@credo-ts/openid4vc 0.6.1-pr-2091-20241119140918 → 0.6.1

package/build/openid4vc-holder/OpenId4VciHolderService.js

@@ -1,569 +0,0 @@
-"use strict";
-var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
-    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
-    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
-    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
-    return c > 3 && r && Object.defineProperty(target, key, r), r;
-};
-var __metadata = (this && this.__metadata) || function (k, v) {
-    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
-};
-var __param = (this && this.__param) || function (paramIndex, decorator) {
-    return function (target, key) { decorator(target, key, paramIndex); }
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.OpenId4VciHolderService = void 0;
-const oauth2_1 = require("@animo-id/oauth2");
-const oid4vci_1 = require("@animo-id/oid4vci");
-const core_1 = require("@credo-ts/core");
-const shared_1 = require("../shared");
-const callbacks_1 = require("../shared/callbacks");
-const issuerMetadataUtils_1 = require("../shared/issuerMetadataUtils");
-const utils_1 = require("../shared/utils");
-const OpenId4VciHolderServiceOptions_1 = require("./OpenId4VciHolderServiceOptions");
-let OpenId4VciHolderService = class OpenId4VciHolderService {
-    constructor(logger, w3cCredentialService, jwsService) {
-        this.w3cCredentialService = w3cCredentialService;
-        this.jwsService = jwsService;
-        this.logger = logger;
-    }
-    async resolveIssuerMetadata(agentContext, credentialIssuer) {
-        const client = this.getClient(agentContext);
-        const metadata = await client.resolveIssuerMetadata(credentialIssuer);
-        this.logger.debug('fetched credential issuer metadata', { metadata });
-        return metadata;
-    }
-    async resolveCredentialOffer(agentContext, credentialOffer) {
-        const client = this.getClient(agentContext);
-        const credentialOfferObject = await client.resolveCredentialOffer(credentialOffer);
-        const metadata = await client.resolveIssuerMetadata(credentialOfferObject.credential_issuer);
-        this.logger.debug('fetched credential offer and issuer metadata', { metadata, credentialOfferObject });
-        const credentialConfigurationsSupported = (0, issuerMetadataUtils_1.getOfferedCredentials)(credentialOfferObject.credential_configuration_ids, client.getKnownCredentialConfigurationsSupported(metadata.credentialIssuer));
-        return {
-            metadata,
-            offeredCredentialConfigurations: credentialConfigurationsSupported,
-            credentialOfferPayload: credentialOfferObject,
-        };
-    }
-    async resolveAuthorizationRequest(agentContext, resolvedCredentialOffer, authCodeFlowOptions) {
-        var _a, _b;
-        const { clientId, redirectUri } = authCodeFlowOptions;
-        const { metadata, credentialOfferPayload, offeredCredentialConfigurations } = resolvedCredentialOffer;
-        const client = this.getClient(agentContext);
-        // If scope is not provided, we request scope for all offered credentials
-        const scope = (_a = authCodeFlowOptions.scope) !== null && _a !== void 0 ? _a : (0, issuerMetadataUtils_1.getScopesFromCredentialConfigurationsSupported)(offeredCredentialConfigurations);
-        const authorizationResult = await client.initiateAuthorization({
-            clientId,
-            issuerMetadata: metadata,
-            credentialOffer: credentialOfferPayload,
-            scope: scope.join(' '),
-            redirectUri,
-        });
-        if (authorizationResult.authorizationFlow === oid4vci_1.AuthorizationFlow.PresentationDuringIssuance) {
-            return {
-                authorizationFlow: oid4vci_1.AuthorizationFlow.PresentationDuringIssuance,
-                oid4vpRequestUrl: authorizationResult.oid4vpRequestUrl,
-                authSession: authorizationResult.authSession,
-            };
-        }
-        // Normal Oauth2Redirect flow
-        return {
-            authorizationFlow: oid4vci_1.AuthorizationFlow.Oauth2Redirect,
-            codeVerifier: (_b = authorizationResult.pkce) === null || _b === void 0 ? void 0 : _b.codeVerifier,
-            authorizationRequestUrl: authorizationResult.authorizationRequestUrl,
-        };
-    }
-    async sendNotification(agentContext, options) {
-        const client = this.getClient(agentContext);
-        await client.sendNotification({
-            accessToken: options.accessToken,
-            dpop: options.dpop
-                ? await this.getDpopOptions(agentContext, Object.assign(Object.assign({}, options.dpop), { dpopSigningAlgValuesSupported: [options.dpop.alg] }))
-                : undefined,
-            issuerMetadata: options.metadata,
-            notification: {
-                event: options.notificationEvent,
-                notificationId: options.notificationId,
-            },
-        });
-    }
-    async getDpopOptions(agentContext, { jwk, dpopSigningAlgValuesSupported, nonce, }) {
-        if (jwk) {
-            const alg = dpopSigningAlgValuesSupported.find((alg) => jwk.supportedSignatureAlgorithms.includes(alg));
-            if (!alg) {
-                throw new core_1.CredoError(`No supported dpop signature algorithms found in dpop_signing_alg_values_supported '${dpopSigningAlgValuesSupported.join(', ')}' matching key type ${jwk.keyType}`);
-            }
-            return {
-                signer: {
-                    method: 'jwk',
-                    alg,
-                    publicJwk: jwk.toJson(),
-                },
-                nonce,
-            };
-        }
-        const alg = dpopSigningAlgValuesSupported.find((alg) => (0, core_1.getJwkClassFromJwaSignatureAlgorithm)(alg));
-        const JwkClass = alg ? (0, core_1.getJwkClassFromJwaSignatureAlgorithm)(alg) : undefined;
-        if (!alg || !JwkClass) {
-            throw new core_1.CredoError(`No supported dpop signature algorithms found in dpop_signing_alg_values_supported '${dpopSigningAlgValuesSupported.join(', ')}'`);
-        }
-        const key = await agentContext.wallet.createKey({ keyType: JwkClass.keyType });
-        return {
-            signer: {
-                method: 'jwk',
-                alg,
-                publicJwk: (0, core_1.getJwkFromKey)(key).toJson(),
-            },
-            nonce,
-        };
-    }
-    async retrieveAuthorizationCodeUsingPresentation(agentContext, options) {
-        const client = this.getClient(agentContext);
-        // TODO: support dpop on this endpoint as well
-        // const dpop = options.dpop
-        //   ? await this.getDpopOptions(agentContext, {
-        //       ...options.dpop,
-        //       dpopSigningAlgValuesSupported: [options.dpop.alg],
-        //     })
-        //   : undefined
-        // TODO: we should support DPoP in this request as well
-        const { authorizationChallengeResponse } = await client.retrieveAuthorizationCodeUsingPresentation({
-            authSession: options.authSession,
-            presentationDuringIssuanceSession: options.presentationDuringIssuanceSession,
-            credentialOffer: options.resolvedCredentialOffer.credentialOfferPayload,
-            issuerMetadata: options.resolvedCredentialOffer.metadata,
-            // dpop
-        });
-        return {
-            authorizationCode: authorizationChallengeResponse.authorization_code,
-        };
-    }
-    async requestAccessToken(agentContext, options) {
-        var _a, _b, _c, _d;
-        const { metadata, credentialOfferPayload } = options.resolvedCredentialOffer;
-        const client = this.getClient(agentContext);
-        const oauth2Client = this.getOauth2Client(agentContext);
-        const authorizationServer = options.code
-            ? (_b = (_a = credentialOfferPayload.grants) === null || _a === void 0 ? void 0 : _a.authorization_code) === null || _b === void 0 ? void 0 : _b.authorization_server
-            : (_d = (_c = credentialOfferPayload.grants) === null || _c === void 0 ? void 0 : _c[oauth2_1.preAuthorizedCodeGrantIdentifier]) === null || _d === void 0 ? void 0 : _d.authorization_server;
-        const authorizationServerMetadata = (0, oauth2_1.getAuthorizationServerMetadataFromList)(metadata.authorizationServers, authorizationServer !== null && authorizationServer !== void 0 ? authorizationServer : metadata.authorizationServers[0].issuer);
-        // TODO: should allow dpop input parameter for if it was already bound earlier
-        const isDpopSupported = oauth2Client.isDpopSupported({
-            authorizationServerMetadata,
-        });
-        const dpop = isDpopSupported.supported
-            ? await this.getDpopOptions(agentContext, {
-                dpopSigningAlgValuesSupported: isDpopSupported.dpopSigningAlgValuesSupported,
-            })
-            : undefined;
-        const result = options.code
-            ? await client.retrieveAuthorizationCodeAccessTokenFromOffer({
-                issuerMetadata: metadata,
-                credentialOffer: credentialOfferPayload,
