@azure/msal-browser 5.17.0 → 5.17.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (220) hide show
  1. package/dist/app/IPublicClientApplication.mjs +1 -1
  2. package/dist/app/PublicClientApplication.mjs +1 -1
  3. package/dist/broker/nativeBroker/NativeStatusCodes.mjs +1 -1
  4. package/dist/broker/nativeBroker/PlatformAuthDOMHandler.mjs +1 -1
  5. package/dist/broker/nativeBroker/PlatformAuthExtensionHandler.mjs +1 -1
  6. package/dist/broker/nativeBroker/PlatformAuthProvider.mjs +1 -1
  7. package/dist/cache/AccountManager.mjs +1 -1
  8. package/dist/cache/AsyncMemoryStorage.mjs +1 -1
  9. package/dist/cache/BrowserCacheManager.mjs +1 -1
  10. package/dist/cache/CacheHelpers.mjs +1 -1
  11. package/dist/cache/CacheKeys.mjs +1 -1
  12. package/dist/cache/CookieStorage.mjs +1 -1
  13. package/dist/cache/DatabaseStorage.mjs +1 -1
  14. package/dist/cache/EncryptedData.mjs +1 -1
  15. package/dist/cache/LocalStorage.mjs +1 -1
  16. package/dist/cache/MemoryStorage.mjs +1 -1
  17. package/dist/cache/SessionStorage.mjs +1 -1
  18. package/dist/cache/TokenCache.mjs +1 -1
  19. package/dist/config/Configuration.mjs +1 -1
  20. package/dist/controllers/NestedAppAuthController.mjs +1 -1
  21. package/dist/controllers/StandardController.mjs +1 -1
  22. package/dist/crypto/BrowserCrypto.mjs +61 -12
  23. package/dist/crypto/BrowserCrypto.mjs.map +1 -1
  24. package/dist/crypto/CryptoOps.mjs +6 -12
  25. package/dist/crypto/CryptoOps.mjs.map +1 -1
  26. package/dist/crypto/PkceGenerator.mjs +1 -1
  27. package/dist/crypto/SignedHttpRequest.mjs +1 -1
  28. package/dist/custom_auth/CustomAuthConstants.mjs +1 -1
  29. package/dist/custom_auth/CustomAuthPublicClientApplication.mjs +1 -1
  30. package/dist/custom_auth/controller/CustomAuthStandardController.mjs +1 -1
  31. package/dist/custom_auth/core/CustomAuthAuthority.mjs +1 -1
  32. package/dist/custom_auth/core/auth_flow/AuthFlowErrorBase.mjs +1 -1
  33. package/dist/custom_auth/core/auth_flow/AuthFlowResultBase.mjs +1 -1
  34. package/dist/custom_auth/core/auth_flow/AuthFlowState.mjs +1 -1
  35. package/dist/custom_auth/core/auth_flow/AuthFlowStateTypes.mjs +1 -1
  36. package/dist/custom_auth/core/auth_flow/jit/error_type/AuthMethodRegistrationError.mjs +1 -1
  37. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationChallengeMethodResult.mjs +1 -1
  38. package/dist/custom_auth/core/auth_flow/jit/result/AuthMethodRegistrationSubmitChallengeResult.mjs +1 -1
  39. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationCompletedState.mjs +1 -1
  40. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationFailedState.mjs +1 -1
  41. package/dist/custom_auth/core/auth_flow/jit/state/AuthMethodRegistrationState.mjs +1 -1
  42. package/dist/custom_auth/core/auth_flow/mfa/error_type/MfaError.mjs +1 -1
  43. package/dist/custom_auth/core/auth_flow/mfa/result/MfaRequestChallengeResult.mjs +1 -1
  44. package/dist/custom_auth/core/auth_flow/mfa/result/MfaSubmitChallengeResult.mjs +1 -1
  45. package/dist/custom_auth/core/auth_flow/mfa/state/MfaCompletedState.mjs +1 -1
  46. package/dist/custom_auth/core/auth_flow/mfa/state/MfaFailedState.mjs +1 -1
  47. package/dist/custom_auth/core/auth_flow/mfa/state/MfaState.mjs +1 -1
  48. package/dist/custom_auth/core/error/CustomAuthApiError.mjs +1 -1
  49. package/dist/custom_auth/core/error/CustomAuthError.mjs +1 -1
  50. package/dist/custom_auth/core/error/HttpError.mjs +1 -1
  51. package/dist/custom_auth/core/error/HttpErrorCodes.mjs +1 -1
  52. package/dist/custom_auth/core/error/InvalidArgumentError.mjs +1 -1
  53. package/dist/custom_auth/core/error/InvalidConfigurationError.mjs +1 -1
  54. package/dist/custom_auth/core/error/InvalidConfigurationErrorCodes.mjs +1 -1
  55. package/dist/custom_auth/core/error/MethodNotImplementedError.mjs +1 -1
  56. package/dist/custom_auth/core/error/MsalCustomAuthError.mjs +1 -1
  57. package/dist/custom_auth/core/error/NoCachedAccountFoundError.mjs +1 -1
  58. package/dist/custom_auth/core/error/ParsedUrlError.mjs +1 -1
  59. package/dist/custom_auth/core/error/ParsedUrlErrorCodes.mjs +1 -1
  60. package/dist/custom_auth/core/error/UnexpectedError.mjs +1 -1
  61. package/dist/custom_auth/core/error/UnsupportedEnvironmentError.mjs +1 -1
  62. package/dist/custom_auth/core/error/UserAccountAttributeError.mjs +1 -1
  63. package/dist/custom_auth/core/error/UserAlreadySignedInError.mjs +1 -1
  64. package/dist/custom_auth/core/interaction_client/CustomAuthInteractionClientBase.mjs +1 -1
  65. package/dist/custom_auth/core/interaction_client/CustomAuthInterationClientFactory.mjs +1 -1
  66. package/dist/custom_auth/core/interaction_client/jit/JitClient.mjs +1 -1
  67. package/dist/custom_auth/core/interaction_client/jit/result/JitActionResult.mjs +1 -1
  68. package/dist/custom_auth/core/interaction_client/mfa/MfaClient.mjs +1 -1
  69. package/dist/custom_auth/core/interaction_client/mfa/result/MfaActionResult.mjs +1 -1
  70. package/dist/custom_auth/core/network_client/custom_auth_api/BaseApiClient.mjs +1 -1
  71. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiClient.mjs +1 -1
  72. package/dist/custom_auth/core/network_client/custom_auth_api/CustomAuthApiEndpoint.mjs +1 -1
  73. package/dist/custom_auth/core/network_client/custom_auth_api/RegisterApiClient.mjs +1 -1
  74. package/dist/custom_auth/core/network_client/custom_auth_api/ResetPasswordApiClient.mjs +1 -1
  75. package/dist/custom_auth/core/network_client/custom_auth_api/SignInApiClient.mjs +1 -1
  76. package/dist/custom_auth/core/network_client/custom_auth_api/SignupApiClient.mjs +1 -1
  77. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiErrorCodes.mjs +1 -1
  78. package/dist/custom_auth/core/network_client/custom_auth_api/types/ApiSuberrors.mjs +1 -1
  79. package/dist/custom_auth/core/network_client/http_client/FetchHttpClient.mjs +1 -1
  80. package/dist/custom_auth/core/network_client/http_client/IHttpClient.mjs +1 -1
  81. package/dist/custom_auth/core/telemetry/PublicApiId.mjs +1 -1
  82. package/dist/custom_auth/core/utils/ArgumentValidator.mjs +1 -1
  83. package/dist/custom_auth/core/utils/CustomHeaderUtils.mjs +1 -1
  84. package/dist/custom_auth/core/utils/UrlUtils.mjs +1 -1
  85. package/dist/custom_auth/get_account/auth_flow/CustomAuthAccountData.mjs +1 -1
  86. package/dist/custom_auth/get_account/auth_flow/error_type/GetAccountError.mjs +1 -1
  87. package/dist/custom_auth/get_account/auth_flow/result/GetAccessTokenResult.mjs +1 -1
  88. package/dist/custom_auth/get_account/auth_flow/result/GetAccountResult.mjs +1 -1
  89. package/dist/custom_auth/get_account/auth_flow/result/SignOutResult.mjs +1 -1
  90. package/dist/custom_auth/get_account/auth_flow/state/GetAccessTokenState.mjs +1 -1
  91. package/dist/custom_auth/get_account/auth_flow/state/GetAccountState.mjs +1 -1
  92. package/dist/custom_auth/get_account/auth_flow/state/SignOutState.mjs +1 -1
  93. package/dist/custom_auth/get_account/interaction_client/CustomAuthSilentCacheClient.mjs +1 -1
  94. package/dist/custom_auth/index.mjs +1 -1
  95. package/dist/custom_auth/operating_context/CustomAuthOperatingContext.mjs +1 -1
  96. package/dist/custom_auth/reset_password/auth_flow/error_type/ResetPasswordError.mjs +1 -1
  97. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordResendCodeResult.mjs +1 -1
  98. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordStartResult.mjs +1 -1
  99. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitCodeResult.mjs +1 -1
  100. package/dist/custom_auth/reset_password/auth_flow/result/ResetPasswordSubmitPasswordResult.mjs +1 -1
  101. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCodeRequiredState.mjs +1 -1
  102. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordCompletedState.mjs +1 -1
  103. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordFailedState.mjs +1 -1
  104. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordPasswordRequiredState.mjs +1 -1
  105. package/dist/custom_auth/reset_password/auth_flow/state/ResetPasswordState.mjs +1 -1
  106. package/dist/custom_auth/reset_password/interaction_client/ResetPasswordClient.mjs +1 -1
  107. package/dist/custom_auth/sign_in/auth_flow/SignInScenario.mjs +1 -1
  108. package/dist/custom_auth/sign_in/auth_flow/error_type/SignInError.mjs +1 -1
  109. package/dist/custom_auth/sign_in/auth_flow/result/SignInResendCodeResult.mjs +1 -1
  110. package/dist/custom_auth/sign_in/auth_flow/result/SignInResult.mjs +1 -1
  111. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitCodeResult.mjs +1 -1
  112. package/dist/custom_auth/sign_in/auth_flow/result/SignInSubmitPasswordResult.mjs +1 -1
  113. package/dist/custom_auth/sign_in/auth_flow/state/SignInCodeRequiredState.mjs +1 -1
  114. package/dist/custom_auth/sign_in/auth_flow/state/SignInCompletedState.mjs +1 -1
  115. package/dist/custom_auth/sign_in/auth_flow/state/SignInContinuationState.mjs +1 -1
  116. package/dist/custom_auth/sign_in/auth_flow/state/SignInFailedState.mjs +1 -1
  117. package/dist/custom_auth/sign_in/auth_flow/state/SignInPasswordRequiredState.mjs +1 -1
  118. package/dist/custom_auth/sign_in/auth_flow/state/SignInState.mjs +1 -1
  119. package/dist/custom_auth/sign_in/interaction_client/SignInClient.mjs +1 -1
  120. package/dist/custom_auth/sign_in/interaction_client/result/SignInActionResult.mjs +1 -1
  121. package/dist/custom_auth/sign_up/auth_flow/error_type/SignUpError.mjs +1 -1
  122. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResendCodeResult.mjs +1 -1
  123. package/dist/custom_auth/sign_up/auth_flow/result/SignUpResult.mjs +1 -1
  124. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitAttributesResult.mjs +1 -1
  125. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitCodeResult.mjs +1 -1
  126. package/dist/custom_auth/sign_up/auth_flow/result/SignUpSubmitPasswordResult.mjs +1 -1
  127. package/dist/custom_auth/sign_up/auth_flow/state/SignUpAttributesRequiredState.mjs +1 -1
  128. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCodeRequiredState.mjs +1 -1
  129. package/dist/custom_auth/sign_up/auth_flow/state/SignUpCompletedState.mjs +1 -1
  130. package/dist/custom_auth/sign_up/auth_flow/state/SignUpFailedState.mjs +1 -1
  131. package/dist/custom_auth/sign_up/auth_flow/state/SignUpPasswordRequiredState.mjs +1 -1
  132. package/dist/custom_auth/sign_up/auth_flow/state/SignUpState.mjs +1 -1
  133. package/dist/custom_auth/sign_up/interaction_client/SignUpClient.mjs +1 -1
  134. package/dist/custom_auth/sign_up/interaction_client/result/SignUpActionResult.mjs +1 -1
  135. package/dist/encode/Base64Decode.mjs +1 -1
  136. package/dist/encode/Base64Encode.mjs +1 -1
  137. package/dist/error/BrowserAuthError.mjs +1 -1
  138. package/dist/error/BrowserAuthErrorCodes.mjs +3 -2
  139. package/dist/error/BrowserAuthErrorCodes.mjs.map +1 -1
  140. package/dist/error/BrowserConfigurationAuthError.mjs +1 -1
  141. package/dist/error/BrowserConfigurationAuthErrorCodes.mjs +1 -1
  142. package/dist/error/NativeAuthError.mjs +1 -1
  143. package/dist/error/NativeAuthErrorCodes.mjs +1 -1
  144. package/dist/error/NestedAppAuthError.mjs +1 -1
  145. package/dist/event/EventHandler.mjs +1 -1
  146. package/dist/event/EventMessage.mjs +1 -1
  147. package/dist/event/EventType.mjs +1 -1
  148. package/dist/index.mjs +1 -1
  149. package/dist/interaction_client/BaseInteractionClient.mjs +1 -1
  150. package/dist/interaction_client/HybridSpaAuthorizationCodeClient.mjs +1 -1
  151. package/dist/interaction_client/PlatformAuthInteractionClient.mjs +1 -1
  152. package/dist/interaction_client/PopupClient.mjs +1 -1
  153. package/dist/interaction_client/RedirectClient.mjs +1 -1
  154. package/dist/interaction_client/SilentAuthCodeClient.mjs +1 -1
  155. package/dist/interaction_client/SilentCacheClient.mjs +1 -1
  156. package/dist/interaction_client/SilentIframeClient.mjs +1 -1
  157. package/dist/interaction_client/SilentRefreshClient.mjs +1 -1
  158. package/dist/interaction_client/StandardInteractionClient.mjs +1 -1
  159. package/dist/interaction_handler/InteractionHandler.mjs +1 -1
  160. package/dist/interaction_handler/SilentHandler.mjs +1 -1
  161. package/dist/log-strings-mapping.json +2 -2
  162. package/dist/naa/BridgeError.mjs +1 -1
  163. package/dist/naa/BridgeProxy.mjs +1 -1
  164. package/dist/naa/BridgeStatusCode.mjs +1 -1
  165. package/dist/naa/mapping/NestedAppAuthAdapter.mjs +1 -1
  166. package/dist/navigation/NavigationClient.mjs +1 -1
  167. package/dist/network/FetchClient.mjs +1 -1
  168. package/dist/operatingcontext/BaseOperatingContext.mjs +1 -1
  169. package/dist/operatingcontext/NestedAppOperatingContext.mjs +1 -1
  170. package/dist/operatingcontext/StandardOperatingContext.mjs +1 -1
  171. package/dist/packageMetadata.mjs +2 -2
  172. package/dist/popup_relay/constants.mjs +1 -1
  173. package/dist/popup_relay/index.mjs +1 -1
  174. package/dist/popup_relay/relayClient.mjs +1 -1
  175. package/dist/protocol/Authorize.mjs +1 -1
  176. package/dist/redirect_bridge/index.mjs +1 -1
  177. package/dist/request/RequestHelpers.mjs +1 -1
  178. package/dist/response/ResponseHandler.mjs +1 -1
  179. package/dist/telemetry/BrowserPerformanceClient.mjs +1 -1
  180. package/dist/telemetry/BrowserPerformanceEvents.mjs +1 -1
  181. package/dist/telemetry/BrowserPerformanceMeasurement.mjs +1 -1
  182. package/dist/telemetry/BrowserRootPerformanceEvents.mjs +1 -1
  183. package/dist/utils/BrowserConstants.mjs +1 -1
  184. package/dist/utils/BrowserProtocolUtils.mjs +1 -1
  185. package/dist/utils/BrowserUtils.mjs +1 -1
  186. package/dist/utils/Helpers.mjs +1 -1
  187. package/dist/utils/MsalFrameStatsUtils.mjs +1 -1
  188. package/lib/custom-auth-path/log-strings-mapping.json +2 -2
  189. package/lib/custom-auth-path/msal-custom-auth.cjs +134 -86
  190. package/lib/custom-auth-path/msal-custom-auth.cjs.map +1 -1
  191. package/lib/custom-auth-path/msal-custom-auth.js +134 -86
  192. package/lib/custom-auth-path/msal-custom-auth.js.map +1 -1
  193. package/lib/log-strings-mapping.json +2 -2
  194. package/lib/msal-browser.cjs +142 -89
  195. package/lib/msal-browser.cjs.map +1 -1
  196. package/lib/msal-browser.js +142 -89
  197. package/lib/msal-browser.js.map +1 -1
  198. package/lib/msal-browser.min.js +2 -2
  199. package/lib/popup-relay/msal-popup-relay.cjs +2 -2
  200. package/lib/popup-relay/msal-popup-relay.cjs.map +1 -1
  201. package/lib/popup-relay/msal-popup-relay.js +2 -2
  202. package/lib/popup-relay/msal-popup-relay.js.map +1 -1
  203. package/lib/popup-relay/msal-popup-relay.min.js +1 -1
  204. package/lib/redirect-bridge/msal-redirect-bridge.cjs +10 -10
  205. package/lib/redirect-bridge/msal-redirect-bridge.cjs.map +1 -1
  206. package/lib/redirect-bridge/msal-redirect-bridge.js +10 -10
  207. package/lib/redirect-bridge/msal-redirect-bridge.js.map +1 -1
  208. package/lib/redirect-bridge/msal-redirect-bridge.min.js +1 -1
  209. package/package.json +2 -2
  210. package/src/crypto/BrowserCrypto.ts +104 -9
  211. package/src/crypto/CryptoOps.ts +13 -12
  212. package/src/error/BrowserAuthErrorCodes.ts +1 -0
  213. package/src/packageMetadata.ts +1 -1
  214. package/types/crypto/BrowserCrypto.d.ts +19 -5
  215. package/types/crypto/BrowserCrypto.d.ts.map +1 -1
  216. package/types/crypto/CryptoOps.d.ts.map +1 -1
  217. package/types/custom_auth/CustomAuthConstants.d.ts +1 -1
  218. package/types/error/BrowserAuthErrorCodes.d.ts +1 -0
  219. package/types/error/BrowserAuthErrorCodes.d.ts.map +1 -1
  220. package/types/packageMetadata.d.ts +1 -1
@@ -1 +1 @@
1
