@hamak/auth 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +366 -0
- package/dist/api/api/auth-service.d.ts +111 -0
- package/dist/api/api/auth-service.d.ts.map +1 -0
- package/dist/api/api/auth-service.js +5 -0
- package/dist/api/api/index.d.ts +2 -0
- package/dist/api/api/index.d.ts.map +1 -0
- package/dist/api/api/index.js +1 -0
- package/dist/api/index.d.ts +10 -0
- package/dist/api/index.d.ts.map +1 -0
- package/dist/api/index.js +12 -0
- package/dist/api/tokens/index.d.ts +2 -0
- package/dist/api/tokens/index.d.ts.map +1 -0
- package/dist/api/tokens/index.js +1 -0
- package/dist/api/tokens/service-tokens.d.ts +26 -0
- package/dist/api/tokens/service-tokens.d.ts.map +1 -0
- package/dist/api/tokens/service-tokens.js +25 -0
- package/dist/api/types/auth-result.d.ts +69 -0
- package/dist/api/types/auth-result.d.ts.map +1 -0
- package/dist/api/types/auth-result.js +5 -0
- package/dist/api/types/config.d.ts +130 -0
- package/dist/api/types/config.d.ts.map +1 -0
- package/dist/api/types/config.js +5 -0
- package/dist/api/types/credentials.d.ts +52 -0
- package/dist/api/types/credentials.d.ts.map +1 -0
- package/dist/api/types/credentials.js +5 -0
- package/dist/api/types/index.d.ts +5 -0
- package/dist/api/types/index.d.ts.map +1 -0
- package/dist/api/types/index.js +4 -0
- package/dist/api/types/user.d.ts +39 -0
- package/dist/api/types/user.d.ts.map +1 -0
- package/dist/api/types/user.js +5 -0
- package/dist/impl/index.d.ts +15 -0
- package/dist/impl/index.d.ts.map +1 -0
- package/dist/impl/index.js +21 -0
- package/dist/impl/plugin/auth-plugin-factory.d.ts +20 -0
- package/dist/impl/plugin/auth-plugin-factory.d.ts.map +1 -0
- package/dist/impl/plugin/auth-plugin-factory.js +226 -0
- package/dist/impl/plugin/index.d.ts +2 -0
- package/dist/impl/plugin/index.d.ts.map +1 -0
- package/dist/impl/plugin/index.js +1 -0
- package/dist/impl/services/AuthService.d.ts +44 -0
- package/dist/impl/services/AuthService.d.ts.map +1 -0
- package/dist/impl/services/AuthService.js +277 -0
- package/dist/impl/services/index.d.ts +2 -0
- package/dist/impl/services/index.d.ts.map +1 -0
- package/dist/impl/services/index.js +1 -0
- package/dist/impl/storage/LocalTokenStorage.d.ts +32 -0
- package/dist/impl/storage/LocalTokenStorage.d.ts.map +1 -0
- package/dist/impl/storage/LocalTokenStorage.js +148 -0
- package/dist/impl/storage/MemoryTokenStorage.d.ts +34 -0
- package/dist/impl/storage/MemoryTokenStorage.d.ts.map +1 -0
- package/dist/impl/storage/MemoryTokenStorage.js +91 -0
- package/dist/impl/storage/SessionTokenStorage.d.ts +33 -0
- package/dist/impl/storage/SessionTokenStorage.d.ts.map +1 -0
- package/dist/impl/storage/SessionTokenStorage.js +147 -0
- package/dist/impl/storage/index.d.ts +10 -0
- package/dist/impl/storage/index.d.ts.map +1 -0
- package/dist/impl/storage/index.js +26 -0
- package/dist/impl/store/auth-reducer.d.ts +135 -0
- package/dist/impl/store/auth-reducer.d.ts.map +1 -0
- package/dist/impl/store/auth-reducer.js +179 -0
- package/dist/impl/store/index.d.ts +2 -0
- package/dist/impl/store/index.d.ts.map +1 -0
- package/dist/impl/store/index.js +1 -0
- package/dist/impl/strategies/KeycloakStrategy.d.ts +42 -0
- package/dist/impl/strategies/KeycloakStrategy.d.ts.map +1 -0
- package/dist/impl/strategies/KeycloakStrategy.js +237 -0
- package/dist/impl/strategies/OAuth2Strategy.d.ts +30 -0
- package/dist/impl/strategies/OAuth2Strategy.d.ts.map +1 -0
- package/dist/impl/strategies/OAuth2Strategy.js +232 -0
- package/dist/impl/strategies/PasswordStrategy.d.ts +25 -0
- package/dist/impl/strategies/PasswordStrategy.d.ts.map +1 -0
- package/dist/impl/strategies/PasswordStrategy.js +159 -0
- package/dist/impl/strategies/StrategyRegistry.d.ts +24 -0
- package/dist/impl/strategies/StrategyRegistry.d.ts.map +1 -0
- package/dist/impl/strategies/StrategyRegistry.js +70 -0
- package/dist/impl/strategies/index.d.ts +5 -0
- package/dist/impl/strategies/index.d.ts.map +1 -0
- package/dist/impl/strategies/index.js +4 -0
- package/dist/impl/utils/index.d.ts +3 -0
- package/dist/impl/utils/index.d.ts.map +1 -0
- package/dist/impl/utils/index.js +2 -0
- package/dist/impl/utils/jwt.d.ts +81 -0
- package/dist/impl/utils/jwt.d.ts.map +1 -0
- package/dist/impl/utils/jwt.js +103 -0
- package/dist/impl/utils/pkce.d.ts +44 -0
- package/dist/impl/utils/pkce.d.ts.map +1 -0
- package/dist/impl/utils/pkce.js +93 -0
- package/dist/index.d.ts +12 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +11 -0
- package/dist/spi/guards/AuthGuard.d.ts +108 -0
- package/dist/spi/guards/AuthGuard.d.ts.map +1 -0
- package/dist/spi/guards/AuthGuard.js +5 -0
- package/dist/spi/guards/index.d.ts +2 -0
