npm - @hexclave/next - Versions diffs - 1.0.3 → 1.0.6 - Mend

@hexclave/next 1.0.3 → 1.0.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (864) hide show

package/dist/esm/lib/hexclave-app/apps/implementations/client-app-impl.cross-domain.test.js ADDED Viewed

@@ -0,0 +1,381 @@
+import { describe, expect, it, vi } from "vitest";
+import { AccessToken } from "@hexclave/shared/dist/sessions";
+import { Store } from "@hexclave/shared/dist/utils/stores";
+import { StackClientApp } from "../interfaces/client-app.js";
+//#region src/lib/hexclave-app/apps/implementations/client-app-impl.cross-domain.test.ts
+function createAccessTokenString(refreshTokenId) {
+	const encode = (value) => Buffer.from(JSON.stringify(value)).toString("base64url");
+	const nowSeconds = Math.floor(Date.now() / 1e3);
+	return [
+		encode({
+			alg: "none",
+			typ: "JWT"
+		}),
+		encode({
+			sub: "user-id",
+			exp: nowSeconds + 60,
+			iat: nowSeconds,
+			iss: "https://api.example.test",
+			aud: "project-id",
+			project_id: "project-id",
+			branch_id: "main",
+			refresh_token_id: refreshTokenId,
+			role: "authenticated",
+			name: null,
+			email: null,
+			email_verified: false,
+			selected_team_id: null,
+			signed_up_at: nowSeconds,
+			is_anonymous: false,
+			is_restricted: false,
+			restricted_reason: null,
+			requires_totp_mfa: false
+		}),
+		""
+	].join(".");
+}
+function createMockDocument() {
+	const cookieJar = /* @__PURE__ */ new Map();
+	return {
+		get cookie() {
+			return [...cookieJar.entries()].map(([key, value]) => `${key}=${value}`).join("; ");
+		},
+		set cookie(str) {
+			const [nameValue] = str.split(";");
+			const eqIndex = nameValue.indexOf("=");
+			if (eqIndex < 0) return;
+			cookieJar.set(nameValue.slice(0, eqIndex).trim(), nameValue.slice(eqIndex + 1).trim());
+		},
+		createElement: () => ({})
+	};
+}
+describe("StackClientApp cross-domain auth", () => {
+	it("uses the fresh post-auth refresh token when minting a cross-domain handoff", async () => {
+		const freshAccessToken = createAccessTokenString("fresh-refresh-token-id");
+		const clientApp = new StackClientApp({
+			baseUrl: "http://localhost:12345",
+			projectId: "00000000-0000-4000-8000-000000000000",
+			publishableClientKey: "stack-pk-test",
+			tokenStore: {
+				accessToken: createAccessTokenString("stale-refresh-token-id"),
+				refreshToken: "stale-refresh-token"
+			},
+			redirectMethod: "none",
+			noAutomaticPrefetch: true
+		});
+		const clientInterface = Reflect.get(clientApp, "_interface");
+		const originalSendClientRequest = Reflect.get(clientInterface, "sendClientRequest");
+		const originalFetchNewAccessToken = Reflect.get(clientInterface, "fetchNewAccessToken");
+		const capturedRefreshTokens = [];
+		const capturedAccessTokenRefreshTokenIds = [];
+		const refreshedRawRefreshTokens = [];
+		Reflect.set(clientInterface, "sendClientRequest", async (_path, _requestOptions, session) => {
+			const getRefreshToken = Reflect.get(session ?? {}, "getRefreshToken");
+			const getOrFetchLikelyValidTokens = Reflect.get(session ?? {}, "getOrFetchLikelyValidTokens");
+			if (typeof getRefreshToken !== "function") throw new Error("Expected cross-domain auth to pass a session to the client interface.");
+			if (typeof getOrFetchLikelyValidTokens !== "function") throw new Error("Expected cross-domain auth to pass a session with token accessors.");
+			const refreshToken = getRefreshToken.call(session);
+			const refreshTokenString = Reflect.get(refreshToken ?? {}, "token");
+			if (typeof refreshTokenString !== "string") throw new Error("Expected cross-domain auth to pass a refresh-token-backed session.");
+			capturedRefreshTokens.push(refreshTokenString);
+			const tokens = await getOrFetchLikelyValidTokens.call(session, 0, null);
+			capturedAccessTokenRefreshTokenIds.push(tokens.accessToken.payload.refresh_token_id);
+			return {
+				ok: true,
+				json: async () => ({ redirect_url: "https://example.com/handler/oauth-callback?code=handoff-code&state=handoff-state" })
+			};
+		});
+		Reflect.set(clientInterface, "fetchNewAccessToken", async (refreshToken) => {
+			const refreshTokenString = Reflect.get(refreshToken ?? {}, "token");
+			if (typeof refreshTokenString !== "string") throw new Error("Expected refresh token while fetching a new access token.");
+			refreshedRawRefreshTokens.push(refreshTokenString);
+			return AccessToken.createIfValid(freshAccessToken) ?? (() => {
+				throw new Error("Expected test access token to be valid");
+			})();
+		});
+		try {
+			const createCrossDomainAuthRedirectUrl = Reflect.get(clientApp, "_createCrossDomainAuthRedirectUrl");
+			if (typeof createCrossDomainAuthRedirectUrl !== "function") throw new Error("Expected StackClientApp to expose _createCrossDomainAuthRedirectUrl in tests.");
+			await expect(createCrossDomainAuthRedirectUrl.call(clientApp, {
+				redirectUri: "https://example.com/handler/oauth-callback",
+				state: "handoff-state",
+				codeChallenge: "abcdefghijklmnopqrstuvwxyzABCDEFG_0123456789-._~",
+				afterCallbackRedirectUrl: "https://example.com/account-settings",
+				overrideTokenStoreInit: {
+					accessToken: createAccessTokenString("fresh-stale-refresh-token-id"),
+					refreshToken: "fresh-refresh-token"
+				}
+			})).resolves.toBe("https://example.com/handler/oauth-callback?code=handoff-code&state=handoff-state");
+		} finally {
+			Reflect.set(clientInterface, "sendClientRequest", originalSendClientRequest);
+			Reflect.set(clientInterface, "fetchNewAccessToken", originalFetchNewAccessToken);
+		}
+		expect(refreshedRawRefreshTokens).toEqual(["fresh-refresh-token"]);
+		expect(capturedRefreshTokens).toEqual(["fresh-refresh-token"]);
+		expect(capturedAccessTokenRefreshTokenIds).toEqual(["fresh-refresh-token-id"]);
+	});
+	it("uses a fresh nested OAuth state while preserving the outer cross-domain return state", async () => {
+		const projectId = "00000000-0000-4000-8000-000000000002";
+		const clientApp = new StackClientApp({
+			baseUrl: "http://localhost:12345",
+			projectId,
+			publishableClientKey: "stack-pk-test",
+			tokenStore: "memory",
+			redirectMethod: "window",
+			urls: { default: { type: "hosted" } },
+			noAutomaticPrefetch: true
+		});
+		const outerState = "outer-cross-domain-state";
+		const outerCodeChallenge = "abcdefghijklmnopqrstuvwxyzABCDEFG_0123456789-._~";
+		const currentUrl = new URL(`https://${projectId}.example-stack-hosted.test/handler/sign-in`);
+		currentUrl.searchParams.set("after_auth_return_to", `https://demo.stack-auth.com/?hexclave_cross_domain_auth=1&hexclave_cross_domain_state=${outerState}`);
+		currentUrl.searchParams.set("hexclave_cross_domain_state", outerState);
+		currentUrl.searchParams.set("hexclave_cross_domain_code_challenge", outerCodeChallenge);
+		currentUrl.searchParams.set("hexclave_cross_domain_after_callback_redirect_url", "https://demo.stack-auth.com/");
+		currentUrl.searchParams.set("stack_nested_cross_domain_auth_refresh_token_id", "source-session");
+		currentUrl.searchParams.set("stack_nested_cross_domain_auth_callback_url", "https://demo.stack-auth.com/");
+		const previousWindow = globalThis.window;
+		const previousDocument = globalThis.document;
+		let redirectedUrl = "";
+		vi.spyOn(clientApp, "_fetchCurrentRefreshTokenIdIfSignedIn").mockResolvedValue(null);
+		vi.spyOn(clientApp, "_getCrossDomainHandoffParamsForRedirect").mockResolvedValue({
+			state: "fresh-nested-state",
+			codeChallenge: "fresh-nested-code-challenge"
+		});
+		vi.spyOn(clientApp, "_isTrusted").mockResolvedValue(true);
+		globalThis.document = createMockDocument();
+		globalThis.window = { location: {
+			href: currentUrl.toString(),
+			replace: (url) => {
+				redirectedUrl = url;
+				throw new Error("INTENTIONAL_TEST_ABORT");
+			}
+		} };
+		try {
+			await expect(clientApp._maybeHandleNestedCrossDomainAuth()).rejects.toThrowError("INTENTIONAL_TEST_ABORT");
+		} finally {
+			globalThis.window = previousWindow;
+			globalThis.document = previousDocument;
+		}
+		const redirectUrl = new URL(redirectedUrl);