- {"version":3,"file":"msal-redirect-bridge.js","sources":["../../../msal-common/dist-browser/utils/Constants.mjs","../../../msal-common/dist-browser/error/AuthError.mjs","../../../msal-common/dist-browser/error/ClientAuthError.mjs","../../../msal-common/dist-browser/error/ClientAuthErrorCodes.mjs","../../../msal-common/dist-browser/error/ClientConfigurationError.mjs","../../../msal-common/dist-browser/error/ClientConfigurationErrorCodes.mjs","../../../msal-common/dist-browser/utils/StringUtils.mjs","../../../msal-common/dist-browser/url/UrlString.mjs","../../../msal-common/dist-browser/utils/ProtocolUtils.mjs","../../../../src/error/BrowserAuthErrorCodes.ts","../../../../src/error/BrowserAuthError.ts","../../../../src/encode/Base64Decode.ts","../../../../src/utils/BrowserConstants.ts","../../../../src/utils/BrowserUtils.ts","../../../../src/navigation/NavigationClient.ts","../../../../src/config/Configuration.ts","../../../../src/cache/CacheKeys.ts","../../../../src/redirect_bridge/index.ts"],"sourcesContent":["/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst SKU = \"msal.js.common\";\r\n// default authority\r\nconst DEFAULT_AUTHORITY = \"https://login.microsoftonline.com/common/\";\r\nconst DEFAULT_AUTHORITY_HOST = \"login.microsoftonline.com\";\r\nconst DEFAULT_COMMON_TENANT = \"common\";\r\n// ADFS String\r\nconst ADFS = \"adfs\";\r\nconst DSTS = \"dstsv2\";\r\n// Default AAD Instance Discovery Endpoint\r\nconst AAD_INSTANCE_DISCOVERY_ENDPT = `${DEFAULT_AUTHORITY}discovery/instance?api-version=1.1&authorization_endpoint=`;\r\n// CIAM URL\r\nconst CIAM_AUTH_URL = \".ciamlogin.com\";\r\nconst AAD_TENANT_DOMAIN_SUFFIX = \".onmicrosoft.com\";\r\n// Resource delimiter - used for certain cache entries\r\nconst RESOURCE_DELIM = \"|\";\r\n// Consumer UTID\r\nconst CONSUMER_UTID = \"9188040d-6c67-4c5b-b112-36a304b66dad\";\r\n// Default scopes\r\nconst OPENID_SCOPE = \"openid\";\r\nconst PROFILE_SCOPE = \"profile\";\r\nconst OFFLINE_ACCESS_SCOPE = \"offline_access\";\r\nconst EMAIL_SCOPE = \"email\";\r\nconst CODE_GRANT_TYPE = \"authorization_code\";\r\nconst S256_CODE_CHALLENGE_METHOD = \"S256\";\r\nconst URL_FORM_CONTENT_TYPE = \"application/x-www-form-urlencoded;charset=utf-8\";\r\nconst AUTHORIZATION_PENDING = \"authorization_pending\";\r\nconst NOT_APPLICABLE = \"N/A\";\r\nconst NOT_AVAILABLE = \"Not Available\";\r\nconst FORWARD_SLASH = \"/\";\r\nconst IMDS_ENDPOINT = \"http://169.254.169.254/metadata/instance/compute\";\r\nconst IMDS_VERSION = \"2021-02-01\";\r\nconst IMDS_TIMEOUT = 2000;\r\nconst AZURE_REGION_AUTO_DISCOVER_FLAG = \"TryAutoDetect\";\r\nconst REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX = \"login.microsoft.com\";\r\nconst KNOWN_PUBLIC_CLOUDS = [\r\n \"login.microsoftonline.com\",\r\n \"login.windows.net\",\r\n \"login.microsoft.com\",\r\n \"sts.windows.net\",\r\n];\r\nconst SHR_NONCE_VALIDITY = 240;\r\nconst INVALID_INSTANCE = \"invalid_instance\";\r\nconst HTTP_SUCCESS = 200;\r\nconst HTTP_SUCCESS_RANGE_START = 200;\r\nconst HTTP_SUCCESS_RANGE_END = 299;\r\nconst HTTP_REDIRECT = 302;\r\nconst HTTP_CLIENT_ERROR = 400;\r\nconst HTTP_CLIENT_ERROR_RANGE_START = 400;\r\nconst HTTP_BAD_REQUEST = 400;\r\nconst HTTP_UNAUTHORIZED = 401;\r\nconst HTTP_NOT_FOUND = 404;\r\nconst HTTP_REQUEST_TIMEOUT = 408;\r\nconst HTTP_GONE = 410;\r\nconst HTTP_TOO_MANY_REQUESTS = 429;\r\nconst HTTP_CLIENT_ERROR_RANGE_END = 499;\r\nconst HTTP_SERVER_ERROR = 500;\r\nconst HTTP_SERVER_ERROR_RANGE_START = 500;\r\nconst HTTP_SERVICE_UNAVAILABLE = 503;\r\nconst HTTP_GATEWAY_TIMEOUT = 504;\r\nconst HTTP_SERVER_ERROR_RANGE_END = 599;\r\nconst HTTP_MULTI_SIDED_ERROR = 600;\r\nconst HttpMethod = {\r\n GET: \"GET\",\r\n POST: \"POST\",\r\n};\r\nconst OIDC_DEFAULT_SCOPES = [\r\n OPENID_SCOPE,\r\n PROFILE_SCOPE,\r\n OFFLINE_ACCESS_SCOPE,\r\n];\r\nconst OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, EMAIL_SCOPE];\r\n/**\r\n * Request header names\r\n */\r\nconst HeaderNames = {\r\n CONTENT_TYPE: \"Content-Type\",\r\n CONTENT_LENGTH: \"Content-Length\",\r\n RETRY_AFTER: \"Retry-After\",\r\n CCS_HEADER: \"X-AnchorMailbox\",\r\n WWWAuthenticate: \"WWW-Authenticate\",\r\n AuthenticationInfo: \"Authentication-Info\",\r\n X_MS_REQUEST_ID: \"x-ms-request-id\",\r\n X_MS_HTTP_VERSION: \"x-ms-httpver\",\r\n};\r\n/**\r\n * Persistent cache keys MSAL which stay while user is logged in.\r\n */\r\nconst PersistentCacheKeys = {\r\n ACTIVE_ACCOUNT_FILTERS: \"active-account-filters\", // new cache entry for active_account for a more robust version for browser\r\n};\r\n/**\r\n * String constants related to AAD Authority\r\n */\r\nconst AADAuthority = {\r\n COMMON: \"common\",\r\n ORGANIZATIONS: \"organizations\",\r\n CONSUMERS: \"consumers\",\r\n};\r\n/**\r\n * Claims request keys\r\n */\r\nconst ClaimsRequestKeys = {\r\n ACCESS_TOKEN: \"access_token\",\r\n XMS_CC: \"xms_cc\",\r\n ID_TOKEN: \"id_token\",\r\n SIGNIN_STATE: \"signin_state\",\r\n LOGIN_HINT: \"login_hint\",\r\n};\r\n/**\r\n * we considered making this \"enum\" in the request instead of string, however it looks like the allowed list of\r\n * prompt values kept changing over past couple of years. There are some undocumented prompt values for some\r\n * internal partners too, hence the choice of generic \"string\" type instead of the \"enum\"\r\n */\r\nconst PromptValue = {\r\n LOGIN: \"login\",\r\n SELECT_ACCOUNT: \"select_account\",\r\n CONSENT: \"consent\",\r\n NONE: \"none\",\r\n CREATE: \"create\",\r\n NO_SESSION: \"no_session\",\r\n};\r\n/**\r\n * allowed values for codeVerifier\r\n */\r\nconst CodeChallengeMethodValues = {\r\n PLAIN: \"plain\",\r\n S256: \"S256\",\r\n};\r\n/**\r\n * Allowed values for response_type\r\n */\r\nconst OAuthResponseType = {\r\n CODE: \"code\",\r\n IDTOKEN_TOKEN: \"id_token token\",\r\n IDTOKEN_TOKEN_REFRESHTOKEN: \"id_token token refresh_token\",\r\n};\r\n/**\r\n * allowed values for response_mode\r\n */\r\nconst ResponseMode = {\r\n QUERY: \"query\",\r\n FRAGMENT: \"fragment\",\r\n FORM_POST: \"form_post\",\r\n};\r\n/**\r\n * allowed grant_type\r\n */\r\nconst GrantType = {\r\n IMPLICIT_GRANT: \"implicit\",\r\n AUTHORIZATION_CODE_GRANT: \"authorization_code\",\r\n CLIENT_CREDENTIALS_GRANT: \"client_credentials\",\r\n RESOURCE_OWNER_PASSWORD_GRANT: \"password\",\r\n REFRESH_TOKEN_GRANT: \"refresh_token\",\r\n DEVICE_CODE_GRANT: \"device_code\",\r\n JWT_BEARER: \"urn:ietf:params:oauth:grant-type:jwt-bearer\",\r\n USER_FIC: \"user_fic\",\r\n};\r\n/**\r\n * Account types in Cache\r\n */\r\nconst CACHE_ACCOUNT_TYPE_MSSTS = \"MSSTS\";\r\nconst CACHE_ACCOUNT_TYPE_ADFS = \"ADFS\";\r\nconst CACHE_ACCOUNT_TYPE_MSAV1 = \"MSA\";\r\nconst CACHE_ACCOUNT_TYPE_GENERIC = \"Generic\";\r\n/**\r\n * Separators used in cache\r\n */\r\nconst CACHE_KEY_SEPARATOR = \"-\";\r\nconst CLIENT_INFO_SEPARATOR = \".\";\r\n/**\r\n * Credential Type stored in the cache\r\n */\r\nconst CredentialType = {\r\n ID_TOKEN: \"IdToken\",\r\n ACCESS_TOKEN: \"AccessToken\",\r\n ACCESS_TOKEN_WITH_AUTH_SCHEME: \"AccessToken_With_AuthScheme\",\r\n REFRESH_TOKEN: \"RefreshToken\",\r\n};\r\n/**\r\n * Combine all cache types\r\n */\r\nconst CacheType = {\r\n ADFS: 1001,\r\n MSA: 1002,\r\n MSSTS: 1003,\r\n GENERIC: 1004,\r\n ACCESS_TOKEN: 2001,\r\n REFRESH_TOKEN: 2002,\r\n ID_TOKEN: 2003,\r\n APP_METADATA: 3001,\r\n UNDEFINED: 9999,\r\n};\r\n/**\r\n * More Cache related constants\r\n */\r\nconst APP_METADATA = \"appmetadata\";\r\nconst CLIENT_INFO = \"client_info\";\r\nconst THE_FAMILY_ID = \"1\";\r\nconst AUTHORITY_METADATA_CACHE_KEY = \"authority-metadata\";\r\nconst AUTHORITY_METADATA_REFRESH_TIME_SECONDS = 3600 * 24; // 24 Hours\r\nconst AuthorityMetadataSource = {\r\n CONFIG: \"config\",\r\n CACHE: \"cache\",\r\n NETWORK: \"network\",\r\n HARDCODED_VALUES: \"hardcoded_values\",\r\n};\r\nconst SERVER_TELEM_SCHEMA_VERSION = 5;\r\nconst SERVER_TELEM_MAX_CUR_HEADER_BYTES = 80; // ESTS limit is 100B, set to 80 to provide a 20B buffer\r\nconst SERVER_TELEM_MAX_LAST_HEADER_BYTES = 330; // ESTS limit is 350B, set to 330 to provide a 20B buffer,\r\nconst SERVER_TELEM_MAX_CACHED_ERRORS = 50; // Limit the number of errors that can be stored to prevent uncontrolled size gains\r\nconst SERVER_TELEM_CACHE_KEY = \"server-telemetry\";\r\nconst SERVER_TELEM_CATEGORY_SEPARATOR = \"|\";\r\nconst SERVER_TELEM_VALUE_SEPARATOR = \",\";\r\nconst SERVER_TELEM_OVERFLOW_TRUE = \"1\";\r\nconst SERVER_TELEM_OVERFLOW_FALSE = \"0\";\r\nconst SERVER_TELEM_UNKNOWN_ERROR = \"unknown_error\";\r\n/**\r\n * Type of the authentication request\r\n */\r\nconst AuthenticationScheme = {\r\n BEARER: \"Bearer\",\r\n POP: \"pop\",\r\n SSH: \"ssh-cert\",\r\n};\r\n/**\r\n * Constants related to throttling\r\n */\r\nconst DEFAULT_THROTTLE_TIME_SECONDS = 60;\r\n// Default maximum time to throttle in seconds, overrides what the server sends back\r\nconst DEFAULT_MAX_THROTTLE_TIME_SECONDS = 3600;\r\n// Prefix for storing throttling entries\r\nconst THROTTLING_PREFIX = \"throttling\";\r\n// Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling\r\nconst X_MS_LIB_CAPABILITY_VALUE = \"retry-after, h429\";\r\n/**\r\n * Errors\r\n */\r\nconst INVALID_GRANT_ERROR = \"invalid_grant\";\r\nconst CLIENT_MISMATCH_ERROR = \"client_mismatch\";\r\n/**\r\n * Password grant parameters\r\n */\r\nconst PasswordGrantConstants = {\r\n username: \"username\",\r\n password: \"password\",\r\n};\r\n/**\r\n * Region Discovery Sources\r\n */\r\nconst RegionDiscoverySources = {\r\n FAILED_AUTO_DETECTION: \"1\",\r\n INTERNAL_CACHE: \"2\",\r\n ENVIRONMENT_VARIABLE: \"3\",\r\n IMDS: \"4\",\r\n};\r\n/**\r\n * Region Discovery Outcomes\r\n */\r\nconst RegionDiscoveryOutcomes = {\r\n CONFIGURED_MATCHES_DETECTED: \"1\",\r\n CONFIGURED_NO_AUTO_DETECTION: \"2\",\r\n CONFIGURED_NOT_DETECTED: \"3\",\r\n AUTO_DETECTION_REQUESTED_SUCCESSFUL: \"4\",\r\n AUTO_DETECTION_REQUESTED_FAILED: \"5\",\r\n};\r\n/**\r\n * Specifies the reason for fetching the access token from the identity provider\r\n */\r\nconst CacheOutcome = {\r\n // When a token is found in the cache or the cache is not supposed to be hit when making the request\r\n NOT_APPLICABLE: \"0\",\r\n // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested\r\n FORCE_REFRESH_OR_CLAIMS: \"1\",\r\n // When the token request goes to the identity provider because no cached access token exists\r\n NO_CACHED_ACCESS_TOKEN: \"2\",\r\n // When the token request goes to the identity provider because cached access token expired\r\n CACHED_ACCESS_TOKEN_EXPIRED: \"3\",\r\n // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed\r\n PROACTIVELY_REFRESHED: \"4\",\r\n};\r\nconst JsonWebTokenTypes = {\r\n Jwt: \"JWT\",\r\n Jwk: \"JWK\",\r\n Pop: \"pop\",\r\n};\r\nconst ONE_DAY_IN_MS = 86400000;\r\n// Token renewal offset default in seconds\r\nconst DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;\r\nconst EncodingTypes = {\r\n BASE64: \"base64\",\r\n HEX: \"hex\",\r\n UTF8: \"utf-8\",\r\n};\n\nexport { AADAuthority, AAD_INSTANCE_DISCOVERY_ENDPT, AAD_TENANT_DOMAIN_SUFFIX, ADFS, APP_METADATA, AUTHORITY_METADATA_CACHE_KEY, AUTHORITY_METADATA_REFRESH_TIME_SECONDS, AUTHORIZATION_PENDING, AZURE_REGION_AUTO_DISCOVER_FLAG, AuthenticationScheme, AuthorityMetadataSource, CACHE_ACCOUNT_TYPE_ADFS, CACHE_ACCOUNT_TYPE_GENERIC, CACHE_ACCOUNT_TYPE_MSAV1, CACHE_ACCOUNT_TYPE_MSSTS, CACHE_KEY_SEPARATOR, CIAM_AUTH_URL, CLIENT_INFO, CLIENT_INFO_SEPARATOR, CLIENT_MISMATCH_ERROR, CODE_GRANT_TYPE, CONSUMER_UTID, CacheOutcome, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, CredentialType, DEFAULT_AUTHORITY, DEFAULT_AUTHORITY_HOST, DEFAULT_COMMON_TENANT, DEFAULT_MAX_THROTTLE_TIME_SECONDS, DEFAULT_THROTTLE_TIME_SECONDS, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, DSTS, EMAIL_SCOPE, EncodingTypes, FORWARD_SLASH, GrantType, HTTP_BAD_REQUEST, HTTP_CLIENT_ERROR, HTTP_CLIENT_ERROR_RANGE_END, HTTP_CLIENT_ERROR_RANGE_START, HTTP_GATEWAY_TIMEOUT, HTTP_GONE, HTTP_MULTI_SIDED_ERROR, HTTP_NOT_FOUND, HTTP_REDIRECT, HTTP_REQUEST_TIMEOUT, HTTP_SERVER_ERROR, HTTP_SERVER_ERROR_RANGE_END, HTTP_SERVER_ERROR_RANGE_START, HTTP_SERVICE_UNAVAILABLE, HTTP_SUCCESS, HTTP_SUCCESS_RANGE_END, HTTP_SUCCESS_RANGE_START, HTTP_TOO_MANY_REQUESTS, HTTP_UNAUTHORIZED, HeaderNames, HttpMethod, IMDS_ENDPOINT, IMDS_TIMEOUT, IMDS_VERSION, INVALID_GRANT_ERROR, INVALID_INSTANCE, JsonWebTokenTypes, KNOWN_PUBLIC_CLOUDS, NOT_APPLICABLE, NOT_AVAILABLE, OAuthResponseType, OFFLINE_ACCESS_SCOPE, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, ONE_DAY_IN_MS, OPENID_SCOPE, PROFILE_SCOPE, PasswordGrantConstants, PersistentCacheKeys, PromptValue, REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX, RESOURCE_DELIM, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseMode, S256_CODE_CHALLENGE_METHOD, SERVER_TELEM_CACHE_KEY, SERVER_TELEM_CATEGORY_SEPARATOR, SERVER_TELEM_MAX_CACHED_ERRORS, SERVER_TELEM_MAX_CUR_HEADER_BYTES, SERVER_TELEM_MAX_LAST_HEADER_BYTES, SERVER_TELEM_OVERFLOW_FALSE, SERVER_TELEM_OVERFLOW_TRUE, SERVER_TELEM_SCHEMA_VERSION, SERVER_TELEM_UNKNOWN_ERROR, SERVER_TELEM_VALUE_SEPARATOR, SHR_NONCE_VALIDITY, SKU, THE_FAMILY_ID, THROTTLING_PREFIX, URL_FORM_CONTENT_TYPE, X_MS_LIB_CAPABILITY_VALUE };\n//# sourceMappingURL=Constants.mjs.map\n","/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nfunction getDefaultErrorMessage(code) {\r\n return `See https://aka.ms/msal.js.errors#${code} for details`;\r\n}\r\n/**\r\n * General error class thrown by the MSAL.js library.\r\n */\r\nclass AuthError extends Error {\r\n constructor(errorCode, correlationId, errorMessage, suberror) {\r\n const message = errorMessage ||\r\n (errorCode ? getDefaultErrorMessage(errorCode) : \"\");\r\n const errorString = message ? `${errorCode}: ${message}` : errorCode;\r\n super(errorString);\r\n Object.setPrototypeOf(this, AuthError.prototype);\r\n this.errorCode = errorCode || \"\";\r\n this.errorMessage = message || \"\";\r\n this.subError = suberror || \"\";\r\n this.correlationId = correlationId;\r\n this.name = \"AuthError\";\r\n }\r\n}\r\nfunction createAuthError(code, correlationId, additionalMessage) {\r\n return new AuthError(code, correlationId, additionalMessage || getDefaultErrorMessage(code));\r\n}\n\nexport { AuthError, createAuthError, getDefaultErrorMessage };\n//# sourceMappingURL=AuthError.mjs.map\n","/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\nimport { AuthError } from './AuthError.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ClientAuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\n/**\r\n * Error thrown when there is an error in the client code running on the browser.\r\n */\r\nclass ClientAuthError extends AuthError {\r\n constructor(errorCode, correlationId, additionalMessage) {\r\n super(errorCode, correlationId, additionalMessage);\r\n this.name = \"ClientAuthError\";\r\n Object.setPrototypeOf(this, ClientAuthError.prototype);\r\n }\r\n}\r\nfunction createClientAuthError(errorCode, correlationId, additionalMessage) {\r\n return new ClientAuthError(errorCode, correlationId, additionalMessage);\r\n}\n\nexport { ClientAuthError, createClientAuthError };\n//# sourceMappingURL=ClientAuthError.mjs.map\n","/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst clientInfoDecodingError = \"client_info_decoding_error\";\r\nconst clientInfoEmptyError = \"client_info_empty_error\";\r\nconst tokenParsingError = \"token_parsing_error\";\r\nconst nullOrEmptyToken = \"null_or_empty_token\";\r\nconst endpointResolutionError = \"endpoints_resolution_error\";\r\nconst networkError = \"network_error\";\r\nconst openIdConfigError = \"openid_config_error\";\r\nconst hashNotDeserialized = \"hash_not_deserialized\";\r\nconst invalidState = \"invalid_state\";\r\nconst stateMismatch = \"state_mismatch\";\r\nconst stateNotFound = \"state_not_found\";\r\nconst nonceMismatch = \"nonce_mismatch\";\r\nconst multipleMatchingTokens = \"multiple_matching_tokens\";\r\nconst multipleMatchingAppMetadata = \"multiple_matching_appMetadata\";\r\nconst requestCannotBeMade = \"request_cannot_be_made\";\r\nconst cannotRemoveEmptyScope = \"cannot_remove_empty_scope\";\r\nconst cannotAppendScopeSet = \"cannot_append_scopeset\";\r\nconst emptyInputScopeSet = \"empty_input_scopeset\";\r\nconst noAccountInSilentRequest = \"no_account_in_silent_request\";\r\nconst invalidCacheRecord = \"invalid_cache_record\";\r\nconst invalidCacheEnvironment = \"invalid_cache_environment\";\r\nconst noAccountFound = \"no_account_found\";\r\nconst noCryptoObject = \"no_crypto_object\";\r\nconst unexpectedCredentialType = \"unexpected_credential_type\";\r\nconst tokenRefreshRequired = \"token_refresh_required\";\r\nconst tokenClaimsCnfRequiredForSignedJwt = \"token_claims_cnf_required_for_signedjwt\";\r\nconst authorizationCodeMissingFromServerResponse = \"authorization_code_missing_from_server_response\";\r\nconst bindingKeyNotRemoved = \"binding_key_not_removed\";\r\nconst endSessionEndpointNotSupported = \"end_session_endpoint_not_supported\";\r\nconst keyIdMissing = \"key_id_missing\";\r\nconst noNetworkConnectivity = \"no_network_connectivity\";\r\nconst userCanceled = \"user_canceled\";\r\nconst methodNotImplemented = \"method_not_implemented\";\r\nconst nestedAppAuthBridgeDisabled = \"nested_app_auth_bridge_disabled\";\r\nconst platformBrokerError = \"platform_broker_error\";\r\nconst resourceParameterRequired = \"resource_parameter_required\";\r\nconst misplacedResourceParam = \"misplaced_resource_parameter\";\n\nexport { authorizationCodeMissingFromServerResponse, bindingKeyNotRemoved, cannotAppendScopeSet, cannotRemoveEmptyScope, clientInfoDecodingError, clientInfoEmptyError, emptyInputScopeSet, endSessionEndpointNotSupported, endpointResolutionError, hashNotDeserialized, invalidCacheEnvironment, invalidCacheRecord, invalidState, keyIdMissing, methodNotImplemented, misplacedResourceParam, multipleMatchingAppMetadata, multipleMatchingTokens, nestedAppAuthBridgeDisabled, networkError, noAccountFound, noAccountInSilentRequest, noCryptoObject, noNetworkConnectivity, nonceMismatch, nullOrEmptyToken, openIdConfigError, platformBrokerError, requestCannotBeMade, resourceParameterRequired, stateMismatch, stateNotFound, tokenClaimsCnfRequiredForSignedJwt, tokenParsingError, tokenRefreshRequired, unexpectedCredentialType, userCanceled };\n//# sourceMappingURL=ClientAuthErrorCodes.mjs.map\n","/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\nimport { AuthError } from './AuthError.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Error thrown when there is an error in configuration of the MSAL.js library.