@azure/msal-common 15.2.1 → 15.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/account/AccountInfo.mjs +1 -1
- package/dist/account/AuthToken.mjs +1 -1
- package/dist/account/CcsCredential.mjs +1 -1
- package/dist/account/ClientInfo.mjs +1 -1
- package/dist/account/TokenClaims.mjs +1 -1
- package/dist/authority/Authority.mjs +1 -1
- package/dist/authority/AuthorityFactory.mjs +1 -1
- package/dist/authority/AuthorityMetadata.mjs +1 -1
- package/dist/authority/AuthorityOptions.mjs +1 -1
- package/dist/authority/AuthorityType.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryErrorResponse.mjs +1 -1
- package/dist/authority/CloudInstanceDiscoveryResponse.mjs +1 -1
- package/dist/authority/OpenIdConfigResponse.mjs +1 -1
- package/dist/authority/ProtocolMode.mjs +1 -1
- package/dist/authority/RegionDiscovery.mjs +1 -1
- package/dist/cache/CacheManager.mjs +1 -1
- package/dist/cache/entities/AccountEntity.mjs +1 -1
- package/dist/cache/persistence/TokenCacheContext.mjs +1 -1
- package/dist/cache/utils/CacheHelpers.mjs +1 -1
- package/dist/client/AuthorizationCodeClient.d.ts +0 -31
- package/dist/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/dist/client/AuthorizationCodeClient.mjs +41 -246
- package/dist/client/AuthorizationCodeClient.mjs.map +1 -1
- package/dist/client/BaseClient.d.ts.map +1 -1
- package/dist/client/BaseClient.mjs +9 -10
- package/dist/client/BaseClient.mjs.map +1 -1
- package/dist/client/RefreshTokenClient.d.ts.map +1 -1
- package/dist/client/RefreshTokenClient.mjs +27 -29
- package/dist/client/RefreshTokenClient.mjs.map +1 -1
- package/dist/client/SilentFlowClient.mjs +1 -1
- package/dist/config/ClientConfiguration.mjs +1 -1
- package/dist/constants/AADServerParamKeys.d.ts +1 -0
- package/dist/constants/AADServerParamKeys.d.ts.map +1 -1
- package/dist/constants/AADServerParamKeys.mjs +4 -3
- package/dist/constants/AADServerParamKeys.mjs.map +1 -1
- package/dist/crypto/ICrypto.mjs +1 -1
- package/dist/crypto/JoseHeader.mjs +1 -1
- package/dist/crypto/PopTokenGenerator.mjs +1 -1
- package/dist/error/AuthError.mjs +1 -1
- package/dist/error/AuthErrorCodes.mjs +1 -1
- package/dist/error/CacheError.mjs +1 -1
- package/dist/error/CacheErrorCodes.mjs +1 -1
- package/dist/error/ClientAuthError.mjs +1 -1
- package/dist/error/ClientAuthErrorCodes.mjs +1 -1
- package/dist/error/ClientConfigurationError.mjs +1 -1
- package/dist/error/ClientConfigurationErrorCodes.mjs +1 -1
- package/dist/error/InteractionRequiredAuthError.mjs +1 -1
- package/dist/error/InteractionRequiredAuthErrorCodes.mjs +1 -1
- package/dist/error/JoseHeaderError.mjs +1 -1
- package/dist/error/JoseHeaderErrorCodes.mjs +1 -1
- package/dist/error/NetworkError.mjs +1 -1
- package/dist/error/ServerError.mjs +1 -1
- package/dist/exports-common.d.ts +3 -2
- package/dist/exports-common.d.ts.map +1 -1
- package/dist/index-browser.mjs +5 -2
- package/dist/index-browser.mjs.map +1 -1
- package/dist/index-node.mjs +5 -2
- package/dist/index-node.mjs.map +1 -1
- package/dist/index.mjs +5 -2
- package/dist/index.mjs.map +1 -1
- package/dist/logger/Logger.mjs +1 -1
- package/dist/network/INetworkModule.mjs +1 -1
- package/dist/network/RequestThumbprint.mjs +1 -1
- package/dist/network/ThrottlingUtils.mjs +1 -1
- package/dist/packageMetadata.d.ts +1 -1
- package/dist/packageMetadata.mjs +2 -2
- package/dist/protocol/Authorize.d.ts +37 -0
- package/dist/protocol/Authorize.d.ts.map +1 -0
- package/dist/protocol/Authorize.mjs +237 -0
- package/dist/protocol/Authorize.mjs.map +1 -0
- package/dist/request/AuthenticationHeaderParser.mjs +1 -1
- package/dist/request/RequestParameterBuilder.d.ts +206 -218
- package/dist/request/RequestParameterBuilder.d.ts.map +1 -1
- package/dist/request/RequestParameterBuilder.mjs +356 -369
- package/dist/request/RequestParameterBuilder.mjs.map +1 -1
- package/dist/request/RequestValidator.mjs +1 -1
- package/dist/request/ScopeSet.mjs +1 -1
- package/dist/response/AuthorizeResponse.d.ts +72 -0
- package/dist/response/AuthorizeResponse.d.ts.map +1 -0
- package/dist/response/ResponseHandler.d.ts +0 -8
- package/dist/response/ResponseHandler.d.ts.map +1 -1
- package/dist/response/ResponseHandler.mjs +2 -49
- package/dist/response/ResponseHandler.mjs.map +1 -1
- package/dist/telemetry/performance/PerformanceClient.mjs +1 -1
- package/dist/telemetry/performance/PerformanceEvent.d.ts +1 -2
- package/dist/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/dist/telemetry/performance/PerformanceEvent.mjs +2 -11
- package/dist/telemetry/performance/PerformanceEvent.mjs.map +1 -1
- package/dist/telemetry/performance/StubPerformanceClient.mjs +1 -1
