@cabin-id/nextjs 0.2.4 → 1.0.0

package/dist/esm/server/middleware.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/server/middleware.ts"],"sourcesContent":["import { NextMiddleware, NextResponse } from 'next/server';\nimport {\n  constants,\n  PUBLISHABLE_KEY,\n  SECRET_KEY,\n  SIGN_IN_URL,\n  SIGN_UP_URL,\n} from '../constants';\nimport { assertKey, decorateRequest, redirectAdapter } from './utils';\nimport {\n  NextMiddlewareEvtParam,\n  NextMiddlewareRequestParam,\n  NextMiddlewareReturn,\n} from './type';\nimport { cabinIdClient } from './client';\nimport { CabinIdRequest, createCabinIdRequest } from '../tokens/cabinIdRequest';\nimport { AuthProtect, createProtect } from './protect';\nimport { createRedirect, RedirectFun } from './createRedirect';\nimport { isRedirect, setHeader } from '../utils/response';\nimport { RequestState } from '../tokens/authStatus';\nimport { AuthObject } from '../tokens/authObjects';\nimport { serverRedirectWithAuth } from './serverRedirectWithAuth';\nimport { AuthenticateRequestOptions } from '../api/factory';\n\nconst CONTROL_FLOW_ERROR = {\n  FORCE_NOT_FOUND: 'CABIN_ID_PROTECT_REWRITE',\n  REDIRECT_TO_URL: 'CABIN_ID_PROTECT_REDIRECT_TO_URL',\n  REDIRECT_TO_SIGN_IN: 'CABIN_ID_PROTECT_REDIRECT_TO_SIGN_IN',\n};\n\nexport type CabinIdMiddlewareAuthObject = AuthObject & {\n  protect: AuthProtect;\n  redirectToSignIn: RedirectFun<Response>;\n};\n\nexport type CabinIdMiddlewareAuth = () => CabinIdMiddlewareAuthObject;\n\nexport interface AuthMiddleware {\n  /**\n   * @example\n   * export default clerkMiddleware((auth, request, event) => { ... }, options);\n   */\n  (\n    handler: CabinIdMiddlewareHandler,\n    options?: CabinIdMiddlewareOptions\n  ): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware(options);\n   */\n  (options?: CabinIdMiddlewareOptions): NextMiddleware;\n  /**\n   * @example\n   * export default clerkMiddleware;\n   */\n  (\n    request: NextMiddlewareRequestParam,\n    event: NextMiddlewareEvtParam\n  ): NextMiddlewareReturn;\n}\n\ntype CabinIdMiddlewareHandler = (\n  auth: CabinIdMiddlewareAuth,\n  request: NextMiddlewareRequestParam,\n  event: NextMiddlewareEvtParam\n) => NextMiddlewareReturn;\n\nexport type CabinIdMiddlewareOptions = AuthenticateRequestOptions;\n\nconst parseRequestAndEvent = (args: unknown[]) => {\n  return [\n    args[0] instanceof Request ? args[0] : undefined,\n    args[0] instanceof Request ? args[1] : undefined,\n  ] as [\n    NextMiddlewareRequestParam | undefined,\n    NextMiddlewareEvtParam | undefined,\n  ];\n};\n\nconst parseHandlerAndOptions = (args: unknown[]) => {\n  return [\n    typeof args[0] === 'function' ? args[0] : undefined,\n    (args.length === 2\n      ? args[1]\n      : typeof args[0] === 'function'\n        ? {}\n        : args[0]) || {},\n  ] as [CabinIdMiddlewareHandler | undefined, CabinIdMiddlewareOptions];\n};\n\nconst authMiddleware: AuthMiddleware = (...args: unknown[]): any => {\n  const [request, event] = parseRequestAndEvent(args);\n  const [handler, params] = parseHandlerAndOptions(args);\n\n  const publishableKey = assertKey(\n    params.publishableKey || PUBLISHABLE_KEY,\n    () => {\n      throw new Error('Publish Key is not exist');\n    }\n  );\n  const secretKey = assertKey(params.secretKey || SECRET_KEY, () => {\n    throw new Error('Secret Key is not valid');\n  });\n\n  const signInUrl = params.signInUrl || SIGN_IN_URL;\n  const signUpUrl = params.signUpUrl || SIGN_UP_URL;\n\n  const options = {\n    ...params,\n    publishableKey,\n    secretKey,\n    signInUrl,\n    signUpUrl,\n  };\n\n  const nextMiddleware: NextMiddleware = async (_request, _event) => {\n    const accessToken = _request.nextUrl.searchParams.get(\n      constants.QueryParams.Token\n    );\n    const userId = _request.nextUrl.searchParams.get(\n      constants.QueryParams.UserId\n    );\n\n    if (accessToken && userId) {\n      const url = _request.nextUrl;\n      const path = url.pathname;\n      const response = NextResponse.redirect(\n        new URL(path || '/', _request.url)\n      );\n      response.cookies.set(constants.Cookies.Client, accessToken);\n      response.cookies.set(constants.Cookies.User, userId);\n      return response;\n    }\n\n    const cabinIdRequest = createCabinIdRequest(_request);\n\n    const requestState = await cabinIdClient.authenticateRequest(\n      cabinIdRequest,\n      options\n    );\n\n    const authObject = requestState.toAuth();\n\n    const redirectToSignIn = createMiddlewareRedirectToSignIn(cabinIdRequest);\n\n    const protect = createMiddlewareProtect(\n      cabinIdRequest,\n      authObject,\n      redirectToSignIn\n    );\n\n    const authObjWithMethods: CabinIdMiddlewareAuthObject = Object.assign(\n      authObject,\n      { protect, redirectToSignIn }\n    );\n\n    let handlerResult: Response = NextResponse.next();\n\n    try {\n      handlerResult =\n        (await handler?.(() => authObjWithMethods, _request, _event)) ||\n        handlerResult;\n    } catch (e: any) {\n      handlerResult = handleControlFlowErrors(e, cabinIdRequest, requestState);\n    }\n\n    if (isRedirect(handlerResult)) {\n      return serverRedirectWithAuth(cabinIdRequest, handlerResult);\n    }\n\n    decorateRequest(\n      cabinIdRequest,\n      handlerResult,\n      requestState,\n      options.secretKey\n    );\n\n    // TODO @nikos: we need to make this more generic\n    // and move the logic in clerk/backend\n    if (requestState.headers) {\n      requestState.headers.forEach((value, key) => {\n        handlerResult.headers.append(key, value);\n      });\n    }\n\n    return handlerResult;\n  };\n\n  // If we have a request and event, we're being called as a middleware directly\n  // eg, export default clerkMiddleware;\n  if (request && event) {\n    return nextMiddleware(request, event);\n  }\n\n  // Otherwise, return a middleware that can be called with a request and event\n  // eg, export default clerkMiddleware(auth => { ... });\n  return nextMiddleware;\n};\n\nexport { authMiddleware };\n\nconst createMiddlewareRedirectToSignIn = (\n  cabinIdRequest: CabinIdRequest\n): CabinIdMiddlewareAuthObject['redirectToSignIn'] => {\n  return (opts = {}) => {\n    const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN) as any;\n    err.returnBackUrl =\n      opts.returnBackUrl === null\n        ? ''\n        : opts.returnBackUrl || cabinIdRequest.cabinIdUrl.toString();\n    throw err;\n  };\n};\n\nconst createMiddlewareProtect = (\n  cabinIdRequest: CabinIdRequest,\n  authObject: AuthObject,\n  redirectToSignIn: RedirectFun<Response>\n): CabinIdMiddlewareAuthObject['protect'] => {\n  return ((_: any, options: any) => {\n    const notFound = () => {\n      throw new Error(CONTROL_FLOW_ERROR.FORCE_NOT_FOUND) as any;\n    };\n\n    const redirect = (url: string) => {\n      const err = new Error(CONTROL_FLOW_ERROR.REDIRECT_TO_URL) as any;\n      err.redirectUrl = url;\n      throw err;\n    };\n\n    return createProtect({\n      request: cabinIdRequest,\n      redirect,\n      notFound,\n      authObject,\n      redirectToSignIn,\n    })(options);\n  }) as AuthProtect;\n};\n\n// Handle errors thrown by protect() and redirectToSignIn() calls,\n// as we want to align the APIs between middleware, pages and route handlers\n// Normally, middleware requires to explicitly return a response, but we want to\n// avoid discrepancies between the APIs as it's easy to miss the `return` statement\n// especially when copy-pasting code from one place to another.\n// This function handles the known errors thrown by the APIs described above,\n// and returns the appropriate response.\nconst handleControlFlowErrors = (\n  e: any,\n  cabinIdRequest: CabinIdRequest,\n  requestState: RequestState\n): Response => {\n  switch (e.message) {\n    case CONTROL_FLOW_ERROR.FORCE_NOT_FOUND:\n      // Rewrite to a bogus URL to force not found error\n      return setHeader(\n        NextResponse.rewrite(\n          `${cabinIdRequest.cabinIdUrl.origin}/cabin_${Date.now()}`\n        ),\n        constants.Headers.AuthReason,\n        'protect-rewrite'\n      );\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_URL:\n      return redirectAdapter(e.redirectUrl);\n    case CONTROL_FLOW_ERROR.REDIRECT_TO_SIGN_IN:\n      return createRedirect({\n        redirectAdapter,\n        baseUrl: cabinIdRequest.cabinIdUrl,\n        signInUrl: requestState.signInUrl,\n        signUpUrl: requestState.signUpUrl,\n        publishableKey: requestState.publishableKey,\n      }).redirectToSignIn({ returnBackUrl: e.returnBackUrl });\n    default:\n      throw e;\n  }\n};\n"],"mappings":"AAAA,SAAyB,oBAAoB;AAC7C;AAAA,EACE;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,OACK;AACP,SAAS,WAAW,iBAAiB,uBAAuB;AAM5D,SAAS,qBAAqB;AAC9B,SAAyB,4BAA4B;AACrD,SAAsB,qBAAqB;AAC3C,SAAS,sBAAmC;AAC5C,SAAS,YAAY,iBAAiB;AAGtC,SAAS,8BAA8B;AAGvC,MAAM,qBAAqB;AAAA,EACzB,iBAAiB;AAAA,EACjB,iBAAiB;AAAA,EACjB,qBAAqB;AACvB;AAyCA,MAAM,uBAAuB,CAAC,SAAoB;AAChD,SAAO;AAAA,IACL,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,IACvC,KAAK,CAAC,aAAa,UAAU,KAAK,CAAC,IAAI;AAAA,EACzC;AAIF;AAEA,MAAM,yBAAyB,CAAC,SAAoB;AAClD,SAAO;AAAA,IACL,OAAO,KAAK,CAAC,MAAM,aAAa,KAAK,CAAC,IAAI;AAAA,KACzC,KAAK,WAAW,IACb,KAAK,CAAC,IACN,OAAO,KAAK,CAAC,MAAM,aACjB,CAAC,IACD,KAAK,CAAC,MAAM,CAAC;AAAA,EACrB;AACF;AAEA,MAAM,iBAAiC,IAAI,SAAyB;AAClE,QAAM,CAAC,SAAS,KAAK,IAAI,qBAAqB,IAAI;AAClD,QAAM,CAAC,SAAS,MAAM,IAAI,uBAAuB,IAAI;AAErD,QAAM,iBAAiB;AAAA,IACrB,OAAO,kBAAkB;AAAA,IACzB,MAAM;AACJ,YAAM,IAAI,MAAM,0BAA0B;AAAA,IAC5C;AAAA,EACF;AACA,QAAM,YAAY,UAAU,OAAO,aAAa,YAAY,MAAM;AAChE,UAAM,IAAI,MAAM,yBAAyB;AAAA,EAC3C,CAAC;AAED,QAAM,YAAY,OAAO,aAAa;AACtC,QAAM,YAAY,OAAO,aAAa;AAEtC,QAAM,UAAU;AAAA,IACd,GAAG;AAAA,IACH;AAAA,IACA;AAAA,IACA;AAAA,IACA;AAAA,EACF;AAEA,QAAM,iBAAiC,OAAO,UAAU,WAAW;AACjE,UAAM,cAAc,SAAS,QAAQ,aAAa;AAAA,MAChD,UAAU,YAAY;AAAA,IACxB;AACA,UAAM,SAAS,SAAS,QAAQ,aAAa;AAAA,MAC3C,UAAU,YAAY;AAAA,IACxB;AAEA,QAAI,eAAe,QAAQ;AACzB,YAAM,MAAM,SAAS;AACrB,YAAM,OAAO,IAAI;AACjB,YAAM,WAAW,aAAa;AAAA,QAC5B,IAAI,IAAI,QAAQ,KAAK,SAAS,GAAG;AAAA,MACnC;AACA,eAAS,QAAQ,IAAI,UAAU,QAAQ,QAAQ,WAAW;AAC1D,eAAS,QAAQ,IAAI,UAAU,QAAQ,MAAM,MAAM;AACnD,aAAO;AAAA,IACT;AAEA,UAAM,iBAAiB,qBAAqB,QAAQ;AAEpD,UAAM,eAAe,MAAM,cAAc;AAAA,MACvC;AAAA,MACA;AAAA,IACF;AAEA,UAAM,aAAa,aAAa,OAAO;AAEvC,UAAM,mBAAmB,iCAAiC,cAAc;AAExE,UAAM,UAAU;AAAA,MACd;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAEA,UAAM,qBAAkD,OAAO;AAAA,MAC7D;AAAA,MACA,EAAE,SAAS,iBAAiB;AAAA,IAC9B;AAEA,QAAI,gBAA0B,aAAa,KAAK;AAEhD,QAAI;AACF,sBACG,OAAM,mCAAU,MAAM,oBAAoB,UAAU,YACrD;AAAA,IACJ,SAAS,GAAQ;AACf,sBAAgB,wBAAwB,GAAG,gBAAgB,YAAY;AAAA,IACzE;AAEA,QAAI,WAAW,aAAa,GAAG;AAC7B,aAAO,uBAAuB,gBAAgB,aAAa;AAAA,IAC7D;AAEA;AAAA,MACE;AAAA,MACA;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,IACV;AAIA,QAAI,aAAa,SAAS;AACxB,mBAAa,QAAQ,QAAQ,CAAC,OAAO,QAAQ;AAC3C,sBAAc,QAAQ,OAAO,KAAK,KAAK;AAAA,MACzC,CAAC;AAAA,IACH;AAEA,WAAO;AAAA,EACT;AAIA,MAAI,WAAW,OAAO;AACpB,WAAO,eAAe,SAAS,KAAK;AAAA,EACtC;AAIA,SAAO;AACT;AAIA,MAAM,mCAAmC,CACvC,mBACoD;AACpD,SAAO,CAAC,OAAO,CAAC,MAAM;AACpB,UAAM,MAAM,IAAI,MAAM,mBAAmB,mBAAmB;AAC5D,QAAI,gBACF,KAAK,kBAAkB,OACnB,KACA,KAAK,iBAAiB,eAAe,WAAW,SAAS;AAC/D,UAAM;AAAA,EACR;AACF;AAEA,MAAM,0BAA0B,CAC9B,gBACA,YACA,qBAC2C;AAC3C,SAAQ,CAAC,GAAQ,YAAiB;AAChC,UAAM,WAAW,MAAM;AACrB,YAAM,IAAI,MAAM,mBAAmB,eAAe;AAAA,IACpD;AAEA,UAAM,WAAW,CAAC,QAAgB;AAChC,YAAM,MAAM,IAAI,MAAM,mBAAmB,eAAe;AACxD,UAAI,cAAc;AAClB,YAAM;AAAA,IACR;AAEA,WAAO,cAAc;AAAA,MACnB,SAAS;AAAA,MACT;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF,CAAC,EAAE,OAAO;AAAA,EACZ;AACF;AASA,MAAM,0BAA0B,CAC9B,GACA,gBACA,iBACa;AACb,UAAQ,EAAE,SAAS;AAAA,IACjB,KAAK,mBAAmB;AAEtB,aAAO;AAAA,QACL,aAAa;AAAA,UACX,GAAG,eAAe,WAAW,MAAM,UAAU,KAAK,IAAI,CAAC;AAAA,QACzD;AAAA,QACA,UAAU,QAAQ;AAAA,QAClB;AAAA,MACF;AAAA,IACF,KAAK,mBAAmB;AACtB,aAAO,gBAAgB,EAAE,WAAW;AAAA,IACtC,KAAK,mBAAmB;AACtB,aAAO,eAAe;AAAA,QACpB;AAAA,QACA,SAAS,eAAe;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,WAAW,aAAa;AAAA,QACxB,gBAAgB,aAAa;AAAA,MAC/B,CAAC,EAAE,iBAAiB,EAAE,eAAe,EAAE,cAAc,CAAC;AAAA,IACxD;AACE,YAAM;AAAA,EACV;AACF;","names":[]}

