@culturefy/shared 1.0.28 → 1.0.29

package/build/src/interfaces/keycloak.d.ts

@@ -0,0 +1,151 @@
+export interface CreateRealmDto {
+    realm: string;
+    displayName?: string;
+    enabled?: boolean;
+}
+export interface CreateClientDto {
+    clientId: string;
+    name: string;
+    description: string;
+    enabled: boolean;
+    protocol: string;
+    publicClient?: boolean;
+    secret?: string;
+    directAccessGrantsEnabled?: boolean;
+    standardFlowEnabled?: boolean;
+    implicitFlowEnabled?: boolean;
+    serviceAccountsEnabled?: boolean;
+    authorizationServicesEnabled?: boolean;
+    redirectUris?: string[];
+    webOrigins?: string[];
+    bearerOnly?: boolean;
+    consentRequired?: boolean;
+    fullScopeAllowed?: boolean;
+    attributes?: {
+        tls_client_certificate_bound_access_tokens?: string;
+        client_credentials_use_refresh_token?: string;
+    };
+}
+export interface CreateUserDto {
+    username: string;
+    firstName: string;
+    lastName: string;
+    email: string;
+    password: string;
+    enabled: boolean;
+    emailVerified?: boolean;
+}
+export interface KeycloakUserLoginResponse {
+    access_token: string;
+    expires_in: number;
+    refresh_expires_in: number;
+    refresh_token: string;
+    token_type: string;
+    not_before_policy: number;
+    session_state: string;
+    scope: string;
+}
+export interface KeycloakClientLoginResponse {
+    access_token: string;
+    expires_in: number;
+    refresh_expires_in: number;
+    token_type: string;
+    not_before_policy: number;
+    scope: string;
+}
+export interface KeycloakUserResponse {
+    id: string;
+    username: string;
+    firstName: string;
+    lastName: string;
+    email: string;
+    emailVerified: boolean;
+    createdTimestamp: number;
+    enabled: boolean;
+    totp: boolean;
+    disableableCredentialTypes: string[];
+    requiredActions: string[];
+    notBefore: number;
+    access: {
+        manage: boolean;
+    };
+}
+export interface KeycloakClientResponse {
+    id: string;
+    clientId: string;
+    name: string;
+    description: string;
+    rootUrl: string;
+    adminUrl: string;
+    baseUrl: string;
+    surrogateAuthRequired: boolean;
+    enabled: boolean;
+    alwaysDisplayInConsole: boolean;
+    clientAuthenticatorType: string;
+    secret: string;
+    redirectUris: string[];
+    webOrigins: string[];
+    notBefore: number;
+    bearerOnly: boolean;
+    consentRequired: boolean;
+    standardFlowEnabled: boolean;
+    implicitFlowEnabled: boolean;
+    directAccessGrantsEnabled: boolean;
+    serviceAccountsEnabled: boolean;
+    publicClient: boolean;
+    frontchannelLogout: boolean;
+    protocol: string;
+    attributes: Record<string, string>;
+    authenticationFlowBindingOverrides: Record<string, string>;
+    fullScopeAllowed: boolean;
+    nodeReRegistrationTimeout: number;
+    defaultClientScopes: string[];
+    optionalClientScopes: string[];
+    access: {
+        view: boolean;
+        configure: boolean;
+        manage: boolean;
+    };
+}
+export interface KeycloakClientSecretResponse {
+    key: string;
+    value: string;
+}
+export interface KeycloakUserLoginDto {
+    email: string;
+    password: string;
+    username?: string;
+}
+export interface KeycloakRoleResponse {
+    id: string;
+    name: string;
+    description: string;
+    composite: boolean;
+    clientRole: boolean;
+    containerId: string;
+}
+export interface KeycloakIntrospectTokenResponse {
+    exp: number;
+    iat: number;
+    jti: string;
+    iss: string;
+    aud: string;
+    sub: string;
+    typ: string;
+    azp: string;
+    sid: string;
+    acr: string;
+    realm_access: Record<string, any>;
+    resource_access: Record<string, any>;
+    scope: string;
+    email_verified: boolean;
+    name: string;
+    preferred_username: string;
+    given_name: string;
+    family_name: string;
+    email: string;
+    client_id: string;
+    username: string;
+    token_type: string;
+    active: boolean;
+}

package/build/src/interfaces/keycloak.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=keycloak.js.map

package/build/src/interfaces/keycloak.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"keycloak.js","sourceRoot":"","sources":["../../../src/interfaces/keycloak.ts"],"names":[],"mappings":""}

package/build/src/interfaces/user.d.ts

@@ -0,0 +1,5 @@
+export interface ICreateUser {
+    userId: string;
+    email: string;
+    businessId: string;
+}

package/build/src/interfaces/user.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=user.js.map

