@douvery/auth 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/index.d.ts +61 -1
  2. package/dist/index.js +132 -2
  3. package/dist/index.js.map +1 -1
  4. package/dist/qwik/index.d.ts +59 -25
  5. package/dist/qwik/index.js +154 -59
  6. package/dist/qwik/index.js.map +1 -1
  7. package/package.json +1 -1
  8. package/src/qwik/index.tsx +243 -75
package/dist/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/types.ts","../src/pkce.ts","../src/storage.ts","../src/client.ts"],"names":[],"mappings":";AA6LO,IAAM,SAAA,GAAN,cAAwB,KAAA,CAAM;AAAA,EACnC,WAAA,CACS,IAAA,EACP,OAAA,EACO,KAAA,EACP;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJN,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA;AAGP,IAAA,IAAA,CAAK,IAAA,GAAO,WAAA;AAAA,EACd;AACF;;;AC9LO,SAAS,oBAAA,CAAqB,SAAiB,EAAA,EAAY;AAChE,EAAA,MAAM,OAAA,GACJ,oEAAA;AACF,EAAA,MAAM,eAAe,MAAA,CAAO,eAAA,CAAgB,IAAI,UAAA,CAAW,MAAM,CAAC,CAAA;AAClE,EAAA,OAAO,KAAA,CAAM,IAAA,CAAK,YAAY,CAAA,CAC3B,IAAI,CAAC,CAAA,KAAM,OAAA,CAAQ,CAAA,GAAI,OAAA,CAAQ,MAAM,CAAC,CAAA,CACtC,KAAK,EAAE,CAAA;AACZ;AAGO,SAAS,aAAA,GAAwB;AACtC,EAAA,OAAO,qBAAqB,EAAE,CAAA;AAChC;AAGO,SAAS,aAAA,GAAwB;AACtC,EAAA,OAAO,qBAAqB,EAAE,CAAA;AAChC;AAGA,eAAsB,sBAAsB,QAAA,EAAmC;AAC7E,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AACpC,EAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,EAAA,OAAO,gBAAgB,UAAU,CAAA;AACnC;AAGO,SAAS,gBAAgB,MAAA,EAA6B;AAC3D,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,OAAO,MAAA,CAAO,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA;AACzE;AAGO,SAAS,gBAAgB,KAAA,EAA4B;AAC1D,EAAA,IAAI,MAAA,GAAS,MAAM,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AACvD,EAAA,MAAM,OAAA,GAAU,OAAO,MAAA,GAAS,CAAA;AAChC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAA,IAAU,GAAA,CAAI,MAAA,CAAO,CAAA,GAAI,OAAO,CAAA;AAAA,EAClC;AACA,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAChC;AACA,EAAA,OAAO,KAAA,CAAM,MAAA;AACf;AAGA,eAAsB,gBAAA,GAAsC;AAC1D,EAAA,MAAM,eAAe,oBAAA,EAAqB;AAC1C,EAAA,MAAM,aAAA,GAAgB,MAAM,qBAAA,CAAsB,YAAY,CAAA;AAC9D,EAAA,OAAO;AAAA,IACL,YAAA;AAAA,IACA,aAAA;AAAA,IACA,mBAAA,EAAqB;AAAA,GACvB;AACF;AAGA,eAAsB,mBAAA,CACpB,QAAA,EACA,SAAA,EACA,MAAA,GAA2B,MAAA,EACT;AAClB,EAAA,IAAI,WAAW,OAAA,EAAS;AACtB,IAAA,OAAO,QAAA,KAAa,SAAA;AAAA,EACtB;AACA,EAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,CAAsB,QAAQ,CAAA;AAC9D,EAAA,OAAO,iBAAA,KAAsB,SAAA;AAC/B;AAGO,SAAS,UAAuC,KAAA,EAAkB;AACvE,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAC7B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,MAAM,oBAAoB,CAAA;AAAA,EACtC;AACA,EAAA,MAAM,OAAA,GAAU,MAAM,CAAC,CAAA;AACvB,EAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AACvC,EAAA,MAAM,IAAA,GAAO,IAAI,WAAA,EAAY,CAAE,OAAO,OAAO,CAAA;AAC7C,EAAA,OAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AACxB;AAGO,SAAS,cAAA,CAAe,KAAA,EAAe,SAAA,GAAoB,EAAA,EAAa;AAC7E,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,UAA4B,KAAK,CAAA;AACjD,IAAA,IAAI,CAAC,QAAQ,GAAA,EAAK;AAChB,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,OAAO,OAAA,CAAQ,MAAM,GAAA,GAAM,SAAA;AAAA,EAC7B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAGO,SAAS,mBAAmB,KAAA,EAA8B;AAC/D,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,UAA4B,KAAK,CAAA;AACjD,IAAA,OAAO,OAAA,CAAQ,GAAA,GAAM,OAAA,CAAQ,GAAA,GAAM,GAAA,GAAO,IAAA;AAAA,EAC5C,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;;;AChHA,IAAM,cAAA,GAAiB,cAAA;AAEhB,IAAM,YAAA,GAA4B;AAAA,EACvC,WAAA,EAAa,GAAG,cAAc,CAAA,aAAA,CAAA;AAAA,EAC9B,YAAA,EAAc,GAAG,cAAc,CAAA,cAAA,CAAA;AAAA,EAC/B,OAAA,EAAS,GAAG,cAAc,CAAA,SAAA,CAAA;AAAA,EAC1B,SAAA,EAAW,GAAG,cAAc,CAAA,WAAA,CAAA;AAAA,EAC5B,KAAA,EAAO,GAAG,cAAc,CAAA,MAAA,CAAA;AAAA,EACxB,KAAA,EAAO,GAAG,cAAc,CAAA,MAAA,CAAA;AAAA,EACxB,YAAA,EAAc,GAAG,cAAc,CAAA,cAAA,CAAA;AAAA,EAC/B,QAAA,EAAU,GAAG,cAAc,CAAA,UAAA;AAC7B;AAGO,IAAM,gBAAN,MAA4C;AAAA,EACzC,KAAA,uBAAY,GAAA,EAAoB;AAAA,EAExC,IAAI,GAAA,EAA4B;AAC9B,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAChC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3B;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,EACvB;AAAA,EAEA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,MAAM,KAAA,EAAM;AAAA,EACnB;AACF;AAGO,IAAM,eAAN,MAA2C;AAAA,EAChD,IAAI,GAAA,EAA4B;AAC9B,IAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,IAAA,OAAO,YAAA,CAAa,QAAQ,GAAG,CAAA;AAAA,EACjC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,YAAA,CAAa,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EACjC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,YAAA,CAAa,WAAW,GAAG,CAAA;AAAA,EAC7B;AAAA,EAEA,KAAA,GAAc;AACZ,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ;AAC3C,MAAA,YAAA,CAAa,WAAW,GAAG,CAAA;AAAA,IAC7B,CAAC,CAAA;AAAA,EACH;AACF;AAGO,IAAM,iBAAN,MAA6C;AAAA,EAClD,IAAI,GAAA,EAA4B;AAC9B,IAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,IAAA,OAAO,cAAA,CAAe,QAAQ,GAAG,CAAA;AAAA,EACnC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,cAAA,CAAe,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EACnC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,cAAA,CAAe,WAAW,GAAG,CAAA;AAAA,EAC/B;AAAA,EAEA,KAAA,GAAc;AACZ,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ;AAC3C,MAAA,cAAA,CAAe,WAAW,GAAG,CAAA;AAAA,IAC/B,CAAC,CAAA;AAAA,EACH;AACF;AAGO,IAAM,gBAAN,MAA4C;AAAA,EACjD,WAAA,CACU,OAAA,GAMJ,EAAC,EACL;AAPQ,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAQR,IAAA,IAAA,CAAK,OAAA,GAAU,EAAE,IAAA,EAAM,GAAA,EAAK,QAAQ,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,GAAG,OAAA,EAAQ;AAAA,EACxE;AAAA,EAEA,IAAI,GAAA,EAA4B;AAC9B,IAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,CAAC,MAAM,KAAK,CAAA,GAAI,OAAO,IAAA,EAAK,CAAE,MAAM,GAAG,CAAA;AAC7C,MAAA,IAAI,SAAS,GAAA,EAAK;AAChB,QAAA,OAAO,mBAAmB,KAAK,CAAA;AAAA,MACjC;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,MAAM,KAAA,GAAQ;AAAA,MACZ,CAAA,EAAG,GAAG,CAAA,CAAA,EAAI,kBAAA,CAAmB,KAAK,CAAC,CAAA,CAAA;AAAA,MACnC,CAAA,KAAA,EAAQ,IAAA,CAAK,OAAA,CAAQ,IAAI,CAAA;AAAA,KAC3B;AACA,IAAA,IAAI,IAAA,CAAK,QAAQ,MAAA,EAAQ,KAAA,CAAM,KAAK,CAAA,OAAA,EAAU,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA,CAAE,CAAA;AACnE,IAAA,IAAI,IAAA,CAAK,OAAA,CAAQ,MAAA,EAAQ,KAAA,CAAM,KAAK,QAAQ,CAAA;AAC5C,IAAA,IAAI,IAAA,CAAK,QAAQ,QAAA,EAAU,KAAA,CAAM,KAAK,CAAA,SAAA,EAAY,IAAA,CAAK,OAAA,CAAQ,QAAQ,CAAA,CAAE,CAAA;AACzE,IAAA,IAAI,IAAA,CAAK,QAAQ,MAAA,EAAQ,KAAA,CAAM,KAAK,CAAA,QAAA,EAAW,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA,CAAE,CAAA;AACpE,IAAA,QAAA,CAAS,MAAA,GAAS,KAAA,CAAM,IAAA,CAAK,IAAI,CAAA;AAAA,EACnC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,QAAA,CAAS,SAAS,CAAA,EAAG,GAAG,CAAA,QAAA,EAAW,IAAA,CAAK,QAAQ,IAAI,CAAA,uCAAA,CAAA;AAAA,EACtD;AAAA,EAEA,KAAA,GAAc;AACZ,IAAA,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ,IAAA,CAAK,MAAA,CAAO,GAAG,CAAC,CAAA;AAAA,EAC/D;AACF;AAGO,SAAS,cACd,IAAA,EACc;AACd,EAAA,QAAQ,IAAA;AAAM,IACZ,KAAK,cAAA;AACH,MAAA,OAAO,IAAI,YAAA,EAAa;AAAA,IAC1B,KAAK,gBAAA;AACH,MAAA,OAAO,IAAI,cAAA,EAAe;AAAA,IAC5B,KAAK,QAAA;AACH,MAAA,OAAO,IAAI,aAAA,EAAc;AAAA,IAC3B,KAAK,QAAA;AAAA,IACL;AACE,MAAA,OAAO,IAAI,aAAA,EAAc;AAAA;AAE/B;AAGO,IAAM,eAAN,MAAmB;AAAA,EACxB,YAAoB,OAAA,EAAuB;AAAvB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAAA,EAAwB;AAAA,EAE5C,MAAM,SAAA,GAAuC;AAC3C,IAAA,MAAM,cAAc,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,aAAa,WAAW,CAAA;AACnE,IAAA,IAAI,CAAC,aAAa,OAAO,IAAA;AAEzB,IAAA,MAAM,eAAe,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,aAAa,YAAY,CAAA;AACrE,IAAA,MAAM,UAAU,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,aAAa,OAAO,CAAA;AAC3D,IAAA,MAAM,YAAY,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,aAAa,SAAS,CAAA;AAE/D,IAAA,OAAO;AAAA,MACL,WAAA;AAAA,MACA,cAAc,YAAA,IAAgB,MAAA;AAAA,MAC9B,SAAS,OAAA,IAAW,MAAA;AAAA,MACpB,SAAA,EAAW,SAAA,GAAY,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA,GAAI,CAAA;AAAA,MACjD,SAAA,EAAW,QAAA;AAAA,MACX,OAAO;AAAC,KACV;AAAA,EACF;AAAA,EAEA,MAAM,UAAU,MAAA,EAAkC;AAChD,IAAA,MAAM,KAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,WAAA,EAAa,OAAO,WAAW,CAAA;AACnE,IAAA,MAAM,IAAA,CAAK,QAAQ,GAAA,CAAI,YAAA,CAAa,WAAW,MAAA,CAAO,SAAA,CAAU,UAAU,CAAA;AAC1E,IAAA,IAAI,OAAO,YAAA,EAAc;AACvB,MAAA,MAAM,KAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,YAAA,EAAc,OAAO,YAAY,CAAA;AAAA,IACvE;AACA,IAAA,IAAI,OAAO,OAAA,EAAS;AAClB,MAAA,MAAM,KAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,OAAA,EAAS,OAAO,OAAO,CAAA;AAAA,IAC7D;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,WAAW,CAAA;AAClD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,YAAY,CAAA;AACnD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,OAAO,CAAA;AAC9C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,SAAS,CAAA;AAAA,EAClD;AAAA,EAEA,MAAM,UAAU,KAAA,EAA8B;AAC5C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,OAAO,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAM,QAAA,GAAmC;AACvC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,KAAK,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,KAAK,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,UAAU,KAAA,EAA8B;AAC5C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,OAAO,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAM,QAAA,GAAmC;AACvC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,KAAK,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,KAAK,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,iBAAiB,QAAA,EAAiC;AACtD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,cAAc,QAAQ,CAAA;AAAA,EAC5D;AAAA,EAEA,MAAM,eAAA,GAA0C;AAC9C,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA;AAAA,EACnD;AAAA,EAEA,MAAM,iBAAA,GAAmC;AACvC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,YAAY,CAAA;AAAA,EACrD;AAAA,EAEA,MAAM,aAAa,GAAA,EAA4B;AAC7C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,UAAU,GAAG,CAAA;AAAA,EACnD;AAAA,EAEA,MAAM,WAAA,GAAsC;AAC1C,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,QAAQ,CAAA;AAAA,EAC/C;AAAA,EAEA,MAAM,aAAA,GAA+B;AACnC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,QAAQ,CAAA;AAAA,EACjD;AAAA,EAEA,MAAM,QAAA,GAA0B;AAC9B,IAAA,MAAM,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EAC3B;AACF;;;AChNA,IAAM,cAAA,GAAiB,0BAAA;AACvB,IAAM,cAAA,GAAiB,CAAC,QAAA,EAAU,SAAA,EAAW,OAAO,CAAA;AAE7C,IAAM,oBAAN,MAAwB;AAAA,EACrB,MAAA;AAAA,EAIA,YAAA;AAAA,EACA,SAAA,GAAkC,IAAA;AAAA,EAClC,aAAA,uBAA2C,GAAA,EAAI;AAAA,EAC/C,YAAA,GAAqD,IAAA;AAAA,EACrD,KAAA,GAAmB;AAAA,IACzB,MAAA,EAAQ,SAAA;AAAA,IACR,IAAA,EAAM,IAAA;AAAA,IACN,MAAA,EAAQ,IAAA;AAAA,IACR,KAAA,EAAO;AAAA,GACT;AAAA,EAEA,YAAY,MAAA,EAA2B;AACrC,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,MAAA,EAAQ,cAAA;AAAA,MACR,MAAA,EAAQ,cAAA;AAAA,MACR,OAAA,EAAS,cAAA;AAAA,MACT,WAAA,EAAa,IAAA;AAAA,MACb,gBAAA,EAAkB,EAAA;AAAA,MAClB,KAAA,EAAO,KAAA;AAAA,MACP,GAAG;AAAA,KACL;AAEA,IAAA,MAAM,UACJ,MAAA,CAAO,aAAA,IACP,cAAc,IAAA,CAAK,MAAA,CAAO,WAAW,cAAc,CAAA;AACrD,IAAA,IAAA,CAAK,YAAA,GAAe,IAAI,YAAA,CAAa,OAAO,CAAA;AAAA,EAC9C;AAAA;AAAA,EAGA,MAAM,UAAA,GAAiC;AACrC,IAAA,IAAA,CAAK,IAAI,6BAA6B,CAAA;AAEtC,IAAA,IAAI;AACF,MAAA,IAAI,IAAA,CAAK,YAAW,EAAG;AACrB,QAAA,IAAA,CAAK,IAAI,4BAA4B,CAAA;AACrC,QAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,cAAA,EAAe;AACzC,QAAA,IAAI,MAAA,CAAO,OAAA,IAAW,MAAA,CAAO,IAAA,IAAQ,OAAO,MAAA,EAAQ;AAClD,UAAA,IAAA,CAAK,WAAA,CAAY;AAAA,YACf,MAAA,EAAQ,eAAA;AAAA,YACR,MAAM,MAAA,CAAO,IAAA;AAAA,YACb,QAAQ,MAAA,CAAO,MAAA;AAAA,YACf,KAAA,EAAO;AAAA,WACR,CAAA;AACD,UAAA,IAAA,CAAK,gBAAA,EAAiB;AAAA,QACxB,CAAA,MAAO;AACL,UAAA,IAAA,CAAK,WAAA,CAAY;AAAA,YACf,MAAA,EAAQ,iBAAA;AAAA,YACR,IAAA,EAAM,IAAA;AAAA,YACN,MAAA,EAAQ,IAAA;AAAA,YACR,KAAA,EAAO,OAAO,KAAA,IAAS;AAAA,WACxB,CAAA;AAAA,QACH;AAAA,MACF,CAAA,MAAO;AACL,QAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,EAAU;AACjD,QAAA,IAAI,MAAA,IAAU,OAAO,WAAA,EAAa;AAChC,UAAA,IAAI,CAAC,cAAA,CAAe,MAAA,CAAO,WAAW,CAAA,EAAG;AACvC,YAAA,IAAA,CAAK,IAAI,8BAA8B,CAAA;AACvC,YAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,WAAW,CAAA;AACpD,YAAA,IAAA,CAAK,WAAA,CAAY;AAAA,cACf,MAAA,EAAQ,eAAA;AAAA,cACR,IAAA;AAAA,cACA,MAAA;AAAA,cACA,KAAA,EAAO;AAAA,aACR,CAAA;AACD,YAAA,IAAA,CAAK,gBAAA,EAAiB;AAAA,UACxB,CAAA,MAAA,IAAW,OAAO,YAAA,EAAc;AAC9B,YAAA,IAAA,CAAK,IAAI,6CAA6C,CAAA;AACtD,YAAA,MAAM,KAAK,aAAA,EAAc;AAAA,UAC3B,CAAA,MAAO;AACL,YAAA,IAAA,CAAK,IAAI,mCAAmC,CAAA;AAC5C,YAAA,MAAM,IAAA,CAAK,aAAa,WAAA,EAAY;AACpC,YAAA,IAAA,CAAK,WAAA,CAAY;AAAA,cACf,MAAA,EAAQ,iBAAA;AAAA,cACR,IAAA,EAAM,IAAA;AAAA,cACN,MAAA,EAAQ,IAAA;AAAA,cACR,KAAA,EAAO;AAAA,aACR,CAAA;AAAA,UACH;AAAA,QACF,CAAA,MAAO;AACL,UAAA,IAAA,CAAK,IAAI,2BAA2B,CAAA;AACpC,UAAA,IAAA,CAAK,WAAA,CAAY;AAAA,YACf,MAAA,EAAQ,iBAAA;AAAA,YACR,IAAA,EAAM,IAAA;AAAA,YACN,MAAA,EAAQ,IAAA;AAAA,YACR,KAAA,EAAO;AAAA,WACR,CAAA;AAAA,QACH;AAAA,MACF;AAEA,MAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,aAAA,EAAe,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,IAAA,CAAK,GAAA,CAAI,yBAAyB,KAAK,CAAA;AACvC,MAAA,IAAA,CAAK,WAAA,CAAY;AAAA,QACf,MAAA,EAAQ,iBAAA;AAAA,QACR,IAAA,EAAM,IAAA;AAAA,QACN,MAAA,EAAQ,IAAA;AAAA,QACR,KAAA,EACE,KAAA,YAAiB,SAAA,GACb,KAAA,GACA,IAAI,SAAA;AAAA,UACF,eAAA;AAAA,UACA,uBAAA;AAAA,UACA;AAAA;AACF,OACP,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAA,CAAK,KAAA;AAAA,EACd;AAAA;AAAA,EAGA,MAAM,KAAA,CAAM,OAAA,GAAwB,EAAC,EAAkB;AACrD,IAAA,IAAA,CAAK,IAAI,wBAAwB,CAAA;AACjC,IAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,eAAA,EAAiB,CAAA;AAEnC,IAAA,IAAI;AACF,MAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAC1C,MAAA,MAAM,IAAA,GAAO,MAAM,gBAAA,EAAiB;AACpC,MAAA,MAAM,QAAQ,aAAA,EAAc;AAC5B,MAAA,MAAM,QAAQ,aAAA,EAAc;AAE5B,MAAA,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,CAAU,KAAK,CAAA;AACvC,MAAA,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,CAAU,KAAK,CAAA;AACvC,MAAA,MAAM,IAAA,CAAK,YAAA,CAAa,gBAAA,CAAiB,IAAA,CAAK,YAAY,CAAA;AAE1D,MAAA,IAAI,QAAQ,QAAA,EAAU;AACpB,QAAA,MAAM,IAAA,CAAK,YAAA,CAAa,YAAA,CAAa,OAAA,CAAQ,QAAQ,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,QACjC,aAAA,EAAe,MAAA;AAAA,QACf,SAAA,EAAW,KAAK,MAAA,CAAO,QAAA;AAAA,QACvB,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,QAC1B,KAAA,EAAO,IAAA,CAAK,MAAA,CAAO,MAAA,CAAQ,KAAK,GAAG,CAAA;AAAA,QACnC,KAAA;AAAA,QACA,KAAA;AAAA,QACA,gBAAgB,IAAA,CAAK,aAAA;AAAA,QACrB,uBAAuB,IAAA,CAAK,mBAAA;AAAA,QAC5B,GAAG,OAAA,CAAQ;AAAA,OACZ,CAAA;AAED,MAAA,IAAI,QAAQ,MAAA,EAAQ,MAAA,CAAO,GAAA,CAAI,QAAA,EAAU,QAAQ,MAAM,CAAA;AACvD,MAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,MAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,MAAA,IAAI,QAAQ,MAAA,KAAW,KAAA,CAAA;AACrB,QAAA,MAAA,CAAO,GAAA,CAAI,SAAA,EAAW,OAAA,CAAQ,MAAA,CAAO,UAAU,CAAA;AACjD,MAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AAEjE,MAAA,MAAM,OAAA,GAAU,CAAA,EAAG,SAAA,CAAU,sBAAsB,IAAI,MAAM,CAAA,CAAA;AAC7D,MAAA,IAAA,CAAK,GAAA,CAAI,mBAAmB,OAAO,CAAA;AAEnC,MAAA,MAAA,CAAO,SAAS,IAAA,GAAO,OAAA;AAAA,IACzB,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,SAAA,GACJ,KAAA,YAAiB,SAAA,GACb,KAAA,GACA,IAAI,SAAA;AAAA,QACF,qBAAA;AAAA,QACA,cAAA;AAAA,QACA;AAAA,OACF;AACN,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,aAAA,EAAe,KAAA,EAAO,WAAW,CAAA;AACnD,MAAA,MAAM,SAAA;AAAA,IACR;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,MAAA,CAAO,OAAA,GAAyB,EAAC,EAAkB;AACvD,IAAA,IAAA,CAAK,IAAI,oBAAoB,CAAA;AAC7B,IAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,gBAAA,EAAkB,CAAA;AAEpC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,CAAK,aAAa,QAAA,EAAS;AACjC,MAAA,IAAA,CAAK,gBAAA,EAAiB;AAEtB,MAAA,IAAA,CAAK,WAAA,CAAY;AAAA,QACf,MAAA,EAAQ,iBAAA;AAAA,QACR,IAAA,EAAM,IAAA;AAAA,QACN,MAAA,EAAQ,IAAA;AAAA,QACR,KAAA,EAAO;AAAA,OACR,CAAA;AAED,MAAA,IAAI,QAAQ,SAAA,EAAW;AACrB,QAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,gBAAA,EAAkB,CAAA;AACpC,QAAA;AAAA,MACF;AAEA,MAAA,IAAI,OAAA,CAAQ,cAAc,KAAA,EAAO;AAC/B,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAC1C,QAAA,IAAI,UAAU,oBAAA,EAAsB;AAClC,UAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,UAAA,IAAI,IAAA,CAAK,KAAA,CAAM,MAAA,EAAQ,OAAA,EAAS;AAC9B,YAAA,MAAA,CAAO,GAAA,CAAI,eAAA,EAAiB,IAAA,CAAK,KAAA,CAAM,OAAO,OAAO,CAAA;AAAA,UACvD;AACA,UAAA,IAAI,OAAA,CAAQ,QAAA,IAAY,IAAA,CAAK,MAAA,CAAO,qBAAA,EAAuB;AACzD,YAAA,MAAA,CAAO,GAAA;AAAA,cACL,0BAAA;AAAA,cACA,OAAA,CAAQ,QAAA,IAAY,IAAA,CAAK,MAAA,CAAO;AAAA,aAClC;AAAA,UACF;AACA,UAAA,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA;AAE5C,UAAA,MAAM,SAAA,GAAY,CAAA,EAAG,SAAA,CAAU,oBAAoB,IAAI,MAAM,CAAA,CAAA;AAC7D,UAAA,IAAA,CAAK,GAAA,CAAI,0BAA0B,SAAS,CAAA;AAC5C,UAAA,MAAA,CAAO,SAAS,IAAA,GAAO,SAAA;AACvB,UAAA;AAAA,QACF;AAAA,MACF;AAEA,MAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,gBAAA,EAAkB,CAAA;AAEpC,MAAA,IAAI,QAAQ,QAAA,EAAU;AACpB,QAAA,MAAA,CAAO,QAAA,CAAS,OAAO,OAAA,CAAQ,QAAA;AAAA,MACjC;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,SAAA,GACJ,iBAAiB,SAAA,GACb,KAAA,GACA,IAAI,SAAA,CAAU,eAAA,EAAiB,iBAAiB,KAAc,CAAA;AACpE,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,cAAA,EAAgB,KAAA,EAAO,WAAW,CAAA;AACpD,MAAA,MAAM,SAAA;AAAA,IACR;AAAA,EACF;AAAA;AAAA,EAGA,UAAA,GAAsB;AACpB,IAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AACzD,IAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AAAA,EACjD;AAAA;AAAA,EAGA,MAAM,cAAA,GAA0C;AAC9C,IAAA,IAAA,CAAK,IAAI,wBAAwB,CAAA;AAEjC,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,OAAO,IAAI,SAAA;AAAA,UACT,qBAAA;AAAA,UACA;AAAA;AACF,OACF;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AACzD,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,GAAA,CAAI,MAAM,CAAA;AAC9B,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AACrC,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AACrC,IAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,GAAA,CAAI,mBAAmB,CAAA;AAEvD,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,QAAQ,IAAI,SAAA;AAAA,QAChB,UAAA;AAAA,QACA,gBAAA,IAAoB;AAAA,OACtB;AACA,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAM;AAAA,IACjC;AAEA,IAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,YAAA,CAAa,QAAA,EAAS;AACpD,IAAA,IAAI,CAAC,UAAA,IAAc,UAAA,KAAe,UAAA,EAAY;AAC5C,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,IAAI,SAAA,CAAU,gBAAA,EAAkB,0BAA0B;AAAA,OACnE;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,OAAO,IAAI,SAAA;AAAA,UACT,iBAAA;AAAA,UACA;AAAA;AACF,OACF;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,eAAA,EAAgB;AAC7D,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,IAAI,SAAA,CAAU,YAAA,EAAc,wBAAwB;AAAA,OAC7D;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,YAAY,CAAA;AACzD,MAAA,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,CAAU,MAAM,CAAA;AACxC,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,WAAW,CAAA;AACpD,MAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,YAAA,CAAa,WAAA,EAAY;AAErD,MAAA,MAAM,IAAA,CAAK,aAAa,UAAA,EAAW;AACnC,MAAA,MAAM,IAAA,CAAK,aAAa,UAAA,EAAW;AACnC,MAAA,MAAM,IAAA,CAAK,aAAa,iBAAA,EAAkB;AAC1C,MAAA,MAAM,IAAA,CAAK,aAAa,aAAA,EAAc;AAEtC,MAAA,MAAA,CAAO,QAAQ,YAAA,CAAa,IAAI,EAAA,EAAI,MAAA,CAAO,SAAS,QAAQ,CAAA;AAE5D,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,eAAA,EAAiB,IAAA,EAAM,QAAQ,CAAA;AAEjD,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAM,MAAA,EAAQ,QAAA,EAAU,YAAY,KAAA,CAAA,EAAU;AAAA,IACxE,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,SAAA,GACJ,KAAA,YAAiB,SAAA,GACb,KAAA,GACA,IAAI,SAAA;AAAA,QACF,eAAA;AAAA,QACA,uBAAA;AAAA,QACA;AAAA,OACF;AACN,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,aAAA,EAAe,KAAA,EAAO,WAAW,CAAA;AACnD,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,SAAA,EAAU;AAAA,IAC5C;AAAA,EACF;AAAA,EAEA,MAAc,YAAA,CACZ,IAAA,EACA,YAAA,EACoB;AACpB,IAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAE1C,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,CAAU,cAAA,EAAgB;AAAA,MACrD,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,UAAA,EAAY,oBAAA;AAAA,QACZ,IAAA;AAAA,QACA,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,QAC1B,SAAA,EAAW,KAAK,MAAA,CAAO,QAAA;AAAA,QACvB,aAAA,EAAe;AAAA,OAChB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,MAAA,MAAM,IAAI,SAAA;AAAA,QACR,MAAM,KAAA,IAAS,eAAA;AAAA,QACf,MAAM,iBAAA,IAAqB;AAAA,OAC7B;AAAA,IACF;AAEA,IAAA,MAAM,QAAA,GAAqB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC/C,IAAA,OAAO,IAAA,CAAK,eAAe,QAAQ,CAAA;AAAA,EACrC;AAAA;AAAA,EAGA,MAAM,aAAA,GAAoC;AACxC,IAAA,IAAA,CAAK,IAAI,sBAAsB,CAAA;AAE/B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,EAAU;AACjD,IAAA,IAAI,CAAC,QAAQ,YAAA,EAAc;AACzB,MAAA,MAAM,IAAI,SAAA,CAAU,sBAAA,EAAwB,4BAA4B,CAAA;AAAA,IAC1E;AAEA,IAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAE1C,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,CAAU,cAAA,EAAgB;AAAA,MACrD,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,UAAA,EAAY,eAAA;AAAA,QACZ,eAAe,MAAA,CAAO,YAAA;AAAA,QACtB,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,OACxB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,MAAA,MAAM,YAAY,IAAI,SAAA;AAAA,QACpB,MAAM,KAAA,IAAS,sBAAA;AAAA,QACf,MAAM,iBAAA,IAAqB;AAAA,OAC7B;AACA,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,qBAAA,EAAuB,KAAA,EAAO,WAAW,CAAA;AAC3D,MAAA,MAAM,IAAA,CAAK,aAAa,WAAA,EAAY;AACpC,MAAA,IAAA,CAAK,WAAA,CAAY;AAAA,QACf,MAAA,EAAQ,iBAAA;AAAA,QACR,IAAA,EAAM,IAAA;AAAA,QACN,MAAA,EAAQ,IAAA;AAAA,QACR,KAAA,EAAO;AAAA,OACR,CAAA;AACD,MAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,iBAAA,EAAmB,CAAA;AACrC,MAAA,MAAM,SAAA;AAAA,IACR;AAEA,IAAA,MAAM,QAAA,GAAqB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC/C,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,cAAA,CAAe,QAAQ,CAAA;AAC9C,IAAA,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,CAAU,SAAS,CAAA;AAE3C,IAAA,MAAM,IAAA,GAAO,UAAU,OAAA,GACnB,IAAA,CAAK,uBAAuB,SAAA,CAAU,OAAO,CAAA,GAC7C,IAAA,CAAK,KAAA,CAAM,IAAA;AAEf,IAAA,IAAA,CAAK,WAAA,CAAY,EAAE,GAAG,IAAA,CAAK,OAAO,MAAA,EAAQ,SAAA,EAAW,MAAM,CAAA;AAC3D,IAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,iBAAA,EAAmB,MAAA,EAAQ,WAAW,CAAA;AACxD,IAAA,IAAA,CAAK,gBAAA,EAAiB;AAEtB,IAAA,OAAO,SAAA;AAAA,EACT;AAAA;AAAA,EAGA,MAAM,cAAA,GAAyC;AAC7C,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,EAAU;AACjD,IAAA,IAAI,CAAC,QAAQ,OAAO,IAAA;AAEpB,IAAA,IAAI,cAAA,CAAe,MAAA,CAAO,WAAW,CAAA,EAAG;AACtC,MAAA,IAAI,OAAO,YAAA,EAAc;AACvB,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,aAAA,EAAc;AAC3C,QAAA,OAAO,SAAA,CAAU,WAAA;AAAA,MACnB;AACA,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,OAAO,MAAA,CAAO,WAAA;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAA,CAAc,OAAA,GAAgC,EAAC,EAAS;AACtD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,qBAAA,CAAsB,OAAO,CAAA;AAC9C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,qBAAA,CAAsB,OAAA,GAAgC,EAAC,EAAY;AACjE,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,iBAAA,EAAmB,MAAM,CAAA;AAAA,EACrD;AAAA;AAAA,EAGA,UAAA,CAAW,OAAA,GAA6B,EAAC,EAAS;AAChD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,kBAAA,CAAmB,OAAO,CAAA;AAC3C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,kBAAA,CAAmB,OAAA,GAA6B,EAAC,EAAY;AAC3D,IAAA,MAAM,SAAS,IAAI,eAAA,CAAgB,EAAE,WAAA,EAAa,QAAQ,CAAA;AAC1D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,QAAA,EAAU,MAAM,CAAA;AAAA,EAC5C;AAAA;AAAA,EAGA,QAAA,CAAS,OAAA,GAA2B,EAAC,EAAS;AAC5C,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,gBAAA,CAAiB,OAAO,CAAA;AACzC,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,gBAAA,CAAiB,OAAA,GAA2B,EAAC,EAAY;AACvD,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,KAAA,EAAO,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,QAAQ,KAAK,CAAA;AACpD,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,WAAA,EAAa,MAAM,CAAA;AAAA,EAC/C;AAAA;AAAA,EAGA,cAAA,CAAe,OAAA,GAAiC,EAAC,EAAS;AACxD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,sBAAA,CAAuB,OAAO,CAAA;AAC/C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,sBAAA,CAAuB,OAAA,GAAiC,EAAC,EAAY;AACnE,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,KAAA,EAAO,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,QAAQ,KAAK,CAAA;AACpD,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,kBAAA,EAAoB,MAAM,CAAA;AAAA,EACtD;AAAA;AAAA,EAGA,aAAA,CAAc,OAAA,GAAgC,EAAC,EAAS;AACtD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,qBAAA,CAAsB,OAAO,CAAA;AAC9C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,qBAAA,CAAsB,OAAA,GAAgC,EAAC,EAAY;AACjE,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,KAAA,EAAO,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,QAAQ,KAAK,CAAA;AACpD,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,iBAAA,EAAmB,MAAM,CAAA;AAAA,EACrD;AAAA;AAAA,EAGA,cAAA,CAAe,OAAA,GAAiC,EAAC,EAAS;AACxD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,sBAAA,CAAuB,OAAO,CAAA;AAC/C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,sBAAA,CAAuB,OAAA,GAAiC,EAAC,EAAY;AACnE,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,OAAA,CAAQ,MAAA,EAAQ,MAAA,EAAQ,MAAA,CAAO,GAAA,CAAI,SAAS,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,GAAG,CAAC,CAAA;AACxE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,kBAAA,EAAoB,MAAM,CAAA;AAAA,EACtD;AAAA;AAAA,EAGA,YAAA,CAAa,OAAA,GAA+B,EAAC,EAAS;AACpD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,oBAAA,CAAqB,OAAO,CAAA;AAC7C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,oBAAA,CAAqB,OAAA,GAA+B,EAAC,EAAY;AAC/D,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,gBAAA,EAAkB,MAAM,CAAA;AAAA,EACpD;AAAA;AAAA,EAGA,YAAA,CAAa,OAAA,GAA+B,EAAC,EAAS;AACpD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,oBAAA,CAAqB,OAAO,CAAA;AAC7C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,oBAAA,CAAqB,OAAA,GAA+B,EAAC,EAAY;AAC/D,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,gBAAA,EAAkB,MAAM,CAAA;AAAA,EACpD;AAAA;AAAA,EAGA,aAAA,CAAc,OAAA,GAAwB,EAAC,EAAY;AACjD,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,QAAQ,SAAS,CAAA;AAC5D,IAAA,IAAI,QAAQ,MAAA,EAAQ,MAAA,CAAO,GAAA,CAAI,QAAA,EAAU,QAAQ,MAAM,CAAA;AACvD,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,QAAA,EAAU,MAAM,CAAA;AAAA,EAC5C;AAAA;AAAA,EAGA,cAAA,CAAe,OAAA,GAAyB,EAAC,EAAY;AACnD,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,SAAA,EAAW,MAAM,CAAA;AAAA,EAC7C;AAAA;AAAA,EAGA,MAAM,WAAA,CAAY,OAAA,GAA8B,EAAC,EAAkB;AACjE,IAAA,IAAA,CAAK,IAAI,mBAAmB,CAAA;AAE5B,IAAA,MAAM,QACJ,OAAA,CAAQ,KAAA,IAAA,CAAU,MAAM,IAAA,CAAK,YAAA,CAAa,WAAU,GAAI,WAAA;AAC1D,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA,CAAU,eAAA,EAAiB,oBAAoB,CAAA;AAAA,IAC3D;AAEA,IAAA,MAAM,SAAA,GAAY,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA,aAAA,CAAA;AAEvC,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,KAAA;AAAA,MACA,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AACD,IAAA,IAAI,QAAQ,aAAA,EAAe;AACzB,MAAA,IAAA,CAAK,GAAA,CAAI,iBAAA,EAAmB,OAAA,CAAQ,aAAa,CAAA;AAAA,IACnD;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,MACtC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D;AAAA,KACD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,MAAA,MAAM,IAAI,SAAA;AAAA,QACR,MAAM,KAAA,IAAS,cAAA;AAAA,QACf,MAAM,iBAAA,IAAqB;AAAA,OAC7B;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,IAAI,4BAA4B,CAAA;AAAA,EACvC;AAAA;AAAA,EAGA,gBAAA,GAA4B;AAC1B,IAAA,IAAI,CAAC,IAAA,CAAK,KAAA,CAAM,MAAA,EAAQ,OAAO,IAAA;AAC/B,IAAA,OAAO,cAAA,CAAe,IAAA,CAAK,KAAA,CAAM,MAAA,CAAO,WAAW,CAAA;AAAA,EACrD;AAAA;AAAA,EAGA,sBAAA,GAAkC;AAChC,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,IAAA,EAAM,aAAA,KAAkB,KAAA;AAAA,EAC5C;AAAA;AAAA,EAGA,cAAA,GAA0B;AACxB,IAAA,OACG,IAAA,CAAK,KAAA,CAAM,IAAA,EAAkC,WAAA,KAAgB,OAAA;AAAA,EAElE;AAAA,EAEQ,eAAe,QAAA,EAA+B;AACpD,IAAA,OAAO;AAAA,MACL,aAAa,QAAA,CAAS,YAAA;AAAA,MACtB,cAAc,QAAA,CAAS,aAAA;AAAA,MACvB,SAAS,QAAA,CAAS,QAAA;AAAA,MAClB,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,GAAI,SAAS,UAAA,GAAa,GAAA;AAAA,MAC9C,WAAW,QAAA,CAAS,UAAA;AAAA,MACpB,OAAO,QAAA,CAAS,KAAA,EAAO,KAAA,CAAM,GAAG,KAAK;AAAC,KACxC;AAAA,EACF;AAAA;AAAA,EAGQ,aAAA,CAAc,MAAc,MAAA,EAAkC;AACpE,IAAA,MAAM,KAAA,GAAQ,OAAO,QAAA,EAAS;AAC9B,IAAA,MAAM,GAAA,GAAM,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA,EAAG,IAAI,CAAA,EAAG,KAAA,GAAQ,CAAA,CAAA,EAAI,KAAK,CAAA,CAAA,GAAK,EAAE,CAAA,CAAA;AACnE,IAAA,OAAO;AAAA,MACL,GAAA;AAAA,MACA,UAAU,MAAM;AACd,QAAA,MAAA,CAAO,SAAS,IAAA,GAAO,GAAA;AAAA,MACzB,CAAA;AAAA,MACA,MAAM,MAAM;AACV,QAAA,OAAO,MAAA,CAAO,IAAA,CAAK,GAAA,EAAK,QAAQ,CAAA;AAAA,MAClC;AAAA,KACF;AAAA,EACF;AAAA;AAAA,EAGQ,QAAA,CAAS,SAAkB,OAAA,EAAsC;AACvE,IAAA,IAAI,QAAQ,YAAA,EAAc;AACxB,MAAA,OAAA,CAAQ,IAAA,EAAK;AAAA,IACf,CAAA,MAAO;AACL,MAAA,OAAA,CAAQ,QAAA,EAAS;AAAA,IACnB;AAAA,EACF;AAAA,EAEA,MAAc,UAAU,WAAA,EAAoC;AAC1D,IAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAE1C,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,CAAU,iBAAA,EAAmB;AAAA,MACxD,OAAA,EAAS,EAAE,aAAA,EAAe,CAAA,OAAA,EAAU,WAAW,CAAA,CAAA;AAAG,KACnD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,IAAI,SAAA,CAAU,eAAA,EAAiB,2BAA2B,CAAA;AAAA,IAClE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,QAAA,CAAS,IAAA,EAAK;AACrC,IAAA,OAAO,IAAA,CAAK,cAAc,QAAQ,CAAA;AAAA,EACpC;AAAA,EAEQ,uBAAuB,OAAA,EAAuB;AACpD,IAAA,MAAM,MAAA,GAAS,UAA0B,OAAO,CAAA;AAChD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEQ,cAAc,MAAA,EAAuC;AAC3D,IAAA,OAAO;AAAA,MACL,IAAI,MAAA,CAAO,GAAA;AAAA,MACX,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,eAAe,MAAA,CAAO,cAAA;AAAA,MACtB,MAAM,MAAA,CAAO,IAAA;AAAA,MACb,WAAW,MAAA,CAAO,UAAA;AAAA,MAClB,UAAU,MAAA,CAAO,WAAA;AAAA,MACjB,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,aAAa,MAAA,CAAO,YAAA;AAAA,MACpB,qBAAqB,MAAA,CAAO,qBAAA;AAAA,MAC5B,QAAQ,MAAA,CAAO,MAAA;AAAA,MACf,GAAG;AAAA,KACL;AAAA,EACF;AAAA,EAEA,MAAc,YAAA,GAAuC;AACnD,IAAA,IAAI,IAAA,CAAK,SAAA,EAAW,OAAO,IAAA,CAAK,SAAA;AAChC,IAAA,MAAM,YAAA,GAAe,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA,iCAAA,CAAA;AAC1C,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,YAAY,CAAA;AACzC,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,IAAI,SAAA;AAAA,QACR,qBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AACA,IAAA,IAAA,CAAK,SAAA,GAAY,MAAM,QAAA,CAAS,IAAA,EAAK;AACrC,IAAA,OAAO,IAAA,CAAK,SAAA;AAAA,EACd;AAAA,EAEQ,gBAAA,GAAyB;AAC/B,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,eAAe,CAAC,IAAA,CAAK,MAAM,MAAA,EAAQ;AACpD,IAAA,IAAA,CAAK,gBAAA,EAAiB;AACtB,IAAA,MAAM,YAAY,IAAA,CAAK,KAAA,CAAM,MAAA,CAAO,SAAA,GAAY,KAAK,GAAA,EAAI;AACzD,IAAA,MAAM,SAAA,GAAY,SAAA,GAAY,IAAA,CAAK,MAAA,CAAO,gBAAA,GAAoB,GAAA;AAC9D,IAAA,IAAI,YAAY,CAAA,EAAG;AACjB,MAAA,IAAA,CAAK,IAAI,CAAA,4BAAA,EAA+B,IAAA,CAAK,MAAM,SAAA,GAAY,GAAI,CAAC,CAAA,CAAA,CAAG,CAAA;AACvE,MAAA,IAAA,CAAK,YAAA,GAAe,WAAW,MAAM;AACnC,QAAA,IAAA,CAAK,eAAc,CAAE,KAAA;AAAA,UAAM,CAAC,KAAA,KAC1B,IAAA,CAAK,GAAA,CAAI,wBAAwB,KAAK;AAAA,SACxC;AAAA,MACF,GAAG,SAAS,CAAA;AAAA,IACd;AAAA,EACF;AAAA,EAEQ,gBAAA,GAAyB;AAC/B,IAAA,IAAI,KAAK,YAAA,EAAc;AACrB,MAAA,YAAA,CAAa,KAAK,YAAY,CAAA;AAC9B,MAAA,IAAA,CAAK,YAAA,GAAe,IAAA;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,QAAA,GAAsB;AACpB,IAAA,OAAO,EAAE,GAAG,IAAA,CAAK,KAAA,EAAM;AAAA,EACzB;AAAA,EAEA,eAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,MAAM,MAAA,KAAW,eAAA;AAAA,EAC/B;AAAA,EAEA,OAAA,GAAuB;AACrB,IAAA,OAAO,KAAK,KAAA,CAAM,IAAA;AAAA,EACpB;AAAA,EAEA,UAAU,OAAA,EAAuC;AAC/C,IAAA,IAAA,CAAK,aAAA,CAAc,IAAI,OAAO,CAAA;AAC9B,IAAA,OAAO,MAAM,IAAA,CAAK,aAAA,CAAc,MAAA,CAAO,OAAO,CAAA;AAAA,EAChD;AAAA,EAEQ,YAAY,QAAA,EAA2B;AAC7C,IAAA,IAAA,CAAK,KAAA,GAAQ,QAAA;AAAA,EACf;AAAA,EAEQ,KAAK,KAAA,EAAwB;AACnC,IAAA,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,CAAC,OAAA,KAAY;AACtC,MAAA,IAAI;AACF,QAAA,OAAA,CAAQ,KAAK,CAAA;AAAA,MACf,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,wBAAwB,KAAK,CAAA;AAAA,MAC7C;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA,EAEQ,OAAO,IAAA,EAAuB;AACpC,IAAA,IAAI,IAAA,CAAK,OAAO,KAAA,EAAO;AACrB,MAAA,OAAA,CAAQ,GAAA,CAAI,eAAA,EAAiB,GAAG,IAAI,CAAA;AAAA,IACtC;AAAA,EACF;AACF;AAGO,SAAS,kBACd,MAAA,EACmB;AACnB,EAAA,OAAO,IAAI,kBAAkB,MAAM,CAAA;AACrC","file":"index.js","sourcesContent":["/**\n * @douvery/auth - Core Types\n * OAuth 2.0/OIDC type definitions\n */\n\n// ============================================\n// Configuration Types\n// ============================================\n\nexport interface DouveryAuthConfig {\n /** OAuth Client ID */\n clientId: string;\n /** Authorization server base URL @default \"https://auth.douvery.com\" */\n issuer?: string;\n /** Redirect URI after authentication */\n redirectUri: string;\n /** Post-logout redirect URI */\n postLogoutRedirectUri?: string;\n /** OAuth scopes to request @default [\"openid\", \"profile\", \"email\"] */\n scopes?: string[];\n /** Token storage strategy @default \"localStorage\" */\n storage?: \"localStorage\" | \"sessionStorage\" | \"memory\" | \"cookie\";\n /** Custom storage implementation */\n customStorage?: TokenStorage;\n /** Auto-refresh tokens before expiry @default true */\n autoRefresh?: boolean;\n /** Seconds before expiry to trigger refresh @default 60 */\n refreshThreshold?: number;\n /** Enable debug logging @default false */\n debug?: boolean;\n}\n\n// ============================================\n// Token Types\n// ============================================\n\nexport interface TokenSet {\n access_token: string;\n token_type: string;\n expires_in: number;\n refresh_token?: string;\n id_token?: string;\n scope?: string;\n}\n\nexport interface TokenInfo {\n accessToken: string;\n refreshToken?: string;\n idToken?: string;\n expiresAt: number;\n tokenType: string;\n scope: string[];\n}\n\nexport interface DecodedIdToken {\n iss: string;\n sub: string;\n aud: string;\n exp: number;\n iat: number;\n auth_time?: number;\n nonce?: string;\n acr?: string;\n amr?: string[];\n azp?: string;\n at_hash?: string;\n c_hash?: string;\n name?: string;\n given_name?: string;\n family_name?: string;\n middle_name?: string;\n nickname?: string;\n preferred_username?: string;\n profile?: string;\n picture?: string;\n website?: string;\n email?: string;\n email_verified?: boolean;\n gender?: string;\n birthdate?: string;\n zoneinfo?: string;\n locale?: string;\n phone_number?: string;\n phone_number_verified?: boolean;\n address?: {\n formatted?: string;\n street_address?: string;\n locality?: string;\n region?: string;\n postal_code?: string;\n country?: string;\n };\n updated_at?: number;\n [key: string]: unknown;\n}\n\n// ============================================\n// User Types\n// ============================================\n\nexport interface User {\n id: string;\n email?: string;\n emailVerified?: boolean;\n name?: string;\n firstName?: string;\n lastName?: string;\n picture?: string;\n phoneNumber?: string;\n phoneNumberVerified?: boolean;\n locale?: string;\n [key: string]: unknown;\n}\n\n// ============================================\n// Auth State Types\n// ============================================\n\nexport type AuthStatus = \"loading\" | \"authenticated\" | \"unauthenticated\";\n\nexport interface AuthState {\n status: AuthStatus;\n user: User | null;\n tokens: TokenInfo | null;\n error: AuthError | null;\n}\n\n// ============================================\n// PKCE Types\n// ============================================\n\nexport interface PKCEPair {\n codeVerifier: string;\n codeChallenge: string;\n codeChallengeMethod: \"S256\";\n}\n\nexport interface AuthorizationParams {\n state: string;\n nonce: string;\n codeVerifier: string;\n codeChallenge: string;\n redirectUri: string;\n}\n\n// ============================================\n// Storage Types\n// ============================================\n\nexport interface TokenStorage {\n get(key: string): string | null | Promise<string | null>;\n set(key: string, value: string): void | Promise<void>;\n remove(key: string): void | Promise<void>;\n clear(): void | Promise<void>;\n}\n\nexport interface StorageKeys {\n accessToken: string;\n refreshToken: string;\n idToken: string;\n expiresAt: string;\n state: string;\n nonce: string;\n codeVerifier: string;\n returnTo: string;\n}\n\n// ============================================\n// Event Types\n// ============================================\n\nexport type AuthEvent =\n | { type: \"INITIALIZED\" }\n | { type: \"LOGIN_STARTED\" }\n | { type: \"LOGIN_SUCCESS\"; user: User; tokens: TokenInfo }\n | { type: \"LOGIN_ERROR\"; error: AuthError }\n | { type: \"LOGOUT_STARTED\" }\n | { type: \"LOGOUT_SUCCESS\" }\n | { type: \"LOGOUT_ERROR\"; error: AuthError }\n | { type: \"TOKEN_REFRESHED\"; tokens: TokenInfo }\n | { type: \"TOKEN_REFRESH_ERROR\"; error: AuthError }\n | { type: \"SESSION_EXPIRED\" };\n\nexport type AuthEventHandler = (event: AuthEvent) => void;\n\n// ============================================\n// Error Types\n// ============================================\n\nexport class AuthError extends Error {\n constructor(\n public code: AuthErrorCode,\n message: string,\n public cause?: Error,\n ) {\n super(message);\n this.name = \"AuthError\";\n }\n}\n\nexport type AuthErrorCode =\n | \"invalid_request\"\n | \"invalid_client\"\n | \"invalid_grant\"\n | \"unauthorized_client\"\n | \"unsupported_grant_type\"\n | \"invalid_scope\"\n | \"access_denied\"\n | \"server_error\"\n | \"temporarily_unavailable\"\n | \"login_required\"\n | \"consent_required\"\n | \"interaction_required\"\n | \"invalid_token\"\n | \"insufficient_scope\"\n | \"token_expired\"\n | \"token_refresh_failed\"\n | \"pkce_error\"\n | \"state_mismatch\"\n | \"nonce_mismatch\"\n | \"network_error\"\n | \"configuration_error\"\n | \"unknown_error\";\n\n// ============================================\n// Discovery Types\n// ============================================\n\nexport interface OIDCDiscovery {\n issuer: string;\n authorization_endpoint: string;\n token_endpoint: string;\n userinfo_endpoint: string;\n jwks_uri: string;\n revocation_endpoint?: string;\n introspection_endpoint?: string;\n end_session_endpoint?: string;\n registration_endpoint?: string;\n scopes_supported: string[];\n response_types_supported: string[];\n response_modes_supported?: string[];\n grant_types_supported: string[];\n token_endpoint_auth_methods_supported?: string[];\n subject_types_supported: string[];\n id_token_signing_alg_values_supported: string[];\n claims_supported?: string[];\n code_challenge_methods_supported?: string[];\n}\n\n// ============================================\n// Callback Types\n// ============================================\n\nexport interface CallbackParams {\n code?: string;\n state?: string;\n error?: string;\n error_description?: string;\n}\n\nexport interface CallbackResult {\n success: boolean;\n user?: User;\n tokens?: TokenInfo;\n error?: AuthError;\n returnTo?: string;\n}\n\n// ============================================\n// Login Options\n// ============================================\n\nexport interface LoginOptions {\n /** URL to return to after login */\n returnTo?: string;\n /** Additional authorization parameters */\n authorizationParams?: Record<string, string>;\n /** Prompt parameter (none, login, consent, select_account) */\n prompt?: \"none\" | \"login\" | \"consent\" | \"select_account\";\n /** Login hint (email or identifier) */\n loginHint?: string;\n /** UI locales preference */\n uiLocales?: string;\n /** Maximum authentication age in seconds */\n maxAge?: number;\n /** ACR values requested */\n acrValues?: string;\n}\n\nexport interface LogoutOptions {\n /** URL to return to after logout */\n returnTo?: string;\n /** Whether to federate logout (end session at IdP) @default true */\n federated?: boolean;\n /** Only clear local session, don't redirect @default false */\n localOnly?: boolean;\n}\n\n// ============================================\n// Navigation Options\n// ============================================\n\n/** Base options for all auth navigation redirects */\nexport interface AuthNavigationOptions {\n /** URL to return to after the action completes */\n returnTo?: string;\n /** OAuth client_id for branded experiences */\n clientId?: string;\n /** Open in a new tab/window instead of redirecting */\n openInNewTab?: boolean;\n}\n\nexport interface SelectAccountOptions extends AuthNavigationOptions {\n /** Pre-select a specific email/account */\n loginHint?: string;\n}\n\nexport interface RegisterOptions extends AuthNavigationOptions {\n /** Pre-fill email on register form */\n email?: string;\n /** Pre-fill first name */\n firstName?: string;\n /** Pre-fill last name */\n lastName?: string;\n /** UI locale preference */\n uiLocales?: string;\n}\n\nexport interface RecoverAccountOptions extends AuthNavigationOptions {\n /** Pre-fill email for recovery */\n email?: string;\n}\n\nexport interface VerifyAccountOptions extends AuthNavigationOptions {\n /** Email to verify */\n email?: string;\n}\n\nexport interface UpgradeAccountOptions extends AuthNavigationOptions {\n /** Scopes to request on upgrade */\n scopes?: string[];\n}\n\nexport interface SetupPasskeyOptions extends AuthNavigationOptions {}\n\nexport interface SetupAddressOptions extends AuthNavigationOptions {}\n\nexport interface AddAccountOptions extends AuthNavigationOptions {\n /** Pre-fill email hint for the new account */\n loginHint?: string;\n}\n\nexport interface RevokeTokenOptions {\n /** Specific token to revoke. If not provided, revokes current access token */\n token?: string;\n /** Token type hint: \"access_token\" or \"refresh_token\" */\n tokenTypeHint?: \"access_token\" | \"refresh_token\";\n}\n\n/** Result of URL builder methods (non-redirecting) */\nexport interface AuthUrl {\n /** The full URL */\n url: string;\n /** Open the URL via redirect */\n redirect: () => void;\n /** Open the URL in a new tab */\n open: () => Window | null;\n}\n","/**\n * @douvery/auth - PKCE Utilities\n * RFC 7636 - Proof Key for Code Exchange\n */\n\nimport type { PKCEPair } from \"./types\";\n\n/** Generate a cryptographically random string for use as code_verifier */\nexport function generateCodeVerifier(length: number = 64): string {\n const charset =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~\";\n const randomValues = crypto.getRandomValues(new Uint8Array(length));\n return Array.from(randomValues)\n .map((v) => charset[v % charset.length])\n .join(\"\");\n}\n\n/** Generate a random state parameter for CSRF protection */\nexport function generateState(): string {\n return generateCodeVerifier(32);\n}\n\n/** Generate a random nonce for replay attack protection */\nexport function generateNonce(): string {\n return generateCodeVerifier(32);\n}\n\n/** Create SHA-256 hash and encode as base64url */\nexport async function generateCodeChallenge(verifier: string): Promise<string> {\n const encoder = new TextEncoder();\n const data = encoder.encode(verifier);\n const hashBuffer = await crypto.subtle.digest(\"SHA-256\", data);\n return base64UrlEncode(hashBuffer);\n}\n\n/** Encode ArrayBuffer as base64url (RFC 4648 Section 5) */\nexport function base64UrlEncode(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = \"\";\n for (let i = 0; i < bytes.length; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n const base64 = btoa(binary);\n return base64.replace(/\\+/g, \"-\").replace(/\\//g, \"_\").replace(/=+$/, \"\");\n}\n\n/** Decode base64url string to ArrayBuffer */\nexport function base64UrlDecode(input: string): ArrayBuffer {\n let base64 = input.replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padding = base64.length % 4;\n if (padding) {\n base64 += \"=\".repeat(4 - padding);\n }\n const binary = atob(base64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n}\n\n/** Generate a complete PKCE pair (verifier + challenge) */\nexport async function generatePKCEPair(): Promise<PKCEPair> {\n const codeVerifier = generateCodeVerifier();\n const codeChallenge = await generateCodeChallenge(codeVerifier);\n return {\n codeVerifier,\n codeChallenge,\n codeChallengeMethod: \"S256\",\n };\n}\n\n/** Verify a code_verifier against a code_challenge */\nexport async function verifyCodeChallenge(\n verifier: string,\n challenge: string,\n method: \"S256\" | \"plain\" = \"S256\",\n): Promise<boolean> {\n if (method === \"plain\") {\n return verifier === challenge;\n }\n const computedChallenge = await generateCodeChallenge(verifier);\n return computedChallenge === challenge;\n}\n\n/** Parse and decode a JWT token (without verification) */\nexport function decodeJWT<T = Record<string, unknown>>(token: string): T {\n const parts = token.split(\".