npm - @authrim/setup - Versions diffs - 0.1.0 - Mend

@authrim/setup 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (78) hide show

package/README.md +303 -0
package/dist/__tests__/config.test.d.ts +5 -0
package/dist/__tests__/config.test.d.ts.map +1 -0
package/dist/__tests__/config.test.js +115 -0
package/dist/__tests__/config.test.js.map +1 -0
package/dist/__tests__/keys.test.d.ts +5 -0
package/dist/__tests__/keys.test.d.ts.map +1 -0
package/dist/__tests__/keys.test.js +87 -0
package/dist/__tests__/keys.test.js.map +1 -0
package/dist/__tests__/naming.test.d.ts +5 -0
package/dist/__tests__/naming.test.d.ts.map +1 -0
package/dist/__tests__/naming.test.js +84 -0
package/dist/__tests__/naming.test.js.map +1 -0
package/dist/cli/commands/config.d.ts +13 -0
package/dist/cli/commands/config.d.ts.map +1 -0
package/dist/cli/commands/config.js +231 -0
package/dist/cli/commands/config.js.map +1 -0
package/dist/cli/commands/deploy.d.ts +21 -0
package/dist/cli/commands/deploy.d.ts.map +1 -0
package/dist/cli/commands/deploy.js +304 -0
package/dist/cli/commands/deploy.js.map +1 -0
package/dist/cli/commands/init.d.ts +14 -0
package/dist/cli/commands/init.d.ts.map +1 -0
package/dist/cli/commands/init.js +1248 -0
package/dist/cli/commands/init.js.map +1 -0
package/dist/core/admin.d.ts +64 -0
package/dist/core/admin.d.ts.map +1 -0
package/dist/core/admin.js +247 -0
package/dist/core/admin.js.map +1 -0
package/dist/core/cloudflare.d.ts +157 -0
package/dist/core/cloudflare.d.ts.map +1 -0
package/dist/core/cloudflare.js +452 -0
package/dist/core/cloudflare.js.map +1 -0
package/dist/core/config.d.ts +891 -0
package/dist/core/config.d.ts.map +1 -0
package/dist/core/config.js +208 -0
package/dist/core/config.js.map +1 -0
package/dist/core/deploy.d.ts +81 -0
package/dist/core/deploy.d.ts.map +1 -0
package/dist/core/deploy.js +389 -0
package/dist/core/deploy.js.map +1 -0
package/dist/core/keys.d.ts +111 -0
package/dist/core/keys.d.ts.map +1 -0
package/dist/core/keys.js +287 -0
package/dist/core/keys.js.map +1 -0
package/dist/core/lock.d.ts +220 -0
package/dist/core/lock.d.ts.map +1 -0
package/dist/core/lock.js +230 -0
package/dist/core/lock.js.map +1 -0
package/dist/core/naming.d.ts +151 -0
package/dist/core/naming.d.ts.map +1 -0
package/dist/core/naming.js +209 -0
package/dist/core/naming.js.map +1 -0
package/dist/core/source.d.ts +68 -0
package/dist/core/source.d.ts.map +1 -0
package/dist/core/source.js +285 -0
package/dist/core/source.js.map +1 -0
package/dist/core/wrangler.d.ts +87 -0
package/dist/core/wrangler.d.ts.map +1 -0
package/dist/core/wrangler.js +398 -0
package/dist/core/wrangler.js.map +1 -0
package/dist/index.d.ts +11 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +117 -0
package/dist/index.js.map +1 -0
package/dist/web/api.d.ts +21 -0
package/dist/web/api.d.ts.map +1 -0
package/dist/web/api.js +423 -0
package/dist/web/api.js.map +1 -0
package/dist/web/server.d.ts +12 -0
package/dist/web/server.d.ts.map +1 -0
package/dist/web/server.js +112 -0
package/dist/web/server.js.map +1 -0
package/dist/web/ui.d.ts +7 -0
package/dist/web/ui.d.ts.map +1 -0
package/dist/web/ui.js +765 -0
package/dist/web/ui.js.map +1 -0
package/package.json +61 -0

package/dist/web/api.js ADDED Viewed

@@ -0,0 +1,423 @@
+/**
+ * API Routes for Authrim Setup Web UI
+ *
+ * Provides REST API endpoints for the setup wizard.
