@elliotding/ai-agent-mcp 0.1.0

package/dist/api/client.js

@@ -0,0 +1,326 @@
+"use strict";
+/**
+ * REST API Client
+ * HTTP client for CSP Resource Server
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.apiClient = void 0;
+const axios_1 = __importStar(require("axios"));
+const config_1 = require("../config");
+const logger_1 = require("../utils/logger");
+const errors_1 = require("../types/errors");
+class APIClient {
+    client;
+    maxRetries = 3;
+    retryDelay = 1000; // 1 second
+    constructor() {
+        this.client = axios_1.default.create({
+            baseURL: config_1.config.csp.apiBaseUrl,
+            timeout: config_1.config.csp.timeout,
+            headers: {
+                'Content-Type': 'application/json',
+                'User-Agent': `csp-ai-agent-mcp/0.2.0`,
+            },
+        });
+        // Request interceptor for authentication and logging
+        this.client.interceptors.request.use((requestConfig) => {
+            if (config_1.config.csp.apiToken) {
+                requestConfig.headers.Authorization = `Bearer ${config_1.config.csp.apiToken}`;
+            }
+            // Enhanced request logging
+            logger_1.logger.debug({
+                type: 'api_request_start',
+                method: requestConfig.method?.toUpperCase(),
+                url: requestConfig.url,
+                params: requestConfig.params,
+                data: requestConfig.data ? JSON.stringify(requestConfig.data).substring(0, 500) : undefined,
+                headers: this.sanitizeHeaders(requestConfig.headers),
+            }, `API Request: ${requestConfig.method?.toUpperCase()} ${requestConfig.url}`);
+            // Record start time for duration calculation
+            requestConfig.startTime = Date.now();
+            return requestConfig;
+        }, (error) => {
+            logger_1.logger.error({
+                type: 'api_request_interceptor_error',
+                error: error.message
+            }, 'API request interceptor error');
+            return Promise.reject(error);
+        });
+        // Response interceptor for detailed logging
+        this.client.interceptors.response.use((response) => {
+            const startTime = response.config.startTime || Date.now();
+            const duration = Date.now() - startTime;
+            const method = response.config.method?.toUpperCase() || 'UNKNOWN';
+            const url = response.config.url || 'unknown';
+            // Enhanced response logging
+            (0, logger_1.logApiRequest)(method, url, response.status, duration, response.config.data, response.data, response.headers);
+            return response;
+        }, (error) => {
+            const startTime = error.config?.startTime || Date.now();
+            const duration = Date.now() - startTime;
+            const statusCode = error.response?.status;
+            const method = error.config?.method?.toUpperCase() || 'UNKNOWN';
+            const url = error.config?.url || 'unknown';
+            // Enhanced error logging
+            (0, logger_1.logApiError)(method, url, error, error.config?.data, statusCode);
+            // Log response details if available
+            if (error.response) {
+                logger_1.logger.error({
+                    type: 'api_response_error',
+                    method,
+                    url,
+                    status: statusCode,
+                    statusText: error.response.statusText,
+                    responseData: error.response.data ? JSON.stringify(error.response.data).substring(0, 1000) : undefined,
+                    duration,
+                }, `API Error Response: ${method} ${url} - ${statusCode}`);
+            }
+            return Promise.reject(error);
+        });
+    }
+    /**
+     * Sanitize headers to hide sensitive information
+     */
+    sanitizeHeaders(headers) {
+        const sanitized = { ...headers };
+        if (sanitized['Authorization'] || sanitized['authorization']) {
+            const key = sanitized['Authorization'] ? 'Authorization' : 'authorization';
+            const value = sanitized[key];
+            if (value && value.startsWith('Bearer ')) {
+                const token = value.substring(7);
+                sanitized[key] = `Bearer ${token.substring(0, 10)}...${token.substring(token.length - 10)}`;
+            }
+        }
+        return sanitized;
+    }
+    /**
+     * Execute request with retry logic
+     */
+    async executeWithRetry(requestFn, method, url, retryCount = 0) {
+        try {
+            return await requestFn();
+        }
+        catch (error) {
+            const isNetworkError = error instanceof axios_1.AxiosError &&
+                (!error.response || error.code === 'ECONNREFUSED' || error.code === 'ETIMEDOUT');
+            if (isNetworkError && retryCount < this.maxRetries) {
+                const delay = this.retryDelay * Math.pow(2, retryCount);
+                logger_1.logger.warn({
+                    method,
+                    url,
+                    retryCount: retryCount + 1,
+                    maxRetries: this.maxRetries,
+                    delay,
+                }, `API request failed, retrying in ${delay}ms...`);
