@capsara/sdk 1.0.1

package/dist/internal/retry-executor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"retry-executor.d.ts","sourceRoot":"","sources":["../../src/internal/retry-executor.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAG7B,OAAO,EAA0B,KAAK,iBAAiB,EAA0B,MAAM,mBAAmB,CAAC;AAE3G;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,CAAC;CAChC;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,MAAM,CAAC,EAAE,WAAW,CAAC;CACtB;AA4DD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,CAAC;IACpD,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,iBAAiB,CAAC;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,IAAI,CAAC,mBAAmB,CAAC;IAClC,IAAI,EAAE,MAAM,CAAC;CACd;AAED;;GAEG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAwB;gBAE1B,MAAM,GAAE,WAAgB;IAIpC;;OAEG;IACG,OAAO,CAAC,CAAC,EACb,SAAS,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EAC3B,WAAW,CAAC,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,OAAO,GACxC,OAAO,CAAC,CAAC,CAAC;IAkCb;;;;;;OAMG;IACG,cAAc,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,eAAe,CAAC;IA0DvE;;OAEG;IACH,OAAO,CAAC,cAAc;CAmDvB;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,CAAC,EAAE,WAAW,GAAG,aAAa,CAEvE"}

package/dist/internal/retry-executor.js

@@ -0,0 +1,204 @@
+/**
+ * Unified retry executor - eliminates retry logic duplication
+ * @file capsara.sdk/typescript/src/internal/retry-executor.ts
+ *
+ * This module provides a unified retry mechanism that can be used for:
+ * - Axios HTTP requests (via interceptor in http-factory)
+ * - Raw HTTP/HTTPS requests (for multipart uploads)
+ * - Generic async operations
+ */
+import * as http from 'http';
+import * as https from 'https';
+import { URL } from 'url';
+import { createAgentForProtocol, DEFAULT_TIMEOUT_CONFIG } from './http-factory.js';
+/**
+ * Default retry configuration
+ */
+const DEFAULT_RETRY_CONFIG = {
+    maxRetries: 3,
+    baseDelay: 1000,
+    maxDelay: 30000,
+    enableLogging: false,
+    // eslint-disable-next-line no-console
+    logger: { log: (msg) => console.log(msg) },
+};
+/**
+ * Calculate exponential backoff delay with jitter
+ */
+function calculateBackoff(attempt, baseDelay, maxDelay) {
+    const exponentialDelay = baseDelay * Math.pow(2, attempt);
+    const jitter = Math.random() * 0.3 * exponentialDelay;
+    return Math.min(Math.floor(exponentialDelay + jitter), maxDelay);
+}
+/**
+ * Sleep for specified duration
+ */
+function sleep(ms) {
+    return new Promise(resolve => globalThis.setTimeout(resolve, ms));
+}
+/**
+ * Check if HTTP status is retryable
+ */
+function isRetryableStatus(status) {
+    return status === 503 || status === 429;
+}
+/**
+ * Parse retry delay from response headers
+ */
+function parseRetryDelay(headers) {
+    const retryAfter = headers['retry-after'];
+    if (!retryAfter || typeof retryAfter !== 'string') {
+        return null;
+    }
+    const seconds = parseInt(retryAfter, 10);
+    if (!isNaN(seconds)) {
+        return seconds * 1000;
+    }
+    const date = new Date(retryAfter);
+    if (!isNaN(date.getTime())) {
+        const delay = date.getTime() - Date.now();
+        return delay > 0 ? delay : 0;
+    }
+    return null;
+}
+/**
+ * Unified retry executor for both axios and raw HTTP requests
+ */
+export class RetryExecutor {
+    config;
+    constructor(config = {}) {
+        this.config = { ...DEFAULT_RETRY_CONFIG, ...config };
+    }
+    /**
+     * Execute a generic async operation with retry
+     */
+    async execute(operation, isRetryable) {
+        let lastError;
+        for (let attempt = 0; attempt <= this.config.maxRetries; attempt++) {
+            try {
+                return await operation();
+            }
+            catch (error) {
+                lastError = error;
+                // Check if we should retry
+                if (attempt >= this.config.maxRetries) {
+                    break;
+                }
+                // Default: retry on any error; custom function can override
+                const shouldRetry = isRetryable ? isRetryable(error) : true;
+                if (!shouldRetry) {
+                    break;
+                }
+                const delay = calculateBackoff(attempt, this.config.baseDelay, this.config.maxDelay);
+                if (this.config.enableLogging) {
+                    this.config.logger.log(`[Capsara SDK] Retry ${attempt + 1}/${this.config.maxRetries} - waiting ${delay}ms`);
+                }
