@caido/server-auth 0.1.0

package/dist/index.d.cts

@@ -0,0 +1,273 @@
+//#region src/types.d.ts
+/**
+* Represents an authentication request from the device code flow.
+* Contains the information needed for the user to authorize the device.
+*/
+interface AuthenticationRequest {
+  /** Unique identifier for this authentication request */
+  id: string;
+  /** The code the user must enter to authorize */
+  userCode: string;
+  /** The URL where the user should go to authorize */
+  verificationUrl: string;
+  /** When this request expires */
+  expiresAt: Date;
+}
+/**
+* Represents an authentication token obtained after successful authorization.
+*/
+interface AuthenticationToken {
+  /** The access token for API requests */
+  accessToken: string;
+  /** The refresh token to obtain new access tokens */
+  refreshToken: string;
+  /** When the access token expires */
+  expiresAt: Date;
+}
+/**
+* Scope information returned from device information endpoint.
+*/
+interface DeviceScope {
+  /** The scope identifier */
+  name: string;
+  /** Human-readable description of the scope */
+  description?: string;
+}
+/**
+* Device information response from the API.
+*/
+interface DeviceInformation {
+  /** The user code associated with this device request */
+  userCode: string;
+  /** List of scopes requested by the device */
+  scopes: DeviceScope[];
+}
+//#endregion
+//#region src/approvers/types.d.ts
+/**
+* Interface for authentication approval strategies.
+* Implementations handle how the device code flow is approved.
+*/
+interface AuthApprover {
+  /**
+  * Approve the authentication request.
+  * This method is called after the authentication flow is started and should
+  * trigger the approval process (e.g., showing a URL to the user or auto-approving via PAT).
+  *
+  * @param request - The authentication request containing the user code and verification URL
+  */
+  approve(request: AuthenticationRequest): Promise<void>;
+}
+//#endregion
+//#region src/client.d.ts
+/**
+* Client for authenticating with a Caido instance.
+*
+* @example
+* ```typescript
+* import { CaidoAuth, BrowserApprover } from "@caido/auth";
+*
+* const auth = new CaidoAuth(
+*   "http://localhost:8080",
+*   new BrowserApprover((request) => {
+*     console.log(`Visit ${request.verificationUrl}`);
+*   })
+* );
+*
+* const token = await auth.startAuthenticationFlow();
+* console.log("Access token:", token.accessToken);
+* ```
+*/
+declare class CaidoAuth {
+  private readonly instanceUrl;
+  private readonly graphqlUrl;
+  private readonly websocketUrl;
+  private readonly approver;
+  private readonly client;
+  /**
+  * Create a new CaidoAuth client.
+  *
+  * @param instanceUrl - Base URL of the Caido instance (e.g., "http://localhost:8080")
+  * @param approver - The approver to use for the authentication flow
+  */
+  constructor(instanceUrl: string, approver: AuthApprover);
+  /**
+  * Convert HTTP(S) URL to WS(S) URL for subscriptions.
+  */
+  private getWebsocketUrl;
+  /**
+  * Start the device code authentication flow.
+  *
+  * This method:
+  * 1. Initiates the authentication flow via GraphQL mutation
+  * 2. Calls the approver with the authentication request
+  * 3. Waits for the user to authorize via WebSocket subscription
+  * 4. Returns the authentication token once approved
+  *
+  * @returns The authentication token
+  * @throws {AuthenticationFlowError} If the flow fails to start
+  * @throws {AuthenticationError} If token retrieval fails
+  */
+  startAuthenticationFlow(): Promise<AuthenticationToken>;
+  /**
+  * Subscribe and wait for the authentication token.
+  *
+  * @param requestId - The authentication request ID
+  * @returns The authentication token once the user authorizes
+  * @throws {AuthenticationError} If subscription fails or returns an error
+  */
+  private waitForToken;
+  /**
+  * Refresh an access token using a refresh token.
+  *
+  * @param refreshToken - The refresh token from a previous authentication
+  * @returns New authentication token with updated access and refresh tokens
+  * @throws {TokenRefreshError} If the refresh fails
+  */
+  refreshToken(refreshToken: string): Promise<AuthenticationToken>;
+}
+//#endregion
+//#region src/errors.d.ts
+/**
+* Base error class for authentication-related errors.
