, config).then(() => {\n this.authState.refresh();\n })\n );\n }\n\n /**\n * ```js\n * logout();\n * ```\n *\n * Clears the application session and performs a redirect to `/v2/logout`, using\n * the parameters provided as arguments, to clear the Auth0 session.\n * If the `federated` option is specified it also clears the Identity Provider session.\n * If the `localOnly` option is specified, it only clears the application session.\n * It is invalid to set both the `federated` and `localOnly` options to `true`,\n * and an error will be thrown if you do.\n * [Read more about how Logout works at Auth0](https://auth0.com/docs/logout).\n *\n * @param options The logout options\n */\n logout(options?: LogoutOptions): void {\n const logout = this.auth0Client.logout(options) || of(null);\n\n from(logout).subscribe(() => {\n if (options?.localOnly) {\n this.authState.refresh();\n }\n });\n }\n\n /**\n * Fetches a new access token and returns the response from the /oauth/token endpoint, omitting the refresh token.\n *\n * @param options The options for configuring the token fetch.\n */\n getAccessTokenSilently(\n options: GetTokenSilentlyOptions & { detailedResponse: true }\n ): Observable<GetTokenSilentlyVerboseResponse>;\n\n /**\n * Fetches a new access token and returns it.\n *\n * @param options The options for configuring the token fetch.\n */\n getAccessTokenSilently(options?: GetTokenSilentlyOptions): Observable<string>;\n\n /**\n * ```js\n * getAccessTokenSilently(options).subscribe(token => ...)\n * ```\n *\n * If there's a valid token stored, return it. Otherwise, opens an\n * iframe with the `/authorize` URL using the parameters provided\n * as arguments. Random and secure `state` and `nonce` parameters\n * will be auto-generated. If the response is successful, results\n * will be valid according to their expiration times.\n *\n * If refresh tokens are used, the token endpoint is called directly with the\n * 'refresh_token' grant. If no refresh token is available to make this call,\n * the SDK falls back to using an iframe to the '/authorize' URL.\n *\n * This method may use a web worker to perform the token call if the in-memory\n * cache is used.\n *\n * If an `audience` value is given to this function, the SDK always falls\n * back to using an iframe to make the token exchange.\n *\n * Note that in all cases, falling back to an iframe requires access to\n * the `auth0` cookie, and thus will not work in browsers that block third-party\n * cookies by default (Safari, Brave, etc).\n *\n * @param options The options for configuring the token fetch.\n */\n getAccessTokenSilently(\n options: GetTokenSilentlyOptions = {}\n ): Observable<string | GetTokenSilentlyVerboseResponse> {\n return of(this.auth0Client).pipe(\n concatMap((client) =>\n options.detailedResponse === true\n ? client.getTokenSilently({ ...options, detailedResponse: true })\n : client.getTokenSilently(options)\n ),\n tap((token) =>\n this.authState.setAccessToken(\n typeof token === 'string' ? token : token.access_token\n )\n ),\n catchError((error) => {\n this.authState.setError(error);\n this.authState.refresh();\n return throwError(error);\n })\n );\n }\n\n /**\n * ```js\n * getTokenWithPopup(options).subscribe(token => ...)\n * ```\n *\n * Get an access token interactively.\n *\n * Opens a popup with the `/authorize` URL using the parameters\n * provided as arguments. Random and secure `state` and `nonce`\n * parameters will be auto-generated. If the response is successful,\n * results will be valid according to their expiration times.\n */\n getAccessTokenWithPopup(\n options?: GetTokenWithPopupOptions\n ): Observable<string> {\n return of(this.auth0Client).pipe(\n concatMap((client) => client.getTokenWithPopup(options)),\n tap((token) => this.authState.setAccessToken(token)),\n catchError((error) => {\n this.authState.setError(error);\n this.authState.refresh();\n return throwError(error);\n })\n );\n }\n\n /**\n * ```js\n * handleRedirectCallback(url).subscribe(result => ...)\n * ```\n *\n * After the browser redirects back to the callback page,\n * call `handleRedirectCallback` to handle success and error\n * responses from Auth0. If the response is successful, results\n * will be valid according to their expiration times.\n *\n * Calling this method also refreshes the authentication and user states.\n *\n * @param url The URL to that should be used to retrieve the `state` and `code` values. Defaults to `window.location.href` if not given.\n */\n handleRedirectCallback(url?: string): Observable<RedirectLoginResult<TAppState>> {\n return defer(() => this.auth0Client.handleRedirectCallback<TAppState>(url)).pipe(\n withLatestFrom(this.authState.isLoading$),\n tap(([result, isLoading]) => {\n if (!isLoading) {\n this.authState.refresh();\n }\n const appState = result?.appState;\n const target = appState?.target ?? '/';\n\n if (appState) {\n this.appStateSubject$.next(appState);\n }\n\n this.navigator.navigateByUrl(target);\n }),\n map(([result]) => result)\n );\n }\n\n /**\n * ```js\n * buildAuthorizeUrl().subscribe(url => ...)\n * ```\n *\n * Builds an `/authorize` URL for loginWithRedirect using the parameters\n * provided as arguments. Random and secure `state` and `nonce`\n * parameters will be auto-generated.\n * @param options The options\n * @returns A URL to the authorize endpoint\n */\n buildAuthorizeUrl(options?: RedirectLoginOptions): Observable<string> {\n return defer(() => this.auth0Client.buildAuthorizeUrl(options));\n }\n\n /**\n * ```js\n * buildLogoutUrl().subscribe(url => ...)\n * ```\n * Builds a URL to the logout endpoint.\n *\n * @param options The options used to configure the parameters that appear in the logout endpoint URL.\n * @returns a URL to the logout endpoint using the parameters provided as arguments.\n */\n buildLogoutUrl(options?: LogoutUrlOptions): Observable<string> {\n return of(this.auth0Client.buildLogoutUrl(options));\n }\n\n private shouldHandleCallback(): Observable<boolean> {\n return of(location.search).pipe(\n map((search) => {\n return (\n (search.includes('code=') || search.includes('error=')) &&\n search.includes('state=') &&\n !this.configFactory.get().skipRedirectCallback\n );\n })\n );\n }\n}\n","import { Injectable } from '@angular/core';\nimport {\n ActivatedRouteSnapshot,\n RouterStateSnapshot,\n CanActivate,\n CanLoad,\n Route,\n UrlSegment,\n CanActivateChild,\n} from '@angular/router';\nimport { Observable } from 'rxjs';\nimport { tap, take } from 'rxjs/operators';\nimport { AuthService } from './auth.service';\n\n@Injectable({\n providedIn: 'root',\n})\nexport class AuthGuard implements CanActivate, CanLoad, CanActivateChild {\n constructor(private auth: AuthService) {}\n\n canLoad(route: Route, segments: UrlSegment[]): Observable<boolean> {\n return this.auth.isAuthenticated$.pipe(take(1));\n }\n\n canActivate(\n next: ActivatedRouteSnapshot,\n state: RouterStateSnapshot\n ): Observable<boolean> {\n return this.redirectIfUnauthenticated(state);\n }\n\n canActivateChild(\n childRoute: ActivatedRouteSnapshot,\n state: RouterStateSnapshot\n ): Observable<boolean> {\n return this.redirectIfUnauthenticated(state);\n }\n\n private redirectIfUnauthenticated(\n state: RouterStateSnapshot\n ): Observable<boolean> {\n return this.auth.isAuthenticated$.pipe(\n tap((loggedIn) => {\n if (!loggedIn) {\n this.auth.loginWithRedirect({\n appState: { target: state.url },\n });\n }\n })\n );\n }\n}\n","import { NgModule, ModuleWithProviders } from '@angular/core';\nimport { AuthService } from './auth.service';\nimport { AuthConfig, AuthConfigService, AuthClientConfig } from './auth.config';\nimport { Auth0ClientService, Auth0ClientFactory } from './auth.client';\nimport { AuthGuard } from './auth.guard';\n\n@NgModule()\nexport class AuthModule {\n /**\n * Initialize the authentication module system. Configuration can either be specified here,\n * or by calling AuthClientConfig.set (perhaps from an APP_INITIALIZER factory function).\n * @param config The optional configuration for the SDK.\n */\n static forRoot(config?: AuthConfig): ModuleWithProviders<AuthModule> {\n return {\n ngModule: AuthModule,\n providers: [\n AuthService,\n AuthGuard,\n {\n provide: AuthConfigService,\n useValue: config,\n },\n {\n provide: Auth0ClientService,\n useFactory: Auth0ClientFactory.createClient,\n deps: [AuthClientConfig],\n },\n ],\n };\n }\n}\n","import {\n HttpInterceptor,\n HttpRequest,\n HttpHandler,\n HttpEvent,\n} from '@angular/common/http';\n\nimport { Observable, from, of, iif, throwError } from 'rxjs';\nimport { Inject, Injectable } from '@angular/core';\n\nimport {\n ApiRouteDefinition,\n isHttpInterceptorRouteConfig,\n AuthClientConfig,\n HttpInterceptorConfig,\n} from './auth.config';\n\nimport {\n switchMap,\n first,\n concatMap,\n pluck,\n catchError,\n tap,\n} from 'rxjs/operators';\nimport { Auth0Client, GetTokenSilentlyOptions } from '@auth0/auth0-spa-js';\nimport { Auth0ClientService } from './auth.client';\nimport { AuthState } from './auth.state';\n\n@Injectable()\nexport class AuthHttpInterceptor implements HttpInterceptor {\n constructor(\n private configFactory: AuthClientConfig,\n @Inject(Auth0ClientService) private auth0Client: Auth0Client,\n private authState: AuthState\n ) {}\n\n intercept(\n req: HttpRequest<any>,\n next: HttpHandler\n ): Observable<HttpEvent<any>> {\n const config = this.configFactory.get();\n if (!config.httpInterceptor?.allowedList) {\n return next.handle(req);\n }\n\n return this.findMatchingRoute(req, config.httpInterceptor).pipe(\n concatMap((route) =>\n iif(\n // Check if a route was matched\n () => route !== null,\n // If we have a matching route, call getTokenSilently and attach the token to the\n // outgoing request\n of(route).pipe(\n pluck('tokenOptions'),\n concatMap<GetTokenSilentlyOptions, Observable<string>>(\n (options) => {\n return this.getAccessTokenSilently(options).pipe(\n catchError((err) => {\n if (this.allowAnonymous(route, err)) {\n return of('');\n }\n\n this.authState.setError(err);\n return throwError(err);\n })\n );\n }\n ),\n switchMap((token: string) => {\n // Clone the request and attach the bearer token\n const clone = token\n ? req.clone({\n headers: req.headers.set(\n 'Authorization',\n `Bearer ${token}`\n ),\n })\n : req;\n\n return next.handle(clone);\n })\n ),\n // If the URI being called was not found in our httpInterceptor config, simply\n // pass the request through without attaching a token\n next.handle(req)\n )\n )\n );\n }\n\n /**\n * Duplicate of AuthService.getAccessTokenSilently, but with a slightly different error handling.