+ *
+ * Security Notes:
+ * - This API is designed to be accessed from localhost only
+ * - A session token is generated on server start to prevent unauthorized access
+ * - Operations are serialized to prevent race conditions
+ */
+import { Hono } from 'hono';
+import { z } from 'zod';
+import { existsSync } from 'node:fs';
+import { readFile } from 'node:fs/promises';
+import { resolve } from 'node:path';
+import { randomBytes } from 'node:crypto';
+import { isWranglerInstalled, checkAuth, provisionResources, } from '../core/cloudflare.js';
+import { AuthrimConfigSchema, createDefaultConfig } from '../core/config.js';
+import { generateAllSecrets, saveKeysToDirectory } from '../core/keys.js';
+import { createLockFile, saveLockFile, loadLockFile } from '../core/lock.js';
+import { generateWranglerConfig, toToml } from '../core/wrangler.js';
+import { deployAll, uploadSecrets } from '../core/deploy.js';
+import { CORE_WORKER_COMPONENTS } from '../core/naming.js';
+import { completeInitialSetup } from '../core/admin.js';
+import { writeFile } from 'node:fs/promises';
+import { join } from 'node:path';
+// =============================================================================
+// Session & Security
+// =============================================================================
+/**
+ * Session token for API authentication (generated on server start)
+ * This is embedded in the HTML page served to the browser
+ */
+let sessionToken = '';
+/**
+ * Generate a new session token
+ */
+export function generateSessionToken() {
+    sessionToken = randomBytes(32).toString('hex');
+    return sessionToken;
+}
+/**
+ * Get current session token (for embedding in HTML)
+ */
+export function getSessionToken() {
+    return sessionToken;
+}
+// =============================================================================
+// Operation Lock (prevents concurrent state mutations)
+// =============================================================================
+let operationLock = Promise.resolve();
+/**
+ * Acquire operation lock to serialize state mutations
+ */
+async function withLock(operation) {
+    // Wait for previous operation to complete
+    await operationLock;
+    // Create new lock for this operation
+    let releaseLock;
+    operationLock = new Promise((resolve) => {
+        releaseLock = resolve;
+    });
+    try {
+        return await operation();
+    }
+    finally {
+        releaseLock();
+    }
+}
+const state = {
+    status: 'idle',
+    config: null,
+    auth: null,
+    progress: [],
+    error: null,
+    deployResults: [],
+};
+function addProgress(message) {
+    state.progress.push(message);
+}
+function clearProgress() {
+    state.progress = [];
+}
+/**
+ * Sanitize error messages to prevent information leakage
+ */
+function sanitizeError(error) {
+    const message = error instanceof Error ? error.message : String(error);
+    // Remove potential file paths and secrets
+    return message
+        .replace(/\/[^\s:]+/g, '[path]')
+        .replace(/\\[^\s:]+/g, '[path]')
+        .replace(/[a-f0-9]{32,}/gi, '[redacted]');
+}
+// =============================================================================
+// API Routes
+// =============================================================================
+export function createApiRoutes() {
+    const api = new Hono();
+    // Session token validation middleware for mutating operations
+    const validateSession = async (c, next) => {
+        const token = c.req.header('X-Session-Token');
+        if (!sessionToken || token !== sessionToken) {
+            return c.json({ error: 'Invalid or missing session token' }, 401);
+        }
+        await next();
+    };
+    // Apply session validation to all POST/PUT/DELETE routes
+    api.use('/config', validateSession);
+    api.use('/config/*', validateSession);
+    api.use('/keys/*', validateSession);
+    api.use('/provision', validateSession);
+    api.use('/wrangler/*', validateSession);
+    api.use('/deploy', validateSession);
+    api.use('/reset', validateSession);
+    api.use('/admin/*', validateSession);
+    // Get current state (no auth required - read-only)
+    api.get('/state', (c) => {
+        return c.json(state);
+    });
+    // Check prerequisites (no auth required - read-only)
+    api.get('/prerequisites', async (c) => {
+        const wranglerInstalled = await isWranglerInstalled();
+        const auth = await checkAuth();
+        state.auth = auth;
+        return c.json({
+            wranglerInstalled,
+            auth,
+        });
+    });
+    // Load existing config (no auth required - read-only)
+    api.get('/config', async (c) => {
+        const configPath = 'authrim-config.json';
+        if (!existsSync(configPath)) {
+            return c.json({ exists: false, config: null });
+        }
+        try {
+            const content = await readFile(configPath, 'utf-8');
+            const config = JSON.parse(content);
+            state.config = config;
+            return c.json({ exists: true, config });
+        }
+        catch (error) {
+            return c.json({ exists: false, error: sanitizeError(error) }, 500);
+        }
+    });
+    // Save config (with lock to prevent race conditions)
+    api.post('/config', async (c) => {
+        return withLock(async () => {
+            try {
+                const body = await c.req.json();
+                const config = AuthrimConfigSchema.parse(body);