+*/
+declare class AuthenticationError extends Error {
+  constructor(message: string);
+}
+/**
+* Error thrown when the authentication flow fails to start.
+*/
+declare class AuthenticationFlowError extends AuthenticationError {
+  /** Error code from the API */
+  readonly code: string;
+  constructor(code: string, message: string);
+}
+/**
+* Error thrown when token refresh fails.
+*/
+declare class TokenRefreshError extends AuthenticationError {
+  /** Error code from the API */
+  readonly code: string;
+  constructor(code: string, message: string);
+}
+/**
+* Error thrown when device approval fails.
+*/
+declare class DeviceApprovalError extends AuthenticationError {
+  /** HTTP status code if available */
+  readonly statusCode: number | undefined;
+  constructor(message: string, statusCode?: number);
+}
+/**
+* Error thrown when fetching device information fails.
+*/
+declare class DeviceInformationError extends AuthenticationError {
+  /** HTTP status code if available */
+  readonly statusCode: number | undefined;
+  constructor(message: string, statusCode?: number);
+}
+//#endregion
+//#region src/approvers/browser.d.ts
+/**
+* Callback function that receives the authentication request details.
+* Used to display the verification URL and user code to the user.
+*/
+type OnRequestCallback = (request: AuthenticationRequest) => Promise<void> | void;
+/**
+* Browser-based approver that delegates to a callback function.
+* The callback should display the verification URL and user code to the user,
+* who then manually approves the request in their browser.
+*
+* @example
+* ```typescript
+* const approver = new BrowserApprover((request) => {
+*   console.log(`Visit ${request.verificationUrl}`);
+* });
+* ```
+*/
+declare class BrowserApprover implements AuthApprover {
+  private readonly onRequest;
+  /**
+  * Create a new BrowserApprover.
+  *
+  * @param onRequest - Callback function that will be called with the authentication request
+  */
+  constructor(onRequest: OnRequestCallback);
+  /**
+  * Approve the authentication request by calling the callback.
+  * The actual approval happens when the user visits the URL and enters the code.
+  *
+  * @param request - The authentication request
+  */
+  approve(request: AuthenticationRequest): Promise<void>;
+}
+//#endregion
+//#region src/approvers/pat.d.ts
+/**
+* Options for the PATApprover.
+*/
+interface PATApproverOptions {
+  /** The Personal Access Token to use for approval */
+  pat: string;
+  /** If provided, only approve these scopes. Others will be filtered out. */
+  allowedScopes?: string[];
+  /** The API URL to use. Defaults to "https://api.caido.io" */
+  apiUrl?: string;
+}
+/**
+* PAT-based approver that automatically approves device code requests.
+* Uses a Personal Access Token to call the Caido API directly.
+*
+* @example
+* ```typescript
+* // Approve all scopes
+* const approver = new PATApprover({ pat: "caido_xxxxx" });
+*
+* // Approve only specific scopes
+* const limitedApprover = new PATApprover({
+*   pat: "caido_xxxxx",
+*   allowedScopes: ["read:projects", "write:requests"],
+* });
+* ```
+*/
+declare class PATApprover implements AuthApprover {
+  private readonly pat;
+  private readonly allowedScopes;
+  private readonly apiUrl;
+  /**
+  * Create a new PATApprover.
+  *
+  * @param options - Configuration options for the approver
+  */
+  constructor(options: PATApproverOptions);
+  /**
+  * Approve the authentication request using the PAT.
+  * First fetches device information to get available scopes,
+  * then filters scopes if allowedScopes is set,
+  * and finally approves the device.
+  *
+  * @param request - The authentication request
+  * @throws {DeviceInformationError} If fetching device information fails
+  * @throws {DeviceApprovalError} If approving the device fails
+  */
+  approve(request: AuthenticationRequest): Promise<void>;
+  /**
+  * Fetch device information from the API.
+  *
+  * @param userCode - The user code from the authentication request
+  * @returns The device information including available scopes
+  * @throws {DeviceInformationError} If the request fails
+  */
+  private getDeviceInformation;
+  /**
+  * Approve the device with the specified scopes.
