@descope/nextjs-sdk 0.0.0-alpha.1

package/dist/client/dts/src/shared/constants.d.ts

@@ -0,0 +1,4 @@
+export declare const baseHeaders: {
+	'x-descope-sdk-name': string;
+	'x-descope-sdk-version': string;
+};

package/dist/client/dts/src/shared/index.d.ts

@@ -0,0 +1,3 @@
+export { default as AuthProvider } from './AuthProvider';
+export * from './DescopeFlows';
+export * from './DescopeWidgets';

package/dist/client/dts/src/types.d.ts

@@ -0,0 +1 @@
+export type TempType = {};

package/dist/client/index.d.ts

@@ -0,0 +1,12 @@
+export {
+	getJwtPermissions,
+	getJwtRoles,
+	getRefreshToken,
+	getSessionToken,
+	isRefreshTokenExpired,
+	isSessionTokenExpired,
+	refresh,
+	useDescope,
+	useSession,
+	useUser
+} from '@descope/react-sdk';

package/dist/client/index.js

@@ -0,0 +1,14 @@
+'use client';
+export {
+	getJwtPermissions,
+	getJwtRoles,
+	getRefreshToken,
+	getSessionToken,
+	isRefreshTokenExpired,
+	isSessionTokenExpired,
+	refresh,
+	useDescope,
+	useSession,
+	useUser
+} from '@descope/react-sdk';
+//# sourceMappingURL=index.js.map

package/dist/client/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";"}

package/dist/dts/src/client/index.d.ts

@@ -0,0 +1,12 @@
+export {
+	useDescope,
+	useSession,
+	useUser,
+	getSessionToken,
+	getRefreshToken,
+	isSessionTokenExpired,
+	isRefreshTokenExpired,
+	getJwtPermissions,
+	getJwtRoles,
+	refresh
+} from '@descope/react-sdk';

package/dist/dts/src/index.d.ts

@@ -0,0 +1 @@
+export * from './shared';

package/dist/dts/src/server/authMiddleware.d.ts

@@ -0,0 +1,12 @@
+import { NextRequest, NextResponse } from 'next/server';
+type MiddlewareOptions = {
+	projectId?: string;
+	baseUrl?: string;
+	redirectUrl?: string;
+	publicRoutes?: string[];
+	privateRoutes?: string[];
+};
+declare const createAuthMiddleware: (
+	options?: MiddlewareOptions
+) => (req: NextRequest) => Promise<NextResponse<unknown>>;
+export default createAuthMiddleware;

package/dist/dts/src/server/constants.d.ts

@@ -0,0 +1,9 @@
+export declare const DESCOPE_SESSION_HEADER = 'x-descope-session';
+export declare const baseHeaders: {
+	'x-descope-sdk-name': string;
+	'x-descope-sdk-version': string;
+};
+export declare const DEFAULT_PUBLIC_ROUTES: {
+	signIn: string;
+	signUp: string;
+};

package/dist/dts/src/server/index.d.ts

@@ -0,0 +1,3 @@
+export { default as authMiddleware } from './authMiddleware';
+export { session, getSession } from './session';
+export { createSdk } from './sdk';

package/dist/dts/src/server/sdk.d.ts

@@ -0,0 +1,10 @@
+import descopeSdk from '@descope/node-sdk';
+type Sdk = ReturnType<typeof descopeSdk>;
+type CreateSdkParams = Omit<Parameters<typeof descopeSdk>[0], 'projectId'> & {
+	projectId?: string | undefined;
+};
+export declare const createSdk: (config?: CreateSdkParams) => Sdk;
+export declare const getGlobalSdk: (
+	config?: Pick<CreateSdkParams, 'projectId' | 'baseUrl'>
+) => Sdk;
+export {};

package/dist/dts/src/server/session.d.ts

@@ -0,0 +1,6 @@
+import { AuthenticationInfo } from '@descope/node-sdk';
+import { NextApiRequest } from 'next';
+export declare const session: () => AuthenticationInfo | undefined;
+export declare const getSession: (
+	req: NextApiRequest
+) => AuthenticationInfo | undefined;

package/dist/dts/src/server/utils.d.ts

@@ -0,0 +1 @@
+export declare const mergeSearchParams: (...searchParams: string[]) => string;

package/dist/dts/src/shared/AuthProvider.d.ts

@@ -0,0 +1,3 @@
+import { AuthProvider as AuthProviderComp } from '@descope/react-sdk';
+declare const AuthProvider: typeof AuthProviderComp;
+export default AuthProvider;