- package/dist/spi/guards/index.d.ts.map +1 -0
- package/dist/spi/guards/index.js +1 -0
- package/dist/spi/index.d.ts +12 -0
- package/dist/spi/index.d.ts.map +1 -0
- package/dist/spi/index.js +15 -0
- package/dist/spi/storage/ITokenStorage.d.ts +107 -0
- package/dist/spi/storage/ITokenStorage.d.ts.map +1 -0
- package/dist/spi/storage/ITokenStorage.js +5 -0
- package/dist/spi/storage/index.d.ts +2 -0
- package/dist/spi/storage/index.d.ts.map +1 -0
- package/dist/spi/storage/index.js +1 -0
- package/dist/spi/strategies/IAuthStrategy.d.ts +114 -0
- package/dist/spi/strategies/IAuthStrategy.d.ts.map +1 -0
- package/dist/spi/strategies/IAuthStrategy.js +16 -0
- package/dist/spi/strategies/IStrategyRegistry.d.ts +64 -0
- package/dist/spi/strategies/IStrategyRegistry.d.ts.map +1 -0
- package/dist/spi/strategies/IStrategyRegistry.js +5 -0
- package/dist/spi/strategies/index.d.ts +3 -0
- package/dist/spi/strategies/index.d.ts.map +1 -0
- package/dist/spi/strategies/index.js +2 -0
- package/package.json +78 -0
|
@@ -0,0 +1,130 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth Configuration Types
|
|
3
|
+
* Configuration options for the auth system
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* Supported authentication strategy types
|
|
7
|
+
*/
|
|
8
|
+
export type AuthStrategyType = 'password' | 'oauth2' | 'keycloak' | 'oidc' | 'custom';
|
|
9
|
+
/**
|
|
10
|
+
* Token storage options
|
|
11
|
+
*/
|
|
12
|
+
export type TokenStorageType = 'localStorage' | 'sessionStorage' | 'memory' | 'cookie';
|
|
13
|
+
/**
|
|
14
|
+
* Password strategy configuration
|
|
15
|
+
*/
|
|
16
|
+
export interface PasswordStrategyConfig {
|
|
17
|
+
/** Endpoint for login requests */
|
|
18
|
+
loginEndpoint: string;
|
|
19
|
+
/** Endpoint for token refresh */
|
|
20
|
+
refreshEndpoint: string;
|
|
21
|
+
/** Endpoint for logout */
|
|
22
|
+
logoutEndpoint: string;
|
|
23
|
+
/** Endpoint for user info (optional, if not in login response) */
|
|
24
|
+
userInfoEndpoint?: string;
|
|
25
|
+
/** Additional headers for auth requests */
|
|
26
|
+
headers?: Record<string, string>;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* OAuth2 strategy configuration
|
|
30
|
+
*/
|
|
31
|
+
export interface OAuth2StrategyConfig {
|
|
32
|
+
/** OAuth client ID */
|
|
33
|
+
clientId: string;
|
|
34
|
+
/** Client secret (only for server-side flows, not recommended for SPA) */
|
|
35
|
+
clientSecret?: string;
|
|
36
|
+
/** Authorization endpoint URL */
|
|
37
|
+
authorizationUrl: string;
|
|
38
|
+
/** Token endpoint URL */
|
|
39
|
+
tokenUrl: string;
|
|
40
|
+
/** User info endpoint URL */
|
|
41
|
+
userInfoUrl?: string;
|
|
42
|
+
/** Redirect URI after authorization */
|
|
43
|
+
redirectUri: string;
|
|
44
|
+
/** OAuth scopes to request */
|
|
45
|
+
scope: string[];
|
|
46
|
+
/** Whether to use PKCE (recommended for public clients) */
|
|
47
|
+
usePkce?: boolean;
|
|
48
|
+
/** Response type (default: 'code') */
|
|
49
|
+
responseType?: 'code' | 'token';
|
|
50
|
+
/** Additional authorization params */
|
|
51
|
+
additionalParams?: Record<string, string>;
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Keycloak-specific configuration
|
|
55
|
+
*/
|
|
56
|
+
export interface KeycloakStrategyConfig {
|
|
57
|
+
/** Keycloak realm name */
|
|
58
|
+
realm: string;
|
|
59
|
+
/** Keycloak server URL */
|
|
60
|
+
serverUrl: string;
|
|
61
|
+
/** Client ID in Keycloak */
|
|
62
|
+
clientId: string;
|
|
63
|
+
/** Redirect URI after login */
|
|
64
|
+
redirectUri: string;
|
|
65
|
+
/** OAuth scopes (defaults to ['openid', 'profile', 'email']) */
|
|
66
|
+
scope?: string[];
|
|
67
|
+
/** Whether to use PKCE (default: true) */
|
|
68
|
+
usePkce?: boolean;
|
|
69
|
+
/** Enable direct grant (password login) if allowed in Keycloak */
|
|
70
|
+
enableDirectGrant?: boolean;
|
|
71
|
+
/** Keycloak realm public key for token validation (optional) */
|
|
72
|
+
realmPublicKey?: string;
|
|
73
|
+
}
|
|
74
|
+
/**
|
|
75
|
+
* Auto-refresh configuration
|
|
76
|
+
*/
|
|
77
|
+
export interface AutoRefreshConfig {
|
|
78
|
+
/** Enable auto-refresh of tokens */
|
|
79
|
+
enabled: boolean;
|
|
80
|
+
/** Time before expiry to trigger refresh (in ms, default: 60000) */
|
|
81
|
+
threshold?: number;
|
|
82
|
+
/** Interval to check for token expiry (in ms, default: 30000) */
|
|
83
|
+
checkInterval?: number;
|
|
84
|
+
}
|
|
85
|
+
/**
|
|
86
|
+
* Session configuration
|
|
87
|
+
*/
|
|
88
|
+
export interface SessionConfig {
|
|
89
|
+
/** Session timeout in ms (for inactivity) */
|
|
90
|
+
timeout?: number;
|
|
91
|
+
/** Warn user before session expires (in ms before timeout) */
|
|
92
|
+