\r\n */\r\nclass ClientConfigurationError extends AuthError {\r\n constructor(errorCode, correlationId) {\r\n super(errorCode, correlationId);\r\n this.name = \"ClientConfigurationError\";\r\n Object.setPrototypeOf(this, ClientConfigurationError.prototype);\r\n }\r\n}\r\nfunction createClientConfigurationError(errorCode, correlationId) {\r\n return new ClientConfigurationError(errorCode, correlationId);\r\n}\n\nexport { ClientConfigurationError, createClientConfigurationError };\n//# sourceMappingURL=ClientConfigurationError.mjs.map\n","/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst redirectUriEmpty = \"redirect_uri_empty\";\r\nconst claimsRequestParsingError = \"claims_request_parsing_error\";\r\nconst authorityUriInsecure = \"authority_uri_insecure\";\r\nconst urlParseError = \"url_parse_error\";\r\nconst urlEmptyError = \"empty_url_error\";\r\nconst emptyInputScopesError = \"empty_input_scopes_error\";\r\nconst invalidClaims = \"invalid_claims\";\r\nconst tokenRequestEmpty = \"token_request_empty\";\r\nconst logoutRequestEmpty = \"logout_request_empty\";\r\nconst invalidCodeChallengeMethod = \"invalid_code_challenge_method\";\r\nconst pkceParamsMissing = \"pkce_params_missing\";\r\nconst invalidCloudDiscoveryMetadata = \"invalid_cloud_discovery_metadata\";\r\nconst invalidAuthorityMetadata = \"invalid_authority_metadata\";\r\nconst untrustedAuthority = \"untrusted_authority\";\r\nconst missingSshJwk = \"missing_ssh_jwk\";\r\nconst missingSshKid = \"missing_ssh_kid\";\r\nconst missingNonceAuthenticationHeader = \"missing_nonce_authentication_header\";\r\nconst invalidAuthenticationHeader = \"invalid_authentication_header\";\r\nconst cannotSetOIDCOptions = \"cannot_set_OIDCOptions\";\r\nconst cannotAllowPlatformBroker = \"cannot_allow_platform_broker\";\r\nconst authorityMismatch = \"authority_mismatch\";\r\nconst invalidRequestMethodForEAR = \"invalid_request_method_for_EAR\";\r\nconst invalidPlatformBrokerConfiguration = \"invalid_platform_broker_configuration\";\r\nconst issuerValidationFailed = \"issuer_validation_failed\";\r\nconst invalidResponseMode = \"invalid_response_mode\";\n\nexport { authorityMismatch, authorityUriInsecure, cannotAllowPlatformBroker, cannotSetOIDCOptions, claimsRequestParsingError, emptyInputScopesError, invalidAuthenticationHeader, invalidAuthorityMetadata, invalidClaims, invalidCloudDiscoveryMetadata, invalidCodeChallengeMethod, invalidPlatformBrokerConfiguration, invalidRequestMethodForEAR, invalidResponseMode, issuerValidationFailed, logoutRequestEmpty, missingNonceAuthenticationHeader, missingSshJwk, missingSshKid, pkceParamsMissing, redirectUriEmpty, tokenRequestEmpty, untrustedAuthority, urlEmptyError, urlParseError };\n//# sourceMappingURL=ClientConfigurationErrorCodes.mjs.map\n","/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * @hidden\r\n */\r\nclass StringUtils {\r\n /**\r\n * Check if stringified object is empty\r\n * @param strObj\r\n */\r\n static isEmptyObj(strObj) {\r\n if (strObj) {\r\n try {\r\n const obj = JSON.parse(strObj);\r\n return Object.keys(obj).length === 0;\r\n }\r\n catch (e) { }\r\n }\r\n return true;\r\n }\r\n static startsWith(str, search) {\r\n return str.indexOf(search) === 0;\r\n }\r\n static endsWith(str, search) {\r\n return (str.length >= search.length &&\r\n str.lastIndexOf(search) === str.length - search.length);\r\n }\r\n /**\r\n * Parses string into an object.\r\n *\r\n * @param query\r\n */\r\n static queryStringToObject(query) {\r\n const obj = {};\r\n const params = query.split(\"&\");\r\n const decode = (s) => decodeURIComponent(s.replace(/\\+/g, \" \"));\r\n params.forEach((pair) => {\r\n if (pair.trim()) {\r\n const [key, value] = pair.split(/=(.+)/g, 2); // Split on the first occurence of the '=' character\r\n if (key && value) {\r\n obj[decode(key)] = decode(value);\r\n }\r\n }\r\n });\r\n return obj;\r\n }\r\n /**\r\n * Trims entries in an array.\r\n *\r\n * @param arr\r\n */\r\n static trimArrayEntries(arr) {\r\n return arr.map((entry) => entry.trim());\r\n }\r\n /**\r\n * Removes empty strings from array\r\n * @param arr\r\n */\r\n static removeEmptyStringsFromArray(arr) {\r\n return arr.filter((entry) => {\r\n return !!entry;\r\n });\r\n }\r\n /**\r\n * Attempts to parse a string into JSON\r\n * @param str\r\n */\r\n static jsonParseHelper(str) {\r\n try {\r\n return JSON.parse(str);\r\n }\r\n catch (e) {\r\n return null;\r\n }\r\n }\r\n}\n\nexport { StringUtils };\n//# sourceMappingURL=StringUtils.mjs.map\n","/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\nimport { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';\nimport { StringUtils } from '../utils/StringUtils.mjs';\nimport { AADAuthority, FORWARD_SLASH } from '../utils/Constants.mjs';\nimport { urlEmptyError, urlParseError, authorityUriInsecure } from '../error/ClientConfigurationErrorCodes.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Url object class which can perform various transformations on url strings.\r\n */\r\nclass UrlString {\r\n get urlString() {\r\n return this._urlString;\r\n }\r\n constructor(url, correlationId) {\r\n this._urlString = url;\r\n this.correlationId = correlationId;\r\n if (!this._urlString) {\r\n // Throws error if url is empty\r\n throw createClientConfigurationError(urlEmptyError, correlationId);\r\n }\r\n if (!url.includes(\"#\")) {\r\n this._urlString = UrlString.canonicalizeUri(url);\r\n }\r\n }\r\n /**\r\n * Ensure urls are lower case and end with a / character.\r\n * @param url\r\n */\r\n static canonicalizeUri(url) {\r\n if (url) {\r\n let lowerCaseUrl = url.toLowerCase();\r\n if (StringUtils.endsWith(lowerCaseUrl, \"?\")) {\r\n lowerCaseUrl = lowerCaseUrl.slice(0, -1);\r\n }\r\n else if (StringUtils.endsWith(lowerCaseUrl, \"?/\")) {\r\n lowerCaseUrl = lowerCaseUrl.slice(0, -2);\r\n }\r\n if (!StringUtils.endsWith(lowerCaseUrl, \"/\")) {\r\n lowerCaseUrl += \"/\";\r\n }\r\n return lowerCaseUrl;\r\n }\r\n return url;\r\n }\r\n /**\r\n * Throws if urlString passed is not a valid authority URI string.\r\n */\r\n validateAsUri() {\r\n // Attempts to parse url for uri components\r\n let components;\r\n try {\r\n components = this.getUrlComponents();\r\n }\r\n catch (e) {\r\n throw createClientConfigurationError(urlParseError, this.correlationId);\r\n }\r\n // Throw error if URI or path segments are not parseable.\r\n if (!components.HostNameAndPort || !components.PathSegments) {\r\n throw createClientConfigurationError(urlParseError, this.correlationId);\r\n }\r\n // Throw error if uri is insecure.\r\n if (!components.Protocol ||\r\n components.Protocol.toLowerCase() !== \"https:\") {\r\n throw createClientConfigurationError(authorityUriInsecure, this.correlationId);\r\n }\r\n }\r\n /**\r\n * Given a url and a query string return the url with provided query string appended\r\n * @param url\r\n * @param queryString\r\n */\r\n static appendQueryString(url, queryString) {\r\n if (!queryString) {\r\n return url;\r\n }\r\n return url.indexOf(\"?\") < 0\r\n ? `${url}?${queryString}`\r\n : `${url}&${queryString}`;\r\n }\r\n /**\r\n * Returns a url with the hash removed\r\n * @param url\r\n */\r\n static removeHashFromUrl(url) {\r\n return UrlString.canonicalizeUri(url.split(\"#\")[0]);\r\n }\r\n /**\r\n * Given a url like https://a:b/common/d?e=f#g, and a tenantId, returns https://a:b/tenantId/d\r\n * @param href The url\r\n * @param tenantId The tenant id to replace\r\n */\r\n replaceTenantPath(tenantId) {\r\n const urlObject = this.getUrlComponents();\r\n const pathArray = urlObject.PathSegments;\r\n if (tenantId &&\r\n pathArray.length !== 0 &&\r\n (pathArray[0] === AADAuthority.COMMON ||\r\n pathArray[0] === AADAuthority.ORGANIZATIONS)) {\r\n pathArray[0] = tenantId;\r\n }\r\n return UrlString.constructAuthorityUriFromObject(urlObject, this.correlationId);\r\n }\r\n /**\r\n * Parses out the components from a url string.\r\n * @returns An object with the various components. Please cache this value insted of calling this multiple times on the same url.\r\n */\r\n getUrlComponents() {\r\n // https://gist.github.com/curtisz/11139b2cfcaef4a261e0\r\n const regEx = RegExp(\"^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\\\?([^#]*))?(#(.*))?\");\r\n // If url string does not match regEx, we throw an error\r\n const match = this.urlString.match(regEx);\r\n if (!match) {\r\n throw createClientConfigurationError(urlParseError, this.correlationId);\r\n }\r\n // Url component object\r\n const urlComponents = {\r\n Protocol: match[1],\r\n HostNameAndPort: match[4],\r\n AbsolutePath: match[5],\r\n QueryString: match[7],\r\n };\r\n let pathSegments = urlComponents.AbsolutePath.split(\"/\");\r\n pathSegments = pathSegments.filter((val) => val && val.length > 0); // remove empty elements\r\n urlComponents.PathSegments = pathSegments;\r\n if (urlComponents.QueryString &&\r\n urlComponents.QueryString.endsWith(\"/\")) {\r\n urlComponents.QueryString = urlComponents.QueryString.substring(0, urlComponents.QueryString.length - 1);\r\n }\r\n return urlComponents;\r\n }\r\n static getDomainFromUrl(url, correlationId) {\r\n const regEx = RegExp(\"^([^:/?#]+://)?([^/?#]*)\");\r\n const match = url.match(regEx);\r\n if (!match) {\r\n throw createClientConfigurationError(urlParseError, correlationId);\r\n }\r\n return match[2];\r\n }\r\n static getAbsoluteUrl(relativeUrl, baseUrl, correlationId) {\r\n if (relativeUrl[0] === FORWARD_SLASH) {\r\n const url = new UrlString(baseUrl, correlationId);\r\n const baseComponents = url.getUrlComponents();\r\n return (baseComponents.Protocol +\r\n \"//\" +\r\n baseComponents.HostNameAndPort +\r\n relativeUrl);\r\n }\r\n return relativeUrl;\r\n }\r\n static constructAuthorityUriFromObject(urlObject, correlationId) {\r\n return new UrlString(urlObject.Protocol +\r\n \"//\" +\r\n urlObject.HostNameAndPort +\r\n \"/\" +\r\n urlObject.PathSegments.join(\"/\"), correlationId);\r\n }\r\n}\n\nexport { UrlString };\n//# sourceMappingURL=UrlString.mjs.map\n","/*! @azure/msal-common v16.11.1 2026-07-07 */\n'use strict';\nimport { RESOURCE_DELIM } from './Constants.mjs';\nimport { createClientAuthError } from '../error/ClientAuthError.mjs';\nimport { noCryptoObject, invalidState } from '../error/ClientAuthErrorCodes.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Appends user state with random guid, or returns random guid.\r\n * @param cryptoObj\r\n * @param userState\r\n * @param meta\r\n * @param correlationId\r\n */\r\nfunction setRequestState(cryptoObj, userState, meta, correlationId) {\r\n const libraryState = generateLibraryState(cryptoObj, correlationId, meta);\r\n return userState\r\n ? `${libraryState}${RESOURCE_DELIM}${userState}`\r\n : libraryState;\r\n}\r\n/**\r\n * Generates the state value used by the common library.\r\n * @param cryptoObj\r\n * @param correlationId\r\n * @param meta\r\n */\r\nfunction generateLibraryState(cryptoObj, correlationId, meta) {\r\n if (!cryptoObj) {\r\n throw createClientAuthError(noCryptoObject, correlationId);\r\n }\r\n // Create a state object containing a unique id and the timestamp of the request creation\r\n const stateObj = {\r\n id: cryptoObj.createNewGuid(),\r\n };\r\n if (meta) {\r\n stateObj.meta = meta;\r\n }\r\n const stateString = JSON.stringify(stateObj);\r\n return cryptoObj.base64Encode(stateString);\r\n}\r\n/**\r\n * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.\r\n * @param base64Decode\r\n * @param state\r\n * @param correlationId\r\n */\r\nfunction parseRequestState(base64Decode, state, correlationId) {\r\n if (!base64Decode) {\r\n throw createClientAuthError(noCryptoObject, correlationId);\r\n }\r\n if (!state) {\r\n throw createClientAuthError(invalidState, correlationId);\r\n }\r\n try {\r\n // Split the state between library state and user passed state and decode them separately\r\n const splitState = state.split(RESOURCE_DELIM);\r\n const libraryState = splitState[0];\r\n const userState = splitState.length > 1\r\n ? splitState.slice(1).join(RESOURCE_DELIM)\r\n : \"\";\r\n const libraryStateString = base64Decode(libraryState);\r\n const libraryStateObj = JSON.parse(libraryStateString);\r\n return {\r\n userRequestState: userState || \"\",\r\n libraryState: libraryStateObj,\r\n };\r\n }\r\n catch (e) {\r\n throw createClientAuthError(invalidState, correlationId);\r\n }\r\n}\n\nexport { generateLibraryState, parseRequestState, setRequestState };\n//# sourceMappingURL=ProtocolUtils.mjs.map\n",null,null,null,null,null,null,null,null,null],"names":["getDefaultErrorMessage","BrowserAuthErrorCodes.invalidBase64String","BrowserAuthErrorCodes.emptyResponse","BrowserAuthErrorCodes.noStateInHash","ProtocolUtils.parseRequestState","BrowserAuthErrorCodes.unableToParseState","BrowserAuthErrorCodes.timedOut","BrowserUtils.clearAuthResponseFromUrl","BrowserUtils.getHomepage"],"mappings":";;;;;;;;IAAA;IAmBA;IACA,MAAM,cAAc,GAAG,GAAG,CAAC;IAc3B,MAAM,aAAa,GAAG,GAAG,CAAC;IA8D1B;IACA;IACA;IACA,MAAM,YAAY,GAAG;IACrB,IAAI,MAAM,EAAE,QAAQ;IACpB,IAAI,aAAa,EAAE,eAEnB,CAAC;;ICvGD;IAEA;IACA;IACA;IACA;IACA,SAASA,wBAAsB,CAAC,IAAI,EAAE;IACtC,IAAI,OAAO,CAAC,kCAAkC,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;IACnE,CAAC;IACD;IACA;IACA;IACA,MAAM,SAAS,SAAS,KAAK,CAAC;IAC9B,IAAI,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,QAAQ,EAAE;IAClE,QAAQ,MAAM,OAAO,GAAG,YAAY;IACpC,aAAa,SAAS,GAAGA,wBAAsB,CAAC,SAAS,CAAC,GAAG,EAAE,CAAC,CAAC;IACjE,QAAQ,MAAM,WAAW,GAAG,OAAO,GAAG,CAAC,EAAE,SAAS,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAC7E,QAAQ,KAAK,CAAC,WAAW,CAAC,CAAC;IAC3B,QAAQ,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;IACzD,QAAQ,IAAI,CAAC,SAAS,GAAG,SAAS,IAAI,EAAE,CAAC;IACzC,QAAQ,IAAI,CAAC,YAAY,GAAG,OAAO,IAAI,EAAE,CAAC;IAC1C,QAAQ,IAAI,CAAC,QAAQ,GAAG,QAAQ,IAAI,EAAE,CAAC;IACvC,QAAQ,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IAC3C,QAAQ,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAChC,IAAI,CAAC;IACL;;ICzBA;;IAIA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA,MAAM,eAAe,SAAS,SAAS,CAAC;IACxC,IAAI,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,iBAAiB,EAAE;IAC7D,QAAQ,KAAK,CAAC,SAAS,EAAE,aAAa,EAAE,iBAAiB,CAAC,CAAC;IAC3D,QAAQ,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IACtC,QAAQ,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,SAAS,CAAC,CAAC;IAC/D,IAAI,CAAC;IACL,CAAC;IACD,SAAS,qBAAqB,CAAC,SAAS,EAAE,aAAa,EAAE,iBAAiB,EAAE;IAC5E,IAAI,OAAO,IAAI,eAAe,CAAC,SAAS,EAAE,aAAa,EAAE,iBAAiB,CAAC,CAAC;IAC5E;;ICvBA;IAcA,MAAM,YAAY,GAAG,eAAe,CAAC;IAcrC,MAAM,cAAc,GAAG,kBAAkB;;IC5BzC;;IAIA;IACA;IACA;IACA;IACA;IACA;IACA;IACA,MAAM,wBAAwB,SAAS,SAAS,CAAC;IACjD,IAAI,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE;IAC1C,QAAQ,KAAK,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IACxC,QAAQ,IAAI,CAAC,IAAI,GAAG,0BAA0B,CAAC;IAC/C,QAAQ,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;IACxE,IAAI,CAAC;IACL,CAAC;IACD,SAAS,8BAA8B,CAAC,SAAS,EAAE,aAAa,EAAE;IAClE,IAAI,OAAO,IAAI,wBAAwB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IAClE;;ICpBA;IAQA,MAAM,oBAAoB,GAAG,wBAAwB,CAAC;IACtD,MAAM,aAAa,GAAG,iBAAiB,CAAC;IACxC,MAAM,aAAa,GAAG,iBAAiB;;ICVvC;IAEA;IACA;IACA;IACA;IACA;IACA;IACA;IACA,MAAM,WAAW,CAAC;IAClB;IACA;IACA;IACA;IACA,IAAI,OAAO,UAAU,CAAC,MAAM,EAAE;IAC9B,QAAQ,IAAI,MAAM,EAAE;IACpB,YAAY,IAAI;IAChB,gBAAgB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/C,gBAAgB,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;IACrD,YAAY,CAAC;IACb,YAAY,OAAO,CAAC,EAAE,EAAE,CAAC;IACzB,QAAQ,CAAC;IACT,QAAQ,OAAO,IAAI,CAAC;IACpB,IAAI,CAAC;IACL,IAAI,OAAO,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE;IACnC,QAAQ,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACzC,IAAI,CAAC;IACL,IAAI,OAAO,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE;IACjC,QAAQ,QAAQ,GAAG,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM;IAC3C,YAAY,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE;IACpE,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA;IACA,IAAI,OAAO,mBAAmB,CAAC,KAAK,EAAE;IACtC,QAAQ,MAAM,GAAG,GAAG,EAAE,CAAC;IACvB,QAAQ,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACxC,QAAQ,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,kBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;IACxE,QAAQ,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,KAAK;IACjC,YAAY,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE;IAC7B,gBAAgB,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;IAC7D,gBAAgB,IAAI,GAAG,IAAI,KAAK,EAAE;IAClC,oBAAoB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IACrD,gBAAgB,CAAC;IACjB,YAAY,CAAC;IACb,QAAQ,CAAC,CAAC,CAAC;IACX,QAAQ,OAAO,GAAG,CAAC;IACnB,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA;IACA,IAAI,OAAO,gBAAgB,CAAC,GAAG,EAAE;IACjC,QAAQ,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAChD,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,OAAO,2BAA2B,CAAC,GAAG,EAAE;IAC5C,QAAQ,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,KAAK,KAAK;IACrC,YAAY,OAAO,CAAC,CAAC,KAAK,CAAC;IAC3B,QAAQ,CAAC,CAAC,CAAC;IACX,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,OAAO,eAAe,CAAC,GAAG,EAAE;IAChC,QAAQ,IAAI;IACZ,YAAY,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACnC,QAAQ,CAAC;IACT,QAAQ,OAAO,CAAC,EAAE;IAClB,YAAY,OAAO,IAAI,CAAC;IACxB,QAAQ,CAAC;IACT,IAAI,CAAC;IACL;;IC/EA;;IAOA;IACA;IACA;IACA;IACA;IACA;IACA;IACA,MAAM,SAAS,CAAC;IAChB,IAAI,IAAI,SAAS,GAAG;IACpB,QAAQ,OAAO,IAAI,CAAC,UAAU,CAAC;IAC/B,IAAI,CAAC;IACL,IAAI,WAAW,CAAC,GAAG,EAAE,aAAa,EAAE;IACpC,QAAQ,IAAI,CAAC,UAAU,GAAG,GAAG,CAAC;IAC9B,QAAQ,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IAC3C,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;IAC9B;IACA,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IAC/E,QAAQ,CAAC;IACT,QAAQ,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;IAChC,YAAY,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IAC7D,QAAQ,CAAC;IACT,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,OAAO,eAAe,CAAC,GAAG,EAAE;IAChC,QAAQ,IAAI,GAAG,EAAE;IACjB,YAAY,IAAI,YAAY,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IACjD,YAAY,IAAI,WAAW,CAAC,QAAQ,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;IACzD,gBAAgB,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACzD,YAAY,CAAC;IACb,iBAAiB,IAAI,WAAW,CAAC,QAAQ,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE;IAC/D,gBAAgB,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACzD,YAAY,CAAC;IACb,YAAY,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;IAC1D,gBAAgB,YAAY,IAAI,GAAG,CAAC;IACpC,YAAY,CAAC;IACb,YAAY,OAAO,YAAY,CAAC;IAChC,QAAQ,CAAC;IACT,QAAQ,OAAO,GAAG,CAAC;IACnB,IAAI,CAAC;IACL;IACA;IACA;IACA,IAAI,aAAa,GAAG;IACpB;IACA,QAAQ,IAAI,UAAU,CAAC;IACvB,QAAQ,IAAI;IACZ,YAAY,UAAU,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;IACjD,QAAQ,CAAC;IACT,QAAQ,OAAO,CAAC,EAAE;IAClB,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACpF,QAAQ,CAAC;IACT;IACA,QAAQ,IAAI,CAAC,UAAU,CAAC,eAAe,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE;IACrE,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACpF,QAAQ,CAAC;IACT;IACA,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ;IAChC,YAAY,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE;IAC5D,YAAY,MAAM,8BAA8B,CAAC,oBAAoB,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