+		expect(redirectUrl.searchParams.get("state")).toBe("fresh-nested-state");
+		expect(redirectUrl.searchParams.get("code_challenge")).toBe("fresh-nested-code-challenge");
+		const redirectUri = new URL(redirectUrl.searchParams.get("redirect_uri") ?? "");
+		expect(redirectUri.searchParams.get("hexclave_cross_domain_state")).toBe(outerState);
+		expect(redirectUri.searchParams.get("hexclave_cross_domain_code_challenge")).toBe(outerCodeChallenge);
+		expect(redirectUri.searchParams.get("hexclave_cross_domain_after_callback_redirect_url")).toBe("https://demo.stack-auth.com/");
+	});
+	it("clears a stale target-domain session before deferring to the source-domain session", async () => {
+		const projectId = "00000000-0000-4000-8000-000000000006";
+		const hostedAccessToken = createAccessTokenString("hosted-old-refresh-token-id");
+		const clientApp = new StackClientApp({
+			baseUrl: "http://localhost:12345",
+			projectId,
+			publishableClientKey: "stack-pk-test",
+			tokenStore: "memory",
+			redirectMethod: "window",
+			urls: { default: { type: "hosted" } },
+			noAutomaticPrefetch: true
+		});
+		const tokenStore = Reflect.get(clientApp, "_memoryTokenStore");
+		if (!(tokenStore instanceof Store)) throw new Error("Expected StackClientApp to use a memory token store in this test.");
+		tokenStore.set({
+			refreshToken: "hosted-old-refresh-token",
+			accessToken: hostedAccessToken
+		});
+		const currentUrl = new URL(`https://${projectId}.example-stack-hosted.test/handler/sign-in`);
+		currentUrl.searchParams.set("stack_nested_cross_domain_auth_refresh_token_id", "source-anonymous-refresh-token-id");
+		currentUrl.searchParams.set("stack_nested_cross_domain_auth_callback_url", "https://demo.stack-auth.com/handler/oauth-callback");
+		currentUrl.searchParams.set("hexclave_cross_domain_state", "outer-state");
+		currentUrl.searchParams.set("hexclave_cross_domain_code_challenge", "outer-code-challenge");
+		currentUrl.searchParams.set("hexclave_cross_domain_after_callback_redirect_url", "https://demo.stack-auth.com/app");
+		const previousWindow = globalThis.window;
+		const previousDocument = globalThis.document;
+		let redirectedUrl = "";
+		const clientInterface = Reflect.get(clientApp, "_interface");
+		const originalFetchNewAccessToken = Reflect.get(clientInterface, "fetchNewAccessToken");
+		Reflect.set(clientInterface, "fetchNewAccessToken", async () => {
+			return AccessToken.createIfValid(hostedAccessToken) ?? (() => {
+				throw new Error("Expected test access token to be valid");
+			})();
+		});
+		vi.spyOn(clientApp, "_isTrusted").mockResolvedValue(true);
+		globalThis.document = createMockDocument();
+		globalThis.window = { location: {
+			href: currentUrl.toString(),
+			replace: (url) => {
+				redirectedUrl = url;
+				throw new Error("INTENTIONAL_TEST_ABORT");
+			}
+		} };
+		try {
+			await expect(clientApp._maybeHandleNestedCrossDomainAuth()).rejects.toThrowError("INTENTIONAL_TEST_ABORT");
+		} finally {
+			Reflect.set(clientInterface, "fetchNewAccessToken", originalFetchNewAccessToken);
+			globalThis.window = previousWindow;
+			globalThis.document = previousDocument;
+		}
+		expect(tokenStore.get()).toEqual({
+			refreshToken: null,
+			accessToken: null
+		});
+		expect(new URL(redirectedUrl).origin).toBe("https://demo.stack-auth.com");
+	});
+	it("uses the latest browser refresh cookie before computing nested cross-domain session IDs", async () => {
+		const projectId = "00000000-0000-4000-8000-000000000007";
+		const previousWindow = globalThis.window;
+		const previousDocument = globalThis.document;
+		globalThis.document = createMockDocument();
+		globalThis.window = { location: {
+			href: "https://demo.stack-auth.com/",
+			protocol: "https:",
+			hostname: "demo.stack-auth.com"
+		} };
+		const clientApp = new StackClientApp({
+			baseUrl: "http://localhost:12345",
+			projectId,
+			publishableClientKey: "stack-pk-test",
+			tokenStore: "cookie",
+			redirectMethod: "none",
+			noAutomaticPrefetch: true
+		});
+		const clientInterface = Reflect.get(clientApp, "_interface");
+		const originalFetchNewAccessToken = Reflect.get(clientInterface, "fetchNewAccessToken");
+		const refreshedRawRefreshTokens = [];
+		try {
+			const getBrowserCookieTokenStore = Reflect.get(clientApp, "_getBrowserCookieTokenStore");
+			if (typeof getBrowserCookieTokenStore !== "function") throw new Error("Expected StackClientApp to expose _getBrowserCookieTokenStore in tests.");
+			getBrowserCookieTokenStore.call(clientApp).set({
+				refreshToken: "old-refresh-token",
+				accessToken: createAccessTokenString("old-refresh-token-id")
+			});
+			document.cookie = `__Host-hexclave-refresh-${projectId}--default=${JSON.stringify({
+				refresh_token: "new-refresh-token",
+				updated_at_millis: 1
+			})}`;
+			Reflect.set(clientInterface, "fetchNewAccessToken", async (refreshToken) => {
+				const refreshTokenString = Reflect.get(refreshToken ?? {}, "token");
+				if (typeof refreshTokenString !== "string") throw new Error("Expected refresh token while fetching a new access token.");
+				refreshedRawRefreshTokens.push(refreshTokenString);
+				return AccessToken.createIfValid(createAccessTokenString("new-refresh-token-id")) ?? (() => {
+					throw new Error("Expected test access token to be valid");
+				})();
+			});
+			const fetchCurrentRefreshTokenIdIfSignedIn = Reflect.get(clientApp, "_fetchCurrentRefreshTokenIdIfSignedIn");
+			if (typeof fetchCurrentRefreshTokenIdIfSignedIn !== "function") throw new Error("Expected StackClientApp to expose _fetchCurrentRefreshTokenIdIfSignedIn in tests.");
+			await expect(fetchCurrentRefreshTokenIdIfSignedIn.call(clientApp, { awaitPendingAuthResolutions: false })).resolves.toBe("new-refresh-token-id");
+		} finally {
+			Reflect.set(clientInterface, "fetchNewAccessToken", originalFetchNewAccessToken);
+			globalThis.window = previousWindow;
+			globalThis.document = previousDocument;
+		}
+		expect(refreshedRawRefreshTokens).toEqual(["new-refresh-token"]);
+	});
+	it("uses direct sign-out instead of hosted sign-out redirects when code execution is available", async () => {
+		const clientApp = new StackClientApp({
+			baseUrl: "http://localhost:12345",
+			projectId: "00000000-0000-4000-8000-000000000003",
+			publishableClientKey: "stack-pk-test",
+			tokenStore: "memory",
+			redirectMethod: "window",
+			urls: {
+				handler: "/handler",
+				signOut: { type: "hosted" }
+			},
+			noAutomaticPrefetch: true
+		});
+		const signOutSpy = vi.spyOn(clientApp, "signOut").mockRejectedValue(/* @__PURE__ */ new Error("INTENTIONAL_TEST_ABORT"));
+		try {
+			await expect(clientApp.redirectToSignOut()).rejects.toThrowError("INTENTIONAL_TEST_ABORT");
+			expect(signOutSpy).toHaveBeenCalledWith();
+		} finally {
+			signOutSpy.mockRestore();
+		}
+	});
+	it("keeps default hosted signOut() on the source domain when afterSignOut is not configured", async () => {
+		const clientApp = new StackClientApp({
+			baseUrl: "http://localhost:12345",
+			projectId: "00000000-0000-4000-8000-000000000004",
+			publishableClientKey: "stack-pk-test",
+			tokenStore: "memory",
+			redirectMethod: "window",
+			urls: { default: { type: "hosted" } },
+			noAutomaticPrefetch: true
+		});
+		const currentHref = "https://demo.stack-auth.com/settings?tab=profile";
+		const clientInterface = Reflect.get(clientApp, "_interface");
+		const originalSignOut = Reflect.get(clientInterface, "signOut");
+		Reflect.set(clientInterface, "signOut", async () => {});
+		const previousWindow = globalThis.window;
+		const previousDocument = globalThis.document;
+		let redirectedUrl = "";
+		globalThis.document = createMockDocument();
+		globalThis.window = { location: {
+			href: currentHref,
+			replace: (url) => {
+				redirectedUrl = url;
+				throw new Error("INTENTIONAL_TEST_ABORT");
+			}
+		} };
+		try {
+			const signOut = Reflect.get(clientApp, "_signOut");
+			if (typeof signOut !== "function") throw new Error("Expected StackClientApp to expose _signOut in tests.");