package/dist/esm/server/protect.js

@@ -1,45 +0,0 @@
-import { constants } from "../constants";
-const createProtect = (opts) => {
-  const { redirectToSignIn, authObject, redirect, notFound, request } = opts;
-  return (...args) => {
-    var _a, _b, _c, _d, _e, _f;
-    const optionValuesAsParam = ((_a = args[0]) == null ? void 0 : _a.unauthenticatedUrl) || ((_b = args[0]) == null ? void 0 : _b.unauthorizedUrl);
-    const paramsOrFunction = optionValuesAsParam ? void 0 : args[0];
-    const unauthenticatedUrl = ((_c = args[0]) == null ? void 0 : _c.unauthenticatedUrl) || ((_d = args[1]) == null ? void 0 : _d.unauthenticatedUrl);
-    const unauthorizedUrl = ((_e = args[0]) == null ? void 0 : _e.unauthorizedUrl) || ((_f = args[1]) == null ? void 0 : _f.unauthorizedUrl);
-    const handleUnauthenticated = () => {
-      if (unauthenticatedUrl) {
-        return redirect(unauthenticatedUrl);
-      }
-      if (isPageRequest(request)) {
-        return redirectToSignIn();
-      }
-      return notFound();
-    };
-    const handleUnauthorized = () => {
-      if (unauthorizedUrl) {
-        return redirect(unauthorizedUrl);
-      }
-      return notFound();
-    };
-    if (!authObject.userId) {
-      return handleUnauthenticated();
-    }
-    if (!paramsOrFunction) {
-      return authObject;
-    }
-    return handleUnauthorized();
-  };
-};
-const isServerActionRequest = (req) => {
-  var _a, _b;
-  return !!req.headers.get(constants.NextHeaders.NextUrl) && (((_a = req.headers.get(constants.Headers.Accept)) == null ? void 0 : _a.includes("text/x-component")) || ((_b = req.headers.get(constants.Headers.ContentType)) == null ? void 0 : _b.includes("multipart/form-data")) || !!req.headers.get(constants.NextHeaders.NextAction));
-};
-const isPageRequest = (req) => {
-  var _a;
-  return req.headers.get(constants.Headers.SecFetchDest) === "document" || ((_a = req.headers.get(constants.Headers.Accept)) == null ? void 0 : _a.includes("text/html")) || !!req.headers.get(constants.NextHeaders.NextUrl) && !isServerActionRequest(req) || !!req.headers.get(constants.NextHeaders.NextjsData);
-};
-export {
-  createProtect
-};
-//# sourceMappingURL=protect.js.map

