@feathersjs/authentication-oauth 5.0.0-pre.27 → 5.0.0-pre.29

package/src/index.ts

@@ -1,83 +1,46 @@
-import defaultsDeep from 'lodash/defaultsDeep'
-import each from 'lodash/each'
-import omit from 'lodash/omit'
-import { createDebug } from '@feathersjs/commons'
 import { Application } from '@feathersjs/feathers'
+import { createDebug } from '@feathersjs/commons'
+import { resolveDispatch } from '@feathersjs/schema'
+
 import { OAuthStrategy, OAuthProfile } from './strategy'
-import { default as setupExpress } from './express'
-import { OauthSetupSettings, getDefaultSettings } from './utils'
+import { redirectHook, OAuthService } from './service'
+import { getServiceOptions, OauthSetupSettings } from './utils'
 
 const debug = createDebug('@feathersjs/authentication-oauth')
 
 export { OauthSetupSettings, OAuthStrategy, OAuthProfile }
 
-export const setup = (options: OauthSetupSettings) => (app: Application) => {
-  const service = app.defaultAuthentication ? app.defaultAuthentication(options.authService) : null
-
-  if (!service) {
-    throw new Error(
-      'An authentication service must exist before registering @feathersjs/authentication-oauth'
-    )
-  }
-
-  const { oauth } = service.configuration
-
-  if (!oauth) {
-    debug('No oauth configuration found in authentication configuration. Skipping oAuth setup.')
-    return
-  }
-
-  const { strategyNames } = service
-
-  // Set up all the defaults
-  const port = app.get('port')
-  let host = app.get('host')
-  let protocol = 'https'
+export const oauth =
+  (settings: Partial<OauthSetupSettings> = {}) =>
+  (app: Application) => {
+    const authService = app.defaultAuthentication ? app.defaultAuthentication(settings.authService) : null
 
-  // Development environments commonly run on HTTP with an extended port
-  if (app.get('env') === 'development') {
-    protocol = 'http'
-    if (String(port) !== '80') {
-      host += `:${port}`
+    if (!authService) {
+      throw new Error(
+        'An authentication service must exist before registering @feathersjs/authentication-oauth'
+      )
     }
-  }
 
-  const grant = defaultsDeep({}, omit(oauth, ['redirect', 'origins']), {
-    defaults: {
-      prefix: '/oauth',
-      origin: `${protocol}://${host}`,
-      transport: 'session',
-      response: ['tokens', 'raw', 'profile']
+    if (!authService.configuration.oauth) {
+      debug('No oauth configuration found in authentication configuration. Skipping oAuth setup.')
+      return
     }
-  })
-
-  const getUrl = (url: string) => {
-    const { defaults } = grant
-    return `${defaults.origin}${defaults.prefix}/${url}`
-  }
-
-  each(grant, (value, name) => {
-    if (name !== 'defaults') {
-      value.callback = value.callback || getUrl(`${name}/authenticate`)
-      value.redirect_uri = value.redirect_uri || getUrl(`${name}/callback`)
 
-      if (!strategyNames.includes(name)) {
-        debug(`Registering oAuth default strategy for '${name}'`)
-        service.register(name, new OAuthStrategy())
-      }
+    const oauthOptions = {
+      linkStrategy: 'jwt',
+      ...settings
     }
-  })
+    const serviceOptions = getServiceOptions(authService, oauthOptions)
 
-  app.set('grant', grant)
-}
+    app.use('oauth/:provider', new OAuthService(authService, oauthOptions), serviceOptions)
 
-export const express =
-  (settings: Partial<OauthSetupSettings> = {}) =>
-  (app: Application) => {
-    const options = getDefaultSettings(app, settings)
+    const oauthService = app.service('oauth/:provider')
 
-    app.configure(setup(options))
-    app.configure(setupExpress(options))
-  }
+    oauthService.hooks({
+      around: { all: [resolveDispatch(), redirectHook()] }
+    })
 