- package/dist/telemetry/server/ServerTelemetryManager.mjs +1 -1
- package/dist/url/UrlString.mjs +1 -1
- package/dist/utils/ClientAssertionUtils.mjs +1 -1
- package/dist/utils/Constants.mjs +1 -1
- package/dist/utils/FunctionWrappers.mjs +1 -1
- package/dist/utils/ProtocolUtils.mjs +1 -1
- package/dist/utils/StringUtils.mjs +1 -1
- package/dist/utils/TimeUtils.mjs +1 -1
- package/dist/utils/UrlUtils.d.ts +6 -2
- package/dist/utils/UrlUtils.d.ts.map +1 -1
- package/dist/utils/UrlUtils.mjs +12 -2
- package/dist/utils/UrlUtils.mjs.map +1 -1
- package/lib/index-browser.cjs +3 -2
- package/lib/index-browser.cjs.map +1 -1
- package/lib/{index-node--LMD5Re1.js → index-node-BjtDFnOl.js} +782 -768
- package/lib/index-node-BjtDFnOl.js.map +1 -0
- package/lib/index-node.cjs +3 -2
- package/lib/index-node.cjs.map +1 -1
- package/lib/index.cjs +3 -2
- package/lib/index.cjs.map +1 -1
- package/lib/types/client/AuthorizationCodeClient.d.ts +0 -31
- package/lib/types/client/AuthorizationCodeClient.d.ts.map +1 -1
- package/lib/types/client/BaseClient.d.ts.map +1 -1
- package/lib/types/client/RefreshTokenClient.d.ts.map +1 -1
- package/lib/types/constants/AADServerParamKeys.d.ts +1 -0
- package/lib/types/constants/AADServerParamKeys.d.ts.map +1 -1
- package/lib/types/exports-common.d.ts +3 -2
- package/lib/types/exports-common.d.ts.map +1 -1
- package/lib/types/packageMetadata.d.ts +1 -1
- package/lib/types/protocol/Authorize.d.ts +37 -0
- package/lib/types/protocol/Authorize.d.ts.map +1 -0
- package/lib/types/request/RequestParameterBuilder.d.ts +206 -218
- package/lib/types/request/RequestParameterBuilder.d.ts.map +1 -1
- package/lib/types/response/AuthorizeResponse.d.ts +72 -0
- package/lib/types/response/AuthorizeResponse.d.ts.map +1 -0
- package/lib/types/response/ResponseHandler.d.ts +0 -8
- package/lib/types/response/ResponseHandler.d.ts.map +1 -1
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts +1 -2
- package/lib/types/telemetry/performance/PerformanceEvent.d.ts.map +1 -1
- package/lib/types/utils/UrlUtils.d.ts +6 -2
- package/lib/types/utils/UrlUtils.d.ts.map +1 -1
- package/package.json +1 -1
- package/src/client/AuthorizationCodeClient.ts +84 -395
- package/src/client/BaseClient.ts +20 -12
- package/src/client/RefreshTokenClient.ts +60 -30
- package/src/constants/AADServerParamKeys.ts +1 -0
- package/src/exports-common.ts +4 -2
- package/src/packageMetadata.ts +1 -1
- package/src/protocol/Authorize.ts +409 -0
- package/src/request/RequestParameterBuilder.ts +508 -543
- package/src/response/AuthorizeResponse.ts +76 -0
- package/src/response/ResponseHandler.ts +0 -98
- package/src/telemetry/performance/PerformanceEvent.ts +1 -11
- package/src/utils/UrlUtils.ts +18 -4
- package/dist/response/ServerAuthorizationCodeResponse.d.ts +0 -27
- package/dist/response/ServerAuthorizationCodeResponse.d.ts.map +0 -1
- package/lib/index-node--LMD5Re1.js.map +0 -1
- package/lib/types/response/ServerAuthorizationCodeResponse.d.ts +0 -27
- package/lib/types/response/ServerAuthorizationCodeResponse.d.ts.map +0 -1
- package/src/response/ServerAuthorizationCodeResponse.ts +0 -34
package/dist/index-node.mjs
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v15.
|
|
1
|
+
/*! @azure/msal-common v15.3.0 2025-03-20 */
|
|
2
2
|
'use strict';
|
|
3
3
|
export { AuthorizationCodeClient } from './client/AuthorizationCodeClient.mjs';
|
|
4
4
|
export { RefreshTokenClient } from './client/RefreshTokenClient.mjs';
|
|
@@ -20,7 +20,10 @@ export { ThrottlingUtils } from './network/ThrottlingUtils.mjs';
|
|
|
20
20
|
export { getRequestThumbprint } from './network/RequestThumbprint.mjs';
|
|
21
21
|
export { UrlString } from './url/UrlString.mjs';
|
|
22
22
|
export { DEFAULT_CRYPTO_IMPLEMENTATION } from './crypto/ICrypto.mjs';
|
|
23
|
-
|
|
23
|
+
import * as Authorize from './protocol/Authorize.mjs';
|
|
24
|
+
export { Authorize as AuthorizeProtocol };
|
|
25
|
+
import * as RequestParameterBuilder from './request/RequestParameterBuilder.mjs';
|
|
26
|
+
export { RequestParameterBuilder };
|
|
24
27
|
export { ResponseHandler, buildAccountToCache } from './response/ResponseHandler.mjs';
|
|
25
28
|
export { ScopeSet } from './request/ScopeSet.mjs';
|
|
26
29
|
export { AuthenticationHeaderParser } from './request/AuthenticationHeaderParser.mjs';
|
package/dist/index-node.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index-node.mjs","sources":[],"sourcesContent":[],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index-node.mjs","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
|
package/dist/index.mjs
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/*! @azure/msal-common v15.