\");\n if (parts.length !== 3) {\n throw new Error(\"Invalid JWT format\");\n }\n const payload = parts[1];\n const decoded = base64UrlDecode(payload);\n const text = new TextDecoder().decode(decoded);\n return JSON.parse(text) as T;\n}\n\n/** Check if a JWT token is expired */\nexport function isTokenExpired(token: string, clockSkew: number = 60): boolean {\n try {\n const payload = decodeJWT<{ exp?: number }>(token);\n if (!payload.exp) {\n return false;\n }\n const now = Math.floor(Date.now() / 1000);\n return payload.exp < now - clockSkew;\n } catch {\n return true;\n }\n}\n\n/** Get token expiration timestamp */\nexport function getTokenExpiration(token: string): number | null {\n try {\n const payload = decodeJWT<{ exp?: number }>(token);\n return payload.exp ? payload.exp * 1000 : null;\n } catch {\n return null;\n }\n}\n","/**\n * @douvery/auth - Token Storage\n * Abstraction for token persistence\n */\n\nimport type { TokenStorage, StorageKeys, TokenInfo } from \"./types\";\n\nconst DEFAULT_PREFIX = \"douvery_auth\";\n\nexport const STORAGE_KEYS: StorageKeys = {\n accessToken: `${DEFAULT_PREFIX}_access_token`,\n refreshToken: `${DEFAULT_PREFIX}_refresh_token`,\n idToken: `${DEFAULT_PREFIX}_id_token`,\n expiresAt: `${DEFAULT_PREFIX}_expires_at`,\n state: `${DEFAULT_PREFIX}_state`,\n nonce: `${DEFAULT_PREFIX}_nonce`,\n codeVerifier: `${DEFAULT_PREFIX}_code_verifier`,\n returnTo: `${DEFAULT_PREFIX}_return_to`,\n};\n\n/** In-memory storage implementation */\nexport class MemoryStorage implements TokenStorage {\n private store = new Map<string, string>();\n\n get(key: string): string | null {\n return this.store.get(key) ?? null;\n }\n\n set(key: string, value: string): void {\n this.store.set(key, value);\n }\n\n remove(key: string): void {\n this.store.delete(key);\n }\n\n clear(): void {\n this.store.clear();\n }\n}\n\n/** LocalStorage implementation */\nexport class LocalStorage implements TokenStorage {\n get(key: string): string | null {\n if (typeof window === \"undefined\") return null;\n return localStorage.getItem(key);\n }\n\n set(key: string, value: string): void {\n if (typeof window === \"undefined\") return;\n localStorage.setItem(key, value);\n }\n\n remove(key: string): void {\n if (typeof window === \"undefined\") return;\n localStorage.removeItem(key);\n }\n\n clear(): void {\n if (typeof window === \"undefined\") return;\n Object.values(STORAGE_KEYS).forEach((key) => {\n localStorage.removeItem(key);\n });\n }\n}\n\n/** SessionStorage implementation */\nexport class SessionStorage implements TokenStorage {\n get(key: string): string | null {\n if (typeof window === \"undefined\") return null;\n return sessionStorage.getItem(key);\n }\n\n set(key: string, value: string): void {\n if (typeof window === \"undefined\") return;\n sessionStorage.setItem(key, value);\n }\n\n remove(key: string): void {\n if (typeof window === \"undefined\") return;\n sessionStorage.removeItem(key);\n }\n\n clear(): void {\n if (typeof window === \"undefined\") return;\n Object.values(STORAGE_KEYS).forEach((key) => {\n sessionStorage.removeItem(key);\n });\n }\n}\n\n/** Cookie storage implementation (for SSR compatibility) */\nexport class CookieStorage implements TokenStorage {\n constructor(\n private options: {\n path?: string;\n domain?: string;\n secure?: boolean;\n sameSite?: \"Strict\" | \"Lax\" | \"None\";\n maxAge?: number;\n } = {},\n ) {\n this.options = { path: \"/\", secure: true, sameSite: \"Lax\", ...options };\n }\n\n get(key: string): string | null {\n if (typeof document === \"undefined\") return null;\n const cookies = document.cookie.split(\";\");\n for (const cookie of cookies) {\n const [name, value] = cookie.trim().split(\"=\");\n if (name === key) {\n return decodeURIComponent(value);\n }\n }\n return null;\n }\n\n set(key: string, value: string): void {\n if (typeof document === \"undefined\") return;\n const parts = [\n `${key}=${encodeURIComponent(value)}`,\n `path=${this.options.path}`,\n ];\n if (this.options.domain) parts.push(`domain=${this.options.domain}`);\n if (this.options.secure) parts.push(\"secure\");\n if (this.options.sameSite) parts.push(`samesite=${this.options.sameSite}`);\n if (this.options.maxAge) parts.push(`max-age=${this.options.maxAge}`);\n document.cookie = parts.join(\"; \");\n }\n\n remove(key: string): void {\n if (typeof document === \"undefined\") return;\n document.cookie = `${key}=; path=${this.options.path}; expires=Thu, 01 Jan 1970 00:00:00 GMT`;\n }\n\n clear(): void {\n Object.values(STORAGE_KEYS).forEach((key) => this.remove(key));\n }\n}\n\n/** Create storage instance based on type */\nexport function createStorage(\n type: \"localStorage\" | \"sessionStorage\" | \"memory\" | \"cookie\",\n): TokenStorage {\n switch (type) {\n case \"localStorage\":\n return new LocalStorage();\n case \"sessionStorage\":\n return new SessionStorage();\n case \"cookie\":\n return new CookieStorage();\n case \"memory\":\n default:\n return new MemoryStorage();\n }\n}\n\n/** Token manager for handling token persistence */\nexport class TokenManager {\n constructor(private storage: TokenStorage) {}\n\n async getTokens(): Promise<TokenInfo | null> {\n const accessToken = await this.storage.get(STORAGE_KEYS.accessToken);\n if (!accessToken) return null;\n\n const refreshToken = await this.storage.get(STORAGE_KEYS.refreshToken);\n const idToken = await this.storage.get(STORAGE_KEYS.idToken);\n const expiresAt = await this.storage.get(STORAGE_KEYS.expiresAt);\n\n return {\n accessToken,\n refreshToken: refreshToken ?? undefined,\n idToken: idToken ?? undefined,\n expiresAt: expiresAt ? parseInt(expiresAt, 10) : 0,\n tokenType: \"Bearer\",\n scope: [],\n };\n }\n\n async setTokens(tokens: TokenInfo): Promise<void> {\n await this.storage.set(STORAGE_KEYS.accessToken, tokens.accessToken);\n await this.storage.set(STORAGE_KEYS.expiresAt, tokens.expiresAt.toString());\n if (tokens.refreshToken) {\n await this.storage.set(STORAGE_KEYS.refreshToken, tokens.refreshToken);\n }\n if (tokens.idToken) {\n await this.storage.set(STORAGE_KEYS.idToken, tokens.idToken);\n }\n }\n\n async clearTokens(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.accessToken);\n await this.storage.remove(STORAGE_KEYS.refreshToken);\n await this.storage.remove(STORAGE_KEYS.idToken);\n await this.storage.remove(STORAGE_KEYS.expiresAt);\n }\n\n async saveState(state: string): Promise<void> {\n await this.storage.set(STORAGE_KEYS.state, state);\n }\n\n async getState(): Promise<string | null> {\n return this.storage.get(STORAGE_KEYS.state);\n }\n\n async clearState(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.state);\n }\n\n async saveNonce(nonce: string): Promise<void> {\n await this.storage.set(STORAGE_KEYS.nonce, nonce);\n }\n\n async getNonce(): Promise<string | null> {\n return this.storage.get(STORAGE_KEYS.nonce);\n }\n\n async clearNonce(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.nonce);\n }\n\n async saveCodeVerifier(verifier: string): Promise<void> {\n await this.storage.set(STORAGE_KEYS.codeVerifier, verifier);\n }\n\n async getCodeVerifier(): Promise<string | null> {\n return this.storage.get(STORAGE_KEYS.codeVerifier);\n }\n\n async clearCodeVerifier(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.codeVerifier);\n }\n\n async saveReturnTo(url: string): Promise<void> {\n await this.storage.set(STORAGE_KEYS.returnTo, url);\n }\n\n async getReturnTo(): Promise<string | null> {\n return this.storage.get(STORAGE_KEYS.returnTo);\n }\n\n async clearReturnTo(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.returnTo);\n }\n\n async clearAll(): Promise<void> {\n await this.storage.clear();\n }\n}\n","/**\n * @douvery/auth - Auth Client\n * Main OAuth 2.0/OIDC client implementation\n */\n\nimport type {\n DouveryAuthConfig,\n TokenSet,\n TokenInfo,\n User,\n AuthState,\n AuthEvent,\n AuthEventHandler,\n OIDCDiscovery,\n CallbackResult,\n LoginOptions,\n LogoutOptions,\n DecodedIdToken,\n SelectAccountOptions,\n RegisterOptions,\n RecoverAccountOptions,\n VerifyAccountOptions,\n UpgradeAccountOptions,\n SetupPasskeyOptions,\n SetupAddressOptions,\n AddAccountOptions,\n RevokeTokenOptions,\n AuthNavigationOptions,\n AuthUrl,\n} from \"./types\";\nimport { AuthError } from \"./types\";\nimport {\n generatePKCEPair,\n generateState,\n generateNonce,\n decodeJWT,\n isTokenExpired,\n} from \"./pkce\";\nimport { createStorage, TokenManager } from \"./storage\";\n\nconst DEFAULT_ISSUER = \"https://auth.douvery.com\";\nconst DEFAULT_SCOPES = [\"openid\", \"profile\", \"email\"];\n\nexport class DouveryAuthClient {\n private config: Required<\n Pick<DouveryAuthConfig, \"clientId\" | \"issuer\" | \"redirectUri\" | \"scopes\">\n > &\n DouveryAuthConfig;\n private tokenManager: TokenManager;\n private discovery: OIDCDiscovery | null = null;\n private eventHandlers: Set<AuthEventHandler> = new Set();\n private refreshTimer: ReturnType<typeof setTimeout> | null = null;\n private state: AuthState = {\n status: \"loading\",\n user: null,\n tokens: null,\n error: null,\n };\n\n constructor(config: DouveryAuthConfig) {\n this.config = {\n issuer: DEFAULT_ISSUER,\n scopes: DEFAULT_SCOPES,\n storage: \"localStorage\",\n autoRefresh: true,\n refreshThreshold: 60,\n debug: false,\n ...config,\n };\n\n const storage =\n config.customStorage ??\n createStorage(this.config.storage ?? \"localStorage\");\n this.tokenManager = new TokenManager(storage);\n }\n\n /** Initialize the auth client */\n async initialize(): Promise<AuthState> {\n this.log(\"Initializing auth client...\");\n\n try {\n if (this.isCallback()) {\n this.log(\"Handling OAuth callback...\");\n const result = await this.handleCallback();\n if (result.success && result.user && result.tokens) {\n this.updateState({\n status: \"authenticated\",\n user: result.user,\n tokens: result.tokens,\n error: null,\n });\n this.setupAutoRefresh();\n } else {\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: result.error ?? null,\n });\n }\n } else {\n const tokens = await this.tokenManager.getTokens();\n if (tokens && tokens.accessToken) {\n if (!isTokenExpired(tokens.accessToken)) {\n this.log(\"Found valid existing session\");\n const user = await this.fetchUser(tokens.accessToken);\n this.updateState({\n status: \"authenticated\",\n user,\n tokens,\n error: null,\n });\n this.setupAutoRefresh();\n } else if (tokens.refreshToken) {\n this.log(\"Access token expired, attempting refresh...\");\n await this.refreshTokens();\n } else {\n this.log(\"Session expired, no refresh token\");\n await this.tokenManager.clearTokens();\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: null,\n });\n }\n } else {\n this.log(\"No existing session found\");\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: null,\n });\n }\n }\n\n this.emit({ type: \"INITIALIZED\" });\n } catch (error) {\n this.log(\"Initialization error:\", error);\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error:\n error instanceof AuthError\n ? error\n : new AuthError(\n \"unknown_error\",\n \"Initialization failed\",\n error as Error,\n ),\n });\n }\n\n return this.state;\n }\n\n /** Start the login flow */\n async login(options: LoginOptions = {}): Promise<void> {\n this.log(\"Starting login flow...\");\n this.emit({ type: \"LOGIN_STARTED\" });\n\n try {\n const discovery = await this.getDiscovery();\n const pkce = await generatePKCEPair();\n const state = generateState();\n const nonce = generateNonce();\n\n await this.tokenManager.saveState(state);\n await this.tokenManager.saveNonce(nonce);\n await this.tokenManager.saveCodeVerifier(pkce.codeVerifier);\n\n if (options.returnTo) {\n await this.tokenManager.saveReturnTo(options.returnTo);\n }\n\n const params = new URLSearchParams({\n response_type: \"code\",\n client_id: this.config.clientId,\n redirect_uri: this.config.redirectUri,\n scope: this.config.scopes!.join(\" \"),\n state,\n nonce,\n code_challenge: pkce.codeChallenge,\n code_challenge_method: pkce.codeChallengeMethod,\n ...options.authorizationParams,\n });\n\n if (options.prompt) params.set(\"prompt\", options.prompt);\n if (options.loginHint) params.set(\"login_hint\", options.loginHint);\n if (options.uiLocales) params.set(\"ui_locales\", options.uiLocales);\n if (options.maxAge !== undefined)\n params.set(\"max_age\", options.maxAge.toString());\n if (options.acrValues) params.set(\"acr_values\", options.acrValues);\n\n const authUrl = `${discovery.authorization_endpoint}?${params}`;\n this.log(\"Redirecting to:\", authUrl);\n\n window.location.href = authUrl;\n } catch (error) {\n const authError =\n error instanceof AuthError\n ? error\n : new AuthError(\n \"configuration_error\",\n \"Login failed\",\n error as Error,\n );\n this.emit({ type: \"LOGIN_ERROR\", error: authError });\n throw authError;\n }\n }\n\n /** Logout the user */\n async logout(options: LogoutOptions = {}): Promise<void> {\n this.log(\"Starting logout...\");\n this.emit({ type: \"LOGOUT_STARTED\" });\n\n try {\n await this.tokenManager.clearAll();\n this.clearAutoRefresh();\n\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: null,\n });\n\n if (options.localOnly) {\n this.emit({ type: \"LOGOUT_SUCCESS\" });\n return;\n }\n\n if (options.federated !== false) {\n const discovery = await this.getDiscovery();\n if (discovery.end_session_endpoint) {\n const params = new URLSearchParams();\n if (this.state.tokens?.idToken) {\n params.set(\"id_token_hint\", this.state.tokens.idToken);\n }\n if (options.returnTo || this.config.postLogoutRedirectUri) {\n params.set(\n \"post_logout_redirect_uri\",\n options.returnTo || this.config.postLogoutRedirectUri!,\n );\n }\n params.set(\"client_id\", this.config.clientId);\n\n const logoutUrl = `${discovery.end_session_endpoint}?${params}`;\n this.log(\"Redirecting to logout:\", logoutUrl);\n window.location.href = logoutUrl;\n return;\n }\n }\n\n this.emit({ type: \"LOGOUT_SUCCESS\" });\n\n if (options.returnTo) {\n window.location.href = options.returnTo;\n }\n } catch (error) {\n const authError =\n error instanceof AuthError\n ? error\n : new AuthError(\"unknown_error\", \"Logout failed\", error as Error);\n this.emit({ type: \"LOGOUT_ERROR\", error: authError });\n throw authError;\n }\n }\n\n /** Check if current URL is an OAuth callback */\n isCallback(): boolean {\n if (typeof window === \"undefined\") return false;\n const params = new URLSearchParams(window.location.search);\n return params.has(\"code\") || params.has(\"error\");\n }\n\n /** Handle the OAuth callback */\n async handleCallback(): Promise<CallbackResult> {\n this.log(\"Processing callback...\");\n\n if (typeof window === \"undefined\") {\n return {\n success: false,\n error: new AuthError(\n \"configuration_error\",\n \"Cannot handle callback on server\",\n ),\n };\n }\n\n const params = new URLSearchParams(window.location.search);\n const code = params.get(\"code\");\n const stateParam = params.get(\"state\");\n const errorParam = params.get(\"error\");\n const errorDescription = params.get(\"error_description\");\n\n if (errorParam) {\n const error = new AuthError(\n errorParam as any,\n errorDescription ?? \"Authorization failed\",\n );\n return { success: false, error };\n }\n\n const savedState = await this.tokenManager.getState();\n if (!stateParam || stateParam !== savedState) {\n return {\n success: false,\n error: new AuthError(\"state_mismatch\", \"State parameter mismatch\"),\n };\n }\n\n if (!code) {\n return {\n success: false,\n error: new AuthError(\n \"invalid_request\",\n \"No authorization code received\",\n ),\n };\n }\n\n const codeVerifier = await this.tokenManager.getCodeVerifier();\n if (!codeVerifier) {\n return {\n success: false,\n error: new AuthError(\"pkce_error\", \"No code verifier found\"),\n };\n }\n\n try {\n const tokens = await this.exchangeCode(code, codeVerifier);\n await this.tokenManager.setTokens(tokens);\n const user = await this.fetchUser(tokens.accessToken);\n const returnTo = await this.tokenManager.getReturnTo();\n\n await this.tokenManager.clearState();\n await this.tokenManager.clearNonce();\n await this.tokenManager.clearCodeVerifier();\n await this.tokenManager.clearReturnTo();\n\n window.history.replaceState({}, \"\", window.location.pathname);\n\n this.emit({ type: \"LOGIN_SUCCESS\", user, tokens });\n\n return { success: true, user, tokens, returnTo: returnTo ?? undefined };\n } catch (error) {\n const authError =\n error instanceof AuthError\n ? error\n : new AuthError(\n \"invalid_grant\",\n \"Token exchange failed\",\n error as Error,\n );\n this.emit({ type: \"LOGIN_ERROR\", error: authError });\n return { success: false, error: authError };\n }\n }\n\n private async exchangeCode(\n code: string,\n codeVerifier: string,\n ): Promise<TokenInfo> {\n const discovery = await this.getDiscovery();\n\n const response = await fetch(discovery.token_endpoint, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/x-www-form-urlencoded\" },\n body: new URLSearchParams({\n grant_type: \"authorization_code\",\n code,\n redirect_uri: this.config.redirectUri,\n client_id: this.config.clientId,\n code_verifier: codeVerifier,\n }),\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({}));\n throw new AuthError(\n error.error ?? \"invalid_grant\",\n error.error_description ?? \"Token exchange failed\",\n );\n }\n\n const tokenSet: TokenSet = await response.json();\n return this.tokenSetToInfo(tokenSet);\n }\n\n /** Refresh the access token */\n async refreshTokens(): Promise<TokenInfo> {\n this.log(\"Refreshing tokens...