+                await new Promise((resolve) => setTimeout(resolve, delay));
+                return this.executeWithRetry(requestFn, method, url, retryCount + 1);
+            }
+            // Transform axios error to APIError
+            if (error instanceof axios_1.AxiosError) {
+                throw (0, errors_1.createAPIError)(method, url, error, error.response?.status, retryCount);
+            }
+            throw error;
+        }
+    }
+    /**
+     * GET request
+     */
+    async get(url, config) {
+        return this.executeWithRetry(async () => {
+            const response = await this.client.get(url, config);
+            return response.data;
+        }, 'GET', url);
+    }
+    /**
+     * POST request
+     */
+    async post(url, data, config) {
+        return this.executeWithRetry(async () => {
+            const response = await this.client.post(url, data, config);
+            return response.data;
+        }, 'POST', url);
+    }
+    /**
+     * PUT request
+     */
+    async put(url, data, config) {
+        return this.executeWithRetry(async () => {
+            const response = await this.client.put(url, data, config);
+            return response.data;
+        }, 'PUT', url);
+    }
+    /**
+     * DELETE request
+     */
+    async delete(url, config) {
+        return this.executeWithRetry(async () => {
+            const response = await this.client.delete(url, config);
+            return response.data;
+        }, 'DELETE', url);
+    }
+    //===========================================
+    // CSP Resource Server API Endpoints
+    //===========================================
+    /**
+     * Get subscription list
+     */
+    async getSubscriptions(params) {
+        const response = await this.get('/csp/api/resources/subscriptions', { params });
+        // Extract data from CSP API response format
+        if (!response.data) {
+            throw new Error('Invalid API response: missing data field');
+        }
+        return response.data;
+    }
+    /**
+     * Subscribe to resource
+     */
+    async subscribe(resourceIds, autoSync = true, scope // Added: subscription scope
+    ) {
+        const response = await this.post('/csp/api/resources/subscriptions/add', {
+            resource_ids: resourceIds,
+            auto_sync: autoSync,
+            scope,
+        });
+        if (!response.data) {
+            throw new Error('Invalid API response: missing data field');
+        }
+        return {
+            success: true,
+            subscriptions: response.data.subscriptions
+        };
+    }
+    /**
+     * Unsubscribe from resource
+     */
+    async unsubscribe(resourceIds) {
+        // Support batch unsubscribe
+        const ids = Array.isArray(resourceIds) ? resourceIds : [resourceIds];
+        const response = await this.delete('/csp/api/resources/subscriptions/remove', {
+            data: { resource_ids: ids }
+        });
+        // Just validate response, no need to return anything
+        if (!response.data) {
+            throw new Error('Invalid API response: missing data field');
+        }
+    }
+    /**
+     * Search resources
+     */
+    async searchResources(params) {
+        const response = await this.get('/csp/api/resources/search', { params });
+        // Extract data from CSP API response format
+        if (!response.data) {
+            throw new Error('Invalid API response: missing data field');
+        }
+        return {
+            total: response.data.total,
+            page: response.data.page,
+            page_size: response.data.page_size,
+            results: response.data.results.map(r => ({
+                ...r,
+                score: r.score || 0,
+                is_subscribed: r.is_subscribed || false
+            }))
+        };
+    }
+    /**
+     * Download resource — returns all files for the resource.
+     *
+     * GET /csp/api/resources/download/{id}
+     * Response: { data: { resource_id, name, type, version, hash, files: [{path, content}] } }
+     *
+     * files[].path is the relative path within the resource directory.
+     * Single-file resources (command, rule) have exactly one element.
+     * Multi-file resources (skill, mcp) have all their files included.
+     */
+    async downloadResource(resourceId) {
+        const response = await this.get(`/csp/api/resources/download/${resourceId}`);
+        return response.data;
+    }
+    /**
+     * Get resource detail
+     */
+    async getResourceDetail(resourceId) {
+        return this.get(`/csp/api/resources/${resourceId}`);
+    }
+    /**
+     * Stage resource files for upload (Step 1 of two-step upload flow).
+     *
+     * POST /csp/api/resources/upload
+     * Body: { type, name, files: [{ path, content }] }
+     * Response: { upload_id, status, expires_at, preview_url }
+     *
+     * The server validates path traversal, total size (< 10 MB), and name conflicts.
+     * All file types are supported — mcp packages may include .py, .js, package.json, etc.
+     */
+    async uploadResourceFiles(params) {
+        const resp = await this.post('/csp/api/resources/upload', params);
+        return resp.data;
+    }
+    /**
+     * Finalize staged upload — triggers Git commit (Step 2 of two-step upload flow).
