@civic/auth 0.10.0-beta.0 → 0.10.0-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist/nextjs/middleware.d.ts.map +1 -1
  2. package/dist/nextjs/middleware.js +15 -8
  3. package/dist/nextjs/middleware.js.map +1 -1
  4. package/dist/shared/version.d.ts +1 -1
  5. package/dist/shared/version.js +1 -1
  6. package/dist/shared/version.js.map +1 -1
  7. package/dist/vanillajs/auth/CivicAuth.d.ts.map +1 -1
  8. package/dist/vanillajs/auth/CivicAuth.js +2 -2
  9. package/dist/vanillajs/auth/CivicAuth.js.map +1 -1
  10. package/dist/vanillajs/auth/handlers/IframeAuthHandler.d.ts.map +1 -1
  11. package/dist/vanillajs/auth/handlers/IframeAuthHandler.js +18 -0
  12. package/dist/vanillajs/auth/handlers/IframeAuthHandler.js.map +1 -1
  13. package/package.json +1 -1
package/dist/nextjs/middleware.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/nextjs/middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EACV,sBAAsB,EACtB,kBAAkB,EACnB,MAAM,oBAAoB,CAAC;AAI5B,OAAO,KAAK,EAAe,WAAW,EAAE,MAAM,YAAY,CAAC;AAuC3D,KAAK,UAAU,GAAG,CAChB,OAAO,EAAE,WAAW,KACjB,OAAO,CAAC,YAAY,CAAC,GAAG,YAAY,CAAC;AAE1C;;;;;;GAMG;AACH,eAAO,MAAM,2BAA2B,2BACd,sBAAsB,WACrC,WAAW,KACnB,OAAO,CAAC,WAAW,CAoBrB,CAAC;AA+EF;;;;;;;GAOG;AACH,eAAO,MAAM,cAAc,gBACZ,kBAAkB,eACf,WAAW,KAAG,OAAO,CAAC,YAAY,CAOjD,CAAC;AAEJ;;;;;;;GAOG;AAEH,wBAAgB,QAAQ,CACtB,UAAU,EAAE,UAAU,GACrB,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAEjD;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,IAAI,CAAC,UAAU,GAAE,kBAAuB,gBAExC,UAAU,KACrB,CAAC,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC,CAQrD"}
1
+ {"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/nextjs/middleware.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EACV,sBAAsB,EACtB,kBAAkB,EACnB,MAAM,oBAAoB,CAAC;AAI5B,OAAO,KAAK,EAAe,WAAW,EAAE,MAAM,YAAY,CAAC;AAuC3D,KAAK,UAAU,GAAG,CAChB,OAAO,EAAE,WAAW,KACjB,OAAO,CAAC,YAAY,CAAC,GAAG,YAAY,CAAC;AAE1C;;;;;;GAMG;AACH,eAAO,MAAM,2BAA2B,2BACd,sBAAsB,WACrC,WAAW,KACnB,OAAO,CAAC,WAAW,CAoBrB,CAAC;AAmFF;;;;;;;GAOG;AACH,eAAO,MAAM,cAAc,gBACZ,kBAAkB,eACf,WAAW,KAAG,OAAO,CAAC,YAAY,CAOjD,CAAC;AAEJ;;;;;;;GAOG;AAEH,wBAAgB,QAAQ,CACtB,UAAU,EAAE,UAAU,GACrB,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAEjD;AAED;;;;;;;;;;GAUG;AACH,wBAAgB,IAAI,CAAC,UAAU,GAAE,kBAAuB,gBAExC,UAAU,KACrB,CAAC,CAAC,OAAO,EAAE,WAAW,KAAK,OAAO,CAAC,YAAY,CAAC,CAAC,CAQrD"}
package/dist/nextjs/middleware.js CHANGED
@@ -68,37 +68,44 @@ const applyAuth = async (authConfig, request) => {
68
68
  const authConfigWithDefaults = resolveAuthConfig(authConfig);
69
69
  // Step 1: Understand the current authentication state
70
70
  const session = await validateAuthTokensIfPresent(authConfigWithDefaults, request);
71
+ const shouldSkipAuthForSystemUrlsCheck = shouldSkipAuthForSystemUrls(request.nextUrl.pathname, authConfigWithDefaults, request.method);
72
+ const shouldSkipAuthForRoutePatternsCheck = shouldSkipAuthForRoutePatterns(request.nextUrl.pathname, authConfigWithDefaults);
73
+ const pathNameIsLoginUrl = request.nextUrl.pathname === authConfigWithDefaults.loginUrl;
71
74
  logger.debug("Authentication state:", {
72
75
  authenticated: session.authenticated,
73
76
  pathName: request.nextUrl.pathname,
74
- loginUrl: authConfigWithDefaults.loginUrl,
77
+ pathNameIsLoginUrl,
78
+ shouldAttemptRefresh: shouldAttemptRefresh(session),
79
+ shouldSkipAuthForSystemUrls: shouldSkipAuthForSystemUrlsCheck,
80
+ shouldSkipAuthForRoutePatterns: shouldSkipAuthForRoutePatternsCheck,
81
+ ...authConfigWithDefaults,
75
82
  });
76
- // Step 2: Attempt token refresh if needed (OAuth pipeline)
83
+ // Attempt token refresh if needed (OAuth pipeline)
77
84
  if (shouldAttemptRefresh(session)) {
78
85
  const refreshResponse = createRefreshResponse(request, authConfigWithDefaults);
79
86
  if (refreshResponse) {
87
+ logger.debug("Handle refresh response", refreshResponse.url);
80
88
  return refreshResponse;
81
89
  }
82
90
  }
83
- // Step 3: Apply route-specific authentication rules
84
91
  // Skip authentication for system URLs (callback, challenge, logout)
85
- if (shouldSkipAuthForSystemUrls(request.nextUrl.pathname, authConfigWithDefaults, request.method)) {
92
+ if (shouldSkipAuthForSystemUrlsCheck) {
86
93
  return undefined;
87
94
  }
88
95
  // Handle login URL with special logic
89
- if (request.nextUrl.pathname === authConfigWithDefaults.loginUrl) {
96
+ if (pathNameIsLoginUrl) {
90
97
  handleLoginUrl(request.nextUrl.pathname, session, authConfigWithDefaults);
91
98
  return undefined; // Always allow access to login URL
92
99
  }
93
100
  // Skip authentication for routes not matching include/exclude patterns
94
- if (shouldSkipAuthForRoutePatterns(request.nextUrl.pathname, authConfigWithDefaults)) {
101
+ if (shouldSkipAuthForRoutePatternsCheck) {
95
102
  return undefined;
96
103
  }
97
- // Step 4: Handle unauthenticated users on protected routes
104
+ // Handle unauthenticated users on protected routes
98
105
  if (!session.authenticated) {
99
106
  return handleUnauthenticatedUser(session, request, authConfigWithDefaults);
100
107
  }
101
- // Step 5: Happy ending - authentication passed
108
+ // Happy ending - authentication passed
102
109
  logger.debug("→ Authentication successful, allowing access");
103
110
  return undefined;
104
111
  };
package/dist/nextjs/middleware.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/nextjs/middleware.ts"],"names":[],"mappings":"AAsBA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAK9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAC1C,OAAO,EAAE,4BAA4B,EAAE,MAAM,0CAA0C,CAAC;AAExF,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,2BAA2B,EAC3B,cAAc,EACd,8BAA8B,EAC9B,yBAAyB,GAC1B,MAAM,YAAY,CAAC;AAEpB,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC;AAEzC;;GAEG;AACH,MAAM,kCAAkC;IAClB;IAApB,YAAoB,OAAoB;QAApB,YAAO,GAAP,OAAO,CAAa;IAAG,CAAC;IAE5C,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,KAAK,IAAI,IAAI,CAAC;IACtD,CAAC;IAED,6DAA6D;IAC7D,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAa;QAClC,8DAA8D;QAC9D,mDAAmD;QACnD,MAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;IAED,6DAA6D;IAC7D,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,iEAAiE;QACjE,mDAAmD;QACnD,MAAM,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;QAC7D,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;CACF;AAMD;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,KAAK,EAC9C,sBAA8C,EAC9C,OAAoB,EACE,EAAE;IACxB,IAAI,CAAC;QACH,0DAA0D;QAC1D,iEAAiE;QACjE,MAAM,OAAO,GAAG,IAAI,kCAAkC,CAAC,OAAO,CAAC,CAAC;QAChE,MAAM,kBAAkB,GAAG,MAAM,4BAA4B,CAAC,KAAK,CACjE;YACE,GAAG,sBAAsB;YACzB,WAAW,EAAE,sBAAsB,CAAC,WAAW;SAChD,EACD,OAAO,CACR,CAAC;QACF,6FAA6F;QAC7F,MAAM,eAAe,GACnB,MAAM,kBAAkB,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;QAC1D,OAAO,eAAe,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAC/C,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;IAClC,CAAC;AACH,CAAC,CAAC;AAEF,4CAA4C;AAC5C;;;;;;;GAOG;AACH,MAAM,SAAS,GAAG,KAAK,EACrB,UAA8B,EAC9B,OAAoB,EACe,EAAE;IACrC,MAAM,sBAAsB,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAE7D,sDAAsD;IACtD,MAAM,OAAO,GAAG,MAAM,2BAA2B,CAC/C,sBAAsB,EACtB,OAAO,CACR,CAAC;IACF,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;QACpC,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;QAClC,QAAQ,EAAE,sBAAsB,CAAC,QAAQ;KAC1C,CAAC,CAAC;IAEH,2DAA2D;IAC3D,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,MAAM,eAAe,GAAG,qBAAqB,CAC3C,OAAO,EACP,sBAAsB,CACvB,CAAC;QAEF,IAAI,eAAe,EAAE,CAAC;YACpB,OAAO,eAAe,CAAC;QACzB,CAAC;IACH,CAAC;IAED,oDAAoD;IAEpD,oEAAoE;IACpE,IACE,2BAA2B,CACzB,OAAO,CAAC,OAAO,CAAC,QAAQ,EACxB,sBAAsB,EACtB,OAAO,CAAC,MAAM,CACf,EACD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,sCAAsC;IACtC,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,sBAAsB,CAAC,QAAQ,EAAE,CAAC;QACjE,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,EAAE,sBAAsB,CAAC,CAAC;QAC1E,OAAO,SAAS,CAAC,CAAC,mCAAmC;IACvD,CAAC;IAED,uEAAuE;IACvE,IACE,8BAA8B,CAC5B,OAAO,CAAC,OAAO,CAAC,QAAQ,EACxB,sBAAsB,CACvB,EACD,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,2DAA2D;IAC3D,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QAC3B,OAAO,yBAAyB,CAAC,OAAO,EAAE,OAAO,EAAE,sBAAsB,CAAC,CAAC;IAC7E,CAAC;IAED,+CAA+C;IAC/C,MAAM,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAC7D,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,cAAc,GACzB,CAAC,aAAiC,EAAE,EAAE,EAAE,CACxC,KAAK,EAAE,OAAoB,EAAyB,EAAE;IACpD,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACtD,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAE9B,mEAAmE;IACnE,wEAAwE;IACxE,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;AAC7B,CAAC,CAAC;AAEJ;;;;;;;GAOG;AACH,sDAAsD;AACtD,MAAM,UAAU,QAAQ,CACtB,UAAsB;IAEtB,OAAO,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC;AAC5B,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,IAAI,CAAC,aAAiC,EAAE;IACtD,OAAO,CACL,UAAsB,EAC6B,EAAE;QACrD,OAAO,KAAK,EAAE,OAAoB,EAAyB,EAAE;YAC3D,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACtD,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;YAE9B,OAAO,UAAU,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC","sourcesContent":["/**\n * Authenticates the user on all requests by checking the token cookie\n *\n * Usage:\n * Option 1: use if no other middleware (e.g. no next-intl etc)\n * export default authMiddleware();\n *\n * Option 2: use if other middleware is needed - default auth config\n * export default withAuth((request) => {\n * logger.debug('in custom middleware', request.nextUrl.pathname);\n * return NextResponse.next();\n * })\n *\n * Option 3: use if other middleware is needed - specifying auth config\n * const withCivicAuth = auth({ loginUrl: '/login', include: ['/[.*]/user'] })\n * export default withCivicAuth((request) => {\n * logger.debug('in custom middleware', request.url);\n * return NextResponse.next();\n * })\n *\n */\nimport type { NextRequest } from \"next/server.js\";\nimport { NextResponse } from \"next/server.js\";\nimport type {\n AuthConfigWithDefaults,\n OptionalAuthConfig,\n} from \"@/nextjs/config.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { loggers } from \"@/lib/logger.js\";\nimport { ServerAuthenticationResolver } from \"@/server/ServerAuthenticationResolver.js\";\nimport type { AuthStorage, SessionData } from \"@/types.js\";\nimport {\n shouldAttemptRefresh,\n createRefreshResponse,\n shouldSkipAuthForSystemUrls,\n handleLoginUrl,\n shouldSkipAuthForRoutePatterns,\n handleUnauthenticatedUser,\n} from \"./utils.js\";\n\nconst logger = loggers.nextjs.middleware;\n\n/**\n * CookieStorage implementation for NextJS middleware context that works with NextRequest\n */\nclass NextjsReadOnlyRequestCookieStorage implements AuthStorage {\n constructor(private request: NextRequest) {}\n\n async get(key: string): Promise<string | null> {\n return this.request.cookies.get(key)?.value || null;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async set(key: string, value: string): Promise<void> {\n // In middleware, we can only set cookies via response objects\n // This method can't be used directly in middleware\n logger.error(\"Cannot set cookies directly in middleware\");\n throw new Error(\"Cannot set cookies directly in middleware\");\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async delete(key: string): Promise<void> {\n // In middleware, we can only delete cookies via response objects\n // This method can't be used directly in middleware\n logger.error(\"Cannot delete cookies directly in middleware\");\n throw new Error(\"Cannot delete cookies directly in middleware\");\n }\n}\n\ntype Middleware = (\n request: NextRequest,\n) => Promise<NextResponse> | NextResponse;\n\n/**\n * use a ServerAuthenticationResolver to validate the existing session\n * using NextJS cookie storage\n * @param authConfigWithDefaults\n * @param request NextRequest object from middleware\n * @returns {Promise<SessionData>}\n */\nexport const validateAuthTokensIfPresent = async (\n authConfigWithDefaults: AuthConfigWithDefaults,\n request: NextRequest,\n): Promise<SessionData> => {\n try {\n // TODO: evaluate a more performant way to validate tokens\n // than having to call and verify the JWT tokens on every request\n const storage = new NextjsReadOnlyRequestCookieStorage(request);\n const authSessionService = await ServerAuthenticationResolver.build(\n {\n ...authConfigWithDefaults,\n redirectUrl: authConfigWithDefaults.callbackUrl,\n },\n storage,\n );\n // validate the existing session but don't auto-refresh as we can't set cookies in middleware\n const existingSession =\n await authSessionService.validateExistingSession(false);\n return existingSession;\n } catch (error) {\n logger.error(\"Error validating tokens\", error);\n return { authenticated: false };\n }\n};\n\n// internal - used by all exported functions\n/**\n * Core authentication middleware logic.\n *\n * The Authentication Story:\n * 1. Validate tokens to understand current authentication state\n * 2. Attempt token refresh if needed (the OAuth pipeline approach)\n * 3. Apply route-specific authentication rules based on final state\n */\nconst applyAuth = async (\n authConfig: OptionalAuthConfig,\n request: NextRequest,\n): Promise<NextResponse | undefined> => {\n const authConfigWithDefaults = resolveAuthConfig(authConfig);\n\n // Step 1: Understand the current authentication state\n const session = await validateAuthTokensIfPresent(\n authConfigWithDefaults,\n request,\n );\n logger.debug(\"Authentication state:\", {\n authenticated: session.authenticated,\n pathName: request.nextUrl.pathname,\n loginUrl: authConfigWithDefaults.loginUrl,\n });\n\n // Step 2: Attempt token refresh if needed (OAuth pipeline)\n if (shouldAttemptRefresh(session)) {\n const refreshResponse = createRefreshResponse(\n request,\n authConfigWithDefaults,\n );\n\n if (refreshResponse) {\n return refreshResponse;\n }\n }\n\n // Step 3: Apply route-specific authentication rules\n\n // Skip authentication for system URLs (callback, challenge, logout)\n if (\n shouldSkipAuthForSystemUrls(\n request.nextUrl.pathname,\n authConfigWithDefaults,\n request.method,\n )\n ) {\n return undefined;\n }\n\n // Handle login URL with special logic\n if (request.nextUrl.pathname === authConfigWithDefaults.loginUrl) {\n handleLoginUrl(request.nextUrl.pathname, session, authConfigWithDefaults);\n return undefined; // Always allow access to login URL\n }\n\n // Skip authentication for routes not matching include/exclude patterns\n if (\n shouldSkipAuthForRoutePatterns(\n request.nextUrl.pathname,\n authConfigWithDefaults,\n )\n ) {\n return undefined;\n }\n\n // Step 4: Handle unauthenticated users on protected routes\n if (!session.authenticated) {\n return handleUnauthenticatedUser(session, request, authConfigWithDefaults);\n }\n\n // Step 5: Happy ending - authentication passed\n logger.debug(\"→ Authentication successful, allowing access\");\n return undefined;\n};\n\n/**\n *\n * Use this when auth is the only middleware you need.\n * Usage:\n *\n * export default authMiddleware({ loginUrl = '/login' }); // or just authMiddleware();\n *\n */\nexport const authMiddleware =\n (authConfig: OptionalAuthConfig = {}) =>\n async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth(authConfig, request);\n if (response) return response;\n\n // NextJS doesn't do middleware chaining yet, so this does not mean\n // \"call the next middleware\" - it means \"continue to the route handler\"\n return NextResponse.next();\n };\n\n/**\n * Usage:\n *\n * export default withAuth(async (request) => {\n * logger.debug('my middleware');\n * return NextResponse.next();\n * })\n */\n// use this when you have your own middleware to chain\nexport function withAuth(\n middleware: Middleware,\n): (request: NextRequest) => Promise<NextResponse> {\n return auth()(middleware);\n}\n\n/**\n * Use this when you want to configure the middleware here (an alternative is to do it in the next.config file)\n *\n * Usage:\n *\n * export default auth(authConfig: AuthConfig ) => {\n * logger.debug('my middleware');\n * return NextResponse.next();\n * })\n *\n */\nexport function auth(authConfig: OptionalAuthConfig = {}) {\n return (\n middleware: Middleware,\n ): ((request: NextRequest) => Promise<NextResponse>) => {\n return async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth(authConfig, request);\n if (response) return response;\n\n return middleware(request);\n };\n };\n}\n"]}
1
+ {"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/nextjs/middleware.ts"],"names":[],"mappings":"AAsBA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAK9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,OAAO,EAAE,MAAM,iBAAiB,CAAC;AAC1C,OAAO,EAAE,4BAA4B,EAAE,MAAM,0CAA0C,CAAC;AAExF,OAAO,EACL,oBAAoB,EACpB,qBAAqB,EACrB,2BAA2B,EAC3B,cAAc,EACd,8BAA8B,EAC9B,yBAAyB,GAC1B,MAAM,YAAY,CAAC;AAEpB,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC;AAEzC;;GAEG;AACH,MAAM,kCAAkC;IAClB;IAApB,YAAoB,OAAoB;QAApB,YAAO,GAAP,OAAO,CAAa;IAAG,CAAC;IAE5C,KAAK,CAAC,GAAG,CAAC,GAAW;QACnB,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,KAAK,IAAI,IAAI,CAAC;IACtD,CAAC;IAED,6DAA6D;IAC7D,KAAK,CAAC,GAAG,CAAC,GAAW,EAAE,KAAa;QAClC,8DAA8D;QAC9D,mDAAmD;QACnD,MAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC1D,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;IAED,6DAA6D;IAC7D,KAAK,CAAC,MAAM,CAAC,GAAW;QACtB,iEAAiE;QACjE,mDAAmD;QACnD,MAAM,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;QAC7D,MAAM,IAAI,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAClE,CAAC;CACF;AAMD;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAG,KAAK,EAC9C,sBAA8C,EAC9C,OAAoB,EACE,EAAE;IACxB,IAAI,CAAC;QACH,0DAA0D;QAC1D,iEAAiE;QACjE,MAAM,OAAO,GAAG,IAAI,kCAAkC,CAAC,OAAO,CAAC,CAAC;QAChE,MAAM,kBAAkB,GAAG,MAAM,4BAA4B,CAAC,KAAK,CACjE;YACE,GAAG,sBAAsB;YACzB,WAAW,EAAE,sBAAsB,CAAC,WAAW;SAChD,EACD,OAAO,CACR,CAAC;QACF,6FAA6F;QAC7F,MAAM,eAAe,GACnB,MAAM,kBAAkB,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAC;QAC1D,OAAO,eAAe,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,KAAK,CAAC,CAAC;QAC/C,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,CAAC;IAClC,CAAC;AACH,CAAC,CAAC;AAEF,4CAA4C;AAC5C;;;;;;;GAOG;AACH,MAAM,SAAS,GAAG,KAAK,EACrB,UAA8B,EAC9B,OAAoB,EACe,EAAE;IACrC,MAAM,sBAAsB,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAE7D,sDAAsD;IACtD,MAAM,OAAO,GAAG,MAAM,2BAA2B,CAC/C,sBAAsB,EACtB,OAAO,CACR,CAAC;IACF,MAAM,gCAAgC,GAAG,2BAA2B,CAClE,OAAO,CAAC,OAAO,CAAC,QAAQ,EACxB,sBAAsB,EACtB,OAAO,CAAC,MAAM,CACf,CAAC;IAEF,MAAM,mCAAmC,GAAG,8BAA8B,CACxE,OAAO,CAAC,OAAO,CAAC,QAAQ,EACxB,sBAAsB,CACvB,CAAC;IACF,MAAM,kBAAkB,GACtB,OAAO,CAAC,OAAO,CAAC,QAAQ,KAAK,sBAAsB,CAAC,QAAQ,CAAC;IAC/D,MAAM,CAAC,KAAK,CAAC,uBAAuB,EAAE;QACpC,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;QAClC,kBAAkB;QAClB,oBAAoB,EAAE,oBAAoB,CAAC,OAAO,CAAC;QACnD,2BAA2B,EAAE,gCAAgC;QAC7D,8BAA8B,EAAE,mCAAmC;QACnE,GAAG,sBAAsB;KAC1B,CAAC,CAAC;IAEH,mDAAmD;IACnD,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;QAClC,MAAM,eAAe,GAAG,qBAAqB,CAC3C,OAAO,EACP,sBAAsB,CACvB,CAAC;QAEF,IAAI,eAAe,EAAE,CAAC;YACpB,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC;YAC7D,OAAO,eAAe,CAAC;QACzB,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,IAAI,gCAAgC,EAAE,CAAC;QACrC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,sCAAsC;IACtC,IAAI,kBAAkB,EAAE,CAAC;QACvB,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,EAAE,sBAAsB,CAAC,CAAC;QAC1E,OAAO,SAAS,CAAC,CAAC,mCAAmC;IACvD,CAAC;IAED,uEAAuE;IACvE,IAAI,mCAAmC,EAAE,CAAC;QACxC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,mDAAmD;IACnD,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;QAC3B,OAAO,yBAAyB,CAAC,OAAO,EAAE,OAAO,EAAE,sBAAsB,CAAC,CAAC;IAC7E,CAAC;IAED,uCAAuC;IACvC,MAAM,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;IAC7D,OAAO,SAAS,CAAC;AACnB,CAAC,CAAC;AAEF;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,cAAc,GACzB,CAAC,aAAiC,EAAE,EAAE,EAAE,CACxC,KAAK,EAAE,OAAoB,EAAyB,EAAE;IACpD,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACtD,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAE9B,mEAAmE;IACnE,wEAAwE;IACxE,OAAO,YAAY,CAAC,IAAI,EAAE,CAAC;AAC7B,CAAC,CAAC;AAEJ;;;;;;;GAOG;AACH,sDAAsD;AACtD,MAAM,UAAU,QAAQ,CACtB,UAAsB;IAEtB,OAAO,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC;AAC5B,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,IAAI,CAAC,aAAiC,EAAE;IACtD,OAAO,CACL,UAAsB,EAC6B,EAAE;QACrD,OAAO,KAAK,EAAE,OAAoB,EAAyB,EAAE;YAC3D,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACtD,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;YAE9B,OAAO,UAAU,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC,CAAC;IACJ,CAAC,CAAC;AACJ,CAAC","sourcesContent":["/**\n * Authenticates the user on all requests by checking the token cookie\n *\n * Usage:\n * Option 1: use if no other middleware (e.g. no next-intl etc)\n * export default authMiddleware();\n *\n * Option 2: use if other middleware is needed - default auth config\n * export default withAuth((request) => {\n * logger.debug('in custom middleware', request.nextUrl.pathname);\n * return NextResponse.next();\n * })\n *\n * Option 3: use if other middleware is needed - specifying auth config\n * const withCivicAuth = auth({ loginUrl: '/login', include: ['/[.*]/user'] })\n * export default withCivicAuth((request) => {\n * logger.debug('in custom middleware', request.url);\n * return NextResponse.next();\n * })\n *\n */\nimport type { NextRequest } from \"next/server.js\";\nimport { NextResponse } from \"next/server.js\";\nimport type {\n AuthConfigWithDefaults,\n OptionalAuthConfig,\n} from \"@/nextjs/config.js\";\nimport { resolveAuthConfig } from \"@/nextjs/config.js\";\nimport { loggers } from \"@/lib/logger.js\";\nimport { ServerAuthenticationResolver } from \"@/server/ServerAuthenticationResolver.js\";\nimport type { AuthStorage, SessionData } from \"@/types.js\";\nimport {\n shouldAttemptRefresh,\n createRefreshResponse,\n shouldSkipAuthForSystemUrls,\n handleLoginUrl,\n shouldSkipAuthForRoutePatterns,\n handleUnauthenticatedUser,\n} from \"./utils.js\";\n\nconst logger = loggers.nextjs.middleware;\n\n/**\n * CookieStorage implementation for NextJS middleware context that works with NextRequest\n */\nclass NextjsReadOnlyRequestCookieStorage implements AuthStorage {\n constructor(private request: NextRequest) {}\n\n async get(key: string): Promise<string | null> {\n return this.request.cookies.get(key)?.value || null;\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async set(key: string, value: string): Promise<void> {\n // In middleware, we can only set cookies via response objects\n // This method can't be used directly in middleware\n logger.error(\"Cannot set cookies directly in middleware\");\n throw new Error(\"Cannot set cookies directly in middleware\");\n }\n\n // eslint-disable-next-line @typescript-eslint/no-unused-vars\n async delete(key: string): Promise<void> {\n // In middleware, we can only delete cookies via response objects\n // This method can't be used directly in middleware\n logger.error(\"Cannot delete cookies directly in middleware\");\n throw new Error(\"Cannot delete cookies directly in middleware\");\n }\n}\n\ntype Middleware = (\n request: NextRequest,\n) => Promise<NextResponse> | NextResponse;\n\n/**\n * use a ServerAuthenticationResolver to validate the existing session\n * using NextJS cookie storage\n * @param authConfigWithDefaults\n * @param request NextRequest object from middleware\n * @returns {Promise<SessionData>}\n */\nexport const validateAuthTokensIfPresent = async (\n authConfigWithDefaults: AuthConfigWithDefaults,\n request: NextRequest,\n): Promise<SessionData> => {\n try {\n // TODO: evaluate a more performant way to validate tokens\n // than having to call and verify the JWT tokens on every request\n const storage = new NextjsReadOnlyRequestCookieStorage(request);\n const authSessionService = await ServerAuthenticationResolver.build(\n {\n ...authConfigWithDefaults,\n redirectUrl: authConfigWithDefaults.callbackUrl,\n },\n storage,\n );\n // validate the existing session but don't auto-refresh as we can't set cookies in middleware\n const existingSession =\n await authSessionService.validateExistingSession(false);\n return existingSession;\n } catch (error) {\n logger.error(\"Error validating tokens\", error);\n return { authenticated: false };\n }\n};\n\n// internal - used by all exported functions\n/**\n * Core authentication middleware logic.\n *\n * The Authentication Story:\n * 1. Validate tokens to understand current authentication state\n * 2. Attempt token refresh if needed (the OAuth pipeline approach)\n * 3. Apply route-specific authentication rules based on final state\n */\nconst applyAuth = async (\n authConfig: OptionalAuthConfig,\n request: NextRequest,\n): Promise<NextResponse | undefined> => {\n const authConfigWithDefaults = resolveAuthConfig(authConfig);\n\n // Step 1: Understand the current authentication state\n const session = await validateAuthTokensIfPresent(\n authConfigWithDefaults,\n request,\n );\n const shouldSkipAuthForSystemUrlsCheck = shouldSkipAuthForSystemUrls(\n request.nextUrl.pathname,\n authConfigWithDefaults,\n request.method,\n );\n\n const shouldSkipAuthForRoutePatternsCheck = shouldSkipAuthForRoutePatterns(\n request.nextUrl.pathname,\n authConfigWithDefaults,\n );\n const pathNameIsLoginUrl =\n request.nextUrl.pathname === authConfigWithDefaults.loginUrl;\n logger.debug(\"Authentication state:\", {\n authenticated: session.authenticated,\n pathName: request.nextUrl.pathname,\n pathNameIsLoginUrl,\n shouldAttemptRefresh: shouldAttemptRefresh(session),\n shouldSkipAuthForSystemUrls: shouldSkipAuthForSystemUrlsCheck,\n shouldSkipAuthForRoutePatterns: shouldSkipAuthForRoutePatternsCheck,\n ...authConfigWithDefaults,\n });\n\n // Attempt token refresh if needed (OAuth pipeline)\n if (shouldAttemptRefresh(session)) {\n const refreshResponse = createRefreshResponse(\n request,\n authConfigWithDefaults,\n );\n\n if (refreshResponse) {\n logger.debug(\"Handle refresh response\", refreshResponse.url);\n return refreshResponse;\n }\n }\n\n // Skip authentication for system URLs (callback, challenge, logout)\n if (shouldSkipAuthForSystemUrlsCheck) {\n return undefined;\n }\n\n // Handle login URL with special logic\n if (pathNameIsLoginUrl) {\n handleLoginUrl(request.nextUrl.pathname, session, authConfigWithDefaults);\n return undefined; // Always allow access to login URL\n }\n\n // Skip authentication for routes not matching include/exclude patterns\n if (shouldSkipAuthForRoutePatternsCheck) {\n return undefined;\n }\n\n // Handle unauthenticated users on protected routes\n if (!session.authenticated) {\n return handleUnauthenticatedUser(session, request, authConfigWithDefaults);\n }\n\n // Happy ending - authentication passed\n logger.debug(\"→ Authentication successful, allowing access\");\n return undefined;\n};\n\n/**\n *\n * Use this when auth is the only middleware you need.\n * Usage:\n *\n * export default authMiddleware({ loginUrl = '/login' }); // or just authMiddleware();\n *\n */\nexport const authMiddleware =\n (authConfig: OptionalAuthConfig = {}) =>\n async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth(authConfig, request);\n if (response) return response;\n\n // NextJS doesn't do middleware chaining yet, so this does not mean\n // \"call the next middleware\" - it means \"continue to the route handler\"\n return NextResponse.next();\n };\n\n/**\n * Usage:\n *\n * export default withAuth(async (request) => {\n * logger.debug('my middleware');\n * return NextResponse.next();\n * })\n */\n// use this when you have your own middleware to chain\nexport function withAuth(\n middleware: Middleware,\n): (request: NextRequest) => Promise<NextResponse> {\n return auth()(middleware);\n}\n\n/**\n * Use this when you want to configure the middleware here (an alternative is to do it in the next.config file)\n *\n * Usage:\n *\n * export default auth(authConfig: AuthConfig ) => {\n * logger.debug('my middleware');\n * return NextResponse.next();\n * })\n *\n */\nexport function auth(authConfig: OptionalAuthConfig = {}) {\n return (\n middleware: Middleware,\n ): ((request: NextRequest) => Promise<NextResponse>) => {\n return async (request: NextRequest): Promise<NextResponse> => {\n const response = await applyAuth(authConfig, request);\n if (response) return response;\n\n return middleware(request);\n };\n };\n}\n"]}
package/dist/shared/version.d.ts CHANGED
@@ -1,2 +1,2 @@
1
- export declare const VERSION = "@civic/auth:0.10.0-beta.0";
1
+ export declare const VERSION = "@civic/auth:0.10.0-beta.2";
2
2
  //# sourceMappingURL=version.d.ts.map
package/dist/shared/version.js CHANGED
@@ -1,3 +1,3 @@
1
1
  // This is an auto-generated file. Do not edit.
