@google/gemini-cli-core 0.1.12-nightly.250714.b018e2d3 → 0.1.13

package/dist/src/mcp/oauth-provider.test.js

@@ -0,0 +1,520 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import * as http from 'node:http';
+import * as crypto from 'node:crypto';
+import open from 'open';
+import { MCPOAuthProvider, } from './oauth-provider.js';
+import { MCPOAuthTokenStorage } from './oauth-token-storage.js';
+// Mock dependencies
+vi.mock('open');
+vi.mock('node:crypto');
+vi.mock('./oauth-token-storage.js');
+// Mock fetch globally
+const mockFetch = vi.fn();
+global.fetch = mockFetch;
+// Define a reusable mock server with .listen, .close, and .on methods
+const mockHttpServer = {
+    listen: vi.fn(),
+    close: vi.fn(),
+    on: vi.fn(),
+};
+vi.mock('node:http', () => ({
+    createServer: vi.fn(() => mockHttpServer),
+}));
+describe('MCPOAuthProvider', () => {
+    const mockConfig = {
+        enabled: true,
+        clientId: 'test-client-id',
+        clientSecret: 'test-client-secret',
+        authorizationUrl: 'https://auth.example.com/authorize',
+        tokenUrl: 'https://auth.example.com/token',
+        scopes: ['read', 'write'],
+        redirectUri: 'http://localhost:7777/oauth/callback',
+    };
+    const mockToken = {
+        accessToken: 'access_token_123',
+        refreshToken: 'refresh_token_456',
+        tokenType: 'Bearer',
+        scope: 'read write',
+        expiresAt: Date.now() + 3600000,
+    };
+    const mockTokenResponse = {
+        access_token: 'access_token_123',
+        token_type: 'Bearer',
+        expires_in: 3600,
+        refresh_token: 'refresh_token_456',
+        scope: 'read write',
+    };
+    beforeEach(() => {
+        vi.clearAllMocks();
+        vi.spyOn(console, 'log').mockImplementation(() => { });
+        vi.spyOn(console, 'warn').mockImplementation(() => { });
+        vi.spyOn(console, 'error').mockImplementation(() => { });
+        // Mock crypto functions
+        vi.mocked(crypto.randomBytes).mockImplementation((size) => {
+            if (size === 32)
+                return Buffer.from('code_verifier_mock_32_bytes_long');
+            if (size === 16)
+                return Buffer.from('state_mock_16_by');
+            return Buffer.alloc(size);
+        });
+        vi.mocked(crypto.createHash).mockReturnValue({
+            update: vi.fn().mockReturnThis(),
+            digest: vi.fn().mockReturnValue('code_challenge_mock'),
+        });
+        // Mock randomBytes to return predictable values for state
+        vi.mocked(crypto.randomBytes).mockImplementation((size) => {
+            if (size === 32) {
+                return Buffer.from('mock_code_verifier_32_bytes_long_string');
+            }
+            else if (size === 16) {
+                return Buffer.from('mock_state_16_bytes');
+            }
+            return Buffer.alloc(size);
+        });
+        // Mock token storage
+        vi.mocked(MCPOAuthTokenStorage.saveToken).mockResolvedValue(undefined);
+        vi.mocked(MCPOAuthTokenStorage.getToken).mockResolvedValue(null);
+    });
+    afterEach(() => {
+        vi.restoreAllMocks();
+    });
+    describe('authenticate', () => {
+        it('should perform complete OAuth flow with PKCE', async () => {
+            // Mock HTTP server callback
+            let callbackHandler;
+            vi.mocked(http.createServer).mockImplementation((handler) => {
+                callbackHandler = handler;
+                return mockHttpServer;
+            });
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                // Simulate OAuth callback
+                setTimeout(() => {
+                    const mockReq = {
+                        url: '/oauth/callback?code=auth_code_123&state=bW9ja19zdGF0ZV8xNl9ieXRlcw',
+                    };
+                    const mockRes = {
+                        writeHead: vi.fn(),
+                        end: vi.fn(),
+                    };
+                    callbackHandler(mockReq, mockRes);
+                }, 10);
+            });
+            // Mock token exchange
+            mockFetch.mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockTokenResponse),
+            });
+            const result = await MCPOAuthProvider.authenticate('test-server', mockConfig);
+            expect(result).toEqual({
+                accessToken: 'access_token_123',
+                refreshToken: 'refresh_token_456',
+                tokenType: 'Bearer',
+                scope: 'read write',
+                expiresAt: expect.any(Number),
+            });
+            expect(open).toHaveBeenCalledWith(expect.stringContaining('authorize'));
+            expect(MCPOAuthTokenStorage.saveToken).toHaveBeenCalledWith('test-server', expect.objectContaining({ accessToken: 'access_token_123' }), 'test-client-id', 'https://auth.example.com/token');
+        });
+        it('should handle OAuth discovery when no authorization URL provided', async () => {
+            // Use a mutable config object
+            const configWithoutAuth = { ...mockConfig };
+            delete configWithoutAuth.authorizationUrl;
+            delete configWithoutAuth.tokenUrl;
+            const mockResourceMetadata = {
+                authorization_servers: ['https://discovered.auth.com'],
+            };
+            const mockAuthServerMetadata = {
+                authorization_endpoint: 'https://discovered.auth.com/authorize',
