@civic/auth 0.0.1--.tsc.alpha.1 → 0.0.1-beta.1

package/dist/react.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/react/index.ts","../src/react/hooks/useUser.tsx","../src/react/providers/UserProvider.tsx","../src/react/hooks/useAuth.tsx","../src/react/hooks/useToken.tsx","../src/react/providers/TokenProvider.tsx","../src/lib/jwt.ts","../src/shared/AuthProvider.tsx","../src/services/UserInfoService.ts","../src/services/SessionService.ts","../src/lib/oauth.ts","../src/utils.ts","../src/constants.ts","../src/react/components/CivicAuthIframe.tsx","../src/react/components/CivicAuthIframeModal.tsx","../src/react/components/LoadingIcon.tsx","../src/react/components/CloseIcon.tsx","../src/react/components/UserButton.tsx","../src/react/components/SignInButton.tsx","../src/react/components/SignOutButton.tsx","../src/lib/logger.ts","../src/nextjs/config.ts","../src/react/components/NextLogOut.tsx","../src/react/providers/SessionProvider.tsx","../src/config.ts","../src/lib/windowUtil.ts","../src/shared/CivicAuthProvider.tsx","../src/react/providers/NextAuthProvider.tsx","../src/react/hooks/useUserCookie.ts","../src/lib/cookies.ts","../src/react/hooks/useSession.tsx"],"sourcesContent":["// src/react.ts\n// These are the default exports of the project.\n// They are limited by design to ensure that the public API does not expose any internal implementation details.\n// Do not change this without thinking carefully about the impact on the client-facing public API.\nexport * from \"@/react/hooks\";\nexport {\n  CivicAuthProvider,\n  CivicNextAuthProvider,\n  useNextUser,\n} from \"@/react/providers\";\nexport type {\n  AuthContextType,\n  TokenContextType,\n  UserContextType,\n} from \"@/react/providers\";\nexport {\n  UserButton,\n  SignInButton,\n  SignOutButton,\n  NextLogOut,\n} from \"@/react/components\";\n","\"use client\";\nimport { useContext } from \"react\";\nimport { UserContext, UserContextType } from \"@/react/providers\";\n\nconst useUser = <\n  T extends Record<string, unknown> = Record<string, never>,\n>(): UserContextType<T> => {\n  const context = useContext(UserContext);\n\n  if (!context) {\n    throw new Error(\"useUser must be used within a UserProvider\");\n  }\n\n  return context as UserContextType<T>;\n};\n\nexport { useUser };\n","\"use client\";\nimport { createContext, ReactNode } from \"react\";\nimport { useQuery, UseQueryResult } from \"@tanstack/react-query\";\nimport { EmptyObject, User, UserInfoService } from \"@/types\";\nimport { useAuth } from \"@/react/hooks/useAuth\";\nimport { useToken } from \"@/react/hooks/useToken\";\nimport { JWT } from \"oslo/jwt\";\nimport { useSession } from \"@/react/hooks\";\nimport { AuthContextType } from \"../../shared/AuthProvider\";\n\ntype UserContextType<\n  T extends Record<string, unknown> & JWT[\"payload\"] = Record<string, unknown> &\n    JWT[\"payload\"],\n> = {\n  user: User<T> | null;\n} & Omit<AuthContextType, \"isAuthenticated\">;\n\nconst UserContext = createContext<UserContextType | null>(null);\n\nconst UserProvider = <T extends EmptyObject>({\n  children,\n  userInfoService,\n}: {\n  children: ReactNode;\n  userInfoService: UserInfoService | undefined;\n}) => {\n  const { isLoading: authLoading, error: authError } = useAuth();\n  const session = useSession();\n  const { forwardedTokens, idToken, accessToken, refreshToken } = useToken();\n  const { signIn, signOut } = useAuth();\n\n  const fetchUser = async (): Promise<User<T> | null> => {\n    if (!accessToken || !userInfoService) {\n      return null;\n    }\n    const user = await userInfoService?.getUserInfo<T>(accessToken, idToken);\n    if (!user) {\n      return null;\n    }\n    return {\n      ...user,\n      forwardedTokens,\n      idToken,\n      accessToken,\n      refreshToken,\n    };\n  };\n\n  const {\n    data: user,\n    isLoading: userLoading,\n    error: userError,\n  }: UseQueryResult<User<T> | null, Error> = useQuery({\n    queryKey: [\"user\", session?.idToken],\n    queryFn: fetchUser,\n    enabled: !!session?.idToken, // Only run the query if we have an access token\n  });\n\n  const isLoading = authLoading || userLoading;\n  const error = authError || userError;\n\n  return (\n    <UserContext.Provider\n      value={{\n        user: user ?? null,\n        isLoading,\n        error,\n        signIn,\n        signOut,\n      }}\n    >\n      {children}\n    </UserContext.Provider>\n  );\n};\n\nexport type { UserContextType };\n\nexport { UserProvider, UserContext };\n","\"use client\";\nimport { AuthContext } from \"@/react/providers\";\nimport { useContext } from \"react\";\n\nconst useAuth = () => {\n  const context = useContext(AuthContext);\n\n  if (!context) {\n    throw new Error(\"useAuth must be used within an AuthProvider\");\n  }\n\n  return context;\n};\n\nexport { useAuth };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { TokenContext } from \"@/react/providers\";\n\nconst useToken = () => {\n  const context = useContext(TokenContext);\n\n  if (!context) {\n    throw new Error(\"useToken must be used within a TokenProvider\");\n  }\n\n  return context;\n};\n\nexport { useToken };\n","\"use client\";\nimport { createContext, ReactNode, useMemo } from \"react\";\nimport { useMutation, useQueryClient } from \"@tanstack/react-query\";\nimport { useAuth } from \"@/react/hooks\";\nimport { ForwardedTokens, IdToken } from \"@/types\";\nimport { parseJWT } from \"oslo/jwt\";\nimport { useSession } from \"@/react/hooks\";\nimport { convertForwardedTokenFormat } from \"@/lib/jwt.ts\";\n\ntype TokenContextType = {\n  accessToken: string | null;\n  idToken: string | null;\n  forwardedTokens: ForwardedTokens;\n  refreshToken: () => Promise<void>;\n  isLoading: boolean;\n  error: Error | null;\n};\n\nconst TokenContext = createContext<TokenContextType | undefined>(undefined);\n\nconst TokenProvider = ({ children }: { children: ReactNode }) => {\n  const { isLoading, error: authError } = useAuth();\n  const session = useSession();\n  const queryClient = useQueryClient();\n\n  const refreshTokenMutation = useMutation({\n    mutationFn: async () => {\n      // Implement token refresh logic here\n      throw new Error(\"Method not implemented.\");\n    },\n    onSuccess: () => {\n      // Invalidate and refetch queries that depend on the auth session\n      queryClient.invalidateQueries({ queryKey: [\"session\"] });\n    },\n  });\n\n  const decodeTokens = useMemo(() => {\n    if (!session?.idToken) return null;\n\n    const parsedJWT = parseJWT(session.idToken) as IdToken | null;\n\n    if (!parsedJWT) return null;\n\n    const { forwardedTokens } = parsedJWT.payload;\n\n    return forwardedTokens\n      ? convertForwardedTokenFormat(forwardedTokens)\n      : null;\n  }, [session?.idToken]);\n\n  const value = useMemo(\n    () => ({\n      accessToken: session.accessToken || null,\n      idToken: session.idToken || null,\n      forwardedTokens: decodeTokens || {},\n      refreshToken: refreshTokenMutation.mutateAsync,\n      isLoading,\n      error: (authError || refreshTokenMutation.error) as Error | null,\n    }),\n    [\n      session.accessToken,\n      session.idToken,\n      decodeTokens,\n      refreshTokenMutation.mutateAsync,\n      refreshTokenMutation.error,\n      isLoading,\n      authError,\n    ],\n  );\n\n  return (\n    <TokenContext.Provider value={value}>{children}</TokenContext.Provider>\n  );\n};\n\nexport type { TokenContextType };\nexport { TokenProvider, TokenContext };\n","import { ForwardedTokens, ForwardedTokensJWT } from \"@/types.ts\";\n\nexport const convertForwardedTokenFormat = (\n  inputTokens: ForwardedTokensJWT,\n): ForwardedTokens =>\n  Object.fromEntries(\n    Object.entries(inputTokens).map(([source, tokens]) => [\n      source,\n      {\n        idToken: tokens?.id_token,\n        accessToken: tokens?.access_token,\n        refreshToken: tokens?.refresh_token,\n      },\n    ]),\n  );\n","\"use client\";\nimport {\n  createContext,\n  useState,\n  useEffect,\n  useMemo,\n  useCallback,\n  ReactNode,\n  useRef,\n} from \"react\";\nimport { useQuery, useMutation, useQueryClient } from \"@tanstack/react-query\";\nimport { AuthSessionServiceImpl } from \"@/services\";\nimport { Config, DisplayMode, UserInfoService } from \"@/types\";\nimport { CivicAuthIframeModal } from \"@/react/components\";\nimport { TokenProvider } from \"../react/providers/TokenProvider\";\nimport { UserProvider } from \"../react/providers/UserProvider\";\nimport { SessionProvider } from \"../react/providers/SessionProvider\";\nimport { DEFAULT_SCOPES } from \"@/constants\";\nimport { authConfig } from \"@/config\";\nimport { LoadingIcon } from \"../react/components/LoadingIcon\";\nimport { isWindowInIframe } from \"@/lib/windowUtil\";\n\ntype AuthContextType = {\n  signIn: (displayMode?: DisplayMode) => Promise<void>;\n  isAuthenticated: boolean;\n  isLoading: boolean;\n  error: Error | null;\n  signOut: () => Promise<void>;\n};\n\ntype AuthProviderProps = {\n  children: ReactNode;\n  clientId: string;\n  redirectUrl?: string;\n  nonce?: string;\n  config?: Config;\n  onSignIn?: (error?: Error) => void; // Updated to include an optional error parameter\n  onSignOut?: () => void;\n  authServiceImpl?: AuthSessionServiceImpl;\n  serverSideTokenExchange?: boolean;\n};\n\nconst AuthContext = createContext<AuthContextType | null>(null);\n\n// Global this object setup (unchanged)\nlet globalThisObject;\nif (typeof window !== \"undefined\") {\n  globalThisObject = window;\n} else if (typeof global !== \"undefined\") {\n  globalThisObject = global;\n} else {\n  globalThisObject = Function(\"return this\")();\n}\nglobalThisObject.globalThis = globalThisObject;\n\nconst AuthProvider = ({\n  children,\n  clientId,\n  redirectUrl: inputRedirectUrl,\n  config = authConfig,\n  nonce,\n  onSignIn,\n  onSignOut,\n  authServiceImpl,\n  serverSideTokenExchange,\n}: AuthProviderProps) => {\n  const [iframeUrl, setIframeUrl] = useState<string | null>(null);\n  const [currentUrl, setCurrentUrl] = useState<string | null>(null);\n  const [isInIframe, setIsInIframe] = useState(false);\n  const [authResponseUrl, setAuthResponseUrl] = useState<string | null>(null);\n  const [tokenExchangeError, setTokenExchangeError] = useState<Error>();\n  const queryClient = useQueryClient();\n  const iframeRef = useRef<HTMLIFrameElement>(null);\n\n  // check if the current window is in an iframe with the iframe id, and set an isInIframe state\n  useEffect(() => {\n    if (typeof globalThis.window !