+                await sleep(delay);
+            }
+        }
+        throw lastError;
+    }
+    /**
+     * Execute a raw HTTP request with retry (for multipart uploads)
+     *
+     * This replaces the duplicated retry logic in:
+     * - CapsaraClient#sendCapsasWithRetry (121 lines)
+     * - CapsaraClient#downloadFileWithRetry (54 lines)
+     */
+    async executeRawHttp(options) {
+        let lastError;
+        let lastResponse = null;
+        for (let attempt = 0; attempt <= this.config.maxRetries; attempt++) {
+            try {
+                const response = await this.makeRawRequest(options);
+                lastResponse = response;
+                // Check if response indicates a retryable error
+                if (isRetryableStatus(response.statusCode)) {
+                    if (attempt >= this.config.maxRetries) {
+                        // Return the response even on error (caller can check statusCode)
+                        return response;
+                    }
+                    // Get delay from server or use backoff
+                    const serverDelay = parseRetryDelay(response.headers);
+                    const delay = serverDelay !== null
+                        ? Math.min(serverDelay, this.config.maxDelay)
+                        : calculateBackoff(attempt, this.config.baseDelay, this.config.maxDelay);
+                    if (this.config.enableLogging) {
+                        this.config.logger.log(`[Capsara SDK] Retry ${attempt + 1}/${this.config.maxRetries} for ${response.statusCode} - waiting ${delay}ms`);
+                    }
+                    await sleep(delay);
+                    continue;
+                }
+                return response;
+            }
+            catch (error) {
+                lastError = error;
+                if (attempt >= this.config.maxRetries) {
+                    break;
+                }
+                const delay = calculateBackoff(attempt, this.config.baseDelay, this.config.maxDelay);
+                if (this.config.enableLogging) {
+                    this.config.logger.log(`[Capsara SDK] Retry ${attempt + 1}/${this.config.maxRetries} (network error) - waiting ${delay}ms`);
+                }
+                await sleep(delay);
+            }
+        }
+        // Return last response if we have one, otherwise throw
+        if (lastResponse) {
+            return lastResponse;
+        }
+        throw lastError;
+    }
+    /**
+     * Make a single raw HTTP request
+     */
+    makeRawRequest(options) {
+        return new Promise((resolve, reject) => {
+            const url = new URL(options.url);
+            const timeout = options.timeout ?? DEFAULT_TIMEOUT_CONFIG.uploadTimeout;
+            const timeoutConfig = options.timeoutConfig ?? DEFAULT_TIMEOUT_CONFIG;
+            const requestModule = url.protocol === 'https:' ? https : http;
+            const agent = createAgentForProtocol(url.protocol, timeout, timeoutConfig);
+            const requestOptions = {
+                hostname: url.hostname,
+                port: url.port || (url.protocol === 'https:' ? 443 : 80),
+                path: url.pathname + url.search,
+                method: options.method,
+                headers: options.headers,
+                agent,
+                timeout,
+            };
+            const req = requestModule.request(requestOptions, (res) => {
+                const chunks = [];
+                res.on('data', (chunk) => {
+                    chunks.push(chunk);
+                });
+                res.on('end', () => {
+                    resolve({
+                        statusCode: res.statusCode ?? 0,
+                        headers: res.headers,
+                        body: Buffer.concat(chunks),
+                    });
+                });
+            });
+            req.on('error', (error) => {
+                reject(error);
+            });
+            req.on('timeout', () => {
+                req.destroy();
+                reject(new Error(`Request timeout after ${timeout}ms`));
+            });
+            if (options.body) {
+                req.write(options.body);
+            }
+            req.end();
+        });
+    }
+}
+/**
+ * Create a retry executor with default or custom configuration
+ */
+export function createRetryExecutor(config) {
+    return new RetryExecutor(config);
+}
+//# sourceMappingURL=retry-executor.js.map