+                await writeFile('authrim-config.json', JSON.stringify(config, null, 2));
+                state.config = config;
+                return c.json({ success: true });
+            }
+            catch (error) {
+                if (error instanceof z.ZodError) {
+                    return c.json({ success: false, errors: error.errors }, 400);
+                }
+                return c.json({ success: false, error: sanitizeError(error) }, 500);
+            }
+        });
+    });
+    // Create default config (with lock)
+    api.post('/config/default', async (c) => {
+        return withLock(async () => {
+            try {
+                const body = await c.req.json();
+                const { env = 'prod', domain } = body;
+                const config = createDefaultConfig(env);
+                // Update URLs if domain is provided
+                if (domain) {
+                    config.urls = {
+                        api: { custom: domain, auto: `https://${env}-ar-router.workers.dev` },
+                        loginUi: { custom: null, auto: `https://${env}-ar-ui.pages.dev` },
+                        adminUi: { custom: null, auto: `https://${env}-ar-ui.pages.dev/admin` },
+                    };
+                }
+                state.config = config;
+                return c.json({ success: true, config });
+            }
+            catch (error) {
+                return c.json({ success: false, error: sanitizeError(error) }, 500);
+            }
+        });
+    });
+    // Generate keys (with lock)
+    api.post('/keys/generate', async (c) => {
+        return withLock(async () => {
+            try {
+                const body = await c.req.json();
+                const { keyId, keysDir = '.keys' } = body;
+                addProgress('Generating cryptographic keys...');
+                const secrets = generateAllSecrets(keyId);
+                addProgress('Saving keys to directory...');
+                await saveKeysToDirectory(secrets, keysDir);
+                addProgress('Keys generated successfully');
+                // Only return public information
+                return c.json({
+                    success: true,
+                    keyId: secrets.keyPair.keyId,
+                    publicKeyJwk: secrets.keyPair.publicKeyJwk,
+                });
+            }
+            catch (error) {
+                state.error = sanitizeError(error);
+                return c.json({ success: false, error: sanitizeError(error) }, 500);
+            }
+        });
+    });
+    // Provision Cloudflare resources (with lock)
+    api.post('/provision', async (c) => {
+        return withLock(async () => {
+            try {
+                const body = await c.req.json();
+                const { env } = body;
+                state.status = 'provisioning';
+                clearProgress();
+                addProgress(`Provisioning Cloudflare resources for ${env}...`);
+                const resources = await provisionResources({
+                    env,
+                    createD1: true,
+                    createKV: true,
+                    createQueues: body.createQueues || false,
+                    createR2: body.createR2 || false,
+                    onProgress: addProgress,
+                });
+                addProgress('Creating lock file...');
+                const lock = createLockFile(env, resources);
+                await saveLockFile(lock);
+                state.status = 'configuring';
+                addProgress('Provisioning complete!');
+                return c.json({
+                    success: true,
+                    resources,
+                    lock,
+                });
+            }
+            catch (error) {
+                state.status = 'error';
+                state.error = sanitizeError(error);
+                return c.json({ success: false, error: sanitizeError(error) }, 500);
+            }
+        });
+    });
+    // Generate wrangler configs (with lock)
+    api.post('/wrangler/generate', async (c) => {
+        return withLock(async () => {
+            try {
+                const body = await c.req.json();
+                const { env, rootDir = '.' } = body;
+                // Load lock file
+                const lock = await loadLockFile();
+                if (!lock) {
+                    return c.json({ success: false, error: 'Lock file not found' }, 400);
+                }
+                // Load config
+                let config;
+                if (state.config) {
+                    config = AuthrimConfigSchema.parse(state.config);
+                }
+                else {
+                    config = createDefaultConfig(env);
+                }
+                addProgress('Generating wrangler.toml files...');
+                // Build resource IDs from lock file
+                const resourceIds = {
+                    d1: lock.d1,
+                    kv: Object.fromEntries(Object.entries(lock.kv).map(([k, v]) => [k, { id: v.id, name: v.name }])),
+                    queues: lock.queues,
+                    r2: lock.r2,
+                };
+                // Generate and save wrangler configs for each component
+                const generatedComponents = [];
+                for (const component of CORE_WORKER_COMPONENTS) {
+                    const componentDir = join(rootDir, 'packages', component);