== \"undefined\") {\n      setCurrentUrl(globalThis.window.location.href);\n      const isInIframeVal = isWindowInIframe(globalThis.window);\n      setIsInIframe(isInIframeVal);\n    }\n  }, []);\n\n  const redirectUrl = useMemo(\n    () => (inputRedirectUrl || currentUrl || \"\").split(\"?\")[0],\n    [currentUrl, inputRedirectUrl],\n  );\n\n  const authService = useMemo<AuthSessionServiceImpl | null>(\n    () =>\n      currentUrl\n        ? authServiceImpl ||\n          new AuthSessionServiceImpl(\n            clientId,\n            redirectUrl,\n            config?.oauthServer,\n            config?.endpoints,\n          )\n        : null,\n    [currentUrl, clientId, redirectUrl, config, authServiceImpl],\n  );\n\n  const [userInfoService, setUserInfoService] = useState<UserInfoService>();\n  useEffect(() => {\n    if (!authService) return;\n    authService.getUserInfoService().then(setUserInfoService);\n  }, [authService]);\n\n  const {\n    data: session,\n    isLoading,\n    error,\n  } = useQuery({\n    queryKey: [\"session\", authResponseUrl, iframeUrl, currentUrl, isInIframe],\n    queryFn: async () => {\n      if (!authService) {\n        return { authenticated: false };\n      }\n      const url = new URL(\n        authResponseUrl\n          ? authResponseUrl\n          : globalThis.window.location.href || \"\",\n      );\n\n      const code = url.searchParams.get(\"code\");\n      if (code && !isInIframe && !serverSideTokenExchange) {\n        try {\n          console.log(\"AuthProvider useQuery code\", { isInIframe, code });\n          const newSession = await authService.tokenExchange(url.toString());\n          onSignIn?.(); // Call onSignIn without an error if successful\n          return newSession;\n        } catch (error) {\n          setTokenExchangeError(error as Error);\n          onSignIn?.(\n            error instanceof Error ? error : new Error(\"Failed to sign in\"),\n          ); // Pass the error to onSignIn\n          return { authenticated: false };\n        }\n      }\n      // if we have existing tokens, then validate them and return the session data\n      // otherwise check if we have a code in the url and exchange it for tokens\n      // if we have neither, return undefined\n      const existingSessionData = await authService.validateExistingSession();\n      if (existingSessionData.authenticated) {\n        return existingSessionData;\n      }\n      return existingSessionData;\n    },\n  });\n\n  const signOutMutation = useMutation({\n    mutationFn: async () => {\n      // Implement signOut logic here\n      authService?.updateSessionData({});\n      setIframeUrl(null);\n      setAuthResponseUrl(null);\n      onSignOut?.();\n    },\n    onSuccess: () => {\n      queryClient.setQueryData(\n        [\"session\", authResponseUrl, iframeUrl, currentUrl, isInIframe],\n        null,\n      );\n    },\n  });\n\n  const signIn = useCallback(\n    async (overrideDisplayMode: DisplayMode = \"iframe\") => {\n      if (!authService) return;\n\n      const url = await authService.getAuthorizationUrl(\n        // This is the default scope. We will eventually pull this from the partner dashboard\n        DEFAULT_SCOPES,\n        overrideDisplayMode,\n        nonce,\n      );\n\n      // For iframe mode we need popups to not be blocked because the login app will try to open IDP login in a popup\n      if (overrideDisplayMode === \"iframe\") {\n        setIframeUrl(url);\n        return;\n      }\n      authService.loadAuthorizationUrl(url, overrideDisplayMode);\n    },\n    [authService, nonce],\n  );\n\n  const isAuthenticated = useMemo(\n    () => (session ? session.authenticated : false),\n    [session],\n  );\n\n  const value = useMemo(\n    () => ({\n      isLoading,\n      error: error as Error | null,\n      signOut: async () => {\n        await signOutMutation.mutateAsync();\n      },\n      isAuthenticated,\n      signIn,\n    }),\n    [isLoading, error, signOutMutation, isAuthenticated, signIn],\n  );\n  return (\n    <AuthContext.Provider value={value}>\n        <SessionProvider session={session}>\n          <TokenProvider>\n            <UserProvider userInfoService={userInfoService}>\n              {!isInIframe && iframeUrl && !session?.authenticated && (\n                <CivicAuthIframeModal\n                  iframeRef={iframeRef}\n                  authUrl={iframeUrl}\n                  redirectUri={redirectUrl}\n                  setAuthResponseUrl={setAuthResponseUrl}\n                  onClose={() => setIframeUrl(null)}\n                />\n              )}\n              {(tokenExchangeError ||\n                isLoading ||\n                error ||\n                (isInIframe && !(tokenExchangeError || error))) && (\n                <div className=\"absolute left-0 top-0 z-50 flex h-screen w-screen items-center justify-center bg-white\">\n                  <div className=\"absolute inset-0 flex items-center justify-center bg-white\">\n                    {tokenExchangeError || error ? (\n                      <div>\n                        Error:{\" \"}\n                        {(tokenExchangeError || (error as Error)).message}\n                      </div>\n                    ) : (\n                      <LoadingIcon />\n                    )}\n                  </div>\n                </div>\n              )}\n              {children}\n            </UserProvider>\n          </TokenProvider>\n        </SessionProvider>\n    </AuthContext.Provider>\n  );\n};\n\nexport type { AuthContextType, AuthProviderProps };\n\nexport { AuthProvider, AuthContext };\n","import { UserInfoService, Endpoints } from \"@/types\";\nimport { parseJWT } from \"oslo/jwt\";\n\nexport class UserInfoServiceImpl implements UserInfoService {\n  constructor(private endpoints: Endpoints) {}\n\n  extractUserFromIdToken<T>(idToken: string): T | null {\n    const parsedJWT = parseJWT(idToken);\n    if (!parsedJWT) {\n      return null;\n    }\n    return parsedJWT.payload as T;\n  }\n\n  async getUserInfo<T>(\n    accessToken: string,\n    idToken: string | null,\n  ): Promise<T | null> {\n    if (idToken) {\n      return this.extractUserFromIdToken<T>(idToken);\n    }\n\n    const userInfo = await fetch(this.endpoints.userinfo, {\n      headers: { Authorization: `Bearer ${accessToken}` },\n    });\n    return userInfo.json() as T;\n  }\n}\n","import {\n  AuthSessionService,\n  DisplayMode,\n  UserInfoService,\n  SessionData,\n  OIDCTokenResponseBody,\n  UnknownObject,\n  Endpoints,\n  User,\n} from \"../types\";\nimport { UserInfoServiceImpl } from \"./UserInfoService\";\nimport { OAuth2Client, generateCodeVerifier } from \"oslo/oauth2\";\nimport * as jose from \"jose\";\nimport {\n  displayModeFromState,\n  generateState,\n  getIssuerVariations,\n  getOauthEndpoints,\n} from \"@/lib/oauth\";\nimport { isPopupBlocked } from \"@/utils\";\n\nexport type StorageInterface = {\n  get(): SessionData;\n  getUser(): User<UnknownObject> | null;\n  set(data: Partial<SessionData>): void;\n  setUser(data: User<UnknownObject> | null): void;\n  clear(): void;\n};\n\nexport class AuthSessionServiceImpl implements AuthSessionService {\n  private endpoints: Endpoints | undefined;\n  private oauth2Client: OAuth2Client | undefined;\n  private userInfoService: UserInfoService | undefined;\n  private codeVerifier: string | undefined = undefined;\n  private refreshTokenTimeout: NodeJS.Timeout | null = null;\n\n  constructor(\n    readonly clientId: string,\n    readonly redirectUrl: string,\n    readonly oauthServer: string,\n    readonly inputEndpoints?: Partial<Endpoints> | undefined,\n  ) {\n    this.codeVerifier = this.getCodeVerifier();\n    this.endpoints = inputEndpoints as Endpoints;\n  }\n\n  protected getCodeVerifier(): string {\n    return generateCodeVerifier();\n  }\n\n  public async getUserInfoService(): Promise<UserInfoService> {\n    if (this.userInfoService) {\n      return this.userInfoService;\n    }\n    const endpoints = await this.getEndpoints();\n\n    this.userInfoService = new UserInfoServiceImpl(endpoints);\n    return this.userInfoService;\n  }\n\n  protected async getEndpoints(): Promise<Endpoints> {\n    if (this.endpoints?.auth) {\n      return this.endpoints;\n    }\n    const jwksEndpoints = await getOauthEndpoints(this.oauthServer);\n    return this.endpoints\n      ? { ...this.endpoints, ...jwksEndpoints }\n      : jwksEndpoints;\n  }\n\n  protected async getOauth2Client() {\n    if (this.oauth2Client) {\n      return this.oauth2Client;\n    }\n    const endpoints = await this.getEndpoints();\n    this.oauth2Client = new OAuth2Client(\n      this.clientId,\n      endpoints.auth,\n      endpoints.token,\n      // this\n      { redirectURI: this.redirectUrl },\n    );\n    return this.oauth2Client;\n  }\n\n  getSessionData(): SessionData {\n    return JSON.parse(\n      localStorage.getItem(`civic-auth:${this.clientId}`) || \"{}\",\n    ) as SessionData;\n  }\n\n  updateSessionData(data: Partial<SessionData>): void {\n    localStorage.setItem(\n      `civic-auth:${this.clientId}`,\n      JSON.stringify({ ...data }),\n    );\n  }\n\n  getUser(): User<UnknownObject> | null {\n    return JSON.parse(\n      localStorage.getItem(`civic-auth:${this.clientId}:user`) || \"{}\",\n    ) as User<UnknownObject>;\n  }\n\n  setUser(data: User<UnknownObject> | null): void {\n    localStorage.setItem(\n      `civic-auth:${this.clientId}:user`,\n      JSON.stringify(data === null ? {} : data),\n    );\n  }\n\n  clearSessionData(): void {\n    localStorage.setItem(`civic-auth:${this.clientId}`, JSON.stringify({}));\n  }\n\n  async getAuthorizationUrlWithChallenge(\n    state: string,\n    scopes: string[],\n  ): Promise<URL> {\n    const oauth2Client = await this.getOauth2Client();\n    if (this.endpoints?.challenge) {\n      const challenge = await fetch(this.endpoints.challenge).then((res) =>\n        res.json().then((data) => data.challenge),\n      );\n      const oAuthUrl = await oauth2Client.createAuthorizationURL({\n        state,\n        scopes,\n      });\n      oAuthUrl.searchParams.append(\"code_challenge\", challenge);\n      