-export const expressOauth = express
+    if (typeof oauthService.publish === 'function') {
+      app.service('oauth/:provider').publish(() => null)
+    }
+  }

package/src/service.ts

@@ -0,0 +1,177 @@
+import { createDebug } from '@feathersjs/commons'
+import { HookContext, NextFunction, Params } from '@feathersjs/feathers'
+import { FeathersError } from '@feathersjs/errors'
+// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+//@ts-ignore
+import Grant from 'grant/lib/grant'
+import { AuthenticationService } from '@feathersjs/authentication'
+import { OAuthStrategy } from './strategy'
+import { getGrantConfig, OauthSetupSettings } from './utils'
+
+const debug = createDebug('@feathersjs/authentication-oauth/services')
+
+export type GrantResponse = {
+  location: string
+  session: any
+  state: any
+}
+
+export type OAuthParams = Omit<Params, 'route'> & {
+  session: any
+  state: Record<string, any>
+  route: {
+    provider: string
+  }
+}
+
+export class OAuthError extends FeathersError {
+  constructor(message: string, data: any, public location: string) {
+    super(message, 'NotAuthenticated', 401, 'not-authenticated', data)
+  }
+}
+
+export const redirectHook = () => async (context: HookContext, next: NextFunction) => {
+  try {
+    await next()
+
+    const { location } = context.result
+
+    debug(`oAuth redirect to ${location}`)
+
+    if (location) {
+      context.http = {
+        ...context.http,
+        location
+      }
+    }
+  } catch (error: any) {
+    if (error.location) {
+      context.http = {
+        ...context.http,
+        location: error.location
+      }
+      context.result = typeof error.toJSON === 'function' ? error.toJSON() : error
+    } else {
+      throw error
+    }
+  }
+}
+
+export class OAuthService {
+  grant: any
+
+  constructor(public service: AuthenticationService, public settings: OauthSetupSettings) {
+    const config = getGrantConfig(service)
+
+    this.grant = Grant({ config })
+  }
+
+  async handler(method: string, params: OAuthParams, body?: any, override?: string): Promise<GrantResponse> {
+    const {
+      session,
+      state,
+      query,
+      route: { provider }
+    } = params
+
+    const result: GrantResponse = await this.grant({
+      params: { provider, override },
+      state: state.grant,
+      session: session.grant,
+      query,
+      method,
+      body
+    })
+
+    session.grant = result.session
+    state.grant = result.state
+
+    return result
+  }
+
+  async authenticate(params: OAuthParams, result: GrantResponse) {
+    const name = params.route.provider
+    const { linkStrategy, authService } = this.settings
+    const { accessToken, grant, query = {}, redirect } = params.session
+    const strategy = this.service.getStrategy(name) as OAuthStrategy
+    const authParams = {
+      ...params,
+      authStrategies: [name],
+      authentication: accessToken
+        ? {
+            strategy: linkStrategy,
+            accessToken
+          }
+        : null,
+      query,
+      redirect
+    }
+    const payload = grant?.response || result?.session?.response || result?.state?.response || params.query
+    const authentication = {
+      strategy: name,
+      ...payload
+    }
+
+    try {
+      debug(`Calling ${authService}.create authentication with strategy ${name}`)
+
+      const authResult = await this.service.create(authentication, authParams)
+
+      debug('Successful oAuth authentication, sending response')
+
+      const location = await strategy.getRedirect(authResult, authParams)
+
+      if (typeof params.session.destroy === 'function') {
+        await params.session.destroy()
+      }
+
+      return {
+        ...authResult,
+        location
+      }
+    } catch (error: any) {
+      const location = await strategy.getRedirect(error, authParams)
+      const e = new OAuthError(error.message, error.data, location)
+
+      if (typeof params.session.destroy === 'function') {
+        await params.session.destroy()
+      }
+
+      e.stack = error.stack
+      throw e
+    }
+  }
+
+  async find(params: OAuthParams) {
+    const { session, query } = params
+    const { feathers_token, redirect, ...restQuery } = query
+    const handlerParams = {
+      ...params,
+      query: restQuery
+    }
+
+    if (feathers_token) {
+      debug('Got feathers_token query parameter to link accounts', feathers_token)
+      session.accessToken = feathers_token
+    }
+
+    session.redirect = redirect
+    session.query = restQuery
+
+    return this.handler('GET', handlerParams, {})
+  }
+
+  async get(override: string, params: OAuthParams) {
+    const result = await this.handler('GET', params, {}, override)
+
+    if (override === 'callback') {
+      return this.authenticate(params, result)
+    }
+
+    return result
+  }
+
+  async create(data: any, params: OAuthParams) {
+    return this.handler('POST', params, data)
+  }
+}