\");\n\n const tokens = await this.tokenManager.getTokens();\n if (!tokens?.refreshToken) {\n throw new AuthError(\"token_refresh_failed\", \"No refresh token available\");\n }\n\n const discovery = await this.getDiscovery();\n\n const response = await fetch(discovery.token_endpoint, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/x-www-form-urlencoded\" },\n body: new URLSearchParams({\n grant_type: \"refresh_token\",\n refresh_token: tokens.refreshToken,\n client_id: this.config.clientId,\n }),\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({}));\n const authError = new AuthError(\n error.error ?? \"token_refresh_failed\",\n error.error_description ?? \"Token refresh failed\",\n );\n this.emit({ type: \"TOKEN_REFRESH_ERROR\", error: authError });\n await this.tokenManager.clearTokens();\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: authError,\n });\n this.emit({ type: \"SESSION_EXPIRED\" });\n throw authError;\n }\n\n const tokenSet: TokenSet = await response.json();\n const newTokens = this.tokenSetToInfo(tokenSet);\n await this.tokenManager.setTokens(newTokens);\n\n const user = newTokens.idToken\n ? this.extractUserFromIdToken(newTokens.idToken)\n : this.state.user;\n\n this.updateState({ ...this.state, tokens: newTokens, user });\n this.emit({ type: \"TOKEN_REFRESHED\", tokens: newTokens });\n this.setupAutoRefresh();\n\n return newTokens;\n }\n\n /** Get current access token (auto-refreshes if needed) */\n async getAccessToken(): Promise<string | null> {\n const tokens = await this.tokenManager.getTokens();\n if (!tokens) return null;\n\n if (isTokenExpired(tokens.accessToken)) {\n if (tokens.refreshToken) {\n const newTokens = await this.refreshTokens();\n return newTokens.accessToken;\n }\n return null;\n }\n\n return tokens.accessToken;\n }\n\n // ============================================\n // Navigation Methods\n // ============================================\n\n /** Redirect to select/switch account */\n selectAccount(options: SelectAccountOptions = {}): void {\n const url = this.buildSelectAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build select-account URL without redirecting */\n buildSelectAccountUrl(options: SelectAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.loginHint) params.set(\"login_hint\", options.loginHint);\n return this.createAuthUrl(\"/select-account\", params);\n }\n\n /** Redirect to add another account (multi-session) */\n addAccount(options: AddAccountOptions = {}): void {\n const url = this.buildAddAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build add-account URL without redirecting */\n buildAddAccountUrl(options: AddAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams({ add_account: \"true\" });\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.loginHint) params.set(\"login_hint\", options.loginHint);\n return this.createAuthUrl(\"/login\", params);\n }\n\n /** Redirect to register a new account */\n register(options: RegisterOptions = {}): void {\n const url = this.buildRegisterUrl(options);\n this.navigate(url, options);\n }\n\n /** Build register URL without redirecting */\n buildRegisterUrl(options: RegisterOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.email) params.set(\"email\", options.email);\n if (options.firstName) params.set(\"first_name\", options.firstName);\n if (options.lastName) params.set(\"last_name\", options.lastName);\n if (options.uiLocales) params.set(\"ui_locales\", options.uiLocales);\n return this.createAuthUrl(\"/register\", params);\n }\n\n /** Redirect to recover account (forgot password) */\n recoverAccount(options: RecoverAccountOptions = {}): void {\n const url = this.buildRecoverAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build recover-account URL without redirecting */\n buildRecoverAccountUrl(options: RecoverAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.email) params.set(\"email\", options.email);\n return this.createAuthUrl(\"/recover-account\", params);\n }\n\n /** Redirect to verify account (email verification) */\n verifyAccount(options: VerifyAccountOptions = {}): void {\n const url = this.buildVerifyAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build verify-account URL without redirecting */\n buildVerifyAccountUrl(options: VerifyAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.email) params.set(\"email\", options.email);\n return this.createAuthUrl(\"/verify-account\", params);\n }\n\n /** Redirect to upgrade account (guest → full account) */\n upgradeAccount(options: UpgradeAccountOptions = {}): void {\n const url = this.buildUpgradeAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build upgrade-account URL without redirecting */\n buildUpgradeAccountUrl(options: UpgradeAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.scopes?.length) params.set(\"scope\", options.scopes.join(\" \"));\n return this.createAuthUrl(\"/upgrade-account\", params);\n }\n\n /** Redirect to passkey setup */\n setupPasskey(options: SetupPasskeyOptions = {}): void {\n const url = this.buildSetupPasskeyUrl(options);\n this.navigate(url, options);\n }\n\n /** Build setup-passkey URL without redirecting */\n buildSetupPasskeyUrl(options: SetupPasskeyOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n return this.createAuthUrl(\"/setup-passkey\", params);\n }\n\n /** Redirect to address setup */\n setupAddress(options: SetupAddressOptions = {}): void {\n const url = this.buildSetupAddressUrl(options);\n this.navigate(url, options);\n }\n\n /** Build setup-address URL without redirecting */\n buildSetupAddressUrl(options: SetupAddressOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n return this.createAuthUrl(\"/setup-address\", params);\n }\n\n /** Build a login URL without redirecting (useful for links/buttons) */\n buildLoginUrl(options: LoginOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.loginHint) params.set(\"email\", options.loginHint);\n if (options.prompt) params.set(\"prompt\", options.prompt);\n if (options.uiLocales) params.set(\"ui_locales\", options.uiLocales);\n return this.createAuthUrl(\"/login\", params);\n }\n\n /** Build a logout URL without redirecting */\n buildLogoutUrl(options: LogoutOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n return this.createAuthUrl(\"/logout\", params);\n }\n\n /** Revoke a token (access or refresh) */\n async revokeToken(options: RevokeTokenOptions = {}): Promise<void> {\n this.log(\"Revoking token...\");\n\n const token =\n options.token ?? (await this.tokenManager.getTokens())?.accessToken;\n if (!token) {\n throw new AuthError(\"invalid_token\", \"No token to revoke\");\n }\n\n const revokeUrl = `${this.config.issuer}/oauth/revoke`;\n\n const body = new URLSearchParams({\n token,\n client_id: this.config.clientId,\n });\n if (options.tokenTypeHint) {\n body.set(\"token_type_hint\", options.tokenTypeHint);\n }\n\n const response = await fetch(revokeUrl, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/x-www-form-urlencoded\" },\n body,\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({}));\n throw new AuthError(\n error.error ?? \"server_error\",\n error.error_description ?? \"Token revocation failed\",\n );\n }\n\n this.log(\"Token revoked successfully\");\n }\n\n /** Check if the user's session is expired */\n isSessionExpired(): boolean {\n if (!this.state.tokens) return true;\n return isTokenExpired(this.state.tokens.accessToken);\n }\n\n /** Check if user needs email verification */\n needsEmailVerification(): boolean {\n return this.state.user?.emailVerified === false;\n }\n\n /** Check if user is a guest account */\n isGuestAccount(): boolean {\n return (\n (this.state.user as Record<string, unknown>)?.accountType === \"guest\"\n );\n }\n\n private tokenSetToInfo(tokenSet: TokenSet): TokenInfo {\n return {\n accessToken: tokenSet.access_token,\n refreshToken: tokenSet.refresh_token,\n idToken: tokenSet.id_token,\n expiresAt: Date.now() + tokenSet.expires_in * 1000,\n tokenType: tokenSet.token_type,\n scope: tokenSet.scope?.split(\" \") ?? [],\n };\n }\n\n /** Build an AuthUrl object for a given path and params */\n private createAuthUrl(path: string, params: URLSearchParams): AuthUrl {\n const query = params.toString();\n const url = `${this.config.issuer}${path}${query ? `?${query}` : \"\"}`;\n return {\n url,\n redirect: () => {\n window.location.href = url;\n },\n open: () => {\n return window.open(url, \"_blank\");\n },\n };\n }\n\n /** Navigate to an auth URL, respecting openInNewTab option */\n private navigate(authUrl: AuthUrl, options: AuthNavigationOptions): void {\n if (options.openInNewTab) {\n authUrl.open();\n } else {\n authUrl.redirect();\n }\n }\n\n private async fetchUser(accessToken: string): Promise<User> {\n const discovery = await this.getDiscovery();\n\n const response = await fetch(discovery.userinfo_endpoint, {\n headers: { Authorization: `Bearer ${accessToken}` },\n });\n\n if (!response.ok) {\n throw new AuthError(\"invalid_token\", \"Failed to fetch user info\");\n }\n\n const userInfo = await response.json();\n return this.normalizeUser(userInfo);\n }\n\n private extractUserFromIdToken(idToken: string): User {\n const claims = decodeJWT<DecodedIdToken>(idToken);\n return this.normalizeUser(claims);\n }\n\n private normalizeUser(claims: Record<string, unknown>): User {\n return {\n id: claims.sub as string,\n email: claims.email as string | undefined,\n emailVerified: claims.email_verified as boolean | undefined,\n name: claims.name as string | undefined,\n firstName: claims.given_name as string | undefined,\n lastName: claims.family_name as string | undefined,\n picture: claims.picture as string | undefined,\n phoneNumber: claims.phone_number as string | undefined,\n phoneNumberVerified: claims.phone_number_verified as boolean | undefined,\n locale: claims.locale as string | undefined,\n ...claims,\n };\n }\n\n private async getDiscovery(): Promise<OIDCDiscovery> {\n if (this.discovery) return this.discovery;\n const discoveryUrl = `${this.config.issuer}/.well-known/openid-configuration`;\n const response = await fetch(discoveryUrl);\n if (!response.ok) {\n throw new AuthError(\n \"configuration_error\",\n \"Failed to fetch discovery document\",\n );\n }\n this.discovery = await response.json();\n return this.discovery!;\n }\n\n private setupAutoRefresh(): void {\n if (!this.config.autoRefresh || !this.state.tokens) return;\n this.clearAutoRefresh();\n const expiresIn = this.state.tokens.expiresAt - Date.now();\n const refreshIn = expiresIn - this.config.refreshThreshold! * 1000;\n if (refreshIn > 0) {\n this.log(`Scheduling token refresh in ${Math.round(refreshIn / 1000)}s`);\n this.refreshTimer = setTimeout(() => {\n this.refreshTokens().catch((error) =>\n this.log(\"Auto-refresh failed:\", error),\n );\n }, refreshIn);\n }\n }\n\n private clearAutoRefresh(): void {\n if (this.refreshTimer) {\n clearTimeout(this.refreshTimer);\n this.refreshTimer = null;\n }\n }\n\n getState(): AuthState {\n return { ...this.state };\n }\n\n isAuthenticated(): boolean {\n return this.state.status === \"authenticated\";\n }\n\n getUser(): User | null {\n return this.state.user;\n }\n\n subscribe(handler: AuthEventHandler): () => void {\n this.eventHandlers.add(handler);\n return () => this.eventHandlers.delete(handler);\n }\n\n private updateState(newState: AuthState): void {\n this.state = newState;\n }\n\n private emit(event: AuthEvent): void {\n this.eventHandlers.forEach((handler) => {\n try {\n handler(event);\n } catch (error) {\n console.error(\"Event handler error:\", error);\n }\n });\n }\n\n private log(...args: unknown[]): void {\n if (this.config.debug) {\n console.log(\"[DouveryAuth]\", ...args);\n }\n }\n}\n\n/** Create a new DouveryAuthClient instance */\nexport function createDouveryAuth(\n config: DouveryAuthConfig,\n): DouveryAuthClient {\n return new DouveryAuthClient(config);\n}\n"]}
1
+ {"version":3,"sources":["../src/types.ts","../src/pkce.ts","../src/storage.ts","../src/client.ts"],"names":[],"mappings":";AA6LO,IAAM,SAAA,GAAN,cAAwB,KAAA,CAAM;AAAA,EACnC,WAAA,CACS,IAAA,EACP,OAAA,EACO,KAAA,EACP;AACA,IAAA,KAAA,CAAM,OAAO,CAAA;AAJN,IAAA,IAAA,CAAA,IAAA,GAAA,IAAA;AAEA,IAAA,IAAA,CAAA,KAAA,GAAA,KAAA;AAGP,IAAA,IAAA,CAAK,IAAA,GAAO,WAAA;AAAA,EACd;AACF;;;AC9LO,SAAS,oBAAA,CAAqB,SAAiB,EAAA,EAAY;AAChE,EAAA,MAAM,OAAA,GACJ,oEAAA;AACF,EAAA,MAAM,eAAe,MAAA,CAAO,eAAA,CAAgB,IAAI,UAAA,CAAW,MAAM,CAAC,CAAA;AAClE,EAAA,OAAO,KAAA,CAAM,IAAA,CAAK,YAAY,CAAA,CAC3B,IAAI,CAAC,CAAA,KAAM,OAAA,CAAQ,CAAA,GAAI,OAAA,CAAQ,MAAM,CAAC,CAAA,CACtC,KAAK,EAAE,CAAA;AACZ;AAGO,SAAS,aAAA,GAAwB;AACtC,EAAA,OAAO,qBAAqB,EAAE,CAAA;AAChC;AAGO,SAAS,aAAA,GAAwB;AACtC,EAAA,OAAO,qBAAqB,EAAE,CAAA;AAChC;AAGA,eAAsB,sBAAsB,QAAA,EAAmC;AAC7E,EAAA,MAAM,OAAA,GAAU,IAAI,WAAA,EAAY;AAChC,EAAA,MAAM,IAAA,GAAO,OAAA,CAAQ,MAAA,CAAO,QAAQ,CAAA;AACpC,EAAA,MAAM,aAAa,MAAM,MAAA,CAAO,MAAA,CAAO,MAAA,CAAO,WAAW,IAAI,CAAA;AAC7D,EAAA,OAAO,gBAAgB,UAAU,CAAA;AACnC;AAGO,SAAS,gBAAgB,MAAA,EAA6B;AAC3D,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,QAAQ,CAAA,EAAA,EAAK;AACrC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,OAAO,MAAA,CAAO,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,EAAE,CAAA;AACzE;AAGO,SAAS,gBAAgB,KAAA,EAA4B;AAC1D,EAAA,IAAI,MAAA,GAAS,MAAM,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AACvD,EAAA,MAAM,OAAA,GAAU,OAAO,MAAA,GAAS,CAAA;AAChC,EAAA,IAAI,OAAA,EAAS;AACX,IAAA,MAAA,IAAU,GAAA,CAAI,MAAA,CAAO,CAAA,GAAI,OAAO,CAAA;AAAA,EAClC;AACA,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAChC;AACA,EAAA,OAAO,KAAA,CAAM,MAAA;AACf;AAGA,eAAsB,gBAAA,GAAsC;AAC1D,EAAA,MAAM,eAAe,oBAAA,EAAqB;AAC1C,EAAA,MAAM,aAAA,GAAgB,MAAM,qBAAA,CAAsB,YAAY,CAAA;AAC9D,EAAA,OAAO;AAAA,IACL,YAAA;AAAA,IACA,aAAA;AAAA,IACA,mBAAA,EAAqB;AAAA,GACvB;AACF;AAGA,eAAsB,mBAAA,CACpB,QAAA,EACA,SAAA,EACA,MAAA,GAA2B,MAAA,EACT;AAClB,EAAA,IAAI,WAAW,OAAA,EAAS;AACtB,IAAA,OAAO,QAAA,KAAa,SAAA;AAAA,EACtB;AACA,EAAA,MAAM,iBAAA,GAAoB,MAAM,qBAAA,CAAsB,QAAQ,CAAA;AAC9D,EAAA,OAAO,iBAAA,KAAsB,SAAA;AAC/B;AAGO,SAAS,UAAuC,KAAA,EAAkB;AACvE,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,KAAA,CAAM,GAAG,CAAA;AAC7B,EAAA,IAAI,KAAA,CAAM,WAAW,CAAA,EAAG;AACtB,IAAA,MAAM,IAAI,MAAM,oBAAoB,CAAA;AAAA,EACtC;AACA,EAAA,MAAM,OAAA,GAAU,MAAM,CAAC,CAAA;AACvB,EAAA,MAAM,OAAA,GAAU,gBAAgB,OAAO,CAAA;AACvC,EAAA,MAAM,IAAA,GAAO,IAAI,WAAA,EAAY,CAAE,OAAO,OAAO,CAAA;AAC7C,EAAA,OAAO,IAAA,CAAK,MAAM,IAAI,CAAA;AACxB;AAGO,SAAS,cAAA,CAAe,KAAA,EAAe,SAAA,GAAoB,EAAA,EAAa;AAC7E,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,UAA4B,KAAK,CAAA;AACjD,IAAA,IAAI,CAAC,QAAQ,GAAA,EAAK;AAChB,MAAA,OAAO,KAAA;AAAA,IACT;AACA,IAAA,MAAM,MAAM,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,GAAA,KAAQ,GAAI,CAAA;AACxC,IAAA,OAAO,OAAA,CAAQ,MAAM,GAAA,GAAM,SAAA;AAAA,EAC7B,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;AAGO,SAAS,mBAAmB,KAAA,EAA8B;AAC/D,EAAA,IAAI;AACF,IAAA,MAAM,OAAA,GAAU,UAA4B,KAAK,CAAA;AACjD,IAAA,OAAO,OAAA,CAAQ,GAAA,GAAM,OAAA,CAAQ,GAAA,GAAM,GAAA,GAAO,IAAA;AAAA,EAC5C,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,IAAA;AAAA,EACT;AACF;;;AChHA,IAAM,cAAA,GAAiB,cAAA;AAEhB,IAAM,YAAA,GAA4B;AAAA,EACvC,WAAA,EAAa,GAAG,cAAc,CAAA,aAAA,CAAA;AAAA,EAC9B,YAAA,EAAc,GAAG,cAAc,CAAA,cAAA,CAAA;AAAA,EAC/B,OAAA,EAAS,GAAG,cAAc,CAAA,SAAA,CAAA;AAAA,EAC1B,SAAA,EAAW,GAAG,cAAc,CAAA,WAAA,CAAA;AAAA,EAC5B,KAAA,EAAO,GAAG,cAAc,CAAA,MAAA,CAAA;AAAA,EACxB,KAAA,EAAO,GAAG,cAAc,CAAA,MAAA,CAAA;AAAA,EACxB,YAAA,EAAc,GAAG,cAAc,CAAA,cAAA,CAAA;AAAA,EAC/B,QAAA,EAAU,GAAG,cAAc,CAAA,UAAA;AAC7B;AAGO,IAAM,gBAAN,MAA4C;AAAA,EACzC,KAAA,uBAAY,GAAA,EAAoB;AAAA,EAExC,IAAI,GAAA,EAA4B;AAC9B,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAChC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAA,CAAK,KAAA,CAAM,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC3B;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAA,CAAK,KAAA,CAAM,OAAO,GAAG,CAAA;AAAA,EACvB;AAAA,EAEA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,MAAM,KAAA,EAAM;AAAA,EACnB;AACF;AAGO,IAAM,eAAN,MAA2C;AAAA,EAChD,IAAI,GAAA,EAA4B;AAC9B,IAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,IAAA,OAAO,YAAA,CAAa,QAAQ,GAAG,CAAA;AAAA,EACjC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,YAAA,CAAa,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EACjC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,YAAA,CAAa,WAAW,GAAG,CAAA;AAAA,EAC7B;AAAA,EAEA,KAAA,GAAc;AACZ,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ;AAC3C,MAAA,YAAA,CAAa,WAAW,GAAG,CAAA;AAAA,IAC7B,CAAC,CAAA;AAAA,EACH;AACF;AAGO,IAAM,iBAAN,MAA6C;AAAA,EAClD,IAAI,GAAA,EAA4B;AAC9B,IAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,IAAA;AAC1C,IAAA,OAAO,cAAA,CAAe,QAAQ,GAAG,CAAA;AAAA,EACnC;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,cAAA,CAAe,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,EACnC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,cAAA,CAAe,WAAW,GAAG,CAAA;AAAA,EAC/B;AAAA,EAEA,KAAA,GAAc;AACZ,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACnC,IAAA,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ;AAC3C,MAAA,cAAA,CAAe,WAAW,GAAG,CAAA;AAAA,IAC/B,CAAC,CAAA;AAAA,EACH;AACF;AAGO,IAAM,gBAAN,MAA4C;AAAA,EACjD,WAAA,CACU,OAAA,GAMJ,EAAC,EACL;AAPQ,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAQR,IAAA,IAAA,CAAK,OAAA,GAAU,EAAE,IAAA,EAAM,GAAA,EAAK,QAAQ,IAAA,EAAM,QAAA,EAAU,KAAA,EAAO,GAAG,OAAA,EAAQ;AAAA,EACxE;AAAA,EAEA,IAAI,GAAA,EAA4B;AAC9B,IAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,IAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,IAAA,KAAA,MAAW,UAAU,OAAA,EAAS;AAC5B,MAAA,MAAM,CAAC,MAAM,KAAK,CAAA,GAAI,OAAO,IAAA,EAAK,CAAE,MAAM,GAAG,CAAA;AAC7C,MAAA,IAAI,SAAS,GAAA,EAAK;AAChB,QAAA,OAAO,mBAAmB,KAAK,CAAA;AAAA,MACjC;AAAA,IACF;AACA,IAAA,OAAO,IAAA;AAAA,EACT;AAAA,EAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,MAAM,KAAA,GAAQ;AAAA,MACZ,CAAA,EAAG,GAAG,CAAA,CAAA,EAAI,kBAAA,CAAmB,KAAK,CAAC,CAAA,CAAA;AAAA,MACnC,CAAA,KAAA,EAAQ,IAAA,CAAK,OAAA,CAAQ,IAAI,CAAA;AAAA,KAC3B;AACA,IAAA,IAAI,IAAA,CAAK,QAAQ,MAAA,EAAQ,KAAA,CAAM,KAAK,CAAA,OAAA,EAAU,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA,CAAE,CAAA;AACnE,IAAA,IAAI,IAAA,CAAK,OAAA,CAAQ,MAAA,EAAQ,KAAA,CAAM,KAAK,QAAQ,CAAA;AAC5C,IAAA,IAAI,IAAA,CAAK,QAAQ,QAAA,EAAU,KAAA,CAAM,KAAK,CAAA,SAAA,EAAY,IAAA,CAAK,OAAA,CAAQ,QAAQ,CAAA,CAAE,CAAA;AACzE,IAAA,IAAI,IAAA,CAAK,QAAQ,MAAA,EAAQ,KAAA,CAAM,KAAK,CAAA,QAAA,EAAW,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA,CAAE,CAAA;AACpE,IAAA,QAAA,CAAS,MAAA,GAAS,KAAA,CAAM,IAAA,CAAK,IAAI,CAAA;AAAA,EACnC;AAAA,EAEA,OAAO,GAAA,EAAmB;AACxB,IAAA,IAAI,OAAO,aAAa,WAAA,EAAa;AACrC,IAAA,QAAA,CAAS,SAAS,CAAA,EAAG,GAAG,CAAA,QAAA,EAAW,IAAA,CAAK,QAAQ,IAAI,CAAA,uCAAA,CAAA;AAAA,EACtD;AAAA,EAEA,KAAA,GAAc;AACZ,IAAA,MAAA,CAAO,MAAA,CAAO,YAAY,CAAA,CAAE,OAAA,CAAQ,CAAC,GAAA,KAAQ,IAAA,CAAK,MAAA,CAAO,GAAG,CAAC,CAAA;AAAA,EAC/D;AACF;AAGO,SAAS,cACd,IAAA,EACc;AACd,EAAA,QAAQ,IAAA;AAAM,IACZ,KAAK,cAAA;AACH,MAAA,OAAO,IAAI,YAAA,EAAa;AAAA,IAC1B,KAAK,gBAAA;AACH,MAAA,OAAO,IAAI,cAAA,EAAe;AAAA,IAC5B,KAAK,QAAA;AACH,MAAA,OAAO,IAAI,aAAA,EAAc;AAAA,IAC3B,KAAK,QAAA;AAAA,IACL;AACE,MAAA,OAAO,IAAI,aAAA,EAAc;AAAA;AAE/B;AAGO,IAAM,eAAN,MAAmB;AAAA,EACxB,YAAoB,OAAA,EAAuB;AAAvB,IAAA,IAAA,CAAA,OAAA,GAAA,OAAA;AAAA,EAAwB;AAAA,EAE5C,MAAM,SAAA,GAAuC;AAC3C,IAAA,MAAM,cAAc,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,aAAa,WAAW,CAAA;AACnE,IAAA,IAAI,CAAC,aAAa,OAAO,IAAA;AAEzB,IAAA,MAAM,eAAe,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,aAAa,YAAY,CAAA;AACrE,IAAA,MAAM,UAAU,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,aAAa,OAAO,CAAA;AAC3D,IAAA,MAAM,YAAY,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,aAAa,SAAS,CAAA;AAE/D,IAAA,OAAO;AAAA,MACL,WAAA;AAAA,MACA,cAAc,YAAA,IAAgB,MAAA;AAAA,MAC9B,SAAS,OAAA,IAAW,MAAA;AAAA,MACpB,SAAA,EAAW,SAAA,GAAY,QAAA,CAAS,SAAA,EAAW,EAAE,CAAA,GAAI,CAAA;AAAA,MACjD,SAAA,EAAW,QAAA;AAAA,MACX,OAAO;AAAC,KACV;AAAA,EACF;AAAA,EAEA,MAAM,UAAU,MAAA,EAAkC;AAChD,IAAA,MAAM,KAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,WAAA,EAAa,OAAO,WAAW,CAAA;AACnE,IAAA,MAAM,IAAA,CAAK,QAAQ,GAAA,CAAI,YAAA,CAAa,WAAW,MAAA,CAAO,SAAA,CAAU,UAAU,CAAA;AAC1E,IAAA,IAAI,OAAO,YAAA,EAAc;AACvB,MAAA,MAAM,KAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,YAAA,EAAc,OAAO,YAAY,CAAA;AAAA,IACvE;AACA,IAAA,IAAI,OAAO,OAAA,EAAS;AAClB,MAAA,MAAM,KAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,OAAA,EAAS,OAAO,OAAO,CAAA;AAAA,IAC7D;AAAA,EACF;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,WAAW,CAAA;AAClD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,YAAY,CAAA;AACnD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,OAAO,CAAA;AAC9C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,SAAS,CAAA;AAAA,EAClD;AAAA,EAEA,MAAM,UAAU,KAAA,EAA8B;AAC5C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,OAAO,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAM,QAAA,GAAmC;AACvC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,KAAK,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,KAAK,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,UAAU,KAAA,EAA8B;AAC5C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,OAAO,KAAK,CAAA;AAAA,EAClD;AAAA,EAEA,MAAM,QAAA,GAAmC;AACvC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,KAAK,CAAA;AAAA,EAC5C;AAAA,EAEA,MAAM,UAAA,GAA4B;AAChC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,KAAK,CAAA;AAAA,EAC9C;AAAA,EAEA,