oAuthUrl.searchParams.append(\"code_challenge_method\", \"S256\");\n      return oAuthUrl;\n    }\n    const oAuthUrl = await oauth2Client.createAuthorizationURL({\n      state,\n      codeVerifier: this.codeVerifier,\n      codeChallengeMethod: \"S256\",\n      scopes,\n    });\n    return oAuthUrl;\n  }\n  async getAuthorizationUrl(\n    scopes: string[],\n    displayMode: DisplayMode,\n    nonce?: string,\n  ): Promise<string> {\n    const state = generateState(displayMode);\n    const existingSessionData = this.getSessionData();\n    this.updateSessionData({\n      ...existingSessionData,\n      codeVerifier: this.codeVerifier,\n      displayMode,\n    });\n    const oAuthUrl = await this.getAuthorizationUrlWithChallenge(state, scopes);\n    if (nonce) {\n      // nonce isn't supported by oslo, so we add it manually\n      oAuthUrl.searchParams.append(\"nonce\", nonce);\n    }\n    oAuthUrl.searchParams.append(\"prompt\", \"consent\");\n    return oAuthUrl.toString();\n  }\n\n  // TODO fix the Window reference\n  loadAuthorizationUrl(authorizationURL: string, displayMode: DisplayMode) {\n    switch (displayMode) {\n      case \"iframe\":\n        // Implement iframe logic\n        break;\n      case \"redirect\":\n        window.location.href = authorizationURL;\n        break;\n      case \"new_tab\":\n        window.open(authorizationURL, \"_blank\");\n        break;\n      case \"custom_tab\":\n        // Implement custom tab logic (might require native app integration)\n        break;\n    }\n  }\n\n  async init(): Promise<void> {\n    this.updateSessionData({ authenticated: false });\n  }\n\n  determineDisplayMode(displayMode: DisplayMode): DisplayMode {\n    // If popups are blocked and we're in iframe mode, we need to override the display mode to redirect\n    if (isPopupBlocked() && displayMode === \"iframe\") {\n      displayMode = \"redirect\";\n    }\n    // TODO: Add additional checks to determine the display mode for new_mode if new tabs are blocked.\n    return displayMode;\n  }\n\n  async signIn(\n    displayMode: DisplayMode,\n    scopes: string[],\n    nonce: string,\n  ): Promise<void> {\n    const authorizationURL = await this.getAuthorizationUrl(\n      scopes,\n      displayMode,\n      nonce,\n    );\n\n    this.loadAuthorizationUrl(authorizationURL, displayMode);\n  }\n\n  async tokenExchange(responseUrl: string): Promise<SessionData> {\n    let session = this.getSessionData();\n\n    if (!session.authenticated) {\n      const url = new URL(responseUrl);\n      const authorizationCode = url.searchParams.get(\"code\");\n      const returnedState = url.searchParams.get(\"state\");\n      if (!authorizationCode || !returnedState) {\n        throw new Error(\"Invalid authorization response\");\n      }\n      const codeVerifier = session.codeVerifier;\n      const oauth2Client = await this.getOauth2Client();\n      const tokens =\n        await oauth2Client.validateAuthorizationCode<OIDCTokenResponseBody>(\n          authorizationCode,\n          {\n            codeVerifier,\n          },\n        );\n\n      // Validate relevant tokens\n      try {\n        await this.validateTokens(tokens);\n      } catch (error) {\n        console.error(\"tokenExchange tokens\", { error, tokens });\n        throw new Error(\n          `OIDC tokens validation failed: ${(error as Error).message}`,\n        );\n      }\n      const parsedDisplayMode = displayModeFromState(\n        returnedState,\n        session.displayMode,\n      );\n      // Update session with authentication result\n      session = {\n        ...session,\n        displayMode: parsedDisplayMode,\n        idToken: tokens.id_token,\n        authenticated: true,\n        state: returnedState,\n        accessToken: tokens.access_token,\n        refreshToken: tokens.refresh_token,\n        timestamp: Date.now(),\n        expiresIn: tokens.expires_in,\n      };\n      this.updateSessionData(session);\n      const user = await (\n        await this.getUserInfoService()\n      ).getUserInfo(tokens.access_token, tokens.id_token || null);\n      this.setUser(user);\n    }\n\n    // Set up automatic token refresh\n    this.setupTokenRefresh(session);\n\n    if (session.displayMode === \"new_tab\") {\n      // Close the popup window\n      window.close();\n    } else if (session.displayMode === \"redirect\") {\n      // TODO: Determine if there is anything additional to do here\n    }\n    return session;\n  }\n\n  private setupTokenRefresh(session: SessionData): void {\n    if (this.refreshTokenTimeout) {\n      clearTimeout(this.refreshTokenTimeout);\n    }\n\n    if (session.expiresIn) {\n      // Calculate remaining time by subtracting elapsed time from total expiration time\n      const elapsedTime = Date.now() - (session.timestamp || 0);\n      const remainingTime = session.expiresIn * 1000 - elapsedTime;\n      // Refresh the token 1 minute before it expires\n      const refreshTime = Math.max(0, remainingTime - 60000);\n\n      this.refreshTokenTimeout = setTimeout(() => {\n        this.refreshToken()\n          .then((newSession) => {\n            console.log(\"Token refreshed successfully\", newSession);\n          })\n          .catch((error) => {\n            console.error(\"Failed to refresh token:\", error);\n            // Handle the error (e.g., log out the user or retry)\n            // TODO this should be replaced by the real logout once it is available\n            this.updateSessionData({});\n          });\n      }, refreshTime);\n    }\n  }\n\n  async refreshToken(): Promise<SessionData> {\n    const sessionData = this.getSessionData();\n    if (!sessionData.refreshToken) {\n      throw new Error(\"No refresh token available\");\n    }\n    const oauth2Client = await this.getOauth2Client();\n    const tokens = await oauth2Client.refreshAccessToken<OIDCTokenResponseBody>(\n      sessionData.refreshToken,\n    );\n\n    // Update session data\n    const session = {\n      ...sessionData,\n      idToken: tokens.id_token,\n      authenticated: true,\n      accessToken: tokens.access_token,\n      refreshToken: tokens.refresh_token,\n      timestamp: Date.now(),\n      expiresIn: tokens.expires_in,\n    };\n    this.updateSessionData(session);\n\n    // Schedule next automatic refresh\n    this.setupTokenRefresh(session);\n\n    return session;\n  }\n\n  async getUserInfo<T extends UnknownObject>(): Promise<User<T> | null> {\n    const sessionData = this.getSessionData();\n    if (!sessionData.accessToken) {\n      throw new Error(\"No access token available\");\n    }\n    const userInfoService = await this.getUserInfoService();\n    return userInfoService.getUserInfo<T>(\n      sessionData.accessToken,\n      sessionData.idToken || null,\n    );\n  }\n\n  /**\n   * Uses the jose library to validate a JWT token using the OAuth JWKS endpoint\n   * @param {string} token\n   * @returns {Promise<jose.JWTPayload>}\n   * @throws {Error} if the token is invalid\n   */\n  async validateTokens(\n    tokens: OIDCTokenResponseBody,\n  ): Promise<\n    Record<\"idToken\" | \"accessToken\" | \"refreshToken\", jose.JWTPayload | string>\n  > {\n    const endpoints = await this.getEndpoints();\n    const JWKS = jose.createRemoteJWKSet(new URL(endpoints.jwks));\n    const returnPayload: Record<string, jose.JWTPayload | string> = {};\n    // const payload = {};\n    // validate the ID token\n    console.log(\"issuer\", getIssuerVariations(this.oauthServer));\n    const idTokenResponse = await jose.jwtVerify(tokens.id_token, JWKS, {\n      issuer: getIssuerVariations(this.oauthServer),\n      audience: this.clientId,\n    });\n    returnPayload.idToken = idTokenResponse.payload;\n    // validate the access token\n    const accessTokenResponse = await jose.jwtVerify(\n      tokens.access_token,\n      JWKS,\n      {\n        issuer: getIssuerVariations(this.oauthServer),\n      },\n    );\n    returnPayload.accessToken = accessTokenResponse.payload;\n\n    if (tokens.refresh_token) {\n      returnPayload.refreshToken = tokens.refresh_token;\n    }\n    return returnPayload;\n  }\n\n  async validateExistingSession(): Promise<SessionData> {\n    const sessionData = this.getSessionData();\n    try {\n      if (!sessionData.idToken || !sessionData.accessToken) {\n        const unAuthenticatedSession = { ...sessionData, authenticated: false };\n        this.updateSessionData(unAuthenticatedSession);\n        return unAuthenticatedSession;\n      }\n      await this.validateTokens({\n        id_token: sessionData.idToken as string,\n        access_token: sessionData.accessToken as string,\n        refresh_token: sessionData.refreshToken as string,\n      });\n      sessionData.authenticated = true;\n      return sessionData;\n    } catch (error) {\n      console.warn(\"Failed to validate existing tokens\", error);\n      const unAuthenticatedSession = {\n        authenticated: false,\n      };\n      this.updateSessionData(unAuthenticatedSession);\n      return unAuthenticatedSession;\n    }\n  }\n}\n","import { DisplayMode, Endpoints, OpenIdConfiguration } from \"@/types\";\nimport { v4 as uuid } from \"uuid\";\n\nconst getIssuerVariations = (issuer: string): string[] => {\n  const issuerWithoutSlash = issuer.endsWith(\"/\")\n    ? issuer.slice(0, issuer.length - 1)\n    : issuer;\n\n  const issuerWithSlash = `${issuerWithoutSlash}/`;\n\n  return [issuerWithoutSlash, issuerWithSlash];\n};\n\nconst addSlashIfNeeded = (url: string): string =>\n  url.endsWith(\"/\") ? url : `${url}/`;\n\nconst getOauthEndpoints = async (oauthServer: string): Promise<Endpoints> => {\n  const openIdConfigResponse = await fetch(\n    `${addSlashIfNeeded(oauthServer)}.well-known/openid-configuration`,\n  );\n  const openIdConfig =\n    (await openIdConfigResponse.json()) as OpenIdConfiguration;\n  return {\n    jwks: openIdConfig.jwks_uri,\n    auth: openIdConfig.authorization_endpoint,\n    token: openIdConfig.token_endpoint,\n    userinfo: openIdConfig.userinfo_endpoint,\n  };\n};\n\n/**\n * creates a state string for the OAuth2 flow, encoding the display mode too for future use\n * @param {DisplayMode} displayMode\n * @returns {string}\n */\nconst generateState = (displayMode: DisplayMode): string => {\n  const jsonString = JSON.stringify({\n    uuid: uuid(),\n    displayMode,\n  });\n\n  return btoa(jsonString);\n};\n\n/**\n * parses the state string from the OAuth2 flow, decoding the display mode too\n * @param state\n * @returns { uuid: string, displayMode: DisplayMode }\n */\nconst displayModeFromState = (\n  state: string,\n  sessionDisplayMode: DisplayMode | undefined,\n): DisplayMode | undefined => {\n  try {\n    const jsonString = btoa(state);\n\n    return JSON.parse(jsonString).displayMode;\n  } catch (e) {\n    console.error(\"Failed to parse displayMode from state:\", e);\n\n    return sessionDisplayMode;\n  }\n};\n\nexport {\n  getIssuerVariations,\n  getOauthEndpoints,\n  displayModeFromState,\n  generateState,\n};\n","import { clsx, type ClassValue } from \"clsx\";\nimport { twMerge } from \"tailwind-merge\";\n\n/**\n * Checks if a popup window is blocked by the browser.