@downcity/agent 1.1.7 → 1.1.8

package/bin/http/auth/AuthMiddleware.d.ts

@@ -1,36 +0,0 @@
-/**
- * Auth 中间件。
- *
- * 关键点（中文）
- * - 当前先服务 `/api/auth/*` 的受保护子路由。
- * - 后续把更多控制面路由切到 Bearer 鉴权时，可直接复用这一层。
- */
-import type { Context, MiddlewareHandler } from "hono";
-import type { AuthPrincipal } from "../../shared/types/auth/AuthTypes.js";
-import type { AuthService } from "./AuthService.js";
-/**
- * Hono Context 中保存 principal 的 key。
- */
-export declare const AUTH_PRINCIPAL_CONTEXT_KEY = "authPrincipal";
-/**
- * Auth 中间件变量映射。
- */
-export interface AuthMiddlewareVariables {
-    /**
-     * 当前请求的认证主体。
-     */
-    authPrincipal: AuthPrincipal;
-}
-/**
- * 生成 Bearer 鉴权中间件。
- */
-export declare function createRequireAuthMiddleware(authService: AuthService): MiddlewareHandler<{
-    Variables: AuthMiddlewareVariables;
-}>;
-/**
- * 从 Context 中读取 principal。
- */
-export declare function getAuthPrincipal(context: Context<{
-    Variables: AuthMiddlewareVariables;
-}>): AuthPrincipal;
-//# sourceMappingURL=AuthMiddleware.d.ts.map

package/bin/http/auth/AuthMiddleware.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthMiddleware.d.ts","sourceRoot":"","sources":["../../../src/http/auth/AuthMiddleware.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,iBAAiB,EAAE,MAAM,MAAM,CAAC;AACvD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AAEtE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpD;;GAEG;AACH,eAAO,MAAM,0BAA0B,kBAAkB,CAAC;AAE1D;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC;;OAEG;IACH,aAAa,EAAE,aAAa,CAAC;CAC9B;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CACzC,WAAW,EAAE,WAAW,GACvB,iBAAiB,CAAC;IAAE,SAAS,EAAE,uBAAuB,CAAA;CAAE,CAAC,CAkB3D;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,OAAO,CAAC;IAAE,SAAS,EAAE,uBAAuB,CAAA;CAAE,CAAC,GACvD,aAAa,CAEf"}

package/bin/http/auth/AuthMiddleware.js

@@ -1,37 +0,0 @@
-/**
- * Auth 中间件。
- *
- * 关键点（中文）
- * - 当前先服务 `/api/auth/*` 的受保护子路由。
- * - 后续把更多控制面路由切到 Bearer 鉴权时，可直接复用这一层。
- */
-import { isAuthError } from "./AuthError.js";
-/**
- * Hono Context 中保存 principal 的 key。
- */
-export const AUTH_PRINCIPAL_CONTEXT_KEY = "authPrincipal";
-/**
- * 生成 Bearer 鉴权中间件。
- */
-export function createRequireAuthMiddleware(authService) {
-    return async (c, next) => {
-        try {
-            const principal = authService.authenticateBearerHeader(c.req.header("authorization"));
-            c.set(AUTH_PRINCIPAL_CONTEXT_KEY, principal);
-            await next();
-        }
-        catch (error) {
-            if (isAuthError(error)) {
-                return c.json({ success: false, error: error.message }, error.status);
-            }
-            return c.json({ success: false, error: String(error) }, 500);
-        }
-    };
-}
-/**
- * 从 Context 中读取 principal。
- */
-export function getAuthPrincipal(context) {
-    return context.get(AUTH_PRINCIPAL_CONTEXT_KEY);
-}
-//# sourceMappingURL=AuthMiddleware.js.map

package/bin/http/auth/AuthMiddleware.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthMiddleware.js","sourceRoot":"","sources":["../../../src/http/auth/AuthMiddleware.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAG7C;;GAEG;AACH,MAAM,CAAC,MAAM,0BAA0B,GAAG,eAAe,CAAC;AAY1D;;GAEG;AACH,MAAM,UAAU,2BAA2B,CACzC,WAAwB;IAExB,OAAO,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACvB,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,WAAW,CAAC,wBAAwB,CACtD,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAC5B,CAAC;YACF,CAAC,CAAC,GAAG,CAAC,0BAA0B,EAAE,SAAS,CAAC,CAAC;YAC7C,MAAM,IAAI,EAAE,CAAC;QACf,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,CAAC,CAAC,IAAI,CACX,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,EACxC,KAAK,CAAC,MAAa,CACpB,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,OAAwD;IAExD,OAAO,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;AACjD,CAAC"}

