@cheqd/studio 3.0.0-develop.1

package/dist/middleware/auth/auth-gaurd.js

@@ -0,0 +1,117 @@
+import { StatusCodes } from 'http-status-codes';
+import { SwaggerUserInfoFetcher } from './user-info-fetcher/swagger-ui.js';
+import { PortalUserInfoFetcher } from './user-info-fetcher/portal-token.js';
+import { IdTokenUserInfoFetcher } from './user-info-fetcher/idtoken.js';
+import { M2MCredsTokenUserInfoFetcher } from './user-info-fetcher/m2m-creds-token.js';
+import { APITokenUserInfoFetcher } from './user-info-fetcher/api-token.js';
+export class APIGuard {
+    authRuleRepository;
+    userInfoFetcher;
+    oauthProvider;
+    static bearerTokenIdentifier = 'Bearer';
+    pathSkip = ['/swagger', '/static', '/logto', '/account/bootstrap', '/admin/webhook'];
+    constructor(authRuleRepository, oauthProvider) {
+        this.authRuleRepository = authRuleRepository;
+        this.oauthProvider = oauthProvider;
+        this.userInfoFetcher = new SwaggerUserInfoFetcher(this.oauthProvider);
+    }
+    /**
+     * Executes the authentication guard for incoming requests.
+     *
+     * @param {Request} request - The incoming request object.
+     * @param {Response} response - The outgoing response object.
+     * @param {NextFunction} next - The next middleware function in the chain.
+     * @return {void}
+     */
+    async guard(request, response, next) {
+        const authRule = this.authRuleRepository.match(request);
+        if (!authRule) {
+            return response.status(StatusCodes.BAD_REQUEST).send({
+                error: `Bad Request. No auth rules for handling such request: ${request.method} ${request.path} or please check that namespace scpecified correctly.`,
+            });
+        }
+        // Set user info fetcher
+        this.chooseUserFetcherStrategy(request);
+        // There some requests where API guarding is not needed
+        if (!request.user.isAuthenticated && authRule.isAllowedUnauthorized()) {
+            return next();
+        }
+        // Get User info. scopes and user id maybe placed in M2M, API token or using Swagger UI
+        const resp = await this.userInfoFetcher.fetch(request, response, this.oauthProvider);
+        if (resp) {
+            return resp;
+        }
+        // Checks if the list of scopes from user enough to make an action
+        if (!authRule.isAllowedUnauthorized() && !authRule.areValidScopes(response.locals.scopes)) {
+            return response.status(StatusCodes.FORBIDDEN).send({
+                error: `Unauthorized error: Your account is not authorized to carry out this action.`,
+            });
+        }
+        return next();
+    }
+    /**
+     * Chooses the appropriate user fetcher strategy based on the request headers.
+     *
+     * @param {Request} request - The request object containing the headers.
+     * @return {void} This function does not return a value.
+     */
+    chooseUserFetcherStrategy(request) {
+        const bearerToken = APIGuard.extractBearerTokenFromHeaders(request.headers);
+        const portalToken = request.headers['id-token'];
+        const m2mCreds = request.headers['customer-id'];
+        const apiToken = request.headers['x-api-key'];
+        if (apiToken) {
+            this.setUserInfoStrategy(new APITokenUserInfoFetcher(apiToken, this.oauthProvider));
+            return;
+        }
+        if (m2mCreds) {
+            this.setUserInfoStrategy(new M2MCredsTokenUserInfoFetcher(m2mCreds, this.oauthProvider));
+            return;
+        }
+        if (portalToken && bearerToken) {
+            this.setUserInfoStrategy(new PortalUserInfoFetcher(bearerToken, portalToken, this.oauthProvider));
+            return;
+        }
+        if (bearerToken) {
+            this.setUserInfoStrategy(new IdTokenUserInfoFetcher(bearerToken, this.oauthProvider));
+            return;
+        }
+        this.setUserInfoStrategy(new SwaggerUserInfoFetcher(this.oauthProvider));
+    }
+    /**
+     * Sets the user info strategy for the API guard.
+     *
+     * @param {IUserInfoFetcher} strategy - The strategy to set as the user info fetcher.
+     * @return {void} This function does not return anything.
+     */
+    setUserInfoStrategy(strategy) {
+        this.userInfoFetcher = strategy;
+    }
+    /**
+     * Extracts the bearer token from the incoming HTTP headers.
+     *
+     * @param {IncomingHttpHeaders} headers - The incoming HTTP headers
+     * @return {string | unknown} The extracted bearer token
+     */
+    static extractBearerTokenFromHeaders({ authorization }) {
+        if (authorization && authorization.startsWith(this.bearerTokenIdentifier)) {
+            return authorization.slice(this.bearerTokenIdentifier.length + 1);
+        }
+        return undefined;
+    }
+    /**
+     * Checks if the given path should be skipped based on the list of paths to skip.
+     *
+     * @param {string} path - The path to check.
+     * @return {boolean} True if the path should be skipped, false otherwise.