package/build/src/interfaces/user.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"user.js","sourceRoot":"","sources":["../../../src/interfaces/user.ts"],"names":[],"mappings":""}

package/build/src/middlewares/index.d.ts

@@ -0,0 +1 @@
+export * from './token-validation';

package/build/src/middlewares/index.js

@@ -0,0 +1,5 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const tslib_1 = require("tslib");
+tslib_1.__exportStar(require("./token-validation"), exports);
+//# sourceMappingURL=index.js.map

package/build/src/middlewares/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/middlewares/index.ts"],"names":[],"mappings":";;;AAAA,6DAAmC"}

package/build/src/middlewares/token-validation.d.ts

@@ -0,0 +1,17 @@
+import IUser from "../models/user.model";
+import { HttpRequest, InvocationContext } from "@azure/functions";
+interface TokenValidationResult {
+    status: boolean;
+    message: string;
+    data?: {
+        cookies: {
+            access_token: string;
+            refresh_token: string;
+            expires_in?: number;
+            refresh_expires_in?: number;
+        };
+        user: IUser;
+    };
+}
+export declare function tokenValidation(request: HttpRequest, domain: string, context: InvocationContext): Promise<TokenValidationResult>;
+export {};

package/build/src/middlewares/token-validation.js

@@ -0,0 +1,329 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.tokenValidation = tokenValidation;
+const tslib_1 = require("tslib");
+const enums_1 = require("../enums");
+const user_service_1 = require("../service/user.service");
+const keycloak_service_1 = require("../service/keycloak.service");
+const utils_1 = require("../utils");
+function tokenValidation(request, domain, context) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        try {
+            let cookies = (0, utils_1.parseCookies)(request, context);
+            let accessToken = cookies["culturefy-auth-token"];
+            let refreshToken = cookies["culturefy-refresh-token"];
+            let expiresIn, refreshExpiresIn;
+            if (!accessToken)
+                return { status: false, message: "Access token is required" };
+            const keycloakService = yield initializeKeycloakService(context);
+            const tokenValidation = yield validateToken(accessToken, context);
+            if (!tokenValidation.success) {
+                if (tokenValidation.expired) {
+                    const { data } = tokenValidation;
+                    if (!data)
+                        return { status: false, message: "Invalid access token." };
+                    let { userId, clientId, realm, email } = data;
+                    if (!clientId)
+                        return { status: false, message: "Invalid access token provided" };
+                    if (!userId)
+                        return { status: false, message: "Invalid access token provided" };
+                    if (!realm)
+                        return { status: false, message: "Invalid access token provided" };
+                    context.log("Refreshing token for user:", JSON.stringify({ userId, clientId, realm, email }));
+                    const refreshTokenResponse = yield handleTokenRefresh(keycloakService, refreshToken, userId, clientId, realm, email, domain, context);
+                    if (!refreshTokenResponse.success)
+                        return { status: false, message: refreshTokenResponse.message };
+                    const { data: refreshTokenData } = refreshTokenResponse;
+                    if (!refreshTokenData)
+                        return { status: false, message: "Invalid refresh token." };
+                    context.log("Refreshed token for user:", JSON.stringify({ userId, clientId, realm, email }));
+                    accessToken = refreshTokenData.access_token;
+                    refreshToken = refreshTokenData.refresh_token;
+                    expiresIn = refreshTokenData.expires_in;
+                    refreshExpiresIn = refreshTokenData.refresh_expires_in;
+                }
+                else {
+                    return { status: false, message: tokenValidation.message };
+                }
+            }
+            const { data } = tokenValidation;
+            if (!data)
+                return { status: false, message: "Invalid access token." };
+            let { userId, clientId, realm, email } = data;
+            if (!clientId)
+                return { status: false, message: "Invalid access token provided" };
+            if (!userId)
+                return { status: false, message: "Invalid access token provided" };
+            if (!realm)
+                return { status: false, message: "Invalid access token provided" };
+            if (!email)
+                return { status: false, message: "Invalid access token provided" };
+            context.log("Validating user:", JSON.stringify({ userId, clientId, realm, email }));
+            let verifyFromDb;
+            let userInfo;
+            if (domain === "accounts.culturefy.app") {
+                const introspectionValid = yield validateTokenIntrospection(keycloakService, accessToken, realm, clientId, domain, context);
+                if (!introspectionValid)
+                    return { status: false, message: "Token introspection failed" };
+                context.log("Token introspection successful");
+                realm = "superadmin";
+                clientId = "cfy-superadmin-web";
+                userInfo = yield keycloakService.getUserByToken(realm, accessToken);
+                context.log("User info-1:", JSON.stringify(userInfo));
+                if (!userInfo.email)
+                    return { status: false, message: "User email not found" };
+                if (userInfo.email !== email)
+                    return { status: false, message: "User email does not match" };
+                email = userInfo.email;
+                verifyFromDb = yield validateUserByEmail(email, context);
+                if (!verifyFromDb.success)
+                    return { status: false, message: verifyFromDb.message };
+            }
+            else {
+                clientId = "cfy-web";