warnBefore?: number;
|
|
93
|
+
/** Extend session on activity */
|
|
94
|
+
extendOnActivity?: boolean;
|
|
95
|
+
}
|
|
96
|
+
/**
|
|
97
|
+
* Main auth plugin configuration
|
|
98
|
+
*/
|
|
99
|
+
export interface AuthPluginConfig {
|
|
100
|
+
/** Primary authentication strategy */
|
|
101
|
+
strategy: AuthStrategyType;
|
|
102
|
+
/** Password strategy config (when strategy is 'password' or as fallback) */
|
|
103
|
+
password?: PasswordStrategyConfig;
|
|
104
|
+
/** OAuth2 strategy config */
|
|
105
|
+
oauth2?: OAuth2StrategyConfig;
|
|
106
|
+
/** Keycloak strategy config */
|
|
107
|
+
keycloak?: KeycloakStrategyConfig;
|
|
108
|
+
/** Token storage type (default: 'localStorage') */
|
|
109
|
+
tokenStorage?: TokenStorageType;
|
|
110
|
+
/** Storage key prefix (default: '@hamak/auth') */
|
|
111
|
+
storageKeyPrefix?: string;
|
|
112
|
+
/** Auto-refresh configuration */
|
|
113
|
+
autoRefresh?: AutoRefreshConfig;
|
|
114
|
+
/** Session configuration */
|
|
115
|
+
session?: SessionConfig;
|
|
116
|
+
/** Routes configuration */
|
|
117
|
+
routes?: {
|
|
118
|
+
/** Path to redirect to after login */
|
|
119
|
+
afterLogin?: string;
|
|
120
|
+
/** Path to redirect to after logout */
|
|
121
|
+
afterLogout?: string;
|
|
122
|
+
/** Login page path */
|
|
123
|
+
login?: string;
|
|
124
|
+
/** Unauthorized page path */
|
|
125
|
+
unauthorized?: string;
|
|
126
|
+
};
|
|
127
|
+
/** Enable debug logging */
|
|
128
|
+
debug?: boolean;
|
|
129
|
+
}
|
|
130
|
+
//# sourceMappingURL=config.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../../src/api/types/config.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,UAAU,GAAG,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;AAEtF;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,cAAc,GAAG,gBAAgB,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEvF;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,kCAAkC;IAClC,aAAa,EAAE,MAAM,CAAC;IACtB,iCAAiC;IACjC,eAAe,EAAE,MAAM,CAAC;IACxB,0BAA0B;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,kEAAkE;IAClE,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2CAA2C;IAC3C,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,sBAAsB;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,0EAA0E;IAC1E,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,iCAAiC;IACjC,gBAAgB,EAAE,MAAM,CAAC;IACzB,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,6BAA6B;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,uCAAuC;IACvC,WAAW,EAAE,MAAM,CAAC;IACpB,8BAA8B;IAC9B,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,2DAA2D;IAC3D,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,sCAAsC;IACtC,YAAY,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;IAChC,sCAAsC;IACtC,gBAAgB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC3C;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,0BAA0B;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,4BAA4B;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,+BAA+B;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,gEAAgE;IAChE,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,0CAA0C;IAC1C,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,kEAAkE;IAClE,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,gEAAgE;IAChE,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,oCAAoC;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,oEAAoE;IACpE,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,iEAAiE;IACjE,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,6CAA6C;IAC7C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,8DAA8D;IAC9D,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,iCAAiC;IACjC,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,sCAAsC;IACtC,QAAQ,EAAE,gBAAgB,CAAC;IAE3B,4EAA4E;IAC5E,QAAQ,CAAC,EAAE,sBAAsB,CAAC;IAElC,6BAA6B;IAC7B,MAAM,CAAC,EAAE,oBAAoB,CAAC;IAE9B,+BAA+B;IAC/B,QAAQ,CAAC,EAAE,sBAAsB,CAAC;IAElC,mDAAmD;IACnD,YAAY,CAAC,EAAE,gBAAgB,CAAC;IAEhC,kDAAkD;IAClD,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,iCAAiC;IACjC,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAEhC,4BAA4B;IAC5B,OAAO,CAAC,EAAE,aAAa,CAAC;IAExB,2BAA2B;IAC3B,MAAM,CAAC,EAAE;QACP,sCAAsC;QACtC,UAAU,CAAC,EAAE,MAAM,CAAC;QACpB,uCAAuC;QACvC,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,sBAAsB;QACtB,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,6BAA6B;QAC7B,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;IAEF,2BAA2B;IAC3B,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB"}
|
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Credentials Types
|
|
3
|
+
* Types for various authentication credentials
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* Password-based login credentials