package/dist/esm/server/protect.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/server/protect.ts"],"sourcesContent":["import { AuthObject, SignedInAuthObject } from '../tokens/authObjects';\nimport { constants } from '../constants';\nimport { RedirectFun } from './createRedirect';\n\ntype AuthProtectOptions = {\n  unauthorizedUrl?: string;\n  unauthenticatedUrl?: string;\n};\n\n/**\n * Throws a Nextjs notFound error if user is not authenticated or authorized.\n */\nexport interface AuthProtect {\n  // (\n  //   params?: CheckAuthorizationParamsWithCustomPermissions,\n  //   options?: AuthProtectOptions\n  // ): SignedInAuthObject;\n\n  // (\n  //   params?: (has: CheckAuthorizationWithCustomPermissions) => boolean,\n  //   options?: AuthProtectOptions\n  // ): SignedInAuthObject;\n\n  (options?: AuthProtectOptions): SignedInAuthObject;\n}\n\nexport const createProtect = (opts: {\n  request: Request;\n  authObject: AuthObject;\n  /**\n   * middleware and pages throw a notFound error if signed out\n   * but the middleware needs to throw an error it can catch\n   * use this callback to customise the behavior\n   */\n  notFound: () => never;\n  /**\n   * see {@link notFound} above\n   */\n  redirect: (url: string) => void;\n  /**\n   * protect() in middleware redirects to signInUrl if signed out\n   * protect() in pages throws a notFound error if signed out\n   * use this callback to customise the behavior\n   */\n  redirectToSignIn: RedirectFun<unknown>;\n}): AuthProtect => {\n  const { redirectToSignIn, authObject, redirect, notFound, request } = opts;\n\n  return ((...args: any[]) => {\n    const optionValuesAsParam =\n      args[0]?.unauthenticatedUrl || args[0]?.unauthorizedUrl;\n    const paramsOrFunction = optionValuesAsParam ? undefined : args[0];\n    const unauthenticatedUrl = (args[0]?.unauthenticatedUrl ||\n      args[1]?.unauthenticatedUrl) as string | undefined;\n    const unauthorizedUrl = (args[0]?.unauthorizedUrl ||\n      args[1]?.unauthorizedUrl) as string | undefined;\n\n    const handleUnauthenticated = () => {\n      if (unauthenticatedUrl) {\n        return redirect(unauthenticatedUrl);\n      }\n      if (isPageRequest(request)) {\n        // TODO: Handle runtime values. What happens if runtime values are set in middleware and in ClerkProvider as well?\n        return redirectToSignIn();\n      }\n      return notFound();\n    };\n\n    const handleUnauthorized = () => {\n      if (unauthorizedUrl) {\n        return redirect(unauthorizedUrl);\n      }\n      return notFound();\n    };\n\n    /**\n     * User is not authenticated\n     */\n    if (!authObject.userId) {\n      return handleUnauthenticated();\n    }\n\n    /**\n     * User is authenticated\n     */\n    if (!paramsOrFunction) {\n      return authObject;\n    }\n\n    /**\n     * if a function is passed and returns false then throw not found\n     */\n    // if (typeof paramsOrFunction === 'function') {\n    //   if (paramsOrFunction(authObject.has)) {\n    //     return authObject;\n    //   }\n    //   return handleUnauthorized();\n    // }\n\n    /**\n     * Checking if user is authorized when permission or role is passed\n     */\n    // if (authObject.has(paramsOrFunction)) {\n    //   return authObject;\n    // }\n\n    return handleUnauthorized();\n  }) as AuthProtect;\n};\n\nconst isServerActionRequest = (req: Request) => {\n  return (\n    !!req.headers.get(constants.NextHeaders.NextUrl) &&\n    (req.headers.get(constants.Headers.Accept)?.includes('text/x-component') ||\n      req.headers\n        .get(constants.Headers.ContentType)\n        ?.includes('multipart/form-data') ||\n      !!req.headers.get(constants.NextHeaders.NextAction))\n  );\n};\n\nconst isPageRequest = (req: Request): boolean => {\n  return (\n    req.headers.get(constants.Headers.SecFetchDest) === 'document' ||\n    req.headers.get(constants.Headers.Accept)?.includes('text/html') ||\n    (!!req.headers.get(constants.NextHeaders.NextUrl) &&\n      !isServerActionRequest(req)) ||\n    !!req.headers.get(constants.NextHeaders.NextjsData)\n  );\n};\n\n// In case we want to handle router handlers and server actions differently in the future\n// const isRouteHandler = (req: Request) => {\n//   return !isPageRequest(req) && !isServerAction(req);\n// };\n"],"mappings":"AACA,SAAS,iBAAiB;AAyBnB,MAAM,gBAAgB,CAAC,SAmBX;AACjB,QAAM,EAAE,kBAAkB,YAAY,UAAU,UAAU,QAAQ,IAAI;AAEtE,SAAQ,IAAI,SAAgB;AAhD9B;AAiDI,UAAM,wBACJ,UAAK,CAAC,MAAN,mBAAS,yBAAsB,UAAK,CAAC,MAAN,mBAAS;AAC1C,UAAM,mBAAmB,sBAAsB,SAAY,KAAK,CAAC;AACjE,UAAM,uBAAsB,UAAK,CAAC,MAAN,mBAAS,yBACnC,UAAK,CAAC,MAAN,mBAAS;AACX,UAAM,oBAAmB,UAAK,CAAC,MAAN,mBAAS,sBAChC,UAAK,CAAC,MAAN,mBAAS;AAEX,UAAM,wBAAwB,MAAM;AAClC,UAAI,oBAAoB;AACtB,eAAO,SAAS,kBAAkB;AAAA,MACpC;AACA,UAAI,cAAc,OAAO,GAAG;AAE1B,eAAO,iBAAiB;AAAA,MAC1B;AACA,aAAO,SAAS;AAAA,IAClB;AAEA,UAAM,qBAAqB,MAAM;AAC/B,UAAI,iBAAiB;AACnB,eAAO,SAAS,eAAe;AAAA,MACjC;AACA,aAAO,SAAS;AAAA,IAClB;AAKA,QAAI,CAAC,WAAW,QAAQ;AACtB,aAAO,sBAAsB;AAAA,IAC/B;AAKA,QAAI,CAAC,kBAAkB;AACrB,aAAO;AAAA,IACT;AAmBA,WAAO,mBAAmB;AAAA,EAC5B;AACF;AAEA,MAAM,wBAAwB,CAAC,QAAiB;AA9GhD;AA+GE,SACE,CAAC,CAAC,IAAI,QAAQ,IAAI,UAAU,YAAY,OAAO,QAC9C,SAAI,QAAQ,IAAI,UAAU,QAAQ,MAAM,MAAxC,mBAA2C,SAAS,0BACnD,SAAI,QACD,IAAI,UAAU,QAAQ,WAAW,MADpC,mBAEI,SAAS,2BACb,CAAC,CAAC,IAAI,QAAQ,IAAI,UAAU,YAAY,UAAU;AAExD;AAEA,MAAM,gBAAgB,CAAC,QAA0B;AAzHjD;AA0HE,SACE,IAAI,QAAQ,IAAI,UAAU,QAAQ,YAAY,MAAM,gBACpD,SAAI,QAAQ,IAAI,UAAU,QAAQ,MAAM,MAAxC,mBAA2C,SAAS,iBACnD,CAAC,CAAC,IAAI,QAAQ,IAAI,UAAU,YAAY,OAAO,KAC9C,CAAC,sBAAsB,GAAG,KAC5B,CAAC,CAAC,IAAI,QAAQ,IAAI,UAAU,YAAY,UAAU;AAEtD;","names":[]}