package/dist/dts/src/shared/DescopeFlows.d.ts

@@ -0,0 +1,130 @@
+/// <reference types="react" />
+import type * as _1 from '@descope/react-sdk/node_modules/@types/react';
+import type * as _2 from '@descope/react-sdk/node_modules/@descope/web-component/dist';
+type AdditionalProps = {
+	redirectAfterSuccess?: string;
+	redirectAfterError?: string;
+};
+export declare const Descope: _1.ComponentType<
+	{
+		flowId: string;
+		onSuccess?: (
+			e: CustomEvent<import('@descope/core-js-sdk').JWTResponse>
+		) => void;
+		onError?: (
+			e: CustomEvent<{
+				errorCode: string;
+				errorDescription: string;
+				errorMessage?: string;
+				retryAfter?: string;
+			}>
+		) => void;
+		onReady?: (e: CustomEvent<{}>) => void;
+		logger?: Partial<any>;
+		tenant?: string;
+		theme?: _2.ThemeOptions;
+		locale?: string;
+		autoFocus?: _2.AutoFocusOptions;
+		validateOnBlur?: boolean;
+		restartOnError?: boolean;
+		debug?: boolean;
+		telemetryKey?: string;
+		redirectUrl?: string;
+		errorTransformer?: (error: { text: string; type: string }) => string;
+		form?: Record<string, any>;
+		client?: Record<string, any>;
+		styleId?: string;
+	} & _1.RefAttributes<HTMLElement> &
+		AdditionalProps
+>;
+export declare const SignInFlow: _1.ComponentType<
+	{
+		form?: Record<string, any>;
+		onSuccess?: (
+			e: CustomEvent<import('@descope/core-js-sdk').JWTResponse>
+		) => void;
+		onError?: (
+			e: CustomEvent<{
+				errorCode: string;
+				errorDescription: string;
+				errorMessage?: string;
+				retryAfter?: string;
+			}>
+		) => void;
+		onReady?: (e: CustomEvent<{}>) => void;
+		logger?: Partial<any>;
+		tenant?: string;
+		theme?: _2.ThemeOptions;
+		locale?: string;
+		autoFocus?: _2.AutoFocusOptions;
+		validateOnBlur?: boolean;
+		restartOnError?: boolean;
+		debug?: boolean;
+		telemetryKey?: string;
+		redirectUrl?: string;
+		errorTransformer?: (error: { text: string; type: string }) => string;
+		client?: Record<string, any>;
+		styleId?: string;
+	} & AdditionalProps
+>;
+export declare const SignUpFlow: _1.ComponentType<
+	{
+		form?: Record<string, any>;
+		onSuccess?: (
+			e: CustomEvent<import('@descope/core-js-sdk').JWTResponse>
+		) => void;
+		onError?: (
+			e: CustomEvent<{
+				errorCode: string;
+				errorDescription: string;
+				errorMessage?: string;
+				retryAfter?: string;
+			}>
+		) => void;
+		onReady?: (e: CustomEvent<{}>) => void;
+		logger?: Partial<any>;
+		tenant?: string;
+		theme?: _2.ThemeOptions;
+		locale?: string;
+		autoFocus?: _2.AutoFocusOptions;
+		validateOnBlur?: boolean;
+		restartOnError?: boolean;
+		debug?: boolean;
+		telemetryKey?: string;
+		redirectUrl?: string;
+		errorTransformer?: (error: { text: string; type: string }) => string;
+		client?: Record<string, any>;
+		styleId?: string;
+	} & AdditionalProps
+>;
+export declare const SignUpOrInFlow: _1.ComponentType<
+	{
+		form?: Record<string, any>;
+		onSuccess?: (
+			e: CustomEvent<import('@descope/core-js-sdk').JWTResponse>
+		) => void;
+		onError?: (
+			e: CustomEvent<{
+				errorCode: string;
+				errorDescription: string;
+				errorMessage?: string;
+				retryAfter?: string;
+			}>
+		) => void;
+		onReady?: (e: CustomEvent<{}>) => void;
+		logger?: Partial<any>;
+		tenant?: string;
+		theme?: _2.ThemeOptions;
+		locale?: string;
+		autoFocus?: _2.AutoFocusOptions;
+		validateOnBlur?: boolean;
+		restartOnError?: boolean;
+		debug?: boolean;
+		telemetryKey?: string;
+		redirectUrl?: string;
+		errorTransformer?: (error: { text: string; type: string }) => string;
+		client?: Record<string, any>;
+		styleId?: string;
+	} & AdditionalProps
+>;
+export {};

package/dist/dts/src/shared/DescopeWidgets.d.ts

@@ -0,0 +1,72 @@
+/// <reference types="react" />
+import type * as _1 from '@descope/react-sdk/node_modules/@types/react';
+export declare const UserManagement: _1.ComponentType<
+	{
+		logger?: Partial<any>;
+		tenant: string;
+		widgetId: string;
+		theme?: import('@descope/web-component').ThemeOptions;
+		debug?: boolean;
+		styleId?: string;
+	} & _1.RefAttributes<HTMLElement>
+>;
+export declare const RoleManagement: _1.ComponentType<
+	{
+		logger?: Partial<any>;
+		tenant: string;
+		widgetId: string;
+		theme?: import('@descope/web-component').ThemeOptions;
+		debug?: boolean;
+		styleId?: string;
+	} & _1.RefAttributes<HTMLElement>
+>;
+export declare const AccessKeyManagement: _1.ComponentType<
+	{
+		logger?: Partial<any>;
+		tenant: string;
+		widgetId: string;
+		theme?: import('@descope/web-component').ThemeOptions;
+		debug?: boolean;
+		styleId?: string;
+	} & _1.RefAttributes<HTMLElement>
+>;
+export declare const AuditManagement: _1.ComponentType<
+	{
+		logger?: Partial<any>;
+		tenant: string;
+		widgetId: string;
+		theme?: import('@descope/web-component').ThemeOptions;
+		debug?: boolean;
+		styleId?: string;
+	} & _1.RefAttributes<HTMLElement>
+>;
+export declare const UserProfile: _1.ComponentType<
+	Omit<
+		{
+			logger?: Partial<any>;
+			tenant: string;
+			widgetId: string;
+			theme?: import('@descope/web-component').ThemeOptions;
+			debug?: boolean;
+			styleId?: string;
+		},
+		'tenant'
+	> & {
+		onLogout?: (e: CustomEvent<any>) => void;
+	} & _1.RefAttributes<HTMLElement>
+>;
+export declare const ApplicationsPortal: _1.ComponentType<
+	Omit<
+		{
+			logger?: Partial<any>;
+			tenant: string;
+			widgetId: string;
+			theme?: import('@descope/web-component').ThemeOptions;
+			debug?: boolean;
+			styleId?: string;
+		},
+		'tenant'
+	> & {
+		onLogout?: (e: CustomEvent<any>) => void;
+	} & _1.RefAttributes<HTMLElement>
+>;