package/dist/internal/retry-executor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"retry-executor.js","sourceRoot":"","sources":["../../src/internal/retry-executor.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,KAAK,MAAM,OAAO,CAAC;AAC/B,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAC1B,OAAO,EAAE,sBAAsB,EAA0B,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAoB3G;;GAEG;AACH,MAAM,oBAAoB,GAA0B;IAClD,UAAU,EAAE,CAAC;IACb,SAAS,EAAE,IAAI;IACf,QAAQ,EAAE,KAAK;IACf,aAAa,EAAE,KAAK;IACpB,sCAAsC;IACtC,MAAM,EAAE,EAAE,GAAG,EAAE,CAAC,GAAW,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;CACnD,CAAC;AAEF;;GAEG;AACH,SAAS,gBAAgB,CAAC,OAAe,EAAE,SAAiB,EAAE,QAAgB;IAC5E,MAAM,gBAAgB,GAAG,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,GAAG,gBAAgB,CAAC;IACtD,OAAO,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,GAAG,MAAM,CAAC,EAAE,QAAQ,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACH,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AACpE,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,MAAc;IACvC,OAAO,MAAM,KAAK,GAAG,IAAI,MAAM,KAAK,GAAG,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,OAAiC;IACxD,MAAM,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;IAC1C,IAAI,CAAC,UAAU,IAAI,OAAO,UAAU,KAAK,QAAQ,EAAE,CAAC;QAClD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,OAAO,GAAG,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IACzC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;QACpB,OAAO,OAAO,GAAG,IAAI,CAAC;IACxB,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC;IAClC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC1C,OAAO,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAuBD;;GAEG;AACH,MAAM,OAAO,aAAa;IAChB,MAAM,CAAwB;IAEtC,YAAY,SAAsB,EAAE;QAClC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,oBAAoB,EAAE,GAAG,MAAM,EAAE,CAAC;IACvD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,OAAO,CACX,SAA2B,EAC3B,WAAyC;QAEzC,IAAI,SAAkB,CAAC;QAEvB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,IAAI,CAAC;gBACH,OAAO,MAAM,SAAS,EAAE,CAAC;YAC3B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,SAAS,GAAG,KAAK,CAAC;gBAElB,2BAA2B;gBAC3B,IAAI,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;oBACtC,MAAM;gBACR,CAAC;gBAED,4DAA4D;gBAC5D,MAAM,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;gBAC5D,IAAI,CAAC,WAAW,EAAE,CAAC;oBACjB,MAAM;gBACR,CAAC;gBAED,MAAM,KAAK,GAAG,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACrF,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;oBAC9B,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CACpB,uBAAuB,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,cAAc,KAAK,IAAI,CACpF,CAAC;gBACJ,CAAC;gBAED,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;QAED,MAAM,SAAS,CAAC;IAClB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,cAAc,CAAC,OAAuB;QAC1C,IAAI,SAAkB,CAAC;QACvB,IAAI,YAAY,GAA2B,IAAI,CAAC;QAEhD,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,OAAO,EAAE,EAAE,CAAC;YACnE,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;gBACpD,YAAY,GAAG,QAAQ,CAAC;gBAExB,gDAAgD;gBAChD,IAAI,iBAAiB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC3C,IAAI,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;wBACtC,kEAAkE;wBAClE,OAAO,QAAQ,CAAC;oBAClB,CAAC;oBAED,uCAAuC;oBACvC,MAAM,WAAW,GAAG,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;oBACtD,MAAM,KAAK,GAAG,WAAW,KAAK,IAAI;wBAChC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;wBAC7C,CAAC,CAAC,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;oBAE3E,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;wBAC9B,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CACpB,uBAAuB,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,QAAQ,QAAQ,CAAC,UAAU,cAAc,KAAK,IAAI,CAC/G,CAAC;oBACJ,CAAC;oBAED,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;oBACnB,SAAS;gBACX,CAAC;gBAED,OAAO,QAAQ,CAAC;YAClB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,SAAS,GAAG,KAAK,CAAC;gBAElB,IAAI,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;oBACtC,MAAM;gBACR,CAAC;gBAED,MAAM,KAAK,GAAG,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACrF,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;oBAC9B,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,CACpB,uBAAuB,OAAO,GAAG,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,8BAA8B,KAAK,IAAI,CACpG,CAAC;gBACJ,CAAC;gBAED,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;QAED,uDAAuD;QACvD,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,YAAY,CAAC;QACtB,CAAC;QACD,MAAM,SAAS,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,OAAuB;QAC5C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YACjC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,sBAAsB,CAAC,aAAa,CAAC;YACxE,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,sBAAsB,CAAC;YAEtE,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAC/D,MAAM,KAAK,GAAG,sBAAsB,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,EAAE,aAAa,CAAC,CAAC;YAE3E,MAAM,cAAc,GAAwB;gBAC1C,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,IAAI,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACxD,IAAI,EAAE,GAAG,CAAC,QAAQ,GAAG,GAAG,CAAC,MAAM;gBAC/B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,KAAK;gBACL,OAAO;aACR,CAAC;YAEF,MAAM,GAAG,GAAG,aAAa,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC,GAAG,EAAE,EAAE;gBACxD,MAAM,MAAM,GAAa,EAAE,CAAC;gBAE5B,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;oBAC/B,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACrB,CAAC,CAAC,CAAC;gBAEH,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;oBACjB,OAAO,CAAC;wBACN,UAAU,EAAE,GAAG,CAAC,UAAU,IAAI,CAAC;wBAC/B,OAAO,EAAE,GAAG,CAAC,OAAO;wBACpB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC;qBAC5B,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;gBACxB,MAAM,CAAC,KAAK,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;gBACrB,GAAG,CAAC,OAAO,EAAE,CAAC;gBACd,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,OAAO,IAAI,CAAC,CAAC,CAAC;YAC1D,CAAC,CAAC,CAAC;YAEH,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjB,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAC1B,CAAC;YAED,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAoB;IACtD,OAAO,IAAI,aAAa,CAAC,MAAM,CAAC,CAAC;AACnC,CAAC"}