package/dist/esm/server/routeMatcher.js

@@ -1,18 +0,0 @@
-import { paths } from "../utils";
-const createRouteMatcher = (routes) => {
-  if (typeof routes === "function") {
-    return (req) => routes(req);
-  }
-  const routePatterns = [routes || ""].flat().filter(Boolean);
-  const matchers = precomputePathRegex(routePatterns);
-  return (req) => matchers.some((matcher) => matcher.test(req.nextUrl.pathname));
-};
-const precomputePathRegex = (patterns) => {
-  return patterns.map(
-    (pattern) => pattern instanceof RegExp ? pattern : paths.toRegexp(pattern)
-  );
-};
-export {
-  createRouteMatcher
-};
-//# sourceMappingURL=routeMatcher.js.map

package/dist/esm/server/routeMatcher.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/server/routeMatcher.ts"],"sourcesContent":["import type Link from 'next/link';\nimport type { NextRequest } from 'next/server';\nimport type { Autocomplete } from '../types';\nimport { paths } from '../utils';\n\ntype WithPathPatternWildcard<T> = `${T & string}(.*)`;\ntype NextTypedRoute<T = Parameters<typeof Link>['0']['href']> = T extends string\n  ? T\n  : never;\n\ntype RouteMatcherWithNextTypedRoutes = Autocomplete<\n  WithPathPatternWildcard<NextTypedRoute> | NextTypedRoute\n>;\n\nexport type RouteMatcherParam =\n  | Array<RegExp | RouteMatcherWithNextTypedRoutes>\n  | RegExp\n  | RouteMatcherWithNextTypedRoutes\n  | ((req: NextRequest) => boolean);\n\nexport const createRouteMatcher = (routes: RouteMatcherParam) => {\n  if (typeof routes === 'function') {\n    return (req: NextRequest) => routes(req);\n  }\n  const routePatterns = [routes || ''].flat().filter(Boolean);\n  const matchers = precomputePathRegex(routePatterns);\n  return (req: NextRequest) =>\n    matchers.some((matcher) => matcher.test(req.nextUrl.pathname));\n};\n\nconst precomputePathRegex = (patterns: Array<string | RegExp>) => {\n  return patterns.map((pattern) =>\n    pattern instanceof RegExp ? pattern : paths.toRegexp(pattern)\n  );\n};\n"],"mappings":"AAGA,SAAS,aAAa;AAiBf,MAAM,qBAAqB,CAAC,WAA8B;AAC/D,MAAI,OAAO,WAAW,YAAY;AAChC,WAAO,CAAC,QAAqB,OAAO,GAAG;AAAA,EACzC;AACA,QAAM,gBAAgB,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,OAAO,OAAO;AAC1D,QAAM,WAAW,oBAAoB,aAAa;AAClD,SAAO,CAAC,QACN,SAAS,KAAK,CAAC,YAAY,QAAQ,KAAK,IAAI,QAAQ,QAAQ,CAAC;AACjE;AAEA,MAAM,sBAAsB,CAAC,aAAqC;AAChE,SAAO,SAAS;AAAA,IAAI,CAAC,YACnB,mBAAmB,SAAS,UAAU,MAAM,SAAS,OAAO;AAAA,EAC9D;AACF;","names":[]}

package/dist/esm/server/serverRedirectWithAuth.js

@@ -1,15 +0,0 @@
-import { NextResponse } from "next/server";
-import { constants } from "../constants";
-const serverRedirectWithAuth = (cabinIdRequest, res) => {
-  const location = res.headers.get("location");
-  const shouldAppendDevBrowser = res.headers.get(constants.Headers.CabinIdRedirectTo) === "true";
-  if (shouldAppendDevBrowser && !!location && cabinIdRequest.cabinIdUrl.isCrossOrigin(location)) {
-    const url = new URL(location);
-    return NextResponse.redirect(url.href, res);
-  }
-  return res;
-};
-export {
-  serverRedirectWithAuth
-};
-//# sourceMappingURL=serverRedirectWithAuth.js.map

package/dist/esm/server/serverRedirectWithAuth.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/server/serverRedirectWithAuth.ts"],"sourcesContent":["import { NextResponse } from 'next/server';\nimport { constants } from '../constants';\nimport { CabinIdRequest } from 'src/tokens/cabinIdRequest';\n\nexport const serverRedirectWithAuth = (\n  cabinIdRequest: CabinIdRequest,\n  res: Response\n) => {\n  const location = res.headers.get('location');\n  const shouldAppendDevBrowser =\n    res.headers.get(constants.Headers.CabinIdRedirectTo) === 'true';\n\n  if (\n    shouldAppendDevBrowser &&\n    !!location &&\n    cabinIdRequest.cabinIdUrl.isCrossOrigin(location)\n  ) {\n    const url = new URL(location);\n    return NextResponse.redirect(url.href, res);\n  }\n  return res;\n};\n"],"mappings":"AAAA,SAAS,oBAAoB;AAC7B,SAAS,iBAAiB;AAGnB,MAAM,yBAAyB,CACpC,gBACA,QACG;AACH,QAAM,WAAW,IAAI,QAAQ,IAAI,UAAU;AAC3C,QAAM,yBACJ,IAAI,QAAQ,IAAI,UAAU,QAAQ,iBAAiB,MAAM;AAE3D,MACE,0BACA,CAAC,CAAC,YACF,eAAe,WAAW,cAAc,QAAQ,GAChD;AACA,UAAM,MAAM,IAAI,IAAI,QAAQ;AAC5B,WAAO,aAAa,SAAS,IAAI,MAAM,GAAG;AAAA,EAC5C;AACA,SAAO;AACT;","names":[]}

package/dist/esm/server/type.js

@@ -1 +0,0 @@
-//# sourceMappingURL=type.js.map

package/dist/esm/server/type.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/esm/server/utils.js