package/dist/dts/src/shared/constants.d.ts

@@ -0,0 +1,4 @@
+export declare const baseHeaders: {
+	'x-descope-sdk-name': string;
+	'x-descope-sdk-version': string;
+};

package/dist/dts/src/shared/index.d.ts

@@ -0,0 +1,3 @@
+export { default as AuthProvider } from './AuthProvider';
+export * from './DescopeFlows';
+export * from './DescopeWidgets';

package/dist/dts/src/types.d.ts

@@ -0,0 +1 @@
+export type TempType = {};

package/dist/esm/client/index.js

@@ -0,0 +1,3 @@
+"use client";
+export { getCurrentTenant, getJwtPermissions, getJwtRoles, getRefreshToken, getSessionToken, isRefreshTokenExpired, isSessionTokenExpired, refresh, useDescope, useSession, useUser } from '@descope/react-sdk';
+//# sourceMappingURL=index.js.map

package/dist/esm/client/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";"}

package/dist/esm/index.js

@@ -0,0 +1,4 @@
+export { default as AuthProvider } from './shared/AuthProvider.js';
+export { Descope, SignInFlow, SignUpFlow, SignUpOrInFlow } from './shared/DescopeFlows.js';
+export { AccessKeyManagement, ApplicationsPortal, AuditManagement, RoleManagement, UserManagement, UserProfile } from './shared/DescopeWidgets.js';
+//# sourceMappingURL=index.js.map

package/dist/esm/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;"}

package/dist/esm/server/authMiddleware.js

@@ -0,0 +1,95 @@
+import { NextResponse } from 'next/server.js';
+import descopeSdk from '@descope/node-sdk';
+import { DEFAULT_PUBLIC_ROUTES, DESCOPE_SESSION_HEADER } from './constants.js';
+import { getGlobalSdk } from './sdk.js';
+import { mergeSearchParams } from './utils.js';
+import { setLogger, logger } from './logger.js';
+
+const getSessionJwt = (req) => {
+    let jwt = req.headers?.get('Authorization')?.split(' ')[1];
+    if (jwt) {
+        return jwt;
+    }
+    jwt = req.cookies?.get(descopeSdk.SessionTokenCookieName)?.value;
+    if (jwt) {
+        return jwt;
+    }
+    return undefined;
+};
+const matchWildcardRoute = (route, path) => {
+    let regexPattern = route.replace(/[.+?^${}()|[\]\\]/g, '\\$&');
+    // Convert wildcard (*) to match path segments only
+    regexPattern = regexPattern.replace(/\*/g, '[^/]*');
+    const regex = new RegExp(`^${regexPattern}$`);
+    return regex.test(path);
+};
+const isPublicRoute = (req, options) => {
+    // Ensure publicRoutes and privateRoutes are arrays, defaulting to empty arrays if not defined
+    const { publicRoutes = [], privateRoutes = [] } = options;
+    const { pathname } = req.nextUrl;
+    const isDefaultPublicRoute = Object.values(DEFAULT_PUBLIC_ROUTES).includes(pathname);
+    if (publicRoutes.length > 0) {
+        if (privateRoutes.length > 0) {
+            logger.warn('Both publicRoutes and privateRoutes are defined. Ignoring privateRoutes.');
+        }
+        return (isDefaultPublicRoute ||
+            publicRoutes.some((route) => matchWildcardRoute(route, pathname)));
+    }
+    if (privateRoutes.length > 0) {
+        return (isDefaultPublicRoute ||
+            !privateRoutes.some((route) => matchWildcardRoute(route, pathname)));
+    }
+    // If no routes are provided, all routes are private
+    return isDefaultPublicRoute;
+};
+const addSessionToHeadersIfExists = (headers, session) => {
+    if (session) {
+        const requestHeaders = new Headers(headers);
+        requestHeaders.set(DESCOPE_SESSION_HEADER, Buffer.from(JSON.stringify(session)).toString('base64'));
+        return requestHeaders;
+    }
+    return headers;
+};
+// returns a Middleware that checks if the user is authenticated
+// if the user is not authenticated, it redirects to the redirectUrl
+// if the user is authenticated, it adds the session to the headers
+const createAuthMiddleware = (options = {}) => async (req) => {
+    setLogger(options.logLevel);
+    logger.debug('Auth middleware starts');
+    const jwt = getSessionJwt(req);
+    // check if the user is authenticated
+    let session;
+    try {
+        session = await getGlobalSdk({
+            projectId: options.projectId,
+            baseUrl: options.baseUrl
+        }).validateJwt(jwt);
+    }
+    catch (err) {
+        logger.debug('Auth middleware, Failed to validate JWT', err);
+        if (!isPublicRoute(req, options)) {
+            const redirectUrl = options.redirectUrl || DEFAULT_PUBLIC_ROUTES.signIn;
+            const url = req.nextUrl.clone();
+            // Create a URL object for redirectUrl. 'http://example.com' is just a placeholder.
+            const parsedRedirectUrl = new URL(redirectUrl, 'http://example.com');
+            url.pathname = parsedRedirectUrl.pathname;
+            const searchParams = mergeSearchParams(url.search, parsedRedirectUrl.search);
+            if (searchParams) {
+                url.search = searchParams;
+            }
+            logger.debug(`Auth middleware, Redirecting to ${redirectUrl}`);
+            return NextResponse.redirect(url);
+        }
+    }
+    logger.debug('Auth middleware finishes');
+    // add the session to the request, if it exists
+    const headers = addSessionToHeadersIfExists(req.headers, session);
+    return NextResponse.next({
+        request: {
+            headers
+        }
+    });
+};
+
+export { createAuthMiddleware as default };
+//# sourceMappingURL=authMiddleware.js.map