+     *
+     * POST /csp/api/resources/finalize
+     * Body: { upload_id, commit_message }
+     * Response: { resource_id, version, url, commit_hash, download_url }
+     */
+    async finalizeResourceUpload(uploadId, commitMessage) {
+        const resp = await this.post('/csp/api/resources/finalize', {
+            upload_id: uploadId,
+            commit_message: commitMessage,
+        });
+        return resp.data;
+    }
+    /**
+     * @deprecated Use uploadResourceFiles() + finalizeResourceUpload() instead.
+     */
+    async uploadResource(params) {
+        return this.post('/csp/api/resources/upload', params);
+    }
+    /**
+     * @deprecated Use finalizeResourceUpload() instead.
+     */
+    async finalizeUpload(uploadId, hash) {
+        return this.post('/csp/api/resources/finalize', {
+            upload_id: uploadId,
+            hash,
+        });
+    }
+}
+// Export singleton instance
+exports.apiClient = new APIClient();
+//# sourceMappingURL=client.js.map

package/dist/api/client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/api/client.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,+CAA6E;AAC7E,sCAAmC;AACnC,4CAAqE;AACrE,4CAAiD;AAEjD,MAAM,SAAS;IACL,MAAM,CAAgB;IACb,UAAU,GAAG,CAAC,CAAC;IACf,UAAU,GAAG,IAAI,CAAC,CAAC,WAAW;IAE/C;QACE,IAAI,CAAC,MAAM,GAAG,eAAK,CAAC,MAAM,CAAC;YACzB,OAAO,EAAE,eAAM,CAAC,GAAG,CAAC,UAAU;YAC9B,OAAO,EAAE,eAAM,CAAC,GAAG,CAAC,OAAO;YAC3B,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,YAAY,EAAE,wBAAwB;aACvC;SACF,CAAC,CAAC;QAEH,qDAAqD;QACrD,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAClC,CAAC,aAAa,EAAE,EAAE;YAChB,IAAI,eAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;gBACxB,aAAa,CAAC,OAAO,CAAC,aAAa,GAAG,UAAU,eAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YACxE,CAAC;YAED,2BAA2B;YAC3B,eAAM,CAAC,KAAK,CACV;gBACE,IAAI,EAAE,mBAAmB;gBACzB,MAAM,EAAE,aAAa,CAAC,MAAM,EAAE,WAAW,EAAE;gBAC3C,GAAG,EAAE,aAAa,CAAC,GAAG;gBACtB,MAAM,EAAE,aAAa,CAAC,MAAM;gBAC5B,IAAI,EAAE,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS;gBAC3F,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,aAAa,CAAC,OAAiC,CAAC;aAC/E,EACD,gBAAgB,aAAa,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,aAAa,CAAC,GAAG,EAAE,CAC3E,CAAC;YAEF,6CAA6C;YAC5C,aAAqB,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAE9C,OAAO,aAAa,CAAC;QACvB,CAAC,EACD,CAAC,KAAK,EAAE,EAAE;YACR,eAAM,CAAC,KAAK,CAAC;gBACX,IAAI,EAAE,+BAA+B;gBACrC,KAAK,EAAE,KAAK,CAAC,OAAO;aACrB,EAAE,+BAA+B,CAAC,CAAC;YACpC,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC,CACF,CAAC;QAEF,4CAA4C;QAC5C,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CACnC,CAAC,QAAQ,EAAE,EAAE;YACX,MAAM,SAAS,GAAI,QAAQ,CAAC,MAAc,CAAC,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YACnE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACxC,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,SAAS,CAAC;YAClE,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,IAAI,SAAS,CAAC;YAE7C,4BAA4B;YAC5B,IAAA,sBAAa,EACX,MAAM,EACN,GAAG,EACH,QAAQ,CAAC,MAAM,EACf,QAAQ,EACR,QAAQ,CAAC,MAAM,CAAC,IAAI,EACpB,QAAQ,CAAC,IAAI,EACb,QAAQ,CAAC,OAAiC,CAC3C,CAAC;YAEF,OAAO,QAAQ,CAAC;QAClB,CAAC,EACD,CAAC,KAAiB,EAAE,EAAE;YACpB,MAAM,SAAS,GAAI,KAAK,CAAC,MAAc,EAAE,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC;YACjE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YACxC,MAAM,UAAU,GAAG,KAAK,CAAC,QAAQ,EAAE,MAAM,CAAC;YAC1C,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,SAAS,CAAC;YAChE,MAAM,GAAG,GAAG,KAAK,CAAC,MAAM,EAAE,GAAG,IAAI,SAAS,CAAC;YAE3C,yBAAyB;YACzB,IAAA,oBAAW,EACT,MAAM,EACN,GAAG,EACH,KAAK,EACL,KAAK,CAAC,MAAM,EAAE,IAAI,EAClB,UAAU,CACX,CAAC;YAEF,oCAAoC;YACpC,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACnB,eAAM,CAAC,KAAK,CACV;oBACE,IAAI,EAAE,oBAAoB;oBAC1B,MAAM;oBACN,GAAG;oBACH,MAAM,EAAE,UAAU;oBAClB,UAAU,EAAE,KAAK,CAAC,QAAQ,CAAC,UAAU;oBACrC,YAAY,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;oBACtG,QAAQ;iBACT,EACD,uBAAuB,MAAM,IAAI,GAAG,MAAM,UAAU,EAAE,CACvD,CAAC;YACJ,CAAC;YAED,OAAO,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,OAA+B;QACrD,MAAM,SAAS,GAAG,EAAE,GAAG,OAAO,EAAE,CAAC;QACjC,IAAI,SAAS,CAAC,eAAe,CAAC,IAAI,SAAS,CAAC,eAAe,CAAC,EAAE,CAAC;YAC7D,MAAM,GAAG,GAAG,SAAS,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC;YAC3E,MAAM,KAAK,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC;YAC7B,IAAI,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBACzC,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBACjC,SAAS,CAAC,GAAG,CAAC,GAAG,UAAU,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,EAAE,CAAC;YAC9F,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,gBAAgB,CAC5B,SAA2B,EAC3B,MAAc,EACd,GAAW,EACX,UAAU,GAAG,CAAC;QAEd,IAAI,CAAC;YACH,OAAO,MAAM,SAAS,EAAE,CAAC;QAC3B,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,cAAc,GAClB,KAAK,YAAY,kBAAU;gBAC3B,CAAC,CAAC,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,IAAI,KAAK,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC;YAEnF,IAAI,cAAc,IAAI,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;gBACnD,MAAM,KAAK,GAAG,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;gBACxD,eAAM,CAAC,IAAI,CACT;oBACE,MAAM;oBACN,GAAG;oBACH,UAAU,EAAE,UAAU,GAAG,CAAC;oBAC1B,UAAU,EAAE,IAAI,CAAC,UAAU;oBAC3B,KAAK;iBACN,EACD,mCAAmC,KAAK,OAAO,CAChD,CAAC;gBAEF,MAAM,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;gBAC3D,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC;YACvE,CAAC;YAED,oCAAoC;YACpC,IAAI,KAAK,YAAY,kBAAU,EAAE,CAAC;gBAChC,MAAM,IAAA,uBAAc,EAClB,MAAM,EACN,GAAG,EACH,KAAK,EACL,KAAK,CAAC,QAAQ,EAAE,MAAM,EACtB,UAAU,CACX,CAAC;YACJ,CAAC;YAED,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,MAA2B;QACnD,OAAO,IAAI,CAAC,gBAAgB,CAC1B,KAAK,IAAI,EAAE;YACT,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAI,GAAG,EAAE,MAAM,CAAC,CAAC;YACvD,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC,EACD,KAAK,EACL,GAAG,CACJ,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAI,GAAW,EAAE,IAAc,EAAE,MAA2B;QACpE,OAAO,IAAI,CAAC,gBAAgB,CAC1B,KAAK,IAAI,EAAE;YACT,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,IAAI,CAAI,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YAC9D,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC,EACD,MAAM,EACN,GAAG,CACJ,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,GAAG,CAAI,GAAW,EAAE,IAAc,EAAE,MAA2B;QACnE,OAAO,IAAI,CAAC,gBAAgB,CAC1B,KAAK,IAAI,EAAE;YACT,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAAI,GAAG,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YAC7D,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC,EACD,KAAK,EACL,GAAG,CACJ,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CAAI,GAAW,EAAE,MAA2B;QACtD,OAAO,IAAI,CAAC,gBAAgB,CAC1B,KAAK,IAAI,EAAE;YACT,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAI,GAAG,EAAE,MAAM,CAAC,CAAC;YAC1D,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC,EACD,QAAQ,EACR,GAAG,CACJ,CAAC;IACJ,CAAC;IAED,6CAA6C;IAC7C,oCAAoC;IACpC,6CAA6C;IAE7C;;OAEG;IACH,KAAK,CAAC,gBAAgB,CAAC,MAItB;QAgBC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAmB5B,kCAAkC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAEnD,4CAA4C;QAC5C,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CACb,WAAqB,EACrB,QAAQ,GAAG,IAAI,EACf,KAAmC,CAAE,4BAA4B;;QAUjE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,IAAI,CAY7B,sCAAsC,EAAE;YACzC,YAAY,EAAE,WAAW;YACzB,SAAS,EAAE,QAAQ;YACnB,KAAK;SACN,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO;YACL,OAAO,EAAE,IAAI;YACb,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC,aAAa;SAC3C,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,WAA8B;QAC9C,4BAA4B;QAC5B,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;QACrE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,MAAM,CAI/B,yCAAyC,EAAE;YAC5C,IAAI,EAAE,EAAE,YAAY,EAAE,GAAG,EAAE;SAC5B,CAAC,CAAC;QAEH,qDAAqD;QACrD,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,MAOrB;QAuBC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CA2B5B,2BAA2B,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC;QAE5C,4CAA4C;QAC5C,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;QAC9D,CAAC;QAED,OAAO;YACL,KAAK,EAAE,QAAQ,CAAC,IAAI,CAAC,KAAK;YAC1B,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI;YACxB,SAAS,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS;YAClC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACvC,GAAG,CAAC;gBACJ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC;gBACnB,aAAa,EAAE,CAAC,CAAC,aAAa,IAAI,KAAK;aACxC,CAAC,CAAC;SACJ,CAAC;IACJ,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,gBAAgB,CAAC,UAAkB;QAQvC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,GAAG,CAW5B,+BAA+B,UAAU,EAAE,CAAC,CAAC;QAChD,OAAO,QAAQ,CAAC,IAAI,CAAC;IACvB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,iBAAiB,CAAC,UAAkB;QAmBxC,OAAO,IAAI,CAAC,GAAG,CAAC,sBAAsB,UAAU,EAAE,CAAC,CAAC;IACtD,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,mBAAmB,CAAC,MAMzB;QAMC,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAC1B,2BAA2B,EAAE,MAAM,CACpC,CAAC;QACF,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,sBAAsB,CAAC,QAAgB,EAAE,aAAqB;QAOlE,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,IAAI,CAC1B,6BAA6B,EAAE;YAC7B,SAAS,EAAE,QAAQ;YACnB,cAAc,EAAE,aAAa;SAC9B,CACF,CAAC;QACF,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,MAMpB;QAKC,OAAO,IAAI,CAAC,IAAI,CAAC,2BAA2B,EAAE,MAAM,CAAC,CAAC;IACxD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,QAAgB,EAAE,IAAY;QAIjD,OAAO,IAAI,CAAC,IAAI,CAAC,6BAA6B,EAAE;YAC9C,SAAS,EAAE,QAAQ;YACnB,IAAI;SACL,CAAC,CAAC;IACL,CAAC;CACF;AAED,4BAA4B;AACf,QAAA,SAAS,GAAG,IAAI,SAAS,EAAE,CAAC"}

package/dist/auth/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Authentication Module
+ * Exports all authentication and authorization utilities
+ */
+export * from './token-validator';
+export * from './permissions';
+export * from './middleware';
+//# sourceMappingURL=index.d.ts.map

package/dist/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,cAAc,mBAAmB,CAAC;AAGlC,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC"}

package/dist/auth/index.js

@@ -0,0 +1,26 @@
+"use strict";
+/**
+ * Authentication Module
+ * Exports all authentication and authorization utilities
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+// Token validation via CSP API (primary method)
+__exportStar(require("./token-validator"), exports);
+// Permissions and middleware
+__exportStar(require("./permissions"), exports);
+__exportStar(require("./middleware"), exports);
+//# sourceMappingURL=index.js.map

package/dist/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/auth/index.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;AAEH,gDAAgD;AAChD,oDAAkC;AAElC,6BAA6B;AAC7B,gDAA8B;AAC9B,+CAA6B"}

package/dist/auth/middleware.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Authentication and Permission Middlewares
+ * Token authentication and permission checking for HTTP endpoints
+ */
+import { FastifyRequest, FastifyReply } from 'fastify';
+import { TokenPayload } from './token-validator';
+/**
+ * Extended request with user info
+ */
+export interface AuthenticatedRequest extends FastifyRequest {
+    user?: TokenPayload;
+}
+/**
+ * Token Authentication Middleware
+ * Verifies token via external REST API
+ */
+export declare function tokenAuthMiddleware(request: AuthenticatedRequest, reply: FastifyReply): Promise<void>;
+/**
+ * Token Authentication Middleware with Legacy Bearer Token Support
+ * Supports both token validation via API and legacy bearer tokens
+ */
+export declare function tokenAuthOrLegacyMiddleware(request: AuthenticatedRequest, reply: FastifyReply): Promise<void>;
+/**
+ * Permission Check Middleware Factory
+ * Creates middleware to check permissions for a specific tool
+ */
+export declare function requirePermission(toolName: string): (request: AuthenticatedRequest, reply: FastifyReply) => Promise<void>;
+/**
+ * Permission Check for Tool Call
+ * Checks permission when tools/call is invoked
+ */
+export declare function checkToolCallPermission(toolName: string, user: TokenPayload): {
+    allowed: boolean;
+    reason?: string;
+};
+//# sourceMappingURL=middleware.d.ts.map

package/dist/auth/middleware.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/auth/middleware.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvD,OAAO,EAAe,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAI9D;;GAEG;AACH,MAAM,WAAW,oBAAqB,SAAQ,cAAc;IAC1D,IAAI,CAAC,EAAE,YAAY,CAAC;CACrB;AAED;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,OAAO,EAAE,oBAAoB,EAC7B,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,IAAI,CAAC,CAkEf;AAED;;;GAGG;AACH,wBAAsB,2BAA2B,CAC/C,OAAO,EAAE,oBAAoB,EAC7B,KAAK,EAAE,YAAY,GAClB,OAAO,CAAC,IAAI,CAAC,CA+Df;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,IAClC,SAAS,oBAAoB,EAAE,OAAO,YAAY,KAAG,OAAO,CAAC,IAAI,CAAC,CA+DjF;AAED;;;GAGG;AACH,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,YAAY,GACjB;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAEvC"}