2
- export const VERSION = "@civic/auth:0.10.0-beta.0";
2
+ export const VERSION = "@civic/auth:0.10.0-beta.2";
3
3
  //# sourceMappingURL=version.js.map
package/dist/shared/version.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/shared/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,2BAA2B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.10.0-beta.0\";\n"]}
1
+ {"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/shared/version.ts"],"names":[],"mappings":"AAAA,+CAA+C;AAE/C,MAAM,CAAC,MAAM,OAAO,GAAG,2BAA2B,CAAC","sourcesContent":["// This is an auto-generated file. Do not edit.\n\nexport const VERSION = \"@civic/auth:0.10.0-beta.2\";\n"]}
package/dist/vanillajs/auth/CivicAuth.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuth.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/CivicAuth.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AA2B7D,OAAO,KAAK,EACV,qBAAqB,EAEtB,MAAM,sBAAsB,CAAC;AAY9B;;;;GAIG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,OAAO,CAAc;IAC7B,OAAO,CAAC,SAAS,CAAC,CAAY;IAC9B,OAAO,CAAC,MAAM,CAAkC;IAChD,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,kBAAkB,CAKT;IAGjB,OAAO,CAAC,WAAW,CAAC,CAAsB;IAC1C,OAAO,CAAC,kBAAkB,CAAC,CAA8B;IACzD,OAAO,CAAC,iBAAiB,CAAC,CAA2B;IACrD,OAAO,CAAC,wBAAwB,CAAC,CAAS;IAC1C,OAAO,CAAC,yBAAyB,CAAC,CAAS;IAC3C,OAAO,CAAC,cAAc,CAAkB;IACxC,OAAO,CAAC,gBAAgB,CAAkB;IAG1C,OAAO,CAAC,QAAQ,CAAC,CAAS;IAG1B,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,YAAY,CAAC,CAAe;IACpC,OAAO,CAAC,iBAAiB,CAAC,CAAoB;IAE9C;;;OAGG;IACH,OAAO;IAyCP;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiCG;WACiB,MAAM,CACxB,MAAM,EAAE,qBAAqB,GAC5B,OAAO,CAAC,SAAS,CAAC;IAMrB;;OAEG;YACW,IAAI;IA0JlB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA8B1B;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAoC1B;;OAEG;YACW,YAAY;IAsE1B;;;;;OAKG;YACW,qBAAqB;IAmEnC;;;OAGG;IACH,yBAAyB,IAAI,OAAO;IAOpC;;;OAGG;IACH,iBAAiB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAuBzC;;;OAGG;IACH,iBAAiB,IAAI,OAAO;IAQ5B;;;;OAIG;IACG,mBAAmB,IAAI,OAAO,CAAC,UAAU,CAAC;IAsDhD;;;;;;;;;;;;;;;OAeG;IACG,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;YA8EvB,8BAA8B;IA+B5C;;OAEG;YACW,iCAAiC;IAqD/C;;OAEG;YACW,4BAA4B;IA6C1C;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAuClC;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAsBzB;;OAEG;IACH,OAAO,CAAC,eAAe;IAsBvB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA0C1B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA6C/B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAehC;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA+B3B;;OAEG;YACW,cAAc;IA0E5B;;OAEG;IACI,OAAO,IAAI,IAAI;IA6BtB;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAyB/B;;OAEG;IACU,iBAAiB,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAIzD;;;OAGG;IACU,4BAA4B;IAKzC;;OAEG;IACU,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAIhD;;OAEG;IACU,cAAc;IAI3B;;OAEG;IACU,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAI1C;;OAEG;IACU,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAI3C;;OAEG;IACI,sBAAsB;;;;;IAI7B;;;;;;;;;;;;;;;;;;;OAmBG;IACI,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAa1C;;OAEG;IACI,aAAa,IAAI,IAAI;IAW5B;;;OAGG;IACI,WAAW,IAAI,MAAM,GAAG,SAAS;IAIxC;;;OAGG;IACI,oBAAoB,CAAC,IAAI,EAAE,OAAO,GAAG,UAAU,GAAG,IAAI;IAK7D;;;OAGG;IACI,oBAAoB,IAAI,OAAO,GAAG,UAAU,GAAG,SAAS;IAI/D;;;;OAIG;IACI,cAAc,IAAI,IAAI;IAkC7B;;OAEG;IACU,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAMrC;;OAEG;IACU,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAmIpC;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IA0C1B;;;OAGG;YACW,wBAAwB;CAsEvC;AAGD,YAAY,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC"}
1
+ {"version":3,"file":"CivicAuth.d.ts","sourceRoot":"","sources":["../../../src/vanillajs/auth/CivicAuth.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AA2B7D,OAAO,KAAK,EACV,qBAAqB,EAEtB,MAAM,sBAAsB,CAAC;AAY9B;;;;GAIG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,OAAO,CAAc;IAC7B,OAAO,CAAC,SAAS,CAAC,CAAY;IAC9B,OAAO,CAAC,MAAM,CAAkC;IAChD,OAAO,CAAC,cAAc,CAAiB;IACvC,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,kBAAkB,CAKT;IAGjB,OAAO,CAAC,WAAW,CAAC,CAAsB;IAC1C,OAAO,CAAC,kBAAkB,CAAC,CAA8B;IACzD,OAAO,CAAC,iBAAiB,CAAC,CAA2B;IACrD,OAAO,CAAC,wBAAwB,CAAC,CAAS;IAC1C,OAAO,CAAC,yBAAyB,CAAC,CAAS;IAC3C,OAAO,CAAC,cAAc,CAAkB;IACxC,OAAO,CAAC,gBAAgB,CAAkB;IAG1C,OAAO,CAAC,QAAQ,CAAC,CAAS;IAG1B,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,YAAY,CAAC,CAAe;IACpC,OAAO,CAAC,iBAAiB,CAAC,CAAoB;IAE9C;;;OAGG;IACH,OAAO;IAyCP;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiCG;WACiB,MAAM,CACxB,MAAM,EAAE,qBAAqB,GAC5B,OAAO,CAAC,SAAS,CAAC;IAMrB;;OAEG;YACW,IAAI;IA0JlB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA8B1B;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAoC1B;;OAEG;YACW,YAAY;IAuE1B;;;;;OAKG;YACW,qBAAqB;IAmEnC;;;OAGG;IACH,yBAAyB,IAAI,OAAO;IAOpC;;;OAGG;IACH,iBAAiB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAuBzC;;;OAGG;IACH,iBAAiB,IAAI,OAAO;IAQ5B;;;;OAIG;IACG,mBAAmB,IAAI,OAAO,CAAC,UAAU,CAAC;IAsDhD;;;;;;;;;;;;;;;OAeG;IACG,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC;YA8EvB,8BAA8B;IA+B5C;;OAEG;YACW,iCAAiC;IAqD/C;;OAEG;YACW,4BAA4B;IA6C1C;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAuClC;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAsBzB;;OAEG;IACH,OAAO,CAAC,eAAe;IAsBvB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA0C1B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA6C/B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAehC;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA+B3B;;OAEG;YACW,cAAc;IA0E5B;;OAEG;IACI,OAAO,IAAI,IAAI;IA6BtB;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAyB/B;;OAEG;IACU,iBAAiB,IAAI,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;IAIzD;;;OAGG;IACU,4BAA4B;IAKzC;;OAEG;IACU,eAAe,IAAI,OAAO,CAAC,OAAO,CAAC;IAIhD;;OAEG;IACU,cAAc;IAI3B;;OAEG;IACU,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC;IAI1C;;OAEG;IACU,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC;IAI3C;;OAEG;IACI,sBAAsB;;;;;IAI7B;;;;;;;;;;;;;;;;;;;OAmBG;IACI,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAa1C;;OAEG;IACI,aAAa,IAAI,IAAI;IAW5B;;;OAGG;IACI,WAAW,IAAI,MAAM,GAAG,SAAS;IAIxC;;;OAGG;IACI,oBAAoB,CAAC,IAAI,EAAE,OAAO,GAAG,UAAU,GAAG,IAAI;IAK7D;;;OAGG;IACI,oBAAoB,IAAI,OAAO,GAAG,UAAU,GAAG,SAAS;IAI/D;;;;OAIG;IACI,cAAc,IAAI,IAAI;IAkC7B;;OAEG;IACU,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC;IAMrC;;OAEG;IACU,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAkIpC;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IA0C1B;;;OAGG;YACW,wBAAwB;CAsEvC;AAGD,YAAY,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC"}
package/dist/vanillajs/auth/CivicAuth.js CHANGED
@@ -326,6 +326,7 @@ export class CivicAuth {
326
326
  // Append state as query parameter to loginUrl
327
327
  const url = new URL(this.loginUrl, window.location.origin);
328
328
  url.searchParams.set("state", state);
329
+ url.searchParams.set("appUrl", window.location.origin);
329
330
  this.logger.info("🔗 Built login URL with display mode state", {
330
331
  loginUrl: url.toString(),
331
332
  displayMode: this.config.displayMode,
@@ -1128,8 +1129,6 @@ export class CivicAuth {
1128
1129
  const backendUrl = new URL(this.loginUrl).origin;
1129
1130
  const endpoints = getBackendEndpoints(this.config.backendEndpoints);
1130
1131
  const backendLogoutUrl = resolveEndpointUrl(backendUrl, endpoints.logout);
1131
- // Clear local SDK session state before redirecting
1132
- await this.sessionManager.clearSession();
1133
1132
  this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {
1134
1133
  detail: "Local session cleared, redirecting to backend for logout.",
1135
1134
  });
@@ -1149,6 +1148,7 @@ export class CivicAuth {
1149
1148
  logoutUrl.searchParams.set("state", state);
1150
1149
  this.logger.info("🌐 Loading backend logout endpoint in iframe", {
1151
1150
  url: logoutUrl.toString(),
1151
+ path: logoutUrl.pathname,
1152
1152
  logoutRedirectUrl: this.config.logoutRedirectUrl,
1153
1153
  displayMode: this.config.displayMode,
1154
1154
  });
package/dist/vanillajs/auth/CivicAuth.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"CivicAuth.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/CivicAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9C,OAAO,EAAE,YAAY,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AAGhF,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AACzE,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAC7E,OAAO,EACL,sBAAsB,EACtB,WAAW,EACX,cAAc,EACd,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,0BAA0B,EAAE,MAAM,wBAAwB,CAAC;AAQpE,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAE3D;;;;GAIG;AACH,MAAM,OAAO,SAAS;IACZ,MAAM,CAA2B;IACjC,OAAO,CAAc;IACrB,SAAS,CAAa;IACtB,MAAM,CAAkC;IACxC,cAAc,CAAiB;IAC/B,MAAM,CAAuB;IAC7B,kBAAkB,CAKT;IAEjB,uBAAuB;IACf,WAAW,CAAuB;IAClC,kBAAkB,CAA+B;IACjD,iBAAiB,CAA4B;IAC7C,wBAAwB,CAAU;IAClC,yBAAyB,CAAU;IACnC,cAAc,GAAY,KAAK,CAAC;IAChC,gBAAgB,GAAY,KAAK,CAAC;IAE1C,yCAAyC;IACjC,QAAQ,CAAU;IAE1B,WAAW;IACH,cAAc,CAAkB;IAChC,YAAY,CAAgB;IAC5B,iBAAiB,CAAqB;IAE9C;;;OAGG;IACH,YAAoB,MAA6B;QAC/C,8CAA8C;QAC9C,IAAI,CAAC,MAAM,GAAG,yBAAyB,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;QAElD,uCAAuC;QACvC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAErC,oBAAoB;QACpB,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAEtC,+DAA+D;QAC/D,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC;YACjC,IAAI,CAAC,MAAM,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAC,yBAAyB;QACxE,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,GAAG;gBACZ,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;gBACf,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;gBACd,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;gBACd,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;aAChB,CAAC;QACJ,CAAC;QAED,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;QAE1C,4EAA4E;QAC5E,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,IAAI,oBAAoB,EAAE,CAAC;QAE1D,mCAAmC;QACnC,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CACtC,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;QAEF,sBAAsB;QACtB,IAAI,CAAC,kBAAkB,EAAE,CAAC;IAC5B,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiCG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CACxB,MAA6B;QAE7B,MAAM,QAAQ,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACtB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,IAAI;QAChB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE;YAC5C,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;YAChC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;YAClD,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;SACxE,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,mFAAmF;YACnF,IAAI,CAAC,SAAS,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;YAEzE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;gBAChD,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B,CAAC,CAAC;YAEH,6CAA6C;YAC7C,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC;gBAEvD,gEAAgE;gBAChE,MAAM,UAAU,GACd,QAAQ,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC/B,CAAC,CAAC;wBACE,iEAAiE;wBACjE,QAAQ;wBACR,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;wBACpC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;wBAC3C,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB;qBAC/C;oBACH,CAAC,CAAC;wBACE,4DAA4D;wBAC5D,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAS;wBAC/B,QAAQ;wBACR,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;wBACpC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;wBAC3C,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB;qBAC/C,CAAC;gBAER,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;gBACnE,MAAM,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC;YACjE,CAAC;YAED,sCAAsC;YACtC,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CACpD,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBACzC,cAAc;gBACd,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAChC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;aACrC,CAAC,CAAC;YAEH,uEAAuE;YACvE,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAEtC,IAAI,cAAc,EAAE,CAAC;gBACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;gBAChD,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;YACtE,CAAC;YAED,+DAA+D;YAC/D,yGAAyG;YACzG,MAAM,cAAc,GAClB,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;gBACpC,IAAI,CAAC,MAAM,CAAC,iBAAiB,KAAK,UAAU,CAAC;YAE/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,EAAE;gBACtD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAChD,cAAc;gBACd,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;aACzC,CAAC,CAAC;YAEH,IAAI,cAAc,EAAE,CAAC;gBACnB,wEAAwE;gBACxE,IAAI,CAAC;oBACH,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,iEAAiE,CAClE,CAAC;oBACF,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;oBACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,uDAAuD,CACxD,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,oFAAoF;oBACpF,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,2DAA2D,EAC3D;wBACE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;qBAC9D,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,IACL,IAAI,CAAC,MAAM,CAAC,aAAa;gBACzB,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EACpC,CAAC;gBACD,iDAAiD;gBACjD,IAAI,CAAC;oBACH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;oBACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,EAAE;wBACtD,eAAe;qBAChB,CAAC,CAAC;oBAEH,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,kDAAkD,CACnD,CAAC;wBACF,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC;wBACnC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;oBAC3D,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,iDAAiD,CAClD,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,uEAAuE;oBACvE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,mDAAmD,EACnD;wBACE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;qBAC9D,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;oBACrD,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;oBACxC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;oBACpC,cAAc;oBACd,MAAM,EAAE,cAAc;wBACpB,CAAC,CAAC,gDAAgD;wBAClD,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa;4BAC1B,CAAC,CAAC,2BAA2B;4BAC7B,CAAC,CAAC,2BAA2B;iBAClC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK;gBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;gBACf,CAAC,CAAC,qCAAqC,CAAC;YAC5C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE;gBACrD,KAAK,EAAE,YAAY;gBACnB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;aACxD,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EAAE,YAAY;aACrB,CAAC,CAAC;YACH,MAAM,IAAI,cAAc,CAAC,YAAY,EAAE,kBAAkB,CAAC,WAAW,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,kBAAkB;QACxB,MAAM,aAAa,GAAG;YACpB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,aAAa,EAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;YAChD,WAAW,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5C,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;SACjC,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC;YACvC,GAAG,aAAa;YAChB,cAAc,EAAE,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC;YAClD,0BAA0B,EAAE,KAAK,IAAI,EAAE;gBACrC,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;oBAC1B,MAAM,IAAI,CAAC,8BAA8B,EAAE,CAAC;gBAC9C,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,aAAa,CAAC,CAAC;QAEpD,IAAI,CAAC,iBAAiB,GAAG,IAAI,iBAAiB,CAAC;YAC7C,GAAG,aAAa;YAChB,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa;SAClD,CAAC,CAAC;QAEH,kEAAkE;QAClE,IAAI,CAAC,kBAAkB,EAAE,CAAC;IAC5B,CAAC;IAED;;;OAGG;IACK,kBAAkB;QACxB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,eAAe,EAAE,GAAG,EAAE;YAC7C,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC/B,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,KAA2B,EAAE,EAAE;YACtE,6EAA6E;YAC7E,IACE,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;gBACpC,IAAI,CAAC,MAAM,CAAC,aAAa;gBACzB,KAAK,EAAE,MAAM,KAAK,kCAAkC,EACpD,CAAC;gBACD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,mFAAmF,CACpF,CAAC;gBAEF,4CAA4C;gBAC5C,UAAU,CAAC,KAAK,IAAI,EAAE;oBACpB,IAAI,CAAC;wBACH,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC;wBACnC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,8DAA8D,CAC/D,CAAC;oBACJ,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,mEAAmE;wBACnE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,oDAAoD,EACpD;4BACE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;yBAC9D,CACF,CAAC;oBACJ,CAAC;gBACH,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,2CAA2C;YACtD,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,YAAY;QACxB,oEAAoE;QACpE,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,EAAE;gBAC7D,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB,CAAC,CAAC;YAEH,uEAAuE;YACvE,MAAM,KAAK,GACT,IAAI,CAAC,MAAM,CAAC,YAAY;gBACxB,aAAa,CAAC;oBACZ,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;oBAChD,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;oBAChD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW;oBAC/C,UAAU,EAAE,UAAU,EAAE;oBACxB,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;iBAC7C,CAAC,CAAC;YAEL,8CAA8C;YAC9C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC3D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAErC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,EAAE;gBAC7D,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE;gBACxB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aACjD,CAAC,CAAC;YAEH,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,IAAI,cAAc,CACtB,8EAA8E,EAC9E,kBAAkB,CAAC,yBAAyB,CAC7C,CAAC;QACJ,CAAC;QAED,gGAAgG;QAChG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,IAAI,cAAc,CACtB,oEAAoE,EACpE,kBAAkB,CAAC,eAAe,CACnC,CAAC;QACJ,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,+BAA+B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvE,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,gBAAgB,EAAE,CAAC;QAC5D,MAAM,KAAK,GACT,IAAI,CAAC,MAAM,CAAC,YAAY;YACxB,aAAa,CAAC;gBACZ,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;gBAChD,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAChD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW;gBAC/C,UAAU,EAAE,UAAU,EAAE;gBACxB,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;aAC7C,CAAC,CAAC;QAEL,OAAO,YAAY,CAAC;YAClB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,aAAa;YACb,KAAK;YACL,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;SACzB,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,qBAAqB;QACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kDAAkD,EAAE;YACnE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,SAAS,EAAE,SAAS,CAAC,SAAS;YAC9B,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;SACjC,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,8EAA8E,EAC9E,kBAAkB,CAAC,yBAAyB,CAC7C,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE;gBAC3D,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;QAED,0CAA0C;QAC1C,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,6DAA6D,EAC7D;gBACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;aACrC,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,+CAA+C,EAC/C,kBAAkB,CAAC,WAAW,CAC/B,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,EAAE;gBACpD,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE;YAC1D,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;YACxD,MAAM,aAAa,GAAG,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,CAAC;YAChE,IAAI,aAAa,EAAE,CAAC;gBAClB,IAAI,CAAC,cAAc,EAAE,mBAAmB,CAAC,aAAa,CAAC,CAAC;YAC1D,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;QACrE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,0BAA0B,CAAC;YACtE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;gBAC7D,KAAK,EAAE,YAAY;aACpB,CAAC,CAAC;YACH,MAAM,IAAI,cAAc,CACtB,YAAY,EACZ,kBAAkB,CAAC,qBAAqB,CACzC,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,yBAAyB;QACvB,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACpE,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;IACrD,CAAC;IAED;;;OAGG;IACH,iBAAiB,CAAC,OAAgB;QAChC,8CAA8C;QAC9C,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,yDAAyD,EACzD;gBACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,OAAO;aACR,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,IAAI,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAClD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;QACxD,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,+DAA+D,CAChE,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,iBAAiB;QACf,8CAA8C;QAC9C,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,IAAI,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,IAAI,KAAK,CAAC;IAC9D,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,mBAAmB;QACvB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;YACrD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,SAAS,EAAE,SAAS,CAAC,SAAS;YAC9B,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;SACjC,CAAC,CAAC;QAEH,gDAAgD;QAChD,kEAAkE;QAClE,0BAA0B,CACxB,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAC9B,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW,CACrC,CAAC;QAEF,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,8EAA8E,EAC9E,kBAAkB,CAAC,yBAAyB,CAC7C,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE;gBAC/C,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EAAE,KAAK,CAAC,OAAO;aACtB,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,kEAAkE,CACnE,CAAC;YACF,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;YAC9C,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;SACnD,CAAC,CAAC;QAEH,IAAI,CAAC,WAAW,GAAG,IAAI,OAAO,CAAa,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC7D,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC;YAClC,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC;YAEhC,IAAI,CAAC,iCAAiC,CAAC,WAAW,CAAC,CAAC;YACpD,IAAI,CAAC,0BAA0B,EAAE,CAAC;QACpC,CAAC,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;YACjE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAChD,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,WAAW;SAChC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,QAAQ,CAAC;QACnC,IAAI,CAAC,MAAM,CAAC,iBAAiB,GAAG,UAAU,CAAC;QAE3C,oCAAoC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;YAC7C,cAAc,EAAE,CAAC,CAAC,SAAS;YAC3B,WAAW,EAAE,SAAS,EAAE,EAAE;YAC1B,cAAc,EAAE,SAAS,EAAE,SAAS;SACrC,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,wJAAwJ,EACxJ,kBAAkB,CAAC,mBAAmB,CACvC,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACjC,MAAM,KAAK,CAAC;QACd,CAAC;QAED,wDAAwD;QACxD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;YACtE,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;YAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;YACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;QACrC,CAAC;QAED,0DAA0D;QAC1D,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,2DAA2D,CAC5D,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QAE3E,IAAI,CAAC;YACH,yEAAyE;YACzE,6DAA6D;YAE7D,2EAA2E;YAC3E,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;gBACpB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;gBAC/C,IAAI,CAAC,SAAS,GAAG,MAAM,iBAAiB,CACtC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAC/B,CAAC;YACJ,CAAC;YAED,qDAAqD;YACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;YAChD,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAE1B,qDAAqD;YACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;YACxD,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;QAC9D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK;gBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;gBACf,CAAC,CAAC,kCAAkC,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;gBACtD,KAAK,EAAE,YAAY;gBACnB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;aACxD,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,8BAA8B;QAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,6DAA6D,EAC7D;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,iBAAiB,EAAE,CAAC,CAAC,IAAI,CAAC,iBAAiB;YAC3C,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,cAAc;SACtC,CACF,CAAC;QACF,IAAI,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,UAAU,CAAC;QACrC,IAAI,CAAC,iBAAiB,CAAC,eAAe,EAAE,CAAC;QACzC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;YAChD,MAAM,EACJ,6FAA6F;YAC/F,KAAK,EAAE;gBACL,IAAI,EAAE,6BAA6B;gBACnC,SAAS,EAAE,aAAa,CAAC,2BAA2B;gBACpD,UAAU,EACR,6FAA6F;aAChG;SACF,CAAC,CAAC;QACH,kDAAkD;QAClD,UAAU,CAAC,GAAG,EAAE;YACd,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,UAAU,CAAC;QACpC,CAAC,EAAE,GAAG,CAAC,CAAC;IACV,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iCAAiC,CAC7C,WAAmB;QAEnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;YAC/D,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,QAAQ,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBAChC,KAAK,UAAU;oBACb,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;oBAC3C,IAAI,CAAC,MAAM,CAAC,cAAc,CACxB,WAAW,EACX,yBAAyB,EACzB,OAAO,CACR,CAAC;oBACF,MAAM;gBAER,KAAK,SAAS;oBACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;oBAC1C,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;wBACvB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;oBACnD,CAAC;oBACD,MAAM,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;oBACtD,MAAM;gBAER,KAAK,QAAQ,CAAC;gBACd,OAAO,CAAC,CAAC,CAAC;oBACR,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;oBAC1C,IAAI,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;wBACpD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;oBACpD,CAAC;oBACD,IAAI,aAAa,CAAC,2BAA2B,EAAE,CAAC;wBAC9C,OAAO,IAAI,CAAC,8BAA8B,EAAE,CAAC;oBAC/C,CAAC;oBAED,MAAM,aAAa,GACjB,MAAM,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;oBAC7D,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAAC,aAAa,CAAC,CAAC;oBACvD,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,MAAM,IAAI,CAAC,4BAA4B,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YAC9D,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,eAAe,CAClB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,4BAA4B,CACxC,WAAmB,EACnB,KAAiB;QAEjB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;YACjE,mBAAmB,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YAC5C,KAAK,EAAE,KAAK,CAAC,OAAO;SACrB,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;YACxC,MAAM,EAAE,8CAA8C;SACvD,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YAEpD,0CAA0C;YAC1C,IAAI,CAAC,OAAO,EAAE,CAAC;YAEf,0DAA0D;YAC1D,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,UAAU,CAAC;YAErC,6DAA6D;YAC7D,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;YAElD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC,CAAC;YACzE,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,eAAe,CAAC;YACvC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACxD,CAAC;QAAC,OAAO,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE;gBAC9C,KAAK,EAAE,aAAa;gBACpB,WAAW,EAAE,WAAW;aACzB,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,IAAI,cAAc,CACtC,uGAAuG,EACvG,kBAAkB,CAAC,WAAW,CAC/B,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EAAE,aAAa,CAAC,OAAO;aAC9B,CAAC,CAAC;YACH,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,0BAA0B;QAChC,kFAAkF;QAClF,IACE,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;YACpC,IAAI,CAAC,MAAM,CAAC,iBAAiB,KAAK,UAAU,EAC5C,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,4DAA4D,EAC5D;gBACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aACjD,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,iCAAiC;QACjC,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,GAAG,CAAC,EAAE,CAAC;YACzE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE;gBACvD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBACvC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aACjD,CAAC,CAAC;YAEH,IAAI,CAAC,wBAAwB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;gBACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;gBACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;oBACxC,MAAM,EAAE,0BAA0B;iBACnC,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,0BAA0B,EAC1B,kBAAkB,CAAC,oBAAoB,CACxC,CAAC;gBACF,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;YAC9B,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,MAAkB;QAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAChD,IAAI,CAAC,kBAAkB,EAAE,CAAC,MAAM,CAAC,CAAC;QAElC,oEAAoE;QACpE,6EAA6E;QAC7E,MAAM,cAAc,GAClB,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;YACpC,IAAI,CAAC,MAAM,CAAC,iBAAiB,KAAK,UAAU,CAAC;QAE/C,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,wDAAwD,CACzD,CAAC;YACF,qEAAqE;YACrE,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,sDAAsD;YACtD,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,KAAY;QAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACvE,IAAI,CAAC,iBAAiB,EAAE,CAAC,KAAK,CAAC,CAAC;QAEhC,6DAA6D;QAC7D,6CAA6C;QAC7C,MAAM,cAAc,GAClB,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;YACpC,IAAI,CAAC,MAAM,CAAC,iBAAiB,KAAK,UAAU,CAAC;QAE/C,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;YACF,qEAAqE;YACrE,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,sDAAsD;YACtD,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,SAAkB;QAC3C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAE3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;YAC/D,SAAS;SACV,CAAC,CAAC;QAEH,+BAA+B;QAC/B,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,IAAI,CAAC,iBAAiB,CAAC,aAAa,EAAE,CAAC;QACzC,CAAC;QAED,uDAAuD;QACvD,IAAI,SAAS,EAAE,CAAC;YACd,wCAAwC;YAExC,0CAA0C;YAC1C,IAAI,CAAC,MAAM,CAAC,cAAc,CACxB,SAAS,EACT,8CAA8C,EAC9C,OAAO,CACR,CAAC;YAEF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,YAAY,EAAE;aAChB,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;YAChB,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,yBAAyB,EAAE,OAAO,CAAC,CAAC;QAC1E,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gDAAgD,EAAE;gBAClE,KAAK;aACN,CAAC,CAAC;YACH,MAAM,aAAa,GAAG,IAAI,cAAc,CACtC,uCAAuC,EACvC,kBAAkB,CAAC,WAAW,CAC/B,CAAC;YACF,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACP,CAAC;IAED;;OAEG;IACK,uBAAuB,CAC7B,gBAAwB,6DAA6D;QAErF,MAAM,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,yDAAyD,CAC1D,CAAC;YACF,OAAO;QACT,CAAC;QACD,MAAM,eAAe,GAAG,QAAQ,CAAC,cAAc,CAC7C,kCAAkC,CACnC,CAAC;QACF,IAAI,eAAe,IAAI,eAAe,CAAC,UAAU,EAAE,CAAC;YAClD,eAAe,CAAC,UAAU,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;QAC1D,CAAC;QACD,MAAM,cAAc,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QACrD,cAAc,CAAC,EAAE,GAAG,kCAAkC,CAAC;QACvD,cAAc,CAAC,KAAK,CAAC,OAAO;YAC1B,qSAAqS,CAAC;QACxS,cAAc,CAAC,SAAS;YACtB,wDAAwD;gBACxD,yCAAyC;gBACzC,OAAO;gBACP,oCAAoC;gBACpC,gCAAgC;gBAChC,aAAa;gBACb,SAAS;gBACT,QAAQ;gBACR,QAAQ,CAAC;QAEX,IAAI,gBAAgB,CAAC,SAAS,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACtD,SAAS,CAAC,KAAK,CAAC,QAAQ,GAAG,UAAU,CAAC;QACxC,CAAC;QAED,SAAS,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAEtC,UAAU,CAAC,GAAG,EAAE;YACd,IAAI,cAAc,CAAC,UAAU,EAAE,CAAC;gBAC9B,cAAc,CAAC,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;YACxD,CAAC;QACH,CAAC,EAAE,KAAK,CAAC,CAAC;QACV,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACK,wBAAwB;QAC9B,IAAI,CAAC,yBAAyB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;YACtD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YACpD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EAAE,iDAAiD;aAC1D,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,iDAAiD,EACjD,kBAAkB,CAAC,oBAAoB,CACxC,CAAC;YACF,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,aAAa;IAC1B,CAAC;IAED;;OAEG;IACK,mBAAmB;QACzB,IAAI,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,KAAK,QAAQ,EAAE,CAAC;YAC3D,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CACrC,IAAI,CAAC,MAAM,CAAC,sBAAsB,CACnC,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,8BAA8B,IAAI,CAAC,MAAM,CAAC,sBAAsB,aAAa,CAC9E,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;QAC5C,CAAC;QAED,6DAA6D;QAC7D,MAAM,iBAAiB,GAAG,QAAQ,CAAC,cAAc,CAC/C,uBAAuB,CACT,CAAC;QACjB,IAAI,iBAAiB,EAAE,CAAC;YACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,0DAA0D,CAC3D,CAAC;YACF,OAAO,iBAAiB,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc;QAC1B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;YAC7C,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;YAChC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,8DAA8D;YAC9D,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAClD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gEAAgE,CACjE,CAAC;gBACF,OAAO;YACT,CAAC;YAED,kDAAkD;YAClD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,eAAe,GAAG,MAAM,uBAAuB,CAAC;gBACpD,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBAC3C,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,WAAW,EAAE;oBACX,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO;oBACxC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,IAAI,uBAAuB;iBAChE;gBACD,cAAc,EAAE,IAAI,CAAC,OAAO;aAC7B,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE,EAAE,eAAe,EAAE,CAAC,CAAC;YAEvE,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,aAAa,GAAG,QAAQ,CAAC,cAAc,CAC3C,oBAAoB,CAAC,iBAAiB,CACvC,CAAC;gBACF,MAAM,WAAW,GAAG,QAAQ,CAAC,cAAc,CACzC,oBAAoB,CAAC,eAAe,CACrC,CAAC;gBAEF,IAAI,aAAa,EAAE,CAAC;oBAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;oBAC3C,IAAI,QAAQ,GAAG,IAAI,CAAC;oBACpB,MAAM,YAAY,GAAG,aAAa,CAAC,YAAY,CAAC,gBAAgB,CAAC,CAAC;oBAClE,IAAI,YAAY,EAAE,CAAC;wBACjB,IAAI,CAAC;4BACH,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;wBACtC,CAAC;wBAAC,OAAO,KAAK,EAAE,CAAC;4BACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;wBAC9D,CAAC;oBACH,CAAC;oBACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE;wBAC3C,MAAM,EAAE,iCAAiC;wBACzC,IAAI,EAAE,QAAQ;qBACf,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,WAAW,EAAE,CAAC;oBACvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;oBAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;wBACxC,MAAM,EAAE,WAAW,CAAC,WAAW,IAAI,+BAA+B;qBACnE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAC3D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EACJ,KAAK,YAAY,KAAK;oBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;oBACf,CAAC,CAAC,+BAA+B;aACtC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QAEtD,oBAAoB;QACpB,IAAI,CAAC,iBAAiB,EAAE,aAAa,EAAE,CAAC;QAExC,oBAAoB;QACpB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACnD,IAAI,CAAC,wBAAwB,GAAG,SAAS,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,yBAAyB,EAAE,CAAC;YACnC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;YACpD,IAAI,CAAC,yBAAyB,GAAG,SAAS,CAAC;QAC7C,CAAC;QAED,cAAc;QACd,IAAI,CAAC,cAAc,GAAG,KAAK,CAAC;QAC5B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;QACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;QAEnC,gCAAgC;QAChC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;OAEG;IACK,uBAAuB;QAC7B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sEAAsE,CACvE,CAAC;QAEF,oBAAoB;QACpB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACnD,IAAI,CAAC,wBAAwB,GAAG,SAAS,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,yBAAyB,EAAE,CAAC;YACnC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;YACpD,IAAI,CAAC,yBAAyB,GAAG,SAAS,CAAC;QAC7C,CAAC;QAED,cAAc;QACd,IAAI,CAAC,cAAc,GAAG,KAAK,CAAC;QAC5B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;QACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;QAEnC,oDAAoD;IACtD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB;QAC5B,OAAO,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,IAAI,IAAI,CAAC;IACzD,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,4BAA4B;QACvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC/C,OAAO,wBAAwB,CAAC,OAAO,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe;QAC1B,OAAO,IAAI,CAAC,cAAc,CAAC,eAAe,EAAE,IAAI,KAAK,CAAC;IACxD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc;QACzB,OAAO,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,IAAI,IAAI,CAAC;IACtD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY;QACvB,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,aAAa;QACxB,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACI,sBAAsB;QAC3B,OAAO,IAAI,CAAC,cAAc,CAAC,sBAAsB,EAAE,IAAI,IAAI,CAAC;IAC9D,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACI,WAAW,CAAC,QAAgB;QACjC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,kEAAkE;QAClE,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,IAAI,CAAC,cAAc,CAAC,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iDAAiD,EAAE;YAClE,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,aAAa;QAClB,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;QAE1B,mDAAmD;QACnD,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,IAAI,CAAC,cAAc,CAAC,yBAAyB,EAAE,CAAC;QAClD,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;IAC7E,CAAC;IAED;;;OAGG;IACI,WAAW;QAChB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;;OAGG;IACI,oBAAoB,CAAC,IAA0B;QACpD,IAAI,CAAC,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAC;IAC/D,CAAC;IAED;;;OAGG;IACI,oBAAoB;QACzB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;IACvC,CAAC;IAED;;;;OAIG;IACI,cAAc;QACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QAEF,yDAAyD;QACzD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;YAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;YACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;QACrC,CAAC;QAED,6CAA6C;QAC7C,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACnD,IAAI,CAAC,wBAAwB,GAAG,SAAS,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,yBAAyB,EAAE,CAAC;YACnC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;YACpD,IAAI,CAAC,yBAAyB,GAAG,SAAS,CAAC;QAC7C,CAAC;QAED,mBAAmB;QACnB,IAAI,CAAC,cAAc,GAAG,KAAK,CAAC;QAC5B,IAAI,CAAC,gBAAgB,GAAG,KAAK,CAAC;QAE9B,uCAAuC;QACvC,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,IAAI,CAAC,iBAAiB,CAAC,aAAa,EAAE,CAAC;QACzC,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,OAAO;QAClB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;QACpC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,MAAM;QACjB,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YAC/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE;gBAC3C,MAAM,EAAE,wBAAwB;aACjC,CAAC,CAAC;YAEH,0EAA0E;YAC1E,iEAAiE;YACjE,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,iEAAiE,CAClE,CAAC;gBACF,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;gBACjD,MAAM,SAAS,GAAG,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;gBACpE,MAAM,gBAAgB,GAAG,kBAAkB,CACzC,UAAU,EACV,SAAS,CAAC,MAAM,CACjB,CAAC;gBAEF,mDAAmD;gBACnD,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE;oBAC5C,MAAM,EAAE,2DAA2D;iBACpE,CAAC,CAAC;gBAEH,yEAAyE;gBACzE,MAAM,KAAK,GAAG,aAAa,CAAC;oBAC1B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;oBAChD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW;oBAC/C,UAAU,EAAE,UAAU,EAAE;iBACzB,CAAC,CAAC;gBAEH,4DAA4D;gBAC5D,0DAA0D;gBAC1D,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC;gBAC5C,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;oBAClC,SAAS,CAAC,YAAY,CAAC,GAAG,CACxB,mBAAmB,EACnB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAC9B,CAAC;gBACJ,CAAC;gBAED,oDAAoD;gBACpD,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;gBAE3C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;oBAC/D,GAAG,EAAE,SAAS,CAAC,QAAQ,EAAE;oBACzB,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;oBAChD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;iBACrC,CAAC,CAAC;gBAEH,sDAAsD;gBACtD,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;gBAEnC,OAAO;YACT,CAAC;YAED,kDAAkD;YAClD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;YAChE,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAElD,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;gBACtE,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAChC,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE;oBAC5C,MAAM,EAAE,uBAAuB;iBAChC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACrD,CAAC;YAED,iEAAiE;YACjE,MAAM,KAAK,GAAG,aAAa,CAAC;gBAC1B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;gBAChD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW;gBAC/C,UAAU,EAAE,UAAU,EAAE;aACzB,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;gBAC/D,cAAc,EAAE,KAAK;gBACrB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;aACrC,CAAC,CAAC;YAEH,yEAAyE;YACzE,gEAAgE;YAEhE,gDAAgD;YAChD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YAED,sBAAsB;YACtB,MAAM,SAAS,GAAG,MAAM,sBAAsB,CAAC;gBAC7C,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAC1C,OAAO,EAAE,MAAM,CAAC,QAAQ;gBACxB,KAAK,EAAE,KAAK;gBACZ,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;aAC5C,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;gBAC1C,SAAS,EAAE,SAAS,CAAC,QAAQ,EAAE;aAChC,CAAC,CAAC;YAEH,+EAA+E;YAC/E,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;YAE9C,mDAAmD;YACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE;gBAC5C,MAAM,EAAE,mBAAmB;aAC5B,CAAC,CAAC;YAEH,8EAA8E;YAC9E,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAChD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE;gBACzC,MAAM,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC/D,CAAC,CAAC;YACH,MAAM,IAAI,cAAc,CACtB,eAAe,EACf,kBAAkB,CAAC,aAAa,CACjC,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,kBAAkB,CAAC,SAAc;QACvC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QAE3D,MAAM,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QACtD,YAAY,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;QAEpC,oDAAoD;QACpD,MAAM,aAAa,GAAG,GAAG,EAAE;YACzB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YAEjD,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,CAAC;gBAC7B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;gBACxE,OAAO;YACT,CAAC;YAED,YAAY,CAAC,UAAU,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;YAElD,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAClC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,iEAAiE,EACjE;oBACE,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;iBACjD,CACF,CAAC;gBACF,qEAAqE;gBACrE,oEAAoE;gBACpE,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;YACvD,CAAC;QACH,CAAC,CAAC;QAEF,YAAY,CAAC,MAAM,GAAG,GAAG,EAAE;YACzB,aAAa,EAAE,CAAC;QAClB,CAAC,CAAC;QACF,YAAY,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,EAAE;YAC/B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/D,aAAa,EAAE,CAAC;QAClB,CAAC,CAAC;QAEF,YAAY,CAAC,GAAG,GAAG,SAAS,CAAC,QAAQ,EAAE,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAC1C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,wBAAwB;QACpC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAElC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE;gBACvD,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAChC,aAAa,EAAE,CAAC,CAAC,KAAK;gBACtB,UAAU,EAAE,KAAK;gBACjB,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;aAClC,CAAC,CAAC;YAEH,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sDAAsD,CACvD,CAAC;gBACF,OAAO,CAAC,yCAAyC;YACnD,CAAC;YAED,sDAAsD;YACtD,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YAE/D,yEAAyE;YACzE,kDAAkD;YAClD,MAAM,YAAY,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAE/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBAC7C,QAAQ,EAAE,KAAK;gBACf,YAAY;gBACZ,iBAAiB;gBACjB,WAAW,EAAE,KAAK,KAAK,iBAAiB;gBACxC,YAAY,EAAE,YAAY,KAAK,iBAAiB;aACjD,CAAC,CAAC;YAEH,IAAI,KAAK,KAAK,iBAAiB,IAAI,YAAY,KAAK,iBAAiB,EAAE,CAAC;gBACtE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;oBAC9C,KAAK;oBACL,iBAAiB;iBAClB,CAAC,CAAC;gBAEH,0CAA0C;gBAC1C,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAChC,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;gBAEzC,yCAAyC;gBACzC,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;gBAExC,6BAA6B;gBAC7B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE;oBAC5C,MAAM,EAAE,0BAA0B;iBACnC,CAAC,CAAC;gBAEH,4CAA4C;gBAC5C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;gBAE1D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;oBACnD,QAAQ;iBACT,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;oBACjE,QAAQ,EAAE,KAAK;oBACf,iBAAiB;iBAClB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YACpE,sDAAsD;QACxD,CAAC;IACH,CAAC;CACF;AAID,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC","sourcesContent":["import { AuthEvent } from \"../types/index.js\";\nimport type { Endpoints, AuthStorage } from \"../../types.js\";\nimport { buildAuthUrl, extractTokensFromSession } from \"../utils/auth-utils.js\";\nimport type { AuthResult, Session } from \"../types/index.js\";\nimport type { createLogger } from \"../utils/logger.js\";\nimport {\n createMainLogger,\n configureLogging,\n setCurrentLogger,\n} from \"../utils/logger.js\";\nimport { GenericPublicClientPKCEProducer } from \"../../services/PKCE.js\";\nimport { generateState } from \"../../lib/oauth.js\";\nimport { SessionManager } from \"./SessionManager.js\";\nimport { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport { PopupError } from \"../../services/types.js\";\nimport { getVersion } from \"../../shared/index.js\";\nimport { handleOAuthRedirectPage } from \"./handlers/OAuthCallbackHandler.js\";\nimport {\n generateOauthLogoutUrl,\n clearTokens,\n retrieveTokens,\n getBackendEndpoints,\n resolveEndpointUrl,\n} from \"../../shared/lib/util.js\";\nimport { LOGOUT_STATE } from \"../../constants.js\";\nimport { getOauthEndpoints } from \"../../lib/oauth.js\";\nimport { collectAndSendSDKAnalytics } from \"../../lib/analytics.js\";\nimport type { AuthConfig } from \"../../server/config.js\";\n\n// Import new modular components\nimport type {\n CivicAuthClientConfig,\n ProcessedCivicAuthConfig,\n} from \"./types/AuthTypes.js\";\nimport {\n CivicAuthError,\n CivicAuthErrorCode,\n CIVIC_AUTH_CONSTANTS,\n} from \"./types/AuthTypes.js\";\nimport { processConfigWithDefaults } from \"./config/ConfigProcessor.js\";\nimport { MessageHandler } from \"./handlers/MessageHandler.js\";\nimport { PopupHandler } from \"./handlers/PopupHandler.js\";\nimport { IframeAuthHandler } from \"./handlers/IframeAuthHandler.js\";\nimport { IframeManager } from \"../iframe/IframeManager.js\";\n\n/**\n * CivicAuth client for handling OAuth authentication\n *\n * This is a refactored version that uses a modular architecture for better maintainability.