package/dist/esm/server/authMiddleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"authMiddleware.js","sources":["../../../src/server/authMiddleware.ts"],"sourcesContent":["import { NextRequest, NextResponse } from 'next/server';\nimport descopeSdk from '@descope/node-sdk';\nimport type { AuthenticationInfo } from '@descope/node-sdk';\nimport { DEFAULT_PUBLIC_ROUTES, DESCOPE_SESSION_HEADER } from './constants';\nimport { getGlobalSdk } from './sdk';\nimport { mergeSearchParams } from './utils';\nimport { LogLevel } from '../types';\nimport { logger, setLogger } from './logger';\n\ntype MiddlewareOptions = {\n\t// The Descope project ID to use for authentication\n\t// Defaults to process.env.DESCOPE_PROJECT_ID\n\tprojectId?: string;\n\n\t// The base URL to use for authentication\n\t// Defaults to process.env.DESCOPE_BASE_URL\n\tbaseUrl?: string;\n\n\t// The URL to redirect to if the user is not authenticated\n\t// Defaults to process.env.SIGN_IN_ROUTE or '/sign-in' if not provided\n\t// NOTE: In case it contains query parameters that exist in the original URL, they will override the original query parameters. e.g. if the original URL is /page?param1=1&param2=2 and the redirect URL is /sign-in?param1=3, the final redirect URL will be /sign-in?param1=3&param2=2\n\tredirectUrl?: string;\n\n\t// An array of public routes that do not require authentication\n\t// In addition to the default public routes:\n\t// - process.env.SIGN_IN_ROUTE or /sign-in if not provided\n\t// - process.env.SIGN_UP_ROUTE or /sign-up if not provided\n\tpublicRoutes?: string[];\n\n\t// An array of private routes that require authentication\n\t// If privateRoutes is defined, routes not listed in this array will default to public routes\n\tprivateRoutes?: string[];\n\n\t// The log level to use for the middleware\n\t// Defaults to 'info'\n\tlogLevel?: LogLevel;\n};\n\nconst getSessionJwt = (req: NextRequest): string | undefined => {\n\tlet jwt = req.headers?.get('Authorization')?.split(' ')[1];\n\tif (jwt) {\n\t\treturn jwt;\n\t}\n\n\tjwt = req.cookies?.get(descopeSdk.SessionTokenCookieName)?.value;\n\tif (jwt) {\n\t\treturn jwt;\n\t}\n\treturn undefined;\n};\n\nconst matchWildcardRoute = (route: string, path: string) => {\n\tlet regexPattern = route.replace(/[.+?^${}()|[\\]\\\\]/g, '\\\\$&');\n\n\t// Convert wildcard (*) to match path segments only\n\tregexPattern = regexPattern.replace(/\\*/g, '[^/]*');\n\tconst regex = new RegExp(`^${regexPattern}$`);\n\n\treturn regex.test(path);\n};\n\nconst isPublicRoute = (req: NextRequest, options: MiddlewareOptions) => {\n\t// Ensure publicRoutes and privateRoutes are arrays, defaulting to empty arrays if not defined\n\tconst { publicRoutes = [], privateRoutes = [] } = options;\n\tconst { pathname } = req.nextUrl;\n\n\tconst isDefaultPublicRoute = Object.values(DEFAULT_PUBLIC_ROUTES).includes(\n\t\tpathname\n\t);\n\n\tif (publicRoutes.length > 0) {\n\t\tif (privateRoutes.length > 0) {\n\t\t\tlogger.warn(\n\t\t\t\t'Both publicRoutes and privateRoutes are defined. Ignoring privateRoutes.'\n\t\t\t);\n\t\t}\n\t\treturn (\n\t\t\tisDefaultPublicRoute ||\n\t\t\tpublicRoutes.some((route) => matchWildcardRoute(route, pathname))\n\t\t);\n\t}\n\n\tif (privateRoutes.length > 0) {\n\t\treturn (\n\t\t\tisDefaultPublicRoute ||\n\t\t\t!privateRoutes.some((route) => matchWildcardRoute(route, pathname))\n\t\t);\n\t}\n\n\t// If no routes are provided, all routes are private\n\treturn isDefaultPublicRoute;\n};\n\nconst addSessionToHeadersIfExists = (\n\theaders: Headers,\n\tsession: AuthenticationInfo | undefined\n): Headers => {\n\tif (session) {\n\t\tconst requestHeaders = new Headers(headers);\n\t\trequestHeaders.set(\n\t\t\tDESCOPE_SESSION_HEADER,\n\t\t\tBuffer.from(JSON.stringify(session)).toString('base64')\n\t\t);\n\t\treturn requestHeaders;\n\t}\n\treturn headers;\n};\n\n// returns a Middleware that checks if the user is authenticated\n// if the user is not authenticated, it redirects to the redirectUrl\n// if the user is authenticated, it adds the session to the headers\nconst createAuthMiddleware =\n\t(options: MiddlewareOptions = {}) =>\n\tasync (req: NextRequest) => {\n\t\tsetLogger(options.logLevel);\n\t\tlogger.debug('Auth middleware starts');\n\n\t\tconst jwt = getSessionJwt(req);\n\n\t\t// check if the user is authenticated\n\t\tlet session: AuthenticationInfo | undefined;\n\t\ttry {\n\t\t\tsession = await getGlobalSdk({\n\t\t\t\tprojectId: options.projectId,\n\t\t\t\tbaseUrl: options.baseUrl\n\t\t\t}).validateJwt(jwt);\n\t\t} catch (err) {\n\t\t\tlogger.debug('Auth middleware, Failed to validate JWT', err);\n\t\t\tif (!isPublicRoute(req, options)) {\n\t\t\t\tconst redirectUrl = options.redirectUrl || DEFAULT_PUBLIC_ROUTES.signIn;\n\t\t\t\tconst url = req.nextUrl.clone();\n\t\t\t\t// Create a URL object for redirectUrl. 