+                token_endpoint: 'https://discovered.auth.com/token',
+                scopes_supported: ['read', 'write'],
+            };
+            mockFetch
+                .mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockResourceMetadata),
+            })
+                .mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockAuthServerMetadata),
+            });
+            // Patch config after discovery
+            configWithoutAuth.authorizationUrl =
+                mockAuthServerMetadata.authorization_endpoint;
+            configWithoutAuth.tokenUrl = mockAuthServerMetadata.token_endpoint;
+            configWithoutAuth.scopes = mockAuthServerMetadata.scopes_supported;
+            // Setup callback handler
+            let callbackHandler;
+            vi.mocked(http.createServer).mockImplementation((handler) => {
+                callbackHandler = handler;
+                return mockHttpServer;
+            });
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                setTimeout(() => {
+                    const mockReq = {
+                        url: '/oauth/callback?code=auth_code_123&state=bW9ja19zdGF0ZV8xNl9ieXRlcw',
+                    };
+                    const mockRes = {
+                        writeHead: vi.fn(),
+                        end: vi.fn(),
+                    };
+                    callbackHandler(mockReq, mockRes);
+                }, 10);
+            });
+            // Mock token exchange with discovered endpoint
+            mockFetch.mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockTokenResponse),
+            });
+            const result = await MCPOAuthProvider.authenticate('test-server', configWithoutAuth, 'https://api.example.com');
+            expect(result).toBeDefined();
+            expect(mockFetch).toHaveBeenCalledWith('https://discovered.auth.com/token', expect.objectContaining({
+                method: 'POST',
+                headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+            }));
+        });
+        it('should perform dynamic client registration when no client ID provided', async () => {
+            const configWithoutClient = { ...mockConfig };
+            delete configWithoutClient.clientId;
+            const mockRegistrationResponse = {
+                client_id: 'dynamic_client_id',
+                client_secret: 'dynamic_client_secret',
+                redirect_uris: ['http://localhost:7777/oauth/callback'],
+                grant_types: ['authorization_code', 'refresh_token'],
+                response_types: ['code'],
+                token_endpoint_auth_method: 'none',
+            };
+            const mockAuthServerMetadata = {
+                authorization_endpoint: 'https://auth.example.com/authorize',
+                token_endpoint: 'https://auth.example.com/token',
+                registration_endpoint: 'https://auth.example.com/register',
+            };
+            mockFetch
+                .mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockAuthServerMetadata),
+            })
+                .mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockRegistrationResponse),
+            });
+            // Setup callback handler
+            let callbackHandler;
+            vi.mocked(http.createServer).mockImplementation((handler) => {
+                callbackHandler = handler;
+                return mockHttpServer;
+            });
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                setTimeout(() => {
+                    const mockReq = {
+                        url: '/oauth/callback?code=auth_code_123&state=bW9ja19zdGF0ZV8xNl9ieXRlcw',
+                    };
+                    const mockRes = {
+                        writeHead: vi.fn(),
+                        end: vi.fn(),
+                    };
+                    callbackHandler(mockReq, mockRes);
+                }, 10);
+            });
+            // Mock token exchange
+            mockFetch.mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockTokenResponse),
+            });
+            const result = await MCPOAuthProvider.authenticate('test-server', configWithoutClient);
+            expect(result).toBeDefined();
+            expect(mockFetch).toHaveBeenCalledWith('https://auth.example.com/register', expect.objectContaining({
+                method: 'POST',
+                headers: { 'Content-Type': 'application/json' },
+            }));
+        });
+        it('should handle OAuth callback errors', async () => {
+            let callbackHandler;
+            vi.mocked(http.createServer).mockImplementation((handler) => {
+                callbackHandler = handler;
+                return mockHttpServer;
+            });
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                setTimeout(() => {
+                    const mockReq = {
+                        url: '/oauth/callback?error=access_denied&error_description=User%20denied%20access',
+                    };
+                    const mockRes = {
+                        writeHead: vi.fn(),
+                        end: vi.fn(),
+                    };
+                    callbackHandler(mockReq, mockRes);
+                }, 10);
+            });
+            await expect(MCPOAuthProvider.authenticate('test-server', mockConfig)).rejects.toThrow('OAuth error: access_denied');
+        });