IAC3F,QAAQ,CAAC;IACT,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA;IACA,IAAI,OAAO,iBAAiB,CAAC,GAAG,EAAE,WAAW,EAAE;IAC/C,QAAQ,IAAI,CAAC,WAAW,EAAE;IAC1B,YAAY,OAAO,GAAG,CAAC;IACvB,QAAQ,CAAC;IACT,QAAQ,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;IACnC,cAAc,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACrC,cAAc,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC;IACtC,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,OAAO,iBAAiB,CAAC,GAAG,EAAE;IAClC,QAAQ,OAAO,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5D,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA;IACA,IAAI,iBAAiB,CAAC,QAAQ,EAAE;IAChC,QAAQ,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;IAClD,QAAQ,MAAM,SAAS,GAAG,SAAS,CAAC,YAAY,CAAC;IACjD,QAAQ,IAAI,QAAQ;IACpB,YAAY,SAAS,CAAC,MAAM,KAAK,CAAC;IAClC,aAAa,SAAS,CAAC,CAAC,CAAC,KAAK,YAAY,CAAC,MAAM;IACjD,gBAAgB,SAAS,CAAC,CAAC,CAAC,KAAK,YAAY,CAAC,aAAa,CAAC,EAAE;IAC9D,YAAY,SAAS,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC;IACpC,QAAQ,CAAC;IACT,QAAQ,OAAO,SAAS,CAAC,+BAA+B,CAAC,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACxF,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,gBAAgB,GAAG;IACvB;IACA,QAAQ,MAAM,KAAK,GAAG,MAAM,CAAC,4DAA4D,CAAC,CAAC;IAC3F;IACA,QAAQ,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAClD,QAAQ,IAAI,CAAC,KAAK,EAAE;IACpB,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACpF,QAAQ,CAAC;IACT;IACA,QAAQ,MAAM,aAAa,GAAG;IAC9B,YAAY,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;IAC9B,YAAY,eAAe,EAAE,KAAK,CAAC,CAAC,CAAC;IACrC,YAAY,YAAY,EAAE,KAAK,CAAC,CAAC,CAAC;IAClC,YAAY,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;IACjC,SAAS,CAAC;IACV,QAAQ,IAAI,YAAY,GAAG,aAAa,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjE,QAAQ,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC3E,QAAQ,aAAa,CAAC,YAAY,GAAG,YAAY,CAAC;IAClD,QAAQ,IAAI,aAAa,CAAC,WAAW;IACrC,YAAY,aAAa,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;IACrD,YAAY,aAAa,CAAC,WAAW,GAAG,aAAa,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,aAAa,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACrH,QAAQ,CAAC;IACT,QAAQ,OAAO,aAAa,CAAC;IAC7B,IAAI,CAAC;IACL,IAAI,OAAO,gBAAgB,CAAC,GAAG,EAAE,aAAa,EAAE;IAChD,QAAQ,MAAM,KAAK,GAAG,MAAM,CAAC,0BAA0B,CAAC,CAAC;IACzD,QAAQ,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACvC,QAAQ,IAAI,CAAC,KAAK,EAAE;IACpB,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IAC/E,QAAQ,CAAC;IACT,QAAQ,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,CAAC;IACL,IAAI,OAAO,cAAc,CAAC,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE;IAC/D,QAAQ,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,aAAa,EAAE;IAC9C,YAAY,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAC9D,YAAY,MAAM,cAAc,GAAG,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAC1D,YAAY,QAAQ,cAAc,CAAC,QAAQ;IAC3C,gBAAgB,IAAI;IACpB,gBAAgB,cAAc,CAAC,eAAe;IAC9C,gBAAgB,WAAW,EAAE;IAC7B,QAAQ,CAAC;IACT,QAAQ,OAAO,WAAW,CAAC;IAC3B,IAAI,CAAC;IACL,IAAI,OAAO,+BAA+B,CAAC,SAAS,EAAE,aAAa,EAAE;IACrE,QAAQ,OAAO,IAAI,SAAS,CAAC,SAAS,CAAC,QAAQ;IAC/C,YAAY,IAAI;IAChB,YAAY,SAAS,CAAC,eAAe;IACrC,YAAY,GAAG;IACf,YAAY,SAAS,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC,CAAC;IAC7D,IAAI,CAAC;IACL;;ICjKA;IA2CA;IACA;IACA;IACA;IACA;IACA;IACA,SAAS,iBAAiB,CAAC,YAAY,EAAE,KAAK,EAAE,aAAa,EAAE;IAC/D,IAAI,IAAI,CAAC,YAAY,EAAE;IACvB,QAAQ,MAAM,qBAAqB,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;IACnE,IAAI,CAAC;IACL,IAAI,IAAI,CAAC,KAAK,EAAE;IAChB,QAAQ,MAAM,qBAAqB,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;IACjE,IAAI,CAAC;IACL,IAAI,IAAI;IACR;IACA,QAAQ,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IACvD,QAAQ,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;IAC3C,QAAQ,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC;IAC/C,cAAc,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;IACtD,cAAc,EAAE,CAAC;IACjB,QAAQ,MAAM,kBAAkB,GAAG,YAAY,CAAC,YAAY,CAAC,CAAC;IAC9D,QAAQ,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;IAC/D,QAAQ,OAAO;IACf,YAAY,gBAAgB,EAAE,SAAS,IAAI,EAAE;IAC7C,YAAY,YAAY,EAAE,eAAe;IACzC,SAAS,CAAC;IACV,IAAI,CAAC;IACL,IAAI,OAAO,CAAC,EAAE;IACd,QAAQ,MAAM,qBAAqB,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;IACjE,IAAI,CAAC;IACL;;ICzEA;;;IAGG;IAQI,MAAM,aAAa,GAAG,kBAAkB,CAAC;IAGzC,MAAM,kBAAkB,GAAG,uBAAuB,CAAC;IA6CnD,MAAM,mBAAmB,GAAG,uBAAuB,CAAC;IAKpD,MAAM,QAAQ,GAAG,WAAW,CAAC;IAC7B,MAAM,aAAa,GAAG,gBAAgB;;ICjE7C;;;IAGG;IAMG,SAAU,sBAAsB,CAAC,IAAY,EAAA;QAC/C,OAAO,CAAA,kCAAA,EAAqC,IAAI,CAAA,YAAA,CAAc,CAAC;IACnE,CAAC;IAED;;IAEG;IACG,MAAO,gBAAiB,SAAQ,SAAS,CAAA;IAC3C,IAAA,WAAA,CAAY,SAAiB,EAAE,aAAqB,EAAE,QAAiB,EAAA;IACnE,QAAA,KAAK,CACD,SAAS,EACT,aAAa,EACb,sBAAsB,CAAC,SAAS,CAAC,EACjC,QAAQ,CACX,CAAC;YAEF,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,SAAS,CAAC,CAAC;IACxD,QAAA,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;QACnC,CAAC;IACJ,CAAA;aAEe,sBAAsB,CAClC,SAAiB,EACjB,aAAqB,EACrB,QAAiB,EAAA;QAEjB,OAAO,IAAI,gBAAgB,CAAC,SAAS,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;IACpE;;ICpCA;;;IAGG;IAOH;;;IAGG;IAEH;;;IAGG;IACG,SAAU,YAAY,CAAC,KAAa,EAAA;QACtC,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED;;;IAGG;IACG,SAAU,cAAc,CAAC,YAAoB,EAAA;IAC/C,IAAA,IAAI,aAAa,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACvE,IAAA,QAAQ,aAAa,CAAC,MAAM,GAAG,CAAC;IAC5B,QAAA,KAAK,CAAC;gBACF,MAAM;IACV,QAAA,KAAK,CAAC;gBACF,aAAa,IAAI,IAAI,CAAC;gBACtB,MAAM;IACV,QAAA,KAAK,CAAC;gBACF,aAAa,IAAI,GAAG,CAAC;gBACrB,MAAM;IACV,QAAA;gBACI,MAAM,sBAAsB,CACxBC,mBAAyC,EACzC,EAAE,CACL,CAAC;IACT,KAAA;IACD,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QACtC,OAAO,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACpE;;IC9CA;;;IAGG;IA0EI,MAAM,gBAAgB,GAAG;IAC5B,IACA,OAAO,EAAE,SAAS;KACZ,CAAC;IAIX;;IAEG;IACI,MAAM,kBAAkB,GAAG;IAC9B,IAAA,UAAU,EAAE,gBAAgB;IAC5B,IAAA,QAAQ,EAAE,SAAS;IACnB,IAAA,cAAc,EAAE,gBAAgB;IAChC,IAAA,QAAQ,EAAE,eAAe;IACzB,IAAA,sBAAsB,EAAE,oBAAoB;IAC5C,IAAA,cAAc,EAAE,gBAAgB;KAC1B,CAAC;IAcX;;;;;;IAMG;IACI,MAAM,KAAK,GAAG;IACjB,IAIA,qBAAqB,EAAE,GAAG;IAC1B,IAEA,MAAM,EAAE,IAIF,CAAC;IA2BX;;IAEG;IACH,IAAY,eAKX,CAAA;IALD,CAAA,UAAY,eAAe,EAAA;IACvB,IAAA,eAAA,CAAA,UAAA,CAAA,GAAA,UAAqB,CAAA;IACrB,IAAA,eAAA,CAAA,OAAA,CAAA,GAAA,OAAe,CAAA;IACf,IAAA,eAAA,CAAA,QAAA,CAAA,GAAA,QAAiB,CAAA;IACjB,IAAA,eAAA,CAAA,MAAA,CAAA,GAAA,MAAa,CAAA;IACjB,CAAC,EALW,eAAe,KAAf,eAAe,GAAA,EAAA,CAAA,CAAA;;IC7J3B;;;IAGG;IA+BH;;;;;;;;;;;;;;IAcG;aACa,wBAAwB,GAAA;;IAapC,IAAA,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;IACrC,IAAA,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;;QAGxC,IAAI,iBAAiB,GAAG,KAAK,CAAC;QAC9B,IAAI,kBAAkB,GAAG,KAAK,CAAC;QAC/B,IAAI,OAAO,GAAG,EAAE,CAAC;QACjB,IAAI,MAAM,GAAgC,SAAS,CAAC;IAEpD,IAAA,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE;YAC/B,MAAM,WAAW,GACb,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC;IAC/D,QAAA,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;IACpD,QAAA,IAAI,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;gBACzB,iBAAiB,GAAG,IAAI,CAAC;gBACzB,OAAO,GAAG,WAAW,CAAC;gBACtB,MAAM,GAAG,UAAU,CAAC;IACvB,QAAA,CAAA;IACJ,IAAA,CAAA;IAED,IAAA,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;YACjC,MAAM,YAAY,GACd,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC;IAClE,QAAA,MAAM,WAAW,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,CAAC;IACtD,QAAA,IAAI,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;gBAC1B,kBAAkB,GAAG,IAAI,CAAC;gBAC1B,OAAO,GAAG,YAAY,CAAC;gBACvB,MAAM,GAAG,WAAW,CAAC;IACxB,QAAA,CAAA;IACJ,IAAA,CAAA;;QAGD,IAAI,iBAAiB,IAAI,kBAAkB,EAAE;YACzC,MAAM,YAAY,GACd,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC;YAClE,MAAM,WAAW,GACb,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC;IAC/D,QAAA,OAAO,GAAG,CAAA,EAAG,YAAY,CAAA,EAAG,WAAW,EAAE,CAAC;IAC1C,QAAA,MAAM,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;IACzC,IAAA,CAAA;IAED;;;IAGG;IACH,IAAA,IAAI,CAAC,OAAO,IAAI,CAAC,MAAM,EAAE;YACrB,MAAM,sBAAsB,CAACC,aAAmC,EAAE,EAAE,CAAC,CAAC;IACzE,IAAA,CAAA;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK,EAAE;YACR,MAAM,sBAAsB,CAACC,aAAmC,EAAE,EAAE,CAAC,CAAC;IACzE,IAAA,CAAA;IAED,IAAA,MAAM,EAAE,YAAY,EAAE,GAAGC,iBAA+B,CACpD,YAAY,EACZ,KAAK,EACL,EAAE,CACL,CAAC;IAEF,IAAA,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,YAAY,CAAC;IAClC,IAAA,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI,EAAE;YACd,MAAM,sBAAsB,CACxBC,kBAAwC,EACxC,EAAE,EACF,uBAAuB,CAC1B,CAAC;IACL,IAAA,CAAA;QAED,OAAO;YACH,MAAM;YACN,OAAO;YACP,OAAO;YACP,QAAQ;YACR,iBAAiB;YACjB,kBAAkB;IAClB,QAAA,YAAY,EAAE;gBACV,EAAE;gBACF,IAAI;IACP,SAAA;SACJ,CAAC;IACN,CAAC;IAkBD;;;;IAIG;IACG,SAAU,wBAAwB,CAAC,aAAqB,EAAA;QAC1D,IAAI,OAAO,aAAa,CAAC,OAAO,EAAE,YAAY,KAAK,UAAU,EAAE;YAC3D,aAAa,CAAC,OAAO,CAAC,YAAY,CAC9B,IAAI,EACJ,EAAE,EACF,CAAA,EAAG,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAA,EAAG,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAA,CAAE,CACvE,CAAC;IACL,IAAA,CAAA;IACL,CAAC;IAwND;;IAEG;IACG,SAAU,WAAW,CAAC,aAAsB,EAAA;IAC9C,IAAA,MAAM,UAAU,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAmB,EAAE,CAAC,CAAC;IAC5E,IAAA,MAAM,aAAa,GAAG,UAAU,CAAC,gBAAgB,EAAE,CAAC;QACpD,OAAO,CAAA,EAAG,aAAa,CAAC,QAAQ,KAAK,aAAa,CAAC,eAAe,CAAA,CAAA,CAAG,CAAC;IAC1E;;IC7YA;;;IAGG;UASU,gBAAgB,CAAA;IACzB;;;;IAIG;QACH,gBAAgB,CACZ,GAAW,EACX,OAA0B,EAAA;YAE1B,OAAO,gBAAgB,CAAC,qBAAqB,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAChE,CAAC;IAED;;;;IAIG;QACH,gBAAgB,CACZ,GAAW,EACX,OAA0B,EAAA;YAE1B,OAAO,gBAAgB,CAAC,qBAAqB,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAChE,CAAC;IAED;;;;IAIG;IACK,IAAA,OAAO,qBAAqB,CAChC,GAAW,EACX,OAA0B,EAAA;YAE1B,IAAI,OAAO,CAAC,SAAS,EAAE;gBACnB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAChC,QAAA,CAAA;IAAM,aAAA;gBACH,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC/B,QAAA,CAAA;YAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,KAAI;gBACnC,UAAU,CAAC,MAAK;IACZ,gBAAA,MAAM,CACF,sBAAsB,CAClBC,QAA8B,EAC9B,EAAE,EACF,oBAAoB,CACvB,CACJ,CAAC;IACN,YAAA,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACxB,QAAA,CAAC,CAAC,CAAC;QACP,CAAC;IACJ;;IChED;;;IAGG;IA8BI,MAAM,2BAA2B,GAAG,KAAK;;ICjChD;;;IAGG;IAEI,MAAM,MAAM,GAAG,MAAM;;ICL5B;;;IAGG;IAeH;;;;;;;;;;;;IAYG;IACI,eAAe,4BAA4B,CAC9C,gBAAmC,EAAA;IAEnC,IAAA,QAAQ,CAAC,KAAK,GAAG,0BAA0B,CAAC;IAE5C,IAAA,IAAI,cAAc,CAAC;QACnB,IAAI;YACA,cAAc,GAAG,wBAAwB,EAAE,CAAC;IAC/C,IAAA,CAAA;IAAC,IAAA,OAAO,KAAK,EAAE;;IAEZ,QAAAC,wBAAqC,CAAC,MAAM,CAAC,CAAC;IAC9C,QAAA,MAAM,KAAK,CAAC;IACf,IAAA,CAAA;IAED,IAAA,MAAM,EACF,OAAO,EACP,OAAO,EACP,QAAQ,EACR,iBAAiB,EACjB,kBAAkB,EAClB,YAAY,GACf,GAAG,cAAc,CAAC;IAEnB,IAAA,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,YAAY,CAAC;QAElC,IAAI,IAAI,CAAC,iBAAiB,CAAC,KAAK,eAAe,CAAC,QAAQ,EAAE;IACtD,QAAA,MAAM,SAAS,GAAG,gBAAgB,IAAI,IAAI,gBAAgB,EAAE,CAAC;YAE7D,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,QAAQ,GAAG,EAAE,CAAC;YAClB,IAAI,eAAe,GAAG,EAAE,CAAC;YACzB,MAAM,cAAc,GAAG,CAAA,EAAG,MAAM,IAAI,kBAAkB,CAAC,sBAAsB,CAAA,CAAE,CAAC;IAChF;;;;IAIG;YACH,IAAI;gBACA,MAAM,oBAAoB,GACtB,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;gBAClD,MAAM,iBAAiB,GAAG,IAAI,CAAC,KAAK,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC;IACjE,YAAA,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,IAAI,EAAE,CAAC;IAC5C,YAAA,eAAe,GAAG,iBAAiB,CAAC,IAAI,CAAC;IAEzC,YAAA,IAAI,QAAQ,EAAE;oBACV,MAAM,SAAS,GAAG,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAA,EAAI,kBAAkB,CAAC,UAAU,CAAA,CAAE,CAAC;oBAC3E,aAAa,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAClE,YAAA,CAAA;IACJ,QAAA,CAAA;YAAC,MAAM;;IAEP,QAAA,CAAA;IAED,QAAA,MAAM,iBAAiB,GAAsB;IACzC,YAAA,KAAK,EACD,eAAe,KAAK,gBAAgB,CAAC,OAAO;sBACtC,KAAK,CAAC,MAAM;sBACZ,KAAK,CAAC,qBAAqB;IACrC,YAAA,SAAS,EAAE,IAAI;IACf,YAAA,OAAO,EAAE,2BAA2B;aACvC,CAAC;IAEF;;;;;;;;;;;;;;;;;IAiBG;IACH,QAAA,IAAI,QAAQ,EAAE;gBACV,IAAI;IACA,gBAAA,MAAM,CAAC,cAAc,CAAC,OAAO,CACzB,GAAG,MAAM,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAA,EAAI,kBAAkB,CAAC,QAAQ,EAAE,EACtD,OAAO,CACV,CAAC;IACL,YAAA,CAAA;gBAAC,MAAM;;IAEP,YAAA,CAAA;IACJ,QAAA,CAAA;YAED,MAAM,GAAG,GAAG,aAAa,IAAIC,WAAwB,EAAE,CAAC;;YAExD,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;YAEjE,MAAM,SAAS,CAAC,gBAAgB,CAAC,aAAa,EAAE,iBAAiB,CAAC,CAAC;;YAGnE,OAAO;IACV,IAAA,CAAA;;QAGD,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,YAAY,KAAK,UAAU,EAAE;IACnD,QAAA,IAAI,MAAM,GAAG,CAAA,EAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAA,EAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;;IAEpE,QAAA,IAAI,CAAC,iBAAiB,IAAI,OAAO,EAAE;gBAC/B,MAAM,IAAI,OAAO,CAAC;IACrB,QAAA,CAAA;;IAED,QAAA,IAAI,CAAC,kBAAkB,IAAI,QAAQ,EAAE;gBACjC,MAAM,IAAI,QAAQ,CAAC;IACtB,QAAA,CAAA;YACD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IACjD,IAAA,CAAA;;IAGD,IAAA,MAAM,OAAO,GAAG,IAAI,gBAAgB,CAAC,EAAE,CAAC,CAAC;QACzC,OAAO,CAAC,WAAW,CAAC;IAChB,QAAA,CAAC,EAAE,CAAC;YACJ,OAAO;IACV,KAAA,CAAC,CAAC;QACH,OAAO,CAAC,KAAK,EAAE,CAAC;QAChB,IAAI;YACA,MAAM,CAAC,KAAK,EAAE,CAAC;IAClB,IAAA,CAAA;IAAC,IAAA,MAAM,EAAA,CAAE;IACd;;;;;;;;"}
1
+ {"version":3,"file":"msal-redirect-bridge.js","sources":["../../../msal-common/dist-browser/utils/Constants.mjs","../../../msal-common/dist-browser/error/AuthError.mjs","../../../msal-common/dist-browser/error/ClientAuthError.mjs","../../../msal-common/dist-browser/error/ClientAuthErrorCodes.mjs","../../../msal-common/dist-browser/error/ClientConfigurationError.mjs","../../../msal-common/dist-browser/error/ClientConfigurationErrorCodes.mjs","../../../msal-common/dist-browser/utils/StringUtils.mjs","../../../msal-common/dist-browser/url/UrlString.mjs","../../../msal-common/dist-browser/utils/ProtocolUtils.mjs","../../../../src/error/BrowserAuthErrorCodes.ts","../../../../src/error/BrowserAuthError.ts","../../../../src/encode/Base64Decode.ts","../../../../src/utils/BrowserConstants.ts","../../../../src/utils/BrowserUtils.ts","../../../../src/navigation/NavigationClient.ts","../../../../src/config/Configuration.ts","../../../../src/cache/CacheKeys.ts","../../../../src/redirect_bridge/index.ts"],"sourcesContent":["/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst SKU = \"msal.js.common\";\r\n// default authority\r\nconst DEFAULT_AUTHORITY = \"https://login.microsoftonline.com/common/\";\r\nconst DEFAULT_AUTHORITY_HOST = \"login.microsoftonline.com\";\r\nconst DEFAULT_COMMON_TENANT = \"common\";\r\n// ADFS String\r\nconst ADFS = \"adfs\";\r\nconst DSTS = \"dstsv2\";\r\n// Default AAD Instance Discovery Endpoint\r\nconst AAD_INSTANCE_DISCOVERY_ENDPT = `${DEFAULT_AUTHORITY}discovery/instance?api-version=1.1&authorization_endpoint=`;\r\n// CIAM URL\r\nconst CIAM_AUTH_URL = \".ciamlogin.com\";\r\nconst AAD_TENANT_DOMAIN_SUFFIX = \".onmicrosoft.com\";\r\n// Resource delimiter - used for certain cache entries\r\nconst RESOURCE_DELIM = \"|\";\r\n// Consumer UTID\r\nconst CONSUMER_UTID = \"9188040d-6c67-4c5b-b112-36a304b66dad\";\r\n// Default scopes\r\nconst OPENID_SCOPE = \"openid\";\r\nconst PROFILE_SCOPE = \"profile\";\r\nconst OFFLINE_ACCESS_SCOPE = \"offline_access\";\r\nconst EMAIL_SCOPE = \"email\";\r\nconst CODE_GRANT_TYPE = \"authorization_code\";\r\nconst S256_CODE_CHALLENGE_METHOD = \"S256\";\r\nconst URL_FORM_CONTENT_TYPE = \"application/x-www-form-urlencoded;charset=utf-8\";\r\nconst AUTHORIZATION_PENDING = \"authorization_pending\";\r\nconst NOT_APPLICABLE = \"N/A\";\r\nconst NOT_AVAILABLE = \"Not Available\";\r\nconst FORWARD_SLASH = \"/\";\r\nconst IMDS_ENDPOINT = \"http://169.254.169.254/metadata/instance/compute\";\r\nconst IMDS_VERSION = \"2021-02-01\";\r\nconst IMDS_TIMEOUT = 2000;\r\nconst AZURE_REGION_AUTO_DISCOVER_FLAG = \"TryAutoDetect\";\r\nconst REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX = \"login.microsoft.com\";\r\nconst KNOWN_PUBLIC_CLOUDS = [\r\n \"login.microsoftonline.com\",\r\n \"login.windows.net\",\r\n \"login.microsoft.com\",\r\n \"sts.windows.net\",\r\n];\r\nconst SHR_NONCE_VALIDITY = 240;\r\nconst INVALID_INSTANCE = \"invalid_instance\";\r\nconst HTTP_SUCCESS = 200;\r\nconst HTTP_SUCCESS_RANGE_START = 200;\r\nconst HTTP_SUCCESS_RANGE_END = 299;\r\nconst HTTP_REDIRECT = 302;\r\nconst HTTP_CLIENT_ERROR = 400;\r\nconst HTTP_CLIENT_ERROR_RANGE_START = 400;\r\nconst HTTP_BAD_REQUEST = 400;\r\nconst HTTP_UNAUTHORIZED = 401;\r\nconst HTTP_NOT_FOUND = 404;\r\nconst HTTP_REQUEST_TIMEOUT = 408;\r\nconst HTTP_GONE = 410;\r\nconst HTTP_TOO_MANY_REQUESTS = 429;\r\nconst HTTP_CLIENT_ERROR_RANGE_END = 499;\r\nconst HTTP_SERVER_ERROR = 500;\r\nconst HTTP_SERVER_ERROR_RANGE_START = 500;\r\nconst HTTP_SERVICE_UNAVAILABLE = 503;\r\nconst HTTP_GATEWAY_TIMEOUT = 504;\r\nconst HTTP_SERVER_ERROR_RANGE_END = 599;\r\nconst HTTP_MULTI_SIDED_ERROR = 600;\r\nconst HttpMethod = {\r\n GET: \"GET\",\r\n POST: \"POST\",\r\n};\r\nconst OIDC_DEFAULT_SCOPES = [\r\n OPENID_SCOPE,\r\n PROFILE_SCOPE,\r\n OFFLINE_ACCESS_SCOPE,\r\n];\r\nconst OIDC_SCOPES = [...OIDC_DEFAULT_SCOPES, EMAIL_SCOPE];\r\n/**\r\n * Request header names\r\n */\r\nconst HeaderNames = {\r\n CONTENT_TYPE: \"Content-Type\",\r\n CONTENT_LENGTH: \"Content-Length\",\r\n RETRY_AFTER: \"Retry-After\",\r\n CCS_HEADER: \"X-AnchorMailbox\",\r\n WWWAuthenticate: \"WWW-Authenticate\",\r\n AuthenticationInfo: \"Authentication-Info\",\r\n X_MS_REQUEST_ID: \"x-ms-request-id\",\r\n X_MS_HTTP_VERSION: \"x-ms-httpver\",\r\n};\r\n/**\r\n * Persistent cache keys MSAL which stay while user is logged in.