-                authorizationCode: options.code,
-                dpop,
-                pkceCodeVerifier: options.codeVerifier,
-                redirectUri: options.redirectUri,
-                additionalRequestPayload: {
-                    // TODO: handle it as part of client auth once we support
-                    // assertion based client authentication
-                    client_id: options.clientId,
-                },
-            })
-            : await client.retrievePreAuthorizedCodeAccessTokenFromOffer({
-                credentialOffer: credentialOfferPayload,
-                issuerMetadata: metadata,
-                dpop,
-                txCode: options.txCode,
-            });
-        return Object.assign(Object.assign({}, result), { dpop: dpop
-                ? Object.assign(Object.assign({}, result.dpop), { alg: dpop.signer.alg, jwk: (0, core_1.getJwkFromJson)(dpop.signer.publicJwk) }) : undefined });
-    }
-    async acceptCredentialOffer(agentContext, options) {
-        var _a, _b, _c, _d;
-        const { resolvedCredentialOffer, acceptCredentialOfferOptions } = options;
-        const { metadata, offeredCredentialConfigurations } = resolvedCredentialOffer;
-        const { credentialConfigurationIds, credentialBindingResolver, verifyCredentialStatus, requestBatch } = acceptCredentialOfferOptions;
-        const client = this.getClient(agentContext);
-        if ((credentialConfigurationIds === null || credentialConfigurationIds === void 0 ? void 0 : credentialConfigurationIds.length) === 0) {
-            throw new core_1.CredoError(`'credentialConfigurationIds' may not be empty`);
-        }
-        const supportedJwaSignatureAlgorithms = (0, utils_1.getSupportedJwaSignatureAlgorithms)(agentContext);
-        const allowedProofOfPossessionSigAlgs = acceptCredentialOfferOptions.allowedProofOfPossessionSignatureAlgorithms;
-        const possibleProofOfPossessionSigAlgs = allowedProofOfPossessionSigAlgs
-            ? allowedProofOfPossessionSigAlgs.filter((algorithm) => supportedJwaSignatureAlgorithms.includes(algorithm))
-            : supportedJwaSignatureAlgorithms;
-        if (possibleProofOfPossessionSigAlgs.length === 0) {
-            throw new core_1.CredoError([
-                `No possible proof of possession signature algorithm found.`,
-                `Signature algorithms supported by the Agent '${supportedJwaSignatureAlgorithms.join(', ')}'`,
-                `Allowed Signature algorithms '${allowedProofOfPossessionSigAlgs === null || allowedProofOfPossessionSigAlgs === void 0 ? void 0 : allowedProofOfPossessionSigAlgs.join(', ')}'`,
-            ].join('\n'));
-        }
-        const receivedCredentials = [];
-        let cNonce = options.cNonce;
-        let dpopNonce = (_a = options.dpop) === null || _a === void 0 ? void 0 : _a.nonce;
-        const credentialConfigurationsToRequest = (_b = credentialConfigurationIds === null || credentialConfigurationIds === void 0 ? void 0 : credentialConfigurationIds.map((id) => {
-            if (!offeredCredentialConfigurations[id]) {
-                const offeredCredentialIds = Object.keys(offeredCredentialConfigurations).join(', ');
-                throw new core_1.CredoError(`Credential to request '${id}' is not present in offered credentials. Offered credentials are ${offeredCredentialIds}`);
-            }
-            return [id, offeredCredentialConfigurations[id]];
-        })) !== null && _b !== void 0 ? _b : Object.entries(offeredCredentialConfigurations);
-        // If we don't have a nonce yet, we need to first get one
-        if (!cNonce) {
-            // Best option is to use nonce endpoint (draft 14+)
-            if (!metadata.credentialIssuer.nonce_endpoint) {
-                const nonceResponse = await client.requestNonce({ issuerMetadata: metadata });
-                cNonce = nonceResponse.c_nonce;
-            }
-            else {
-                // Otherwise we will send a dummy request
-                await client
-                    .retrieveCredentials({
-                    issuerMetadata: metadata,
-                    accessToken: options.accessToken,
-                    credentialConfigurationId: credentialConfigurationsToRequest[0][0],
-                    dpop: options.dpop
-                        ? await this.getDpopOptions(agentContext, Object.assign(Object.assign({}, options.dpop), { nonce: dpopNonce, dpopSigningAlgValuesSupported: [options.dpop.alg] }))
-                        : undefined,
-                })
-                    .catch((e) => {
-                    var _a;
-                    if (e instanceof oid4vci_1.Oid4vciRetrieveCredentialsError && ((_a = e.response.credentialErrorResponseResult) === null || _a === void 0 ? void 0 : _a.success)) {
-                        cNonce = e.response.credentialErrorResponseResult.output.c_nonce;
-                    }
-                });
-            }
-        }
-        if (!cNonce) {
-            throw new core_1.CredoError('No cNonce provided and unable to acquire cNonce from the credential issuer');
-        }
-        // If true: use max from issuer or otherwise 1
-        // If number not 0: use the number
-        // Else: use 1
-        const batchSize = requestBatch === true ? (_d = (_c = metadata.credentialIssuer.batch_credential_issuance) === null || _c === void 0 ? void 0 : _c.batch_size) !== null && _d !== void 0 ? _d : 1 : requestBatch || 1;
-        for (const [offeredCredentialId, offeredCredentialConfiguration] of credentialConfigurationsToRequest) {
-            // Get all options for the credential request (such as which kid to use, the signature algorithm, etc)
-            const { jwtSigner } = await this.getCredentialRequestOptions(agentContext, {
-                possibleProofOfPossessionSignatureAlgorithms: possibleProofOfPossessionSigAlgs,
-                offeredCredential: {
-                    id: offeredCredentialId,
-                    configuration: offeredCredentialConfiguration,
-                },
-                credentialBindingResolver,
-            });
-            const jwts = [];
-            for (let i = 0; i < batchSize; i++) {
-                const { jwt } = await client.createCredentialRequestJwtProof({
-                    credentialConfigurationId: offeredCredentialId,
-                    issuerMetadata: resolvedCredentialOffer.metadata,
-                    signer: jwtSigner,
-                    clientId: options.clientId,
-                    nonce: cNonce,
-                });
-                this.logger.debug('Generated credential request proof of possesion jwt', { jwt });
-                jwts.push(jwt);
-            }
-            const { credentialResponse, dpop } = await client.retrieveCredentials({
-                issuerMetadata: metadata,
-                accessToken: options.accessToken,
-                credentialConfigurationId: offeredCredentialId,
-                dpop: options.dpop
-                    ? await this.getDpopOptions(agentContext, Object.assign(Object.assign({}, options.dpop), { nonce: dpopNonce, dpopSigningAlgValuesSupported: [options.dpop.alg] }))
-                    : undefined,
-                proofs: batchSize > 1 ? { jwt: jwts } : undefined,
-                proof: batchSize === 1
-                    ? {
-                        proof_type: 'jwt',
-                        jwt: jwts[0],
-                    }
-                    : undefined,
-            });
-            // Set new nonce values
-            cNonce = credentialResponse.c_nonce;
-            dpopNonce = dpop === null || dpop === void 0 ? void 0 : dpop.nonce;
-            // Create credential, but we don't store it yet (only after the user has accepted the credential)
-            const credential = await this.handleCredentialResponse(agentContext, credentialResponse, {
-                verifyCredentialStatus: verifyCredentialStatus !== null && verifyCredentialStatus !== void 0 ? verifyCredentialStatus : false,
-                credentialIssuerMetadata: metadata.credentialIssuer,
-                format: offeredCredentialConfiguration.format,
-                credentialConfigurationId: offeredCredentialId,
-            });
-            this.logger.debug('received credential', credential.credentials.map((c) => c instanceof core_1.Mdoc ? { issuerSignedNamespaces: c.issuerSignedNamespaces, base64Url: c.base64Url } : c));
-            receivedCredentials.push(Object.assign(Object.assign({}, credential), { credentialConfigurationId: offeredCredentialId }));
-        }
-        return {
-            credentials: receivedCredentials,
-            dpop: options.dpop
-                ? Object.assign(Object.assign({}, options.dpop), { nonce: dpopNonce }) : undefined,
-            cNonce,
-        };
-    }
-    /**
-     * Get the options for the credential request. Internally this will resolve the proof of possession
-     * requirements, and based on that it will call the proofOfPossessionVerificationMethodResolver to
-     * allow the caller to select the correct verification method based on the requirements for the proof
-     * of possession.