|
|
7
|
+
*/
|
|
8
|
+
export interface PasswordCredentials {
|
|
9
|
+
type: 'password';
|
|
10
|
+
username: string;
|
|
11
|
+
password: string;
|
|
12
|
+
/** Optional remember me flag for persistent sessions */
|
|
13
|
+
rememberMe?: boolean;
|
|
14
|
+
}
|
|
15
|
+
/**
|
|
16
|
+
* OAuth authorization code credentials
|
|
17
|
+
*/
|
|
18
|
+
export interface OAuthCredentials {
|
|
19
|
+
type: 'oauth';
|
|
20
|
+
/** The authorization code received from OAuth provider */
|
|
21
|
+
code: string;
|
|
22
|
+
/** The state parameter for CSRF protection */
|
|
23
|
+
state?: string;
|
|
24
|
+
/** The OAuth provider name */
|
|
25
|
+
provider?: string;
|
|
26
|
+
}
|
|
27
|
+
/**
|
|
28
|
+
* Token-based credentials (for refresh or API key auth)
|
|
29
|
+
*/
|
|
30
|
+
export interface TokenCredentials {
|
|
31
|
+
type: 'token';
|
|
32
|
+
token: string;
|
|
33
|
+
tokenType?: 'bearer' | 'api-key' | 'refresh';
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* Union type for all credential types
|
|
37
|
+
*/
|
|
38
|
+
export type LoginCredentials = PasswordCredentials | OAuthCredentials | TokenCredentials;
|
|
39
|
+
/**
|
|
40
|
+
* OAuth callback parameters received from the provider
|
|
41
|
+
*/
|
|
42
|
+
export interface OAuthCallbackParams {
|
|
43
|
+
/** Authorization code */
|
|
44
|
+
code: string;
|
|
45
|
+
/** State parameter for CSRF validation */
|
|
46
|
+
state?: string;
|
|
47
|
+
/** Error code if authorization failed */
|
|
48
|
+
error?: string;
|
|
49
|
+
/** Error description */
|
|
50
|
+
errorDescription?: string;
|
|
51
|
+
}
|
|
52
|
+
//# sourceMappingURL=credentials.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../../../src/api/types/credentials.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,UAAU,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,wDAAwD;IACxD,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,OAAO,CAAC;IACd,0DAA0D;IAC1D,IAAI,EAAE,MAAM,CAAC;IACb,8CAA8C;IAC9C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,8BAA8B;IAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,OAAO,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;CAC9C;AAED;;GAEG;AACH,MAAM,MAAM,gBAAgB,GACxB,mBAAmB,GACnB,gBAAgB,GAChB,gBAAgB,CAAC;AAErB;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,yBAAyB;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,0CAA0C;IAC1C,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,wBAAwB;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/api/types/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC;AACvB,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,UAAU,CAAC"}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* User Types
|
|
3
|
+
* Core user-related type definitions
|
|
4
|
+
*/
|
|
5
|
+
/**
|
|
6
|
+
* Represents an authenticated user
|
|
7
|
+
*/
|
|
8
|
+
export interface User {
|
|
9
|
+
/** Unique user identifier */
|
|
10
|
+
id: string;
|
|
11
|
+
/** User's email address */
|
|
12
|
+
email: string;
|
|
13
|
+
/** User's display name */
|
|
14
|
+
name?: string;
|
|
15
|
+
/** User's username (for login) */
|
|
16
|
+
username?: string;
|
|
17
|
+
/** URL to user's avatar image */
|
|
18
|
+
avatar?: string;
|
|
19
|
+
/** User's assigned roles */
|
|
20
|
+
roles: string[];
|
|
21
|
+
/** User's specific permissions */
|
|
22
|
+
permissions: string[];
|
|
23
|
+
/** Additional user metadata */
|
|
24
|
+
metadata?: Record<string, unknown>;
|
|
25
|
+
/** When the user was created */
|
|
26
|
+
createdAt?: string;
|
|
27
|
+
/** When the user was last updated */
|
|
28
|
+
updatedAt?: string;
|
|
29
|
+
}
|
|
30
|
+
/**
|
|
31
|
+
* Minimal user info for display purposes
|
|
32
|
+
*/
|
|
33
|
+
export interface UserInfo {
|
|
34
|
+
id: string;
|
|
35
|
+
name?: string;
|
|
36
|
+
email: string;
|
|
37
|
+
avatar?: string;
|
|
38
|
+
}
|
|
39
|
+
//# sourceMappingURL=user.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../../../src/api/types/user.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH;;GAEG;AACH,MAAM,WAAW,IAAI;IACnB,6BAA6B;IAC7B,EAAE,EAAE,MAAM,CAAC;IAEX,2BAA2B;IAC3B,KAAK,EAAE,MAAM,CAAC;IAEd,0BAA0B;IAC1B,IAAI,CAAC,EAAE,MAAM,CAAC;IAEd,kCAAkC;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,iCAAiC;IACjC,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,4BAA4B;IAC5B,KAAK,EAAE,MAAM,EAAE,CAAC;IAEhB,kCAAkC;IAClC,WAAW,EAAE,MAAM,EAAE,CAAC;IAEtB,+BAA+B;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAEnC,gCAAgC;IAChC,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,qCAAqC;IACrC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @hamak/auth (impl)
|
|
3
|
+
*
|
|
4
|
+
* Core implementation of the authentication system.