'http://example.com' is just a placeholder.\n\t\t\t\tconst parsedRedirectUrl = new URL(redirectUrl, 'http://example.com');\n\t\t\t\turl.pathname = parsedRedirectUrl.pathname;\n\n\t\t\t\tconst searchParams = mergeSearchParams(\n\t\t\t\t\turl.search,\n\t\t\t\t\tparsedRedirectUrl.search\n\t\t\t\t);\n\t\t\t\tif (searchParams) {\n\t\t\t\t\turl.search = searchParams;\n\t\t\t\t}\n\t\t\t\tlogger.debug(`Auth middleware, Redirecting to ${redirectUrl}`);\n\t\t\t\treturn NextResponse.redirect(url);\n\t\t\t}\n\t\t}\n\n\t\tlogger.debug('Auth middleware finishes');\n\t\t// add the session to the request, if it exists\n\t\tconst headers = addSessionToHeadersIfExists(req.headers, session);\n\t\treturn NextResponse.next({\n\t\t\trequest: {\n\t\t\t\theaders\n\t\t\t}\n\t\t});\n\t};\n\nexport default createAuthMiddleware;\n"],"names":[],"mappings":";;;;;;;AAsCA,MAAM,aAAa,GAAG,CAAC,GAAgB,KAAwB;AAC9D,IAAA,IAAI,GAAG,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,eAAe,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,IAAI,GAAG,EAAE;AACR,QAAA,OAAO,GAAG,CAAC;KACX;AAED,IAAA,GAAG,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,UAAU,CAAC,sBAAsB,CAAC,EAAE,KAAK,CAAC;IACjE,IAAI,GAAG,EAAE;AACR,QAAA,OAAO,GAAG,CAAC;KACX;AACD,IAAA,OAAO,SAAS,CAAC;AAClB,CAAC,CAAC;AAEF,MAAM,kBAAkB,GAAG,CAAC,KAAa,EAAE,IAAY,KAAI;IAC1D,IAAI,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;;IAG/D,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,CAAI,CAAA,EAAA,YAAY,CAAG,CAAA,CAAA,CAAC,CAAC;AAE9C,IAAA,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACzB,CAAC,CAAC;AAEF,MAAM,aAAa,GAAG,CAAC,GAAgB,EAAE,OAA0B,KAAI;;IAEtE,MAAM,EAAE,YAAY,GAAG,EAAE,EAAE,aAAa,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC;AAC1D,IAAA,MAAM,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC;AAEjC,IAAA,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,QAAQ,CACzE,QAAQ,CACR,CAAC;AAEF,IAAA,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE;AAC5B,QAAA,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;AAC7B,YAAA,MAAM,CAAC,IAAI,CACV,0EAA0E,CAC1E,CAAC;SACF;AACD,QAAA,QACC,oBAAoB;AACpB,YAAA,YAAY,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,EAChE;KACF;AAED,IAAA,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE;AAC7B,QAAA,QACC,oBAAoB;AACpB,YAAA,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,kBAAkB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,EAClE;KACF;;AAGD,IAAA,OAAO,oBAAoB,CAAC;AAC7B,CAAC,CAAC;AAEF,MAAM,2BAA2B,GAAG,CACnC,OAAgB,EAChB,OAAuC,KAC3B;IACZ,IAAI,OAAO,EAAE;AACZ,QAAA,MAAM,cAAc,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;QAC5C,cAAc,CAAC,GAAG,CACjB,sBAAsB,EACtB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CACvD,CAAC;AACF,QAAA,OAAO,cAAc,CAAC;KACtB;AACD,IAAA,OAAO,OAAO,CAAC;AAChB,CAAC,CAAC;AAEF;AACA;AACA;AACA,MAAM,oBAAoB,GACzB,CAAC,OAAA,GAA6B,EAAE,KAChC,OAAO,GAAgB,KAAI;AAC1B,IAAA,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;AAC5B,IAAA,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;AAEvC,IAAA,MAAM,GAAG,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;;AAG/B,IAAA,IAAI,OAAuC,CAAC;AAC5C,IAAA,IAAI;QACH,OAAO,GAAG,MAAM,YAAY,CAAC;YAC5B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;AACxB,SAAA,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;KACpB;IAAC,OAAO,GAAG,EAAE;AACb,QAAA,MAAM,CAAC,KAAK,CAAC,yCAAyC,EAAE,GAAG,CAAC,CAAC;QAC7D,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE;YACjC,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,qBAAqB,CAAC,MAAM,CAAC;YACxE,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;;YAEhC,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,WAAW,EAAE,oBAAoB,CAAC,CAAC;AACrE,YAAA,GAAG,CAAC,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC;AAE1C,YAAA,MAAM,YAAY,GAAG,iBAAiB,CACrC,GAAG,CAAC,MAAM,EACV,iBAAiB,CAAC,MAAM,CACxB,CAAC;YACF,IAAI,YAAY,EAAE;AACjB,gBAAA,GAAG,CAAC,MAAM,GAAG,YAAY,CAAC;aAC1B;AACD,YAAA,MAAM,CAAC,KAAK,CAAC,mCAAmC,WAAW,CAAA,CAAE,CAAC,CAAC;AAC/D,YAAA,OAAO,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;SAClC;KACD;AAED,IAAA,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;;IAEzC,MAAM,OAAO,GAAG,2BAA2B,CAAC,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;IAClE,OAAO,YAAY,CAAC,IAAI,CAAC;AACxB,QAAA,OAAO,EAAE;YACR,OAAO;AACP,SAAA;AACD,KAAA,CAAC,CAAC;AACJ;;;;"}