package/src/strategy.ts

@@ -1,7 +1,3 @@
-/* eslint-disable @typescript-eslint/no-unused-vars */
-// eslint-disable-next-line @typescript-eslint/ban-ts-comment
-// @ts-ignore
-import querystring from 'querystring'
 import {
   AuthenticationRequest,
   AuthenticationBaseStrategy,
@@ -11,6 +7,7 @@ import {
 import { Params } from '@feathersjs/feathers'
 import { NotAuthenticated } from '@feathersjs/errors'
 import { createDebug, _ } from '@feathersjs/commons'
+import qs from 'qs'
 
 const debug = createDebug('@feathersjs/authentication-oauth/strategy')
 
@@ -22,7 +19,7 @@ export interface OAuthProfile {
 export class OAuthStrategy extends AuthenticationBaseStrategy {
   get configuration() {
     const { entity, service, entityId, oauth } = this.authentication.configuration
-    const config = oauth[this.name]
+    const config = oauth[this.name] as any
 
     return {
       entity,
@@ -71,14 +68,14 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {
   }
 
   async getAllowedOrigin(params?: Params) {
-    const { redirect, origins } = this.authentication.configuration.oauth
+    const { redirect, origins = this.app.get('origins') } = this.authentication.configuration.oauth
 
     if (Array.isArray(origins)) {
-      const referer = params?.headers?.referer || ''
+      const referer = params?.headers?.referer || origins[0]
       const allowedOrigin = origins.find((current) => referer.toLowerCase().startsWith(current.toLowerCase()))
 
       if (!allowedOrigin) {
-        throw new NotAuthenticated(`Referer "${referer || '[header not available]'}" not allowed.`)
+        throw new NotAuthenticated(`Referer "${referer}" is not allowed.`)
       }
 
       return allowedOrigin
@@ -102,14 +99,10 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {
     const separator = redirect.endsWith('?') ? '' : redirect.indexOf('#') !== -1 ? '?' : '#'
     const authResult: AuthenticationResult = data
     const query = authResult.accessToken
-      ? {
-          access_token: authResult.accessToken
-        }
-      : {
-          error: data.message || 'OAuth Authentication not successful'
-        }
-
-    return `${redirectUrl}${separator}${querystring.stringify(query)}`
+      ? { access_token: authResult.accessToken }
+      : { error: data.message || 'OAuth Authentication not successful' }
+
+    return `${redirectUrl}${separator}${qs.stringify(query)}`
   }
 
   async findEntity(profile: OAuthProfile, params: Params) {

package/src/utils.ts

@@ -1,17 +1,123 @@
-import { RequestHandler } from 'express'
-import { Application } from '@feathersjs/feathers'
+import type { RequestHandler } from 'express'
+import type { Middleware, Application as KoaApplication } from '@feathersjs/koa'
+
+import type { ServiceOptions } from '@feathersjs/feathers'
+
+import '@feathersjs/koa'
+import '@feathersjs/express'
+import expressCookieSession from 'cookie-session'
+import koaCookieSession from 'koa-session'
+
+import { AuthenticationService } from '@feathersjs/authentication'
+import { GrantConfig } from 'grant'
+
+import { defaultsDeep, each, omit } from 'lodash'
 