|
|
5
|
+
* Provides strategies, services, and plugin integration.
|
|
6
|
+
*/
|
|
7
|
+
export * from '../api';
|
|
8
|
+
export * from '../spi';
|
|
9
|
+
export * from './plugin';
|
|
10
|
+
export * from './services';
|
|
11
|
+
export * from './strategies';
|
|
12
|
+
export * from './storage';
|
|
13
|
+
export * from './store';
|
|
14
|
+
export * from './utils';
|
|
15
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/impl/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,cAAc,QAAQ,CAAC;AACvB,cAAc,QAAQ,CAAC;AAGvB,cAAc,UAAU,CAAC;AAGzB,cAAc,YAAY,CAAC;AAG3B,cAAc,cAAc,CAAC;AAG7B,cAAc,WAAW,CAAC;AAG1B,cAAc,SAAS,CAAC;AAGxB,cAAc,SAAS,CAAC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @hamak/auth (impl)
|
|
3
|
+
*
|
|
4
|
+
* Core implementation of the authentication system.
|
|
5
|
+
* Provides strategies, services, and plugin integration.
|
|
6
|
+
*/
|
|
7
|
+
// Re-export API and SPI types for convenience
|
|
8
|
+
export * from '../api';
|
|
9
|
+
export * from '../spi';
|
|
10
|
+
// Plugin factory
|
|
11
|
+
export * from './plugin';
|
|
12
|
+
// Services
|
|
13
|
+
export * from './services';
|
|
14
|
+
// Strategies
|
|
15
|
+
export * from './strategies';
|
|
16
|
+
// Storage
|
|
17
|
+
export * from './storage';
|
|
18
|
+
// Store
|
|
19
|
+
export * from './store';
|
|
20
|
+
// Utilities
|
|
21
|
+
export * from './utils';
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth Plugin Factory
|
|
3
|
+
* Creates the authentication plugin for the microkernel
|
|
4
|
+
*/
|
|
5
|
+
import type { PluginModule } from '@hamak/microkernel-spi';
|
|
6
|
+
import type { AuthPluginConfig, IAuthService } from '../../api';
|
|
7
|
+
/**
|
|
8
|
+
* Create the auth plugin
|
|
9
|
+
*
|
|
10
|
+
* @param config The auth plugin configuration
|
|
11
|
+
* @param axiosModule The axios module (optional, for custom HTTP client)
|
|
12
|
+
*/
|
|
13
|
+
export declare function createAuthPlugin(config: AuthPluginConfig, axiosModule?: typeof import('axios').default): PluginModule;
|
|
14
|
+
/**
|
|
15
|
+
* Get the auth service from the plugin context
|
|
16
|
+
*/
|
|
17
|
+
export declare function getAuthService(ctx: {
|
|
18
|
+
resolve: (token: symbol) => unknown;
|
|
19
|
+
}): IAuthService;
|
|
20
|
+
//# sourceMappingURL=auth-plugin-factory.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth-plugin-factory.d.ts","sourceRoot":"","sources":["../../../src/impl/plugin/auth-plugin-factory.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,KAAK,EAAE,gBAAgB,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAsFhE;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAC9B,MAAM,EAAE,gBAAgB,EACxB,WAAW,CAAC,EAAE,cAAc,OAAO,EAAE,OAAO,GAC3C,YAAY,CAuLd;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE;IAAE,OAAO,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAA;CAAE,GAAG,YAAY,CAEzF"}
|
|
@@ -0,0 +1,226 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth Plugin Factory
|
|
3
|
+
* Creates the authentication plugin for the microkernel
|
|
4
|
+
*/
|
|
5
|
+
import { AUTH_SERVICE_TOKEN, AUTH_STRATEGY_REGISTRY_TOKEN, TOKEN_STORAGE_TOKEN } from '../../api';
|
|
6
|
+
import { AuthService } from '../services/AuthService';
|
|
7
|
+
import { StrategyRegistry } from '../strategies/StrategyRegistry';
|
|
8
|
+
import { PasswordStrategy } from '../strategies/PasswordStrategy';
|
|
9
|
+
import { OAuth2Strategy } from '../strategies/OAuth2Strategy';
|
|
10
|
+
import { KeycloakStrategy } from '../strategies/KeycloakStrategy';
|
|
11
|
+
import { createTokenStorage } from '../storage';
|
|
12
|
+
import { authReducer } from '../store/auth-reducer';
|
|
13
|
+
/**
|
|
14
|
+
* Store extensions registry token (from ui-store)
|
|
15
|
+
*/
|
|
16
|
+
const STORE_EXTENSIONS_TOKEN = Symbol.for('@hamak/ui-store:StoreExtensionsRegistry');
|
|
17
|
+
/**
|
|
18
|
+
* Axios-based HTTP client adapter
|
|
19
|
+
*/
|
|
20
|
+
function createAxiosHttpClient(axios) {
|
|
21
|
+
const instance = axios.create();
|
|
22
|
+
return {
|
|
23
|
+
async get(url, config) {
|
|
24
|
+
const response = await instance.get(url, {
|
|
25
|
+
headers: config?.headers,
|
|
26
|
+
params: config?.params,
|
|
27
|
+
timeout: config?.timeout
|
|
28
|
+
});
|
|
29
|
+
return {
|
|
30
|
+
data: response.data,
|
|
31
|
+
status: response.status,
|
|
32
|
+
headers: response.headers