package/bin/http/auth/AuthRoutes.d.ts

@@ -1,17 +0,0 @@
-/**
- * Auth API 路由。
- *
- * 关键点（中文）
- * - 本模块只承接 Bearer Token 模型下的最小认证接口。
- * - 路由层不做领域判断，所有业务逻辑统一委托给 `AuthService`。
- */
-import { Hono } from "hono";
-import type { AuthService } from "./AuthService.js";
-/**
- * 注册 auth 路由。
- */
-export declare function registerAuthRoutes(params: {
-    app: Hono;
-    authService?: AuthService;
-}): void;
-//# sourceMappingURL=AuthRoutes.d.ts.map

package/bin/http/auth/AuthRoutes.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthRoutes.d.ts","sourceRoot":"","sources":["../../../src/http/auth/AuthRoutes.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAgB,MAAM,MAAM,CAAC;AAC1C,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AASpD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE;IACzC,GAAG,EAAE,IAAI,CAAC;IACV,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B,GAAG,IAAI,CAiEP"}

package/bin/http/auth/AuthRoutes.js

@@ -1,78 +0,0 @@
-/**
- * Auth API 路由。
- *
- * 关键点（中文）
- * - 本模块只承接 Bearer Token 模型下的最小认证接口。
- * - 路由层不做领域判断，所有业务逻辑统一委托给 `AuthService`。
- */
-import { Hono } from "hono";
-import { AuthService as DefaultAuthService } from "./AuthService.js";
-import { isAuthError } from "./AuthError.js";
-import { createRequireAuthMiddleware, getAuthPrincipal, } from "./AuthMiddleware.js";
-/**
- * 注册 auth 路由。
- */
-export function registerAuthRoutes(params) {
-    const authService = params.authService || new DefaultAuthService();
-    const router = new Hono();
-    const protectedRouter = new Hono();
-    const requireAuth = createRequireAuthMiddleware(authService);
-    router.get("/status", (c) => {
-        const initialized = authService.hasLocalCliAccess();
-        return c.json({
-            success: true,
-            initialized,
-            requireToken: initialized,
-        });
-    });
-    protectedRouter.get("/me", requireAuth, (c) => {
-        const principal = getAuthPrincipal(c);
-        return c.json({
-            success: true,
-            user: authService.getCurrentUser(principal),
-        });
-    });
-    protectedRouter.get("/token/list", requireAuth, (c) => {
-        const principal = getAuthPrincipal(c);
-        return c.json({
-            success: true,
-            tokens: authService.listTokens(principal),
-        });
-    });
-    protectedRouter.post("/token/create", requireAuth, async (c) => {
-        try {
-            const principal = getAuthPrincipal(c);
-            const body = (await c.req.json().catch(() => ({})));
-            return c.json({
-                success: true,
-                token: authService.createToken(principal, {
-                    name: String(body.name || ""),
-                    expiresAt: typeof body.expiresAt === "string" ? body.expiresAt : undefined,
-                }),
-            });
-        }
-        catch (error) {
-            return toErrorResponse(c, error);
-        }
-    });
-    protectedRouter.post("/token/delete", requireAuth, async (c) => {
-        try {
-            const principal = getAuthPrincipal(c);
-            const body = (await c.req.json().catch(() => ({})));
-            authService.deleteToken(principal, String(body.tokenId || ""));
-            return c.json({ success: true });
-        }
-        catch (error) {
-            return toErrorResponse(c, error);
-        }
-    });
-    router.route("/", protectedRouter);
-    params.app.route("/api/auth", router);
-}
-function toErrorResponse(c, error) {
-    if (isAuthError(error)) {
-        return c.json({ success: false, error: error.message }, error.status);
-    }
-    return c.json({ success: false, error: String(error) }, 500);
-}
-//# sourceMappingURL=AuthRoutes.js.map