+  *
+  * @param userCode - The user code from the authentication request
+  * @param scopes - The scopes to approve
+  * @throws {DeviceApprovalError} If the request fails
+  */
+  private approveDevice;
+}
+//#endregion
+export { type AuthApprover, AuthenticationError, AuthenticationFlowError, type AuthenticationRequest, type AuthenticationToken, BrowserApprover, CaidoAuth, DeviceApprovalError, type DeviceInformation, DeviceInformationError, type DeviceScope, type OnRequestCallback, PATApprover, type PATApproverOptions, TokenRefreshError };
+//# sourceMappingURL=index.d.cts.map

package/dist/index.d.cts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.cts","names":[],"sources":["../src/types.ts","../src/approvers/types.ts","../src/client.ts","../src/errors.ts","../src/approvers/browser.ts","../src/approvers/pat.ts"],"mappings":";;AAIA;;;UAAiB,qBAAA;;EAEf,EAAA;;EAEA,QAAA;;EAEA,eAAA;EAEW;EAAX,SAAA,EAAW,IAAA;AAAA;;;;UAMI,mBAAA;;EAEf,WAAA;;EAEA,YAAA;EAQF;EANE,SAAA,EAAW,IAAA;AAAA;;;AAgBb;UAViB,WAAA;;EAEf,IAAA;;EAEA,WAAA;AAAA;;;;UAMe,iBAAA;;EAEf,QAAA;ECpCe;EDsCf,MAAA,EAAQ,WAAA;AAAA;;;AAxCV;;;;AAAA,UCEiB,YAAA;;;;;;;ADYjB;ECJE,OAAA,CAAQ,OAAA,EAAS,qBAAA,GAAwB,OAAA;AAAA;;;;;;;;;;;;;ADI3C;;;;;;;;cEsBa,SAAA;EAAA,iBACM,WAAA;EAAA,iBACA,UAAA;EAAA,iBACA,YAAA;EAAA,iBACA,QAAA;EAAA,iBACA,MAAA;EFXjB;AAMF;;;;;EEaE,WAAA,CAAY,WAAA,UAAqB,QAAA,EAAU,YAAA;;;;UAenC,eAAA;;;AD9DV;;;;;;;;;;;ECiFE,uBAAA,CAAA,GAAiC,OAAA,CAAQ,mBAAA;;AA/C3C;;;;;;UAqGgB,YAAA;;;;;;;;EAwEd,YAAA,CAAmB,YAAA,WAAuB,OAAA,CAAQ,mBAAA;AAAA;;;;AFjNpD;;cGDa,mBAAA,SAA4B,KAAA;EACvC,WAAA,CAAY,OAAA;AAAA;;;;cASD,uBAAA,SAAgC,mBAAA;;WAElC,IAAA;EAET,WAAA,CAAY,IAAA,UAAc,OAAA;AAAA;;;;cAUf,iBAAA,SAA0B,mBAAA;;WAE5B,IAAA;EAET,WAAA,CAAY,IAAA,UAAc,OAAA;AAAA;AHD5B;;;AAAA,cGWa,mBAAA,SAA4B,mBAAA;EHPvC;EAAA,SGSS,UAAA;EAET,WAAA,CAAY,OAAA,UAAiB,UAAA;AAAA;;;;cAUlB,sBAAA,SAA+B,mBAAA;;WAEjC,UAAA;EAET,WAAA,CAAY,OAAA,UAAiB,UAAA;AAAA;;;;;;;KCnDnB,iBAAA,IACV,OAAA,EAAS,qBAAA,KACN,OAAA;;;;;;AJQL;;;;;;;cIMa,eAAA,YAA2B,YAAA;EAAA,iBACrB,SAAA;EJDN;AAMb;;;;EIEE,WAAA,CAAY,SAAA,EAAW,iBAAA;EJQzB;;;;;;EIEE,OAAA,CAAc,OAAA,EAAS,qBAAA,GAAwB,OAAA;AAAA;;;;;;UChChC,kBAAA;;EAEf,GAAA;;EAEA,aAAA;;EAEA,MAAA;AAAA;;;;;;;;;;ALcF;;;;;AAUA;;cKLa,WAAA,YAAuB,YAAA;EAAA,iBACjB,GAAA;EAAA,iBACA,aAAA;EAAA,iBACA,MAAA;;;;;;EAOjB,WAAA,CAAY,OAAA,EAAS,kBAAA;EJvCvB;;;;;;;;;;EIuDE,OAAA,CAAc,OAAA,EAAS,qBAAA,GAAwB,OAAA;;;AHrBjD;;;;;UG4CgB,oBAAA;;;;;;;;UAmCA,aAAA;AAAA"}

package/dist/index.d.mts

@@ -0,0 +1,273 @@
+//#region src/types.d.ts
+/**
+* Represents an authentication request from the device code flow.
