@boxyhq/saml-jackson 1.33.1-beta.1 → 1.34.0

package/dist/src/typings.d.ts

@@ -1,540 +0,0 @@
-import type { JWK } from 'jose';
-import type { ServerMetadata } from 'openid-client' with { 'resolution-mode': 'import' };
-export * from './ee/identity-federation/types';
-export * from './sso-traces/types';
-export * from './directory-sync/types';
-export * from './event/types';
-import db from './db/db';
-import { EventCallback } from './typings';
-export type DB = Awaited<ReturnType<typeof db.new>>;
-export interface OryRes {
-    projectId?: string;
-    domains?: string[];
-    organizationId?: string;
-    error: any | undefined;
-}
-export interface OryConfig extends OryRes {
-    sdkToken?: string;
-}
-export interface SSOConnection {
-    defaultRedirectUrl: string;
-    redirectUrl: string[] | string;
-    tenant: string;
-    product: string;
-    name?: string;
-    label?: string;
-    description?: string;
-    ory?: OryConfig;
-    sortOrder?: number | null;
-}
-export interface SAMLSSOConnection extends SSOConnection {
-    forceAuthn?: boolean | string;
-    identifierFormat?: string;
-}
-export interface SAMLSSOConnectionWithRawMetadata extends SAMLSSOConnection {
-    rawMetadata: string;
-    encodedRawMetadata?: never;
-    metadataUrl?: string;
-}
-export interface SAMLSSOConnectionWithEncodedMetadata extends SAMLSSOConnection {
-    rawMetadata?: never;
-    encodedRawMetadata: string;
-    metadataUrl?: string;
-}
-interface OIDCSSOConnection extends SSOConnection {
-    oidcClientId: string;
-    oidcClientSecret: string;
-}
-export interface OIDCSSOConnectionWithMetadata extends OIDCSSOConnection {
-    oidcDiscoveryUrl?: never;
-    oidcMetadata: ServerMetadata;
-}
-export interface OIDCSSOConnectionWithDiscoveryUrl extends OIDCSSOConnection {
-    oidcDiscoveryUrl: string;
-    oidcMetadata?: never;
-}
-export interface SAMLSSORecord extends SAMLSSOConnection {
-    clientID: string;
-    clientSecret: string;
-    metadataUrl?: string;
-    idpMetadata: {
-        entityID: string;
-        loginType?: string;
-        provider: string | 'Unknown';
-        friendlyProviderName: string | null;
-        slo: {
-            postUrl?: string;
-            redirectUrl?: string;
-        };
-        sso: {
-            postUrl?: string;
-            redirectUrl?: string;
-        };
-        thumbprint?: string;
-        publicKey?: string;
-        validTo?: string;
-    };
-    deactivated?: boolean;
-}
-export interface OIDCSSORecord extends SSOConnection {
-    clientID: string;
-    clientSecret: string;
-    oidcProvider: {
-        provider: string | 'Unknown';
-        friendlyProviderName: string | null;
-        discoveryUrl?: string;
-        metadata?: ServerMetadata;
-        clientId: string;
-        clientSecret: string;
-    };
-    deactivated?: boolean;
-}
-export type ConnectionType = 'saml' | 'oidc';
-type ClientIDQuery = {
-    clientID: string;
-};
-type TenantQuery = {
-    tenant: string;
-    product: string;
-    strategy?: ConnectionType;
-};
-type TenantProduct = {
-    tenant: string;
-    product: string;
-};
-export type GetConnectionsQuery = ClientIDQuery | TenantQuery | {
-    entityId: string;
-} | {
-    tenant: string[];
-    product: string;
-    sort?: boolean;
-};
-export type GetIDPEntityIDBody = TenantProduct;
-export type DelConnectionsQuery = (ClientIDQuery & {
-    clientSecret: string;
-}) | TenantQuery;
-export type GetConfigQuery = ClientIDQuery | Omit<TenantQuery, 'strategy'>;
-export type DelConfigQuery = (ClientIDQuery & {
-    clientSecret: string;
-}) | Omit<TenantQuery, 'strategy'>;
-export type UpdateConnectionParams = TenantProduct & {
-    clientID: string;
-    clientSecret: string;
-    name?: string;
-    label?: string;
-    description?: string;
-    defaultRedirectUrl?: string;
-    redirectUrl?: string[] | string;
-    deactivated?: boolean;
-    ory?: OryConfig;
-    sortOrder?: number | null;
-};
-export type UpdateSAMLConnectionParams = UpdateConnectionParams & {
-    encodedRawMetadata?: string;
-    metadataUrl?: string;
-    rawMetadata?: string;
-    forceAuthn?: boolean;
-    identifierFormat?: string;
-};
-export type UpdateOIDCConnectionParams = UpdateConnectionParams & {
-    oidcDiscoveryUrl?: string;
-    oidcMetadata?: ServerMetadata;
-    oidcClientId?: string;
-    oidcClientSecret?: string;
-};
-export interface IConnectionAPIController {
-    /**
-     * @deprecated Use `createSAMLConnection` instead.