package/bin/http/auth/AuthRoutes.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthRoutes.js","sourceRoot":"","sources":["../../../src/http/auth/AuthRoutes.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAgB,MAAM,MAAM,CAAC;AAE1C,OAAO,EAAE,WAAW,IAAI,kBAAkB,EAAE,MAAM,kBAAkB,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAC7C,OAAO,EACL,2BAA2B,EAC3B,gBAAgB,GAEjB,MAAM,qBAAqB,CAAC;AAE7B;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAGlC;IACC,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,IAAI,kBAAkB,EAAE,CAAC;IACnE,MAAM,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;IAC1B,MAAM,eAAe,GAAG,IAAI,IAAI,EAA0C,CAAC;IAC3E,MAAM,WAAW,GAAG,2BAA2B,CAAC,WAAW,CAAC,CAAC;IAE7D,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,EAAE,EAAE;QAC1B,MAAM,WAAW,GAAG,WAAW,CAAC,iBAAiB,EAAE,CAAC;QACpD,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,IAAI;YACb,WAAW;YACX,YAAY,EAAE,WAAW;SAC1B,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,eAAe,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE;QAC5C,MAAM,SAAS,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;QACtC,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,IAAI;YACb,IAAI,EAAE,WAAW,CAAC,cAAc,CAAC,SAAS,CAAC;SAC5C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,eAAe,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE;QACpD,MAAM,SAAS,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;QACtC,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,WAAW,CAAC,UAAU,CAAC,SAAS,CAAC;SAC1C,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,eAAe,CAAC,IAAI,CAAC,eAAe,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7D,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;YACtC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAGjD,CAAC;YACF,OAAO,CAAC,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,WAAW,CAAC,WAAW,CAAC,SAAS,EAAE;oBACxC,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;oBAC7B,SAAS,EAAE,OAAO,IAAI,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;iBAC3E,CAAC;aACH,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,eAAe,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACnC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,eAAe,CAAC,IAAI,CAAC,eAAe,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7D,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;YACtC,MAAM,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAEjD,CAAC;YACF,WAAW,CAAC,WAAW,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;YAC/D,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QACnC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,eAAe,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QACnC,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC;IACnC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;AACxC,CAAC;AAED,SAAS,eAAe,CAAC,CAAU,EAAE,KAAc;IACjD,IAAI,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,CAAC,IAAI,CACX,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,EACxC,KAAK,CAAC,MAAa,CACpB,CAAC;IACJ,CAAC;IACD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;AAC/D,CAAC"}

package/bin/http/auth/AuthService.d.ts

@@ -1,119 +0,0 @@
-/**
- * 统一账户服务层。
- *
- * 关键点（中文）
- * - 该模块承接本机 token 初始化、token 校验与 token 管理等业务语义。
- * - 路由层只调用这里，不直接碰数据库与密码哈希细节。
- */
-import type { AuthIssuedToken, AuthTokenSummary } from "../../shared/types/auth/AuthToken.js";
-import type { AuthPrincipal } from "../../shared/types/auth/AuthTypes.js";
-import { AuthStore, type AuthStoreOptions } from "./AuthStore.js";
-/**
- * AuthService 构造参数。
- */
-export interface AuthServiceOptions extends AuthStoreOptions {
-    /**
-     * 复用外部传入的 store。
-     */
-    store?: AuthStore;
-}
-/**
- * 登录/初始化后返回的用户摘要。
- */
-export interface AuthCurrentUserPayload {
-    /**
-     * 用户 ID。
-     */
-    id: string;
-    /**
-     * 用户名。
-     */
-    username: string;
-    /**
-     * 展示名。
-     */
-    displayName?: string;
-    /**
-     * 角色列表。
-     */
-    roles: string[];
-    /**
-     * 权限列表。
-     */
-    permissions: string[];
-}
-/**
- * AuthService 门面。
- */
-export declare class AuthService {
-    private readonly store;
-    private readonly ownsStore;
-    constructor(options?: AuthServiceOptions);
-    /**
-     * 关闭底层连接。
-     */
-    close(): void;
-    /**
-     * 判断当前是否已经存在可用的本机 CLI access token。
-     */
-    hasLocalCliAccess(): boolean;
-    /**
-     * 确保存在本机 CLI 主体，并为其签发新的 access token。
-     */
-    ensureLocalCliAccess(input: {
-        tokenName: string;
-        expiresAt?: string;
-    }): {
-        user: AuthCurrentUserPayload;
-        token: AuthIssuedToken;
-    };
-    /**
-     * 读取本机 CLI 主体的 token 列表。
-     */
-    listLocalCliTokens(): AuthTokenSummary[];
-    /**
-     * 为本机 CLI 主体签发新的 access token。
-     */
-    createLocalCliToken(input: {
-        name: string;
-        expiresAt?: string;
-    }): AuthIssuedToken;
-    /**
-     * 删除本机 CLI 主体下的 token。
-     */
-    deleteLocalCliToken(tokenIdInput: string): void;
-    /**
-     * 解析 Authorization 头并返回 principal。
-     */
-    authenticateBearerHeader(headerValue: string | undefined): AuthPrincipal;
-    /**
-     * 返回当前用户信息。
-     */
-    getCurrentUser(principal: AuthPrincipal): AuthCurrentUserPayload;
-    /**
-     * 为当前 Bearer 调用主体创建新的 token。
-     */
-    createToken(principal: AuthPrincipal, input: {
-        name: string;
-        expiresAt?: string;
-    }): AuthIssuedToken;
-    /**
-     * 读取当前用户 token 列表。
-     */
-    listTokens(principal: AuthPrincipal): AuthTokenSummary[];
-    /**
-     * 删除当前用户的 token。
-     */
-    deleteToken(principal: AuthPrincipal, tokenIdInput: string): void;
-    private issueTokenForUser;
-    private ensureUserActive;
-    private isTokenActive;
-    private ensureLocalCliUser;
-    private requireTokenName;
-    private requireUserId;
-    private requireUser;
-    private requireLocalCliUser;
-    private requireLocalCliTokenRecord;
-    private toUserPayload;
-}
-//# sourceMappingURL=AuthService.d.ts.map