@@ -1,132 +0,0 @@
-import { NextResponse, NextRequest } from "next/server";
-import { constants } from "../constants";
-function assertKey(key, onError) {
-  if (!key) {
-    onError();
-  }
-  return key;
-}
-const apiEndpointUnauthorizedNextResponse = () => {
-  return NextResponse.json(null, { status: 401, statusText: "Unauthorized" });
-};
-const redirectAdapter = (url) => {
-  return NextResponse.redirect(url, {
-    headers: { [constants.Headers.CabinIdRedirectTo]: "true" }
-  });
-};
-const OVERRIDE_HEADERS = "x-middleware-override-headers";
-const MIDDLEWARE_HEADER_PREFIX = "x-middleware-request";
-const setRequestHeadersOnNextResponse = (res, req, newHeaders) => {
-  if (!res.headers.get(OVERRIDE_HEADERS)) {
-    res.headers.set(OVERRIDE_HEADERS, [...req.headers.keys()]);
-    req.headers.forEach((val, key) => {
-      res.headers.set(`${MIDDLEWARE_HEADER_PREFIX}-${key}`, val);
-    });
-  }
-  Object.entries(newHeaders).forEach(([key, val]) => {
-    res.headers.set(
-      OVERRIDE_HEADERS,
-      `${res.headers.get(OVERRIDE_HEADERS)},${key}`
-    );
-    res.headers.set(`${MIDDLEWARE_HEADER_PREFIX}-${key}`, val);
-  });
-};
-function createTokenSignature(token, key) {
-  return `${token}${key}`;
-}
-function decorateRequest(req, res, requestState, secretKey) {
-  const { token } = requestState;
-  if (!res) {
-    res = NextResponse.next();
-  }
-  if (res.headers.get(constants.NextHeaders.NextRedirect)) {
-    return res;
-  }
-  let rewriteURL;
-  if (res.headers.get(constants.NextHeaders.NextResume) === "1") {
-    res.headers.delete(constants.NextHeaders.NextResume);
-    rewriteURL = new URL(req.url);
-  }
-  const rewriteURLHeader = res.headers.get(constants.NextHeaders.NextRewrite);
-  if (rewriteURLHeader) {
-    const reqURL = new URL(req.url);
-    rewriteURL = new URL(rewriteURLHeader);
-    if (rewriteURL.origin !== reqURL.origin) {
-      return res;
-    }
-  }
-  if (rewriteURL) {
-    setRequestHeadersOnNextResponse(res, req, {
-      [constants.Headers.AuthToken]: token || "",
-      [constants.Headers.AuthSignature]: token ? createTokenSignature(token, secretKey) : ""
-    });
-    const origin = rewriteURL == null ? void 0 : rewriteURL.origin;
-    const pathName = rewriteURL == null ? void 0 : rewriteURL.pathname;
-    res.headers.set(
-      constants.NextHeaders.NextRewrite,
-      `${origin}${pathName || ""}`
-    );
-  }
-  return res;
-}
-const buildRequestLike = () => {
-  try {
-    const { headers } = require("next/headers");
-    return new NextRequest("https://placeholder.com", { headers: headers() });
-  } catch (e) {
-    if (e && "message" in e && typeof e.message === "string" && (e.message.toLowerCase().includes("Dynamic server usage".toLowerCase()) || e.message.toLowerCase().includes(
-      "This page needs to bail out of prerendering".toLowerCase()
-    ))) {
-      throw e;
-    }
-    throw new Error(
-      `CabinID: auth() and currentUser() are only supported in App Router (/app directory).
-If you're using /pages, try getAuth() instead.
-Original error: ${e}`
-    );
-  }
-};
-function getCustomAttributeFromRequest(req, key) {
-  return key in req ? req[key] : void 0;
-}
-function getAuthKeyFromRequest(req, key) {
-  return getCustomAttributeFromRequest(req, constants.Attributes[key]) || getHeader(req, constants.Headers[key]);
-}
-function getHeader(req, name) {
-  var _a, _b;
-  if (isNextRequest(req)) {
-    return req.headers.get(name);
-  }
-  return req.headers[name] || req.headers[name.toLowerCase()] || ((_b = (_a = req.socket) == null ? void 0 : _a._httpMessage) == null ? void 0 : _b.getHeader(name));
-}
-function isNextRequest(val) {
-  try {
-    const { headers, nextUrl, cookies } = val || {};
-    return typeof (headers == null ? void 0 : headers.get) === "function" && typeof (nextUrl == null ? void 0 : nextUrl.searchParams.get) === "function" && typeof (cookies == null ? void 0 : cookies.get) === "function";
-  } catch (e) {
-    return false;
-  }
-}
-function getCookie(req, name) {
-  if (isNextRequest(req)) {
-    const reqCookieOrString = req.cookies.get(name);
-    if (!reqCookieOrString) {
-      return void 0;
-    }
-    return typeof reqCookieOrString === "string" ? reqCookieOrString : reqCookieOrString.value;
-  }
-  return req.cookies[name];
-}
-export {
-  apiEndpointUnauthorizedNextResponse,
-  assertKey,
-  buildRequestLike,
-  decorateRequest,
-  getAuthKeyFromRequest,
-  getCookie,
-  getCustomAttributeFromRequest,
-  getHeader,
-  redirectAdapter,
-  setRequestHeadersOnNextResponse
-};
-//# sourceMappingURL=utils.js.map