|
|
33
|
+
};
|
|
34
|
+
},
|
|
35
|
+
async post(url, data, config) {
|
|
36
|
+
const response = await instance.post(url, data, {
|
|
37
|
+
headers: config?.headers,
|
|
38
|
+
params: config?.params,
|
|
39
|
+
timeout: config?.timeout
|
|
40
|
+
});
|
|
41
|
+
return {
|
|
42
|
+
data: response.data,
|
|
43
|
+
status: response.status,
|
|
44
|
+
headers: response.headers
|
|
45
|
+
};
|
|
46
|
+
},
|
|
47
|
+
async put(url, data, config) {
|
|
48
|
+
const response = await instance.put(url, data, {
|
|
49
|
+
headers: config?.headers,
|
|
50
|
+
params: config?.params,
|
|
51
|
+
timeout: config?.timeout
|
|
52
|
+
});
|
|
53
|
+
return {
|
|
54
|
+
data: response.data,
|
|
55
|
+
status: response.status,
|
|
56
|
+
headers: response.headers
|
|
57
|
+
};
|
|
58
|
+
},
|
|
59
|
+
async delete(url, config) {
|
|
60
|
+
const response = await instance.delete(url, {
|
|
61
|
+
headers: config?.headers,
|
|
62
|
+
params: config?.params,
|
|
63
|
+
timeout: config?.timeout
|
|
64
|
+
});
|
|
65
|
+
return {
|
|
66
|
+
data: response.data,
|
|
67
|
+
status: response.status,
|
|
68
|
+
headers: response.headers
|
|
69
|
+
};
|
|
70
|
+
}
|
|
71
|
+
};
|
|
72
|
+
}
|
|
73
|
+
/**
|
|
74
|
+
* Create the auth plugin
|
|
75
|
+
*
|
|
76
|
+
* @param config The auth plugin configuration
|
|
77
|
+
* @param axiosModule The axios module (optional, for custom HTTP client)
|
|
78
|
+
*/
|
|
79
|
+
export function createAuthPlugin(config, axiosModule) {
|
|
80
|
+
let authService;
|
|
81
|
+
let strategyRegistry;
|
|
82
|
+
let tokenStorage;
|
|
83
|
+
let refreshInterval = null;
|
|
84
|
+
return {
|
|
85
|
+
async initialize(ctx) {
|
|
86
|
+
// Create HTTP client
|
|
87
|
+
const axios = axiosModule || (await import('axios')).default;
|
|
88
|
+
const httpClient = createAxiosHttpClient(axios);
|
|
89
|
+
// Create token storage
|
|
90
|
+
tokenStorage = createTokenStorage(config.tokenStorage || 'localStorage', { keyPrefix: config.storageKeyPrefix });
|
|
91
|
+
// Create strategy registry
|
|
92
|
+
strategyRegistry = new StrategyRegistry();
|
|
93
|
+
// Register strategies based on config
|
|
94
|
+
if (config.strategy === 'password' && config.password) {
|
|
95
|
+
const passwordStrategy = new PasswordStrategy(config.password, httpClient, 'password');
|
|
96
|
+
strategyRegistry.register(passwordStrategy);
|
|
97
|
+
}
|
|
98
|
+
if (config.strategy === 'oauth2' && config.oauth2) {
|
|
99
|
+
const oauth2Strategy = new OAuth2Strategy(config.oauth2, httpClient, 'oauth2');
|
|
100
|
+
strategyRegistry.register(oauth2Strategy);
|
|
101
|
+
}
|
|
102
|
+
if (config.strategy === 'keycloak' && config.keycloak) {
|
|
103
|
+
const keycloakStrategy = new KeycloakStrategy(config.keycloak, httpClient, 'keycloak');
|
|
104
|
+
strategyRegistry.register(keycloakStrategy);
|
|
105
|
+
}
|
|
106
|
+
// Create auth service
|
|
107
|
+
authService = new AuthService(strategyRegistry, tokenStorage);
|
|
108
|
+
// Provide services via DI container
|
|
109
|
+
ctx.provide({ provide: AUTH_SERVICE_TOKEN, useValue: authService });
|
|
110
|
+
ctx.provide({ provide: AUTH_STRATEGY_REGISTRY_TOKEN, useValue: strategyRegistry });
|
|
111
|
+
ctx.provide({ provide: TOKEN_STORAGE_TOKEN, useValue: tokenStorage });
|
|
112
|
+
// Register auth reducer with store if available
|
|
113
|
+
try {
|
|
114
|
+
const storeExtensions = ctx.resolve(STORE_EXTENSIONS_TOKEN);
|
|
115
|
+
if (storeExtensions) {
|
|
116
|
+
storeExtensions.register('auth', {
|
|
117
|
+
reducers: { auth: authReducer }
|
|
118
|
+
});
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
catch {
|
|
122
|
+
// Store not available, that's fine
|
|
123
|
+
if (config.debug) {
|
|
124
|
+
console.log('[Auth] Store extensions not available, skipping reducer registration');
|
|
125
|
+
}
|
|
126
|
+
}
|
|
127
|
+
// Register commands
|
|
128
|
+
ctx.commands.register('auth.login', async (credentials) => {
|
|
129
|
+
return authService.login(credentials);
|
|
130
|
+
});
|
|
131
|
+
ctx.commands.register('auth.logout', async () => {
|
|
132
|
+
return authService.logout();
|
|
133
|
+
});
|
|
134
|
+
ctx.commands.register('auth.refresh', async () => {
|
|
135
|
+
return authService.refreshToken();
|
|
136
|
+
});
|
|
137
|
+
ctx.commands.register('auth.isAuthenticated', () => {
|
|
138
|
+
return authService.isAuthenticated();