-     */
-    config(body: SAMLSSOConnection): Promise<SAMLSSORecord>;
-    createSAMLConnection(body: SAMLSSOConnectionWithRawMetadata | SAMLSSOConnectionWithEncodedMetadata): Promise<SAMLSSORecord>;
-    createOIDCConnection(body: OIDCSSOConnectionWithDiscoveryUrl | OIDCSSOConnectionWithMetadata): Promise<OIDCSSORecord>;
-    /**
-     * @deprecated Use `updateSAMLConnection` instead.
-     */
-    updateConfig(body: UpdateSAMLConnectionParams): Promise<void>;
-    updateSAMLConnection(body: UpdateSAMLConnectionParams): Promise<void>;
-    updateOIDCConnection(body: UpdateOIDCConnectionParams): Promise<void>;
-    getConnections(body: GetConnectionsQuery): Promise<Array<SAMLSSORecord | OIDCSSORecord>>;
-    getIDPEntityID(body: GetIDPEntityIDBody): string;
-    /**
-     * @deprecated Use `getConnections` instead.
-     */
-    getConfig(body: GetConfigQuery): Promise<SAMLSSORecord | Record<string, never>>;
-    deleteConnections(body: DelConnectionsQuery): Promise<void>;
-    /**
-     * @deprecated Use `deleteConnections` instead.
-     */
-    deleteConfig(body: DelConfigQuery): Promise<void>;
-    getConnectionsByProduct(body: GetByProductParams): Promise<{
-        data: (SAMLSSORecord | OIDCSSORecord)[];
-        pageToken?: string;
-    }>;
-    getCount(idx?: Index): Promise<number | undefined>;
-}
-export interface IOAuthController {
-    authorize(body: OAuthReq): Promise<{
-        redirect_url?: string;
-        authorize_form?: string;
-    }>;
-    samlResponse(body: SAMLResponsePayload): Promise<{
-        redirect_url?: string;
-        app_select_form?: string;
-        response_form?: string;
-    }>;
-    oidcAuthzResponse(body: OIDCAuthzResponsePayload): Promise<{
-        redirect_url?: string;
-        response_form?: string;
-    }>;
-    token(body: OAuthTokenReq): Promise<OAuthTokenRes>;
-    userInfo(token: string): Promise<Profile>;
-}
-export interface IAdminController {
-    getAllConnection(pageOffset?: number, pageLimit?: number, pageToken?: string): any;
-    getAllSSOTraces(pageOffset: number, pageLimit: number, pageToken?: string): any;
-    getSSOTraceById(traceId: string): any;
-    getTracesByProduct(product: string, pageOffset: number, pageLimit: number, pageToken?: string): any;
-    deleteTracesByProduct(product: string): any;
-}
-export interface IHealthCheckController {
-    status(): Promise<{
-        status: number;
-    }>;
-    init(): Promise<void>;
-}
-export interface ILogoutController {
-    createRequest(body: SLORequestParams): Promise<{
-        logoutUrl: string | null;
-        logoutForm: string | null;
-    }>;
-    handleResponse(body: SAMLResponsePayload): Promise<any>;
-}
-export interface IOidcDiscoveryController {
-    openidConfig(): {
-        issuer: string;
-        authorization_endpoint: string;
-        token_endpoint: string;
-        userinfo_endpoint: string;
-        jwks_uri: string;
-        response_types_supported: Array<string>;
-        subject_types_supported: Array<string>;
-        id_token_signing_alg_values_supported: Array<string>;
-        grant_types_supported: Array<string>;
-        code_challenge_methods_supported: Array<string>;
-    };
-    jwks(): Promise<{
-        keys: JWK[];
-    }>;
-}
-export interface OAuthReqBody {
-    state: string;
-    response_type: 'code';
-    redirect_uri: string;
-    code_challenge: string;
-    code_challenge_method: 'plain' | 'S256' | '';
-    scope?: string;
-    nonce?: string;
-    idp_hint?: string;
-    forceAuthn?: string;
-    login_hint?: string;
-    [key: string]: unknown;
-}