+* Contains the information needed for the user to authorize the device.
+*/
+interface AuthenticationRequest {
+  /** Unique identifier for this authentication request */
+  id: string;
+  /** The code the user must enter to authorize */
+  userCode: string;
+  /** The URL where the user should go to authorize */
+  verificationUrl: string;
+  /** When this request expires */
+  expiresAt: Date;
+}
+/**
+* Represents an authentication token obtained after successful authorization.
+*/
+interface AuthenticationToken {
+  /** The access token for API requests */
+  accessToken: string;
+  /** The refresh token to obtain new access tokens */
+  refreshToken: string;
+  /** When the access token expires */
+  expiresAt: Date;
+}
+/**
+* Scope information returned from device information endpoint.
+*/
+interface DeviceScope {
+  /** The scope identifier */
+  name: string;
+  /** Human-readable description of the scope */
+  description?: string;
+}
+/**
+* Device information response from the API.
+*/
+interface DeviceInformation {
+  /** The user code associated with this device request */
+  userCode: string;
+  /** List of scopes requested by the device */
+  scopes: DeviceScope[];
+}
+//#endregion
+//#region src/approvers/types.d.ts
+/**
+* Interface for authentication approval strategies.
+* Implementations handle how the device code flow is approved.
+*/
+interface AuthApprover {
+  /**
+  * Approve the authentication request.
+  * This method is called after the authentication flow is started and should
+  * trigger the approval process (e.g., showing a URL to the user or auto-approving via PAT).
+  *
+  * @param request - The authentication request containing the user code and verification URL
+  */
+  approve(request: AuthenticationRequest): Promise<void>;
+}
+//#endregion
+//#region src/client.d.ts
+/**
+* Client for authenticating with a Caido instance.
+*
+* @example
+* ```typescript
+* import { CaidoAuth, BrowserApprover } from "@caido/auth";
+*
+* const auth = new CaidoAuth(
+*   "http://localhost:8080",
+*   new BrowserApprover((request) => {
+*     console.log(`Visit ${request.verificationUrl}`);
+*   })
+* );
+*
+* const token = await auth.startAuthenticationFlow();
+* console.log("Access token:", token.accessToken);
+* ```
+*/
+declare class CaidoAuth {
+  private readonly instanceUrl;
+  private readonly graphqlUrl;
+  private readonly websocketUrl;
+  private readonly approver;
+  private readonly client;
+  /**
+  * Create a new CaidoAuth client.
+  *
+  * @param instanceUrl - Base URL of the Caido instance (e.g., "http://localhost:8080")
+  * @param approver - The approver to use for the authentication flow
+  */
+  constructor(instanceUrl: string, approver: AuthApprover);
+  /**
+  * Convert HTTP(S) URL to WS(S) URL for subscriptions.
+  */
+  private getWebsocketUrl;
+  /**
+  * Start the device code authentication flow.
+  *
+  * This method:
+  * 1. Initiates the authentication flow via GraphQL mutation
+  * 2. Calls the approver with the authentication request
+  * 3. Waits for the user to authorize via WebSocket subscription
+  * 4. Returns the authentication token once approved
+  *
+  * @returns The authentication token
+  * @throws {AuthenticationFlowError} If the flow fails to start
+  * @throws {AuthenticationError} If token retrieval fails
+  */
+  startAuthenticationFlow(): Promise<AuthenticationToken>;
+  /**
+  * Subscribe and wait for the authentication token.
+  *
+  * @param requestId - The authentication request ID
+  * @returns The authentication token once the user authorizes
+  * @throws {AuthenticationError} If subscription fails or returns an error
+  */
+  private waitForToken;
+  /**
+  * Refresh an access token using a refresh token.
+  *
+  * @param refreshToken - The refresh token from a previous authentication
+  * @returns New authentication token with updated access and refresh tokens
+  * @throws {TokenRefreshError} If the refresh fails
+  */
+  refreshToken(refreshToken: string): Promise<AuthenticationToken>;
+}
+//#endregion
+//#region src/errors.d.ts
+/**
+* Base error class for authentication-related errors.
+*/
+declare class AuthenticationError extends Error {
+  constructor(message: string);
+}
+/**
+* Error thrown when the authentication flow fails to start.