|
|
1
|
+
/*! @azure/msal-common v15.3.0 2025-03-20 */
|
|
2
2
|
'use strict';
|
|
3
3
|
export { AuthorizationCodeClient } from './client/AuthorizationCodeClient.mjs';
|
|
4
4
|
export { RefreshTokenClient } from './client/RefreshTokenClient.mjs';
|
|
@@ -20,7 +20,10 @@ export { ThrottlingUtils } from './network/ThrottlingUtils.mjs';
|
|
|
20
20
|
export { getRequestThumbprint } from './network/RequestThumbprint.mjs';
|
|
21
21
|
export { UrlString } from './url/UrlString.mjs';
|
|
22
22
|
export { DEFAULT_CRYPTO_IMPLEMENTATION } from './crypto/ICrypto.mjs';
|
|
23
|
-
|
|
23
|
+
import * as Authorize from './protocol/Authorize.mjs';
|
|
24
|
+
export { Authorize as AuthorizeProtocol };
|
|
25
|
+
import * as RequestParameterBuilder from './request/RequestParameterBuilder.mjs';
|
|
26
|
+
export { RequestParameterBuilder };
|
|
24
27
|
export { ResponseHandler, buildAccountToCache } from './response/ResponseHandler.mjs';
|
|
25
28
|
export { ScopeSet } from './request/ScopeSet.mjs';
|
|
26
29
|
export { AuthenticationHeaderParser } from './request/AuthenticationHeaderParser.mjs';
|
package/dist/index.mjs.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.mjs","sources":[],"sourcesContent":[],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.mjs","sources":[],"sourcesContent":[],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;"}
|
package/dist/logger/Logger.mjs
CHANGED
package/dist/packageMetadata.mjs
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
|
-
/*! @azure/msal-common v15.
|
|
1
|
+
/*! @azure/msal-common v15.3.0 2025-03-20 */
|
|
2
2
|
'use strict';
|
|
3
3
|
/* eslint-disable header/header */
|
|
4
4
|
const name = "@azure/msal-common";
|
|
5
|
-
const version = "15.
|
|
5
|
+
const version = "15.3.0";
|
|
6
6
|
|
|
7
7
|
export { name, version };
|
|
8
8
|
//# sourceMappingURL=packageMetadata.mjs.map
|
|
@@ -0,0 +1,37 @@
|
|
|
1
|
+
import { CommonAuthorizationUrlRequest } from "../request/CommonAuthorizationUrlRequest.js";
|
|
2
|
+
import { IPerformanceClient } from "../telemetry/performance/IPerformanceClient.js";
|
|
3
|
+
import { AuthOptions } from "../config/ClientConfiguration.js";
|
|
4
|
+
import { Logger } from "../logger/Logger.js";
|
|
5
|
+
import { Authority } from "../authority/Authority.js";
|
|
6
|
+
import { AuthorizationCodePayload } from "../response/AuthorizationCodePayload.js";
|
|
7
|
+
import { AuthorizeResponse } from "../response/AuthorizeResponse.js";
|
|
8
|
+
/**
|
|
9
|
+
* Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
|
|
10
|
+
* @param config
|
|
11
|
+
* @param request
|
|
12
|
+
* @param logger
|
|
13
|
+
* @param performanceClient
|
|
14
|
+
* @returns
|
|
15
|
+
*/
|
|
16
|
+
export declare function getStandardAuthorizeRequestParameters(authOptions: AuthOptions, request: CommonAuthorizationUrlRequest, logger: Logger, performanceClient?: IPerformanceClient): Map<string, string>;
|
|
17
|
+
/**
|
|
18
|
+
* Returns authorize endpoint with given request parameters in the query string
|
|
19
|
+
* @param authority
|
|
20
|
+
* @param requestParameters
|
|
21
|
+
* @returns
|
|
22
|
+
*/
|
|
23
|
+
export declare function getAuthorizeUrl(authority: Authority, requestParameters: Map<string, string>): string;
|
|
24
|
+
/**
|
|
25
|
+
* Handles the hash fragment response from public client code request. Returns a code response used by
|
|
26
|
+
* the client to exchange for a token in acquireToken.
|
|
27
|
+
* @param serverParams
|
|
28
|
+
* @param cachedState
|
|
29
|
+
*/
|
|
30
|
+
export declare function getAuthorizationCodePayload(serverParams: AuthorizeResponse, cachedState: string): AuthorizationCodePayload;
|
|
31
|
+
/**
|
|
32
|
+
* Function which validates server authorization code response.
|
|
33
|
+
* @param serverResponseHash
|
|
34
|
+
* @param requestState
|
|
35
|
+
*/
|
|
36
|
+
export declare function validateAuthorizationResponse(serverResponse: AuthorizeResponse, requestState: string): void;
|
|
37
|
+
//# sourceMappingURL=Authorize.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Authorize.d.ts","sourceRoot":"","sources":["../../src/protocol/Authorize.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,6BAA6B,EAAE,MAAM,6CAA6C,CAAC;AAE5F,OAAO,EAAE,kBAAkB,EAAE,MAAM,gDAAgD,CAAC;AAEpF,OAAO,EAAE,WAAW,EAAE,MAAM,kCAAkC,CAAC;AAG/D,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAE7C,OAAO,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAGtD,OAAO,EAAE,wBAAwB,EAAE,MAAM,yCAAyC,CAAC;AACnF,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAWrE;;;;;;;GAOG;AACH,wBAAgB,qCAAqC,CACjD,WAAW,EAAE,WAAW,EACxB,OAAO,EAAE,6BAA6B,EACtC,MAAM,EAAE,MAAM,EACd,iBAAiB,CAAC,EAAE,kBAAkB,GACvC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAsNrB;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAC3B,SAAS,EAAE,SAAS,EACpB,iBAAiB,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GACvC,MAAM,CAOR;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,CACvC,YAAY,EAAE,iBAAiB,EAC/B,WAAW,EAAE,MAAM,GACpB,wBAAwB,CAY1B;AAED;;;;GAIG;AACH,wBAAgB,6BAA6B,CACzC,cAAc,EAAE,iBAAiB,EACjC,YAAY,EAAE,MAAM,GACrB,IAAI,CAuEN"}
|
|
@@ -0,0 +1,237 @@
|
|
|
1
|
+
/*! @azure/msal-common v15.3.0 2025-03-20 */
|
|
2
|
+
'use strict';
|
|
3
|
+
import { addClientId, addScopes, addRedirectUri, addCorrelationId, addResponseMode, addClientInfo, addPrompt, addDomainHint, addSid, addLoginHint, addCcsOid, addCcsUpn, addNonce, addState, addClaims, addBrokerParameters, addExtraQueryParameters, addInstanceAware } from '../request/RequestParameterBuilder.mjs';
|
|
4
|
+
import { CLIENT_ID } from '../constants/AADServerParamKeys.mjs';
|
|
5
|
+
import { PromptValue } from '../utils/Constants.mjs';
|
|
6
|
+
import { buildClientInfoFromHomeAccountId } from '../account/ClientInfo.mjs';
|
|
7
|
+
import { mapToQueryString } from '../utils/UrlUtils.mjs';
|
|
8
|
+
import { UrlString } from '../url/UrlString.mjs';
|
|
9
|
+
import { createClientAuthError } from '../error/ClientAuthError.mjs';
|
|
10
|
+
import { isInteractionRequiredError, InteractionRequiredAuthError } from '../error/InteractionRequiredAuthError.mjs';
|
|
11
|
+
import { ServerError } from '../error/ServerError.mjs';
|
|
12
|
+
import { authorizationCodeMissingFromServerResponse, stateNotFound, invalidState, stateMismatch } from '../error/ClientAuthErrorCodes.mjs';
|
|
13
|
+
|
|
14
|
+
/*
|
|
15
|
+
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
16
|
+
* Licensed under the MIT License.