\n * Only used internally in the interceptor.\n * @param options The options for configuring the token fetch.\n */\n private getAccessTokenSilently(\n options?: GetTokenSilentlyOptions\n ): Observable<string> {\n return of(this.auth0Client).pipe(\n concatMap((client) => client.getTokenSilently(options)),\n tap((token) => this.authState.setAccessToken(token)),\n catchError((error) => {\n this.authState.refresh();\n return throwError(error);\n })\n );\n }\n\n /**\n * Strips the query and fragment from the given uri\n * @param uri The uri to remove the query and fragment from\n */\n private stripQueryFrom(uri: string): string {\n if (uri.indexOf('?') > -1) {\n uri = uri.substr(0, uri.indexOf('?'));\n }\n\n if (uri.indexOf('#') > -1) {\n uri = uri.substr(0, uri.indexOf('#'));\n }\n\n return uri;\n }\n\n /**\n * Determines whether the specified route can have an access token attached to it, based on matching the HTTP request against\n * the interceptor route configuration.\n * @param route The route to test\n * @param request The HTTP request\n */\n private canAttachToken(\n route: ApiRouteDefinition,\n request: HttpRequest<any>\n ): boolean {\n const testPrimitive = (value: string | undefined): boolean => {\n if (!value) {\n return false;\n }\n\n const requestPath = this.stripQueryFrom(request.url);\n\n if (value === requestPath) {\n return true;\n }\n\n // If the URL ends with an asterisk, match using startsWith.\n return (\n value.indexOf('*') === value.length - 1 &&\n request.url.startsWith(value.substr(0, value.length - 1))\n );\n };\n\n if (isHttpInterceptorRouteConfig(route)) {\n if (route.httpMethod && route.httpMethod !== request.method) {\n return false;\n }\n\n /* istanbul ignore if */\n if (!route.uri && !route.uriMatcher) {\n console.warn(\n 'Either a uri or uriMatcher is required when configuring the HTTP interceptor.'\n );\n }\n\n return route.uriMatcher\n ? route.uriMatcher(request.url)\n : testPrimitive(route.uri);\n }\n\n return testPrimitive(route);\n }\n\n /**\n * Tries to match a route from the SDK configuration to the HTTP request.\n * If a match is found, the route configuration is returned.\n * @param request The Http request\n * @param config HttpInterceptorConfig\n */\n private findMatchingRoute(\n request: HttpRequest<any>,\n config: HttpInterceptorConfig\n ): Observable<ApiRouteDefinition | null> {\n return from(config.allowedList).pipe(\n first((route) => this.canAttachToken(route, request), null)\n );\n }\n\n private allowAnonymous(route: ApiRouteDefinition | null, err: any): boolean {\n return (\n !!route &&\n isHttpInterceptorRouteConfig(route) &&\n !!route.allowAnonymous &&\n ['login_required', 'consent_required'].includes(err.error)\n );\n }\n}\n","/*\n * Public API Surface of auth0-angular\n */\n\nexport * from './lib/auth.service';\nexport * from './lib/auth.module';\nexport * from './lib/auth.guard';\nexport * from './lib/auth.interceptor';\nexport * from './lib/auth.config';\nexport * from './lib/auth.client';\nexport * from './lib/auth.state';\n\nexport {\n ICache,\n Cacheable,\n LocalStorageCache,\n InMemoryCache,\n IdToken,\n User\n} from '@auth0/auth0-spa-js';\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n\nexport {AbstractNavigator as ɵa} from './lib/abstract-navigator';"],"names":[],"mappings":";;;;;;;;;;;AAAA,gBAAe,EAAE,IAAI,EAAE,sBAAsB,EAAE,OAAO,EAAE,OAAO,EAAE;;MCKpD,kBAAkB;IAC7B,OAAO,YAAY,CAAC,aAA+B;QACjD,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC;QAEnC,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CACb,mGAAmG,CACpG,CAAC;SACH;QAED,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,eAAe,KAAc,MAAM,EAAf,IAAI,UAAK,MAAM,EAApE,wDAA2D,CAAS,CAAC;QAE3E,OAAO,IAAI,WAAW,+BACpB,YAAY,EAAE,WAAW,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,EACnD,SAAS,EAAE,QAAQ,EACnB,OAAO,EAAE,MAAM,IACZ,IAAI,KACP,WAAW,EAAE;gBACX,IAAI,EAAE,SAAS,CAAC,IAAI;gBACpB,OAAO,EAAE,SAAS,CAAC,OAAO;aAC3B,IACD,CAAC;KACJ;CACF;MAEY,kBAAkB,GAAG,IAAI,cAAc,CAClD,cAAc;;MCxBH,iBAAiB;IAG5B,YAAoB,QAAkB,EAAE,QAAkB;QAAtC,aAAQ,GAAR,QAAQ,CAAU;QACpC,IAAI;YACF,IAAI,CAAC,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;SACpC;QAAC,WAAM,GAAE;KACX;;;;;;IAOD,aAAa,CAAC,GAAW;QACvB,IAAI,IAAI,CAAC,MAAM,EAAE;YACf,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;YAE/B,OAAO;SACR;QAED,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;KACjC;;;;YAzBF,UAAU,SAAC;gBACV,UAAU,EAAE,MAAM;aACnB;;;YAJQ,QAAQ;YAFI,QAAQ;;;AC4B7B;;;;SAIgB,4BAA4B,CAC1C,GAAuB;IAEvB,OAAO,OAAO,GAAG,KAAK,QAAQ,CAAC;AACjC,CAAC;AAqPD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA2Ca,gBAAgB;IAG3B,YAAmD,MAAmB;QACpE,IAAI,MAAM,EAAE;YACV,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;SAClB;KACF;;;;;IAMD,GAAG,CAAC,MAAkB;QACpB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;KACtB;;;;IAKD,GAAG;QACD,OAAO,IAAI,CAAC,MAAoB,CAAC;KAClC;;;;YAvBF,UAAU,SAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;;4CAInB,QAAQ,YAAI,MAAM,SAAC,iBAAiB;;AAsBnD;;;;;;;;;;;MAWa,iBAAiB,GAAG,IAAI,cAAc,CACjD,sBAAsB;;ACpVxB;;;MAIa,SAAS;IAuFpB,YAAgD,WAAwB;QAAxB,gBAAW,GAAX,WAAW,CAAa;QAtFhE,sBAAiB,GAAG,IAAI,eAAe,CAAU,IAAI,CAAC,CAAC;QACvD,aAAQ,GAAG,IAAI,OAAO,EAAQ,CAAC;QAC/B,iBAAY,GAAG,IAAI,aAAa,CAAS,CAAC,CAAC,CAAC;QAC5C,kBAAa,GAAG,IAAI,aAAa,CAAQ,CAAC,CAAC,CAAC;;;;QAKpC,eAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,CAAC;;;;;QAM3D,wBAAmB,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAClD,IAAI,CACF,CACE,GAAwD,EACxD,OAAsB;YAEtB,OAAO;gBACL,QAAQ,EAAE,GAAG,CAAC,OAAO;gBACrB,OAAO;aACR,CAAC;SACH,EACD,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAClC,EACD,MAAM,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,QAAQ,KAAK,OAAO,CAAC,CACxD,CAAC;;;;;;QAOe,4BAAuB,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAC7D,MAAM,CAAC,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,EAC7B,oBAAoB,EAAE,EACtB,SAAS,CAAC;;;;;;QAMR,KAAK,CACH,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,EAC/C,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAC3B,QAAQ,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,CACnD,EACD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,CAAC,CACvE,CACF,CACF,CAAC;;;;;QAMO,qBAAgB,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAC3D,oBAAoB,EAAE,EACtB,WAAW,CAAC,CAAC,CAAC,CACf,CAAC;;;;QAKO,UAAK,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAChD,SAAS,CAAC,CAAC,aAAa,KACtB,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CACtD,CACF,CAAC;;;;QAKO,mBAAc,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CACzD,SAAS,CAAC,CAAC,aAAa,KACtB,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAC/D,CACF,CAAC;;;;QAKc,WAAM,GAAG,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,CAAC;KAEiB;;;;;IAMrE,YAAY,CAAC,SAAkB;QACpC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;KACxC;;;;;IAMM,OAAO;QACZ,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;KACtB;;;;;IAMM,cAAc,CAAC,WAAmB;QACvC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;KACrC;;;;;IAMM,QAAQ,CAAC,KAAU;QACxB,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;KAChC;;;;YAxHF,UAAU,SAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;;YAvBzB,WAAW,uBA+GL,MAAM,SAAC,kBAAkB;;;MCjE3B,WAAW;IAqCtB,YACsC,WAAwB,EACpD,aAA+B,EAC/B,SAA4B,EAC5B,SAAoB;QAHQ,gBAAW,GAAX,WAAW,CAAa;QACpD,kBAAa,GAAb,aAAa,CAAkB;QAC/B,cAAS,GAAT,SAAS,CAAmB;QAC5B,cAAS,GAAT,SAAS,CAAW;QAxCtB,qBAAgB,GAAG,IAAI,aAAa,CAAY,CAAC,CAAC,CAAC;;QAGnD,mBAAc,GAAG,IAAI,OAAO,EAAQ,CAAC;;;;QAIpC,eAAU,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC;;;;;QAMvC,qBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC;;;;QAKnD,UAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;;;;QAK7B,mBAAc,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC;;;;QAK/C,WAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;;;;;QAM/B,cAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,CAAC;QAQxD,MAAM,uBAAuB,GAAG,CAAC,UAAmB,KAClD,GAAG,CACD,MAAM,UAAU,EAChB,IAAI,CAAC,sBAAsB,EAAE,EAC7B,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,CAAC,CAC7C,CAAC;QAEJ,IAAI,CAAC,oBAAoB,EAAE;aACxB,IAAI,CACH,SAAS,CAAC,CAAC,UAAU,KACnB,uBAAuB,CAAC,UAAU,CAAC,CAAC,IAAI,CACtC,UAAU,CAAC,CAAC,KAAK;YACf,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,IAAI,GAAG,CAAC,CAAC;YACtD,OAAO,EAAE,CAAC,SAAS,CAAC,CAAC;SACtB,CAAC,CACH,CACF,EACD,GAAG,CAAC;YACF,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;SACpC,CAAC,EACF,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAC/B;aACA,SAAS,EAAE,CAAC;KAChB;;;;IAKD,WAAW;;QAET,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;QAC3B,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;KAChC;;;;;;;;;;;;IAaD,iBAAiB,CAAC,OAAyC;QACzD,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC;KAC1D;;;;;;;;;;;;;;;;;;IAmBD,cAAc,CACZ,OAA2B,EAC3B,MAA2B;QAE3B,OAAO,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC;YACpD,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;SAC1B,CAAC,CACH,CAAC;KACH;;;;;;;;;;;;;;;;IAiBD,MAAM,CAAC,OAAuB;QAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC;QAE5D,IAAI,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC;YACrB,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE;gBACtB,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;aAC1B;SACF,CAAC,CAAC;KACJ;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA6CD,sBAAsB,CACpB,UAAmC,EAAE;QAErC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9B,SAAS,CAAC,CAAC,MAAM,KACf,OAAO,CAAC,gBAAgB,KAAK,IAAI;cAC7B,MAAM,CAAC,gBAAgB,iCAAM,OAAO,KAAE,gBAAgB,EAAE,IAAI,IAAG;cAC/D,MAAM,CAAC,gBAAgB,CAAC,OAAO,CAAC,CACrC,EACD,GAAG,CAAC,CAAC,KAAK,KACR,IAAI,CAAC,SAAS,CAAC,cAAc,CAC3B,OAAO,KAAK,KAAK,QAAQ,GAAG,KAAK,GAAG,KAAK,CAAC,YAAY,CACvD,CACF,EACD,UAAU,CAAC,CAAC,KAAK;YACf,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;SAC1B,CAAC,CACH,CAAC;KACH;;;;;;;;;;;;;IAcD,uBAAuB,CACrB,OAAkC;QAElC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9B,SAAS,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,EACxD,GAAG,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EACpD,UAAU,CAAC,CAAC,KAAK;YACf,