package/dist/internal/services/account-service.d.ts

@@ -0,0 +1,56 @@
+/** Account management client for key rotation and account operations. */
+import { type GeneratedKeyPair } from '../crypto/key-generator.js';
+import { type HttpTimeoutConfig } from '../config/http-client.js';
+import type { RetryConfig } from '../config/retry-interceptor.js';
+export interface PublicKeyInfo {
+    publicKey: string;
+    keyFingerprint: string;
+    createdAt: string;
+    isActive: boolean;
+}
+export interface KeyHistoryEntry {
+    publicKey: string;
+    keyFingerprint: string;
+    createdAt: string;
+    revokedAt?: string;
+    isActive: boolean;
+}
+export declare class AccountClient {
+    private axiosInstance;
+    constructor(baseUrl: string, getToken: () => string | null, timeout?: Partial<HttpTimeoutConfig>, retry?: RetryConfig);
+    /**
+     * Get current active public key
+     * @returns Current public key info or null if not set
+     */
+    getCurrentPublicKey(): Promise<PublicKeyInfo | null>;
+    /**
+     * Add new public key (auto-rotates: moves current to history)
+     *
+     * When a new public key is added, the API automatically:
+     * - Moves current active key to history
+     * - Sets new key as active
+     *
+     * @param publicKey - New public key in PEM format
+     * @param fingerprint - SHA-256 fingerprint of the public key
+     * @param reason - Optional reason for key rotation
+     * @returns Updated public key info
+     * @throws {CapsaraAccountError} If validation error or unauthorized
+     */
+    addPublicKey(publicKey: string, fingerprint: string, reason?: string): Promise<PublicKeyInfo>;
+    /**
+     * Get key history (all previous keys)
+     * @returns Array of historical keys (including current active key)
+     */
+    getKeyHistory(): Promise<KeyHistoryEntry[]>;
+    /**
+     * Rotate key: generate new key pair and update on server.
+     * Application must store the returned private key securely.
+     * The private key is never sent to the server.
+     * @returns New key pair and updated server info
+     */
+    rotateKey(): Promise<{
+        keyPair: GeneratedKeyPair;
+        serverInfo: PublicKeyInfo;
+    }>;
+}
+//# sourceMappingURL=account-service.d.ts.map

package/dist/internal/services/account-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"account-service.d.ts","sourceRoot":"","sources":["../../../src/internal/services/account-service.ts"],"names":[],"mappings":"AAAA,yEAAyE;AAGzE,OAAO,EAAmB,KAAK,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAEpF,OAAO,EAIL,KAAK,iBAAiB,EACvB,MAAM,0BAA0B,CAAC;AAClC,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAElE,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,qBAAa,aAAa;IACxB,OAAO,CAAC,aAAa,CAAgB;gBAEzB,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,MAAM,GAAG,IAAI,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,iBAAiB,CAAC,EAAE,KAAK,CAAC,EAAE,WAAW;IAwBrH;;;OAGG;IACG,mBAAmB,IAAI,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;IAuB1D;;;;;;;;;;;;OAYG;IACG,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IA0BnG;;;OAGG;IACG,aAAa,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;IA2BjD;;;;;OAKG;IACG,SAAS,IAAI,OAAO,CAAC;QACzB,OAAO,EAAE,gBAAgB,CAAC;QAC1B,UAAU,EAAE,aAAa,CAAC;KAC3B,CAAC;CASH"}