+        it('should handle state mismatch in callback', async () => {
+            let callbackHandler;
+            vi.mocked(http.createServer).mockImplementation((handler) => {
+                callbackHandler = handler;
+                return mockHttpServer;
+            });
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                setTimeout(() => {
+                    const mockReq = {
+                        url: '/oauth/callback?code=auth_code_123&state=wrong_state',
+                    };
+                    const mockRes = {
+                        writeHead: vi.fn(),
+                        end: vi.fn(),
+                    };
+                    callbackHandler(mockReq, mockRes);
+                }, 10);
+            });
+            await expect(MCPOAuthProvider.authenticate('test-server', mockConfig)).rejects.toThrow('State mismatch - possible CSRF attack');
+        });
+        it('should handle token exchange failure', async () => {
+            let callbackHandler;
+            vi.mocked(http.createServer).mockImplementation((handler) => {
+                callbackHandler = handler;
+                return mockHttpServer;
+            });
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                setTimeout(() => {
+                    const mockReq = {
+                        url: '/oauth/callback?code=auth_code_123&state=bW9ja19zdGF0ZV8xNl9ieXRlcw',
+                    };
+                    const mockRes = {
+                        writeHead: vi.fn(),
+                        end: vi.fn(),
+                    };
+                    callbackHandler(mockReq, mockRes);
+                }, 10);
+            });
+            mockFetch.mockResolvedValueOnce({
+                ok: false,
+                status: 400,
+                text: () => Promise.resolve('Invalid grant'),
+            });
+            await expect(MCPOAuthProvider.authenticate('test-server', mockConfig)).rejects.toThrow('Token exchange failed: 400 - Invalid grant');
+        });
+        it('should handle callback timeout', async () => {
+            vi.mocked(http.createServer).mockImplementation(() => mockHttpServer);
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                // Don't trigger callback - simulate timeout
+            });
+            // Mock setTimeout to trigger timeout immediately
+            const originalSetTimeout = global.setTimeout;
+            global.setTimeout = vi.fn((callback, delay) => {
+                if (delay === 5 * 60 * 1000) {
+                    // 5 minute timeout
+                    callback();
+                }
+                return originalSetTimeout(callback, 0);
+            });
+            await expect(MCPOAuthProvider.authenticate('test-server', mockConfig)).rejects.toThrow('OAuth callback timeout');
+            global.setTimeout = originalSetTimeout;
+        });
+    });
+    describe('refreshAccessToken', () => {
+        it('should refresh token successfully', async () => {
+            const refreshResponse = {
+                access_token: 'new_access_token',
+                token_type: 'Bearer',
+                expires_in: 3600,
+                refresh_token: 'new_refresh_token',
+            };
+            mockFetch.mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(refreshResponse),
+            });
+            const result = await MCPOAuthProvider.refreshAccessToken(mockConfig, 'old_refresh_token', 'https://auth.example.com/token');
+            expect(result).toEqual(refreshResponse);
+            expect(mockFetch).toHaveBeenCalledWith('https://auth.example.com/token', expect.objectContaining({
+                method: 'POST',
+                headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+                body: expect.stringContaining('grant_type=refresh_token'),
+            }));
+        });
+        it('should include client secret in refresh request when available', async () => {
+            mockFetch.mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockTokenResponse),
+            });
+            await MCPOAuthProvider.refreshAccessToken(mockConfig, 'refresh_token', 'https://auth.example.com/token');
+            const fetchCall = mockFetch.mock.calls[0];
+            expect(fetchCall[1].body).toContain('client_secret=test-client-secret');
+        });
+        it('should handle refresh token failure', async () => {
+            mockFetch.mockResolvedValueOnce({
+                ok: false,
+                status: 400,
+                text: () => Promise.resolve('Invalid refresh token'),
+            });
+            await expect(MCPOAuthProvider.refreshAccessToken(mockConfig, 'invalid_refresh_token', 'https://auth.example.com/token')).rejects.toThrow('Token refresh failed: 400 - Invalid refresh token');
+        });
+    });
+    describe('getValidToken', () => {
+        it('should return valid token when not expired', async () => {
+            const validCredentials = {
+                serverName: 'test-server',
+                token: mockToken,
+                clientId: 'test-client-id',
+                tokenUrl: 'https://auth.example.com/token',
+                updatedAt: Date.now(),
+            };
+            vi.mocked(MCPOAuthTokenStorage.getToken).mockResolvedValue(validCredentials);
+            vi.mocked(MCPOAuthTokenStorage.isTokenExpired).mockReturnValue(false);