+                verifyFromDb = yield validateUserByRealm(realm, email, context);
+            }
+            if (!verifyFromDb.success)
+                return { status: false, message: verifyFromDb.message };
+            const user = verifyFromDb.user;
+            if (!user)
+                return { status: false, message: "User not found." };
+            context.log("User:", JSON.stringify(user));
+            const introspectionValid = yield validateTokenIntrospection(keycloakService, accessToken, realm, clientId, domain, context);
+            if (!introspectionValid)
+                return { status: false, message: "Token introspection failed" };
+            context.log("Token introspection successful");
+            if (domain === "accounts.culturefy.app") {
+                realm = "superadmin";
+                clientId = "cfy-superadmin-web";
+            }
+            else {
+                if (!user.businessId)
+                    return { status: false, message: "User not found" };
+                realm = user.businessId.toString();
+                clientId = "cfy-web";
+            }
+            if (!userInfo) {
+                userInfo = yield keycloakService.getUserByToken(realm, accessToken);
+                context.log("User info-2:", JSON.stringify(userInfo));
+            }
+            if (!userInfo)
+                return { status: false, message: "User info not found" };
+            let updatedCookies = {
+                access_token: accessToken,
+                refresh_token: refreshToken,
+            };
+            if (expiresIn)
+                updatedCookies.expires_in = expiresIn;
+            if (refreshExpiresIn)
+                updatedCookies.refresh_expires_in = refreshExpiresIn;
+            return {
+                status: true,
+                message: "Token is valid",
+                data: {
+                    cookies: updatedCookies,
+                    user: user
+                }
+            };
+        }
+        catch (error) {
+            context.error("Culturefy token validation error:", error);
+            return { status: false, message: "Internal server error during culturefy token validation" };
+        }
+    });
+}
+function initializeKeycloakService(context) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        const [keycloakBaseUrl, keycloakAdminClientId, keycloakAdminClientSecret] = yield Promise.all([
+            (0, utils_1.getAzureVaultSecretByKey)(context, process.env.AZURE_KEY_VAULT_NAME || "", enums_1.AzureSecretKeysEnum.KEYCLOAK_BASE_URL),
+            (0, utils_1.getAzureVaultSecretByKey)(context, process.env.AZURE_KEY_VAULT_NAME || "", enums_1.AzureSecretKeysEnum.KEYCLOAK_ADMIN_CLIENT_ID),
+            (0, utils_1.getAzureVaultSecretByKey)(context, process.env.AZURE_KEY_VAULT_NAME || "", enums_1.AzureSecretKeysEnum.KEYCLOAK_ADMIN_CLIENT_SECRET)
+        ]);
+        return new keycloak_service_1.KeycloakAdminService(context, {
+            baseUrl: keycloakBaseUrl,
+            adminClientId: keycloakAdminClientId,
+            adminClientSecret: keycloakAdminClientSecret
+        });
+    });
+}
+function validateToken(accessToken, context) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        const currentTime = Math.floor(Date.now() / 1000);
+        const decoded = (0, utils_1.verifyJsonWebToken)(accessToken);
+        if (!decoded)
+            return { success: false, message: "Invalid access token format" };
+        let { iat, exp, sub: userId, azp: clientId, iss, email } = decoded;
+        if (!userId || !clientId || !iss)
+            return { success: false, message: "Access token missing required claims (sub or azp or iss)" };
+        context.log("Access token claims:", JSON.stringify(decoded));
+        let realm = iss.split("/")[iss.split("/").length - 1];
+        if (!realm)
+            return { success: false, message: "Access token missing required claims (iss)" };
+        if (exp && exp < currentTime)
+            return { success: false, message: "Access token expired and refresh token not provided", expired: true, data: { userId, clientId, realm, email } };
+        if (iat && iat > currentTime)
+            return { success: false, message: "Invalid token issuance time" };
+        return {
+            success: true,
+            message: "Token is valid",
+            data: { userId, clientId, realm, email }
+        };
+    });
+}
+function handleTokenRefresh(keycloakService, refreshToken, userId, clientId, realm, email, domain, context) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        const currentTime = Math.floor(Date.now() / 1000);
+        if (!clientId)
+            return { success: false, message: "Client ID is missing" };
+        if (!userId)
+            return { success: false, message: "User ID is missing" };
+        if (!realm)
+            return { success: false, message: "Realm is missing" };
+        if (!refreshToken)
+            return { success: false, message: "Refresh token is missing" };
+        if (!email)
+            return { success: false, message: "Email is missing" };
+        if (!domain)
+            return { success: false, message: "Domain is missing" };
+        context.info("values:", { clientId, userId, realm, email, domain });
+        const refreshTokenDecoded = (0, utils_1.verifyJsonWebToken)(refreshToken);
+        if (!refreshTokenDecoded)
+            return { success: false, message: "Invalid refresh token format" };
+        let { iss: refreshIss } = refreshTokenDecoded;
+        refreshIss = refreshIss.split("/")[refreshIss.split("/").length - 1];
+        const { iat: refreshIat, exp: refreshExp, sub: refreshUserId, azp: refreshClientId, email: refreshEmail } = refreshTokenDecoded;
+        context.info("refreshTokenDecoded:", JSON.stringify({ refreshUserId, refreshClientId, refreshIss, refreshEmail }));
+        if (!refreshUserId || !refreshClientId || !refreshIss)
+            return { success: false, message: "Refresh token missing required claims (sub or azp or iss)" };
+        if (refreshExp && refreshExp < currentTime)
+            return { success: false, message: "Refresh token has expired" };
+        if (refreshIat && refreshIat > currentTime)