package/bin/http/auth/AuthService.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthService.d.ts","sourceRoot":"","sources":["../../../src/http/auth/AuthService.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAC;AAC1F,OAAO,KAAK,EAAE,aAAa,EAA6B,MAAM,kCAAkC,CAAC;AAGjG,OAAO,EAAE,SAAS,EAAE,KAAK,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAOlE;;GAEG;AACH,MAAM,WAAW,kBAAmB,SAAQ,gBAAgB;IAC1D;;OAEG;IACH,KAAK,CAAC,EAAE,SAAS,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC;;OAEG;IACH,EAAE,EAAE,MAAM,CAAC;IACX;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB;;OAEG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB;;OAEG;IACH,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB;;OAEG;IACH,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAED;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAY;IAClC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAU;gBAExB,OAAO,GAAE,kBAAuB;IAU5C;;OAEG;IACH,KAAK,IAAI,IAAI;IAIb;;OAEG;IACH,iBAAiB,IAAI,OAAO;IAQ5B;;OAEG;IACH,oBAAoB,CAAC,KAAK,EAAE;QAC1B,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GAAG;QAAE,IAAI,EAAE,sBAAsB,CAAC;QAAC,KAAK,EAAE,eAAe,CAAA;KAAE;IAY5D;;OAEG;IACH,kBAAkB,IAAI,gBAAgB,EAAE;IASxC;;OAEG;IACH,mBAAmB,CAAC,KAAK,EAAE;QACzB,IAAI,EAAE,MAAM,CAAC;QACb,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GAAG,eAAe;IAqBnB;;OAEG;IACH,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,IAAI;IAkB/C;;OAEG;IACH,wBAAwB,CAAC,WAAW,EAAE,MAAM,GAAG,SAAS,GAAG,aAAa;IAyBxE;;OAEG;IACH,cAAc,CAAC,SAAS,EAAE,aAAa,GAAG,sBAAsB;IAUhE;;OAEG;IACH,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,KAAK,EAAE;QAC3C,IAAI,EAAE,MAAM,CAAC;QACb,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,GAAG,eAAe;IAoBnB;;OAEG;IACH,UAAU,CAAC,SAAS,EAAE,aAAa,GAAG,gBAAgB,EAAE;IAOxD;;OAEG;IACH,WAAW,CAAC,SAAS,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,GAAG,IAAI;IAoBjE,OAAO,CAAC,iBAAiB;IAkBzB,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,aAAa;IAMrB,OAAO,CAAC,kBAAkB;IAoB1B,OAAO,CAAC,gBAAgB;IAMxB,OAAO,CAAC,aAAa;IAMrB,OAAO,CAAC,WAAW;IAOnB,OAAO,CAAC,mBAAmB;IAO3B,OAAO,CAAC,0BAA0B;IAalC,OAAO,CAAC,aAAa;CAStB"}