+			await expect(signOut.call(clientApp, Reflect.get(clientInterface, "createSession").call(clientInterface, { refreshToken: null }))).rejects.toThrowError("INTENTIONAL_TEST_ABORT");
+		} finally {
+			Reflect.set(clientInterface, "signOut", originalSignOut);
+			globalThis.window = previousWindow;
+			globalThis.document = previousDocument;
+		}
+		expect(redirectedUrl).toBe("/settings?tab=profile");
+	});
+	it("ignores stale session callbacks after a newer refresh token owns the token store", async () => {
+		const clientApp = new StackClientApp({
+			baseUrl: "http://localhost:12345",
+			projectId: "00000000-0000-4000-8000-000000000005",
+			publishableClientKey: "stack-pk-test",
+			tokenStore: "memory",
+			redirectMethod: "none",
+			noAutomaticPrefetch: true
+		});
+		const oldAccessToken = createAccessTokenString("old-refresh-token-id");
+		const refreshedOldAccessToken = createAccessTokenString("refreshed-old-refresh-token-id");
+		const newAccessToken = createAccessTokenString("new-refresh-token-id");
+		const tokenStore = new Store({
+			refreshToken: "old-refresh-token",
+			accessToken: oldAccessToken
+		});
+		const clientInterface = Reflect.get(clientApp, "_interface");
+		const originalFetchNewAccessToken = Reflect.get(clientInterface, "fetchNewAccessToken");
+		Reflect.set(clientInterface, "fetchNewAccessToken", async () => {
+			return AccessToken.createIfValid(refreshedOldAccessToken) ?? (() => {
+				throw new Error("Expected test access token to be valid");
+			})();
+		});
+		try {
+			const getSessionFromTokenStore = Reflect.get(clientApp, "_getSessionFromTokenStore");
+			if (typeof getSessionFromTokenStore !== "function") throw new Error("Expected StackClientApp to expose _getSessionFromTokenStore in tests.");
+			const oldSession = getSessionFromTokenStore.call(clientApp, tokenStore);
+			tokenStore.set({
+				refreshToken: "new-refresh-token",
+				accessToken: newAccessToken
+			});
+			await oldSession.fetchNewTokens();
+			expect(tokenStore.get()).toEqual({
+				refreshToken: "new-refresh-token",
+				accessToken: newAccessToken
+			});
+			oldSession.markInvalid();
+			expect(tokenStore.get()).toEqual({
+				refreshToken: "new-refresh-token",
+				accessToken: newAccessToken
+			});
+		} finally {
+			Reflect.set(clientInterface, "fetchNewAccessToken", originalFetchNewAccessToken);
+		}
+	});
+});
+//#endregion
+export {  };
+//# sourceMappingURL=client-app-impl.cross-domain.test.js.map

package/dist/esm/lib/hexclave-app/apps/implementations/client-app-impl.cross-domain.test.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"client-app-impl.cross-domain.test.js","names":[],"sources":["../../../../../../src/lib/hexclave-app/apps/implementations/client-app-impl.cross-domain.test.ts"],"sourcesContent":["\n//===========================================\n// THIS FILE IS AUTO-GENERATED FROM TEMPLATE. DO NOT EDIT IT DIRECTLY UNLESS YOU ALSO EDIT THE CORRESPONDING FILE IN packages/template\n//===========================================\nimport { describe, expect, it, vi } from \"vitest\";\nimport { AccessToken } from \"@hexclave/shared/dist/sessions\";\nimport { Store } from \"@hexclave/shared/dist/utils/stores\";\nimport { StackClientApp } from \"../interfaces/client-app\";\n\nfunction createAccessTokenString(refreshTokenId: string): string {\n const encode = (value: unknown) => Buffer.from(JSON.stringify(value)).toString(\"base64url\");\n const nowSeconds = Math.floor(Date.now() / 1000);\n return [\n encode({ alg: \"none\", typ: \"JWT\" }),\n encode({\n sub: \"user-id\",\n exp: nowSeconds + 60,\n iat: nowSeconds,\n iss: \"https://api.example.test\",\n aud: \"project-id\",\n project_id: \"project-id\",\n branch_id: \"main\",\n refresh_token_id: refreshTokenId,\n role: \"authenticated\",\n name: null,\n email: null,\n email_verified: false,\n selected_team_id: null,\n signed_up_at: nowSeconds,\n is_anonymous: false,\n is_restricted: false,\n restricted_reason: null,\n requires_totp_mfa: false,\n }),\n \"\",\n ].join(\".\");\n}\n\nfunction createMockDocument(): Document {\n const cookieJar = new Map<string, string>();\n return {\n get cookie() {\n return [...cookieJar.entries()].map(([key, value]) => `${key}=${value}`).join(\"; \");\n },\n set cookie(str: string) {\n const [nameValue] = str.split(\";\");\n const eqIndex = nameValue.indexOf(\"=\");\n if (eqIndex < 0) return;\n cookieJar.set(nameValue.slice(0, eqIndex).trim(), nameValue.slice(eqIndex + 1).trim());\n },\n createElement: () => ({}),\n } as any;\n}\n\ndescribe(\"StackClientApp cross-domain auth\", () => {\n it(\"uses the fresh post-auth refresh token when minting a cross-domain handoff\", async () => {\n const freshAccessToken = createAccessTokenString(\"fresh-refresh-token-id\");\n const clientApp = new StackClientApp({\n baseUrl: \"http://localhost:12345\",\n projectId: \"00000000-0000-4000-8000-000000000000\",\n publishableClientKey: \"stack-pk-test\",\n tokenStore: {\n accessToken: createAccessTokenString(\"stale-refresh-token-id\"),\n refreshToken: \"stale-refresh-token\",\n },\n redirectMethod: \"none\",\n noAutomaticPrefetch: true,\n });\n\n const clientInterface = Reflect.get(clientApp, \"_interface\");\n const originalSendClientRequest = Reflect.get(clientInterface, \"sendClientRequest\");\n const originalFetchNewAccessToken = Reflect.get(clientInterface, \"fetchNewAccessToken\");\n const capturedRefreshTokens: string[] = [];\n const capturedAccessTokenRefreshTokenIds: string[] = [];\n const refreshedRawRefreshTokens: string[] = [];\n\n Reflect.set(clientInterface, \"sendClientRequest\", async (_path: unknown, _requestOptions: unknown, session: unknown) => {\n const getRefreshToken = Reflect.get(session ?? {}, \"getRefreshToken\");\n const getOrFetchLikelyValidTokens = Reflect.get(session ?? {}, \"getOrFetchLikelyValidTokens\");\n if (typeof getRefreshToken !== \"function\") {\n throw new Error(\"Expected cross-domain auth to pass a session to the client interface.\");\n }\n if (typeof getOrFetchLikelyValidTokens !== \"function\") {\n throw new Error(\"Expected cross-domain auth to pass a session with token accessors.\");\n }\n const refreshToken = getRefreshToken.call(session);\n const refreshTokenString = Reflect.get(refreshToken ?? {}, \"token\");\n if (typeof refreshTokenString !== \"string\") {\n throw new Error(\"Expected cross-domain auth to pass a refresh-token-backed session.\");\n }\n capturedRefreshTokens.push(refreshTokenString);\n const tokens = await getOrFetchLikelyValidTokens.call(session, 0, null);\n capturedAccessTokenRefreshTokenIds.push(tokens.accessToken.payload.refresh_token_id);\n return {\n ok: true,\n json: async () => ({ redirect_url: \"https://example.com/handler/oauth-callback?code=handoff-code&state=handoff-state\" }),\n };\n });\n Reflect.set(clientInterface, \"fetchNewAccessToken\", async (refreshToken: unknown) => {\n const refreshTokenString = Reflect.get(refreshToken ?? {}, \"token\");\n if (typeof refreshTokenString !== \"string\") {\n throw new Error(\"Expected refresh token while fetching a new access token.\");\n }\n refreshedRawRefreshTokens.push(refreshTokenString);\n return AccessToken.createIfValid(freshAccessToken) ?? (() => {\n throw new Error(\"Expected test access token to be valid\");\n })();\n });\n\n try {\n const createCrossDomainAuthRedirectUrl = Reflect.get(clientApp, \"_createCrossDomainAuthRedirectUrl\");\n if (typeof createCrossDomainAuthRedirectUrl !== \"function\") {\n throw new Error(\"Expected StackClientApp to expose _createCrossDomainAuthRedirectUrl in tests.