package/dist/auth/middleware.js

@@ -0,0 +1,194 @@
+"use strict";
+/**
+ * Authentication and Permission Middlewares
+ * Token authentication and permission checking for HTTP endpoints
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.tokenAuthMiddleware = tokenAuthMiddleware;
+exports.tokenAuthOrLegacyMiddleware = tokenAuthOrLegacyMiddleware;
+exports.requirePermission = requirePermission;
+exports.checkToolCallPermission = checkToolCallPermission;
+const token_validator_1 = require("./token-validator");
+const permissions_1 = require("./permissions");
+const logger_1 = require("../utils/logger");
+/**
+ * Token Authentication Middleware
+ * Verifies token via external REST API
+ */
+async function tokenAuthMiddleware(request, reply) {
+    try {
+        // Extract token from Authorization header
+        const authHeader = request.headers.authorization;
+        if (!authHeader || !authHeader.startsWith('Bearer ')) {
+            logger_1.logger.warn({
+                type: 'auth',
+                operation: 'middleware',
+                ip: request.ip,
+                url: request.url
+            }, 'Missing or invalid Authorization header');
+            reply.code(401).send({
+                error: 'Unauthorized',
+                message: 'Missing or invalid Authorization header. Expected: Bearer <token>',
+            });
+            return;
+        }
+        const token = authHeader.substring(7); // Remove 'Bearer ' prefix
+        // Verify token via external API
+        const payload = await (0, token_validator_1.verifyToken)(token);
+        if (!payload) {
+            logger_1.logger.warn({
+                type: 'auth',
+                operation: 'middleware',
+                ip: request.ip,
+                url: request.url
+            }, 'Token validation failed');
+            reply.code(401).send({
+                error: 'Unauthorized',
+                message: 'Invalid or expired token',
+            });
+            return;
+        }
+        // Attach user info to request
+        request.user = payload;
+        logger_1.logger.debug({
+            type: 'auth',
+            operation: 'middleware',
+            userId: payload.userId,
+            email: payload.email,
+            groups: payload.groups
+        }, `Token authentication successful for user ${payload.userId}`);
+    }
+    catch (error) {
+        logger_1.logger.error({
+            type: 'auth',
+            operation: 'middleware',
+            error: error instanceof Error ? error.message : 'Unknown error'
+        }, 'Token authentication error');
+        reply.code(500).send({
+            error: 'Internal Server Error',
+            message: 'Authentication failed',
+        });
+    }
+}
+/**
+ * Token Authentication Middleware with Legacy Bearer Token Support
+ * Supports both token validation via API and legacy bearer tokens
+ */
+async function tokenAuthOrLegacyMiddleware(request, reply) {
+    try {
+        const authHeader = request.headers.authorization;
+        if (!authHeader || !authHeader.startsWith('Bearer ')) {
+            logger_1.logger.warn({
+                type: 'auth',
+                operation: 'middleware_legacy',
+                ip: request.ip,
+                url: request.url
+            }, 'Missing or invalid Authorization header');
+            reply.code(401).send({
+                error: 'Unauthorized',
+                message: 'Missing or invalid Authorization header',
+            });
+            return;
+        }
+        const token = authHeader.substring(7);
+        // Try to validate via API first
+        const payload = await (0, token_validator_1.verifyToken)(token);
+        if (payload) {
+            // API validation successful
+            request.user = payload;
+            logger_1.logger.debug({
+                type: 'auth',
+                operation: 'middleware_legacy',
+                userId: payload.userId,
+                email: payload.email,
+                groups: payload.groups
+            }, `Token validated via API for user ${payload.userId}`);
+            return;
+        }
+        // Fallback to legacy bearer token (for backward compatibility)
+        logger_1.logger.debug({