|
|
17
|
+
*/
|
|
18
|
+
/**
|
|
19
|
+
* Returns map of parameters that are applicable to all calls to /authorize whether using PKCE or EAR
|
|
20
|
+
* @param config
|
|
21
|
+
* @param request
|
|
22
|
+
* @param logger
|
|
23
|
+
* @param performanceClient
|
|
24
|
+
* @returns
|
|
25
|
+
*/
|
|
26
|
+
function getStandardAuthorizeRequestParameters(authOptions, request, logger, performanceClient) {
|
|
27
|
+
// generate the correlationId if not set by the user and add
|
|
28
|
+
const correlationId = request.correlationId;
|
|
29
|
+
const parameters = new Map();
|
|
30
|
+
addClientId(parameters, request.embeddedClientId ||
|
|
31
|
+
request.extraQueryParameters?.[CLIENT_ID] ||
|
|
32
|
+
authOptions.clientId);
|
|
33
|
+
const requestScopes = [
|
|
34
|
+
...(request.scopes || []),
|
|
35
|
+
...(request.extraScopesToConsent || []),
|
|
36
|
+
];
|
|
37
|
+
addScopes(parameters, requestScopes, true, authOptions.authority.options.OIDCOptions?.defaultScopes);
|
|
38
|
+
addRedirectUri(parameters, request.redirectUri);
|
|
39
|
+
addCorrelationId(parameters, correlationId);
|
|
40
|
+
// add response_mode. If not passed in it defaults to query.
|
|
41
|
+
addResponseMode(parameters, request.responseMode);
|
|
42
|
+
// add client_info=1
|
|
43
|
+
addClientInfo(parameters);
|
|
44
|
+
if (request.prompt) {
|
|
45
|
+
addPrompt(parameters, request.prompt);
|
|
46
|
+
performanceClient?.addFields({ prompt: request.prompt }, correlationId);
|
|
47
|
+
}
|
|
48
|
+
if (request.domainHint) {
|
|
49
|
+
addDomainHint(parameters, request.domainHint);
|
|
50
|
+
performanceClient?.addFields({ domainHintFromRequest: true }, correlationId);
|
|
51
|
+
}
|
|
52
|
+
// Add sid or loginHint with preference for login_hint claim (in request) -> sid -> loginHint (upn/email) -> username of AccountInfo object
|
|
53
|
+
if (request.prompt !== PromptValue.SELECT_ACCOUNT) {
|
|
54
|
+
// AAD will throw if prompt=select_account is passed with an account hint
|
|
55
|
+
if (request.sid && request.prompt === PromptValue.NONE) {
|
|
56
|
+
// SessionID is only used in silent calls
|
|
57
|
+
logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from request");
|
|
58
|
+
addSid(parameters, request.sid);
|
|
59
|
+
performanceClient?.addFields({ sidFromRequest: true }, correlationId);
|
|
60
|
+
}
|
|
61
|
+
else if (request.account) {
|
|
62
|
+
const accountSid = extractAccountSid(request.account);
|
|
63
|
+
let accountLoginHintClaim = extractLoginHint(request.account);
|
|
64
|
+
if (accountLoginHintClaim && request.domainHint) {
|
|
65
|
+
logger.warning(`AuthorizationCodeClient.createAuthCodeUrlQueryString: "domainHint" param is set, skipping opaque "login_hint" claim. Please consider not passing domainHint`);
|
|
66
|
+
accountLoginHintClaim = null;
|
|
67
|
+
}
|
|
68
|
+
// If login_hint claim is present, use it over sid/username
|
|
69
|
+
if (accountLoginHintClaim) {
|
|
70
|
+
logger.verbose("createAuthCodeUrlQueryString: login_hint claim present on account");
|
|
71
|
+
addLoginHint(parameters, accountLoginHintClaim);
|
|
72
|
+
performanceClient?.addFields({ loginHintFromClaim: true }, correlationId);
|
|
73
|
+
try {
|
|
74
|
+
const clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);
|
|
75
|
+
addCcsOid(parameters, clientInfo);
|
|
76
|
+
}
|
|
77
|
+
catch (e) {
|
|
78
|
+
logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header");
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
else if (accountSid && request.prompt === PromptValue.NONE) {
|
|
82
|
+
/*
|
|
83
|
+
* If account and loginHint are provided, we will check account first for sid before adding loginHint
|
|
84
|
+
* SessionId is only used in silent calls
|
|
85
|
+
*/
|
|
86
|
+
logger.verbose("createAuthCodeUrlQueryString: Prompt is none, adding sid from account");
|
|
87
|
+
addSid(parameters, accountSid);
|
|
88
|
+
performanceClient?.addFields({ sidFromClaim: true }, correlationId);
|
|
89
|
+
try {
|
|