\n */\nexport class CivicAuth {\n private config: ProcessedCivicAuthConfig;\n private storage: AuthStorage;\n private endpoints?: Endpoints;\n private logger: ReturnType<typeof createLogger>;\n private sessionManager: SessionManager;\n private events: AuthenticationEvents;\n private initialDisplayMode:\n | \"iframe\"\n | \"modal\"\n | \"redirect\"\n | \"new_tab\"\n | \"custom_tab\";\n\n // Authentication state\n private authPromise?: Promise<AuthResult>;\n private authPromiseResolve?: (value: AuthResult) => void;\n private authPromiseReject?: (reason?: Error) => void;\n private authProcessTimeoutHandle?: number;\n private popupFailureTimeoutHandle?: number;\n private hasPopupFailed: boolean = false;\n private hasSignInStarted: boolean = false;\n\n // Backend integration - custom login URL\n private loginUrl?: string;\n\n // Handlers\n private messageHandler?: MessageHandler;\n private popupHandler?: PopupHandler;\n private iframeAuthHandler?: IframeAuthHandler;\n\n /**\n * Private constructor - initializes configuration and handlers.\n * Use {@link CivicAuth.create} to create a new instance.\n */\n private constructor(config: CivicAuthClientConfig) {\n // Process config with defaults and validation\n this.config = processConfigWithDefaults(config);\n this.initialDisplayMode = this.config.displayMode;\n\n // Set loginUrl from config if provided\n this.loginUrl = this.config.loginUrl;\n\n // Configure logging\n configureLogging(this.config.logging);\n\n // Initialize logger - always use \"vanillajs\" as base namespace\n if (this.config.logging?.enabled) {\n this.logger = createMainLogger(\"vanillajs\"); // Always use \"vanillajs\"\n } else {\n this.logger = {\n debug: () => {},\n info: () => {},\n warn: () => {},\n error: () => {},\n };\n }\n\n setCurrentLogger(this.logger);\n this.storage = this.config.storageAdapter;\n\n // Always initialize events - use provided events or create default instance\n this.events = config.events || new AuthenticationEvents();\n\n // Always initialize SessionManager\n this.sessionManager = new SessionManager(\n this.storage,\n this.events,\n this.config,\n this.config.initialUser,\n );\n\n // Initialize handlers\n this.initializeHandlers();\n }\n\n /**\n * Creates and initializes a new instance of CivicAuth.\n * This is the recommended way to create a CivicAuth instance.\n *\n * @param config - Configuration options for the auth client\n * @returns A promise that resolves with the initialized CivicAuth instance\n * @throws {CivicAuthError} If initialization fails or required configuration is missing\n *\n * @example\n * ```typescript\n * // Standard SPA authentication\n * const auth = await CivicAuth.create({\n * clientId: \"your-client-id\",\n * // redirectUrl is optional - defaults to current page (window.location.origin + window.location.pathname)\n * redirectUrl: \"https://your-app.com/callback\", // optional\n * // logoutRedirectUrl is optional - defaults to redirectUrl if not provided\n * logoutRedirectUrl: \"https://your-app.com/logout\", // optional\n * // oauthServerBaseUrl is optional - defaults to \"https://auth.civic.com/oauth\"\n * oauthServerBaseUrl: \"https://auth-server.com/\", // optional\n * // scopes is optional - defaults to ['openid', 'profile', 'email', 'offline_access']\n * scopes: [\"openid\", \"profile\"], // optional\n * targetContainerElement: \"auth-container\",\n * textSignals: {\n * success: \"Authentication successful!\"\n * }\n * });\n *\n * // Backend integration authentication\n * const authWithBackend = await CivicAuth.create({\n * clientId: \"your-client-id\",\n * loginUrl: \"http://example.com/custom-backendurl\" // Automatically uses BrowserCookieStorage\n * });\n * ```\n */\n public static async create(\n config: CivicAuthClientConfig,\n ): Promise<CivicAuth> {\n const instance = new CivicAuth(config);\n await instance.init();\n return instance;\n }\n\n /**\n * Initializes the auth client and checks for callback handling\n */\n private async init(): Promise<void> {\n this.logger.info(\"🚀 Initializing CivicAuth\", {\n currentUrl: window.location.href,\n redirectUrl: this.config.redirectUrl,\n oauthServerBaseUrl: this.config.oauthServerBaseUrl,\n isCallbackUrl: window.location.href.startsWith(this.config.redirectUrl),\n });\n\n try {\n // Get OAuth endpoints using shared function (handles trailing slash automatically)\n this.endpoints = await getOauthEndpoints(this.config.oauthServerBaseUrl);\n\n this.logger.info(\"🔗 OAuth endpoints configured\", {\n endpoints: this.endpoints,\n });\n\n // Initialize SessionManager with auth config\n if (this.sessionManager) {\n const loginUrl = this.config.loginUrl || this.loginUrl;\n\n // Construct authConfig based on our discriminated union pattern\n const authConfig: AuthConfig =\n loginUrl && !this.config.clientId\n ? {\n // Backend integration mode: loginUrl required, clientId optional\n loginUrl,\n redirectUrl: this.config.redirectUrl,\n oauthServer: this.config.oauthServerBaseUrl,\n backendEndpoints: this.config.backendEndpoints,\n }\n : {\n // Standard OAuth mode: clientId required, loginUrl optional\n clientId: this.config.clientId!,\n loginUrl,\n redirectUrl: this.config.redirectUrl,\n oauthServer: this.config.oauthServerBaseUrl,\n backendEndpoints: this.config.backendEndpoints,\n };\n\n this.logger.info(\"🔧 Initializing SessionManager\", { authConfig });\n await this.sessionManager.initializeWithAuthConfig(authConfig);\n }\n\n // Check if we're on the callback page\n const isCallbackPage = window.location.href.startsWith(\n this.config.redirectUrl,\n );\n this.logger.info(\"🔍 Callback page check\", {\n isCallbackPage,\n currentUrl: window.location.href,\n redirectUrl: this.config.redirectUrl,\n });\n\n // Handle logout state cleanup first (before processing auth callbacks)\n await this.handleLogoutStateCleanup();\n\n if (isCallbackPage) {\n this.logger.info(\"📞 Processing callback page\");\n await this.handleCallback();\n } else {\n this.logger.info(\"🏠 Not a callback page, initialization complete\");\n }\n\n // Check if we're in embedded mode - we need to show the iframe\n // Note: After config processing, \"embedded\" displayMode becomes \"iframe\" + iframeDisplayMode: \"embedded\"\n const isEmbeddedMode =\n this.config.displayMode === \"iframe\" &&\n this.config.iframeDisplayMode === \"embedded\";\n\n this.logger.info(\"🔍 Checking display mode conditions\", {\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n isEmbeddedMode,\n preloadIframe: this.config.preloadIframe,\n });\n\n if (isEmbeddedMode) {\n // For embedded mode, we need to start authentication to show the iframe\n try {\n this.logger.info(\n \"🖼️ Starting authentication for embedded mode to show iframe...\",\n );\n await this.startAuthentication();\n this.logger.info(\n \"✅ Embedded iframe authentication started successfully\",\n );\n } catch (error) {\n // Don't fail initialization if embedded authentication fails - graceful degradation\n this.logger.warn(\n \"⚠️ Embedded authentication failed (graceful degradation):\",\n {\n error: error instanceof Error ? error.message : String(error),\n },\n );\n }\n } else if (\n this.config.preloadIframe &&\n this.config.displayMode === \"iframe\"\n ) {\n // Regular iframe preloading logic for modal mode\n try {\n const isAuthenticated = await this.isAuthenticated();\n this.logger.info(\"🔍 Authentication check for preload\", {\n isAuthenticated,\n });\n\n if (!isAuthenticated) {\n this.logger.info(\n \"🔄 Auto-preloading iframe for instant sign-in...\",\n );\n await this.preloadAuthentication();\n this.logger.info(\"✅ Iframe auto-preloaded successfully\");\n } else {\n this.logger.debug(\n \"ℹ️ User already authenticated, skipping preload\",\n );\n }\n } catch (error) {\n // Don't fail initialization if preloading fails - graceful degradation\n this.logger.warn(\n \"⚠️ Auto-preloading failed (graceful degradation):\",\n {\n error: error instanceof Error ? error.message : String(error),\n },\n );\n }\n } else {\n this.logger.info(\"ℹ️ Auto-preload conditions not met\", {\n preloadIframe: this.config.preloadIframe,\n displayMode: this.config.displayMode,\n isEmbeddedMode,\n reason: isEmbeddedMode\n ? \"embedded mode uses startAuthentication instead\"\n : !this.config.preloadIframe\n ? \"preloadIframe is disabled\"\n : \"displayMode is not iframe\",\n });\n }\n } catch (error) {\n const errorMessage =\n error instanceof Error\n ? error.message\n : \"Failed to initialize authentication\";\n this.logger.error(\"❌ CivicAuth initialization failed\", {\n error: errorMessage,\n stack: error instanceof Error ? error.stack : undefined,\n });\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: errorMessage,\n });\n throw new CivicAuthError(errorMessage, CivicAuthErrorCode.INIT_FAILED);\n }\n }\n\n /**\n * Initialize all handlers with proper configuration\n */\n private initializeHandlers(): void {\n const handlerConfig = {\n config: this.config,\n logger: this.logger,\n onAuthSuccess: this.handleAuthSuccess.bind(this),\n onAuthError: this.handleAuthError.bind(this),\n cleanup: this.cleanup.bind(this),\n };\n\n this.messageHandler = new MessageHandler({\n ...handlerConfig,\n onPopupFailure: this.handlePopupFailure.bind(this),\n onBrowserCorsFailsSilently: async () => {\n if (this.hasSignInStarted) {\n await this.handleBrowserCorsFailsSilently();\n }\n },\n });\n\n this.popupHandler = new PopupHandler(handlerConfig);\n\n this.iframeAuthHandler = new IframeAuthHandler({\n ...handlerConfig,\n messageHandler: this.messageHandler.handleMessage,\n });\n\n // Set up automatic re-preloading when authentication is cancelled\n this.setupAutoRepreload();\n }\n\n /**\n * Set up automatic re-preloading when authentication is cancelled by user\n * This maintains instant sign-in experience for subsequent attempts\n */\n private setupAutoRepreload(): void {\n this.events.on(AuthEvent.SIGN_IN_STARTED, () => {\n this.hasSignInStarted = true;\n });\n this.events.on(AuthEvent.SIGN_IN_ERROR, (event?: { detail?: string }) => {\n // Only re-preload for iframe mode with user cancellation and preload enabled\n if (\n this.config.displayMode === \"iframe\" &&\n this.config.preloadIframe &&\n event?.detail === \"Authentication cancelled by user\"\n ) {\n this.logger.debug(\n \"🔄 Authentication cancelled, scheduling re-preload for instant subsequent sign-in\",\n );\n\n // Small delay to ensure cleanup is complete\n setTimeout(async () => {\n try {\n await this.preloadAuthentication();\n this.logger.debug(\n \"✅ Re-preloaded iframe after cancellation for instant sign-in\",\n );\n } catch (error) {\n // Don't fail silently, but don't crash either - just log the issue\n this.logger.warn(\n \"⚠️ Failed to re-preload iframe after cancellation:\",\n {\n error: error instanceof Error ? error.message : String(error),\n },\n );\n }\n }, 200); // Small delay to ensure cleanup completion\n }\n });\n }\n\n /**\n * Builds the authentication URL with PKCE challenge\n */\n private async buildAuthUrl(): Promise<string> {\n // If a login URL is set (for backend integration), use that instead\n if (this.loginUrl) {\n this.logger.info(\"🔗 Using login URL for backend integration\", {\n loginUrl: this.loginUrl,\n });\n\n // Generate state with display mode information for backend integration\n const state =\n this.config.initialState ||\n generateState({\n displayMode: this.config.displayMode || \"iframe\",\n iframeDisplayMode: this.config.iframeDisplayMode,\n framework: this.config.framework || \"vanillajs\",\n sdkVersion: getVersion(),\n loginSuccessUrl: this.config.loginSuccessUrl,\n });\n\n // Append state as query parameter to loginUrl\n const url = new URL(this.loginUrl, window.location.origin);\n url.searchParams.set(\"state\", state);\n\n this.logger.info(\"🔗 Built login URL with display mode state\", {\n loginUrl: url.toString(),\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n });\n\n return url.toString();\n }\n\n if (!this.endpoints) {\n throw new CivicAuthError(\n \"OAuth endpoints not initialized. Please wait for initialization to complete.\",\n CivicAuthErrorCode.ENDPOINTS_NOT_INITIALIZED,\n );\n }\n\n // Ensure clientId is present for OAuth flow (it should be according to our discriminated union)\n if (!this.config.clientId) {\n throw new CivicAuthError(\n \"ClientId is required for OAuth flow when loginUrl is not provided.\",\n CivicAuthErrorCode.CONFIG_REQUIRED,\n );\n }\n\n const pkceProducer = new GenericPublicClientPKCEProducer(this.storage);\n const codeChallenge = await pkceProducer.getCodeChallenge();\n const state =\n this.config.initialState ||\n generateState({\n displayMode: this.config.displayMode || \"iframe\",\n iframeDisplayMode: this.config.iframeDisplayMode,\n framework: this.config.framework || \"vanillajs\",\n sdkVersion: getVersion(),\n loginSuccessUrl: this.config.loginSuccessUrl,\n });\n\n return buildAuthUrl({\n endpoints: this.endpoints,\n clientId: this.config.clientId,\n redirectUrl: this.config.redirectUrl,\n scopes: this.config.scopes,\n codeChallenge,\n state,\n prompt: this.config.prompt,\n nonce: this.config.nonce,\n });\n }\n\n /**\n * Preloads the authentication iframe for instant sign-in\n * This creates the iframe in the background but keeps it hidden until startAuthentication() is called\n * @throws {CivicAuthError} If preloading fails or is not supported\n * @private - This method is used internally for automatic preloading\n */\n private async preloadAuthentication(): Promise<void> {\n this.logger.info(\"🎬 Preloading authentication for instant sign-in\", {\n displayMode: this.config.displayMode,\n userAgent: navigator.userAgent,\n currentUrl: window.location.href,\n });\n\n if (!this.endpoints) {\n const error = new CivicAuthError(\n \"OAuth endpoints not initialized. Please wait for initialization to complete.\",\n CivicAuthErrorCode.ENDPOINTS_NOT_INITIALIZED,\n );\n this.logger.error(\"❌ Endpoints not initialized for preload\", {\n error: error.message,\n });\n throw error;\n }\n\n // Only support preloading for iframe mode\n if (this.config.displayMode !== \"iframe\") {\n this.logger.warn(\n \"⚠️ Iframe preloading only supported for iframe display mode\",\n {\n displayMode: this.config.displayMode,\n },\n );\n return;\n }\n\n if (!this.iframeAuthHandler) {\n const error = new CivicAuthError(\n \"Iframe handler not initialized for preloading\",\n CivicAuthErrorCode.INIT_FAILED,\n );\n this.logger.error(\"❌ Iframe handler not initialized\", {\n error: error.message,\n });\n throw error;\n }\n\n const fullAuthUrl = await this.buildAuthUrl();\n this.logger.info(\"🔗 Built authentication URL for preload\", {\n url: fullAuthUrl,\n displayMode: this.config.displayMode,\n });\n\n try {\n await this.iframeAuthHandler.preloadIframe(fullAuthUrl);\n const iframeElement = this.iframeAuthHandler.getIframeElement();\n if (iframeElement) {\n this.messageHandler?.updateIframeElement(iframeElement);\n }\n\n this.logger.info(\"✅ Authentication iframe preloaded successfully\");\n } catch (error) {\n const errorMessage =\n error instanceof Error ? error.message : \"Failed to preload iframe\";\n this.logger.error(\"❌ Failed to preload authentication iframe\", {\n error: errorMessage,\n });\n throw new CivicAuthError(\n errorMessage,\n CivicAuthErrorCode.IFRAME_PRELOAD_FAILED,\n );\n }\n }\n\n /**\n * Check if authentication is preloaded and ready for instant sign-in\n * @returns True if an iframe is preloaded and ready\n */\n isAuthenticationPreloaded(): boolean {\n if (this.config.displayMode !== \"iframe\" || !this.iframeAuthHandler) {\n return false;\n }\n return this.iframeAuthHandler.hasPreloadedIframe();\n }\n\n /**\n * Enable or disable iframe preloading\n * @param enabled Whether to enable iframe preloading\n */\n setPreloadEnabled(enabled: boolean): void {\n // Preloading only makes sense for iframe mode\n if (this.config.displayMode !== \"iframe\") {\n this.logger.debug(\n \"🎯 Iframe preloading not applicable for non-iframe mode\",\n {\n displayMode: this.config.displayMode,\n enabled,\n },\n );\n return;\n }\n\n if (this.iframeAuthHandler) {\n this.iframeAuthHandler.setPreloadEnabled(enabled);\n this.logger.info(\"🎯 Iframe preloading\", { enabled });\n } else {\n this.logger.warn(\n \"⚠️ Cannot set preload enabled: iframe handler not initialized\",\n );\n }\n }\n\n /**\n * Check if iframe preloading is enabled\n * @returns True if iframe preloading is enabled\n */\n getPreloadEnabled(): boolean {\n // Preloading only makes sense for iframe mode\n if (this.config.displayMode !== \"iframe\") {\n return false;\n }\n return this.iframeAuthHandler?.getPreloadEnabled() ?? false;\n }\n\n /**\n * Starts the authentication process\n * @returns A promise that resolves with the authentication result\n * @throws {CivicAuthError} If authentication fails or times out\n */\n async startAuthentication(): Promise<AuthResult> {\n this.logger.info(\"🎬 Starting authentication process\", {\n displayMode: this.config.displayMode,\n userAgent: navigator.userAgent,\n currentUrl: window.location.href,\n });\n\n // Send SDK analytics when authentication starts\n // Fire and forget - don't block authentication if analytics fails\n collectAndSendSDKAnalytics(\n this.config.clientId,\n this.config.oauthServerBaseUrl,\n this.config.framework || \"vanillajs\",\n );\n\n if (!this.endpoints) {\n const error = new CivicAuthError(\n \"OAuth endpoints not initialized. Please wait for initialization to complete.\",\n CivicAuthErrorCode.ENDPOINTS_NOT_INITIALIZED,\n );\n this.logger.error(\"❌ Endpoints not initialized\", {\n error: error.message,\n });\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: error.message,\n });\n throw error;\n }\n\n if (this.authPromise) {\n this.logger.info(\n \"⏳ Authentication already in progress, returning existing promise\",\n );\n return this.authPromise;\n }\n\n const fullAuthUrl = await this.buildAuthUrl();\n this.logger.info(\"🔗 Built authentication URL\", {\n url: fullAuthUrl,\n displayMode: this.config.displayMode,\n authProcessTimeout: this.config.authProcessTimeout,\n });\n\n this.authPromise = new Promise<AuthResult>((resolve, reject) => {\n this.authPromiseResolve = resolve;\n this.authPromiseReject = reject;\n\n this.handleAuthenticationByDisplayMode(fullAuthUrl);\n this.setupAuthenticationTimeout();\n });\n\n return this.authPromise;\n }\n\n /**\n * Reloads embedded authentication interface\n *\n * This method is specifically designed for embedded mode scenarios where the iframe\n * needs to be recreated after navigation or DOM changes. It performs a complete\n * re-initialization by calling the full init() method.\n *\n * @returns Promise that resolves when the embedded iframe is created\n * @throws {CivicAuthError} If not in embedded mode or if iframe creation fails\n *\n * @example\n * ```typescript\n * // After navigation in a SPA\n * await civicAuth.reloadEmbedded();\n * ```\n */\n async reloadEmbedded(): Promise<void> {\n this.logger.info(\"🔄 Reloading embedded authentication interface\", {\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n authPromise: !!this.authPromise,\n });\n\n this.config.displayMode = \"iframe\";\n this.config.iframeDisplayMode = \"embedded\";\n\n // Check if container element exists\n const container = this.getContainerElement();\n this.logger.info(\"🎯 Container element check\", {\n containerFound: !!container,\n containerId: container?.id,\n containerClass: container?.className,\n });\n\n if (!container) {\n const error = new CivicAuthError(\n \"Container element for embedded iframe not found. Ensure an element with id 'civic-login-container' exists or provide targetContainerElement in config.\",\n CivicAuthErrorCode.CONTAINER_NOT_FOUND,\n );\n this.logger.error(error.message);\n throw error;\n }\n\n // Clear any existing auth promise to ensure fresh start\n if (this.authPromise) {\n this.logger.info(\"🧹 Clearing existing auth promise for fresh start\");\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n }\n\n // Clean up any existing handlers before re-initialization\n if (this.messageHandler || this.popupHandler || this.iframeAuthHandler) {\n this.logger.info(\n \"🧹 Cleaning up existing handlers before re-initialization\",\n );\n this.cleanup();\n }\n\n this.logger.info(\"🔄 Re-initializing handlers and starting embedded auth\");\n\n try {\n // Don't call init() - that would re-process config based on current page\n // Instead, do minimal re-initialization with original config\n\n // Ensure OAuth endpoints are available (they should be from original init)\n if (!this.endpoints) {\n this.logger.info(\"🔗 Getting OAuth endpoints\");\n this.endpoints = await getOauthEndpoints(\n this.config.oauthServerBaseUrl,\n );\n }\n\n // Re-initialize all handlers (creates new instances)\n this.logger.info(\"🔄 Re-initializing handlers\");\n this.initializeHandlers();\n\n // Start authentication to create the embedded iframe\n this.logger.info(\"🎬 Starting embedded authentication\");\n await this.startAuthentication();\n this.logger.info(\"✅ Embedded iframe reloaded successfully\");\n } catch (error) {\n const errorMessage =\n error instanceof Error\n ? error.message\n : \"Failed to reload embedded iframe\";\n this.logger.error(\"❌ Failed to reload embedded iframe\", {\n error: errorMessage,\n stack: error instanceof Error ? error.stack : undefined,\n });\n throw error;\n }\n }\n\n private async handleBrowserCorsFailsSilently(): Promise<Promise<void>> {\n this.logger.warn(\n \"🚨 Browser CORS fails silently - switching to redirect mode\",\n {\n displayMode: this.config.displayMode,\n iframeAuthHandler: !!this.iframeAuthHandler,\n messageHandler: !!this.messageHandler,\n },\n );\n if (!this.iframeAuthHandler || !this.messageHandler) {\n throw new Error(\"Iframe handler not initialized\");\n }\n this.config.displayMode = \"redirect\";\n this.iframeAuthHandler.forceHideIframe();\n const rebuiltUrl = await this.buildAuthUrl();\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail:\n \"Browser doesn't support popups and passkey with CORS in iframe - switching to redirect mode\",\n error: {\n type: \"browser_cors_fails_silently\",\n failedUrl: IframeManager.browserCorsFailsSilentlyUrl,\n suggestion:\n \"Browser doesn't support popups and passkey with CORS in iframe - switching to redirect mode\",\n },\n });\n // use a small delay to ensure the loader is shown\n setTimeout(() => {\n window.location.href = rebuiltUrl;\n }, 100);\n }\n\n /**\n * Handle authentication based on display mode\n */\n private async handleAuthenticationByDisplayMode(\n fullAuthUrl: string,\n ): Promise<void> {\n this.logger.info(\"🎯 Handling authentication with display mode\", {\n displayMode: this.config.displayMode,\n });\n\n try {\n switch (this.config.displayMode) {\n case \"redirect\":\n this.logger.info(\"🌐 Using redirect mode\");\n this.events.locationChange(\n fullAuthUrl,\n \"Redirecting to auth URL\",\n \"login\",\n );\n break;\n\n case \"new_tab\":\n this.logger.info(\"📱 Using new_tab mode\");\n if (!this.popupHandler) {\n throw new Error(\"Popup handler not initialized\");\n }\n await this.popupHandler.handleNewTabAuth(fullAuthUrl);\n break;\n\n case \"iframe\":\n default: {\n this.logger.info(\"🖼️ Using iframe mode\");\n if (!this.iframeAuthHandler || !this.messageHandler) {\n throw new Error(\"Iframe handler not initialized\");\n }\n if (IframeManager.browserCorsFailsSilentlyUrl) {\n return this.handleBrowserCorsFailsSilently();\n }\n\n const iframeElement =\n await this.iframeAuthHandler.handleIframeAuth(fullAuthUrl);\n this.messageHandler.updateIframeElement(iframeElement);\n break;\n }\n }\n } catch (error) {\n if (error instanceof PopupError) {\n await this.handlePopupErrorWithFallback(fullAuthUrl, error);\n } else {\n this.handleAuthError(\n error instanceof Error ? error : new Error(String(error)),\n );\n }\n }\n }\n\n /**\n * Handle popup error with redirect fallback\n */\n private async handlePopupErrorWithFallback(\n fullAuthUrl: string,\n error: PopupError,\n ): Promise<void> {\n this.logger.warn(\"🚫 Popup failed, falling back to redirect mode\", {\n originalDisplayMode: this.config.displayMode,\n error: error.message,\n });\n\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Popup blocked, falling back to redirect mode\",\n });\n\n try {\n this.logger.info(\"🔄 Attempting redirect fallback\");\n\n // Clean up current authentication attempt\n this.cleanup();\n\n // Always switch to redirect mode for Safari compatibility\n this.config.displayMode = \"redirect\";\n\n // Regenerate the auth URL with updated display mode in state\n const fallbackAuthUrl = await this.buildAuthUrl();\n\n this.logger.info(\"🌐 Redirecting to auth URL\", { url: fallbackAuthUrl });\n window.location.href = fallbackAuthUrl;\n this.logger.info(\"✅ Redirect initiated successfully\");\n } catch (redirectError) {\n this.logger.error(\"❌ Redirect fallback failed\", {\n error: redirectError,\n redirectUrl: fullAuthUrl,\n });\n\n const fallbackError = new CivicAuthError(\n \"Failed to open popup window and redirect fallback failed. Please check your browser's popup settings.\",\n CivicAuthErrorCode.INIT_FAILED,\n );\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: fallbackError.message,\n });\n this.handleAuthError(fallbackError);\n }\n }\n\n /**\n * Setup authentication timeout\n */\n private setupAuthenticationTimeout(): void {\n // Skip timeout for embedded iframe mode - embedded iframes should stay persistent\n if (\n this.config.displayMode === \"iframe\" &&\n this.config.iframeDisplayMode === \"embedded\"\n ) {\n this.logger.debug(\n \"⏰ Skipping authentication timeout for embedded iframe mode\",\n {\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n },\n );\n return;\n }\n\n // Set up timeout for other modes\n if (this.config.authProcessTimeout && this.config.authProcessTimeout > 0) {\n this.logger.debug(\"⏰ Setting up authentication timeout\", {\n timeout: this.config.authProcessTimeout,\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n });\n\n this.authProcessTimeoutHandle = window.setTimeout(() => {\n this.logger.info(\"⏰ Authentication timeout reached\");\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication timed out\",\n });\n\n const error = new CivicAuthError(\n \"Authentication timed out\",\n CivicAuthErrorCode.AUTH_PROCESS_TIMEOUT,\n );\n this.handleAuthError(error);\n }, this.config.authProcessTimeout);\n }\n }\n\n /**\n * Handle successful authentication\n */\n private handleAuthSuccess(result: AuthResult): void {\n this.logger.info(\"✅ Authentication successful\");\n this.authPromiseResolve?.(result);\n\n // For embedded mode, preserve the iframe completely - don't cleanup\n // The iframe should stay visible showing the successful authentication state\n const isEmbeddedMode =\n this.config.displayMode === \"iframe\" &&\n this.config.iframeDisplayMode === \"embedded\";\n\n if (isEmbeddedMode) {\n this.logger.info(\n \"🔧 Embedded mode - preserving iframe, skipping cleanup\",\n );\n // Only clean up timeouts and reset promises, but keep iframe visible\n this.cleanupTimeoutsAndState();\n } else {\n // For modal/redirect modes, do full cleanup as before\n this.cleanup();\n }\n }\n\n /**\n * Handle authentication error\n */\n private handleAuthError(error: Error): void {\n this.logger.error(\"❌ Authentication failed\", { error: error.message });\n this.authPromiseReject?.(error);\n\n // For embedded mode, preserve the iframe to show error state\n // For other modes, do full cleanup as before\n const isEmbeddedMode =\n this.config.displayMode === \"iframe\" &&\n this.config.iframeDisplayMode === \"embedded\";\n\n if (isEmbeddedMode) {\n this.logger.info(\n \"🔧 Embedded mode - preserving iframe to show error state\",\n );\n // Only clean up timeouts and reset promises, but keep iframe visible\n this.cleanupTimeoutsAndState();\n } else {\n // For modal/redirect modes, do full cleanup as before\n this.cleanup();\n }\n }\n\n /**\n * Handle popup failure - simplified like React implementation\n */\n private handlePopupFailure(failedUrl?: string): void {\n this.hasPopupFailed = true;\n\n this.logger.warn(\"Popup failed, using redirect mode instead...\", {\n failedUrl,\n });\n\n // Clean up iframe if it exists\n if (this.iframeAuthHandler) {\n this.iframeAuthHandler.cleanupIframe();\n }\n\n // Always redirect to the failed URL or build a new one\n if (failedUrl) {\n // this.config.displayMode = \"redirect\";\n\n // Use centralized location change handler\n this.events.locationChange(\n failedUrl,\n \"Popup blocked, falling back to redirect mode\",\n \"login\",\n );\n\n return;\n }\n\n this.buildAuthUrl()\n .then((authUrl) => {\n this.events.locationChange(authUrl, \"Redirecting to auth URL\", \"login\");\n })\n .catch((error) => {\n this.logger.error(\"Failed to build auth URL for redirect fallback\", {\n error,\n });\n const fallbackError = new CivicAuthError(\n \"Failed to redirect for authentication\",\n CivicAuthErrorCode.INIT_FAILED,\n );\n this.handleAuthError(fallbackError);\n });\n }\n\n /**\n * Show popup failure message to user\n */\n private showPopupFailureMessage(\n customMessage: string = \"Authentication will continue in this window. Please wait...\",\n ): void {\n const container = this.getContainerElement();\n if (!container) {\n this.logger.warn(\n \"Cannot show popup failure message - container not found\",\n );\n return;\n }\n const existingMessage = document.getElementById(\n \"civic-auth-popup-failure-message\",\n );\n if (existingMessage && existingMessage.parentNode) {\n existingMessage.parentNode.removeChild(existingMessage);\n }\n const messageOverlay = document.createElement(\"div\");\n messageOverlay.id = \"civic-auth-popup-failure-message\";\n messageOverlay.style.cssText =\n \"position:absolute;top:0;left:0;right:0;background:rgba(255,249,196,.95);border:1px solid #f59e0b;border-radius:6px;padding:12px;margin:8px;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;font-size:14px;color:#92400e;z-index:1000;box-shadow:0 2px 4px rgba(0,0,0,.1);\";\n messageOverlay.innerHTML =\n '<div style=\"display:flex;align-items:center;gap:8px;\">' +\n '<span style=\"font-size:16px;\">⚠️</span>' +\n \"<div>\" +\n \"<strong>Popup blocked</strong><br>\" +\n '<span style=\"font-size:12px;\">' +\n customMessage +\n \"</span>\" +\n \"</div>\" +\n \"</div>\";\n\n if (getComputedStyle(container).position === \"static\") {\n container.style.position = \"relative\";\n }\n\n container.appendChild(messageOverlay);\n\n setTimeout(() => {\n if (messageOverlay.parentNode) {\n messageOverlay.parentNode.removeChild(messageOverlay);\n }\n }, 10000);\n this.logger.info(\"Popup failure message displayed to user\");\n }\n\n /**\n * Setup popup failure timeout\n */\n private setupPopupFailureTimeout(): void {\n this.popupFailureTimeoutHandle = window.setTimeout(() => {\n this.logger.info(\"⏰ Popup failure timeout reached\");\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication timeout - popup failure scenario\",\n });\n\n const error = new CivicAuthError(\n \"Authentication timeout - popup failure scenario\",\n CivicAuthErrorCode.AUTH_PROCESS_TIMEOUT,\n );\n this.handleAuthError(error);\n }, 20000); // 20 seconds\n }\n\n /**\n * Gets the container element for the auth iframe\n */\n private getContainerElement(): HTMLElement | null {\n if (typeof this.config.targetContainerElement === \"string\") {\n const element = document.getElementById(\n this.config.targetContainerElement,\n );\n if (!element) {\n this.logger.warn(\n `Container element with ID \"${this.config.targetContainerElement}\" not found`,\n );\n }\n return element;\n }\n\n if (this.config.targetContainerElement) {\n return this.config.targetContainerElement;\n }\n\n // Fallback: Look for element with id \"civic-login-container\"\n const fallbackContainer = document.getElementById(\n \"civic-login-container\",\n ) as HTMLElement;\n if (fallbackContainer) {\n this.logger.debug(\n 'Using fallback container with id \"civic-login-container\"',\n );\n return fallbackContainer;\n }\n\n return null;\n }\n\n /**\n * Handle OAuth callback\n */\n private async handleCallback(): Promise<void> {\n this.logger.info(\"🔄 Handling OAuth callback\", {\n currentUrl: window.location.href,\n redirectUrl: this.config.redirectUrl,\n });\n\n try {\n // Only handle OAuth callback if not using backend integration\n if (!this.config.clientId && this.config.loginUrl) {\n this.logger.info(\n \"📞 Backend integration mode - skipping OAuth callback handling\",\n );\n return;\n }\n\n // Ensure clientId is available for OAuth callback\n if (!this.config.clientId) {\n throw new Error(\"ClientId is required for OAuth callback handling\");\n }\n\n const callbackHandled = await handleOAuthRedirectPage({\n clientId: this.config.clientId,\n oauthServer: this.config.oauthServerBaseUrl,\n redirectUrl: this.config.redirectUrl,\n textSignals: {\n success: this.config.textSignals.success,\n error: this.config.textSignals.error || \"Authentication failed\",\n },\n storageAdapter: this.storage,\n });\n\n this.logger.info(\"📋 Callback processing result\", { callbackHandled });\n\n if (callbackHandled) {\n const successSignal = document.getElementById(\n CIVIC_AUTH_CONSTANTS.SUCCESS_SIGNAL_ID,\n );\n const errorSignal = document.getElementById(\n CIVIC_AUTH_CONSTANTS.ERROR_SIGNAL_ID,\n );\n\n if (successSignal) {\n this.logger.info(\"✅ Success signal found\");\n let userInfo = null;\n const userInfoAttr = successSignal.getAttribute(\"data-user-info\");\n if (userInfoAttr) {\n try {\n userInfo = JSON.parse(userInfoAttr);\n } catch (error) {\n this.logger.error(\"❌ Failed to parse user info\", { error });\n }\n }\n this.events.emit(AuthEvent.SIGN_IN_COMPLETE, {\n detail: \"Callback processed successfully\",\n user: userInfo,\n });\n } else if (errorSignal) {\n this.logger.error(\"❌ Error signal found\");\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: errorSignal.textContent || \"Unknown error during callback\",\n });\n }\n }\n } catch (error) {\n this.logger.error(\"❌ Callback handling failed\", { error });\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail:\n error instanceof Error\n ? error.message\n : \"Unknown error during callback\",\n });\n }\n }\n\n /**\n * Cleans up resources and event listeners\n */\n public cleanup(): void {\n this.logger.info(\"Cleaning up authentication client\");\n\n // Clean up handlers\n this.iframeAuthHandler?.cleanupIframe();\n\n // Clean up timeouts\n if (this.authProcessTimeoutHandle) {\n window.clearTimeout(this.authProcessTimeoutHandle);\n this.authProcessTimeoutHandle = undefined;\n }\n\n if (this.popupFailureTimeoutHandle) {\n window.clearTimeout(this.popupFailureTimeoutHandle);\n this.popupFailureTimeoutHandle = undefined;\n }\n\n // Reset state\n this.hasPopupFailed = false;\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n\n // Remove message event listener\n if (this.messageHandler) {\n window.removeEventListener(\"message\", this.messageHandler.handleMessage);\n }\n }\n\n /**\n * Clean up only timeouts and state without touching iframe (for embedded mode)\n */\n private cleanupTimeoutsAndState(): void {\n this.logger.info(\n \"Cleaning up timeouts and state (preserving iframe for embedded mode)\",\n );\n\n // Clean up timeouts\n if (this.authProcessTimeoutHandle) {\n window.clearTimeout(this.authProcessTimeoutHandle);\n this.authProcessTimeoutHandle = undefined;\n }\n\n if (this.popupFailureTimeoutHandle) {\n window.clearTimeout(this.popupFailureTimeoutHandle);\n this.popupFailureTimeoutHandle = undefined;\n }\n\n // Reset state\n this.hasPopupFailed = false;\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n\n // Keep message handler and iframe for embedded mode\n }\n\n /**\n * Get the current session\n */\n public async getCurrentSession(): Promise<Session | null> {\n return this.sessionManager.getCurrentSession() || null;\n }\n\n /**\n * Get current session tokens including decoded forwarded tokens\n * This method extracts and decodes forwarded tokens from the ID token JWT\n */\n public async getTokensWithForwardedTokens() {\n const session = await this.getCurrentSession();\n return extractTokensFromSession(session);\n }\n\n /**\n * Check if user is authenticated\n */\n public async isAuthenticated(): Promise<boolean> {\n return this.sessionManager.isAuthenticated() || false;\n }\n\n /**\n * Get the current user\n */\n public async getCurrentUser() {\n return this.sessionManager.getCurrentUser() || null;\n }\n\n /**\n * Clear the current session\n */\n public async clearSession(): Promise<void> {\n return this.sessionManager.clearSession();\n }\n\n /**\n * Manually refresh tokens\n */\n public async refreshTokens(): Promise<void> {\n return this.sessionManager.refreshTokens();\n }\n\n /**\n * Get token refresher state for debugging\n */\n public getTokenRefresherState() {\n return this.sessionManager.getTokenRefresherState() || null;\n }\n\n /**\n * Set a custom login URL for backend integration.