-export interface OAuthReqBodyWithClientId extends OAuthReqBody {
-    client_id: string;
-    tenant?: undefined;
-    product?: undefined;
-    access_type?: undefined;
-    resource?: undefined;
-}
-export interface OAuthReqBodyWithTenantProduct extends OAuthReqBody {
-    client_id: 'dummy';
-    tenant: string;
-    product: string;
-    access_type?: undefined;
-    resource?: undefined;
-}
-export interface OAuthReqBodyWithAccessType extends OAuthReqBody {
-    client_id: 'dummy';
-    access_type: string;
-    tenant?: undefined;
-    product?: undefined;
-    resource?: undefined;
-}
-export interface OAuthReqBodyWithResource extends OAuthReqBody {
-    client_id: 'dummy';
-    resource: string;
-    tenant?: undefined;
-    product?: undefined;
-    access_type?: undefined;
-}
-export type OAuthReq = OAuthReqBodyWithClientId | OAuthReqBodyWithTenantProduct | OAuthReqBodyWithAccessType | OAuthReqBodyWithResource;
-export type OIDCIdPInitiatedReq = {
-    iss: string;
-    login_hint?: string;
-    target_link_uri?: string;
-};
-export interface SAMLResponsePayload {
-    SAMLResponse: string;
-    RelayState: string;
-    idp_hint?: string;
-}
-export type OIDCAuthzResponsePayload = Record<string, string>;
-interface OAuthTokenReqBody {
-    code: string;
-    grant_type: 'authorization_code';
-    redirect_uri: string;
-}
-export interface OAuthTokenReqWithCodeVerifier extends OAuthTokenReqBody {
-    code_verifier: string;
-    client_id?: never;
-    client_secret?: never;
-}
-export interface OAuthTokenReqWithCredentials extends OAuthTokenReqBody {
-    code_verifier?: never;
-    client_id: string;
-    client_secret: string;
-}
-export type OAuthTokenReq = OAuthTokenReqWithCodeVerifier | OAuthTokenReqWithCredentials;
-export interface OAuthTokenRes {
-    access_token: string;
-    id_token?: string;
-    token_type: 'bearer';
-    expires_in: number;
-}
-export interface Profile {
-    id: string;
-    idHash: string;
-    sub?: string;
-    email: string;
-    firstName: string;
-    lastName: string;
-    roles?: string[];
-    groups?: string[];
-    requested: Record<string, string>;
-    raw: any;
-}
-export interface Index {
-    name: string;
-    value: string;
-}
-export interface Records<T = any> {
-    data: T[];
-    pageToken?: string;
-}
-export interface DatabaseDriver {
-    getAll(namespace: string, pageOffset?: number, pageLimit?: number, pageToken?: string, sortOrder?: SortOrder): Promise<Records>;
-    get(namespace: string, key: string): Promise<any>;
-    put(namespace: string, key: string, val: any, ttl: number, ...indexes: Index[]): Promise<any>;
-    delete(namespace: string, key: string): Promise<any>;
-    getByIndex(namespace: string, idx: Index, pageOffset?: number, pageLimit?: number, pageToken?: string, sortOrder?: SortOrder): Promise<Records>;
-    getCount?(namespace: string, idx?: Index): Promise<number | undefined>;
-    deleteMany(namespace: string, keys: string[]): Promise<void>;
-    close(): Promise<void>;
-}
-export interface Storable {
-    getAll(pageOffset?: number, pageLimit?: number, pageToken?: string, sortOrder?: SortOrder): Promise<Records>;
-    get(key: string): Promise<any>;
-    put(key: string, val: any, ...indexes: Index[]): Promise<any>;
-    delete(key: string): Promise<any>;
-    getByIndex(idx: Index, pageOffset?: number, pageLimit?: number, pageToken?: string, sortOrder?: SortOrder): Promise<Records>;
-    getCount(idx?: Index): Promise<number | undefined>;
-    deleteMany(keys: string[]): Promise<void>;
-}
-export interface DatabaseStore {