|
|
139
|
+
});
|
|
140
|
+
ctx.commands.register('auth.getCurrentUser', () => {
|
|
141
|
+
return authService.getCurrentUser();
|
|
142
|
+
});
|
|
143
|
+
ctx.commands.register('auth.getAccessToken', () => {
|
|
144
|
+
return authService.getAccessToken();
|
|
145
|
+
});
|
|
146
|
+
ctx.commands.register('auth.hasRole', (role) => {
|
|
147
|
+
return authService.hasRole(role);
|
|
148
|
+
});
|
|
149
|
+
ctx.commands.register('auth.hasPermission', (permission) => {
|
|
150
|
+
return authService.hasPermission(permission);
|
|
151
|
+
});
|
|
152
|
+
ctx.commands.register('auth.initiateOAuth', (provider) => {
|
|
153
|
+
authService.initiateOAuth(provider);
|
|
154
|
+
});
|
|
155
|
+
ctx.commands.register('auth.handleOAuthCallback', async (params) => {
|
|
156
|
+
return authService.handleOAuthCallback(params);
|
|
157
|
+
});
|
|
158
|
+
if (config.debug) {
|
|
159
|
+
console.log('[Auth] Plugin initialized with strategy:', config.strategy);
|
|
160
|
+
}
|
|
161
|
+
},
|
|
162
|
+
async activate(ctx) {
|
|
163
|
+
// Initialize auth service (restore session)
|
|
164
|
+
await authService.initialize();
|
|
165
|
+
// Setup auto-refresh if enabled
|
|
166
|
+
if (config.autoRefresh?.enabled) {
|
|
167
|
+
const threshold = config.autoRefresh.threshold || 60000;
|
|
168
|
+
const checkInterval = config.autoRefresh.checkInterval || 30000;
|
|
169
|
+
refreshInterval = setInterval(async () => {
|
|
170
|
+
if (authService.isAuthenticated() && tokenStorage.isTokenExpiringSoon(threshold)) {
|
|
171
|
+
if (config.debug) {
|
|
172
|
+
console.log('[Auth] Token expiring soon, refreshing...');
|
|
173
|
+
}
|
|
174
|
+
const result = await authService.refreshToken();
|
|
175
|
+
if (result.success) {
|
|
176
|
+
ctx.hooks.emit('auth:token-refresh', { success: true });
|
|
177
|
+
}
|
|
178
|
+
else {
|
|
179
|
+
ctx.hooks.emit('auth:token-refresh-failed', { error: result.error });
|
|
180
|
+
}
|
|
181
|
+
}
|
|
182
|
+
}, checkInterval);
|
|
183
|
+
}
|
|
184
|
+
// Subscribe to auth state changes and emit hooks
|
|
185
|
+
authService.onAuthStateChange((isAuthenticated, user, changeType) => {
|
|
186
|
+
switch (changeType) {
|
|
187
|
+
case 'login':
|
|
188
|
+
ctx.hooks.emit('auth:login-success', { user });
|
|
189
|
+
break;
|
|
190
|
+
case 'logout':
|
|
191
|
+
ctx.hooks.emit('auth:logout', {});
|
|
192
|
+
break;
|
|
193
|
+
case 'session_expired':
|
|
194
|
+
ctx.hooks.emit('auth:session-expired', {});
|
|
195
|
+
break;
|
|
196
|
+
case 'token_refresh':
|
|
197
|
+
ctx.hooks.emit('auth:token-refresh', { user });
|
|
198
|
+
break;
|
|
199
|
+
}
|
|
200
|
+
// Always emit state change
|
|
201
|
+
ctx.hooks.emit('auth:state-change', { isAuthenticated, user, changeType });
|
|
202
|
+
});
|
|
203
|
+
// Emit ready event
|
|
204
|
+
ctx.hooks.emit('auth:ready', {
|
|
205
|
+
authenticated: authService.isAuthenticated(),
|
|
206
|
+
user: authService.getCurrentUser()
|
|
207
|
+
});
|
|
208
|
+
if (config.debug) {
|
|
209
|
+
console.log('[Auth] Plugin activated, authenticated:', authService.isAuthenticated());
|
|
210
|
+
}
|
|
211
|
+
},
|
|
212
|
+
deactivate() {
|
|
213
|
+
if (refreshInterval) {
|
|
214
|
+
clearInterval(refreshInterval);
|
|
215
|
+
refreshInterval = null;
|
|
216
|
+
}
|
|
217
|
+
authService.destroy();
|
|
218
|
+
}
|
|
219
|
+
};
|
|
220
|
+
}
|
|
221
|
+
/**
|
|
222
|
+
* Get the auth service from the plugin context
|
|
223
|
+
*/
|
|
224
|
+
export function getAuthService(ctx) {
|
|
225
|
+
return ctx.resolve(AUTH_SERVICE_TOKEN);
|
|
226
|
+
}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/impl/plugin/index.ts"],"names":[],"mappings":"AAAA,cAAc,uBAAuB,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export * from './auth-plugin-factory';
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Auth Service Implementation
|
|
3
|
+
* Core authentication service that orchestrates strategies and storage
|
|
4
|
+
*/
|
|
5
|
+
import type { AuthResult, AuthStateCallback, IAuthService, LoginCredentials, OAuthCallbackParams, User } from '../../api';
|
|
6
|
+
import type { IStrategyRegistry, ITokenStorage } from '../../spi';
|
|
7
|
+
/**
|
|
8
|
+
* Auth service implementation
|
|
9
|
+
*
|
|
10
|
+
* Provides a unified authentication API that delegates to registered
|
|
11
|
+
* strategies and manages token storage and state.