\n * This is useful when integrating with a backend that handles the OAuth flow.\n * Alternatively, you can configure this directly in CivicAuth.create().\n *\n * @param loginUrl - The custom login URL to use (e.g., \"http://localhost:3020/auth/login\")\n *\n * @example\n * ```typescript\n * // Option 1: Configure in create()\n * const authClient = await CivicAuth.create({\n * clientId: \"YOUR_CLIENT_ID\",\n * loginUrl: \"http://example.com/custom-backendurl\"\n * });\n *\n * // Option 2: Set after creation\n * civicAuth.setLoginUrl(\"http://localhost:3020/auth/login\");\n * await civicAuth.startAuthentication();\n * ```\n */\n public setLoginUrl(loginUrl: string): void {\n this.loginUrl = loginUrl;\n\n // Update MessageHandler to expect messages from the custom origin\n if (this.messageHandler) {\n this.messageHandler.setCustomExpectedOrigin(loginUrl);\n }\n\n this.logger.info(\"🔗 Custom login URL set for backend integration\", {\n loginUrl: this.loginUrl,\n });\n }\n\n /**\n * Clear the login URL and return to standard OAuth flow\n */\n public clearLoginUrl(): void {\n this.loginUrl = undefined;\n\n // Clear custom expected origin from MessageHandler\n if (this.messageHandler) {\n this.messageHandler.clearCustomExpectedOrigin();\n }\n\n this.logger.info(\"🔗 Login URL cleared, returning to standard OAuth flow\");\n }\n\n /**\n * Get the current login URL\n * @returns The current login URL or undefined if not set\n */\n public getLoginUrl(): string | undefined {\n return this.loginUrl;\n }\n\n /**\n * Update the iframe display mode\n * @param mode - The display mode to use for the iframe\n */\n public setIframeDisplayMode(mode: \"modal\" | \"embedded\"): void {\n this.config.iframeDisplayMode = mode;\n this.logger.debug(`Iframe display mode updated to: ${mode}`);\n }\n\n /**\n * Get the current iframe display mode\n * @returns The current iframe display mode\n */\n public getIframeDisplayMode(): \"modal\" | \"embedded\" | undefined {\n return this.config.iframeDisplayMode;\n }\n\n /**\n * Reset authentication state when page is restored from back-forward cache (bfcache)\n * This clears any pending authentication promises that may have been interrupted\n * by the browser caching the page, allowing fresh authentication attempts\n */\n public resetOnBfcache(): void {\n this.logger.info(\n \"🔄 Resetting authentication state due to bfcache restore\",\n );\n\n // Clear pending authentication promise and related state\n if (this.authPromise) {\n this.logger.debug(\"Clearing stale authentication promise from bfcache\");\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n }\n\n // Clear timeouts that may no longer be valid\n if (this.authProcessTimeoutHandle) {\n window.clearTimeout(this.authProcessTimeoutHandle);\n this.authProcessTimeoutHandle = undefined;\n }\n\n if (this.popupFailureTimeoutHandle) {\n window.clearTimeout(this.popupFailureTimeoutHandle);\n this.popupFailureTimeoutHandle = undefined;\n }\n\n // Reset auth flags\n this.hasPopupFailed = false;\n this.hasSignInStarted = false;\n\n // Reset iframe handler state if needed\n if (this.iframeAuthHandler) {\n this.iframeAuthHandler.cleanupIframe();\n }\n }\n\n /**\n * Destroy the auth client and clean up all resources\n */\n public async destroy(): Promise<void> {\n this.cleanup();\n await this.sessionManager.destroy();\n this.logger.info(\"CivicAuth destroyed\");\n }\n\n /**\n * Handle logout\n */\n public async logout(): Promise<void> {\n try {\n this.logger.info(\"🔄 Starting logout process\");\n this.events.emit(AuthEvent.SIGN_OUT_STARTED, {\n detail: \"Logout process started\",\n });\n\n // If a loginUrl is configured, redirect to the backend's logout endpoint.\n // The backend will then handle redirecting to the OIDC provider.\n if (this.loginUrl) {\n this.logger.info(\n \"🚪 Redirecting to backend for logout in backend-integrated flow\",\n );\n const backendUrl = new URL(this.loginUrl).origin;\n const endpoints = getBackendEndpoints(this.config.backendEndpoints);\n const backendLogoutUrl = resolveEndpointUrl(\n backendUrl,\n endpoints.logout,\n );\n\n // Clear local SDK session state before redirecting\n await this.sessionManager.clearSession();\n this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {\n detail: \"Local session cleared, redirecting to backend for logout.\",\n });\n\n // Generate state for backend integration to enable iframe mode detection\n const state = generateState({\n displayMode: this.config.displayMode || \"iframe\",\n framework: this.config.framework || \"vanillajs\",\n sdkVersion: getVersion(),\n });\n\n // Perform top-level redirect to the backend logout endpoint\n // Include logoutRedirectUrl and state as query parameters\n const logoutUrl = new URL(backendLogoutUrl);\n if (this.config.logoutRedirectUrl) {\n logoutUrl.searchParams.set(\n \"logoutRedirectUrl\",\n this.config.logoutRedirectUrl,\n );\n }\n\n // Include state for iframe mode detection on server\n logoutUrl.searchParams.set(\"state\", state);\n\n this.logger.info(\"🌐 Loading backend logout endpoint in iframe\", {\n url: logoutUrl.toString(),\n logoutRedirectUrl: this.config.logoutRedirectUrl,\n displayMode: this.config.displayMode,\n });\n\n // Use iframe for SPA logout to avoid full page reload\n this.loadLogoutInIframe(logoutUrl);\n\n return;\n }\n\n // --- Existing SPA redirect-based logout flow ---\n this.logger.info(\"🚪 Using redirect-based logout for SPA flow\");\n const tokens = await retrieveTokens(this.storage);\n\n if (!tokens?.id_token) {\n this.logger.warn(\"⚠️ No ID token found, clearing local session only\");\n await clearTokens(this.storage);\n await this.sessionManager.clearSession();\n this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {\n detail: \"Local session cleared\",\n });\n return;\n }\n\n if (!this.endpoints) {\n throw new Error(\"OAuth endpoints not initialized\");\n }\n\n // Generate a state for logout (for OAuth provider tracking only)\n const state = generateState({\n displayMode: this.config.displayMode || \"iframe\",\n framework: this.config.framework || \"vanillajs\",\n sdkVersion: getVersion(),\n });\n\n this.logger.info(\"🔄 Generated logout state for OAuth provider\", {\n generatedState: state,\n displayMode: this.config.displayMode,\n });\n\n // Note: No need to store logout_state in localStorage since iframe flows\n // don't receive redirect callbacks that need state coordination\n\n // Ensure clientId is available for OAuth logout\n if (!this.config.clientId) {\n throw new Error(\"ClientId is required for OAuth logout flow\");\n }\n\n // Generate logout URL\n const logoutUrl = await generateOauthLogoutUrl({\n clientId: this.config.clientId,\n redirectUrl: this.config.logoutRedirectUrl,\n idToken: tokens.id_token,\n state: state,\n oauthServer: this.config.oauthServerBaseUrl,\n });\n\n this.logger.info(\"🔗 Generated logout URL\", {\n logoutUrl: logoutUrl.toString(),\n });\n\n // Clear local tokens and session completely (no need to preserve logout_state)\n await this.sessionManager.clearSession(false);\n\n // Emit logout complete event before iframe request\n this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {\n detail: \"Logout successful\",\n });\n\n // Use hidden iframe instead of redirect to avoid full page reload in SPA mode\n this.loadLogoutInIframe(logoutUrl);\n } catch (error) {\n this.logger.error(\"❌ Logout failed\", { error });\n this.events.emit(AuthEvent.SIGN_OUT_ERROR, {\n detail: error instanceof Error ? error.message : String(error),\n });\n throw new CivicAuthError(\n \"Logout failed\",\n CivicAuthErrorCode.LOGOUT_FAILED,\n );\n }\n }\n\n /**\n * Load logout URL in a hidden iframe to avoid full page reload\n * @param logoutUrl The URL to load in the iframe\n */\n private loadLogoutInIframe(logoutUrl: URL): void {\n this.logger.info(\"🌐 Loading logout URL in hidden iframe\");\n\n const logoutIframe = document.createElement(\"iframe\");\n logoutIframe.style.display = \"none\";\n\n // Clean up iframe when logout completes (or errors)\n const cleanupIframe = () => {\n this.logger.info(\"🧹 Cleaning up logout iframe\");\n\n if (!logoutIframe.parentNode) {\n this.logger.warn(\"🧹 Logout iframe not found, skipping iframe cleanup\");\n return;\n }\n\n logoutIframe.parentNode.removeChild(logoutIframe);\n\n if (this.config.logoutRedirectUrl) {\n this.logger.info(\n \"🌐 Redirecting to logoutRedirectUrl after logout iframe cleanup\",\n {\n logoutRedirectUrl: this.config.logoutRedirectUrl,\n },\n );\n // Use direct redirect for logout to ensure frontend state is cleared\n // This bypasses any URL_CHANGE event listeners that might interfere\n window.location.href = this.config.logoutRedirectUrl;\n }\n };\n\n logoutIframe.onload = () => {\n cleanupIframe();\n };\n logoutIframe.onerror = (error) => {\n this.logger.error(\"❌ Logout iframe failed to load\", { error });\n cleanupIframe();\n };\n\n logoutIframe.src = logoutUrl.toString();\n document.body.appendChild(logoutIframe);\n }\n\n /**\n * Handle logout state cleanup\n * This mirrors the logic from useSignIn.ts to properly clean up after logout\n */\n private async handleLogoutStateCleanup(): Promise<void> {\n try {\n const params = new URLSearchParams(window.location.search);\n const state = params.get(\"state\");\n\n this.logger.info(\"🔍 Checking for logout state cleanup\", {\n currentUrl: window.location.href,\n hasStateParam: !!state,\n stateValue: state,\n rawSearch: window.location.search,\n });\n\n if (!state) {\n this.logger.info(\n \"🔍 No state parameter found, skipping logout cleanup\",\n );\n return; // No state parameter, nothing to cleanup\n }\n\n // Check if we have a stored logout state that matches\n const storedLogoutState = await this.storage.get(LOGOUT_STATE);\n\n // The state might be URL-decoded by URLSearchParams, but stored as plain\n // Let's try both the decoded and encoded versions\n const decodedState = decodeURIComponent(state);\n\n this.logger.info(\"🔍 Comparing logout states\", {\n urlState: state,\n decodedState,\n storedLogoutState,\n directMatch: state === storedLogoutState,\n decodedMatch: decodedState === storedLogoutState,\n });\n\n if (state === storedLogoutState || decodedState === storedLogoutState) {\n this.logger.info(\"🧹 Cleaning up logout state\", {\n state,\n storedLogoutState,\n });\n\n // Clear tokens and user data from storage\n await clearTokens(this.storage);\n await this.sessionManager.clearSession();\n\n // Clean up the logout state from storage\n await this.storage.delete(LOGOUT_STATE);\n\n // Emit logout complete event\n this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {\n detail: \"Logout cleanup completed\",\n });\n\n // Clean up URL by removing query parameters\n const cleanUrl = window.location.href.split(\"?\")[0];\n window.history.replaceState({}, document.title, cleanUrl);\n\n this.logger.info(\"✅ Logout state cleanup completed\", {\n cleanUrl,\n });\n } else {\n this.logger.info(\"🔍 Logout states don't match, skipping cleanup\", {\n urlState: state,\n storedLogoutState,\n });\n }\n } catch (error) {\n this.logger.warn(\"⚠️ Error during logout state cleanup\", { error });\n // Don't throw error to prevent initialization failure\n }\n }\n}\n\n// Export types for external use\nexport type { CivicAuthClientConfig } from \"./types/AuthTypes.js\";\nexport { CivicAuthErrorCode } from \"./types/AuthTypes.js\";\n"]}
1
+ {"version":3,"file":"CivicAuth.js","sourceRoot":"","sources":["../../../src/vanillajs/auth/CivicAuth.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9C,OAAO,EAAE,YAAY,EAAE,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AAGhF,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EAAE,+BAA+B,EAAE,MAAM,wBAAwB,CAAC;AACzE,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AACjE,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAC7E,OAAO,EACL,sBAAsB,EACtB,WAAW,EACX,cAAc,EACd,mBAAmB,EACnB,kBAAkB,GACnB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,0BAA0B,EAAE,MAAM,wBAAwB,CAAC;AAQpE,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,iCAAiC,CAAC;AACpE,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAE3D;;;;GAIG;AACH,MAAM,OAAO,SAAS;IACZ,MAAM,CAA2B;IACjC,OAAO,CAAc;IACrB,SAAS,CAAa;IACtB,MAAM,CAAkC;IACxC,cAAc,CAAiB;IAC/B,MAAM,CAAuB;IAC7B,kBAAkB,CAKT;IAEjB,uBAAuB;IACf,WAAW,CAAuB;IAClC,kBAAkB,CAA+B;IACjD,iBAAiB,CAA4B;IAC7C,wBAAwB,CAAU;IAClC,yBAAyB,CAAU;IACnC,cAAc,GAAY,KAAK,CAAC;IAChC,gBAAgB,GAAY,KAAK,CAAC;IAE1C,yCAAyC;IACjC,QAAQ,CAAU;IAE1B,WAAW;IACH,cAAc,CAAkB;IAChC,YAAY,CAAgB;IAC5B,iBAAiB,CAAqB;IAE9C;;;OAGG;IACH,YAAoB,MAA6B;QAC/C,8CAA8C;QAC9C,IAAI,CAAC,MAAM,GAAG,yBAAyB,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;QAElD,uCAAuC;QACvC,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;QAErC,oBAAoB;QACpB,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAEtC,+DAA+D;QAC/D,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC;YACjC,IAAI,CAAC,MAAM,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAC,yBAAyB;QACxE,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,GAAG;gBACZ,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;gBACf,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;gBACd,IAAI,EAAE,GAAG,EAAE,GAAE,CAAC;gBACd,KAAK,EAAE,GAAG,EAAE,GAAE,CAAC;aAChB,CAAC;QACJ,CAAC;QAED,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9B,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC;QAE1C,4EAA4E;QAC5E,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,IAAI,oBAAoB,EAAE,CAAC;QAE1D,mCAAmC;QACnC,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CACtC,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;QAEF,sBAAsB;QACtB,IAAI,CAAC,kBAAkB,EAAE,CAAC;IAC5B,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAiCG;IACI,MAAM,CAAC,KAAK,CAAC,MAAM,CACxB,MAA6B;QAE7B,MAAM,QAAQ,GAAG,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACtB,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,IAAI;QAChB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE;YAC5C,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;YAChC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;YAClD,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;SACxE,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,mFAAmF;YACnF,IAAI,CAAC,SAAS,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;YAEzE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;gBAChD,SAAS,EAAE,IAAI,CAAC,SAAS;aAC1B,CAAC,CAAC;YAEH,6CAA6C;YAC7C,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC;gBAEvD,gEAAgE;gBAChE,MAAM,UAAU,GACd,QAAQ,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ;oBAC/B,CAAC,CAAC;wBACE,iEAAiE;wBACjE,QAAQ;wBACR,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;wBACpC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;wBAC3C,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB;qBAC/C;oBACH,CAAC,CAAC;wBACE,4DAA4D;wBAC5D,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAS;wBAC/B,QAAQ;wBACR,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;wBACpC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;wBAC3C,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB;qBAC/C,CAAC;gBAER,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gCAAgC,EAAE,EAAE,UAAU,EAAE,CAAC,CAAC;gBACnE,MAAM,IAAI,CAAC,cAAc,CAAC,wBAAwB,CAAC,UAAU,CAAC,CAAC;YACjE,CAAC;YAED,sCAAsC;YACtC,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CACpD,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;gBACzC,cAAc;gBACd,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAChC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;aACrC,CAAC,CAAC;YAEH,uEAAuE;YACvE,MAAM,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAEtC,IAAI,cAAc,EAAE,CAAC;gBACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;gBAChD,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;YACtE,CAAC;YAED,+DAA+D;YAC/D,yGAAyG;YACzG,MAAM,cAAc,GAClB,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;gBACpC,IAAI,CAAC,MAAM,CAAC,iBAAiB,KAAK,UAAU,CAAC;YAE/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,EAAE;gBACtD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAChD,cAAc;gBACd,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;aACzC,CAAC,CAAC;YAEH,IAAI,cAAc,EAAE,CAAC;gBACnB,wEAAwE;gBACxE,IAAI,CAAC;oBACH,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,iEAAiE,CAClE,CAAC;oBACF,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;oBACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,uDAAuD,CACxD,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,oFAAoF;oBACpF,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,2DAA2D,EAC3D;wBACE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;qBAC9D,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,IACL,IAAI,CAAC,MAAM,CAAC,aAAa;gBACzB,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EACpC,CAAC;gBACD,iDAAiD;gBACjD,IAAI,CAAC;oBACH,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,eAAe,EAAE,CAAC;oBACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,EAAE;wBACtD,eAAe;qBAChB,CAAC,CAAC;oBAEH,IAAI,CAAC,eAAe,EAAE,CAAC;wBACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,kDAAkD,CACnD,CAAC;wBACF,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC;wBACnC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;oBAC3D,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,iDAAiD,CAClD,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,uEAAuE;oBACvE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,mDAAmD,EACnD;wBACE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;qBAC9D,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;oBACrD,aAAa,EAAE,IAAI,CAAC,MAAM,CAAC,aAAa;oBACxC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;oBACpC,cAAc;oBACd,MAAM,EAAE,cAAc;wBACpB,CAAC,CAAC,gDAAgD;wBAClD,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa;4BAC1B,CAAC,CAAC,2BAA2B;4BAC7B,CAAC,CAAC,2BAA2B;iBAClC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK;gBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;gBACf,CAAC,CAAC,qCAAqC,CAAC;YAC5C,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE;gBACrD,KAAK,EAAE,YAAY;gBACnB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;aACxD,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EAAE,YAAY;aACrB,CAAC,CAAC;YACH,MAAM,IAAI,cAAc,CAAC,YAAY,EAAE,kBAAkB,CAAC,WAAW,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAED;;OAEG;IACK,kBAAkB;QACxB,MAAM,aAAa,GAAG;YACpB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,aAAa,EAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;YAChD,WAAW,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5C,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;SACjC,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,IAAI,cAAc,CAAC;YACvC,GAAG,aAAa;YAChB,cAAc,EAAE,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC;YAClD,0BAA0B,EAAE,KAAK,IAAI,EAAE;gBACrC,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;oBAC1B,MAAM,IAAI,CAAC,8BAA8B,EAAE,CAAC;gBAC9C,CAAC;YACH,CAAC;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,aAAa,CAAC,CAAC;QAEpD,IAAI,CAAC,iBAAiB,GAAG,IAAI,iBAAiB,CAAC;YAC7C,GAAG,aAAa;YAChB,cAAc,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa;SAClD,CAAC,CAAC;QAEH,kEAAkE;QAClE,IAAI,CAAC,kBAAkB,EAAE,CAAC;IAC5B,CAAC;IAED;;;OAGG;IACK,kBAAkB;QACxB,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,eAAe,EAAE,GAAG,EAAE;YAC7C,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC/B,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,CAAC,KAA2B,EAAE,EAAE;YACtE,6EAA6E;YAC7E,IACE,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;gBACpC,IAAI,CAAC,MAAM,CAAC,aAAa;gBACzB,KAAK,EAAE,MAAM,KAAK,kCAAkC,EACpD,CAAC;gBACD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,mFAAmF,CACpF,CAAC;gBAEF,4CAA4C;gBAC5C,UAAU,CAAC,KAAK,IAAI,EAAE;oBACpB,IAAI,CAAC;wBACH,MAAM,IAAI,CAAC,qBAAqB,EAAE,CAAC;wBACnC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,8DAA8D,CAC/D,CAAC;oBACJ,CAAC;oBAAC,OAAO,KAAK,EAAE,CAAC;wBACf,mEAAmE;wBACnE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,oDAAoD,EACpD;4BACE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;yBAC9D,CACF,CAAC;oBACJ,CAAC;gBACH,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,2CAA2C;YACtD,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,YAAY;QACxB,oEAAoE;QACpE,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,EAAE;gBAC7D,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACxB,CAAC,CAAC;YAEH,uEAAuE;YACvE,MAAM,KAAK,GACT,IAAI,CAAC,MAAM,CAAC,YAAY;gBACxB,aAAa,CAAC;oBACZ,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;oBAChD,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;oBAChD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW;oBAC/C,UAAU,EAAE,UAAU,EAAE;oBACxB,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;iBAC7C,CAAC,CAAC;YAEL,8CAA8C;YAC9C,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC3D,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YACrC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAEvD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4CAA4C,EAAE;gBAC7D,QAAQ,EAAE,GAAG,CAAC,QAAQ,EAAE;gBACxB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aACjD,CAAC,CAAC;YAEH,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;QACxB,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,IAAI,cAAc,CACtB,8EAA8E,EAC9E,kBAAkB,CAAC,yBAAyB,CAC7C,CAAC;QACJ,CAAC;QAED,gGAAgG;QAChG,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,IAAI,cAAc,CACtB,oEAAoE,EACpE,kBAAkB,CAAC,eAAe,CACnC,CAAC;QACJ,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,+BAA+B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvE,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,gBAAgB,EAAE,CAAC;QAC5D,MAAM,KAAK,GACT,IAAI,CAAC,MAAM,CAAC,YAAY;YACxB,aAAa,CAAC;gBACZ,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;gBAChD,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAChD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW;gBAC/C,UAAU,EAAE,UAAU,EAAE;gBACxB,eAAe,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe;aAC7C,CAAC,CAAC;QAEL,OAAO,YAAY,CAAC;YAClB,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,aAAa;YACb,KAAK;YACL,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;SACzB,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,qBAAqB;QACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kDAAkD,EAAE;YACnE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,SAAS,EAAE,SAAS,CAAC,SAAS;YAC9B,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;SACjC,CAAC,CAAC;QAEH,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,8EAA8E,EAC9E,kBAAkB,CAAC,yBAAyB,CAC7C,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE;gBAC3D,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;QAED,0CAA0C;QAC1C,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,6DAA6D,EAC7D;gBACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;aACrC,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,+CAA+C,EAC/C,kBAAkB,CAAC,WAAW,CAC/B,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,EAAE;gBACpD,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,EAAE;YAC1D,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,iBAAiB,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;YACxD,MAAM,aAAa,GAAG,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,EAAE,CAAC;YAChE,IAAI,aAAa,EAAE,CAAC;gBAClB,IAAI,CAAC,cAAc,EAAE,mBAAmB,CAAC,aAAa,CAAC,CAAC;YAC1D,CAAC;YAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;QACrE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,0BAA0B,CAAC;YACtE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,2CAA2C,EAAE;gBAC7D,KAAK,EAAE,YAAY;aACpB,CAAC,CAAC;YACH,MAAM,IAAI,cAAc,CACtB,YAAY,EACZ,kBAAkB,CAAC,qBAAqB,CACzC,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,yBAAyB;QACvB,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACpE,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,IAAI,CAAC,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;IACrD,CAAC;IAED;;;OAGG;IACH,iBAAiB,CAAC,OAAgB;QAChC,8CAA8C;QAC9C,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,yDAAyD,EACzD;gBACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,OAAO;aACR,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,IAAI,CAAC,iBAAiB,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAClD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;QACxD,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,+DAA+D,CAChE,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACH,iBAAiB;QACf,8CAA8C;QAC9C,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,OAAO,IAAI,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,IAAI,KAAK,CAAC;IAC9D,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,mBAAmB;QACvB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE;YACrD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,SAAS,EAAE,SAAS,CAAC,SAAS;YAC9B,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;SACjC,CAAC,CAAC;QAEH,gDAAgD;QAChD,kEAAkE;QAClE,0BAA0B,CACxB,IAAI,CAAC,MAAM,CAAC,QAAQ,EACpB,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAC9B,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW,CACrC,CAAC;QAEF,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,8EAA8E,EAC9E,kBAAkB,CAAC,yBAAyB,CAC7C,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE;gBAC/C,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EAAE,KAAK,CAAC,OAAO;aACtB,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,kEAAkE,CACnE,CAAC;YACF,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QAED,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC9C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;YAC9C,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,kBAAkB,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;SACnD,CAAC,CAAC;QAEH,IAAI,CAAC,WAAW,GAAG,IAAI,OAAO,CAAa,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YAC7D,IAAI,CAAC,kBAAkB,GAAG,OAAO,CAAC;YAClC,IAAI,CAAC,iBAAiB,GAAG,MAAM,CAAC;YAEhC,IAAI,CAAC,iCAAiC,CAAC,WAAW,CAAC,CAAC;YACpD,IAAI,CAAC,0BAA0B,EAAE,CAAC;QACpC,CAAC,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,WAAW,CAAC;IAC1B,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;YACjE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;YAChD,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,WAAW;SAChC,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,QAAQ,CAAC;QACnC,IAAI,CAAC,MAAM,CAAC,iBAAiB,GAAG,UAAU,CAAC;QAE3C,oCAAoC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;YAC7C,cAAc,EAAE,CAAC,CAAC,SAAS;YAC3B,WAAW,EAAE,SAAS,EAAE,EAAE;YAC1B,cAAc,EAAE,SAAS,EAAE,SAAS;SACrC,CAAC,CAAC;QAEH,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,wJAAwJ,EACxJ,kBAAkB,CAAC,mBAAmB,CACvC,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACjC,MAAM,KAAK,CAAC;QACd,CAAC;QAED,wDAAwD;QACxD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;YACtE,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;YAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;YACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;QACrC,CAAC;QAED,0DAA0D;QAC1D,IAAI,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,2DAA2D,CAC5D,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;QAE3E,IAAI,CAAC;YACH,yEAAyE;YACzE,6DAA6D;YAE7D,2EAA2E;YAC3E,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;gBACpB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;gBAC/C,IAAI,CAAC,SAAS,GAAG,MAAM,iBAAiB,CACtC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAC/B,CAAC;YACJ,CAAC;YAED,qDAAqD;YACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;YAChD,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAE1B,qDAAqD;YACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;YACxD,MAAM,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACjC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;QAC9D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,YAAY,GAChB,KAAK,YAAY,KAAK;gBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;gBACf,CAAC,CAAC,kCAAkC,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;gBACtD,KAAK,EAAE,YAAY;gBACnB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;aACxD,CAAC,CAAC;YACH,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAEO,KAAK,CAAC,8BAA8B;QAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,6DAA6D,EAC7D;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,iBAAiB,EAAE,CAAC,CAAC,IAAI,CAAC,iBAAiB;YAC3C,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,cAAc;SACtC,CACF,CAAC;QACF,IAAI,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACpD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,UAAU,CAAC;QACrC,IAAI,CAAC,iBAAiB,CAAC,eAAe,EAAE,CAAC;QACzC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;YAChD,MAAM,EACJ,6FAA6F;YAC/F,KAAK,EAAE;gBACL,IAAI,EAAE,6BAA6B;gBACnC,SAAS,EAAE,aAAa,CAAC,2BAA2B;gBACpD,UAAU,EACR,6FAA6F;aAChG;SACF,CAAC,CAAC;QACH,kDAAkD;QAClD,UAAU,CAAC,GAAG,EAAE;YACd,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,UAAU,CAAC;QACpC,CAAC,EAAE,GAAG,CAAC,CAAC;IACV,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iCAAiC,CAC7C,WAAmB;QAEnB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;YAC/D,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,QAAQ,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBAChC,KAAK,UAAU;oBACb,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;oBAC3C,IAAI,CAAC,MAAM,CAAC,cAAc,CACxB,WAAW,EACX,yBAAyB,EACzB,OAAO,CACR,CAAC;oBACF,MAAM;gBAER,KAAK,SAAS;oBACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;oBAC1C,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;wBACvB,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;oBACnD,CAAC;oBACD,MAAM,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;oBACtD,MAAM;gBAER,KAAK,QAAQ,CAAC;gBACd,OAAO,CAAC,CAAC,CAAC;oBACR,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;oBAC1C,IAAI,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;wBACpD,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;oBACpD,CAAC;oBACD,IAAI,aAAa,CAAC,2BAA2B,EAAE,CAAC;wBAC9C,OAAO,IAAI,CAAC,8BAA8B,EAAE,CAAC;oBAC/C,CAAC;oBAED,MAAM,aAAa,GACjB,MAAM,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;oBAC7D,IAAI,CAAC,cAAc,CAAC,mBAAmB,CAAC,aAAa,CAAC,CAAC;oBACvD,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,UAAU,EAAE,CAAC;gBAChC,MAAM,IAAI,CAAC,4BAA4B,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;YAC9D,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,eAAe,CAClB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,4BAA4B,CACxC,WAAmB,EACnB,KAAiB;QAEjB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;YACjE,mBAAmB,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YAC5C,KAAK,EAAE,KAAK,CAAC,OAAO;SACrB,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;YACxC,MAAM,EAAE,8CAA8C;SACvD,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YAEpD,0CAA0C;YAC1C,IAAI,CAAC,OAAO,EAAE,CAAC;YAEf,0DAA0D;YAC1D,IAAI,CAAC,MAAM,CAAC,WAAW,GAAG,UAAU,CAAC;YAErC,6DAA6D;YAC7D,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC;YAElD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC,CAAC;YACzE,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,eAAe,CAAC;YACvC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QACxD,CAAC;QAAC,OAAO,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE;gBAC9C,KAAK,EAAE,aAAa;gBACpB,WAAW,EAAE,WAAW;aACzB,CAAC,CAAC;YAEH,MAAM,aAAa,GAAG,IAAI,cAAc,CACtC,uGAAuG,EACvG,kBAAkB,CAAC,WAAW,CAC/B,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EAAE,aAAa,CAAC,OAAO;aAC9B,CAAC,CAAC;YACH,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,0BAA0B;QAChC,kFAAkF;QAClF,IACE,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;YACpC,IAAI,CAAC,MAAM,CAAC,iBAAiB,KAAK,UAAU,EAC5C,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,4DAA4D,EAC5D;gBACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aACjD,CACF,CAAC;YACF,OAAO;QACT,CAAC;QAED,iCAAiC;QACjC,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,GAAG,CAAC,EAAE,CAAC;YACzE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE;gBACvD,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBACvC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;aACjD,CAAC,CAAC;YAEH,IAAI,CAAC,wBAAwB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;gBACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;gBACrD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;oBACxC,MAAM,EAAE,0BAA0B;iBACnC,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,0BAA0B,EAC1B,kBAAkB,CAAC,oBAAoB,CACxC,CAAC;gBACF,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;YAC9B,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,MAAkB;QAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAChD,IAAI,CAAC,kBAAkB,EAAE,CAAC,MAAM,CAAC,CAAC;QAElC,oEAAoE;QACpE,6EAA6E;QAC7E,MAAM,cAAc,GAClB,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;YACpC,IAAI,CAAC,MAAM,CAAC,iBAAiB,KAAK,UAAU,CAAC;QAE/C,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,wDAAwD,CACzD,CAAC;YACF,qEAAqE;YACrE,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,sDAAsD;YACtD,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,KAAY;QAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACvE,IAAI,CAAC,iBAAiB,EAAE,CAAC,KAAK,CAAC,CAAC;QAEhC,6DAA6D;QAC7D,6CAA6C;QAC7C,MAAM,cAAc,GAClB,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ;YACpC,IAAI,CAAC,MAAM,CAAC,iBAAiB,KAAK,UAAU,CAAC;QAE/C,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;YACF,qEAAqE;YACrE,IAAI,CAAC,uBAAuB,EAAE,CAAC;QACjC,CAAC;aAAM,CAAC;YACN,sDAAsD;YACtD,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,SAAkB;QAC3C,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;QAE3B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;YAC/D,SAAS;SACV,CAAC,CAAC;QAEH,+BAA+B;QAC/B,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,IAAI,CAAC,iBAAiB,CAAC,aAAa,EAAE,CAAC;QACzC,CAAC;QAED,uDAAuD;QACvD,IAAI,SAAS,EAAE,CAAC;YACd,wCAAwC;YAExC,0CAA0C;YAC1C,IAAI,CAAC,MAAM,CAAC,cAAc,CACxB,SAAS,EACT,8CAA8C,EAC9C,OAAO,CACR,CAAC;YAEF,OAAO;QACT,CAAC;QAED,IAAI,CAAC,YAAY,EAAE;aAChB,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;YAChB,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,yBAAyB,EAAE,OAAO,CAAC,CAAC;QAC1E,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gDAAgD,EAAE;gBAClE,KAAK;aACN,CAAC,CAAC;YACH,MAAM,aAAa,GAAG,IAAI,cAAc,CACtC,uCAAuC,EACvC,kBAAkB,CAAC,WAAW,CAC/B,CAAC;YACF,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACP,CAAC;IAED;;OAEG;IACK,uBAAuB,CAC7B,gBAAwB,6DAA6D;QAErF,MAAM,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,yDAAyD,CAC1D,CAAC;YACF,OAAO;QACT,CAAC;QACD,MAAM,eAAe,GAAG,QAAQ,CAAC,cAAc,CAC7C,kCAAkC,CACnC,CAAC;QACF,IAAI,eAAe,IAAI,eAAe,CAAC,UAAU,EAAE,CAAC;YAClD,eAAe,CAAC,UAAU,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;QAC1D,CAAC;QACD,MAAM,cAAc,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QACrD,cAAc,CAAC,EAAE,GAAG,kCAAkC,CAAC;QACvD,cAAc,CAAC,KAAK,CAAC,OAAO;YAC1B,qSAAqS,CAAC;QACxS,cAAc,CAAC,SAAS;YACtB,wDAAwD;gBACxD,yCAAyC;gBACzC,OAAO;gBACP,oCAAoC;gBACpC,gCAAgC;gBAChC,aAAa;gBACb,SAAS;gBACT,QAAQ;gBACR,QAAQ,CAAC;QAEX,IAAI,gBAAgB,CAAC,SAAS,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACtD,SAAS,CAAC,KAAK,CAAC,QAAQ,GAAG,UAAU,CAAC;QACxC,CAAC;QAED,SAAS,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAEtC,UAAU,CAAC,GAAG,EAAE;YACd,IAAI,cAAc,CAAC,UAAU,EAAE,CAAC;gBAC9B,cAAc,CAAC,UAAU,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;YACxD,CAAC;QACH,CAAC,EAAE,KAAK,CAAC,CAAC;QACV,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACK,wBAAwB;QAC9B,IAAI,CAAC,yBAAyB,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE;YACtD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YACpD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EAAE,iDAAiD;aAC1D,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,iDAAiD,EACjD,kBAAkB,CAAC,oBAAoB,CACxC,CAAC;YACF,IAAI,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;QAC9B,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC,aAAa;IAC1B,CAAC;IAED;;OAEG;IACK,mBAAmB;QACzB,IAAI,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,KAAK,QAAQ,EAAE,CAAC;YAC3D,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CACrC,IAAI,CAAC,MAAM,CAAC,sBAAsB,CACnC,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,8BAA8B,IAAI,CAAC,MAAM,CAAC,sBAAsB,aAAa,CAC9E,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;QAC5C,CAAC;QAED,6DAA6D;QAC7D,MAAM,iBAAiB,GAAG,QAAQ,CAAC,cAAc,CAC/C,uBAAuB,CACT,CAAC;QACjB,IAAI,iBAAiB,EAAE,CAAC;YACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,0DAA0D,CAC3D,CAAC;YACF,OAAO,iBAAiB,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc;QAC1B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;YAC7C,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;YAChC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;SACrC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,8DAA8D;YAC9D,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAClD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gEAAgE,CACjE,CAAC;gBACF,OAAO;YACT,CAAC;YAED,kDAAkD;YAClD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;YACtE,CAAC;YAED,MAAM,eAAe,GAAG,MAAM,uBAAuB,CAAC;gBACpD,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;gBAC3C,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,WAAW,EAAE;oBACX,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO;oBACxC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,IAAI,uBAAuB;iBAChE;gBACD,cAAc,EAAE,IAAI,CAAC,OAAO;aAC7B,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE,EAAE,eAAe,EAAE,CAAC,CAAC;YAEvE,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,aAAa,GAAG,QAAQ,CAAC,cAAc,CAC3C,oBAAoB,CAAC,iBAAiB,CACvC,CAAC;gBACF,MAAM,WAAW,GAAG,QAAQ,CAAC,cAAc,CACzC,oBAAoB,CAAC,eAAe,CACrC,CAAC;gBAEF,IAAI,aAAa,EAAE,CAAC;oBAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;oBAC3C,IAAI,QAAQ,GAAG,IAAI,CAAC;oBACpB,MAAM,YAAY,GAAG,aAAa,CAAC,YAAY,CAAC,gBAAgB,CAAC,CAAC;oBAClE,IAAI,YAAY,EAAE,CAAC;wBACjB,IAAI,CAAC;4BACH,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;wBACtC,CAAC;wBAAC,OAAO,KAAK,EAAE,CAAC;4BACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;wBAC9D,CAAC;oBACH,CAAC;oBACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE;wBAC3C,MAAM,EAAE,iCAAiC;wBACzC,IAAI,EAAE,QAAQ;qBACf,CAAC,CAAC;gBACL,CAAC;qBAAM,IAAI,WAAW,EAAE,CAAC;oBACvB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;oBAC1C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;wBACxC,MAAM,EAAE,WAAW,CAAC,WAAW,IAAI,+BAA+B;qBACnE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAC3D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBACxC,MAAM,EACJ,KAAK,YAAY,KAAK;oBACpB,CAAC,CAAC,KAAK,CAAC,OAAO