package/dist/internal/services/account-service.js

@@ -0,0 +1,114 @@
+/** Account management client for key rotation and account operations. */
+import axios from 'axios';
+import { generateKeyPair } from '../crypto/key-generator.js';
+import { CapsaraAccountError } from '../../errors/account-error.js';
+import { createAxiosConfig, configureRetryInterceptor, DEFAULT_TIMEOUT_CONFIG, } from '../config/http-client.js';
+export class AccountClient {
+    axiosInstance;
+    constructor(baseUrl, getToken, timeout, retry) {
+        const timeoutConfig = {
+            ...DEFAULT_TIMEOUT_CONFIG,
+            ...timeout,
+        };
+        const axiosConfig = createAxiosConfig(baseUrl, timeoutConfig.apiTimeout, timeoutConfig);
+        this.axiosInstance = axios.create(axiosConfig);
+        configureRetryInterceptor(this.axiosInstance, retry);
+        this.axiosInstance.interceptors.request.use((config) => {
+            const token = getToken();
+            if (token) {
+                config.headers.Authorization = `Bearer ${token}`;
+            }
+            return config;
+        });
+    }
+    /**
+     * Get current active public key
+     * @returns Current public key info or null if not set
+     */
+    async getCurrentPublicKey() {
+        try {
+            const response = await this.axiosInstance.get('/api/account/key');
+            // API returns null fields when no key is configured
+            if (!response.data.publicKey)
+                return null;
+            return {
+                publicKey: response.data.publicKey,
+                keyFingerprint: response.data.publicKeyFingerprint ?? '',
+                createdAt: '', // API does not return this
+                isActive: true,
+            };
+        }
+        catch (error) {
+            // eslint-disable-next-line no-console
+            console.warn('Failed to get current public key:', error);
+            return null;
+        }
+    }
+    /**
+     * Add new public key (auto-rotates: moves current to history)
+     *
+     * When a new public key is added, the API automatically:
+     * - Moves current active key to history
+     * - Sets new key as active
+     *
+     * @param publicKey - New public key in PEM format
+     * @param fingerprint - SHA-256 fingerprint of the public key
+     * @param reason - Optional reason for key rotation
+     * @returns Updated public key info
+     * @throws {CapsaraAccountError} If validation error or unauthorized
+     */
+    async addPublicKey(publicKey, fingerprint, reason) {
+        try {
+            const response = await this.axiosInstance.post('/api/account/key', {
+                publicKey,
+                publicKeyFingerprint: fingerprint,
+                ...(reason && { reason })
+            });
+            return {
+                publicKey: response.data.publicKey,
+                keyFingerprint: response.data.publicKeyFingerprint,
+                createdAt: new Date().toISOString(), // API doesn't return this, use current time
+                isActive: true, // Newly added keys are always active
+            };
+        }
+        catch (error) {
+            throw CapsaraAccountError.fromApiError(error);
+        }
+    }
+    /**
+     * Get key history (all previous keys)
+     * @returns Array of historical keys (including current active key)
+     */
+    async getKeyHistory() {
+        try {
+            const response = await this.axiosInstance.get('/api/account/key/history');
+            return (response.data.keyHistory ?? []).map(e => ({
+                publicKey: '', // API does not return public key in history
+                keyFingerprint: e.keyFingerprint,
+                createdAt: e.rotatedAt, // Best approximation: when the key was rotated out
+                revokedAt: e.rotatedAt,
+                isActive: false,
+            }));
+        }
+        catch (error) {
+            // eslint-disable-next-line no-console
+            console.warn('Failed to get key history:', error);
+            return [];
+        }
+    }
+    /**
+     * Rotate key: generate new key pair and update on server.
+     * Application must store the returned private key securely.
+     * The private key is never sent to the server.
+     * @returns New key pair and updated server info
+     */
+    async rotateKey() {
+        const keyPair = await generateKeyPair();
+        const serverInfo = await this.addPublicKey(keyPair.publicKey, keyPair.publicKeyFingerprint);
+        return {
+            keyPair,
+            serverInfo,
+        };
+    }
+}
+//# sourceMappingURL=account-service.js.map