\");\n }\n\n await expect(createCrossDomainAuthRedirectUrl.call(clientApp, {\n redirectUri: \"https://example.com/handler/oauth-callback\",\n state: \"handoff-state\",\n codeChallenge: \"abcdefghijklmnopqrstuvwxyzABCDEFG_0123456789-._~\",\n afterCallbackRedirectUrl: \"https://example.com/account-settings\",\n overrideTokenStoreInit: {\n accessToken: createAccessTokenString(\"fresh-stale-refresh-token-id\"),\n refreshToken: \"fresh-refresh-token\",\n },\n })).resolves.toBe(\"https://example.com/handler/oauth-callback?code=handoff-code&state=handoff-state\");\n } finally {\n Reflect.set(clientInterface, \"sendClientRequest\", originalSendClientRequest);\n Reflect.set(clientInterface, \"fetchNewAccessToken\", originalFetchNewAccessToken);\n }\n\n expect(refreshedRawRefreshTokens).toEqual([\"fresh-refresh-token\"]);\n expect(capturedRefreshTokens).toEqual([\"fresh-refresh-token\"]);\n expect(capturedAccessTokenRefreshTokenIds).toEqual([\"fresh-refresh-token-id\"]);\n });\n\n it(\"uses a fresh nested OAuth state while preserving the outer cross-domain return state\", async () => {\n const projectId = \"00000000-0000-4000-8000-000000000002\";\n const clientApp = new StackClientApp({\n baseUrl: \"http://localhost:12345\",\n projectId,\n publishableClientKey: \"stack-pk-test\",\n tokenStore: \"memory\",\n redirectMethod: \"window\",\n urls: {\n default: { type: \"hosted\" },\n },\n noAutomaticPrefetch: true,\n });\n const outerState = \"outer-cross-domain-state\";\n const outerCodeChallenge = \"abcdefghijklmnopqrstuvwxyzABCDEFG_0123456789-._~\";\n const currentUrl = new URL(`https://${projectId}.example-stack-hosted.test/handler/sign-in`);\n currentUrl.searchParams.set(\"after_auth_return_to\", `https://demo.stack-auth.com/?hexclave_cross_domain_auth=1&hexclave_cross_domain_state=${outerState}`);\n currentUrl.searchParams.set(\"hexclave_cross_domain_state\", outerState);\n currentUrl.searchParams.set(\"hexclave_cross_domain_code_challenge\", outerCodeChallenge);\n currentUrl.searchParams.set(\"hexclave_cross_domain_after_callback_redirect_url\", \"https://demo.stack-auth.com/\");\n currentUrl.searchParams.set(\"stack_nested_cross_domain_auth_refresh_token_id\", \"source-session\");\n currentUrl.searchParams.set(\"stack_nested_cross_domain_auth_callback_url\", \"https://demo.stack-auth.com/\");\n\n const previousWindow = globalThis.window;\n const previousDocument = globalThis.document;\n let redirectedUrl = \"\";\n vi.spyOn(clientApp as any, \"_fetchCurrentRefreshTokenIdIfSignedIn\").mockResolvedValue(null);\n vi.spyOn(clientApp as any, \"_getCrossDomainHandoffParamsForRedirect\").mockResolvedValue({\n state: \"fresh-nested-state\",\n codeChallenge: \"fresh-nested-code-challenge\",\n });\n vi.spyOn(clientApp as any, \"_isTrusted\").mockResolvedValue(true);\n\n globalThis.document = createMockDocument();\n globalThis.window = {\n location: {\n href: currentUrl.toString(),\n replace: (url: string) => {\n redirectedUrl = url;\n throw new Error(\"INTENTIONAL_TEST_ABORT\");\n },\n },\n } as any;\n\n try {\n await expect((clientApp as any)._maybeHandleNestedCrossDomainAuth()).rejects.toThrowError(\"INTENTIONAL_TEST_ABORT\");\n } finally {\n globalThis.window = previousWindow;\n globalThis.document = previousDocument;\n }\n\n const redirectUrl = new URL(redirectedUrl);\n expect(redirectUrl.searchParams.get(\"state\")).toBe(\"fresh-nested-state\");\n expect(redirectUrl.searchParams.get(\"code_challenge\")).toBe(\"fresh-nested-code-challenge\");\n const redirectUri = new URL(redirectUrl.searchParams.get(\"redirect_uri\") ?? \"\");\n expect(redirectUri.searchParams.get(\"hexclave_cross_domain_state\")).toBe(outerState);\n expect(redirectUri.searchParams.get(\"hexclave_cross_domain_code_challenge\")).toBe(outerCodeChallenge);\n expect(redirectUri.searchParams.get(\"hexclave_cross_domain_after_callback_redirect_url\")).toBe(\"https://demo.stack-auth.com/\");\n });\n\n it(\"clears a stale target-domain session before deferring to the source-domain session\", async () => {\n const projectId = \"00000000-0000-4000-8000-000000000006\";\n const hostedAccessToken = createAccessTokenString(\"hosted-old-refresh-token-id\");\n const clientApp = new StackClientApp({\n baseUrl: \"http://localhost:12345\",\n projectId,\n publishableClientKey: \"stack-pk-test\",\n tokenStore: \"memory\",\n redirectMethod: \"window\",\n urls: {\n default: { type: \"hosted\" },\n },\n noAutomaticPrefetch: true,\n });\n const tokenStore = Reflect.get(clientApp, \"_memoryTokenStore\");\n if (!(tokenStore instanceof Store)) {\n throw new Error(\"Expected StackClientApp to use a memory token store in this test.\");\n }\n tokenStore.set({\n refreshToken: \"hosted-old-refresh-token\",\n accessToken: hostedAccessToken,\n });\n\n const currentUrl = new URL(`https://${projectId}.example-stack-hosted.test/handler/sign-in`);\n currentUrl.searchParams.set(\"stack_nested_cross_domain_auth_refresh_token_id\", \"source-anonymous-refresh-token-id\");\n currentUrl.searchParams.set(\"stack_nested_cross_domain_auth_callback_url\", \"https://demo.stack-auth.com/handler/oauth-callback\");\n currentUrl.searchParams.set(\"hexclave_cross_domain_state\", \"outer-state\");\n currentUrl.searchParams.set(\"hexclave_cross_domain_code_challenge\", \"outer-code-challenge\");\n currentUrl.searchParams.set(\"hexclave_cross_domain_after_callback_redirect_url\", \"https://demo.stack-auth.com/app\");\n\n const previousWindow = globalThis.window;\n const previousDocument = globalThis.document;\n let redirectedUrl = \"\";\n const clientInterface = Reflect.get(clientApp, \"_interface\");\n const originalFetchNewAccessToken = Reflect.get(clientInterface, \"fetchNewAccessToken\");\n Reflect.set(clientInterface, \"fetchNewAccessToken\", async () => {\n return AccessToken.createIfValid(hostedAccessToken) ?? (() => {\n throw new Error(\"Expected test access token to be valid\");\n })();\n });\n vi.spyOn(clientApp as any, \"_isTrusted\").mockResolvedValue(true);\n\n globalThis.document = createMockDocument();\n globalThis.window = {\n location: {\n href: currentUrl.toString(),\n replace: (url: string) => {\n redirectedUrl = url;\n throw new Error(\"INTENTIONAL_TEST_ABORT\");\n },\n },\n } as any;\n\n try {\n await expect((clientApp as any)._maybeHandleNestedCrossDomainAuth()).rejects.toThrowError(\"INTENTIONAL_TEST_ABORT\");\n } finally {\n Reflect.set(clientInterface, \"fetchNewAccessToken\", originalFetchNewAccessToken);\n globalThis.window = previousWindow;\n globalThis.document = previousDocument;\n }\n\n expect(tokenStore.get()).toEqual({\n refreshToken: null,\n accessToken: null,\n });\n expect(new URL(redirectedUrl).origin).toBe(\"https://demo.stack-auth.com\");\n });\n\n it(\"uses the latest browser refresh cookie before computing nested cross-domain session IDs\", async () => {\n const projectId = \"00000000-0000-4000-8000-000000000007\";\n const previousWindow = globalThis.window;\n const previousDocument = globalThis.document;\n\n globalThis.document = createMockDocument();\n globalThis.window = {\n location: {\n href: \"https://demo.stack-auth.com/\",\n protocol: \"https:\",\n hostname: \"demo.stack-auth.com\",\n },\n } as any;\n\n const clientApp = new StackClientApp({\n baseUrl: \"http://localhost:12345\",\n projectId,\n publishableClientKey: \"stack-pk-test\",\n tokenStore: \"cookie\",\n redirectMethod: \"none\",\n noAutomaticPrefetch: true,\n });\n const clientInterface = Reflect.get(clientApp, \"_interface\");\n const originalFetchNewAccessToken = Reflect.get(clientInterface, \"fetchNewAccessToken\");\n const refreshedRawRefreshTokens: string[] = [];\n\n try {\n const getBrowserCookieTokenStore = Reflect.get(clientApp, \"_getBrowserCookieTokenStore\");\n if (typeof getBrowserCookieTokenStore !== \"function\") {\n throw new Error(\"Expected StackClientApp to expose _getBrowserCookieTokenStore in tests.\");\n }\n const tokenStore = getBrowserCookieTokenStore.call(clientApp);\n tokenStore.set({\n refreshToken: \"old-refresh-token\",\n accessToken: createAccessTokenString(\"old-refresh-token-id\"),\n });\n\n document.cookie = `__Host-hexclave-refresh-${projectId}--default=${JSON.stringify({\n refresh_token: \"new-refresh-token\",\n updated_at_millis: 1,\n })}`;\n Reflect.set(clientInterface, \"fetchNewAccessToken\", async (refreshToken: unknown) => {\n const refreshTokenString = Reflect.get(refreshToken ?? {}, \"token\");\n if (typeof refreshTokenString !== \"string\") {\n throw new Error(\"Expected refresh token while fetching a new access token.