;oBACf,CAAC,CAAC,+BAA+B;aACtC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACI,OAAO;QACZ,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QAEtD,oBAAoB;QACpB,IAAI,CAAC,iBAAiB,EAAE,aAAa,EAAE,CAAC;QAExC,oBAAoB;QACpB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACnD,IAAI,CAAC,wBAAwB,GAAG,SAAS,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,yBAAyB,EAAE,CAAC;YACnC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;YACpD,IAAI,CAAC,yBAAyB,GAAG,SAAS,CAAC;QAC7C,CAAC;QAED,cAAc;QACd,IAAI,CAAC,cAAc,GAAG,KAAK,CAAC;QAC5B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;QACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;QAEnC,gCAAgC;QAChC,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,MAAM,CAAC,mBAAmB,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;IAED;;OAEG;IACK,uBAAuB;QAC7B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sEAAsE,CACvE,CAAC;QAEF,oBAAoB;QACpB,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACnD,IAAI,CAAC,wBAAwB,GAAG,SAAS,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,yBAAyB,EAAE,CAAC;YACnC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;YACpD,IAAI,CAAC,yBAAyB,GAAG,SAAS,CAAC;QAC7C,CAAC;QAED,cAAc;QACd,IAAI,CAAC,cAAc,GAAG,KAAK,CAAC;QAC5B,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;QAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;QACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;QAEnC,oDAAoD;IACtD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,iBAAiB;QAC5B,OAAO,IAAI,CAAC,cAAc,CAAC,iBAAiB,EAAE,IAAI,IAAI,CAAC;IACzD,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,4BAA4B;QACvC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC/C,OAAO,wBAAwB,CAAC,OAAO,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,eAAe;QAC1B,OAAO,IAAI,CAAC,cAAc,CAAC,eAAe,EAAE,IAAI,KAAK,CAAC;IACxD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,cAAc;QACzB,OAAO,IAAI,CAAC,cAAc,CAAC,cAAc,EAAE,IAAI,IAAI,CAAC;IACtD,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,YAAY;QACvB,OAAO,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;IAC5C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,aAAa;QACxB,OAAO,IAAI,CAAC,cAAc,CAAC,aAAa,EAAE,CAAC;IAC7C,CAAC;IAED;;OAEG;IACI,sBAAsB;QAC3B,OAAO,IAAI,CAAC,cAAc,CAAC,sBAAsB,EAAE,IAAI,IAAI,CAAC;IAC9D,CAAC;IAED;;;;;;;;;;;;;;;;;;;OAmBG;IACI,WAAW,CAAC,QAAgB;QACjC,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QAEzB,kEAAkE;QAClE,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,IAAI,CAAC,cAAc,CAAC,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QACxD,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iDAAiD,EAAE;YAClE,QAAQ,EAAE,IAAI,CAAC,QAAQ;SACxB,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACI,aAAa;QAClB,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC;QAE1B,mDAAmD;QACnD,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,IAAI,CAAC,cAAc,CAAC,yBAAyB,EAAE,CAAC;QAClD,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;IAC7E,CAAC;IAED;;;OAGG;IACI,WAAW;QAChB,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;;OAGG;IACI,oBAAoB,CAAC,IAA0B;QACpD,IAAI,CAAC,MAAM,CAAC,iBAAiB,GAAG,IAAI,CAAC;QACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mCAAmC,IAAI,EAAE,CAAC,CAAC;IAC/D,CAAC;IAED;;;OAGG;IACI,oBAAoB;QACzB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;IACvC,CAAC;IAED;;;;OAIG;IACI,cAAc;QACnB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QAEF,yDAAyD;QACzD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC;YACxE,IAAI,CAAC,WAAW,GAAG,SAAS,CAAC;YAC7B,IAAI,CAAC,kBAAkB,GAAG,SAAS,CAAC;YACpC,IAAI,CAAC,iBAAiB,GAAG,SAAS,CAAC;QACrC,CAAC;QAED,6CAA6C;QAC7C,IAAI,IAAI,CAAC,wBAAwB,EAAE,CAAC;YAClC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACnD,IAAI,CAAC,wBAAwB,GAAG,SAAS,CAAC;QAC5C,CAAC;QAED,IAAI,IAAI,CAAC,yBAAyB,EAAE,CAAC;YACnC,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;YACpD,IAAI,CAAC,yBAAyB,GAAG,SAAS,CAAC;QAC7C,CAAC;QAED,mBAAmB;QACnB,IAAI,CAAC,cAAc,GAAG,KAAK,CAAC;QAC5B,IAAI,CAAC,gBAAgB,GAAG,KAAK,CAAC;QAE9B,uCAAuC;QACvC,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3B,IAAI,CAAC,iBAAiB,CAAC,aAAa,EAAE,CAAC;QACzC,CAAC;IACH,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,OAAO;QAClB,IAAI,CAAC,OAAO,EAAE,CAAC;QACf,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;QACpC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,MAAM;QACjB,IAAI,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YAC/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,gBAAgB,EAAE;gBAC3C,MAAM,EAAE,wBAAwB;aACjC,CAAC,CAAC;YAEH,0EAA0E;YAC1E,iEAAiE;YACjE,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAClB,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,iEAAiE,CAClE,CAAC;gBACF,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;gBACjD,MAAM,SAAS,GAAG,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;gBACpE,MAAM,gBAAgB,GAAG,kBAAkB,CACzC,UAAU,EACV,SAAS,CAAC,MAAM,CACjB,CAAC;gBAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE;oBAC5C,MAAM,EAAE,2DAA2D;iBACpE,CAAC,CAAC;gBAEH,yEAAyE;gBACzE,MAAM,KAAK,GAAG,aAAa,CAAC;oBAC1B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;oBAChD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW;oBAC/C,UAAU,EAAE,UAAU,EAAE;iBACzB,CAAC,CAAC;gBAEH,4DAA4D;gBAC5D,0DAA0D;gBAC1D,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,gBAAgB,CAAC,CAAC;gBAC5C,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;oBAClC,SAAS,CAAC,YAAY,CAAC,GAAG,CACxB,mBAAmB,EACnB,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAC9B,CAAC;gBACJ,CAAC;gBAED,oDAAoD;gBACpD,SAAS,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;gBAE3C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;oBAC/D,GAAG,EAAE,SAAS,CAAC,QAAQ,EAAE;oBACzB,IAAI,EAAE,SAAS,CAAC,QAAQ;oBACxB,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;oBAChD,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;iBACrC,CAAC,CAAC;gBAEH,sDAAsD;gBACtD,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;gBAEnC,OAAO;YACT,CAAC;YAED,kDAAkD;YAClD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;YAChE,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAElD,IAAI,CAAC,MAAM,EAAE,QAAQ,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;gBACtE,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAChC,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;gBACzC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE;oBAC5C,MAAM,EAAE,uBAAuB;iBAChC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;gBACpB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACrD,CAAC;YAED,iEAAiE;YACjE,MAAM,KAAK,GAAG,aAAa,CAAC;gBAC1B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,QAAQ;gBAChD,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,WAAW;gBAC/C,UAAU,EAAE,UAAU,EAAE;aACzB,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8CAA8C,EAAE;gBAC/D,cAAc,EAAE,KAAK;gBACrB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;aACrC,CAAC,CAAC;YAEH,yEAAyE;YACzE,gEAAgE;YAEhE,gDAAgD;YAChD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAChE,CAAC;YAED,sBAAsB;YACtB,MAAM,SAAS,GAAG,MAAM,sBAAsB,CAAC;gBAC7C,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;gBAC9B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;gBAC1C,OAAO,EAAE,MAAM,CAAC,QAAQ;gBACxB,KAAK,EAAE,KAAK;gBACZ,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,kBAAkB;aAC5C,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,yBAAyB,EAAE;gBAC1C,SAAS,EAAE,SAAS,CAAC,QAAQ,EAAE;aAChC,CAAC,CAAC;YAEH,+EAA+E;YAC/E,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;YAE9C,mDAAmD;YACnD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE;gBAC5C,MAAM,EAAE,mBAAmB;aAC5B,CAAC,CAAC;YAEH,8EAA8E;YAC9E,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAC;QACrC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAChD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE;gBACzC,MAAM,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC/D,CAAC,CAAC;YACH,MAAM,IAAI,cAAc,CACtB,eAAe,EACf,kBAAkB,CAAC,aAAa,CACjC,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,kBAAkB,CAAC,SAAc;QACvC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QAE3D,MAAM,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC,QAAQ,CAAC,CAAC;QACtD,YAAY,CAAC,KAAK,CAAC,OAAO,GAAG,MAAM,CAAC;QAEpC,oDAAoD;QACpD,MAAM,aAAa,GAAG,GAAG,EAAE;YACzB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YAEjD,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,CAAC;gBAC7B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC;gBACxE,OAAO;YACT,CAAC;YAED,YAAY,CAAC,UAAU,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;YAElD,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;gBAClC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,iEAAiE,EACjE;oBACE,iBAAiB,EAAE,IAAI,CAAC,MAAM,CAAC,iBAAiB;iBACjD,CACF,CAAC;gBACF,qEAAqE;gBACrE,oEAAoE;gBACpE,MAAM,CAAC,QAAQ,CAAC,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;YACvD,CAAC;QACH,CAAC,CAAC;QAEF,YAAY,CAAC,MAAM,GAAG,GAAG,EAAE;YACzB,aAAa,EAAE,CAAC;QAClB,CAAC,CAAC;QACF,YAAY,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,EAAE;YAC/B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YAC/D,aAAa,EAAE,CAAC;QAClB,CAAC,CAAC;QAEF,YAAY,CAAC,GAAG,GAAG,SAAS,CAAC,QAAQ,EAAE,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,CAAC;IAC1C,CAAC;IAED;;;OAGG;IACK,KAAK,CAAC,wBAAwB;QACpC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAElC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE;gBACvD,UAAU,EAAE,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAChC,aAAa,EAAE,CAAC,CAAC,KAAK;gBACtB,UAAU,EAAE,KAAK;gBACjB,SAAS,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;aAClC,CAAC,CAAC;YAEH,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,sDAAsD,CACvD,CAAC;gBACF,OAAO,CAAC,yCAAyC;YACnD,CAAC;YAED,sDAAsD;YACtD,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YAE/D,yEAAyE;YACzE,kDAAkD;YAClD,MAAM,YAAY,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC;YAE/C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;gBAC7C,QAAQ,EAAE,KAAK;gBACf,YAAY;gBACZ,iBAAiB;gBACjB,WAAW,EAAE,KAAK,KAAK,iBAAiB;gBACxC,YAAY,EAAE,YAAY,KAAK,iBAAiB;aACjD,CAAC,CAAC;YAEH,IAAI,KAAK,KAAK,iBAAiB,IAAI,YAAY,KAAK,iBAAiB,EAAE,CAAC;gBACtE,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;oBAC9C,KAAK;oBACL,iBAAiB;iBAClB,CAAC,CAAC;gBAEH,0CAA0C;gBAC1C,MAAM,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAChC,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE,CAAC;gBAEzC,yCAAyC;gBACzC,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;gBAExC,6BAA6B;gBAC7B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,iBAAiB,EAAE;oBAC5C,MAAM,EAAE,0BAA0B;iBACnC,CAAC,CAAC;gBAEH,4CAA4C;gBAC5C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACpD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC;gBAE1D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE;oBACnD,QAAQ;iBACT,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,EAAE;oBACjE,QAAQ,EAAE,KAAK;oBACf,iBAAiB;iBAClB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YACpE,sDAAsD;QACxD,CAAC;IACH,CAAC;CACF;AAID,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC","sourcesContent":["import { AuthEvent } from \"../types/index.js\";\nimport type { Endpoints, AuthStorage } from \"../../types.js\";\nimport { buildAuthUrl, extractTokensFromSession } from \"../utils/auth-utils.js\";\nimport type { AuthResult, Session } from \"../types/index.js\";\nimport type { createLogger } from \"../utils/logger.js\";\nimport {\n createMainLogger,\n configureLogging,\n setCurrentLogger,\n} from \"../utils/logger.js\";\nimport { GenericPublicClientPKCEProducer } from \"../../services/PKCE.js\";\nimport { generateState } from \"../../lib/oauth.js\";\nimport { SessionManager } from \"./SessionManager.js\";\nimport { AuthenticationEvents } from \"./AuthenticationEvents.js\";\nimport { PopupError } from \"../../services/types.js\";\nimport { getVersion } from \"../../shared/index.js\";\nimport { handleOAuthRedirectPage } from \"./handlers/OAuthCallbackHandler.js\";\nimport {\n generateOauthLogoutUrl,\n clearTokens,\n retrieveTokens,\n getBackendEndpoints,\n resolveEndpointUrl,\n} from \"../../shared/lib/util.js\";\nimport { LOGOUT_STATE } from \"../../constants.js\";\nimport { getOauthEndpoints } from \"../../lib/oauth.js\";\nimport { collectAndSendSDKAnalytics } from \"../../lib/analytics.js\";\nimport type { AuthConfig } from \"../../server/config.js\";\n\n// Import new modular components\nimport type {\n CivicAuthClientConfig,\n ProcessedCivicAuthConfig,\n} from \"./types/AuthTypes.js\";\nimport {\n CivicAuthError,\n CivicAuthErrorCode,\n CIVIC_AUTH_CONSTANTS,\n} from \"./types/AuthTypes.js\";\nimport { processConfigWithDefaults } from \"./config/ConfigProcessor.js\";\nimport { MessageHandler } from \"./handlers/MessageHandler.js\";\nimport { PopupHandler } from \"./handlers/PopupHandler.js\";\nimport { IframeAuthHandler } from \"./handlers/IframeAuthHandler.js\";\nimport { IframeManager } from \"../iframe/IframeManager.js\";\n\n/**\n * CivicAuth client for handling OAuth authentication\n *\n * This is a refactored version that uses a modular architecture for better maintainability.\n */\nexport class CivicAuth {\n private config: ProcessedCivicAuthConfig;\n private storage: AuthStorage;\n private endpoints?: Endpoints;\n private logger: ReturnType<typeof createLogger>;\n private sessionManager: SessionManager;\n private events: AuthenticationEvents;\n private initialDisplayMode:\n | \"iframe\"\n | \"modal\"\n | \"redirect\"\n | \"new_tab\"\n | \"custom_tab\";\n\n // Authentication state\n private authPromise?: Promise<AuthResult>;\n private authPromiseResolve?: (value: AuthResult) => void;\n private authPromiseReject?: (reason?: Error) => void;\n private authProcessTimeoutHandle?: number;\n private popupFailureTimeoutHandle?: number;\n private hasPopupFailed: boolean = false;\n private hasSignInStarted: boolean = false;\n\n // Backend integration - custom login URL\n private loginUrl?: string;\n\n // Handlers\n private messageHandler?: MessageHandler;\n private popupHandler?: PopupHandler;\n private iframeAuthHandler?: IframeAuthHandler;\n\n /**\n * Private constructor - initializes configuration and handlers.\n * Use {@link CivicAuth.create} to create a new instance.\n */\n private constructor(config: CivicAuthClientConfig) {\n // Process config with defaults and validation\n this.config = processConfigWithDefaults(config);\n this.initialDisplayMode = this.config.displayMode;\n\n // Set loginUrl from config if provided\n this.loginUrl = this.config.loginUrl;\n\n // Configure logging\n configureLogging(this.config.logging);\n\n // Initialize logger - always use \"vanillajs\" as base namespace\n if (this.config.logging?.enabled) {\n this.logger = createMainLogger(\"vanillajs\"); // Always use \"vanillajs\"\n } else {\n this.logger = {\n debug: () => {},\n info: () => {},\n warn: () => {},\n error: () => {},\n };\n }\n\n setCurrentLogger(this.logger);\n this.storage = this.config.storageAdapter;\n\n // Always initialize events - use provided events or create default instance\n this.events = config.events || new AuthenticationEvents();\n\n // Always initialize SessionManager\n this.sessionManager = new SessionManager(\n this.storage,\n this.events,\n this.config,\n this.config.initialUser,\n );\n\n // Initialize handlers\n this.initializeHandlers();\n }\n\n /**\n * Creates and initializes a new instance of CivicAuth.\n * This is the recommended way to create a CivicAuth instance.\n *\n * @param config - Configuration options for the auth client\n * @returns A promise that resolves with the initialized CivicAuth instance\n * @throws {CivicAuthError} If initialization fails or required configuration is missing\n *\n * @example\n * ```typescript\n * // Standard SPA authentication\n * const auth = await CivicAuth.create({\n * clientId: \"your-client-id\",\n * // redirectUrl is optional - defaults to current page (window.location.origin + window.location.pathname)\n * redirectUrl: \"https://your-app.com/callback\", // optional\n * // logoutRedirectUrl is optional - defaults to redirectUrl if not provided\n * logoutRedirectUrl: \"https://your-app.com/logout\", // optional\n * // oauthServerBaseUrl is optional - defaults to \"https://auth.civic.com/oauth\"\n * oauthServerBaseUrl: \"https://auth-server.com/\", // optional\n * // scopes is optional - defaults to ['openid', 'profile', 'email', 'offline_access']\n * scopes: [\"openid\", \"profile\"], // optional\n * targetContainerElement: \"auth-container\",\n * textSignals: {\n * success: \"Authentication successful!\"\n * }\n * });\n *\n * // Backend integration authentication\n * const authWithBackend = await CivicAuth.create({\n * clientId: \"your-client-id\",\n * loginUrl: \"http://example.com/custom-backendurl\" // Automatically uses BrowserCookieStorage\n * });\n * ```\n */\n public static async create(\n config: CivicAuthClientConfig,\n ): Promise<CivicAuth> {\n const instance = new CivicAuth(config);\n await instance.init();\n return instance;\n }\n\n /**\n * Initializes the auth client and checks for callback handling\n */\n private async init(): Promise<void> {\n this.logger.info(\"🚀 Initializing CivicAuth\", {\n currentUrl: window.location.href,\n redirectUrl: this.config.redirectUrl,\n oauthServerBaseUrl: this.config.oauthServerBaseUrl,\n isCallbackUrl: window.location.href.startsWith(this.config.redirectUrl),\n });\n\n try {\n // Get OAuth endpoints using shared function (handles trailing slash automatically)\n this.endpoints = await getOauthEndpoints(this.config.oauthServerBaseUrl);\n\n this.logger.info(\"🔗 OAuth endpoints configured\", {\n endpoints: this.endpoints,\n });\n\n // Initialize SessionManager with auth config\n if (this.sessionManager) {\n const loginUrl = this.config.loginUrl || this.loginUrl;\n\n // Construct authConfig based on our discriminated union pattern\n const authConfig: AuthConfig =\n loginUrl && !this.config.clientId\n ? {\n // Backend integration mode: loginUrl required, clientId optional\n loginUrl,\n redirectUrl: this.config.redirectUrl,\n oauthServer: this.config.oauthServerBaseUrl,\n backendEndpoints: this.config.backendEndpoints,\n }\n : {\n // Standard OAuth mode: clientId required, loginUrl optional\n clientId: this.config.clientId!,\n loginUrl,\n redirectUrl: this.config.redirectUrl,\n oauthServer: this.config.oauthServerBaseUrl,\n backendEndpoints: this.config.backendEndpoints,\n };\n\n this.logger.info(\"🔧 Initializing SessionManager\", { authConfig });\n await this.sessionManager.initializeWithAuthConfig(authConfig);\n }\n\n // Check if we're on the callback page\n const isCallbackPage = window.location.href.startsWith(\n this.config.redirectUrl,\n );\n this.logger.info(\"🔍 Callback page check\", {\n isCallbackPage,\n currentUrl: window.location.href,\n redirectUrl: this.config.redirectUrl,\n });\n\n // Handle logout state cleanup first (before processing auth callbacks)\n await this.handleLogoutStateCleanup();\n\n if (isCallbackPage) {\n this.logger.info(\"📞 Processing callback page\");\n await this.handleCallback();\n } else {\n this.logger.info(\"🏠 Not a callback page, initialization complete\");\n }\n\n // Check if we're in embedded mode - we need to show the iframe\n // Note: After config processing, \"embedded\" displayMode becomes \"iframe\" + iframeDisplayMode: \"embedded\"\n const isEmbeddedMode =\n this.config.displayMode === \"iframe\" &&\n this.config.iframeDisplayMode === \"embedded\";\n\n this.logger.info(\"🔍 Checking display mode conditions\", {\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n isEmbeddedMode,\n preloadIframe: this.config.preloadIframe,\n });\n\n if (isEmbeddedMode) {\n // For embedded mode, we need to start authentication to show the iframe\n try {\n this.logger.info(\n \"🖼️ Starting authentication for embedded mode to show iframe...\",\n );\n await this.startAuthentication();\n this.logger.info(\n \"✅ Embedded iframe authentication started successfully\",\n );\n } catch (error) {\n // Don't fail initialization if embedded authentication fails - graceful degradation\n this.logger.warn(\n \"⚠️ Embedded authentication failed (graceful degradation):\",\n {\n error: error instanceof Error ? error.message : String(error),\n },\n );\n }\n } else if (\n this.config.preloadIframe &&\n this.config.displayMode === \"iframe\"\n ) {\n // Regular iframe preloading logic for modal mode\n try {\n const isAuthenticated = await this.isAuthenticated();\n this.logger.info(\"🔍 Authentication check for preload\", {\n isAuthenticated,\n });\n\n if (!isAuthenticated) {\n this.logger.info(\n \"🔄 Auto-preloading iframe for instant sign-in...\",\n );\n await this.preloadAuthentication();\n this.logger.info(\"✅ Iframe auto-preloaded successfully\");\n } else {\n this.logger.debug(\n \"ℹ️ User already authenticated, skipping preload\",\n );\n }\n } catch (error) {\n // Don't fail initialization if preloading fails - graceful degradation\n this.logger.warn(\n \"⚠️ Auto-preloading failed (graceful degradation):\",\n {\n error: error instanceof Error ? error.message : String(error),\n },\n );\n }\n } else {\n this.logger.info(\"ℹ️ Auto-preload conditions not met\", {\n preloadIframe: this.config.preloadIframe,\n displayMode: this.config.displayMode,\n isEmbeddedMode,\n reason: isEmbeddedMode\n ? \"embedded mode uses startAuthentication instead\"\n : !this.config.preloadIframe\n ? \"preloadIframe is disabled\"\n : \"displayMode is not iframe\",\n });\n }\n } catch (error) {\n const errorMessage =\n error instanceof Error\n ? error.message\n : \"Failed to initialize authentication\";\n this.logger.error(\"❌ CivicAuth initialization failed\", {\n error: errorMessage,\n stack: error instanceof Error ? error.stack : undefined,\n });\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: errorMessage,\n });\n throw new CivicAuthError(errorMessage, CivicAuthErrorCode.INIT_FAILED);\n }\n }\n\n /**\n * Initialize all handlers with proper configuration\n */\n private initializeHandlers(): void {\n const handlerConfig = {\n config: this.config,\n logger: this.logger,\n onAuthSuccess: this.handleAuthSuccess.bind(this),\n onAuthError: this.handleAuthError.bind(this),\n cleanup: this.cleanup.bind(this),\n };\n\n this.messageHandler = new MessageHandler({\n ...handlerConfig,\n onPopupFailure: this.handlePopupFailure.bind(this),\n onBrowserCorsFailsSilently: async () => {\n if (this.hasSignInStarted) {\n await this.handleBrowserCorsFailsSilently();\n }\n },\n });\n\n this.popupHandler = new PopupHandler(handlerConfig);\n\n this.iframeAuthHandler = new IframeAuthHandler({\n ...handlerConfig,\n messageHandler: this.messageHandler.handleMessage,\n });\n\n // Set up automatic re-preloading when authentication is cancelled\n this.setupAutoRepreload();\n }\n\n /**\n * Set up automatic re-preloading when authentication is cancelled by user\n * This maintains instant sign-in experience for subsequent attempts\n */\n private setupAutoRepreload(): void {\n this.events.on(AuthEvent.SIGN_IN_STARTED, () => {\n this.hasSignInStarted = true;\n });\n this.events.on(AuthEvent.SIGN_IN_ERROR, (event?: { detail?: string }) => {\n // Only re-preload for iframe mode with user cancellation and preload enabled\n if (\n this.config.displayMode === \"iframe\" &&\n this.config.preloadIframe &&\n event?.detail === \"Authentication cancelled by user\"\n ) {\n this.logger.debug(\n \"🔄 Authentication cancelled, scheduling re-preload for instant subsequent sign-in\",\n );\n\n // Small delay to ensure cleanup is complete\n setTimeout(async () => {\n try {\n await this.preloadAuthentication();\n this.logger.debug(\n \"✅ Re-preloaded iframe after cancellation for instant sign-in\",\n );\n } catch (error) {\n // Don't fail silently, but don't crash either - just log the issue\n this.logger.warn(\n \"⚠️ Failed to re-preload iframe after cancellation:\",\n {\n error: error instanceof Error ? error.message : String(error),\n },\n );\n }\n }, 200); // Small delay to ensure cleanup completion\n }\n });\n }\n\n /**\n * Builds the authentication URL with PKCE challenge\n */\n private async buildAuthUrl(): Promise<string> {\n // If a login URL is set (for backend integration), use that instead\n if (this.loginUrl) {\n this.logger.info(\"🔗 Using login URL for backend integration\", {\n loginUrl: this.loginUrl,\n });\n\n // Generate state with display mode information for backend integration\n const state =\n this.config.initialState ||\n generateState({\n displayMode: this.config.displayMode || \"iframe\",\n iframeDisplayMode: this.config.iframeDisplayMode,\n framework: this.config.framework || \"vanillajs\",\n sdkVersion: getVersion(),\n loginSuccessUrl: this.config.loginSuccessUrl,\n });\n\n // Append state as query parameter to loginUrl\n const url = new URL(this.loginUrl, window.location.origin);\n url.searchParams.set(\"state\", state);\n url.searchParams.set(\"appUrl\", window.location.origin);\n\n this.logger.info(\"🔗 Built login URL with display mode state\", {\n loginUrl: url.toString(),\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n });\n\n return url.toString();\n }\n\n if (!this.endpoints) {\n throw new CivicAuthError(\n \"OAuth endpoints not initialized. Please wait for initialization to complete.\",\n CivicAuthErrorCode.ENDPOINTS_NOT_INITIALIZED,\n );\n }\n\n // Ensure clientId is present for OAuth flow (it should be according to our discriminated union)\n if (!this.config.clientId) {\n throw new CivicAuthError(\n \"ClientId is required for OAuth flow when loginUrl is not provided.\",\n CivicAuthErrorCode.CONFIG_REQUIRED,\n );\n }\n\n const pkceProducer = new GenericPublicClientPKCEProducer(this.storage);\n const codeChallenge = await pkceProducer.getCodeChallenge();\n const state =\n this.config.initialState ||\n generateState({\n displayMode: this.config.displayMode || \"iframe\",\n iframeDisplayMode: this.config.iframeDisplayMode,\n framework: this.config.framework || \"vanillajs\",\n sdkVersion: getVersion(),\n loginSuccessUrl: this.config.loginSuccessUrl,\n });\n\n return buildAuthUrl({\n endpoints: this.endpoints,\n clientId: this.config.clientId,\n redirectUrl: this.config.redirectUrl,\n scopes: this.config.scopes,\n codeChallenge,\n state,\n prompt: this.config.prompt,\n nonce: this.config.nonce,\n });\n }\n\n /**\n * Preloads the authentication iframe for instant sign-in\n * This creates the iframe in the background but keeps it hidden until startAuthentication() is called\n * @throws {CivicAuthError} If preloading fails or is not supported\n * @private - This method is used internally for automatic preloading\n */\n private async preloadAuthentication(): Promise<void> {\n this.logger.info(\"🎬 Preloading authentication for instant sign-in\", {\n displayMode: this.config.displayMode,\n userAgent: navigator.userAgent,\n currentUrl: window.location.href,\n });\n\n if (!this.endpoints) {\n const error = new CivicAuthError(\n \"OAuth endpoints not initialized. Please wait for initialization to complete.\",\n CivicAuthErrorCode.ENDPOINTS_NOT_INITIALIZED,\n );\n this.logger.error(\"❌ Endpoints not initialized for preload\", {\n error: error.message,\n });\n throw error;\n }\n\n // Only support preloading for iframe mode\n if (this.config.displayMode !== \"iframe\") {\n this.logger.warn(\n \"⚠️ Iframe preloading only supported for iframe display mode\",\n {\n displayMode: this.config.displayMode,\n },\n );\n return;\n }\n\n if (!this.iframeAuthHandler) {\n const error = new CivicAuthError(\n \"Iframe handler not initialized for preloading\",\n CivicAuthErrorCode.INIT_FAILED,\n );\n this.logger.error(\"❌ Iframe handler not initialized\", {\n error: error.message,\n });\n throw error;\n }\n\n const fullAuthUrl = await this.buildAuthUrl();\n this.logger.info(\"🔗 Built authentication URL for preload\", {\n url: fullAuthUrl,\n displayMode: this.config.displayMode,\n });\n\n try {\n await this.iframeAuthHandler.preloadIframe(fullAuthUrl);\n const iframeElement = this.iframeAuthHandler.getIframeElement();\n if (iframeElement) {\n this.messageHandler?.updateIframeElement(iframeElement);\n }\n\n this.logger.info(\"✅ Authentication iframe preloaded successfully\");\n } catch (error) {\n const errorMessage =\n error instanceof Error ? error.message : \"Failed to preload iframe\";\n this.logger.error(\"❌ Failed to preload authentication iframe\", {\n error: errorMessage,\n });\n throw new CivicAuthError(\n errorMessage,\n CivicAuthErrorCode.IFRAME_PRELOAD_FAILED,\n );\n }\n }\n\n /**\n * Check if authentication is preloaded and ready for instant sign-in\n * @returns True if an iframe is preloaded and ready\n */\n isAuthenticationPreloaded(): boolean {\n if (this.config.displayMode !== \"iframe\" || !this.iframeAuthHandler) {\n return false;\n }\n return this.iframeAuthHandler.hasPreloadedIframe();\n }\n\n /**\n * Enable or disable iframe preloading\n * @param enabled Whether to enable iframe preloading\n */\n setPreloadEnabled(enabled: boolean): void {\n // Preloading only makes sense for iframe mode\n if (this.config.displayMode !== \"iframe\") {\n this.logger.debug(\n \"🎯 Iframe preloading not applicable for non-iframe mode\",\n {\n displayMode: this.config.displayMode,\n enabled,\n },\n );\n return;\n }\n\n if (this.iframeAuthHandler) {\n this.iframeAuthHandler.setPreloadEnabled(enabled);\n this.logger.info(\"🎯 Iframe preloading\", { enabled });\n } else {\n this.logger.warn(\n \"⚠️ Cannot set preload enabled: iframe handler not initialized\",\n );\n }\n }\n\n /**\n * Check if iframe preloading is enabled\n * @returns True if iframe preloading is enabled\n */\n getPreloadEnabled(): boolean {\n // Preloading only makes sense for iframe mode\n if (this.config.displayMode !== \"iframe\") {\n return false;\n }\n return this.iframeAuthHandler?.getPreloadEnabled() ?? false;\n }\n\n /**\n * Starts the authentication process\n * @returns A promise that resolves with the authentication result\n * @throws {CivicAuthError} If authentication fails or times out\n */\n async startAuthentication(): Promise<AuthResult> {\n this.logger.info(\"🎬 Starting authentication process\", {\n displayMode: this.config.displayMode,\n userAgent: navigator.userAgent,\n currentUrl: window.location.href,\n });\n\n // Send SDK analytics when authentication starts\n // Fire and forget - don't block authentication if analytics fails\n collectAndSendSDKAnalytics(\n this.config.clientId,\n this.config.oauthServerBaseUrl,\n this.config.framework || \"vanillajs\",\n );\n\n if (!this.endpoints) {\n const error = new CivicAuthError(\n \"OAuth endpoints not initialized. Please wait for initialization to complete.\",\n CivicAuthErrorCode.ENDPOINTS_NOT_INITIALIZED,\n );\n this.logger.error(\"❌ Endpoints not initialized\", {\n error: error.message,\n });\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: error.message,\n });\n throw error;\n }\n\n if (this.authPromise) {\n this.logger.info(\n \"⏳ Authentication already in progress, returning existing promise\",\n );\n return this.authPromise;\n }\n\n const fullAuthUrl = await this.buildAuthUrl();\n this.logger.info(\"🔗 Built authentication URL\", {\n url: fullAuthUrl,\n displayMode: this.config.displayMode,\n authProcessTimeout: this.config.authProcessTimeout,\n });\n\n this.authPromise = new Promise<AuthResult>((resolve, reject) => {\n this.authPromiseResolve = resolve;\n this.authPromiseReject = reject;\n\n this.handleAuthenticationByDisplayMode(fullAuthUrl);\n this.setupAuthenticationTimeout();\n });\n\n return this.authPromise;\n }\n\n /**\n * Reloads embedded authentication interface\n *\n * This method is specifically designed for embedded mode scenarios where the iframe\n * needs to be recreated after navigation or DOM changes. It performs a complete\n * re-initialization by calling the full init() method.\n *\n * @returns Promise that resolves when the embedded iframe is created\n * @throws {CivicAuthError} If not in embedded mode or if iframe creation fails\n *\n * @example\n * ```typescript\n * // After navigation in a SPA\n * await civicAuth.reloadEmbedded();\n * ```\n */\n async reloadEmbedded(): Promise<void> {\n this.logger.info(\"🔄 Reloading embedded authentication interface\", {\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n authPromise: !!this.authPromise,\n });\n\n this.config.displayMode = \"iframe\";\n this.config.iframeDisplayMode = \"embedded\";\n\n // Check if container element exists\n const container = this.getContainerElement();\n this.logger.info(\"🎯 Container element check\", {\n containerFound: !!container,\n containerId: container?.id,\n containerClass: container?.className,\n });\n\n if (!container) {\n const error = new CivicAuthError(\n \"Container element for embedded iframe not found. Ensure an element with id 'civic-login-container' exists or provide targetContainerElement in config.\",\n CivicAuthErrorCode.CONTAINER_NOT_FOUND,\n );\n this.logger.error(error.message);\n throw error;\n }\n\n // Clear any existing auth promise to ensure fresh start\n if (this.authPromise) {\n this.logger.info(\"🧹 Clearing existing auth promise for fresh start\");\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n }\n\n // Clean up any existing handlers before re-initialization\n if (this.messageHandler || this.popupHandler || this.iframeAuthHandler) {\n this.logger.info(\n \"🧹 Cleaning up existing handlers before re-initialization\",\n );\n this.cleanup();\n }\n\n this.logger.info(\"🔄 Re-initializing handlers and starting embedded auth\");\n\n try {\n // Don't call init() - that would re-process config based on current page\n // Instead, do minimal re-initialization with original config\n\n // Ensure OAuth endpoints are available (they should be from original init)\n if (!this.endpoints) {\n this.logger.info(\"🔗 Getting OAuth endpoints\");\n this.endpoints = await getOauthEndpoints(\n this.config.oauthServerBaseUrl,\n );\n }\n\n // Re-initialize all handlers (creates new instances)\n this.logger.info(\"🔄 Re-initializing handlers\");\n this.initializeHandlers();\n\n // Start authentication to create the embedded iframe\n this.logger.info(\"🎬 Starting embedded authentication\");\n await this.startAuthentication();\n this.logger.info(\"✅ Embedded iframe reloaded successfully\");\n } catch (error) {\n const errorMessage =\n error instanceof Error\n ? error.message\n : \"Failed to reload embedded iframe\";\n this.logger.error(\"❌ Failed to reload embedded iframe\", {\n error: errorMessage,\n stack: error instanceof Error ? error.stack : undefined,\n });\n throw error;\n }\n }\n\n private async handleBrowserCorsFailsSilently(): Promise<Promise<void>> {\n this.logger.warn(\n \"🚨 Browser CORS fails silently - switching to redirect mode\",\n {\n displayMode: this.config.displayMode,\n iframeAuthHandler: !!this.iframeAuthHandler,\n messageHandler: !!this.messageHandler,\n },\n );\n if (!this.iframeAuthHandler || !this.messageHandler) {\n throw new Error(\"Iframe handler not initialized\");\n }\n this.config.displayMode = \"redirect\";\n this.iframeAuthHandler.forceHideIframe();\n const rebuiltUrl = await this.buildAuthUrl();\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail:\n \"Browser doesn't support popups and passkey with CORS in iframe - switching to redirect mode\",\n error: {\n type: \"browser_cors_fails_silently\",\n failedUrl: IframeManager.browserCorsFailsSilentlyUrl,\n suggestion:\n \"Browser doesn't support popups and passkey with CORS in iframe - switching to redirect mode\",\n },\n });\n // use a small delay to ensure the loader is shown\n setTimeout(() => {\n window.location.href = rebuiltUrl;\n }, 100);\n }\n\n /**\n * Handle authentication based on display mode\n */\n private async handleAuthenticationByDisplayMode(\n fullAuthUrl: string,\n ): Promise<void> {\n this.logger.info(\"🎯 Handling authentication with display mode\", {\n displayMode: this.config.displayMode,\n });\n\n try {\n switch (this.config.displayMode) {\n case \"redirect\":\n this.logger.info(\"🌐 Using redirect mode\");\n this.events.locationChange(\n fullAuthUrl,\n \"Redirecting to auth URL\",\n \"login\",\n );\n break;\n\n case \"new_tab\":\n this.logger.info(\"📱 Using new_tab mode\");\n if (!this.popupHandler) {\n throw new Error(\"Popup handler not initialized\");\n }\n await this.popupHandler.handleNewTabAuth(fullAuthUrl);\n break;\n\n case \"iframe\":\n default: {\n this.logger.info(\"🖼️ Using iframe mode\");\n if (!this.iframeAuthHandler || !this.messageHandler) {\n throw new Error(\"Iframe handler not initialized\");\n }\n if (IframeManager.browserCorsFailsSilentlyUrl) {\n return this.handleBrowserCorsFailsSilently();\n }\n\n const iframeElement =\n await this.iframeAuthHandler.handleIframeAuth(fullAuthUrl);\n this.messageHandler.updateIframeElement(iframeElement);\n break;\n }\n }\n } catch (error) {\n if (error instanceof PopupError) {\n await this.handlePopupErrorWithFallback(fullAuthUrl, error);\n } else {\n this.handleAuthError(\n error instanceof Error ? error : new Error(String(error)),\n );\n }\n }\n }\n\n /**\n * Handle popup error with redirect fallback\n */\n private async handlePopupErrorWithFallback(\n fullAuthUrl: string,\n error: PopupError,\n ): Promise<void> {\n this.logger.warn(\"🚫 Popup failed, falling back to redirect mode\", {\n originalDisplayMode: this.config.displayMode,\n error: error.message,\n });\n\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Popup blocked, falling back to redirect mode\",\n });\n\n try {\n this.logger.info(\"🔄 Attempting redirect fallback\");\n\n // Clean up current authentication attempt\n this.cleanup();\n\n // Always switch to redirect mode for Safari compatibility\n this.config.displayMode = \"redirect\";\n\n // Regenerate the auth URL with updated display mode in state\n const fallbackAuthUrl = await this.buildAuthUrl();\n\n this.logger.info(\"🌐 Redirecting to auth URL\", { url: fallbackAuthUrl });\n window.location.href = fallbackAuthUrl;\n this.logger.info(\"✅ Redirect initiated successfully\");\n } catch (redirectError) {\n this.logger.error(\"❌ Redirect fallback failed\", {\n error: redirectError,\n redirectUrl: fullAuthUrl,\n });\n\n const fallbackError = new CivicAuthError(\n \"Failed to open popup window and redirect fallback failed. Please check your browser's popup settings.\",\n CivicAuthErrorCode.INIT_FAILED,\n );\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: fallbackError.message,\n });\n this.handleAuthError(fallbackError);\n }\n }\n\n /**\n * Setup authentication timeout\n */\n private setupAuthenticationTimeout(): void {\n // Skip timeout for embedded iframe mode - embedded iframes should stay persistent\n if (\n this.config.displayMode === \"iframe\" &&\n this.config.iframeDisplayMode === \"embedded\"\n ) {\n this.logger.debug(\n \"⏰ Skipping authentication timeout for embedded iframe mode\",\n {\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n },\n );\n return;\n }\n\n // Set up timeout for other modes\n if (this.config.authProcessTimeout && this.config.authProcessTimeout > 0) {\n this.logger.debug(\"⏰ Setting up authentication timeout\", {\n timeout: this.config.authProcessTimeout,\n displayMode: this.config.displayMode,\n iframeDisplayMode: this.config.iframeDisplayMode,\n });\n\n this.authProcessTimeoutHandle = window.setTimeout(() => {\n this.logger.info(\"⏰ Authentication timeout reached\");\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication timed out\",\n });\n\n const error = new CivicAuthError(\n \"Authentication timed out\",\n CivicAuthErrorCode.AUTH_PROCESS_TIMEOUT,\n );\n this.handleAuthError(error);\n }, this.config.authProcessTimeout);\n }\n }\n\n /**\n * Handle successful authentication\n */\n private handleAuthSuccess(result: AuthResult): void {\n this.logger.info(\"✅ Authentication successful\");\n this.authPromiseResolve?.(result);\n\n // For embedded mode, preserve the iframe completely - don't cleanup\n // The iframe should stay visible showing the successful authentication state\n const isEmbeddedMode =\n this.config.displayMode === \"iframe\" &&\n this.config.iframeDisplayMode === \"embedded\";\n\n if (isEmbeddedMode) {\n this.logger.info(\n \"🔧 Embedded mode - preserving iframe, skipping cleanup\",\n );\n // Only clean up timeouts and reset promises, but keep iframe visible\n this.cleanupTimeoutsAndState();\n } else {\n // For modal/redirect modes, do full cleanup as before\n this.cleanup();\n }\n }\n\n /**\n * Handle authentication error\n */\n private handleAuthError(error: Error): void {\n this.logger.error(\"❌ Authentication failed\", { error: error.message });\n this.authPromiseReject?.