\n *\n * This function attempts to open a small popup window and then checks if it was successfully created.\n * If the popup is blocked by the browser, the function returns `true`. Otherwise, it returns `false`.\n *\n * @returns {boolean} - `true` if the popup is blocked, `false` otherwise.\n */\nconst isPopupBlocked = (): boolean => {\n  // First we try to open a small popup window. It either returns a window object or null.\n  const popup = window.open(\"\", \"\", \"width=1,height=1\");\n\n  // If window.open() returns null, popup is definitely blocked\n  if (!popup) {\n    return true;\n  }\n\n  try {\n    // Try to access a property of the popup to check if it's usable\n    if (typeof popup.closed === \"undefined\") {\n      throw new Error(\"Popup is blocked\");\n    }\n  } catch {\n    // Accessing the popup's properties throws an error if the popup is blocked\n    return true;\n  }\n\n  // Close the popup immediately if it was opened\n  popup.close();\n  return false;\n};\n\nconst cn = (...inputs: ClassValue[]) => {\n  return twMerge(clsx(inputs));\n};\n\nexport { cn, isPopupBlocked };\n","const DEFAULT_SCOPES = [\n  \"openid\",\n  \"profile\",\n  \"email\",\n  \"forwardedTokens\",\n  \"offline_access\",\n];\nconst IFRAME_ID = \"civic-auth-iframe\";\n\nexport { DEFAULT_SCOPES, IFRAME_ID };\n","\"use client\";\nimport { IFRAME_ID } from \"@/constants\";\nimport { forwardRef } from \"react\";\n\ntype CivicAuthIframeProps = {\n  authUrl: string;\n  onLoad?: () => void;\n};\n\nconst CivicAuthIframe = forwardRef<HTMLIFrameElement, CivicAuthIframeProps>(\n  ({ authUrl, onLoad }, ref) => {\n    return (\n      <iframe\n        id={IFRAME_ID}\n        ref={ref}\n        src={authUrl}\n        className=\"h-96 w-80 border-none\"\n        onLoad={onLoad}\n      />\n    );\n  },\n);\n\nCivicAuthIframe.displayName = \"CivicAuthIframe\";\n\nexport type { CivicAuthIframeProps };\n\nexport { CivicAuthIframe };\n","\"use client\";\nimport { useCallback, useEffect, useRef, useState } from \"react\";\nimport { LoadingIcon } from \"./LoadingIcon\";\nimport { CloseIcon } from \"./CloseIcon\";\nimport { CivicAuthIframe } from \"./CivicAuthIframe\";\n\ntype CivicAuthIframeModalProps = {\n  authUrl: string;\n  redirectUri: string;\n  setAuthResponseUrl: (authResponse: string) => void;\n  onClose: () => void;\n  iframeRef: React.RefObject<HTMLIFrameElement>;\n  redirectInProgress?: boolean;\n  closeOnRedirect?: boolean;\n};\n\nconst CivicAuthIframeModal = ({\n  authUrl,\n  redirectUri,\n  setAuthResponseUrl,\n  onClose,\n  iframeRef,\n  redirectInProgress = false,\n  closeOnRedirect = true,\n}: CivicAuthIframeModalProps) => {\n  const [isLoading, setIsLoading] = useState(true);\n\n  const processIframeUrl = useCallback(() => {\n    if (iframeRef.current && iframeRef.current.contentWindow) {\n      try {\n        const iframeUrl = iframeRef.current.contentWindow.location.href;\n\n        if (iframeUrl.startsWith(redirectUri)) {\n          setAuthResponseUrl(iframeUrl);\n          if (closeOnRedirect) onClose();\n          return true; // Successfully processed the URL\n        }\n      } catch {\n        // If we get here, the iframe hasn't redirected to our origin yet\n        console.log(\"Waiting for redirect...\");\n      }\n    }\n    return false; // Haven't processed the URL yet\n  }, [closeOnRedirect, iframeRef, onClose, redirectUri, setAuthResponseUrl]);\n\n  const intervalId = useRef<NodeJS.Timeout>();\n\n  const handleEscape = useCallback(\n    (event: KeyboardEvent) => {\n      if (event.key === \"Escape\") {\n        onClose();\n      }\n    },\n    [onClose],\n  );\n\n  // handle Escape\n  useEffect(() => {\n    window.addEventListener(\"keydown\", handleEscape);\n\n    return () => window.removeEventListener(\"keydown\", handleEscape);\n  });\n\n  const handleIframeLoad = () => {\n    setIsLoading(false);\n    console.log(\"handleIframeLoad\");\n    if (processIframeUrl() && intervalId.current) {\n      clearInterval(intervalId.current);\n    }\n  };\n\n  return (\n    <div\n      className=\"absolute left-0 top-0 z-50 flex h-screen w-screen items-center justify-center bg-neutral-950 bg-opacity-50\"\n      onClick={onClose}\n    >\n      <div\n        className=\"relative rounded-3xl bg-white p-6 shadow-lg\"\n        onClick={(e) => e.stopPropagation()}\n      >\n        <button\n          className=\"absolute right-4 top-4 flex cursor-pointer items-center justify-center border-none bg-transparent p-1 text-neutral-400\"\n          onClick={onClose}\n        >\n          <CloseIcon />\n        </button>\n\n        {(isLoading || redirectInProgress) && (\n          <div className=\"absolute inset-0 flex items-center justify-center rounded-3xl bg-neutral-100\">\n            <LoadingIcon />\n          </div>\n        )}\n\n        <CivicAuthIframe\n          ref={iframeRef}\n          authUrl={authUrl}\n          onLoad={handleIframeLoad}\n        />\n      </div>\n    </div>\n  );\n};\n\nexport type { CivicAuthIframeModalProps };\n\nexport { CivicAuthIframeModal };\n","const LoadingIcon = () => (\n  <div role=\"status\">\n    <svg\n      aria-hidden=\"true\"\n      className=\"inline h-8 w-8 animate-spin fill-neutral-600 text-neutral-200 dark:fill-neutral-300 dark:text-neutral-600\"\n      viewBox=\"0 0 100 101\"\n      fill=\"none\"\n      xmlns=\"http://www.w3.org/2000/svg\"\n    >\n      <path\n        d=\"M100 50.5908C100 78.2051 77.6142 100.591 50 100.591C22.3858 100.591 0 78.2051 0 50.5908C0 22.9766 22.3858 0.59082 50 0.59082C77.6142 0.59082 100 22.9766 100 50.5908ZM9.08144 50.5908C9.08144 73.1895 27.4013 91.5094 50 91.5094C72.5987 91.5094 90.9186 73.1895 90.9186 50.5908C90.9186 27.9921 72.5987 9.67226 50 9.67226C27.4013 9.67226 9.08144 27.9921 9.08144 50.5908Z\"\n        fill=\"currentColor\"\n      />\n      <path\n        d=\"M93.9676 39.0409C96.393 38.4038 97.8624 35.9116 97.0079 33.5539C95.2932 28.8227 92.871 24.3692 89.8167 20.348C85.8452 15.1192 80.8826 10.7238 75.2124 7.41289C69.5422 4.10194 63.2754 1.94025 56.7698 1.05124C51.7666 0.367541 46.6976 0.446843 41.7345 1.27873C39.2613 1.69328 37.813 4.19778 38.4501 6.62326C39.0873 9.04874 41.5694 10.4717 44.0505 10.1071C47.8511 9.54855 51.7191 9.52689 55.5402 10.0491C60.8642 10.7766 65.9928 12.5457 70.6331 15.2552C75.2735 17.9648 79.3347 21.5619 82.5849 25.841C84.9175 28.9121 86.7997 32.2913 88.1811 35.8758C89.083 38.2158 91.5421 39.6781 93.9676 39.0409Z\"\n        fill=\"currentFill\"\n      />\n    </svg>\n    <span className=\"sr-only\">Loading...</span>\n  </div>\n);\n\nexport { LoadingIcon };\n","const CloseIcon = () => (\n  <svg\n    xmlns=\"http://www.w3.org/2000/svg\"\n    width=\"24\"\n    height=\"24\"\n    viewBox=\"0 0 24 24\"\n    fill=\"none\"\n    stroke=\"currentColor\"\n    strokeWidth=\"2\"\n    strokeLinecap=\"round\"\n    strokeLinejoin=\"round\"\n    className=\"lucide lucide-x\"\n  >\n    <path d=\"M18 6 6 18\" />\n    <path d=\"m6 6 12 12\" />\n  </svg>\n);\n\nexport { CloseIcon };\n","\"use client\";\nimport { useAuth, useUser } from \"@/react/hooks\";\nimport { DisplayMode } from \"@/types\";\nimport { cn } from \"@/utils\";\nimport { useCallback, useEffect, useState } from \"react\";\n\nconst ChevronDown = () => (\n  <svg\n    xmlns=\"http://www.w3.org/2000/svg\"\n    width=\"24\"\n    height=\"24\"\n    viewBox=\"0 0 24 24\"\n    fill=\"none\"\n    stroke=\"currentColor\"\n    strokeWidth=\"2\"\n    strokeLinecap=\"round\"\n    strokeLinejoin=\"round\"\n    className=\"lucide lucide-chevron-down\"\n  >\n    <path d=\"m6 9 6 6 6-6\" />\n  </svg>\n);\n\nconst ChevronUp = () => (\n  <svg\n    xmlns=\"http://www.w3.org/2000/svg\"\n    width=\"24\"\n    height=\"24\"\n    viewBox=\"0 0 24 24\"\n    fill=\"none\"\n    stroke=\"currentColor\"\n    strokeWidth=\"2\"\n    strokeLinecap=\"round\"\n    strokeLinejoin=\"round\"\n    className=\"lucide lucide-chevron-up\"\n  >\n    <path d=\"m18 15-6-6-6 6\" />\n  </svg>\n);\n\nconst UserButton = ({\n  displayMode,\n  className,\n}: {\n  displayMode?: DisplayMode;\n  className?: string;\n}) => {\n  const [isOpen, setIsOpen] = useState(false);\n  const { signIn, isAuthenticated, signOut } = useAuth();\n  const { user } = useUser();\n\n  const handleClickOutside = useCallback((event: MouseEvent) => {\n    const target = event.target as HTMLElement;\n\n    if (!target.closest(\"#civic-dropdown-container\")) {\n      setIsOpen(false);\n    }\n  }, []);\n\n  const handleSignOut = useCallback(async () => {\n    await signOut();\n\n    setIsOpen(false);\n  }, [signOut]);\n\n  const handleSignIn = useCallback(async () => {\n    await signIn(displayMode);\n\n    setIsOpen(false);\n  }, [signIn, displayMode]);\n\n  const handleEscape = useCallback((event: KeyboardEvent) => {\n    if (event.key === \"Escape\") {\n      setIsOpen(false);\n    }\n  }, []);\n\n  useEffect(() => {\n    if (isOpen) {\n      window.addEventListener(\"click\", handleClickOutside);\n\n      window.addEventListener(\"keydown\", handleEscape);\n    }\n\n    return () => {\n      window.removeEventListener(\"click\", handleClickOutside);\n\n      window.removeEventListener(\"keydown\", handleEscape);\n    };\n  }, [handleClickOutside, handleEscape, isOpen]);\n\n  if (isAuthenticated) {\n    return (\n      <div className=\"relative\" id=\"civic-dropdown-container\">\n        <button\n          className={cn(\n            \"flex w-full items-center justify-between gap-2 rounded-full border border-neutral-500 px-3 py-2 text-neutral-500 transition-colors