 export interface OauthSetupSettings {
+  linkStrategy: string
   authService?: string
   expressSession?: RequestHandler
-  linkStrategy: string
+  koaSession?: Middleware
+}
+
+export const getGrantConfig = (service: AuthenticationService): GrantConfig => {
+  const {
+    app,
+    configuration: { oauth }
+  } = service
+  // Set up all the defaults
+  const port = app.get('port')
+  let host = app.get('host')
+  let protocol = 'https'
+
+  // Development environments commonly run on HTTP with an extended port
+  if (process.env.NODE_ENV !== 'production') {
+    protocol = 'http'
+    if (String(port) !== '80') {
+      host += `:${port}`
+    }
+  }
+
+  const grant: GrantConfig = defaultsDeep({}, omit(oauth, ['redirect', 'origins']), {
+    defaults: {
+      prefix: '/oauth',
+      origin: `${protocol}://${host}`,
+      transport: 'state',
+      response: ['tokens', 'raw', 'profile']
+    }
+  })
+
+  const getUrl = (url: string) => {
+    const { defaults } = grant
+    return `${defaults.origin}${defaults.prefix}/${url}`
+  }
+
+  each(grant, (value, name) => {
+    if (name !== 'defaults') {
+      value.redirect_uri = value.redirect_uri || getUrl(`${name}/callback`)
+    }
+  })
+
+  return grant
 }
 
-export const getDefaultSettings = (_app: Application, other?: Partial<OauthSetupSettings>) => {
-  const defaults: OauthSetupSettings = {
-    linkStrategy: 'jwt',
-    ...other
+export const setExpressParams: RequestHandler = (req, res, next) => {
+  req.session.destroy ||= () => {
+    req.session = null
   }
 
-  return defaults
+  req.feathers = {
+    ...req.feathers,
+    session: req.session,
+    state: res.locals
+  }
+
+  next()
+}
+
+export const setKoaParams: Middleware = async (ctx, next) => {
+  ctx.session.destroy ||= () => {
+    ctx.session = null
+  }
+
+  ctx.feathers = {
+    ...ctx.feathers,
+    session: ctx.session,
+    state: ctx.state
+  } as any
+
+  await next()
+}
+
+export const getServiceOptions = (
+  service: AuthenticationService,
+  settings: OauthSetupSettings
+): ServiceOptions => {
+  const { secret } = service.configuration
+  const koaApp = service.app as KoaApplication
+
+  if (koaApp.context) {
+    koaApp.keys = [secret]
+
+    const { koaSession = koaCookieSession({ key: 'feathers.oauth' }, koaApp as any) } = settings
+
+    return {
+      koa: {
+        before: [koaSession, setKoaParams]
+      }
+    }
+  }
+
+  const {
+    expressSession = expressCookieSession({
+      name: 'feathers.oauth',
+      keys: [secret]
+    })
+  } = settings
+
+  return {
+    express: {
+      before: [expressSession, setExpressParams]
+    }
+  }
 }

package/lib/express.d.ts

@@ -1,19 +0,0 @@
-import { Application } from '@feathersjs/feathers';
-import { OauthSetupSettings } from './utils';
-declare module 'express-session' {
-    interface SessionData {
-        redirect: string;
-        accessToken: string;
-        query: {
-            [key: string]: any;
-        };
-        grant: {
-            [key: string]: any;
-        };
-        headers: {
-            [key: string]: any;
-        };
-    }
-}
-declare const _default: (options: OauthSetupSettings) => (feathersApp: Application) => void;
-export default _default;