+            return { success: false, message: "Invalid refresh token issuance time" };
+        if (refreshUserId !== userId || refreshClientId !== clientId || refreshIss !== realm || refreshEmail !== email)
+            return { success: false, message: "Refresh token does not match access token user" };
+        if (domain === "accounts.culturefy.app") {
+            realm = "superadmin";
+            clientId = "cfy-superadmin-web";
+        }
+        else {
+            realm = realm;
+            clientId = "cfy-web";
+        }
+        const newToken = yield keycloakService.refreshToken(realm, clientId, refreshToken);
+        if (!newToken)
+            return { success: false, message: "Failed to refresh access token" };
+        const newTokenDecoded = (0, utils_1.verifyJsonWebToken)(newToken.access_token);
+        if (!newTokenDecoded)
+            return { success: false, message: "Invalid new token format" };
+        const { iat: newIat, exp: newExp, sub: newUserId, azp: newClientId, iss: newIss, email: newEmail } = newTokenDecoded;
+        if (!newUserId || !newClientId || !newIss || !newEmail)
+            return { success: false, message: "New token missing required claims (sub or azp or iss or email)" };
+        if (newExp && newExp < currentTime)
+            return { success: false, message: "New token has expired" };
+        if (newIat && newIat > currentTime)
+            return { success: false, message: "Invalid new token issuance time" };
+        context.info("Token refreshed successfully for user:", userId);
+        return {
+            success: true,
+            message: "Token refreshed successfully",
+            data: {
+                access_token: newToken.access_token, expires_in: newToken.expires_in,
+                refresh_token: newToken.refresh_token, refresh_expires_in: newToken.refresh_expires_in
+            }
+        };
+    });
+}
+function validateUserByRealm(realm, email, context) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        try {
+            const authDbUrl = yield (0, utils_1.getAzureVaultSecretByKey)(context, process.env.AZURE_KEY_VAULT_NAME || "", enums_1.AzureSecretKeysEnum.DB_CONNECTING_STRING_USER);
+            const userService = new user_service_1.UserService(context, authDbUrl);
+            let user = null;
+            context.log("Getting user by realm:", realm);
+            try {
+                user = yield userService.getUserByBusinessId(realm, email);
+            }
+            catch (err) {
+                context.error(`Failed to get user by realm:`, err);
+                return { success: false, message: "User not found.." };
+            }
+            context.log("User:", JSON.stringify(user));
+            if (!user)
+                return { success: false, message: "User not found..." };
+            yield userService.disconnect();
+            return { success: true, message: "User validation successful", user };
+        }
+        catch (error) {
+            context.error("User validation error:", error);
+            return { success: false, message: "Error validating user information" };
+        }
+    });
+}
+function validateUserByEmail(email, context) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        try {
+            const authDbUrl = yield (0, utils_1.getAzureVaultSecretByKey)(context, process.env.AZURE_KEY_VAULT_NAME || "", enums_1.AzureSecretKeysEnum.DB_CONNECTING_STRING_USER);
+            const userService = new user_service_1.UserService(context, authDbUrl);
+            let user = null;
+            context.log("Getting user by email:", email);
+            try {
+                user = yield userService.getUserByEmail(email);
+            }
+            catch (err) {
+                context.error(`Failed to get user by email:`, err);
+                return { success: false, message: "User not found.." };
+            }
+            context.log("User:", JSON.stringify(user));
+            if (!user)
+                return { success: false, message: "User not found..." };
+            yield userService.disconnect();
+            return { success: true, message: "User validation successful", user };
+        }
+        catch (error) {
+            context.error("User validation error:", error);
+            return { success: false, message: "Error validating user information" };
+        }
+    });
+}
+function validateTokenIntrospection(keycloakService, token, realm, clientId, domain, context) {
+    return tslib_1.__awaiter(this, void 0, void 0, function* () {
+        var _a, _b, _c;
+        try {
+            if (!realm)
+                return false;
+            if (!clientId)
+                return false;
+            if (!token)
+                return false;
+            if (domain === "accounts.culturefy.app") {
+                realm = "superadmin";
+                clientId = "cfy-superadmin-web";
+            }
+            else {
+                realm = realm;
+                clientId = "cfy-web";
+            }
+            context.info("Validating token with Keycloak introspection");
+            const introspection = yield keycloakService.introspectToken(realm, clientId, token);
+            if (!introspection.active) {
+                context.warn("Token introspection returned inactive token");
+                return false;
+            }
+            context.info("Token introspection successful - token is active");
+            return true;
+        }
+        catch (error) {
+            context.error("Token introspection error:", error);
+            if ((_a = error.message) === null || _a === void 0 ? void 0 : _a.includes('Client not allowed')) {
+                context.warn("Admin-cli client does not have introspection permissions - this is expected");
+                return true;
+            }
+            if ((_b = error.message) === null || _b === void 0 ? void 0 : _b.includes('Invalid token'))
+                return false;
+            if ((_c = error.message) === null || _c === void 0 ? void 0 : _c.includes('Token is not active'))
+                return false;
+            return false;
+        }
+    });
+}
+//# sourceMappingURL=token-validation.js.map