(error);\n\n // For embedded mode, preserve the iframe to show error state\n // For other modes, do full cleanup as before\n const isEmbeddedMode =\n this.config.displayMode === \"iframe\" &&\n this.config.iframeDisplayMode === \"embedded\";\n\n if (isEmbeddedMode) {\n this.logger.info(\n \"🔧 Embedded mode - preserving iframe to show error state\",\n );\n // Only clean up timeouts and reset promises, but keep iframe visible\n this.cleanupTimeoutsAndState();\n } else {\n // For modal/redirect modes, do full cleanup as before\n this.cleanup();\n }\n }\n\n /**\n * Handle popup failure - simplified like React implementation\n */\n private handlePopupFailure(failedUrl?: string): void {\n this.hasPopupFailed = true;\n\n this.logger.warn(\"Popup failed, using redirect mode instead...\", {\n failedUrl,\n });\n\n // Clean up iframe if it exists\n if (this.iframeAuthHandler) {\n this.iframeAuthHandler.cleanupIframe();\n }\n\n // Always redirect to the failed URL or build a new one\n if (failedUrl) {\n // this.config.displayMode = \"redirect\";\n\n // Use centralized location change handler\n this.events.locationChange(\n failedUrl,\n \"Popup blocked, falling back to redirect mode\",\n \"login\",\n );\n\n return;\n }\n\n this.buildAuthUrl()\n .then((authUrl) => {\n this.events.locationChange(authUrl, \"Redirecting to auth URL\", \"login\");\n })\n .catch((error) => {\n this.logger.error(\"Failed to build auth URL for redirect fallback\", {\n error,\n });\n const fallbackError = new CivicAuthError(\n \"Failed to redirect for authentication\",\n CivicAuthErrorCode.INIT_FAILED,\n );\n this.handleAuthError(fallbackError);\n });\n }\n\n /**\n * Show popup failure message to user\n */\n private showPopupFailureMessage(\n customMessage: string = \"Authentication will continue in this window. Please wait...\",\n ): void {\n const container = this.getContainerElement();\n if (!container) {\n this.logger.warn(\n \"Cannot show popup failure message - container not found\",\n );\n return;\n }\n const existingMessage = document.getElementById(\n \"civic-auth-popup-failure-message\",\n );\n if (existingMessage && existingMessage.parentNode) {\n existingMessage.parentNode.removeChild(existingMessage);\n }\n const messageOverlay = document.createElement(\"div\");\n messageOverlay.id = \"civic-auth-popup-failure-message\";\n messageOverlay.style.cssText =\n \"position:absolute;top:0;left:0;right:0;background:rgba(255,249,196,.95);border:1px solid #f59e0b;border-radius:6px;padding:12px;margin:8px;font-family:-apple-system,BlinkMacSystemFont,'Segoe UI',Roboto,sans-serif;font-size:14px;color:#92400e;z-index:1000;box-shadow:0 2px 4px rgba(0,0,0,.1);\";\n messageOverlay.innerHTML =\n '<div style=\"display:flex;align-items:center;gap:8px;\">' +\n '<span style=\"font-size:16px;\">⚠️</span>' +\n \"<div>\" +\n \"<strong>Popup blocked</strong><br>\" +\n '<span style=\"font-size:12px;\">' +\n customMessage +\n \"</span>\" +\n \"</div>\" +\n \"</div>\";\n\n if (getComputedStyle(container).position === \"static\") {\n container.style.position = \"relative\";\n }\n\n container.appendChild(messageOverlay);\n\n setTimeout(() => {\n if (messageOverlay.parentNode) {\n messageOverlay.parentNode.removeChild(messageOverlay);\n }\n }, 10000);\n this.logger.info(\"Popup failure message displayed to user\");\n }\n\n /**\n * Setup popup failure timeout\n */\n private setupPopupFailureTimeout(): void {\n this.popupFailureTimeoutHandle = window.setTimeout(() => {\n this.logger.info(\"⏰ Popup failure timeout reached\");\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication timeout - popup failure scenario\",\n });\n\n const error = new CivicAuthError(\n \"Authentication timeout - popup failure scenario\",\n CivicAuthErrorCode.AUTH_PROCESS_TIMEOUT,\n );\n this.handleAuthError(error);\n }, 20000); // 20 seconds\n }\n\n /**\n * Gets the container element for the auth iframe\n */\n private getContainerElement(): HTMLElement | null {\n if (typeof this.config.targetContainerElement === \"string\") {\n const element = document.getElementById(\n this.config.targetContainerElement,\n );\n if (!element) {\n this.logger.warn(\n `Container element with ID \"${this.config.targetContainerElement}\" not found`,\n );\n }\n return element;\n }\n\n if (this.config.targetContainerElement) {\n return this.config.targetContainerElement;\n }\n\n // Fallback: Look for element with id \"civic-login-container\"\n const fallbackContainer = document.getElementById(\n \"civic-login-container\",\n ) as HTMLElement;\n if (fallbackContainer) {\n this.logger.debug(\n 'Using fallback container with id \"civic-login-container\"',\n );\n return fallbackContainer;\n }\n\n return null;\n }\n\n /**\n * Handle OAuth callback\n */\n private async handleCallback(): Promise<void> {\n this.logger.info(\"🔄 Handling OAuth callback\", {\n currentUrl: window.location.href,\n redirectUrl: this.config.redirectUrl,\n });\n\n try {\n // Only handle OAuth callback if not using backend integration\n if (!this.config.clientId && this.config.loginUrl) {\n this.logger.info(\n \"📞 Backend integration mode - skipping OAuth callback handling\",\n );\n return;\n }\n\n // Ensure clientId is available for OAuth callback\n if (!this.config.clientId) {\n throw new Error(\"ClientId is required for OAuth callback handling\");\n }\n\n const callbackHandled = await handleOAuthRedirectPage({\n clientId: this.config.clientId,\n oauthServer: this.config.oauthServerBaseUrl,\n redirectUrl: this.config.redirectUrl,\n textSignals: {\n success: this.config.textSignals.success,\n error: this.config.textSignals.error || \"Authentication failed\",\n },\n storageAdapter: this.storage,\n });\n\n this.logger.info(\"📋 Callback processing result\", { callbackHandled });\n\n if (callbackHandled) {\n const successSignal = document.getElementById(\n CIVIC_AUTH_CONSTANTS.SUCCESS_SIGNAL_ID,\n );\n const errorSignal = document.getElementById(\n CIVIC_AUTH_CONSTANTS.ERROR_SIGNAL_ID,\n );\n\n if (successSignal) {\n this.logger.info(\"✅ Success signal found\");\n let userInfo = null;\n const userInfoAttr = successSignal.getAttribute(\"data-user-info\");\n if (userInfoAttr) {\n try {\n userInfo = JSON.parse(userInfoAttr);\n } catch (error) {\n this.logger.error(\"❌ Failed to parse user info\", { error });\n }\n }\n this.events.emit(AuthEvent.SIGN_IN_COMPLETE, {\n detail: \"Callback processed successfully\",\n user: userInfo,\n });\n } else if (errorSignal) {\n this.logger.error(\"❌ Error signal found\");\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: errorSignal.textContent || \"Unknown error during callback\",\n });\n }\n }\n } catch (error) {\n this.logger.error(\"❌ Callback handling failed\", { error });\n this.events.emit(AuthEvent.SIGN_IN_ERROR, {\n detail:\n error instanceof Error\n ? error.message\n : \"Unknown error during callback\",\n });\n }\n }\n\n /**\n * Cleans up resources and event listeners\n */\n public cleanup(): void {\n this.logger.info(\"Cleaning up authentication client\");\n\n // Clean up handlers\n this.iframeAuthHandler?.cleanupIframe();\n\n // Clean up timeouts\n if (this.authProcessTimeoutHandle) {\n window.clearTimeout(this.authProcessTimeoutHandle);\n this.authProcessTimeoutHandle = undefined;\n }\n\n if (this.popupFailureTimeoutHandle) {\n window.clearTimeout(this.popupFailureTimeoutHandle);\n this.popupFailureTimeoutHandle = undefined;\n }\n\n // Reset state\n this.hasPopupFailed = false;\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n\n // Remove message event listener\n if (this.messageHandler) {\n window.removeEventListener(\"message\", this.messageHandler.handleMessage);\n }\n }\n\n /**\n * Clean up only timeouts and state without touching iframe (for embedded mode)\n */\n private cleanupTimeoutsAndState(): void {\n this.logger.info(\n \"Cleaning up timeouts and state (preserving iframe for embedded mode)\",\n );\n\n // Clean up timeouts\n if (this.authProcessTimeoutHandle) {\n window.clearTimeout(this.authProcessTimeoutHandle);\n this.authProcessTimeoutHandle = undefined;\n }\n\n if (this.popupFailureTimeoutHandle) {\n window.clearTimeout(this.popupFailureTimeoutHandle);\n this.popupFailureTimeoutHandle = undefined;\n }\n\n // Reset state\n this.hasPopupFailed = false;\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n\n // Keep message handler and iframe for embedded mode\n }\n\n /**\n * Get the current session\n */\n public async getCurrentSession(): Promise<Session | null> {\n return this.sessionManager.getCurrentSession() || null;\n }\n\n /**\n * Get current session tokens including decoded forwarded tokens\n * This method extracts and decodes forwarded tokens from the ID token JWT\n */\n public async getTokensWithForwardedTokens() {\n const session = await this.getCurrentSession();\n return extractTokensFromSession(session);\n }\n\n /**\n * Check if user is authenticated\n */\n public async isAuthenticated(): Promise<boolean> {\n return this.sessionManager.isAuthenticated() || false;\n }\n\n /**\n * Get the current user\n */\n public async getCurrentUser() {\n return this.sessionManager.getCurrentUser() || null;\n }\n\n /**\n * Clear the current session\n */\n public async clearSession(): Promise<void> {\n return this.sessionManager.clearSession();\n }\n\n /**\n * Manually refresh tokens\n */\n public async refreshTokens(): Promise<void> {\n return this.sessionManager.refreshTokens();\n }\n\n /**\n * Get token refresher state for debugging\n */\n public getTokenRefresherState() {\n return this.sessionManager.getTokenRefresherState() || null;\n }\n\n /**\n * Set a custom login URL for backend integration.\n * This is useful when integrating with a backend that handles the OAuth flow.\n * Alternatively, you can configure this directly in CivicAuth.create().\n *\n * @param loginUrl - The custom login URL to use (e.g., \"http://localhost:3020/auth/login\")\n *\n * @example\n * ```typescript\n * // Option 1: Configure in create()\n * const authClient = await CivicAuth.create({\n * clientId: \"YOUR_CLIENT_ID\",\n * loginUrl: \"http://example.com/custom-backendurl\"\n * });\n *\n * // Option 2: Set after creation\n * civicAuth.setLoginUrl(\"http://localhost:3020/auth/login\");\n * await civicAuth.startAuthentication();\n * ```\n */\n public setLoginUrl(loginUrl: string): void {\n this.loginUrl = loginUrl;\n\n // Update MessageHandler to expect messages from the custom origin\n if (this.messageHandler) {\n this.messageHandler.setCustomExpectedOrigin(loginUrl);\n }\n\n this.logger.info(\"🔗 Custom login URL set for backend integration\", {\n loginUrl: this.loginUrl,\n });\n }\n\n /**\n * Clear the login URL and return to standard OAuth flow\n */\n public clearLoginUrl(): void {\n this.loginUrl = undefined;\n\n // Clear custom expected origin from MessageHandler\n if (this.messageHandler) {\n this.messageHandler.clearCustomExpectedOrigin();\n }\n\n this.logger.info(\"🔗 Login URL cleared, returning to standard OAuth flow\");\n }\n\n /**\n * Get the current login URL\n * @returns The current login URL or undefined if not set\n */\n public getLoginUrl(): string | undefined {\n return this.loginUrl;\n }\n\n /**\n * Update the iframe display mode\n * @param mode - The display mode to use for the iframe\n */\n public setIframeDisplayMode(mode: \"modal\" | \"embedded\"): void {\n this.config.iframeDisplayMode = mode;\n this.logger.debug(`Iframe display mode updated to: ${mode}`);\n }\n\n /**\n * Get the current iframe display mode\n * @returns The current iframe display mode\n */\n public getIframeDisplayMode(): \"modal\" | \"embedded\" | undefined {\n return this.config.iframeDisplayMode;\n }\n\n /**\n * Reset authentication state when page is restored from back-forward cache (bfcache)\n * This clears any pending authentication promises that may have been interrupted\n * by the browser caching the page, allowing fresh authentication attempts\n */\n public resetOnBfcache(): void {\n this.logger.info(\n \"🔄 Resetting authentication state due to bfcache restore\",\n );\n\n // Clear pending authentication promise and related state\n if (this.authPromise) {\n this.logger.debug(\"Clearing stale authentication promise from bfcache\");\n this.authPromise = undefined;\n this.authPromiseResolve = undefined;\n this.authPromiseReject = undefined;\n }\n\n // Clear timeouts that may no longer be valid\n if (this.authProcessTimeoutHandle) {\n window.clearTimeout(this.authProcessTimeoutHandle);\n this.authProcessTimeoutHandle = undefined;\n }\n\n if (this.popupFailureTimeoutHandle) {\n window.clearTimeout(this.popupFailureTimeoutHandle);\n this.popupFailureTimeoutHandle = undefined;\n }\n\n // Reset auth flags\n this.hasPopupFailed = false;\n this.hasSignInStarted = false;\n\n // Reset iframe handler state if needed\n if (this.iframeAuthHandler) {\n this.iframeAuthHandler.cleanupIframe();\n }\n }\n\n /**\n * Destroy the auth client and clean up all resources\n */\n public async destroy(): Promise<void> {\n this.cleanup();\n await this.sessionManager.destroy();\n this.logger.info(\"CivicAuth destroyed\");\n }\n\n /**\n * Handle logout\n */\n public async logout(): Promise<void> {\n try {\n this.logger.info(\"🔄 Starting logout process\");\n this.events.emit(AuthEvent.SIGN_OUT_STARTED, {\n detail: \"Logout process started\",\n });\n\n // If a loginUrl is configured, redirect to the backend's logout endpoint.\n // The backend will then handle redirecting to the OIDC provider.\n if (this.loginUrl) {\n this.logger.info(\n \"🚪 Redirecting to backend for logout in backend-integrated flow\",\n );\n const backendUrl = new URL(this.loginUrl).origin;\n const endpoints = getBackendEndpoints(this.config.backendEndpoints);\n const backendLogoutUrl = resolveEndpointUrl(\n backendUrl,\n endpoints.logout,\n );\n\n this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {\n detail: \"Local session cleared, redirecting to backend for logout.\",\n });\n\n // Generate state for backend integration to enable iframe mode detection\n const state = generateState({\n displayMode: this.config.displayMode || \"iframe\",\n framework: this.config.framework || \"vanillajs\",\n sdkVersion: getVersion(),\n });\n\n // Perform top-level redirect to the backend logout endpoint\n // Include logoutRedirectUrl and state as query parameters\n const logoutUrl = new URL(backendLogoutUrl);\n if (this.config.logoutRedirectUrl) {\n logoutUrl.searchParams.set(\n \"logoutRedirectUrl\",\n this.config.logoutRedirectUrl,\n );\n }\n\n // Include state for iframe mode detection on server\n logoutUrl.searchParams.set(\"state\", state);\n\n this.logger.info(\"🌐 Loading backend logout endpoint in iframe\", {\n url: logoutUrl.toString(),\n path: logoutUrl.pathname,\n logoutRedirectUrl: this.config.logoutRedirectUrl,\n displayMode: this.config.displayMode,\n });\n\n // Use iframe for SPA logout to avoid full page reload\n this.loadLogoutInIframe(logoutUrl);\n\n return;\n }\n\n // --- Existing SPA redirect-based logout flow ---\n this.logger.info(\"🚪 Using redirect-based logout for SPA flow\");\n const tokens = await retrieveTokens(this.storage);\n\n if (!tokens?.id_token) {\n this.logger.warn(\"⚠️ No ID token found, clearing local session only\");\n await clearTokens(this.storage);\n await this.sessionManager.clearSession();\n this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {\n detail: \"Local session cleared\",\n });\n return;\n }\n\n if (!this.endpoints) {\n throw new Error(\"OAuth endpoints not initialized\");\n }\n\n // Generate a state for logout (for OAuth provider tracking only)\n const state = generateState({\n displayMode: this.config.displayMode || \"iframe\",\n framework: this.config.framework || \"vanillajs\",\n sdkVersion: getVersion(),\n });\n\n this.logger.info(\"🔄 Generated logout state for OAuth provider\", {\n generatedState: state,\n displayMode: this.config.displayMode,\n });\n\n // Note: No need to store logout_state in localStorage since iframe flows\n // don't receive redirect callbacks that need state coordination\n\n // Ensure clientId is available for OAuth logout\n if (!this.config.clientId) {\n throw new Error(\"ClientId is required for OAuth logout flow\");\n }\n\n // Generate logout URL\n const logoutUrl = await generateOauthLogoutUrl({\n clientId: this.config.clientId,\n redirectUrl: this.config.logoutRedirectUrl,\n idToken: tokens.id_token,\n state: state,\n oauthServer: this.config.oauthServerBaseUrl,\n });\n\n this.logger.info(\"🔗 Generated logout URL\", {\n logoutUrl: logoutUrl.toString(),\n });\n\n // Clear local tokens and session completely (no need to preserve logout_state)\n await this.sessionManager.clearSession(false);\n\n // Emit logout complete event before iframe request\n this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {\n detail: \"Logout successful\",\n });\n\n // Use hidden iframe instead of redirect to avoid full page reload in SPA mode\n this.loadLogoutInIframe(logoutUrl);\n } catch (error) {\n this.logger.error(\"❌ Logout failed\", { error });\n this.events.emit(AuthEvent.SIGN_OUT_ERROR, {\n detail: error instanceof Error ? error.message : String(error),\n });\n throw new CivicAuthError(\n \"Logout failed\",\n CivicAuthErrorCode.LOGOUT_FAILED,\n );\n }\n }\n\n /**\n * Load logout URL in a hidden iframe to avoid full page reload\n * @param logoutUrl The URL to load in the iframe\n */\n private loadLogoutInIframe(logoutUrl: URL): void {\n this.logger.info(\"🌐 Loading logout URL in hidden iframe\");\n\n const logoutIframe = document.createElement(\"iframe\");\n logoutIframe.style.display = \"none\";\n\n // Clean up iframe when logout completes (or errors)\n const cleanupIframe = () => {\n this.logger.info(\"🧹 Cleaning up logout iframe\");\n\n if (!logoutIframe.parentNode) {\n this.logger.warn(\"🧹 Logout iframe not found, skipping iframe cleanup\");\n return;\n }\n\n logoutIframe.parentNode.removeChild(logoutIframe);\n\n if (this.config.logoutRedirectUrl) {\n this.logger.info(\n \"🌐 Redirecting to logoutRedirectUrl after logout iframe cleanup\",\n {\n logoutRedirectUrl: this.config.logoutRedirectUrl,\n },\n );\n // Use direct redirect for logout to ensure frontend state is cleared\n // This bypasses any URL_CHANGE event listeners that might interfere\n window.location.href = this.config.logoutRedirectUrl;\n }\n };\n\n logoutIframe.onload = () => {\n cleanupIframe();\n };\n logoutIframe.onerror = (error) => {\n this.logger.error(\"❌ Logout iframe failed to load\", { error });\n cleanupIframe();\n };\n\n logoutIframe.src = logoutUrl.toString();\n document.body.appendChild(logoutIframe);\n }\n\n /**\n * Handle logout state cleanup\n * This mirrors the logic from useSignIn.ts to properly clean up after logout\n */\n private async handleLogoutStateCleanup(): Promise<void> {\n try {\n const params = new URLSearchParams(window.location.search);\n const state = params.get(\"state\");\n\n this.logger.info(\"🔍 Checking for logout state cleanup\", {\n currentUrl: window.location.href,\n hasStateParam: !!state,\n stateValue: state,\n rawSearch: window.location.search,\n });\n\n if (!state) {\n this.logger.info(\n \"🔍 No state parameter found, skipping logout cleanup\",\n );\n return; // No state parameter, nothing to cleanup\n }\n\n // Check if we have a stored logout state that matches\n const storedLogoutState = await this.storage.get(LOGOUT_STATE);\n\n // The state might be URL-decoded by URLSearchParams, but stored as plain\n // Let's try both the decoded and encoded versions\n const decodedState = decodeURIComponent(state);\n\n this.logger.info(\"🔍 Comparing logout states\", {\n urlState: state,\n decodedState,\n storedLogoutState,\n directMatch: state === storedLogoutState,\n decodedMatch: decodedState === storedLogoutState,\n });\n\n if (state === storedLogoutState || decodedState === storedLogoutState) {\n this.logger.info(\"🧹 Cleaning up logout state\", {\n state,\n storedLogoutState,\n });\n\n // Clear tokens and user data from storage\n await clearTokens(this.storage);\n await this.sessionManager.clearSession();\n\n // Clean up the logout state from storage\n await this.storage.delete(LOGOUT_STATE);\n\n // Emit logout complete event\n this.events.emit(AuthEvent.SIGN_OUT_COMPLETE, {\n detail: \"Logout cleanup completed\",\n });\n\n // Clean up URL by removing query parameters\n const cleanUrl = window.location.href.split(\"?\")[0];\n window.history.replaceState({}, document.title, cleanUrl);\n\n this.logger.info(\"✅ Logout state cleanup completed\", {\n cleanUrl,\n });\n } else {\n this.logger.info(\"🔍 Logout states don't match, skipping cleanup\", {\n urlState: state,\n storedLogoutState,\n });\n }\n } catch (error) {\n this.logger.warn(\"⚠️ Error during logout state cleanup\", { error });\n // Don't throw error to prevent initialization failure\n }\n }\n}\n\n// Export types for external use\nexport type { CivicAuthClientConfig } from \"./types/AuthTypes.js\";\nexport { CivicAuthErrorCode } from \"./types/AuthTypes.js\";\n"]}
package/dist/vanillajs/auth/handlers/IframeAuthHandler.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"IframeAuthHandler.d.ts","sourceRoot":"","sources":["../../../../src/vanillajs/auth/handlers/IframeAuthHandler.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AAGtE,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAC9D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAI1D,MAAM,WAAW,uBAAuB;IACtC,MAAM,EAAE,wBAAwB,CAAC;IACjC,MAAM,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;IACxC,aAAa,EAAE,CAAC,MAAM,EAAE,UAAU,KAAK,IAAI,CAAC;IAC5C,WAAW,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACpC,OAAO,EAAE,MAAM,IAAI,CAAC;IACpB,cAAc,EAAE,CAAC,KAAK,EAAE,YAAY,KAAK,IAAI,CAAC;CAC/C;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,MAAM,CAAiC;IAC/C,OAAO,CAAC,aAAa,CAA+B;IACpD,OAAO,CAAC,WAAW,CAAyB;IAC5C,OAAO,CAAC,OAAO,CAAa;IAC5B,OAAO,CAAC,cAAc,CAAgC;IACtD,OAAO,CAAC,aAAa,CAAC,CAAgB;IACtC,OAAO,CAAC,aAAa,CAAC,CAAoB;IAC1C,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,uBAAuB,CAA+B;IAC9D,OAAO,CAAC,gBAAgB,CAAU;gBAEtB,aAAa,EAAE,uBAAuB;IAsClD;;;OAGG;IACU,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA4DjD,gBAAgB,CAC3B,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,iBAAiB,CAAC;IAiItB,gBAAgB,IAAI,aAAa,GAAG,SAAS;IAI7C,gBAAgB,IAAI,iBAAiB,GAAG,SAAS;IAIjD,aAAa,IAAI,IAAI;IA0C5B,OAAO,CAAC,4BAA4B;IAgBpC,OAAO,CAAC,oBAAoB;IAe5B,OAAO,CAAC,mBAAmB;IA+B3B,OAAO,CAAC,0BAA0B;IA4BlC,OAAO,CAAC,wBAAwB;IAsDhC,OAAO,CAAC,2BAA2B;IAgEnC,OAAO,CAAC,mBAAmB;IAsD3B,OAAO,CAAC,mBAAmB;IAiC3B,OAAO,CAAC,+BAA+B;IAmGvC,OAAO,CAAC,kBAAkB;IAgCnB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IA+BxC;;OAEG;IACI,iBAAiB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAKhD;;OAEG;IACI,iBAAiB,IAAI,OAAO;IAInC;;;;;;;;;;;;;;;;;OAiBG;IACI,kBAAkB,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO;IAShD;;;;;OAKG;IACI,eAAe,IAAI,IAAI;IAW9B;;OAEG;IACI,eAAe,IAAI,IAAI;CAU/B"}
1
+ {"version":3,"file":"IframeAuthHandler.d.ts","sourceRoot":"","sources":["../../../../src/vanillajs/auth/handlers/IframeAuthHandler.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AAGtE,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAC9D,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAI1D,MAAM,WAAW,uBAAuB;IACtC,MAAM,EAAE,wBAAwB,CAAC;IACjC,MAAM,EAAE,UAAU,CAAC,OAAO,YAAY,CAAC,CAAC;IACxC,aAAa,EAAE,CAAC,MAAM,EAAE,UAAU,KAAK,IAAI,CAAC;IAC5C,WAAW,EAAE,CAAC,KAAK,EAAE,KAAK,KAAK,IAAI,CAAC;IACpC,OAAO,EAAE,MAAM,IAAI,CAAC;IACpB,cAAc,EAAE,CAAC,KAAK,EAAE,YAAY,KAAK,IAAI,CAAC;CAC/C;AAED,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,MAAM,CAAiC;IAC/C,OAAO,CAAC,aAAa,CAA+B;IACpD,OAAO,CAAC,WAAW,CAAyB;IAC5C,OAAO,CAAC,OAAO,CAAa;IAC5B,OAAO,CAAC,cAAc,CAAgC;IACtD,OAAO,CAAC,aAAa,CAAC,CAAgB;IACtC,OAAO,CAAC,aAAa,CAAC,CAAoB;IAC1C,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,uBAAuB,CAA+B;IAC9D,OAAO,CAAC,gBAAgB,CAAU;gBAEtB,aAAa,EAAE,uBAAuB;IAsClD;;;OAGG;IACU,aAAa,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IA4DjD,gBAAgB,CAC3B,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,iBAAiB,CAAC;IAiItB,gBAAgB,IAAI,aAAa,GAAG,SAAS;IAI7C,gBAAgB,IAAI,iBAAiB,GAAG,SAAS;IAIjD,aAAa,IAAI,IAAI;IA0C5B,OAAO,CAAC,4BAA4B;IAgBpC,OAAO,CAAC,oBAAoB;IAe5B,OAAO,CAAC,mBAAmB;IA+B3B,OAAO,CAAC,0BAA0B;IA4BlC,OAAO,CAAC,wBAAwB;IAsDhC,OAAO,CAAC,2BAA2B;IAgEnC,OAAO,CAAC,mBAAmB;IA6E3B,OAAO,CAAC,mBAAmB;IAiC3B,OAAO,CAAC,+BAA+B;IAmGvC,OAAO,CAAC,kBAAkB;IAgCnB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IA+BxC;;OAEG;IACI,iBAAiB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI;IAKhD;;OAEG;IACI,iBAAiB,IAAI,OAAO;IAInC;;;;;;;;;;;;;;;;;OAiBG;IACI,kBAAkB,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO;IAShD;;;;;OAKG;IACI,eAAe,IAAI,IAAI;IAW9B;;OAEG;IACI,eAAe,IAAI,IAAI;CAU/B"}
package/dist/vanillajs/auth/handlers/IframeAuthHandler.js CHANGED
@@ -381,12 +381,30 @@ export class IframeAuthHandler {
381
381
  checkIframeRedirect() {
382
382
  try {
383
383
  const currentIframeHref = this.iframeElement?.contentWindow?.location.href;
384
+ const currentIframeOrigin = this.iframeElement?.contentWindow?.location.origin;
385
+ const currentIframePath = this.iframeElement?.contentWindow?.location.pathname;
384
386
  if (currentIframeHref) {
385
387
  this.logger.debug("Iframe current href accessible", {
386
388
  href: currentIframeHref,
387
389
  redirectUrl: this.config.redirectUrl,
388
390
  startsWithRedirect: currentIframeHref.startsWith(this.config.redirectUrl),
389
391
  });
392
+ // In Safari, the iframe manager may not catch the previous URL changes
393
+ // and we only get the current URL after the redirect to the successful login
394
+ // in this case we want to reload the page as we should have a valid session
395
+ if (!(currentIframePath === "/login" &&
396
+ currentIframeOrigin?.endsWith("civic.com")) && // special case for civic same-domain portal/login-app
397
+ currentIframeOrigin === new URL(this.config.redirectUrl).origin &&
398
+ !currentIframeHref.startsWith(this.config.redirectUrl) // we don't want to reload if we're on the redirect as we need to handle callback
399
+ ) {
400
+ this.logger.info("Iframe has navigated to the success URL, reloading the page to reflect the new state.");
401
+ this.config.events?.emit(AuthEvent.URL_CHANGE, {
402
+ url: currentIframeHref,
403
+ source: "login", // this means the page will do a 'hard' reload which is required for the UserButton etc. to take state changes into account
404
+ });
405
+ this.iframeManager?.hide();
406
+ return;
407
+ }
390
408
  if (currentIframeHref.startsWith(this.config.redirectUrl)) {
391
409
  this.logger.info("Iframe has navigated to redirectUrl (same-origin). Setting up DOM observer.");
392
410
  // Hide content since we're on callback page now
package/dist/vanillajs/auth/handlers/IframeAuthHandler.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"IframeAuthHandler.js","sourceRoot":"","sources":["../../../../src/vanillajs/auth/handlers/IframeAuthHandler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAGjD,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D,OAAO,EAAE,YAAY,IAAI,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvE,OAAO,EAAE,4CAA4C,EAAE,MAAM,gBAAgB,CAAC;AAW9E,MAAM,OAAO,iBAAiB;IACpB,MAAM,CAA2B;IACjC,MAAM,GAAG,cAAc,CAAC,aAAa,CAAC,CAAC;IACvC,aAAa,CAA+B;IAC5C,WAAW,CAAyB;IACpC,OAAO,CAAa;IACpB,cAAc,CAAgC;IAC9C,aAAa,CAAiB;IAC9B,aAAa,CAAqB;IAClC,cAAc,CAAkB;IAChC,uBAAuB,CAA+B;IACtD,gBAAgB,CAAU,CAAC,0BAA0B;IAE7D,YAAY,aAAsC;QAChD,IAAI,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC;QACnC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC,aAAa,CAAC;QACjD,IAAI,CAAC,WAAW,GAAG,aAAa,CAAC,WAAW,CAAC;QAC7C,IAAI,CAAC,OAAO,GAAG,aAAa,CAAC,OAAO,CAAC;QACrC,IAAI,CAAC,cAAc,GAAG,aAAa,CAAC,cAAc,CAAC;QAEnD,wCAAwC;QACxC,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QAElD,uDAAuD;QACvD,IAAI,CAAC,uBAAuB,GAAG,CAAC,KAAkB,EAAE,EAAE;YACpD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mDAAmD,EAAE;gBACpE,MAAM,EAAE,KAAK,CAAC,MAAM;aACrB,CAAC,CAAC;YAEH,sEAAsE;YACtE,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;gBACvB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;gBACnE,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;gBAE1B,mDAAmD;gBACnD,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;oBAClD,MAAM,EAAE,+CAA+C;iBACxD,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CACrB,0BAA0B,EAC1B,IAAI,CAAC,uBAAwC,CAC9C,CAAC;QAEF,6DAA6D;QAC7D,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1D,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,aAAa,CAAC,WAAmB;QAC5C,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,OAAO;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;YACzD,GAAG,EAAE,WAAW;SACjB,CAAC,CAAC;QAEH,4DAA4D;QAC5D,MAAM,iBAAiB,GAAG,IAAI,CAAC,0BAA0B,EAAE,CAAC;QAE5D,IAAI,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAE3C,sEAAsE;QACtE,IAAI,iBAAiB,KAAK,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC;YAChD,SAAS,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,qDAAqD;gBACnD,yHAAyH,EAC3H,kBAAkB,CAAC,mBAAmB,CACvC,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACjC,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;YACzD,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,SAAS,EAAE,EAAE;YAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;YAC9B,iBAAiB;SAClB,CAAC,CAAC;QAEH,qDAAqD;QACrD,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC;YACrC,SAAS,EAAE,SAAS;YACpB,WAAW,EAAE,iBAAiB;YAC9B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,OAAO,EAAE,GAAG,EAAE;gBACZ,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;gBACnE,iEAAiE;gBACjE,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,CAAC;SACF,CAAC,CAAC;QAEH,yCAAyC;QACzC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;QAEnE,iDAAiD;QACjD,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,IAAI,CAAC,+BAA+B,EAAE,CAAC;QAEvC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC,CAAC;IAC3E,CAAC;IAEM,KAAK,CAAC,gBAAgB,CAC3B,WAAmB;QAEnB,iEAAiE;QACjE,8EAA8E;QAC9E,wFAAwF;QACxF,IAAI,IAAI,CAAC,aAAa,EAAE,iBAAiB,EAAE,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAClE,MAAM,YAAY,GAAG,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC;YAC1D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,EAAE;gBAC9D,YAAY;gBACZ,YAAY,EAAE,WAAW;gBACzB,SAAS,EAAE,YAAY,KAAK,WAAW;aACxC,CAAC,CAAC;YAEH,iFAAiF;YACjF,4EAA4E;YAC5E,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;gBACzD,YAAY;gBACZ,YAAY,EAAE,WAAW;gBACzB,MAAM,EAAE,uCAAuC;aAChD,CAAC,CAAC;YAEH,uDAAuD;YACvD,8FAA8F;YAC9F,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC,GAAG,EAAE;gBAC3C,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,sFAAsF,CACvF,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;oBAChD,MAAM,EAAE,kCAAkC;iBAC3C,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,kCAAkC,EAClC,kBAAkB,CAAC,cAAc,CAClC,CAAC;gBAEF,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBACxB,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,sCAAsC;YACtC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;YAElE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;gBAClD,MAAM,EAAE,sCAAsC;aAC/C,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,aAAa,CAAC;QAC5B,CAAC;QAED,+DAA+D;QAC/D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oDAAoD,EAAE;YACtE,GAAG,EAAE,WAAW;SACjB,CAAC,CAAC;QAEH,4DAA4D;QAC5D,MAAM,iBAAiB,GAAG,IAAI,CAAC,0BAA0B,EAAE,CAAC;QAE5D,IAAI,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAE3C,sEAAsE;QACtE,IAAI,iBAAiB,KAAK,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC;YAChD,SAAS,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,sCAAsC;gBACpC,+HAA+H,EACjI,kBAAkB,CAAC,mBAAmB,CACvC,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACjC,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE;YACvD,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,SAAS,EAAE,EAAE;YAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;YAC9B,iBAAiB;YACjB,gBAAgB,EACd,iBAAiB,KAAK,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,sBAAsB;SACvE,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,2DAA2D,iBAAiB,EAAE,CAC/E,CAAC;QAEF,qDAAqD;QACrD,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC;YACrC,SAAS,EAAE,SAAS;YACpB,WAAW,EAAE,iBAAiB;YAC9B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B;;;;eAIG;YACH,OAAO,EAAE,GAAG,EAAE;gBACZ,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,sFAAsF,CACvF,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;oBAChD,MAAM,EAAE,kCAAkC;iBAC3C,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,kCAAkC,EAClC,kBAAkB,CAAC,cAAc,CAClC,CAAC;gBAEF,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBACxB,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,CAAC;SACF,CAAC,CAAC;QAEH,wCAAwC;QACxC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QAElE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;YAClD,MAAM,EAAE,oCAAoC;SAC7C,CAAC,CAAC;QAEH,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,IAAI,CAAC,+BAA+B,EAAE,CAAC;QAEvC,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAEM,gBAAgB;QACrB,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAEM,gBAAgB;QACrB,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAEM,aAAa;QAClB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAEhD,0EAA0E;QAC1E,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,EAAE,cAAc,EAAE,KAAK,UAAU,CAAC;QAE3E,IAAI,cAAc,EAAE,CAAC;YACnB,wFAAwF;YACxF,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,6EAA6E,CAC9E,CAAC;YACF,6EAA6E;YAC7E,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;gBACjC,MAAM,CAAC,mBAAmB,CACxB,0BAA0B,EAC1B,IAAI,CAAC,uBAAwC,CAC9C,CAAC;YACJ,CAAC;YACD,kDAAkD;YAClD,OAAO;QACT,CAAC;QAED,4CAA4C;QAC5C,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,CAAC;QAC9B,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;QAE/B,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;QACjC,CAAC;QAED,2CAA2C;QAC3C,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;YACjC,MAAM,CAAC,mBAAmB,CACxB,0BAA0B,EAC1B,IAAI,CAAC,uBAAwC,CAC9C,CAAC;QACJ,CAAC;QAED,gDAAgD;QAChD,IAAI,CAAC,4BAA4B,EAAE,CAAC;IACtC,CAAC;IAEO,4BAA4B;QAClC,2EAA2E;QAC3E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACxC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,aAAa,CAC7C,kCAAkC,IAAI,CAAC,MAAM,CAAC,QAAQ,kBAAkB,CACzE,CAAC;YAEF,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,UAAU,EAAE,CAAC;gBACpD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,EAAE;oBACpD,WAAW,EAAE,gBAAgB,CAAC,EAAE;iBACjC,CAAC,CAAC;gBACH,gBAAgB,CAAC,UAAU,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;IACH,CAAC;IAEO,oBAAoB;QAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAChD,SAAS,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,kBAAkB,CAAC;QACzD,SAAS,CAAC,YAAY,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;QAExD,mCAAmC;QACnC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAErC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE;YACnD,WAAW,EAAE,SAAS,CAAC,EAAE;SAC1B,CAAC,CAAC;QAEH,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,mBAAmB;QACzB,IAAI,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,KAAK,QAAQ,EAAE,CAAC;YAC3D,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CACrC,IAAI,CAAC,MAAM,CAAC,sBAAsB,CACnC,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,8BAA8B,IAAI,CAAC,MAAM,CAAC,sBAAsB,aAAa,CAC9E,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;QAC5C,CAAC;QAED,6DAA6D;QAC7D,MAAM,iBAAiB,GAAG,QAAQ,CAAC,cAAc,CAC/C,uBAAuB,CACT,CAAC;QACjB,IAAI,iBAAiB,EAAE,CAAC;YACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,0DAA0D,CAC3D,CAAC;YACF,OAAO,iBAAiB,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,0BAA0B;QAChC,6DAA6D;QAC7D,oFAAoF;QACpF,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uCAAuC,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CACvE,CAAC;YACF,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;QACvC,CAAC;QAED,wFAAwF;QACxF,+EAA+E;QAC/E,qFAAqF;QACrF,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uGAAuG,CACxG,CAAC;YACF,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,gGAAgG;QAChG,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gEAAgE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI;YACzF,wEAAwE,CAC3E,CAAC;QACF,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,wBAAwB;QAC9B,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,OAAO;QAEhC,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,GAAG,EAAE;YAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE;gBAChC,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;gBAClC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACrC,wBAAwB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;qBAC9D,MAAM;aACV,CAAC,CAAC;YAEH,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,CAAC;gBACvC,MAAM,QAAQ,GAAG,iDAAiD,CAAC;gBACnE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;oBAC1B,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;iBACnC,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAClC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBACxB,IAAI,CAAC,OAAO,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,yEAAyE,EACzE;gBACE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACpC,gBAAgB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM;aACjE,CACF,CAAC;YAEF,gDAAgD;YAChD,IAAI,CAAC,2BAA2B,EAAE,CAAC;YAEnC,uCAAuC;YACvC,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7B,CAAC,CAAC;QAEF,IAAI,CAAC,aAAa,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,EAAE;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE;gBACrC,KAAK;gBACL,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;gBAClC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;aACtC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EAAE,mBAAmB;gBAC3B,KAAK,EAAE,KAAK;aACb,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;YAClD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACxB,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC,CAAC;IACJ,CAAC;IAEO,2BAA2B;QACjC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC;YACpE,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC;gBACjD,MAAM,wBAAwB,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB;oBAC7D,CAAC,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM;oBAChD,CAAC,CAAC,IAAI,CAAC;gBACT,MAAM,cAAc,GAAG,wBAAwB;oBAC7C,CAAC,CAAC,aAAa,KAAK,wBAAwB;oBAC5C,CAAC,CAAC,KAAK,CAAC;gBACV,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW;oBAC3C,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;oBAChD,CAAC,CAAC,KAAK,CAAC;gBAEV,IAAI,cAAc,IAAI,CAAC,aAAa,EAAE,CAAC;oBACrC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,uEAAuE,EACvE;wBACE,UAAU;wBACV,cAAc;wBACd,aAAa;wBACb,aAAa;wBACb,wBAAwB;qBACzB,CACF,CAAC;oBACF,IAAI,CAAC,aAAa,EAAE,eAAe,EAAE,CAAC;gBACxC,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gEAAgE,EAChE;wBACE,UAAU;wBACV,cAAc;wBACd,aAAa;wBACb,aAAa;wBACb,wBAAwB;wBACxB,MAAM,EAAE,CAAC,cAAc;4BACrB,CAAC,CAAC,wBAAwB;gCACxB,CAAC,CAAC,sCAAsC;gCACxC,CAAC,CAAC,4BAA4B;4BAChC,CAAC,CAAC,qDAAqD;qBAC1D,CACF,CAAC;oBAEF,IAAI,aAAa,EAAE,CAAC;wBAClB,IAAI,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC;oBAC7B,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,aAAa,EAAE,eAAe,EAAE,CAAC;oBACxC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uFAAuF,EACvF,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAClE,CAAC;YACF,UAAU,CAAC,GAAG,EAAE;gBACd,kFAAkF;gBAClF,8DAA8D;gBAC9D,IAAI,CAAC,aAAa,EAAE,eAAe,EAAE,CAAC;YACxC,CAAC,EAAE,4CAA4C,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAEO,mBAAmB;QACzB,IAAI,CAAC;YACH,MAAM,iBAAiB,GACrB,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC;YAEnD,IAAI,iBAAiB,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE;oBAClD,IAAI,EAAE,iBAAiB;oBACvB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;oBACpC,kBAAkB,EAAE,iBAAiB,CAAC,UAAU,CAC9C,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB;iBACF,CAAC,CAAC;gBAEH,IAAI,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;oBAC1D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,6EAA6E,CAC9E,CAAC;oBAEF,gDAAgD;oBAChD,IAAI,CAAC,2BAA2B,EAAE,CAAC;oBAEnC,uDAAuD;oBACvD,IACE,IAAI,CAAC,aAAa,EAAE,eAAe;wBACnC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,IAAI,EACvC,CAAC;wBACD,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;oBAC/D,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,mEAAmE,CACpE,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,wDAAwD,EACxD;gBACE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;gBAC7D,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;aACnC,CACF,CAAC;YACF,gEAAgE;YAChE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,uEAAuE,EACvE;gBACE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACpC,gBAAgB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM;aACjE,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,SAAmB;QAC7C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;YAC/C,WAAW,EAAE,SAAS,CAAC,GAAG;YAC1B,aAAa,EAAE,SAAS,CAAC,KAAK;YAC9B,UAAU,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI;YAC5B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM;SAChC,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,IAAI,cAAc,CACvC;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,EACD,IAAI,CAAC,aAAa,EAClB,CAAC,KAAa,EAAE,EAAE,CAChB,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,EAC/D,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,CACrB,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC,CAAC,kBAAkB;QAExD,IAAI,CAAC;YACH,cAAc,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QACpE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE;gBACjD,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,+BAA+B;QACrC,4EAA4E;QAC5E,IAAI,kBAAkB,GAAuB,SAAS,CAAC;QACvD,IAAI,YAAY,GAAG,EAAE,CAAC;QAEtB,MAAM,qBAAqB,GAAG,GAAG,EAAE;YACjC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,CAAC;gBACvC,IAAI,kBAAkB,EAAE,CAAC;oBACvB,aAAa,CAAC,kBAAkB,CAAC,CAAC;gBACpC,CAAC;gBACD,OAAO;YACT,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAElE,IAAI,UAAU,KAAK,YAAY,EAAE,CAAC;oBAChC,YAAY,GAAG,UAAU,CAAC;oBAC1B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;wBAChD,MAAM,EAAE,UAAU;wBAClB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;wBACpC,aAAa,EAAE,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;qBAC9D,CAAC,CAAC;oBAEH,oDAAoD;oBACpD,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;wBACnD,6CAA6C;wBAC7C,IAAI,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC;wBAC3B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,kEAAkE,EAClE;4BACE,WAAW,EAAE,UAAU;4BACvB,kBAAkB,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe;4BACxD,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,IAAI;yBACpD,CACF,CAAC;wBAEF,IAAI,kBAAkB,EAAE,CAAC;4BACvB,aAAa,CAAC,kBAAkB,CAAC,CAAC;wBACpC,CAAC;wBAED,uDAAuD;wBACvD,IACE,IAAI,CAAC,aAAa,CAAC,eAAe;4BAClC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,IAAI,EACvC,CAAC;4BACD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,+CAA+C,EAC/C;gCACE,aAAa,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe;gCACnD,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,IAAI;gCACpD,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,GAAG;6BACpD,CACF,CAAC;4BACF,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;wBAC/D,CAAC;6BAAM,CAAC;4BACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,iEAAiE,EACjE;gCACE,kBAAkB,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe;gCACxD,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,IAAI;gCACnD,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa;6BAClC,CACF,CAAC;wBACJ,CAAC;wBAED,yEAAyE;wBACzE,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;oBACtC,CAAC;yBAAM,CAAC;wBACN,mCAAmC;wBACnC,IAAI,CAAC,2BAA2B,EAAE,CAAC;oBACrC,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,8CAA8C;gBAC9C,0CAA0C;gBAC1C,IAAI,YAAY,KAAK,cAAc,EAAE,CAAC;oBACpC,YAAY,GAAG,cAAc,CAAC;oBAC9B,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,2DAA2D,CAC5D,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,8DAA8D;QAC9D,qBAAqB,EAAE,CAAC;QACxB,kBAAkB,GAAG,MAAM,CAAC,WAAW,CAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;QAEpE,6CAA6C;QAC7C,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC;QACrC,IAAI,CAAC,OAAO,GAAG,GAAG,EAAE;YAClB,IAAI,kBAAkB,EAAE,CAAC;gBACvB,aAAa,CAAC,kBAAkB,CAAC,CAAC;YACpC,CAAC;YACD,eAAe,EAAE,CAAC;QACpB,CAAC,CAAC;IACJ,CAAC;IAEO,kBAAkB,CAAC,UAAkB;QAC3C,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC;QAClE,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAErC,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;gBAC5D,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;gBACnC,QAAQ,EAAE,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC;aACnC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;gBACtD,KAAK;gBACL,gBAAgB,EAAE,SAAS,CAAC,GAAG,CAAC,mBAAmB,CAAC;aACrD,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG,IAAI,cAAc,CAClC,gBAAgB,KAAK,EAAE,EACvB,kBAAkB,CAAC,eAAe,CACnC,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EAAE,SAAS,CAAC,OAAO;gBACzB,KAAK,EAAE,SAAS,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,KAAK;aACnD,CAAC,CAAC;YAEH,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IAEM,cAAc,CAAC,GAAW;QAC/B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,yDAAyD,CAC1D,CAAC;YACF,IAAI,CAAC,WAAW,CACd,IAAI,cAAc,CAChB,0CAA0C,EAC1C,kBAAkB,CAAC,gBAAgB,CACpC,CACF,CAAC;YACF,OAAO;QACT,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,yDAAyD,CAC1D,CAAC;YACF,IAAI,CAAC,WAAW,CACd,IAAI,cAAc,CAChB,0CAA0C,EAC1C,kBAAkB,CAAC,cAAc,CAClC,CACF,CAAC;YACF,OAAO;QACT,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1D,IAAI,CAAC,aAAa,CAAC,GAAG,GAAG,GAAG,CAAC;QAC7B,0EAA0E;QAC1E,8EAA8E;IAChF,CAAC;IAED;;OAEG;IACI,iBAAiB,CAAC,OAAgB;QACvC,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACI,iBAAiB;QACtB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACI,kBAAkB,CAAC,GAAY;QACpC,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,OAAO,KAAK,CAAC;QAEtC,MAAM,WAAW,GAAG,IAAI,CAAC,aAAa,CAAC,iBAAiB,EAAE,CAAC;QAC3D,IAAI,CAAC,GAAG;YAAE,OAAO,WAAW,CAAC;QAE7B,OAAO,WAAW,IAAI,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,KAAK,GAAG,CAAC;IACrE,CAAC;IAED;;;;;OAKG;IACI,eAAe;QACpB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YAC1B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,eAAe;QACpB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QACJ,CAAC;IACH,CAAC;CACF","sourcesContent":["import { AuthEvent } from \"../../types/index.js\";\nimport type { AuthResult } from \"../../types/index.js\";\nimport type { ProcessedCivicAuthConfig } from \"../types/AuthTypes.js\";\nimport { CivicAuthError, CivicAuthErrorCode } from \"../types/AuthTypes.js\";\nimport { SignalObserver } from \"../../iframe/SignalObserver.js\";\nimport { IframeManager } from \"../../iframe/IframeManager.js\";\nimport type { createLogger } from \"../../utils/logger.js\";\nimport { createLogger as createLoggerFn } from \"../../utils/logger.js\";\nimport { WAIT_FOR_LOGIN_APP_BROWSER_DETECTION_TIMEOUT } from \"@/constants.js\";\n\nexport interface IframeAuthHandlerConfig {\n config: ProcessedCivicAuthConfig;\n logger: ReturnType<typeof createLogger>;\n onAuthSuccess: (result: AuthResult) => void;\n onAuthError: (error: Error) => void;\n cleanup: () => void;\n messageHandler: (event: MessageEvent) => void;\n}\n\nexport class IframeAuthHandler {\n private config: ProcessedCivicAuthConfig;\n private logger = createLoggerFn(\"iframe-auth\");\n private onAuthSuccess: (result: AuthResult) => void;\n private onAuthError: (error: Error) => void;\n private cleanup: () => void;\n private messageHandler: (event: MessageEvent) => void;\n private iframeManager?: IframeManager;\n private iframeElement?: HTMLIFrameElement;\n private signalObserver?: SignalObserver;\n private earlyAuthSuccessHandler: (event: CustomEvent) => void;\n private isPreloadEnabled: boolean; // Initialized from config\n\n constructor(handlerConfig: IframeAuthHandlerConfig) {\n this.config = handlerConfig.config;\n this.logger = handlerConfig.logger;\n this.onAuthSuccess = handlerConfig.onAuthSuccess;\n this.onAuthError = handlerConfig.onAuthError;\n this.cleanup = handlerConfig.cleanup;\n this.messageHandler = handlerConfig.messageHandler;\n\n // Set preload enabled state from config\n this.isPreloadEnabled = this.config.preloadIframe;\n\n // Listen for early auth success signals from login-app\n this.earlyAuthSuccessHandler = (event: CustomEvent) => {\n this.logger.info(\"Received early auth success signal from login-app\", {\n detail: event.detail,\n });\n\n // Close the modal immediately but keep iframe for callback processing\n if (this.iframeManager) {\n this.logger.info(\"Closing modal early due to auth success signal\");\n this.iframeManager.hide();\n\n // Emit event to notify that modal is closing early\n this.config.events?.emit(AuthEvent.SIGN_IN_STARTED, {\n detail: \"Modal closed early due to auth success signal\",\n });\n }\n };\n\n window.addEventListener(\n \"civic-auth-success-early\",\n this.earlyAuthSuccessHandler as EventListener,\n );\n\n // Set up postMessage listener for cross-origin communication\n window.addEventListener(\"message\", this.messageHandler);\n }\n\n /**\n * Preloads the iframe with the authentication URL for instant display later\n * This creates the iframe in the background but keeps it completely hidden\n */\n public async preloadIframe(fullAuthUrl: string): Promise<void> {\n if (!this.isPreloadEnabled) {\n this.logger.debug(\"Iframe preloading is disabled, skipping preload\");\n return;\n }\n\n this.logger.debug(\"Preloading iframe for instant sign-in\", {\n url: fullAuthUrl,\n });\n\n // Determine the actual display mode for IframeManager first\n const iframeDisplayMode = this.determineIframeDisplayMode();\n\n let container = this.getContainerElement();\n\n // For modal mode, if no container is provided, create one dynamically\n if (iframeDisplayMode === \"modal\" && !container) {\n container = this.createModalContainer();\n }\n\n if (!container) {\n const error = new CivicAuthError(\n \"Target container element not found for preloading. \" +\n \"For embedded iframe mode, provide a targetContainerElement or ensure an element with id 'civic-login-container' exists.\",\n CivicAuthErrorCode.CONTAINER_NOT_FOUND,\n );\n this.logger.error(error.message);\n throw error;\n }\n\n this.logger.debug(\"Creating IframeManager for preloading\", {\n url: fullAuthUrl,\n containerId: container?.id,\n iframeId: this.config.iframeId,\n origin: window.location.origin,\n iframeDisplayMode,\n });\n\n // Create IframeManager with appropriate display mode\n this.iframeManager = new IframeManager({\n container: container,\n displayMode: iframeDisplayMode,\n iframeId: this.config.iframeId,\n onClose: () => {\n this.logger.debug(\"Authentication close requested during preload\");\n // For preload, we don't want to trigger auth error, just cleanup\n this.cleanupIframe();\n },\n });\n\n // Preload the iframe using IframeManager\n this.iframeElement = this.iframeManager.preloadIframe(fullAuthUrl);\n\n // Set up event handlers for the preloaded iframe\n this.setupIframeEventHandlers();\n this.setupIframeNavigationMonitoring();\n\n this.logger.debug(\"Iframe preloaded successfully\", { url: fullAuthUrl });\n }\n\n public async handleIframeAuth(\n fullAuthUrl: string,\n ): Promise<HTMLIFrameElement> {\n // Check if we have a preloaded iframe that we can show instantly\n // We use the preloaded iframe if available, even if URLs don't exactly match,\n // since PKCE challenges and other parameters may differ between preload and actual auth\n if (this.iframeManager?.isIframePreloaded() && this.iframeElement) {\n const preloadedUrl = this.iframeManager.getPreloadedUrl();\n this.logger.debug(\"Using preloaded iframe for instant sign-in\", {\n preloadedUrl,\n requestedUrl: fullAuthUrl,\n urlsMatch: preloadedUrl === fullAuthUrl,\n });\n\n // Don't change iframe.src for preloaded iframes - use them as-is to avoid reload\n // The preloaded authentication flow will work perfectly without URL changes\n this.logger.debug(\"Using preloaded iframe without reload\", {\n preloadedUrl,\n requestedUrl: fullAuthUrl,\n action: \"skipping_url_change_to_prevent_reload\",\n });\n\n // Update the onClose handler for active authentication\n // During preload, onClose only cleaned up, but during active auth it should emit error events\n this.iframeManager.updateOnCloseHandler(() => {\n this.logger.debug(\n \"Authentication close requested by user (backdrop click, close button, or Escape key)\",\n );\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication cancelled by user\",\n });\n\n const error = new CivicAuthError(\n \"Authentication cancelled by user\",\n CivicAuthErrorCode.USER_CANCELLED,\n );\n\n this.onAuthError(error);\n this.cleanup();\n });\n\n // Show the preloaded iframe instantly\n this.iframeElement = this.iframeManager.createIframe(fullAuthUrl);\n\n this.config.events?.emit(AuthEvent.SIGN_IN_STARTED, {\n detail: \"Preloaded iframe displayed instantly\",\n });\n\n return this.iframeElement;\n }\n\n // Fallback to creating a new iframe if no preload is available\n this.logger.debug(\"No preloaded iframe available, creating new iframe\", {\n url: fullAuthUrl,\n });\n\n // Determine the actual display mode for IframeManager first\n const iframeDisplayMode = this.determineIframeDisplayMode();\n\n let container = this.getContainerElement();\n\n // For modal mode, if no container is provided, create one dynamically\n if (iframeDisplayMode === \"modal\" && !container) {\n container = this.createModalContainer();\n }\n\n if (!container) {\n const error = new CivicAuthError(\n \"Target container element not found. \" +\n \"For embedded iframe mode, provide a targetContainerElement or ensure an element with class id 'civic-login-container' exists.\",\n CivicAuthErrorCode.CONTAINER_NOT_FOUND,\n );\n this.logger.error(error.message);\n throw error;\n }\n\n this.logger.debug(\"Creating iframe with modal backdrop\", {\n url: fullAuthUrl,\n containerId: container?.id,\n iframeId: this.config.iframeId,\n origin: window.location.origin,\n iframeDisplayMode,\n containerCreated:\n iframeDisplayMode === \"modal\" && !this.config.targetContainerElement,\n });\n\n this.logger.debug(\n `🎯 CivicAuth: Creating IframeManager with display mode: ${iframeDisplayMode}`,\n );\n\n // Create IframeManager with appropriate display mode\n this.iframeManager = new IframeManager({\n container: container,\n displayMode: iframeDisplayMode,\n iframeId: this.config.iframeId,\n /**\n * Handles iframe closure events initiated by the user.\n * This includes backdrop clicks, close button clicks, or Escape key presses.\n * Emits an error event and cleans up the authentication process.\n */\n onClose: () => {\n this.logger.debug(\n \"Authentication close requested by user (backdrop click, close button, or Escape key)\",\n );\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication cancelled by user\",\n });\n\n const error = new CivicAuthError(\n \"Authentication cancelled by user\",\n CivicAuthErrorCode.USER_CANCELLED,\n );\n\n this.onAuthError(error);\n this.cleanup();\n },\n });\n\n // Create the iframe using IframeManager\n this.iframeElement = this.iframeManager.createIframe(fullAuthUrl);\n\n this.config.events?.emit(AuthEvent.SIGN_IN_STARTED, {\n detail: \"Iframe created with modal backdrop\",\n });\n\n this.setupIframeEventHandlers();\n this.setupIframeNavigationMonitoring();\n\n return this.iframeElement;\n }\n\n public getIframeManager(): IframeManager | undefined {\n return this.iframeManager;\n }\n\n public getIframeElement(): HTMLIFrameElement | undefined {\n return this.iframeElement;\n }\n\n public cleanupIframe(): void {\n this.logger.debug(\"Cleaning up iframe manager\");\n\n // Check if we're in embedded mode - if so, preserve the iframe completely\n const isEmbeddedMode = this.iframeManager?.getDisplayMode() === \"embedded\";\n\n if (isEmbeddedMode) {\n // For embedded mode, do NOT cleanup anything - keep iframe visible in its current state\n this.logger.debug(\n \"Embedded mode detected - preserving iframe in its current state, no cleanup\",\n );\n // Only clean up event listeners but keep iframe and all DOM structure intact\n if (this.earlyAuthSuccessHandler) {\n window.removeEventListener(\n \"civic-auth-success-early\",\n this.earlyAuthSuccessHandler as EventListener,\n );\n }\n // Keep iframe element reference for embedded mode\n return;\n }\n\n // For modal mode, do full cleanup as before\n this.iframeManager?.cleanup();\n this.iframeManager = undefined;\n\n if (this.iframeElement) {\n this.iframeElement = undefined;\n }\n\n // Remove early auth success event listener\n if (this.earlyAuthSuccessHandler) {\n window.removeEventListener(\n \"civic-auth-success-early\",\n this.earlyAuthSuccessHandler as EventListener,\n );\n }\n\n // Clean up dynamically created modal containers\n this.cleanupDynamicModalContainer();\n }\n\n private cleanupDynamicModalContainer(): void {\n // Only clean up containers we created dynamically (not user-provided ones)\n if (!this.config.targetContainerElement) {\n const dynamicContainer = document.querySelector(\n `[data-civic-auth-modal=\"true\"]#${this.config.iframeId}-modal-container`,\n );\n\n if (dynamicContainer && dynamicContainer.parentNode) {\n this.logger.debug(\"Removing dynamic modal container\", {\n containerId: dynamicContainer.id,\n });\n dynamicContainer.parentNode.removeChild(dynamicContainer);\n }\n }\n }\n\n private createModalContainer(): HTMLElement {\n const container = document.createElement(\"div\");\n container.id = `${this.config.iframeId}-modal-container`;\n container.setAttribute(\"data-civic-auth-modal\", \"true\");\n\n // Append to body for modal overlay\n document.body.appendChild(container);\n\n this.logger.debug(\"Created dynamic modal container\", {\n containerId: container.id,\n });\n\n return container;\n }\n\n private getContainerElement(): HTMLElement | null {\n if (typeof this.config.targetContainerElement === \"string\") {\n const element = document.getElementById(\n this.config.targetContainerElement,\n );\n if (!element) {\n this.logger.warn(\n `Container element with ID \"${this.config.targetContainerElement}\" not found`,\n );\n }\n return element;\n }\n\n if (this.config.targetContainerElement) {\n return this.config.targetContainerElement;\n }\n\n // Fallback: Look for element with id \"civic-login-container\"\n const fallbackContainer = document.getElementById(\n \"civic-login-container\",\n ) as HTMLElement;\n if (fallbackContainer) {\n this.logger.debug(\n 'Using fallback container with id \"civic-login-container\"',\n );\n return fallbackContainer;\n }\n\n return null;\n }\n\n private determineIframeDisplayMode(): \"modal\" | \"embedded\" {\n // Priority 1: Explicit iframeDisplayMode setting from config\n // This is the most specific instruction for how the iframe itself should be styled.\n if (this.config.iframeDisplayMode) {\n this.logger.debug(\n `Using configured iframeDisplayMode: ${this.config.iframeDisplayMode}`,\n );\n return this.config.iframeDisplayMode;\n }\n\n // Priority 2: If iframeDisplayMode is NOT set, and the overall displayMode is \"iframe\",\n // default the iframe's own rendering style to \"modal\" (user-friendly default).\n // To get an embedded iframe, iframeDisplayMode: \"embedded\" should be set explicitly.\n if (this.config.displayMode === \"iframe\") {\n this.logger.debug(\n \"Overall displayMode is 'iframe' and iframeDisplayMode is not set, defaulting iframe style to 'modal'.\",\n );\n return \"modal\";\n }\n\n // Fallback for unexpected scenarios or if IframeAuthHandler is invoked with other displayModes.\n this.logger.warn(\n `determineIframeDisplayMode called with overall displayMode: '${this.config.displayMode}' ` +\n `and no explicit iframeDisplayMode. Defaulting iframe style to 'modal'.`,\n );\n return \"modal\";\n }\n\n private setupIframeEventHandlers(): void {\n if (!this.iframeElement) return;\n\n this.iframeElement.onload = () => {\n this.logger.info(\"Iframe loaded\", {\n iframeSrc: this.iframeElement?.src,\n currentOrigin: window.location.origin,\n expectedAuthServerOrigin: new URL(this.config.oauthServerBaseUrl)\n .origin,\n });\n\n if (!this.iframeElement?.contentWindow) {\n const errorMsg = \"Iframe content window not available after load.\";\n this.logger.error(errorMsg, {\n iframeSrc: this.iframeElement?.src,\n });\n\n const error = new Error(errorMsg);\n this.onAuthError(error);\n this.cleanup();\n return;\n }\n this.logger.info(\n \"Added cross-origin message event listener for auth server communication\",\n {\n parentOrigin: window.location.origin,\n authServerOrigin: new URL(this.config.oauthServerBaseUrl).origin,\n },\n );\n\n // Hide iframe content if it's not the login app\n this.checkAndHideNonLoginContent();\n\n // Try to detect redirect to our domain\n this.checkIframeRedirect();\n };\n\n this.iframeElement.onerror = (event) => {\n this.logger.error(\"Iframe load error\", {\n event,\n iframeSrc: this.iframeElement?.src,\n currentOrigin: window.location.origin,\n });\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Iframe load error\",\n error: event,\n });\n\n const error = new Error(\"Iframe failed to load.\");\n this.onAuthError(error);\n this.cleanup();\n };\n }\n\n private checkAndHideNonLoginContent(): void {\n try {\n const currentUrl = this.iframeElement?.contentWindow?.location.href;\n if (currentUrl) {\n const currentOrigin = new URL(currentUrl).origin;\n const expectedAuthServerOrigin = this.config.oauthServerBaseUrl\n ? new URL(this.config.oauthServerBaseUrl).origin\n : null;\n const isOnAuthServer = expectedAuthServerOrigin\n ? currentOrigin === expectedAuthServerOrigin\n : false;\n const isCallbackUrl = this.config.redirectUrl\n ? currentUrl.startsWith(this.config.redirectUrl)\n : false;\n\n if (isOnAuthServer && !isCallbackUrl) {\n this.logger.info(\n \"👀 Showing iframe content - confirmed login app on auth server origin\",\n {\n currentUrl,\n isOnAuthServer,\n isCallbackUrl,\n currentOrigin,\n expectedAuthServerOrigin,\n },\n );\n this.iframeManager?.forceHideLoader();\n } else {\n this.logger.info(\n \"🙈 Hiding iframe completely - not login app or on callback URL\",\n {\n currentUrl,\n isOnAuthServer,\n isCallbackUrl,\n currentOrigin,\n expectedAuthServerOrigin,\n reason: !isOnAuthServer\n ? expectedAuthServerOrigin\n ? \"not on auth server (origin mismatch)\"\n : \"auth server origin unknown\"\n : \"on callback URL (or origin mismatch for login page)\",\n },\n );\n\n if (isCallbackUrl) {\n this.iframeManager?.hide();\n } else {\n this.iframeManager?.forceShowLoader();\n }\n }\n }\n } catch (error) {\n this.logger.debug(\n \"Cannot access iframe URL (likely cross-origin) - assuming login app, showing content.\",\n { error: error instanceof Error ? error.message : String(error) },\n );\n setTimeout(() => {\n // Force hide loader after a short delay to ensure any initial loading is complete\n // to give the login-app time to send any post message signals\n this.iframeManager?.forceHideLoader();\n }, WAIT_FOR_LOGIN_APP_BROWSER_DETECTION_TIMEOUT);\n }\n }\n\n private checkIframeRedirect(): void {\n try {\n const currentIframeHref =\n this.iframeElement?.contentWindow?.location.href;\n\n if (currentIframeHref) {\n this.logger.debug(\"Iframe current href accessible\", {\n href: currentIframeHref,\n redirectUrl: this.config.redirectUrl,\n startsWithRedirect: currentIframeHref.startsWith(\n this.config.redirectUrl,\n ),\n });\n\n if (currentIframeHref.startsWith(this.config.redirectUrl)) {\n this.logger.info(\n \"Iframe has navigated to redirectUrl (same-origin). Setting up DOM observer.\",\n );\n\n // Hide content since we're on callback page now\n this.checkAndHideNonLoginContent();\n\n // Set up signal observer for same-origin callback page\n if (\n this.iframeElement?.contentDocument &&\n this.iframeElement.contentDocument.body\n ) {\n this.setupSignalObserver(this.iframeElement.contentDocument);\n } else {\n this.logger.warn(\n \"Iframe content document or body not available for signal observer\",\n );\n }\n }\n }\n } catch (error) {\n this.logger.debug(\n \"Error checking iframe href (expected for cross-origin)\",\n {\n error: error instanceof Error ? error.message : String(error),\n iframeSrc: this.iframeElement?.src,\n },\n );\n // This is expected when the iframe is on the auth server domain\n this.logger.info(\n \"Iframe is on auth server domain - using postMessage for communication\",\n {\n parentOrigin: window.location.origin,\n authServerOrigin: new URL(this.config.oauthServerBaseUrl).origin,\n },\n );\n }\n }\n\n private setupSignalObserver(iframeDoc: Document): void {\n this.logger.info(\"📝 Setting up SignalObserver\", {\n documentURL: iframeDoc.URL,\n documentTitle: iframeDoc.title,\n bodyExists: !!iframeDoc.body,\n textSignals: this.config.textSignals,\n hasEvents: !!this.config.events,\n });\n\n const signalObserver = new SignalObserver(\n {\n textSignals: this.config.textSignals,\n events: this.config.events,\n logger: this.logger,\n },\n this.onAuthSuccess,\n (error?: Error) =>\n this.onAuthError(error || new Error(\"Signal observer error\")),\n () => this.cleanup(),\n );\n\n this.signalObserver = signalObserver; // Store reference\n\n try {\n signalObserver.setup(iframeDoc);\n this.logger.info(\"✅ SignalObserver setup completed successfully\");\n } catch (error) {\n this.logger.error(\"❌ SignalObserver setup failed\", {\n error: error instanceof Error ? error.message : String(error),\n });\n }\n }\n\n private setupIframeNavigationMonitoring(): void {\n // Monitor iframe navigation to detect when it redirects to our callback URL\n let monitoringInterval: number | undefined = undefined;\n let lastKnownUrl = \"\";\n\n const checkIframeNavigation = () => {\n if (!this.iframeElement?.contentWindow) {\n if (monitoringInterval) {\n clearInterval(monitoringInterval);\n }\n return;\n }\n\n try {\n const currentUrl = this.iframeElement.contentWindow.location.href;\n\n if (currentUrl !== lastKnownUrl) {\n lastKnownUrl = currentUrl;\n this.logger.info(\"🔍 Iframe navigation detected\", {\n newUrl: currentUrl,\n redirectUrl: this.config.redirectUrl,\n isCallbackUrl: currentUrl.startsWith(this.config.redirectUrl),\n });\n\n // Check if iframe has navigated to our callback URL\n if (currentUrl.startsWith(this.config.redirectUrl)) {\n // Hide immediately on callback URL detection\n this.iframeManager?.hide();\n this.logger.info(\n \"🎯 Iframe navigated to callback URL - setting up signal observer\",\n {\n callbackUrl: currentUrl,\n hasContentDocument: !!this.iframeElement.contentDocument,\n hasBody: !!this.iframeElement.contentDocument?.body,\n },\n );\n\n if (monitoringInterval) {\n clearInterval(monitoringInterval);\n }\n\n // Set up signal observer for same-origin callback page\n if (\n this.iframeElement.contentDocument &&\n this.iframeElement.contentDocument.body\n ) {\n this.logger.info(\n \"✅ Setting up SignalObserver for callback page\",\n {\n documentReady: !!this.iframeElement.contentDocument,\n bodyReady: !!this.iframeElement.contentDocument.body,\n documentURL: this.iframeElement.contentDocument.URL,\n },\n );\n this.setupSignalObserver(this.iframeElement.contentDocument);\n } else {\n this.logger.warn(\n \"❌ Cannot set up SignalObserver - iframe document not accessible\",\n {\n hasContentDocument: !!this.iframeElement.contentDocument,\n hasBody: !!this.iframeElement.contentDocument?.body,\n iframeReady: !!this.iframeElement,\n },\n );\n }\n\n // Also check for URL parameters (code, error) in case of direct callback\n this.processCallbackUrl(currentUrl);\n } else {\n // Hide content if not on login app\n this.checkAndHideNonLoginContent();\n }\n }\n } catch {\n // Expected when iframe is on different origin\n // Only log if we haven't seen this before\n if (lastKnownUrl !== \"cross-origin\") {\n lastKnownUrl = \"cross-origin\";\n this.logger.debug(\n \"Iframe on cross-origin domain (expected during auth flow)\",\n );\n }\n }\n };\n\n // Check immediately and then every 100ms for faster detection\n checkIframeNavigation();\n monitoringInterval = window.setInterval(checkIframeNavigation, 100);\n\n // Store cleanup function to clear monitoring\n const originalCleanup = this.cleanup;\n this.cleanup = () => {\n if (monitoringInterval) {\n clearInterval(monitoringInterval);\n }\n originalCleanup();\n };\n }\n\n private processCallbackUrl(currentUrl: string): void {\n const urlParams = new URLSearchParams(new URL(currentUrl).search);\n const code = urlParams.get(\"code\");\n const error = urlParams.get(\"error\");\n\n if (code) {\n this.logger.info(\"Authorization code detected in iframe URL\", {\n code: code.substring(0, 10) + \"...\",\n hasState: !!urlParams.get(\"state\"),\n });\n }\n\n if (error) {\n this.logger.error(\"OAuth error detected in iframe URL\", {\n error,\n errorDescription: urlParams.get(\"error_description\"),\n });\n\n const authError = new CivicAuthError(\n `OAuth error: ${error}`,\n CivicAuthErrorCode.INVALID_MESSAGE,\n );\n\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: authError.message,\n error: urlParams.get(\"error_description\") || error,\n });\n\n this.onAuthError(authError);\n }\n }\n\n public navigateIframe(url: string): void {\n if (!this.iframeElement) {\n this.logger.error(\n \"Cannot navigate iframe, iframeElement is not available.\",\n );\n this.onAuthError(\n new CivicAuthError(\n \"Iframe element not found for navigation.\",\n CivicAuthErrorCode.IFRAME_NOT_FOUND,\n ),\n );\n return;\n }\n if (!this.iframeManager) {\n this.logger.error(\n \"Cannot navigate iframe, iframeManager is not available.\",\n );\n this.onAuthError(\n new CivicAuthError(\n \"Iframe manager not found for navigation.\",\n CivicAuthErrorCode.INTERNAL_ERROR,\n ),\n );\n return;\n }\n this.logger.info(\"Navigating iframe to new URL\", { url });\n this.iframeElement.src = url;\n // After changing src, existing onload/onmessage handlers in IframeManager\n // and navigation monitoring in this class should manage visibility and state.\n }\n\n /**\n * Enable or disable iframe preloading\n */\n public setPreloadEnabled(enabled: boolean): void {\n this.isPreloadEnabled = enabled;\n this.logger.debug(\"Iframe preloading\", { enabled });\n }\n\n /**\n * Check if iframe preloading is enabled\n */\n public getPreloadEnabled(): boolean {\n return this.isPreloadEnabled;\n }\n\n /**\n * Check if an iframe is currently preloaded and ready for instant display\n *\n * This function helps optimize user experience by determining if we can show\n * a preloaded iframe immediately instead of loading a new one. The logic:\n *\n * 1. Returns false if no iframe manager exists (can't have preloaded content)\n * 2. Checks if any iframe is currently preloaded via the iframe manager\n * 3. If no specific URL is provided, returns whether any iframe is preloaded\n * 4. If a URL is provided, ensures both that an iframe is preloaded AND\n * that it contains the exact URL we need\n *\n * This prevents unnecessary iframe reloads when the user triggers auth flows\n * with the same URL that's already loaded and ready to display.\n *\n * @param url - Optional URL to match against the preloaded iframe's URL\n * @returns true if a suitable preloaded iframe exists, false otherwise\n */\n public hasPreloadedIframe(url?: string): boolean {\n if (!this.iframeManager) return false;\n\n const isPreloaded = this.iframeManager.isIframePreloaded();\n if (!url) return isPreloaded;\n\n return isPreloaded && this.iframeManager.getPreloadedUrl() === url;\n }\n\n /**\n * Force the iframe to hide, even if it is currently showing\n *\n * This is useful for cleanup or when you want to ensure the iframe is not visible\n * regardless of its current state.\n */\n public forceHideIframe(): void {\n if (this.iframeManager) {\n this.iframeManager.hide();\n this.logger.debug(\"Forced iframe to hide\");\n } else {\n this.logger.warn(\n \"Cannot force hide iframe, iframe manager not initialized\",\n );\n }\n }\n\n /**\n * Force the iframe to show the loading indicator\n */\n public forceShowLoader(): void {\n if (this.iframeManager) {\n this.iframeManager.forceShowLoader();\n this.logger.debug(\"Forced iframe loader to show\");\n } else {\n this.logger.warn(\n \"Cannot force show loader, iframe manager not initialized\",\n );\n }\n }\n}\n"]}
1
+ {"version":3,"file":"IframeAuthHandler.js","sourceRoot":"","sources":["../../../../src/vanillajs/auth/handlers/IframeAuthHandler.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAGjD,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,MAAM,gCAAgC,CAAC;AAChE,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D,OAAO,EAAE,YAAY,IAAI,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvE,OAAO,EAAE,4CAA4C,EAAE,MAAM,gBAAgB,CAAC;AAW9E,MAAM,OAAO,iBAAiB;IACpB,MAAM,CAA2B;IACjC,MAAM,GAAG,cAAc,CAAC,aAAa,CAAC,CAAC;IACvC,aAAa,CAA+B;IAC5C,WAAW,CAAyB;IACpC,OAAO,CAAa;IACpB,cAAc,CAAgC;IAC9C,aAAa,CAAiB;IAC9B,aAAa,CAAqB;IAClC,cAAc,CAAkB;IAChC,uBAAuB,CAA+B;IACtD,gBAAgB,CAAU,CAAC,0BAA0B;IAE7D,YAAY,aAAsC;QAChD,IAAI,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC;QACnC,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC,aAAa,CAAC;QACjD,IAAI,CAAC,WAAW,GAAG,aAAa,CAAC,WAAW,CAAC;QAC7C,IAAI,CAAC,OAAO,GAAG,aAAa,CAAC,OAAO,CAAC;QACrC,IAAI,CAAC,cAAc,GAAG,aAAa,CAAC,cAAc,CAAC;QAEnD,wCAAwC;QACxC,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;QAElD,uDAAuD;QACvD,IAAI,CAAC,uBAAuB,GAAG,CAAC,KAAkB,EAAE,EAAE;YACpD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,mDAAmD,EAAE;gBACpE,MAAM,EAAE,KAAK,CAAC,MAAM;aACrB,CAAC,CAAC;YAEH,sEAAsE;YACtE,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;gBACvB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;gBACnE,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;gBAE1B,mDAAmD;gBACnD,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;oBAClD,MAAM,EAAE,+CAA+C;iBACxD,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,CAAC,gBAAgB,CACrB,0BAA0B,EAC1B,IAAI,CAAC,uBAAwC,CAC9C,CAAC;QAEF,6DAA6D;QAC7D,MAAM,CAAC,gBAAgB,CAAC,SAAS,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;IAC1D,CAAC;IAED;;;OAGG;IACI,KAAK,CAAC,aAAa,CAAC,WAAmB;QAC5C,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACrE,OAAO;QACT,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;YACzD,GAAG,EAAE,WAAW;SACjB,CAAC,CAAC;QAEH,4DAA4D;QAC5D,MAAM,iBAAiB,GAAG,IAAI,CAAC,0BAA0B,EAAE,CAAC;QAE5D,IAAI,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAE3C,sEAAsE;QACtE,IAAI,iBAAiB,KAAK,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC;YAChD,SAAS,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,qDAAqD;gBACnD,yHAAyH,EAC3H,kBAAkB,CAAC,mBAAmB,CACvC,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACjC,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;YACzD,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,SAAS,EAAE,EAAE;YAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;YAC9B,iBAAiB;SAClB,CAAC,CAAC;QAEH,qDAAqD;QACrD,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC;YACrC,SAAS,EAAE,SAAS;YACpB,WAAW,EAAE,iBAAiB;YAC9B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,OAAO,EAAE,GAAG,EAAE;gBACZ,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;gBACnE,iEAAiE;gBACjE,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,CAAC;SACF,CAAC,CAAC;QAEH,yCAAyC;QACzC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;QAEnE,iDAAiD;QACjD,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,IAAI,CAAC,+BAA+B,EAAE,CAAC;QAEvC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE,EAAE,GAAG,EAAE,WAAW,EAAE,CAAC,CAAC;IAC3E,CAAC;IAEM,KAAK,CAAC,gBAAgB,CAC3B,WAAmB;QAEnB,iEAAiE;QACjE,8EAA8E;QAC9E,wFAAwF;QACxF,IAAI,IAAI,CAAC,aAAa,EAAE,iBAAiB,EAAE,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAClE,MAAM,YAAY,GAAG,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC;YAC1D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4CAA4C,EAAE;gBAC9D,YAAY;gBACZ,YAAY,EAAE,WAAW;gBACzB,SAAS,EAAE,YAAY,KAAK,WAAW;aACxC,CAAC,CAAC;YAEH,iFAAiF;YACjF,4EAA4E;YAC5E,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uCAAuC,EAAE;gBACzD,YAAY;gBACZ,YAAY,EAAE,WAAW;gBACzB,MAAM,EAAE,uCAAuC;aAChD,CAAC,CAAC;YAEH,uDAAuD;YACvD,8FAA8F;YAC9F,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC,GAAG,EAAE;gBAC3C,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,sFAAsF,CACvF,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;oBAChD,MAAM,EAAE,kCAAkC;iBAC3C,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,kCAAkC,EAClC,kBAAkB,CAAC,cAAc,CAClC,CAAC;gBAEF,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBACxB,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,sCAAsC;YACtC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;YAElE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;gBAClD,MAAM,EAAE,sCAAsC;aAC/C,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,aAAa,CAAC;QAC5B,CAAC;QAED,+DAA+D;QAC/D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oDAAoD,EAAE;YACtE,GAAG,EAAE,WAAW;SACjB,CAAC,CAAC;QAEH,4DAA4D;QAC5D,MAAM,iBAAiB,GAAG,IAAI,CAAC,0BAA0B,EAAE,CAAC;QAE5D,IAAI,SAAS,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAE3C,sEAAsE;QACtE,IAAI,iBAAiB,KAAK,OAAO,IAAI,CAAC,SAAS,EAAE,CAAC;YAChD,SAAS,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,sCAAsC;gBACpC,+HAA+H,EACjI,kBAAkB,CAAC,mBAAmB,CACvC,CAAC;YACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YACjC,MAAM,KAAK,CAAC;QACd,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qCAAqC,EAAE;YACvD,GAAG,EAAE,WAAW;YAChB,WAAW,EAAE,SAAS,EAAE,EAAE;YAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;YAC9B,iBAAiB;YACjB,gBAAgB,EACd,iBAAiB,KAAK,OAAO,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,sBAAsB;SACvE,CAAC,CAAC;QAEH,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,2DAA2D,iBAAiB,EAAE,CAC/E,CAAC;QAEF,qDAAqD;QACrD,IAAI,CAAC,aAAa,GAAG,IAAI,aAAa,CAAC;YACrC,SAAS,EAAE,SAAS;YACpB,WAAW,EAAE,iBAAiB;YAC9B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;YAC9B;;;;eAIG;YACH,OAAO,EAAE,GAAG,EAAE;gBACZ,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,sFAAsF,CACvF,CAAC;gBACF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;oBAChD,MAAM,EAAE,kCAAkC;iBAC3C,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAG,IAAI,cAAc,CAC9B,kCAAkC,EAClC,kBAAkB,CAAC,cAAc,CAClC,CAAC;gBAEF,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBACxB,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,CAAC;SACF,CAAC,CAAC;QAEH,wCAAwC;QACxC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QAElE,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,eAAe,EAAE;YAClD,MAAM,EAAE,oCAAoC;SAC7C,CAAC,CAAC;QAEH,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAChC,IAAI,CAAC,+BAA+B,EAAE,CAAC;QAEvC,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAEM,gBAAgB;QACrB,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAEM,gBAAgB;QACrB,OAAO,IAAI,CAAC,aAAa,CAAC;IAC5B,CAAC;IAEM,aAAa;QAClB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;QAEhD,0EAA0E;QAC1E,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,EAAE,cAAc,EAAE,KAAK,UAAU,CAAC;QAE3E,IAAI,cAAc,EAAE,CAAC;YACnB,wFAAwF;YACxF,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,6EAA6E,CAC9E,CAAC;YACF,6EAA6E;YAC7E,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;gBACjC,MAAM,CAAC,mBAAmB,CACxB,0BAA0B,EAC1B,IAAI,CAAC,uBAAwC,CAC9C,CAAC;YACJ,CAAC;YACD,kDAAkD;YAClD,OAAO;QACT,CAAC;QAED,4CAA4C;QAC5C,IAAI,CAAC,aAAa,EAAE,OAAO,EAAE,CAAC;QAC9B,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;QAE/B,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,GAAG,SAAS,CAAC;QACjC,CAAC;QAED,2CAA2C;QAC3C,IAAI,IAAI,CAAC,uBAAuB,EAAE,CAAC;YACjC,MAAM,CAAC,mBAAmB,CACxB,0BAA0B,EAC1B,IAAI,CAAC,uBAAwC,CAC9C,CAAC;QACJ,CAAC;QAED,gDAAgD;QAChD,IAAI,CAAC,4BAA4B,EAAE,CAAC;IACtC,CAAC;IAEO,4BAA4B;QAClC,2EAA2E;QAC3E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACxC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,aAAa,CAC7C,kCAAkC,IAAI,CAAC,MAAM,CAAC,QAAQ,kBAAkB,CACzE,CAAC;YAEF,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,UAAU,EAAE,CAAC;gBACpD,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,EAAE;oBACpD,WAAW,EAAE,gBAAgB,CAAC,EAAE;iBACjC,CAAC,CAAC;gBACH,gBAAgB,CAAC,UAAU,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;IACH,CAAC;IAEO,oBAAoB;QAC1B,MAAM,SAAS,GAAG,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;QAChD,SAAS,CAAC,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,kBAAkB,CAAC;QACzD,SAAS,CAAC,YAAY,CAAC,uBAAuB,EAAE,MAAM,CAAC,CAAC;QAExD,mCAAmC;QACnC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAErC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,iCAAiC,EAAE;YACnD,WAAW,EAAE,SAAS,CAAC,EAAE;SAC1B,CAAC,CAAC;QAEH,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,mBAAmB;QACzB,IAAI,