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;SAC1B,CAAC,CACH,CAAC;KACH;;;;;;;;;;;;;;;IAgBD,sBAAsB,CAAC,GAAY;QACjC,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,sBAAsB,CAAY,GAAG,CAAC,CAAC,CAAC,IAAI,CAC9E,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,EACzC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;;YACtB,IAAI,CAAC,SAAS,EAAE;gBACd,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;aAC1B;YACD,MAAM,QAAQ,GAAG,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,QAAQ,CAAC;YAClC,MAAM,MAAM,GAAG,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,GAAG,CAAC;YAEvC,IAAI,QAAQ,EAAE;gBACZ,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;aACtC;YAED,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;SACtC,CAAC,EACF,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,MAAM,CAAC,CAC1B,CAAC;KACH;;;;;;;;;;;;IAaD,iBAAiB,CAAC,OAA8B;QAC9C,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC;KACjE;;;;;;;;;;IAWD,cAAc,CAAC,OAA0B;QACvC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;KACrD;IAEO,oBAAoB;QAC1B,OAAO,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAC7B,GAAG,CAAC,CAAC,MAAM;YACT,QACE,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACtD,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACzB,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,oBAAoB,EAC9C;SACH,CAAC,CACH,CAAC;KACH;;;;YAzTF,UAAU,SAAC;gBACV,UAAU,EAAE,MAAM;aACnB;;;YA3CC,WAAW,uBAkFR,MAAM,SAAC,kBAAkB;YA9C5B,gBAAgB;YAFT,iBAAiB;YAKjB,SAAS;;;MCzBL,SAAS;IACpB,YAAoB,IAAiB;QAAjB,SAAI,GAAJ,IAAI,CAAa;KAAI;IAEzC,OAAO,CAAC,KAAY,EAAE,QAAsB;QAC1C,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;KACjD;IAED,WAAW,CACT,IAA4B,EAC5B,KAA0B;QAE1B,OAAO,IAAI,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC;KAC9C;IAED,gBAAgB,CACd,UAAkC,EAClC,KAA0B;QAE1B,OAAO,IAAI,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC;KAC9C;IAEO,yBAAyB,CAC/B,KAA0B;QAE1B,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CACpC,GAAG,CAAC,CAAC,QAAQ;YACX,IAAI,CAAC,QAAQ,EAAE;gBACb,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC;oBAC1B,QAAQ,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,GAAG,EAAE;iBAChC,CAAC,CAAC;aACJ;SACF,CAAC,CACH,CAAC;KACH;;;;YApCF,UAAU,SAAC;gBACV,UAAU,EAAE,MAAM;aACnB;;;YAJQ,WAAW;;;MCLP,UAAU;;;;;;IAMrB,OAAO,OAAO,CAAC,MAAmB;QAChC,OAAO;YACL,QAAQ,EAAE,UAAU;YACpB,SAAS,EAAE;gBACT,WAAW;gBACX,SAAS;gBACT;oBACE,OAAO,EAAE,iBAAiB;oBAC1B,QAAQ,EAAE,MAAM;iBACjB;gBACD;oBACE,OAAO,EAAE,kBAAkB;oBAC3B,UAAU,EAAE,kBAAkB,CAAC,YAAY;oBAC3C,IAAI,EAAE,CAAC,gBAAgB,CAAC;iBACzB;aACF;SACF,CAAC;KACH;;;YAxBF,QAAQ;;;MCwBI,mBAAmB;IAC9B,YACU,aAA+B,EACH,WAAwB,EACpD,SAAoB;QAFpB,kBAAa,GAAb,aAAa,CAAkB;QACH,gBAAW,GAAX,WAAW,CAAa;QACpD,cAAS,GAAT,SAAS,CAAW;KAC1B;IAEJ,SAAS,CACP,GAAqB,EACrB,IAAiB;;QAEjB,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC;QACxC,IAAI,EAAC,MAAA,MAAM,CAAC,eAAe,0CAAE,WAAW,CAAA,EAAE;YACxC,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SACzB;QAED,OAAO,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC,IAAI,CAC7D,SAAS,CAAC,CAAC,KAAK,KACd,GAAG;;QAED,MAAM,KAAK,KAAK,IAAI;;;QAGpB,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,CACZ,KAAK,CAAC,cAAc,CAAC,EACrB,SAAS,CACP,CAAC,OAAO;YACN,OAAO,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,IAAI,CAC9C,UAAU,CAAC,CAAC,GAAG;gBACb,IAAI,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE;oBACnC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;iBACf;gBAED,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;gBAC7B,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC;aACxB,CAAC,CACH,CAAC;SACH,CACF,EACD,SAAS,CAAC,CAAC,KAAa;;YAEtB,MAAM,KAAK,GAAG,KAAK;kBACf,GAAG,CAAC,KAAK,CAAC;oBACR,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CACtB,eAAe,EACf,UAAU,KAAK,EAAE,CAClB;iBACF,CAAC;kBACF,GAAG,CAAC;YAER,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAC3B,CAAC,CACH;;;QAGD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CACjB,CACF,CACF,CAAC;KACH;;;;;;IAOO,sBAAsB,CAC5B,OAAiC;QAEjC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9B,SAAS,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,EACvD,GAAG,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EACpD,UAAU,CAAC,CAAC,KAAK;YACf,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;SAC1B,CAAC,CACH,CAAC;KACH;;;;;IAMO,cAAc,CAAC,GAAW;QAChC,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE;YACzB,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;SACvC;QAED,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE;YACzB,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;SACvC;QAED,OAAO,GAAG,CAAC;KACZ;;;;;;;IAQO,cAAc,CACpB,KAAyB,EACzB,OAAyB;QAEzB,MAAM,aAAa,GAAG,CAAC,KAAyB;YAC9C,IAAI,CAAC,KAAK,EAAE;gBACV,OAAO,KAAK,CAAC;aACd;YAED,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAErD,IAAI,KAAK,KAAK,WAAW,EAAE;gBACzB,OAAO,IAAI,CAAC;aACb;;YAGD,QACE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC;gBACvC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EACzD;SACH,CAAC;QAEF,IAAI,4BAA4B,CAAC,KAAK,CAAC,EAAE;YACvC,IAAI,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,UAAU,KAAK,OAAO,CAAC,MAAM,EAAE;gBAC3D,OAAO,KAAK,CAAC;aACd;;YAGD,IAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE;gBACnC,OAAO,CAAC,IAAI,CACV,+EAA+E,CAChF,CAAC;aACH;YAED,OAAO,KAAK,CAAC,UAAU;kBACnB,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC;kBAC7B,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;SAC9B;QAED,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;KAC7B;;;;;;;IAQO,iBAAiB,CACvB,OAAyB,EACzB,MAA6B;QAE7B,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAClC,KAAK,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,CAC5D,CAAC;KACH;IAEO,cAAc,CAAC,KAAgC,EAAE,GAAQ;QAC/D,QACE,CAAC,CAAC,KAAK;YACP,4BAA4B,CAAC,KAAK,CAAC;YACnC,CAAC,CAAC,KAAK,CAAC,cAAc;YACtB,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAC1D;KACH;;;YAtKF,UAAU;;;YAhBT,gBAAgB;YAYT,WAAW,uBAQf,MAAM,SAAC,kBAAkB;YANrB,SAAS;;;AC3BlB;;;;ACAA;;;;;;"}
1
+ {"version":3,"file":"auth0-auth0-angular.js","sources":["../../../projects/auth0-angular/src/useragent.ts","../../../projects/auth0-angular/src/lib/auth.client.ts","../../../projects/auth0-angular/src/lib/abstract-navigator.ts","../../../projects/auth0-angular/src/lib/auth.config.ts","../../../projects/auth0-angular/src/lib/auth.state.ts","../../../projects/auth0-angular/src/lib/auth.service.ts","../../../projects/auth0-angular/src/lib/auth.guard.ts","../../../projects/auth0-angular/src/lib/auth.module.ts","../../../projects/auth0-angular/src/lib/auth.interceptor.ts","../../../projects/auth0-angular/src/public-api.ts","../../../projects/auth0-angular/src/auth0-auth0-angular.ts"],"sourcesContent":["export default { name: '@auth0/auth0-angular', version: '1.10.1' };\n","import { InjectionToken, VERSION } from '@angular/core';\nimport { Auth0Client } from '@auth0/auth0-spa-js';\nimport { AuthClientConfig } from './auth.config';\nimport useragent from '../useragent';\n\nexport class Auth0ClientFactory {\n static createClient(configFactory: AuthClientConfig): Auth0Client {\n const config = configFactory.get();\n\n if (!config) {\n throw new Error(\n 'Configuration must be specified either through AuthModule.forRoot or through AuthClientConfig.set'\n );\n }\n\n const { redirectUri, clientId, maxAge, httpInterceptor, ...rest } = config;\n\n return new Auth0Client({\n redirect_uri: redirectUri || window.location.origin,\n client_id: clientId,\n max_age: maxAge,\n ...rest,\n auth0Client: {\n name: useragent.name,\n version: useragent.version,\n env: {\n 'angular/core': VERSION.full,\n },\n },\n });\n }\n}\n\nexport const Auth0ClientService = new InjectionToken<Auth0Client>(\n 'auth0.client'\n);\n","import { Injectable, Injector } from '@angular/core';\nimport { Router } from '@angular/router';\nimport { Location } from '@angular/common';\n\n@Injectable({\n providedIn: 'root',\n})\nexport class AbstractNavigator {\n private readonly router?: Router;\n\n constructor(private location: Location, injector: Injector) {\n try {\n this.router = injector.get(Router);\n } catch {}\n }\n\n /**\n * Navigates to the specified url. The router will be used if one is available, otherwise it falls back\n * to `window.history.replaceState`.\n * @param url The url to navigate to\n */\n navigateByUrl(url: string): void {\n if (this.router) {\n this.router.navigateByUrl(url);\n\n return;\n }\n\n this.location.replaceState(url);\n }\n}\n","import {\n CacheLocation,\n GetTokenSilentlyOptions,\n ICache,\n} from '@auth0/auth0-spa-js';\n\nimport { InjectionToken, Injectable, Optional, Inject } from '@angular/core';\n\n/**\n * Defines a common set of HTTP methods.\n */\nexport const enum HttpMethod {\n Get = 'GET',\n Post = 'POST',\n Put = 'PUT',\n Patch = 'PATCH',\n Delete = 'DELETE',\n Head = 'HEAD',\n}\n\n/**\n * Defines the type for a route config entry. Can either be:\n *\n * - an object of type HttpInterceptorRouteConfig\n * - a string\n */\nexport type ApiRouteDefinition = HttpInterceptorRouteConfig | string;\n\n/**\n * A custom type guard to help identify route definitions that are actually HttpInterceptorRouteConfig types.\n * @param def The route definition type\n */\nexport function isHttpInterceptorRouteConfig(\n def: ApiRouteDefinition\n): def is HttpInterceptorRouteConfig {\n return typeof def !== 'string';\n}\n\n/**\n * Configuration for the HttpInterceptor\n */\nexport interface HttpInterceptorConfig {\n allowedList: ApiRouteDefinition[];\n}\n\n/**\n * Configuration for a single interceptor route\n */\nexport interface HttpInterceptorRouteConfig {\n /**\n * The URL to test, by supplying the URL to match.\n * If `test` is a match for the current request path from the HTTP client, then\n * an access token is attached to the request in the\n * [\"Authorization\" header](https://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-20#section-2.1).\n *\n * If the test does not pass, the request proceeds without the access token attached.\n *\n * A wildcard character can be used to match only the start of the URL.\n *\n * @usagenotes\n *\n * '/api' - exactly match the route /api\n * '/api/*' - match any route that starts with /api/\n */\n uri?: string;\n\n /**\n * A function that will be called with the HttpRequest.url value, allowing you to do\n * any kind of flexible matching.