90
|
+
const clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);
|
|
91
|
+
addCcsOid(parameters, clientInfo);
|
|
92
|
+
}
|
|
93
|
+
catch (e) {
|
|
94
|
+
logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header");
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
else if (request.loginHint) {
|
|
98
|
+
logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from request");
|
|
99
|
+
addLoginHint(parameters, request.loginHint);
|
|
100
|
+
addCcsUpn(parameters, request.loginHint);
|
|
101
|
+
performanceClient?.addFields({ loginHintFromRequest: true }, correlationId);
|
|
102
|
+
}
|
|
103
|
+
else if (request.account.username) {
|
|
104
|
+
// Fallback to account username if provided
|
|
105
|
+
logger.verbose("createAuthCodeUrlQueryString: Adding login_hint from account");
|
|
106
|
+
addLoginHint(parameters, request.account.username);
|
|
107
|
+
performanceClient?.addFields({ loginHintFromUpn: true }, correlationId);
|
|
108
|
+
try {
|
|
109
|
+
const clientInfo = buildClientInfoFromHomeAccountId(request.account.homeAccountId);
|
|
110
|
+
addCcsOid(parameters, clientInfo);
|
|
111
|
+
}
|
|
112
|
+
catch (e) {
|
|
113
|
+
logger.verbose("createAuthCodeUrlQueryString: Could not parse home account ID for CCS Header");
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
else if (request.loginHint) {
|
|
118
|
+
logger.verbose("createAuthCodeUrlQueryString: No account, adding login_hint from request");
|
|
119
|
+
addLoginHint(parameters, request.loginHint);
|
|
120
|
+
addCcsUpn(parameters, request.loginHint);
|
|
121
|
+
performanceClient?.addFields({ loginHintFromRequest: true }, correlationId);
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
else {
|
|
125
|
+
logger.verbose("createAuthCodeUrlQueryString: Prompt is select_account, ignoring account hints");
|
|
126
|
+
}
|
|
127
|
+
if (request.nonce) {
|
|
128
|
+
addNonce(parameters, request.nonce);
|
|
129
|
+
}
|
|
130
|
+
if (request.state) {
|
|
131
|
+
addState(parameters, request.state);
|
|
132
|
+
}
|
|
133
|
+
if (request.claims ||
|
|
134
|
+
(authOptions.clientCapabilities &&
|
|
135
|
+
authOptions.clientCapabilities.length > 0)) {
|
|
136
|
+
addClaims(parameters, request.claims, authOptions.clientCapabilities);
|
|
137
|
+
}
|
|
138
|
+
if (request.embeddedClientId) {
|
|
139
|
+
addBrokerParameters(parameters, authOptions.clientId, authOptions.redirectUri);
|
|
140
|
+
}
|
|
141
|
+
if (request.extraQueryParameters) {
|
|
142
|
+
addExtraQueryParameters(parameters, request.extraQueryParameters);
|
|
143
|
+
}
|
|
144
|
+
if (authOptions.instanceAware) {
|
|
145
|
+
addInstanceAware(parameters);
|
|
146
|
+
}
|
|
147
|
+
return parameters;
|
|
148
|
+
}
|
|
149
|
+
/**
|
|
150
|
+
* Returns authorize endpoint with given request parameters in the query string
|
|
151
|
+
* @param authority
|
|
152
|
+
* @param requestParameters
|
|
153
|
+
* @returns
|
|
154
|
+
*/
|
|
155
|
+
function getAuthorizeUrl(authority, requestParameters) {
|
|
156
|
+
const queryString = mapToQueryString(requestParameters);
|
|
157
|
+
return UrlString.appendQueryString(authority.authorizationEndpoint, queryString);
|
|
158
|
+
}
|
|
159
|
+
/**
|
|
160
|
+
* Handles the hash fragment response from public client code request. Returns a code response used by
|
|
161
|
+
* the client to exchange for a token in acquireToken.
|
|
162
|
+
* @param serverParams
|
|
163
|
+
* @param cachedState
|
|
164
|
+
*/
|
|
165
|
+
function getAuthorizationCodePayload(serverParams, cachedState) {
|
|
166
|
+
// Get code response
|
|
167
|
+
validateAuthorizationResponse(serverParams, cachedState);
|
|
168
|
+
// throw when there is no auth code in the response
|
|
169
|
+
if (!serverParams.code) {
|
|
170
|
+
throw createClientAuthError(authorizationCodeMissingFromServerResponse);
|
|
171
|
+
}
|
|
172
|
+
return serverParams;
|
|
173
|
+
}
|
|
174
|
+
/**
|
|
175
|
+
* Function which validates server authorization code response.