+                    if (!existsSync(componentDir)) {
+                        continue;
+                    }
+                    const wranglerConfig = generateWranglerConfig(component, config, resourceIds);
+                    const tomlContent = toToml(wranglerConfig);
+                    const tomlPath = join(componentDir, `wrangler.${env}.toml`);
+                    await writeFile(tomlPath, tomlContent, 'utf-8');
+                    generatedComponents.push(component);
+                }
+                addProgress('Wrangler configs generated!');
+                return c.json({
+                    success: true,
+                    components: generatedComponents,
+                });
+            }
+            catch (error) {
+                return c.json({ success: false, error: sanitizeError(error) }, 500);
+            }
+        });
+    });
+    // Deploy (with lock - long-running operation)
+    api.post('/deploy', async (c) => {
+        return withLock(async () => {
+            try {
+                const body = await c.req.json();
+                const { env, rootDir = '.', dryRun = false, components } = body;
+                state.status = 'deploying';
+                clearProgress();
+                // Upload secrets first (secrets are read but not stored in state)
+                if (!dryRun && existsSync('.keys')) {
+                    addProgress('Uploading secrets...');
+                    const secrets = {};
+                    const secretFiles = [
+                        { file: '.keys/private.pem', name: 'PRIVATE_KEY_PEM' },
+                        { file: '.keys/rp_token_encryption_key.txt', name: 'RP_TOKEN_ENCRYPTION_KEY' },
+                        { file: '.keys/admin_api_secret.txt', name: 'ADMIN_API_SECRET' },
+                        { file: '.keys/key_manager_secret.txt', name: 'KEY_MANAGER_SECRET' },
+                    ];
+                    for (const { file, name } of secretFiles) {
+                        if (existsSync(file)) {
+                            secrets[name] = await readFile(file, 'utf-8');
+                        }
+                    }
+                    if (Object.keys(secrets).length > 0) {
+                        await uploadSecrets(secrets, {
+                            env,
+                            rootDir: resolve(rootDir),
+                            onProgress: addProgress,
+                        });
+                        // Note: secrets object goes out of scope here and will be garbage collected
+                    }
+                }
+                addProgress('Deploying workers...');
+                const enabledComponents = components;
+                const summary = await deployAll({
+                    env,
+                    rootDir: resolve(rootDir),
+                    dryRun,
+                    onProgress: addProgress,
+                    onError: (comp, error) => {
+                        addProgress(`Error in ${comp}: ${sanitizeError(error)}`);
+                    },
+                }, enabledComponents);
+                state.deployResults = summary.results;
+                if (summary.failedCount === 0) {
+                    state.status = 'complete';
+                    addProgress('Deployment complete!');
+                }
+                else {
+                    state.status = 'error';
+                    state.error = `${summary.failedCount} components failed to deploy`;
+                }
+                return c.json({
+                    success: summary.failedCount === 0,
+                    summary,
+                });
+            }
+            catch (error) {
+                state.status = 'error';
+                state.error = sanitizeError(error);
+                return c.json({ success: false, error: sanitizeError(error) }, 500);
+            }
+        });
+    });
+    // Get deployment status (no auth required - read-only)
+    api.get('/deploy/status', (c) => {
+        return c.json({
+            status: state.status,
+            progress: state.progress,
+            error: state.error,
+            results: state.deployResults,
+        });
+    });
+    // Reset state (with lock)
+    api.post('/reset', async (c) => {
+        return withLock(async () => {
+            state.status = 'idle';
+            state.config = null;
+            state.progress = [];
+            state.error = null;
+            state.deployResults = [];
+            return c.json({ success: true });
+        });
+    });
+    // Complete initial admin setup (store setup token in KV)
+    api.post('/admin/setup', async (c) => {
+        return withLock(async () => {
+            try {
+                const body = await c.req.json();
+                const { env, baseUrl, keysDir = '.keys' } = body;
+                if (!env || !baseUrl) {
+                    return c.json({ success: false, error: 'env and baseUrl are required' }, 400);
+                }
+                addProgress('Setting up initial admin...');
+                const result = await completeInitialSetup({
+                    env,
+                    baseUrl,
+                    keysDir,
+                    onProgress: addProgress,
+                });
+                if (result.alreadyCompleted) {
+                    addProgress('Initial admin setup already completed');
+                    return c.json({
+                        success: true,