package/dist/internal/services/account-service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"account-service.js","sourceRoot":"","sources":["../../../src/internal/services/account-service.ts"],"names":[],"mappings":"AAAA,yEAAyE;AAEzE,OAAO,KAAwB,MAAM,OAAO,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAyB,MAAM,4BAA4B,CAAC;AACpF,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AACpE,OAAO,EACL,iBAAiB,EACjB,yBAAyB,EACzB,sBAAsB,GAEvB,MAAM,0BAA0B,CAAC;AAkBlC,MAAM,OAAO,aAAa;IAChB,aAAa,CAAgB;IAErC,YAAY,OAAe,EAAE,QAA6B,EAAE,OAAoC,EAAE,KAAmB;QACnH,MAAM,aAAa,GAAG;YACpB,GAAG,sBAAsB;YACzB,GAAG,OAAO;SACX,CAAC;QAEF,MAAM,WAAW,GAAG,iBAAiB,CACnC,OAAO,EACP,aAAa,CAAC,UAAU,EACxB,aAAa,CACd,CAAC;QACF,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAE/C,yBAAyB,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAErD,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;YACrD,MAAM,KAAK,GAAG,QAAQ,EAAE,CAAC;YACzB,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,CAAC,OAAO,CAAC,aAAa,GAAG,UAAU,KAAK,EAAE,CAAC;YACnD,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,mBAAmB;QACvB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,CAG1C,kBAAkB,CAAC,CAAC;YAEvB,oDAAoD;YACpD,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS;gBAAE,OAAO,IAAI,CAAC;YAE1C,OAAO;gBACL,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS;gBAClC,cAAc,EAAE,QAAQ,CAAC,IAAI,CAAC,oBAAoB,IAAI,EAAE;gBACxD,SAAS,EAAE,EAAE,EAAE,2BAA2B;gBAC1C,QAAQ,EAAE,IAAI;aACf,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sCAAsC;YACtC,OAAO,CAAC,IAAI,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;YACzD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,YAAY,CAAC,SAAiB,EAAE,WAAmB,EAAE,MAAe;QACxE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,IAAI,CAK5C,kBAAkB,EAClB;gBACE,SAAS;gBACT,oBAAoB,EAAE,WAAW;gBACjC,GAAG,CAAC,MAAM,IAAI,EAAE,MAAM,EAAE,CAAC;aAC1B,CACF,CAAC;YAEF,OAAO;gBACL,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS;gBAClC,cAAc,EAAE,QAAQ,CAAC,IAAI,CAAC,oBAAoB;gBAClD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,4CAA4C;gBACjF,QAAQ,EAAE,IAAI,EAAE,qCAAqC;aACtD,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,mBAAmB,CAAC,YAAY,CAAC,KAA+D,CAAC,CAAC;QAC1G,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,aAAa;QACjB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,CAS1C,0BAA0B,CAAC,CAAC;YAE/B,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAChD,SAAS,EAAE,EAAE,EAAE,4CAA4C;gBAC3D,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,SAAS,EAAE,CAAC,CAAC,SAAS,EAAE,mDAAmD;gBAC3E,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,QAAQ,EAAE,KAAK;aAChB,CAAC,CAAC,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,sCAAsC;YACtC,OAAO,CAAC,IAAI,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YAClD,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS;QAIb,MAAM,OAAO,GAAG,MAAM,eAAe,EAAE,CAAC;QACxC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAE5F,OAAO;YACL,OAAO;YACP,UAAU;SACX,CAAC;IACJ,CAAC;CACF"}

package/dist/internal/services/audit-service.d.ts

@@ -0,0 +1,25 @@
+/** Audit trail service for capsa audit entry operations. */
+import type { AxiosInstance } from 'axios';
+import type { GetAuditEntriesFilters, GetAuditEntriesResponse, CreateAuditEntryRequest, CreateAuditEntryResponse } from '../../types/index.js';
+export interface AuditServiceOptions {
+    axiosInstance: AxiosInstance;
+}
+export declare class AuditService {
+    private http;
+    constructor(options: AuditServiceOptions);
+    /**
+     * Get audit trail for a capsa
+     * @param capsaId - Capsa ID
+     * @param filters - Optional filters
+     * @returns Paginated audit entries
+     */
+    getAuditEntries(capsaId: string, filters?: GetAuditEntriesFilters): Promise<GetAuditEntriesResponse>;
+    /**
+     * Create audit entry for a capsa
+     * @param capsaId - Capsa ID
+     * @param entry - Audit entry request
+     * @returns Success response
+     */
+    createAuditEntry(capsaId: string, entry: CreateAuditEntryRequest): Promise<CreateAuditEntryResponse>;
+}
+//# sourceMappingURL=audit-service.d.ts.map