\");\n }\n refreshedRawRefreshTokens.push(refreshTokenString);\n return AccessToken.createIfValid(createAccessTokenString(\"new-refresh-token-id\")) ?? (() => {\n throw new Error(\"Expected test access token to be valid\");\n })();\n });\n\n const fetchCurrentRefreshTokenIdIfSignedIn = Reflect.get(clientApp, \"_fetchCurrentRefreshTokenIdIfSignedIn\");\n if (typeof fetchCurrentRefreshTokenIdIfSignedIn !== \"function\") {\n throw new Error(\"Expected StackClientApp to expose _fetchCurrentRefreshTokenIdIfSignedIn in tests.\");\n }\n await expect(fetchCurrentRefreshTokenIdIfSignedIn.call(clientApp, {\n awaitPendingAuthResolutions: false,\n })).resolves.toBe(\"new-refresh-token-id\");\n } finally {\n Reflect.set(clientInterface, \"fetchNewAccessToken\", originalFetchNewAccessToken);\n globalThis.window = previousWindow;\n globalThis.document = previousDocument;\n }\n\n expect(refreshedRawRefreshTokens).toEqual([\"new-refresh-token\"]);\n });\n\n it(\"uses direct sign-out instead of hosted sign-out redirects when code execution is available\", async () => {\n const clientApp = new StackClientApp({\n baseUrl: \"http://localhost:12345\",\n projectId: \"00000000-0000-4000-8000-000000000003\",\n publishableClientKey: \"stack-pk-test\",\n tokenStore: \"memory\",\n redirectMethod: \"window\",\n urls: {\n handler: \"/handler\",\n signOut: { type: \"hosted\" },\n },\n noAutomaticPrefetch: true,\n });\n const signOutSpy = vi.spyOn(clientApp, \"signOut\").mockRejectedValue(new Error(\"INTENTIONAL_TEST_ABORT\"));\n\n try {\n await expect(clientApp.redirectToSignOut()).rejects.toThrowError(\"INTENTIONAL_TEST_ABORT\");\n expect(signOutSpy).toHaveBeenCalledWith();\n } finally {\n signOutSpy.mockRestore();\n }\n });\n\n it(\"keeps default hosted signOut() on the source domain when afterSignOut is not configured\", async () => {\n const clientApp = new StackClientApp({\n baseUrl: \"http://localhost:12345\",\n projectId: \"00000000-0000-4000-8000-000000000004\",\n publishableClientKey: \"stack-pk-test\",\n tokenStore: \"memory\",\n redirectMethod: \"window\",\n urls: {\n default: { type: \"hosted\" },\n },\n noAutomaticPrefetch: true,\n });\n const currentHref = \"https://demo.stack-auth.com/settings?tab=profile\";\n\n const clientInterface = Reflect.get(clientApp, \"_interface\");\n const originalSignOut = Reflect.get(clientInterface, \"signOut\");\n Reflect.set(clientInterface, \"signOut\", async () => {});\n const previousWindow = globalThis.window;\n const previousDocument = globalThis.document;\n let redirectedUrl = \"\";\n\n globalThis.document = createMockDocument();\n globalThis.window = {\n location: {\n href: currentHref,\n replace: (url: string) => {\n redirectedUrl = url;\n throw new Error(\"INTENTIONAL_TEST_ABORT\");\n },\n },\n } as any;\n\n try {\n const signOut = Reflect.get(clientApp, \"_signOut\");\n if (typeof signOut !== \"function\") {\n throw new Error(\"Expected StackClientApp to expose _signOut in tests.\");\n }\n await expect(signOut.call(clientApp, Reflect.get(clientInterface, \"createSession\").call(clientInterface, {\n refreshToken: null,\n }))).rejects.toThrowError(\"INTENTIONAL_TEST_ABORT\");\n } finally {\n Reflect.set(clientInterface, \"signOut\", originalSignOut);\n globalThis.window = previousWindow;\n globalThis.document = previousDocument;\n }\n\n expect(redirectedUrl).toBe(\"/settings?tab=profile\");\n });\n\n it(\"ignores stale session callbacks after a newer refresh token owns the token store\", async () => {\n const clientApp = new StackClientApp({\n baseUrl: \"http://localhost:12345\",\n projectId: \"00000000-0000-4000-8000-000000000005\",\n publishableClientKey: \"stack-pk-test\",\n tokenStore: \"memory\",\n redirectMethod: \"none\",\n noAutomaticPrefetch: true,\n });\n const oldAccessToken = createAccessTokenString(\"old-refresh-token-id\");\n const refreshedOldAccessToken = createAccessTokenString(\"refreshed-old-refresh-token-id\");\n const newAccessToken = createAccessTokenString(\"new-refresh-token-id\");\n const tokenStore = new Store({\n refreshToken: \"old-refresh-token\",\n accessToken: oldAccessToken,\n });\n const clientInterface = Reflect.get(clientApp, \"_interface\");\n const originalFetchNewAccessToken = Reflect.get(clientInterface, \"fetchNewAccessToken\");\n Reflect.set(clientInterface, \"fetchNewAccessToken\", async () => {\n return AccessToken.createIfValid(refreshedOldAccessToken) ?? (() => {\n throw new Error(\"Expected test access token to be valid\");\n })();\n });\n\n try {\n const getSessionFromTokenStore = Reflect.get(clientApp, \"_getSessionFromTokenStore\");\n if (typeof getSessionFromTokenStore !== \"function\") {\n throw new Error(\"Expected StackClientApp to expose _getSessionFromTokenStore in tests.\");\n }\n const oldSession = getSessionFromTokenStore.call(clientApp, tokenStore);\n tokenStore.set({\n refreshToken: \"new-refresh-token\",\n accessToken: newAccessToken,\n });\n\n await oldSession.fetchNewTokens();\n expect(tokenStore.get()).toEqual({\n refreshToken: \"new-refresh-token\",\n accessToken: newAccessToken,\n });\n\n oldSession.markInvalid();\n expect(tokenStore.get()).toEqual({\n refreshToken: \"new-refresh-token\",\n accessToken: newAccessToken,\n });\n } finally {\n Reflect.set(clientInterface, \"fetchNewAccessToken\", originalFetchNewAccessToken);\n }\n });\n});\n"],"mappings":";;;;;;AASA,SAAS,wBAAwB,gBAAgC;CAC/D,MAAM,UAAU,UAAmB,OAAO,KAAK,KAAK,UAAU,MAAM,CAAC,CAAC,SAAS,YAAY;CAC3F,MAAM,aAAa,KAAK,MAAM,KAAK,KAAK,GAAG,IAAK;AAChD,QAAO;EACL,OAAO;GAAE,KAAK;GAAQ,KAAK;GAAO,CAAC;EACnC,OAAO;GACL,KAAK;GACL,KAAK,aAAa;GAClB,KAAK;GACL,KAAK;GACL,KAAK;GACL,YAAY;GACZ,WAAW;GACX,kBAAkB;GAClB,MAAM;GACN,MAAM;GACN,OAAO;GACP,gBAAgB;GAChB,kBAAkB;GAClB,cAAc;GACd,cAAc;GACd,eAAe;GACf,mBAAmB;GACnB,mBAAmB;GACpB,CAAC;EACF;EACD,CAAC,KAAK,IAAI;;AAGb,SAAS,qBAA+B;CACtC,MAAM,4BAAY,IAAI,KAAqB;AAC3C,QAAO;EACL,IAAI,SAAS;AACX,UAAO,CAAC,GAAG,UAAU,SAAS,CAAC,CAAC,KAAK,CAAC,KAAK,WAAW,GAAG,IAAI,GAAG,QAAQ,CAAC,KAAK,KAAK;;EAErF,IAAI,OAAO,KAAa;GACtB,MAAM,CAAC,aAAa,IAAI,MAAM,IAAI;GAClC,MAAM,UAAU,UAAU,QAAQ,IAAI;AACtC,OAAI,UAAU,EAAG;AACjB,aAAU,IAAI,UAAU,MAAM,GAAG,QAAQ,CAAC,MAAM,EAAE,UAAU,MAAM,UAAU,EAAE,CAAC,MAAM,CAAC;;EAExF,sBAAsB,EAAE;EACzB;;AAGH,SAAS,0CAA0C;AACjD,IAAG,8EAA8E,YAAY;EAC3F,MAAM,mBAAmB,wBAAwB,yBAAyB;EAC1E,MAAM,YAAY,IAAI,eAAe;GACnC,SAAS;GACT,WAAW;GACX,sBAAsB;GACtB,YAAY;IACV,aAAa,wBAAwB,yBAAyB;IAC9D,cAAc;IACf;GACD,gBAAgB;GAChB,qBAAqB;GACtB,CAAC;EAEF,MAAM,kBAAkB,QAAQ,IAAI,WAAW,aAAa;EAC5D,MAAM,4BAA4B,QAAQ,IAAI,iBAAiB,oBAAoB;EACnF,MAAM,8BAA8B,QAAQ,IAAI,iBAAiB,sBAAsB;EACvF,MAAM,wBAAkC,EAAE;EAC1C,MAAM,qCAA+C,EAAE;EACvD,MAAM,4BAAsC,EAAE;AAE9C,UAAQ,IAAI,iBAAiB,qBAAqB,OAAO,OAAgB,iBAA0B,YAAqB;GACtH,MAAM,kBAAkB,QAAQ,IAAI,WAAW,EAAE,EAAE,kBAAkB;GACrE,MAAM,8BAA8B,QAAQ,IAAI,WAAW,EAAE,EAAE,8BAA8B;AAC7F,OAAI,OAAO,oBAAoB,WAC7B,OAAM,IAAI,MAAM,wEAAwE;AAE1F,OAAI,OAAO,gCAAgC,WACzC,OAAM,IAAI,MAAM,qEAAqE;GAEvF,MAAM,eAAe,gBAAgB,KAAK,QAAQ;GAClD,MAAM,qBAAqB,QAAQ,IAAI,gBAAgB,EAAE,EAAE,QAAQ;AACnE,OAAI,OAAO,uBAAuB,SAChC,OAAM,IAAI,MAAM,qEAAqE;AAEvF,yBAAsB,KAAK,mBAAmB;GAC9C,MAAM,SAAS,MAAM,4BAA4B,KAAK,SAAS,GAAG,KAAK;AACvE,sCAAmC,KAAK,OAAO,YAAY,QAAQ,iBAAiB;AACpF,UAAO;IACL,IAAI;IACJ,MAAM,aAAa,EAAE,cAAc,oFAAoF;IACxH;IACD;AACF,UAAQ,IAAI,iBAAiB,uBAAuB,OAAO,iBAA0B;GACnF,MAAM,qBAAqB,QAAQ,IAAI,gBAAgB,EAAE,EAAE,QAAQ;AACnE,OAAI,OAAO,uBAAuB,SAChC,OAAM,IAAI,MAAM,4DAA4D;AAE9E,6BAA0B,KAAK,mBAAmB;AAClD,UAAO,YAAY,cAAc,iBAAiB,WAAW;AAC3D,UAAM,IAAI,MAAM,yCAAyC;OACvD;IACJ;AAEF,MAAI;GACF,MAAM,mCAAmC,QAAQ,IAAI,WAAW,oCAAoC;AACpG,OAAI,OAAO,qCAAqC,WAC9C,OAAM,IAAI,MAAM,gFAAgF;AAGlG,SAAM,OAAO,iCAAiC,KAAK,WAAW;IAC5D,aAAa;IACb,OAAO;IACP,eAAe;IACf,0BAA0B;IAC1B,wBAAwB;KACtB,aAAa,wBAAwB,+BAA+B;KACpE,cAAc;KACf;IACF,CAAC,CAAC,CAAC,SAAS,KAAK,mFAAmF;YAC7F;AACR,WAAQ,IAAI,iBAAiB,qBAAqB,0BAA0B;AAC5E,WAAQ,IAAI,iBAAiB,uBAAuB,4BAA4B;;AAGlF,SAAO,0BAA0B,CAAC,QAAQ,CAAC,sBAAsB,CAAC;AAClE,SAAO,sBAAsB,CAAC,QAAQ,CAAC,sBAAsB,CAAC;AAC9D,SAAO,mCAAmC,CAAC,QAAQ,CAAC,yBAAyB,CAAC;GAC9E;AAEF,IAAG,wFAAwF,YAAY;EACrG,MAAM,YAAY;EAClB,MAAM,YAAY,IAAI,eAAe;GACnC,SAAS;GACT;GACA,sBAAsB;GACtB,YAAY;GACZ,gBAAgB;GAChB,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACD,qBAAqB;GACtB,CAAC;EACF,MAAM,aAAa;EACnB,MAAM,qBAAqB;EAC3B,MAAM,aAAa,IAAI,IAAI,WAAW,UAAU,4CAA4C;AAC5F,aAAW,aAAa,IAAI