package/bin/http/auth/AuthService.js

@@ -1,307 +0,0 @@
-/**
- * 统一账户服务层。
- *
- * 关键点（中文）
- * - 该模块承接本机 token 初始化、token 校验与 token 管理等业务语义。
- * - 路由层只调用这里，不直接碰数据库与密码哈希细节。
- */
-import { optionalTrimmedText } from "../../shared/utils/store/StoreShared.js";
-import { AuthError } from "./AuthError.js";
-import { AuthStore } from "./AuthStore.js";
-import { extractBearerToken, generateAccessToken, hashAccessToken } from "./TokenService.js";
-const LOCAL_CLI_USERNAME = "local-cli";
-const LOCAL_CLI_DISPLAY_NAME = "Local CLI";
-const LOCAL_CLI_PASSWORD_HASH = "[token-only-local-cli]";
-/**
- * AuthService 门面。
- */
-export class AuthService {
-    store;
-    ownsStore;
-    constructor(options = {}) {
-        if (options.store) {
-            this.store = options.store;
-            this.ownsStore = false;
-            return;
-        }
-        this.store = new AuthStore(options);
-        this.ownsStore = true;
-    }
-    /**
-     * 关闭底层连接。
-     */
-    close() {
-        if (this.ownsStore)
-            this.store.close();
-    }
-    /**
-     * 判断当前是否已经存在可用的本机 CLI access token。
-     */
-    hasLocalCliAccess() {
-        const user = this.store.findUserByUsername(LOCAL_CLI_USERNAME);
-        if (!user)
-            return false;
-        return this.store
-            .listTokensByUserId(user.id)
-            .some((item) => this.isTokenActive(item));
-    }
-    /**
-     * 确保存在本机 CLI 主体，并为其签发新的 access token。
-     */
-    ensureLocalCliAccess(input) {
-        const token = this.createLocalCliToken({
-            name: input.tokenName,
-            expiresAt: input.expiresAt,
-        });
-        const user = this.requireLocalCliUser();
-        return {
-            user: this.toUserPayload(user),
-            token,
-        };
-    }
-    /**
-     * 读取本机 CLI 主体的 token 列表。
-     */
-    listLocalCliTokens() {
-        const user = this.store.findUserByUsername(LOCAL_CLI_USERNAME);
-        if (!user)
-            return [];
-        return this.store
-            .listTokensByUserId(user.id)
-            .filter((item) => !item.revokedAt)
-            .map((item) => this.store.toTokenSummary(item));
-    }
-    /**
-     * 为本机 CLI 主体签发新的 access token。
-     */
-    createLocalCliToken(input) {
-        const user = this.ensureLocalCliUser();
-        const issued = this.issueTokenForUser({
-            user,
-            tokenName: input.name,
-            expiresAt: input.expiresAt,
-        });
-        this.store.insertAuditLog({
-            actorUserId: user.id,
-            resourceType: "auth_token",
-            resourceId: issued.record.id,
-            action: "token_create",
-            result: "success",
-            metaJson: JSON.stringify({
-                name: issued.record.name,
-                source: "local-cli",
-            }),
-        });
-        return issued.token;
-    }
-    /**
-     * 删除本机 CLI 主体下的 token。
-     */
-    deleteLocalCliToken(tokenIdInput) {
-        const user = this.requireLocalCliUser();
-        const record = this.requireLocalCliTokenRecord(tokenIdInput, user.id);
-        const deleted = this.store.deleteToken(record.id);
-        if (!deleted)
-            throw new AuthError("Token not found", 404);
-        this.store.insertAuditLog({
-            actorUserId: user.id,
-            resourceType: "auth_token",
-            resourceId: record.id,
-            action: "token_delete",
-            result: "success",
-            metaJson: JSON.stringify({
-                name: record.name,
-                source: "local-cli",
-            }),
-        });
-    }
-    /**
-     * 解析 Authorization 头并返回 principal。
-     */
-    authenticateBearerHeader(headerValue) {
-        const plainToken = extractBearerToken(headerValue);
-        if (!plainToken)
-            throw new AuthError("Missing bearer token", 401);
-        const record = this.store.findTokenByHash(hashAccessToken(plainToken));
-        if (!record)
-            throw new AuthError("Invalid bearer token", 401);
-        if (record.revokedAt)
-            throw new AuthError("Token is revoked", 401);
-        if (record.expiresAt && new Date(record.expiresAt).getTime() <= Date.now()) {
-            throw new AuthError("Token is expired", 401);
-        }
-        const user = this.store.getUserById(record.userId);
-        if (!user)
-            throw new AuthError("User not found for token", 401);
-        this.ensureUserActive(user);
-        this.store.touchToken(record.id);
-        return {
-            userId: user.id,
-            username: user.username,
-            displayName: user.displayName,
-            status: user.status,
-            tokenId: record.id,
-            tokenName: record.name,
-            roles: this.store.listRoleNamesByUserId(user.id),
-            permissions: this.store.listPermissionKeysByUserId(user.id),
-        };
-    }
-    /**
-     * 返回当前用户信息。
-     */
-    getCurrentUser(principal) {
-        return {
-            id: principal.userId,
-            username: principal.username,
-            displayName: principal.displayName,
-            roles: [...principal.roles],
-            permissions: [...principal.permissions],