package/build/src/middlewares/token-validation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"token-validation.js","sourceRoot":"","sources":["../../../src/middlewares/token-validation.ts"],"names":[],"mappings":";;AA+BA,0CAuJC;;AApLD,oCAA+C;AAC/C,0DAAsD;AAEtD,kEAAmE;AACnE,oCAAsF;AAyBtF,SAAsB,eAAe,CAAC,OAAoB,EAAE,MAAc,EAAE,OAA0B;;QAClG,IAAI,CAAC;YACD,IAAI,OAAO,GAAG,IAAA,oBAAY,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAC7C,IAAI,WAAW,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;YAClD,IAAI,YAAY,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC;YAEtD,IAAI,SAAS,EAAE,gBAAgB,CAAC;YAEhC,IAAI,CAAC,WAAW;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC;YAEhF,MAAM,eAAe,GAAG,MAAM,yBAAyB,CAAC,OAAO,CAAC,CAAC;YAEjE,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;YAElE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC;gBAC3B,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;oBAC1B,MAAM,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC;oBACjC,IAAI,CAAC,IAAI;wBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC;oBAEtE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;oBAE9C,IAAI,CAAC,QAAQ;wBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC;oBAClF,IAAI,CAAC,MAAM;wBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC;oBAChF,IAAI,CAAC,KAAK;wBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC;oBAE/E,OAAO,CAAC,GAAG,CAAC,4BAA4B,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;oBAE9F,MAAM,oBAAoB,GAAG,MAAM,kBAAkB,CAAC,eAAe,EAAE,YAAY,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;oBACtI,IAAI,CAAC,oBAAoB,CAAC,OAAO;wBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,oBAAoB,CAAC,OAAO,EAAE,CAAC;oBAEnG,MAAM,EAAE,IAAI,EAAE,gBAAgB,EAAE,GAAG,oBAAoB,CAAC;oBACxD,IAAI,CAAC,gBAAgB;wBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;oBAEnF,OAAO,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;oBAE7F,WAAW,GAAG,gBAAgB,CAAC,YAAY,CAAC;oBAC5C,YAAY,GAAG,gBAAgB,CAAC,aAAa,CAAC;oBAC9C,SAAS,GAAG,gBAAgB,CAAC,UAAU,CAAC;oBACxC,gBAAgB,GAAG,gBAAgB,CAAC,kBAAkB,CAAC;gBAE3D,CAAC;qBAAM,CAAC;oBACJ,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,eAAe,CAAC,OAAO,EAAE,CAAC;gBAC/D,CAAC;YACL,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,GAAG,eAAe,CAAC;YAEjC,IAAI,CAAC,IAAI;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC;YAEtE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;YAE9C,IAAI,CAAC,QAAQ;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC;YAClF,IAAI,CAAC,MAAM;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC;YAChF,IAAI,CAAC,KAAK;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC;YAC/E,IAAI,CAAC,KAAK;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,+BAA+B,EAAE,CAAC;YAE/E,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;YAEpF,IAAI,YAAY,CAAC;YACjB,IAAI,QAAQ,CAAC;YAEb,IAAG,MAAM,KAAK,wBAAwB,EAAE,CAAC;gBACrC,MAAM,kBAAkB,GAAG,MAAM,0BAA0B,CACvD,eAAe,EACf,WAAW,EACX,KAAK,EACL,QAAQ,EACR,MAAM,EACN,OAAO,CACV,CAAC;gBAEF,IAAI,CAAC,kBAAkB;oBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,4BAA4B,EAAE,CAAC;gBACzF,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;gBAE9C,KAAK,GAAG,YAAY,CAAC;gBACrB,QAAQ,GAAG,oBAAoB,CAAC;gBAEhC,QAAQ,GAAG,MAAM,eAAe,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAEtD,IAAG,CAAC,QAAQ,CAAC,KAAK;oBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC;gBAC9E,IAAG,QAAQ,CAAC,KAAK,KAAK,KAAK;oBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