package/dist/internal/services/audit-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-service.d.ts","sourceRoot":"","sources":["../../../src/internal/services/audit-service.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAE5D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,OAAO,CAAC;AAG3C,OAAO,KAAK,EACV,sBAAsB,EACtB,uBAAuB,EACvB,uBAAuB,EACvB,wBAAwB,EACzB,MAAM,sBAAsB,CAAC;AAE9B,MAAM,WAAW,mBAAmB;IAClC,aAAa,EAAE,aAAa,CAAC;CAC9B;AAED,qBAAa,YAAY;IACvB,OAAO,CAAC,IAAI,CAAgB;gBAEhB,OAAO,EAAE,mBAAmB;IAIxC;;;;;OAKG;IACG,eAAe,CACnB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,sBAAsB,GAC/B,OAAO,CAAC,uBAAuB,CAAC;IAYnC;;;;;OAKG;IACG,gBAAgB,CACpB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,uBAAuB,GAC7B,OAAO,CAAC,wBAAwB,CAAC;CAgBrC"}

package/dist/internal/services/audit-service.js

@@ -0,0 +1,43 @@
+/** Audit trail service for capsa audit entry operations. */
+import { CapsaraAuditError } from '../../errors/audit-error.js';
+export class AuditService {
+    http;
+    constructor(options) {
+        this.http = options.axiosInstance;
+    }
+    /**
+     * Get audit trail for a capsa
+     * @param capsaId - Capsa ID
+     * @param filters - Optional filters
+     * @returns Paginated audit entries
+     */
+    async getAuditEntries(capsaId, filters) {
+        try {
+            const response = await this.http.get(`/api/capsas/${capsaId}/audit`, { params: filters });
+            return response.data;
+        }
+        catch (error) {
+            throw CapsaraAuditError.fromApiError(error);
+        }
+    }
+    /**
+     * Create audit entry for a capsa
+     * @param capsaId - Capsa ID
+     * @param entry - Audit entry request
+     * @returns Success response
+     */
+    async createAuditEntry(capsaId, entry) {
+        // Client-side validation: 'log' action requires details
+        if (entry.action === 'log' && (!entry.details || Object.keys(entry.details).length === 0)) {
+            throw CapsaraAuditError.missingDetails();
+        }
+        try {
+            const response = await this.http.post(`/api/capsas/${capsaId}/audit`, entry);
+            return response.data;
+        }
+        catch (error) {
+            throw CapsaraAuditError.fromApiError(error);
+        }
+    }
+}
+//# sourceMappingURL=audit-service.js.map

package/dist/internal/services/audit-service.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-service.js","sourceRoot":"","sources":["../../../src/internal/services/audit-service.ts"],"names":[],"mappings":"AAAA,4DAA4D;AAG5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,6BAA6B,CAAC;AAahE,MAAM,OAAO,YAAY;IACf,IAAI,CAAgB;IAE5B,YAAY,OAA4B;QACtC,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,aAAa,CAAC;IACpC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,eAAe,CACnB,OAAe,EACf,OAAgC;QAEhC,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,CAClC,eAAe,OAAO,QAAQ,EAC9B,EAAE,MAAM,EAAE,OAAkC,EAAE,CAC/C,CAAC;YACF,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,iBAAiB,CAAC,YAAY,CAAC,KAAuB,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,gBAAgB,CACpB,OAAe,EACf,KAA8B;QAE9B,wDAAwD;QACxD,IAAI,KAAK,CAAC,MAAM,KAAK,KAAK,IAAI,CAAC,CAAC,KAAK,CAAC,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;YAC1F,MAAM,iBAAiB,CAAC,cAAc,EAAE,CAAC;QAC3C,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CACnC,eAAe,OAAO,QAAQ,EAC9B,KAAK,CACN,CAAC;YACF,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,iBAAiB,CAAC,YAAY,CAAC,KAAuB,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;CACF"}