+*/
+declare class AuthenticationFlowError extends AuthenticationError {
+  /** Error code from the API */
+  readonly code: string;
+  constructor(code: string, message: string);
+}
+/**
+* Error thrown when token refresh fails.
+*/
+declare class TokenRefreshError extends AuthenticationError {
+  /** Error code from the API */
+  readonly code: string;
+  constructor(code: string, message: string);
+}
+/**
+* Error thrown when device approval fails.
+*/
+declare class DeviceApprovalError extends AuthenticationError {
+  /** HTTP status code if available */
+  readonly statusCode: number | undefined;
+  constructor(message: string, statusCode?: number);
+}
+/**
+* Error thrown when fetching device information fails.
+*/
+declare class DeviceInformationError extends AuthenticationError {
+  /** HTTP status code if available */
+  readonly statusCode: number | undefined;
+  constructor(message: string, statusCode?: number);
+}
+//#endregion
+//#region src/approvers/browser.d.ts
+/**
+* Callback function that receives the authentication request details.
+* Used to display the verification URL and user code to the user.
+*/
+type OnRequestCallback = (request: AuthenticationRequest) => Promise<void> | void;
+/**
+* Browser-based approver that delegates to a callback function.
+* The callback should display the verification URL and user code to the user,
+* who then manually approves the request in their browser.
+*
+* @example
+* ```typescript
+* const approver = new BrowserApprover((request) => {
+*   console.log(`Visit ${request.verificationUrl}`);
+* });
+* ```
+*/
+declare class BrowserApprover implements AuthApprover {
+  private readonly onRequest;
+  /**
+  * Create a new BrowserApprover.
+  *
+  * @param onRequest - Callback function that will be called with the authentication request
+  */
+  constructor(onRequest: OnRequestCallback);
+  /**
+  * Approve the authentication request by calling the callback.
+  * The actual approval happens when the user visits the URL and enters the code.
+  *
+  * @param request - The authentication request
+  */
+  approve(request: AuthenticationRequest): Promise<void>;
+}
+//#endregion
+//#region src/approvers/pat.d.ts
+/**
+* Options for the PATApprover.
+*/
+interface PATApproverOptions {
+  /** The Personal Access Token to use for approval */
+  pat: string;
+  /** If provided, only approve these scopes. Others will be filtered out. */
+  allowedScopes?: string[];
+  /** The API URL to use. Defaults to "https://api.caido.io" */
+  apiUrl?: string;
+}
+/**
+* PAT-based approver that automatically approves device code requests.
+* Uses a Personal Access Token to call the Caido API directly.
+*
+* @example
+* ```typescript
+* // Approve all scopes
+* const approver = new PATApprover({ pat: "caido_xxxxx" });
+*
+* // Approve only specific scopes
+* const limitedApprover = new PATApprover({
+*   pat: "caido_xxxxx",
+*   allowedScopes: ["read:projects", "write:requests"],
+* });
+* ```
+*/
+declare class PATApprover implements AuthApprover {
+  private readonly pat;
+  private readonly allowedScopes;
+  private readonly apiUrl;
+  /**
+  * Create a new PATApprover.
+  *
+  * @param options - Configuration options for the approver
+  */
+  constructor(options: PATApproverOptions);
+  /**
+  * Approve the authentication request using the PAT.
+  * First fetches device information to get available scopes,
+  * then filters scopes if allowedScopes is set,
+  * and finally approves the device.
+  *
+  * @param request - The authentication request
+  * @throws {DeviceInformationError} If fetching device information fails
+  * @throws {DeviceApprovalError} If approving the device fails
+  */
+  approve(request: AuthenticationRequest): Promise<void>;
+  /**
+  * Fetch device information from the API.
+  *
+  * @param userCode - The user code from the authentication request
+  * @returns The device information including available scopes
+  * @throws {DeviceInformationError} If the request fails
+  */
+  private getDeviceInformation;
+  /**
+  * Approve the device with the specified scopes.