\r\n */\r\nconst PersistentCacheKeys = {\r\n ACTIVE_ACCOUNT_FILTERS: \"active-account-filters\", // new cache entry for active_account for a more robust version for browser\r\n};\r\n/**\r\n * String constants related to AAD Authority\r\n */\r\nconst AADAuthority = {\r\n COMMON: \"common\",\r\n ORGANIZATIONS: \"organizations\",\r\n CONSUMERS: \"consumers\",\r\n};\r\n/**\r\n * Claims request keys\r\n */\r\nconst ClaimsRequestKeys = {\r\n ACCESS_TOKEN: \"access_token\",\r\n XMS_CC: \"xms_cc\",\r\n ID_TOKEN: \"id_token\",\r\n SIGNIN_STATE: \"signin_state\",\r\n LOGIN_HINT: \"login_hint\",\r\n};\r\n/**\r\n * we considered making this \"enum\" in the request instead of string, however it looks like the allowed list of\r\n * prompt values kept changing over past couple of years. There are some undocumented prompt values for some\r\n * internal partners too, hence the choice of generic \"string\" type instead of the \"enum\"\r\n */\r\nconst PromptValue = {\r\n LOGIN: \"login\",\r\n SELECT_ACCOUNT: \"select_account\",\r\n CONSENT: \"consent\",\r\n NONE: \"none\",\r\n CREATE: \"create\",\r\n NO_SESSION: \"no_session\",\r\n};\r\n/**\r\n * allowed values for codeVerifier\r\n */\r\nconst CodeChallengeMethodValues = {\r\n PLAIN: \"plain\",\r\n S256: \"S256\",\r\n};\r\n/**\r\n * Allowed values for response_type\r\n */\r\nconst OAuthResponseType = {\r\n CODE: \"code\",\r\n IDTOKEN_TOKEN: \"id_token token\",\r\n IDTOKEN_TOKEN_REFRESHTOKEN: \"id_token token refresh_token\",\r\n};\r\n/**\r\n * allowed values for response_mode\r\n */\r\nconst ResponseMode = {\r\n QUERY: \"query\",\r\n FRAGMENT: \"fragment\",\r\n FORM_POST: \"form_post\",\r\n};\r\n/**\r\n * allowed grant_type\r\n */\r\nconst GrantType = {\r\n IMPLICIT_GRANT: \"implicit\",\r\n AUTHORIZATION_CODE_GRANT: \"authorization_code\",\r\n CLIENT_CREDENTIALS_GRANT: \"client_credentials\",\r\n RESOURCE_OWNER_PASSWORD_GRANT: \"password\",\r\n REFRESH_TOKEN_GRANT: \"refresh_token\",\r\n DEVICE_CODE_GRANT: \"device_code\",\r\n JWT_BEARER: \"urn:ietf:params:oauth:grant-type:jwt-bearer\",\r\n USER_FIC: \"user_fic\",\r\n};\r\n/**\r\n * Account types in Cache\r\n */\r\nconst CACHE_ACCOUNT_TYPE_MSSTS = \"MSSTS\";\r\nconst CACHE_ACCOUNT_TYPE_ADFS = \"ADFS\";\r\nconst CACHE_ACCOUNT_TYPE_MSAV1 = \"MSA\";\r\nconst CACHE_ACCOUNT_TYPE_GENERIC = \"Generic\";\r\n/**\r\n * Separators used in cache\r\n */\r\nconst CACHE_KEY_SEPARATOR = \"-\";\r\nconst CLIENT_INFO_SEPARATOR = \".\";\r\n/**\r\n * Credential Type stored in the cache\r\n */\r\nconst CredentialType = {\r\n ID_TOKEN: \"IdToken\",\r\n ACCESS_TOKEN: \"AccessToken\",\r\n ACCESS_TOKEN_WITH_AUTH_SCHEME: \"AccessToken_With_AuthScheme\",\r\n REFRESH_TOKEN: \"RefreshToken\",\r\n};\r\n/**\r\n * Combine all cache types\r\n */\r\nconst CacheType = {\r\n ADFS: 1001,\r\n MSA: 1002,\r\n MSSTS: 1003,\r\n GENERIC: 1004,\r\n ACCESS_TOKEN: 2001,\r\n REFRESH_TOKEN: 2002,\r\n ID_TOKEN: 2003,\r\n APP_METADATA: 3001,\r\n UNDEFINED: 9999,\r\n};\r\n/**\r\n * More Cache related constants\r\n */\r\nconst APP_METADATA = \"appmetadata\";\r\nconst CLIENT_INFO = \"client_info\";\r\nconst THE_FAMILY_ID = \"1\";\r\nconst AUTHORITY_METADATA_CACHE_KEY = \"authority-metadata\";\r\nconst AUTHORITY_METADATA_REFRESH_TIME_SECONDS = 3600 * 24; // 24 Hours\r\nconst AuthorityMetadataSource = {\r\n CONFIG: \"config\",\r\n CACHE: \"cache\",\r\n NETWORK: \"network\",\r\n HARDCODED_VALUES: \"hardcoded_values\",\r\n};\r\nconst SERVER_TELEM_SCHEMA_VERSION = 5;\r\nconst SERVER_TELEM_MAX_CUR_HEADER_BYTES = 80; // ESTS limit is 100B, set to 80 to provide a 20B buffer\r\nconst SERVER_TELEM_MAX_LAST_HEADER_BYTES = 330; // ESTS limit is 350B, set to 330 to provide a 20B buffer,\r\nconst SERVER_TELEM_MAX_CACHED_ERRORS = 50; // Limit the number of errors that can be stored to prevent uncontrolled size gains\r\nconst SERVER_TELEM_CACHE_KEY = \"server-telemetry\";\r\nconst SERVER_TELEM_CATEGORY_SEPARATOR = \"|\";\r\nconst SERVER_TELEM_VALUE_SEPARATOR = \",\";\r\nconst SERVER_TELEM_OVERFLOW_TRUE = \"1\";\r\nconst SERVER_TELEM_OVERFLOW_FALSE = \"0\";\r\nconst SERVER_TELEM_UNKNOWN_ERROR = \"unknown_error\";\r\n/**\r\n * Type of the authentication request\r\n */\r\nconst AuthenticationScheme = {\r\n BEARER: \"Bearer\",\r\n POP: \"pop\",\r\n SSH: \"ssh-cert\",\r\n};\r\n/**\r\n * Constants related to throttling\r\n */\r\nconst DEFAULT_THROTTLE_TIME_SECONDS = 60;\r\n// Default maximum time to throttle in seconds, overrides what the server sends back\r\nconst DEFAULT_MAX_THROTTLE_TIME_SECONDS = 3600;\r\n// Prefix for storing throttling entries\r\nconst THROTTLING_PREFIX = \"throttling\";\r\n// Value assigned to the x-ms-lib-capability header to indicate to the server the library supports throttling\r\nconst X_MS_LIB_CAPABILITY_VALUE = \"retry-after, h429\";\r\n/**\r\n * Errors\r\n */\r\nconst INVALID_GRANT_ERROR = \"invalid_grant\";\r\nconst CLIENT_MISMATCH_ERROR = \"client_mismatch\";\r\n/**\r\n * Password grant parameters\r\n */\r\nconst PasswordGrantConstants = {\r\n username: \"username\",\r\n password: \"password\",\r\n};\r\n/**\r\n * Region Discovery Sources\r\n */\r\nconst RegionDiscoverySources = {\r\n FAILED_AUTO_DETECTION: \"1\",\r\n INTERNAL_CACHE: \"2\",\r\n ENVIRONMENT_VARIABLE: \"3\",\r\n IMDS: \"4\",\r\n};\r\n/**\r\n * Region Discovery Outcomes\r\n */\r\nconst RegionDiscoveryOutcomes = {\r\n CONFIGURED_MATCHES_DETECTED: \"1\",\r\n CONFIGURED_NO_AUTO_DETECTION: \"2\",\r\n CONFIGURED_NOT_DETECTED: \"3\",\r\n AUTO_DETECTION_REQUESTED_SUCCESSFUL: \"4\",\r\n AUTO_DETECTION_REQUESTED_FAILED: \"5\",\r\n};\r\n/**\r\n * Specifies the reason for fetching the access token from the identity provider\r\n */\r\nconst CacheOutcome = {\r\n // When a token is found in the cache or the cache is not supposed to be hit when making the request\r\n NOT_APPLICABLE: \"0\",\r\n // When the token request goes to the identity provider because force_refresh was set to true. Also occurs if claims were requested\r\n FORCE_REFRESH_OR_CLAIMS: \"1\",\r\n // When the token request goes to the identity provider because no cached access token exists\r\n NO_CACHED_ACCESS_TOKEN: \"2\",\r\n // When the token request goes to the identity provider because cached access token expired\r\n CACHED_ACCESS_TOKEN_EXPIRED: \"3\",\r\n // When the token request goes to the identity provider because refresh_in was used and the existing token needs to be refreshed\r\n PROACTIVELY_REFRESHED: \"4\",\r\n};\r\nconst JsonWebTokenTypes = {\r\n Jwt: \"JWT\",\r\n Jwk: \"JWK\",\r\n Pop: \"pop\",\r\n};\r\nconst ONE_DAY_IN_MS = 86400000;\r\n// Token renewal offset default in seconds\r\nconst DEFAULT_TOKEN_RENEWAL_OFFSET_SEC = 300;\r\nconst EncodingTypes = {\r\n BASE64: \"base64\",\r\n HEX: \"hex\",\r\n UTF8: \"utf-8\",\r\n};\n\nexport { AADAuthority, AAD_INSTANCE_DISCOVERY_ENDPT, AAD_TENANT_DOMAIN_SUFFIX, ADFS, APP_METADATA, AUTHORITY_METADATA_CACHE_KEY, AUTHORITY_METADATA_REFRESH_TIME_SECONDS, AUTHORIZATION_PENDING, AZURE_REGION_AUTO_DISCOVER_FLAG, AuthenticationScheme, AuthorityMetadataSource, CACHE_ACCOUNT_TYPE_ADFS, CACHE_ACCOUNT_TYPE_GENERIC, CACHE_ACCOUNT_TYPE_MSAV1, CACHE_ACCOUNT_TYPE_MSSTS, CACHE_KEY_SEPARATOR, CIAM_AUTH_URL, CLIENT_INFO, CLIENT_INFO_SEPARATOR, CLIENT_MISMATCH_ERROR, CODE_GRANT_TYPE, CONSUMER_UTID, CacheOutcome, CacheType, ClaimsRequestKeys, CodeChallengeMethodValues, CredentialType, DEFAULT_AUTHORITY, DEFAULT_AUTHORITY_HOST, DEFAULT_COMMON_TENANT, DEFAULT_MAX_THROTTLE_TIME_SECONDS, DEFAULT_THROTTLE_TIME_SECONDS, DEFAULT_TOKEN_RENEWAL_OFFSET_SEC, DSTS, EMAIL_SCOPE, EncodingTypes, FORWARD_SLASH, GrantType, HTTP_BAD_REQUEST, HTTP_CLIENT_ERROR, HTTP_CLIENT_ERROR_RANGE_END, HTTP_CLIENT_ERROR_RANGE_START, HTTP_GATEWAY_TIMEOUT, HTTP_GONE, HTTP_MULTI_SIDED_ERROR, HTTP_NOT_FOUND, HTTP_REDIRECT, HTTP_REQUEST_TIMEOUT, HTTP_SERVER_ERROR, HTTP_SERVER_ERROR_RANGE_END, HTTP_SERVER_ERROR_RANGE_START, HTTP_SERVICE_UNAVAILABLE, HTTP_SUCCESS, HTTP_SUCCESS_RANGE_END, HTTP_SUCCESS_RANGE_START, HTTP_TOO_MANY_REQUESTS, HTTP_UNAUTHORIZED, HeaderNames, HttpMethod, IMDS_ENDPOINT, IMDS_TIMEOUT, IMDS_VERSION, INVALID_GRANT_ERROR, INVALID_INSTANCE, JsonWebTokenTypes, KNOWN_PUBLIC_CLOUDS, NOT_APPLICABLE, NOT_AVAILABLE, OAuthResponseType, OFFLINE_ACCESS_SCOPE, OIDC_DEFAULT_SCOPES, OIDC_SCOPES, ONE_DAY_IN_MS, OPENID_SCOPE, PROFILE_SCOPE, PasswordGrantConstants, PersistentCacheKeys, PromptValue, REGIONAL_AUTH_PUBLIC_CLOUD_SUFFIX, RESOURCE_DELIM, RegionDiscoveryOutcomes, RegionDiscoverySources, ResponseMode, S256_CODE_CHALLENGE_METHOD, SERVER_TELEM_CACHE_KEY, SERVER_TELEM_CATEGORY_SEPARATOR, SERVER_TELEM_MAX_CACHED_ERRORS, SERVER_TELEM_MAX_CUR_HEADER_BYTES, SERVER_TELEM_MAX_LAST_HEADER_BYTES, SERVER_TELEM_OVERFLOW_FALSE, SERVER_TELEM_OVERFLOW_TRUE, SERVER_TELEM_SCHEMA_VERSION, SERVER_TELEM_UNKNOWN_ERROR, SERVER_TELEM_VALUE_SEPARATOR, SHR_NONCE_VALIDITY, SKU, THE_FAMILY_ID, THROTTLING_PREFIX, URL_FORM_CONTENT_TYPE, X_MS_LIB_CAPABILITY_VALUE };\n//# sourceMappingURL=Constants.mjs.map\n","/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nfunction getDefaultErrorMessage(code) {\r\n return `See https://aka.ms/msal.js.errors#${code} for details`;\r\n}\r\n/**\r\n * General error class thrown by the MSAL.js library.\r\n */\r\nclass AuthError extends Error {\r\n constructor(errorCode, correlationId, errorMessage, suberror) {\r\n const message = errorMessage ||\r\n (errorCode ? getDefaultErrorMessage(errorCode) : \"\");\r\n const errorString = message ? `${errorCode}: ${message}` : errorCode;\r\n super(errorString);\r\n Object.setPrototypeOf(this, AuthError.prototype);\r\n this.errorCode = errorCode || \"\";\r\n this.errorMessage = message || \"\";\r\n this.subError = suberror || \"\";\r\n this.correlationId = correlationId;\r\n this.name = \"AuthError\";\r\n }\r\n}\r\nfunction createAuthError(code, correlationId, additionalMessage) {\r\n return new AuthError(code, correlationId, additionalMessage || getDefaultErrorMessage(code));\r\n}\n\nexport { AuthError, createAuthError, getDefaultErrorMessage };\n//# sourceMappingURL=AuthError.mjs.map\n","/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\nimport { AuthError } from './AuthError.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * ClientAuthErrorMessage class containing string constants used by error codes and messages.\r\n */\r\n/**\r\n * Error thrown when there is an error in the client code running on the browser.\r\n */\r\nclass ClientAuthError extends AuthError {\r\n constructor(errorCode, correlationId, additionalMessage) {\r\n super(errorCode, correlationId, additionalMessage);\r\n this.name = \"ClientAuthError\";\r\n Object.setPrototypeOf(this, ClientAuthError.prototype);\r\n }\r\n}\r\nfunction createClientAuthError(errorCode, correlationId, additionalMessage) {\r\n return new ClientAuthError(errorCode, correlationId, additionalMessage);\r\n}\n\nexport { ClientAuthError, createClientAuthError };\n//# sourceMappingURL=ClientAuthError.mjs.map\n","/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst clientInfoDecodingError = \"client_info_decoding_error\";\r\nconst clientInfoEmptyError = \"client_info_empty_error\";\r\nconst tokenParsingError = \"token_parsing_error\";\r\nconst nullOrEmptyToken = \"null_or_empty_token\";\r\nconst endpointResolutionError = \"endpoints_resolution_error\";\r\nconst networkError = \"network_error\";\r\nconst openIdConfigError = \"openid_config_error\";\r\nconst hashNotDeserialized = \"hash_not_deserialized\";\r\nconst invalidState = \"invalid_state\";\r\nconst stateMismatch = \"state_mismatch\";\r\nconst stateNotFound = \"state_not_found\";\r\nconst nonceMismatch = \"nonce_mismatch\";\r\nconst multipleMatchingTokens = \"multiple_matching_tokens\";\r\nconst multipleMatchingAppMetadata = \"multiple_matching_appMetadata\";\r\nconst requestCannotBeMade = \"request_cannot_be_made\";\r\nconst cannotRemoveEmptyScope = \"cannot_remove_empty_scope\";\r\nconst cannotAppendScopeSet = \"cannot_append_scopeset\";\r\nconst emptyInputScopeSet = \"empty_input_scopeset\";\r\nconst noAccountInSilentRequest = \"no_account_in_silent_request\";\r\nconst invalidCacheRecord = \"invalid_cache_record\";\r\nconst invalidCacheEnvironment = \"invalid_cache_environment\";\r\nconst noAccountFound = \"no_account_found\";\r\nconst noCryptoObject = \"no_crypto_object\";\r\nconst unexpectedCredentialType = \"unexpected_credential_type\";\r\nconst tokenRefreshRequired = \"token_refresh_required\";\r\nconst tokenClaimsCnfRequiredForSignedJwt = \"token_claims_cnf_required_for_signedjwt\";\r\nconst authorizationCodeMissingFromServerResponse = \"authorization_code_missing_from_server_response\";\r\nconst bindingKeyNotRemoved = \"binding_key_not_removed\";\r\nconst endSessionEndpointNotSupported = \"end_session_endpoint_not_supported\";\r\nconst keyIdMissing = \"key_id_missing\";\r\nconst noNetworkConnectivity = \"no_network_connectivity\";\r\nconst userCanceled = \"user_canceled\";\r\nconst methodNotImplemented = \"method_not_implemented\";\r\nconst nestedAppAuthBridgeDisabled = \"nested_app_auth_bridge_disabled\";\r\nconst platformBrokerError = \"platform_broker_error\";\r\nconst resourceParameterRequired = \"resource_parameter_required\";\r\nconst misplacedResourceParam = \"misplaced_resource_parameter\";\n\nexport { authorizationCodeMissingFromServerResponse, bindingKeyNotRemoved, cannotAppendScopeSet, cannotRemoveEmptyScope, clientInfoDecodingError, clientInfoEmptyError, emptyInputScopeSet, endSessionEndpointNotSupported, endpointResolutionError, hashNotDeserialized, invalidCacheEnvironment, invalidCacheRecord, invalidState, keyIdMissing, methodNotImplemented, misplacedResourceParam, multipleMatchingAppMetadata, multipleMatchingTokens, nestedAppAuthBridgeDisabled, networkError, noAccountFound, noAccountInSilentRequest, noCryptoObject, noNetworkConnectivity, nonceMismatch, nullOrEmptyToken, openIdConfigError, platformBrokerError, requestCannotBeMade, resourceParameterRequired, stateMismatch, stateNotFound, tokenClaimsCnfRequiredForSignedJwt, tokenParsingError, tokenRefreshRequired, unexpectedCredentialType, userCanceled };\n//# sourceMappingURL=ClientAuthErrorCodes.mjs.map\n","/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\nimport { AuthError } from './AuthError.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Error thrown when there is an error in configuration of the MSAL.js library.\r\n */\r\nclass ClientConfigurationError extends AuthError {\r\n constructor(errorCode, correlationId) {\r\n super(errorCode, correlationId);\r\n this.name = \"ClientConfigurationError\";\r\n Object.setPrototypeOf(this, ClientConfigurationError.prototype);\r\n }\r\n}\r\nfunction createClientConfigurationError(errorCode, correlationId) {\r\n return new ClientConfigurationError(errorCode, correlationId);\r\n}\n\nexport { ClientConfigurationError, createClientConfigurationError };\n//# sourceMappingURL=ClientConfigurationError.mjs.map\n","/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\nconst redirectUriEmpty = \"redirect_uri_empty\";\r\nconst claimsRequestParsingError = \"claims_request_parsing_error\";\r\nconst authorityUriInsecure = \"authority_uri_insecure\";\r\nconst urlParseError = \"url_parse_error\";\r\nconst urlEmptyError = \"empty_url_error\";\r\nconst emptyInputScopesError = \"empty_input_scopes_error\";\r\nconst invalidClaims = \"invalid_claims\";\r\nconst tokenRequestEmpty = \"token_request_empty\";\r\nconst logoutRequestEmpty = \"logout_request_empty\";\r\nconst invalidCodeChallengeMethod = \"invalid_code_challenge_method\";\r\nconst pkceParamsMissing = \"pkce_params_missing\";\r\nconst invalidCloudDiscoveryMetadata = \"invalid_cloud_discovery_metadata\";\r\nconst invalidAuthorityMetadata = \"invalid_authority_metadata\";\r\nconst untrustedAuthority = \"untrusted_authority\";\r\nconst missingSshJwk = \"missing_ssh_jwk\";\r\nconst missingSshKid = \"missing_ssh_kid\";\r\nconst missingNonceAuthenticationHeader = \"missing_nonce_authentication_header\";\r\nconst invalidAuthenticationHeader = \"invalid_authentication_header\";\r\nconst cannotSetOIDCOptions = \"cannot_set_OIDCOptions\";\r\nconst cannotAllowPlatformBroker = \"cannot_allow_platform_broker\";\r\nconst authorityMismatch = \"authority_mismatch\";\r\nconst invalidRequestMethodForEAR = \"invalid_request_method_for_EAR\";\r\nconst invalidPlatformBrokerConfiguration = \"invalid_platform_broker_configuration\";\r\nconst issuerValidationFailed = \"issuer_validation_failed\";\r\nconst invalidResponseMode = \"invalid_response_mode\";\r\nconst invalidDpopHtm = \"invalid_dpop_htm\";\r\nconst invalidDpopHtu = \"invalid_dpop_htu\";\n\nexport { authorityMismatch, authorityUriInsecure, cannotAllowPlatformBroker, cannotSetOIDCOptions, claimsRequestParsingError, emptyInputScopesError, invalidAuthenticationHeader, invalidAuthorityMetadata, invalidClaims, invalidCloudDiscoveryMetadata, invalidCodeChallengeMethod, invalidDpopHtm, invalidDpopHtu, invalidPlatformBrokerConfiguration, invalidRequestMethodForEAR, invalidResponseMode, issuerValidationFailed, logoutRequestEmpty, missingNonceAuthenticationHeader, missingSshJwk, missingSshKid, pkceParamsMissing, redirectUriEmpty, tokenRequestEmpty, untrustedAuthority, urlEmptyError, urlParseError };\n//# sourceMappingURL=ClientConfigurationErrorCodes.mjs.map\n","/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * @hidden\r\n */\r\nclass StringUtils {\r\n /**\r\n * Check if stringified object is empty\r\n * @param strObj\r\n */\r\n static isEmptyObj(strObj) {\r\n if (strObj) {\r\n try {\r\n const obj = JSON.parse(strObj);\r\n return Object.keys(obj).length === 0;\r\n }\r\n catch (e) { }\r\n }\r\n return true;\r\n }\r\n static startsWith(str, search) {\r\n return str.indexOf(search) === 0;\r\n }\r\n static endsWith(str, search) {\r\n return (str.length >= search.length &&\r\n str.lastIndexOf(search) === str.length - search.length);\r\n }\r\n /**\r\n * Parses string into an object.\r\n *\r\n * @param query\r\n */\r\n static queryStringToObject(query) {\r\n const obj = {};\r\n const params = query.split(\"&\");\r\n const decode = (s) => decodeURIComponent(s.replace(/\\+/g, \" \"));\r\n params.forEach((pair) => {\r\n if (pair.trim()) {\r\n const [key, value] = pair.split(/=(.+)/g, 2); // Split on the first occurence of the '=' character\r\n if (key && value) {\r\n obj[decode(key)] = decode(value);\r\n }\r\n }\r\n });\r\n return obj;\r\n }\r\n /**\r\n * Trims entries in an array.