+            const result = await MCPOAuthProvider.getValidToken('test-server', mockConfig);
+            expect(result).toBe('access_token_123');
+        });
+        it('should refresh expired token and return new token', async () => {
+            const expiredCredentials = {
+                serverName: 'test-server',
+                token: { ...mockToken, expiresAt: Date.now() - 3600000 },
+                clientId: 'test-client-id',
+                tokenUrl: 'https://auth.example.com/token',
+                updatedAt: Date.now(),
+            };
+            vi.mocked(MCPOAuthTokenStorage.getToken).mockResolvedValue(expiredCredentials);
+            vi.mocked(MCPOAuthTokenStorage.isTokenExpired).mockReturnValue(true);
+            const refreshResponse = {
+                access_token: 'new_access_token',
+                token_type: 'Bearer',
+                expires_in: 3600,
+                refresh_token: 'new_refresh_token',
+            };
+            mockFetch.mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(refreshResponse),
+            });
+            const result = await MCPOAuthProvider.getValidToken('test-server', mockConfig);
+            expect(result).toBe('new_access_token');
+            expect(MCPOAuthTokenStorage.saveToken).toHaveBeenCalledWith('test-server', expect.objectContaining({ accessToken: 'new_access_token' }), 'test-client-id', 'https://auth.example.com/token');
+        });
+        it('should return null when no credentials exist', async () => {
+            vi.mocked(MCPOAuthTokenStorage.getToken).mockResolvedValue(null);
+            const result = await MCPOAuthProvider.getValidToken('test-server', mockConfig);
+            expect(result).toBeNull();
+        });
+        it('should handle refresh failure and remove invalid token', async () => {
+            const expiredCredentials = {
+                serverName: 'test-server',
+                token: { ...mockToken, expiresAt: Date.now() - 3600000 },
+                clientId: 'test-client-id',
+                tokenUrl: 'https://auth.example.com/token',
+                updatedAt: Date.now(),
+            };
+            vi.mocked(MCPOAuthTokenStorage.getToken).mockResolvedValue(expiredCredentials);
+            vi.mocked(MCPOAuthTokenStorage.isTokenExpired).mockReturnValue(true);
+            vi.mocked(MCPOAuthTokenStorage.removeToken).mockResolvedValue(undefined);
+            mockFetch.mockResolvedValueOnce({
+                ok: false,
+                status: 400,
+                text: () => Promise.resolve('Invalid refresh token'),
+            });
+            const result = await MCPOAuthProvider.getValidToken('test-server', mockConfig);
+            expect(result).toBeNull();
+            expect(MCPOAuthTokenStorage.removeToken).toHaveBeenCalledWith('test-server');
+            expect(console.error).toHaveBeenCalledWith(expect.stringContaining('Failed to refresh token'));
+        });
+        it('should return null for token without refresh capability', async () => {
+            const tokenWithoutRefresh = {
+                serverName: 'test-server',
+                token: {
+                    ...mockToken,
+                    refreshToken: undefined,
+                    expiresAt: Date.now() - 3600000,
+                },
+                clientId: 'test-client-id',
+                tokenUrl: 'https://auth.example.com/token',
+                updatedAt: Date.now(),
+            };
+            vi.mocked(MCPOAuthTokenStorage.getToken).mockResolvedValue(tokenWithoutRefresh);
+            vi.mocked(MCPOAuthTokenStorage.isTokenExpired).mockReturnValue(true);
+            const result = await MCPOAuthProvider.getValidToken('test-server', mockConfig);
+            expect(result).toBeNull();
+        });
+    });
+    describe('PKCE parameter generation', () => {
+        it('should generate valid PKCE parameters', async () => {
+            // Test is implicit in the authenticate flow tests, but we can verify
+            // the crypto mocks are called correctly
+            let callbackHandler;
+            vi.mocked(http.createServer).mockImplementation((handler) => {
+                callbackHandler = handler;
+                return mockHttpServer;
+            });
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                setTimeout(() => {
+                    const mockReq = {
+                        url: '/oauth/callback?code=auth_code_123&state=bW9ja19zdGF0ZV8xNl9ieXRlcw',
+                    };
+                    const mockRes = {
+                        writeHead: vi.fn(),
+                        end: vi.fn(),
+                    };
+                    callbackHandler(mockReq, mockRes);
+                }, 10);
+            });
+            mockFetch.mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockTokenResponse),
+            });
+            await MCPOAuthProvider.authenticate('test-server', mockConfig);
+            expect(crypto.randomBytes).toHaveBeenCalledWith(32); // code verifier
+            expect(crypto.randomBytes).toHaveBeenCalledWith(16); // state
+            expect(crypto.createHash).toHaveBeenCalledWith('sha256');
+        });
+    });
+    describe('Authorization URL building', () => {
+        it('should build correct authorization URL with all parameters', async () => {
+            // Mock to capture the URL that would be opened
+            let capturedUrl;