\n *\n * If this function returns true, then\n * an access token is attached to the request in the\n * [\"Authorization\" header](https://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-20#section-2.1).\n *\n * If it returns false, the request proceeds without the access token attached.\n */\n uriMatcher?: (uri: string) => boolean;\n\n /**\n * The options that are passed to the SDK when retrieving the\n * access token to attach to the outgoing request.\n */\n tokenOptions?: GetTokenSilentlyOptions;\n\n /**\n * The HTTP method to match on. If specified, the HTTP method of\n * the outgoing request will be checked against this. If there is no match, the\n * Authorization header is not attached.\n *\n * The HTTP method name is case-sensitive.\n */\n httpMethod?: HttpMethod | string;\n\n /**\n * Allow the HTTP call to be executed anonymously, when no token is available.\n *\n * When omitted (or set to false), calls that match the configuration will fail when no token is available.\n */\n allowAnonymous?: boolean;\n}\n\n/**\n * Configuration for the authentication service\n */\nexport interface AuthConfig {\n /**\n * Your Auth0 account domain such as `'example.auth0.com'`,\n * `'example.eu.auth0.com'` or , `'example.mycompany.com'`\n * (when using [custom domains](https://auth0.com/docs/custom-domains))\n */\n domain: string;\n\n /**\n * The issuer to be used for validation of JWTs, optionally defaults to the domain above\n */\n issuer?: string;\n\n /**\n * The Client ID found on your Application settings page\n */\n clientId: string;\n\n /**\n * The default URL where Auth0 will redirect your browser to with\n * the authentication result. It must be added to the\n * \"Allowed Callback URLs\" field in your Auth0 Application's\n * settings. If not provided here, it should be provided in the other\n * methods that provide authentication.\n */\n redirectUri?: string;\n\n /**\n * By default, if the page URL has code and state parameters, the SDK will assume they are for\n * an Auth0 application and attempt to exchange the code for a token.\n * In some cases the code might be for something else (e.g. another OAuth SDK). In these\n * instances you can instruct the client to ignore them by setting `skipRedirectCallback`.\n *\n * ```js\n * AuthModule.forRoot({\n * skipRedirectCallback: window.location.pathname === '/other-callback'\n * })\n * ```\n *\n * **Note**: In the above example, `/other-callback` is an existing route that will be called\n * by any other OAuth provider with a `code` (or `error` in case when something went wrong) and `state`.\n *\n */\n skipRedirectCallback?: boolean;\n\n /**\n * The value in seconds used to account for clock skew in JWT expirations.\n * Typically, this value is no more than a minute or two at maximum.\n * Defaults to 60s.\n */\n leeway?: number;\n\n /**\n * The location to use when storing cache data. Valid values are `memory` or `localstorage`.\n * The default setting is `memory`.\n */\n cacheLocation?: CacheLocation;\n\n /**\n * Specify a custom cache implementation to use for token storage and retrieval.\n * This setting takes precedence over `cacheLocation` if they are both specified.\n *\n * Read more about [creating a custom cache](https://github.com/auth0/auth0-spa-js#creating-a-custom-cache)\n */\n cache?: ICache;\n\n /**\n * If true, refresh tokens are used to fetch new access tokens from the Auth0 server.\n * If false, the legacy technique of using a hidden iframe and the `authorization_code` grant with `prompt=none` is used.\n * The default setting is `false`.\n *\n * **Note**: Use of refresh tokens must be enabled by an administrator on your Auth0 client application.\n */\n useRefreshTokens?: boolean;\n\n /**\n * If true, fallback to the technique of using a hidden iframe and the `authorization_code` grant with `prompt=none`\n * when unable to use refresh tokens.\n * The default setting is `true`.\n *\n * **Note**: There might be situations where doing silent auth with a Web Message response from an iframe is not possible,\n * like when you're serving your application from the file system or a custom protocol (like in a Desktop or Native app).\n * In situations like this you can disable the iframe fallback and handle the failed Refresh Grant and prompt\n * the user to login interactively with `loginWithRedirect` or `loginWithPopup`.\"\n *\n * E.g. Using the `file:` protocol in an Electron application does not support that legacy technique.\n *\n * this.authService.getAccessTokenSilently().subscribe({\n * error: (e) => {\n * if (e.error === 'missing_refresh_token' || e.error === 'invalid_grant') {\n * this.authService.loginWithRedirect();\n * }\n * }\n * });\n */\n useRefreshTokensFallback?: boolean;\n\n /**\n * A maximum number of seconds to wait before declaring background calls to /authorize as failed for timeout\n * Defaults to 60s.\n */\n authorizeTimeoutInSeconds?: number;\n\n /**\n * Changes to recommended defaults, like defaultScope\n */\n advancedOptions?: {\n /**\n * The default scope to be included with all requests.\n * If not provided, 'openid profile email' is used. This can be set to `null` in order to effectively remove the default scopes.\n *\n * Note: The `openid` scope is **always applied** regardless of this setting.\n */\n defaultScope?: string;\n };\n\n /**\n * Maximum allowable elapsed time (in seconds) since authentication.\n * If the last time the user authenticated is greater than this value,\n * the user must be reauthenticated.\n */\n maxAge?: string | number;\n\n /**\n * The default scope to be used on authentication requests.\n * The defaultScope defined in the Auth0Client is included\n * along with this scope\n */\n scope?: string;\n\n /**\n * The default audience to be used for requesting API access.\n */\n audience?: string;\n\n /**\n * Configuration for the built-in Http Interceptor, used for\n * automatically attaching access tokens.\n */\n httpInterceptor?: HttpInterceptorConfig;\n\n /**\n * Path in your application to redirect to when the Authorization server\n * returns an error. Defaults to `/`\n */\n errorPath?: string;\n\n /**\n * The Id of an organization to log in to\n *\n * This will specify an `organization` parameter in your user's login request and will add a step to validate\n * the `org_id` claim in your user's ID Token.\n */\n organization?: string;\n\n /**\n * The Id of an invitation to accept.\n *\n * This is available from the user invitation URL that is given when participating in a user invitation flow.\n */\n invitation?: string;\n\n /**\n * The name of the connection configured for your application.\n * If null, it will redirect to the Auth0 Login Page and show\n * the Login Widget.\n */\n connection?: string;\n\n /**\n * Modify the value used as the current time during the token validation.\n *\n * **Note**: Using this improperly can potentially compromise the token validation.\n */\n nowProvider?: () => Promise<number> | number;\n\n /**\n * If you need to send custom parameters to the Authorization Server,\n * make sure to use the original parameter name.\n */\n [key: string]: any;\n}\n\n/**\n * Angular specific state to be stored before redirect\n */\nexport interface AppState {\n /**\n * Target path the app gets routed to after\n * handling the callback from Auth0 (defaults to '/')\n */\n target?: string;\n\n /**\n * Any custom parameter to be stored in appState\n */\n [key: string]: any;\n}\n\n/**\n * Gets and sets configuration for the internal Auth0 client. This can be\n * used to provide configuration outside of using AuthModule.forRoot, i.e. from\n * a factory provided by APP_INITIALIZER.\n *\n * @usage\n *\n * ```js\n * // app.module.ts\n * // ---------------------------\n * import { AuthModule, AuthClientConfig } from '@auth0/auth0-angular';\n *\n * // Provide an initializer function that returns a Promise\n * function configInitializer(\n * http: HttpClient,\n * config: AuthClientConfig\n * ) {\n * return () =>\n * http\n * .get('/config')\n * .toPromise()\n * .then((loadedConfig: any) => config.set(loadedConfig)); // Set the config that was loaded asynchronously here\n * }\n *\n * // Provide APP_INITIALIZER with this function. Note that there is no config passed to AuthModule.forRoot\n * imports: [\n * // other imports..\n *\n * HttpClientModule,\n * AuthModule.forRoot(), //<- don't pass any config here\n * ],\n * providers: [\n * {\n * provide: APP_INITIALIZER,\n * useFactory: configInitializer, // <- pass your initializer function here\n * deps: [HttpClient, AuthClientConfig],\n * multi: true,\n * },\n * ],\n * ```\n *\n */\n@Injectable({ providedIn: 'root' })\nexport class AuthClientConfig {\n private config?: AuthConfig;\n\n constructor(@Optional() @Inject(AuthConfigService) config?: AuthConfig) {\n if (config) {\n this.set(config);\n }\n }\n\n /**\n * Sets configuration to be read by other consumers of the service (see usage notes)\n * @param config The configuration to set\n */\n set(config: AuthConfig): void {\n this.config = config;\n }\n\n /**\n * Gets the config that has been set by other consumers of the service\n */\n get(): AuthConfig {\n return this.config as AuthConfig;\n }\n}\n\n/**\n * Injection token for accessing configuration.\n *\n * @usageNotes\n *\n * Use the `Inject` decorator to access the configuration from a service or component:\n *\n * ```\n * class MyService(@Inject(AuthConfigService) config: AuthConfig) {}\n * ```\n */\nexport const AuthConfigService = new InjectionToken<AuthConfig>(\n 'auth0-angular.config'\n);\n","import { Inject, Injectable } from '@angular/core';\nimport { Auth0Client } from '@auth0/auth0-spa-js';\nimport {\n BehaviorSubject,\n defer,\n merge,\n of,\n ReplaySubject,\n Subject,\n} from 'rxjs';\nimport {\n concatMap,\n distinctUntilChanged,\n filter,\n mergeMap,\n scan,\n shareReplay,\n switchMap,\n} from 'rxjs/operators';\nimport { Auth0ClientService } from './auth.client';\n\n/**\n * Tracks the Authentication State for the SDK\n */\n@Injectable({ providedIn: 'root' })\nexport class AuthState {\n private isLoadingSubject$ = new BehaviorSubject<boolean>(true);\n private refresh$ = new Subject<void>();\n private accessToken$ = new ReplaySubject<string>(1);\n private errorSubject$ = new ReplaySubject<Error>(1);\n\n /**\n * Emits boolean values indicating the loading state of the SDK.