|
|
176
|
+
* @param serverResponseHash
|
|
177
|
+
* @param requestState
|
|
178
|
+
*/
|
|
179
|
+
function validateAuthorizationResponse(serverResponse, requestState) {
|
|
180
|
+
if (!serverResponse.state || !requestState) {
|
|
181
|
+
throw serverResponse.state
|
|
182
|
+
? createClientAuthError(stateNotFound, "Cached State")
|
|
183
|
+
: createClientAuthError(stateNotFound, "Server State");
|
|
184
|
+
}
|
|
185
|
+
let decodedServerResponseState;
|
|
186
|
+
let decodedRequestState;
|
|
187
|
+
try {
|
|
188
|
+
decodedServerResponseState = decodeURIComponent(serverResponse.state);
|
|
189
|
+
}
|
|
190
|
+
catch (e) {
|
|
191
|
+
throw createClientAuthError(invalidState, serverResponse.state);
|
|
192
|
+
}
|
|
193
|
+
try {
|
|
194
|
+
decodedRequestState = decodeURIComponent(requestState);
|
|
195
|
+
}
|
|
196
|
+
catch (e) {
|
|
197
|
+
throw createClientAuthError(invalidState, serverResponse.state);
|
|
198
|
+
}
|
|
199
|
+
if (decodedServerResponseState !== decodedRequestState) {
|
|
200
|
+
throw createClientAuthError(stateMismatch);
|
|
201
|
+
}
|
|
202
|
+
// Check for error
|
|
203
|
+
if (serverResponse.error ||
|
|
204
|
+
serverResponse.error_description ||
|
|
205
|
+
serverResponse.suberror) {
|
|
206
|
+
const serverErrorNo = parseServerErrorNo(serverResponse);
|
|
207
|
+
if (isInteractionRequiredError(serverResponse.error, serverResponse.error_description, serverResponse.suberror)) {
|
|
208
|
+
throw new InteractionRequiredAuthError(serverResponse.error || "", serverResponse.error_description, serverResponse.suberror, serverResponse.timestamp || "", serverResponse.trace_id || "", serverResponse.correlation_id || "", serverResponse.claims || "", serverErrorNo);
|
|
209
|
+
}
|
|
210
|
+
throw new ServerError(serverResponse.error || "", serverResponse.error_description, serverResponse.suberror, serverErrorNo);
|
|
211
|
+
}
|
|
212
|
+
}
|
|
213
|
+
/**
|
|
214
|
+
* Get server error No from the error_uri
|
|
215
|
+
* @param serverResponse
|
|
216
|
+
* @returns
|
|
217
|
+
*/
|
|
218
|
+
function parseServerErrorNo(serverResponse) {
|
|
219
|
+
const errorCodePrefix = "code=";
|
|
220
|
+
const errorCodePrefixIndex = serverResponse.error_uri?.lastIndexOf(errorCodePrefix);
|
|
221
|
+
return errorCodePrefixIndex && errorCodePrefixIndex >= 0
|
|
222
|
+
? serverResponse.error_uri?.substring(errorCodePrefixIndex + errorCodePrefix.length)
|
|
223
|
+
: undefined;
|
|
224
|
+
}
|
|
225
|
+
/**
|
|
226
|
+
* Helper to get sid from account. Returns null if idTokenClaims are not present or sid is not present.
|
|
227
|
+
* @param account
|
|
228
|
+
*/
|
|
229
|
+
function extractAccountSid(account) {
|
|
230
|
+
return account.idTokenClaims?.sid || null;
|
|
231
|
+
}
|
|
232
|
+
function extractLoginHint(account) {
|
|
233
|
+
return account.idTokenClaims?.login_hint || null;
|
|
234
|
+
}
|
|
235
|
+
|
|
236
|
+
export { getAuthorizationCodePayload, getAuthorizeUrl, getStandardAuthorizeRequestParameters, validateAuthorizationResponse };
|
|
237
|
+
//# sourceMappingURL=Authorize.mjs.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"Authorize.mjs","sources":["../../src/protocol/Authorize.ts"],"sourcesContent":[null],"names":["RequestParameterBuilder.addClientId","AADServerParamKeys.CLIENT_ID","RequestParameterBuilder.addScopes","RequestParameterBuilder.addRedirectUri","RequestParameterBuilder.addCorrelationId","RequestParameterBuilder.addResponseMode","RequestParameterBuilder.addClientInfo","RequestParameterBuilder.addPrompt","RequestParameterBuilder.addDomainHint","RequestParameterBuilder.addSid","RequestParameterBuilder.addLoginHint","RequestParameterBuilder.addCcsOid","RequestParameterBuilder.addCcsUpn","RequestParameterBuilder.addNonce","RequestParameterBuilder.addState","RequestParameterBuilder.addClaims","RequestParameterBuilder.addBrokerParameters","RequestParameterBuilder.addExtraQueryParameters","RequestParameterBuilder.addInstanceAware","ClientAuthErrorCodes.authorizationCodeMissingFromServerResponse","ClientAuthErrorCodes.stateNotFound","ClientAuthErrorCodes.invalidState","ClientAuthErrorCodes.stateMismatch"],"mappings":";;;;;;;;;;;;;AAAA;;;AAGG;AA0BH;;;;;;;AAOG;AACG,SAAU,qCAAqC,CACjD,WAAwB,EACxB,OAAsC,EACtC,MAAc,EACd,iBAAsC,EAAA;;AAGtC,IAAA,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;AAE5C,IAAA,MAAM,UAAU,GAAG,IAAI,GAAG,EAAkB,CAAC;AAE7C,IAAAA,WAAmC,CAC/B,UAAU,EACV,OAAO,CAAC,gBAAgB;AACpB,QAAA,OAAO,CAAC,oBAAoB,GAAGC,SAA4B,CAAC;QAC5D,WAAW,CAAC,QAAQ,CAC3B,CAAC;AAEF,IAAA,MAAM,aAAa,GAAG;AAClB,QAAA,IAAI,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;AACzB,QAAA,IAAI,OAAO,CAAC,oBAAoB,IAAI,EAAE,CAAC;KAC1C,CAAC;AACF,IAAAC,SAAiC,CAC7B,UAAU,EACV,aAAa,EACb,IAAI,EACJ,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,aAAa,CAC3D,CAAC;IAEFC,cAAsC,CAAC,UAAU,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;AAExE,IAAAC,gBAAwC,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;;IAGpEC,eAAuC,CAAC,UAAU,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;;AAG1E,IAAAC,aAAqC,CAAC,UAAU,CAAC,CAAC;IAElD,IAAI,OAAO,CAAC,MAAM,EAAE;QAChBC,SAAiC,CAAC,UAAU,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;AAC9D,QAAA,iBAAiB,EAAE,SAAS,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,aAAa,CAAC,CAAC;AAC3E,KAAA;IAED,IAAI,OAAO,CAAC,UAAU,EAAE;QACpBC,aAAqC,CAAC,UAAU,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QACtE,iBAAiB,EAAE,SAAS,CACxB,EAAE,qBAAqB,EAAE,IAAI,EAAE,EAC/B,aAAa,CAChB,CAAC;AACL,KAAA;;AAGD,IAAA,IAAI,OAAO,CAAC,MAAM,KAAK,WAAW,CAAC,cAAc,EAAE;;QAE/C,IAAI,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,MAAM,KAAK,WAAW,CAAC,IAAI,EAAE;;AAEpD,YAAA,MAAM,CAAC,OAAO,CACV,uEAAuE,CAC1E,CAAC;YACFC,MAA8B,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;YACxD,iBAAiB,EAAE,SAAS,CACxB,EAAE,cAAc,EAAE,IAAI,EAAE,EACxB,aAAa,CAChB,CAAC;AACL,SAAA;aAAM,IAAI,OAAO,CAAC,OAAO,EAAE;YACxB,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACtD,IAAI,qBAAqB,GAAG,gBAAgB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;AAE9D,YAAA,IAAI,qBAAqB,IAAI,OAAO,CAAC,UAAU,EAAE;AAC7C,gBAAA,MAAM,CAAC,OAAO,CACV,CAAA,2JAAA,CAA6J,CAChK,CAAC;gBACF,qBAAqB,GAAG,IAAI,CAAC;AAChC,aAAA;;AAGD,YAAA,IAAI,qBAAqB,EAAE;AACvB,gBAAA,MAAM,CAAC,OAAO,CACV,mEAAmE,CACtE,CAAC;AACF,gBAAAC,YAAoC,CAChC,UAAU,EACV,qBAAqB,CACxB,CAAC;gBACF,iBAAiB,EAAE,SAAS,CACxB,EAAE,kBAAkB,EAAE,IAAI,EAAE,EAC5B,aAAa,CAChB,CAAC;gBACF,IAAI;oBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,OAAO,CAAC,aAAa,CAChC,CAAC;AACF,oBAAAC,SAAiC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AAC7D,iBAAA;AAAC,gBAAA,OAAO,CAAC,EAAE;AACR,oBAAA,MAAM,CAAC,OAAO,CACV,8EAA8E,CACjF,CAAC;AACL,iBAAA;AACJ,aAAA;iBAAM,IAAI,UAAU,IAAI,OAAO,CAAC,MAAM,KAAK,WAAW,CAAC,IAAI,EAAE;AAC1D;;;AAGG;AACH,gBAAA,MAAM,CAAC,OAAO,CACV,uEAAuE,CAC1E,CAAC;AACF,gBAAAF,MAA8B,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;gBACvD,iBAAiB,EAAE,SAAS,CACxB,EAAE,YAAY,EAAE,IAAI,EAAE,EACtB,aAAa,CAChB,CAAC;gBACF,IAAI;oBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,OAAO,CAAC,aAAa,CAChC,CAAC;AACF,oBAAAE,SAAiC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AAC7D,iBAAA;AAAC,gBAAA,OAAO,CAAC,EAAE;AACR,oBAAA,MAAM,CAAC,OAAO,CACV,8EAA8E,CACjF,CAAC;AACL,iBAAA;AACJ,aAAA;iBAAM,IAAI,OAAO,CAAC,SAAS,EAAE;AAC1B,gBAAA,MAAM,CAAC,OAAO,CACV,8DAA8D,CACjE,CAAC;gBACFD,YAAoC,CAChC,UAAU,EACV,OAAO,CAAC,SAAS,CACpB,CAAC;gBACFE,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,SAAS,CACpB,CAAC;gBACF,iBAAiB,EAAE,SAAS,CACxB,EAAE,oBAAoB,EAAE,IAAI,EAAE,EAC9B,aAAa,CAChB,CAAC;AACL,aAAA;AAAM,iBAAA,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE;;AAEjC,gBAAA,MAAM,CAAC,OAAO,CACV,8DAA8D,CACjE,CAAC;gBACFF,YAAoC,CAChC,UAAU,EACV,OAAO,CAAC,OAAO,CAAC,QAAQ,CAC3B,CAAC;gBACF,iBAAiB,EAAE,SAAS,CACxB,EAAE,gBAAgB,EAAE,IAAI,EAAE,EAC1B,aAAa,CAChB,CAAC;gBACF,IAAI;oBACA,MAAM,UAAU,GAAG,gCAAgC,CAC/C,OAAO,CAAC,OAAO,CAAC,aAAa,CAChC,CAAC;AACF,oBAAAC,SAAiC,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AAC7D,iBAAA;AAAC,gBAAA,OAAO,CAAC,EAAE;AACR,oBAAA,MAAM,CAAC,OAAO,CACV,8EAA8E,CACjF,CAAC;AACL,iBAAA;AACJ,aAAA;AACJ,SAAA;aAAM,IAAI,OAAO,CAAC,SAAS,EAAE;AAC1B,YAAA,MAAM,CAAC,OAAO,CACV,0EAA0E,CAC7E,CAAC;YACFD,YAAoC,CAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;YACpEE,SAAiC,CAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;YACjE,iBAAiB,EAAE,SAAS,CACxB,EAAE,oBAAoB,EAAE,IAAI,EAAE,EAC9B,aAAa,CAChB,CAAC;AACL,SAAA;AACJ,KAAA;AAAM,SAAA;AACH,QAAA,MAAM,CAAC,OAAO,CACV,gFAAgF,CACnF,CAAC;AACL,KAAA;IAED,IAAI,OAAO,CAAC,KAAK,EAAE;QACfC,QAAgC,CAAC,UAAU,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;AAC/D,KAAA;IAED,IAAI,OAAO,CAAC,KAAK,EAAE;QACfC,QAAgC,CAAC,UAAU,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;AAC/D,KAAA;IAED,IACI,OAAO,CAAC,MAAM;SACb,WAAW,CAAC,kBAAkB;AAC3B,YAAA,WAAW,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,CAAC,EAChD;AACE,QAAAC,SAAiC,CAC7B,UAAU,EACV,OAAO,CAAC,MAAM,EACd,WAAW,CAAC,kBAAkB,CACjC,CAAC;AACL,KAAA;IAED,IAAI,OAAO,CAAC,gBAAgB,EAAE;AAC1B,QAAAC,mBAA2C,CACvC,UAAU,EACV,WAAW,CAAC,QAAQ,EACpB,WAAW,CAAC,WAAW,CAC1B,CAAC;AACL,KAAA;IAED,IAAI,OAAO,CAAC,oBAAoB,EAAE;QAC9BC,uBAA+C,CAC3C,UAAU,EACV,OAAO,CAAC,oBAAoB,CAC/B,CAAC;AACL,KAAA;IAED,IAAI,WAAW,CAAC,aAAa,EAAE;AAC3B,QAAAC,gBAAwC,CAAC,UAAU,CAAC,CAAC;AACxD,KAAA;AAED,IAAA,OAAO,UAAU,CAAC;AACtB,CAAC;AAED;;;;;AAKG;AACa,SAAA,eAAe,CAC3B,SAAoB,EACpB,iBAAsC,EAAA;AAEtC,IAAA,MAAM,WAAW,GAAG,gBAAgB,CAAC,iBAAiB,CAAC,CAAC;IAExD,OAAO,SAAS,CAAC,iBAAiB,CAC9B,SAAS,CAAC,qBAAqB,EAC/B,WAAW,CACd,CAAC;AACN,CAAC;AAED;;;;;AAKG;AACa,SAAA,2BAA2B,CACvC,YAA+B,EAC/B,WAAmB,EAAA;;AAGnB,IAAA,6BAA6B,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;;AAGzD,IAAA,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE;AACpB,QAAA,MAAM,qBAAqB,CACvBC,0CAA+D,CAClE,CAAC;AACL,KAAA;AAED,IAAA,OAAO,YAAwC,CAAC;AACpD,CAAC;AAED;;;;AAIG;AACa,SAAA,6BAA6B,CACzC,cAAiC,EACjC,YAAoB,EAAA;AAEpB,IAAA,IAAI,CAAC,cAAc,CAAC,KAAK,IAAI,CAAC,YAAY,EAAE;QACxC,MAAM,cAAc,CAAC,KAAK;cACpB,qBAAqB,CACjBC,aAAkC,EAClC,cAAc,CACjB;cACD,qBAAqB,CACjBA,aAAkC,EAClC,cAAc,CACjB,CAAC;AACX,KAAA;AAED,IAAA,IAAI,0BAAkC,CAAC;AACvC,IAAA,IAAI,mBAA2B,CAAC;IAEhC,IAAI;AACA,QAAA,0BAA0B,GAAG,kBAAkB,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;AACzE,KAAA;AAAC,IAAA,OAAO,CAAC,EAAE;QACR,MAAM,qBAAqB,CACvBC,YAAiC,EACjC,cAAc,CAAC,KAAK,CACvB,CAAC;AACL,KAAA;IAED,IAAI;AACA,QAAA,mBAAmB,GAAG,kBAAkB,CAAC,YAAY,CAAC,CAAC;AAC1D,KAAA;AAAC,IAAA,OAAO,CAAC,EAAE;QACR,MAAM,qBAAqB,CACvBA,YAAiC,EACjC,cAAc,CAAC,KAAK,CACvB,CAAC;AACL,KAAA;IAED,IAAI,0BAA0B,KAAK,mBAAmB,EAAE;AACpD,QAAA,MAAM,qBAAqB,CAACC,aAAkC,CAAC,CAAC;AACnE,KAAA;;IAGD,IACI,cAAc,CAAC,KAAK;AACpB,QAAA,cAAc,CAAC,iBAAiB;QAChC,cAAc,CAAC,QAAQ,EACzB;AACE,QAAA,MAAM,aAAa,GAAG,kBAAkB,CAAC,cAAc,CAAC,CAAC;AACzD,QAAA,IACI,0BAA0B,CACtB,cAAc,CAAC,KAAK,EACpB,cAAc,CAAC,iBAAiB,EAChC,cAAc,CAAC,QAAQ,CAC1B,EACH;AACE,YAAA,MAAM,IAAI,4BAA4B,CAClC,cAAc,CAAC,KAAK,IAAI,EAAE,EAC1B,cAAc,CAAC,iBAAiB,EAChC,cAAc,CAAC,QAAQ,EACvB,cAAc,CAAC,SAAS,IAAI,EAAE,EAC9B,cAAc,CAAC,QAAQ,IAAI,EAAE,EAC7B,cAAc,CAAC,cAAc,IAAI,EAAE,EACnC,cAAc,CAAC,MAAM,IAAI,EAAE,EAC3B,aAAa,CAChB,CAAC;AACL,SAAA;AAED,QAAA,MAAM,IAAI,WAAW,CACjB,cAAc,CAAC,KAAK,IAAI,EAAE,EAC1B,cAAc,CAAC,iBAAiB,EAChC,cAAc,CAAC,QAAQ,EACvB,aAAa,CAChB,CAAC;AACL,KAAA;AACL,CAAC;AAED;;;;AAIG;AACH,SAAS,kBAAkB,CACvB,cAAiC,EAAA;IAEjC,MAAM,eAAe,GAAG,OAAO,CAAC;IAChC,MAAM,oBAAoB,GACtB,cAAc,CAAC,SAAS,EAAE,WAAW,CAAC,eAAe,CAAC,CAAC;AAC3D,IAAA,OAAO,oBAAoB,IAAI,oBAAoB,IAAI,CAAC;AACpD,UAAE,cAAc,CAAC,SAAS,EAAE,SAAS,CAC/B,oBAAoB,GAAG,eAAe,CAAC,MAAM,CAChD;UACD,SAAS,CAAC;AACpB,CAAC;AAED;;;AAGG;AACH,SAAS,iBAAiB,CAAC,OAAoB,EAAA;AAC3C,IAAA,OAAO,OAAO,CAAC,aAAa,EAAE,GAAG,IAAI,IAAI,CAAC;AAC9C,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAoB,EAAA;AAC1C,IAAA,OAAO,OAAO,CAAC,aAAa,EAAE,UAAU,IAAI,IAAI,CAAC;AACrD;;;;"}
|