hover:bg-neutral-200 hover:bg-opacity-50\",\n            className,\n          )}\n          onClick={() => setIsOpen((isOpen) => !isOpen)}\n        >\n          {user?.picture ? (\n            <span className=\"relative flex h-10 w-10 shrink-0 gap-2 overflow-hidden rounded-full\">\n              <img\n                className=\"h-full w-full object-cover\"\n                src={user.picture}\n                alt={user?.name || user?.email}\n              />\n            </span>\n          ) : (\n            <div />\n          )}\n\n          <span>{user?.name || user?.email}</span>\n\n          {isOpen ? <ChevronUp /> : <ChevronDown />}\n        </button>\n        <div\n          className={\n            isOpen\n              ? \"absolute right-0 mt-2 w-full rounded-lg bg-white py-2 text-neutral-500 shadow-xl\"\n              : \"hidden\"\n          }\n        >\n          <ul>\n            <li>\n              <button\n                className=\"block w-full px-4 py-2 transition-colors hover:bg-neutral-200 hover:bg-opacity-50\"\n                onClick={handleSignOut}\n              >\n                Logout\n              </button>\n            </li>\n          </ul>\n        </div>\n      </div>\n    );\n  }\n\n  return (\n    <button\n      className={cn(\n        \"rounded-full border border-neutral-500 px-3 py-2 transition-colors hover:bg-neutral-200 hover:bg-opacity-50\",\n        className,\n      )}\n      onClick={handleSignIn}\n    >\n      Sign in\n    </button>\n  );\n};\n\nexport { UserButton };\n","\"use client\";\nimport { cn } from \"@/utils\";\nimport { useAuth } from \"@/react/hooks\";\nimport { DisplayMode } from \"@/types\";\n\nconst SignInButton = ({\n  displayMode,\n  className,\n}: {\n  displayMode?: DisplayMode;\n  className?: string;\n}) => {\n  const { signIn } = useAuth();\n\n  return (\n    <button\n      className={cn(\n        \"rounded-full border border-neutral-500 px-3 py-2 transition-colors hover:bg-neutral-200 hover:bg-opacity-50\",\n        className,\n      )}\n      onClick={() => signIn(displayMode)}\n    >\n      Sign In\n    </button>\n  );\n};\n\nexport { SignInButton };\n","\"use client\";\nimport { cn } from \"@/utils\";\nimport { useAuth } from \"@/react/hooks\";\n\nconst SignOutButton = ({ className }: { className?: string }) => {\n  const { signOut } = useAuth();\n\n  return (\n    <button\n      className={cn(\n        \"rounded-full border border-neutral-500 px-3 py-2 transition-colors hover:bg-neutral-200 hover:bg-opacity-50\",\n        className,\n      )}\n      onClick={() => signOut()}\n    >\n      Sign Out\n    </button>\n  );\n};\n\nexport { SignOutButton };\n","import debug from \"debug\";\n\nconst PACKAGE_NAME = \"@civic/auth\";\n\nexport interface Logger {\n  debug(message: string, ...args: unknown[]): void;\n  info(message: string, ...args: unknown[]): void;\n  warn(message: string, ...args: unknown[]): void;\n  error(message: string, ...args: unknown[]): void;\n}\n\nclass DebugLogger implements Logger {\n  private debugLogger: debug.Debugger;\n  private infoLogger: debug.Debugger;\n  private warnLogger: debug.Debugger;\n  private errorLogger: debug.Debugger;\n\n  constructor(namespace: string) {\n    // Format: @org/package:library:component:level\n    this.debugLogger = debug(`${PACKAGE_NAME}:${namespace}:debug`);\n    this.infoLogger = debug(`${PACKAGE_NAME}:${namespace}:info`);\n    this.warnLogger = debug(`${PACKAGE_NAME}:${namespace}:warn`);\n    this.errorLogger = debug(`${PACKAGE_NAME}:${namespace}:error`);\n\n    this.debugLogger.color = \"4\";\n    this.infoLogger.color = \"2\";\n    this.warnLogger.color = \"3\";\n    this.errorLogger.color = \"1\";\n  }\n\n  debug(message: string, ...args: unknown[]): void {\n    this.debugLogger(message, ...args);\n  }\n\n  info(message: string, ...args: unknown[]): void {\n    this.infoLogger(message, ...args);\n  }\n\n  warn(message: string, ...args: unknown[]): void {\n    this.warnLogger(message, ...args);\n  }\n\n  error(message: string, ...args: unknown[]): void {\n    this.errorLogger(message, ...args);\n  }\n}\n\nexport const createLogger = (namespace: string): Logger =>\n  new DebugLogger(namespace);\n\n// Pre-configured loggers for different parts of your package\nexport const loggers = {\n  // Next.js specific loggers\n  nextjs: {\n    routes: createLogger(\"api:routes\"),\n    middleware: createLogger(\"api:middleware\"),\n    handlers: {\n      auth: createLogger(\"api:handlers:auth\"),\n    },\n  },\n  // React specific loggers\n  react: {\n    components: createLogger(\"react:components\"),\n    hooks: createLogger(\"react:hooks\"),\n    context: createLogger(\"react:context\"),\n  },\n  // Shared utilities loggers\n  services: {\n    validation: createLogger(\"utils:validation\"),\n    network: createLogger(\"utils:network\"),\n  },\n} as const;\n","/* eslint-disable turbo/no-undeclared-env-vars */\n\"use server\";\nimport { NextConfig } from \"next\";\nimport { loggers } from \"@/lib/logger\";\n\nconst logger = loggers.nextjs.handlers.auth;\n\nexport interface CookieConfig {\n  secure?: boolean;\n  sameSite?: \"strict\" | \"lax\" | \"none\";\n  domain?: string;\n  path?: string;\n  maxAge?: number;\n}\n\nexport type AuthConfigWithDefaults = {\n  clientId: string;\n  oauthServer: string;\n  callbackUrl: string;\n  loginUrl: string;\n  logoutUrl: string;\n  challengeUrl: string;\n  include: string[];\n  exclude: string[];\n  cookies: {\n    tokens: CookieConfig;\n    user: CookieConfig;\n  };\n};\n\nexport type AuthConfig = Partial<AuthConfigWithDefaults>;\n\nexport type DefinedAuthConfig = AuthConfigWithDefaults;\n\n/**\n * Default configuration values that will be used if not overridden\n */\nexport const defaultAuthConfig: Omit<AuthConfigWithDefaults, \"clientId\"> = {\n  oauthServer: \"https://auth-dev.civic.com/oauth\",\n  callbackUrl: \"/api/auth/callback\",\n  challengeUrl: \"/api/auth/challenge\",\n  logoutUrl: \"/api/auth/logout\",\n  loginUrl: \"/\",\n  include: [\"/*\"],\n  exclude: [],\n  cookies: {\n    tokens: {\n      sameSite: \"strict\",\n      path: \"/\",\n      maxAge: 60 * 60, // 1 hour\n    },\n    user: {\n      sameSite: \"strict\",\n      path: \"/\",\n      maxAge: 60 * 60, // 1 hour\n    },\n  },\n};\n\nconst withoutUndefined = <T extends { [k: string]: unknown }>(\n  obj: T,\n): Partial<T> => {\n  const result: Partial<T> = {};\n  for (const key in obj) {\n    if (obj[key] !== undefined) {\n      result[key] = obj[key];\n    }\n  }\n  return result;\n};\n\n/**\n * Resolves the authentication configuration by combining:\n * 1. Default values\n * 2. Environment variables (set internally by the plugin)\n * 3. Explicitly passed configuration\n *\n * Note: Developers should not set _civic_auth_* environment variables directly.\n * Instead, pass configuration to the createCivicAuthPlugin in next.config.js:\n *\n * @example\n * ```js\n * // next.config.js\n * export default createCivicAuthPlugin({\n *   callbackUrl: '/custom/callback',\n * })\n * ```\n */\nexport const resolveAuthConfig = (\n  config: AuthConfig = {},\n): AuthConfigWithDefaults & { clientId: string } => {\n  // Read configuration that was set by the plugin via environment variables\n  const configFromEnv = withoutUndefined({\n    clientId: process.env._civic_auth_client_id,\n    oauthServer: process.env._civic_oauth_server,\n    callbackUrl: process.env._civic_auth_callback_url,\n    loginUrl: process.env._civic_auth_login_url,\n    logoutUrl: process.env._civic_auth_logout_url,\n    include: process.env._civic_auth_includes?.split(\",\"),\n    exclude: process.env._civic_auth_excludes?.split(\",\"),\n    cookies: process.env._civic_auth_cookie_config\n      ? JSON.parse(process.env._civic_auth_cookie_config)\n      : undefined,\n  });\n\n  const mergedConfig = {\n    ...defaultAuthConfig,\n    ...configFromEnv, // Apply plugin-set config\n    ...config, // Override with directly passed config\n    cookies: {\n      tokens: {\n        ...defaultAuthConfig.cookies.tokens,\n        ...(config.cookies?.tokens || {}),\n      },\n      user: {\n        ...defaultAuthConfig.cookies.user,\n        ...(config.cookies?.user || {}),\n      },\n    },\n  };\n\n  logger.debug(\"Config from environment:\", configFromEnv);\n  logger.debug(\"Resolved config:\", mergedConfig);\n  if (mergedConfig.clientId === undefined) {\n    throw new Error(\"Civic Auth client ID is required\");\n  }\n  return mergedConfig as AuthConfigWithDefaults & { clientId: string };\n};\n\n/**\n * Creates a Next.js plugin that handles auth configuration.\n *\n * This is the main configuration point for the auth system.\n * Do not set _civic_auth_* environment variables directly - instead,\n * pass your configuration here:\n *\n * @example\n * ```js\n * // next.config.js\n * export tefault createCivicAuthPlugin({\n *   clientId: 'my-client-id',\n *   callbackUrl: '/custom/callback',\n *   loginUrl: '/custom/login',\n *   logoutUrl: '/custom/logout',\n *   include: ['/protected/*'],\n *   exclude: ['/public/*']\n * })\n * ```\n *\n * The plugin sets internal environment variables that are used by\n * the auth system. These variables should not be set manually.