,wBAAwB,yFAAyF,aAAa;AAC1J,aAAW,aAAa,IAAI,+BAA+B,WAAW;AACtE,aAAW,aAAa,IAAI,wCAAwC,mBAAmB;AACvF,aAAW,aAAa,IAAI,qDAAqD,+BAA+B;AAChH,aAAW,aAAa,IAAI,mDAAmD,iBAAiB;AAChG,aAAW,aAAa,IAAI,+CAA+C,+BAA+B;EAE1G,MAAM,iBAAiB,WAAW;EAClC,MAAM,mBAAmB,WAAW;EACpC,IAAI,gBAAgB;AACpB,KAAG,MAAM,WAAkB,wCAAwC,CAAC,kBAAkB,KAAK;AAC3F,KAAG,MAAM,WAAkB,0CAA0C,CAAC,kBAAkB;GACtF,OAAO;GACP,eAAe;GAChB,CAAC;AACF,KAAG,MAAM,WAAkB,aAAa,CAAC,kBAAkB,KAAK;AAEhE,aAAW,WAAW,oBAAoB;AAC1C,aAAW,SAAS,EAClB,UAAU;GACR,MAAM,WAAW,UAAU;GAC3B,UAAU,QAAgB;AACxB,oBAAgB;AAChB,UAAM,IAAI,MAAM,yBAAyB;;GAE5C,EACF;AAED,MAAI;AACF,SAAM,OAAQ,UAAkB,mCAAmC,CAAC,CAAC,QAAQ,aAAa,yBAAyB;YAC3G;AACR,cAAW,SAAS;AACpB,cAAW,WAAW;;EAGxB,MAAM,cAAc,IAAI,IAAI,cAAc;AAC1C,SAAO,YAAY,aAAa,IAAI,QAAQ,CAAC,CAAC,KAAK,qBAAqB;AACxE,SAAO,YAAY,aAAa,IAAI,iBAAiB,CAAC,CAAC,KAAK,8BAA8B;EAC1F,MAAM,cAAc,IAAI,IAAI,YAAY,aAAa,IAAI,eAAe,IAAI,GAAG;AAC/E,SAAO,YAAY,aAAa,IAAI,8BAA8B,CAAC,CAAC,KAAK,WAAW;AACpF,SAAO,YAAY,aAAa,IAAI,uCAAuC,CAAC,CAAC,KAAK,mBAAmB;AACrG,SAAO,YAAY,aAAa,IAAI,oDAAoD,CAAC,CAAC,KAAK,+BAA+B;GAC9H;AAEF,IAAG,sFAAsF,YAAY;EACnG,MAAM,YAAY;EAClB,MAAM,oBAAoB,wBAAwB,8BAA8B;EAChF,MAAM,YAAY,IAAI,eAAe;GACnC,SAAS;GACT;GACA,sBAAsB;GACtB,YAAY;GACZ,gBAAgB;GAChB,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACD,qBAAqB;GACtB,CAAC;EACF,MAAM,aAAa,QAAQ,IAAI,WAAW,oBAAoB;AAC9D,MAAI,EAAE,sBAAsB,OAC1B,OAAM,IAAI,MAAM,oEAAoE;AAEtF,aAAW,IAAI;GACb,cAAc;GACd,aAAa;GACd,CAAC;EAEF,MAAM,aAAa,IAAI,IAAI,WAAW,UAAU,4CAA4C;AAC5F,aAAW,aAAa,IAAI,mDAAmD,oCAAoC;AACnH,aAAW,aAAa,IAAI,+CAA+C,qDAAqD;AAChI,aAAW,aAAa,IAAI,+BAA+B,cAAc;AACzE,aAAW,aAAa,IAAI,wCAAwC,uBAAuB;AAC3F,aAAW,aAAa,IAAI,qDAAqD,kCAAkC;EAEnH,MAAM,iBAAiB,WAAW;EAClC,MAAM,mBAAmB,WAAW;EACpC,IAAI,gBAAgB;EACpB,MAAM,kBAAkB,QAAQ,IAAI,WAAW,aAAa;EAC5D,MAAM,8BAA8B,QAAQ,IAAI,iBAAiB,sBAAsB;AACvF,UAAQ,IAAI,iBAAiB,uBAAuB,YAAY;AAC9D,UAAO,YAAY,cAAc,kBAAkB,WAAW;AAC5D,UAAM,IAAI,MAAM,yCAAyC;OACvD;IACJ;AACF,KAAG,MAAM,WAAkB,aAAa,CAAC,kBAAkB,KAAK;AAEhE,aAAW,WAAW,oBAAoB;AAC1C,aAAW,SAAS,EAClB,UAAU;GACR,MAAM,WAAW,UAAU;GAC3B,UAAU,QAAgB;AACxB,oBAAgB;AAChB,UAAM,IAAI,MAAM,yBAAyB;;GAE5C,EACF;AAED,MAAI;AACF,SAAM,OAAQ,UAAkB,mCAAmC,CAAC,CAAC,QAAQ,aAAa,yBAAyB;YAC3G;AACR,WAAQ,IAAI,iBAAiB,uBAAuB,4BAA4B;AAChF,cAAW,SAAS;AACpB,cAAW,WAAW;;AAGxB,SAAO,WAAW,KAAK,CAAC,CAAC,QAAQ;GAC/B,cAAc;GACd,aAAa;GACd,CAAC;AACF,SAAO,IAAI,IAAI,cAAc,CAAC,OAAO,CAAC,KAAK,8BAA8B;GACzE;AAEF,IAAG,2FAA2F,YAAY;EACxG,MAAM,YAAY;EAClB,MAAM,iBAAiB,WAAW;EAClC,MAAM,mBAAmB,WAAW;AAEpC,aAAW,WAAW,oBAAoB;AAC1C,aAAW,SAAS,EAClB,UAAU;GACR,MAAM;GACN,UAAU;GACV,UAAU;GACX,EACF;EAED,MAAM,YAAY,IAAI,eAAe;GACnC,SAAS;GACT;GACA,sBAAsB;GACtB,YAAY;GACZ,gBAAgB;GAChB,qBAAqB;GACtB,CAAC;EACF,MAAM,kBAAkB,QAAQ,IAAI,WAAW,aAAa;EAC5D,MAAM,8BAA8B,QAAQ,IAAI,iBAAiB,sBAAsB;EACvF,MAAM,4BAAsC,EAAE;AAE9C,MAAI;GACF,MAAM,6BAA6B,QAAQ,IAAI,WAAW,8BAA8B;AACxF,OAAI,OAAO,+BAA+B,WACxC,OAAM,IAAI,MAAM,0EAA0E;AAG5F,GADmB,2BAA2B,KAAK,UAAU,CAClD,IAAI;IACb,cAAc;IACd,aAAa,wBAAwB,uBAAuB;IAC7D,CAAC;AAEF,YAAS,SAAS,2BAA2B,UAAU,YAAY,KAAK,UAAU;IAChF,eAAe;IACf,mBAAmB;IACpB,CAAC;AACF,WAAQ,IAAI,iBAAiB,uBAAuB,OAAO,iBAA0B;IACnF,MAAM,qBAAqB,QAAQ,IAAI,gBAAgB,EAAE,EAAE,QAAQ;AACnE,QAAI,OAAO,uBAAuB,SAChC,OAAM,IAAI,MAAM,4DAA4D;AAE9E,8BAA0B,KAAK,mBAAmB;AAClD,WAAO,YAAY,cAAc,wBAAwB,uBAAuB,CAAC,WAAW;AAC1F,WAAM,IAAI,MAAM,yCAAyC;QACvD;KACJ;GAEF,MAAM,uCAAuC,QAAQ,IAAI,WAAW,wCAAwC;AAC5G,OAAI,OAAO,yCAAyC,WAClD,OAAM,IAAI,MAAM,oFAAoF;AAEtG,SAAM,OAAO,qCAAqC,KAAK,WAAW,EAChE,6BAA6B,OAC9B,CAAC,CAAC,CAAC,SAAS,KAAK,uBAAuB;YACjC;AACR,WAAQ,IAAI,iBAAiB,uBAAuB,4BAA4B;AAChF,cAAW,SAAS;AACpB,cAAW,WAAW;;AAGxB,SAAO,0BAA0B,CAAC,QAAQ,CAAC,oBAAoB,CAAC;GAChE;AAEF,IAAG,8FAA8F,YAAY;EAC3G,MAAM,YAAY,IAAI,eAAe;GACnC,SAAS;GACT,WAAW;GACX,sBAAsB;GACtB,YAAY;GACZ,gBAAgB;GAChB,MAAM;IACJ,SAAS;IACT,SAAS,EAAE,MAAM,UAAU;IAC5B;GACD,qBAAqB;GACtB,CAAC;EACF,MAAM,aAAa,GAAG,MAAM,WAAW,UAAU,CAAC,kCAAkB,IAAI,MAAM,yBAAyB,CAAC;AAExG,MAAI;AACF,SAAM,OAAO,UAAU,mBAAmB,CAAC,CAAC,QAAQ,aAAa,yBAAyB;AAC1F,UAAO,WAAW,CAAC,sBAAsB;YACjC;AACR,cAAW,aAAa;;GAE1B;AAEF,IAAG,2FAA2F,YAAY;EACxG,MAAM,YAAY,IAAI,eAAe;GACnC,SAAS;GACT,WAAW;GACX,sBAAsB;GACtB,YAAY;GACZ,gBAAgB;GAChB,MAAM,EACJ,SAAS,EAAE,MAAM,UAAU,EAC5B;GACD,qBAAqB;GACtB,CAAC;EACF,MAAM,cAAc;EAEpB,MAAM,kBAAkB,QAAQ,IAAI,WAAW,aAAa;EAC5D,MAAM,kBAAkB,QAAQ,IAAI,iBAAiB,UAAU;AAC/D,UAAQ,IAAI,iBAAiB,WAAW,YAAY,GAAG;EACvD,MAAM,iBAAiB,WAAW;EAClC,MAAM,mBAAmB,WAAW;EACpC,IAAI,gBAAgB;AAEpB,aAAW,WAAW,oBAAoB;AAC1C,aAAW,SAAS,EAClB,UAAU;GACR,MAAM;GACN,UAAU,QAAgB;AACxB,oBAAgB;AAChB,UAAM,IAAI,MAAM,yBAAyB;;GAE5C,EACF;AAED,MAAI;GACF,MAAM,UAAU,QAAQ,IAAI,WAAW,WAAW;AAClD,OAAI,OAAO,YAAY,WACrB,OAAM,IAAI,MAAM,uDAAuD;AAEzE,SAAM,OAAO,QAAQ,KAAK,WAAW,QAAQ,IAAI,iBAAiB,gBAAgB,CAAC,KAAK,iBAAiB,EACvG,cAAc,MACf,CAAC,CAAC,CAAC,CAAC,QAAQ,aAAa,yBAAyB;YAC3C;AACR,WAAQ,IAAI,iBAAiB,WAAW,gBAAgB;AACxD,cAAW,SAAS;AACpB,cAAW,WAAW;;AAGxB,SAAO,cAAc,CAAC,KAAK,wBAAwB;GACnD;AAEF,IAAG,oFAAoF,YAAY;EACjG,MAAM,YAAY,IAAI,eAAe;GACnC,SAAS;GACT,WAAW;GACX,sBAAsB;GACtB,YAAY;GACZ,gBAAgB;GAChB,qBAAqB;GACtB,CAAC;EACF,MAAM,iBAAiB,wBAAwB,uBAAuB;EACtE,MAAM,0BAA0B,wBAAwB,iCAAiC;EACzF,MAAM,iBAAiB,wBAAwB,uBAAuB;EACtE,MAAM,aAAa,IAAI,MAAM;GAC3B,cAAc;GACd,aAAa;GACd,CAAC;EACF,MAAM,kBAAkB,QAAQ,IAAI,WAAW,aAAa;EAC5D,MAAM,8BAA8B,QAAQ,IAAI,iBAAiB,sBAAsB;AACvF,UAAQ,IAAI,iBAAiB,uBAAuB,YAAY;AAC9D,UAAO,YAAY,cAAc,wBAAwB,WAAW;AAClE,UAAM,IAAI,MAAM,yCAAyC;OACvD;IACJ;AAEF,MAAI;GACF,MAAM,2BAA2B,QAAQ,IAAI,WAAW,4BAA4B;AACpF,OAAI,OAAO,6BAA6B,WACtC,OAAM,IAAI,MAAM,wEAAwE;GAE1F,MAAM,aAAa,yBAAyB,KAAK,WAAW,WAAW;AACvE,cAAW,IAAI;IACb,cAAc;IACd,aAAa;IACd,CAAC;AAEF,SAAM,WAAW,gBAAgB;AACjC,UAAO,WAAW,KAAK,CAAC,CAAC,QAAQ;IAC/B,cAAc;IACd,aAAa;IACd,CAAC;AAEF,cAAW,aAAa;AACxB,UAAO,WAAW,KAAK,CAAC,CAAC,QAAQ;IAC/B,cAAc;IACd,aAAa;IACd,CAAC;YACM;AACR,WAAQ,IAAI,iBAAiB,uBAAuB,4BAA4B;;GAElF;EACF"}

package/dist/esm/lib/{stack-app → hexclave-app}/apps/implementations/client-app-impl.d.ts RENAMED Viewed

@@ -6,7 +6,7 @@ import { InternalSession } from "@hexclave/shared/dist/sessions";
 import { Store } from "@hexclave/shared/dist/utils/stores";
 import * as cookie from "cookie";
 import { TeamApiKeysCrud, UserApiKeysCrud, teamApiKeysCreateOutputSchema, userApiKeysCreateOutputSchema } from "@hexclave/shared/dist/interface/crud/project-api-keys";
-import { ConvexCtx, GetCurrentPartialUserOptions, GetCurrentUserOptions, HandlerUrlOptions, HandlerUrls, OAuthScopesOnSignIn, RedirectMethod, RedirectToOptions, RequestLike, ResolvedHandlerUrls, TokenStoreInit, stackAppInternalsSymbol } from "../../common";
+import { ConvexCtx, GetCurrentPartialUserOptions, GetCurrentUserOptions, HandlerUrlOptions, HandlerUrls, OAuthScopesOnSignIn, RedirectMethod, RedirectToOptions, RequestLike, ResolvedHandlerUrls, TokenStoreInit, hexclaveAppInternalsSymbol } from "../../common";
 import { AnalyticsOptions } from "./session-replay";
 import { CurrentUserCrud } from "@hexclave/shared/dist/interface/crud/current-user";
 import { RequestListener } from "@hexclave/shared/dist/interface/client-interface";
@@ -14,7 +14,7 @@ import { ClientProjectsCrud } from "@hexclave/shared/dist/interface/crud/project
 import { TeamPermission } from "../../permissions";
 import { AdminOwnedProject, AdminProjectUpdateOptions, Project } from "../../projects";
 import * as __admin_app_impl0 from "./admin-app-impl";
-import { _StackAdminAppImplIncomplete } from "./admin-app-impl";
+import { _HexclaveAdminAppImplIncomplete } from "./admin-app-impl";
 import { ContactChannelsCrud } from "@hexclave/shared/dist/interface/crud/contact-channels";
 import { CustomerInvoicesListResponse } from "@hexclave/shared/dist/interface/crud/invoices";
 import { ItemCrud } from "@hexclave/shared/dist/interface/crud/items";
@@ -41,11 +41,11 @@ import { StackClientApp, StackClientAppConstructorOptions, StackClientAppJson }
 import { TokenObject } from "./common";
 import { CrossDomainHandoffParams } from "./redirect-page-urls";
-//#region src/lib/stack-app/apps/implementations/client-app-impl.d.ts
-type StackClientAppImplConstructorOptionsResolved<HasTokenStore extends boolean, ProjectId extends string> = StackClientAppConstructorOptions<HasTokenStore, ProjectId> & {
+//#region src/lib/hexclave-app/apps/implementations/client-app-impl.d.ts
+type HexclaveClientAppImplConstructorOptionsResolved<HasTokenStore extends boolean, ProjectId extends string> = StackClientAppConstructorOptions<HasTokenStore, ProjectId> & {