\n */\n public readonly isLoading$ = this.isLoadingSubject$.asObservable();\n\n /**\n * Trigger used to pull User information from the Auth0Client.\n * Triggers when the access token has changed.\n */\n private accessTokenTrigger$ = this.accessToken$.pipe(\n scan(\n (\n acc: { current: string | null; previous: string | null },\n current: string | null\n ) => {\n return {\n previous: acc.current,\n current,\n };\n },\n { current: null, previous: null }\n ),\n filter(({ previous, current }) => previous !== current)\n );\n\n /**\n * Trigger used to pull User information from the Auth0Client.\n * Triggers when an event occurs that needs to retrigger the User Profile information.\n * Events: Login, Access Token change and Logout\n */\n private readonly isAuthenticatedTrigger$ = this.isLoading$.pipe(\n filter((loading) => !loading),\n distinctUntilChanged(),\n switchMap(() =>\n // To track the value of isAuthenticated over time, we need to merge:\n // - the current value\n // - the value whenever the access token changes. (this should always be true of there is an access token\n // but it is safer to pass this through this.auth0Client.isAuthenticated() nevertheless)\n // - the value whenever refreshState$ emits\n merge(\n defer(() => this.auth0Client.isAuthenticated()),\n this.accessTokenTrigger$.pipe(\n mergeMap(() => this.auth0Client.isAuthenticated())\n ),\n this.refresh$.pipe(mergeMap(() => this.auth0Client.isAuthenticated()))\n )\n )\n );\n\n /**\n * Emits boolean values indicating the authentication state of the user. If `true`, it means a user has authenticated.\n * This depends on the value of `isLoading$`, so there is no need to manually check the loading state of the SDK.\n */\n readonly isAuthenticated$ = this.isAuthenticatedTrigger$.pipe(\n distinctUntilChanged(),\n shareReplay(1)\n );\n\n /**\n * Emits details about the authenticated user, or null if not authenticated.\n */\n readonly user$ = this.isAuthenticatedTrigger$.pipe(\n concatMap((authenticated) =>\n authenticated ? this.auth0Client.getUser() : of(null)\n )\n );\n\n /**\n * Emits ID token claims when authenticated, or null if not authenticated.\n */\n readonly idTokenClaims$ = this.isAuthenticatedTrigger$.pipe(\n concatMap((authenticated) =>\n authenticated ? this.auth0Client.getIdTokenClaims() : of(null)\n )\n );\n\n /**\n * Emits errors that occur during login, or when checking for an active session on startup.\n */\n public readonly error$ = this.errorSubject$.asObservable();\n\n constructor(@Inject(Auth0ClientService) private auth0Client: Auth0Client) {}\n\n /**\n * Update the isLoading state using the provided value\n * @param isLoading The new value for isLoading\n */\n public setIsLoading(isLoading: boolean): void {\n this.isLoadingSubject$.next(isLoading);\n }\n\n /**\n * Refresh the state to ensure the `isAuthenticated`, `user$` and `idTokenClaims$`\n * reflect the most up-to-date values from Auth0Client.\n */\n public refresh(): void {\n this.refresh$.next();\n }\n\n /**\n * Update the access token, doing so will also refresh the state.\n * @param accessToken The new Access Token\n */\n public setAccessToken(accessToken: string): void {\n this.accessToken$.next(accessToken);\n }\n\n /**\n * Emits the error in the `error$` observable.\n * @param error The new error\n */\n public setError(error: any): void {\n this.errorSubject$.next(error);\n }\n}\n","import { Injectable, Inject, OnDestroy } from '@angular/core';\n\nimport {\n Auth0Client,\n RedirectLoginOptions,\n PopupLoginOptions,\n PopupConfigOptions,\n LogoutOptions,\n GetTokenSilentlyOptions,\n GetTokenWithPopupOptions,\n RedirectLoginResult,\n LogoutUrlOptions,\n GetTokenSilentlyVerboseResponse,\n GetUserOptions,\n User,\n GetIdTokenClaimsOptions,\n IdToken,\n} from '@auth0/auth0-spa-js';\n\nimport {\n of,\n from,\n Subject,\n Observable,\n iif,\n defer,\n ReplaySubject,\n throwError,\n} from 'rxjs';\n\nimport {\n concatMap,\n tap,\n map,\n takeUntil,\n catchError,\n switchMap,\n withLatestFrom,\n} from 'rxjs/operators';\n\nimport { Auth0ClientService } from './auth.client';\nimport { AbstractNavigator } from './abstract-navigator';\nimport { AuthClientConfig, AppState } from './auth.config';\nimport { AuthState } from './auth.state';\n\n@Injectable({\n providedIn: 'root',\n})\nexport class AuthService<TAppState extends AppState = AppState>\n implements OnDestroy {\n private appStateSubject$ = new ReplaySubject<TAppState>(1);\n\n // https://stackoverflow.com/a/41177163\n private ngUnsubscribe$ = new Subject<void>();\n /**\n * Emits boolean values indicating the loading state of the SDK.\n */\n readonly isLoading$ = this.authState.isLoading$;\n\n /**\n * Emits boolean values indicating the authentication state of the user. If `true`, it means a user has authenticated.\n * This depends on the value of `isLoading$`, so there is no need to manually check the loading state of the SDK.\n */\n readonly isAuthenticated$ = this.authState.isAuthenticated$;\n\n /**\n * Emits details about the authenticated user, or null if not authenticated.\n */\n readonly user$ = this.authState.user$;\n\n /**\n * Emits ID token claims when authenticated, or null if not authenticated.\n */\n readonly idTokenClaims$ = this.authState.idTokenClaims$;\n\n /**\n * Emits errors that occur during login, or when checking for an active session on startup.\n */\n readonly error$ = this.authState.error$;\n\n /**\n * Emits the value (if any) that was passed to the `loginWithRedirect` method call\n * but only **after** `handleRedirectCallback` is first called\n */\n readonly appState$ = this.appStateSubject$.asObservable();\n\n constructor(\n @Inject(Auth0ClientService) private auth0Client: Auth0Client,\n private configFactory: AuthClientConfig,\n private navigator: AbstractNavigator,\n private authState: AuthState\n ) {\n const checkSessionOrCallback$ = (isCallback: boolean) =>\n iif(\n () => isCallback,\n this.handleRedirectCallback(),\n defer(() => this.auth0Client.checkSession())\n );\n\n this.shouldHandleCallback()\n .pipe(\n switchMap((isCallback) =>\n checkSessionOrCallback$(isCallback).pipe(\n catchError((error) => {\n const config = this.configFactory.get();\n this.navigator.navigateByUrl(config.errorPath || '/');\n this.authState.setError(error);\n return of(undefined);\n })\n )\n ),\n tap(() => {\n this.authState.setIsLoading(false);\n }),\n takeUntil(this.ngUnsubscribe$)\n )\n .subscribe();\n }\n\n /**\n * Called when the service is destroyed\n */\n ngOnDestroy(): void {\n // https://stackoverflow.com/a/41177163\n this.ngUnsubscribe$.next();\n this.ngUnsubscribe$.complete();\n }\n\n /**\n * ```js\n * loginWithRedirect(options);\n * ```\n *\n * Performs a redirect to `/authorize` using the parameters\n * provided as arguments. Random and secure `state` and `nonce`\n * parameters will be auto-generated.\n *\n * @param options The login options\n */\n loginWithRedirect(\n options?: RedirectLoginOptions<TAppState>\n ): Observable<void> {\n return from(this.auth0Client.loginWithRedirect(options));\n }\n\n /**\n * ```js\n * await loginWithPopup(options);\n * ```\n *\n * Opens a popup with the `/authorize` URL using the parameters\n * provided as arguments. Random and secure `state` and `nonce`\n * parameters will be auto-generated. If the response is successful,\n * results will be valid according to their expiration times.\n *\n * IMPORTANT: This method has to be called from an event handler\n * that was started by the user like a button click, for example,\n * otherwise the popup will be blocked in most browsers.\n *\n * @param options The login options\n * @param config Configuration for the popup window\n */\n loginWithPopup(\n options?: PopupLoginOptions,\n config?: PopupConfigOptions\n ): Observable<void> {\n return from(\n this.auth0Client.loginWithPopup(options, config).then(() => {\n this.authState.refresh();\n })\n );\n }\n\n /**\n * ```js\n * logout();\n * ```\n *\n * Clears the application session and performs a redirect to `/v2/logout`, using\n * the parameters provided as arguments, to clear the Auth0 session.\n * If the `federated` option is specified it also clears the Identity Provider session.\n * If the `localOnly` option is specified, it only clears the application session.\n * It is invalid to set both the `federated` and `localOnly` options to `true`,\n * and an error will be thrown if you do.\n * [Read more about how Logout works at Auth0](https://auth0.com/docs/logout).\n *\n * @param options The logout options\n */\n logout(options?: LogoutOptions): void {\n const logout = this.auth0Client.logout(options) || of(null);\n\n from(logout).subscribe(() => {\n if (options?.localOnly) {\n this.authState.refresh();\n }\n });\n }\n\n /**\n * Fetches a new access token and returns the response from the /oauth/token endpoint, omitting the refresh token.\n *\n * @param options The options for configuring the token fetch.\n */\n getAccessTokenSilently(\n options: GetTokenSilentlyOptions & { detailedResponse: true }\n ): Observable<GetTokenSilentlyVerboseResponse>;\n\n /**\n * Fetches a new access token and returns it.\n *\n * @param options The options for configuring the token fetch.\n */\n getAccessTokenSilently(options?: GetTokenSilentlyOptions): Observable<string>;\n\n /**\n * ```js\n * getAccessTokenSilently(options).subscribe(token => ...)\n * ```\n *\n * If there's a valid token stored, return it. Otherwise, opens an\n * iframe with the `/authorize` URL using the parameters provided\n * as arguments. Random and secure `state` and `nonce` parameters\n * will be auto-generated. If the response is successful, results\n * will be valid according to their expiration times.\n *\n * If refresh tokens are used, the token endpoint is called directly with the\n * 'refresh_token' grant. If no refresh token is available to make this call,\n * the SDK falls back to using an iframe to the '/authorize' URL.\n *\n * This method may use a web worker to perform the token call if the in-memory\n * cache is used.\n *\n * If an `audience` value is given to this function, the SDK always falls\n * back to using an iframe to make the token exchange.\n *\n * Note that in all cases, falling back to an iframe requires access to\n * the `auth0` cookie, and thus will not work in browsers that block third-party\n * cookies by default (Safari, Brave, etc).