-        };
-    }
-    /**
-     * 为当前 Bearer 调用主体创建新的 token。
-     */
-    createToken(principal, input) {
-        const user = this.store.getUserById(principal.userId);
-        if (!user)
-            throw new AuthError("User not found", 404);
-        const issued = this.issueTokenForUser({
-            user,
-            tokenName: input.name,
-            expiresAt: input.expiresAt,
-        });
-        this.store.insertAuditLog({
-            actorUserId: principal.userId,
-            actorTokenId: principal.tokenId,
-            resourceType: "auth_token",
-            resourceId: issued.record.id,
-            action: "token_create",
-            result: "success",
-            metaJson: JSON.stringify({ name: issued.record.name }),
-        });
-        return issued.token;
-    }
-    /**
-     * 读取当前用户 token 列表。
-     */
-    listTokens(principal) {
-        return this.store
-            .listTokensByUserId(principal.userId)
-            .filter((item) => !item.revokedAt)
-            .map((item) => this.store.toTokenSummary(item));
-    }
-    /**
-     * 删除当前用户的 token。
-     */
-    deleteToken(principal, tokenIdInput) {
-        const tokenId = String(tokenIdInput || "").trim();
-        if (!tokenId)
-            throw new AuthError("tokenId is required", 400);
-        const record = this.store.getTokenById(tokenId);
-        if (!record || record.userId !== principal.userId) {
-            throw new AuthError("Token not found", 404);
-        }
-        const deleted = this.store.deleteToken(record.id);
-        if (!deleted)
-            throw new AuthError("Token not found", 404);
-        this.store.insertAuditLog({
-            actorUserId: principal.userId,
-            actorTokenId: principal.tokenId,
-            resourceType: "auth_token",
-            resourceId: tokenId,
-            action: "token_delete",
-            result: "success",
-            metaJson: JSON.stringify({ name: record.name }),
-        });
-    }
-    issueTokenForUser(params) {
-        const plainToken = generateAccessToken();
-        const record = this.store.createToken({
-            userId: params.user.id,
-            name: this.requireTokenName(params.tokenName),
-            tokenHash: hashAccessToken(plainToken),
-            expiresAt: optionalTrimmedText(params.expiresAt),
-        });
-        return {
-            record,
-            token: this.store.toIssuedToken(record, plainToken),
-        };
-    }
-    ensureUserActive(user) {
-        if (user.status !== "active") {
-            throw new AuthError("User is disabled", 403);
-        }
-    }
-    isTokenActive(record) {
-        if (record.revokedAt)
-            return false;
-        if (!record.expiresAt)
-            return true;
-        return new Date(record.expiresAt).getTime() > Date.now();
-    }
-    ensureLocalCliUser() {
-        this.store.ensureDefaultCatalog();
-        const existing = this.store.findUserByUsername(LOCAL_CLI_USERNAME);
-        if (existing) {
-            this.ensureUserActive(existing);
-            return existing;
-        }
-        const user = this.store.createUser({
-            username: LOCAL_CLI_USERNAME,
-            passwordHash: LOCAL_CLI_PASSWORD_HASH,
-            displayName: LOCAL_CLI_DISPLAY_NAME,
-            status: "active",
-        });
-        this.store.assignRoleToUser({
-            userId: user.id,
-            roleName: "admin",
-        });
-        return user;
-    }
-    requireTokenName(value) {
-        const tokenName = String(value || "").trim();
-        if (!tokenName)
-            throw new AuthError("token name is required", 400);
-        return tokenName;
-    }
-    requireUserId(value) {
-        const userId = String(value || "").trim();
-        if (!userId)
-            throw new AuthError("userId is required", 400);
-        return userId;
-    }
-    requireUser(userIdInput) {
-        const userId = this.requireUserId(userIdInput);
-        const user = this.store.getUserById(userId);
-        if (!user)
-            throw new AuthError("User not found", 404);
-        return user;
-    }
-    requireLocalCliUser() {
-        const user = this.store.findUserByUsername(LOCAL_CLI_USERNAME);
-        if (!user)
-            throw new AuthError("Local CLI access is not initialized", 404);
-        this.ensureUserActive(user);
-        return user;
-    }
-    requireLocalCliTokenRecord(tokenIdInput, expectedUserId) {
-        const tokenId = String(tokenIdInput || "").trim();
-        if (!tokenId)
-            throw new AuthError("tokenId is required", 400);
-        const record = this.store.getTokenById(tokenId);
-        if (!record || record.userId !== expectedUserId) {
-            throw new AuthError("Token not found", 404);
-        }
-        return record;
-    }
-    toUserPayload(user) {
-        return {
-            id: user.id,
-            username: user.username,
-            displayName: user.displayName,
-            roles: this.store.listRoleNamesByUserId(user.id),
-            permissions: this.store.listPermissionKeysByUserId(user.id),
-        };
-    }
-}
-//# sourceMappingURL=AuthService.js.map