+                        alreadyCompleted: true,
+                        message: 'Initial admin setup was already completed',
+                    });
+                }
+                if (result.success && result.setupUrl) {
+                    addProgress('Setup token stored successfully');
+                    return c.json({
+                        success: true,
+                        setupUrl: result.setupUrl,
+                        message: 'Visit the setup URL to create the initial administrator',
+                    });
+                }
+                return c.json({ success: false, error: result.error }, 500);
+            }
+            catch (error) {
+                return c.json({ success: false, error: sanitizeError(error) }, 500);
+            }
+        });
+    });
+    return api;
+}
+//# sourceMappingURL=api.js.map

package/dist/web/api.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"api.js","sourceRoot":"","sources":["../../src/web/api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EACL,mBAAmB,EACnB,SAAS,EACT,kBAAkB,GAEnB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAsB,MAAM,mBAAmB,CAAC;AACjG,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAC;AAC7E,OAAO,EAAE,sBAAsB,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AACrE,OAAO,EAAE,SAAS,EAAE,aAAa,EAAqB,MAAM,mBAAmB,CAAC;AAChF,OAAO,EAAE,sBAAsB,EAAwB,MAAM,mBAAmB,CAAC;AACjF,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,gFAAgF;AAChF,qBAAqB;AACrB,gFAAgF;AAEhF;;;GAGG;AACH,IAAI,YAAY,GAAW,EAAE,CAAC;AAE9B;;GAEG;AACH,MAAM,UAAU,oBAAoB;IAClC,YAAY,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC/C,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe;IAC7B,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,gFAAgF;AAChF,uDAAuD;AACvD,gFAAgF;AAEhF,IAAI,aAAa,GAAkB,OAAO,CAAC,OAAO,EAAE,CAAC;AAErD;;GAEG;AACH,KAAK,UAAU,QAAQ,CAAI,SAA2B;IACpD,0CAA0C;IAC1C,MAAM,aAAa,CAAC;IAEpB,qCAAqC;IACrC,IAAI,WAAuB,CAAC;IAC5B,aAAa,GAAG,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QACtC,WAAW,GAAG,OAAO,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC;QACH,OAAO,MAAM,SAAS,EAAE,CAAC;IAC3B,CAAC;YAAS,CAAC;QACT,WAAY,EAAE,CAAC;IACjB,CAAC;AACH,CAAC;AAeD,MAAM,KAAK,GAAe;IACxB,MAAM,EAAE,MAAM;IACd,MAAM,EAAE,IAAI;IACZ,IAAI,EAAE,IAAI;IACV,QAAQ,EAAE,EAAE;IACZ,KAAK,EAAE,IAAI;IACX,aAAa,EAAE,EAAE;CAClB,CAAC;AAEF,SAAS,WAAW,CAAC,OAAe;IAClC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,aAAa;IACpB,KAAK,CAAC,QAAQ,GAAG,EAAE,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,KAAc;IACnC,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACvE,0CAA0C;IAC1C,OAAO,OAAO;SACX,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC;SAC/B,OAAO,CAAC,YAAY,EAAE,QAAQ,CAAC;SAC/B,OAAO,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;AAC9C,CAAC;AAED,gFAAgF;AAChF,aAAa;AACb,gFAAgF;AAEhF,MAAM,UAAU,eAAe;IAC7B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IAEvB,8DAA8D;IAC9D,MAAM,eAAe,GAAG,KAAK,EAC3B,CAA+C,EAC/C,IAAyB,EACzB,EAAE;QACF,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;QAC9C,IAAI,CAAC,YAAY,IAAI,KAAK,KAAK,YAAY,EAAE,CAAC;YAC5C,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,kCAAkC,EAAE,EAAE,GAAG,CAAC,CAAC;QACpE,CAAC;QACD,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC;IAEF,yDAAyD;IACzD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IACpC,GAAG,CAAC,GAAG,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC;IACtC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IACpC,GAAG,CAAC,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;IACvC,GAAG,CAAC,GAAG,CAAC,aAAa,EAAE,eAAe,CAAC,CAAC;IACxC,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC;IACpC,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;IACnC,GAAG,CAAC,GAAG,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC;IAErC,mDAAmD;IACnD,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE;QACtB,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,qDAAqD;IACrD,GAAG,CAAC,GAAG,CAAC,gBAAgB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACpC,MAAM,iBAAiB,GAAG,MAAM,mBAAmB,EAAE,CAAC;QACtD,MAAM,IAAI,GAAG,MAAM,SAAS,EAAE,CAAC;QAE/B,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC;QAElB,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,iBAAiB;YACjB,IAAI;SACL,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,sDAAsD;IACtD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,UAAU,GAAG,qBAAqB,CAAC;QAEzC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACpD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACnC,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC;YACtB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QACrE,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,qDAAqD;IACrD,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAE/C,MAAM,SAAS,CAAC,qBAAqB,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACxE,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC;gBAEtB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;YACnC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,IAAI,KAAK,YAAY,CAAC,CAAC,QAAQ,EAAE,CAAC;oBAChC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,CAAC;gBAC/D,CAAC;gBACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,oCAAoC;IACpC,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACtC,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,GAAG,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;gBAEtC,MAAM,MAAM,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;gBAExC,oCAAoC;gBACpC,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