-     */
-    async getCredentialRequestOptions(agentContext, options) {
-        const { signatureAlgorithms, supportedDidMethods, supportsAllDidMethods, supportsJwk } = this.getProofOfPossessionRequirements(agentContext, {
-            credentialToRequest: options.offeredCredential,
-            possibleProofOfPossessionSignatureAlgorithms: options.possibleProofOfPossessionSignatureAlgorithms,
-        });
-        const JwkClasses = signatureAlgorithms.map((signatureAlgorithm) => {
-            const JwkClass = (0, core_1.getJwkClassFromJwaSignatureAlgorithm)(signatureAlgorithm);
-            if (!JwkClass) {
-                throw new core_1.CredoError(`Could not determine JWK key type of the JWA signature algorithm '${signatureAlgorithm}'`);
-            }
-            return JwkClass;
-        });
-        const keyTypes = JwkClasses.map((JwkClass) => JwkClass.keyType);
-        const supportedVerificationMethods = keyTypes.flatMap((keyType) => (0, core_1.getSupportedVerificationMethodTypesFromKeyType)(keyType));
-        const format = options.offeredCredential.configuration.format;
-        const supportsAnyMethod = supportedDidMethods !== undefined || supportsAllDidMethods || supportsJwk;
-        // Now we need to determine how the credential will be bound to us
-        const credentialBinding = await options.credentialBindingResolver({
-            agentContext,
-            credentialFormat: format,
-            signatureAlgorithms,
-            supportedVerificationMethods,
-            keyTypes: JwkClasses.map((JwkClass) => JwkClass.keyType),
-            credentialConfigurationId: options.offeredCredential.id,
-            supportsAllDidMethods,
-            supportedDidMethods,
-            supportsJwk,
-        });
-        let jwk;
-        // Make sure the issuer of proof of possession is valid according to openid issuer metadata
-        if (credentialBinding.method === 'did') {
-            // Test binding method
-            if (!supportsAllDidMethods &&
-                // If supportedDidMethods is undefined, it means the issuer didn't include the binding methods in the metadata
-                // The user can still select a verification method, but we can't validate it
-                supportedDidMethods !== undefined &&
-                !supportedDidMethods.find((supportedDidMethod) => credentialBinding.didUrl.startsWith(supportedDidMethod) && supportsAnyMethod)) {
-                const { method } = (0, core_1.parseDid)(credentialBinding.didUrl);
-                const supportedDidMethodsString = supportedDidMethods.join(', ');
-                throw new core_1.CredoError(`Resolved credential binding for proof of possession uses did method '${method}', but issuer only supports '${supportedDidMethodsString}'`);
-            }
-            const key = await (0, utils_1.getKeyFromDid)(agentContext, credentialBinding.didUrl);
-            jwk = (0, core_1.getJwkFromKey)(key);
-            if (!keyTypes.includes(key.keyType)) {
-                throw new core_1.CredoError(`Credential binding returned did url that points to key with type '${key.keyType}', but one of '${keyTypes.join(', ')}' was expected`);
-            }
-        }
-        else if (credentialBinding.method === 'jwk') {
-            if (!supportsJwk && supportsAnyMethod) {
-                throw new core_1.CredoError(`Resolved credential binding for proof of possession uses jwk, but openid issuer does not support 'jwk' or 'cose_key' cryptographic binding method`);
-            }
-            jwk = credentialBinding.jwk;
-            if (!keyTypes.includes(credentialBinding.jwk.key.keyType)) {
-                throw new core_1.CredoError(`Credential binding returned jwk with key with type '${credentialBinding.jwk.key.keyType}', but one of '${keyTypes.join(', ')}' was expected`);
-            }
-        }
-        else {
-            // @ts-expect-error currently if/else if exhaustive, but once we add new option it will give ts error
-            throw new core_1.CredoError(`Unsupported credential binding method ${credentialBinding.method}`);
-        }
-        const alg = jwk.supportedSignatureAlgorithms.find((alg) => signatureAlgorithms.includes(alg));
-        if (!alg) {
-            // Should not happen, to make ts happy
-            throw new core_1.CredoError(`Unable to determine alg for key type ${jwk.keyType}`);
-        }
-        const jwtSigner = credentialBinding.method === 'did'
-            ? {
-                method: credentialBinding.method,
-                didUrl: credentialBinding.didUrl,
-                alg,
-            }
-            : {
-                method: 'jwk',
-                publicJwk: credentialBinding.jwk.toJson(),
-                alg,
-            };
-        return { credentialBinding, signatureAlgorithm: alg, jwtSigner };
-    }
-    /**
-     * Get the requirements for creating the proof of possession. Based on the allowed
-     * credential formats, the allowed proof of possession signature algorithms, and the
-     * credential type, this method will select the best credential format and signature
-     * algorithm to use, based on the order of preference.
-     */
-    getProofOfPossessionRequirements(agentContext, options) {
-        var _a, _b, _c, _d, _e;
-        const { credentialToRequest } = options;
-        if (!OpenId4VciHolderServiceOptions_1.openId4VciSupportedCredentialFormats.includes(credentialToRequest.configuration.format)) {
-            throw new core_1.CredoError([
-                `Requested credential with format '${credentialToRequest.configuration.format}',`,
-                `for the credential with id '${credentialToRequest.id},`,
-                `but the wallet only supports the following formats '${OpenId4VciHolderServiceOptions_1.openId4VciSupportedCredentialFormats.join(', ')}'`,
-            ].join('\n'));
-        }
-        // For each of the supported algs, find the key types, then find the proof types
-        const signatureSuiteRegistry = agentContext.dependencyManager.resolve(core_1.SignatureSuiteRegistry);
-        let signatureAlgorithms = [];
-        if (credentialToRequest.configuration.proof_types_supported) {
-            if (!credentialToRequest.configuration.proof_types_supported.jwt) {
-                throw new core_1.CredoError(`Unsupported proof type(s) ${Object.keys(credentialToRequest.configuration.proof_types_supported).join(', ')}. Supported proof type(s) are: jwt`);
-            }
-        }
-        const proofSigningAlgsSupported = (_b = (_a = credentialToRequest.configuration.proof_types_supported) === null || _a === void 0 ? void 0 : _a.jwt) === null || _b === void 0 ? void 0 : _b.proof_signing_alg_values_supported;
-        // If undefined, it means the issuer didn't include the cryptographic suites in the metadata
-        // We just guess that the first one is supported
-        if (proofSigningAlgsSupported === undefined) {
-            signatureAlgorithms = options.possibleProofOfPossessionSignatureAlgorithms;
-        }
-        else {
-            switch (credentialToRequest.configuration.format) {
-                case shared_1.OpenId4VciCredentialFormatProfile.JwtVcJson:
-                case shared_1.OpenId4VciCredentialFormatProfile.JwtVcJsonLd:
-                case shared_1.OpenId4VciCredentialFormatProfile.SdJwtVc:
-                case shared_1.OpenId4VciCredentialFormatProfile.MsoMdoc:
-                    signatureAlgorithms = options.possibleProofOfPossessionSignatureAlgorithms.filter((signatureAlgorithm) => proofSigningAlgsSupported.includes(signatureAlgorithm));
-                    break;
-                case shared_1.OpenId4VciCredentialFormatProfile.LdpVc:
-                    signatureAlgorithms = options.possibleProofOfPossessionSignatureAlgorithms.filter((signatureAlgorithm) => {
-                        const JwkClass = (0, core_1.getJwkClassFromJwaSignatureAlgorithm)(signatureAlgorithm);
-                        if (!JwkClass)
-                            return false;
-                        const matchingSuite = signatureSuiteRegistry.getAllByKeyType(JwkClass.keyType);
-                        if (matchingSuite.length === 0)
-                            return false;
-                        return proofSigningAlgsSupported.includes(matchingSuite[0].proofType);
-                    });
-                    break;
-                default:
-                    throw new core_1.CredoError(`Unsupported credential format.`);
-            }
-        }
-        if (signatureAlgorithms.length === 0) {
-            throw new core_1.CredoError(`Could not establish signature algorithm for format ${credentialToRequest.configuration.format} and id ${credentialToRequest.id}. Server supported signature algorithms are '${(_c = proofSigningAlgsSupported === null || proofSigningAlgsSupported === void 0 ? void 0 : proofSigningAlgsSupported.join(', ')) !== null && _c !== void 0 ? _c : 'Not defined'}', available are '${options.possibleProofOfPossessionSignatureAlgorithms.join(', ')}'`);
-        }
-        const issuerSupportedBindingMethods = credentialToRequest.configuration.cryptographic_binding_methods_supported;
-        const supportsAllDidMethods = (_d = issuerSupportedBindingMethods === null || issuerSupportedBindingMethods === void 0 ? void 0 : issuerSupportedBindingMethods.includes('did')) !== null && _d !== void 0 ? _d : false;
-        const supportedDidMethods = issuerSupportedBindingMethods === null || issuerSupportedBindingMethods === void 0 ? void 0 : issuerSupportedBindingMethods.filter((method) => method.startsWith('did:'));
-        // The cryptographic_binding_methods_supported describe the cryptographic key material that the issued Credential is bound to.