;gBAC5F,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;gBACvB,YAAY,GAAG,MAAM,mBAAmB,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACzD,IAAI,CAAC,YAAY,CAAC,OAAO;oBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,CAAC,OAAO,EAAE,CAAC;YACvF,CAAC;iBAAM,CAAC;gBACJ,QAAQ,GAAG,SAAS,CAAC;gBACrB,YAAY,GAAG,MAAM,mBAAmB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;YACpE,CAAC;YAED,IAAI,CAAC,YAAY,CAAC,OAAO;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,CAAC,OAAO,EAAE,CAAC;YAEnF,MAAM,IAAI,GAAG,YAAY,CAAC,IAAI,CAAC;YAE/B,IAAI,CAAC,IAAI;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC;YAChE,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;YAE3C,MAAM,kBAAkB,GAAG,MAAM,0BAA0B,CACvD,eAAe,EACf,WAAW,EACX,KAAK,EACL,QAAQ,EACR,MAAM,EACN,OAAO,CACV,CAAC;YAEF,IAAI,CAAC,kBAAkB;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,4BAA4B,EAAE,CAAC;YACzF,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;YAE9C,IAAI,MAAM,KAAK,wBAAwB,EAAE,CAAC;gBACtC,KAAK,GAAG,YAAY,CAAC;gBACrB,QAAQ,GAAG,oBAAoB,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACJ,IAAG,CAAC,IAAI,CAAC,UAAU;oBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,gBAAgB,EAAE,CAAC;gBACzE,KAAK,GAAG,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;gBACnC,QAAQ,GAAG,SAAS,CAAC;YACzB,CAAC;YAED,IAAG,CAAC,QAAQ,EAAE,CAAC;gBACX,QAAQ,GAAG,MAAM,eAAe,CAAC,cAAc,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;gBACpE,OAAO,CAAC,GAAG,CAAC,cAAc,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC1D,CAAC;YAED,IAAG,CAAC,QAAQ;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,qBAAqB,EAAE,CAAC;YAEvE,IAAI,cAAc,GAKd;gBACA,YAAY,EAAE,WAAW;gBACzB,aAAa,EAAE,YAAY;aAC9B,CAAC;YAEF,IAAG,SAAS;gBAAE,cAAc,CAAC,UAAU,GAAG,SAAS,CAAC;YACpD,IAAG,gBAAgB;gBAAE,cAAc,CAAC,kBAAkB,GAAG,gBAAgB,CAAC;YAE1E,OAAO;gBACH,MAAM,EAAE,IAAI;gBACZ,OAAO,EAAE,gBAAgB;gBACzB,IAAI,EAAE;oBACF,OAAO,EAAE,cAAc;oBACvB,IAAI,EAAE,IAAI;iBACb;aACJ,CAAC;QAEN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;YAC1D,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,yDAAyD,EAAE,CAAC;QACjG,CAAC;IACL,CAAC;CAAA;AAED,SAAe,yBAAyB,CAAC,OAA0B;;QAC/D,MAAM,CAAC,eAAe,EAAE,qBAAqB,EAAE,yBAAyB,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YAC1F,IAAA,gCAAwB,EACpB,OAAO,EACP,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,EACtC,2BAAmB,CAAC,iBAAiB,CACxC;YACD,IAAA,gCAAwB,EACpB,OAAO,EACP,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,EACtC,2BAAmB,CAAC,wBAAwB,CAC/C;YACD,IAAA,gCAAwB,EACpB,OAAO,EACP,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,EACtC,2BAAmB,CAAC,4BAA4B,CACnD;SACJ,CAAC,CAAC;QAEH,OAAO,IAAI,uCAAoB,CAAC,OAAO,EAAE;YACrC,OAAO,EAAE,eAAyB;YAClC,aAAa,EAAE,qBAA+B;YAC9C,iBAAiB,EAAE,yBAAmC;SACzD,CAAC,CAAC;IACP,CAAC;CAAA;AAED,SAAe,aAAa,CACxB,WAAmB,EACnB,OAA0B;;QAY1B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAElD,MAAM,OAAO,GAAG,IAAA,0BAAkB,EAAC,WAAW,CAAC,CAAC;QAEhD,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC;QAEhF,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,OAAsB,CAAC;QAElF,IAAI,CAAC,MAAM,IAAI,CAAC,QAAQ,IAAI,CAAC,GAAG;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,0DAA0D,EAAE,CAAC;QACjI,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAE7D,IAAI,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACtD,IAAG,CAAC,KAAK;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;QAE5F,IAAI,GAAG,IAAI,GAAG,GAAG,WAAW;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