+            vi.mocked(open).mockImplementation((url) => {
+                capturedUrl = url;
+                // Return a minimal mock ChildProcess
+                return Promise.resolve({
+                    pid: 1234,
+                });
+            });
+            let callbackHandler;
+            vi.mocked(http.createServer).mockImplementation((handler) => {
+                callbackHandler = handler;
+                return mockHttpServer;
+            });
+            mockHttpServer.listen.mockImplementation((port, callback) => {
+                callback?.();
+                setTimeout(() => {
+                    const mockReq = {
+                        url: '/oauth/callback?code=auth_code_123&state=bW9ja19zdGF0ZV8xNl9ieXRlcw',
+                    };
+                    const mockRes = {
+                        writeHead: vi.fn(),
+                        end: vi.fn(),
+                    };
+                    callbackHandler(mockReq, mockRes);
+                }, 10);
+            });
+            mockFetch.mockResolvedValueOnce({
+                ok: true,
+                json: () => Promise.resolve(mockTokenResponse),
+            });
+            await MCPOAuthProvider.authenticate('test-server', mockConfig);
+            expect(capturedUrl).toContain('response_type=code');
+            expect(capturedUrl).toContain('client_id=test-client-id');
+            expect(capturedUrl).toContain('code_challenge=code_challenge_mock');
+            expect(capturedUrl).toContain('code_challenge_method=S256');
+            expect(capturedUrl).toContain('scope=read+write');
+            expect(capturedUrl).toContain('resource=https%3A%2F%2Fauth.example.com');
+        });
+    });
+});
+//# sourceMappingURL=oauth-provider.test.js.map

package/dist/src/mcp/oauth-provider.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"oauth-provider.test.js","sourceRoot":"","sources":["../../../src/mcp/oauth-provider.test.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACzE,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AACtC,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EACL,gBAAgB,GAIjB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,oBAAoB,EAAiB,MAAM,0BAA0B,CAAC;AAE/E,oBAAoB;AACpB,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAChB,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;AACvB,EAAE,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;AAEpC,sBAAsB;AACtB,MAAM,SAAS,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;AAC1B,MAAM,CAAC,KAAK,GAAG,SAAS,CAAC;AAEzB,sEAAsE;AACtE,MAAM,cAAc,GAAG;IACrB,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE;IACf,KAAK,EAAE,EAAE,CAAC,EAAE,EAAE;IACd,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE;CACZ,CAAC;AACF,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC;IAC1B,YAAY,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,cAAc,CAAC;CAC1C,CAAC,CAAC,CAAC;AAEJ,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,MAAM,UAAU,GAAmB;QACjC,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,gBAAgB;QAC1B,YAAY,EAAE,oBAAoB;QAClC,gBAAgB,EAAE,oCAAoC;QACtD,QAAQ,EAAE,gCAAgC;QAC1C,MAAM,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;QACzB,WAAW,EAAE,sCAAsC;KACpD,CAAC;IAEF,MAAM,SAAS,GAAkB;QAC/B,WAAW,EAAE,kBAAkB;QAC/B,YAAY,EAAE,mBAAmB;QACjC,SAAS,EAAE,QAAQ;QACnB,KAAK,EAAE,YAAY;QACnB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO;KAChC,CAAC;IAEF,MAAM,iBAAiB,GAAuB;QAC5C,YAAY,EAAE,kBAAkB;QAChC,UAAU,EAAE,QAAQ;QACpB,UAAU,EAAE,IAAI;QAChB,aAAa,EAAE,mBAAmB;QAClC,KAAK,EAAE,YAAY;KACpB,CAAC;IAEF,UAAU,CAAC,GAAG,EAAE;QACd,EAAE,CAAC,aAAa,EAAE,CAAC;QACnB,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACtD,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACvD,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,kBAAkB,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QAExD,wBAAwB;QACxB,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,IAAY,EAAE,EAAE;YAChE,IAAI,IAAI,KAAK,EAAE;gBAAE,OAAO,MAAM,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;YACxE,IAAI,IAAI,KAAK,EAAE;gBAAE,OAAO,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACxD,OAAO,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,eAAe,CAAC;YAC3C,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,cAAc,EAAE;YAChC,MAAM,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,qBAAqB,CAAC;SAC7B,CAAC,CAAC;QAE7B,0DAA0D;QAC1D,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,EAAE;YACxD,IAAI,IAAI,KAAK,EAAE,EAAE,CAAC;gBAChB,OAAO,MAAM,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;YAChE,CAAC;iBAAM,IAAI,IAAI,KAAK,EAAE,EAAE,CAAC;gBACvB,OAAO,MAAM,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;YAC5C,CAAC;YACD,OAAO,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,qBAAqB;QACrB,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QACvE,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,GAAG,EAAE;QACb,EAAE,CAAC,eAAe,EAAE,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;YAC5D,4BAA4B;YAC5B,IAAI,eAAwB,CAAC;YAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC1D,eAAe,GAAG,OAAO,CAAC;gBAC1B,OAAO,cAAwC,CAAC;YAClD,CAAC,CAAC,CAAC;YAEH,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,0BAA0B;gBAC1B,UAAU,CAAC,GAAG,EAAE;oBACd,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,qEAAqE;qBAC3E,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;wBAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;qBACb,CAAC;oBACD,eAAwD,CACvD,OAAO,EACP,OAAO,CACR,CAAC;gBACJ,CAAC,EAAE,EAAE,CAAC,CAAC;YACT,CAAC,CAAC,CAAC;YAEH,sBAAsB;YACtB,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC;aAC/C,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,YAAY,CAChD,aAAa,EACb,UAAU,CACX,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC;gBACrB,WAAW,EAAE,kBAAkB;gBAC/B,YAAY,EAAE,mBAAmB;gBACjC,SAAS,EAAE,QAAQ;gBACnB,KAAK,EAAE,YAAY;gBACnB,SAAS,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC;aAC9B,CAAC,CAAC;YAEH,MAAM,CAAC,IAAI,CAAC,CAAC,oBAAoB,CAAC,MAAM,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,CAAC;YACxE,MAAM,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzD,aAAa,EACb,MAAM,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC,EAC5D,gBAAgB,EAChB,gCAAgC,CACjC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kEAAkE,EAAE,KAAK,IAAI,EAAE;YAChF,8BAA8B;YAC9B,MAAM,iBAAiB,GAAmB,EAAE,GAAG,UAAU,EAAE,CAAC;YAC5D,OAAO,iBAAiB,CAAC,gBAAgB,CAAC;YAC1C,OAAO,iBAAiB,CAAC,QAAQ,CAAC;YAElC,MAAM,oBAAoB,GAAG;gBAC3B,qBAAqB,EAAE,CAAC,6BAA6B,CAAC;aACvD,CAAC;YAEF,MAAM,sBAAsB,GAAG;gBAC7B,sBAAsB,EAAE,uCAAuC;gBAC/D,cAAc,EAAE,mCAAmC;gBACnD,gBAAgB,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC;aACpC,CAAC;YAEF,SAAS;iBACN,qBAAqB,CAAC;gBACrB,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,oBAAoB,CAAC;aAClD,CAAC;iBACD,qBAAqB,CAAC;gBACrB,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,sBAAsB,CAAC;aACpD,CAAC,CAAC;YAEL,+BAA+B;YAC/B,iBAAiB,CAAC,gBAAgB;gBAChC,sBAAsB,CAAC,sBAAsB,CAAC;YAChD,iBAAiB,CAAC,QAAQ,GAAG,sBAAsB,CAAC,cAAc,CAAC;YACnE,iBAAiB,CAAC,MAAM,GAAG,sBAAsB,CAAC,gBAAgB,CAAC;YAEnE,yBAAyB;YACzB,IAAI,eAAwB,CAAC;YAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC1D,eAAe,GAAG,OAAO,CAAC;gBAC1B,OAAO,cAAwC,CAAC;YAClD,CAAC,CAAC,CAAC;YAEH,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,UAAU,CAAC,GAAG,EAAE;oBACd,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,qEAAqE;qBAC3E,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;wBAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;qBACb,CAAC;oBACD,eAAwD,CACvD,OAAO,EACP,OAAO,CACR,CAAC;gBACJ,CAAC,EAAE,EAAE,CAAC,CAAC;YACT,CAAC,CAAC,CAAC;YAEH,+CAA+C;YAC/C,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC;aAC/C,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,YAAY,CAChD,aAAa,EACb,iBAAiB,EACjB,yBAAyB,CAC1B,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACpC,mCAAmC,EACnC,MAAM,CAAC,gBAAgB,CAAC;gBACtB,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;aACjE,CAAC,CACH,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uEAAuE,EAAE,KAAK,IAAI,EAAE;YACrF,MAAM,mBAAmB,GAAG,EAAE,GAAG,UAAU,EAAE,CAAC;YAC9C,OAAO,mBAAmB,CAAC,QAAQ,CAAC;YAEpC,MAAM,wBAAwB,GAAoC;gBAChE,SAAS,EAAE,mBAAmB;gBAC9B,aAAa,EAAE,uBAAuB;gBACtC,aAAa,EAAE,CAAC,sCAAsC,CAAC;gBACvD,WAAW,EAAE,CAAC,oBAAoB,EAAE,eAAe,CAAC;gBACpD,cAAc,EAAE,CAAC,MAAM,CAAC;gBACxB,0BAA0B,EAAE,MAAM;aACnC,CAAC;YAEF,MAAM,sBAAsB,GAAG;gBAC7B,sBAAsB,EAAE,oCAAoC;gBAC5D,cAAc,EAAE,gCAAgC;gBAChD,qBAAqB,EAAE,mCAAmC;aAC3D,CAAC;YAEF,SAAS;iBACN,qBAAqB,CAAC;gBACrB,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,sBAAsB,CAAC;aACpD,CAAC;iBACD,qBAAqB,CAAC;gBACrB,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,wBAAwB,CAAC;aACtD,CAAC,CAAC;YAEL,yBAAyB;YACzB,IAAI,eAAwB,CAAC;YAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC1D,eAAe,GAAG,OAAO,CAAC;gBAC1B,OAAO,cAAwC,CAAC;YAClD,CAAC,CAAC,CAAC;YAEH,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,UAAU,CAAC,GAAG,EAAE;oBACd,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,qEAAqE;qBAC3E,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;wBAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;qBACb,CAAC;oBACD,eAAwD,CACvD,OAAO,EACP,OAAO,CACR,CAAC;gBACJ,CAAC,EAAE,EAAE,CAAC,CAAC;YACT,CAAC,CAAC,CAAC;YAEH,sBAAsB;YACtB,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC;aAC/C,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,YAAY,CAChD,aAAa,EACb,mBAAmB,CACpB,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACpC,mCAAmC,EACnC,MAAM,CAAC,gBAAgB,CAAC;gBACtB,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;aAChD,CAAC,CACH,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;YACnD,IAAI,eAAwB,CAAC;YAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC1D,eAAe,GAAG,OAAO,CAAC;gBAC1B,OAAO,cAAwC,CAAC;YAClD,CAAC,CAAC,CAAC;YAEH,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,UAAU,CAAC,GAAG,EAAE;oBACd,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,8EAA8E;qBACpF,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;wBAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;qBACb,CAAC;oBACD,eAAwD,CACvD,OAAO,EACP,OAAO,CACR,CAAC;gBACJ,CAAC,EAAE,EAAE,CAAC,CAAC;YACT,CAAC,CAAC,CAAC;YAEH,MAAM,MAAM,CACV,gBAAgB,CAAC,YAAY,CAAC,aAAa,EAAE,UAAU,CAAC,CACzD,CAAC,OAAO,CAAC,OAAO,CAAC,4BAA4B,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,KAAK,IAAI,EAAE;YACxD,IAAI,eAAwB,CAAC;YAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC1D,eAAe,GAAG,OAAO,CAAC;gBAC1B,OAAO,cAAwC,CAAC;YAClD,CAAC,CAAC,CAAC;YAEH,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,UAAU,CAAC,GAAG,EAAE;oBACd,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,sDAAsD;qBAC5D,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;wBAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;qBACb,CAAC;oBACD,eAAwD,CACvD,OAAO,EACP,OAAO,CACR,CAAC;gBACJ,CAAC,EAAE,EAAE,CAAC,CAAC;YACT,CAAC,CAAC,CAAC;YAEH,MAAM,MAAM,CACV,gBAAgB,CAAC,YAAY,CAAC,aAAa,EAAE,UAAU,CAAC,CACzD,CAAC,OAAO,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC;QAC7D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