package/lib/express.js

@@ -1,120 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const grant_1 = __importDefault(require("grant"));
-const express_session_1 = __importDefault(require("express-session"));
-const commons_1 = require("@feathersjs/commons");
-const express_1 = require("@feathersjs/express");
-const grantInstance = grant_1.default.express();
-const debug = (0, commons_1.createDebug)('@feathersjs/authentication-oauth/express');
-exports.default = (options) => {
-    return (feathersApp) => {
-        const { authService, linkStrategy } = options;
-        const app = feathersApp;
-        const config = app.get('grant');
-        if (!config) {
-            debug('No grant configuration found, skipping Express oAuth setup');
-            return;
-        }
-        const { prefix } = config.defaults;
-        const expressSession = options.expressSession ||
-            (0, express_session_1.default)({
-                secret: Math.random().toString(36).substring(7),
-                saveUninitialized: true,
-                resave: true
-            });
-        const grantApp = grantInstance(config);
-        const authApp = (0, express_1.original)();
-        authApp.use(expressSession);
-        authApp.get('/:name', (req, _res, next) => {
-            const { feathers_token, redirect, ...query } = req.query;
-            if (feathers_token) {
-                debug('Got feathers_token query parameter to link accounts', feathers_token);
-                req.session.accessToken = feathers_token;
-            }
-            req.session.redirect = redirect;
-            req.session.query = query;
-            req.session.headers = req.headers;
-            if (typeof req.session.save === 'function') {
-                req.session.save((err) => {
-                    if (err) {
-                        next(`Error storing session: ${err}`);
-                    }
-                    else {
-                        next();
-                    }
-                });
-            }
-            else {
-                next();
-            }
-        });
-        authApp.get('/:name/authenticate', async (req, res, next) => {
-            const { name } = req.params;
-            const { accessToken, grant, query = {}, redirect, headers } = req.session;
-            const service = app.defaultAuthentication(authService);
-            const [strategy] = service.getStrategies(name);
-            const params = {
-                ...req.feathers,
-                authStrategies: [name],
-                authentication: accessToken
-                    ? {
-                        strategy: linkStrategy,
-                        accessToken
-                    }
-                    : null,
-                query,
-                redirect,
-                headers
-            };
-            const sendResponse = async (data) => {
-                try {
-                    const redirect = await strategy.getRedirect(data, params);
-                    if (redirect !== null) {
-                        res.redirect(redirect);
-                    }
-                    else if (data instanceof Error) {
-                        throw data;
-                    }
-                    else {
-                        res.json(data);
-                    }
-                }
-                catch (error) {
-                    debug('oAuth error', error);
-                    next(error);
-                }
-            };
-            try {
-                const payload = config.defaults.transport === 'session' ? grant.response : req.query;
-                const authentication = {
-                    strategy: name,
-                    ...payload
-                };
-                await new Promise((resolve, reject) => {
-                    if (req.session.destroy) {
-                        req.session.destroy((err) => (err ? reject(err) : resolve()));
-                    }
-                    else {
-                        req.session = null;
-                        resolve();
-                    }
-                });
-                debug(`Calling ${authService}.create authentication with strategy ${name}`);
-                const authResult = await service.create(authentication, params);
-                debug('Successful oAuth authentication, sending response');
-                await sendResponse(authResult);
-            }
-            catch (error) {
-                debug('Received oAuth authentication error', error.stack);
-                await sendResponse(error);
-            }
-        });
-        authApp.use(grantApp);
-        app.set('grant', grantApp.config);
-        app.use(prefix, authApp);
-    };
-};
-//# sourceMappingURL=express.js.map