package/dist/esm/server/constants.js

@@ -0,0 +1,12 @@
+const DESCOPE_SESSION_HEADER = 'x-descope-session';
+const baseHeaders = {
+    'x-descope-sdk-name': 'nextjs',
+    'x-descope-sdk-version': "0.0.0-alpha.1"
+};
+const DEFAULT_PUBLIC_ROUTES = {
+    signIn: process.env.SIGN_IN_ROUTE || '/sign-in',
+    signUp: process.env.SIGN_UP_ROUTE || '/sign-up'
+};
+
+export { DEFAULT_PUBLIC_ROUTES, DESCOPE_SESSION_HEADER, baseHeaders };
+//# sourceMappingURL=constants.js.map

package/dist/esm/server/constants.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"constants.js","sources":["../../../src/server/constants.ts"],"sourcesContent":["// Replaced in build time\ndeclare const BUILD_VERSION: string;\n\nexport const DESCOPE_SESSION_HEADER = 'x-descope-session';\n\nexport const baseHeaders = {\n\t'x-descope-sdk-name': 'nextjs',\n\t'x-descope-sdk-version': BUILD_VERSION\n};\n\nexport const DEFAULT_PUBLIC_ROUTES = {\n\tsignIn: process.env.SIGN_IN_ROUTE || '/sign-in',\n\tsignUp: process.env.SIGN_UP_ROUTE || '/sign-up'\n};\n"],"names":[],"mappings":"AAGO,MAAM,sBAAsB,GAAG,oBAAoB;AAE7C,MAAA,WAAW,GAAG;AAC1B,IAAA,oBAAoB,EAAE,QAAQ;AAC9B,IAAA,uBAAuB,EAAE,eAAa;EACrC;AAEW,MAAA,qBAAqB,GAAG;AACpC,IAAA,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,UAAU;AAC/C,IAAA,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,UAAU;;;;;"}

package/dist/esm/server/index.js

@@ -0,0 +1,4 @@
+export { default as authMiddleware } from './authMiddleware.js';
+export { getSession, session } from './session.js';
+export { createSdk } from './sdk.js';
+//# sourceMappingURL=index.js.map

package/dist/esm/server/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sources":[],"sourcesContent":[],"names":[],"mappings":";;"}

package/dist/esm/server/logger.js

@@ -0,0 +1,25 @@
+// order of levels is important
+const levels = ['debug', 'info', 'warn', 'error'];
+const logger = {
+    debug: console.debug,
+    info: console.info,
+    log: console.log,
+    warn: console.warn,
+    error: console.error
+};
+const noop = () => { };
+// override global logger according to the level
+const setLogger = (level = 'info') => {
+    Object.keys(logger).forEach((key) => {
+        const keyToCompare = key === 'log' ? 'info' : key; // log is an alias for info
+        if (levels.indexOf(keyToCompare) < levels.indexOf(level)) {
+            logger[key] = noop;
+        }
+        else {
+            logger[key] = console[key];
+        }
+    });
+};
+
+export { logger, setLogger };
+//# sourceMappingURL=logger.js.map

package/dist/esm/server/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sources":["../../../src/server/logger.ts"],"sourcesContent":["/* eslint-disable no-console */\nimport { LogLevel } from '../types';\n\n// order of levels is important\nconst levels = ['debug', 'info', 'warn', 'error'];\n\nconst logger = {\n\tdebug: console.debug,\n\tinfo: console.info,\n\tlog: console.log,\n\twarn: console.warn,\n\terror: console.error\n};\n\nconst noop = () => {};\n\n// override global logger according to the level\nexport const setLogger = (level: LogLevel = 'info') => {\n\tObject.keys(logger).forEach((key) => {\n\t\tconst keyToCompare = key === 'log' ? 'info' : key; // log is an alias for info\n\t\tif (levels.indexOf(keyToCompare) < levels.indexOf(level)) {\n\t\t\tlogger[key] = noop;\n\t\t} else {\n\t\t\tlogger[key] = console[key];\n\t\t}\n\t});\n};\n\nexport { logger };\n"],"names":[],"mappings":"AAGA;AACA,MAAM,MAAM,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;AAElD,MAAM,MAAM,GAAG;IACd,KAAK,EAAE,OAAO,CAAC,KAAK;IACpB,IAAI,EAAE,OAAO,CAAC,IAAI;IAClB,GAAG,EAAE,OAAO,CAAC,GAAG;IAChB,IAAI,EAAE,OAAO,CAAC,IAAI;IAClB,KAAK,EAAE,OAAO,CAAC,KAAK;EACnB;AAEF,MAAM,IAAI,GAAG,MAAK,GAAG,CAAC;AAEtB;MACa,SAAS,GAAG,CAAC,KAAkB,GAAA,MAAM,KAAI;IACrD,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,KAAI;AACnC,QAAA,MAAM,YAAY,GAAG,GAAG,KAAK,KAAK,GAAG,MAAM,GAAG,GAAG,CAAC;AAClD,QAAA,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;AACzD,YAAA,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;SACnB;aAAM;YACN,MAAM,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;SAC3B;AACF,KAAC,CAAC,CAAC;AACJ;;;;"}

package/dist/esm/server/sdk.js

@@ -0,0 +1,26 @@
+import descopeSdk from '@descope/node-sdk';
+import { baseHeaders } from './constants.js';
+
+let globalSdk;
+const createSdk = (config) => descopeSdk({
+    ...config,
+    projectId: config?.projectId || process.env.DESCOPE_PROJECT_ID,
+    managementKey: config?.managementKey || process.env.DESCOPE_MANAGEMENT_KEY,
+    baseUrl: config?.baseUrl || process.env.DESCOPE_BASE_URL,
+    baseHeaders: {
+        ...config?.baseHeaders,
+        ...baseHeaders
+    }
+});
+const getGlobalSdk = (config) => {
+    if (!globalSdk) {
+        if (!config?.projectId && !process.env.DESCOPE_PROJECT_ID) {
+            throw new Error('Descope project ID is required to create the SDK');
+        }
+        globalSdk = createSdk(config);
+    }
+    return globalSdk;
+};
+
+export { createSdk, getGlobalSdk };
+//# sourceMappingURL=sdk.js.map