,GAAG;wBACZ,GAAG,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,GAAG,wBAAwB,EAAE;wBACrE,OAAO,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,GAAG,kBAAkB,EAAE;wBACjE,OAAO,EAAE,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,GAAG,wBAAwB,EAAE;qBACxE,CAAC;gBACJ,CAAC;gBAED,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC;gBAEtB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;YAC3C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,4BAA4B;IAC5B,GAAG,CAAC,IAAI,CAAC,gBAAgB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACrC,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,EAAE,KAAK,EAAE,OAAO,GAAG,OAAO,EAAE,GAAG,IAAI,CAAC;gBAE1C,WAAW,CAAC,kCAAkC,CAAC,CAAC;gBAChD,MAAM,OAAO,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;gBAE1C,WAAW,CAAC,6BAA6B,CAAC,CAAC;gBAC3C,MAAM,mBAAmB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBAE5C,WAAW,CAAC,6BAA6B,CAAC,CAAC;gBAE3C,iCAAiC;gBACjC,OAAO,CAAC,CAAC,IAAI,CAAC;oBACZ,OAAO,EAAE,IAAI;oBACb,KAAK,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK;oBAC5B,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,YAAY;iBAC3C,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,KAAK,CAAC,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;gBACnC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,6CAA6C;IAC7C,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACjC,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;gBAErB,KAAK,CAAC,MAAM,GAAG,cAAc,CAAC;gBAC9B,aAAa,EAAE,CAAC;gBAEhB,WAAW,CAAC,yCAAyC,GAAG,KAAK,CAAC,CAAC;gBAE/D,MAAM,SAAS,GAAG,MAAM,kBAAkB,CAAC;oBACzC,GAAG;oBACH,QAAQ,EAAE,IAAI;oBACd,QAAQ,EAAE,IAAI;oBACd,YAAY,EAAE,IAAI,CAAC,YAAY,IAAI,KAAK;oBACxC,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,KAAK;oBAChC,UAAU,EAAE,WAAW;iBACxB,CAAC,CAAC;gBAEH,WAAW,CAAC,uBAAuB,CAAC,CAAC;gBACrC,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;gBAC5C,MAAM,YAAY,CAAC,IAAI,CAAC,CAAC;gBAEzB,KAAK,CAAC,MAAM,GAAG,aAAa,CAAC;gBAC7B,WAAW,CAAC,wBAAwB,CAAC,CAAC;gBAEtC,OAAO,CAAC,CAAC,IAAI,CAAC;oBACZ,OAAO,EAAE,IAAI;oBACb,SAAS;oBACT,IAAI;iBACL,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,KAAK,CAAC,MAAM,GAAG,OAAO,CAAC;gBACvB,KAAK,CAAC,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;gBACnC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,wCAAwC;IACxC,GAAG,CAAC,IAAI,CAAC,oBAAoB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACzC,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,GAAG,EAAE,GAAG,IAAI,CAAC;gBAEpC,iBAAiB;gBACjB,MAAM,IAAI,GAAG,MAAM,YAAY,EAAE,CAAC;gBAClC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACV,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,qBAAqB,EAAE,EAAE,GAAG,CAAC,CAAC;gBACvE,CAAC;gBAED,cAAc;gBACd,IAAI,MAAqB,CAAC;gBAC1B,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;oBACjB,MAAM,GAAG,mBAAmB,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBACnD,CAAC;qBAAM,CAAC;oBACN,MAAM,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;gBACpC,CAAC;gBAED,WAAW,CAAC,mCAAmC,CAAC,CAAC;gBAEjD,oCAAoC;gBACpC,MAAM,WAAW,GAAG;oBAClB,EAAE,EAAE,IAAI,CAAC,EAAE;oBACX,EAAE,EAAE,MAAM,CAAC,WAAW,CACpB,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CACzE;oBACD,MAAM,EAAE,IAAI,CAAC,MAAM;oBACnB,EAAE,EAAE,IAAI,CAAC,EAAE;iBACZ,CAAC;gBAEF,wDAAwD;gBACxD,MAAM,mBAAmB,GAAa,EAAE,CAAC;gBACzC,KAAK,MAAM,SAAS,IAAI,sBAAsB,EAAE,CAAC;oBAC/C,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;oBAC1D,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;wBAC9B,SAAS;oBACX,CAAC;oBAED,MAAM,cAAc,GAAG,sBAAsB,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC;oBAC9E,MAAM,WAAW,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;oBAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,EAAE,YAAY,GAAG,OAAO,CAAC,CAAC;oBAC5D,MAAM,SAAS,CAAC,QAAQ,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;oBAChD,mBAAmB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACtC,CAAC;gBAED,WAAW,CAAC,6BAA6B,CAAC,CAAC;gBAE3C,OAAO,CAAC,CAAC,IAAI,CAAC;oBACZ,OAAO,EAAE,IAAI;oBACb,UAAU,EAAE,mBAAmB;iBAChC,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,8CAA8C;IAC9C,GAAG,CAAC,IAAI,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC9B,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,EAAE,OAAO,GAAG,GAAG,EAAE,MAAM,GAAG,KAAK,EAAE,UAAU,EAAE,GAAG,IAAI,CAAC;gBAEhE,KAAK,CAAC,MAAM,GAAG,WAAW,CAAC;gBAC3B,aAAa,EAAE,CAAC;gBAEhB,kEAAkE;gBAClE,IAAI,CAAC,MAAM,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;oBACnC,WAAW,CAAC,sBAAsB,CAAC,CAAC;oBAEpC,MAAM,OAAO,GAA2B,EAAE,CAAC;oBAC3C,MAAM,WAAW,GAAG;wBAClB,EAAE,IAAI,EAAE,mBAAmB,EAAE,IAAI,EAAE,iBAAiB,EAAE;wBACtD,EAAE,IAAI,EAAE,mCAAmC,EAAE,IAAI,EAAE,yBAAyB,EAAE;wBAC9E,EAAE,IAAI,EAAE,4BAA4B,EAAE,IAAI,EAAE,kBAAkB,EAAE;wBAChE,EAAE,IAAI,EAAE,8BAA8B,EAAE,IAAI,EAAE,oBAAoB,EAAE;qBACrE,CAAC;oBAEF,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,WAAW,EAAE,CAAC;wBACzC,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;4BACrB,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;wBAChD,CAAC;oBACH,CAAC;oBAED,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBACpC,MAAM,aAAa,CAAC,OAAO,EAAE;4BAC3B,GAAG;4BACH,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;4BACzB,UAAU,EAAE,WAAW;yBACxB,CAAC,CAAC;wBACH,4EAA4E;oBAC9E,CAAC;gBACH,CAAC;gBAED,WAAW,CAAC,sBAAsB,CAAC,CAAC;gBAEpC,MAAM,iBAAiB,GAAkC,UAAU,CAAC;gBAEpE,MAAM,OAAO,GAAG,MAAM,SAAS,CAC7B;oBACE,GAAG;oBACH,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC;oBACzB,MAAM;oBACN,UAAU,EAAE,WAAW;oBACvB,OAAO,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;wBACvB,WAAW,CAAC,YAAY,IAAI,KAAK,aAAa,