+     */
+    skipPath(path) {
+        for (const ps of this.pathSkip) {
+            if (path === '/' || path.startsWith(ps)) {
+                return true;
+            }
+        }
+        return false;
+    }
+}
+//# sourceMappingURL=auth-gaurd.js.map

package/dist/middleware/auth/auth-gaurd.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-gaurd.js","sourceRoot":"","sources":["../../../src/middleware/auth/auth-gaurd.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAKhD,OAAO,EAAE,sBAAsB,EAAE,MAAM,mCAAmC,CAAC;AAG3E,OAAO,EAAE,qBAAqB,EAAE,MAAM,qCAAqC,CAAC;AAC5E,OAAO,EAAE,sBAAsB,EAAE,MAAM,gCAAgC,CAAC;AACxE,OAAO,EAAE,4BAA4B,EAAE,MAAM,wCAAwC,CAAC;AACtF,OAAO,EAAE,uBAAuB,EAAE,MAAM,kCAAkC,CAAC;AAE3E,MAAM,OAAO,QAAQ;IACZ,kBAAkB,CAAqB;IACvC,eAAe,CAAmB;IAClC,aAAa,CAAiB;IAC9B,MAAM,CAAC,qBAAqB,GAAG,QAAQ,CAAC;IACxC,QAAQ,GAAG,CAAC,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,oBAAoB,EAAE,gBAAgB,CAAC,CAAC;IAE7F,YAAY,kBAAsC,EAAE,aAA6B;QAChF,IAAI,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;QAC7C,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;QACnC,IAAI,CAAC,eAAe,GAAG,IAAI,sBAAsB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACvE,CAAC;IAED;;;;;;;OAOG;IACI,KAAK,CAAC,KAAK,CAAC,OAAgB,EAAE,QAAkB,EAAE,IAAkB;QAC1E,MAAM,QAAQ,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACxD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACf,OAAO,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC;gBACpD,KAAK,EAAE,yDAAyD,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,IAAI,uDAAuD;aAC/G,CAAC,CAAC;QAC1C,CAAC;QAED,wBAAwB;QACxB,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAC;QAExC,uDAAuD;QACvD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,eAAe,IAAI,QAAQ,CAAC,qBAAqB,EAAE,EAAE,CAAC;YACvE,OAAO,IAAI,EAAE,CAAC;QACf,CAAC;QAED,uFAAuF;QACvF,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QACrF,IAAI,IAAI,EAAE,CAAC;YACV,OAAO,IAAI,CAAC;QACb,CAAC;QAED,kEAAkE;QAClE,IAAI,CAAC,QAAQ,CAAC,qBAAqB,EAAE,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3F,OAAO,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC;gBAClD,KAAK,EAAE,8EAA8E;aAC/C,CAAC,CAAC;QAC1C,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IACf,CAAC;IAED;;;;;OAKG;IACK,yBAAyB,CAAC,OAAgB;QACjD,MAAM,WAAW,GAAG,QAAQ,CAAC,6BAA6B,CAAC,OAAO,CAAC,OAAO,CAAW,CAAC;QACtF,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,CAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAW,CAAC;QAC1D,MAAM,QAAQ,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,CAAW,CAAC;QAExD,IAAI,QAAQ,EAAE,CAAC;YACd,IAAI,CAAC,mBAAmB,CAAC,IAAI,uBAAuB,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YACpF,OAAO;QACR,CAAC;QAED,IAAI,QAAQ,EAAE,CAAC;YACd,IAAI,CAAC,mBAAmB,CAAC,IAAI,4BAA4B,CAAC,QAAQ,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YACzF,OAAO;QACR,CAAC;QAED,IAAI,WAAW,IAAI,WAAW,EAAE,CAAC;YAChC,IAAI,CAAC,mBAAmB,CAAC,IAAI,qBAAqB,CAAC,WAAW,EAAE,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YAClG,OAAO;QACR,CAAC;QAED,IAAI,WAAW,EAAE,CAAC;YACjB,IAAI,CAAC,mBAAmB,CAAC,IAAI,sBAAsB,CAAC,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;YACtF,OAAO;QACR,CAAC;QAED,IAAI,CAAC,mBAAmB,CAAC,IAAI,sBAAsB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;IAC1E,CAAC;IAED;;;;;OAKG;IACI,mBAAmB,CAAC,QAA0B;QACpD,IAAI,CAAC,eAAe,GAAG,QAAQ,CAAC;IACjC,CAAC;IAED;;;;;OAKG;IACI,MAAM,CAAC,6BAA6B,CAAC,EAAE,aAAa,EAAuB;QACjF,IAAI,aAAa,IAAI,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,qBAAqB,CAAC,EAAE,CAAC;YAC3E,OAAO,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACnE,CAAC;QACD,OAAO,SAAS,CAAC;IAClB,CAAC;IAED;;;;;OAKG;IACI,QAAQ,CAAC,IAAY;QAC3B,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAChC,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAC;YACb,CAAC;QACF,CAAC;QACD,OAAO,KAAK,CAAC;IACd,CAAC"}

package/dist/middleware/auth/logto-helper.d.ts

@@ -0,0 +1,44 @@
+import type { ICommonErrorResponse } from '../../types/authentication.js';
+import type { IOAuthProvider } from './oauth/abstract.js';
+import { OAuthProvider } from './oauth/abstract.js';
+export declare class LogToHelper extends OAuthProvider implements IOAuthProvider {
+    private m2mToken;
+    private allScopes;
+    private allResourceWithNames;
+    defaultScopes: string[];
+    private m2mGetTokenAttempts;
+    constructor();
+    setup(): Promise<ICommonErrorResponse>;
+    private getM2MToken;
+    private isTokenExpired;
+    getAllScopes(): string[];
+    getDefaultScopes(): string[];
+    getAllResourcesWithNames(): string[];
+    setDefaultRoleForUser(userId: string): Promise<ICommonErrorResponse>;
+    setDefaultRoleForApp(appId: string): Promise<ICommonErrorResponse>;
+    private returnOk;
+    private returnError;
+    getUserScopes(userId: string): Promise<ICommonErrorResponse>;
+    getAppScopes(appId: string): Promise<ICommonErrorResponse>;
+    private setDefaultScopes;
+    private setAllScopes;
+    private getScopesForRole;
+    private getScopesForResource;
+    getScopesForRolesList(roles: string[]): Promise<ICommonErrorResponse>;
+    getRolesForUser(userId: string): Promise<ICommonErrorResponse>;
+    getRolesForApp(appId: string): Promise<ICommonErrorResponse>;
+    private getRoleInfo;
+    private assignDefaultRoleForUser;
+    private assignDefaultRoleForApp;
+    private getRoleIdByName;
+    updateCustomData(userId: string, customData: any): Promise<ICommonErrorResponse>;
+    private getUserInfo;
+    getCustomData(userId: string): Promise<ICommonErrorResponse>;