MAAM,iBAAiB,QAAA,EAAiC;AACtD,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,cAAc,QAAQ,CAAA;AAAA,EAC5D;AAAA,EAEA,MAAM,eAAA,GAA0C;AAC9C,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,YAAY,CAAA;AAAA,EACnD;AAAA,EAEA,MAAM,iBAAA,GAAmC;AACvC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,YAAY,CAAA;AAAA,EACrD;AAAA,EAEA,MAAM,aAAa,GAAA,EAA4B;AAC7C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,UAAU,GAAG,CAAA;AAAA,EACnD;AAAA,EAEA,MAAM,WAAA,GAAsC;AAC1C,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,YAAA,CAAa,QAAQ,CAAA;AAAA,EAC/C;AAAA,EAEA,MAAM,aAAA,GAA+B;AACnC,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,MAAA,CAAO,YAAA,CAAa,QAAQ,CAAA;AAAA,EACjD;AAAA,EAEA,MAAM,QAAA,GAA0B;AAC9B,IAAA,MAAM,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EAC3B;AACF;AAoCA,IAAM,iBAAA,uBAAwB,GAAA,CAAI;AAAA,EAChC,YAAA,CAAa,WAAA;AAAA,EACb,YAAA,CAAa,YAAA;AAAA,EACb,YAAA,CAAa;AACf,CAAC,CAAA;AAGD,IAAM,SAAA,uBAAgB,GAAA,CAAI;AAAA,EACxB,YAAA,CAAa,KAAA;AAAA,EACb,YAAA,CAAa,KAAA;AAAA,EACb,YAAA,CAAa,YAAA;AAAA,EACb,YAAA,CAAa;AACf,CAAC,CAAA;AAMD,SAAS,iBAAiB,IAAA,EAA6B;AACrD,EAAA,IAAI,OAAO,QAAA,KAAa,WAAA,EAAa,OAAO,IAAA;AAC5C,EAAA,MAAM,OAAA,GAAU,QAAA,CAAS,MAAA,CAAO,KAAA,CAAM,GAAG,CAAA;AACzC,EAAA,KAAA,MAAW,KAAK,OAAA,EAAS;AACvB,IAAA,MAAM,CAAC,KAAK,GAAG,KAAK,IAAI,CAAA,CAAE,IAAA,EAAK,CAAE,KAAA,CAAM,GAAG,CAAA;AAC1C,IAAA,IAAI,QAAQ,IAAA,EAAM,OAAO,mBAAmB,KAAA,CAAM,IAAA,CAAK,GAAG,CAAC,CAAA;AAAA,EAC7D;AACA,EAAA,OAAO,IAAA;AACT;AAGA,SAAS,kBAAA,GAAgD;AACvD,EAAA,IAAI,OAAO,MAAA,KAAW,WAAA,IAAe,OAAO,mBAAmB,WAAA,EAAa;AAC1E,IAAA,OAAO,IAAA;AAAA,EACT;AACA,EAAA,OAAO,cAAA;AACT;AAmCO,SAAS,2BACd,OAAA,EACc;AACd,EAAA,MAAM;AAAA,IACJ,qBAAA;AAAA,IACA,wBAAA,GAA2B,oBAAA;AAAA,IAC3B,KAAA,GAAQ;AAAA,GACV,GAAI,OAAA;AAEJ,EAAA,SAAS,IAAI,GAAA,EAAa;AACxB,IAAA,IAAI,KAAA,EAAO,OAAA,CAAQ,KAAA,CAAM,CAAA,uBAAA,EAA0B,GAAG,CAAA,CAAE,CAAA;AAAA,EAC1D;AAEA,EAAA,OAAO;AAAA,IACL,IAAI,GAAA,EAA4B;AAE9B,MAAA,IAAI,GAAA,KAAQ,aAAa,WAAA,EAAa;AACpC,QAAA,MAAM,GAAA,GAAM,iBAAiB,qBAAqB,CAAA;AAClD,QAAA,IAAI,GAAA,EAAK;AACP,UAAA,MAAM,EAAA,GAAK,QAAA,CAAS,GAAA,EAAK,EAAE,CAAA;AAC3B,UAAA,IAAI,CAAC,MAAM,EAAE,CAAA,IAAK,KAAK,IAAA,CAAK,GAAA,IAAO,OAAO,wBAAA;AAAA,QAC5C;AACA,QAAA,OAAO,IAAA;AAAA,MACT;AAGA,MAAA,IAAI,GAAA,KAAQ,aAAa,YAAA,EAAc;AACrC,QAAA,MAAM,GAAA,GAAM,iBAAiB,qBAAqB,CAAA;AAClD,QAAA,OAAO,MAAM,wBAAA,GAA2B,IAAA;AAAA,MAC1C;AAGA,MAAA,IAAI,GAAA,KAAQ,YAAA,CAAa,OAAA,EAAS,OAAO,IAAA;AAGzC,MAAA,IAAI,GAAA,KAAQ,aAAa,SAAA,EAAW;AAClC,QAAA,OAAO,iBAAiB,qBAAqB,CAAA;AAAA,MAC/C;AAGA,MAAA,IAAI,SAAA,CAAU,GAAA,CAAI,GAAG,CAAA,EAAG;AACtB,QAAA,OAAO,kBAAA,EAAmB,EAAG,OAAA,CAAQ,GAAG,CAAA,IAAK,IAAA;AAAA,MAC/C;AAGA,MAAA,OAAO,kBAAA,EAAmB,EAAG,OAAA,CAAQ,GAAG,CAAA,IAAK,IAAA;AAAA,IAC/C,CAAA;AAAA,IAEA,GAAA,CAAI,KAAa,KAAA,EAAqB;AACpC,MAAA,IAAI,kBAAkB,GAAA,CAAI,GAAG,CAAA,IAAK,GAAA,KAAQ,aAAa,SAAA,EAAW;AAChE,QAAA,GAAA,CAAI,CAAA,cAAA,EAAiB,GAAG,CAAA,2BAAA,CAAwB,CAAA;AAChD,QAAA;AAAA,MACF;AACA,MAAA,MAAM,KAAK,kBAAA,EAAmB;AAC9B,MAAA,IAAI,EAAA,EAAI;AACN,QAAA,IAAI;AACF,UAAA,EAAA,CAAG,OAAA,CAAQ,KAAK,KAAK,CAAA;AAAA,QACvB,SAAS,CAAA,EAAG;AACV,UAAA,IAAI,KAAA;AACF,YAAA,OAAA,CAAQ,IAAA;AAAA,cACN,uDAAA;AAAA,cACA;AAAA,aACF;AAAA,QACJ;AAAA,MACF;AAAA,IACF,CAAA;AAAA,IAEA,OAAO,GAAA,EAAmB;AACxB,MAAA,IAAI,kBAAkB,GAAA,CAAI,GAAG,CAAA,IAAK,GAAA,KAAQ,aAAa,SAAA,EAAW;AAChE,QAAA,GAAA,CAAI,CAAA,iBAAA,EAAoB,GAAG,CAAA,2BAAA,CAAwB,CAAA;AACnD,QAAA;AAAA,MACF;AACA,MAAA,MAAM,KAAK,kBAAA,EAAmB;AAC9B,MAAA,IAAI,EAAA,EAAI;AACN,QAAA,IAAI;AACF,UAAA,EAAA,CAAG,WAAW,GAAG,CAAA;AAAA,QACnB,SAAS,CAAA,EAAG;AACV,UAAA,IAAI,KAAA;AACF,YAAA,OAAA,CAAQ,IAAA;AAAA,cACN,0DAAA;AAAA,cACA;AAAA,aACF;AAAA,QACJ;AAAA,MACF;AAAA,IACF,CAAA;AAAA,IAEA,KAAA,GAAc;AACZ,MAAA,MAAM,KAAK,kBAAA,EAAmB;AAC9B,MAAA,IAAI,CAAC,EAAA,EAAI;AACT,MAAA,KAAA,MAAW,OAAO,SAAA,EAAW;AAC3B,QAAA,IAAI;AACF,UAAA,EAAA,CAAG,WAAW,GAAG,CAAA;AAAA,QACnB,CAAA,CAAA,MAAQ;AAAA,QAER;AAAA,MACF;AACA,MAAA,GAAA,CAAI,iDAAiD,CAAA;AAAA,IACvD;AAAA,GACF;AACF;;;AC5ZA,IAAM,cAAA,GAAiB,0BAAA;AACvB,IAAM,cAAA,GAAiB,CAAC,QAAA,EAAU,SAAA,EAAW,OAAO,CAAA;AAE7C,IAAM,oBAAN,MAAwB;AAAA,EACrB,MAAA;AAAA,EAIA,YAAA;AAAA,EACA,SAAA,GAAkC,IAAA;AAAA,EAClC,aAAA,uBAA2C,GAAA,EAAI;AAAA,EAC/C,YAAA,GAAqD,IAAA;AAAA,EACrD,KAAA,GAAmB;AAAA,IACzB,MAAA,EAAQ,SAAA;AAAA,IACR,IAAA,EAAM,IAAA;AAAA,IACN,MAAA,EAAQ,IAAA;AAAA,IACR,KAAA,EAAO;AAAA,GACT;AAAA,EAEA,YAAY,MAAA,EAA2B;AACrC,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,MAAA,EAAQ,cAAA;AAAA,MACR,MAAA,EAAQ,cAAA;AAAA,MACR,OAAA,EAAS,cAAA;AAAA,MACT,WAAA,EAAa,IAAA;AAAA,MACb,gBAAA,EAAkB,EAAA;AAAA,MAClB,KAAA,EAAO,KAAA;AAAA,MACP,GAAG;AAAA,KACL;AAEA,IAAA,MAAM,UACJ,MAAA,CAAO,aAAA,IACP,cAAc,IAAA,CAAK,MAAA,CAAO,WAAW,cAAc,CAAA;AACrD,IAAA,IAAA,CAAK,YAAA,GAAe,IAAI,YAAA,CAAa,OAAO,CAAA;AAAA,EAC9C;AAAA;AAAA,EAGA,MAAM,UAAA,GAAiC;AACrC,IAAA,IAAA,CAAK,IAAI,6BAA6B,CAAA;AAEtC,IAAA,IAAI;AACF,MAAA,IAAI,IAAA,CAAK,YAAW,EAAG;AACrB,QAAA,IAAA,CAAK,IAAI,4BAA4B,CAAA;AACrC,QAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,cAAA,EAAe;AACzC,QAAA,IAAI,MAAA,CAAO,OAAA,IAAW,MAAA,CAAO,IAAA,IAAQ,OAAO,MAAA,EAAQ;AAClD,UAAA,IAAA,CAAK,WAAA,CAAY;AAAA,YACf,MAAA,EAAQ,eAAA;AAAA,YACR,MAAM,MAAA,CAAO,IAAA;AAAA,YACb,QAAQ,MAAA,CAAO,MAAA;AAAA,YACf,KAAA,EAAO;AAAA,WACR,CAAA;AACD,UAAA,IAAA,CAAK,gBAAA,EAAiB;AAAA,QACxB,CAAA,MAAO;AACL,UAAA,IAAA,CAAK,WAAA,CAAY;AAAA,YACf,MAAA,EAAQ,iBAAA;AAAA,YACR,IAAA,EAAM,IAAA;AAAA,YACN,MAAA,EAAQ,IAAA;AAAA,YACR,KAAA,EAAO,OAAO,KAAA,IAAS;AAAA,WACxB,CAAA;AAAA,QACH;AAAA,MACF,CAAA,MAAO;AACL,QAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,EAAU;AACjD,QAAA,IAAI,MAAA,IAAU,OAAO,WAAA,EAAa;AAChC,UAAA,IAAI,CAAC,cAAA,CAAe,MAAA,CAAO,WAAW,CAAA,EAAG;AACvC,YAAA,IAAA,CAAK,IAAI,8BAA8B,CAAA;AACvC,YAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,WAAW,CAAA;AACpD,YAAA,IAAA,CAAK,WAAA,CAAY;AAAA,cACf,MAAA,EAAQ,eAAA;AAAA,cACR,IAAA;AAAA,cACA,MAAA;AAAA,cACA,KAAA,EAAO;AAAA,aACR,CAAA;AACD,YAAA,IAAA,CAAK,gBAAA,EAAiB;AAAA,UACxB,CAAA,MAAA,IAAW,OAAO,YAAA,EAAc;AAC9B,YAAA,IAAA,CAAK,IAAI,6CAA6C,CAAA;AACtD,YAAA,MAAM,KAAK,aAAA,EAAc;AAAA,UAC3B,CAAA,MAAO;AACL,YAAA,IAAA,CAAK,IAAI,mCAAmC,CAAA;AAC5C,YAAA,MAAM,IAAA,CAAK,aAAa,WAAA,EAAY;AACpC,YAAA,IAAA,CAAK,WAAA,CAAY;AAAA,cACf,MAAA,EAAQ,iBAAA;AAAA,cACR,IAAA,EAAM,IAAA;AAAA,cACN,MAAA,EAAQ,IAAA;AAAA,cACR,KAAA,EAAO;AAAA,aACR,CAAA;AAAA,UACH;AAAA,QACF,CAAA,MAAO;AACL,UAAA,IAAA,CAAK,IAAI,2BAA2B,CAAA;AACpC,UAAA,IAAA,CAAK,WAAA,CAAY;AAAA,YACf,MAAA,EAAQ,iBAAA;AAAA,YACR,IAAA,EAAM,IAAA;AAAA,YACN,MAAA,EAAQ,IAAA;AAAA,YACR,KAAA,EAAO;AAAA,WACR,CAAA;AAAA,QACH;AAAA,MACF;AAEA,MAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,aAAA,EAAe,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,IAAA,CAAK,GAAA,CAAI,yBAAyB,KAAK,CAAA;AACvC,MAAA,IAAA,CAAK,WAAA,CAAY;AAAA,QACf,MAAA,EAAQ,iBAAA;AAAA,QACR,IAAA,EAAM,IAAA;AAAA,QACN,MAAA,EAAQ,IAAA;AAAA,QACR,KAAA,EACE,KAAA,YAAiB,SAAA,GACb,KAAA,GACA,IAAI,SAAA;AAAA,UACF,eAAA;AAAA,UACA,uBAAA;AAAA,UACA;AAAA;AACF,OACP,CAAA;AAAA,IACH;AAEA,IAAA,OAAO,IAAA,CAAK,KAAA;AAAA,EACd;AAAA;AAAA,EAGA,MAAM,KAAA,CAAM,OAAA,GAAwB,EAAC,EAAkB;AACrD,IAAA,IAAA,CAAK,IAAI,wBAAwB,CAAA;AACjC,IAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,eAAA,EAAiB,CAAA;AAEnC,IAAA,IAAI;AACF,MAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAC1C,MAAA,MAAM,IAAA,GAAO,MAAM,gBAAA,EAAiB;AACpC,MAAA,MAAM,QAAQ,aAAA,EAAc;AAC5B,MAAA,MAAM,QAAQ,aAAA,EAAc;AAE5B,MAAA,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,CAAU,KAAK,CAAA;AACvC,MAAA,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,CAAU,KAAK,CAAA;AACvC,MAAA,MAAM,IAAA,CAAK,YAAA,CAAa,gBAAA,CAAiB,IAAA,CAAK,YAAY,CAAA;AAE1D,MAAA,IAAI,QAAQ,QAAA,EAAU;AACpB,QAAA,MAAM,IAAA,CAAK,YAAA,CAAa,YAAA,CAAa,OAAA,CAAQ,QAAQ,CAAA;AAAA,MACvD;AAEA,MAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB;AAAA,QACjC,aAAA,EAAe,MAAA;AAAA,QACf,SAAA,EAAW,KAAK,MAAA,CAAO,QAAA;AAAA,QACvB,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,QAC1B,KAAA,EAAO,IAAA,CAAK,MAAA,CAAO,MAAA,CAAQ,KAAK,GAAG,CAAA;AAAA,QACnC,KAAA;AAAA,QACA,KAAA;AAAA,QACA,gBAAgB,IAAA,CAAK,aAAA;AAAA,QACrB,uBAAuB,IAAA,CAAK,mBAAA;AAAA,QAC5B,GAAG,OAAA,CAAQ;AAAA,OACZ,CAAA;AAED,MAAA,IAAI,QAAQ,MAAA,EAAQ,MAAA,CAAO,GAAA,CAAI,QAAA,EAAU,QAAQ,MAAM,CAAA;AACvD,MAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,MAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,MAAA,IAAI,QAAQ,MAAA,KAAW,KAAA,CAAA;AACrB,QAAA,MAAA,CAAO,GAAA,CAAI,SAAA,EAAW,OAAA,CAAQ,MAAA,CAAO,UAAU,CAAA;AACjD,MAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AAEjE,MAAA,MAAM,OAAA,GAAU,CAAA,EAAG,SAAA,CAAU,sBAAsB,IAAI,MAAM,CAAA,CAAA;AAC7D,MAAA,IAAA,CAAK,GAAA,CAAI,mBAAmB,OAAO,CAAA;AAEnC,MAAA,MAAA,CAAO,SAAS,IAAA,GAAO,OAAA;AAAA,IACzB,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,SAAA,GACJ,KAAA,YAAiB,SAAA,GACb,KAAA,GACA,IAAI,SAAA;AAAA,QACF,qBAAA;AAAA,QACA,cAAA;AAAA,QACA;AAAA,OACF;AACN,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,aAAA,EAAe,KAAA,EAAO,WAAW,CAAA;AACnD,MAAA,MAAM,SAAA;AAAA,IACR;AAAA,EACF;AAAA;AAAA,EAGA,MAAM,MAAA,CAAO,OAAA,GAAyB,EAAC,EAAkB;AACvD,IAAA,IAAA,CAAK,IAAI,oBAAoB,CAAA;AAC7B,IAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,gBAAA,EAAkB,CAAA;AAEpC,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,CAAK,aAAa,QAAA,EAAS;AACjC,MAAA,IAAA,CAAK,gBAAA,EAAiB;AAEtB,MAAA,IAAA,CAAK,WAAA,CAAY;AAAA,QACf,MAAA,EAAQ,iBAAA;AAAA,QACR,IAAA,EAAM,IAAA;AAAA,QACN,MAAA,EAAQ,IAAA;AAAA,QACR,KAAA,EAAO;AAAA,OACR,CAAA;AAED,MAAA,IAAI,QAAQ,SAAA,EAAW;AACrB,QAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,gBAAA,EAAkB,CAAA;AACpC,QAAA;AAAA,MACF;AAEA,MAAA,IAAI,OAAA,CAAQ,cAAc,KAAA,EAAO;AAC/B,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAC1C,QAAA,IAAI,UAAU,oBAAA,EAAsB;AAClC,UAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,UAAA,IAAI,IAAA,CAAK,KAAA,CAAM,MAAA,EAAQ,OAAA,EAAS;AAC9B,YAAA,MAAA,CAAO,GAAA,CAAI,eAAA,EAAiB,IAAA,CAAK,KAAA,CAAM,OAAO,OAAO,CAAA;AAAA,UACvD;AACA,UAAA,IAAI,OAAA,CAAQ,QAAA,IAAY,IAAA,CAAK,MAAA,CAAO,qBAAA,EAAuB;AACzD,YAAA,MAAA,CAAO,GAAA;AAAA,cACL,0BAAA;AAAA,cACA,OAAA,CAAQ,QAAA,IAAY,IAAA,CAAK,MAAA,CAAO;AAAA,aAClC;AAAA,UACF;AACA,UAAA,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,IAAA,CAAK,MAAA,CAAO,QAAQ,CAAA;AAE5C,UAAA,MAAM,SAAA,GAAY,CAAA,EAAG,SAAA,CAAU,oBAAoB,IAAI,MAAM,CAAA,CAAA;AAC7D,UAAA,IAAA,CAAK,GAAA,CAAI,0BAA0B,SAAS,CAAA;AAC5C,UAAA,MAAA,CAAO,SAAS,IAAA,GAAO,SAAA;AACvB,UAAA;AAAA,QACF;AAAA,MACF;AAEA,MAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,gBAAA,EAAkB,CAAA;AAEpC,MAAA,IAAI,QAAQ,QAAA,EAAU;AACpB,QAAA,MAAA,CAAO,QAAA,CAAS,OAAO,OAAA,CAAQ,QAAA;AAAA,MACjC;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,SAAA,GACJ,iBAAiB,SAAA,GACb,KAAA,GACA,IAAI,SAAA,CAAU,eAAA,EAAiB,iBAAiB,KAAc,CAAA;AACpE,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,cAAA,EAAgB,KAAA,EAAO,WAAW,CAAA;AACpD,MAAA,MAAM,SAAA;AAAA,IACR;AAAA,EACF;AAAA;AAAA,EAGA,UAAA,GAAsB;AACpB,IAAA,IAAI,OAAO,MAAA,KAAW,WAAA,EAAa,OAAO,KAAA;AAC1C,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AACzD,IAAA,OAAO,OAAO,GAAA,CAAI,MAAM,CAAA,IAAK,MAAA,CAAO,IAAI,OAAO,CAAA;AAAA,EACjD;AAAA;AAAA,EAGA,MAAM,cAAA,GAA0C;AAC9C,IAAA,IAAA,CAAK,IAAI,wBAAwB,CAAA;AAEjC,IAAA,IAAI,OAAO,WAAW,WAAA,EAAa;AACjC,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,OAAO,IAAI,SAAA;AAAA,UACT,qBAAA;AAAA,UACA;AAAA;AACF,OACF;AAAA,IACF;AAEA,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,CAAgB,MAAA,CAAO,SAAS,MAAM,CAAA;AACzD,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,GAAA,CAAI,MAAM,CAAA;AAC9B,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AACrC,IAAA,MAAM,UAAA,GAAa,MAAA,CAAO,GAAA,CAAI,OAAO,CAAA;AACrC,IAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,GAAA,CAAI,mBAAmB,CAAA;AAEvD,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,QAAQ,IAAI,SAAA;AAAA,QAChB,UAAA;AAAA,QACA,gBAAA,IAAoB;AAAA,OACtB;AACA,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAM;AAAA,IACjC;AAEA,IAAA,MAAM,UAAA,GAAa,MAAM,IAAA,CAAK,YAAA,CAAa,QAAA,EAAS;AACpD,IAAA,IAAI,CAAC,UAAA,IAAc,UAAA,KAAe,UAAA,EAAY;AAC5C,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,IAAI,SAAA,CAAU,gBAAA,EAAkB,0BAA0B;AAAA,OACnE;AAAA,IACF;AAEA,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,OAAO,IAAI,SAAA;AAAA,UACT,iBAAA;AAAA,UACA;AAAA;AACF,OACF;AAAA,IACF;AAEA,IAAA,MAAM,YAAA,GAAe,MAAM,IAAA,CAAK,YAAA,CAAa,eAAA,EAAgB;AAC7D,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAO;AAAA,QACL,OAAA,EAAS,KAAA;AAAA,QACT,KAAA,EAAO,IAAI,SAAA,CAAU,YAAA,EAAc,wBAAwB;AAAA,OAC7D;AAAA,IACF;AAEA,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,YAAA,CAAa,MAAM,YAAY,CAAA;AACzD,MAAA,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,CAAU,MAAM,CAAA;AACxC,MAAA,MAAM,IAAA,GAAO,MAAM,IAAA,CAAK,SAAA,CAAU,OAAO,WAAW,CAAA;AACpD,MAAA,MAAM,QAAA,GAAW,MAAM,IAAA,CAAK,YAAA,CAAa,WAAA,EAAY;AAErD,MAAA,MAAM,IAAA,CAAK,aAAa,UAAA,EAAW;AACnC,MAAA,MAAM,IAAA,CAAK,aAAa,UAAA,EAAW;AACnC,MAAA,MAAM,IAAA,CAAK,aAAa,iBAAA,EAAkB;AAC1C,MAAA,MAAM,IAAA,CAAK,aAAa,aAAA,EAAc;AAEtC,MAAA,MAAA,CAAO,QAAQ,YAAA,CAAa,IAAI,EAAA,EAAI,MAAA,CAAO,SAAS,QAAQ,CAAA;AAE5D,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,eAAA,EAAiB,IAAA,EAAM,QAAQ,CAAA;AAEjD,MAAA,OAAO,EAAE,OAAA,EAAS,IAAA,EAAM,MAAM,MAAA,EAAQ,QAAA,EAAU,YAAY,KAAA,CAAA,EAAU;AAAA,IACxE,SAAS,KAAA,EAAO;AACd,MAAA,MAAM,SAAA,GACJ,KAAA,YAAiB,SAAA,GACb,KAAA,GACA,IAAI,SAAA;AAAA,QACF,eAAA;AAAA,QACA,uBAAA;AAAA,QACA;AAAA,OACF;AACN,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,aAAA,EAAe,KAAA,EAAO,WAAW,CAAA;AACnD,MAAA,OAAO,EAAE,OAAA,EAAS,KAAA,EAAO,KAAA,EAAO,SAAA,EAAU;AAAA,IAC5C;AAAA,EACF;AAAA,EAEA,MAAc,YAAA,CACZ,IAAA,EACA,YAAA,EACoB;AACpB,IAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAE1C,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,CAAU,cAAA,EAAgB;AAAA,MACrD,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,UAAA,EAAY,oBAAA;AAAA,QACZ,IAAA;AAAA,QACA,YAAA,EAAc,KAAK,MAAA,CAAO,WAAA;AAAA,QAC1B,SAAA,EAAW,KAAK,MAAA,CAAO,QAAA;AAAA,QACvB,aAAA,EAAe;AAAA,OAChB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,MAAA,MAAM,IAAI,SAAA;AAAA,QACR,MAAM,KAAA,IAAS,eAAA;AAAA,QACf,MAAM,iBAAA,IAAqB;AAAA,OAC7B;AAAA,IACF;AAEA,IAAA,MAAM,QAAA,GAAqB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC/C,IAAA,OAAO,IAAA,CAAK,eAAe,QAAQ,CAAA;AAAA,EACrC;AAAA;AAAA,EAGA,MAAM,aAAA,GAAoC;AACxC,IAAA,IAAA,CAAK,IAAI,sBAAsB,CAAA;AAE/B,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,EAAU;AACjD,IAAA,IAAI,CAAC,QAAQ,YAAA,EAAc;AACzB,MAAA,MAAM,IAAI,SAAA,CAAU,sBAAA,EAAwB,4BAA4B,CAAA;AAAA,IAC1E;AAEA,IAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAE1C,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,CAAU,cAAA,EAAgB;AAAA,MACrD,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D,IAAA,EAAM,IAAI,eAAA,CAAgB;AAAA,QACxB,UAAA,EAAY,eAAA;AAAA,QACZ,eAAe,MAAA,CAAO,YAAA;AAAA,QACtB,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,OACxB;AAAA,KACF,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,MAAA,MAAM,YAAY,IAAI,SAAA;AAAA,QACpB,MAAM,KAAA,IAAS,sBAAA;AAAA,QACf,MAAM,iBAAA,IAAqB;AAAA,OAC7B;AACA,MAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,qBAAA,EAAuB,KAAA,EAAO,WAAW,CAAA;AAC3D,MAAA,MAAM,IAAA,CAAK,aAAa,WAAA,EAAY;AACpC,MAAA,IAAA,CAAK,WAAA,CAAY;AAAA,QACf,MAAA,EAAQ,iBAAA;AAAA,QACR,IAAA,EAAM,IAAA;AAAA,QACN,MAAA,EAAQ,IAAA;AAAA,QACR,KAAA,EAAO;AAAA,OACR,CAAA;AACD,MAAA,IAAA,CAAK,IAAA,CAAK,EAAE,IAAA,EAAM,iBAAA,EAAmB,CAAA;AACrC,MAAA,MAAM,SAAA;AAAA,IACR;AAEA,IAAA,MAAM,QAAA,GAAqB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC/C,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,cAAA,CAAe,QAAQ,CAAA;AAC9C,IAAA,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,CAAU,SAAS,CAAA;AAE3C,IAAA,MAAM,IAAA,GAAO,UAAU,OAAA,GACnB,IAAA,CAAK,uBAAuB,SAAA,CAAU,OAAO,CAAA,GAC7C,IAAA,CAAK,KAAA,CAAM,IAAA;AAEf,IAAA,IAAA,CAAK,WAAA,CAAY,EAAE,GAAG,IAAA,CAAK,OAAO,MAAA,EAAQ,SAAA,EAAW,MAAM,CAAA;AAC3D,IAAA,IAAA,CAAK,KAAK,EAAE,IAAA,EAAM,iBAAA,EAAmB,MAAA,EAAQ,WAAW,CAAA;AACxD,IAAA,IAAA,CAAK,gBAAA,EAAiB;AAEtB,IAAA,OAAO,SAAA;AAAA,EACT;AAAA;AAAA,EAGA,MAAM,cAAA,GAAyC;AAC7C,IAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,YAAA,CAAa,SAAA,EAAU;AACjD,IAAA,IAAI,CAAC,QAAQ,OAAO,IAAA;AAEpB,IAAA,IAAI,cAAA,CAAe,MAAA,CAAO,WAAW,CAAA,EAAG;AACtC,MAAA,IAAI,OAAO,YAAA,EAAc;AACvB,QAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,aAAA,EAAc;AAC3C,QAAA,OAAO,SAAA,CAAU,WAAA;AAAA,MACnB;AACA,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,OAAO,MAAA,CAAO,WAAA;AAAA,EAChB;AAAA;AAAA;AAAA;AAAA;AAAA,EAOA,aAAA,CAAc,OAAA,GAAgC,EAAC,EAAS;AACtD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,qBAAA,CAAsB,OAAO,CAAA;AAC9C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,qBAAA,CAAsB,OAAA,GAAgC,EAAC,EAAY;AACjE,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,iBAAA,EAAmB,MAAM,CAAA;AAAA,EACrD;AAAA;AAAA,EAGA,UAAA,CAAW,OAAA,GAA6B,EAAC,EAAS;AAChD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,kBAAA,CAAmB,OAAO,CAAA;AAC3C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,kBAAA,CAAmB,OAAA,GAA6B,EAAC,EAAY;AAC3D,IAAA,MAAM,SAAS,IAAI,eAAA,CAAgB,EAAE,WAAA,EAAa,QAAQ,CAAA;AAC1D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,QAAA,EAAU,MAAM,CAAA;AAAA,EAC5C;AAAA;AAAA,EAGA,QAAA,CAAS,OAAA,GAA2B,EAAC,EAAS;AAC5C,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,gBAAA,CAAiB,OAAO,CAAA;AACzC,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,gBAAA,CAAiB,OAAA,GAA2B,EAAC,EAAY;AACvD,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,KAAA,EAAO,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,QAAQ,KAAK,CAAA;AACpD,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,WAAA,EAAa,MAAM,CAAA;AAAA,EAC/C;AAAA;AAAA,EAGA,cAAA,CAAe,OAAA,GAAiC,EAAC,EAAS;AACxD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,sBAAA,CAAuB,OAAO,CAAA;AAC/C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,sBAAA,CAAuB,OAAA,GAAiC,EAAC,EAAY;AACnE,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,KAAA,EAAO,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,QAAQ,KAAK,CAAA;AACpD,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,kBAAA,EAAoB,MAAM,CAAA;AAAA,EACtD;AAAA;AAAA,EAGA,aAAA,CAAc,OAAA,GAAgC,EAAC,EAAS;AACtD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,qBAAA,CAAsB,OAAO,CAAA;AAC9C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,qBAAA,CAAsB,OAAA,GAAgC,EAAC,EAAY;AACjE,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,QAAQ,KAAA,EAAO,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,QAAQ,KAAK,CAAA;AACpD,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,iBAAA,EAAmB,MAAM,CAAA;AAAA,EACrD;AAAA;AAAA,EAGA,cAAA,CAAe,OAAA,GAAiC,EAAC,EAAS;AACxD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,sBAAA,CAAuB,OAAO,CAAA;AAC/C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,sBAAA,CAAuB,OAAA,GAAiC,EAAC,EAAY;AACnE,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,IAAI,OAAA,CAAQ,MAAA,EAAQ,MAAA,EAAQ,MAAA,CAAO,GAAA,CAAI,SAAS,OAAA,CAAQ,MAAA,CAAO,IAAA,CAAK,GAAG,CAAC,CAAA;AACxE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,kBAAA,EAAoB,MAAM,CAAA;AAAA,EACtD;AAAA;AAAA,EAGA,YAAA,CAAa,OAAA,GAA+B,EAAC,EAAS;AACpD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,oBAAA,CAAqB,OAAO,CAAA;AAC7C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,oBAAA,CAAqB,OAAA,GAA+B,EAAC,EAAY;AAC/D,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,gBAAA,EAAkB,MAAM,CAAA;AAAA,EACpD;AAAA;AAAA,EAGA,YAAA,CAAa,OAAA,GAA+B,EAAC,EAAS;AACpD,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,oBAAA,CAAqB,OAAO,CAAA;AAC7C,IAAA,IAAA,CAAK,QAAA,CAAS,KAAK,OAAO,CAAA;AAAA,EAC5B;AAAA;AAAA,EAGA,oBAAA,CAAqB,OAAA,GAA+B,EAAC,EAAY;AAC/D,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,WAAA,EAAa,QAAQ,QAAQ,CAAA;AAC9D,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,gBAAA,EAAkB,MAAM,CAAA;AAAA,EACpD;AAAA;AAAA,EAGA,aAAA,CAAc,OAAA,GAAwB,EAAC,EAAY;AACjD,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,OAAA,EAAS,QAAQ,SAAS,CAAA;AAC5D,IAAA,IAAI,QAAQ,MAAA,EAAQ,MAAA,CAAO,GAAA,CAAI,QAAA,EAAU,QAAQ,MAAM,CAAA;AACvD,IAAA,IAAI,QAAQ,SAAA,EAAW,MAAA,CAAO,GAAA,CAAI,YAAA,EAAc,QAAQ,SAAS,CAAA;AACjE,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,QAAA,EAAU,MAAM,CAAA;AAAA,EAC5C;AAAA;AAAA,EAGA,cAAA,CAAe,OAAA,GAAyB,EAAC,EAAY;AACnD,IAAA,MAAM,MAAA,GAAS,IAAI,eAAA,EAAgB;AACnC,IAAA,IAAI,QAAQ,QAAA,EAAU,MAAA,CAAO,GAAA,CAAI,UAAA,EAAY,QAAQ,QAAQ,CAAA;AAC7D,IAAA,OAAO,IAAA,CAAK,aAAA,CAAc,SAAA,EAAW,MAAM,CAAA;AAAA,EAC7C;AAAA;AAAA,EAGA,MAAM,WAAA,CAAY,OAAA,GAA8B,EAAC,EAAkB;AACjE,IAAA,IAAA,CAAK,IAAI,mBAAmB,CAAA;AAE5B,IAAA,MAAM,QACJ,OAAA,CAAQ,KAAA,IAAA,CAAU,MAAM,IAAA,CAAK,YAAA,CAAa,WAAU,GAAI,WAAA;AAC1D,IAAA,IAAI,CAAC,KAAA,EAAO;AACV,MAAA,MAAM,IAAI,SAAA,CAAU,eAAA,EAAiB,oBAAoB,CAAA;AAAA,IAC3D;AAEA,IAAA,MAAM,SAAA,GAAY,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA,aAAA,CAAA;AAEvC,IAAA,MAAM,IAAA,GAAO,IAAI,eAAA,CAAgB;AAAA,MAC/B,KAAA;AAAA,MACA,SAAA,EAAW,KAAK,MAAA,CAAO;AAAA,KACxB,CAAA;AACD,IAAA,IAAI,QAAQ,aAAA,EAAe;AACzB,MAAA,IAAA,CAAK,GAAA,CAAI,iBAAA,EAAmB,OAAA,CAAQ,aAAa,CAAA;AAAA,IACnD;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,EAAW;AAAA,MACtC,MAAA,EAAQ,MAAA;AAAA,MACR,OAAA,EAAS,EAAE,cAAA,EAAgB,mCAAA,EAAoC;AAAA,MAC/D;AAAA,KACD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,KAAA,GAAQ,MAAM,QAAA,CAAS,IAAA,GAAO,KAAA,CAAM,OAAO,EAAC,CAAE,CAAA