\n */\nexport const createCivicAuthPlugin = (\n  clientId: string,\n  authConfig: AuthConfig = {},\n) => {\n  return (nextConfig?: NextConfig) => {\n    const resolvedConfig = resolveAuthConfig({ ...authConfig, clientId });\n    return {\n      ...nextConfig,\n      env: {\n        ...nextConfig?.env,\n        // Internal environment variables - do not set these manually\n        _civic_auth_client_id: clientId,\n        _civic_oauth_server: resolvedConfig.oauthServer,\n        _civic_auth_callback_url: resolvedConfig.callbackUrl,\n        _civic_auth_login_url: resolvedConfig.loginUrl,\n        _civic_auth_logout_url: resolvedConfig.logoutUrl,\n        _civic_auth_includes: resolvedConfig.include.join(\",\"),\n        _civic_auth_excludes: resolvedConfig.exclude.join(\",\"),\n        _civic_auth_cookie_config: JSON.stringify(resolvedConfig.cookies),\n      },\n    };\n  };\n};\n","/**\n * Trigger a backend API that logs the user out and then redirects to the homepage (TODO parameterize the redirect)\n */\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport React, { ReactNode } from \"react\";\n\nconst NextLogOut = ({ children }: { children: ReactNode }) => {\n  const config = resolveAuthConfig();\n  const logoutUrl = `${config.logoutUrl}`;\n\n  return <a href={logoutUrl}>{children}</a>;\n};\n\nexport { NextLogOut };\n","\"use client\";\nimport { SessionData } from \"@/types\";\nimport React, { createContext, ReactNode } from \"react\";\n\nconst defaultSession: SessionData = {\n  authenticated: false,\n  idToken: undefined,\n  accessToken: undefined,\n  displayMode: \"iframe\",\n};\n\n// Context for exposing session specifically to the TokenProvider\nconst SessionContext = createContext<SessionData>(defaultSession);\n\ntype SessionContextType = {\n  children: ReactNode;\n  session?: SessionData;\n};\n\nconst SessionProvider = ({ children, session }: SessionContextType) => (\n  <SessionContext.Provider value={session || defaultSession}>\n    {children}\n  </SessionContext.Provider>\n);\n\nexport type { SessionContextType };\nexport { SessionProvider, SessionContext };\n","import { Config } from \"@/types\";\n\nexport const authConfig: Config = {\n  // TODO change this to the production URL once we're out of beta\n  oauthServer: \"https://auth-dev.civic.com/oauth/\",\n};\n","const isWindowInIframe = (window: Window): boolean => {\n  if (typeof window !== \"undefined\") {\n    // use the window width to determine if we're in an iframe or not\n    try {\n      if (window?.frameElement?.id === \"civic-auth-iframe\") {\n        return true;\n      }\n      // eslint-disable-next-line @typescript-eslint/no-unused-vars\n    } catch (_e) {\n      // If we get an error, we're not in an iframe\n      return false;\n    }\n  }\n  return false;\n};\n\nexport { isWindowInIframe };\n","\"use client\";\nimport { AuthProvider, AuthProviderProps } from \"./AuthProvider\";\nimport { QueryClient, QueryClientProvider } from \"@tanstack/react-query\";\n\n// adding the styles import here to be added to the bundle\nimport \"@civic/auth/styles.css\";\n\nconst queryClient = new QueryClient();\n\ntype CivicAuthProviderProps = Omit<\n  AuthProviderProps,\n  \"authServiceImpl\" | \"serverSideTokenExchange\"\n>;\n\nconst CivicAuthProvider = ({ children, ...props }: CivicAuthProviderProps) => {\n  return (\n    <QueryClientProvider client={queryClient}>\n      <AuthProvider {...props}>{children}</AuthProvider>\n    </QueryClientProvider>\n  );\n};\n\nexport { CivicAuthProvider };\n","\"use client\";\n/**\n * A very small context provider for the user object - it takes the user object from the cookie and provides it to the app.\n */\nimport { createContext, useContext, useEffect, useMemo, useState } from \"react\";\nimport { useUserCookie } from \"../hooks/useUserCookie.js\";\nimport { AuthProvider, AuthProviderProps } from \"@/shared/AuthProvider.js\";\nimport { QueryClient, QueryClientProvider } from \"@tanstack/react-query\";\nimport { AuthSessionServiceImpl } from \"@/services\";\nimport { UnknownObject, User } from \"@/types.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\n\nconst queryClient = new QueryClient();\n\ntype UserContextType = {\n  user: User<UnknownObject> | null;\n};\n\nconst defaultUserContext = { user: null };\nconst UserContext = createContext<UserContextType>(defaultUserContext);\n\ntype NextCivicAuthProviderProps = Omit<AuthProviderProps, \"clientId\">;\n\nexport const CivicNextAuthProvider = ({\n  children,\n  ...props\n}: NextCivicAuthProviderProps) => {\n  const user = useUserCookie();\n  const [redirectUrl, setRedirectUrl] = useState<string>(\"\");\n  const { clientId, oauthServer, callbackUrl, challengeUrl } =\n    resolveAuthConfig();\n\n  useEffect(() => {\n    if (typeof globalThis.window !== \"undefined\") {\n      const currentUrl = globalThis.window.location.href;\n      setRedirectUrl(new URL(callbackUrl, currentUrl).toString());\n    }\n  }, [callbackUrl]);\n\n  // create a custom authService that uses a challenge endpoint to get\n  // the challenge to add to the auth request\n  const authService = useMemo<AuthSessionServiceImpl | undefined>(() => {\n    if (redirectUrl && clientId && oauthServer) {\n      return new AuthSessionServiceImpl(clientId, redirectUrl, oauthServer, {\n        challenge: challengeUrl,\n      });\n    }\n    return undefined;\n  }, [redirectUrl, clientId, oauthServer, challengeUrl]);\n\n  return (\n    <QueryClientProvider client={queryClient}>\n      <AuthProvider\n        {...props}\n        config={{ oauthServer }}\n        clientId={clientId}\n        authServiceImpl={authService}\n        serverSideTokenExchange={true}\n      >\n        <UserContext.Provider value={user}>{children}</UserContext.Provider>\n      </AuthProvider>\n    </QueryClientProvider>\n  );\n};\nexport const useNextUser = () => useContext(UserContext);\n","\"use client\";\nimport { useEffect, useRef } from \"react\";\nimport { useRouter } from \"next/navigation.js\";\nimport { useQuery } from \"@tanstack/react-query\";\nimport { getCookieValue } from \"@/lib/cookies.js\";\n\nconst getUserFromCookie = () => {\n  const userCookie = getCookieValue(\"user\", globalThis.window);\n  return userCookie;\n};\n\nexport const useUserCookie = () => {\n  const hasRunRef = useRef(false);\n  const router = useRouter();\n\n  const { data: user } = useQuery({\n    queryKey: [\"user\"],\n    queryFn: () => getUserFromCookie(),\n    refetchInterval: 2000,\n    refetchIntervalInBackground: true,\n    enabled: !hasRunRef.current,\n    refetchOnWindowFocus: true,\n  });\n\n  useEffect(() => {\n    if (user) {\n      if (!hasRunRef.current) {\n        hasRunRef.current = true;\n        router.refresh();\n      }\n    } else {\n      hasRunRef.current = false;\n    }\n  }, [user, router]);\n\n  return user;\n};\n","const getCookieValue = (key: string, window: Window) => {\n  const cookie = window.document.cookie;\n  if (!cookie) return null;\n  const cookies = cookie.split(\";\");\n  for (const c of cookies) {\n    const [name, value] = c.trim().split(\"=\");\n    if (name === key) {\n      try {\n        return JSON.parse(decodeURIComponent(value));\n      } catch (e) {\n        console.log(\"Error parsing cookie value\", e);\n        return value;\n      }\n    }\n  }\n  return null;\n};\nexport { getCookieValue };\n","\"use client\";\nimport { useContext } from \"react\";\nimport { SessionContext } from \"@/react/providers\";\n\n// TokenProvider will use this internal context to access session\nconst useSession = () => {\n  const context = useContext(SessionContext);\n  if (!context) {\n    throw new Error(\"useSession must be used within an SessionProvider\");\n  }\n  return context;\n};\n\nexport { useSession };\n"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACCA,IAAAA,iBAA2B;;;ACA3B,IAAAC,gBAAyC;AACzC,yBAAyC;;;ACAzC,mBAA2B;AAE3B,IAAM,UAAU,MAAM;AACpB,QAAM,cAAU,yBAAW,WAAW;AAEtC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,6CAA6C;AAAA,EAC/D;AAEA,SAAO;AACT;;;ACXA,IAAAC,gBAA2B;AAG3B,IAAM,WAAW,MAAM;AACrB,QAAM,cAAU,0BAAW,YAAY;AAEvC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,8CAA8C;AAAA,EAChE;AAEA,SAAO;AACT;;;AFkDI;AA7CJ,IAAM,kBAAc,6BAAsC,IAAI;AAE9D,IAAM,eAAe,CAAwB;AAAA,EAC3C;AAAA,EACA;AACF,MAGM;AACJ,QAAM,EAAE,WAAW,aAAa,OAAO,UAAU,IAAI,QAAQ;AAC7D,QAAM,UAAU,WAAW;AAC3B,QAAM,EAAE,iBAAiB,SAAS,aAAa,aAAa,IAAI,SAAS;AACzE,QAAM,EAAE,QAAQ,QAAQ,IAAI,QAAQ;AAEpC,QAAM,YAAY,MAAqC;AACrD,QAAI,CAAC,eAAe,CAAC,iBAAiB;AACpC,aAAO;AAAA,IACT;AACA,UAAMC,QAAO,MAAM,mDAAiB,YAAe,aAAa;AAChE,QAAI,CAACA,OAAM;AACT,aAAO;AAAA,IACT;AACA,WAAO,iCACFA,QADE;AAAA,MAEL;AAAA,MACA;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,QAAM;AAAA,IACJ,MAAM;AAAA,IACN,WAAW;AAAA,IACX,OAAO;AAAA,EACT,QAA2C,6BAAS;AAAA,IAClD,UAAU,CAAC,QAAQ,mCAAS,OAAO;AAAA,IACnC,SAAS;AAAA,IACT,SAAS,CAAC,EAAC,mCAAS;AAAA;AAAA,EACtB,CAAC;AAED,QAAM,YAAY,eAAe;AACjC,QAAM,QAAQ,aAAa;AAE3B,SACE;AAAA,IAAC,YAAY;AAAA,IAAZ;AAAA,MACC,OAAO;AAAA,QACL,MAAM,sBAAQ;AAAA,QACd;AAAA,QACA;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAAA,MAEC;AAAA;AAAA,EACH;AAEJ;;;AGzEA,IAAAC,gBAAkD;AAClD,IAAAC,sBAA4C;AAG5C,iBAAyB;;;ACHlB,IAAM,8BAA8B,CACzC,gBAEA,OAAO;AAAA,EACL,OAAO,QAAQ,WAAW,EAAE,IAAI,CAAC,CAAC,QAAQ,MAAM,MAAM;AAAA,IACpD;AAAA,IACA;AAAA,MACE,SAAS,iCAAQ;AAAA,MACjB,aAAa,iCAAQ;AAAA,MACrB,cAAc,iCAAQ;AAAA,IACxB;AAAA,EACF,CAAC;AACH;;;ADyDE,IAAAC,sBAAA;AArDJ,IAAM,mBAAe,6BAA4C,MAAS;AAE1E,IAAM,gBAAgB,CAAC,EAAE,SAAS,MAA+B;AAC/D,QAAM,EAAE,WAAW,OAAO,UAAU,IAAI,QAAQ;AAChD,QAAM,UAAU,WAAW;AAC3B,QAAMC,mBAAc,oCAAe;AAEnC,QAAM,2BAAuB,iCAAY;AAAA,IACvC,YAAY,MAAY;AAEtB,YAAM,IAAI,MAAM,yBAAyB;AAAA,IAC3C;AAAA,IACA,WAAW,MAAM;AAEf,MAAAA,aAAY,kBAAkB,EAAE,UAAU,CAAC,SAAS,EAAE,CAAC;AAAA,IACzD;AAAA,EACF,CAAC;AAED,QAAM,mBAAe,uBAAQ,MAAM;AACjC,QAAI,EAAC,mCAAS,SAAS,QAAO;AAE9B,UAAM,gBAAY,qBAAS,QAAQ,OAAO;AAE1C,QAAI,CAAC,UAAW,QAAO;AAEvB,UAAM,EAAE,gBAAgB,IAAI,UAAU;AAEtC,WAAO,kBACH,4BAA4B,eAAe,IAC3C;AAAA,EACN,GAAG,CAAC,mCAAS,OAAO,CAAC;AAErB,QAAM,YAAQ;AAAA,IACZ,OAAO;AAAA,MACL,aAAa,QAAQ,eAAe;AAAA,MACpC,SAAS,QAAQ,WAAW;AAAA,MAC5B,iBAAiB,gBAAgB,CAAC;AAAA,MAClC,cAAc,qBAAqB;AAAA,MACnC;AAAA,MACA,OAAQ,aAAa,qBAAqB;AAAA,IAC5C;AAAA,IACA;AAAA,MACE,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR;AAAA,MACA,qBAAqB;AAAA,MACrB,qBAAqB;AAAA,MACrB;AAAA,MACA;AAAA,IACF;AAAA,EACF;AAEA,SACE,6CAAC,aAAa,UAAb,EAAsB,OAAe,UAAS;AAEnD;;;AExEA,IAAAC,gBAQO;AACP,IAAAC,sBAAsD;;;ACTtD,IAAAC,cAAyB;AAElB,IAAM,sBAAN,MAAqD;AAAA,EAC1D,YAAoB,WAAsB;AAAtB;AAAA,EAAuB;AAAA,EAE3C,uBAA0B,SAA2B;AACnD,UAAM,gBAAY,sBAAS,OAAO;AAClC,QAAI,CAAC,WAAW;AACd,aAAO;AAAA,IACT;AACA,WAAO,UAAU;AAAA,EACnB;AAAA,EAEM,YACJ,aACA,SACmB;AAAA;AACnB,UAAI,SAAS;AACX,eAAO,KAAK,uBAA0B,OAAO;AAAA,MAC/C;AAEA,YAAM,WAAW,MAAM,MAAM,KAAK,UAAU,UAAU;AAAA,QACpD,SAAS,EAAE,eAAe,UAAU,WAAW,GAAG;AAAA,MACpD,CAAC;AACD,aAAO,SAAS,KAAK;AAAA,IACvB;AAAA;AACF;;;AChBA,oBAAmD;AACnD,WAAsB;;;ACXtB,kBAA2B;AAE3B,IAAM,sBAAsB,CAAC,WAA6B;AACxD,QAAM,qBAAqB,OAAO,SAAS,GAAG,IAC1C,OAAO,MAAM,GAAG,OAAO,SAAS,CAAC,IACjC;AAEJ,QAAM,kBAAkB,GAAG,kBAAkB;AAE7C,SAAO,CAAC,oBAAoB,eAAe;AAC7C;AAEA,IAAM,mBAAmB,CAAC,QACxB,IAAI,SAAS,GAAG,IAAI,MAAM,GAAG,GAAG;AAElC,IAAM,oBAAoB,CAAO,gBAA4C;AAC3E,QAAM,uBAAuB,MAAM;AAAA,IACjC,GAAG,iBAAiB,WAAW,CAAC;AAAA,EAClC;AACA,QAAM,eACH,MAAM,qBAAqB,KAAK;AACnC,SAAO;AAAA,IACL,MAAM,aAAa;AAAA,IACnB,MAAM,aAAa;AAAA,IACnB,OAAO,aAAa;AAAA,IACpB,UAAU,aAAa;AAAA,EACzB;AACF;AAOA,IAAM,gBAAgB,CAAC,gBAAqC;AAC1D,QAAM,aAAa,KAAK,UAAU;AAAA,IAChC,UAAM,YAAAC,IAAK;AAAA,IACX;AAAA,EACF,CAAC;AAED,SAAO,KAAK,UAAU;AACxB;AAOA,IAAM,uBAAuB,CAC3B,OACA,uBAC4B;AAC5B,MAAI;AACF,UAAM,aAAa,KAAK,KAAK;AAE7B,WAAO,KAAK,MAAM,UAAU,EAAE;AAAA,EAChC,SAAS,GAAG;AACV,YAAQ,MAAM,2CAA2C,CAAC;AAE1D,WAAO;AAAA,EACT;AACF;;;AC9DA,kBAAsC;AACtC,4BAAwB;AAUxB,IAAM,iBAAiB,MAAe;AAEpC,QAAM,QAAQ,OAAO,KAAK,IAAI,IAAI,kBAAkB;AAGpD,MAAI,CAAC,OAAO;AACV,WAAO;AAAA,EACT;AAEA,MAAI;AAEF,QAAI,OAAO,MAAM,WAAW,aAAa;AACvC,YAAM,IAAI,MAAM,kBAAkB;AAAA,IACpC;AAAA,EACF,SAAQ;AAEN,WAAO;AAAA,EACT;AAGA,QAAM,MAAM;AACZ,SAAO;AACT;AAEA,IAAM,KAAK,IAAI,WAAyB;AACtC,aAAO,mCAAQ,kBAAK,MAAM,CAAC;AAC7B;;;AFRO,IAAM,yBAAN,MAA2D;AAAA,EAOhE,YACW,UACA,aACA,aACA,gBACT;AAJS;AACA;AACA;AACA;AAPX,SAAQ,eAAmC;AAC3C,SAAQ,sBAA6C;AAQnD,SAAK,eAAe,KAAK,gBAAgB;AACzC,SAAK,YAAY;AAAA,EACnB;AAAA,EAEU,kBAA0B;AAClC,eAAO,oCAAqB;AAAA,EAC9B;AAAA,EAEa,qBAA+C;AAAA;AAC1D,UAAI,KAAK,iBAAiB;AACxB,eAAO,KAAK;AAAA,MACd;AACA,YAAM,YAAY,MAAM,KAAK,aAAa;AAE1C,WAAK,kBAAkB,IAAI,oBAAoB,SAAS;AACxD,aAAO,KAAK;AAAA,IACd;AAAA;AAAA,EAEgB,eAAmC;AAAA;AA5DrD;AA6DI,WAAI,UAAK,cAAL,mBAAgB,MAAM;AACxB,eAAO,KAAK;AAAA,MACd;AACA,YAAM,gBAAgB,MAAM,kBAAkB,KAAK,WAAW;AAC9D,aAAO,KAAK,YACR,kCAAK,KAAK,YAAc,iBACxB;AAAA,IACN;AAAA;AAAA,EAEgB,kBAAkB;AAAA;AAChC,UAAI,KAAK,cAAc;AACrB,eAAO,KAAK;AAAA,MACd;AACA,YAAM,YAAY,MAAM,KAAK,aAAa;AAC1C,WAAK,eAAe,IAAI;AAAA,QACtB,KAAK;AAAA,QACL,UAAU;AAAA,QACV,UAAU;AAAA;AAAA,QAEV,EAAE,aAAa,KAAK,YAAY;AAAA,MAClC;AACA,aAAO,KAAK;AAAA,IACd;AAAA;AAAA,EAEA,iBAA8B;AAC5B,WAAO,KAAK;AAAA,MACV,aAAa,QAAQ,cAAc,KAAK,QAAQ,EAAE,KAAK;AAAA,IACzD;AAAA,EACF;AAAA,EAEA,kBAAkB,MAAkC;AAClD,iBAAa;AAAA,MACX,cAAc,KAAK,QAAQ;AAAA,MAC3B,KAAK,UAAU,mBAAK,KAAM;AAAA,IAC5B;AAAA,EACF;AAAA,EAEA,UAAsC;AACpC,WAAO,KAAK;AAAA,MACV,aAAa,QAAQ,cAAc,KAAK,QAAQ,OAAO,KAAK;AAAA,IAC9D;AAAA,EACF;AAAA,EAEA,QAAQ,MAAwC;AAC9C,iBAAa;AAAA,MACX,cAAc,KAAK,QAAQ;AAAA,MAC3B,KAAK,UAAU,SAAS,OAAO,CAAC,IAAI,IAAI;AAAA,IAC1C;AAAA,EACF;AAAA,EAEA,mBAAyB;AACvB,iBAAa,QAAQ,cAAc,KAAK,QAAQ,IAAI,KAAK,UAAU,CAAC,CAAC,CAAC;AAAA,EACxE;AAAA,EAEM,iCACJ,OACA,QACc;AAAA;AAtHlB;AAuHI,YAAM,eAAe,MAAM,KAAK,gBAAgB;AAChD,WAAI,UAAK,cAAL,mBAAgB,WAAW;AAC7B,cAAM,YAAY,MAAM,MAAM,KAAK,UAAU,SAAS,EAAE;AAAA,UAAK,CAAC,QAC5D,IAAI,KAAK,EAAE,KAAK,CAAC,SAAS,KAAK,SAAS;AAAA,QAC1C;AACA,cAAMC,YAAW,MAAM,aAAa,uBAAuB;AAAA,UACzD;AAAA,UACA;AAAA,QACF,CAAC;AACD,QAAAA,UAAS,aAAa,OAAO,kBAAkB,SAAS;AACxD,QAAAA,UAAS,aAAa,OAAO,yBAAyB,MAAM;AAC5D,eAAOA;AAAA,MACT;AACA,YAAM,WAAW,MAAM,aAAa,uBAAuB;AAAA,QACzD;AAAA,QACA,cAAc,KAAK;AAAA,QACnB,qBAAqB;AAAA,QACrB;AAAA,MACF,CAAC;AACD,aAAO;AAAA,IACT;AAAA;AAAA,EACM,oBACJ,QACA,aACA,OACiB;AAAA;AACjB,YAAM,QAAQ,cAAc,WAAW;AACvC,YAAM,sBAAsB,KAAK,eAAe;AAChD,WAAK,kBAAkB,iCAClB,sBADkB;AAAA,QAErB,cAAc,KAAK;AAAA,QACnB;AAAA,MACF,EAAC;AACD,YAAM,WAAW,MAAM,KAAK,iCAAiC,OAAO,MAAM;AAC1E,UAAI,OAAO;AAET,iBAAS,aAAa,OAAO,SAAS,KAAK;AAAA,MAC7C;AACA,eAAS,aAAa,OAAO,UAAU,SAAS;AAChD,aAAO,SAAS,SAAS;AAAA,IAC3B;AAAA;AAAA;AAAA,EAGA,qBAAqB,kBAA0B,aAA0B;AACvE,YAAQ,aAAa;AAAA,MACnB,KAAK;AAEH;AAAA,MACF,KAAK;AACH,eAAO,SAAS,OAAO;AACvB;AAAA,MACF,KAAK;AACH,eAAO,KAAK,kBAAkB,QAAQ;AACtC;AAAA,MACF,KAAK;AAEH;AAAA,IACJ;AAAA,EACF;AAAA,EAEM,OAAsB;AAAA;AAC1B,WAAK,kBAAkB,EAAE,eAAe,MAAM,CAAC;AAAA,IACjD;AAAA;AAAA,EAEA,qBAAqB,aAAuC;AAE1D,QAAI,eAAe,KAAK,gBAAgB,UAAU;AAChD,oBAAc;AAAA,IAChB;AAEA,WAAO;AAAA,EACT;AAAA,EAEM,OACJ,aACA,QACA,OACe;AAAA;AACf,YAAM,mBAAmB,MAAM,KAAK;AAAA,QAClC;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAEA,WAAK,qBAAqB,kBAAkB,WAAW;AAAA,IACzD;AAAA;AAAA,EAEM,cAAc,aAA2C;AAAA;AAC7D,UAAI,UAAU,KAAK,eAAe;AAElC,UAAI,CAAC,QAAQ,eAAe;AAC1B,cAAM,MAAM,IAAI,IAAI,WAAW;AAC/B,cAAM,oBAAoB,IAAI,aAAa,IAAI,MAAM;AACrD,cAAM,gBAAgB,IAAI,aAAa,IAAI,OAAO;AAClD,YAAI,CAAC,qBAAqB,CAAC,eAAe;AACxC,gBAAM,IAAI,MAAM,gCAAgC;AAAA,QAClD;AACA,cAAM,eAAe,QAAQ;AAC7B,cAAM,eAAe,MAAM,KAAK,gBAAgB;AAChD,cAAM,SACJ,MAAM,aAAa;AAAA,UACjB;AAAA,UACA;AAAA,YACE;AAAA,UACF;AAAA,QACF;AAGF,YAAI;AACF,gBAAM,KAAK,eAAe,MAAM;AAAA,QAClC,SAAS,OAAO;AACd,kBAAQ,MAAM,wBAAwB,EAAE,OAAO,OAAO,CAAC;AACvD,gBAAM,IAAI;AAAA,YACR,kCAAmC,MAAgB,OAAO;AAAA,UAC5D;AAAA,QACF;AACA,cAAM,oBAAoB;AAAA,UACxB;AAAA,UACA,QAAQ;AAAA,QACV;AAEA,kBAAU,iCACL,UADK;AAAA,UAER,aAAa;AAAA,UACb,SAAS,OAAO;AAAA,UAChB,eAAe;AAAA,UACf,OAAO;AAAA,UACP,aAAa,OAAO;AAAA,UACpB,cAAc,OAAO;AAAA,UACrB,WAAW,KAAK,IAAI;AAAA,UACpB,WAAW,OAAO;AAAA,QACpB;AACA,aAAK,kBAAkB,OAAO;AAC9B,cAAM,OAAO,OACX,MAAM,KAAK,mBAAmB,GAC9B,YAAY,OAAO,cAAc,OAAO,YAAY,IAAI;AAC1D,aAAK,QAAQ,IAAI;AAAA,MACnB;AAGA,WAAK,kBAAkB,OAAO;AAE9B,UAAI,QAAQ,gBAAgB,WAAW;AAErC,eAAO,MAAM;AAAA,MACf,WAAW,QAAQ,gBAAgB,YAAY;AAAA,MAE/C;AACA,aAAO;AAAA,IACT;AAAA;AAAA,EAEQ,kBAAkB,SAA4B;AACpD,QAAI,KAAK,qBAAqB;AAC5B,mBAAa,KAAK,mBAAmB;AAAA,IACvC;AAEA,QAAI,QAAQ,WAAW;AAErB,YAAM,cAAc,KAAK,IAAI,KAAK,QAAQ,aAAa;AACvD,YAAM,gBAAgB,QAAQ,YAAY,MAAO;AAEjD,YAAM,cAAc,KAAK,IAAI,GAAG,gBAAgB,GAAK;AAErD,WAAK,sBAAsB,WAAW,MAAM;AAC1C,aAAK,aAAa,EACf,KAAK,CAAC,eAAe;AACpB,kBAAQ,IAAI,gCAAgC,UAAU;AAAA,QACxD,CAAC,EACA,MAAM,CAAC,UAAU;AAChB,kBAAQ,MAAM,4BAA4B,KAAK;AAG/C,eAAK,kBAAkB,CAAC,CAAC;AAAA,QAC3B,CAAC;AAAA,MACL,GAAG,WAAW;AAAA,IAChB;AAAA,EACF;AAAA,EAEM,eAAqC;AAAA;AACzC,YAAM,cAAc,KAAK,eAAe;AACxC,UAAI,CAAC,YAAY,cAAc;AAC7B,cAAM,IAAI,MAAM,4BAA4B;AAAA,MAC9C;AACA,YAAM,eAAe,MAAM,KAAK,gBAAgB;AAChD,YAAM,SAAS,MAAM,aAAa;AAAA,QAChC,YAAY;AAAA,MACd;AAGA,YAAM,UAAU,iCACX,cADW;AAAA,QAEd,SAAS,OAAO;AAAA,QAChB,eAAe;AAAA,QACf,aAAa,OAAO;AAAA,QACpB,cAAc,OAAO;AAAA,QACrB,WAAW,KAAK,IAAI;AAAA,QACpB,WAAW,OAAO;AAAA,MACpB;AACA,WAAK,kBAAkB,OAAO;AAG9B,WAAK,kBAAkB,OAAO;AAE9B,aAAO;AAAA,IACT;AAAA;AAAA,EAEM,cAAgE;AAAA;AACpE,YAAM,cAAc,KAAK,eAAe;AACxC,UAAI,CAAC,YAAY,aAAa;AAC5B,cAAM,IAAI,MAAM,2BAA2B;AAAA,MAC7C;AACA,YAAM,kBAAkB,MAAM,KAAK,mBAAmB;AACtD,aAAO,gBAAgB;AAAA,QACrB,YAAY;AAAA,QACZ,YAAY,WAAW;AAAA,MACzB;AAAA,IACF;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQM,eACJ,QAGA;AAAA;AACA,YAAM,YAAY,MAAM,KAAK,aAAa;AAC1C,YAAM,OAAY,wBAAmB,IAAI,IAAI,UAAU,IAAI,CAAC;AAC5D,YAAM,gBAA0D,CAAC;AAGjE,cAAQ,IAAI,UAAU,oBAAoB,KAAK,WAAW,CAAC;AAC3D,YAAM,kBAAkB,MAAW,eAAU,OAAO,UAAU,MAAM;AAAA,QAClE,QAAQ,oBAAoB,KAAK,WAAW;AAAA,QAC5C,UAAU,KAAK;AAAA,MACjB,CAAC;AACD,oBAAc,UAAU,gBAAgB;AAExC,YAAM,sBAAsB,MAAW;AAAA,QACrC,OAAO;AAAA,QACP;AAAA,QACA;AAAA,UACE,QAAQ,oBAAoB,KAAK,WAAW;AAAA,QAC9C;AAAA,MACF;AACA,oBAAc,cAAc,oBAAoB;AAEhD,UAAI,OAAO,eAAe;AACxB,sBAAc,eAAe,OAAO;AAAA,MACtC;AACA,aAAO;AAAA,IACT;AAAA;AAAA,EAEM,0BAAgD;AAAA;AACpD,YAAM,cAAc,KAAK,eAAe;AACxC,UAAI;AACF,YAAI,CAAC,YAAY,WAAW,CAAC,YAAY,aAAa;AACpD,gBAAM,yBAAyB,iCAAK,cAAL,EAAkB,eAAe,MAAM;AACtE,eAAK,kBAAkB,sBAAsB;AAC7C,iBAAO;AAAA,QACT;AACA,cAAM,KAAK,eAAe;AAAA,UACxB,UAAU,YAAY;AAAA,UACtB,cAAc,YAAY;AAAA,UAC1B,eAAe,YAAY;AAAA,QAC7B,CAAC;AACD,oBAAY,gBAAgB;AAC5B,eAAO;AAAA,MACT,SAAS,OAAO;AACd,gBAAQ,KAAK,sCAAsC,KAAK;AACxD,cAAM,yBAAyB;AAAA,UAC7B,eAAe;AAAA,QACjB;AACA,aAAK,kBAAkB,sBAAsB;AAC7C,eAAO;AAAA,MACT;AAAA,IACF;AAAA;AACF;;;AG/YA,IAAM,iBAAiB;AAAA,EACrB;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF;AACA,IAAM,YAAY;;;ACLlB,IAAAC,gBAA2B;AAUrB,IAAAC,sBAAA;AAHN,IAAM,sBAAkB;AAAA,EACtB,CAAC,EAAE,SAAS,OAAO,GAAG,QAAQ;AAC5B,WACE;AAAA,MAAC;AAAA;AAAA,QACC,IAAI;AAAA,QACJ;AAAA,QACA,KAAK;AAAA,QACL,WAAU;AAAA,QACV;AAAA;AAAA,IACF;AAAA,EAEJ;AACF;AAEA,gBAAgB,cAAc;;;ACtB9B,IAAAC,gBAAyD;;;ACCrD,IAAAC,sBAAA;AAFJ,IAAM,cAAc,MAClB,8CAAC,SAAI,MAAK,UACR;AAAA;AAAA,IAAC;AAAA;AAAA,MACC,eAAY;AAAA,MACZ,WAAU;AAAA,MACV,SAAQ;AAAA,MACR,MAAK;AAAA,MACL,OAAM;AAAA,MAEN;AAAA;AAAA,UAAC;AAAA;AAAA,YACC,GAAE;AAAA,YACF,MAAK;AAAA;AAAA,QACP;AAAA,QACA;AAAA,UAAC;AAAA;AAAA,YACC,GAAE;AAAA,YACF,MAAK;AAAA;AAAA,QACP;AAAA;AAAA;AAAA,EACF;AAAA,EACA,6CAAC,UAAK,WAAU,WAAU,wBAAU;AAAA,GACtC;;;AClBA,IAAAC,sBAAA;AADF,IAAM,YAAY,MAChB;AAAA,EAAC;AAAA;AAAA,IACC,OAAM;AAAA,IACN,OAAM;AAAA,IACN,QAAO;AAAA,IACP,SAAQ;AAAA,IACR,MAAK;AAAA,IACL,QAAO;AAAA,IACP,aAAY;AAAA,IACZ,eAAc;AAAA,IACd,gBAAe;AAAA,IACf,WAAU;AAAA,IAEV;AAAA,mDAAC,UAAK,GAAE,cAAa;AAAA,MACrB,6CAAC,UAAK,GAAE,cAAa;AAAA;AAAA;AACvB;;;AF6DI,IAAAC,sBAAA;AA5DN,IAAM,uBAAuB,CAAC;AAAA,EAC5B;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA,qBAAqB;AAAA,EACrB,kBAAkB;AACpB,MAAiC;AAC/B,QAAM,CAAC,WAAW,YAAY,QAAI,wBAAS,IAAI;AAE/C,QAAM,uBAAmB,2BAAY,MAAM;AACzC,QAAI,UAAU,WAAW,UAAU,QAAQ,eAAe;AACxD,UAAI;AACF,cAAM,YAAY,UAAU,QAAQ,cAAc,SAAS;AAE3D,YAAI,UAAU,WAAW,WAAW,GAAG;AACrC,6BAAmB,SAAS;AAC5B,cAAI,gBAAiB,SAAQ;AAC7B,iBAAO;AAAA,QACT;AAAA,MACF,SAAQ;AAEN,gBAAQ,IAAI,yBAAyB;AAAA,MACvC;AAAA,IACF;AACA,WAAO;AAAA,EACT,GAAG,CAAC,iBAAiB,WAAW,SAAS,aAAa,kBAAkB,CAAC;AAEzE,QAAM,iBAAa,sBAAuB;AAE1C,QAAM,mBAAe;AAAA,IACnB,CAAC,UAAyB;AACxB,UAAI,MAAM,QAAQ,UAAU;AAC1B,gBAAQ;AAAA,MACV;AAAA,IACF;AAAA,IACA,CAAC,OAAO;AAAA,EACV;AAGA,+BAAU,MAAM;AACd,WAAO,iBAAiB,WAAW,YAAY;AAE/C,WAAO,MAAM,OAAO,oBAAoB,WAAW,YAAY;AAAA,EACjE,CAAC;AAED,QAAM,mBAAmB,MAAM;AAC7B,iBAAa,KAAK;AAClB,YAAQ,IAAI,kBAAkB;AAC9B,QAAI,iBAAiB,KAAK,WAAW,SAAS;AAC5C,oBAAc,WAAW,OAAO;AAAA,IAClC;AAAA,EACF;AAEA,SACE;AAAA,IAAC;AAAA;AAAA,MACC,WAAU;AAAA,MACV,SAAS;AAAA,MAET;AAAA,QAAC;AAAA;AAAA,UACC,WAAU;AAAA,UACV,SAAS,CAAC,MAAM,EAAE,gBAAgB;AAAA,UAElC;AAAA;AAAA,cAAC;AAAA;AAAA,gBACC,WAAU;AAAA,gBACV,SAAS;AAAA,gBAET,uDAAC,aAAU;AAAA;AAAA,YACb;AAAA,aAEE,aAAa,uBACb,6CAAC,SAAI,WAAU,gFACb,uDAAC,eAAY,GACf;AAAA,YAGF;AAAA,cAAC;AAAA;AAAA,gBACC,KAAK;AAAA,gBACL;AAAA,gBACA,QAAQ;AAAA;AAAA,YACV;AAAA;AAAA;AAAA,MACF;AAAA;AAAA,EACF;AAEJ;;;AGjGA,IAAAC,gBAAiD;AAe7C,IAAAC,sBAAA;AAbJ,IAAM,cAAc,MAClB;AAAA,EAAC;AAAA;AAAA,IACC,OAAM;AAAA,IACN,OAAM;AAAA,IACN,QAAO;AAAA,IACP,SAAQ;AAAA,IACR,MAAK;AAAA,IACL,QAAO;AAAA,IACP,aAAY;AAAA,IACZ,eAAc;AAAA,IACd,gBAAe;AAAA,IACf,WAAU;AAAA,IAEV,uDAAC,UAAK,GAAE,gBAAe;AAAA;AACzB;AAGF,IAAM,YAAY,MAChB;AAAA,EAAC;AAAA;AAAA,IACC,OAAM;AAAA,IACN,OAAM;AAAA,IACN,QAAO;AAAA,IACP,SAAQ;AAAA,IACR,MAAK;AAAA,IACL,QAAO;AAAA,IACP,aAAY;AAAA,IACZ,eAAc;AAAA,IACd,gBAAe;AAAA,IACf,WAAU;AAAA,IAEV,uDAAC,UAAK,GAAE,kBAAiB;AAAA;AAC3B;AAGF,IAAM,aAAa,CAAC;AAAA,EAClB;AAAA,EACA;AACF,MAGM;AACJ,QAAM,CAAC,QAAQ,SAAS,QAAI,wBAAS,KAAK;AAC1C,QAAM,EAAE,QAAQ,iBAAiB,QAAQ,IAAI,QAAQ;AACrD,QAAM,EAAE,KAAK,IAAI,QAAQ;AAEzB,QAAM,yBAAqB,2BAAY,CAAC,UAAsB;AAC5D,UAAM,SAAS,MAAM;AAErB,QAAI,CAAC,OAAO,QAAQ,2BAA2B,GAAG;AAChD,gBAAU,KAAK;AAAA,IACjB;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,oBAAgB,2BAAY,MAAY;AAC5C,UAAM,QAAQ;AAEd,cAAU,KAAK;AAAA,EACjB,IAAG,CAAC,OAAO,CAAC;AAEZ,QAAM,mBAAe,2BAAY,MAAY;AAC3C,UAAM,OAAO,WAAW;AAExB,cAAU,KAAK;AAAA,EACjB,IAAG,CAAC,QAAQ,WAAW,CAAC;AAExB,QAAM,mBAAe,2BAAY,CAAC,UAAyB;AACzD,QAAI,MAAM,QAAQ,UAAU;AAC1B,gBAAU,KAAK;AAAA,IACjB;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,+BAAU,MAAM;AACd,QAAI,QAAQ;AACV,aAAO,iBAAiB,SAAS,kBAAkB;AAEnD,aAAO,iBAAiB,WAAW,YAAY;AAAA,IACjD;AAEA,WAAO,MAAM;AACX,aAAO,oBAAoB,SAAS,kBAAkB;AAEtD,aAAO,oBAAoB,WAAW,YAAY;AAAA,IACpD;AAAA,EACF,GAAG,CAAC,oBAAoB,cAAc,MAAM,CAAC;AAE7C,MAAI,iBAAiB;AACnB,WACE,8CAAC,SAAI,WAAU,YAAW,IAAG,4BAC3B;AAAA;AAAA,QAAC;AAAA;AAAA,UACC,WAAW;AAAA,YACT;AAAA,YACA;AAAA,UACF;AAAA,UACA,SAAS,MAAM,UAAU,CAACC,YAAW,CAACA,OAAM;AAAA