package/bin/http/auth/AuthService.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"AuthService.js","sourceRoot":"","sources":["../../../src/http/auth/AuthService.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,mBAAmB,EAAE,MAAM,qCAAqC,CAAC;AAC1E,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAyB,MAAM,gBAAgB,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAE7F,MAAM,kBAAkB,GAAG,WAAW,CAAC;AACvC,MAAM,sBAAsB,GAAG,WAAW,CAAC;AAC3C,MAAM,uBAAuB,GAAG,wBAAwB,CAAC;AAsCzD;;GAEG;AACH,MAAM,OAAO,WAAW;IACL,KAAK,CAAY;IACjB,SAAS,CAAU;IAEpC,YAAY,UAA8B,EAAE;QAC1C,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YAClB,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;YAC3B,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC;YACvB,OAAO;QACT,CAAC;QACD,IAAI,CAAC,KAAK,GAAG,IAAI,SAAS,CAAC,OAAO,CAAC,CAAC;QACpC,IAAI,CAAC,SAAS,GAAG,IAAI,CAAC;IACxB,CAAC;IAED;;OAEG;IACH,KAAK;QACH,IAAI,IAAI,CAAC,SAAS;YAAE,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,iBAAiB;QACf,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAC;QAC/D,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QACxB,OAAO,IAAI,CAAC,KAAK;aACd,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;aAC3B,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,KAGpB;QACC,MAAM,KAAK,GAAG,IAAI,CAAC,mBAAmB,CAAC;YACrC,IAAI,EAAE,KAAK,CAAC,SAAS;YACrB,SAAS,EAAE,KAAK,CAAC,SAAS;SAC3B,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACxC,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC;YAC9B,KAAK;SACN,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,kBAAkB;QAChB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAC;QAC/D,IAAI,CAAC,IAAI;YAAE,OAAO,EAAE,CAAC;QACrB,OAAO,IAAI,CAAC,KAAK;aACd,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;aAC3B,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC;aACjC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,KAGnB;QACC,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACvC,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC;YACpC,IAAI;YACJ,SAAS,EAAE,KAAK,CAAC,IAAI;YACrB,SAAS,EAAE,KAAK,CAAC,SAAS;SAC3B,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC;YACxB,WAAW,EAAE,IAAI,CAAC,EAAE;YACpB,YAAY,EAAE,YAAY;YAC1B,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE;YAC5B,MAAM,EAAE,cAAc;YACtB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;gBACvB,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI;gBACxB,MAAM,EAAE,WAAW;aACpB,CAAC;SACH,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,KAAK,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,YAAoB;QACtC,MAAM,IAAI,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,IAAI,CAAC,0BAA0B,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QACtE,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAClD,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,SAAS,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC;YACxB,WAAW,EAAE,IAAI,CAAC,EAAE;YACpB,YAAY,EAAE,YAAY;YAC1B,UAAU,EAAE,MAAM,CAAC,EAAE;YACrB,MAAM,EAAE,cAAc;YACtB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC;gBACvB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,MAAM,EAAE,WAAW;aACpB,CAAC;SACH,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,wBAAwB,CAAC,WAA+B;QACtD,MAAM,UAAU,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;QACnD,IAAI,CAAC,UAAU;YAAE,MAAM,IAAI,SAAS,CAAC,sBAAsB,EAAE,GAAG,CAAC,CAAC;QAClE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC;QACvE,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,SAAS,CAAC,sBAAsB,EAAE,GAAG,CAAC,CAAC;QAC9D,IAAI,MAAM,CAAC,SAAS;YAAE,MAAM,IAAI,SAAS,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;QACnE,IAAI,MAAM,CAAC,SAAS,IAAI,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAC3E,MAAM,IAAI,SAAS,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;QAC/C,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,SAAS,CAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;QAChE,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC5B,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACjC,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,OAAO,EAAE,MAAM,CAAC,EAAE;YAClB,SAAS,EAAE,MAAM,CAAC,IAAI;YACtB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC;SAC5D,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,SAAwB;QACrC,OAAO;YACL,EAAE,EAAE,SAAS,CAAC,MAAM;YACpB,QAAQ,EAAE,SAAS,CAAC,QAAQ;YAC5B,WAAW,EAAE,SAAS,CAAC,WAAW;YAClC,KAAK,EAAE,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC;YAC3B,WAAW,EAAE,CAAC,GAAG,SAAS,CAAC,WAAW,CAAC;SACxC