-        const supportsCoseKey = (_e = issuerSupportedBindingMethods === null || issuerSupportedBindingMethods === void 0 ? void 0 : issuerSupportedBindingMethods.includes('cose_key')) !== null && _e !== void 0 ? _e : false;
-        const supportsJwk = (issuerSupportedBindingMethods === null || issuerSupportedBindingMethods === void 0 ? void 0 : issuerSupportedBindingMethods.includes('jwk')) || supportsCoseKey;
-        return {
-            signatureAlgorithms,
-            supportedDidMethods,
-            supportsAllDidMethods,
-            supportsJwk,
-        };
-    }
-    async handleCredentialResponse(agentContext, credentialResponse, options) {
-        var _a;
-        const { verifyCredentialStatus, credentialConfigurationId } = options;
-        this.logger.debug('Credential response', credentialResponse);
-        const credentials = (_a = credentialResponse.credentials) !== null && _a !== void 0 ? _a : (credentialResponse.credential ? [credentialResponse.credential] : undefined);
-        if (!credentials) {
-            throw new core_1.CredoError(`Credential response returned neither 'credentials' nor 'credential' parameter.`);
-        }
-        const notificationId = credentialResponse.notification_id;
-        const format = options.format;
-        if (format === shared_1.OpenId4VciCredentialFormatProfile.SdJwtVc) {
-            if (!credentials.every((c) => typeof c === 'string')) {
-                throw new core_1.CredoError(`Received credential(s) of format ${format}, but not all credential(s) are a string. ${JSON.stringify(credentials)}`);
-            }
-            const sdJwtVcApi = agentContext.dependencyManager.resolve(core_1.SdJwtVcApi);
-            const verificationResults = await Promise.all(credentials.map((compactSdJwtVc) => sdJwtVcApi.verify({
-                compactSdJwtVc,
-            })));
-            if (!verificationResults.every((result) => result.isValid)) {
-                agentContext.config.logger.error('Failed to validate credential(s)', { verificationResults });
-                throw new core_1.CredoError(`Failed to validate sd-jwt-vc credentials. Results = ${JSON.stringify(verificationResults)}`);
-            }
-            return {
-                credentials: verificationResults.map((result) => result.sdJwtVc),
-                notificationId,
-                credentialConfigurationId,
-            };
-        }
-        else if (options.format === shared_1.OpenId4VciCredentialFormatProfile.JwtVcJson ||
-            options.format === shared_1.OpenId4VciCredentialFormatProfile.JwtVcJsonLd) {
-            if (!credentials.every((c) => typeof c === 'string')) {
-                throw new core_1.CredoError(`Received credential(s) of format ${format}, but not all credential(s) are a string. ${JSON.stringify(credentials)}`);
-            }
-            const result = await Promise.all(credentials.map(async (c) => {
-                const credential = core_1.W3cJwtVerifiableCredential.fromSerializedJwt(c);
-                const result = await this.w3cCredentialService.verifyCredential(agentContext, {
-                    credential,
-                    verifyCredentialStatus,
-                });
-                return { credential, result };
-            }));
-            if (!result.every((c) => c.result.isValid)) {
-                agentContext.config.logger.error('Failed to validate credentials', { result });
-                throw new core_1.CredoError(`Failed to validate credential, error = ${result
-                    .map((e) => { var _a; return (_a = e.result.error) === null || _a === void 0 ? void 0 : _a.message; })
-                    .filter(Boolean)
-                    .join(', ')}`);
-            }
-            return { credentials: result.map((r) => r.credential), notificationId, credentialConfigurationId };
-        }
-        else if (format === shared_1.OpenId4VciCredentialFormatProfile.LdpVc) {
-            if (!credentials.every((c) => typeof c === 'object')) {
-                throw new core_1.CredoError(`Received credential(s) of format ${format}, but not all credential(s) are an object. ${JSON.stringify(credentials)}`);
-            }
-            const result = await Promise.all(credentials.map(async (c) => {
-                const credential = core_1.W3cJsonLdVerifiableCredential.fromJson(c);
-                const result = await this.w3cCredentialService.verifyCredential(agentContext, {
-                    credential,
-                    verifyCredentialStatus,
-                });
-                return { credential, result };
-            }));
-            if (!result.every((c) => c.result.isValid)) {
-                agentContext.config.logger.error('Failed to validate credentials', { result });
-                throw new core_1.CredoError(`Failed to validate credential, error = ${result
-                    .map((e) => { var _a; return (_a = e.result.error) === null || _a === void 0 ? void 0 : _a.message; })
-                    .filter(Boolean)
-                    .join(', ')}`);
-            }
-            return { credentials: result.map((r) => r.credential), notificationId, credentialConfigurationId };
-        }
-        else if (format === shared_1.OpenId4VciCredentialFormatProfile.MsoMdoc) {
-            if (!credentials.every((c) => typeof c === 'string')) {
-                throw new core_1.CredoError(`Received credential(s) of format ${format}, but not all credential(s) are a string. ${JSON.stringify(credentials)}`);
-            }
-            const mdocApi = agentContext.dependencyManager.resolve(core_1.MdocApi);
-            const result = await Promise.all(credentials.map(async (credential) => {
-                const mdoc = core_1.Mdoc.fromBase64Url(credential);
-                const result = await mdocApi.verify(mdoc, {});
-                return {
-                    result,
-                    mdoc,
-                };
-            }));
-            if (!result.every((r) => r.result.isValid)) {