package/dist/internal/services/auth-service.d.ts

@@ -0,0 +1,44 @@
+/** Authentication service for managing access tokens and refresh tokens. */
+import type { AuthCredentials, AuthResponse } from '../../types/index.js';
+import { type HttpTimeoutConfig } from '../http-factory.js';
+import type { RetryConfig } from '../config/retry-interceptor.js';
+export type AuthStateChangeCallback = (state: {
+    isAuthenticated: boolean;
+    event: 'login' | 'logout' | 'refresh' | 'expired';
+}) => void;
+export interface AuthServiceOptions {
+    expectedIssuer?: string;
+    expectedAudience?: string;
+    timeout?: Partial<HttpTimeoutConfig>;
+    retry?: RetryConfig;
+    userAgent?: string;
+}
+export declare class AuthService {
+    private accessToken;
+    private refreshToken;
+    private tokenExpiresAt;
+    private http;
+    private authStateCallbacks;
+    private expectedIssuer;
+    private expectedAudience;
+    private lastRefreshError;
+    constructor(baseUrl: string, options?: AuthServiceOptions);
+    onAuthChange(callback: AuthStateChangeCallback): void;
+    offAuthChange(callback: AuthStateChangeCallback): void;
+    private emitAuthChange;
+    private decodeJWT;
+    private validateAndExtractExpiry;
+    isTokenExpired(bufferSeconds?: number): boolean;
+    login(credentials: AuthCredentials): Promise<AuthResponse>;
+    refresh(): Promise<boolean>;
+    getLastRefreshError(): Error | null;
+    getToken(): string | null;
+    getRefreshToken(): string | null;
+    isAuthenticated(): boolean;
+    canRefresh(): boolean;
+    logout(): Promise<boolean>;
+    setToken(token: string): void;
+    setRefreshToken(token: string): void;
+    setTokens(accessToken: string, refreshToken: string): void;
+}
+//# sourceMappingURL=auth-service.d.ts.map

package/dist/internal/services/auth-service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-service.d.ts","sourceRoot":"","sources":["../../../src/internal/services/auth-service.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAG5E,OAAO,KAAK,EAAE,eAAe,EAAE,YAAY,EAAE,MAAM,sBAAsB,CAAC;AAG1E,OAAO,EAAoB,KAAK,iBAAiB,EAA0B,MAAM,oBAAoB,CAAC;AACtG,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAElE,MAAM,MAAM,uBAAuB,GAAG,CAAC,KAAK,EAAE;IAC5C,eAAe,EAAE,OAAO,CAAC;IACzB,KAAK,EAAE,OAAO,GAAG,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;CACnD,KAAK,IAAI,CAAC;AASX,MAAM,WAAW,kBAAkB;IACjC,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,OAAO,CAAC,EAAE,OAAO,CAAC,iBAAiB,CAAC,CAAC;IACrC,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,WAAW;IACtB,OAAO,CAAC,WAAW,CAAuB;IAC1C,OAAO,CAAC,YAAY,CAAuB;IAC3C,OAAO,CAAC,cAAc,CAAuB;IAC7C,OAAO,CAAC,IAAI,CAAgB;IAC5B,OAAO,CAAC,kBAAkB,CAA2C;IACrE,OAAO,CAAC,cAAc,CAAS;IAC/B,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,gBAAgB,CAAsB;gBAElC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,kBAAkB;IAYzD,YAAY,CAAC,QAAQ,EAAE,uBAAuB,GAAG,IAAI;IAIrD,aAAa,CAAC,QAAQ,EAAE,uBAAuB,GAAG,IAAI;IAItD,OAAO,CAAC,cAAc;IAYtB,OAAO,CAAC,SAAS;IAcjB,OAAO,CAAC,wBAAwB;IAgBhC,cAAc,CAAC,aAAa,SAAK,GAAG,OAAO;IAKrC,KAAK,CAAC,WAAW,EAAE,eAAe,GAAG,OAAO,CAAC,YAAY,CAAC;IAmB1D,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC;IA4BjC,mBAAmB,IAAI,KAAK,GAAG,IAAI;IAInC,QAAQ,IAAI,MAAM,GAAG,IAAI;IAIzB,eAAe,IAAI,MAAM,GAAG,IAAI;IAIhC,eAAe,IAAI,OAAO;IAI1B,UAAU,IAAI,OAAO;IAIf,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC;IA6BhC,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAK7B,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI;IAIpC,SAAS,CAAC,WAAW,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,IAAI;CAK3D"}