YACpD,IAAI,eAAwB,CAAC;YAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC1D,eAAe,GAAG,OAAO,CAAC;gBAC1B,OAAO,cAAwC,CAAC;YAClD,CAAC,CAAC,CAAC;YAEH,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,UAAU,CAAC,GAAG,EAAE;oBACd,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,qEAAqE;qBAC3E,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;wBAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;qBACb,CAAC;oBACD,eAAwD,CACvD,OAAO,EACP,OAAO,CACR,CAAC;gBACJ,CAAC,EAAE,EAAE,CAAC,CAAC;YACT,CAAC,CAAC,CAAC;YAEH,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC;aAC7C,CAAC,CAAC;YAEH,MAAM,MAAM,CACV,gBAAgB,CAAC,YAAY,CAAC,aAAa,EAAE,UAAU,CAAC,CACzD,CAAC,OAAO,CAAC,OAAO,CAAC,4CAA4C,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;YAC9C,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAC7C,GAAG,EAAE,CAAC,cAAwC,CAC/C,CAAC;YAEF,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,4CAA4C;YAC9C,CAAC,CAAC,CAAC;YAEH,iDAAiD;YACjD,MAAM,kBAAkB,GAAG,MAAM,CAAC,UAAU,CAAC;YAC7C,MAAM,CAAC,UAAU,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,EAAE;gBAC5C,IAAI,KAAK,KAAK,CAAC,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;oBAC5B,mBAAmB;oBACnB,QAAQ,EAAE,CAAC;gBACb,CAAC;gBACD,OAAO,kBAAkB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;YACzC,CAAC,CAAiC,CAAC;YAEnC,MAAM,MAAM,CACV,gBAAgB,CAAC,YAAY,CAAC,aAAa,EAAE,UAAU,CAAC,CACzD,CAAC,OAAO,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;YAE5C,MAAM,CAAC,UAAU,GAAG,kBAAkB,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;YACjD,MAAM,eAAe,GAAG;gBACtB,YAAY,EAAE,kBAAkB;gBAChC,UAAU,EAAE,QAAQ;gBACpB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,mBAAmB;aACnC,CAAC;YAEF,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC;aAC7C,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,kBAAkB,CACtD,UAAU,EACV,mBAAmB,EACnB,gCAAgC,CACjC,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;YACxC,MAAM,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACpC,gCAAgC,EAChC,MAAM,CAAC,gBAAgB,CAAC;gBACtB,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;gBAChE,IAAI,EAAE,MAAM,CAAC,gBAAgB,CAAC,0BAA0B,CAAC;aAC1D,CAAC,CACH,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gEAAgE,EAAE,KAAK,IAAI,EAAE;YAC9E,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC;aAC/C,CAAC,CAAC;YAEH,MAAM,gBAAgB,CAAC,kBAAkB,CACvC,UAAU,EACV,eAAe,EACf,gCAAgC,CACjC,CAAC;YAEF,MAAM,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC1C,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,kCAAkC,CAAC,CAAC;QAC1E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;YACnD,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,uBAAuB,CAAC;aACrD,CAAC,CAAC;YAEH,MAAM,MAAM,CACV,gBAAgB,CAAC,kBAAkB,CACjC,UAAU,EACV,uBAAuB,EACvB,gCAAgC,CACjC,CACF,CAAC,OAAO,CAAC,OAAO,CAAC,mDAAmD,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;QAC7B,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;YAC1D,MAAM,gBAAgB,GAAG;gBACvB,UAAU,EAAE,aAAa;gBACzB,KAAK,EAAE,SAAS;gBAChB,QAAQ,EAAE,gBAAgB;gBAC1B,QAAQ,EAAE,gCAAgC;gBAC1C,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,iBAAiB,CACxD,gBAAgB,CACjB,CAAC;YACF,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC;YAEtE,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,aAAa,CACjD,aAAa,EACb,UAAU,CACX,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mDAAmD,EAAE,KAAK,IAAI,EAAE;YACjE,MAAM,kBAAkB,GAAG;gBACzB,UAAU,EAAE,aAAa;gBACzB,KAAK,EAAE,EAAE,GAAG,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,EAAE;gBACxD,QAAQ,EAAE,gBAAgB;gBAC1B,QAAQ,EAAE,gCAAgC;gBAC1C,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,iBAAiB,CACxD,kBAAkB,CACnB,CAAC;YACF,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAErE,MAAM,eAAe,GAAG;gBACtB,YAAY,EAAE,kBAAkB;gBAChC,UAAU,EAAE,QAAQ;gBACpB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,mBAAmB;aACnC,CAAC;YAEF,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC;aAC7C,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,aAAa,CACjD,aAAa,EACb,UAAU,CACX,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACxC,MAAM,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC,oBAAoB,CACzD,aAAa,EACb,MAAM,CAAC,gBAAgB,CAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE,CAAC,EAC5D,gBAAgB,EAChB,gCAAgC,CACjC,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,KAAK,IAAI,EAAE;YAC5D,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;YAEjE,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,aAAa,CACjD,aAAa,EACb,UAAU,CACX,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;YACtE,MAAM,kBAAkB,GAAG;gBACzB,UAAU,EAAE,aAAa;gBACzB,KAAK,EAAE,EAAE,GAAG,SAAS,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,EAAE;gBACxD,QAAQ,EAAE,gBAAgB;gBAC1B,QAAQ,EAAE,gCAAgC;gBAC1C,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,iBAAiB,CACxD,kBAAkB,CACnB,CAAC;YACF,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YACrE,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;YAEzE,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,KAAK;gBACT,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,uBAAuB,CAAC;aACrD,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,aAAa,CACjD,aAAa,EACb,UAAU,CACX,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC,oBAAoB,CAC3D,aAAa,CACd,CAAC;YACF,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,oBAAoB,CACxC,MAAM,CAAC,gBAAgB,CAAC,yBAAyB,CAAC,CACnD,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;YACvE,MAAM,mBAAmB,GAAG;gBAC1B,UAAU,EAAE,aAAa;gBACzB,KAAK,EAAE;oBACL,GAAG,SAAS;oBACZ,YAAY,EAAE,SAAS;oBACvB