;AACpD,MAAA,MAAM,IAAI,SAAA;AAAA,QACR,MAAM,KAAA,IAAS,cAAA;AAAA,QACf,MAAM,iBAAA,IAAqB;AAAA,OAC7B;AAAA,IACF;AAEA,IAAA,IAAA,CAAK,IAAI,4BAA4B,CAAA;AAAA,EACvC;AAAA;AAAA,EAGA,gBAAA,GAA4B;AAC1B,IAAA,IAAI,CAAC,IAAA,CAAK,KAAA,CAAM,MAAA,EAAQ,OAAO,IAAA;AAC/B,IAAA,OAAO,cAAA,CAAe,IAAA,CAAK,KAAA,CAAM,MAAA,CAAO,WAAW,CAAA;AAAA,EACrD;AAAA;AAAA,EAGA,sBAAA,GAAkC;AAChC,IAAA,OAAO,IAAA,CAAK,KAAA,CAAM,IAAA,EAAM,aAAA,KAAkB,KAAA;AAAA,EAC5C;AAAA;AAAA,EAGA,cAAA,GAA0B;AACxB,IAAA,OACG,IAAA,CAAK,KAAA,CAAM,IAAA,EAAkC,WAAA,KAAgB,OAAA;AAAA,EAElE;AAAA,EAEQ,eAAe,QAAA,EAA+B;AACpD,IAAA,OAAO;AAAA,MACL,aAAa,QAAA,CAAS,YAAA;AAAA,MACtB,cAAc,QAAA,CAAS,aAAA;AAAA,MACvB,SAAS,QAAA,CAAS,QAAA;AAAA,MAClB,SAAA,EAAW,IAAA,CAAK,GAAA,EAAI,GAAI,SAAS,UAAA,GAAa,GAAA;AAAA,MAC9C,WAAW,QAAA,CAAS,UAAA;AAAA,MACpB,OAAO,QAAA,CAAS,KAAA,EAAO,KAAA,CAAM,GAAG,KAAK;AAAC,KACxC;AAAA,EACF;AAAA;AAAA,EAGQ,aAAA,CAAc,MAAc,MAAA,EAAkC;AACpE,IAAA,MAAM,KAAA,GAAQ,OAAO,QAAA,EAAS;AAC9B,IAAA,MAAM,GAAA,GAAM,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA,EAAG,IAAI,CAAA,EAAG,KAAA,GAAQ,CAAA,CAAA,EAAI,KAAK,CAAA,CAAA,GAAK,EAAE,CAAA,CAAA;AACnE,IAAA,OAAO;AAAA,MACL,GAAA;AAAA,MACA,UAAU,MAAM;AACd,QAAA,MAAA,CAAO,SAAS,IAAA,GAAO,GAAA;AAAA,MACzB,CAAA;AAAA,MACA,MAAM,MAAM;AACV,QAAA,OAAO,MAAA,CAAO,IAAA,CAAK,GAAA,EAAK,QAAQ,CAAA;AAAA,MAClC;AAAA,KACF;AAAA,EACF;AAAA;AAAA,EAGQ,QAAA,CAAS,SAAkB,OAAA,EAAsC;AACvE,IAAA,IAAI,QAAQ,YAAA,EAAc;AACxB,MAAA,OAAA,CAAQ,IAAA,EAAK;AAAA,IACf,CAAA,MAAO;AACL,MAAA,OAAA,CAAQ,QAAA,EAAS;AAAA,IACnB;AAAA,EACF;AAAA,EAEA,MAAc,UAAU,WAAA,EAAoC;AAC1D,IAAA,MAAM,SAAA,GAAY,MAAM,IAAA,CAAK,YAAA,EAAa;AAE1C,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,SAAA,CAAU,iBAAA,EAAmB;AAAA,MACxD,OAAA,EAAS,EAAE,aAAA,EAAe,CAAA,OAAA,EAAU,WAAW,CAAA,CAAA;AAAG,KACnD,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,IAAI,SAAA,CAAU,eAAA,EAAiB,2BAA2B,CAAA;AAAA,IAClE;AAEA,IAAA,MAAM,QAAA,GAAW,MAAM,QAAA,CAAS,IAAA,EAAK;AACrC,IAAA,OAAO,IAAA,CAAK,cAAc,QAAQ,CAAA;AAAA,EACpC;AAAA,EAEQ,uBAAuB,OAAA,EAAuB;AACpD,IAAA,MAAM,MAAA,GAAS,UAA0B,OAAO,CAAA;AAChD,IAAA,OAAO,IAAA,CAAK,cAAc,MAAM,CAAA;AAAA,EAClC;AAAA,EAEQ,cAAc,MAAA,EAAuC;AAC3D,IAAA,OAAO;AAAA,MACL,IAAI,MAAA,CAAO,GAAA;AAAA,MACX,OAAO,MAAA,CAAO,KAAA;AAAA,MACd,eAAe,MAAA,CAAO,cAAA;AAAA,MACtB,MAAM,MAAA,CAAO,IAAA;AAAA,MACb,WAAW,MAAA,CAAO,UAAA;AAAA,MAClB,UAAU,MAAA,CAAO,WAAA;AAAA,MACjB,SAAS,MAAA,CAAO,OAAA;AAAA,MAChB,aAAa,MAAA,CAAO,YAAA;AAAA,MACpB,qBAAqB,MAAA,CAAO,qBAAA;AAAA,MAC5B,QAAQ,MAAA,CAAO,MAAA;AAAA,MACf,GAAG;AAAA,KACL;AAAA,EACF;AAAA,EAEA,MAAc,YAAA,GAAuC;AACnD,IAAA,IAAI,IAAA,CAAK,SAAA,EAAW,OAAO,IAAA,CAAK,SAAA;AAChC,IAAA,MAAM,YAAA,GAAe,CAAA,EAAG,IAAA,CAAK,MAAA,CAAO,MAAM,CAAA,iCAAA,CAAA;AAC1C,IAAA,IAAA,CAAK,GAAA,CAAI,4BAA4B,YAAY,CAAA;AACjD,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,YAAY,CAAA;AACzC,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,MAAM,IAAI,SAAA;AAAA,QACR,qBAAA;AAAA,QACA;AAAA,OACF;AAAA,IACF;AACA,IAAA,MAAM,GAAA,GAAqB,MAAM,QAAA,CAAS,IAAA,EAAK;AAK/C,IAAA,MAAM,YAAY,GAAA,CAAI,MAAA;AACtB,IAAA,MAAM,YAAA,GAAe,KAAK,MAAA,CAAO,MAAA;AACjC,IAAA,IAAI,SAAA,IAAa,cAAc,YAAA,EAAc;AAC3C,MAAA,IAAA,CAAK,GAAA;AAAA,QACH,CAAA,gCAAA,EAAmC,SAAS,CAAA,MAAA,EAAS,YAAY,CAAA,CAAA;AAAA,OACnE;AACA,MAAA,MAAM,UAAU,CAAC,GAAA,KAAgB,GAAA,CAAI,OAAA,CAAQ,WAAW,YAAY,CAAA;AACpE,MAAA,GAAA,CAAI,MAAA,GAAS,YAAA;AACb,MAAA,GAAA,CAAI,sBAAA,GAAyB,OAAA,CAAQ,GAAA,CAAI,sBAAsB,CAAA;AAC/D,MAAA,GAAA,CAAI,cAAA,GAAiB,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA;AAC/C,MAAA,IAAI,GAAA,CAAI,iBAAA;AACN,QAAA,GAAA,CAAI,iBAAA,GAAoB,OAAA,CAAQ,GAAA,CAAI,iBAAiB,CAAA;AACvD,MAAA,IAAI,GAAA,CAAI,oBAAA;AACN,QAAA,GAAA,CAAI,oBAAA,GAAuB,OAAA,CAAQ,GAAA,CAAI,oBAAoB,CAAA;AAC7D,MAAA,IAAI,IAAI,QAAA,EAAU,GAAA,CAAI,QAAA,GAAW,OAAA,CAAQ,IAAI,QAAQ,CAAA;AACrD,MAAA,IAAI,GAAA,CAAI,mBAAA;AACN,QAAA,GAAA,CAAI,mBAAA,GAAsB,OAAA,CAAQ,GAAA,CAAI,mBAAmB,CAAA;AAC3D,MAAA,IAAI,GAAA,CAAI,sBAAA;AACN,QAAA,GAAA,CAAI,sBAAA,GAAyB,OAAA,CAAQ,GAAA,CAAI,sBAAsB,CAAA;AAAA,IACnE;AAEA,IAAA,IAAA,CAAK,GAAA,CAAI,yBAAA,EAA2B,GAAA,CAAI,sBAAsB,CAAA;AAC9D,IAAA,IAAA,CAAK,SAAA,GAAY,GAAA;AACjB,IAAA,OAAO,IAAA,CAAK,SAAA;AAAA,EACd;AAAA,EAEQ,gBAAA,GAAyB;AAC/B,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,CAAO,eAAe,CAAC,IAAA,CAAK,MAAM,MAAA,EAAQ;AACpD,IAAA,IAAA,CAAK,gBAAA,EAAiB;AACtB,IAAA,MAAM,YAAY,IAAA,CAAK,KAAA,CAAM,MAAA,CAAO,SAAA,GAAY,KAAK,GAAA,EAAI;AACzD,IAAA,MAAM,SAAA,GAAY,SAAA,GAAY,IAAA,CAAK,MAAA,CAAO,gBAAA,GAAoB,GAAA;AAC9D,IAAA,IAAI,YAAY,CAAA,EAAG;AACjB,MAAA,IAAA,CAAK,IAAI,CAAA,4BAAA,EAA+B,IAAA,CAAK,MAAM,SAAA,GAAY,GAAI,CAAC,CAAA,CAAA,CAAG,CAAA;AACvE,MAAA,IAAA,CAAK,YAAA,GAAe,WAAW,MAAM;AACnC,QAAA,IAAA,CAAK,eAAc,CAAE,KAAA;AAAA,UAAM,CAAC,KAAA,KAC1B,IAAA,CAAK,GAAA,CAAI,wBAAwB,KAAK;AAAA,SACxC;AAAA,MACF,GAAG,SAAS,CAAA;AAAA,IACd;AAAA,EACF;AAAA,EAEQ,gBAAA,GAAyB;AAC/B,IAAA,IAAI,KAAK,YAAA,EAAc;AACrB,MAAA,YAAA,CAAa,KAAK,YAAY,CAAA;AAC9B,MAAA,IAAA,CAAK,YAAA,GAAe,IAAA;AAAA,IACtB;AAAA,EACF;AAAA,EAEA,QAAA,GAAsB;AACpB,IAAA,OAAO,EAAE,GAAG,IAAA,CAAK,KAAA,EAAM;AAAA,EACzB;AAAA,EAEA,eAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,MAAM,MAAA,KAAW,eAAA;AAAA,EAC/B;AAAA,EAEA,OAAA,GAAuB;AACrB,IAAA,OAAO,KAAK,KAAA,CAAM,IAAA;AAAA,EACpB;AAAA,EAEA,UAAU,OAAA,EAAuC;AAC/C,IAAA,IAAA,CAAK,aAAA,CAAc,IAAI,OAAO,CAAA;AAC9B,IAAA,OAAO,MAAM,IAAA,CAAK,aAAA,CAAc,MAAA,CAAO,OAAO,CAAA;AAAA,EAChD;AAAA,EAEQ,YAAY,QAAA,EAA2B;AAC7C,IAAA,IAAA,CAAK,KAAA,GAAQ,QAAA;AAAA,EACf;AAAA,EAEQ,KAAK,KAAA,EAAwB;AACnC,IAAA,IAAA,CAAK,aAAA,CAAc,OAAA,CAAQ,CAAC,OAAA,KAAY;AACtC,MAAA,IAAI;AACF,QAAA,OAAA,CAAQ,KAAK,CAAA;AAAA,MACf,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,wBAAwB,KAAK,CAAA;AAAA,MAC7C;AAAA,IACF,CAAC,CAAA;AAAA,EACH;AAAA,EAEQ,OAAO,IAAA,EAAuB;AACpC,IAAA,IAAI,IAAA,CAAK,OAAO,KAAA,EAAO;AACrB,MAAA,OAAA,CAAQ,GAAA,CAAI,eAAA,EAAiB,GAAG,IAAI,CAAA;AAAA,IACtC;AAAA,EACF;AACF;AAGO,SAAS,kBACd,MAAA,EACmB;AACnB,EAAA,OAAO,IAAI,kBAAkB,MAAM,CAAA;AACrC","file":"index.js","sourcesContent":["/**\n * @douvery/auth - Core Types\n * OAuth 2.0/OIDC type definitions\n */\n\n// ============================================\n// Configuration Types\n// ============================================\n\nexport interface DouveryAuthConfig {\n /** OAuth Client ID */\n clientId: string;\n /** Authorization server base URL @default \"https://auth.douvery.com\" */\n issuer?: string;\n /** Redirect URI after authentication */\n redirectUri: string;\n /** Post-logout redirect URI */\n postLogoutRedirectUri?: string;\n /** OAuth scopes to request @default [\"openid\", \"profile\", \"email\"] */\n scopes?: string[];\n /** Token storage strategy @default \"localStorage\" */\n storage?: \"localStorage\" | \"sessionStorage\" | \"memory\" | \"cookie\";\n /** Custom storage implementation */\n customStorage?: TokenStorage;\n /** Auto-refresh tokens before expiry @default true */\n autoRefresh?: boolean;\n /** Seconds before expiry to trigger refresh @default 60 */\n refreshThreshold?: number;\n /** Enable debug logging @default false */\n debug?: boolean;\n}\n\n// ============================================\n// Token Types\n// ============================================\n\nexport interface TokenSet {\n access_token: string;\n token_type: string;\n expires_in: number;\n refresh_token?: string;\n id_token?: string;\n scope?: string;\n}\n\nexport interface TokenInfo {\n accessToken: string;\n refreshToken?: string;\n idToken?: string;\n expiresAt: number;\n tokenType: string;\n scope: string[];\n}\n\nexport interface DecodedIdToken {\n iss: string;\n sub: string;\n aud: string;\n exp: number;\n iat: number;\n auth_time?: number;\n nonce?: string;\n acr?: string;\n amr?: string[];\n azp?: string;\n at_hash?: string;\n c_hash?: string;\n name?: string;\n given_name?: string;\n family_name?: string;\n middle_name?: string;\n nickname?: string;\n preferred_username?: string;\n profile?: string;\n picture?: string;\n website?: string;\n email?: string;\n email_verified?: boolean;\n gender?: string;\n birthdate?: string;\n zoneinfo?: string;\n locale?: string;\n phone_number?: string;\n phone_number_verified?: boolean;\n address?: {\n formatted?: string;\n street_address?: string;\n locality?: string;\n region?: string;\n postal_code?: string;\n country?: string;\n };\n updated_at?: number;\n [key: string]: unknown;\n}\n\n// ============================================\n// User Types\n// ============================================\n\nexport interface User {\n id: string;\n email?: string;\n emailVerified?: boolean;\n name?: string;\n firstName?: string;\n lastName?: string;\n picture?: string;\n phoneNumber?: string;\n phoneNumberVerified?: boolean;\n locale?: string;\n [key: string]: unknown;\n}\n\n// ============================================\n// Auth State Types\n// ============================================\n\nexport type AuthStatus = \"loading\" | \"authenticated\" | \"unauthenticated\";\n\nexport interface AuthState {\n status: AuthStatus;\n user: User | null;\n tokens: TokenInfo | null;\n error: AuthError | null;\n}\n\n// ============================================\n// PKCE Types\n// ============================================\n\nexport interface PKCEPair {\n codeVerifier: string;\n codeChallenge: string;\n codeChallengeMethod: \"S256\";\n}\n\nexport interface AuthorizationParams {\n state: string;\n nonce: string;\n codeVerifier: string;\n codeChallenge: string;\n redirectUri: string;\n}\n\n// ============================================\n// Storage Types\n// ============================================\n\nexport interface TokenStorage {\n get(key: string): string | null | Promise<string | null>;\n set(key: string, value: string): void | Promise<void>;\n remove(key: string): void | Promise<void>;\n clear(): void | Promise<void>;\n}\n\nexport interface StorageKeys {\n accessToken: string;\n refreshToken: string;\n idToken: string;\n expiresAt: string;\n state: string;\n nonce: string;\n codeVerifier: string;\n returnTo: string;\n}\n\n// ============================================\n// Event Types\n// ============================================\n\nexport type AuthEvent =\n | { type: \"INITIALIZED\" }\n | { type: \"LOGIN_STARTED\" }\n | { type: \"LOGIN_SUCCESS\"; user: User; tokens: TokenInfo }\n | { type: \"LOGIN_ERROR\"; error: AuthError }\n | { type: \"LOGOUT_STARTED\" }\n | { type: \"LOGOUT_SUCCESS\" }\n | { type: \"LOGOUT_ERROR\"; error: AuthError }\n | { type: \"TOKEN_REFRESHED\"; tokens: TokenInfo }\n | { type: \"TOKEN_REFRESH_ERROR\"; error: AuthError }\n | { type: \"SESSION_EXPIRED\" };\n\nexport type AuthEventHandler = (event: AuthEvent) => void;\n\n// ============================================\n// Error Types\n// ============================================\n\nexport class AuthError extends Error {\n constructor(\n public code: AuthErrorCode,\n message: string,\n public cause?: Error,\n ) {\n super(message);\n this.name = \"AuthError\";\n }\n}\n\nexport type AuthErrorCode =\n | \"invalid_request\"\n | \"invalid_client\"\n | \"invalid_grant\"\n | \"unauthorized_client\"\n | \"unsupported_grant_type\"\n | \"invalid_scope\"\n | \"access_denied\"\n | \"server_error\"\n | \"temporarily_unavailable\"\n | \"login_required\"\n | \"consent_required\"\n | \"interaction_required\"\n | \"invalid_token\"\n | \"insufficient_scope\"\n | \"token_expired\"\n | \"token_refresh_failed\"\n | \"pkce_error\"\n | \"state_mismatch\"\n | \"nonce_mismatch\"\n | \"network_error\"\n | \"configuration_error\"\n | \"unknown_error\";\n\n// ============================================\n// Discovery Types\n// ============================================\n\nexport interface OIDCDiscovery {\n issuer: string;\n authorization_endpoint: string;\n token_endpoint: string;\n userinfo_endpoint: string;\n jwks_uri: string;\n revocation_endpoint?: string;\n introspection_endpoint?: string;\n end_session_endpoint?: string;\n registration_endpoint?: string;\n scopes_supported: string[];\n response_types_supported: string[];\n response_modes_supported?: string[];\n grant_types_supported: string[];\n token_endpoint_auth_methods_supported?: string[];\n subject_types_supported: string[];\n id_token_signing_alg_values_supported: string[];\n claims_supported?: string[];\n code_challenge_methods_supported?: string[];\n}\n\n// ============================================\n// Callback Types\n// ============================================\n\nexport interface CallbackParams {\n code?: string;\n state?: string;\n error?: string;\n error_description?: string;\n}\n\nexport interface CallbackResult {\n success: boolean;\n user?: User;\n tokens?: TokenInfo;\n error?: AuthError;\n returnTo?: string;\n}\n\n// ============================================\n// Login Options\n// ============================================\n\nexport interface LoginOptions {\n /** URL to return to after login */\n returnTo?: string;\n /** Additional authorization parameters */\n authorizationParams?: Record<string, string>;\n /** Prompt parameter (none, login, consent, select_account) */\n prompt?: \"none\" | \"login\" | \"consent\" | \"select_account\";\n /** Login hint (email or identifier) */\n loginHint?: string;\n /** UI locales preference */\n uiLocales?: string;\n /** Maximum authentication age in seconds */\n maxAge?: number;\n /** ACR values requested */\n acrValues?: string;\n}\n\nexport interface LogoutOptions {\n /** URL to return to after logout */\n returnTo?: string;\n /** Whether to federate logout (end session at IdP) @default true */\n federated?: boolean;\n /** Only clear local session, don't redirect @default false */\n localOnly?: boolean;\n}\n\n// ============================================\n// Navigation Options\n// ============================================\n\n/** Base options for all auth navigation redirects */\nexport interface AuthNavigationOptions {\n /** URL to return to after the action completes */\n returnTo?: string;\n /** OAuth client_id for branded experiences */\n clientId?: string;\n /** Open in a new tab/window instead of redirecting */\n openInNewTab?: boolean;\n}\n\nexport interface SelectAccountOptions extends AuthNavigationOptions {\n /** Pre-select a specific email/account */\n loginHint?: string;\n}\n\nexport interface RegisterOptions extends AuthNavigationOptions {\n /** Pre-fill email on register form */\n email?: string;\n /** Pre-fill first name */\n firstName?: string;\n /** Pre-fill last name */\n lastName?: string;\n /** UI locale preference */\n uiLocales?: string;\n}\n\nexport interface RecoverAccountOptions extends AuthNavigationOptions {\n /** Pre-fill email for recovery */\n email?: string;\n}\n\nexport interface VerifyAccountOptions extends AuthNavigationOptions {\n /** Email to verify */\n email?: string;\n}\n\nexport interface UpgradeAccountOptions extends AuthNavigationOptions {\n /** Scopes to request on upgrade */\n scopes?: string[];\n}\n\nexport interface SetupPasskeyOptions extends AuthNavigationOptions {}\n\nexport interface SetupAddressOptions extends AuthNavigationOptions {}\n\nexport interface AddAccountOptions extends AuthNavigationOptions {\n /** Pre-fill email hint for the new account */\n loginHint?: string;\n}\n\nexport interface RevokeTokenOptions {\n /** Specific token to revoke. If not provided, revokes current access token */\n token?: string;\n /** Token type hint: \"access_token\" or \"refresh_token\" */\n tokenTypeHint?: \"access_token\" | \"refresh_token\";\n}\n\n/** Result of URL builder methods (non-redirecting) */\nexport interface AuthUrl {\n /** The full URL */\n url: string;\n /** Open the URL via redirect */\n redirect: () => void;\n /** Open the URL in a new tab */\n open: () => Window | null;\n}\n","/**\n * @douvery/auth - PKCE Utilities\n * RFC 7636 - Proof Key for Code Exchange\n */\n\nimport type { PKCEPair } from \"./types\";\n\n/** Generate a cryptographically random string for use as code_verifier */\nexport function generateCodeVerifier(length: number = 64): string {\n const charset =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~\";\n const randomValues = crypto.getRandomValues(new Uint8Array(length));\n return Array.from(randomValues)\n .map((v) => charset[v % charset.length])\n .join(\"\");\n}\n\n/** Generate a random state parameter for CSRF protection */\nexport function generateState(): string {\n return generateCodeVerifier(32);\n}\n\n/** Generate a random nonce for replay attack protection */\nexport function generateNonce(): string {\n return generateCodeVerifier(32);\n}\n\n/** Create SHA-256 hash and encode as base64url */\nexport async function generateCodeChallenge(verifier: string): Promise<string> {\n const encoder = new TextEncoder();\n const data = encoder.encode(verifier);\n const hashBuffer = await crypto.subtle.digest(\"SHA-256\", data);\n return base64UrlEncode(hashBuffer);\n}\n\n/** Encode ArrayBuffer as base64url (RFC 4648 Section 5) */\nexport function base64UrlEncode(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = \"\";\n for (let i = 0; i < bytes.length; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n const base64 = btoa(binary);\n return base64.replace(/\\+/g, \"-\").replace(/\\//g, \"_\").replace(/=+$/, \"\");\n}\n\n/** Decode base64url string to ArrayBuffer */\nexport function base64UrlDecode(input: string): ArrayBuffer {\n let base64 = input.replace(/-/g, \"+\").replace(/_/g, \"/\");\n const padding = base64.length % 4;\n if (padding) {\n base64 += \"=\".repeat(4 - padding);\n }\n const binary = atob(base64);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes.buffer;\n}\n\n/** Generate a complete PKCE pair (verifier + challenge) */\nexport async function generatePKCEPair(): Promise<PKCEPair> {\n const codeVerifier = generateCodeVerifier();\n const codeChallenge = await generateCodeChallenge(codeVerifier);\n return {\n codeVerifier,\n codeChallenge,\n codeChallengeMethod: \"S256\",\n };\n}\n\n/** Verify a code_verifier against a code_challenge */\nexport async function verifyCodeChallenge(\n verifier: string,\n challenge: string,\n method: \"S256\" | \"plain\" = \"S256\",\n): Promise<boolean> {\n if (method === \"plain\") {\n return verifier === challenge;\n }\n const computedChallenge = await generateCodeChallenge(verifier);\n return computedChallenge === challenge;\n}\n\n/** Parse and decode a JWT token (without verification) */\nexport function decodeJWT<T = Record<string, unknown>>(token: string): T {\n const parts = token.split(\".\");\n if (parts.length !