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,KAAK,QAAQ,EAAE,CAAC;YAC3D,MAAM,OAAO,GAAG,QAAQ,CAAC,cAAc,CACrC,IAAI,CAAC,MAAM,CAAC,sBAAsB,CACnC,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,8BAA8B,IAAI,CAAC,MAAM,CAAC,sBAAsB,aAAa,CAC9E,CAAC;YACJ,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,EAAE,CAAC;YACvC,OAAO,IAAI,CAAC,MAAM,CAAC,sBAAsB,CAAC;QAC5C,CAAC;QAED,6DAA6D;QAC7D,MAAM,iBAAiB,GAAG,QAAQ,CAAC,cAAc,CAC/C,uBAAuB,CACT,CAAC;QACjB,IAAI,iBAAiB,EAAE,CAAC;YACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,0DAA0D,CAC3D,CAAC;YACF,OAAO,iBAAiB,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,0BAA0B;QAChC,6DAA6D;QAC7D,oFAAoF;QACpF,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAClC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uCAAuC,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CACvE,CAAC;YACF,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC;QACvC,CAAC;QAED,wFAAwF;QACxF,+EAA+E;QAC/E,qFAAqF;QACrF,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;YACzC,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uGAAuG,CACxG,CAAC;YACF,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,gGAAgG;QAChG,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gEAAgE,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI;YACzF,wEAAwE,CAC3E,CAAC;QACF,OAAO,OAAO,CAAC;IACjB,CAAC;IAEO,wBAAwB;QAC9B,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,OAAO;QAEhC,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,GAAG,EAAE;YAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE;gBAChC,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;gBAClC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACrC,wBAAwB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC;qBAC9D,MAAM;aACV,CAAC,CAAC;YAEH,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,CAAC;gBACvC,MAAM,QAAQ,GAAG,iDAAiD,CAAC;gBACnE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,EAAE;oBAC1B,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;iBACnC,CAAC,CAAC;gBAEH,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAClC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;gBACxB,IAAI,CAAC,OAAO,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YACD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,yEAAyE,EACzE;gBACE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACpC,gBAAgB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM;aACjE,CACF,CAAC;YAEF,gDAAgD;YAChD,IAAI,CAAC,2BAA2B,EAAE,CAAC;YAEnC,uCAAuC;YACvC,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7B,CAAC,CAAC;QAEF,IAAI,CAAC,aAAa,CAAC,OAAO,GAAG,CAAC,KAAK,EAAE,EAAE;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE;gBACrC,KAAK;gBACL,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;gBAClC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;aACtC,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EAAE,mBAAmB;gBAC3B,KAAK,EAAE,KAAK;aACb,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;YAClD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACxB,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,CAAC,CAAC;IACJ,CAAC;IAEO,2BAA2B;QACjC,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC;YACpE,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC;gBACjD,MAAM,wBAAwB,GAAG,IAAI,CAAC,MAAM,CAAC,kBAAkB;oBAC7D,CAAC,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM;oBAChD,CAAC,CAAC,IAAI,CAAC;gBACT,MAAM,cAAc,GAAG,wBAAwB;oBAC7C,CAAC,CAAC,aAAa,KAAK,wBAAwB;oBAC5C,CAAC,CAAC,KAAK,CAAC;gBACV,MAAM,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW;oBAC3C,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;oBAChD,CAAC,CAAC,KAAK,CAAC;gBAEV,IAAI,cAAc,IAAI,CAAC,aAAa,EAAE,CAAC;oBACrC,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,uEAAuE,EACvE;wBACE,UAAU;wBACV,cAAc;wBACd,aAAa;wBACb,aAAa;wBACb,wBAAwB;qBACzB,CACF,CAAC;oBACF,IAAI,CAAC,aAAa,EAAE,eAAe,EAAE,CAAC;gBACxC,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,gEAAgE,EAChE;wBACE,UAAU;wBACV,cAAc;wBACd,aAAa;wBACb,aAAa;wBACb,wBAAwB;wBACxB,MAAM,EAAE,CAAC,cAAc;4BACrB,CAAC,CAAC,wBAAwB;gCACxB,CAAC,CAAC,sCAAsC;gCACxC,CAAC,CAAC,4BAA4B;4BAChC,CAAC,CAAC,qDAAqD;qBAC1D,CACF,CAAC;oBAEF,IAAI,aAAa,EAAE,CAAC;wBAClB,IAAI,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC;oBAC7B,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,aAAa,EAAE,eAAe,EAAE,CAAC;oBACxC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,uFAAuF,EACvF,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAClE,CAAC;YACF,UAAU,CAAC,GAAG,EAAE;gBACd,kFAAkF;gBAClF,8DAA8D;gBAC9D,IAAI,CAAC,aAAa,EAAE,eAAe,EAAE,CAAC;YACxC,CAAC,EAAE,4CAA4C,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAEO,mBAAmB;QACzB,IAAI,CAAC;YACH,MAAM,iBAAiB,GACrB,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC;YACnD,MAAM,mBAAmB,GACvB,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,QAAQ,CAAC,MAAM,CAAC;YACrD,MAAM,iBAAiB,GACrB,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,QAAQ,CAAC,QAAQ,CAAC;YACvD,IAAI,iBAAiB,EAAE,CAAC;gBACtB,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE;oBAClD,IAAI,EAAE,iBAAiB;oBACvB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;oBACpC,kBAAkB,EAAE,iBAAiB,CAAC,UAAU,CAC9C,IAAI,CAAC,MAAM,CAAC,WAAW,CACxB;iBACF,CAAC,CAAC;gBACH,uEAAuE;gBACvE,6EAA6E;gBAC7E,4EAA4E;gBAC5E,IACE,CAAC,CACC,iBAAiB,KAAK,QAAQ;oBAC9B,mBAAmB,EAAE,QAAQ,CAAC,WAAW,CAAC,CAC3C,IAAI,sDAAsD;oBAC3D,mBAAmB,KAAK,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,MAAM;oBAC/D,CAAC,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,iFAAiF;kBACxI,CAAC;oBACD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,uFAAuF,CACxF,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE;wBAC7C,GAAG,EAAE,iBAAiB;wBACtB,MAAM,EAAE,OAAO,EAAE,2HAA2H;qBAC7I,CAAC,CAAC;oBACH,IAAI,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC;oBAC3B,OAAO;gBACT,CAAC;gBACD,IAAI,iBAAiB,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;oBAC1D,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,6EAA6E,CAC9E,CAAC;oBAEF,gDAAgD;oBAChD,IAAI,CAAC,2BAA2B,EAAE,CAAC;oBAEnC,uDAAuD;oBACvD,IACE,IAAI,CAAC,aAAa,EAAE,eAAe;wBACnC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,IAAI,EACvC,CAAC;wBACD,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;oBAC/D,CAAC;yBAAM,CAAC;wBACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,mEAAmE,CACpE,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,wDAAwD,EACxD;gBACE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;gBAC7D,SAAS,EAAE,IAAI,CAAC,aAAa,EAAE,GAAG;aACnC,CACF,CAAC;YACF,gEAAgE;YAChE,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,uEAAuE,EACvE;gBACE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACpC,gBAAgB,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,MAAM;aACjE,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,SAAmB;QAC7C,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE;YAC/C,WAAW,EAAE,SAAS,CAAC,GAAG;YAC1B,aAAa,EAAE,SAAS,CAAC,KAAK;YAC9B,UAAU,EAAE,CAAC,CAAC,SAAS,CAAC,IAAI;YAC5B,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM;SAChC,CAAC,CAAC;QAEH,MAAM,cAAc,GAAG,IAAI,cAAc,CACvC;YACE,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC1B,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,EACD,IAAI,CAAC,aAAa,EAClB,CAAC,KAAa,EAAE,EAAE,CAChB,IAAI,CAAC,WAAW,CAAC,KAAK,IAAI,IAAI,KAAK,CAAC,uBAAuB,CAAC,CAAC,EAC/D,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,EAAE,CACrB,CAAC;QAEF,IAAI,CAAC,cAAc,GAAG,cAAc,CAAC,CAAC,kBAAkB;QAExD,IAAI,CAAC;YACH,cAAc,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;YAChC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QACpE,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE;gBACjD,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aAC9D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,+BAA+B;QACrC,4EAA4E;QAC5E,IAAI,kBAAkB,GAAuB,SAAS,CAAC;QACvD,IAAI,YAAY,GAAG,EAAE,CAAC;QAEtB,MAAM,qBAAqB,GAAG,GAAG,EAAE;YACjC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,aAAa,EAAE,CAAC;gBACvC,IAAI,kBAAkB,EAAE,CAAC;oBACvB,aAAa,CAAC,kBAAkB,CAAC,CAAC;gBACpC,CAAC;gBACD,OAAO;YACT,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAElE,IAAI,UAAU,KAAK,YAAY,EAAE,CAAC;oBAChC,YAAY,GAAG,UAAU,CAAC;oBAC1B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,+BAA+B,EAAE;wBAChD,MAAM,EAAE,UAAU;wBAClB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;wBACpC,aAAa,EAAE,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;qBAC9D,CAAC,CAAC;oBAEH,oDAAoD;oBACpD,IAAI,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;wBACnD,6CAA6C;wBAC7C,IAAI,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC;wBAC3B,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,kEAAkE,EAClE;4BACE,WAAW,EAAE,UAAU;4BACvB,kBAAkB,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe;4BACxD,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,IAAI;yBACpD,CACF,CAAC;wBAEF,IAAI,kBAAkB,EAAE,CAAC;4BACvB,aAAa,CAAC,kBAAkB,CAAC,CAAC;wBACpC,CAAC;wBAED,uDAAuD;wBACvD,IACE,IAAI,CAAC,aAAa,CAAC,eAAe;4BAClC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,IAAI,EACvC,CAAC;4BACD,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,+CAA+C,EAC/C;gCACE,aAAa,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe;gCACnD,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,IAAI;gCACpD,WAAW,EAAE,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,GAAG;6BACpD,CACF,CAAC;4BACF,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,CAAC,CAAC;wBAC/D,CAAC;6BAAM,CAAC;4BACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,iEAAiE,EACjE;gCACE,kBAAkB,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe;gCACxD,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,IAAI;gCACnD,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,aAAa;6BAClC,CACF,CAAC;wBACJ,CAAC;wBAED,yEAAyE;wBACzE,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;oBACtC,CAAC;yBAAM,CAAC;wBACN,mCAAmC;wBACnC,IAAI,CAAC,2BAA2B,EAAE,CAAC;oBACrC,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,8CAA8C;gBAC9C,0CAA0C;gBAC1C,IAAI,YAAY,KAAK,cAAc,EAAE,CAAC;oBACpC,YAAY,GAAG,cAAc,CAAC;oBAC9B,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,2DAA2D,CAC5D,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,8DAA8D;QAC9D,qBAAqB,EAAE,CAAC;QACxB,kBAAkB,GAAG,MAAM,CAAC,WAAW,CAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;QAEpE,6CAA6C;QAC7C,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,CAAC;QACrC,IAAI,CAAC,OAAO,GAAG,GAAG,EAAE;YAClB,IAAI,kBAAkB,EAAE,CAAC;gBACvB,aAAa,CAAC,kBAAkB,CAAC,CAAC;YACpC,CAAC;YACD,eAAe,EAAE,CAAC;QACpB,CAAC,CAAC;IACJ,CAAC;IAEO,kBAAkB,CAAC,UAAkB;QAC3C,MAAM,SAAS,GAAG,IAAI,eAAe,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC;QAClE,MAAM,IAAI,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAErC,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;gBAC5D,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;gBACnC,QAAQ,EAAE,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC;aACnC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE;gBACtD,KAAK;gBACL,gBAAgB,EAAE,SAAS,CAAC,GAAG,CAAC,mBAAmB,CAAC;aACrD,CAAC,CAAC;YAEH,MAAM,SAAS,GAAG,IAAI,cAAc,CAClC,gBAAgB,KAAK,EAAE,EACvB,kBAAkB,CAAC,eAAe,CACnC,CAAC;YAEF,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE;gBAChD,MAAM,EAAE,SAAS,CAAC,OAAO;gBACzB,KAAK,EAAE,SAAS,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,KAAK;aACnD,CAAC,CAAC;YAEH,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IAEM,cAAc,CAAC,GAAW;QAC/B,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,yDAAyD,CAC1D,CAAC;YACF,IAAI,CAAC,WAAW,CACd,IAAI,cAAc,CAChB,0CAA0C,EAC1C,kBAAkB,CAAC,gBAAgB,CACpC,CACF,CAAC;YACF,OAAO;QACT,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,yDAAyD,CAC1D,CAAC;YACF,IAAI,CAAC,WAAW,CACd,IAAI,cAAc,CAChB,0CAA0C,EAC1C,kBAAkB,CAAC,cAAc,CAClC,CACF,CAAC;YACF,OAAO;QACT,CAAC;QACD,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,8BAA8B,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;QAC1D,IAAI,CAAC,aAAa,CAAC,GAAG,GAAG,GAAG,CAAC;QAC7B,0EAA0E;QAC1E,8EAA8E;IAChF,CAAC;IAED;;OAEG;IACI,iBAAiB,CAAC,OAAgB;QACvC,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC;QAChC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,mBAAmB,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;IACtD,CAAC;IAED;;OAEG;IACI,iBAAiB;QACtB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAED;;;;;;;;;;;;;;;;;OAiBG;IACI,kBAAkB,CAAC,GAAY;QACpC,IAAI,CAAC,IAAI,CAAC,aAAa;YAAE,OAAO,KAAK,CAAC;QAEtC,MAAM,WAAW,GAAG,IAAI,CAAC,aAAa,CAAC,iBAAiB,EAAE,CAAC;QAC3D,IAAI,CAAC,GAAG;YAAE,OAAO,WAAW,CAAC;QAE7B,OAAO,WAAW,IAAI,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,KAAK,GAAG,CAAC;IACrE,CAAC;IAED;;;;;OAKG;IACI,eAAe;QACpB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,CAAC;YAC1B,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC7C,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACI,eAAe;QACpB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,IAAI,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC;YACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,MAAM,CAAC,IAAI,CACd,0DAA0D,CAC3D,CAAC;QACJ,CAAC;IACH,CAAC;CACF","sourcesContent":["import { AuthEvent } from \"../../types/index.js\";\nimport type { AuthResult } from \"../../types/index.js\";\nimport type { ProcessedCivicAuthConfig } from \"../types/AuthTypes.js\";\nimport { CivicAuthError, CivicAuthErrorCode } from \"../types/AuthTypes.js\";\nimport { SignalObserver } from \"../../iframe/SignalObserver.js\";\nimport { IframeManager } from \"../../iframe/IframeManager.js\";\nimport type { createLogger } from \"../../utils/logger.js\";\nimport { createLogger as createLoggerFn } from \"../../utils/logger.js\";\nimport { WAIT_FOR_LOGIN_APP_BROWSER_DETECTION_TIMEOUT } from \"@/constants.js\";\n\nexport interface IframeAuthHandlerConfig {\n config: ProcessedCivicAuthConfig;\n logger: ReturnType<typeof createLogger>;\n onAuthSuccess: (result: AuthResult) => void;\n onAuthError: (error: Error) => void;\n cleanup: () => void;\n messageHandler: (event: MessageEvent) => void;\n}\n\nexport class IframeAuthHandler {\n private config: ProcessedCivicAuthConfig;\n private logger = createLoggerFn(\"iframe-auth\");\n private onAuthSuccess: (result: AuthResult) => void;\n private onAuthError: (error: Error) => void;\n private cleanup: () => void;\n private messageHandler: (event: MessageEvent) => void;\n private iframeManager?: IframeManager;\n private iframeElement?: HTMLIFrameElement;\n private signalObserver?: SignalObserver;\n private earlyAuthSuccessHandler: (event: CustomEvent) => void;\n private isPreloadEnabled: boolean; // Initialized from config\n\n constructor(handlerConfig: IframeAuthHandlerConfig) {\n this.config = handlerConfig.config;\n this.logger = handlerConfig.logger;\n this.onAuthSuccess = handlerConfig.onAuthSuccess;\n this.onAuthError = handlerConfig.onAuthError;\n this.cleanup = handlerConfig.cleanup;\n this.messageHandler = handlerConfig.messageHandler;\n\n // Set preload enabled state from config\n this.isPreloadEnabled = this.config.preloadIframe;\n\n // Listen for early auth success signals from login-app\n this.earlyAuthSuccessHandler = (event: CustomEvent) => {\n this.logger.info(\"Received early auth success signal from login-app\", {\n detail: event.detail,\n });\n\n // Close the modal immediately but keep iframe for callback processing\n if (this.iframeManager) {\n this.logger.info(\"Closing modal early due to auth success signal\");\n this.iframeManager.hide();\n\n // Emit event to notify that modal is closing early\n this.config.events?.emit(AuthEvent.SIGN_IN_STARTED, {\n detail: \"Modal closed early due to auth success signal\",\n });\n }\n };\n\n window.addEventListener(\n \"civic-auth-success-early\",\n this.earlyAuthSuccessHandler as EventListener,\n );\n\n // Set up postMessage listener for cross-origin communication\n window.addEventListener(\"message\", this.messageHandler);\n }\n\n /**\n * Preloads the iframe with the authentication URL for instant display later\n * This creates the iframe in the background but keeps it completely hidden\n */\n public async preloadIframe(fullAuthUrl: string): Promise<void> {\n if (!this.isPreloadEnabled) {\n this.logger.debug(\"Iframe preloading is disabled, skipping preload\");\n return;\n }\n\n this.logger.debug(\"Preloading iframe for instant sign-in\", {\n url: fullAuthUrl,\n });\n\n // Determine the actual display mode for IframeManager first\n const iframeDisplayMode = this.determineIframeDisplayMode();\n\n let container = this.getContainerElement();\n\n // For modal mode, if no container is provided, create one dynamically\n if (iframeDisplayMode === \"modal\" && !container) {\n container = this.createModalContainer();\n }\n\n if (!container) {\n const error = new CivicAuthError(\n \"Target container element not found for preloading. \" +\n \"For embedded iframe mode, provide a targetContainerElement or ensure an element with id 'civic-login-container' exists.\",\n CivicAuthErrorCode.CONTAINER_NOT_FOUND,\n );\n this.logger.error(error.message);\n throw error;\n }\n\n this.logger.debug(\"Creating IframeManager for preloading\", {\n url: fullAuthUrl,\n containerId: container?.id,\n iframeId: this.config.iframeId,\n origin: window.location.origin,\n iframeDisplayMode,\n });\n\n // Create IframeManager with appropriate display mode\n this.iframeManager = new IframeManager({\n container: container,\n displayMode: iframeDisplayMode,\n iframeId: this.config.iframeId,\n onClose: () => {\n this.logger.debug(\"Authentication close requested during preload\");\n // For preload, we don't want to trigger auth error, just cleanup\n this.cleanupIframe();\n },\n });\n\n // Preload the iframe using IframeManager\n this.iframeElement = this.iframeManager.preloadIframe(fullAuthUrl);\n\n // Set up event handlers for the preloaded iframe\n this.setupIframeEventHandlers();\n this.setupIframeNavigationMonitoring();\n\n this.logger.debug(\"Iframe preloaded successfully\", { url: fullAuthUrl });\n }\n\n public async handleIframeAuth(\n fullAuthUrl: string,\n ): Promise<HTMLIFrameElement> {\n // Check if we have a preloaded iframe that we can show instantly\n // We use the preloaded iframe if available, even if URLs don't exactly match,\n // since PKCE challenges and other parameters may differ between preload and actual auth\n if (this.iframeManager?.isIframePreloaded() && this.iframeElement) {\n const preloadedUrl = this.iframeManager.getPreloadedUrl();\n this.logger.debug(\"Using preloaded iframe for instant sign-in\", {\n preloadedUrl,\n requestedUrl: fullAuthUrl,\n urlsMatch: preloadedUrl === fullAuthUrl,\n });\n\n // Don't change iframe.src for preloaded iframes - use them as-is to avoid reload\n // The preloaded authentication flow will work perfectly without URL changes\n this.logger.debug(\"Using preloaded iframe without reload\", {\n preloadedUrl,\n requestedUrl: fullAuthUrl,\n action: \"skipping_url_change_to_prevent_reload\",\n });\n\n // Update the onClose handler for active authentication\n // During preload, onClose only cleaned up, but during active auth it should emit error events\n this.iframeManager.updateOnCloseHandler(() => {\n this.logger.debug(\n \"Authentication close requested by user (backdrop click, close button, or Escape key)\",\n );\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication cancelled by user\",\n });\n\n const error = new CivicAuthError(\n \"Authentication cancelled by user\",\n CivicAuthErrorCode.USER_CANCELLED,\n );\n\n this.onAuthError(error);\n this.cleanup();\n });\n\n // Show the preloaded iframe instantly\n this.iframeElement = this.iframeManager.createIframe(fullAuthUrl);\n\n this.config.events?.emit(AuthEvent.SIGN_IN_STARTED, {\n detail: \"Preloaded iframe displayed instantly\",\n });\n\n return this.iframeElement;\n }\n\n // Fallback to creating a new iframe if no preload is available\n this.logger.debug(\"No preloaded iframe available, creating new iframe\", {\n url: fullAuthUrl,\n });\n\n // Determine the actual display mode for IframeManager first\n const iframeDisplayMode = this.determineIframeDisplayMode();\n\n let container = this.getContainerElement();\n\n // For modal mode, if no container is provided, create one dynamically\n if (iframeDisplayMode === \"modal\" && !container) {\n container = this.createModalContainer();\n }\n\n if (!container) {\n const error = new CivicAuthError(\n \"Target container element not found. \" +\n \"For embedded iframe mode, provide a targetContainerElement or ensure an element with class id 'civic-login-container' exists.\",\n CivicAuthErrorCode.CONTAINER_NOT_FOUND,\n );\n this.logger.error(error.message);\n throw error;\n }\n\n this.logger.debug(\"Creating iframe with modal backdrop\", {\n url: fullAuthUrl,\n containerId: container?.id,\n iframeId: this.config.iframeId,\n origin: window.location.origin,\n iframeDisplayMode,\n containerCreated:\n iframeDisplayMode === \"modal\" && !this.config.targetContainerElement,\n });\n\n this.logger.debug(\n `🎯 CivicAuth: Creating IframeManager with display mode: ${iframeDisplayMode}`,\n );\n\n // Create IframeManager with appropriate display mode\n this.iframeManager = new IframeManager({\n container: container,\n displayMode: iframeDisplayMode,\n iframeId: this.config.iframeId,\n /**\n * Handles iframe closure events initiated by the user.\n * This includes backdrop clicks, close button clicks, or Escape key presses.\n * Emits an error event and cleans up the authentication process.\n */\n onClose: () => {\n this.logger.debug(\n \"Authentication close requested by user (backdrop click, close button, or Escape key)\",\n );\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Authentication cancelled by user\",\n });\n\n const error = new CivicAuthError(\n \"Authentication cancelled by user\",\n CivicAuthErrorCode.USER_CANCELLED,\n );\n\n this.onAuthError(error);\n this.cleanup();\n },\n });\n\n // Create the iframe using IframeManager\n this.iframeElement = this.iframeManager.createIframe(fullAuthUrl);\n\n this.config.events?.emit(AuthEvent.SIGN_IN_STARTED, {\n detail: \"Iframe created with modal backdrop\",\n });\n\n this.setupIframeEventHandlers();\n this.setupIframeNavigationMonitoring();\n\n return this.iframeElement;\n }\n\n public getIframeManager(): IframeManager | undefined {\n return this.iframeManager;\n }\n\n public getIframeElement(): HTMLIFrameElement | undefined {\n return this.iframeElement;\n }\n\n public cleanupIframe(): void {\n this.logger.debug(\"Cleaning up iframe manager\");\n\n // Check if we're in embedded mode - if so, preserve the iframe completely\n const isEmbeddedMode = this.iframeManager?.getDisplayMode() === \"embedded\";\n\n if (isEmbeddedMode) {\n // For embedded mode, do NOT cleanup anything - keep iframe visible in its current state\n this.logger.debug(\n \"Embedded mode detected - preserving iframe in its current state, no cleanup\",\n );\n // Only clean up event listeners but keep iframe and all DOM structure intact\n if (this.earlyAuthSuccessHandler) {\n window.removeEventListener(\n \"civic-auth-success-early\",\n this.earlyAuthSuccessHandler as EventListener,\n );\n }\n // Keep iframe element reference for embedded mode\n return;\n }\n\n // For modal mode, do full cleanup as before\n this.iframeManager?.cleanup();\n this.iframeManager = undefined;\n\n if (this.iframeElement) {\n this.iframeElement = undefined;\n }\n\n // Remove early auth success event listener\n if (this.earlyAuthSuccessHandler) {\n window.removeEventListener(\n \"civic-auth-success-early\",\n this.earlyAuthSuccessHandler as EventListener,\n );\n }\n\n // Clean up dynamically created modal containers\n this.cleanupDynamicModalContainer();\n }\n\n private cleanupDynamicModalContainer(): void {\n // Only clean up containers we created dynamically (not user-provided ones)\n if (!this.config.targetContainerElement) {\n const dynamicContainer = document.querySelector(\n `[data-civic-auth-modal=\"true\"]#${this.config.iframeId}-modal-container`,\n );\n\n if (dynamicContainer && dynamicContainer.parentNode) {\n this.logger.debug(\"Removing dynamic modal container\", {\n containerId: dynamicContainer.id,\n });\n dynamicContainer.parentNode.removeChild(dynamicContainer);\n }\n }\n }\n\n private createModalContainer(): HTMLElement {\n const container = document.createElement(\"div\");\n container.id = `${this.config.iframeId}-modal-container`;\n container.setAttribute(\"data-civic-auth-modal\", \"true\");\n\n // Append to body for modal overlay\n document.body.appendChild(container);\n\n this.logger.debug(\"Created dynamic modal container\", {\n containerId: container.id,\n });\n\n return container;\n }\n\n private getContainerElement(): HTMLElement | null {\n if (typeof this.config.targetContainerElement === \"string\") {\n const element = document.getElementById(\n this.config.targetContainerElement,\n );\n if (!element) {\n this.logger.warn(\n `Container element with ID \"${this.config.targetContainerElement}\" not found`,\n );\n }\n return element;\n }\n\n if (this.config.targetContainerElement) {\n return this.config.targetContainerElement;\n }\n\n // Fallback: Look for element with id \"civic-login-container\"\n const fallbackContainer = document.getElementById(\n \"civic-login-container\",\n ) as HTMLElement;\n if (fallbackContainer) {\n this.logger.debug(\n 'Using fallback container with id \"civic-login-container\"',\n );\n return fallbackContainer;\n }\n\n return null;\n }\n\n private determineIframeDisplayMode(): \"modal\" | \"embedded\" {\n // Priority 1: Explicit iframeDisplayMode setting from config\n // This is the most specific instruction for how the iframe itself should be styled.\n if (this.config.iframeDisplayMode) {\n this.logger.debug(\n `Using configured iframeDisplayMode: ${this.config.iframeDisplayMode}`,\n );\n return this.config.iframeDisplayMode;\n }\n\n // Priority 2: If iframeDisplayMode is NOT set, and the overall displayMode is \"iframe\",\n // default the iframe's own rendering style to \"modal\" (user-friendly default).\n // To get an embedded iframe, iframeDisplayMode: \"embedded\" should be set explicitly.\n if (this.config.displayMode === \"iframe\") {\n this.logger.debug(\n \"Overall displayMode is 'iframe' and iframeDisplayMode is not set, defaulting iframe style to 'modal'.\",\n );\n return \"modal\";\n }\n\n // Fallback for unexpected scenarios or if IframeAuthHandler is invoked with other displayModes.\n this.logger.warn(\n `determineIframeDisplayMode called with overall displayMode: '${this.config.displayMode}' ` +\n `and no explicit iframeDisplayMode. Defaulting iframe style to 'modal'.`,\n );\n return \"modal\";\n }\n\n private setupIframeEventHandlers(): void {\n if (!this.iframeElement) return;\n\n this.iframeElement.onload = () => {\n this.logger.info(\"Iframe loaded\", {\n iframeSrc: this.iframeElement?.src,\n currentOrigin: window.location.origin,\n expectedAuthServerOrigin: new URL(this.config.oauthServerBaseUrl)\n .origin,\n });\n\n if (!this.iframeElement?.contentWindow) {\n const errorMsg = \"Iframe content window not available after load.\";\n this.logger.error(errorMsg, {\n iframeSrc: this.iframeElement?.src,\n });\n\n const error = new Error(errorMsg);\n this.onAuthError(error);\n this.cleanup();\n return;\n }\n this.logger.info(\n \"Added cross-origin message event listener for auth server communication\",\n {\n parentOrigin: window.location.origin,\n authServerOrigin: new URL(this.config.oauthServerBaseUrl).origin,\n },\n );\n\n // Hide iframe content if it's not the login app\n this.checkAndHideNonLoginContent();\n\n // Try to detect redirect to our domain\n this.checkIframeRedirect();\n };\n\n this.iframeElement.onerror = (event) => {\n this.logger.error(\"Iframe load error\", {\n event,\n iframeSrc: this.iframeElement?.src,\n currentOrigin: window.location.origin,\n });\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: \"Iframe load error\",\n error: event,\n });\n\n const error = new Error(\"Iframe failed to load.\");\n this.onAuthError(error);\n this.cleanup();\n };\n }\n\n private checkAndHideNonLoginContent(): void {\n try {\n const currentUrl = this.iframeElement?.contentWindow?.location.href;\n if (currentUrl) {\n const currentOrigin = new URL(currentUrl).origin;\n const expectedAuthServerOrigin = this.config.oauthServerBaseUrl\n ? new URL(this.config.oauthServerBaseUrl).origin\n : null;\n const isOnAuthServer = expectedAuthServerOrigin\n ? currentOrigin === expectedAuthServerOrigin\n : false;\n const isCallbackUrl = this.config.redirectUrl\n ? currentUrl.startsWith(this.config.redirectUrl)\n : false;\n\n if (isOnAuthServer && !isCallbackUrl) {\n this.logger.info(\n \"👀 Showing iframe content - confirmed login app on auth server origin\",\n {\n currentUrl,\n isOnAuthServer,\n isCallbackUrl,\n currentOrigin,\n expectedAuthServerOrigin,\n },\n );\n this.iframeManager?.forceHideLoader();\n } else {\n this.logger.info(\n \"🙈 Hiding iframe completely - not login app or on callback URL\",\n {\n currentUrl,\n isOnAuthServer,\n isCallbackUrl,\n currentOrigin,\n expectedAuthServerOrigin,\n reason: !isOnAuthServer\n ? expectedAuthServerOrigin\n ? \"not on auth server (origin mismatch)\"\n : \"auth server origin unknown\"\n : \"on callback URL (or origin mismatch for login page)\",\n },\n );\n\n if (isCallbackUrl) {\n this.iframeManager?.hide();\n } else {\n this.iframeManager?.forceShowLoader();\n }\n }\n }\n } catch (error) {\n this.logger.debug(\n \"Cannot access iframe URL (likely cross-origin) - assuming login app, showing content.\",\n { error: error instanceof Error ? error.message : String(error) },\n );\n setTimeout(() => {\n // Force hide loader after a short delay to ensure any initial loading is complete\n // to give the login-app time to send any post message signals\n this.iframeManager?.forceHideLoader();\n }, WAIT_FOR_LOGIN_APP_BROWSER_DETECTION_TIMEOUT);\n }\n }\n\n private checkIframeRedirect(): void {\n try {\n const currentIframeHref =\n this.iframeElement?.contentWindow?.location.href;\n const currentIframeOrigin =\n this.iframeElement?.contentWindow?.location.origin;\n const currentIframePath =\n this.iframeElement?.contentWindow?.location.pathname;\n if (currentIframeHref) {\n this.logger.debug(\"Iframe current href accessible\", {\n href: currentIframeHref,\n redirectUrl: this.config.redirectUrl,\n startsWithRedirect: currentIframeHref.startsWith(\n this.config.redirectUrl,\n ),\n });\n // In Safari, the iframe manager may not catch the previous URL changes\n // and we only get the current URL after the redirect to the successful login\n // in this case we want to reload the page as we should have a valid session\n if (\n !(\n currentIframePath === \"/login\" &&\n currentIframeOrigin?.endsWith(\"civic.com\")\n ) && // special case for civic same-domain portal/login-app\n currentIframeOrigin === new URL(this.config.redirectUrl).origin &&\n !currentIframeHref.startsWith(this.config.redirectUrl) // we don't want to reload if we're on the redirect as we need to handle callback\n ) {\n this.logger.info(\n \"Iframe has navigated to the success URL, reloading the page to reflect the new state.\",\n );\n this.config.events?.emit(AuthEvent.URL_CHANGE, {\n url: currentIframeHref,\n source: \"login\", // this means the page will do a 'hard' reload which is required for the UserButton etc. to take state changes into account\n });\n this.iframeManager?.hide();\n return;\n }\n if (currentIframeHref.startsWith(this.config.redirectUrl)) {\n this.logger.info(\n \"Iframe has navigated to redirectUrl (same-origin). Setting up DOM observer.\",\n );\n\n // Hide content since we're on callback page now\n this.checkAndHideNonLoginContent();\n\n // Set up signal observer for same-origin callback page\n if (\n this.iframeElement?.contentDocument &&\n this.iframeElement.contentDocument.body\n ) {\n this.setupSignalObserver(this.iframeElement.contentDocument);\n } else {\n this.logger.warn(\n \"Iframe content document or body not available for signal observer\",\n );\n }\n }\n }\n } catch (error) {\n this.logger.debug(\n \"Error checking iframe href (expected for cross-origin)\",\n {\n error: error instanceof Error ? error.message : String(error),\n iframeSrc: this.iframeElement?.src,\n },\n );\n // This is expected when the iframe is on the auth server domain\n this.logger.info(\n \"Iframe is on auth server domain - using postMessage for communication\",\n {\n parentOrigin: window.location.origin,\n authServerOrigin: new URL(this.config.oauthServerBaseUrl).origin,\n },\n );\n }\n }\n\n private setupSignalObserver(iframeDoc: Document): void {\n this.logger.info(\"📝 Setting up SignalObserver\", {\n documentURL: iframeDoc.URL,\n documentTitle: iframeDoc.title,\n bodyExists: !!iframeDoc.body,\n textSignals: this.config.textSignals,\n hasEvents: !!this.config.events,\n });\n\n const signalObserver = new SignalObserver(\n {\n textSignals: this.config.textSignals,\n events: this.config.events,\n logger: this.logger,\n },\n this.onAuthSuccess,\n (error?: Error) =>\n this.onAuthError(error || new Error(\"Signal observer error\")),\n () => this.cleanup(),\n );\n\n this.signalObserver = signalObserver; // Store reference\n\n try {\n signalObserver.setup(iframeDoc);\n this.logger.info(\"✅ SignalObserver setup completed successfully\");\n } catch (error) {\n this.logger.error(\"❌ SignalObserver setup failed\", {\n error: error instanceof Error ? error.message : String(error),\n });\n }\n }\n\n private setupIframeNavigationMonitoring(): void {\n // Monitor iframe navigation to detect when it redirects to our callback URL\n let monitoringInterval: number | undefined = undefined;\n let lastKnownUrl = \"\";\n\n const checkIframeNavigation = () => {\n if (!this.iframeElement?.contentWindow) {\n if (monitoringInterval) {\n clearInterval(monitoringInterval);\n }\n return;\n }\n\n try {\n const currentUrl = this.iframeElement.contentWindow.location.href;\n\n if (currentUrl !== lastKnownUrl) {\n lastKnownUrl = currentUrl;\n this.logger.info(\"🔍 Iframe navigation detected\", {\n newUrl: currentUrl,\n redirectUrl: this.config.redirectUrl,\n isCallbackUrl: currentUrl.startsWith(this.config.redirectUrl),\n });\n\n // Check if iframe has navigated to our callback URL\n if (currentUrl.startsWith(this.config.redirectUrl)) {\n // Hide immediately on callback URL detection\n this.iframeManager?.hide();\n this.logger.info(\n \"🎯 Iframe navigated to callback URL - setting up signal observer\",\n {\n callbackUrl: currentUrl,\n hasContentDocument: !!this.iframeElement.contentDocument,\n hasBody: !!this.iframeElement.contentDocument?.body,\n },\n );\n\n if (monitoringInterval) {\n clearInterval(monitoringInterval);\n }\n\n // Set up signal observer for same-origin callback page\n if (\n this.iframeElement.contentDocument &&\n this.iframeElement.contentDocument.body\n ) {\n this.logger.info(\n \"✅ Setting up SignalObserver for callback page\",\n {\n documentReady: !!this.iframeElement.contentDocument,\n bodyReady: !!this.iframeElement.contentDocument.body,\n documentURL: this.iframeElement.contentDocument.URL,\n },\n );\n this.setupSignalObserver(this.iframeElement.contentDocument);\n } else {\n this.logger.warn(\n \"❌ Cannot set up SignalObserver - iframe document not accessible\",\n {\n hasContentDocument: !!this.iframeElement.contentDocument,\n hasBody: !!this.iframeElement.contentDocument?.body,\n iframeReady: !!this.iframeElement,\n },\n );\n }\n\n // Also check for URL parameters (code, error) in case of direct callback\n this.processCallbackUrl(currentUrl);\n } else {\n // Hide content if not on login app\n this.checkAndHideNonLoginContent();\n }\n }\n } catch {\n // Expected when iframe is on different origin\n // Only log if we haven't seen this before\n if (lastKnownUrl !== \"cross-origin\") {\n lastKnownUrl = \"cross-origin\";\n this.logger.debug(\n \"Iframe on cross-origin domain (expected during auth flow)\",\n );\n }\n }\n };\n\n // Check immediately and then every 100ms for faster detection\n checkIframeNavigation();\n monitoringInterval = window.setInterval(checkIframeNavigation, 100);\n\n // Store cleanup function to clear monitoring\n const originalCleanup = this.cleanup;\n this.cleanup = () => {\n if (monitoringInterval) {\n clearInterval(monitoringInterval);\n }\n originalCleanup();\n };\n }\n\n private processCallbackUrl(currentUrl: string): void {\n const urlParams = new URLSearchParams(new URL(currentUrl).search);\n const code = urlParams.get(\"code\");\n const error = urlParams.get(\"error\");\n\n if (code) {\n this.logger.info(\"Authorization code detected in iframe URL\", {\n code: code.substring(0, 10) + \"...\",\n hasState: !!urlParams.get(\"state\"),\n });\n }\n\n if (error) {\n this.logger.error(\"OAuth error detected in iframe URL\", {\n error,\n errorDescription: urlParams.get(\"error_description\"),\n });\n\n const authError = new CivicAuthError(\n `OAuth error: ${error}`,\n CivicAuthErrorCode.INVALID_MESSAGE,\n );\n\n this.config.events?.emit(AuthEvent.SIGN_IN_ERROR, {\n detail: authError.message,\n error: urlParams.get(\"error_description\") || error,\n });\n\n this.onAuthError(authError);\n }\n }\n\n public navigateIframe(url: string): void {\n if (!this.iframeElement) {\n this.logger.error(\n \"Cannot navigate iframe, iframeElement is not available.\",\n );\n this.onAuthError(\n new CivicAuthError(\n \"Iframe element not found for navigation.\",\n CivicAuthErrorCode.IFRAME_NOT_FOUND,\n ),\n );\n return;\n }\n if (!this.iframeManager) {\n this.logger.error(\n \"Cannot navigate iframe, iframeManager is not available.\",\n );\n this.onAuthError(\n new CivicAuthError(\n \"Iframe manager not found for navigation.\",\n CivicAuthErrorCode.INTERNAL_ERROR,\n ),\n );\n return;\n }\n this.logger.info(\"Navigating iframe to new URL\", { url });\n this.iframeElement.src = url;\n // After changing src, existing onload/onmessage handlers in IframeManager\n // and navigation monitoring in this class should manage visibility and state.\n }\n\n /**\n * Enable or disable iframe preloading\n */\n public setPreloadEnabled(enabled: boolean): void {\n this.isPreloadEnabled = enabled;\n this.logger.debug(\"Iframe preloading\", { enabled });\n }\n\n /**\n * Check if iframe preloading is enabled\n */\n public getPreloadEnabled(): boolean {\n return this.isPreloadEnabled;\n }\n\n /**\n * Check if an iframe is currently preloaded and ready for instant display\n *\n * This function helps optimize user experience by determining if we can show\n * a preloaded iframe immediately instead of loading a new one. The logic:\n *\n * 1. Returns false if no iframe manager exists (can't have preloaded content)\n * 2. Checks if any iframe is currently preloaded via the iframe manager\n * 3. If no specific URL is provided, returns whether any iframe is preloaded\n * 4. If a URL is provided, ensures both that an iframe is preloaded AND\n * that it contains the exact URL we need\n *\n * This prevents unnecessary iframe reloads when the user triggers auth flows\n * with the same URL that's already loaded and ready to display.\n *\n * @param url - Optional URL to match against the preloaded iframe's URL\n * @returns true if a suitable preloaded iframe exists, false otherwise\n */\n public hasPreloadedIframe(url?: string): boolean {\n if (!this.iframeManager) return false;\n\n const isPreloaded = this.iframeManager.isIframePreloaded();\n if (!url) return isPreloaded;\n\n return isPreloaded && this.iframeManager.getPreloadedUrl() === url;\n }\n\n /**\n * Force the iframe to hide, even if it is currently showing\n *\n * This is useful for cleanup or when you want to ensure the iframe is not visible\n * regardless of its current state.\n */\n public forceHideIframe(): void {\n if (this.iframeManager) {\n this.iframeManager.hide();\n this.logger.debug(\"Forced iframe to hide\");\n } else {\n this.logger.warn(\n \"Cannot force hide iframe, iframe manager not initialized\",\n );\n }\n }\n\n /**\n * Force the iframe to show the loading indicator\n */\n public forceShowLoader(): void {\n if (this.iframeManager) {\n this.iframeManager.forceShowLoader();\n this.logger.debug(\"Forced iframe loader to show\");\n } else {\n this.logger.warn(\n \"Cannot force show loader, iframe manager not initialized\",\n );\n }\n }\n}\n"]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@civic/auth",
3
- "version": "0.10.0-beta.0",
3
+ "version": "0.10.0-beta.2",
4
4
  "type": "module",
5
5
  "main": "./dist/index.js",
6
6
  "module": "./dist/index.js",