+  *
+  * @param userCode - The user code from the authentication request
+  * @param scopes - The scopes to approve
+  * @throws {DeviceApprovalError} If the request fails
+  */
+  private approveDevice;
+}
+//#endregion
+export { type AuthApprover, AuthenticationError, AuthenticationFlowError, type AuthenticationRequest, type AuthenticationToken, BrowserApprover, CaidoAuth, DeviceApprovalError, type DeviceInformation, DeviceInformationError, type DeviceScope, type OnRequestCallback, PATApprover, type PATApproverOptions, TokenRefreshError };
+//# sourceMappingURL=index.d.mts.map

package/dist/index.d.mts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.mts","names":[],"sources":["../src/types.ts","../src/approvers/types.ts","../src/client.ts","../src/errors.ts","../src/approvers/browser.ts","../src/approvers/pat.ts"],"mappings":";;AAIA;;;UAAiB,qBAAA;;EAEf,EAAA;;EAEA,QAAA;;EAEA,eAAA;EAEW;EAAX,SAAA,EAAW,IAAA;AAAA;;;;UAMI,mBAAA;;EAEf,WAAA;;EAEA,YAAA;EAQF;EANE,SAAA,EAAW,IAAA;AAAA;;;AAgBb;UAViB,WAAA;;EAEf,IAAA;;EAEA,WAAA;AAAA;;;;UAMe,iBAAA;;EAEf,QAAA;ECpCe;EDsCf,MAAA,EAAQ,WAAA;AAAA;;;AAxCV;;;;AAAA,UCEiB,YAAA;;;;;;;ADYjB;ECJE,OAAA,CAAQ,OAAA,EAAS,qBAAA,GAAwB,OAAA;AAAA;;;;;;;;;;;;;ADI3C;;;;;;;;cEsBa,SAAA;EAAA,iBACM,WAAA;EAAA,iBACA,UAAA;EAAA,iBACA,YAAA;EAAA,iBACA,QAAA;EAAA,iBACA,MAAA;EFXjB;AAMF;;;;;EEaE,WAAA,CAAY,WAAA,UAAqB,QAAA,EAAU,YAAA;;;;UAenC,eAAA;;;AD9DV;;;;;;;;;;;ECiFE,uBAAA,CAAA,GAAiC,OAAA,CAAQ,mBAAA;;AA/C3C;;;;;;UAqGgB,YAAA;;;;;;;;EAwEd,YAAA,CAAmB,YAAA,WAAuB,OAAA,CAAQ,mBAAA;AAAA;;;;AFjNpD;;cGDa,mBAAA,SAA4B,KAAA;EACvC,WAAA,CAAY,OAAA;AAAA;;;;cASD,uBAAA,SAAgC,mBAAA;;WAElC,IAAA;EAET,WAAA,CAAY,IAAA,UAAc,OAAA;AAAA;;;;cAUf,iBAAA,SAA0B,mBAAA;;WAE5B,IAAA;EAET,WAAA,CAAY,IAAA,UAAc,OAAA;AAAA;AHD5B;;;AAAA,cGWa,mBAAA,SAA4B,mBAAA;EHPvC;EAAA,SGSS,UAAA;EAET,WAAA,CAAY,OAAA,UAAiB,UAAA;AAAA;;;;cAUlB,sBAAA,SAA+B,mBAAA;;WAEjC,UAAA;EAET,WAAA,CAAY,OAAA,UAAiB,UAAA;AAAA;;;;;;;KCnDnB,iBAAA,IACV,OAAA,EAAS,qBAAA,KACN,OAAA;;;;;;AJQL;;;;;;;cIMa,eAAA,YAA2B,YAAA;EAAA,iBACrB,SAAA;EJDN;AAMb;;;;EIEE,WAAA,CAAY,SAAA,EAAW,iBAAA;EJQzB;;;;;;EIEE,OAAA,CAAc,OAAA,EAAS,qBAAA,GAAwB,OAAA;AAAA;;;;;;UChChC,kBAAA;;EAEf,GAAA;;EAEA,aAAA;;EAEA,MAAA;AAAA;;;;;;;;;;ALcF;;;;;AAUA;;cKLa,WAAA,YAAuB,YAAA;EAAA,iBACjB,GAAA;EAAA,iBACA,aAAA;EAAA,iBACA,MAAA;;;;;;EAOjB,WAAA,CAAY,OAAA,EAAS,kBAAA;EJvCvB;;;;;;;;;;EIuDE,OAAA,CAAc,OAAA,EAAS,qBAAA,GAAwB,OAAA;;;AHrBjD;;;;;UG4CgB,oBAAA;;;;;;;;UAmCA,aAAA;AAAA"}