,UAE3C;AAAA,0CAAM,WACL,6CAAC,UAAK,WAAU,uEACd;AAAA,cAAC;AAAA;AAAA,gBACC,WAAU;AAAA,gBACV,KAAK,KAAK;AAAA,gBACV,MAAK,6BAAM,UAAQ,6BAAM;AAAA;AAAA,YAC3B,GACF,IAEA,6CAAC,SAAI;AAAA,YAGP,6CAAC,UAAM,wCAAM,UAAQ,6BAAM,QAAM;AAAA,YAEhC,SAAS,6CAAC,aAAU,IAAK,6CAAC,eAAY;AAAA;AAAA;AAAA,MACzC;AAAA,MACA;AAAA,QAAC;AAAA;AAAA,UACC,WACE,SACI,qFACA;AAAA,UAGN,uDAAC,QACC,uDAAC,QACC;AAAA,YAAC;AAAA;AAAA,cACC,WAAU;AAAA,cACV,SAAS;AAAA,cACV;AAAA;AAAA,UAED,GACF,GACF;AAAA;AAAA,MACF;AAAA,OACF;AAAA,EAEJ;AAEA,SACE;AAAA,IAAC;AAAA;AAAA,MACC,WAAW;AAAA,QACT;AAAA,QACA;AAAA,MACF;AAAA,MACA,SAAS;AAAA,MACV;AAAA;AAAA,EAED;AAEJ;;;ACvII,IAAAC,sBAAA;AAVJ,IAAM,eAAe,CAAC;AAAA,EACpB;AAAA,EACA;AACF,MAGM;AACJ,QAAM,EAAE,OAAO,IAAI,QAAQ;AAE3B,SACE;AAAA,IAAC;AAAA;AAAA,MACC,WAAW;AAAA,QACT;AAAA,QACA;AAAA,MACF;AAAA,MACA,SAAS,MAAM,OAAO,WAAW;AAAA,MAClC;AAAA;AAAA,EAED;AAEJ;;;ACjBI,IAAAC,sBAAA;AAJJ,IAAM,gBAAgB,CAAC,EAAE,UAAU,MAA8B;AAC/D,QAAM,EAAE,QAAQ,IAAI,QAAQ;AAE5B,SACE;AAAA,IAAC;AAAA;AAAA,MACC,WAAW;AAAA,QACT;AAAA,QACA;AAAA,MACF;AAAA,MACA,SAAS,MAAM,QAAQ;AAAA,MACxB;AAAA;AAAA,EAED;AAEJ;;;AClBA,mBAAkB;AAElB,IAAM,eAAe;AASrB,IAAM,cAAN,MAAoC;AAAA,EAMlC,YAAY,WAAmB;AAE7B,SAAK,kBAAc,aAAAC,SAAM,GAAG,YAAY,IAAI,SAAS,QAAQ;AAC7D,SAAK,iBAAa,aAAAA,SAAM,GAAG,YAAY,IAAI,SAAS,OAAO;AAC3D,SAAK,iBAAa,aAAAA,SAAM,GAAG,YAAY,IAAI,SAAS,OAAO;AAC3D,SAAK,kBAAc,aAAAA,SAAM,GAAG,YAAY,IAAI,SAAS,QAAQ;AAE7D,SAAK,YAAY,QAAQ;AACzB,SAAK,WAAW,QAAQ;AACxB,SAAK,WAAW,QAAQ;AACxB,SAAK,YAAY,QAAQ;AAAA,EAC3B;AAAA,EAEA,MAAM,YAAoB,MAAuB;AAC/C,SAAK,YAAY,SAAS,GAAG,IAAI;AAAA,EACnC;AAAA,EAEA,KAAK,YAAoB,MAAuB;AAC9C,SAAK,WAAW,SAAS,GAAG,IAAI;AAAA,EAClC;AAAA,EAEA,KAAK,YAAoB,MAAuB;AAC9C,SAAK,WAAW,SAAS,GAAG,IAAI;AAAA,EAClC;AAAA,EAEA,MAAM,YAAoB,MAAuB;AAC/C,SAAK,YAAY,SAAS,GAAG,IAAI;AAAA,EACnC;AACF;AAEO,IAAM,eAAe,CAAC,cAC3B,IAAI,YAAY,SAAS;AAGpB,IAAM,UAAU;AAAA;AAAA,EAErB,QAAQ;AAAA,IACN,QAAQ,aAAa,YAAY;AAAA,IACjC,YAAY,aAAa,gBAAgB;AAAA,IACzC,UAAU;AAAA,MACR,MAAM,aAAa,mBAAmB;AAAA,IACxC;AAAA,EACF;AAAA;AAAA,EAEA,OAAO;AAAA,IACL,YAAY,aAAa,kBAAkB;AAAA,IAC3C,OAAO,aAAa,aAAa;AAAA,IACjC,SAAS,aAAa,eAAe;AAAA,EACvC;AAAA;AAAA,EAEA,UAAU;AAAA,IACR,YAAY,aAAa,kBAAkB;AAAA,IAC3C,SAAS,aAAa,eAAe;AAAA,EACvC;AACF;;;AClEA,IAAM,SAAS,QAAQ,OAAO,SAAS;AAgChC,IAAM,oBAA8D;AAAA,EACzE,aAAa;AAAA,EACb,aAAa;AAAA,EACb,cAAc;AAAA,EACd,WAAW;AAAA,EACX,UAAU;AAAA,EACV,SAAS,CAAC,IAAI;AAAA,EACd,SAAS,CAAC;AAAA,EACV,SAAS;AAAA,IACP,QAAQ;AAAA,MACN,UAAU;AAAA,MACV,MAAM;AAAA,MACN,QAAQ,KAAK;AAAA;AAAA,IACf;AAAA,IACA,MAAM;AAAA,MACJ,UAAU;AAAA,MACV,MAAM;AAAA,MACN,QAAQ,KAAK;AAAA;AAAA,IACf;AAAA,EACF;AACF;AAEA,IAAM,mBAAmB,CACvB,QACe;AACf,QAAM,SAAqB,CAAC;AAC5B,aAAW,OAAO,KAAK;AACrB,QAAI,IAAI,GAAG,MAAM,QAAW;AAC1B,aAAO,GAAG,IAAI,IAAI,GAAG;AAAA,IACvB;AAAA,EACF;AACA,SAAO;AACT;AAmBO,IAAM,oBAAoB,CAC/B,SAAqB,CAAC,MAC4B;AA1FpD;AA4FE,QAAM,gBAAgB,iBAAiB;AAAA,IACrC,UAAU,QAAQ,IAAI;AAAA,IACtB,aAAa,QAAQ,IAAI;AAAA,IACzB,aAAa,QAAQ,IAAI;AAAA,IACzB,UAAU,QAAQ,IAAI;AAAA,IACtB,WAAW,QAAQ,IAAI;AAAA,IACvB,UAAS,aAAQ,IAAI,yBAAZ,mBAAkC,MAAM;AAAA,IACjD,UAAS,aAAQ,IAAI,yBAAZ,mBAAkC,MAAM;AAAA,IACjD,SAAS,QAAQ,IAAI,4BACjB,KAAK,MAAM,QAAQ,IAAI,yBAAyB,IAChD;AAAA,EACN,CAAC;AAED,QAAM,eAAe,+DAChB,oBACA,gBACA,SAHgB;AAAA;AAAA,IAInB,SAAS;AAAA,MACP,QAAQ,kCACH,kBAAkB,QAAQ,WACzB,YAAO,YAAP,mBAAgB,WAAU,CAAC;AAAA,MAEjC,MAAM,kCACD,kBAAkB,QAAQ,SACzB,YAAO,YAAP,mBAAgB,SAAQ,CAAC;AAAA,IAEjC;AAAA,EACF;AAEA,SAAO,MAAM,4BAA4B,aAAa;AACtD,SAAO,MAAM,oBAAoB,YAAY;AAC7C,MAAI,aAAa,aAAa,QAAW;AACvC,UAAM,IAAI,MAAM,kCAAkC;AAAA,EACpD;AACA,SAAO;AACT;;;ACrHS,IAAAC,uBAAA;AAJT,IAAM,aAAa,CAAC,EAAE,SAAS,MAA+B;AAC5D,QAAM,SAAS,kBAAkB;AACjC,QAAM,YAAY,GAAG,OAAO,SAAS;AAErC,SAAO,8CAAC,OAAE,MAAM,WAAY,UAAS;AACvC;;;ACTA,IAAAC,gBAAgD;AAkB9C,IAAAC,uBAAA;AAhBF,IAAM,iBAA8B;AAAA,EAClC,eAAe;AAAA,EACf,SAAS;AAAA,EACT,aAAa;AAAA,EACb,aAAa;AACf;AAGA,IAAM,qBAAiB,6BAA2B,cAAc;AAOhE,IAAM,kBAAkB,CAAC,EAAE,UAAU,QAAQ,MAC3C,8CAAC,eAAe,UAAf,EAAwB,OAAO,WAAW,gBACxC,UACH;;;ACpBK,IAAM,aAAqB;AAAA;AAAA,EAEhC,aAAa;AACf;;;ACLA,IAAM,mBAAmB,CAACC,YAA4B;AAAtD;AACE,MAAI,OAAOA,YAAW,aAAa;AAEjC,QAAI;AACF,YAAI,KAAAA,WAAA,gBAAAA,QAAQ,iBAAR,mBAAsB,QAAO,qBAAqB;AACpD,eAAO;AAAA,MACT;AAAA,IAEF,SAAS,IAAI;AAEX,aAAO;AAAA,IACT;AAAA,EACF;AACA,SAAO;AACT;;;AlBoMgB,IAAAC,uBAAA;AAxKhB,IAAM,kBAAc,6BAAsC,IAAI;AAG9D,IAAI;AACJ,IAAI,OAAO,WAAW,aAAa;AACjC,qBAAmB;AACrB,WAAW,OAAO,WAAW,aAAa;AACxC,qBAAmB;AACrB,OAAO;AACL,qBAAmB,SAAS,aAAa,EAAE;AAC7C;AACA,iBAAiB,aAAa;AAE9B,IAAM,eAAe,CAAC;AAAA,EACpB;AAAA,EACA;AAAA,EACA,aAAa;AAAA,EACb,SAAS;AAAA,EACT;AAAA,EACA;AAAA,EACA;AAAA,EACA;AAAA,EACA;AACF,MAAyB;AACvB,QAAM,CAAC,WAAW,YAAY,QAAI,wBAAwB,IAAI;AAC9D,QAAM,CAAC,YAAY,aAAa,QAAI,wBAAwB,IAAI;AAChE,QAAM,CAAC,YAAY,aAAa,QAAI,wBAAS,KAAK;AAClD,QAAM,CAAC,iBAAiB,kBAAkB,QAAI,wBAAwB,IAAI;AAC1E,QAAM,CAAC,oBAAoB,qBAAqB,QAAI,wBAAgB;AACpE,QAAMC,mBAAc,oCAAe;AACnC,QAAM,gBAAY,sBAA0B,IAAI;AAGhD,+BAAU,MAAM;AACd,QAAI,OAAO,WAAW,WAAW,aAAa;AAC5C,oBAAc,WAAW,OAAO,SAAS,IAAI;AAC7C,YAAM,gBAAgB,iBAAiB,WAAW,MAAM;AACxD,oBAAc,aAAa;AAAA,IAC7B;AAAA,EACF,GAAG,CAAC,CAAC;AAEL,QAAM,kBAAc;AAAA,IAClB,OAAO,oBAAoB,cAAc,IAAI,MAAM,GAAG,EAAE,CAAC;AAAA,IACzD,CAAC,YAAY,gBAAgB;AAAA,EAC/B;AAEA,QAAM,kBAAc;AAAA,IAClB,MACE,aACI,mBACA,IAAI;AAAA,MACF;AAAA,MACA;AAAA,MACA,iCAAQ;AAAA,MACR,iCAAQ;AAAA,IACV,IACA;AAAA,IACN,CAAC,YAAY,UAAU,aAAa,QAAQ,eAAe;AAAA,EAC7D;AAEA,QAAM,CAAC,iBAAiB,kBAAkB,QAAI,wBAA0B;AACxE,+BAAU,MAAM;AACd,QAAI,CAAC,YAAa;AAClB,gBAAY,mBAAmB,EAAE,KAAK,kBAAkB;AAAA,EAC1D,GAAG,CAAC,WAAW,CAAC;AAEhB,QAAM;AAAA,IACJ,MAAM;AAAA,IACN;AAAA,IACA;AAAA,EACF,QAAI,8BAAS;AAAA,IACX,UAAU,CAAC,WAAW,iBAAiB,WAAW,YAAY,UAAU;AAAA,IACxE,SAAS,MAAY;AACnB,UAAI,CAAC,aAAa;AAChB,eAAO,EAAE,eAAe,MAAM;AAAA,MAChC;AACA,YAAM,MAAM,IAAI;AAAA,QACd,kBACI,kBACA,WAAW,OAAO,SAAS,QAAQ;AAAA,MACzC;AAEA,YAAM,OAAO,IAAI,aAAa,IAAI,MAAM;AACxC,UAAI,QAAQ,CAAC,cAAc,CAAC,yBAAyB;AACnD,YAAI;AACF,kBAAQ,IAAI,8BAA8B,EAAE,YAAY,KAAK,CAAC;AAC9D,gBAAM,aAAa,MAAM,YAAY,cAAc,IAAI,SAAS,CAAC;AACjE;AACA,iBAAO;AAAA,QACT,SAASC,QAAO;AACd,gCAAsBA,MAAc;AACpC;AAAA,YACEA,kBAAiB,QAAQA,SAAQ,IAAI,MAAM,mBAAmB;AAAA;AAEhE,iBAAO,EAAE,eAAe,MAAM;AAAA,QAChC;AAAA,MACF;AAIA,YAAM,sBAAsB,MAAM,YAAY,wBAAwB;AACtE,UAAI,oBAAoB,eAAe;AACrC,eAAO;AAAA,MACT;AACA,aAAO;AAAA,IACT;AAAA,EACF,CAAC;AAED,QAAM,sBAAkB,iCAAY;AAAA,IAClC,YAAY,MAAY;AAEtB,iDAAa,kBAAkB,CAAC;AAChC,mBAAa,IAAI;AACjB,yBAAmB,IAAI;AACvB;AAAA,IACF;AAAA,IACA,WAAW,MAAM;AACf,MAAAD,aAAY;AAAA,QACV,CAAC,WAAW,iBAAiB,WAAW,YAAY,UAAU;AAAA,QAC9D;AAAA,MACF;AAAA,IACF;AAAA,EACF,CAAC;AAED,QAAM,aAAS;AAAA,IACb,CAAO,sBAAmC,aAAa;AACrD,UAAI,CAAC,YAAa;AAElB,YAAM,MAAM,MAAM,YAAY;AAAA;AAAA,QAE5B;AAAA,QACA;AAAA,QACA;AAAA,MACF;AAGA,UAAI,wBAAwB,UAAU;AACpC,qBAAa,GAAG;AAChB;AAAA,MACF;AACA,kBAAY,qBAAqB,KAAK,mBAAmB;AAAA,IAC3D;AAAA,IACA,CAAC,aAAa,KAAK;AAAA,EACrB;AAEA,QAAM,sBAAkB;AAAA,IACtB,MAAO,UAAU,QAAQ,gBAAgB;AAAA,IACzC,CAAC,OAAO;AAAA,EACV;AAEA,QAAM,YAAQ;AAAA,IACZ,OAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,SAAS,MAAY;AACnB,cAAM,gBAAgB,YAAY;AAAA,MACpC;AAAA,MACA;AAAA,MACA;AAAA,IACF;AAAA,IACA,CAAC,WAAW,OAAO,iBAAiB,iBAAiB,MAAM;AAAA,EAC7D;AACA,SACE,8CAAC,YAAY,UAAZ,EAAqB,OAClB,wDAAC,mBAAgB,SACf,wDAAC,iBACC,yDAAC,gBAAa,iBACX;AAAA,KAAC,cAAc,aAAa,EAAC,mCAAS,kBACrC;AAAA,MAAC;AAAA;AAAA,QACC;AAAA,QACA,SAAS;AAAA,QACT,aAAa;AAAA,QACb;AAAA,QACA,SAAS,MAAM,aAAa,IAAI;AAAA;AAAA,IAClC;AAAA,KAEA,sBACA,aACA,SACC,cAAc,EAAE,sBAAsB,WACvC,8CAAC,SAAI,WAAU,0FACb,wDAAC,SAAI,WAAU,8DACZ,gCAAsB,QACrB,+CAAC,SAAI;AAAA;AAAA,MACI;AAAA,OACL,sBAAuB,OAAiB;AAAA,OAC5C,IAEA,8CAAC,eAAY,GAEjB,GACF;AAAA,IAED;AAAA,KACH,GACF,GACF,GACJ;AAEJ;;;AmB/OA,IAAAE,sBAAiD;AAGjD,oBAAO;AAYD,IAAAC,uBAAA;AAVN,IAAM,cAAc,IAAI,gCAAY;AAOpC,IAAM,oBAAoB,CAAC,OAAmD;AAAnD,eAAE,WAd7B,IAc2B,IAAe,kBAAf,IAAe,CAAb;AAC3B,SACE,8CAAC,2CAAoB,QAAQ,aAC3B,wDAAC,+CAAiB,QAAjB,EAAyB,WAAS,GACrC;AAEJ;;;AChBA,IAAAC,iBAAwE;;;ACHxE,IAAAC,iBAAkC;AAClC,wBAA0B;AAC1B,IAAAC,sBAAyB;;;ACHzB,IAAM,iBAAiB,CAAC,KAAaC,YAAmB;AACtD,QAAM,SAASA,QAAO,SAAS;AAC/B,MAAI,CAAC,OAAQ,QAAO;AACpB,QAAM,UAAU,OAAO,MAAM,GAAG;AAChC,aAAW,KAAK,SAAS;AACvB,UAAM,CAAC,MAAM,KAAK,IAAI,EAAE,KAAK,EAAE,MAAM,GAAG;AACxC,QAAI,SAAS,KAAK;AAChB,UAAI;AACF,eAAO,KAAK,MAAM,mBAAmB,KAAK,CAAC;AAAA,MAC7C,SAAS,GAAG;AACV,gBAAQ,IAAI,8BAA8B,CAAC;AAC3C,eAAO;AAAA,MACT;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;;;ADVA,IAAM,oBAAoB,MAAM;AAC9B,QAAM,aAAa,eAAe,QAAQ,WAAW,MAAM;AAC3D,SAAO;AACT;AAEO,IAAM,gBAAgB,MAAM;AACjC,QAAM,gBAAY,uBAAO,KAAK;AAC9B,QAAM,aAAS,6BAAU;AAEzB,QAAM,EAAE,MAAM,KAAK,QAAI,8BAAS;AAAA,IAC9B,UAAU,CAAC,MAAM;AAAA,IACjB,SAAS,MAAM,kBAAkB;AAAA,IACjC,iBAAiB;AAAA,IACjB,6BAA6B;AAAA,IAC7B,SAAS,CAAC,UAAU;AAAA,IACpB,sBAAsB;AAAA,EACxB,CAAC;AAED,gCAAU,MAAM;AACd,QAAI,MAAM;AACR,UAAI,CAAC,UAAU,SAAS;AACtB,kBAAU,UAAU;AACpB,eAAO,QAAQ;AAAA,MACjB;AAAA,IACF,OAAO;AACL,gBAAU,UAAU;AAAA,IACtB;AAAA,EACF,GAAG,CAAC,MAAM,MAAM,CAAC;AAEjB,SAAO;AACT;;;AD7BA,IAAAC,sBAAiD;AAoDzC,IAAAC,uBAAA;AA/CR,IAAMC,eAAc,IAAI,gCAAY;AAMpC,IAAM,qBAAqB,EAAE,MAAM,KAAK;AACxC,IAAMC,mBAAc,8BAA+B,kBAAkB;AAI9D,IAAM,wBAAwB,CAAC,OAGJ;AAHI,eACpC;AAAA;AAAA,EAxBF,IAuBsC,IAEjC,kBAFiC,IAEjC;AAAA,IADH;AAAA;AAGA,QAAM,OAAO,cAAc;AAC3B,QAAM,CAAC,aAAa,cAAc,QAAI,yBAAiB,EAAE;AACzD,QAAM,EAAE,UAAU,aAAa,aAAa,aAAa,IACvD,kBAAkB;AAEpB,gCAAU,MAAM;AACd,QAAI,OAAO,WAAW,WAAW,aAAa;AAC5C,YAAM,aAAa,WAAW,OAAO,SAAS;AAC9C,qBAAe,IAAI,IAAI,aAAa,UAAU,EAAE,SAAS,CAAC;AAAA,IAC5D;AAAA,EACF,GAAG,CAAC,WAAW,CAAC;AAIhB,QAAM,kBAAc,wBAA4C,MAAM;AACpE,QAAI,eAAe,YAAY,aAAa;AAC1C,aAAO,IAAI,uBAAuB,UAAU,aAAa,aAAa;AAAA,QACpE,WAAW;AAAA,MACb,CAAC;AAAA,IACH;AACA,WAAO;AAAA,EACT,GAAG,CAAC,aAAa,UAAU,aAAa,YAAY,CAAC;AAErD,SACE,8CAAC,2CAAoB,QAAQD,cAC3B;AAAA,IAAC;AAAA,qCACK,QADL;AAAA,MAEC,QAAQ,EAAE,YAAY;AAAA,MACtB;AAAA,MACA,iBAAiB;AAAA,MACjB,yBAAyB;AAAA,MAEzB,wDAACC,aAAY,UAAZ,EAAqB,OAAO,MAAO,UAAS;AAAA;AAAA,EAC/C,GACF;AAEJ;AACO,IAAM,cAAc,UAAM,2BAAWA,YAAW;;;A1B5DvD,IAAM,UAAU,MAEW;AACzB,QAAM,cAAU,2BAAW,WAAW;AAEtC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,4CAA4C;AAAA,EAC9D;AAEA,SAAO;AACT;;;A6BbA,IAAAC,iBAA2B;AAI3B,IAAM,aAAa,MAAM;AACvB,QAAM,cAAU,2BAAW,cAAc;AACzC,MAAI,CAAC,SAAS;AACZ,UAAM,IAAI,MAAM,mDAAmD;AAAA,EACrE;AACA,SAAO;AACT;","names":["import_react","import_react","import_react","user","import_react","import_react_query","import_jsx_runtime","queryClient","import_react","import_react_query","import_jwt","uuid","oAuthUrl","import_react","import_jsx_runtime","import_react","import_jsx_runtime","import_jsx_runtime","import_jsx_runtime","import_react","import_jsx_runtime","isOpen","import_jsx_runtime","import_jsx_runtime","debug","import_jsx_runtime","import_react","import_jsx_runtime","window","import_jsx_runtime","queryClient","error","import_react_query","import_jsx_runtime","import_react","import_react","import_react_query","window","import_react_query","import_jsx_runtime","queryClient","UserContext","import_react"]}