+            type: 'auth',
+            operation: 'middleware_legacy',
+            ip: request.ip
+        }, 'API validation failed, using legacy bearer token mode');
+        // In legacy mode, we don't have user info, so continue without setting request.user
+        // The endpoint will handle the legacy token separately
+    }
+    catch (error) {
+        logger_1.logger.error({
+            type: 'auth',
+            operation: 'middleware_legacy',
+            error: error instanceof Error ? error.message : 'Unknown error'
+        }, 'Token authentication error');
+        reply.code(500).send({
+            error: 'Internal Server Error',
+            message: 'Authentication failed',
+        });
+    }
+}
+/**
+ * Permission Check Middleware Factory
+ * Creates middleware to check permissions for a specific tool
+ */
+function requirePermission(toolName) {
+    return async (request, reply) => {
+        try {
+            if (!request.user) {
+                logger_1.logger.error({
+                    type: 'auth',
+                    operation: 'permission_check',
+                    url: request.url
+                }, 'Permission check called without authentication');
+                reply.code(401).send({
+                    error: 'Unauthorized',
+                    message: 'Authentication required',
+                });
+                return;
+            }
+            // Check permission
+            const permissionCheck = (0, permissions_1.checkPermission)(toolName, request.user.groups);
+            if (!permissionCheck.allowed) {
+                logger_1.logger.warn({
+                    type: 'auth',
+                    operation: 'permission_check',
+                    userId: request.user.userId,
+                    email: request.user.email,
+                    groups: request.user.groups,
+                    toolName,
+                    reason: permissionCheck.reason,
+                }, `Permission denied for user ${request.user.userId} to access tool ${toolName}`);
+                reply.code(403).send({
+                    error: 'Forbidden',
+                    message: permissionCheck.reason || 'Insufficient permissions',
+                });
+                return;
+            }
+            logger_1.logger.debug({
+                type: 'auth',
+                operation: 'permission_check',
+                userId: request.user.userId,
+                toolName
+            }, `Permission granted for user ${request.user.userId} to access tool ${toolName}`);
+        }
+        catch (error) {
+            logger_1.logger.error({
+                type: 'auth',
+                operation: 'permission_check',
+                toolName,
+                error: error instanceof Error ? error.message : 'Unknown error'
+            }, 'Permission check error');
+            reply.code(500).send({
+                error: 'Internal Server Error',
+                message: 'Permission check failed',
+            });
+        }
+    };
+}
+/**
+ * Permission Check for Tool Call
+ * Checks permission when tools/call is invoked
+ */
+function checkToolCallPermission(toolName, user) {
+    return (0, permissions_1.checkPermission)(toolName, user.groups);
+}
+//# sourceMappingURL=middleware.js.map

package/dist/auth/middleware.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"middleware.js","sourceRoot":"","sources":["../../src/auth/middleware.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAkBH,kDAqEC;AAMD,kEAkEC;AAMD,8CAgEC;AAMD,0DAKC;AA7OD,uDAA8D;AAC9D,+CAAgD;AAChD,4CAAyC;AASzC;;;GAGG;AACI,KAAK,UAAU,mBAAmB,CACvC,OAA6B,EAC7B,KAAmB;IAEnB,IAAI,CAAC;QACH,0CAA0C;QAC1C,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACjD,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACrD,eAAM,CAAC,IAAI,CACT;gBACE,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,YAAY;gBACvB,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,GAAG,EAAE,OAAO,CAAC,GAAG;aACjB,EACD,yCAAyC,CAC1C,CAAC;YACF,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,cAAc;gBACrB,OAAO,EAAE,mEAAmE;aAC7E,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;QAEjE,gCAAgC;QAChC,MAAM,OAAO,GAAG,MAAM,IAAA,6BAAW,EAAC,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,eAAM,CAAC,IAAI,CACT;gBACE,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,YAAY;gBACvB,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,GAAG,EAAE,OAAO,CAAC,GAAG;aACjB,EACD,yBAAyB,CAC1B,CAAC;YACF,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,cAAc;gBACrB,OAAO,EAAE,0BAA0B;aACpC,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,8BAA8B;QAC9B,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC;QAEvB,eAAM,CAAC,KAAK,CACV;YACE,IAAI,EAAE,MAAM;YACZ,SAAS,EAAE,YAAY;YACvB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM,EAAE,OAAO,CAAC,MAAM;SACvB,EACD,4CAA4C,OAAO,CAAC,MAAM,EAAE,CAC7D,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,eAAM,CAAC,KAAK,CAAC;YACX,IAAI,EAAE,MAAM;YACZ,SAAS,EAAE,YAAY;YACvB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAChE,EAAE,4BAA4B,CAAC,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,uBAAuB;YAC9B,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;GAGG;AACI,KAAK,UAAU,2BAA2B,CAC/C,OAA6B,EAC7B,KAAmB;IAEnB,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC;QACjD,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACrD,eAAM,CAAC,IAAI,CACT;gBACE,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,mBAAmB;gBAC9B,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,GAAG,EAAE,OAAO,CAAC,GAAG;aACjB,EACD,yCAAyC,CAC1C,CAAC;YACF,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,cAAc;gBACrB,OAAO,EAAE,yCAAyC;aACnD,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;QAEtC,gCAAgC;QAChC,MAAM,OAAO,GAAG,MAAM,IAAA,6BAAW,EAAC,KAAK,CAAC,CAAC;QACzC,IAAI,OAAO,EAAE,CAAC;YACZ,4BAA4B;YAC5B,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC;YACvB,eAAM,CAAC,KAAK,CACV;gBACE,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,mBAAmB;gBAC9B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,MAAM,EAAE,OAAO,CAAC,MAAM;aACvB,EACD,oCAAoC,OAAO,CAAC,MAAM,EAAE,CACrD,CAAC;YACF,OAAO;QACT,CAAC;QAED,+DAA+D;QAC/D,eAAM,CAAC,KAAK,CACV;YACE,IAAI,EAAE,MAAM;YACZ,SAAS,EAAE,mBAAmB;YAC9B,EAAE,EAAE,OAAO,CAAC,EAAE;SACf,EACD,uDAAuD,CACxD,CAAC;QAEF,oFAAoF;QACpF,uDAAuD;IACzD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,eAAM,CAAC,KAAK,CAAC;YACX,IAAI,EAAE,MAAM;YACZ,SAAS,EAAE,mBAAmB;YAC9B,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAChE,EAAE,4BAA4B,CAAC,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;YACnB,KAAK,EAAE,uBAAuB;YAC9B,OAAO,EAAE,uBAAuB;SACjC,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,iBAAiB,CAAC,QAAgB;IAChD,OAAO,KAAK,EAAE,OAA6B,EAAE,KAAmB,EAAiB,EAAE;QACjF,IAAI,CAAC;YACH,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAClB,eAAM,CAAC,KAAK,CACV;oBACE,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,kBAAkB;oBAC7B,GAAG,EAAE,OAAO,CAAC,GAAG;iBACjB,EACD,gDAAgD,CACjD,CAAC;gBACF,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,cAAc;oBACrB,OAAO,EAAE,yBAAyB;iBACnC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,mBAAmB;YACnB,MAAM,eAAe,GAAG,IAAA,6BAAe,EAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAEvE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC;gBAC7B,eAAM,CAAC,IAAI,CACT;oBACE,IAAI,EAAE,MAAM;oBACZ,SAAS,EAAE,kBAAkB;oBAC7B,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM;oBAC3B,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,KAAK;oBACzB,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM;oBAC3B,QAAQ;oBACR,MAAM,EAAE,eAAe,CAAC,MAAM;iBAC/B,EACD,8BAA8B,OAAO,CAAC,IAAI,CAAC,MAAM,mBAAmB,QAAQ,EAAE,CAC/E,CAAC;gBACF,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,KAAK,EAAE,WAAW;oBAClB,OAAO,EAAE,eAAe,CAAC,MAAM,IAAI,0BAA0B;iBAC9D,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,eAAM,CAAC,KAAK,CACV;gBACE,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,kBAAkB;gBAC7B,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM;gBAC3B,QAAQ;aACT,EACD,+BAA+B,OAAO,CAAC,IAAI,CAAC,MAAM,mBAAmB,QAAQ,EAAE,CAChF,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,eAAM,CAAC,KAAK,CAAC;gBACX,IAAI,EAAE,MAAM;gBACZ,SAAS,EAAE,kBAAkB;gBAC7B,QAAQ;gBACR,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;aAChE,EAAE,wBAAwB,CAAC,CAAC;YAC7B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;gBACnB,KAAK,EAAE,uBAAuB;gBAC9B,OAAO,EAAE,yBAAyB;aACnC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAgB,uBAAuB,CACrC,QAAgB,EAChB,IAAkB;IAElB,OAAO,IAAA,6BAAe,EAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;AAChD,CAAC"}