-    store(namespace: string): Storable;
-}
-export interface Encrypted {
-    iv?: string;
-    tag?: string;
-    value: string;
-}
-export type EncryptionKey = any;
-export type DatabaseEngine = 'redis' | 'sql' | 'mongo' | 'mem' | 'planetscale' | 'dynamodb';
-export type DatabaseType = 'postgres' | 'mysql' | 'mariadb' | 'mssql' | 'sqlite';
-export interface DatabaseOption {
-    engine?: DatabaseEngine;
-    url?: string;
-    type?: DatabaseType;
-    ttl?: number;
-    cleanupLimit?: number;
-    encryptionKey?: string;
-    pageLimit?: number;
-    ssl?: any;
-    dynamodb?: {
-        region?: string;
-        readCapacityUnits?: number;
-        writeCapacityUnits?: number;
-    };
-    manualMigration?: boolean;
-}
-export interface DatabaseDriverOption {
-    driver: DatabaseDriver;
-    encryptionKey?: string;
-    ttl?: number;
-    cleanupLimit?: number;
-    pageLimit?: number;
-    manualMigration?: boolean;
-}
-export interface JacksonOption {
-    externalUrl: string;
-    samlPath: string;
-    oidcPath?: string;
-    samlAudience?: string;
-    preLoadedConnection?: string;
-    idpEnabled?: boolean;
-    db: DatabaseOption | DatabaseDriverOption;
-    clientSecretVerifier?: string;
-    idpDiscoveryPath?: string;
-    scimPath?: string;
-    openid?: {
-        jwsAlg?: string;
-        jwtSigningKeys?: {
-            private: string;
-            public: string;
-        };
-        requestProfileScope?: boolean;
-        forwardOIDCParams?: boolean;
-    };
-    certs?: {
-        publicKey: string;
-        privateKey: string;
-    };
-    boxyhqLicenseKey?: string;
-    retraced?: {
-        host?: string;
-        adminToken?: string;
-    };
-    noAnalytics?: boolean;
-    terminus?: {
-        host?: string;
-        adminToken?: string;
-    };
-    webhook?: Webhook;
-    dsync?: {
-        webhookBatchSize?: number;
-        webhookBatchCronInterval?: number;
-        debugWebhooks?: boolean;
-        providers?: {
-            google: {
-                clientId: string;
-                clientSecret: string;
-                authorizePath: string;
-                callbackPath: string;
-                cronInterval?: number;
-            };
-        };
-        callback?: EventCallback;
-    };
-    /**  The number of days a setup link is valid for. Defaults to 3 days. */
-    setupLinkExpiryDays?: number;
-    boxyhqHosted?: boolean;
-    ory?: {
-        projectId: string | undefined;
-        sdkToken: string | undefined;
-    };
-}
-export interface SLORequestParams {
-    nameId: string;
-    tenant: string;
-    product: string;
-    redirectUrl?: string;
-}
-interface Metadata {
-    sso: {
-        postUrl?: string;
-        redirectUrl: string;
-    };
-    slo: {
-        redirectUrl?: string;
-        postUrl?: string;
-    };
-    entityID: string;
-    thumbprint: string;
-    loginType: 'idp' | 'sp';
-    provider: string;
-}
-export interface SAMLConnection {
-    idpMetadata: Metadata;
-    defaultRedirectUrl: string;
-}
-export interface OAuthErrorHandlerParams {
-    error: 'invalid_request' | 'access_denied' | 'unauthorized_client' | 'unsupported_response_type' | 'invalid_scope' | 'server_error' | 'temporarily_unavailable' | OIDCErrorCodes;
-    error_description?: string;
-    redirect_uri: string;
-    state?: string;
-}
-export type OIDCErrorCodes = 'interaction_required' | 'login_required' | 'account_selection_required' | 'consent_required' | 'invalid_request_uri' | 'invalid_request_object' | 'request_not_supported' | 'request_uri_not_supported' | 'registration_not_supported';