package/dist/esm/server/sdk.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sdk.js","sources":["../../../src/server/sdk.ts"],"sourcesContent":["import descopeSdk from '@descope/node-sdk';\nimport { baseHeaders } from './constants';\n\ntype Sdk = ReturnType<typeof descopeSdk>;\ntype CreateServerSdkParams = Omit<\n\tParameters<typeof descopeSdk>[0],\n\t'projectId'\n> & {\n\tprojectId?: string | undefined;\n};\n\ntype CreateSdkParams = Pick<CreateServerSdkParams, 'projectId' | 'baseUrl'>;\n\nlet globalSdk: Sdk;\n\nexport const createSdk = (config?: CreateServerSdkParams): Sdk =>\n\tdescopeSdk({\n\t\t...config,\n\t\tprojectId: config?.projectId || process.env.DESCOPE_PROJECT_ID,\n\t\tmanagementKey: config?.managementKey || process.env.DESCOPE_MANAGEMENT_KEY,\n\t\tbaseUrl: config?.baseUrl || process.env.DESCOPE_BASE_URL,\n\t\tbaseHeaders: {\n\t\t\t...config?.baseHeaders,\n\t\t\t...baseHeaders\n\t\t}\n\t});\n\nexport const getGlobalSdk = (config?: CreateSdkParams): Sdk => {\n\tif (!globalSdk) {\n\t\tif (!config?.projectId && !process.env.DESCOPE_PROJECT_ID) {\n\t\t\tthrow new Error('Descope project ID is required to create the SDK');\n\t\t}\n\t\tglobalSdk = createSdk(config);\n\t}\n\n\treturn globalSdk;\n};\n\nexport type { CreateSdkParams };\n"],"names":[],"mappings":";;;AAaA,IAAI,SAAc,CAAC;AAEN,MAAA,SAAS,GAAG,CAAC,MAA8B,KACvD,UAAU,CAAC;AACV,IAAA,GAAG,MAAM;IACT,SAAS,EAAE,MAAM,EAAE,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB;IAC9D,aAAa,EAAE,MAAM,EAAE,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,sBAAsB;IAC1E,OAAO,EAAE,MAAM,EAAE,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB;AACxD,IAAA,WAAW,EAAE;QACZ,GAAG,MAAM,EAAE,WAAW;AACtB,QAAA,GAAG,WAAW;AACd,KAAA;AACD,CAAA,EAAE;AAES,MAAA,YAAY,GAAG,CAAC,MAAwB,KAAS;IAC7D,IAAI,CAAC,SAAS,EAAE;AACf,QAAA,IAAI,CAAC,MAAM,EAAE,SAAS,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE;AAC1D,YAAA,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;SACpE;AACD,QAAA,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;KAC9B;AAED,IAAA,OAAO,SAAS,CAAC;AAClB;;;;"}

package/dist/esm/server/session.js

@@ -0,0 +1,59 @@
+import descopeSdk from '@descope/node-sdk';
+import { headers, cookies } from 'next/headers.js';
+import { DESCOPE_SESSION_HEADER } from './constants.js';
+import { getGlobalSdk } from './sdk.js';
+import { setLogger, logger } from './logger.js';
+
+const extractSession = (descopeSession) => {
+    if (!descopeSession) {
+        return undefined;
+    }
+    try {
+        const authInfo = JSON.parse(Buffer.from(descopeSession, 'base64').toString());
+        return authInfo;
+    }
+    catch (err) {
+        return undefined;
+    }
+};
+const getSessionFromCookie = async (config) => {
+    logger.debug('attempting to get session from cookie');
+    try {
+        const sessionCookie = (await cookies()).get(descopeSdk.SessionTokenCookieName);
+        if (!sessionCookie?.value) {
+            logger.debug('Session cookie not found');
+            return undefined;
+        }
+        const sdk = getGlobalSdk(config);
+        return await sdk.validateJwt(sessionCookie.value);
+    }
+    catch (err) {
+        logger.debug('Error getting session from cookie', err);
+        return undefined;
+    }
+};
+// tries to extract the session header,
+// if it doesn't exist, it will attempt to get the session from the cookie
+const extractOrGetSession = async (sessionHeader, config) => {
+    const session = extractSession(sessionHeader);
+    if (session) {
+        return session;
+    }
+    return getSessionFromCookie(config);
+};
+// returns the session token if it exists in the headers
+const session = async (config) => {
+    setLogger(config?.logLevel);
+    // first attempt to get the session from the headers
+    const reqHeaders = await headers();
+    const sessionHeader = reqHeaders.get(DESCOPE_SESSION_HEADER);
+    return extractOrGetSession(sessionHeader, config);
+};
+// returns the session token if it exists in the request headers
+const getSession = async (req, config) => {
+    setLogger(config?.logLevel);
+    return extractOrGetSession(req.headers[DESCOPE_SESSION_HEADER.toLowerCase()], config);
+};
+
+export { getSession, session };
+//# sourceMappingURL=session.js.map