-                agentContext.config.logger.error('Failed to validate credentials', { result });
-                throw new core_1.CredoError(`Failed to validate mdoc credential(s). \n - ${result
-                    .map((r, i) => (r.result.isValid ? undefined : `(${i}) ${r.result.error}`))
-                    .filter(Boolean)
-                    .join('\n - ')}`);
-            }
-            return { credentials: result.map((c) => c.mdoc), notificationId, credentialConfigurationId };
-        }
-        throw new core_1.CredoError(`Unsupported credential format ${options.format}`);
-    }
-    getClient(agentContext) {
-        return new oid4vci_1.Oid4vciClient({
-            callbacks: (0, callbacks_1.getOid4vciCallbacks)(agentContext),
-        });
-    }
-    getOauth2Client(agentContext) {
-        return new oauth2_1.Oauth2Client({
-            callbacks: (0, callbacks_1.getOid4vciCallbacks)(agentContext),
-        });
-    }
-};
-exports.OpenId4VciHolderService = OpenId4VciHolderService;
-exports.OpenId4VciHolderService = OpenId4VciHolderService = __decorate([
-    (0, core_1.injectable)(),
-    __param(0, (0, core_1.inject)(core_1.InjectionSymbols.Logger)),
-    __metadata("design:paramtypes", [Object, core_1.W3cCredentialService,
-        core_1.JwsService])
-], OpenId4VciHolderService);
-//# sourceMappingURL=OpenId4VciHolderService.js.map

package/build/openid4vc-holder/OpenId4VciHolderService.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"OpenId4VciHolderService.js","sourceRoot":"","sources":["../../src/openid4vc-holder/OpenId4VciHolderService.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;AAqBA,6CAMyB;AACzB,+CAM0B;AAC1B,yCAoBuB;AAEvB,sCAA6D;AAC7D,mDAAyD;AACzD,uEAAqH;AACrH,2CAAmF;AAEnF,qFAAuF;AAGhF,IAAM,uBAAuB,GAA7B,MAAM,uBAAuB;IAKlC,YACmC,MAAc,EAC/C,oBAA0C,EAC1C,UAAsB;QAEtB,IAAI,CAAC,oBAAoB,GAAG,oBAAoB,CAAA;QAChD,IAAI,CAAC,UAAU,GAAG,UAAU,CAAA;QAC5B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;IACtB,CAAC;IAEM,KAAK,CAAC,qBAAqB,CAChC,YAA0B,EAC1B,gBAAwB;QAExB,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;QAE3C,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,gBAAgB,CAAC,CAAA;QACrE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,oCAAoC,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAA;QAErE,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEM,KAAK,CAAC,sBAAsB,CACjC,YAA0B,EAC1B,eAAuB;QAEvB,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;QAE3C,MAAM,qBAAqB,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAA;QAClF,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,qBAAqB,CAAC,iBAAiB,CAAC,CAAA;QAC5F,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,8CAA8C,EAAE,EAAE,QAAQ,EAAE,qBAAqB,EAAE,CAAC,CAAA;QAEtG,MAAM,iCAAiC,GAAG,IAAA,2CAAqB,EAC7D,qBAAqB,CAAC,4BAA4B,EAClD,MAAM,CAAC,yCAAyC,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAC5E,CAAA;QAED,OAAO;YACL,QAAQ;YACR,+BAA+B,EAAE,iCAAiC;YAClE,sBAAsB,EAAE,qBAAqB;SAC9C,CAAA;IACH,CAAC;IAEM,KAAK,CAAC,2BAA2B,CACtC,YAA0B,EAC1B,uBAA0D,EAC1D,mBAAkD;;QAElD,MAAM,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,mBAAmB,CAAA;QACrD,MAAM,EAAE,QAAQ,EAAE,sBAAsB,EAAE,+BAA+B,EAAE,GAAG,uBAAuB,CAAA;QAErG,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;QAE3C,yEAAyE;QACzE,MAAM,KAAK,GACT,MAAA,mBAAmB,CAAC,KAAK,mCAAI,IAAA,oEAA8C,EAAC,+BAA+B,CAAC,CAAA;QAE9G,MAAM,mBAAmB,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC;YAC7D,QAAQ;YACR,cAAc,EAAE,QAAQ;YACxB,eAAe,EAAE,sBAAsB;YACvC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC;YACtB,WAAW;SACZ,CAAC,CAAA;QAEF,IAAI,mBAAmB,CAAC,iBAAiB,KAAK,2BAAiB,CAAC,0BAA0B,EAAE,CAAC;YAC3F,OAAO;gBACL,iBAAiB,EAAE,2BAAiB,CAAC,0BAA0B;gBAC/D,gBAAgB,EAAE,mBAAmB,CAAC,gBAAgB;gBACtD,WAAW,EAAE,mBAAmB,CAAC,WAAW;aAC7C,CAAA;QACH,CAAC;QAED,6BAA6B;QAC7B,OAAO;YACL,iBAAiB,EAAE,2BAAiB,CAAC,cAAc;YACnD,YAAY,EAAE,MAAA,mBAAmB,CAAC,IAAI,0CAAE,YAAY;YACpD,uBAAuB,EAAE,mBAAmB,CAAC,uBAAuB;SACrE,CAAA;IACH,CAAC;IAEM,KAAK,CAAC,gBAAgB,CAC3B,YAA0B,EAC1B,OAMC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;QAC3C,MAAM,MAAM,CAAC,gBAAgB,CAAC;YAC5B,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,IAAI,EAAE,OAAO,CAAC,IAAI;gBAChB,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,kCACjC,OAAO,CAAC,IAAI,KACf,6BAA6B,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,IACjD;gBACJ,CAAC,CAAC,SAAS;YACb,cAAc,EAAE,OAAO,CAAC,QAAQ;YAChC,YAAY,EAAE;gBACZ,KAAK,EAAE,OAAO,CAAC,iBAAiB;gBAChC,cAAc,EAAE,OAAO,CAAC,cAAc;aACvC;SACF,CAAC,CAAA;IACJ,CAAC;IAEO,KAAK,CAAC,cAAc,CAC1B,YAA0B,EAC1B,EACE,GAAG,EACH,6BAA6B,EAC7B,KAAK,GACkE;QAEzE,IAAI,GAAG,EAAE,CAAC;YACR,MAAM,GAAG,GAAG,6BAA6B,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CACrD,GAAG,CAAC,4BAA4B,CAAC,QAAQ,CAAC,GAA4B,CAAC,CACxE,CAAA;YAED,IAAI,CAAC,GAAG,EAAE,CAAC;gBACT,MAAM,IAAI,iBAAU,CAClB,sFAAsF,6BAA6B,CAAC,IAAI,CACtH,IAAI,CACL,uBAAuB,GAAG,CAAC,OAAO,EAAE,CACtC,CAAA;YACH,CAAC;YAED,OAAO;gBACL,MAAM,EAAE;oBACN,MAAM,EAAE,KAAK;oBACb,GAAG;oBACH,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE;iBACxB;gBACD,KAAK;aACN,CAAA;QACH,CAAC;QAED,MAAM,GAAG,GAAG,6BAA6B,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,IAAA,2CAAoC,EAAC,GAAG,CAAC,CAAC,CAAA;QAClG,MAAM,QAAQ,GAAG,GAAG,CAAC,CAAC,CAAC,IAAA,2CAAoC,EAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;QAE5E,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACtB,MAAM,IAAI,iBAAU,CAClB,sFAAsF,6BAA6B,CAAC,IAAI,CACtH,IAAI,CACL,GAAG,CACL,CAAA;QACH,CAAC;QAED,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAA;QAC9E,OAAO;YACL,MAAM,EAAE;gBACN,MAAM,EAAE,KAAK;gBACb,GAAG;gBACH,SAAS,EAAE,IAAA,oBAAa,EAAC,GAAG,CAAC,CAAC,MAAM,EAAE;aACvC;YACD,KAAK;SACN,CAAA;IACH,CAAC;IAEM,KAAK,CAAC,0CAA0C,CACrD,YAA0B,EAC1B,OAAoE;QAEpE,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;QAC3C,8CAA8C;QAC9C,4BAA4B;QAC5B,gDAAgD;QAChD,yBAAyB;QACzB,2DAA2D;QAC3D,SAAS;QACT,gBAAgB;QAEhB,uDAAuD;QACvD,MAAM,EAAE,8BAA8B,EAAE,GAAG,MAAM,MAAM,CAAC,0CAA0C,CAAC;YACjG,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,iCAAiC,EAAE,OAAO,CAAC,iCAAiC;YAC5E,eAAe,EAAE,OAAO,CAAC,uBAAuB,CAAC,sBAAsB;YACvE,cAAc,EAAE,OAAO,CAAC,uBAAuB,CAAC,QAAQ;YACxD,OAAO;SACR,CAAC,CAAA;QAEF,OAAO;YACL,iBAAiB,EAAE,8BAA8B,CAAC,kBAAkB;SACrE,CAAA;IACH,CAAC;IAEM,KAAK,CAAC,kBAAkB,CAAC,YAA0B,EAAE,OAAsC;;QAChG,MAAM,EAAE,QAAQ,EAAE,sBAAsB,EAAE,GAAG,OAAO,CAAC,uBAAuB,CAAA;QAC5E,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;QAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,eAAe,CAAC,YAAY,CAAC,CAAA;QAEvD,MAAM,mBAAmB,GAAG,OAAO,CAAC,IAAI;YACtC,CAAC,CAAC,MAAA,MAAA,sBAAsB,CAAC,MAAM,0CAAE,kBAAkB,0CAAE,oBAAoB;YACzE,CAAC,CAAC,MAAA,MAAA,sBAAsB,CAAC,MAAM,0CAAG,yCAAgC,CAAC,0CAAE,oBAAoB,CAAA;QAC3F,MAAM,2BAA2B,GAAG,IAAA,+CAAsC,EACxE,QAAQ,CAAC,oBAAoB,EAC7B,mBAAmB,aAAnB,mBAAmB,cAAnB,mBAAmB,GAAI,QAAQ,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,MAAM,CAC/D,CAAA;QAED,8EAA8E;QAC9E,MAAM,eAAe,GAAG,YAAY,CAAC,eAAe,CAAC;YACnD,2BAA2B;SAC5B,CAAC,CAAA;QACF,MAAM,IAAI,GAAG,eAAe,CAAC,SAAS;YACpC,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,EAAE;gBACtC,6BAA6B,EAAE,eAAe,CAAC,6BAA6B;aAC7E,CAAC;YACJ,CAAC,CAAC,SAAS,CAAA;QAEb,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI;YACzB,CAAC,CAAC,MAAM,MAAM,CAAC,6CAA6C,CAAC;gBACzD,cAAc,EAAE,QAAQ;gBACxB,eAAe,EAAE,sBAAsB;gBACvC,iBAAiB,EAAE,OAAO,CAAC,IAAI;gBAC/B,IAAI;gBACJ,gBAAgB,EAAE,OAAO,CAAC,YAAY;gBACtC,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,wBAAwB,EAAE;oBACxB,yDAAyD;oBACzD,wCAAwC;oBACxC,SAAS,EAAE,OAAO,CAAC,QAAQ;iBAC5B;aACF,CAAC;YACJ,CAAC,CAAC,MAAM,MAAM,CAAC,6CAA6C,CAAC;gBACzD,eAAe,EAAE,sBAAsB;gBACvC,cAAc,EAAE,QAAQ;gBACxB,IAAI;gBACJ,MAAM,EAAE,OAAO,CAAC,MAAM;aACvB,CAAC,CAAA;QAEN,uCACK,MAAM,KACT,IAAI,EAAE,IAAI;gBACR,CAAC,iCACM,MAAM,CAAC,IAAI,KACd,GAAG,EAAE,IAAI,CAAC,MAAM,CAAC,GAA4B,EAC7C,GAAG,EAAE,IAAA,qBAAc,EAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,IAE9C,CAAC,CAAC,SAAS,IACd;IACH,CAAC;IAEM,KAAK,CAAC,qBAAqB,CAChC,YAA0B,EAC1B,OAOC;;QAED,MAAM,EAAE,uBAAuB,EAAE,4BAA4B,EAAE,GAAG,OAAO,CAAA;QACzE,MAAM,EAAE,QAAQ,EAAE,+BAA+B,EAAE,GAAG,uBAAuB,CAAA;QAC7E,MAAM,EAAE,0BAA0B,EAAE,yBAAyB,EAAE,sBAAsB,EAAE,YAAY,EAAE,GACnG,4BAA4B,CAAA;QAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,YAAY,CAAC,CAAA;QAE3C,IAAI,CAAA,0BAA0B,aAA1B,0BAA0B,uBAA1B,0BAA0B,CAAE,MAAM,MAAK,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,iBAAU,CAAC,+CAA+C,CAAC,CAAA;QACvE,CAAC;QAED,MAAM,+BAA+B,GAAG,IAAA,0CAAkC,EAAC,YAAY,CAAC,CAAA;QAExF,MAAM,+BAA+B,GAAG,4BAA4B,CAAC,2CAA2C,CAAA;QAChH,MAAM,gCAAgC,GAAG,+BAA+B;YACtE,CAAC,CAAC,+BAA+B,CAAC,MAAM,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,+BAA+B,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YAC5G,CAAC,CAAC,+BAA+B,CAAA;QAEnC,IAAI,gCAAgC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClD,MAAM,IAAI,iBAAU,CAClB;gBACE,4DAA4D;gBAC5D,gDAAgD,+BAA+B,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;gBAC7F,iCAAiC,+BAA+B,aAA/B,+BAA+B,uBAA/B,+BAA+B,CAAE,IAAI,CAAC,IAAI,CAAC,GAAG;aAChF,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAA;QACH,CAAC;QAED,MAAM,mBAAmB,GAAwC,EAAE,CAAA;QACnE,IAAI,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;QAC3B,IAAI,SAAS,GAAG,MAAA,OAAO,CAAC,IAAI,0CAAE,KAAK,CAAA;QAEnC,MAAM,iCAAiC,GACrC,MAAA,0BAA0B,aAA1B,0BAA0B,uBAA1B,0BAA0B,CAAE,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE;YACrC,IAAI,CAAC,+BAA+B,CAAC,EAAE,CAAC,EAAE,CAAC;gBACzC,MAAM,oBAAoB,GAAG,MAAM,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBACpF,MAAM,IAAI,iBAAU,CAClB,0BAA0B,EAAE,oEAAoE,oBAAoB,EAAE,CACvH,CAAA;YACH,CAAC;YACD,OAAO,CAAC,EAAE,EAAE,+BAA+B,CAAC,EAAE,CAAC,CAAU,CAAA;QAC3D,CAAC,CAAC,mCAAI,MAAM,CAAC,OAAO,CAAC,+BAA+B,CAAC,CAAA;QAEvD,yDAAyD;QACzD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,mDAAmD;YACnD,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,cAAc,EAAE,CAAC;gBAC9C,MAAM,aAAa,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,EAAE,cAAc,EAAE,QAAQ,EAAE,CAAC,CAAA;gBAC7E,MAAM,GAAG,aAAa,CAAC,OAAO,CAAA;YAChC,CAAC;iBAAM,CAAC;gBACN,yCAAyC;gBACzC,MAAM,MAAM;qBACT,mBAAmB,CAAC;oBACnB,cAAc,EAAE,QAAQ;oBACxB,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,yBAAyB,EAAE,iCAAiC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;oBAClE,IAAI,EAAE,OAAO,CAAC,IAAI;wBAChB,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,kCACjC,OAAO,CAAC,IAAI,KACf,KAAK,EAAE,SAAS,EAChB,6BAA6B,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,IACjD;wBACJ,CAAC,CAAC,SAAS;iBACd,CAAC;qBACD,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;;oBACX,IAAI,CAAC,YAAY,yCAA+B,KAAI,MAAA,CAAC,CAAC,QAAQ,CAAC,6BAA6B,0CAAE,OAAO,CAAA,EAAE,CAAC;wBACtG,MAAM,GAAG,CAAC,CAAC,QAAQ,CAAC,6BAA6B,CAAC,MAAM,CAAC,OAAO,CAAA;oBAClE,CAAC;gBACH,CAAC,CAAC,CAAA;YACN,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,IAAI,iBAAU,CAAC,4EAA4E,CAAC,CAAA;QACpG,CAAC;QAED,8CAA8C;QAC9C,kCAAkC;QAClC,cAAc;QACd,MAAM,SAAS,GACb,YAAY,KAAK,IAAI,CAAC,CAAC,CAAC,MAAA,MAAA,QAAQ,CAAC,gBAAgB,CAAC,yBAAyB,0CAAE,UAAU,mCAAI,CAAC,CAAC,CAAC,CAAC,YAAY,IAAI,CAAC,CAAA;QAElH,KAAK,MAAM,CAAC,mBAAmB,EAAE,8BAA8B,CAAC,IAAI,iCAAiC,EAAE,CAAC;YACtG,sGAAsG;YACtG,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,IAAI,CAAC,2BAA2B,CAAC,YAAY,EAAE;gBACzE,4CAA4C,EAAE,gCAAgC;gBAC9E,iBAAiB,EAAE;oBACjB,EAAE,EAAE,mBAAmB;oBACvB,aAAa,EAAE,8BAA8B;iBAC9C;gBACD,yBAAyB;aAC1B,CAAC,CAAA;YAEF,MAAM,IAAI,GAAa,EAAE,CAAA;YACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;gBACnC,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,MAAM,CAAC,+BAA+B,CAAC;oBAC3D,yBAAyB,EAAE,mBAAmB;oBAC9C,cAAc,EAAE,uBAAuB,CAAC,QAAQ;oBAChD,MAAM,EAAE,SAAS;oBACjB,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,KAAK,EAAE,MAAM;iBACd,CAAC,CAAA;gBACF,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qDAAqD,EAAE,EAAE,GAAG,EAAE,CAAC,CAAA;gBACjF,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAChB,CAAC;YAED,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,mBAAmB,CAAC;gBACpE,cAAc,EAAE,QAAQ;gBACxB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,yBAAyB,EAAE,mBAAmB;gBAC9C,IAAI,EAAE,OAAO,CAAC,IAAI;oBAChB,CAAC,CAAC,MAAM,IAAI,CAAC,cAAc,CAAC,YAAY,kCACjC,OAAO,CAAC,IAAI,KACf,KAAK,EAAE,SAAS,EAChB,6BAA6B,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,IACjD;oBACJ,CAAC,CAAC,SAAS;gBACb,MAAM,EAAE,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS;gBACjD,KAAK,EACH,SAAS,KAAK,CAAC;oBACb,CAAC,CAAC;wBACE,UAAU,EAAE,KAAK;wBACjB,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;qBACb;oBACH,CAAC,CAAC,SAAS;aAChB,CAAC,CAAA;YAEF,uBAAuB;YACvB,