package/dist/esm/server/utils.js.map

@@ -1 +0,0 @@
-{"version":3,"sources":["../../../src/server/utils.ts"],"sourcesContent":["import { NextResponse, NextRequest } from 'next/server';\nimport { constants } from '../constants';\nimport { CabinIdRequest } from '../tokens/cabinIdRequest';\nimport { RequestLike } from './type';\n\nexport function assertKey(key: string, onError: () => never): string {\n  if (!key) {\n    onError();\n  }\n\n  return key;\n}\n\nexport const apiEndpointUnauthorizedNextResponse = () => {\n  return NextResponse.json(null, { status: 401, statusText: 'Unauthorized' });\n};\n\nexport const redirectAdapter = (url: string | URL) => {\n  return NextResponse.redirect(url, {\n    headers: { [constants.Headers.CabinIdRedirectTo]: 'true' },\n  });\n};\n\nconst OVERRIDE_HEADERS = 'x-middleware-override-headers';\nconst MIDDLEWARE_HEADER_PREFIX = 'x-middleware-request' as string;\n\nexport const setRequestHeadersOnNextResponse = (\n  res: NextResponse | Response,\n  req: Request,\n  newHeaders: Record<string, string>\n) => {\n  if (!res.headers.get(OVERRIDE_HEADERS)) {\n    // Emulate a user setting overrides by explicitly adding the required nextjs headers\n    // https://github.com/vercel/next.js/pull/41380\n    // @ts-expect-error\n    res.headers.set(OVERRIDE_HEADERS, [...req.headers.keys()]);\n    req.headers.forEach((val, key) => {\n      res.headers.set(`${MIDDLEWARE_HEADER_PREFIX}-${key}`, val);\n    });\n  }\n\n  // Now that we have normalised res to include overrides, just append the new header\n  Object.entries(newHeaders).forEach(([key, val]) => {\n    res.headers.set(\n      OVERRIDE_HEADERS,\n      `${res.headers.get(OVERRIDE_HEADERS)},${key}`\n    );\n    res.headers.set(`${MIDDLEWARE_HEADER_PREFIX}-${key}`, val);\n  });\n};\n\n/**\n * Compute a cryptographic signature from a session token and provided secret key. Used to validate that the token has not been modified when transferring between middleware and the Next.js origin.\n */\nfunction createTokenSignature(token: string, key: string): string {\n  return `${token}${key}`;\n}\n\ntype RequestState = any;\n\n// Auth result will be set as both a query param & header when applicable\nexport function decorateRequest(\n  req: CabinIdRequest,\n  res: Response,\n  requestState: RequestState,\n  secretKey: string\n): Response {\n  const { token } = requestState;\n\n  // pass-through case, convert to next()\n  if (!res) {\n    res = NextResponse.next();\n  }\n\n  // redirect() case, return early\n  if (res.headers.get(constants.NextHeaders.NextRedirect)) {\n    return res;\n  }\n\n  let rewriteURL;\n\n  // next() case, convert to a rewrite\n  if (res.headers.get(constants.NextHeaders.NextResume) === '1') {\n    res.headers.delete(constants.NextHeaders.NextResume);\n    rewriteURL = new URL(req.url);\n  }\n\n  // rewrite() case, set auth result only if origin remains the same\n  const rewriteURLHeader = res.headers.get(constants.NextHeaders.NextRewrite);\n\n  if (rewriteURLHeader) {\n    const reqURL = new URL(req.url);\n    rewriteURL = new URL(rewriteURLHeader);\n\n    // if the origin has changed, return early\n    if (rewriteURL.origin !== reqURL.origin) {\n      return res;\n    }\n  }\n\n  if (rewriteURL) {\n    setRequestHeadersOnNextResponse(res, req, {\n      [constants.Headers.AuthToken]: token || '',\n      [constants.Headers.AuthSignature]: token\n        ? createTokenSignature(token, secretKey)\n        : '',\n    });\n    const origin = rewriteURL?.origin;\n    const pathName = rewriteURL?.pathname;\n\n    res.headers.set(\n      constants.NextHeaders.NextRewrite,\n      `${origin}${pathName || ''}`\n    );\n  }\n  return res;\n}\n\nexport const buildRequestLike = () => {\n  try {\n    // Dynamically import next/headers, otherwise Next12 apps will break\n    // because next/headers was introduced in next@13\n    // eslint-disable-next-line @typescript-eslint/no-var-requires\n    const { headers } = require('next/headers');\n    return new NextRequest('https://placeholder.com', { headers: headers() });\n  } catch (e: any) {\n    if (\n      e &&\n      'message' in e &&\n      typeof e.message === 'string' &&\n      (e.message.toLowerCase().includes('Dynamic server usage'.toLowerCase()) ||\n        e.message\n          .toLowerCase()\n          .includes(\n            'This page needs to bail out of prerendering'.toLowerCase()\n          ))\n    ) {\n      throw e;\n    }\n\n    throw new Error(\n      `CabinID: auth() and currentUser() are only supported in App Router (/app directory).\\nIf you're using /pages, try getAuth() instead.