\r\n *\r\n * @param arr\r\n */\r\n static trimArrayEntries(arr) {\r\n return arr.map((entry) => entry.trim());\r\n }\r\n /**\r\n * Removes empty strings from array\r\n * @param arr\r\n */\r\n static removeEmptyStringsFromArray(arr) {\r\n return arr.filter((entry) => {\r\n return !!entry;\r\n });\r\n }\r\n /**\r\n * Attempts to parse a string into JSON\r\n * @param str\r\n */\r\n static jsonParseHelper(str) {\r\n try {\r\n return JSON.parse(str);\r\n }\r\n catch (e) {\r\n return null;\r\n }\r\n }\r\n}\n\nexport { StringUtils };\n//# sourceMappingURL=StringUtils.mjs.map\n","/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\nimport { createClientConfigurationError } from '../error/ClientConfigurationError.mjs';\nimport { StringUtils } from '../utils/StringUtils.mjs';\nimport { AADAuthority, FORWARD_SLASH } from '../utils/Constants.mjs';\nimport { urlEmptyError, urlParseError, authorityUriInsecure } from '../error/ClientConfigurationErrorCodes.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Url object class which can perform various transformations on url strings.\r\n */\r\nclass UrlString {\r\n get urlString() {\r\n return this._urlString;\r\n }\r\n constructor(url, correlationId) {\r\n this._urlString = url;\r\n this.correlationId = correlationId;\r\n if (!this._urlString) {\r\n // Throws error if url is empty\r\n throw createClientConfigurationError(urlEmptyError, correlationId);\r\n }\r\n if (!url.includes(\"#\")) {\r\n this._urlString = UrlString.canonicalizeUri(url);\r\n }\r\n }\r\n /**\r\n * Ensure urls are lower case and end with a / character.\r\n * @param url\r\n */\r\n static canonicalizeUri(url) {\r\n if (url) {\r\n let lowerCaseUrl = url.toLowerCase();\r\n if (StringUtils.endsWith(lowerCaseUrl, \"?\")) {\r\n lowerCaseUrl = lowerCaseUrl.slice(0, -1);\r\n }\r\n else if (StringUtils.endsWith(lowerCaseUrl, \"?/\")) {\r\n lowerCaseUrl = lowerCaseUrl.slice(0, -2);\r\n }\r\n if (!StringUtils.endsWith(lowerCaseUrl, \"/\")) {\r\n lowerCaseUrl += \"/\";\r\n }\r\n return lowerCaseUrl;\r\n }\r\n return url;\r\n }\r\n /**\r\n * Throws if urlString passed is not a valid authority URI string.\r\n */\r\n validateAsUri() {\r\n // Attempts to parse url for uri components\r\n let components;\r\n try {\r\n components = this.getUrlComponents();\r\n }\r\n catch (e) {\r\n throw createClientConfigurationError(urlParseError, this.correlationId);\r\n }\r\n // Throw error if URI or path segments are not parseable.\r\n if (!components.HostNameAndPort || !components.PathSegments) {\r\n throw createClientConfigurationError(urlParseError, this.correlationId);\r\n }\r\n // Throw error if uri is insecure.\r\n if (!components.Protocol ||\r\n components.Protocol.toLowerCase() !== \"https:\") {\r\n throw createClientConfigurationError(authorityUriInsecure, this.correlationId);\r\n }\r\n }\r\n /**\r\n * Given a url and a query string return the url with provided query string appended\r\n * @param url\r\n * @param queryString\r\n */\r\n static appendQueryString(url, queryString) {\r\n if (!queryString) {\r\n return url;\r\n }\r\n return url.indexOf(\"?\") < 0\r\n ? `${url}?${queryString}`\r\n : `${url}&${queryString}`;\r\n }\r\n /**\r\n * Returns a url with the hash removed\r\n * @param url\r\n */\r\n static removeHashFromUrl(url) {\r\n return UrlString.canonicalizeUri(url.split(\"#\")[0]);\r\n }\r\n /**\r\n * Given a url like https://a:b/common/d?e=f#g, and a tenantId, returns https://a:b/tenantId/d\r\n * @param href The url\r\n * @param tenantId The tenant id to replace\r\n */\r\n replaceTenantPath(tenantId) {\r\n const urlObject = this.getUrlComponents();\r\n const pathArray = urlObject.PathSegments;\r\n if (tenantId &&\r\n pathArray.length !== 0 &&\r\n (pathArray[0] === AADAuthority.COMMON ||\r\n pathArray[0] === AADAuthority.ORGANIZATIONS)) {\r\n pathArray[0] = tenantId;\r\n }\r\n return UrlString.constructAuthorityUriFromObject(urlObject, this.correlationId);\r\n }\r\n /**\r\n * Parses out the components from a url string.\r\n * @returns An object with the various components. Please cache this value insted of calling this multiple times on the same url.\r\n */\r\n getUrlComponents() {\r\n // https://gist.github.com/curtisz/11139b2cfcaef4a261e0\r\n const regEx = RegExp(\"^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\\\?([^#]*))?(#(.*))?\");\r\n // If url string does not match regEx, we throw an error\r\n const match = this.urlString.match(regEx);\r\n if (!match) {\r\n throw createClientConfigurationError(urlParseError, this.correlationId);\r\n }\r\n // Url component object\r\n const urlComponents = {\r\n Protocol: match[1],\r\n HostNameAndPort: match[4],\r\n AbsolutePath: match[5],\r\n QueryString: match[7],\r\n };\r\n let pathSegments = urlComponents.AbsolutePath.split(\"/\");\r\n pathSegments = pathSegments.filter((val) => val && val.length > 0); // remove empty elements\r\n urlComponents.PathSegments = pathSegments;\r\n if (urlComponents.QueryString &&\r\n urlComponents.QueryString.endsWith(\"/\")) {\r\n urlComponents.QueryString = urlComponents.QueryString.substring(0, urlComponents.QueryString.length - 1);\r\n }\r\n return urlComponents;\r\n }\r\n static getDomainFromUrl(url, correlationId) {\r\n const regEx = RegExp(\"^([^:/?#]+://)?([^/?#]*)\");\r\n const match = url.match(regEx);\r\n if (!match) {\r\n throw createClientConfigurationError(urlParseError, correlationId);\r\n }\r\n return match[2];\r\n }\r\n static getAbsoluteUrl(relativeUrl, baseUrl, correlationId) {\r\n if (relativeUrl[0] === FORWARD_SLASH) {\r\n const url = new UrlString(baseUrl, correlationId);\r\n const baseComponents = url.getUrlComponents();\r\n return (baseComponents.Protocol +\r\n \"//\" +\r\n baseComponents.HostNameAndPort +\r\n relativeUrl);\r\n }\r\n return relativeUrl;\r\n }\r\n static constructAuthorityUriFromObject(urlObject, correlationId) {\r\n return new UrlString(urlObject.Protocol +\r\n \"//\" +\r\n urlObject.HostNameAndPort +\r\n \"/\" +\r\n urlObject.PathSegments.join(\"/\"), correlationId);\r\n }\r\n}\n\nexport { UrlString };\n//# sourceMappingURL=UrlString.mjs.map\n","/*! @azure/msal-common v16.11.2 2026-07-15 */\n'use strict';\nimport { RESOURCE_DELIM } from './Constants.mjs';\nimport { createClientAuthError } from '../error/ClientAuthError.mjs';\nimport { noCryptoObject, invalidState } from '../error/ClientAuthErrorCodes.mjs';\n\n/*\r\n * Copyright (c) Microsoft Corporation. All rights reserved.\r\n * Licensed under the MIT License.\r\n */\r\n/**\r\n * Appends user state with random guid, or returns random guid.\r\n * @param cryptoObj\r\n * @param userState\r\n * @param meta\r\n * @param correlationId\r\n */\r\nfunction setRequestState(cryptoObj, userState, meta, correlationId) {\r\n const libraryState = generateLibraryState(cryptoObj, correlationId, meta);\r\n return userState\r\n ? `${libraryState}${RESOURCE_DELIM}${userState}`\r\n : libraryState;\r\n}\r\n/**\r\n * Generates the state value used by the common library.\r\n * @param cryptoObj\r\n * @param correlationId\r\n * @param meta\r\n */\r\nfunction generateLibraryState(cryptoObj, correlationId, meta) {\r\n if (!cryptoObj) {\r\n throw createClientAuthError(noCryptoObject, correlationId);\r\n }\r\n // Create a state object containing a unique id and the timestamp of the request creation\r\n const stateObj = {\r\n id: cryptoObj.createNewGuid(),\r\n };\r\n if (meta) {\r\n stateObj.meta = meta;\r\n }\r\n const stateString = JSON.stringify(stateObj);\r\n return cryptoObj.base64Encode(stateString);\r\n}\r\n/**\r\n * Parses the state into the RequestStateObject, which contains the LibraryState info and the state passed by the user.\r\n * @param base64Decode\r\n * @param state\r\n * @param correlationId\r\n */\r\nfunction parseRequestState(base64Decode, state, correlationId) {\r\n if (!base64Decode) {\r\n throw createClientAuthError(noCryptoObject, correlationId);\r\n }\r\n if (!state) {\r\n throw createClientAuthError(invalidState, correlationId);\r\n }\r\n try {\r\n // Split the state between library state and user passed state and decode them separately\r\n const splitState = state.split(RESOURCE_DELIM);\r\n const libraryState = splitState[0];\r\n const userState = splitState.length > 1\r\n ? splitState.slice(1).join(RESOURCE_DELIM)\r\n : \"\";\r\n const libraryStateString = base64Decode(libraryState);\r\n const libraryStateObj = JSON.parse(libraryStateString);\r\n return {\r\n userRequestState: userState || \"\",\r\n libraryState: libraryStateObj,\r\n };\r\n }\r\n catch (e) {\r\n throw createClientAuthError(invalidState, correlationId);\r\n }\r\n}\n\nexport { generateLibraryState, parseRequestState, setRequestState };\n//# sourceMappingURL=ProtocolUtils.mjs.map\n",null,null,null,null,null,null,null,null,null],"names":["getDefaultErrorMessage","BrowserAuthErrorCodes.invalidBase64String","BrowserAuthErrorCodes.emptyResponse","BrowserAuthErrorCodes.noStateInHash","ProtocolUtils.parseRequestState","BrowserAuthErrorCodes.unableToParseState","BrowserAuthErrorCodes.timedOut","BrowserUtils.clearAuthResponseFromUrl","BrowserUtils.getHomepage"],"mappings":";;;;;;;;IAAA;IAmBA;IACA,MAAM,cAAc,GAAG,GAAG,CAAC;IAc3B,MAAM,aAAa,GAAG,GAAG,CAAC;IA8D1B;IACA;IACA;IACA,MAAM,YAAY,GAAG;IACrB,IAAI,MAAM,EAAE,QAAQ;IACpB,IAAI,aAAa,EAAE,eAEnB,CAAC;;ICvGD;IAEA;IACA;IACA;IACA;IACA,SAASA,wBAAsB,CAAC,IAAI,EAAE;IACtC,IAAI,OAAO,CAAC,kCAAkC,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;IACnE,CAAC;IACD;IACA;IACA;IACA,MAAM,SAAS,SAAS,KAAK,CAAC;IAC9B,IAAI,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,QAAQ,EAAE;IAClE,QAAQ,MAAM,OAAO,GAAG,YAAY;IACpC,aAAa,SAAS,GAAGA,wBAAsB,CAAC,SAAS,CAAC,GAAG,EAAE,CAAC,CAAC;IACjE,QAAQ,MAAM,WAAW,GAAG,OAAO,GAAG,CAAC,EAAE,SAAS,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC;IAC7E,QAAQ,KAAK,CAAC,WAAW,CAAC,CAAC;IAC3B,QAAQ,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;IACzD,QAAQ,IAAI,CAAC,SAAS,GAAG,SAAS,IAAI,EAAE,CAAC;IACzC,QAAQ,IAAI,CAAC,YAAY,GAAG,OAAO,IAAI,EAAE,CAAC;IAC1C,QAAQ,IAAI,CAAC,QAAQ,GAAG,QAAQ,IAAI,EAAE,CAAC;IACvC,QAAQ,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IAC3C,QAAQ,IAAI,CAAC,IAAI,GAAG,WAAW,CAAC;IAChC,IAAI,CAAC;IACL;;ICzBA;;IAIA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA,MAAM,eAAe,SAAS,SAAS,CAAC;IACxC,IAAI,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,iBAAiB,EAAE;IAC7D,QAAQ,KAAK,CAAC,SAAS,EAAE,aAAa,EAAE,iBAAiB,CAAC,CAAC;IAC3D,QAAQ,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAC;IACtC,QAAQ,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,SAAS,CAAC,CAAC;IAC/D,IAAI,CAAC;IACL,CAAC;IACD,SAAS,qBAAqB,CAAC,SAAS,EAAE,aAAa,EAAE,iBAAiB,EAAE;IAC5E,IAAI,OAAO,IAAI,eAAe,CAAC,SAAS,EAAE,aAAa,EAAE,iBAAiB,CAAC,CAAC;IAC5E;;ICvBA;IAcA,MAAM,YAAY,GAAG,eAAe,CAAC;IAcrC,MAAM,cAAc,GAAG,kBAAkB;;IC5BzC;;IAIA;IACA;IACA;IACA;IACA;IACA;IACA;IACA,MAAM,wBAAwB,SAAS,SAAS,CAAC;IACjD,IAAI,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE;IAC1C,QAAQ,KAAK,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IACxC,QAAQ,IAAI,CAAC,IAAI,GAAG,0BAA0B,CAAC;IAC/C,QAAQ,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,wBAAwB,CAAC,SAAS,CAAC,CAAC;IACxE,IAAI,CAAC;IACL,CAAC;IACD,SAAS,8BAA8B,CAAC,SAAS,EAAE,aAAa,EAAE;IAClE,IAAI,OAAO,IAAI,wBAAwB,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC;IAClE;;ICpBA;IAQA,MAAM,oBAAoB,GAAG,wBAAwB,CAAC;IACtD,MAAM,aAAa,GAAG,iBAAiB,CAAC;IACxC,MAAM,aAAa,GAAG,iBAAiB;;ICVvC;IAEA;IACA;IACA;IACA;IACA;IACA;IACA;IACA,MAAM,WAAW,CAAC;IAClB;IACA;IACA;IACA;IACA,IAAI,OAAO,UAAU,CAAC,MAAM,EAAE;IAC9B,QAAQ,IAAI,MAAM,EAAE;IACpB,YAAY,IAAI;IAChB,gBAAgB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IAC/C,gBAAgB,OAAO,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;IACrD,YAAY,CAAC;IACb,YAAY,OAAO,CAAC,EAAE,EAAE,CAAC;IACzB,QAAQ,CAAC;IACT,QAAQ,OAAO,IAAI,CAAC;IACpB,IAAI,CAAC;IACL,IAAI,OAAO,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE;IACnC,QAAQ,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACzC,IAAI,CAAC;IACL,IAAI,OAAO,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE;IACjC,QAAQ,QAAQ,GAAG,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM;IAC3C,YAAY,GAAG,CAAC,WAAW,CAAC,MAAM,CAAC,KAAK,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,EAAE;IACpE,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA;IACA,IAAI,OAAO,mBAAmB,CAAC,KAAK,EAAE;IACtC,QAAQ,MAAM,GAAG,GAAG,EAAE,CAAC;IACvB,QAAQ,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACxC,QAAQ,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,kBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;IACxE,QAAQ,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,KAAK;IACjC,YAAY,IAAI,IAAI,CAAC,IAAI,EAAE,EAAE;IAC7B,gBAAgB,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;IAC7D,gBAAgB,IAAI,GAAG,IAAI,KAAK,EAAE;IAClC,oBAAoB,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IACrD,gBAAgB,CAAC;IACjB,YAAY,CAAC;IACb,QAAQ,CAAC,CAAC,CAAC;IACX,QAAQ,OAAO,GAAG,CAAC;IACnB,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA;IACA,IAAI,OAAO,gBAAgB,CAAC,GAAG,EAAE;IACjC,QAAQ,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;IAChD,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,OAAO,2BAA2B,CAAC,GAAG,EAAE;IAC5C,QAAQ,OAAO,GAAG,CAAC,MAAM,CAAC,CAAC,KAAK,KAAK;IACrC,YAAY,OAAO,CAAC,CAAC,KAAK,CAAC;IAC3B,QAAQ,CAAC,CAAC,CAAC;IACX,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,OAAO,eAAe,CAAC,GAAG,EAAE;IAChC,QAAQ,IAAI;IACZ,YAAY,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACnC,QAAQ,CAAC;IACT,QAAQ,OAAO,CAAC,EAAE;IAClB,YAAY,OAAO,IAAI,CAAC;IACxB,QAAQ,CAAC;IACT,IAAI,CAAC;IACL;;IC/EA;;IAOA;IACA;IACA;IACA;IACA;IACA;IACA;IACA,MAAM,SAAS,CAAC;IAChB,IAAI,IAAI,SAAS,GAAG;IACpB,QAAQ,OAAO,IAAI,CAAC,UAAU,CAAC;IAC/B,IAAI,CAAC;IACL,IAAI,WAAW,CAAC,GAAG,EAAE,aAAa,EAAE;IACpC,QAAQ,IAAI,CAAC,UAAU,GAAG,GAAG,CAAC;IAC9B,QAAQ,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IAC3C,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE;IAC9B;IACA,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IAC/E,QAAQ,CAAC;IACT,QAAQ,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;IAChC,YAAY,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;IAC7D,QAAQ,CAAC;IACT,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,OAAO,eAAe,CAAC,GAAG,EAAE;IAChC,QAAQ,IAAI,GAAG,EAAE;IACjB,YAAY,IAAI,YAAY,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IACjD,YAAY,IAAI,WAAW,CAAC,QAAQ,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;IACzD,gBAAgB,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACzD,YAAY,CAAC;IACb,iBAAiB,IAAI,WAAW,CAAC,QAAQ,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE;IAC/D,gBAAgB,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACzD,YAAY,CAAC;IACb,YAAY,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;IAC1D,gBAAgB,YAAY,IAAI,GAAG,CAAC;IACpC,YAAY,CAAC;IACb,YAAY,OAAO,YAAY,CAAC;IAChC,QAAQ,CAAC;IACT,QAAQ,OAAO,GAAG,CAAC;IACnB,IAAI,CAAC;IACL;IACA;IACA;IACA,IAAI,aAAa,GAAG;IACpB;IACA,QAAQ,IAAI,UAAU,CAAC;IACvB,QAAQ,IAAI;IACZ,YAAY,UAAU,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;IACjD,QAAQ,CAAC;IACT,QAAQ,OAAO,CAAC,EAAE;IAClB,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACpF,QAAQ,CAAC;IACT;IACA,QAAQ,IAAI,CAAC,UAAU,CAAC,eAAe,IAAI,CAAC,UAAU,CAAC,YAAY,EAAE;IACrE,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACpF,QAAQ,CAAC;IACT;IACA,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ;IAChC,YAAY,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,QAAQ,EAAE;IAC5D,YAAY,MAAM,8BAA8B,CAAC,oBAAoB,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IAC3F,QAAQ,CAAC;IACT,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA;IACA,IAAI,OAAO,iBAAiB,CAAC,GAAG,EAAE,WAAW,EAAE;IAC/C,QAAQ,IAAI,CAAC,WAAW,EAAE;IAC1B,YAAY,OAAO,GAAG,CAAC;IACvB,QAAQ,CAAC;IACT,QAAQ,OAAO,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;IACnC,cAAc,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;IACrC,cAAc,CAAC,EAAE,GAAG,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC;IACtC,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,OAAO,iBAAiB,CAAC,GAAG,EAAE;IAClC,QAAQ,OAAO,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC5D,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA;IACA,IAAI,iBAAiB,CAAC,QAAQ,EAAE;IAChC,QAAQ,MAAM,SAAS,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;IAClD,QAAQ,MAAM,SAAS,GAAG,SAAS,CAAC,YAAY,CAAC;IACjD,QAAQ,IAAI,QAAQ;IACpB,YAAY,SAAS,CAAC,MAAM,KAAK,CAAC;IAClC,aAAa,SAAS,CAAC,CAAC,CAAC,KAAK,YAAY,CAAC,MAAM;IACjD,gBAAgB,SAAS,CAAC,CAAC,CAAC,KAAK,YAAY,CAAC,aAAa,CAAC,EAAE;IAC9D,YAAY,SAAS,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC;IACpC,QAAQ,CAAC;IACT,QAAQ,OAAO,SAAS,CAAC,+BAA+B,CAAC,SAAS,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACxF,IAAI,CAAC;IACL;IACA;IACA;IACA;IACA,IAAI,gBAAgB,GAAG;IACvB;IACA,QAAQ,MAAM,KAAK,GAAG,MAAM,CAAC,4DAA4D,CAAC,CAAC;IAC3F;IACA,QAAQ,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IAClD,QAAQ,IAAI,CAAC,KAAK,EAAE;IACpB,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACpF,QAAQ,CAAC;IACT;IACA,QAAQ,MAAM,aAAa,GAAG;IAC9B,YAAY,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;IAC9B,YAAY,eAAe,EAAE,KAAK,CAAC,CAAC,CAAC;IACrC,YAAY,YAAY,EAAE,KAAK,CAAC,CAAC,CAAC;IAClC,YAAY,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;IACjC,SAAS,CAAC;IACV,QAAQ,IAAI,YAAY,GAAG,aAAa,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjE,QAAQ,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC3E,QAAQ,aAAa,CAAC,YAAY,GAAG,YAAY,CAAC;IAClD,QAAQ,IAAI,aAAa,CAAC,WAAW;IACrC,YAAY,aAAa,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;IACrD,YAAY,aAAa,CAAC,WAAW,GAAG,aAAa,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,aAAa,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACrH,QAAQ,CAAC;IACT,QAAQ,OAAO,aAAa,CAAC;IAC7B,IAAI,CAAC;IACL,IAAI,OAAO,gBAAgB,CAAC,GAAG,EAAE,aAAa,EAAE;IAChD,QAAQ,MAAM,KAAK,GAAG,MAAM,CAAC,0BAA0B,CAAC,CAAC;IACzD,QAAQ,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACvC,QAAQ,IAAI,CAAC,KAAK,EAAE;IACpB,YAAY,MAAM,8BAA8B,