\n *\n * @param options The options for configuring the token fetch.\n */\n getAccessTokenSilently(\n options: GetTokenSilentlyOptions = {}\n ): Observable<string | GetTokenSilentlyVerboseResponse> {\n return of(this.auth0Client).pipe(\n concatMap((client) =>\n options.detailedResponse === true\n ? client.getTokenSilently({ ...options, detailedResponse: true })\n : client.getTokenSilently(options)\n ),\n tap((token) =>\n this.authState.setAccessToken(\n typeof token === 'string' ? token : token.access_token\n )\n ),\n catchError((error) => {\n this.authState.setError(error);\n this.authState.refresh();\n return throwError(error);\n })\n );\n }\n\n /**\n * ```js\n * getTokenWithPopup(options).subscribe(token => ...)\n * ```\n *\n * Get an access token interactively.\n *\n * Opens a popup with the `/authorize` URL using the parameters\n * provided as arguments. Random and secure `state` and `nonce`\n * parameters will be auto-generated. If the response is successful,\n * results will be valid according to their expiration times.\n */\n getAccessTokenWithPopup(\n options?: GetTokenWithPopupOptions\n ): Observable<string> {\n return of(this.auth0Client).pipe(\n concatMap((client) => client.getTokenWithPopup(options)),\n tap((token) => this.authState.setAccessToken(token)),\n catchError((error) => {\n this.authState.setError(error);\n this.authState.refresh();\n return throwError(error);\n })\n );\n }\n\n /**\n * ```js\n * getUser(options).subscribe(user => ...);\n * ```\n *\n * Returns the user information if available (decoded\n * from the `id_token`).\n *\n * If you provide an audience or scope, they should match an existing Access Token\n * (the SDK stores a corresponding ID Token with every Access Token, and uses the\n * scope and audience to look up the ID Token)\n *\n * @remarks\n *\n * The returned observable will emit once and then complete.\n *\n * @typeparam TUser The type to return, has to extend {@link User}.\n * @param options The options to get the user\n */\n getUser<TUser extends User>(\n options?: GetUserOptions\n ): Observable<TUser | undefined> {\n return defer(() => this.auth0Client.getUser<TUser>(options));\n }\n\n /**\n * ```js\n * getIdTokenClaims(options).subscribe(claims => ...);\n * ```\n *\n * Returns all claims from the id_token if available.\n *\n * If you provide an audience or scope, they should match an existing Access Token\n * (the SDK stores a corresponding ID Token with every Access Token, and uses the\n * scope and audience to look up the ID Token)\n *\n * @remarks\n *\n * The returned observable will emit once and then complete.\n *\n * @param options The options to get the Id token claims\n */\n getIdTokenClaims(\n options?: GetIdTokenClaimsOptions\n ): Observable<IdToken | undefined> {\n return defer(() => this.auth0Client.getIdTokenClaims(options));\n }\n\n /**\n * ```js\n * handleRedirectCallback(url).subscribe(result => ...)\n * ```\n *\n * After the browser redirects back to the callback page,\n * call `handleRedirectCallback` to handle success and error\n * responses from Auth0. If the response is successful, results\n * will be valid according to their expiration times.\n *\n * Calling this method also refreshes the authentication and user states.\n *\n * @param url The URL to that should be used to retrieve the `state` and `code` values. Defaults to `window.location.href` if not given.\n */\n handleRedirectCallback(\n url?: string\n ): Observable<RedirectLoginResult<TAppState>> {\n return defer(() =>\n this.auth0Client.handleRedirectCallback<TAppState>(url)\n ).pipe(\n withLatestFrom(this.authState.isLoading$),\n tap(([result, isLoading]) => {\n if (!isLoading) {\n this.authState.refresh();\n }\n const appState = result?.appState;\n const target = appState?.target ?? '/';\n\n if (appState) {\n this.appStateSubject$.next(appState);\n }\n\n this.navigator.navigateByUrl(target);\n }),\n map(([result]) => result)\n );\n }\n\n /**\n * ```js\n * buildAuthorizeUrl().subscribe(url => ...)\n * ```\n *\n * Builds an `/authorize` URL for loginWithRedirect using the parameters\n * provided as arguments. Random and secure `state` and `nonce`\n * parameters will be auto-generated.\n * @param options The options\n * @returns A URL to the authorize endpoint\n */\n buildAuthorizeUrl(options?: RedirectLoginOptions): Observable<string> {\n return defer(() => this.auth0Client.buildAuthorizeUrl(options));\n }\n\n /**\n * ```js\n * buildLogoutUrl().subscribe(url => ...)\n * ```\n * Builds a URL to the logout endpoint.\n *\n * @param options The options used to configure the parameters that appear in the logout endpoint URL.\n * @returns a URL to the logout endpoint using the parameters provided as arguments.\n */\n buildLogoutUrl(options?: LogoutUrlOptions): Observable<string> {\n return of(this.auth0Client.buildLogoutUrl(options));\n }\n\n private shouldHandleCallback(): Observable<boolean> {\n return of(location.search).pipe(\n map((search) => {\n return (\n (search.includes('code=') || search.includes('error=')) &&\n search.includes('state=') &&\n !this.configFactory.get().skipRedirectCallback\n );\n })\n );\n }\n}\n","import { Injectable } from '@angular/core';\nimport {\n ActivatedRouteSnapshot,\n RouterStateSnapshot,\n CanActivate,\n CanLoad,\n Route,\n UrlSegment,\n CanActivateChild,\n} from '@angular/router';\nimport { Observable } from 'rxjs';\nimport { tap, take } from 'rxjs/operators';\nimport { AuthService } from './auth.service';\n\n@Injectable({\n providedIn: 'root',\n})\nexport class AuthGuard implements CanActivate, CanLoad, CanActivateChild {\n constructor(private auth: AuthService) {}\n\n canLoad(route: Route, segments: UrlSegment[]): Observable<boolean> {\n return this.auth.isAuthenticated$.pipe(take(1));\n }\n\n canActivate(\n next: ActivatedRouteSnapshot,\n state: RouterStateSnapshot\n ): Observable<boolean> {\n return this.redirectIfUnauthenticated(state);\n }\n\n canActivateChild(\n childRoute: ActivatedRouteSnapshot,\n state: RouterStateSnapshot\n ): Observable<boolean> {\n return this.redirectIfUnauthenticated(state);\n }\n\n private redirectIfUnauthenticated(\n state: RouterStateSnapshot\n ): Observable<boolean> {\n return this.auth.isAuthenticated$.pipe(\n tap((loggedIn) => {\n if (!loggedIn) {\n this.auth.loginWithRedirect({\n appState: { target: state.url },\n });\n }\n })\n );\n }\n}\n","import { NgModule, ModuleWithProviders } from '@angular/core';\nimport { AuthService } from './auth.service';\nimport { AuthConfig, AuthConfigService, AuthClientConfig } from './auth.config';\nimport { Auth0ClientService, Auth0ClientFactory } from './auth.client';\nimport { AuthGuard } from './auth.guard';\n\n@NgModule()\nexport class AuthModule {\n /**\n * Initialize the authentication module system. Configuration can either be specified here,\n * or by calling AuthClientConfig.set (perhaps from an APP_INITIALIZER factory function).\n * @param config The optional configuration for the SDK.\n */\n static forRoot(config?: AuthConfig): ModuleWithProviders<AuthModule> {\n return {\n ngModule: AuthModule,\n providers: [\n AuthService,\n AuthGuard,\n {\n provide: AuthConfigService,\n useValue: config,\n },\n {\n provide: Auth0ClientService,\n useFactory: Auth0ClientFactory.createClient,\n deps: [AuthClientConfig],\n },\n ],\n };\n }\n}\n","import {\n HttpInterceptor,\n HttpRequest,\n HttpHandler,\n HttpEvent,\n} from '@angular/common/http';\n\nimport { Observable, from, of, iif, throwError } from 'rxjs';\nimport { Inject, Injectable } from '@angular/core';\n\nimport {\n ApiRouteDefinition,\n isHttpInterceptorRouteConfig,\n AuthClientConfig,\n HttpInterceptorConfig,\n} from './auth.config';\n\nimport {\n switchMap,\n first,\n concatMap,\n pluck,\n catchError,\n tap,\n} from 'rxjs/operators';\nimport { Auth0Client, GetTokenSilentlyOptions } from '@auth0/auth0-spa-js';\nimport { Auth0ClientService } from './auth.client';\nimport { AuthState } from './auth.state';\n\n@Injectable()\nexport class AuthHttpInterceptor implements HttpInterceptor {\n constructor(\n private configFactory: AuthClientConfig,\n @Inject(Auth0ClientService) private auth0Client: Auth0Client,\n private authState: AuthState\n ) {}\n\n intercept(\n req: HttpRequest<any>,\n next: HttpHandler\n ): Observable<HttpEvent<any>> {\n const config = this.configFactory.get();\n if (!config.httpInterceptor?.allowedList) {\n return next.handle(req);\n }\n\n return this.findMatchingRoute(req, config.httpInterceptor).pipe(\n concatMap((route) =>\n iif(\n // Check if a route was matched\n () => route !== null,\n // If we have a matching route, call getTokenSilently and attach the token to the\n // outgoing request\n of(route).pipe(\n pluck('tokenOptions'),\n concatMap<GetTokenSilentlyOptions, Observable<string>>(\n (options) => {\n return this.getAccessTokenSilently(options).pipe(\n catchError((err) => {\n if (this.allowAnonymous(route, err)) {\n return of('');\n }\n\n this.authState.setError(err);\n return throwError(err);\n })\n );\n }\n ),\n switchMap((token: string) => {\n // Clone the request and attach the bearer token\n const clone = token\n ? req.clone({\n headers: req.headers.set(\n 'Authorization',\n `Bearer ${token}`\n ),\n })\n : req;\n\n return next.handle(clone);\n })\n ),\n // If the URI being called was not found in our httpInterceptor config, simply\n // pass the request through without attaching a token\n next.handle(req)\n )\n )\n );\n }\n\n /**\n * Duplicate of AuthService.getAccessTokenSilently, but with a slightly different error handling.\n * Only used internally in the interceptor.\n * @param options The options for configuring the token fetch.\n */\n private getAccessTokenSilently(\n options?: GetTokenSilentlyOptions\n ): Observable<string> {\n return of(this.auth0Client).pipe(\n concatMap((client) => client.getTokenSilently(options)),\n tap((token) => this.authState.setAccessToken(token)),\n catchError((error) => {\n this.authState.refresh();\n return throwError(error);\n })\n );\n }\n\n /**\n * Strips the query and fragment from the given uri\n * @param uri The uri to remove the query and fragment from\n */\n private stripQueryFrom(uri: string): string {\n if (uri.indexOf('?') > -1) {\n uri = uri.substr(0, uri.indexOf('?'));\n }\n\n if (uri.indexOf('#') > -1) {\n uri = uri.substr(0, uri.indexOf('#'));\n }\n\n return uri;\n }\n\n /**\n * Determines whether the specified route can have an access token attached to it, based on matching the HTTP request against\n * the interceptor route configuration.