,qDAAqD,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE,CAAC;QAEjL,IAAI,GAAG,IAAI,GAAG,GAAG,WAAW;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,6BAA6B,EAAE,CAAC;QAEhG,OAAO;YACH,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,gBAAgB;YACzB,IAAI,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE;SAC3C,CAAC;IACN,CAAC;CAAA;AAED,SAAe,kBAAkB,CAC7B,eAAqC,EACrC,YAAoB,EACpB,MAAc,EACd,QAAgB,EAChB,KAAa,EACb,KAAa,EACb,MAAc,EACd,OAA0B;;QAW1B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;QAElD,IAAG,CAAC,QAAQ;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,sBAAsB,EAAE,CAAC;QACzE,IAAG,CAAC,MAAM;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,oBAAoB,EAAE,CAAC;QACrE,IAAG,CAAC,KAAK;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC;QAClE,IAAG,CAAC,YAAY;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC;QACjF,IAAG,CAAC,KAAK;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC;QAClE,IAAG,CAAC,MAAM;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC;QAEpE,OAAO,CAAC,IAAI,CAAC,SAAS,EAAE,EAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAC,CAAC,CAAC;QAElE,MAAM,mBAAmB,GAAG,IAAA,0BAAkB,EAAC,YAAY,CAAC,CAAC;QAC7D,IAAI,CAAC,mBAAmB;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;QAE7F,IAAI,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,mBAAkC,CAAC;QAC7D,UAAU,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAErE,MAAM,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,GAAG,EAAE,aAAa,EAAE,GAAG,EAAE,eAAe,EAAE,KAAK,EAAE,YAAY,EAAE,GAAG,mBAAkC,CAAC;QAE/I,OAAO,CAAC,IAAI,CAAC,sBAAsB,EAAE,IAAI,CAAC,SAAS,CAAC,EAAC,aAAa,EAAE,eAAe,EAAE,UAAU,EAAE,YAAY,EAAC,CAAC,CAAC,CAAC;QAEjH,IAAI,CAAC,aAAa,IAAI,CAAC,eAAe,IAAI,CAAC,UAAU;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,2DAA2D,EAAE,CAAC;QAEvJ,IAAI,UAAU,IAAI,UAAU,GAAG,WAAW;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,2BAA2B,EAAE,CAAC;QAE5G,IAAI,UAAU,IAAI,UAAU,GAAG,WAAW;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,qCAAqC,EAAE,CAAC;QAEtH,IAAI,aAAa,KAAK,MAAM,IAAI,eAAe,KAAK,QAAQ,IAAI,UAAU,KAAK,KAAK,IAAI,YAAY,KAAK,KAAK;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,gDAAgD,EAAE,CAAC;QAErM,IAAG,MAAM,KAAK,wBAAwB,EAAE,CAAC;YACrC,KAAK,GAAG,YAAY,CAAC;YACrB,QAAQ,GAAG,oBAAoB,CAAC;QACpC,CAAC;aAAM,CAAC;YACJ,KAAK,GAAG,KAAK,CAAC;YACd,QAAQ,GAAG,SAAS,CAAC;QACzB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,YAAY,CAAC,KAAK,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACnF,IAAI,CAAC,QAAQ;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,gCAAgC,EAAE,CAAC;QAEpF,MAAM,eAAe,GAAG,IAAA,0BAAkB,EAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAClE,IAAI,CAAC,eAAe;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC;QAErF,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,WAAW,EAAE,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,eAA8B,CAAC;QAEpI,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,IAAI,CAAC,MAAM,IAAI,CAAC,QAAQ;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,gEAAgE,EAAE,CAAC;QAE7J,IAAI,MAAM,IAAI,MAAM,GAAG,WAAW;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC;QAEhG,IAAI,MAAM,IAAI,MAAM,GAAG,WAAW;YAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,iCAAiC,EAAE,CAAC;QAE1G,OAAO,CAAC,IAAI,CAAC,wCAAwC,EAAE,MAAM,CAAC,CAAC;QAE/D,OAAO;YACH,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,8BAA8B;YACvC,IAAI,EAAE;gBACF,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,UAAU,EAAE,QAAQ,CAAC,UAAU;gBACpE,aAAa,EAAE,QAAQ,CAAC,aAAa,EAAE,kBAAkB,EAAE,QAAQ,CAAC,kBAAkB;aACzF;SACJ,CAAC;IACN,CAAC;CAAA;AAED,SAAe,mBAAmB,CAC9B,KAAa,EACb,KAAa,EACb,OAA0B;;QAM1B,IAAI,CAAC;YACD,MAAM,SAAS,GAAG,MAAM,IAAA,gCAAwB,EAC5C,OAAO,EACP,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,EACtC,2BAAmB,CAAC,yBAAyB,CAChD,CAAC;YAEF,MAAM,WAAW,GAAG,IAAI,0BAAW,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YAExD,IAAI,IAAI,GAAG,IAAI,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YAC7C,IAAI,CAAC;gBACD,IAAI,GAAG,MAAM,WAAW,CAAC,mBAAmB,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YAC/D,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;gBACnD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC;YAC3D,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;YAE3C,IAAI,CAAC,IAAI;gBAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC;YAEnE,MAAM,WAAW,CAAC,UAAU,EAAE,CAAC;YAE/B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,4BAA4B,EAAE,IAAI,EAAE,CAAC;QAE1E,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YAC/C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;QAC5E,CAAC;IACL,CAAC;CAAA;AAED,SAAe,mBAAmB,CAC9B,KAAa,EACb,OAA0B;;QAM1B,IAAI,CAAC;YACD,MAAM,SAAS,GAAG,MAAM,IAAA,gCAAwB,EAC5C,OAAO,EACP,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,EAAE,EACtC,2BAAmB,CAAC,yBAAyB,CAChD,CAAC;YAEF,MAAM,WAAW,GAAG,IAAI,0BAAW,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YAExD,IAAI,IAAI,GAAG,IAAI,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YAC7C,IAAI,CAAC;gBACD,IAAI,GAAG,MAAM,WAAW,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC;YACnD,CAAC;YAAC,OAAO,GAAQ,EAAE,CAAC;gBAChB,OAAO,CAAC,KAAK,CAAC,8BAA8B,EAAE,GAAG,CAAC,CAAC;gBACnD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,kBAAkB,EAAE,CAAC;YAC3D,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;YAE3C,IAAI,CAAC,IAAI;gBAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC;YAEnE,MAAM,WAAW,CAAC,UAAU,EAAE,CAAC;YAE/B,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,4BAA4B,EAAE,IAAI,EAAE,CAAC;QAE1E,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YAC/C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;QAC5E,CAAC;IACL,CAAC;CAAA;AAED,SAAe,0BAA0B,CACrC,eAAqC,EACrC,KAAa,EACb,KAAa,EACb,QAAgB,EAChB,MAAc,EACd,OAA0B;;;QAE1B,IAAI,CAAC;YACD,IAAG,CAAC,KAAK;gBAAE,OAAO,KAAK,CAAC;YACxB,IAAG,CAAC,QAAQ;gBAAE,OAAO,KAAK,CAAC;YAC3B,IAAG,CAAC,KAAK;gBAAE,OAAO,KAAK,CAAC;YAExB,IAAI,MAAM,KAAK,wBAAwB,EAAE,CAAC;gBACtC,KAAK,GAAG,YAAY,CAAC;gBACrB,QAAQ,GAAG,oBAAoB,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACJ,KAAK,GAAG,KAAK,CAAC;gBACd,QAAQ,GAAG,SAAS,CAAC;YACzB,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;YAC7D,MAAM,aAAa,GAAG,MAAM,eAAe,CAAC,eAAe,CAAC,KAAK,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;YAEpF,IAAI,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC;gBACxB,OAAO,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;gBAC5D,OAAO,KAAK,CAAC;YACjB,CAAC;YAED,OAAO,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;YACjE,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;YAEnD,IAAI,MAAA,KAAK,CAAC,OAAO,0CAAE,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAChD,OAAO,CAAC,IAAI,CAAC,6EAA6E,CAAC,CAAC;gBAC5F,OAAO,IAAI,CAAC;YAChB,CAAC;YAED,IAAI,MAAA,KAAK,CAAC,OAAO,0CAAE,QAAQ,CAAC,eAAe,CAAC;gBAAE,OAAO,KAAK,CAAC;YAE3D,IAAI,MAAA,KAAK,CAAC,OAAO,0CAAE,QAAQ,CAAC,qBAAqB,CAAC;gBAAE,OAAO,KAAK,CAAC;YAEjE,OAAO,KAAK,CAAC;QACjB,CAAC;IACL,CAAC;CAAA"}