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IAC/E,QAAQ,CAAC;IACT,QAAQ,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;IACxB,IAAI,CAAC;IACL,IAAI,OAAO,cAAc,CAAC,WAAW,EAAE,OAAO,EAAE,aAAa,EAAE;IAC/D,QAAQ,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,aAAa,EAAE;IAC9C,YAAY,MAAM,GAAG,GAAG,IAAI,SAAS,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;IAC9D,YAAY,MAAM,cAAc,GAAG,GAAG,CAAC,gBAAgB,EAAE,CAAC;IAC1D,YAAY,QAAQ,cAAc,CAAC,QAAQ;IAC3C,gBAAgB,IAAI;IACpB,gBAAgB,cAAc,CAAC,eAAe;IAC9C,gBAAgB,WAAW,EAAE;IAC7B,QAAQ,CAAC;IACT,QAAQ,OAAO,WAAW,CAAC;IAC3B,IAAI,CAAC;IACL,IAAI,OAAO,+BAA+B,CAAC,SAAS,EAAE,aAAa,EAAE;IACrE,QAAQ,OAAO,IAAI,SAAS,CAAC,SAAS,CAAC,QAAQ;IAC/C,YAAY,IAAI;IAChB,YAAY,SAAS,CAAC,eAAe;IACrC,YAAY,GAAG;IACf,YAAY,SAAS,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,aAAa,CAAC,CAAC;IAC7D,IAAI,CAAC;IACL;;ICjKA;IA2CA;IACA;IACA;IACA;IACA;IACA;IACA,SAAS,iBAAiB,CAAC,YAAY,EAAE,KAAK,EAAE,aAAa,EAAE;IAC/D,IAAI,IAAI,CAAC,YAAY,EAAE;IACvB,QAAQ,MAAM,qBAAqB,CAAC,cAAc,EAAE,aAAa,CAAC,CAAC;IACnE,IAAI,CAAC;IACL,IAAI,IAAI,CAAC,KAAK,EAAE;IAChB,QAAQ,MAAM,qBAAqB,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;IACjE,IAAI,CAAC;IACL,IAAI,IAAI;IACR;IACA,QAAQ,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IACvD,QAAQ,MAAM,YAAY,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;IAC3C,QAAQ,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC;IAC/C,cAAc,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;IACtD,cAAc,EAAE,CAAC;IACjB,QAAQ,MAAM,kBAAkB,GAAG,YAAY,CAAC,YAAY,CAAC,CAAC;IAC9D,QAAQ,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;IAC/D,QAAQ,OAAO;IACf,YAAY,gBAAgB,EAAE,SAAS,IAAI,EAAE;IAC7C,YAAY,YAAY,EAAE,eAAe;IACzC,SAAS,CAAC;IACV,IAAI,CAAC;IACL,IAAI,OAAO,CAAC,EAAE;IACd,QAAQ,MAAM,qBAAqB,CAAC,YAAY,EAAE,aAAa,CAAC,CAAC;IACjE,IAAI,CAAC;IACL;;ICzEA;;;IAGG;IAQI,MAAM,aAAa,GAAG,kBAAkB,CAAC;IAGzC,MAAM,kBAAkB,GAAG,uBAAuB,CAAC;IA8CnD,MAAM,mBAAmB,GAAG,uBAAuB,CAAC;IAKpD,MAAM,QAAQ,GAAG,WAAW,CAAC;IAC7B,MAAM,aAAa,GAAG,gBAAgB;;IClE7C;;;IAGG;IAMG,SAAU,sBAAsB,CAAC,IAAY,EAAA;QAC/C,OAAO,CAAA,kCAAA,EAAqC,IAAI,CAAA,YAAA,CAAc,CAAC;IACnE,CAAC;IAED;;IAEG;IACG,MAAO,gBAAiB,SAAQ,SAAS,CAAA;IAC3C,IAAA,WAAA,CAAY,SAAiB,EAAE,aAAqB,EAAE,QAAiB,EAAA;IACnE,QAAA,KAAK,CACD,SAAS,EACT,aAAa,EACb,sBAAsB,CAAC,SAAS,CAAC,EACjC,QAAQ,CACX,CAAC;YAEF,MAAM,CAAC,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,SAAS,CAAC,CAAC;IACxD,QAAA,IAAI,CAAC,IAAI,GAAG,kBAAkB,CAAC;QACnC,CAAC;IACJ,CAAA;aAEe,sBAAsB,CAClC,SAAiB,EACjB,aAAqB,EACrB,QAAiB,EAAA;QAEjB,OAAO,IAAI,gBAAgB,CAAC,SAAS,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;IACpE;;ICpCA;;;IAGG;IAOH;;;IAGG;IAEH;;;IAGG;IACG,SAAU,YAAY,CAAC,KAAa,EAAA;QACtC,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED;;;IAGG;IACG,SAAU,cAAc,CAAC,YAAoB,EAAA;IAC/C,IAAA,IAAI,aAAa,GAAG,YAAY,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IACvE,IAAA,QAAQ,aAAa,CAAC,MAAM,GAAG,CAAC;IAC5B,QAAA,KAAK,CAAC;gBACF,MAAM;IACV,QAAA,KAAK,CAAC;gBACF,aAAa,IAAI,IAAI,CAAC;gBACtB,MAAM;IACV,QAAA,KAAK,CAAC;gBACF,aAAa,IAAI,GAAG,CAAC;gBACrB,MAAM;IACV,QAAA;gBACI,MAAM,sBAAsB,CACxBC,mBAAyC,EACzC,EAAE,CACL,CAAC;IACT,KAAA;IACD,IAAA,MAAM,SAAS,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QACtC,OAAO,UAAU,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACpE;;IC9CA;;;IAGG;IA0EI,MAAM,gBAAgB,GAAG;IAC5B,IACA,OAAO,EAAE,SAAS;KACZ,CAAC;IAIX;;IAEG;IACI,MAAM,kBAAkB,GAAG;IAC9B,IAAA,UAAU,EAAE,gBAAgB;IAC5B,IAAA,QAAQ,EAAE,SAAS;IACnB,IAAA,cAAc,EAAE,gBAAgB;IAChC,IAAA,QAAQ,EAAE,eAAe;IACzB,IAAA,sBAAsB,EAAE,oBAAoB;IAC5C,IAAA,cAAc,EAAE,gBAAgB;KAC1B,CAAC;IAcX;;;;;;IAMG;IACI,MAAM,KAAK,GAAG;IACjB,IAIA,qBAAqB,EAAE,GAAG;IAC1B,IAEA,MAAM,EAAE,IAIF,CAAC;IA2BX;;IAEG;IACH,IAAY,eAKX,CAAA;IALD,CAAA,UAAY,eAAe,EAAA;IACvB,IAAA,eAAA,CAAA,UAAA,CAAA,GAAA,UAAqB,CAAA;IACrB,IAAA,eAAA,CAAA,OAAA,CAAA,GAAA,OAAe,CAAA;IACf,IAAA,eAAA,CAAA,QAAA,CAAA,GAAA,QAAiB,CAAA;IACjB,IAAA,eAAA,CAAA,MAAA,CAAA,GAAA,MAAa,CAAA;IACjB,CAAC,EALW,eAAe,KAAf,eAAe,GAAA,EAAA,CAAA,CAAA;;IC7J3B;;;IAGG;IA+BH;;;;;;;;;;;;;;IAcG;aACa,wBAAwB,GAAA;;IAapC,IAAA,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;IACrC,IAAA,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;;QAGxC,IAAI,iBAAiB,GAAG,KAAK,CAAC;QAC9B,IAAI,kBAAkB,GAAG,KAAK,CAAC;QAC/B,IAAI,OAAO,GAAG,EAAE,CAAC;QACjB,IAAI,MAAM,GAAgC,SAAS,CAAC;IAEpD,IAAA,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE;YAC/B,MAAM,WAAW,GACb,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC;IAC/D,QAAA,MAAM,UAAU,GAAG,IAAI,eAAe,CAAC,WAAW,CAAC,CAAC;IACpD,QAAA,IAAI,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;gBACzB,iBAAiB,GAAG,IAAI,CAAC;gBACzB,OAAO,GAAG,WAAW,CAAC;gBACtB,MAAM,GAAG,UAAU,CAAC;IACvB,QAAA,CAAA;IACJ,IAAA,CAAA;IAED,IAAA,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;YACjC,MAAM,YAAY,GACd,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC;IAClE,QAAA,MAAM,WAAW,GAAG,IAAI,eAAe,CAAC,YAAY,CAAC,CAAC;IACtD,QAAA,IAAI,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE;gBAC1B,kBAAkB,GAAG,IAAI,CAAC;gBAC1B,OAAO,GAAG,YAAY,CAAC;gBACvB,MAAM,GAAG,WAAW,CAAC;IACxB,QAAA,CAAA;IACJ,IAAA,CAAA;;QAGD,IAAI,iBAAiB,IAAI,kBAAkB,EAAE;YACzC,MAAM,YAAY,GACd,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,QAAQ,CAAC;YAClE,MAAM,WAAW,GACb,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC;IAC/D,QAAA,OAAO,GAAG,CAAA,EAAG,YAAY,CAAA,EAAG,WAAW,EAAE,CAAC;IAC1C,QAAA,MAAM,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,CAAC;IACzC,IAAA,CAAA;IAED;;;IAGG;IACH,IAAA,IAAI,CAAC,OAAO,IAAI,CAAC,MAAM,EAAE;YACrB,MAAM,sBAAsB,CAACC,aAAmC,EAAE,EAAE,CAAC,CAAC;IACzE,IAAA,CAAA;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK,EAAE;YACR,MAAM,sBAAsB,CAACC,aAAmC,EAAE,EAAE,CAAC,CAAC;IACzE,IAAA,CAAA;IAED,IAAA,MAAM,EAAE,YAAY,EAAE,GAAGC,iBAA+B,CACpD,YAAY,EACZ,KAAK,EACL,EAAE,CACL,CAAC;IAEF,IAAA,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,YAAY,CAAC;IAClC,IAAA,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI,EAAE;YACd,MAAM,sBAAsB,CACxBC,kBAAwC,EACxC,EAAE,EACF,uBAAuB,CAC1B,CAAC;IACL,IAAA,CAAA;QAED,OAAO;YACH,MAAM;YACN,OAAO;YACP,OAAO;YACP,QAAQ;YACR,iBAAiB;YACjB,kBAAkB;IAClB,QAAA,YAAY,EAAE;gBACV,EAAE;gBACF,IAAI;IACP,SAAA;SACJ,CAAC;IACN,CAAC;IAkBD;;;;IAIG;IACG,SAAU,wBAAwB,CAAC,aAAqB,EAAA;QAC1D,IAAI,OAAO,aAAa,CAAC,OAAO,EAAE,YAAY,KAAK,UAAU,EAAE;YAC3D,aAAa,CAAC,OAAO,CAAC,YAAY,CAC9B,IAAI,EACJ,EAAE,EACF,CAAA,EAAG,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAA,EAAG,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAA,CAAE,CACvE,CAAC;IACL,IAAA,CAAA;IACL,CAAC;IAwND;;IAEG;IACG,SAAU,WAAW,CAAC,aAAsB,EAAA;IAC9C,IAAA,MAAM,UAAU,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAmB,EAAE,CAAC,CAAC;IAC5E,IAAA,MAAM,aAAa,GAAG,UAAU,CAAC,gBAAgB,EAAE,CAAC;QACpD,OAAO,CAAA,EAAG,aAAa,CAAC,QAAQ,KAAK,aAAa,CAAC,eAAe,CAAA,CAAA,CAAG,CAAC;IAC1E;;IC7YA;;;IAGG;UASU,gBAAgB,CAAA;IACzB;;;;IAIG;QACH,gBAAgB,CACZ,GAAW,EACX,OAA0B,EAAA;YAE1B,OAAO,gBAAgB,CAAC,qBAAqB,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAChE,CAAC;IAED;;;;IAIG;QACH,gBAAgB,CACZ,GAAW,EACX,OAA0B,EAAA;YAE1B,OAAO,gBAAgB,CAAC,qBAAqB,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAChE,CAAC;IAED;;;;IAIG;IACK,IAAA,OAAO,qBAAqB,CAChC,GAAW,EACX,OAA0B,EAAA;YAE1B,IAAI,OAAO,CAAC,SAAS,EAAE;gBACnB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAChC,QAAA,CAAA;IAAM,aAAA;gBACH,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC/B,QAAA,CAAA;YAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,KAAI;gBACnC,UAAU,CAAC,MAAK;IACZ,gBAAA,MAAM,CACF,sBAAsB,CAClBC,QAA8B,EAC9B,EAAE,EACF,oBAAoB,CACvB,CACJ,CAAC;IACN,YAAA,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;IACxB,QAAA,CAAC,CAAC,CAAC;QACP,CAAC;IACJ;;IChED;;;IAGG;IA8BI,MAAM,2BAA2B,GAAG,KAAK;;ICjChD;;;IAGG;IAEI,MAAM,MAAM,GAAG,MAAM;;ICL5B;;;IAGG;IAeH;;;;;;;;;;;;IAYG;IACI,eAAe,4BAA4B,CAC9C,gBAAmC,EAAA;IAEnC,IAAA,QAAQ,CAAC,KAAK,GAAG,0BAA0B,CAAC;IAE5C,IAAA,IAAI,cAAc,CAAC;QACnB,IAAI;YACA,cAAc,GAAG,wBAAwB,EAAE,CAAC;IAC/C,IAAA,CAAA;IAAC,IAAA,OAAO,KAAK,EAAE;;IAEZ,QAAAC,wBAAqC,CAAC,MAAM,CAAC,CAAC;IAC9C,QAAA,MAAM,KAAK,CAAC;IACf,IAAA,CAAA;IAED,IAAA,MAAM,EACF,OAAO,EACP,OAAO,EACP,QAAQ,EACR,iBAAiB,EACjB,kBAAkB,EAClB,YAAY,GACf,GAAG,cAAc,CAAC;IAEnB,IAAA,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,YAAY,CAAC;QAElC,IAAI,IAAI,CAAC,iBAAiB,CAAC,KAAK,eAAe,CAAC,QAAQ,EAAE;IACtD,QAAA,MAAM,SAAS,GAAG,gBAAgB,IAAI,IAAI,gBAAgB,EAAE,CAAC;YAE7D,IAAI,aAAa,GAAG,EAAE,CAAC;YACvB,IAAI,QAAQ,GAAG,EAAE,CAAC;YAClB,IAAI,eAAe,GAAG,EAAE,CAAC;YACzB,MAAM,cAAc,GAAG,CAAA,EAAG,MAAM,IAAI,kBAAkB,CAAC,sBAAsB,CAAA,CAAE,CAAC;IAChF;;;;IAIG;YACH,IAAI;gBACA,MAAM,oBAAoB,GACtB,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;gBAClD,MAAM,iBAAiB,GAAG,IAAI,CAAC,KAAK,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC;IACjE,YAAA,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,IAAI,EAAE,CAAC;IAC5C,YAAA,eAAe,GAAG,iBAAiB,CAAC,IAAI,CAAC;IAEzC,YAAA,IAAI,QAAQ,EAAE;oBACV,MAAM,SAAS,GAAG,CAAA,EAAG,MAAM,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAA,EAAI,kBAAkB,CAAC,UAAU,CAAA,CAAE,CAAC;oBAC3E,aAAa,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAClE,YAAA,CAAA;IACJ,QAAA,CAAA;YAAC,MAAM;;IAEP,QAAA,CAAA;IAED,QAAA,MAAM,iBAAiB,GAAsB;IACzC,YAAA,KAAK,EACD,eAAe,KAAK,gBAAgB,CAAC,OAAO;sBACtC,KAAK,CAAC,MAAM;sBACZ,KAAK,CAAC,qBAAqB;IACrC,YAAA,SAAS,EAAE,IAAI;IACf,YAAA,OAAO,EAAE,2BAA2B;aACvC,CAAC;IAEF;;;;;;;;;;;;;;;;;IAiBG;IACH,QAAA,IAAI,QAAQ,EAAE;gBACV,IAAI;IACA,gBAAA,MAAM,CAAC,cAAc,CAAC,OAAO,CACzB,GAAG,MAAM,CAAA,CAAA,EAAI,QAAQ,CAAA,CAAA,EAAI,kBAAkB,CAAC,QAAQ,EAAE,EACtD,OAAO,CACV,CAAC;IACL,YAAA,CAAA;gBAAC,MAAM;;IAEP,YAAA,CAAA;IACJ,QAAA,CAAA;YAED,MAAM,GAAG,GAAG,aAAa,IAAIC,WAAwB,EAAE,CAAC;;YAExD,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC;YAEjE,MAAM,SAAS,CAAC,gBAAgB,CAAC,aAAa,EAAE,iBAAiB,CAAC,CAAC;;YAGnE,OAAO;IACV,IAAA,CAAA;;QAGD,IAAI,OAAO,MAAM,CAAC,OAAO,CAAC,YAAY,KAAK,UAAU,EAAE;IACnD,QAAA,IAAI,MAAM,GAAG,CAAA,EAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAA,EAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;;IAEpE,QAAA,IAAI,CAAC,iBAAiB,IAAI,OAAO,EAAE;gBAC/B,MAAM,IAAI,OAAO,CAAC;IACrB,QAAA,CAAA;;IAED,QAAA,IAAI,CAAC,kBAAkB,IAAI,QAAQ,EAAE;gBACjC,MAAM,IAAI,QAAQ,CAAC;IACtB,QAAA,CAAA;YACD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IACjD,IAAA,CAAA;;IAGD,IAAA,MAAM,OAAO,GAAG,IAAI,gBAAgB,CAAC,EAAE,CAAC,CAAC;QACzC,OAAO,CAAC,WAAW,CAAC;IAChB,QAAA,CAAC,EAAE,CAAC;YACJ,OAAO;IACV,KAAA,CAAC,CAAC;QACH,OAAO,CAAC,KAAK,EAAE,CAAC;QAChB,IAAI;YACA,MAAM,CAAC,KAAK,EAAE,CAAC;IAClB,IAAA,CAAA;IAAC,IAAA,MAAM,EAAA,CAAE;IACd;;;;;;;;"}
@@ -1,2 +1,2 @@
1
- /*! @azure/msal-browser v5.17.0 2026-07-07 */
1
+ /*! @azure/msal-browser v5.17.1 2026-07-15 */
2
2
  "use strict";!function(t,e){"object"==typeof exports&&"undefined"!=typeof module?e(exports):"function"==typeof define&&define.amd?define(["exports"],e):e((t="undefined"!=typeof globalThis?globalThis:t||self).msalRedirectBridge={})}(this,function(t){const e="common",r="organizations";class n extends Error{constructor(t,e,r,o){const s=r||(t?`See https://aka.ms/msal.js.errors#${t} for details`:"");super(s?`${t}: ${s}`:t),Object.setPrototypeOf(this,n.prototype),this.errorCode=t||"",this.errorMessage=s||"",this.subError=o||"",this.correlationId=e,this.name="AuthError"}}class o extends n{constructor(t,e,r){super(t,e,r),this.name="ClientAuthError",Object.setPrototypeOf(this,o.prototype)}}function s(t,e,r){return new o(t,e,r)}const i="invalid_state";class a extends n{constructor(t,e){super(t,e),this.name="ClientConfigurationError",Object.setPrototypeOf(this,a.prototype)}}function c(t,e){return new a(t,e)}const l="url_parse_error";class u{static isEmptyObj(t){if(t)try{const e=JSON.parse(t);return 0===Object.keys(e).length}catch(t){}return!0}static startsWith(t,e){return 0===t.indexOf(e)}static endsWith(t,e){return t.length>=e.length&&t.lastIndexOf(e)===t.length-e.length}static queryStringToObject(t){const e={},r=t.split("&"),n=t=>decodeURIComponent(t.replace(/\+/g," "));return r.forEach(t=>{if(t.trim()){const[r,o]=t.split(/=(.+)/g,2);r&&o&&(e[n(r)]=n(o))}}),e}static trimArrayEntries(t){return t.map(t=>t.trim())}static removeEmptyStringsFromArray(t){return t.filter(t=>!!t)}static jsonParseHelper(t){try{return JSON.parse(t)}catch(t){return null}}}class h{get urlString(){return this._urlString}constructor(t,e){if(this._urlString=t,this.correlationId=e,!this._urlString)throw c("empty_url_error",e);t.includes("#")||(this._urlString=h.canonicalizeUri(t))}static canonicalizeUri(t){if(t){let e=t.toLowerCase();return u.endsWith(e,"?")?e=e.slice(0,-1):u.endsWith(e,"?/")&&(e=e.slice(0,-2)),u.endsWith(e,"/")||(e+="/"),e}return t}validateAsUri(){let t;try{t=this.getUrlComponents()}catch(t){throw c(l,this.correlationId)}if(!t.HostNameAndPort||!t.PathSegments)throw c(l,this.correlationId);if(!t.Protocol||"https:"!==t.Protocol.toLowerCase())throw c("authority_uri_insecure",this.correlationId)}static appendQueryString(t,e){return e?t.indexOf("?")<0?`${t}?${e}`:`${t}&${e}`:t}static removeHashFromUrl(t){return h.canonicalizeUri(t.split("#")[0])}replaceTenantPath(t){const n=this.getUrlComponents(),o=n.PathSegments;return!t||0===o.length||o[0]!==e&&o[0]!==r||(o[0]=t),h.constructAuthorityUriFromObject(n,this.correlationId)}getUrlComponents(){const t=RegExp("^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\\?([^#]*))?(#(.*))?"),e=this.urlString.match(t);if(!e)throw c(l,this.correlationId);const r={Protocol:e[1],HostNameAndPort:e[4],AbsolutePath:e[5],QueryString:e[7]};let n=r.AbsolutePath.split("/");return n=n.filter(t=>t&&t.length>0),r.PathSegments=n,r.QueryString&&r.QueryString.endsWith("/")&&(r.QueryString=r.QueryString.substring(0,r.QueryString.length-1)),r}static getDomainFromUrl(t,e){const r=RegExp("^([^:/?#]+://)?([^/?#]*)"),n=t.match(r);if(!n)throw c(l,e);return n[2]}static getAbsoluteUrl(t,e,r){if("/"===t[0]){const n=new h(e,r).getUrlComponents();return n.Protocol+"//"+n.HostNameAndPort+t}return t}static constructAuthorityUriFromObject(t,e){return new h(t.Protocol+"//"+t.HostNameAndPort+"/"+t.PathSegments.join("/"),e)}}const d="invalid_base64_string";class p extends n{constructor(t,e,r){super(t,e,`See https://aka.ms/msal.js.errors#${t} for details`,r),Object.setPrototypeOf(this,p.prototype),this.name="BrowserAuthError"}}function g(t,e,r){return new p(t,e,r)}function f(t){return(new TextDecoder).decode(function(t){let e=t.replace(/-/g,"+").replace(/_/g,"/");switch(e.length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw g(d,"")}const r=atob(e);return Uint8Array.from(r,t=>t.codePointAt(0)||0)}(t))}const m="signout",w="request.origin",y="urlHash",S="interaction.status",b=865,P=961;var _;function $(){const t=window.location.hash,e=window.location.search;let r,n=!1,o=!1,a="";if(t&&t.length>1){const e="#"===t.charAt(0)?t.substring(1):t,o=new URLSearchParams(e);o.has("state")&&(n=!0,a=e,r=o)}if(e&&e.length>1){const t="?"===e.charAt(0)?e.substring(1):e,n=new URLSearchParams(t);n.has("state")&&(o=!0,a=t,r=n)}if(n&&o){a=`${"?"===e.charAt(0)?e.substring(1):e}${"#"===t.charAt(0)?t.substring(1):t}`,r=new URLSearchParams(a)}if(!a||!r)throw g("empty_response","");const c=r.get("state");if(!c)throw g("no_state_in_hash","");const{libraryState:l}=function(t,e,r){if(!t)throw s("no_crypto_object",r);if(!e)throw s(i,r);try{const r=e.split("|"),n=r[0],o=r.length>1?r.slice(1).join("|"):"",s=t(n);return{userRequestState:o||"",libraryState:JSON.parse(s)}}catch(t){throw s(i,r)}}(f,c,""),{id:u,meta:h}=l;if(!u||!h)throw g("unable_to_parse_state","","missing_library_state");return{params:r,payload:a,urlHash:t,urlQuery:e,hasResponseInHash:n,hasResponseInQuery:o,libraryState:{id:u,meta:h}}}!function(t){t.Redirect="redirect",t.Popup="popup",t.Silent="silent",t.None="none"}(_||(_={}));class A{navigateInternal(t,e){return A.defaultNavigateWindow(t,e)}navigateExternal(t,e){return A.defaultNavigateWindow(t,e)}static defaultNavigateWindow(t,e){return e.noHistory?window.location.replace(t):window.location.assign(t),new Promise((t,r)=>{setTimeout(()=>{r(g("timed_out","","failed_to_redirect"))},e.timeout)})}}const I="msal";t.broadcastResponseToMainFrame=async function(t){let e;document.title="Microsoft Authentication";try{e=$()}catch(t){throw r=window,"function"==typeof r.history?.replaceState&&r.history.replaceState(null,"",`${r.location.origin}${r.location.pathname}`),t}var r;const{payload:n,urlHash:o,urlQuery:s,hasResponseInHash:i,hasResponseInQuery:a,libraryState:c}=e,{id:l,meta:u}=c;if(u.interactionType===_.Redirect){const e=t||new A;let r="",o="",s="";const i=`${I}.${S}`;try{const t=window.sessionStorage.getItem(i),e=JSON.parse(t||"");if(o=e.clientId||"",s=e.type,o){const t=`${I}.${o}.${w}`;r=window.sessionStorage.getItem(t)||""}}catch{}const a={apiId:s===m?P:b,noHistory:!0,timeout:3e4};if(o)try{window.sessionStorage.setItem(`${I}.${o}.${y}`,n)}catch{}const c=r||function(){const t=new h(window.location.href,"").getUrlComponents();return`${t.Protocol}//${t.HostNameAndPort}/`}(),l=c.endsWith("?")?c.slice(0,-1):c;return void await e.navigateInternal(l,a)}if("function"==typeof window.history.replaceState){let t=`${window.location.origin}${window.location.pathname}`;!i&&o&&(t+=o),!a&&s&&(t+=s),window.history.replaceState(null,"",t)}const d=new BroadcastChannel(l);d.postMessage({v:1,payload:n}),d.close();try{window.close()}catch{}}});
package/package.json CHANGED
@@ -10,7 +10,7 @@
10
10
  "type": "git",
11
11
  "url": "https://github.com/AzureAD/microsoft-authentication-library-for-js.git"
12
12
  },
13
- "version": "5.17.0",
13
+ "version": "5.17.1",
14
14
  "description": "Microsoft Authentication Library for js",
15
15
  "keywords": [
16
16
  "implicit",
@@ -140,6 +140,6 @@
140
140
  "typescript": "^4.9.5"
141
141
  },
142
142
  "dependencies": {
143
- "@azure/msal-common": "16.11.1"
143
+ "@azure/msal-common": "16.11.2"
144
144
  }
145
145
  }
@@ -25,6 +25,14 @@ const AES_GCM = "AES-GCM";
25
25
  const HKDF = "HKDF";
26
26
  // SHA-256 hashing algorithm
27
27
  const S256_HASH_ALG = "SHA-256";
28
+ // JWK values used by browser-internal WebCrypto helpers.