+    private setAllResourcesWithNames;
+    getAllResources(): Promise<ICommonErrorResponse>;
+    private patchToLogto;
+    private postToLogto;
+    private getToLogto;
+    private setM2MToken;
+}
+//# sourceMappingURL=logto-helper.d.ts.map

package/dist/middleware/auth/logto-helper.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logto-helper.d.ts","sourceRoot":"","sources":["../../../src/middleware/auth/logto-helper.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AAI1E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAIpD,qBAAa,WAAY,SAAQ,aAAc,YAAW,cAAc;IACvE,OAAO,CAAC,QAAQ,CAAS;IACzB,OAAO,CAAC,SAAS,CAAW;IAC5B,OAAO,CAAC,oBAAoB,CAAW;IAChC,aAAa,EAAE,MAAM,EAAE,CAAC;IAC/B,OAAO,CAAC,mBAAmB,CAAK;;IAUnB,KAAK,IAAI,OAAO,CAAC,oBAAoB,CAAC;YAqBrC,WAAW;IAoBzB,OAAO,CAAC,cAAc;IAMf,YAAY,IAAI,MAAM,EAAE;IAIxB,gBAAgB,IAAI,MAAM,EAAE;IAI5B,wBAAwB,IAAI,MAAM,EAAE;IAI9B,qBAAqB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAepE,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAgB/E,OAAO,CAAC,QAAQ;IAQhB,OAAO,CAAC,WAAW;IASN,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAgB5D,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;YAgBzD,gBAAgB;YAwBhB,YAAY;YAmBZ,gBAAgB;YAoBhB,oBAAoB;IAoBrB,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAiBrE,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAW9D,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;YAW3D,WAAW;YASX,wBAAwB;YAiCxB,uBAAuB;YAavB,eAAe;IAsBhB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC;YAY/E,WAAW;IASZ,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;YAU3D,wBAAwB;IAczB,eAAe,IAAI,OAAO,CAAC,oBAAoB,CAAC;YAW/C,YAAY;YAgBZ,WAAW;YAgBX,UAAU;YAgBV,WAAW;CAgCzB"}

package/dist/middleware/auth/logto-helper.js

@@ -0,0 +1,438 @@
+import { StatusCodes } from 'http-status-codes';
+import jwt from 'jsonwebtoken';
+import * as dotenv from 'dotenv';
+import { OAuthProvider } from './oauth/abstract.js';
+import { EventTracker, eventTracker } from '../../services/track/tracker.js';
+dotenv.config();
+export class LogToHelper extends OAuthProvider {
+    m2mToken;
+    allScopes;
+    allResourceWithNames;
+    defaultScopes;
+    m2mGetTokenAttempts = 5;
+    constructor() {
+        super();
+        this.m2mToken = '';
+        this.allScopes = [];
+        this.defaultScopes = [];
+        this.allResourceWithNames = [];
+    }
+    async setup() {
+        let _r = {};
+        _r = await this.setM2MToken();
+        if (_r.status !== StatusCodes.OK) {
+            return _r;
+        }
+        _r = await this.setDefaultScopes();
+        if (_r.status !== StatusCodes.OK) {
+            return _r;
+        }
+        _r = await this.setAllScopes();
+        if (_r.status !== StatusCodes.OK) {
+            return _r;
+        }
+        _r = await this.setAllResourcesWithNames();
+        if (_r.status !== StatusCodes.OK) {
+            return _r;
+        }
+        return this.returnOk({});
+    }
+    async getM2MToken() {
+        if (!this.m2mToken || this.isTokenExpired(this.m2mToken)) {
+            for (let i = 0; i < this.m2mGetTokenAttempts; i++) {
+                const response = await this.setM2MToken();
+                if (response.status === StatusCodes.OK) {
+                    return this.m2mToken;
+                }
+                await eventTracker.notify({
+                    message: EventTracker.compileBasicNotification('Failed to get M2M token, Attempt ' + i + ' of ' + this.m2mGetTokenAttempts, 'M2M token issuing'),
+                    severity: 'error',
+                });
+            }
+            throw new Error('Failed to get M2M token after ' + this.m2mGetTokenAttempts + ' attempts');
+        }
+        return this.m2mToken;
+    }
+    isTokenExpired(token) {
+        const { exp } = jwt.decode(token);
+        return Date.now() >= exp * 1000;
+    }
+    getAllScopes() {
+        return this.allScopes;
+    }
+    getDefaultScopes() {
+        return this.defaultScopes;
+    }
+    getAllResourcesWithNames() {
+        return this.allResourceWithNames;
+    }
+    async setDefaultRoleForUser(userId) {
+        const roles = await this.getRolesForUser(userId);
+        if (roles.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, roles.error);
+        }
+        // Check that default role is set
+        for (const role of roles.data) {
+            if (role.id === process.env.LOGTO_DEFAULT_ROLE_ID) {
+                return this.returnOk(roles.data);
+            }
+        }
+        // Assign a default role to a user
+        return await this.assignDefaultRoleForUser(userId, process.env.LOGTO_DEFAULT_ROLE_ID);
+    }
+    async setDefaultRoleForApp(appId) {
+        const roles = await this.getRolesForUser(appId);
+        if (roles.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, roles.error);
+        }
+        // Check that default role is set
+        for (const role of roles.data) {
+            if (role.id === process.env.LOGTO_DEFAULT_ROLE_ID) {
+                return this.returnOk(roles.data);
+            }
+        }
+        // Assign a default role to a user
+        return await this.assignDefaultRoleForApp(appId, process.env.LOGTO_DEFAULT_ROLE_ID);
+    }
+    returnOk(data) {
+        return {
+            status: StatusCodes.OK,
+            error: '',
+            data: data,
+        };
+    }
+    returnError(status, error, data = {}) {
+        return {
+            status: status,
+            error: error,