\n * @param route The route to test\n * @param request The HTTP request\n */\n private canAttachToken(\n route: ApiRouteDefinition,\n request: HttpRequest<any>\n ): boolean {\n const testPrimitive = (value: string | undefined): boolean => {\n if (!value) {\n return false;\n }\n\n const requestPath = this.stripQueryFrom(request.url);\n\n if (value === requestPath) {\n return true;\n }\n\n // If the URL ends with an asterisk, match using startsWith.\n return (\n value.indexOf('*') === value.length - 1 &&\n request.url.startsWith(value.substr(0, value.length - 1))\n );\n };\n\n if (isHttpInterceptorRouteConfig(route)) {\n if (route.httpMethod && route.httpMethod !== request.method) {\n return false;\n }\n\n /* istanbul ignore if */\n if (!route.uri && !route.uriMatcher) {\n console.warn(\n 'Either a uri or uriMatcher is required when configuring the HTTP interceptor.'\n );\n }\n\n return route.uriMatcher\n ? route.uriMatcher(request.url)\n : testPrimitive(route.uri);\n }\n\n return testPrimitive(route);\n }\n\n /**\n * Tries to match a route from the SDK configuration to the HTTP request.\n * If a match is found, the route configuration is returned.\n * @param request The Http request\n * @param config HttpInterceptorConfig\n */\n private findMatchingRoute(\n request: HttpRequest<any>,\n config: HttpInterceptorConfig\n ): Observable<ApiRouteDefinition | null> {\n return from(config.allowedList).pipe(\n first((route) => this.canAttachToken(route, request), null)\n );\n }\n\n private allowAnonymous(route: ApiRouteDefinition | null, err: any): boolean {\n return (\n !!route &&\n isHttpInterceptorRouteConfig(route) &&\n !!route.allowAnonymous &&\n ['login_required', 'consent_required'].includes(err.error)\n );\n }\n}\n","/*\n * Public API Surface of auth0-angular\n */\n\nexport * from './lib/auth.service';\nexport * from './lib/auth.module';\nexport * from './lib/auth.guard';\nexport * from './lib/auth.interceptor';\nexport * from './lib/auth.config';\nexport * from './lib/auth.client';\nexport * from './lib/auth.state';\n\nexport {\n ICache,\n Cacheable,\n LocalStorageCache,\n InMemoryCache,\n IdToken,\n User\n} from '@auth0/auth0-spa-js';\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n\nexport {AbstractNavigator as ɵa} from './lib/abstract-navigator';"],"names":[],"mappings":";;;;;;;;;;;AAAA,gBAAe,EAAE,IAAI,EAAE,sBAAsB,EAAE,OAAO,EAAE,QAAQ,EAAE;;MCKrD,kBAAkB;IAC7B,OAAO,YAAY,CAAC,aAA+B;QACjD,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,EAAE,CAAC;QAEnC,IAAI,CAAC,MAAM,EAAE;YACX,MAAM,IAAI,KAAK,CACb,mGAAmG,CACpG,CAAC;SACH;QAED,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,eAAe,KAAc,MAAM,EAAf,IAAI,UAAK,MAAM,EAApE,wDAA2D,CAAS,CAAC;QAE3E,OAAO,IAAI,WAAW,+BACpB,YAAY,EAAE,WAAW,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,EACnD,SAAS,EAAE,QAAQ,EACnB,OAAO,EAAE,MAAM,IACZ,IAAI,KACP,WAAW,EAAE;gBACX,IAAI,EAAE,SAAS,CAAC,IAAI;gBACpB,OAAO,EAAE,SAAS,CAAC,OAAO;gBAC1B,GAAG,EAAE;oBACH,cAAc,EAAE,OAAO,CAAC,IAAI;iBAC7B;aACF,IACD,CAAC;KACJ;CACF;MAEY,kBAAkB,GAAG,IAAI,cAAc,CAClD,cAAc;;MC3BH,iBAAiB;IAG5B,YAAoB,QAAkB,EAAE,QAAkB;QAAtC,aAAQ,GAAR,QAAQ,CAAU;QACpC,IAAI;YACF,IAAI,CAAC,MAAM,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;SACpC;QAAC,WAAM,GAAE;KACX;;;;;;IAOD,aAAa,CAAC,GAAW;QACvB,IAAI,IAAI,CAAC,MAAM,EAAE;YACf,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;YAE/B,OAAO;SACR;QAED,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;KACjC;;;;YAzBF,UAAU,SAAC;gBACV,UAAU,EAAE,MAAM;aACnB;;;YAJQ,QAAQ;YAFI,QAAQ;;;AC4B7B;;;;SAIgB,4BAA4B,CAC1C,GAAuB;IAEvB,OAAO,OAAO,GAAG,KAAK,QAAQ,CAAC;AACjC,CAAC;AA2QD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA2Ca,gBAAgB;IAG3B,YAAmD,MAAmB;QACpE,IAAI,MAAM,EAAE;YACV,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;SAClB;KACF;;;;;IAMD,GAAG,CAAC,MAAkB;QACpB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;KACtB;;;;IAKD,GAAG;QACD,OAAO,IAAI,CAAC,MAAoB,CAAC;KAClC;;;;YAvBF,UAAU,SAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;;4CAInB,QAAQ,YAAI,MAAM,SAAC,iBAAiB;;AAsBnD;;;;;;;;;;;MAWa,iBAAiB,GAAG,IAAI,cAAc,CACjD,sBAAsB;;AC1WxB;;;MAIa,SAAS;IAuFpB,YAAgD,WAAwB;QAAxB,gBAAW,GAAX,WAAW,CAAa;QAtFhE,sBAAiB,GAAG,IAAI,eAAe,CAAU,IAAI,CAAC,CAAC;QACvD,aAAQ,GAAG,IAAI,OAAO,EAAQ,CAAC;QAC/B,iBAAY,GAAG,IAAI,aAAa,CAAS,CAAC,CAAC,CAAC;QAC5C,kBAAa,GAAG,IAAI,aAAa,CAAQ,CAAC,CAAC,CAAC;;;;QAKpC,eAAU,GAAG,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,CAAC;;;;;QAM3D,wBAAmB,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAClD,IAAI,CACF,CACE,GAAwD,EACxD,OAAsB;YAEtB,OAAO;gBACL,QAAQ,EAAE,GAAG,CAAC,OAAO;gBACrB,OAAO;aACR,CAAC;SACH,EACD,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAClC,EACD,MAAM,CAAC,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,QAAQ,KAAK,OAAO,CAAC,CACxD,CAAC;;;;;;QAOe,4BAAuB,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAC7D,MAAM,CAAC,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,EAC7B,oBAAoB,EAAE,EACtB,SAAS,CAAC;;;;;;QAMR,KAAK,CACH,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,EAC/C,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAC3B,QAAQ,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,CACnD,EACD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,CAAC,CACvE,CACF,CACF,CAAC;;;;;QAMO,qBAAgB,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAC3D,oBAAoB,EAAE,EACtB,WAAW,CAAC,CAAC,CAAC,CACf,CAAC;;;;QAKO,UAAK,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAChD,SAAS,CAAC,CAAC,aAAa,KACtB,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CACtD,CACF,CAAC;;;;QAKO,mBAAc,GAAG,IAAI,CAAC,uBAAuB,CAAC,IAAI,CACzD,SAAS,CAAC,CAAC,aAAa,KACtB,aAAa,GAAG,IAAI,CAAC,WAAW,CAAC,gBAAgB,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,CAC/D,CACF,CAAC;;;;QAKc,WAAM,GAAG,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,CAAC;KAEiB;;;;;IAMrE,YAAY,CAAC,SAAkB;QACpC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;KACxC;;;;;IAMM,OAAO;QACZ,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;KACtB;;;;;IAMM,cAAc,CAAC,WAAmB;QACvC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;KACrC;;;;;IAMM,QAAQ,CAAC,KAAU;QACxB,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;KAChC;;;;YAxHF,UAAU,SAAC,EAAE,UAAU,EAAE,MAAM,EAAE;;;YAvBzB,WAAW,uBA+GL,MAAM,SAAC,kBAAkB;;;MChE3B,WAAW;IAsCtB,YACsC,WAAwB,EACpD,aAA+B,EAC/B,SAA4B,EAC5B,SAAoB;QAHQ,gBAAW,GAAX,WAAW,CAAa;QACpD,kBAAa,GAAb,aAAa,CAAkB;QAC/B,cAAS,GAAT,SAAS,CAAmB;QAC5B,cAAS,GAAT,SAAS,CAAW;QAxCtB,qBAAgB,GAAG,IAAI,aAAa,CAAY,CAAC,CAAC,CAAC;;QAGnD,mBAAc,GAAG,IAAI,OAAO,EAAQ,CAAC;;;;QAIpC,eAAU,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC;;;;;QAMvC,qBAAgB,GAAG,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC;;;;QAKnD,UAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC;;;;QAK7B,mBAAc,GAAG,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC;;;;QAK/C,WAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;;;;;QAM/B,cAAS,GAAG,IAAI,CAAC,gBAAgB,CAAC,YAAY,EAAE,CAAC;QAQxD,MAAM,uBAAuB,GAAG,CAAC,UAAmB,KAClD,GAAG,CACD,MAAM,UAAU,EAChB,IAAI,CAAC,sBAAsB,EAAE,EAC7B,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,CAAC,CAC7C,CAAC;QAEJ,IAAI,CAAC,oBAAoB,EAAE;aACxB,IAAI,CACH,SAAS,CAAC,CAAC,UAAU,KACnB,uBAAuB,CAAC,UAAU,CAAC,CAAC,IAAI,CACtC,UAAU,CAAC,CAAC,KAAK;YACf,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC;YACxC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,IAAI,GAAG,CAAC,CAAC;YACtD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC/B,OAAO,EAAE,CAAC,SAAS,CAAC,CAAC;SACtB,CAAC,CACH,CACF,EACD,GAAG,CAAC;YACF,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;SACpC,CAAC,EACF,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC,CAC/B;aACA,SAAS,EAAE,CAAC;KAChB;;;;IAKD,WAAW;;QAET,IAAI,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;QAC3B,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;KAChC;;;;;;;;;;;;IAaD,iBAAiB,CACf,OAAyC;QAEzC,OAAO,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC;KAC1D;;;;;;;;;;;;;;;;;;IAmBD,cAAc,CACZ,OAA2B,EAC3B,MAA2B;QAE3B,OAAO,IAAI,CACT,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC;YACpD,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;SAC1B,CAAC,CACH,CAAC;KACH;;;;;;;;;;;;;;;;IAiBD,MAAM,CAAC,OAAuB;QAC5B,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC;QAE5D,IAAI,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC;YACrB,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,SAAS,EAAE;gBACtB,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;aAC1B;SACF,CAAC,CAAC;KACJ;;;;;;;;;;;;;;;;;;;;;;;;;;;;IA6CD,sBAAsB,CACpB,UAAmC,EAAE;QAErC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9B,SAAS,CAAC,CAAC,MAAM,KACf,OAAO,CAAC,gBAAgB,KAAK,IAAI;cAC7B,MAAM,CAAC,gBAAgB,iCAAM,OAAO,KAAE,gBAAgB,EAAE,IAAI,IAAG;cAC/D,MAAM,CAAC,gBAAgB,CAAC,OAAO,CAAC,CACrC,EACD,GAAG,CAAC,CAAC,KAAK,KACR,IAAI,CAAC,SAAS,CAAC,cAAc,CAC3B,OAAO,KAAK,KAAK,QAAQ,GAAG,KAAK,GAAG,KAAK,CAAC,YAAY,CACvD,CACF,EACD,UAAU,CAAC,CAAC,KAAK;YACf,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;SAC1B,CAAC,CACH,CAAC;KACH;;;;;;;;;;;;;IAcD,uBAAuB,CACrB,OAAkC;QAElC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9B,SAAS,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,EACxD,GAAG,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EACpD,UAAU,CAAC,CAAC,KAAK;YACf,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;SAC1B,CAAC,CACH,CAAC;KACH;;;;;;;;;;;;;;;;;;;;IAqBD,OAAO,CACL,OAAwB;QAExB,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAQ,OAAO,CAAC,CAAC,CAAC;KAC9D;;;;;;;;;;;;;;;;;;IAmBD,gBAAgB,CACd,OAAiC;QAEjC,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;KAChE;;;;;;;;;;;;;;;IAgBD,sBAAsB,CACpB,GAAY;QAEZ,OAAO,KAAK,CAAC,MACX,IAAI,CAAC,WAAW,CAAC,sBAAsB,CAAY,GAAG,CAAC,CACxD,CAAC,IAAI,CACJ,cAAc,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,EACzC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC;;YACtB,IAAI,CAAC,SAAS,EAAE;gBACd,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;aAC1B;YACD,MAAM,QAAQ,GAAG,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,QAAQ,CAAC;YAClC,MAAM,MAAM,GAAG,MAAA,QAAQ,aAAR,QAAQ,uBAAR,QAAQ,CAAE,MAAM,mCAAI,GAAG,CAAC;YAEvC,IAAI,QAAQ,EAAE;gBACZ,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;aACtC;YAED,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;SACtC,CAAC,EACF,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,MAAM,CAAC,CAC1B,CAAC;KACH;;;;;;;;;;;;IAaD,iBAAiB,CAAC,OAA8B;QAC9C,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC;KACjE;;;;;;;;;;IAWD,cAAc,CAAC,OAA0B;QACvC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC;KACrD;IAEO,oBAAoB;QAC1B,OAAO,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAC7B,GAAG,CAAC,CAAC,MAAM;YACT,QACE,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACtD,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACzB,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC,oBAAoB,EAC9C;SACH,CAAC,CACH,CAAC;KACH;;;;YAhXF,UAAU,SAAC;gBACV,UAAU,EAAE,MAAM;aACnB;;;YA5CC,WAAW,uBAoFR,MAAM,SAAC,kBAAkB;YA7CrB,gBAAgB;YADhB,iBAAiB;YAEjB,SAAS;;;MC1BL,SAAS;IACpB,YAAoB,IAAiB;QAAjB,SAAI,GAAJ,IAAI,CAAa;KAAI;IAEzC,OAAO,CAAC,KAAY,EAAE,QAAsB;QAC1C,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;KACjD;IAED,WAAW,CACT,IAA4B,EAC5B,KAA0B;QAE1B,OAAO,IAAI,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC;KAC9C;IAED,gBAAgB,CACd,UAAkC,EAClC,KAA0B;QAE1B,OAAO,IAAI,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAC;KAC9C;IAEO,yBAAyB,CAC/B,KAA0B;QAE1B,OAAO,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CACpC,GAAG,CAAC,CAAC,QAAQ;YACX,IAAI,CAAC,QAAQ,EAAE;gBACb,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC;oBAC1B,QAAQ,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,GAAG,EAAE;iBAChC,CAAC,CAAC;aACJ;SACF,CAAC,CACH,CAAC;KACH;;;;YApCF,UAAU,SAAC;gBACV,UAAU,EAAE,MAAM;aACnB;;;YAJQ,WAAW;;;MCLP,UAAU;;;;;;IAMrB,OAAO,OAAO,CAAC,MAAmB;QAChC,OAAO;YACL,QAAQ,EAAE,UAAU;YACpB,SAAS,EAAE;gBACT,WAAW;gBACX,SAAS;gBACT;oBACE,OAAO,EAAE,iBAAiB;oBAC1B,QAAQ,EAAE,MAAM;iBACjB;gBACD;oBACE,OAAO,EAAE,kBAAkB;oBAC3B,UAAU,EAAE,kBAAkB,CAAC,YAAY;oBAC3C,IAAI,EAAE,CAAC,gBAAgB,CAAC;iBACzB;aACF;SACF,CAAC;KACH;;;YAxBF,QAAQ;;;MCwBI,mBAAmB;IAC9B,YACU,aAA+B,EACH,WAAwB,EACpD,SAAoB;QAFpB,kBAAa,GAAb,aAAa,CAAkB;QACH,gBAAW,GAAX,WAAW,CAAa;QACpD,cAAS,GAAT,SAAS,CAAW;KAC1B;IAEJ,SAAS,CACP,GAAqB,EACrB,IAAiB;;QAEjB,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,CAAC;QACxC,IAAI,EAAC,MAAA,MAAM,CAAC,eAAe,0CAAE,WAAW,CAAA,EAAE;YACxC,OAAO,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;SACzB;QAED,OAAO,IAAI,CAAC,iBAAiB,CAAC,GAAG,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC,IAAI,CAC7D,SAAS,CAAC,CAAC,KAAK,KACd,GAAG;;QAED,MAAM,KAAK,KAAK,IAAI;;;QAGpB,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,CACZ,KAAK,CAAC,cAAc,CAAC,EACrB,SAAS,CACP,CAAC,OAAO;YACN,OAAO,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,IAAI,CAC9C,UAAU,CAAC,CAAC,GAAG;gBACb,IAAI,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE;oBACnC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;iBACf;gBAED,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;gBAC7B,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC;aACxB,CAAC,CACH,CAAC;SACH,CACF,EACD,SAAS,CAAC,CAAC,KAAa;;YAEtB,MAAM,KAAK,GAAG,KAAK;kBACf,GAAG,CAAC,KAAK,CAAC;oBACR,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CACtB,eAAe,EACf,UAAU,KAAK,EAAE,CAClB;iBACF,CAAC;kBACF,GAAG,CAAC;YAER,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;SAC3B,CAAC,CACH;;;QAGD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CACjB,CACF,CACF,CAAC;KACH;;;;;;IAOO,sBAAsB,CAC5B,OAAiC;QAEjC,OAAO,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAC9B,SAAS,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,EACvD,GAAG,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EACpD,UAAU,CAAC,CAAC,KAAK;YACf,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC;SAC1B,CAAC,CACH,CAAC;KACH;;;;;IAMO,cAAc,CAAC,GAAW;QAChC,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE;YACzB,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;SACvC;QAED,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE;YACzB,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC;SACvC;QAED,OAAO,GAAG,CAAC;KACZ;;;;;;;IAQO,cAAc,CACpB,KAAyB,EACzB,OAAyB;QAEzB,MAAM,aAAa,GAAG,CAAC,KAAyB;YAC9C,IAAI,CAAC,KAAK,EAAE;gBACV,OAAO,KAAK,CAAC;aACd;YAED,MAAM,WAAW,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAErD,IAAI,KAAK,KAAK,WAAW,EAAE;gBACzB,OAAO,IAAI,CAAC;aACb;;YAGD,QACE,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC;gBACvC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EACzD;SACH,CAAC;QAEF,IAAI,4BAA4B,CAAC,KAAK,CAAC,EAAE;YACvC,IAAI,KAAK,CAAC,UAAU,IAAI,KAAK,CAAC,UAAU,KAAK,OAAO,CAAC,MAAM,EAAE;gBAC3D,OAAO,KAAK,CAAC;aACd;;YAGD,IAAI,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,EAAE;gBACnC,OAAO,CAAC,IAAI,CACV,+EAA+E,CAChF,CAAC;aACH;YAED,OAAO,KAAK,CAAC,UAAU;kBACnB,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC;kBAC7B,aAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;SAC9B;QAED,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;KAC7B;;;;;;;IAQO,iBAAiB,CACvB,OAAyB,EACzB,MAA6B;QAE7B,OAAO,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAClC,KAAK,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,IAAI,CAAC,CAC5D,CAAC;KACH;IAEO,cAAc,CAAC,KAAgC,EAAE,GAAQ;QAC/D,QACE,CAAC,CAAC,KAAK;YACP,4BAA4B,CAAC,KAAK,CAAC;YACnC,CAAC,CAAC,KAAK,CAAC,cAAc;YACtB,CAAC,gBAAgB,EAAE,kBAAkB,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAC1D;KACH;;;YAtKF,UAAU;;;YAhBT,gBAAgB;YAYT,WAAW,uBAQf,MAAM,SAAC,kBAAkB;YANrB,SAAS;;;AC3BlB;;;;ACAA;;;;;;"}
package/lib/auth.config.d.ts CHANGED
@@ -149,6 +149,27 @@ export interface AuthConfig {
149
149
  * **Note**: Use of refresh tokens must be enabled by an administrator on your Auth0 client application.
150
150
  */
151
151
  useRefreshTokens?: boolean;
152
+ /**
153
+ * If true, fallback to the technique of using a hidden iframe and the `authorization_code` grant with `prompt=none`
154
+ * when unable to use refresh tokens.
155
+ * The default setting is `true`.
156
+ *
157
+ * **Note**: There might be situations where doing silent auth with a Web Message response from an iframe is not possible,
158
+ * like when you're serving your application from the file system or a custom protocol (like in a Desktop or Native app).
159
+ * In situations like this you can disable the iframe fallback and handle the failed Refresh Grant and prompt
160
+ * the user to login interactively with `loginWithRedirect` or `loginWithPopup`."
161
+ *
162
+ * E.g. Using the `file:` protocol in an Electron application does not support that legacy technique.
163
+ *
164
+ * this.authService.getAccessTokenSilently().subscribe({
165
+ * error: (e) => {
166
+ * if (e.error === 'missing_refresh_token' || e.error === 'invalid_grant') {
167
+ * this.authService.loginWithRedirect();
168
+ * }
169
+ * }
170
+ * });
171
+ */
172
+ useRefreshTokensFallback?: boolean;
152
173
  /**
153
174
  * A maximum number of seconds to wait before declaring background calls to /authorize as failed for timeout
154
175
  * Defaults to 60s.
package/lib/auth.service.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import { OnDestroy } from '@angular/core';
2
- import { Auth0Client, RedirectLoginOptions, PopupLoginOptions, PopupConfigOptions, LogoutOptions, GetTokenSilentlyOptions, GetTokenWithPopupOptions, RedirectLoginResult, LogoutUrlOptions, GetTokenSilentlyVerboseResponse } from '@auth0/auth0-spa-js';
2
+ import { Auth0Client, RedirectLoginOptions, PopupLoginOptions, PopupConfigOptions, LogoutOptions, GetTokenSilentlyOptions, GetTokenWithPopupOptions, RedirectLoginResult, LogoutUrlOptions, GetTokenSilentlyVerboseResponse, GetUserOptions, User, GetIdTokenClaimsOptions, IdToken } from '@auth0/auth0-spa-js';
3
3
  import { Observable } from 'rxjs';
4
4
  import { AbstractNavigator } from './abstract-navigator';
5
5
  import { AuthClientConfig, AppState } from './auth.config';
@@ -23,11 +23,11 @@ export declare class AuthService<TAppState extends AppState = AppState> implemen
23
23
  /**
24
24
  * Emits details about the authenticated user, or null if not authenticated.
25
25
  */
26
- readonly user$: Observable<import("@auth0/auth0-spa-js").User | null | undefined>;
26
+ readonly user$: Observable<User | null | undefined>;
27
27
  /**
28
28
  * Emits ID token claims when authenticated, or null if not authenticated.
29
29
  */
30
- readonly idTokenClaims$: Observable<import("@auth0/auth0-spa-js").IdToken | null | undefined>;
30
+ readonly idTokenClaims$: Observable<IdToken | null | undefined>;
31
31
  /**
32
32
  * Emits errors that occur during login, or when checking for an active session on startup.
33
33
  */
@@ -115,6 +115,44 @@ export declare class AuthService<TAppState extends AppState = AppState> implemen
115
115
  * results will be valid according to their expiration times.
116
116
  */
117
117
  getAccessTokenWithPopup(options?: GetTokenWithPopupOptions): Observable<string>;
118
+ /**
119
+ * ```js
120
+ * getUser(options).subscribe(user => ...);
121
+ * ```
122
+ *
123
+ * Returns the user information if available (decoded
124
+ * from the `id_token`).
125
+ *
126
+ * If you provide an audience or scope, they should match an existing Access Token
127
+ * (the SDK stores a corresponding ID Token with every Access Token, and uses the
128
+ * scope and audience to look up the ID Token)
129
+ *
130
+ * @remarks
131
+ *
132
+ * The returned observable will emit once and then complete.
133
+ *
134
+ * @typeparam TUser The type to return, has to extend {@link User}.
135
+ * @param options The options to get the user
136
+ */
137
+ getUser<TUser extends User>(options?: GetUserOptions): Observable<TUser | undefined>;
138
+ /**
139
+ * ```js
140
+ * getIdTokenClaims(options).subscribe(claims => ...);
141
+ * ```
142
+ *
143
+ * Returns all claims from the id_token if available.
144
+ *
145
+ * If you provide an audience or scope, they should match an existing Access Token
146
+ * (the SDK stores a corresponding ID Token with every Access Token, and uses the
147
+ * scope and audience to look up the ID Token)
148
+ *
149
+ * @remarks
150
+ *
151
+ * The returned observable will emit once and then complete.
152
+ *
153
+ * @param options The options to get the Id token claims
154
+ */
155
+ getIdTokenClaims(options?: GetIdTokenClaimsOptions): Observable<IdToken | undefined>;
118
156
  /**
119
157
  * ```js
120
158
  * handleRedirectCallback(url).subscribe(result => ...)