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO;iBAChC;gBACD,QAAQ,EAAE,gBAAgB;gBAC1B,QAAQ,EAAE,gCAAgC;gBAC1C,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC;YAEF,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,iBAAiB,CACxD,mBAAmB,CACpB,CAAC;YACF,EAAE,CAAC,MAAM,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC;YAErE,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,aAAa,CACjD,aAAa,EACb,UAAU,CACX,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACzC,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;YACrD,qEAAqE;YACrE,wCAAwC;YACxC,IAAI,eAAwB,CAAC;YAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC1D,eAAe,GAAG,OAAO,CAAC;gBAC1B,OAAO,cAAwC,CAAC;YAClD,CAAC,CAAC,CAAC;YAEH,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,UAAU,CAAC,GAAG,EAAE;oBACd,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,qEAAqE;qBAC3E,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;wBAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;qBACb,CAAC;oBACD,eAAwD,CACvD,OAAO,EACP,OAAO,CACR,CAAC;gBACJ,CAAC,EAAE,EAAE,CAAC,CAAC;YACT,CAAC,CAAC,CAAC;YAEH,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC;aAC/C,CAAC,CAAC;YAEH,MAAM,gBAAgB,CAAC,YAAY,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAE/D,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB;YACrE,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ;YAC7D,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,4BAA4B,EAAE,GAAG,EAAE;QAC1C,EAAE,CAAC,4DAA4D,EAAE,KAAK,IAAI,EAAE;YAC1E,+CAA+C;YAC/C,IAAI,WAAmB,CAAC;YACxB,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,kBAAkB,CAAC,CAAC,GAAG,EAAE,EAAE;gBACzC,WAAW,GAAG,GAAG,CAAC;gBAClB,qCAAqC;gBACrC,OAAO,OAAO,CAAC,OAAO,CAAC;oBACrB,GAAG,EAAE,IAAI;iBACyC,CAAC,CAAC;YACxD,CAAC,CAAC,CAAC;YAEH,IAAI,eAAwB,CAAC;YAC7B,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,kBAAkB,CAAC,CAAC,OAAO,EAAE,EAAE;gBAC1D,eAAe,GAAG,OAAO,CAAC;gBAC1B,OAAO,cAAwC,CAAC;YAClD,CAAC,CAAC,CAAC;YAEH,cAAc,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;gBAC1D,QAAQ,EAAE,EAAE,CAAC;gBACb,UAAU,CAAC,GAAG,EAAE;oBACd,MAAM,OAAO,GAAG;wBACd,GAAG,EAAE,qEAAqE;qBAC3E,CAAC;oBACF,MAAM,OAAO,GAAG;wBACd,SAAS,EAAE,EAAE,CAAC,EAAE,EAAE;wBAClB,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE;qBACb,CAAC;oBACD,eAAwD,CACvD,OAAO,EACP,OAAO,CACR,CAAC;gBACJ,CAAC,EAAE,EAAE,CAAC,CAAC;YACT,CAAC,CAAC,CAAC;YAEH,SAAS,CAAC,qBAAqB,CAAC;gBAC9B,EAAE,EAAE,IAAI;gBACR,IAAI,EAAE,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,iBAAiB,CAAC;aAC/C,CAAC,CAAC;YAEH,MAAM,gBAAgB,CAAC,YAAY,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC;YAE/D,MAAM,CAAC,WAAY,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;YACrD,MAAM,CAAC,WAAY,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;YAC3D,MAAM,CAAC,WAAY,CAAC,CAAC,SAAS,CAAC,oCAAoC,CAAC,CAAC;YACrE,MAAM,CAAC,WAAY,CAAC,CAAC,SAAS,CAAC,4BAA4B,CAAC,CAAC;YAC7D,MAAM,CAAC,WAAY,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;YACnD,MAAM,CAAC,WAAY,CAAC,CAAC,SAAS,CAAC,yCAAyC,CAAC,CAAC;QAC5E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/src/mcp/oauth-token-storage.d.ts

@@ -0,0 +1,81 @@
+/**
+ * @license
+ * Copyright 2025 Google LLC
+ * SPDX-License-Identifier: Apache-2.0
+ */
+/**
+ * Interface for MCP OAuth tokens.
+ */
+export interface MCPOAuthToken {
+    accessToken: string;
+    refreshToken?: string;
+    expiresAt?: number;
+    tokenType: string;
+    scope?: string;
+}
+/**
+ * Interface for stored MCP OAuth credentials.
+ */
+export interface MCPOAuthCredentials {
+    serverName: string;
+    token: MCPOAuthToken;
+    clientId?: string;
+    tokenUrl?: string;
+    updatedAt: number;
+}
+/**
+ * Class for managing MCP OAuth token storage and retrieval.
+ */
+export declare class MCPOAuthTokenStorage {
+    private static readonly TOKEN_FILE;
+    private static readonly CONFIG_DIR;
+    /**
+     * Get the path to the token storage file.
+     *
+     * @returns The full path to the token storage file
+     */
+    private static getTokenFilePath;
+    /**
+     * Ensure the config directory exists.
+     */
+    private static ensureConfigDir;
+    /**
+     * Load all stored MCP OAuth tokens.
+     *
+     * @returns A map of server names to credentials
+     */
+    static loadTokens(): Promise<Map<string, MCPOAuthCredentials>>;
+    /**
+     * Save a token for a specific MCP server.
+     *
+     * @param serverName The name of the MCP server
+     * @param token The OAuth token to save
+     * @param clientId Optional client ID used for this token
+     * @param tokenUrl Optional token URL used for this token
+     */
+    static saveToken(serverName: string, token: MCPOAuthToken, clientId?: string, tokenUrl?: string): Promise<void>;
+    /**
+     * Get a token for a specific MCP server.
+     *
+     * @param serverName The name of the MCP server
+     * @returns The stored credentials or null if not found
+     */
+    static getToken(serverName: string): Promise<MCPOAuthCredentials | null>;
+    /**
+     * Remove a token for a specific MCP server.
+     *
+     * @param serverName The name of the MCP server
+     */
+    static removeToken(serverName: string): Promise<void>;
+    /**
+     * Check if a token is expired.
+     *
+     * @param token The token to check
+     * @returns True if the token is expired
+     */
+    static isTokenExpired(token: MCPOAuthToken): boolean;
+    /**
+     * Clear all stored MCP OAuth tokens.
+     */
+    static clearAllTokens(): Promise<void>;
+}