+            data: data,
+        };
+    }
+    // Scopes
+    async getUserScopes(userId) {
+        const scopes = [];
+        const roles = await this.getRolesForUser(userId);
+        if (roles.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, roles.error);
+        }
+        // Check that default role is set
+        for (const role of roles.data) {
+            const _s = await this.getScopesForRole(role.id);
+            if (_s.status === StatusCodes.OK) {
+                scopes.push(..._s.data);
+            }
+        }
+        return this.returnOk(scopes);
+    }
+    async getAppScopes(appId) {
+        const scopes = [];
+        const roles = await this.getRolesForApp(appId);
+        if (roles.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, roles.error);
+        }
+        // Check that default role is set
+        for (const role of roles.data) {
+            const _s = await this.getScopesForRole(role.id);
+            if (_s.status === StatusCodes.OK) {
+                scopes.push(..._s.data);
+            }
+        }
+        return this.returnOk(scopes);
+    }
+    async setDefaultScopes() {
+        const _r = await this.getAllResources();
+        if (_r.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `Looks like ${process.env.LOGTO_DEFAULT_RESOURCE_URL} is not setup on LogTo side`);
+        }
+        for (const r of _r.data) {
+            if (r.indicator === process.env.LOGTO_DEFAULT_RESOURCE_URL) {
+                const _rr = await this.getScopesForResource(r.id);
+                if (_rr.status === StatusCodes.OK) {
+                    this.defaultScopes = _rr.data;
+                    return this.returnOk({});
+                }
+                else {
+                    return _rr;
+                }
+            }
+        }
+        return this.returnError(StatusCodes.BAD_GATEWAY, `Looks like resource with id ${process.env.LOGTO_DEFAULT_RESOURCE_URL} is not placed on LogTo`);
+    }
+    async setAllScopes() {
+        const allResources = await this.getAllResources();
+        if (allResources.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `setAllScopes: Error while getting all resources`);
+        }
+        for (const resource of allResources.data) {
+            if (resource.id !== 'management-api') {
+                const scopes = await this.getScopesForResource(resource.id);
+                if (scopes.status !== StatusCodes.OK) {
+                    return this.returnError(StatusCodes.BAD_GATEWAY, `setAllScopes: Error while getting the scopes for ${resource.id}`);
+                }
+                this.allScopes = this.allScopes.concat(scopes.data);
+            }
+        }
+        return this.returnOk({});
+    }
+    async getScopesForRole(roleId) {
+        const uri = new URL(`/api/roles/${roleId}/scopes`, process.env.LOGTO_ENDPOINT);
+        const scopes = [];
+        try {
+            const metadata = await this.getToLogto(uri, 'GET');
+            if (metadata && metadata.status !== StatusCodes.OK) {
+                return this.returnError(StatusCodes.BAD_GATEWAY, `askRoleForScopes: Error while getting the all scopes for the role ${roleId}`);
+            }
+            for (const sc of metadata.data) {
+                scopes.push(sc.name);
+            }
+            return this.returnOk(scopes);
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `askRoleForScopes ${err}`);
+        }
+    }
+    async getScopesForResource(resourceId) {
+        const uri = new URL(`/api/resources/${resourceId}/scopes`, process.env.LOGTO_ENDPOINT);
+        const scopes = [];
+        try {
+            const metadata = await this.getToLogto(uri, 'GET');
+            if (metadata && metadata.status !== StatusCodes.OK) {
+                return this.returnError(StatusCodes.BAD_GATEWAY, `askResourceForScopes: Error while getting the all scopes for the resource ${resourceId}`);
+            }
+            for (const sc of metadata.data) {
+                scopes.push(sc.name);
+            }
+            return this.returnOk(scopes);
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `askResourceForScopes ${err}`);
+        }
+    }
+    async getScopesForRolesList(roles) {
+        const scopes = [];
+        for (const role of roles) {
+            const roleId = await this.getRoleIdByName(role);
+            if (roleId.status !== StatusCodes.OK) {
+                return this.returnError(StatusCodes.BAD_GATEWAY, roleId.error);
+            }
+            const _r = await this.getScopesForRole(roleId.data);
+            if (_r.status !== StatusCodes.OK) {
+                return _r;
+            }
+            scopes.push(..._r.data);
+        }
+        return this.returnOk(scopes);
+    }
+    // Roles
+    async getRolesForUser(userId) {
+        const uri = new URL(`/api/users/${userId}/roles`, process.env.LOGTO_ENDPOINT);
+        try {
+            // Note: By default, the API returns first 20 roles.
+            // If our roles per user grows to more than 20, we need to implement pagination
+            return await this.getToLogto(uri, 'GET');
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getRolesForUser ${err}`);
+        }
+    }
+    async getRolesForApp(appId) {
+        const uri = new URL(`/api/applications/${appId}/roles`, process.env.LOGTO_ENDPOINT);
+        try {
+            // Note: By default, the API returns first 20 roles.