== 3) {\n throw new Error(\"Invalid JWT format\");\n }\n const payload = parts[1];\n const decoded = base64UrlDecode(payload);\n const text = new TextDecoder().decode(decoded);\n return JSON.parse(text) as T;\n}\n\n/** Check if a JWT token is expired */\nexport function isTokenExpired(token: string, clockSkew: number = 60): boolean {\n try {\n const payload = decodeJWT<{ exp?: number }>(token);\n if (!payload.exp) {\n return false;\n }\n const now = Math.floor(Date.now() / 1000);\n return payload.exp < now - clockSkew;\n } catch {\n return true;\n }\n}\n\n/** Get token expiration timestamp */\nexport function getTokenExpiration(token: string): number | null {\n try {\n const payload = decodeJWT<{ exp?: number }>(token);\n return payload.exp ? payload.exp * 1000 : null;\n } catch {\n return null;\n }\n}\n","/**\n * @douvery/auth - Token Storage\n * Abstraction for token persistence\n */\n\nimport type { TokenStorage, StorageKeys, TokenInfo } from \"./types\";\n\nconst DEFAULT_PREFIX = \"douvery_auth\";\n\nexport const STORAGE_KEYS: StorageKeys = {\n accessToken: `${DEFAULT_PREFIX}_access_token`,\n refreshToken: `${DEFAULT_PREFIX}_refresh_token`,\n idToken: `${DEFAULT_PREFIX}_id_token`,\n expiresAt: `${DEFAULT_PREFIX}_expires_at`,\n state: `${DEFAULT_PREFIX}_state`,\n nonce: `${DEFAULT_PREFIX}_nonce`,\n codeVerifier: `${DEFAULT_PREFIX}_code_verifier`,\n returnTo: `${DEFAULT_PREFIX}_return_to`,\n};\n\n/** In-memory storage implementation */\nexport class MemoryStorage implements TokenStorage {\n private store = new Map<string, string>();\n\n get(key: string): string | null {\n return this.store.get(key) ?? null;\n }\n\n set(key: string, value: string): void {\n this.store.set(key, value);\n }\n\n remove(key: string): void {\n this.store.delete(key);\n }\n\n clear(): void {\n this.store.clear();\n }\n}\n\n/** LocalStorage implementation */\nexport class LocalStorage implements TokenStorage {\n get(key: string): string | null {\n if (typeof window === \"undefined\") return null;\n return localStorage.getItem(key);\n }\n\n set(key: string, value: string): void {\n if (typeof window === \"undefined\") return;\n localStorage.setItem(key, value);\n }\n\n remove(key: string): void {\n if (typeof window === \"undefined\") return;\n localStorage.removeItem(key);\n }\n\n clear(): void {\n if (typeof window === \"undefined\") return;\n Object.values(STORAGE_KEYS).forEach((key) => {\n localStorage.removeItem(key);\n });\n }\n}\n\n/** SessionStorage implementation */\nexport class SessionStorage implements TokenStorage {\n get(key: string): string | null {\n if (typeof window === \"undefined\") return null;\n return sessionStorage.getItem(key);\n }\n\n set(key: string, value: string): void {\n if (typeof window === \"undefined\") return;\n sessionStorage.setItem(key, value);\n }\n\n remove(key: string): void {\n if (typeof window === \"undefined\") return;\n sessionStorage.removeItem(key);\n }\n\n clear(): void {\n if (typeof window === \"undefined\") return;\n Object.values(STORAGE_KEYS).forEach((key) => {\n sessionStorage.removeItem(key);\n });\n }\n}\n\n/** Cookie storage implementation (for SSR compatibility) */\nexport class CookieStorage implements TokenStorage {\n constructor(\n private options: {\n path?: string;\n domain?: string;\n secure?: boolean;\n sameSite?: \"Strict\" | \"Lax\" | \"None\";\n maxAge?: number;\n } = {},\n ) {\n this.options = { path: \"/\", secure: true, sameSite: \"Lax\", ...options };\n }\n\n get(key: string): string | null {\n if (typeof document === \"undefined\") return null;\n const cookies = document.cookie.split(\";\");\n for (const cookie of cookies) {\n const [name, value] = cookie.trim().split(\"=\");\n if (name === key) {\n return decodeURIComponent(value);\n }\n }\n return null;\n }\n\n set(key: string, value: string): void {\n if (typeof document === \"undefined\") return;\n const parts = [\n `${key}=${encodeURIComponent(value)}`,\n `path=${this.options.path}`,\n ];\n if (this.options.domain) parts.push(`domain=${this.options.domain}`);\n if (this.options.secure) parts.push(\"secure\");\n if (this.options.sameSite) parts.push(`samesite=${this.options.sameSite}`);\n if (this.options.maxAge) parts.push(`max-age=${this.options.maxAge}`);\n document.cookie = parts.join(\"; \");\n }\n\n remove(key: string): void {\n if (typeof document === \"undefined\") return;\n document.cookie = `${key}=; path=${this.options.path}; expires=Thu, 01 Jan 1970 00:00:00 GMT`;\n }\n\n clear(): void {\n Object.values(STORAGE_KEYS).forEach((key) => this.remove(key));\n }\n}\n\n/** Create storage instance based on type */\nexport function createStorage(\n type: \"localStorage\" | \"sessionStorage\" | \"memory\" | \"cookie\",\n): TokenStorage {\n switch (type) {\n case \"localStorage\":\n return new LocalStorage();\n case \"sessionStorage\":\n return new SessionStorage();\n case \"cookie\":\n return new CookieStorage();\n case \"memory\":\n default:\n return new MemoryStorage();\n }\n}\n\n/** Token manager for handling token persistence */\nexport class TokenManager {\n constructor(private storage: TokenStorage) {}\n\n async getTokens(): Promise<TokenInfo | null> {\n const accessToken = await this.storage.get(STORAGE_KEYS.accessToken);\n if (!accessToken) return null;\n\n const refreshToken = await this.storage.get(STORAGE_KEYS.refreshToken);\n const idToken = await this.storage.get(STORAGE_KEYS.idToken);\n const expiresAt = await this.storage.get(STORAGE_KEYS.expiresAt);\n\n return {\n accessToken,\n refreshToken: refreshToken ?? undefined,\n idToken: idToken ?? undefined,\n expiresAt: expiresAt ? parseInt(expiresAt, 10) : 0,\n tokenType: \"Bearer\",\n scope: [],\n };\n }\n\n async setTokens(tokens: TokenInfo): Promise<void> {\n await this.storage.set(STORAGE_KEYS.accessToken, tokens.accessToken);\n await this.storage.set(STORAGE_KEYS.expiresAt, tokens.expiresAt.toString());\n if (tokens.refreshToken) {\n await this.storage.set(STORAGE_KEYS.refreshToken, tokens.refreshToken);\n }\n if (tokens.idToken) {\n await this.storage.set(STORAGE_KEYS.idToken, tokens.idToken);\n }\n }\n\n async clearTokens(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.accessToken);\n await this.storage.remove(STORAGE_KEYS.refreshToken);\n await this.storage.remove(STORAGE_KEYS.idToken);\n await this.storage.remove(STORAGE_KEYS.expiresAt);\n }\n\n async saveState(state: string): Promise<void> {\n await this.storage.set(STORAGE_KEYS.state, state);\n }\n\n async getState(): Promise<string | null> {\n return this.storage.get(STORAGE_KEYS.state);\n }\n\n async clearState(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.state);\n }\n\n async saveNonce(nonce: string): Promise<void> {\n await this.storage.set(STORAGE_KEYS.nonce, nonce);\n }\n\n async getNonce(): Promise<string | null> {\n return this.storage.get(STORAGE_KEYS.nonce);\n }\n\n async clearNonce(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.nonce);\n }\n\n async saveCodeVerifier(verifier: string): Promise<void> {\n await this.storage.set(STORAGE_KEYS.codeVerifier, verifier);\n }\n\n async getCodeVerifier(): Promise<string | null> {\n return this.storage.get(STORAGE_KEYS.codeVerifier);\n }\n\n async clearCodeVerifier(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.codeVerifier);\n }\n\n async saveReturnTo(url: string): Promise<void> {\n await this.storage.set(STORAGE_KEYS.returnTo, url);\n }\n\n async getReturnTo(): Promise<string | null> {\n return this.storage.get(STORAGE_KEYS.returnTo);\n }\n\n async clearReturnTo(): Promise<void> {\n await this.storage.remove(STORAGE_KEYS.returnTo);\n }\n\n async clearAll(): Promise<void> {\n await this.storage.clear();\n }\n}\n\n// ============================================================================\n// Server-Bridged Storage\n// ============================================================================\n\n/**\n * Options for createServerBridgedStorage.\n *\n * Use this when tokens are managed server-side (httpOnly cookies)\n * but the OAuth/PKCE flow needs client-side ephemeral storage.\n */\nexport interface ServerBridgedStorageOptions {\n /**\n * Name of a **non-httpOnly** cookie that holds the access token\n * expiration timestamp (in milliseconds). Used to infer whether\n * a valid session exists without exposing the actual tokens.\n */\n tokenExpirationCookie: string;\n\n /**\n * Placeholder value returned by `get()` for server-managed keys\n * (accessToken, refreshToken). Signals to the caller that the\n * real token exists but is not readable from JS.\n * @default \"__server_managed__\"\n */\n serverManagedPlaceholder?: string;\n\n /**\n * Enable debug logging.\n * @default false\n */\n debug?: boolean;\n}\n\n/** Keys whose real values live in httpOnly cookies */\nconst SERVER_TOKEN_KEYS = new Set([\n STORAGE_KEYS.accessToken,\n STORAGE_KEYS.refreshToken,\n STORAGE_KEYS.idToken,\n]);\n\n/** Keys that are ephemeral to the OAuth/PKCE flow */\nconst PKCE_KEYS = new Set([\n STORAGE_KEYS.state,\n STORAGE_KEYS.nonce,\n STORAGE_KEYS.codeVerifier,\n STORAGE_KEYS.returnTo,\n]);\n\n/**\n * Read a cookie by name from `document.cookie` (client-side only).\n * Returns null during SSR or if the cookie is not found.\n */\nfunction readClientCookie(name: string): string | null {\n if (typeof document === \"undefined\") return null;\n const cookies = document.cookie.split(\";\");\n for (const c of cookies) {\n const [key, ...parts] = c.trim().split(\"=\");\n if (key === name) return decodeURIComponent(parts.join(\"=\"));\n }\n return null;\n}\n\n/** Safe sessionStorage accessor (no-op in SSR). */\nfunction safeSessionStorage(): globalThis.Storage | null {\n if (typeof window === \"undefined\" || typeof sessionStorage === \"undefined\") {\n return null;\n }\n return sessionStorage;\n}\n\n/**\n * Creates a `TokenStorage` adapter for apps where **tokens are\n * managed server-side** (e.g. httpOnly cookies set by routeLoader$/\n * routeAction$) but the OAuth PKCE flow still needs ephemeral\n * client-side storage for state, nonce, codeVerifier and returnTo.\n *\n * Behaviour per key category:\n *\n * | Category | get() | set() / remove() |\n * |-------------------|------------------------------------------|-------------------|\n * | accessToken | returns placeholder if session is active | no-op (server) |\n * | refreshToken | returns placeholder if session exists | no-op (server) |\n * | idToken | always null | no-op |\n * | expiresAt | reads from expiration cookie | no-op (server) |\n * | state/nonce/etc. | sessionStorage | sessionStorage |\n *\n * @example\n * ```ts\n * import { createServerBridgedStorage } from '@douvery/auth';\n *\n * const bridgedStorage = createServerBridgedStorage({\n * tokenExpirationCookie: 'dou_token_exp',\n * debug: import.meta.env.DEV,\n * });\n *\n * const config: DouveryAuthConfig = {\n * clientId: 'my-app',\n * redirectUri: '/callback',\n * customStorage: bridgedStorage,\n * autoRefresh: false, // server handles refresh\n * };\n * ```\n */\nexport function createServerBridgedStorage(\n options: ServerBridgedStorageOptions,\n): TokenStorage {\n const {\n tokenExpirationCookie,\n serverManagedPlaceholder = \"__server_managed__\",\n debug = false,\n } = options;\n\n function log(msg: string) {\n if (debug) console.debug(`[ServerBridgedStorage] ${msg}`);\n }\n\n return {\n get(key: string): string | null {\n // -- Access token: infer from expiration cookie --\n if (key === STORAGE_KEYS.accessToken) {\n const exp = readClientCookie(tokenExpirationCookie);\n if (exp) {\n const ms = parseInt(exp, 10);\n if (!isNaN(ms) && ms > Date.now()) return serverManagedPlaceholder;\n }\n return null;\n }\n\n // -- Refresh token: infer existence from expiration cookie --\n if (key === STORAGE_KEYS.refreshToken) {\n const exp = readClientCookie(tokenExpirationCookie);\n return exp ? serverManagedPlaceholder : null;\n }\n\n // -- ID token: not stored in this system --\n if (key === STORAGE_KEYS.idToken) return null;\n\n // -- Expiration timestamp --\n if (key === STORAGE_KEYS.expiresAt) {\n return readClientCookie(tokenExpirationCookie);\n }\n\n // -- PKCE/ephemeral keys -> sessionStorage --\n if (PKCE_KEYS.has(key)) {\n return safeSessionStorage()?.getItem(key) ?? null;\n }\n\n // -- Fallback: sessionStorage for unknown keys --\n return safeSessionStorage()?.getItem(key) ?? null;\n },\n\n set(key: string, value: string): void {\n if (SERVER_TOKEN_KEYS.has(key) || key === STORAGE_KEYS.expiresAt) {\n log(`Ignoring set(\"${key}\") – managed by server`);\n return;\n }\n const ss = safeSessionStorage();\n if (ss) {\n try {\n ss.setItem(key, value);\n } catch (e) {\n if (debug)\n console.warn(\n \"[ServerBridgedStorage] sessionStorage.setItem failed:\",\n e,\n );\n }\n }\n },\n\n remove(key: string): void {\n if (SERVER_TOKEN_KEYS.has(key) || key === STORAGE_KEYS.expiresAt) {\n log(`Ignoring remove(\"${key}\") – managed by server`);\n return;\n }\n const ss = safeSessionStorage();\n if (ss) {\n try {\n ss.removeItem(key);\n } catch (e) {\n if (debug)\n console.warn(\n \"[ServerBridgedStorage] sessionStorage.removeItem failed:\",\n e,\n );\n }\n }\n },\n\n clear(): void {\n const ss = safeSessionStorage();\n if (!ss) return;\n for (const key of PKCE_KEYS) {\n try {\n ss.removeItem(key);\n } catch {\n // silently ignore\n }\n }\n log(\"PKCE ephemeral data cleared from sessionStorage\");\n },\n };\n}\n","/**\n * @douvery/auth - Auth Client\n * Main OAuth 2.0/OIDC client implementation\n */\n\nimport type {\n DouveryAuthConfig,\n TokenSet,\n TokenInfo,\n User,\n AuthState,\n AuthEvent,\n AuthEventHandler,\n OIDCDiscovery,\n CallbackResult,\n LoginOptions,\n LogoutOptions,\n DecodedIdToken,\n SelectAccountOptions,\n RegisterOptions,\n RecoverAccountOptions,\n VerifyAccountOptions,\n UpgradeAccountOptions,\n SetupPasskeyOptions,\n SetupAddressOptions,\n AddAccountOptions,\n RevokeTokenOptions,\n AuthNavigationOptions,\n AuthUrl,\n} from \"./types\";\nimport { AuthError } from \"./types\";\nimport {\n generatePKCEPair,\n generateState,\n generateNonce,\n decodeJWT,\n isTokenExpired,\n} from \"./pkce\";\nimport { createStorage, TokenManager } from \"./storage\";\n\nconst DEFAULT_ISSUER = \"https://auth.douvery.com\";\nconst DEFAULT_SCOPES = [\"openid\", \"profile\", \"email\"];\n\nexport class DouveryAuthClient {\n private config: Required<\n Pick<DouveryAuthConfig, \"clientId\" | \"issuer\" | \"redirectUri\" | \"scopes\">\n > &\n DouveryAuthConfig;\n private tokenManager: TokenManager;\n private discovery: OIDCDiscovery | null = null;\n private eventHandlers: Set<AuthEventHandler> = new Set();\n private refreshTimer: ReturnType<typeof setTimeout> | null = null;\n private state: AuthState = {\n status: \"loading\",\n user: null,\n tokens: null,\n error: null,\n };\n\n constructor(config: DouveryAuthConfig) {\n this.config = {\n issuer: DEFAULT_ISSUER,\n scopes: DEFAULT_SCOPES,\n storage: \"localStorage\",\n autoRefresh: true,\n refreshThreshold: 60,\n debug: false,\n ...config,\n };\n\n const storage =\n config.customStorage ??\n createStorage(this.config.storage ?? \"localStorage\");\n this.tokenManager = new TokenManager(storage);\n }\n\n /** Initialize the auth client */\n async initialize(): Promise<AuthState> {\n this.log(\"Initializing auth client...\");\n\n try {\n if (this.isCallback()) {\n this.log(\"Handling OAuth callback...\");\n const result = await this.handleCallback();\n if (result.success && result.user && result.tokens) {\n this.updateState({\n status: \"authenticated\",\n user: result.user,\n tokens: result.tokens,\n error: null,\n });\n this.setupAutoRefresh();\n } else {\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: result.error ?? null,\n });\n }\n } else {\n const tokens = await this.tokenManager.getTokens();\n if (tokens && tokens.accessToken) {\n if (!isTokenExpired(tokens.accessToken)) {\n this.log(\"Found valid existing session\");\n const user = await this.fetchUser(tokens.accessToken);\n this.updateState({\n status: \"authenticated\",\n user,\n tokens,\n error: null,\n });\n this.setupAutoRefresh();\n } else if (tokens.refreshToken) {\n this.log(\"Access token expired, attempting refresh...\");\n await this.refreshTokens();\n } else {\n this.log(\"Session expired, no refresh token\");\n await this.tokenManager.clearTokens();\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: null,\n });\n }\n } else {\n this.log(\"No existing session found\");\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: null,\n });\n }\n }\n\n this.emit({ type: \"INITIALIZED\" });\n } catch (error) {\n this.log(\"Initialization error:\", error);\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error:\n error instanceof AuthError\n ? error\n : new AuthError(\n \"unknown_error\",\n \"Initialization failed\",\n error as Error,\n ),\n });\n }\n\n return this.state;\n }\n\n /** Start the login flow */\n async login(options: LoginOptions = {}): Promise<void> {\n this.log(\"Starting login flow...\");\n this.emit({ type: \"LOGIN_STARTED\" });\n\n try {\n const discovery = await this.getDiscovery();\n const pkce = await generatePKCEPair();\n const state = generateState();\n const nonce = generateNonce();\n\n await this.tokenManager.saveState(state);\n await this.tokenManager.saveNonce(nonce);\n await this.tokenManager.saveCodeVerifier(pkce.codeVerifier);\n\n if (options.returnTo) {\n await this.tokenManager.saveReturnTo(options.returnTo);\n }\n\n const params = new URLSearchParams({\n response_type: \"code\",\n client_id: this.config.clientId,\n redirect_uri: this.config.redirectUri,\n scope: this.config.scopes!.join(\" \"),\n state,\n nonce,\n code_challenge: pkce.codeChallenge,\n code_challenge_method: pkce.codeChallengeMethod,\n ...options.authorizationParams,\n });\n\n if (options.prompt) params.set(\"prompt\", options.prompt);\n if (options.loginHint) params.set(\"login_hint\", options.loginHint);\n if (options.uiLocales) params.set(\"ui_locales\", options.uiLocales);\n if (options.maxAge !== undefined)\n params.set(\"max_age\", options.maxAge.toString());\n if (options.acrValues) params.set(\"acr_values\", options.acrValues);\n\n const authUrl = `${discovery.authorization_endpoint}?${params}`;\n this.log(\"Redirecting to:\", authUrl);\n\n window.location.href = authUrl;\n } catch (error) {\n const authError =\n error instanceof AuthError\n ? error\n : new AuthError(\n \"configuration_error\",\n \"Login failed\",\n error as Error,\n );\n this.emit({ type: \"LOGIN_ERROR\", error: authError });\n throw authError;\n }\n }\n\n /** Logout the user */\n async logout(options: LogoutOptions = {}): Promise<void> {\n this.log(\"Starting logout...\");\n this.emit({ type: \"LOGOUT_STARTED\" });\n\n try {\n await this.tokenManager.clearAll();\n this.clearAutoRefresh();\n\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: null,\n });\n\n if (options.localOnly) {\n this.emit({ type: \"LOGOUT_SUCCESS\" });\n return;\n }\n\n if (options.federated !== false) {\n const discovery = await this.getDiscovery();\n if (discovery.end_session_endpoint) {\n const params = new URLSearchParams();\n if (this.state.tokens?.idToken) {\n params.set(\"id_token_hint\", this.state.tokens.idToken);\n }\n if (options.returnTo || this.config.postLogoutRedirectUri) {\n params.set(\n \"post_logout_redirect_uri\",\n options.returnTo || this.config.postLogoutRedirectUri!,\n );\n }\n params.set(\"client_id\", this.config.clientId);\n\n const logoutUrl = `${discovery.end_session_endpoint}?${params}`;\n this.log(\"Redirecting to logout:\", logoutUrl);\n window.location.href = logoutUrl;\n return;\n }\n }\n\n this.emit({ type: \"LOGOUT_SUCCESS\" });\n\n if (options.returnTo) {\n window.location.href = options.returnTo;\n }\n } catch (error) {\n const authError =\n error instanceof AuthError\n ? error\n : new AuthError(\"unknown_error\", \"Logout failed\", error as Error);\n this.emit({ type: \"LOGOUT_ERROR\", error: authError });\n throw authError;\n }\n }\n\n /** Check if current URL is an OAuth callback */\n isCallback(): boolean {\n if (typeof window === \"undefined\") return false;\n const params = new URLSearchParams(window.location.search);\n return params.has(\"code\") || params.has(\"error\");\n }\n\n /** Handle the OAuth callback */\n async handleCallback(): Promise<CallbackResult> {\n this.log(\"Processing callback...\");\n\n if (typeof window === \"undefined\") {\n return {\n success: false,\n error: new AuthError(\n \"configuration_error\",\n \"Cannot handle callback on server\",\n ),\n };\n }\n\n const params = new URLSearchParams(window.location.search);\n const code = params.get(\"code\");\n const stateParam = params.get(\"state\");\n const errorParam = params.get(\"error\");\n const errorDescription = params.get(\"error_description\");\n\n if (errorParam) {\n const error = new AuthError(\n errorParam as any,\n errorDescription ?? \"Authorization failed\",\n );\n return { success: false, error };\n }\n\n const savedState = await this.tokenManager.getState();\n if (!stateParam || stateParam !== savedState) {\n return {\n success: false,\n error: new AuthError(\"state_mismatch\", \"State parameter mismatch\"),\n };\n }\n\n if (!code) {\n return {\n success: false,\n error: new AuthError(\n \"invalid_request\",\n \"No authorization code received\",\n ),\n };\n }\n\n const codeVerifier = await this.tokenManager.getCodeVerifier();\n if (!codeVerifier) {\n return {\n success: false,\n error: new AuthError(\"pkce_error\", \"No code verifier found\"),\n };\n }\n\n try {\n const tokens = await this.exchangeCode(code, codeVerifier);\n await this.tokenManager.setTokens(tokens);\n const user = await this.fetchUser(tokens.accessToken);\n const returnTo = await this.tokenManager.getReturnTo();\n\n await this.tokenManager.clearState();\n await this.tokenManager.clearNonce();\n await this.tokenManager.clearCodeVerifier();\n await this.tokenManager.clearReturnTo();\n\n window.history.replaceState({}, \"\", window.location.pathname);\n\n this.emit({ type: \"LOGIN_SUCCESS\", user, tokens });\n\n return { success: true, user, tokens, returnTo: returnTo ?? undefined };\n } catch (error) {\n const authError =\n error instanceof AuthError\n ? error\n : new AuthError(\n \"invalid_grant\",\n \"Token exchange failed\",\n error as Error,\n );\n this.emit({ type: \"LOGIN_ERROR\", error: authError });\n return { success: false, error: authError };\n }\n }\n\n private async exchangeCode(\n code: string,\n codeVerifier: string,\n ): Promise<TokenInfo> {\n const discovery = await this.getDiscovery();\n\n const response = await fetch(discovery.token_endpoint, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/x-www-form-urlencoded\" },\n body: new URLSearchParams({\n grant_type: \"authorization_code\",\n code,\n redirect_uri: this.config.redirectUri,\n client_id: this.config.clientId,\n code_verifier: codeVerifier,\n }),\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({}));\n throw new AuthError(\n error.error ?? \"invalid_grant\",\n error.error_description ?? \"Token exchange failed\",\n );\n }\n\n const tokenSet: TokenSet = await response.json();\n return this.tokenSetToInfo(tokenSet);\n }\n\n /** Refresh the access token */\n async refreshTokens(): Promise<TokenInfo> {\n this.log(\"Refreshing tokens...