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;oBAC3D,CAAC;iBACF,EACD,iBAAiB,CAClB,CAAC;gBAEF,KAAK,CAAC,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC;gBAEtC,IAAI,OAAO,CAAC,WAAW,KAAK,CAAC,EAAE,CAAC;oBAC9B,KAAK,CAAC,MAAM,GAAG,UAAU,CAAC;oBAC1B,WAAW,CAAC,sBAAsB,CAAC,CAAC;gBACtC,CAAC;qBAAM,CAAC;oBACN,KAAK,CAAC,MAAM,GAAG,OAAO,CAAC;oBACvB,KAAK,CAAC,KAAK,GAAG,GAAG,OAAO,CAAC,WAAW,8BAA8B,CAAC;gBACrE,CAAC;gBAED,OAAO,CAAC,CAAC,IAAI,CAAC;oBACZ,OAAO,EAAE,OAAO,CAAC,WAAW,KAAK,CAAC;oBAClC,OAAO;iBACR,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,KAAK,CAAC,MAAM,GAAG,OAAO,CAAC;gBACvB,KAAK,CAAC,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;gBACnC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,uDAAuD;IACvD,GAAG,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,EAAE;QAC9B,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,KAAK,EAAE,KAAK,CAAC,KAAK;YAClB,OAAO,EAAE,KAAK,CAAC,aAAa;SAC7B,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,0BAA0B;IAC1B,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7B,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE;YACzB,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC;YACtB,KAAK,CAAC,MAAM,GAAG,IAAI,CAAC;YACpB,KAAK,CAAC,QAAQ,GAAG,EAAE,CAAC;YACpB,KAAK,CAAC,KAAK,GAAG,IAAI,CAAC;YACnB,KAAK,CAAC,aAAa,GAAG,EAAE,CAAC;YAEzB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,yDAAyD;IACzD,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACnC,OAAO,QAAQ,CAAC,KAAK,IAAI,EAAE;YACzB,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,EAAE,GAAG,IAAI,CAAC;gBAEjD,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;oBACrB,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,8BAA8B,EAAE,EAAE,GAAG,CAAC,CAAC;gBAChF,CAAC;gBAED,WAAW,CAAC,6BAA6B,CAAC,CAAC;gBAE3C,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC;oBACxC,GAAG;oBACH,OAAO;oBACP,OAAO;oBACP,UAAU,EAAE,WAAW;iBACxB,CAAC,CAAC;gBAEH,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;oBAC5B,WAAW,CAAC,uCAAuC,CAAC,CAAC;oBACrD,OAAO,CAAC,CAAC,IAAI,CAAC;wBACZ,OAAO,EAAE,IAAI;wBACb,gBAAgB,EAAE,IAAI;wBACtB,OAAO,EAAE,2CAA2C;qBACrD,CAAC,CAAC;gBACL,CAAC;gBAED,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;oBACtC,WAAW,CAAC,iCAAiC,CAAC,CAAC;oBAC/C,OAAO,CAAC,CAAC,IAAI,CAAC;wBACZ,OAAO,EAAE,IAAI;wBACb,QAAQ,EAAE,MAAM,CAAC,QAAQ;wBACzB,OAAO,EAAE,yDAAyD;qBACnE,CAAC,CAAC;gBACL,CAAC;gBAED,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,EAAE,GAAG,CAAC,CAAC;YAC9D,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;YACtE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/web/server.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+/**
+ * Web UI Server for Authrim Setup
+ *
+ * Provides a web-based interface for configuring and deploying Authrim.
+ */
+export interface WebServerOptions {
+    port?: number;
+    host?: string;
+    openBrowser?: boolean;
+}
+export declare function startWebServer(options?: WebServerOptions): Promise<void>;
+//# sourceMappingURL=server.d.ts.map

package/dist/web/server.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/web/server.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAaH,MAAM,WAAW,gBAAgB;IAC/B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAMD,wBAAsB,cAAc,CAAC,OAAO,GAAE,gBAAqB,GAAG,OAAO,CAAC,IAAI,CAAC,CA8ClF"}

package/dist/web/server.js ADDED Viewed

@@ -0,0 +1,112 @@
+/**
+ * Web UI Server for Authrim Setup
+ *
+ * Provides a web-based interface for configuring and deploying Authrim.
+ */
+import { Hono } from 'hono';
+import { serve } from '@hono/node-server';
+import { cors } from 'hono/cors';
+import chalk from 'chalk';
+import { createApiRoutes, generateSessionToken, getSessionToken } from './api.js';
+import { getHtmlTemplate } from './ui.js';
+// =============================================================================
+// Server
+// =============================================================================
+export async function startWebServer(options = {}) {
+    const { port = 3456, host = 'localhost' } = options;
+    // Generate session token for this server instance
+    generateSessionToken();
+    const app = new Hono();
+    // CORS for API requests (localhost only)
+    app.use('/api/*', cors({
+        origin: [`http://localhost:${port}`, `http://127.0.0.1:${port}`],
+        allowMethods: ['GET', 'POST', 'PUT', 'DELETE'],
+        allowHeaders: ['Content-Type', 'X-Session-Token'],
+    }));
+    // API routes
+    const apiRoutes = createApiRoutes();
+    app.route('/api', apiRoutes);
+    // Serve UI with embedded session token
+    app.get('/', (c) => {
+        return c.html(getHtmlTemplate(getSessionToken()));
+    });
+    // Static assets (if needed in the future)
+    app.get('/health', (c) => c.json({ status: 'ok' }));
+    // Start server
+    console.log(chalk.bold('\n🌐 Authrim Setup Web UI\n'));
+    console.log(`Server running at ${chalk.cyan(`http://${host}:${port}`)}`);
+    console.log(chalk.gray('\nPress Ctrl+C to stop\n'));
+    // Open browser if requested
+    if (options.openBrowser !== false) {
+        const url = `http://${host}:${port}`;
+        openBrowser(url);
+    }
+    serve({
+        fetch: app.fetch,
+        port,
+        hostname: host,
+    });
+}
+// =============================================================================
+// Browser Opening
+// =============================================================================
+/**
+ * Validate that the URL is a safe localhost URL
+ * Only allows http://localhost:PORT or http://127.0.0.1:PORT