package/dist/esm/server/session.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session.js","sources":["../../../src/server/session.ts"],"sourcesContent":["import descopeSdk, { AuthenticationInfo } from '@descope/node-sdk';\nimport { NextApiRequest } from 'next';\nimport { cookies, headers } from 'next/headers';\nimport { DESCOPE_SESSION_HEADER } from './constants';\nimport { getGlobalSdk, CreateSdkParams } from './sdk';\nimport { LogLevel } from '../types';\nimport { logger, setLogger } from './logger';\n\ntype SessionConfig = CreateSdkParams & {\n\t// The log level to use for the middleware\n\t// Defaults to 'info'\n\tlogLevel?: LogLevel;\n};\n\nconst extractSession = (\n\tdescopeSession?: string\n): AuthenticationInfo | undefined => {\n\tif (!descopeSession) {\n\t\treturn undefined;\n\t}\n\ttry {\n\t\tconst authInfo = JSON.parse(\n\t\t\tBuffer.from(descopeSession, 'base64').toString()\n\t\t) as AuthenticationInfo;\n\t\treturn authInfo;\n\t} catch (err) {\n\t\treturn undefined;\n\t}\n};\n\nconst getSessionFromCookie = async (\n\tconfig?: CreateSdkParams\n): Promise<AuthenticationInfo | undefined> => {\n\tlogger.debug('attempting to get session from cookie');\n\ttry {\n\t\tconst sessionCookie = (await cookies()).get(\n\t\t\tdescopeSdk.SessionTokenCookieName\n\t\t);\n\t\tif (!sessionCookie?.value) {\n\t\t\tlogger.debug('Session cookie not found');\n\t\t\treturn undefined;\n\t\t}\n\t\tconst sdk = getGlobalSdk(config);\n\t\treturn await sdk.validateJwt(sessionCookie.value);\n\t} catch (err) {\n\t\tlogger.debug('Error getting session from cookie', err);\n\t\treturn undefined;\n\t}\n};\n\n// tries to extract the session header,\n// if it doesn't exist, it will attempt to get the session from the cookie\nconst extractOrGetSession = async (\n\tsessionHeader?: string,\n\tconfig?: SessionConfig\n): Promise<AuthenticationInfo | undefined> => {\n\tconst session = extractSession(sessionHeader);\n\tif (session) {\n\t\treturn session;\n\t}\n\n\treturn getSessionFromCookie(config);\n};\n\n// returns the session token if it exists in the headers\nexport const session = async (\n\tconfig?: SessionConfig\n): Promise<AuthenticationInfo | undefined> => {\n\tsetLogger(config?.logLevel);\n\t// first attempt to get the session from the headers\n\tconst reqHeaders = await headers();\n\tconst sessionHeader = reqHeaders.get(DESCOPE_SESSION_HEADER);\n\treturn extractOrGetSession(sessionHeader, config);\n};\n\n// returns the session token if it exists in the request headers\nexport const getSession = async (\n\treq: NextApiRequest,\n\tconfig?: SessionConfig\n): Promise<AuthenticationInfo | undefined> => {\n\tsetLogger(config?.logLevel);\n\treturn extractOrGetSession(\n\t\treq.headers[DESCOPE_SESSION_HEADER.toLowerCase()] as string,\n\t\tconfig\n\t);\n};\n"],"names":[],"mappings":";;;;;;AAcA,MAAM,cAAc,GAAG,CACtB,cAAuB,KACY;IACnC,IAAI,CAAC,cAAc,EAAE;AACpB,QAAA,OAAO,SAAS,CAAC;KACjB;AACD,IAAA,IAAI;AACH,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAC1B,MAAM,CAAC,IAAI,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAC1B,CAAC;AACxB,QAAA,OAAO,QAAQ,CAAC;KAChB;IAAC,OAAO,GAAG,EAAE;AACb,QAAA,OAAO,SAAS,CAAC;KACjB;AACF,CAAC,CAAC;AAEF,MAAM,oBAAoB,GAAG,OAC5B,MAAwB,KACoB;AAC5C,IAAA,MAAM,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;AACtD,IAAA,IAAI;AACH,QAAA,MAAM,aAAa,GAAG,CAAC,MAAM,OAAO,EAAE,EAAE,GAAG,CAC1C,UAAU,CAAC,sBAAsB,CACjC,CAAC;AACF,QAAA,IAAI,CAAC,aAAa,EAAE,KAAK,EAAE;AAC1B,YAAA,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;AACzC,YAAA,OAAO,SAAS,CAAC;SACjB;AACD,QAAA,MAAM,GAAG,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QACjC,OAAO,MAAM,GAAG,CAAC,WAAW,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC;KAClD;IAAC,OAAO,GAAG,EAAE;AACb,QAAA,MAAM,CAAC,KAAK,CAAC,mCAAmC,EAAE,GAAG,CAAC,CAAC;AACvD,QAAA,OAAO,SAAS,CAAC;KACjB;AACF,CAAC,CAAC;AAEF;AACA;AACA,MAAM,mBAAmB,GAAG,OAC3B,aAAsB,EACtB,MAAsB,KACsB;AAC5C,IAAA,MAAM,OAAO,GAAG,cAAc,CAAC,aAAa,CAAC,CAAC;IAC9C,IAAI,OAAO,EAAE;AACZ,QAAA,OAAO,OAAO,CAAC;KACf;AAED,IAAA,OAAO,oBAAoB,CAAC,MAAM,CAAC,CAAC;AACrC,CAAC,CAAC;AAEF;MACa,OAAO,GAAG,OACtB,MAAsB,KACsB;AAC5C,IAAA,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;;AAE5B,IAAA,MAAM,UAAU,GAAG,MAAM,OAAO,EAAE,CAAC;IACnC,MAAM,aAAa,GAAG,UAAU,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;AAC7D,IAAA,OAAO,mBAAmB,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;AACnD,EAAE;AAEF;AACa,MAAA,UAAU,GAAG,OACzB,GAAmB,EACnB,MAAsB,KACsB;AAC5C,IAAA,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;AAC5B,IAAA,OAAO,mBAAmB,CACzB,GAAG,CAAC,OAAO,CAAC,sBAAsB,CAAC,WAAW,EAAE,CAAW,EAC3D,MAAM,CACN,CAAC;AACH;;;;"}