\");\n\n const tokens = await this.tokenManager.getTokens();\n if (!tokens?.refreshToken) {\n throw new AuthError(\"token_refresh_failed\", \"No refresh token available\");\n }\n\n const discovery = await this.getDiscovery();\n\n const response = await fetch(discovery.token_endpoint, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/x-www-form-urlencoded\" },\n body: new URLSearchParams({\n grant_type: \"refresh_token\",\n refresh_token: tokens.refreshToken,\n client_id: this.config.clientId,\n }),\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({}));\n const authError = new AuthError(\n error.error ?? \"token_refresh_failed\",\n error.error_description ?? \"Token refresh failed\",\n );\n this.emit({ type: \"TOKEN_REFRESH_ERROR\", error: authError });\n await this.tokenManager.clearTokens();\n this.updateState({\n status: \"unauthenticated\",\n user: null,\n tokens: null,\n error: authError,\n });\n this.emit({ type: \"SESSION_EXPIRED\" });\n throw authError;\n }\n\n const tokenSet: TokenSet = await response.json();\n const newTokens = this.tokenSetToInfo(tokenSet);\n await this.tokenManager.setTokens(newTokens);\n\n const user = newTokens.idToken\n ? this.extractUserFromIdToken(newTokens.idToken)\n : this.state.user;\n\n this.updateState({ ...this.state, tokens: newTokens, user });\n this.emit({ type: \"TOKEN_REFRESHED\", tokens: newTokens });\n this.setupAutoRefresh();\n\n return newTokens;\n }\n\n /** Get current access token (auto-refreshes if needed) */\n async getAccessToken(): Promise<string | null> {\n const tokens = await this.tokenManager.getTokens();\n if (!tokens) return null;\n\n if (isTokenExpired(tokens.accessToken)) {\n if (tokens.refreshToken) {\n const newTokens = await this.refreshTokens();\n return newTokens.accessToken;\n }\n return null;\n }\n\n return tokens.accessToken;\n }\n\n // ============================================\n // Navigation Methods\n // ============================================\n\n /** Redirect to select/switch account */\n selectAccount(options: SelectAccountOptions = {}): void {\n const url = this.buildSelectAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build select-account URL without redirecting */\n buildSelectAccountUrl(options: SelectAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.loginHint) params.set(\"login_hint\", options.loginHint);\n return this.createAuthUrl(\"/select-account\", params);\n }\n\n /** Redirect to add another account (multi-session) */\n addAccount(options: AddAccountOptions = {}): void {\n const url = this.buildAddAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build add-account URL without redirecting */\n buildAddAccountUrl(options: AddAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams({ add_account: \"true\" });\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.loginHint) params.set(\"login_hint\", options.loginHint);\n return this.createAuthUrl(\"/login\", params);\n }\n\n /** Redirect to register a new account */\n register(options: RegisterOptions = {}): void {\n const url = this.buildRegisterUrl(options);\n this.navigate(url, options);\n }\n\n /** Build register URL without redirecting */\n buildRegisterUrl(options: RegisterOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.email) params.set(\"email\", options.email);\n if (options.firstName) params.set(\"first_name\", options.firstName);\n if (options.lastName) params.set(\"last_name\", options.lastName);\n if (options.uiLocales) params.set(\"ui_locales\", options.uiLocales);\n return this.createAuthUrl(\"/register\", params);\n }\n\n /** Redirect to recover account (forgot password) */\n recoverAccount(options: RecoverAccountOptions = {}): void {\n const url = this.buildRecoverAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build recover-account URL without redirecting */\n buildRecoverAccountUrl(options: RecoverAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.email) params.set(\"email\", options.email);\n return this.createAuthUrl(\"/recover-account\", params);\n }\n\n /** Redirect to verify account (email verification) */\n verifyAccount(options: VerifyAccountOptions = {}): void {\n const url = this.buildVerifyAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build verify-account URL without redirecting */\n buildVerifyAccountUrl(options: VerifyAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.email) params.set(\"email\", options.email);\n return this.createAuthUrl(\"/verify-account\", params);\n }\n\n /** Redirect to upgrade account (guest → full account) */\n upgradeAccount(options: UpgradeAccountOptions = {}): void {\n const url = this.buildUpgradeAccountUrl(options);\n this.navigate(url, options);\n }\n\n /** Build upgrade-account URL without redirecting */\n buildUpgradeAccountUrl(options: UpgradeAccountOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n if (options.scopes?.length) params.set(\"scope\", options.scopes.join(\" \"));\n return this.createAuthUrl(\"/upgrade-account\", params);\n }\n\n /** Redirect to passkey setup */\n setupPasskey(options: SetupPasskeyOptions = {}): void {\n const url = this.buildSetupPasskeyUrl(options);\n this.navigate(url, options);\n }\n\n /** Build setup-passkey URL without redirecting */\n buildSetupPasskeyUrl(options: SetupPasskeyOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n return this.createAuthUrl(\"/setup-passkey\", params);\n }\n\n /** Redirect to address setup */\n setupAddress(options: SetupAddressOptions = {}): void {\n const url = this.buildSetupAddressUrl(options);\n this.navigate(url, options);\n }\n\n /** Build setup-address URL without redirecting */\n buildSetupAddressUrl(options: SetupAddressOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.clientId) params.set(\"client_id\", options.clientId);\n return this.createAuthUrl(\"/setup-address\", params);\n }\n\n /** Build a login URL without redirecting (useful for links/buttons) */\n buildLoginUrl(options: LoginOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n if (options.loginHint) params.set(\"email\", options.loginHint);\n if (options.prompt) params.set(\"prompt\", options.prompt);\n if (options.uiLocales) params.set(\"ui_locales\", options.uiLocales);\n return this.createAuthUrl(\"/login\", params);\n }\n\n /** Build a logout URL without redirecting */\n buildLogoutUrl(options: LogoutOptions = {}): AuthUrl {\n const params = new URLSearchParams();\n if (options.returnTo) params.set(\"continue\", options.returnTo);\n return this.createAuthUrl(\"/logout\", params);\n }\n\n /** Revoke a token (access or refresh) */\n async revokeToken(options: RevokeTokenOptions = {}): Promise<void> {\n this.log(\"Revoking token...\");\n\n const token =\n options.token ?? (await this.tokenManager.getTokens())?.accessToken;\n if (!token) {\n throw new AuthError(\"invalid_token\", \"No token to revoke\");\n }\n\n const revokeUrl = `${this.config.issuer}/oauth/revoke`;\n\n const body = new URLSearchParams({\n token,\n client_id: this.config.clientId,\n });\n if (options.tokenTypeHint) {\n body.set(\"token_type_hint\", options.tokenTypeHint);\n }\n\n const response = await fetch(revokeUrl, {\n method: \"POST\",\n headers: { \"Content-Type\": \"application/x-www-form-urlencoded\" },\n body,\n });\n\n if (!response.ok) {\n const error = await response.json().catch(() => ({}));\n throw new AuthError(\n error.error ?? \"server_error\",\n error.error_description ?? \"Token revocation failed\",\n );\n }\n\n this.log(\"Token revoked successfully\");\n }\n\n /** Check if the user's session is expired */\n isSessionExpired(): boolean {\n if (!this.state.tokens) return true;\n return isTokenExpired(this.state.tokens.accessToken);\n }\n\n /** Check if user needs email verification */\n needsEmailVerification(): boolean {\n return this.state.user?.emailVerified === false;\n }\n\n /** Check if user is a guest account */\n isGuestAccount(): boolean {\n return (\n (this.state.user as Record<string, unknown>)?.accountType === \"guest\"\n );\n }\n\n private tokenSetToInfo(tokenSet: TokenSet): TokenInfo {\n return {\n accessToken: tokenSet.access_token,\n refreshToken: tokenSet.refresh_token,\n idToken: tokenSet.id_token,\n expiresAt: Date.now() + tokenSet.expires_in * 1000,\n tokenType: tokenSet.token_type,\n scope: tokenSet.scope?.split(\" \") ?? [],\n };\n }\n\n /** Build an AuthUrl object for a given path and params */\n private createAuthUrl(path: string, params: URLSearchParams): AuthUrl {\n const query = params.toString();\n const url = `${this.config.issuer}${path}${query ? `?${query}` : \"\"}`;\n return {\n url,\n redirect: () => {\n window.location.href = url;\n },\n open: () => {\n return window.open(url, \"_blank\");\n },\n };\n }\n\n /** Navigate to an auth URL, respecting openInNewTab option */\n private navigate(authUrl: AuthUrl, options: AuthNavigationOptions): void {\n if (options.openInNewTab) {\n authUrl.open();\n } else {\n authUrl.redirect();\n }\n }\n\n private async fetchUser(accessToken: string): Promise<User> {\n const discovery = await this.getDiscovery();\n\n const response = await fetch(discovery.userinfo_endpoint, {\n headers: { Authorization: `Bearer ${accessToken}` },\n });\n\n if (!response.ok) {\n throw new AuthError(\"invalid_token\", \"Failed to fetch user info\");\n }\n\n const userInfo = await response.json();\n return this.normalizeUser(userInfo);\n }\n\n private extractUserFromIdToken(idToken: string): User {\n const claims = decodeJWT<DecodedIdToken>(idToken);\n return this.normalizeUser(claims);\n }\n\n private normalizeUser(claims: Record<string, unknown>): User {\n return {\n id: claims.sub as string,\n email: claims.email as string | undefined,\n emailVerified: claims.email_verified as boolean | undefined,\n name: claims.name as string | undefined,\n firstName: claims.given_name as string | undefined,\n lastName: claims.family_name as string | undefined,\n picture: claims.picture as string | undefined,\n phoneNumber: claims.phone_number as string | undefined,\n phoneNumberVerified: claims.phone_number_verified as boolean | undefined,\n locale: claims.locale as string | undefined,\n ...claims,\n };\n }\n\n private async getDiscovery(): Promise<OIDCDiscovery> {\n if (this.discovery) return this.discovery;\n const discoveryUrl = `${this.config.issuer}/.well-known/openid-configuration`;\n this.log(\"Fetching discovery from:\", discoveryUrl);\n const response = await fetch(discoveryUrl);\n if (!response.ok) {\n throw new AuthError(\n \"configuration_error\",\n \"Failed to fetch discovery document\",\n );\n }\n const doc: OIDCDiscovery = await response.json();\n\n // Rewrite endpoints to match the configured issuer.\n // This handles cases where the discovery document returns a different\n // base URL (e.g., production URL in dev mode, or behind a reverse proxy).\n const docIssuer = doc.issuer;\n const configIssuer = this.config.issuer!;\n if (docIssuer && docIssuer !== configIssuer) {\n this.log(\n `Rewriting discovery endpoints: \"${docIssuer}\" -> \"${configIssuer}\"`,\n );\n const rewrite = (url: string) => url.replace(docIssuer, configIssuer);\n doc.issuer = configIssuer;\n doc.authorization_endpoint = rewrite(doc.authorization_endpoint);\n doc.token_endpoint = rewrite(doc.token_endpoint);\n if (doc.userinfo_endpoint)\n doc.userinfo_endpoint = rewrite(doc.userinfo_endpoint);\n if (doc.end_session_endpoint)\n doc.end_session_endpoint = rewrite(doc.end_session_endpoint);\n if (doc.jwks_uri) doc.jwks_uri = rewrite(doc.jwks_uri);\n if (doc.revocation_endpoint)\n doc.revocation_endpoint = rewrite(doc.revocation_endpoint);\n if (doc.introspection_endpoint)\n doc.introspection_endpoint = rewrite(doc.introspection_endpoint);\n }\n\n this.log(\"authorization_endpoint:\", doc.authorization_endpoint);\n this.discovery = doc;\n return this.discovery;\n }\n\n private setupAutoRefresh(): void {\n if (!this.config.autoRefresh || !this.state.tokens) return;\n this.clearAutoRefresh();\n const expiresIn = this.state.tokens.expiresAt - Date.now();\n const refreshIn = expiresIn - this.config.refreshThreshold! * 1000;\n if (refreshIn > 0) {\n this.log(`Scheduling token refresh in ${Math.round(refreshIn / 1000)}s`);\n this.refreshTimer = setTimeout(() => {\n this.refreshTokens().catch((error) =>\n this.log(\"Auto-refresh failed:\", error),\n );\n }, refreshIn);\n }\n }\n\n private clearAutoRefresh(): void {\n if (this.refreshTimer) {\n clearTimeout(this.refreshTimer);\n this.refreshTimer = null;\n }\n }\n\n getState(): AuthState {\n return { ...this.state };\n }\n\n isAuthenticated(): boolean {\n return this.state.status === \"authenticated\";\n }\n\n getUser(): User | null {\n return this.state.user;\n }\n\n subscribe(handler: AuthEventHandler): () => void {\n this.eventHandlers.add(handler);\n return () => this.eventHandlers.delete(handler);\n }\n\n private updateState(newState: AuthState): void {\n this.state = newState;\n }\n\n private emit(event: AuthEvent): void {\n this.eventHandlers.forEach((handler) => {\n try {\n handler(event);\n } catch (error) {\n console.error(\"Event handler error:\", error);\n }\n });\n }\n\n private log(...args: unknown[]): void {\n if (this.config.debug) {\n console.log(\"[DouveryAuth]\", ...args);\n }\n }\n}\n\n/** Create a new DouveryAuthClient instance */\nexport function createDouveryAuth(\n config: DouveryAuthConfig,\n): DouveryAuthClient {\n return new DouveryAuthClient(config);\n}\n"]}
package/dist/qwik/index.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  import * as _builder_io_qwik from '@builder.io/qwik';
2
- import { Signal } from '@builder.io/qwik';
2
+ import { Signal, NoSerialize, QRL } from '@builder.io/qwik';
3
3
  import { AuthState, DouveryAuthClient, DouveryAuthConfig, LoginOptions, LogoutOptions, SelectAccountOptions, AddAccountOptions, RegisterOptions, RecoverAccountOptions, VerifyAccountOptions, UpgradeAccountOptions, SetupPasskeyOptions, SetupAddressOptions, RevokeTokenOptions, AuthUrl, User } from '@douvery/auth';
4
4
  export { AddAccountOptions, AuthState, AuthUrl, DouveryAuthClient, DouveryAuthConfig, LoginOptions, LogoutOptions, RecoverAccountOptions, RegisterOptions, RevokeTokenOptions, SelectAccountOptions, SetupAddressOptions, SetupPasskeyOptions, UpgradeAccountOptions, User, VerifyAccountOptions, createDouveryAuth } from '@douvery/auth';
5
5
 
@@ -8,42 +8,57 @@ interface DouveryAuthContextValue {
8
8
  isInitialized: Signal<boolean>;
9
9
  isLoading: Signal<boolean>;
10
10
  error: Signal<Error | null>;
11
- client: DouveryAuthClient;
11
+ clientRef: Signal<NoSerialize<DouveryAuthClient> | undefined>;
12
+ /** Application-specific user data from SSR (e.g. routeLoader$). */
13
+ appUser: Signal<unknown>;
14
+ appUserAuthenticated: Signal<boolean>;
12
15
  }
13
16
  declare const DouveryAuthContext: _builder_io_qwik.ContextId<DouveryAuthContextValue>;
14
17
  interface DouveryAuthProviderProps {
15
- config: DouveryAuthConfig;
18
+ /**
19
+ * QRL that returns the auth configuration.
20
+ * Use $(() => getDouveryAuthConfig()) to wrap your config factory.
21
+ * This avoids Qwik serialization issues with customStorage functions.
22
+ */
23
+ config$: QRL<() => DouveryAuthConfig>;
24
+ /**
25
+ * Optional application-specific user data loaded from SSR (routeLoader$).
26
+ * This is separate from OAuth user – it holds the full app user object
27
+ * (e.g. UserACC with address, active, sessionId, etc.).
28
+ * Pass the routeLoader$ signal directly.
29
+ */
30
+ appUser?: Signal<unknown>;
16
31
  }
17
32
  declare const DouveryAuthProvider: _builder_io_qwik.Component<DouveryAuthProviderProps>;
18
33
  declare function useDouveryAuth(): DouveryAuthContextValue;
19
34
  declare function useUser(): Signal<User | null>;
20
35
  declare function useIsAuthenticated(): Signal<boolean>;
21
36
  declare function useAuthActions(): {
22
- login: (options?: LoginOptions) => Promise<void>;
23
- logout: (options?: LogoutOptions) => Promise<void>;
24
- selectAccount: (options?: SelectAccountOptions) => void;
25
- addAccount: (options?: AddAccountOptions) => void;
26
- register: (options?: RegisterOptions) => void;
27
- recoverAccount: (options?: RecoverAccountOptions) => void;
28
- verifyAccount: (options?: VerifyAccountOptions) => void;
29
- upgradeAccount: (options?: UpgradeAccountOptions) => void;
30
- setupPasskey: (options?: SetupPasskeyOptions) => void;
31
- setupAddress: (options?: SetupAddressOptions) => void;
32
- revokeToken: (options?: RevokeTokenOptions) => Promise<void>;
37
+ login: QRL<(options?: LoginOptions) => Promise<void>>;
38
+ logout: QRL<(options?: LogoutOptions) => Promise<void>>;
39
+ selectAccount: QRL<(options?: SelectAccountOptions) => void>;
40
+ addAccount: QRL<(options?: AddAccountOptions) => void>;
41
+ register: QRL<(options?: RegisterOptions) => void>;
42
+ recoverAccount: QRL<(options?: RecoverAccountOptions) => void>;
43
+ verifyAccount: QRL<(options?: VerifyAccountOptions) => void>;
44
+ upgradeAccount: QRL<(options?: UpgradeAccountOptions) => void>;
45
+ setupPasskey: QRL<(options?: SetupPasskeyOptions) => void>;
46
+ setupAddress: QRL<(options?: SetupAddressOptions) => void>;
47
+ revokeToken: QRL<(options?: RevokeTokenOptions) => Promise<void>>;
33
48
  isLoading: Signal<boolean>;
34
49
  };
35
50
  /** Get URL builders for auth pages (non-redirecting, useful for <a> tags) */
36
51
  declare function useAuthUrls(): {
37
- loginUrl: (options?: LoginOptions) => AuthUrl;
38
- logoutUrl: (options?: LogoutOptions) => AuthUrl;
39
- selectAccountUrl: (options?: SelectAccountOptions) => AuthUrl;
40
- addAccountUrl: (options?: AddAccountOptions) => AuthUrl;
41
- registerUrl: (options?: RegisterOptions) => AuthUrl;
42
- recoverAccountUrl: (options?: RecoverAccountOptions) => AuthUrl;
43
- verifyAccountUrl: (options?: VerifyAccountOptions) => AuthUrl;
44
- upgradeAccountUrl: (options?: UpgradeAccountOptions) => AuthUrl;
45
- setupPasskeyUrl: (options?: SetupPasskeyOptions) => AuthUrl;
46
- setupAddressUrl: (options?: SetupAddressOptions) => AuthUrl;
52
+ loginUrl: QRL<(options?: LoginOptions) => AuthUrl>;
53
+ logoutUrl: QRL<(options?: LogoutOptions) => AuthUrl>;
54
+ selectAccountUrl: QRL<(options?: SelectAccountOptions) => AuthUrl>;
55
+ addAccountUrl: QRL<(options?: AddAccountOptions) => AuthUrl>;
56
+ registerUrl: QRL<(options?: RegisterOptions) => AuthUrl>;
57
+ recoverAccountUrl: QRL<(options?: RecoverAccountOptions) => AuthUrl>;
58
+ verifyAccountUrl: QRL<(options?: VerifyAccountOptions) => AuthUrl>;
59
+ upgradeAccountUrl: QRL<(options?: UpgradeAccountOptions) => AuthUrl>;
60
+ setupPasskeyUrl: QRL<(options?: SetupPasskeyOptions) => AuthUrl>;
61
+ setupAddressUrl: QRL<(options?: SetupAddressOptions) => AuthUrl>;
47
62
  };
48
63
  /** Get session status helpers */
49
64
  declare function useSessionStatus(): {
@@ -51,5 +66,24 @@ declare function useSessionStatus(): {
51
66
  needsVerification: Signal<boolean>;
52
67
  isGuest: Signal<boolean>;
53
68
  };
69
+ /**
70
+ * Returns the application-specific user data provided via `appUser` prop.
71
+ * Cast to your app's user type: `const user = useAppUser<UserACC>()`.
72
+ * Returns `{ user: Signal<T | null>, isAuthenticated: Signal<boolean> }`.
73
+ */
74
+ declare function useAppUser<T = unknown>(): {
75
+ user: Signal<T | null>;
76
+ isAuthenticated: Signal<boolean>;
77
+ };
78
+ /**
79
+ * Full app user context with refresh capabilities.
80
+ * Use when you need to re-fetch user data from the server.
81
+ */
82
+ declare function useAppUserActions<T = unknown>(): {
83
+ user: Signal<T | null>;
84
+ isAuthenticated: Signal<boolean>;
85
+ updateUser: QRL<(userData: T | null) => void>;
86
+ refreshUser: QRL<() => Promise<void>>;
87
+ };
54
88
 
55
- export { DouveryAuthContext, DouveryAuthProvider, type DouveryAuthProviderProps, useAuthActions, useAuthUrls, useDouveryAuth, useIsAuthenticated, useSessionStatus, useUser };
89
+ export { DouveryAuthContext, DouveryAuthProvider, type DouveryAuthProviderProps, useAppUser, useAppUserActions, useAuthActions, useAuthUrls, useDouveryAuth, useIsAuthenticated, useSessionStatus, useUser };