+ */
+function validateLocalhostUrl(url) {
+    try {
+        const parsed = new URL(url);
+        // Only allow http protocol (not https for local dev server)
+        if (parsed.protocol !== 'http:') {
+            return false;
+        }
+        // Only allow localhost or 127.0.0.1
+        if (parsed.hostname !== 'localhost' && parsed.hostname !== '127.0.0.1') {
+            return false;
+        }
+        // Port must be a valid number
+        const port = parseInt(parsed.port || '80', 10);
+        if (isNaN(port) || port < 1 || port > 65535) {
+            return false;
+        }
+        // Path should only be simple (no shell metacharacters)
+        if (/[;&|`$(){}[\]<>!#*?'"]/.test(parsed.pathname)) {
+            return false;
+        }
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+async function openBrowser(url) {
+    // Security: Validate URL to prevent command injection
+    if (!validateLocalhostUrl(url)) {
+        console.log(chalk.yellow(`\nInvalid URL for browser opening: ${url}`));
+        console.log(chalk.gray('Only localhost URLs are allowed for automatic browser opening.'));
+        return;
+    }
+    const { platform } = process;
+    try {
+        const { execa } = await import('execa');
+        switch (platform) {
+            case 'darwin':
+                await execa('open', [url]);
+                break;
+            case 'win32':
+                // On Windows, use 'start' command with empty title to avoid shell expansion issues
+                await execa('cmd', ['/c', 'start', '""', url]);
+                break;
+            default:
+                // Linux and others
+                await execa('xdg-open', [url]);
+                break;
+        }
+    }
+    catch {
+        console.log(chalk.yellow(`\nCould not open browser automatically.`));
+        console.log(`Please open ${chalk.cyan(url)} in your browser.\n`);
+    }
+}
+//# sourceMappingURL=server.js.map

package/dist/web/server.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/web/server.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAClF,OAAO,EAAE,eAAe,EAAE,MAAM,SAAS,CAAC;AAY1C,gFAAgF;AAChF,SAAS;AACT,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,UAA4B,EAAE;IACjE,MAAM,EAAE,IAAI,GAAG,IAAI,EAAE,IAAI,GAAG,WAAW,EAAE,GAAG,OAAO,CAAC;IAEpD,kDAAkD;IAClD,oBAAoB,EAAE,CAAC;IAEvB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IAEvB,yCAAyC;IACzC,GAAG,CAAC,GAAG,CACL,QAAQ,EACR,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,oBAAoB,IAAI,EAAE,EAAE,oBAAoB,IAAI,EAAE,CAAC;QAChE,YAAY,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC;QAC9C,YAAY,EAAE,CAAC,cAAc,EAAE,iBAAiB,CAAC;KAClD,CAAC,CACH,CAAC;IAEF,aAAa;IACb,MAAM,SAAS,GAAG,eAAe,EAAE,CAAC;IACpC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAE7B,uCAAuC;IACvC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,EAAE;QACjB,OAAO,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,0CAA0C;IAC1C,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAEpD,eAAe;IACf,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,IAAI,CAAC,UAAU,IAAI,IAAI,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC;IAEpD,4BAA4B;IAC5B,IAAI,OAAO,CAAC,WAAW,KAAK,KAAK,EAAE,CAAC;QAClC,MAAM,GAAG,GAAG,UAAU,IAAI,IAAI,IAAI,EAAE,CAAC;QACrC,WAAW,CAAC,GAAG,CAAC,CAAC;IACnB,CAAC;IAED,KAAK,CAAC;QACJ,KAAK,EAAE,GAAG,CAAC,KAAK;QAChB,IAAI;QACJ,QAAQ,EAAE,IAAI;KACf,CAAC,CAAC;AACL,CAAC;AAED,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF;;;GAGG;AACH,SAAS,oBAAoB,CAAC,GAAW;IACvC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,4DAA4D;QAC5D,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YAChC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,oCAAoC;QACpC,IAAI,MAAM,CAAC,QAAQ,KAAK,WAAW,IAAI,MAAM,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;YACvE,OAAO,KAAK,CAAC;QACf,CAAC;QACD,8BAA8B;QAC9B,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;QAC/C,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,GAAG,KAAK,EAAE,CAAC;YAC5C,OAAO,KAAK,CAAC;QACf,CAAC;QACD,uDAAuD;QACvD,IAAI,wBAAwB,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,GAAW;IACpC,sDAAsD;IACtD,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,sCAAsC,GAAG,EAAE,CAAC,CAAC,CAAC;QACvE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC,CAAC;QAC1F,OAAO;IACT,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;IAE7B,IAAI,CAAC;QACH,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;QAExC,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,QAAQ;gBACX,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC3B,MAAM;YACR,KAAK,OAAO;gBACV,mFAAmF;gBACnF,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;gBAC/C,MAAM;YACR;gBACE,mBAAmB;gBACnB,MAAM,KAAK,CAAC,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC/B,MAAM;QACV,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,yCAAyC,CAAC,CAAC,CAAC;QACrE,OAAO,CAAC,GAAG,CAAC,eAAe,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACnE,CAAC;AACH,CAAC"}

package/dist/web/ui.d.ts ADDED Viewed

@@ -0,0 +1,7 @@
+/**
+ * HTML Template for Authrim Setup Web UI
+ *
+ * A simple, self-contained UI for the setup wizard.
+ */
+export declare function getHtmlTemplate(sessionToken?: string): string;
+//# sourceMappingURL=ui.d.ts.map

package/dist/web/ui.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"ui.d.ts","sourceRoot":"","sources":["../../src/web/ui.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,wBAAgB,eAAe,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,CAuvB7D"}