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,SAAwB,EAAE,KAGrC;QACC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACtD,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;QACtD,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC;YACpC,IAAI;YACJ,SAAS,EAAE,KAAK,CAAC,IAAI;YACrB,SAAS,EAAE,KAAK,CAAC,SAAS;SAC3B,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC;YACxB,WAAW,EAAE,SAAS,CAAC,MAAM;YAC7B,YAAY,EAAE,SAAS,CAAC,OAAO;YAC/B,YAAY,EAAE,YAAY;YAC1B,UAAU,EAAE,MAAM,CAAC,MAAM,CAAC,EAAE;YAC5B,MAAM,EAAE,cAAc;YACtB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;SACvD,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,KAAK,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,UAAU,CAAC,SAAwB;QACjC,OAAO,IAAI,CAAC,KAAK;aACd,kBAAkB,CAAC,SAAS,CAAC,MAAM,CAAC;aACpC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC;aACjC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC;IACpD,CAAC;IAED;;OAEG;IACH,WAAW,CAAC,SAAwB,EAAE,YAAoB;QACxD,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAClD,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,SAAS,CAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAChD,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,CAAC,MAAM,EAAE,CAAC;YAClD,MAAM,IAAI,SAAS,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;QAC9C,CAAC;QACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAClD,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,SAAS,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC;YACxB,WAAW,EAAE,SAAS,CAAC,MAAM;YAC7B,YAAY,EAAE,SAAS,CAAC,OAAO;YAC/B,YAAY,EAAE,YAAY;YAC1B,UAAU,EAAE,OAAO;YACnB,MAAM,EAAE,cAAc;YACtB,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;SAChD,CAAC,CAAC;IACL,CAAC;IAEO,iBAAiB,CAAC,MAIzB;QACC,MAAM,UAAU,GAAG,mBAAmB,EAAE,CAAC;QACzC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;YACpC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE;YACtB,IAAI,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,SAAS,CAAC;YAC7C,SAAS,EAAE,eAAe,CAAC,UAAU,CAAC;YACtC,SAAS,EAAE,mBAAmB,CAAC,MAAM,CAAC,SAAS,CAAC;SACjD,CAAC,CAAC;QACH,OAAO;YACL,MAAM;YACN,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,EAAE,UAAU,CAAC;SACpD,CAAC;IACJ,CAAC;IAEO,gBAAgB,CAAC,IAAc;QACrC,IAAI,IAAI,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,IAAI,SAAS,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC;IAEO,aAAa,CAAC,MAAwD;QAC5E,IAAI,MAAM,CAAC,SAAS;YAAE,OAAO,KAAK,CAAC;QACnC,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,OAAO,IAAI,CAAC;QACnC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC3D,CAAC;IAEO,kBAAkB;QACxB,IAAI,CAAC,KAAK,CAAC,oBAAoB,EAAE,CAAC;QAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAC;QACnE,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC;YAChC,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC;YACjC,QAAQ,EAAE,kBAAkB;YAC5B,YAAY,EAAE,uBAAuB;YACrC,WAAW,EAAE,sBAAsB;YACnC,MAAM,EAAE,QAAQ;SACjB,CAAC,CAAC;QACH,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC;YAC1B,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,OAAO;SAClB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,gBAAgB,CAAC,KAAa;QACpC,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,SAAS;YAAE,MAAM,IAAI,SAAS,CAAC,wBAAwB,EAAE,GAAG,CAAC,CAAC;QACnE,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,aAAa,CAAC,KAAa;QACjC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1C,IAAI,CAAC,MAAM;YAAE,MAAM,IAAI,SAAS,CAAC,oBAAoB,EAAE,GAAG,CAAC,CAAC;QAC5D,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,WAAW,CAAC,WAAmB;QACrC,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC;QAC/C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QAC5C,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,SAAS,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,mBAAmB;QACzB,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAC;QAC/D,IAAI,CAAC,IAAI;YAAE,MAAM,IAAI,SAAS,CAAC,qCAAqC,EAAE,GAAG,CAAC,CAAC;QAC3E,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,0BAA0B,CAChC,YAAoB,EACpB,cAAsB;QAEtB,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAClD,IAAI,CAAC,OAAO;YAAE,MAAM,IAAI,SAAS,CAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAChD,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,cAAc,EAAE,CAAC;YAChD,MAAM,IAAI,SAAS,CAAC,iBAAiB,EAAE,GAAG,CAAC,CAAC;QAC9C,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,aAAa,CAAC,IAAc;QAClC,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,WAAW,EAAE,IAAI,CAAC,KAAK,CAAC,0BAA0B,CAAC,IAAI,CAAC,EAAE,CAAC;SAC5D,CAAC;IACJ,CAAC;CACF"}