-export interface ISPSSOConfig {
-    oidcRedirectURI: string;
-    get(): Promise<{
-        acsUrl: string;
-        entityId: string;
-        response: string;
-        assertionSignature: string;
-        signatureAlgorithm: string;
-        publicKey: string;
-        publicKeyString: string;
-    }>;
-    toMarkdown(): string;
-    toXMLMetadata(boolean?: any): Promise<string>;
-}
-export interface ApiError {
-    message: string;
-    code: number;
-}
-export type SetupLink = {
-    setupID: string;
-    tenant: string;
-    name?: string;
-    description?: string;
-    defaultRedirectUrl?: string;
-    redirectUrl?: string;
-    product: string;
-    url: string;
-    service: SetupLinkService;
-    validTill: number;
-    webhook_url?: string;
-    webhook_secret?: string;
-};
-export type SetupLinkCreatePayload = (Pick<SetupLink, 'name' | 'tenant' | 'product' | 'webhook_url' | 'webhook_secret'> & {
-    service: 'dsync';
-    regenerate?: boolean;
-    expiryDays?: number;
-}) | (Pick<SetupLink, 'name' | 'tenant' | 'product' | 'description' | 'defaultRedirectUrl' | 'redirectUrl'> & {
-    service: 'sso';
-    regenerate?: boolean;
-    expiryDays?: number;
-});
-export type SetupLinkService = 'sso' | 'dsync';
-export type AdminPortalSettings = {
-    branding: AdminPortalBranding;
-};
-export type AdminPortalBranding = {
-    logoUrl: string | null;
-    faviconUrl: string | null;
-    primaryColor: string | null;
-    companyName: string | null;
-};
-export type Webhook = {
-    endpoint: string;
-    secret: string;
-};
-export type GetByProductParams = {
-    product: string;
-    pageOffset?: number;
-    pageLimit?: number;
-    pageToken?: string;
-};
-export type SortOrder = 'ASC' | 'DESC';
-export interface ProductConfig {
-    id: string;
-    name: string | null;
-    teamId: string | null;
-    teamName: string | null;
-    logoUrl: string | null;
-    primaryColor: string | null;
-    faviconUrl: string | null;
-    companyName: string | null;
-    ory: OryConfig | null;
-    development?: boolean;
-}

package/dist/src/typings.js

@@ -1,5 +0,0 @@
-export * from './ee/identity-federation/types';
-export * from './sso-traces/types';
-export * from './directory-sync/types';
-export * from './event/types';
-//# sourceMappingURL=typings.js.map

package/dist/src/typings.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"typings.js","sourceRoot":"","sources":["../../src/typings.ts"],"names":[],"mappings":"AAGA,cAAc,gCAAgC,CAAC;AAC/C,cAAc,oBAAoB,CAAC;AACnC,cAAc,wBAAwB,CAAC;AACvC,cAAc,eAAe,CAAC"}

package/dist/typeorm.d.ts

@@ -1,3 +0,0 @@
-import { DataSource } from 'typeorm';
-declare let AppDataSource: DataSource;
-export default AppDataSource;

package/dist/typeorm.js

@@ -1,58 +0,0 @@
-require('reflect-metadata');
-import { DataSource } from 'typeorm';
-import * as mssql from './src/db/sql/mssql';
-const type = process.env.DB_ENGINE === 'planetscale'
-    ? 'mysql'
-    : process.env.DB_TYPE || 'postgres';
-let entitiesDir;
-if (process.env.DB_ENGINE === 'planetscale') {
-    entitiesDir = 'planetscale';
-}
-else {
-    switch (type) {
-        case 'mssql':
-        case 'sqlite':
-            entitiesDir = `sql/${type}`;
-            break;
-        case 'mariadb':
-        case 'mysql':
-            entitiesDir = `sql/mariadb`;
-            break;
-        default:
-            entitiesDir = 'sql';
-            break;
-    }
-}
-const migrationsDir = process.env.DB_ENGINE === 'planetscale' ? 'planetscale' : type;
-let ssl;
-if (process.env.DB_SSL === 'true') {
-    ssl = {