package/lib/express.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"express.js","sourceRoot":"","sources":["../src/express.ts"],"names":[],"mappings":";;;;;AAAA,kDAAyB;AACzB,sEAAqC;AAErC,iDAAiD;AAGjD,iDAAoG;AAIpG,MAAM,aAAa,GAAG,eAAK,CAAC,OAAO,EAAE,CAAA;AACrC,MAAM,KAAK,GAAG,IAAA,qBAAW,EAAC,0CAA0C,CAAC,CAAA;AAYrE,kBAAe,CAAC,OAA2B,EAAE,EAAE;IAC7C,OAAO,CAAC,WAAwB,EAAE,EAAE;QAClC,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,GAAG,OAAO,CAAA;QAC7C,MAAM,GAAG,GAAG,WAAiC,CAAA;QAC7C,MAAM,MAAM,GAAG,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;QAE/B,IAAI,CAAC,MAAM,EAAE;YACX,KAAK,CAAC,4DAA4D,CAAC,CAAA;YACnE,OAAM;SACP;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAA;QAClC,MAAM,cAAc,GAClB,OAAO,CAAC,cAAc;YACtB,IAAA,yBAAO,EAAC;gBACN,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;gBAC/C,iBAAiB,EAAE,IAAI;gBACvB,MAAM,EAAE,IAAI;aACb,CAAC,CAAA;QACJ,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAA;QACtC,MAAM,OAAO,GAAG,IAAA,kBAAe,GAAE,CAAA;QAEjC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAA;QAE3B,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,GAAY,EAAE,IAAc,EAAE,IAAkB,EAAE,EAAE;YACzE,MAAM,EAAE,cAAc,EAAE,QAAQ,EAAE,GAAG,KAAK,EAAE,GAAG,GAAG,CAAC,KAAK,CAAA;YAExD,IAAI,cAAc,EAAE;gBAClB,KAAK,CAAC,qDAAqD,EAAE,cAAc,CAAC,CAAA;gBAC5E,GAAG,CAAC,OAAO,CAAC,WAAW,GAAG,cAAwB,CAAA;aACnD;YACD,GAAG,CAAC,OAAO,CAAC,QAAQ,GAAG,QAAkB,CAAA;YACzC,GAAG,CAAC,OAAO,CAAC,KAAK,GAAG,KAAK,CAAA;YACzB,GAAG,CAAC,OAAO,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAA;YACjC,IAAI,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,KAAK,UAAU,EAAE;gBAC1C,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,GAAQ,EAAE,EAAE;oBAC5B,IAAI,GAAG,EAAE;wBACP,IAAI,CAAC,0BAA0B,GAAG,EAAE,CAAC,CAAA;qBACtC;yBAAM;wBACL,IAAI,EAAE,CAAA;qBACP;gBACH,CAAC,CAAC,CAAA;aACH;iBAAM;gBACL,IAAI,EAAE,CAAA;aACP;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,qBAAqB,EAAE,KAAK,EAAE,GAAY,EAAE,GAAa,EAAE,IAAkB,EAAE,EAAE;YAC3F,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,CAAC,MAAM,CAAA;YAC3B,MAAM,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,GAAG,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,CAAA;YACzE,MAAM,OAAO,GAAG,GAAG,CAAC,qBAAqB,CAAC,WAAW,CAAC,CAAA;YACtD,MAAM,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,aAAa,CAAC,IAAI,CAAoB,CAAA;YACjE,MAAM,MAAM,GAAG;gBACb,GAAG,GAAG,CAAC,QAAQ;gBACf,cAAc,EAAE,CAAC,IAAI,CAAC;gBACtB,cAAc,EAAE,WAAW;oBACzB,CAAC,CAAC;wBACE,QAAQ,EAAE,YAAY;wBACtB,WAAW;qBACZ;oBACH,CAAC,CAAC,IAAI;gBACR,KAAK;gBACL,QAAQ;gBACR,OAAO;aACR,CAAA;YACD,MAAM,YAAY,GAAG,KAAK,EAAE,IAAkC,EAAE,EAAE;gBAChE,IAAI;oBACF,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAA;oBAEzD,IAAI,QAAQ,KAAK,IAAI,EAAE;wBACrB,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;qBACvB;yBAAM,IAAI,IAAI,YAAY,KAAK,EAAE;wBAChC,MAAM,IAAI,CAAA;qBACX;yBAAM;wBACL,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;qBACf;iBACF;gBAAC,OAAO,KAAU,EAAE;oBACnB,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,CAAA;oBAC3B,IAAI,CAAC,KAAK,CAAC,CAAA;iBACZ;YACH,CAAC,CAAA;YAED,IAAI;gBACF,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAA;gBACpF,MAAM,cAAc,GAAG;oBACrB,QAAQ,EAAE,IAAI;oBACd,GAAG,OAAO;iBACX,CAAA;gBAED,MAAM,IAAI,OAAO,CAAO,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBAC1C,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE;wBACvB,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,GAAQ,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;qBACnE;yBAAM;wBACL,GAAG,CAAC,OAAO,GAAG,IAAI,CAAA;wBAClB,OAAO,EAAE,CAAA;qBACV;gBACH,CAAC,CAAC,CAAA;gBAEF,KAAK,CAAC,WAAW,WAAW,wCAAwC,IAAI,EAAE,CAAC,CAAA;gBAE3E,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAA;gBAE/D,KAAK,CAAC,mDAAmD,CAAC,CAAA;gBAE1D,MAAM,YAAY,CAAC,UAAU,CAAC,CAAA;aAC/B;YAAC,OAAO,KAAU,EAAE;gBACnB,KAAK,CAAC,qCAAqC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAA;gBACzD,MAAM,YAAY,CAAC,KAAK,CAAC,CAAA;aAC1B;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;QAErB,GAAG,CAAC,GAAG,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAA;QACjC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC1B,CAAC,CAAA;AACH,CAAC,CAAA"}