29
+ const JSON_WEB_KEY_CURVE_P256 = "P-256";
30
+ const JSON_WEB_KEY_TYPE_EC = "EC";
31
+ const JSON_WEB_KEY_TYPE_RSA = "RSA";
32
+ const MISSING_JWK_KTY_SUBERROR = "missing_jwk_kty";
33
+ const UNSUPPORTED_JWK_KTY_SUBERROR = "unsupported_jwk_kty";
34
+ const MISSING_JWK_MEMBER_SUBERROR = "missing_jwk_member";
35
+ const EMPTY_JWK_MEMBER_SUBERROR = "empty_jwk_member";
28
36
  // MOD length for PoP tokens
29
37
  const MODULUS_LENGTH = 2048;
30
38
  // Public Exponent
@@ -44,13 +52,27 @@ const DERIVE_KEY = "deriveKey";
44
52
  // Suberror
45
53
  const SUBTLE_SUBERROR = "crypto_subtle_undefined";
46
54
 
47
- const keygenAlgorithmOptions: RsaHashedKeyGenParams = {
55
+ export const RSA_KEYGEN_ALGORITHM_OPTIONS: RsaHashedKeyGenParams = {
48
56
  name: PKCS1_V15_KEYGEN_ALG,
49
57
  hash: S256_HASH_ALG,
50
58
  modulusLength: MODULUS_LENGTH,
51
59
  publicExponent: PUBLIC_EXPONENT,
52
60
  };
53
61
 
62
+ export const RSA_SIGN_ALGORITHM_OPTIONS: Algorithm = {
63
+ name: PKCS1_V15_KEYGEN_ALG,
64
+ };
65
+
66
+ export const ECDSA_P256_KEYGEN_ALGORITHM_OPTIONS: EcKeyGenParams = {
67
+ name: "ECDSA",
68
+ namedCurve: JSON_WEB_KEY_CURVE_P256,
69
+ };
70
+
71
+ export const ECDSA_SHA256_SIGN_ALGORITHM_OPTIONS: EcdsaParams = {
72
+ name: "ECDSA",
73
+ hash: { name: S256_HASH_ALG },
74
+ };
75
+
54
76
  /**
55
77
  * Check whether browser crypto is available.
56
78
  */
@@ -157,16 +179,18 @@ export function createNewGuid(): string {
157
179
  }
158
180
 
159
181
  /**
160
- * Generates a keypair based on current keygen algorithm config.
182
+ * Generates a keypair based on the provided algorithm config.
161
183
  * @param extractable
162
184
  * @param usages
185
+ * @param algorithm
163
186
  */
164
187
  export async function generateKeyPair(
165
188
  extractable: boolean,
166
- usages: Array<KeyUsage>
189
+ usages: Array<KeyUsage>,
190
+ algorithm: AlgorithmIdentifier
167
191
  ): Promise<CryptoKeyPair> {
168
192
  return window.crypto.subtle.generateKey(
169
- keygenAlgorithmOptions,
193
+ algorithm,
170
194
  extractable,
171
195
  usages
172
196
  ) as Promise<CryptoKeyPair>;
@@ -188,32 +212,36 @@ export async function exportJwk(key: CryptoKey): Promise<JsonWebKey> {
188
212
  * @param key
189
213
  * @param extractable
190
214
  * @param usages
215
+ * @param algorithm
191
216
  */
192
217
  export async function importJwk(
193
218
  key: JsonWebKey,
194
219
  extractable: boolean,
195
- usages: Array<KeyUsage>
220
+ usages: Array<KeyUsage>,
221
+ algorithm: AlgorithmIdentifier
196
222
  ): Promise<CryptoKey> {
197
223
  return window.crypto.subtle.importKey(
198
224
  KEY_FORMAT_JWK,
199
225
  key,
200
- keygenAlgorithmOptions,
226
+ algorithm,
201
227
  extractable,
202
228
  usages
203
229
  ) as Promise<CryptoKey>;
204
230
  }
205
231
 
206
232
  /**
207
- * Signs given data with given key
233
+ * Signs given data with given key.
208
234
  * @param key
209
235
  * @param data
236
+ * @param algorithm
210
237
  */
211
238
  export async function sign(
212
239
  key: CryptoKey,
213
- data: ArrayBuffer
240
+ data: ArrayBuffer,
241
+ algorithm: AlgorithmIdentifier
214
242
  ): Promise<ArrayBuffer> {
215
243
  return window.crypto.subtle.sign(
216
- keygenAlgorithmOptions,
244
+ algorithm,
217
245
  key,
218
246
  data
219
247
  ) as Promise<ArrayBuffer>;
@@ -428,3 +456,70 @@ export async function hashString(plainText: string): Promise<string> {
428
456
  const hashBytes = new Uint8Array(hashBuffer);
429
457
  return urlEncodeArr(hashBytes);
430
458
  }
459
+
460
+ const JWK_THUMBPRINT_REQUIRED_MEMBERS: Record<string, Array<string>> = {
461
+ [JSON_WEB_KEY_TYPE_EC]: ["crv", "kty", "x", "y"],
462
+ [JSON_WEB_KEY_TYPE_RSA]: ["e", "kty", "n"],
463
+ };
464
+
465
+ function getJwkThumbprintMembers(
466
+ publicJwk: JsonWebKey
467
+ ): Record<string, string> {
468
+ const kty = publicJwk.kty;
469
+ if (typeof kty !== "string" || kty.length === 0) {
470
+ throw createBrowserAuthError(
471
+ BrowserAuthErrorCodes.invalidPublicJwk,
472
+ "",
473
+ MISSING_JWK_KTY_SUBERROR
474
+ );
475
+ }
476
+
477
+ const requiredMembers = JWK_THUMBPRINT_REQUIRED_MEMBERS[kty];
478
+ if (!requiredMembers) {
479
+ throw createBrowserAuthError(
480
+ BrowserAuthErrorCodes.invalidPublicJwk,
481
+ "",
482
+ UNSUPPORTED_JWK_KTY_SUBERROR
483
+ );
484
+ }
485
+
486
+ return requiredMembers.reduce((thumbprintMembers, memberName) => {
487
+ const memberValue = publicJwk[memberName as keyof JsonWebKey];
488
+ if (typeof memberValue !== "string") {
489
+ throw createBrowserAuthError(
490
+ BrowserAuthErrorCodes.invalidPublicJwk,
491
+ "",
492
+ MISSING_JWK_MEMBER_SUBERROR
493
+ );
494
+ }
495
+
496
+ if (memberValue.length === 0) {
497
+ throw createBrowserAuthError(
498
+ BrowserAuthErrorCodes.invalidPublicJwk,
499
+ "",
500
+ EMPTY_JWK_MEMBER_SUBERROR
501
+ );
502
+ }
503
+
504
+ thumbprintMembers[memberName] = memberValue;
505
+ return thumbprintMembers;
506
+ }, {} as Record<string, string>);
507
+ }
508
+
509
+ /**
510
+ * Computes an RFC 7638 JWK thumbprint for a public key.
511
+ * The required members for the JWK key type are serialised in lexicographic order
512
+ * and the SHA-256 digest is returned as a base64url string.
513
+ * @internal
514
+ */
515
+ export async function computeJwkThumbprint(
516
+ publicJwk: JsonWebKey
517
+ ): Promise<string> {
518
+ const thumbprintMembers = getJwkThumbprintMembers(publicJwk);
519
+ // RFC 7638 §3.3: use only required members, sorted lexicographically
520
+ const thumbprintJson = JSON.stringify(
521
+ thumbprintMembers,
522
+ Object.keys(thumbprintMembers).sort()
523
+ );
524
+ return hashString(thumbprintJson);
525
+ }
@@ -123,7 +123,8 @@ export class CryptoOps implements ICrypto {
123
123
  // Generate Keypair
124
124
  const keyPair: CryptoKeyPair = await BrowserCrypto.generateKeyPair(
125
125
  CryptoOps.EXTRACTABLE,
126
- CryptoOps.POP_KEY_USAGES
126
+ CryptoOps.POP_KEY_USAGES,
127
+ BrowserCrypto.RSA_KEYGEN_ALGORITHM_OPTIONS
127
128
  );
128
129
 
129
130
  // Generate Thumbprint for Public Key
@@ -131,15 +132,9 @@ export class CryptoOps implements ICrypto {
131
132
  keyPair.publicKey
132
133
  );
133
134
 
134
- const pubKeyThumprintObj: JsonWebKey = {
135
- e: publicKeyJwk.e,
136
- kty: publicKeyJwk.kty,
137
- n: publicKeyJwk.n,
138
- };
139
-
140
- const publicJwkString: string =
141
- getSortedObjectString(pubKeyThumprintObj);
142
- const publicJwkHash = await this.hashString(publicJwkString);
135
+ const publicJwkHash = await BrowserCrypto.computeJwkThumbprint(
136
+ publicKeyJwk
137
+ );
143
138
 
144
139
  // Generate Thumbprint for Private Key
145
140
  const privateKeyJwk: JsonWebKey = await BrowserCrypto.exportJwk(
@@ -147,7 +142,12 @@ export class CryptoOps implements ICrypto {
147
142
  );
148
143
  // Re-import private key to make it unextractable
149
144
  const unextractablePrivateKey: CryptoKey =
150
- await BrowserCrypto.importJwk(privateKeyJwk, false, ["sign"]);
145
+ await BrowserCrypto.importJwk(
146
+ privateKeyJwk,
147
+ false,
148
+ ["sign"],
149
+ BrowserCrypto.RSA_KEYGEN_ALGORITHM_OPTIONS
150
+ );
151
151
 
152
152
  // Store Keypair data in keystore
153
153
  await this.cache.setItem(
@@ -278,7 +278,8 @@ export class CryptoOps implements ICrypto {
278
278
  const tokenBuffer = encoder.encode(tokenString);
279
279
  const signatureBuffer = await BrowserCrypto.sign(
280
280
  cachedKeyPair.privateKey,
281
- tokenBuffer
281
+ tokenBuffer,
282
+ BrowserCrypto.RSA_SIGN_ALGORITHM_OPTIONS
282
283
  );
283
284
  const encodedSignature = urlEncodeArr(new Uint8Array(signatureBuffer));
284
285
 
@@ -42,6 +42,7 @@ export const getRequestFailed = "get_request_failed";
42
42
  export const failedToParseResponse = "failed_to_parse_response";
43
43
  export const unableToLoadToken = "unable_to_load_token";
44
44
  export const cryptoKeyNotFound = "crypto_key_not_found";
45
+ export const invalidPublicJwk = "invalid_public_jwk";
45
46
  export const authCodeRequired = "auth_code_required";
46
47
  export const authCodeOrNativeAccountIdRequired =
47
48
  "auth_code_or_nativeAccountId_required";
@@ -1,3 +1,3 @@
1
1
  /* eslint-disable header/header */
2
2
  export const name = "@azure/msal-browser";
3
- export const version = "5.17.0";
3
+ export const version = "5.17.1";
@@ -1,3 +1,7 @@
1
+ export declare const RSA_KEYGEN_ALGORITHM_OPTIONS: RsaHashedKeyGenParams;
2
+ export declare const RSA_SIGN_ALGORITHM_OPTIONS: Algorithm;
3
+ export declare const ECDSA_P256_KEYGEN_ALGORITHM_OPTIONS: EcKeyGenParams;
4
+ export declare const ECDSA_SHA256_SIGN_ALGORITHM_OPTIONS: EcdsaParams;
1
5
  /**
2
6
  * Check whether browser crypto is available.
3
7
  */
@@ -21,11 +25,12 @@ export declare function getRandomValues(dataBuffer: Uint8Array): Uint8Array;
21
25
  */
22
26
  export declare function createNewGuid(): string;
23
27
  /**
24
- * Generates a keypair based on current keygen algorithm config.
28
+ * Generates a keypair based on the provided algorithm config.
25
29
  * @param extractable
26
30
  * @param usages
31
+ * @param algorithm
27
32
  */
28
- export declare function generateKeyPair(extractable: boolean, usages: Array<KeyUsage>): Promise<CryptoKeyPair>;
33
+ export declare function generateKeyPair(extractable: boolean, usages: Array<KeyUsage>, algorithm: AlgorithmIdentifier): Promise<CryptoKeyPair>;
29
34
  /**
30
35
  * Export key as Json Web Key (JWK)
31
36
  * @param key
@@ -36,14 +41,16 @@ export declare function exportJwk(key: CryptoKey): Promise<JsonWebKey>;
36
41
  * @param key
37
42
  * @param extractable
38
43
  * @param usages
44
+ * @param algorithm
39
45
  */
40
- export declare function importJwk(key: JsonWebKey, extractable: boolean, usages: Array<KeyUsage>): Promise<CryptoKey>;
46
+ export declare function importJwk(key: JsonWebKey, extractable: boolean, usages: Array<KeyUsage>, algorithm: AlgorithmIdentifier): Promise<CryptoKey>;
41
47
  /**
42
- * Signs given data with given key
48
+ * Signs given data with given key.
43
49
  * @param key
44
50
  * @param data
51
+ * @param algorithm
45
52
  */
46
- export declare function sign(key: CryptoKey, data: ArrayBuffer): Promise<ArrayBuffer>;
53
+ export declare function sign(key: CryptoKey, data: ArrayBuffer, algorithm: AlgorithmIdentifier): Promise<ArrayBuffer>;
47
54
  /**
48
55
  * Generates Base64 encoded jwk used in the Encrypted Authorize Response (EAR) flow
49
56
  */
@@ -93,4 +100,11 @@ export declare function decrypt(baseKey: CryptoKey, nonce: string, context: stri
93
100
  * @param plainText
94
101
  */
95
102
  export declare function hashString(plainText: string): Promise<string>;
103
+ /**
104
+ * Computes an RFC 7638 JWK thumbprint for a public key.
105
+ * The required members for the JWK key type are serialised in lexicographic order
106
+ * and the SHA-256 digest is returned as a base64url string.
107
+ * @internal
108
+ */
109
+ export declare function computeJwkThumbprint(publicJwk: JsonWebKey): Promise<string>;
96
110
  //# sourceMappingURL=BrowserCrypto.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"BrowserCrypto.d.ts","sourceRoot":"","sources":["../../src/crypto/BrowserCrypto.ts"],"names":[],"mappings":"AAqDA;;GAEG;AACH,wBAAgB,uBAAuB,CACnC,wBAAwB,EAAE,OAAO,GAClC,IAAI,CAoBN;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAO3E;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAElE;AAWD;;;;GAIG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAuCtC;AAED;;;;GAIG;AACH,wBAAsB,eAAe,CACjC,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,GACxB,OAAO,CAAC,aAAa,CAAC,CAMxB;AAED;;;GAGG;AACH,wBAAsB,SAAS,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAKnE;AAED;;;;;GAKG;AACH,wBAAsB,SAAS,CAC3B,GAAG,EAAE,UAAU,EACf,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,GACxB,OAAO,CAAC,SAAS,CAAC,CAQpB;AAED;;;;GAIG;AACH,wBAAsB,IAAI,CACtB,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,WAAW,GAClB,OAAO,CAAC,WAAW,CAAC,CAMtB;AAED;;GAEG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAWtD;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CASrE;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CACpC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAiDjB;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,WAAW,CAAC,CAU5D;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAI3E;AA4BD;;;;GAIG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,GAChB,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAkB1C;AAED;;;;;;GAMG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,MAAM,CAAC,CAajB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAInE"}
1
+ {"version":3,"file":"BrowserCrypto.d.ts","sourceRoot":"","sources":["../../src/crypto/BrowserCrypto.ts"],"names":[],"mappings":"AAsDA,eAAO,MAAM,4BAA4B,EAAE,qBAK1C,CAAC;AAEF,eAAO,MAAM,0BAA0B,EAAE,SAExC,CAAC;AAEF,eAAO,MAAM,mCAAmC,EAAE,cAGjD,CAAC;AAEF,eAAO,MAAM,mCAAmC,EAAE,WAGjD,CAAC;AAEF;;GAEG;AACH,wBAAgB,uBAAuB,CACnC,wBAAwB,EAAE,OAAO,GAClC,IAAI,CAoBN;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,CAAC,CAO3E;AAED;;;GAGG;AACH,wBAAgB,eAAe,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAElE;AAWD;;;;GAIG;AACH,wBAAgB,aAAa,IAAI,MAAM,CAuCtC;AAED;;;;;GAKG;AACH,wBAAsB,eAAe,CACjC,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,EACvB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,aAAa,CAAC,CAMxB;AAED;;;GAGG;AACH,wBAAsB,SAAS,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAKnE;AAED;;;;;;GAMG;AACH,wBAAsB,SAAS,CAC3B,GAAG,EAAE,UAAU,EACf,WAAW,EAAE,OAAO,EACpB,MAAM,EAAE,KAAK,CAAC,QAAQ,CAAC,EACvB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,SAAS,CAAC,CAQpB;AAED;;;;;GAKG;AACH,wBAAsB,IAAI,CACtB,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,WAAW,EACjB,SAAS,EAAE,mBAAmB,GAC/B,OAAO,CAAC,WAAW,CAAC,CAMtB;AAED;;GAEG;AACH,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAWtD;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CASrE;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CACpC,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,CAAC,CAiDjB;AAED;;GAEG;AACH,wBAAsB,eAAe,IAAI,OAAO,CAAC,WAAW,CAAC,CAU5D;AAED;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAI3E;AA4BD;;;;GAIG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,GAChB,OAAO,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAAC,CAkB1C;AAED;;;;;;GAMG;AACH,wBAAsB,OAAO,CACzB,OAAO,EAAE,SAAS,EAClB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,MAAM,CAAC,CAajB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAInE;AAmDD;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACtC,SAAS,EAAE,UAAU,GACtB,OAAO,CAAC,MAAM,CAAC,CAQjB"}
@@ -1 +1 @@
1
- {"version":3,"file":"CryptoOps.d.ts","sourceRoot":"","sources":["../../src/crypto/CryptoOps.ts"],"names":[],"mappings":"AAKA,OAAO,EAGH,OAAO,EACP,kBAAkB,EAElB,MAAM,EACN,UAAU,EACV,iBAAiB,EACjB,2BAA2B,EAC9B,MAAM,4BAA4B,CAAC;AAepC,MAAM,MAAM,aAAa,GAAG;IACxB,SAAS,EAAE,SAAS,CAAC;IACrB,UAAU,EAAE,SAAS,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;GAGG;AACH,qBAAa,SAAU,YAAW,OAAO;IACrC,OAAO,CAAC,MAAM,CAAS;IAEvB;;;OAGG;IACH,OAAO,CAAC,iBAAiB,CAAiC;IAE1D,OAAO,CAAC,MAAM,CAAC,cAAc,CAAuC;IACpE,OAAO,CAAC,MAAM,CAAC,WAAW,CAAiB;IAC3C,OAAO,CAAC,KAAK,CAAoC;gBAG7C,MAAM,EAAE,MAAM,EACd,iBAAiB,CAAC,EAAE,kBAAkB,EACtC,wBAAwB,CAAC,EAAE,OAAO;IAWtC;;;OAGG;IACH,aAAa,IAAI,MAAM;IAIvB;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAItC;;;;OAIG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACG,sBAAsB,CACxB,OAAO,EAAE,2BAA2B,GACrC,OAAO,CAAC,MAAM,CAAC;IAyDlB;;;;OAIG;IACG,qBAAqB,CACvB,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,IAAI,CAAC;IAWhB;;;OAGG;IACG,aAAa,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4B5D;;;;OAIG;IACG,OAAO,CACT,OAAO,EAAE,iBAAiB,EAC1B,GAAG,EAAE,MAAM,EACX,UAAU,CAAC,EAAE,UAAU,EACvB,aAAa,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IA8DlB;;;OAGG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAGvD"}
1
+ {"version":3,"file":"CryptoOps.d.ts","sourceRoot":"","sources":["../../src/crypto/CryptoOps.ts"],"names":[],"mappings":"AAKA,OAAO,EAGH,OAAO,EACP,kBAAkB,EAElB,MAAM,EACN,UAAU,EACV,iBAAiB,EACjB,2BAA2B,EAC9B,MAAM,4BAA4B,CAAC;AAepC,MAAM,MAAM,aAAa,GAAG;IACxB,SAAS,EAAE,SAAS,CAAC;IACrB,UAAU,EAAE,SAAS,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;CACvB,CAAC;AAEF;;;GAGG;AACH,qBAAa,SAAU,YAAW,OAAO;IACrC,OAAO,CAAC,MAAM,CAAS;IAEvB;;;OAGG;IACH,OAAO,CAAC,iBAAiB,CAAiC;IAE1D,OAAO,CAAC,MAAM,CAAC,cAAc,CAAuC;IACpE,OAAO,CAAC,MAAM,CAAC,WAAW,CAAiB;IAC3C,OAAO,CAAC,KAAK,CAAoC;gBAG7C,MAAM,EAAE,MAAM,EACd,iBAAiB,CAAC,EAAE,kBAAkB,EACtC,wBAAwB,CAAC,EAAE,OAAO;IAWtC;;;OAGG;IACH,aAAa,IAAI,MAAM;IAIvB;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACH,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAItC;;;;OAIG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAInC;;;OAGG;IACG,sBAAsB,CACxB,OAAO,EAAE,2BAA2B,GACrC,OAAO,CAAC,MAAM,CAAC;IAyDlB;;;;OAIG;IACG,qBAAqB,CACvB,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACtB,OAAO,CAAC,IAAI,CAAC;IAWhB;;;OAGG;IACG,aAAa,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IA4B5D;;;;OAIG;IACG,OAAO,CACT,OAAO,EAAE,iBAAiB,EAC1B,GAAG,EAAE,MAAM,EACX,UAAU,CAAC,EAAE,UAAU,EACvB,aAAa,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,MAAM,CAAC;IA+DlB;;;OAGG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAGvD"}