-        rejectUnauthorized: process.env.DB_SSL_REJECT_UNAUTHORIZED !== 'false',
-    };
-}
-const url = process.env.DB_URL || process.env.DATABASE_URL || 'postgresql://postgres:postgres@localhost:5432/postgres';
-let AppDataSource;
-const baseOpts = {
-    type,
-    synchronize: false,
-    migrationsTableName: '_jackson_migrations',
-    logging: 'all',
-    entities: [`src/db/${entitiesDir}/entity/**/*.ts`],
-    migrations: type === 'mssql' || type === 'sqlite'
-        ? [`migration/${migrationsDir}/**/*.ts`]
-        : [`migration/${migrationsDir}/**/*.ts`, `migration/sql/**/*.ts`],
-};
-if (type === 'mssql') {
-    const mssqlOpts = mssql.parseURL(url);
-    AppDataSource = new DataSource(Object.assign({ host: mssqlOpts.host, port: mssqlOpts.port, database: mssqlOpts.database, username: mssqlOpts.username, password: mssqlOpts.password, options: mssqlOpts.options }, baseOpts));
-}
-else if (type === 'sqlite') {
-    AppDataSource = new DataSource(Object.assign({ database: url, driver: require('@libsql/sqlite3') }, baseOpts));
-}
-else {
-    AppDataSource = new DataSource(Object.assign({ url: process.env.DB_URL ||
-            process.env.DATABASE_URL ||
-            'postgresql://postgres:postgres@localhost:5432/postgres', ssl }, baseOpts));
-}
-export default AppDataSource;
-//# sourceMappingURL=typeorm.js.map

package/dist/typeorm.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"typeorm.js","sourceRoot":"","sources":["../typeorm.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,kBAAkB,CAAC,CAAC;AAC5B,OAAO,EAAE,UAAU,EAAmC,MAAM,SAAS,CAAC;AACtE,OAAO,KAAK,KAAK,MAAM,oBAAoB,CAAC;AAE5C,MAAM,IAAI,GACR,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,aAAa;IACrC,CAAC,CAAC,OAAO;IACT,CAAC,CAAe,OAAO,CAAC,GAAG,CAAC,OAAO,IAAkB,UAAU,CAAC;AAEpE,IAAI,WAAW,CAAC;AAChB,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,aAAa,EAAE,CAAC;IAC5C,WAAW,GAAG,aAAa,CAAC;AAC9B,CAAC;KAAM,CAAC;IACN,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,OAAO,CAAC;QACb,KAAK,QAAQ;YACX,WAAW,GAAG,OAAO,IAAI,EAAE,CAAC;YAC5B,MAAM;QACR,KAAK,SAAS,CAAC;QACf,KAAK,OAAO;YACV,WAAW,GAAG,aAAa,CAAC;YAC5B,MAAM;QACR;YACE,WAAW,GAAG,KAAK,CAAC;YACpB,MAAM;IACV,CAAC;AACH,CAAC;AACD,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC;AAErF,IAAI,GAAG,CAAC;AACR,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;IAClC,GAAG,GAAG;QACJ,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,0BAA0B,KAAK,OAAO;KACvE,CAAC;AACJ,CAAC;AAED,MAAM,GAAG,GACP,OAAO,CAAC,GAAG,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,wDAAwD,CAAC;AAE7G,IAAI,aAAyB,CAAC;AAE9B,MAAM,QAAQ,GAAG;IACf,IAAI;IACJ,WAAW,EAAE,KAAK;IAClB,mBAAmB,EAAE,qBAAqB;IAC1C,OAAO,EAAE,KAAK;IACd,QAAQ,EAAE,CAAC,UAAU,WAAW,iBAAiB,CAAC;IAClD,UAAU,EACR,IAAI,KAAK,OAAO,IAAI,IAAI,KAAK,QAAQ;QACnC,CAAC,CAAC,CAAC,aAAa,aAAa,UAAU,CAAC;QACxC,CAAC,CAAC,CAAC,aAAa,aAAa,UAAU,EAAE,uBAAuB,CAAC;CACtE,CAAC;AAEF,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;IACrB,MAAM,SAAS,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACtC,aAAa,GAAG,IAAI,UAAU,CAAC,gBAC7B,IAAI,EAAE,SAAS,CAAC,IAAI,EACpB,IAAI,EAAE,SAAS,CAAC,IAAI,EACpB,QAAQ,EAAE,SAAS,CAAC,QAAQ,EAC5B,QAAQ,EAAE,SAAS,CAAC,QAAQ,EAC5B,QAAQ,EAAE,SAAS,CAAC,QAAQ,EAC5B,OAAO,EAAE,SAAS,CAAC,OAAO,IACvB,QAAQ,CACZ,CAAC,CAAC;AACL,CAAC;KAAM,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;IAC7B,aAAa,GAAG,IAAI,UAAU,CAAC,gBAC7B,QAAQ,EAAE,GAAG,EACb,MAAM,EAAE,OAAO,CAAC,iBAAiB,CAAC,IAC/B,QAAQ,CACZ,CAAC,CAAC;AACL,CAAC;KAAM,CAAC;IACN,aAAa,GAAG,IAAI,UAAU,CAAC,gBAC7B,GAAG,EACD,OAAO,CAAC,GAAG,CAAC,MAAM;YAClB,OAAO,CAAC,GAAG,CAAC,YAAY;YACxB,wDAAwD,EAC1D,GAAG,IACA,QAAQ,CACZ,CAAC,CAAC;AACL,CAAC;AAED,eAAe,aAAa,CAAC"}