+            // If our roles per user grows to more than 20, we need to implement pagination
+            return await this.getToLogto(uri, 'GET');
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getRolesForUser ${err}`);
+        }
+    }
+    async getRoleInfo(roleId) {
+        const uri = new URL(`/api/roles/${roleId}`, process.env.LOGTO_ENDPOINT);
+        try {
+            return await this.getToLogto(uri, 'GET');
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getRoleInfo ${err}`);
+        }
+    }
+    async assignDefaultRoleForUser(userId, roleId) {
+        const userInfo = await this.getUserInfo(userId);
+        const uri = new URL(`/api/users/${userId}/roles`, process.env.LOGTO_ENDPOINT);
+        if (userInfo.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `Could not fetch the info about role with roleId ${roleId}`);
+        }
+        // Means that user exists
+        if (userInfo.data.isSuspended === 'true') {
+            return this.returnError(StatusCodes.FORBIDDEN, 'User is suspended');
+        }
+        // Means it's not suspended
+        const role = await this.getRoleInfo(roleId);
+        if (role.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `Could not fetch the info about user with userId ${userId} because of error from authority server: ${role.error}`);
+        }
+        // Such role exists
+        try {
+            const body = {
+                roleIds: [roleId],
+            };
+            return await this.postToLogto(uri, body, { 'Content-Type': 'application/json' });
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getRolesForUser ${err}`);
+        }
+    }
+    async assignDefaultRoleForApp(appId, roleId) {
+        const uri = new URL(`/api/applications/${appId}/roles`, process.env.LOGTO_ENDPOINT);
+        // Such role exists
+        try {
+            const body = {
+                roleIds: [roleId],
+            };
+            return await this.postToLogto(uri, body, { 'Content-Type': 'application/json' });
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getRolesForUser ${err}`);
+        }
+    }
+    async getRoleIdByName(roleName) {
+        const uri = new URL(`/api/roles`, process.env.LOGTO_ENDPOINT);
+        try {
+            const metadata = await this.getToLogto(uri, 'GET');
+            if (metadata && metadata.status !== StatusCodes.OK) {
+                return this.returnError(StatusCodes.BAD_GATEWAY, `getRoleIdByName: Error while getting the all roles`);
+            }
+            for (const role of metadata.data) {
+                if (role.name === roleName) {
+                    return this.returnOk(role.id);
+                }
+            }
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getRoleIdByName: Could not find role with name ${roleName}`);
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getRoleIdByName ${err}`);
+        }
+    }
+    // Users
+    async updateCustomData(userId, customData) {
+        const uri = new URL(`/api/users/${userId}/custom-data`, process.env.LOGTO_ENDPOINT);
+        try {
+            const body = {
+                customData: customData,
+            };
+            return await this.patchToLogto(uri, body, { 'Content-Type': 'application/json' });
+        }
+        catch (err) {
+            return this.returnError(500, `updateCustomData ${err}`);
+        }
+    }
+    async getUserInfo(userId) {
+        const uri = new URL(`/api/users/${userId}`, process.env.LOGTO_ENDPOINT);
+        try {
+            return await this.getToLogto(uri, 'GET');
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getUserInfo ${err}`);
+        }
+    }
+    async getCustomData(userId) {
+        const uri = new URL(`/api/users/${userId}/custom-data`, process.env.LOGTO_ENDPOINT);
+        try {
+            return await this.getToLogto(uri, 'GET');
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getCustomData ${err}`);
+        }
+    }
+    // Resources
+    async setAllResourcesWithNames() {
+        const allResources = await this.getAllResources();
+        if (allResources.status !== StatusCodes.OK) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `setAllResourcesWithNames: Error while getting all resources. Error: ${allResources.error}`);
+        }
+        for (const resource of allResources.data) {
+            this.allResourceWithNames.push(resource.indicator);
+        }
+        return this.returnOk({});
+    }
+    async getAllResources() {
+        const uri = new URL(`/api/resources`, process.env.LOGTO_ENDPOINT);
+        try {
+            return await this.getToLogto(uri, 'GET');
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, `getAllResources ${err}`);
+        }
+    }
+    // Utils
+    async patchToLogto(uri, body, headers = {}) {
+        const response = await fetch(uri, {
+            headers: {
+                ...headers,
+                Authorization: 'Bearer ' + this.m2mToken,
+            },
+            body: JSON.stringify(body),
+            method: 'PATCH',
+        });
+        if (!response.ok) {
+            return this.returnError(response.status, await response.json());
+        }
+        return this.returnOk({});
+    }
+    async postToLogto(uri, body, headers = {}) {
+        const response = await fetch(uri, {
+            headers: {
+                ...headers,
+                Authorization: 'Bearer ' + (await this.getM2MToken()),
+            },
+            body: JSON.stringify(body),
+            method: 'POST',
+        });
+        if (!response.ok) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, await response.json());
+        }
+        return this.returnOk({});
+    }
+    async getToLogto(uri, headers = {}) {
+        const response = await fetch(uri, {
+            headers: {
+                ...headers,
+                Authorization: 'Bearer ' + (await this.getM2MToken()),
+            },
+            method: 'GET',
+        });