|
|
12
|
+
*/
|
|
13
|
+
export declare class AuthService implements IAuthService {
|
|
14
|
+
private readonly strategyRegistry;
|
|
15
|
+
private readonly tokenStorage;
|
|
16
|
+
private user;
|
|
17
|
+
private listeners;
|
|
18
|
+
private initialized;
|
|
19
|
+
constructor(strategyRegistry: IStrategyRegistry, tokenStorage: ITokenStorage);
|
|
20
|
+
initialize(): Promise<void>;
|
|
21
|
+
destroy(): void;
|
|
22
|
+
isAuthenticated(): boolean;
|
|
23
|
+
getCurrentUser(): User | null;
|
|
24
|
+
getAccessToken(): string | null;
|
|
25
|
+
getPermissions(): string[];
|
|
26
|
+
getRoles(): string[];
|
|
27
|
+
hasPermission(permission: string): boolean;
|
|
28
|
+
hasRole(role: string): boolean;
|
|
29
|
+
hasAnyRole(roles: string[]): boolean;
|
|
30
|
+
hasAllRoles(roles: string[]): boolean;
|
|
31
|
+
login(credentials: LoginCredentials): Promise<AuthResult>;
|
|
32
|
+
logout(): Promise<void>;
|
|
33
|
+
refreshToken(): Promise<AuthResult>;
|
|
34
|
+
initiateOAuth(provider?: string): void;
|
|
35
|
+
handleOAuthCallback(params: OAuthCallbackParams): Promise<AuthResult>;
|
|
36
|
+
getAuthorizationUrl(provider?: string): string | null;
|
|
37
|
+
onAuthStateChange(callback: AuthStateCallback): () => void;
|
|
38
|
+
private handleAuthSuccess;
|
|
39
|
+
private notifyListeners;
|
|
40
|
+
private getStrategyForCredentials;
|
|
41
|
+
private getOAuthStrategy;
|
|
42
|
+
private isOAuthStrategy;
|
|
43
|
+
}
|
|
44
|
+
//# sourceMappingURL=AuthService.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AuthService.d.ts","sourceRoot":"","sources":["../../../src/impl/services/AuthService.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EACV,UAAU,EACV,iBAAiB,EAEjB,YAAY,EACZ,gBAAgB,EAChB,mBAAmB,EACnB,IAAI,EACL,MAAM,WAAW,CAAC;AACnB,OAAO,KAAK,EAGV,iBAAiB,EACjB,aAAa,EACd,MAAM,WAAW,CAAC;AAEnB;;;;;GAKG;AACH,qBAAa,WAAY,YAAW,YAAY;IAM5C,OAAO,CAAC,QAAQ,CAAC,gBAAgB;IACjC,OAAO,CAAC,QAAQ,CAAC,YAAY;IAN/B,OAAO,CAAC,IAAI,CAAqB;IACjC,OAAO,CAAC,SAAS,CAAgC;IACjD,OAAO,CAAC,WAAW,CAAS;gBAGT,gBAAgB,EAAE,iBAAiB,EACnC,YAAY,EAAE,aAAa;IAOxC,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IA6BjC,OAAO,IAAI,IAAI;IASf,eAAe,IAAI,OAAO;IAI1B,cAAc,IAAI,IAAI,GAAG,IAAI;IAI7B,cAAc,IAAI,MAAM,GAAG,IAAI;IAI/B,cAAc,IAAI,MAAM,EAAE;IAI1B,QAAQ,IAAI,MAAM,EAAE;IAIpB,aAAa,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO;IAI1C,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAI9B,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO;IAKpC,WAAW,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO;IAS/B,KAAK,CAAC,WAAW,EAAE,gBAAgB,GAAG,OAAO,CAAC,UAAU,CAAC;IAqBzD,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAiBvB,YAAY,IAAI,OAAO,CAAC,UAAU,CAAC;IAyCzC,aAAa,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI;IAahC,mBAAmB,CAAC,MAAM,EAAE,mBAAmB,GAAG,OAAO,CAAC,UAAU,CAAC;IAsC3E,mBAAmB,CAAC,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAoBrD,iBAAiB,CAAC,QAAQ,EAAE,iBAAiB,GAAG,MAAM,IAAI;IAS1D,OAAO,CAAC,iBAAiB;IAezB,OAAO,CAAC,eAAe;IAWvB,OAAO,CAAC,yBAAyB;IAqBjC,OAAO,CAAC,gBAAgB;IAexB,OAAO,CAAC,eAAe;CAGxB"}
|