MAAM,GAAG,kBAAkB,CAAC,OAAO,CAAA;YACnC,SAAS,GAAG,IAAI,aAAJ,IAAI,uBAAJ,IAAI,CAAE,KAAK,CAAA;YAEvB,iGAAiG;YACjG,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,YAAY,EAAE,kBAAkB,EAAE;gBACvF,sBAAsB,EAAE,sBAAsB,aAAtB,sBAAsB,cAAtB,sBAAsB,GAAI,KAAK;gBACvD,wBAAwB,EAAE,QAAQ,CAAC,gBAAgB;gBACnD,MAAM,EAAE,8BAA8B,CAAC,MAA2C;gBAClF,yBAAyB,EAAE,mBAAmB;aAC/C,CAAC,CAAA;YAEF,IAAI,CAAC,MAAM,CAAC,KAAK,CACf,qBAAqB,EACrB,UAAU,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAC/B,CAAC,YAAY,WAAI,CAAC,CAAC,CAAC,EAAE,sBAAsB,EAAE,CAAC,CAAC,sBAAsB,EAAE,SAAS,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,CAAC,CACrG,CACF,CAAA;YACD,mBAAmB,CAAC,IAAI,iCAAM,UAAU,KAAE,yBAAyB,EAAE,mBAAmB,IAAG,CAAA;QAC7F,CAAC;QAED,OAAO;YACL,WAAW,EAAE,mBAAmB;YAChC,IAAI,EAAE,OAAO,CAAC,IAAI;gBAChB,CAAC,iCACM,OAAO,CAAC,IAAI,KACf,KAAK,EAAE,SAAS,IAEpB,CAAC,CAAC,SAAS;YACb,MAAM;SACP,CAAA;IACH,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,2BAA2B,CACvC,YAA0B,EAC1B,OAOC;QAED,MAAM,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,qBAAqB,EAAE,WAAW,EAAE,GACpF,IAAI,CAAC,gCAAgC,CAAC,YAAY,EAAE;YAClD,mBAAmB,EAAE,OAAO,CAAC,iBAAiB;YAC9C,4CAA4C,EAAE,OAAO,CAAC,4CAA4C;SACnG,CAAC,CAAA;QAEJ,MAAM,UAAU,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC,kBAAkB,EAAE,EAAE;YAChE,MAAM,QAAQ,GAAG,IAAA,2CAAoC,EAAC,kBAAkB,CAAC,CAAA;YACzE,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,MAAM,IAAI,iBAAU,CAAC,oEAAoE,kBAAkB,GAAG,CAAC,CAAA;YACjH,CAAC;YACD,OAAO,QAAQ,CAAA;QACjB,CAAC,CAAC,CAAA;QACF,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;QAExE,MAAM,4BAA4B,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAChE,IAAA,qDAA8C,EAAC,OAAO,CAAC,CACxD,CAAA;QACD,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,aAAa,CAAC,MAA8C,CAAA;QACrG,MAAM,iBAAiB,GAAG,mBAAmB,KAAK,SAAS,IAAI,qBAAqB,IAAI,WAAW,CAAA;QAEnG,kEAAkE;QAClE,MAAM,iBAAiB,GAAG,MAAM,OAAO,CAAC,yBAAyB,CAAC;YAChE,YAAY;YACZ,gBAAgB,EAAE,MAAM;YACxB,mBAAmB;YACnB,4BAA4B;YAC5B,QAAQ,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC;YACjE,yBAAyB,EAAE,OAAO,CAAC,iBAAiB,CAAC,EAAE;YACvD,qBAAqB;YACrB,mBAAmB;YACnB,WAAW;SACZ,CAAC,CAAA;QAEF,IAAI,GAAQ,CAAA;QACZ,2FAA2F;QAC3F,IAAI,iBAAiB,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YACvC,sBAAsB;YACtB,IACE,CAAC,qBAAqB;gBACtB,8GAA8G;gBAC9G,4EAA4E;gBAC5E,mBAAmB,KAAK,SAAS;gBACjC,CAAC,mBAAmB,CAAC,IAAI,CACvB,CAAC,kBAAkB,EAAE,EAAE,CAAC,iBAAiB,CAAC,MAAM,CAAC,UAAU,CAAC,kBAAkB,CAAC,IAAI,iBAAiB,CACrG,EACD,CAAC;gBACD,MAAM,EAAE,MAAM,EAAE,GAAG,IAAA,eAAQ,EAAC,iBAAiB,CAAC,MAAM,CAAC,CAAA;gBACrD,MAAM,yBAAyB,GAAG,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBAChE,MAAM,IAAI,iBAAU,CAClB,wEAAwE,MAAM,gCAAgC,yBAAyB,GAAG,CAC3I,CAAA;YACH,CAAC;YAED,MAAM,GAAG,GAAG,MAAM,IAAA,qBAAa,EAAC,YAAY,EAAE,iBAAiB,CAAC,MAAM,CAAC,CAAA;YACvE,GAAG,GAAG,IAAA,oBAAa,EAAC,GAAG,CAAC,CAAA;YACxB,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBACpC,MAAM,IAAI,iBAAU,CAClB,qEACE,GAAG,CAAC,OACN,kBAAkB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CACtD,CAAA;YACH,CAAC;QACH,CAAC;aAAM,IAAI,iBAAiB,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;YAC9C,IAAI,CAAC,WAAW,IAAI,iBAAiB,EAAE,CAAC;gBACtC,MAAM,IAAI,iBAAU,CAClB,mJAAmJ,CACpJ,CAAA;YACH,CAAC;YAED,GAAG,GAAG,iBAAiB,CAAC,GAAG,CAAA;YAC3B,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1D,MAAM,IAAI,iBAAU,CAClB,uDACE,iBAAiB,CAAC,GAAG,CAAC,GAAG,CAAC,OAC5B,kBAAkB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CACtD,CAAA;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,qGAAqG;YACrG,MAAM,IAAI,iBAAU,CAAC,yCAAyC,iBAAiB,CAAC,MAAM,EAAE,CAAC,CAAA;QAC3F,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,CAAC,4BAA4B,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,mBAAmB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAA;QAC7F,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,sCAAsC;YACtC,MAAM,IAAI,iBAAU,CAAC,wCAAwC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAA;QAC7E,CAAC;QAED,MAAM,SAAS,GACb,iBAAiB,CAAC,MAAM,KAAK,KAAK;YAChC,CAAC,CAAC;gBACE,MAAM,EAAE,iBAAiB,CAAC,MAAM;gBAChC,MAAM,EAAE,iBAAiB,CAAC,MAAM;gBAChC,GAAG;aACJ;YACH,CAAC,CAAC;gBACE,MAAM,EAAE,KAAK;gBACb,SAAS,EAAE,iBAAiB,CAAC,GAAG,CAAC,MAAM,EAAE;gBACzC,GAAG;aACJ,CAAA;QAEP,OAAO,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,GAAG,EAAE,SAAS,EAAE,CAAA;IAClE,CAAC;IAED;;;;;OAKG;IACK,gCAAgC,CACtC,YAA0B,EAC1B,OAMC;;QAED,MAAM,EAAE,mBAAmB,EAAE,GAAG,OAAO,CAAA;QAEvC,IACE,CAAC,qEAAoC,CAAC,QAAQ,CAC5C,mBAAmB,CAAC,aAAa,CAAC,MAA8C,CACjF,EACD,CAAC;YACD,MAAM,IAAI,iBAAU,CAClB;gBACE,qCAAqC,mBAAmB,CAAC,aAAa,CAAC,MAAM,IAAI;gBACjF,+BAA+B,mBAAmB,CAAC,EAAE,GAAG;gBACxD,uDAAuD,qEAAoC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;aAC1G,CAAC,IAAI,CAAC,IAAI,CAAC,CACb,CAAA;QACH,CAAC;QAED,gFAAgF;QAChF,MAAM,sBAAsB,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,6BAAsB,CAAC,CAAA;QAE7F,IAAI,mBAAmB,GAA4B,EAAE,CAAA;QAErD,IAAI,mBAAmB,CAAC,aAAa,CAAC,qBAAqB,EAAE,CAAC;YAC5D,IAAI,CAAC,mBAAmB,CAAC,aAAa,CAAC,qBAAqB,CAAC,GAAG,EAAE,CAAC;gBACjE,MAAM,IAAI,iBAAU,CAClB,6BAA6B,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,aAAa,CAAC,qBAAqB,CAAC,CAAC,IAAI,CACpG,IAAI,CACL,oCAAoC,CACtC,CAAA;YACH,CAAC;QACH,CAAC;QAED,MAAM,yBAAyB,GAC7B,MAAA,MAAA,mBAAmB,CAAC,aAAa,CAAC,qBAAqB,0CAAE,GAAG,0CAAE,kCAAkC,CAAA;QAElG,4FAA4F;QAC5F,gDAAgD;QAChD,IAAI,yBAAyB,KAAK,SAAS,EAAE,CAAC;YAC5C,mBAAmB,GAAG,OAAO,CAAC,4CAA4C,CAAA;QAC5E,CAAC;aAAM,CAAC;YACN,QAAQ,mBAAmB,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;gBACjD,KAAK,0CAAiC,CAAC,SAAS,CAAC;gBACjD,KAAK,0CAAiC,CAAC,WAAW,CAAC;gBACnD,KAAK,0CAAiC,CAAC,OAAO,CAAC;gBAC/C,KAAK,0CAAiC,CAAC,OAAO;oBAC5C,mBAAmB,GAAG,OAAO,CAAC,4CAA4C,CAAC,MAAM,CAAC,CAAC,kBAAkB,EAAE,EAAE,CACvG,yBAAyB,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CACvD,CAAA;oBACD,MAAK;gBACP,KAAK,0CAAiC,CAAC,KAAK;oBAC1C,mBAAmB,GAAG,OAAO,CAAC,4CAA4C,CAAC,MAAM,CAAC,CAAC,kBAAkB,EAAE,EAAE;wBACvG,MAAM,QAAQ,GAAG,IAAA,2CAAoC,EAAC,kBAAkB,CAAC,CAAA;wBACzE,IAAI,CAAC,QAAQ;4BAAE,OAAO,KAAK,CAAA;wBAE3B,MAAM,aAAa,GAAG,sBAAsB,CAAC,eAAe,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;wBAC9E,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;4BAAE,OAAO,KAAK,CAAA;wBAE5C,OAAO,yBAAyB,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;oBACvE,CAAC,CAAC,CAAA;oBACF,MAAK;gBACP;oBACE,MAAM,IAAI,iBAAU,CAAC,gCAAgC,CAAC,CAAA;YAC1D,CAAC;QACH,CAAC;QAED,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrC,MAAM,IAAI,iBAAU,CAClB,sDAAsD,mBAAmB,CAAC,aAAa,CAAC,MAAM,WAC5F,mBAAmB,CAAC,EACtB,gDACE,MAAA,yBAAyB,aAAzB,yBAAyB,uBAAzB,yBAAyB,CAAE,IAAI,CAAC,IAAI,CAAC,mCAAI,aAC3C,qBAAqB,OAAO,CAAC,4CAA4C,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CACxF,CAAA;QACH,CAAC;QAED,MAAM,6BAA6B,GAAG,mBAAmB,CAAC,aAAa,CAAC,uCAAuC,CAAA;QAC/G,MAAM,qBAAqB,GAAG,MAAA,6BAA6B,aAA7B,6BAA6B,uBAA7B,6BAA6B,CAAE,QAAQ,CAAC,KAAK,CAAC,mCAAI,KAAK,CAAA;QACrF,MAAM,mBAAmB,GAAG,6BAA6B,aAA7B,6BAA6B,uBAA7B,6BAA6B,CAAE,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAA;QAExG,8HAA8H;QAC9H,MAAM,eAAe,GAAG,MAAA,6BAA6B,aAA7B,6BAA6B,uBAA7B,6BAA6B,CAAE,QAAQ,CAAC,UAAU,CAAC,mCAAI,KAAK,CAAA;QACpF,MAAM,WAAW,GAAG,CAAA,6BAA6B,aAA7B,6BAA6B,uBAA7B,6BAA6B,CAAE,QAAQ,CAAC,KAAK,CAAC,KAAI,eAAe,CAAA;QAErF,OAAO;YACL,mBAAmB;YACnB,mBAAmB;YACnB,qBAAqB;YACrB,WAAW;SACZ,CAAA;IACH,CAAC;IAEO,KAAK,CAAC,wBAAwB,CACpC,YAA0B,EAC1B,kBAAsC,EACtC,OAKC;;QAED,MAAM,EAAE,sBAAsB,EAAE,yBAAyB,EAAE,GAAG,OAAO,CAAA;QACrE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,kBAAkB,CAAC,CAAA;QAE5D,MAAM,WAAW,GACf,MAAA,kBAAkB,CAAC,WAAW,mCAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;QACjH,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,iBAAU,CAAC,gFAAgF,CAAC,CAAA;QACxG,CAAC;QAED,MAAM,cAAc,GAAG,kBAAkB,CAAC,eAAe,CAAA;QAEzD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAA;QAC7B,IAAI,MAAM,KAAK,0CAAiC,CAAC,OAAO,EAAE,CAAC;YACzD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;gBACrD,MAAM,IAAI,iBAAU,CAClB,oCAAoC,MAAM,6CAA6C,IAAI,CAAC,SAAS,CACnG,WAAW,CACZ,EAAE,CACJ,CAAA;YACH,CAAC;YAED,MAAM,UAAU,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,iBAAU,CAAC,CAAA;YACrE,MAAM,mBAAmB,GAAG,MAAM,OAAO,CAAC,GAAG,CAC3C,WAAW,CAAC,GAAG,CAAC,CAAC,cAAc,EAAE,EAAE,CACjC,UAAU,CAAC,MAAM,CAAC;gBAChB,cAAc;aACf,CAAC,CACH,CACF,CAAA;YAED,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3D,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,kCAAkC,EAAE,EAAE,mBAAmB,EAAE,CAAC,CAAA;gBAC7F,MAAM,IAAI,iBAAU,CAClB,uDAAuD,IAAI,CAAC,SAAS,CAAC,mBAAmB,CAAC,EAAE,CAC7F,CAAA;YACH,CAAC;YAED,OAAO;gBACL,WAAW,EAAE,mBAAmB,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC;gBAChE,cAAc;gBACd,yBAAyB;aAC1B,CAAA;QACH,CAAC;aAAM,IACL,OAAO,CAAC,MAAM,KAAK,0CAAiC,CAAC,SAAS;YAC9D,OAAO,CAAC,MAAM,KAAK,0CAAiC,CAAC,WAAW,EAChE,CAAC;YACD,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;gBACrD,MAAM,IAAI,iBAAU,CAClB,oCAAoC,MAAM,6CAA6C,IAAI,CAAC,SAAS,CACnG,WAAW,CACZ,EAAE,CACJ,CAAA;YACH,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAC9B,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;gBAC1B,MAAM,UAAU,GAAG,iCAA0B,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAA;gBAClE,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,gBAAgB,CAAC,YAAY,EAAE;oBAC5E,UAAU;oBACV,sBAAsB;iBACvB,CAAC,CAAA;gBAEF,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAA;YAC/B,CAAC,CAAC,CACH,CAAA;YAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3C,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;gBAC9E,MAAM,IAAI,iBAAU,CAClB,0CAA0C,MAAM;qBAC7C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,MAAM,CAAC,KAAK,0CAAE,OAAO,CAAA,EAAA,CAAC;qBACnC,MAAM,CAAC,OAAO,CAAC;qBACf,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAA;YACH,CAAC;YAED,OAAO,EAAE,WAAW,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,cAAc,EAAE,yBAAyB,EAAE,CAAA;QACpG,CAAC;aAAM,IAAI,MAAM,KAAK,0CAAiC,CAAC,KAAK,EAAE,CAAC;YAC9D,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;gBACrD,MAAM,IAAI,iBAAU,CAClB,oCAAoC,MAAM,8CAA8C,IAAI,CAAC,SAAS,CACpG,WAAW,CACZ,EAAE,CACJ,CAAA;YACH,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAC9B,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;gBAC1B,MAAM,UAAU,GAAG,oCAA6B,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAA;gBAC5D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,gBAAgB,CAAC,YAAY,EAAE;oBAC5E,UAAU;oBACV,sBAAsB;iBACvB,CAAC,CAAA;gBAEF,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,CAAA;YAC/B,CAAC,CAAC,CACH,CAAA;YAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3C,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;gBAC9E,MAAM,IAAI,iBAAU,CAClB,0CAA0C,MAAM;qBAC7C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,WAAC,OAAA,MAAA,CAAC,CAAC,MAAM,CAAC,KAAK,0CAAE,OAAO,CAAA,EAAA,CAAC;qBACnC,MAAM,CAAC,OAAO,CAAC;qBACf,IAAI,CAAC,IAAI,CAAC,EAAE,CAChB,CAAA;YACH,CAAC;YAED,OAAO,EAAE,WAAW,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,cAAc,EAAE,yBAAyB,EAAE,CAAA;QACpG,CAAC;aAAM,IAAI,MAAM,KAAK,0CAAiC,CAAC,OAAO,EAAE,CAAC;YAChE,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,EAAE,CAAC;gBACrD,MAAM,IAAI,iBAAU,CAClB,oCAAoC,MAAM,6CAA6C,IAAI,CAAC,SAAS,CACnG,WAAW,CACZ,EAAE,CACJ,CAAA;YACH,CAAC;YACD,MAAM,OAAO,GAAG,YAAY,CAAC,iBAAiB,CAAC,OAAO,CAAC,cAAO,CAAC,CAAA;YAC/D,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAC9B,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE;gBACnC,MAAM,IAAI,GAAG,WAAI,CAAC,aAAa,CAAC,UAAU,CAAC,CAAA;gBAC3C,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;gBAC7C,OAAO;oBACL,MAAM;oBACN,IAAI;iBACL,CAAA;YACH,CAAC,CAAC,CACH,CAAA;YAED,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3C,YAAY,CAAC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,gCAAgC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAA;gBAC9E,MAAM,IAAI,iBAAU,CAClB,+CAA+C,MAAM;qBAClD,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;qBAC1E,MAAM,CAAC,OAAO,CAAC;qBACf,IAAI,CAAC,OAAO,CAAC,EAAE,CACnB,CAAA;YACH,CAAC;YAED,OAAO,EAAE,WAAW,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,cAAc,EAAE,yBAAyB,EAAE,CAAA;QAC9F,CAAC;QAED,MAAM,IAAI,iBAAU,CAAC,iCAAiC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;IACzE,CAAC;IAEO,SAAS,CAAC,YAA0B;QAC1C,OAAO,IAAI,uBAAa,CAAC;YACvB,SAAS,EAAE,IAAA,+BAAmB,EAAC,YAAY,CAAC;SAC7C,CAAC,CAAA;IACJ,CAAC;IAEO,eAAe,CAAC,YAA0B;QAChD,OAAO,IAAI,qBAAY,CAAC;YACtB,SAAS,EAAE,IAAA,+BAAmB,EAAC,YAAY,CAAC;SAC7C,CAAC,CAAA;IACJ,CAAC;CACF,CAAA;AA7yBY,0DAAuB;kCAAvB,uBAAuB;IADnC,IAAA,iBAAU,GAAE;IAOR,WAAA,IAAA,aAAM,EAAC,uBAAgB,CAAC,MAAM,CAAC,CAAA;6CACV,2BAAoB;QAC9B,iBAAU;GARb,uBAAuB,CA6yBnC"}