+        if (!response.ok) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, await response.json());
+        }
+        const metadata = await response.json();
+        return this.returnOk(metadata);
+    }
+    async setM2MToken() {
+        const searchParams = new URLSearchParams({
+            grant_type: 'client_credentials',
+            resource: process.env.LOGTO_MANAGEMENT_API,
+            scope: 'all',
+        });
+        const uri = new URL('/oidc/token', process.env.LOGTO_ENDPOINT);
+        const token = `Basic ${btoa(process.env.LOGTO_M2M_APP_ID + ':' + process.env.LOGTO_M2M_APP_SECRET)}`;
+        try {
+            const response = await fetch(uri, {
+                method: 'POST',
+                body: searchParams,
+                headers: {
+                    'Content-Type': 'application/x-www-form-urlencoded',
+                    Authorization: token,
+                },
+            });
+            if (!response.ok) {
+                return this.returnError(StatusCodes.BAD_GATEWAY, 'Error while bootstrapping the connection with authority server');
+            }
+            const data = await response.json();
+            this.m2mToken = data.access_token;
+            return this.returnOk({});
+        }
+        catch (err) {
+            return this.returnError(StatusCodes.BAD_GATEWAY, 'Error while communicating with authority server');
+        }
+    }
+}
+//# sourceMappingURL=logto-helper.js.map

package/dist/middleware/auth/logto-helper.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logto-helper.js","sourceRoot":"","sources":["../../../src/middleware/auth/logto-helper.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,GAAG,MAAM,cAAc,CAAC;AAC/B,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AAEjC,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,iCAAiC,CAAC;AAC7E,MAAM,CAAC,MAAM,EAAE,CAAC;AAEhB,MAAM,OAAO,WAAY,SAAQ,aAAa;IACrC,QAAQ,CAAS;IACjB,SAAS,CAAW;IACpB,oBAAoB,CAAW;IAChC,aAAa,CAAW;IACvB,mBAAmB,GAAG,CAAC,CAAC;IAEhC;QACC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,QAAQ,GAAG,EAAE,CAAC;QACnB,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC;QACpB,IAAI,CAAC,aAAa,GAAG,EAAE,CAAC;QACxB,IAAI,CAAC,oBAAoB,GAAG,EAAE,CAAC;IAChC,CAAC;IAEM,KAAK,CAAC,KAAK;QACjB,IAAI,EAAE,GAAG,EAA0B,CAAC;QACpC,EAAE,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;QAC9B,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YAClC,OAAO,EAAE,CAAC;QACX,CAAC;QACD,EAAE,GAAG,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACnC,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YAClC,OAAO,EAAE,CAAC;QACX,CAAC;QACD,EAAE,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC/B,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YAClC,OAAO,EAAE,CAAC;QACX,CAAC;QACD,EAAE,GAAG,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAC3C,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YAClC,OAAO,EAAE,CAAC;QACX,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,WAAW;QACxB,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;gBAC1C,IAAI,QAAQ,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;oBACxC,OAAO,IAAI,CAAC,QAAQ,CAAC;gBACtB,CAAC;gBACD,MAAM,YAAY,CAAC,MAAM,CAAC;oBACzB,OAAO,EAAE,YAAY,CAAC,wBAAwB,CAC7C,mCAAmC,GAAG,CAAC,GAAG,MAAM,GAAG,IAAI,CAAC,mBAAmB,EAC3E,mBAAmB,CACnB;oBACD,QAAQ,EAAE,OAAO;iBACjB,CAAC,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,KAAK,CAAC,gCAAgC,GAAG,IAAI,CAAC,mBAAmB,GAAG,WAAW,CAAC,CAAC;QAC5F,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC;IACtB,CAAC;IAEO,cAAc,CAAC,KAAa;QACnC,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAE/B,CAAC;QACF,OAAO,IAAI,CAAC,GAAG,EAAE,IAAI,GAAG,GAAG,IAAI,CAAC;IACjC,CAAC;IACM,YAAY;QAClB,OAAO,IAAI,CAAC,SAAS,CAAC;IACvB,CAAC;IAEM,gBAAgB;QACtB,OAAO,IAAI,CAAC,aAAa,CAAC;IAC3B,CAAC;IAEM,wBAAwB;QAC9B,OAAO,IAAI,CAAC,oBAAoB,CAAC;IAClC,CAAC;IAEM,KAAK,CAAC,qBAAqB,CAAC,MAAc;QAChD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QACjD,IAAI,KAAK,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QAC/D,CAAC;QACD,iCAAiC;QACjC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;YAC/B,IAAI,IAAI,CAAC,EAAE,KAAK,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,CAAC;gBACnD,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;QACF,CAAC;QACD,kCAAkC;QAClC,OAAO,MAAM,IAAI,CAAC,wBAAwB,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACvF,CAAC;IAEM,KAAK,CAAC,oBAAoB,CAAC,KAAa;QAC9C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAChD,IAAI,KAAK,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QAC/D,CAAC;QACD,iCAAiC;QACjC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;YAC/B,IAAI,IAAI,CAAC,EAAE,KAAK,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,CAAC;gBACnD,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAClC,CAAC;QACF,CAAC;QAED,kCAAkC;QAClC,OAAO,MAAM,IAAI,CAAC,uBAAuB,CAAC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACrF,CAAC;IAEO,QAAQ,CAAC,IAAS;QACzB,OAAO;YACN,MAAM,EAAE,WAAW,CAAC,EAAE;YACtB,KAAK,EAAE,EAAE;YACT,IAAI,EAAE,IAAI;SACV,CAAC;IACH,CAAC;IAEO,WAAW,CAAC,MAAc,EAAE,KAAa,EAAE,OAAY,EAAE;QAChE,OAAO;YACN,MAAM,EAAE,MAAM;YACd,KAAK,EAAE,KAAK;YACZ,IAAI,EAAE,IAAI;SACV,CAAC;IACH,CAAC;IAED,SAAS;IACF,KAAK,CAAC,aAAa,CAAC,MAAc;QACxC,MAAM,MAAM,GAAG,EAAc,CAAC;QAC9B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QACjD,IAAI,KAAK,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QAC/D,CAAC;QACD,iCAAiC;QACjC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;YAC/B,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAChD,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;gBAClC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;YACzB,CAAC;QACF,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAEM,KAAK,CAAC,YAAY,CAAC,KAAa;QACtC,MAAM,MAAM,GAAG,EAAc,CAAC;QAC9B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;QAC/C,IAAI,KAAK,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;QAC/D,CAAC;QACD,iCAAiC;QACjC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;YAC/B,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAChD,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;gBAClC,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;YACzB,CAAC;QACF,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAEO,KAAK,CAAC,gBAAgB;QAC7B,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QACxC,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YAClC,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,cAAc,OAAO,CAAC,GAAG,CAAC,0BAA0B,6BAA6B,CACjF,CAAC;QACH,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,SAAS,KAAK,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,CAAC;gBAC5D,MAAM,GAAG,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAClD,IAAI,GAAG,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;oBACnC,IAAI,CAAC,aAAa,GAAG,GAAG,CAAC,IAAI,CAAC;oBAC9B,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACP,OAAO,GAAG,CAAC;gBACZ,CAAC;YACF,CAAC;QACF,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,+BAA+B,OAAO,CAAC,GAAG,CAAC,0BAA0B,yBAAyB,CAC9F,CAAC;IACH,CAAC;IACO,KAAK,CAAC,YAAY;QACzB,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAClD,IAAI,YAAY,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,iDAAiD,CAAC,CAAC;QACrG,CAAC;QACD,KAAK,MAAM,QAAQ,IAAI,YAAY,CAAC,IAAI,EAAE,CAAC;YAC1C,IAAI,QAAQ,CAAC,EAAE,KAAK,gBAAgB,EAAE,CAAC;gBACtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;gBAC5D,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;oBACtC,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,oDAAoD,QAAQ,CAAC,EAAE,EAAE,CACjE,CAAC;gBACH,CAAC;gBACD,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACrD,CAAC;QACF,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IACO,KAAK,CAAC,gBAAgB,CAAC,MAAc;QAC5C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,MAAM,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAC/E,MAAM,MAAM,GAAG,EAAE,CAAC;QAElB,IAAI,CAAC;YACJ,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;gBACpD,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,qEAAqE,MAAM,EAAE,CAC7E,CAAC;YACH,CAAC;YACD,KAAK,MAAM,EAAE,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;YACtB,CAAC;YACD,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,oBAAoB,GAAG,EAAE,CAAC,CAAC;QAC7E,CAAC;IACF,CAAC;IACO,KAAK,CAAC,oBAAoB,CAAC,UAAkB;QACpD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,kBAAkB,UAAU,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACvF,MAAM,MAAM,GAAG,EAAE,CAAC;QAElB,IAAI,CAAC;YACJ,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;gBACpD,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,6EAA6E,UAAU,EAAE,CACzF,CAAC;YACH,CAAC;YACD,KAAK,MAAM,EAAE,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAChC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;YACtB,CAAC;YACD,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC9B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,wBAAwB,GAAG,EAAE,CAAC,CAAC;QACjF,CAAC;IACF,CAAC;IACM,KAAK,CAAC,qBAAqB,CAAC,KAAe;QACjD,MAAM,MAAM,GAAG,EAAE,CAAC;QAClB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YAC1B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAChD,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;gBACtC,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;YAChE,CAAC;YACD,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACpD,IAAI,EAAE,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;gBAClC,OAAO,EAAE,CAAC;YACX,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;QACzB,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC9B,CAAC;IAED,QAAQ;IACD,KAAK,CAAC,eAAe,CAAC,MAAc;QAC1C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,MAAM,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAC9E,IAAI,CAAC;YACJ,oDAAoD;YACpD,+EAA+E;YAC/E,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;IACF,CAAC;IAEM,KAAK,CAAC,cAAc,CAAC,KAAa;QACxC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,qBAAqB,KAAK,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACpF,IAAI,CAAC;YACJ,oDAAoD;YACpD,+EAA+E;YAC/E,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,MAAc;QACvC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,MAAM,EAAE,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACxE,IAAI,CAAC;YACJ,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,eAAe,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,wBAAwB,CAAC,MAAc,EAAE,MAAc;QACpE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,MAAM,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAE9E,IAAI,QAAQ,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,mDAAmD,MAAM,EAAE,CAC3D,CAAC;QACH,CAAC;QACD,yBAAyB;QACzB,IAAI,QAAQ,CAAC,IAAI,CAAC,WAAW,KAAK,MAAM,EAAE,CAAC;YAC1C,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC;QACrE,CAAC;QACD,2BAA2B;QAC3B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC5C,IAAI,IAAI,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YACpC,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,mDAAmD,MAAM,4CAA4C,IAAI,CAAC,KAAK,EAAE,CACjH,CAAC;QACH,CAAC;QACD,mBAAmB;QACnB,IAAI,CAAC;YACJ,MAAM,IAAI,GAAG;gBACZ,OAAO,EAAE,CAAC,MAAM,CAAC;aACjB,CAAC;YACF,OAAO,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,uBAAuB,CAAC,KAAa,EAAE,MAAc;QAClE,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,qBAAqB,KAAK,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACpF,mBAAmB;QACnB,IAAI,CAAC;YACJ,MAAM,IAAI,GAAG;gBACZ,OAAO,EAAE,CAAC,MAAM,CAAC;aACjB,CAAC;YACF,OAAO,MAAM,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,eAAe,CAAC,QAAgB;QAC7C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAC9D,IAAI,CAAC;YACJ,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YACnD,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;gBACpD,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,oDAAoD,CAAC,CAAC;YACxG,CAAC;YACD,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAClC,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBAC5B,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC/B,CAAC;YACF,CAAC;YACD,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,kDAAkD,QAAQ,EAAE,CAC5D,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;IACF,CAAC;IAED,QAAQ;IACD,KAAK,CAAC,gBAAgB,CAAC,MAAc,EAAE,UAAe;QAC5D,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,MAAM,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACpF,IAAI,CAAC;YACJ,MAAM,IAAI,GAAG;gBACZ,UAAU,EAAE,UAAU;aACtB,CAAC;YACF,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC,CAAC;QACnF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,GAAG,EAAE,oBAAoB,GAAG,EAAE,CAAC,CAAC;QACzD,CAAC;IACF,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,MAAc;QACvC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,MAAM,EAAE,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACxE,IAAI,CAAC;YACJ,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,eAAe,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC;IACF,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,MAAc;QACxC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,MAAM,cAAc,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACpF,IAAI,CAAC;YACJ,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,iBAAiB,GAAG,EAAE,CAAC,CAAC;QAC1E,CAAC;IACF,CAAC;IAED,YAAY;IACJ,KAAK,CAAC,wBAAwB;QACrC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;QAClD,IAAI,YAAY,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,uEAAuE,YAAY,CAAC,KAAK,EAAE,CAC3F,CAAC;QACH,CAAC;QACD,KAAK,MAAM,QAAQ,IAAI,YAAY,CAAC,IAAI,EAAE,CAAC;YAC1C,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACpD,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IAEM,KAAK,CAAC,eAAe;QAC3B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAElE,IAAI,CAAC;YACJ,OAAO,MAAM,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC1C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5E,CAAC;IACF,CAAC;IAED,QAAQ;IACA,KAAK,CAAC,YAAY,CAAC,GAAQ,EAAE,IAAS,EAAE,UAAe,EAAE;QAChE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YACjC,OAAO,EAAE;gBACR,GAAG,OAAO;gBACV,aAAa,EAAE,SAAS,GAAG,IAAI,CAAC,QAAQ;aACxC;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;YAC1B,MAAM,EAAE,OAAO;SACf,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YAClB,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QACjE,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,GAAQ,EAAE,IAAS,EAAE,UAAe,EAAE;QAC/D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YACjC,OAAO,EAAE;gBACR,GAAG,OAAO;gBACV,aAAa,EAAE,SAAS,GAAG,CAAC,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;aACrD;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;YAC1B,MAAM,EAAE,MAAM;SACd,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YAClB,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QACzE,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,GAAQ,EAAE,UAAe,EAAE;QACnD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YACjC,OAAO,EAAE;gBACR,GAAG,OAAO;gBACV,aAAa,EAAE,SAAS,GAAG,CAAC,MAAM,IAAI,CAAC,WAAW,EAAE,CAAC;aACrD;YACD,MAAM,EAAE,KAAK;SACb,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YAClB,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;QACzE,CAAC;QACD,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACvC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAEO,KAAK,CAAC,WAAW;QACxB,MAAM,YAAY,GAAG,IAAI,eAAe,CAAC;YACxC,UAAU,EAAE,oBAAoB;YAChC,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAC,oBAA8B;YACpD,KAAK,EAAE,KAAK;SACZ,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QAC/D,MAAM,KAAK,GAAG,SAAS,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,CAAC;QAErG,IAAI,CAAC;YACJ,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBACjC,MAAM,EAAE,MAAM;gBACd,IAAI,EAAE,YAAY;gBAClB,OAAO,EAAE;oBACR,cAAc,EAAE,mCAAmC;oBACnD,aAAa,EAAE,KAAK;iBACpB;aACD,CAAC,CAAC;YACH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBAClB,OAAO,IAAI,CAAC,WAAW,CACtB,WAAW,CAAC,WAAW,EACvB,gEAAgE,CAChE,CAAC;YACH,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC;YAClC,OAAO,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC1B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACd,OAAO,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,iDAAiD,CAAC,CAAC;QACrG,CAAC;IACF,CAAC;CACD"}

package/dist/middleware/auth/oauth/abstract.d.ts

@@ -0,0 +1,22 @@
+import type { ICommonErrorResponse } from '../../../types/authentication.js';
+export interface IOAuthProvider {
+    endpoint_issuer: string;
+    endpoint_jwks: string;
+    getAllScopes(): string[] | void;
+    getDefaultScopes(): string[] | void;
+    getAllResourcesWithNames(): string[] | void;
+    getUserScopes(userId: string): Promise<ICommonErrorResponse>;
+    getAppScopes(appId: string): Promise<ICommonErrorResponse>;
+    getScopesForRoles(rolesList: string[]): Promise<string[] | void>;
+}
+export declare abstract class OAuthProvider implements IOAuthProvider {
+    endpoint_issuer: string;
+    endpoint_jwks: string;
+    getAllScopes(): string[] | void;
+    getDefaultScopes(): string[] | void;
+    getAllResourcesWithNames(): string[] | void;
+    getUserScopes(userId: string): Promise<ICommonErrorResponse>;
+    getAppScopes(appId: string): Promise<ICommonErrorResponse>;
+    getScopesForRoles(rolesList: string[]): Promise<string[] | void>;
+}
+//# sourceMappingURL=abstract.d.ts.map

package/dist/middleware/auth/oauth/abstract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"abstract.d.ts","sourceRoot":"","sources":["../../../../src/middleware/auth/oauth/abstract.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAI7E,MAAM,WAAW,cAAc;IAC9B,eAAe,EAAE,MAAM,CAAC;IACxB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,IAAI,MAAM,EAAE,GAAG,IAAI,CAAC;IAChC,gBAAgB,IAAI,MAAM,EAAE,GAAG,IAAI,CAAC;IACpC,wBAAwB,IAAI,MAAM,EAAE,GAAG,IAAI,CAAC;IAC5C,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAC7D,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAC3D,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC;CACjE;AAED,8BAAsB,aAAc,YAAW,cAAc;IAC5D,eAAe,EAAE,MAAM,CAA4B;IACnD,aAAa,EAAE,MAAM,CAAiC;IAEtD,YAAY,IAAI,MAAM,EAAE,GAAG,IAAI;IAG/B,gBAAgB,IAAI,MAAM,EAAE,GAAG,IAAI;IAGnC,wBAAwB,IAAI,MAAM,EAAE,GAAG,IAAI;IAG3C,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAG5D,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAG1D,iBAAiB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC;CAGhE"}