\\nOriginal error: ${e}`\n    );\n  }\n};\n\nexport function getCustomAttributeFromRequest(\n  req: RequestLike,\n  key: string\n): string | null | undefined {\n  // @ts-expect-error - TS doesn't like indexing into RequestLike\n  return key in req ? req[key] : undefined;\n}\n\nexport function getAuthKeyFromRequest(\n  req: RequestLike,\n  key: keyof typeof constants.Attributes\n): string | null | undefined {\n  return (\n    getCustomAttributeFromRequest(req, constants.Attributes[key]) ||\n    getHeader(req, constants.Headers[key])\n  );\n}\n\nexport function getHeader(\n  req: RequestLike,\n  name: string\n): string | null | undefined {\n  if (isNextRequest(req)) {\n    return req.headers.get(name);\n  }\n\n  // If no header has been determined for IncomingMessage case, check if available within private `socket` headers\n  // When deployed to vercel, req.headers for API routes is a `IncomingHttpHeaders` key-val object which does not follow\n  // the Headers spec so the name is no longer case-insensitive.\n  return (\n    req.headers[name] ||\n    req.headers[name.toLowerCase()] ||\n    (req.socket as any)?._httpMessage?.getHeader(name)\n  );\n}\n\nfunction isNextRequest(val: unknown): val is NextRequest {\n  try {\n    const { headers, nextUrl, cookies } = (val || {}) as NextRequest;\n    return (\n      typeof headers?.get === 'function' &&\n      typeof nextUrl?.searchParams.get === 'function' &&\n      typeof cookies?.get === 'function'\n    );\n  } catch (e) {\n    return false;\n  }\n}\n\nexport function getCookie(req: RequestLike, name: string): string | undefined {\n  if (isNextRequest(req)) {\n    // Nextjs broke semver in the 13.0.0 -> 13.0.1 release, so even though\n    // this should be RequestCookie in all updated apps. In order to support apps\n    // using v13.0.0 still, we explicitly add the string type\n    // https://github.com/vercel/next.js/pull/41526\n    const reqCookieOrString = req.cookies.get(name) as\n      | ReturnType<NextRequest['cookies']['get']>\n      | string\n      | undefined;\n    if (!reqCookieOrString) {\n      return undefined;\n    }\n    return typeof reqCookieOrString === 'string'\n      ? reqCookieOrString\n      : reqCookieOrString.value;\n  }\n  return req.cookies[name];\n}\n"],"mappings":"AAAA,SAAS,cAAc,mBAAmB;AAC1C,SAAS,iBAAiB;AAInB,SAAS,UAAU,KAAa,SAA8B;AACnE,MAAI,CAAC,KAAK;AACR,YAAQ;AAAA,EACV;AAEA,SAAO;AACT;AAEO,MAAM,sCAAsC,MAAM;AACvD,SAAO,aAAa,KAAK,MAAM,EAAE,QAAQ,KAAK,YAAY,eAAe,CAAC;AAC5E;AAEO,MAAM,kBAAkB,CAAC,QAAsB;AACpD,SAAO,aAAa,SAAS,KAAK;AAAA,IAChC,SAAS,EAAE,CAAC,UAAU,QAAQ,iBAAiB,GAAG,OAAO;AAAA,EAC3D,CAAC;AACH;AAEA,MAAM,mBAAmB;AACzB,MAAM,2BAA2B;AAE1B,MAAM,kCAAkC,CAC7C,KACA,KACA,eACG;AACH,MAAI,CAAC,IAAI,QAAQ,IAAI,gBAAgB,GAAG;AAItC,QAAI,QAAQ,IAAI,kBAAkB,CAAC,GAAG,IAAI,QAAQ,KAAK,CAAC,CAAC;AACzD,QAAI,QAAQ,QAAQ,CAAC,KAAK,QAAQ;AAChC,UAAI,QAAQ,IAAI,GAAG,wBAAwB,IAAI,GAAG,IAAI,GAAG;AAAA,IAC3D,CAAC;AAAA,EACH;AAGA,SAAO,QAAQ,UAAU,EAAE,QAAQ,CAAC,CAAC,KAAK,GAAG,MAAM;AACjD,QAAI,QAAQ;AAAA,MACV;AAAA,MACA,GAAG,IAAI,QAAQ,IAAI,gBAAgB,CAAC,IAAI,GAAG;AAAA,IAC7C;AACA,QAAI,QAAQ,IAAI,GAAG,wBAAwB,IAAI,GAAG,IAAI,GAAG;AAAA,EAC3D,CAAC;AACH;AAKA,SAAS,qBAAqB,OAAe,KAAqB;AAChE,SAAO,GAAG,KAAK,GAAG,GAAG;AACvB;AAKO,SAAS,gBACd,KACA,KACA,cACA,WACU;AACV,QAAM,EAAE,MAAM,IAAI;AAGlB,MAAI,CAAC,KAAK;AACR,UAAM,aAAa,KAAK;AAAA,EAC1B;AAGA,MAAI,IAAI,QAAQ,IAAI,UAAU,YAAY,YAAY,GAAG;AACvD,WAAO;AAAA,EACT;AAEA,MAAI;AAGJ,MAAI,IAAI,QAAQ,IAAI,UAAU,YAAY,UAAU,MAAM,KAAK;AAC7D,QAAI,QAAQ,OAAO,UAAU,YAAY,UAAU;AACnD,iBAAa,IAAI,IAAI,IAAI,GAAG;AAAA,EAC9B;AAGA,QAAM,mBAAmB,IAAI,QAAQ,IAAI,UAAU,YAAY,WAAW;AAE1E,MAAI,kBAAkB;AACpB,UAAM,SAAS,IAAI,IAAI,IAAI,GAAG;AAC9B,iBAAa,IAAI,IAAI,gBAAgB;AAGrC,QAAI,WAAW,WAAW,OAAO,QAAQ;AACvC,aAAO;AAAA,IACT;AAAA,EACF;AAEA,MAAI,YAAY;AACd,oCAAgC,KAAK,KAAK;AAAA,MACxC,CAAC,UAAU,QAAQ,SAAS,GAAG,SAAS;AAAA,MACxC,CAAC,UAAU,QAAQ,aAAa,GAAG,QAC/B,qBAAqB,OAAO,SAAS,IACrC;AAAA,IACN,CAAC;AACD,UAAM,SAAS,yCAAY;AAC3B,UAAM,WAAW,yCAAY;AAE7B,QAAI,QAAQ;AAAA,MACV,UAAU,YAAY;AAAA,MACtB,GAAG,MAAM,GAAG,YAAY,EAAE;AAAA,IAC5B;AAAA,EACF;AACA,SAAO;AACT;AAEO,MAAM,mBAAmB,MAAM;AACpC,MAAI;AAIF,UAAM,EAAE,QAAQ,IAAI,QAAQ,cAAc;AAC1C,WAAO,IAAI,YAAY,2BAA2B,EAAE,SAAS,QAAQ,EAAE,CAAC;AAAA,EAC1E,SAAS,GAAQ;AACf,QACE,KACA,aAAa,KACb,OAAO,EAAE,YAAY,aACpB,EAAE,QAAQ,YAAY,EAAE,SAAS,uBAAuB,YAAY,CAAC,KACpE,EAAE,QACC,YAAY,EACZ;AAAA,MACC,8CAA8C,YAAY;AAAA,IAC5D,IACJ;AACA,YAAM;AAAA,IACR;AAEA,UAAM,IAAI;AAAA,MACR;AAAA;AAAA,kBAAyJ,CAAC;AAAA,IAC5J;AAAA,EACF;AACF;AAEO,SAAS,8BACd,KACA,KAC2B;AAE3B,SAAO,OAAO,MAAM,IAAI,GAAG,IAAI;AACjC;AAEO,SAAS,sBACd,KACA,KAC2B;AAC3B,SACE,8BAA8B,KAAK,UAAU,WAAW,GAAG,CAAC,KAC5D,UAAU,KAAK,UAAU,QAAQ,GAAG,CAAC;AAEzC;AAEO,SAAS,UACd,KACA,MAC2B;AAvK7B;AAwKE,MAAI,cAAc,GAAG,GAAG;AACtB,WAAO,IAAI,QAAQ,IAAI,IAAI;AAAA,EAC7B;AAKA,SACE,IAAI,QAAQ,IAAI,KAChB,IAAI,QAAQ,KAAK,YAAY,CAAC,OAC7B,eAAI,WAAJ,mBAAoB,iBAApB,mBAAkC,UAAU;AAEjD;AAEA,SAAS,cAAc,KAAkC;AACvD,MAAI;AACF,UAAM,EAAE,SAAS,SAAS,QAAQ,IAAK,OAAO,CAAC;AAC/C,WACE,QAAO,mCAAS,SAAQ,cACxB,QAAO,mCAAS,aAAa,SAAQ,cACrC,QAAO,mCAAS,SAAQ;AAAA,EAE5B,SAAS,GAAG;AACV,WAAO;AAAA,EACT;AACF;AAEO,SAAS,UAAU,KAAkB,MAAkC;AAC5E,MAAI,cAAc,GAAG,GAAG;AAKtB,UAAM,oBAAoB,IAAI,QAAQ,IAAI,IAAI;AAI9C,QAAI,CAAC,mBAAmB;AACtB,aAAO;AAAA,IACT;AACA,WAAO,OAAO,sBAAsB,WAChC,oBACA,kBAAkB;AAAA,EACxB;AACA,SAAO,IAAI,QAAQ,IAAI;AACzB;","names":[]}