   inheritsFrom?: undefined;
 };
-declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, ProjectId extends string = string> implements StackClientApp<HasTokenStore, ProjectId> {
+declare class _HexclaveClientAppImplIncomplete<HasTokenStore extends boolean, ProjectId extends string = string> implements StackClientApp<HasTokenStore, ProjectId> {
   /**
    * There is a circular dependency between the admin app and the client app, as the former inherits from the latter and
    * the latter needs to use the former when creating a new instance of an internal project.
@@ -54,9 +54,9 @@ declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, Proje
    * which imports both this file and ./admin-app-impl.ts.
    */
   static readonly LazyStackAdminAppImpl: {
-    value: typeof __admin_app_impl0._StackAdminAppImplIncomplete | undefined;
+    value: typeof __admin_app_impl0._HexclaveAdminAppImplIncomplete | undefined;
   };
-  protected readonly _options: StackClientAppImplConstructorOptionsResolved<HasTokenStore, ProjectId>;
+  protected readonly _options: HexclaveClientAppImplConstructorOptionsResolved<HasTokenStore, ProjectId>;
   protected readonly _extraOptions: {
     uniqueIdentifier?: string;
     checkString?: string;
@@ -146,9 +146,10 @@ declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, Proje
   protected _usePendingAuthResolutions(overrideTokenStoreInit?: TokenStoreInit): void;
   protected _isOAuthCallbackUrlHosted(): boolean;
   protected _currentUrlLooksLikeOAuthCallback(): boolean;
-  protected _currentUrlLooksLikeStackOAuthCallback(): boolean;
+  protected _currentUrlLooksLikeHexclaveOAuthCallback(): boolean;
+  protected _currentUrlLooksLikeNestedCrossDomainOAuthCallback(): boolean;
   protected _getOAuthCallbackRedirectUri(): string;
-  protected _getCurrentRefreshTokenIdIfSignedIn(options?: {
+  protected _fetchCurrentRefreshTokenIdIfSignedIn(options?: {
     awaitPendingAuthResolutions?: boolean;
     overrideTokenStoreInit?: TokenStoreInit;
   }): Promise<string | null>;
@@ -159,7 +160,6 @@ declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, Proje
     overrideTokenStoreInit?: TokenStoreInit;
   }): Promise<string>;
   protected _maybeHandleNestedCrossDomainAuth(): Promise<boolean>;
-  protected _getNestedCrossDomainAuthParamsForRedirect(): Promise<CrossDomainHandoffParams>;
   /**
    * Cloudflare workers does not allow use of randomness on the global scope (on which the Stack app is probably
    * initialized). For that reason, we generate the unique identifier lazily when it is first needed instead of in the
@@ -183,6 +183,7 @@ declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, Proje
   private _parseStructuredRefreshCookie;
   private _extractRefreshTokenFromCookieMap;
   protected _getTokensFromCookies(cookies: cookie.Cookies): TokenObject;
+  private _getCurrentBrowserCookieTokenStoreValue;
   protected get _accessTokenCookieName(): string;
   protected get _legacyAccessTokenCookieName(): string;
   private _getAllBrowserCookies;
@@ -293,7 +294,7 @@ declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, Proje
   useInvoices(options: CustomerInvoicesRequestOptions): CustomerInvoicesList;
   protected _currentUserFromCrud(crud: NonNullable<CurrentUserCrud['Client']['Read']>, session: InternalSession): ProjectCurrentUser<ProjectId>;
   protected _clientSessionFromCrud(crud: SessionsCrud['Client']['Read']): ActiveSession;
-  protected _getOwnedAdminApp(forProjectId: string, session: InternalSession): _StackAdminAppImplIncomplete<false, string>;
+  protected _getOwnedAdminApp(forProjectId: string, session: InternalSession): _HexclaveAdminAppImplIncomplete<false, string>;
   get projectId(): ProjectId;
   get version(): string;
   private _botChallengeSiteKeysWarned;
@@ -482,6 +483,7 @@ declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, Proje
   protected _signOut(session: InternalSession, options?: {
     redirectUrl?: URL | string;
   }): Promise<void>;
+  protected _redirectToDefaultAfterSignOut(): Promise<void>;
   signOut(options?: {
     redirectUrl?: URL | string;
     tokenStore?: TokenStoreInit;
@@ -539,10 +541,10 @@ declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, Proje
   protected _refreshUsers(): Promise<void>;
   protected _refreshProject(): Promise<void>;
   protected _refreshOwnedProjects(session: InternalSession): Promise<void>;
-  static get [stackAppInternalsSymbol](): {
+  static get [hexclaveAppInternalsSymbol](): {
     fromClientJson: <HasTokenStore extends boolean, ProjectId extends string>(json: StackClientAppJson<HasTokenStore, ProjectId>) => StackClientApp<HasTokenStore, ProjectId>;
   };
-  get [stackAppInternalsSymbol](): {
+  get [hexclaveAppInternalsSymbol](): {
     toClientJson: () => StackClientAppJson<HasTokenStore, ProjectId>;
     setCurrentUser: (userJsonPromise: Promise<CurrentUserCrud["Client"]["Read"] | null>) => void;
     getConstructorOptions: () => {
@@ -596,5 +598,5 @@ declare class _StackClientAppImplIncomplete<HasTokenStore extends boolean, Proje
   };
 }
 //#endregion
-export { _StackClientAppImplIncomplete };
+export { _HexclaveClientAppImplIncomplete };
 //# sourceMappingURL=client-app-impl.d.ts.map

package/dist/esm/lib/hexclave-app/apps/implementations/client-app-impl.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"client-app-impl.d.ts","names":[],"sources":["../../../../../../src/lib/hexclave-app/apps/implementations/client-app-impl.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAwLK,+CAAA,4DAA2G,gCAAA,CAAiC,aAAA,EAAe,SAAA;EAAe,YAAA;AAAA;AAAA,cAElK,gCAAA,8EAA8G,cAAA,CAAe,aAAA,EAAe,SAAA;EAFpJ;;;;;;;EAAA,gBAUa,qBAAA;IAAyB,KAAA,SARuH,iBAAA,CAQ9E,+BAAA;EAAA;EAAA,mBAE/D,QAAA,EAAU,+CAAA,CAAgD,aAAA,EAAe,SAAA;EAAA,mBACzE,aAAA;IAAiB,gBAAA;IAA2B,WAAA;IAAsB,SAAA,GAAY,uBAAA;EAAA;EAAA,UACvF,iBAAA;EAAA,UACA,UAAA,EAAY,uBAAA;EAAA,mBACH,eAAA,EAAiB,cAAA,CAAe,aAAA;EAAA,mBAChC,eAAA,EAAiB,cAAA;EAAA,mBACjB,WAAA,EAAa,iBAAA;EAAA,mBACb,oBAAA,EAAsB,OAAA,CAAQ,mBAAA;EAAA,iBAEhC,iBAAA;EAAA,QACT,gBAAA;EAAA,QACA,aAAA;EAAA,QAEA,gCAAA;EAAA,iBACS,eAAA;EAAA,iBAEA,iBAAA;EAAA,iBAyBA,oBAAA;EAAA,iBAGA,mBAAA;EAAA,iBAGA,4BAAA;EAAA,iBAMA,mCAAA;EAAA,iBAMA,sBAAA;EAsO4C;EAAA,iBAlO5C,4CAAA;EAkO6D;EAAA,iBApN7D,gCAAA;EAAA,iBAaA,kCAAA;EAAA,iBAMA,qDAAA;EAAA,iBAaA,iDAAA;EAAA,iBA2BA,wBAAA;EAAA,iBAKA,qBAAA;EAAA,iBAKA,4BAAA;EAAA,iBAKA,gCAAA;EAAA,iBAGA,2BAAA;EAAA,iBAMA,iBAAA;EAAA,iBAOA,iBAAA;EAAA,iBAOA,4BAAA;EAAA,iBAOA,+BAAA;EAAA,iBAMA,cAAA;EAAA,iBAMA,cAAA;EAAA,iBAMA,gBAAA;EAAA,iBAMA,kBAAA;EAAA,iBAWA,kBAAA;EAAA,iBAWA,oBAAA;EAAA,iBAWA,kBAAA;EAAA,iBAWA,kBAAA;EAAA,iBAWA,qBAAA;EAAA,iBAeA,uBAAA;EAAA,iBAIA,yBAAA;EAAA,QAIT,0BAAA;EAAA,QACA,mCAAA;EAAA,QACA,4CAAA;EAAA,QACA,sCAAA;EAAA,QACA,8BAAA;EAAA,UAEQ,mBAAA,CAAoB,sBAAA,GAAyB,cAAA,GAAiB,OAAA,CAAQ,YAAA;EA+ezD;EAAA,UAreb,8BAAA,CAA+B,OAAA;IAC7C,OAAA,QAAe,OAAA,CAAQ,eAAA;IACvB,mBAAA,QAA2B,OAAA;MAAU,WAAA;IAAA;IACrC,aAAA;MAAuB,WAAA;IAAA;IACvB,UAAA,EAAY,YAAA;IACZ,KAAA;EAAA;IACK,QAAA;IAAgB,OAAA,EAAS,eAAA;EAAA;IAA6B,QAAA;EAAA,KAAsB,OAAA,CAAQ,yBAAA;EAAA,UA8DjF,kCAAA,CACR,IAAA;IAAQ,QAAA;IAAkB,mBAAA;EAAA,GAC1B,OAAA,EAAS,eAAA,GACR,eAAA;cA6BS,OAAA,EAAS,gCAAA,CAAiC,aAAA,EAAe,SAAA,GAAY,YAAA;IAAiB,gBAAA;IAA2B,WAAA;IAAsB,SAAA,GAAY,uBAAA;EAAA;EAAA,UA2GrJ,qBAAA,CAAA;EAAA,UAUA,2BAAA,CAA4B,QAAA,QAAgB,OAAA;EAAA,UAqBtC,4BAAA,CACd,sBAAA,GAAyB,cAAA,EACzB,OAAA;IAAY,2BAAA;EAAA,IAAuC,OAAA;EAAA,UAgB3C,0BAAA,CAA2B,sBAAA,GAAyB,cAAA;EAAA,UAWpD,yBAAA,CAAA;EAAA,UAKA,iCAAA,CAAA;EAAA,UAYA,yCAAA,CAAA;EAAA,UAaA,kDAAA,CAAA;EAAA,UAUA,4BAAA,CAAA;EAAA,UAeM,qCAAA,CAAsC,OAAA;IACpD,2BAAA;IACA,sBAAA,GAAyB,cAAA;EAAA,IACvB,OAAA;EAAA,UAaY,4CAAA,CAA6C,OAAA;IAC3D,GAAA;IACA,UAAA,EAAY,GAAA;IACZ,2BAAA;IACA,sBAAA,GAAyB,cAAA;EAAA,IACvB,OAAA;EAAA,UAsBY,iCAAA,CAAA,GAAqC,OAAA;EA2uB2B;;;;;EAAA,UAtoBtE,oBAAA,CAAA;EAAA,UAQM,oBAAA,CAAqB,IAAA,UAAc,OAAA,QAAY,OAAA;EAAA,UAIrD,uBAAA,CAAwB,IAAA,UAAc,OAAA;EAAA,UAKtC,iBAAA,EAAiB,KAAA,CAAA,WAAA;EAAA,UACjB,6BAAA,EAA6B,OAAA,SAAA,KAAA,CAAA,WAAA;EAAA,UAC7B,mBAAA,EAAmB,OAAA,CAAA,WAAA,EAAA,KAAA,CAAA,WAAA;EAAA,UACnB,8BAAA,EAAgC,KAAA,CAAM,WAAA;EAAA,QACxC,mCAAA;EAAA,cACM,6BAAA,CAAA;EAAA,cAGA,uBAAA,CAAA;EAAA,QAGN,0CAAA;EAAA,QAGA,2BAAA;EAAA,QAIA,qCAAA;EAAA,QAYA,yBAAA;EAAA,QAMA,wBAAA;EAAA,QAGA,6BAAA;EAAA,QAsBA,iCAAA;EAAA,UAkDE,qBAAA,CAAsB,OAAA,EAAS,MAAA,CAAO,OAAA,GAAU,WAAA;EAAA,QA2BlD,uCAAA;EAAA,cAOM,sBAAA,CAAA;EAAA,cAOA,4BAAA,CAAA;EAAA,QAGN,qBAAA;EAAA,QAMA,kCAAA;EAAA,QAWA,+BAAA;EAAA,QAeA,2BAAA;EAAA,QAmBA,iCAAA;EAAA,QAmBA,+BAAA;EAAA,QAyCM,yBAAA;EAAA,QAWA,uBAAA;EAAA,UAIJ,2BAAA,CAAA,GAA+B,KAAA,CAAM,WAAA;EAAA,UAwDrC,sBAAA,CAAuB,YAAA,EAAc,YAAA,EAAc,sBAAA,GAAyB,cAAA,GAAiB,KAAA,CAAM,WAAA;EAAA,UA+GnG,cAAA,CAAe,sBAAA,GAAyB,cAAA,GAAiB,KAAA,CAAM,WAAA;EA+ZvB;;;;;;;;EAAA,QAhZ1C,kCAAA;EAAA,UACE,yBAAA,CAA0B,UAAA,EAAY,KAAA,CAAM,WAAA,IAAe,eAAA;EAAA,UA8BrD,WAAA,CACd,sBAAA,GAAyB,cAAA,EACzB,OAAA;IAAY,2BAAA;EAAA,IACX,OAAA,CAAQ,eAAA;EAAA,UAOD,WAAA,CAAY,sBAAA,GAAyB,cAAA,GAAiB,eAAA;EAAA,UAchD,0BAAA,CAA2B,MAAA;IAAU,WAAA;IAA4B,YAAA;EAAA,IAAsB,OAAA;EAAA,UAa7F,gCAAA,CAAiC,MAAA;IAAU,WAAA;IAA4B,YAAA;EAAA,IAAyB,cAAA;EAAA,UAUhG,wBAAA,CAAyB,sBAAA,GAAyB,cAAA,WAAyB,cAAA,OAAqB,SAAA;EAAA,UAIhG,2BAAA,CAA4B,sBAAA,GAAyB,cAAA,mBAAiC,cAAA,OAAqB,SAAA;EAAA,UAM3G,kBAAA,CAAA;IAAgC,SAAA;EAAA;EAAA,UAIhC,sBAAA,CAAA;IAA4C,SAAA;EAAA;EAAA,UAM5C,sBAAA,CAAuB,IAAA,EAAM,kBAAA,qBAAuC,OAAA;EAAA,UAoBpE,yBAAA,CAA0B,IAAA,EAAM,mBAAA,qBAAwC,sBAAA,qBAA2C,cAAA;EAAA,UAMnH,uBAAA,CAAwB,IAAA,EAAM,sBAAA,qBAA2C,QAAA;EAAA,UAUzE,iCAAA,CAAkC,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,kBAAA,qBAAuC,kBAAA;EAAA,UAYzG,qCAAA,CAAsC,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,kBAAA,qBAAuC,sBAAA;EAAA,UAmB7G,mBAAA,CACR,IAAA,EAAM,eAAA,qBAAoC,eAAA,qBAAoC,GAAA,CAAI,SAAA,QAAiB,6BAAA,IAAiC,GAAA,CAAI,SAAA,QAAiB,6BAAA,IACxJ,IAAA,CAAK,MAAA,0CAAgD,IAAA,CAAK,MAAA;EAAA,UA2BnD,qBAAA,CAAsB,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,eAAA,qBAAoC,MAAA;EAAA,UAC1F,qBAAA,CAAsB,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,eAAA,qBAAoC,MAAA;EAAA,UAC1F,qBAAA,CAAsB,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,GAAA,CAAI,SAAA,QAAiB,6BAAA,IAAiC,MAAA;EAAA,UAC5G,qBAAA,CAAsB,OAAA,EAAS,eAAA,EAAiB,IAAA,EAAM,GAAA,CAAI,SAAA,QAAiB,6BAAA,IAAiC,MAAA;EAAA,UAkB5G,mBAAA,CAAoB,IAAA,EAAM,SAAA,oBAA6B,OAAA,EAAS,eAAA,GAAkB,IAAA;EAAA,UAiElF,6BAAA,CAA8B,IAAA,EAAM,mBAAA,oBAAuC,OAAA,EAAS,eAAA,GAAkB,cAAA;EAAA,UA2BtG,mCAAA,CAAoC,IAAA,EAAM,0BAAA,oBAA8C,OAAA,EAAS,eAAA,GAAkB,oBAAA;EAAA,UAcnH,4BAAA,CAA6B,IAAA,EAAM,iBAAA,oBAAqC,OAAA,EAAS,eAAA,GAAkB,aAAA;EAAA,UA8CnG,mBAAA,CAAoB,IAAA,EAAM,QAAA,qBAA6B,IAAA;EAAA,UASvD,6BAAA,CAA8B,QAAA,EAAU,4BAAA,GAA+B,oBAAA;EAAA,UAwBvE,6BAAA,CAA8B,QAAA,EAAU,4BAAA,GAA+B,oBAAA;EAAA,UAUvE,4BAAA,CAA6B,QAAA;IACrC,YAAA;IACA,sBAAA;MACE,EAAA;MACA,KAAA;MACA,KAAA;MACA,SAAA;MACA,QAAA;IAAA;EAAA,IAEA,eAAA;EAAA,UAOM,WAAA,CAAY,OAAA,EAAS,eAAA,GAAkB,IAAA;EAAA,UAiFvC,4BAAA,CAA6B,IAAA,EAAM,sBAAA,oBAA0C,OAAA,EAAS,eAAA,GAAkB,yBAAA;EAAA,UAmBxG,eAAA,CAAgB,IAAA,EAAM,WAAA,CAAY,eAAA,sBAAqC,SAAA,qBAA8B,QAAA;EAAA,UAyBrG,2BAAA,CAA4B,IAAA,EAAM,WAAA,CAAY,eAAA,qBAAoC,OAAA,EAAS,eAAA,GAAkB,SAAA;EAAA,UAoW7G,wBAAA,CAAyB,OAAA,EAAS,eAAA,GAAkB,iBAAA;EAAA,UAoBpD,eAAA,CAAgB,cAAA,UAAwB,IAAA,mBAAuB,OAAA,EAAS,eAAA,UAAyB,IAAA,CAAK,QAAA;EAiE1G,OAAA,CAAQ,OAAA;IAAW,MAAA;IAAgB,MAAA;EAAA;IAAqB,MAAA;IAAgB,MAAA;EAAA;IAAqB,MAAA;IAAgB,gBAAA;EAAA,IAA6B,OAAA,CAAQ,IAAA;EAaxJ,OAAA,CAAQ,OAAA;IAAW,MAAA;IAAgB,MAAA;EAAA;IAAqB,MAAA;IAAgB,MAAA;EAAA;IAAqB,MAAA;IAAgB,gBAAA;EAAA,IAA6B,IAAA;EASpI,YAAA,CAAa,OAAA,EAAS,8BAAA,GAAiC,OAAA,CAAQ,oBAAA;EAc/D,YAAA,CAAa,OAAA,EAAS,8BAAA,GAAiC,OAAA,CAAQ,oBAAA;EAU/D,kBAAA,CAAmB,OAAA;IAAW,SAAA;IAAmB,cAAA;EAAA;IAA8B,SAAA;IAAmB,cAAA;IAAyB,MAAA;EAAA,IAAmB,OAAA;EAoBpJ,WAAA,CAAY,OAAA,EAAS,8BAAA,GAAiC,oBAAA;EAQtD,WAAA,CAAY,OAAA,EAAS,8BAAA,GAAiC,oBAAA;EAAA,UAS5C,oBAAA,CAAqB,IAAA,EAAM,WAAA,CAAY,eAAA,qBAAoC,OAAA,EAAS,eAAA,GAAkB,kBAAA,CAAmB,SAAA;EAAA,UAUzH,sBAAA,CAAuB,IAAA,EAAM,YAAA,qBAAiC,aAAA;EAAA,UAY9D,iBAAA,CAAkB,YAAA,UAAsB,OAAA,EAAS,eAAA,GAAkB,+BAAA;EAAA,IAazE,SAAA,CAAA,GAAa,SAAA;EAAA,IAIb,OAAA,CAAA;EAAA,QAII,2BAAA;EAAA,QACA,wBAAA;EAAA,QAiBA,2BAAA;EAAA,QAgBA,4BAAA;EAAA,QAaA,6BAAA;EAAA,QAaM,kCAAA;EAAA,UA+BE,UAAA,CAAW,GAAA,WAAc,OAAA;EAAA,IAqBrC,IAAA,CAAA,GAAQ,QAAA,CAAS,mBAAA;EAAA,UAIX,yCAAA,CAAA;EAAA,UAyBA,yCAAA,CAA0C,UAAA,EAAY,GAAA,GAAM,wBAAA;EAAA,UAetD,uCAAA,CAAwC,UAAA,EAAY,GAAA,GAAM,OAAA,CAAQ,wBAAA;EAAA,UAexE,gCAAA,CAAA;EAAA,UAeM,iCAAA,CAAkC,OAAA;IAChD,WAAA;IACA,KAAA;IACA,aAAA;IACA,wBAAA;IACA,2BAAA;IACA,sBAAA,GAAyB,cAAA;EAAA,IACvB,OAAA;EAAA,UAmCM,2CAAA,CAAA,GAA+C,wBAAA;EAAA,UAYzC,cAAA,CAAA,GAAc,OAAA,CAAA,GAAA;EAAA,UAOd,WAAA,CAAY,OAAA;IAAW,GAAA,EAAK,GAAA;IAAc,OAAA;EAAA,IAAmB,OAAA;EAkB7E,WAAA,CAAA,IAAgB,EAAA;EAAA,UAYA,kBAAA,CAAmB,GAAA,UAAa,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAAA,UAO3D,kBAAA,CACd,WAAA,QAAmB,WAAA,EACnB,OAAA,GAAU,iBAAA,EACV,eAAA;IACE,2BAAA;IACA,sBAAA,GAAyB,cAAA;EAAA,IAC1B,OAAA;EAAA,UA4CO,8BAAA,CAA+B,WAAA,QAAmB,WAAA,EAAa,OAAA,GAAU,iBAAA;EAI7E,gBAAA,CAAiB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAC5C,gBAAA,CAAiB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAC5C,iBAAA,CAAkB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAO7C,2BAAA,CAA4B,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACvD,uBAAA,CAAwB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACnD,wBAAA,CAAyB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACpD,cAAA,CAAe,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAC1C,uBAAA,CAAwB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACnD,2BAAA,CAA4B,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACvD,qBAAA,CAAsB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACjD,qBAAA,CAAsB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACjD,oBAAA,CAAqB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAChD,sBAAA,CAAuB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAClD,yBAAA,CAA0B,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACrD,eAAA,CAAgB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAC3C,wBAAA,CAAyB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACpD,wBAAA,CAAyB,OAAA,GAAU,iBAAA,GAAiB,OAAA;EACpD,aAAA,CAAc,OAAA,GAAU,iBAAA,GAAiB,OAAA;EAEzC,uBAAA,CAAwB,KAAA,UAAe,OAAA;IAAY,WAAA;EAAA,IAAyB,OAAA,CAAQ,MAAA,YAAkB,WAAA;EAItG,kBAAA,CAAmB,KAAA,UAAe,OAAA;IACtC,WAAA;EAAA,IACE,OAAA,CAAQ,MAAA;IAAS,KAAA;EAAA,GAAiB,WAAA,gCAA2C,WAAA;EAU3E,aAAA,CAAc,OAAA;IAAW,QAAA;IAAkB,IAAA;EAAA,IAAiB,OAAA,CAAQ,MAAA,YAAkB,WAAA;EAItF,uBAAA,CAAwB,IAAA,WAAe,OAAA,CAAQ,MAAA,YAAkB,WAAA;EAIjE,wBAAA,CAAyB,IAAA,WAAe,OAAA,CAAQ,MAAA,YAAkB,WAAA,4BAAuC,WAAA;EAQzG,oBAAA,CAAqB,IAAA,WAAe,OAAA,CAAQ,MAAA,YAAkB,WAAA,4BAAuC,WAAA;EAcrG,wBAAA,CAAyB,IAAA,WAAe,OAAA,CAAQ,MAAA;IAAS,eAAA;EAAA,GAA2B,WAAA,4BAAuC,WAAA;EAc3H,WAAA,CAAY,IAAA,WAAe,OAAA,CAAQ,MAAA,YAAkB,WAAA;EAOrD,OAAA,CAAQ,OAAA,EAAS,qBAAA,CAAsB,aAAA;IAAmB,EAAA;EAAA,IAAmB,OAAA,CAAQ,kBAAA,CAAmB,SAAA;EACxG,OAAA,CAAQ,OAAA,EAAS,qBAAA,CAAsB,aAAA;IAAmB,EAAA;EAAA,IAAgB,OAAA,CAAQ,kBAAA,CAAmB,SAAA;EACrG,OAAA,CAAQ,OAAA,EAAS,qBAAA,CAAsB,aAAA;IAAmB,EAAA;EAAA,IAAoB,OAAA,CAAQ,kBAAA,CAAmB,SAAA;EACzG,OAAA,CAAQ,OAAA,GAAU,qBAAA,CAAsB,aAAA,IAAiB,OAAA,CAAQ,kBAAA,CAAmB,SAAA;EA0C1F,OAAA,CAAQ,OAAA,EAAS,qBAAA,CAAsB,aAAA;IAAmB,EAAA;EAAA,IAAmB,kBAAA,CAAmB,SAAA;EAChG,OAAA,CAAQ,OAAA,EAAS,qBAAA,CAAsB,aAAA;IAAmB,EAAA;EAAA,IAAgB,kBAAA,CAAmB,SAAA;EAC7F,OAAA,CAAQ,OAAA,EAAS,qBAAA,CAAsB,aAAA;IAAmB,EAAA;EAAA,IAAoB,kBAAA,CAAmB,SAAA;EACjG,OAAA,CAAQ,OAAA,GAAU,qBAAA,CAAsB,aAAA,IAAiB,kBAAA,CAAmB,SAAA;EA0D5E,+BAAA,CAAgC,OAAA,EAAS,eAAA,EAAiB,OAAA,EAAS,4BAAA,CAA6B,aAAA,IAAiB,gBAAA;EAqB3G,yBAAA,CAA0B,GAAA,EAAK,SAAA,GAAY,OAAA,CAAQ,gBAAA;EAiBnD,cAAA,CAAe,OAAA,EAAS,4BAAA,CAA6B,aAAA;IAAmB,IAAA;EAAA,IAAkB,OAAA,CAAQ,gBAAA;EAClG,cAAA,CAAe,OAAA,EAAS,4BAAA,CAA6B,aAAA;IAAmB,IAAA;EAAA,IAAmB,OAAA,CAAQ,gBAAA;EAiBzG,cAAA,CAAe,OAAA,EAAS,4BAAA,CAA6B,aAAA;IAAmB,IAAA;EAAA,IAAkB,gBAAA;EAC1F,cAAA,CAAe,OAAA,EAAS,4BAAA,CAA6B,aAAA;IAAmB,IAAA;EAAA,IAAmB,gBAAA;EAkB3F,mBAAA,CAAoB,OAAA;IAAW,UAAA,EAAY,cAAA;EAAA,KAAoB,IAAA;IAAQ,iBAAA;EAAA,MAAiC,OAAA;EAYlG,uBAAA,CAAwB,OAAA;IAAW,UAAA,EAAY,cAAA;EAAA,IAAmB,OAAA;EAAA,UAMxD,iBAAA,CAAkB,MAAA,EAAQ,iBAAA,EAAmB,OAAA,EAAS,eAAA,GAAe,OAAA;EAM/E,eAAA,CAAgB,QAAA,EAAU,YAAA,EAAc,OAAA;IAC5C,QAAA;EAAA,IACD,OAAA;EAwIW;;;EAAA,UArEI,gBAAA,CAAiB,KAAA,EAAO,WAAA,uCAAkD,OAAA,EAAS,eAAA,GAAkB,OAAA;EAoJyB;;;;EAAA,UAnI9H,sBAAA,MAAA,CAA6B,QAAA,QAAgB,OAAA,CAAQ,MAAA,CAAO,CAAA,EAAG,CAAA,KAAM,OAAA,CAAQ,MAAA,CAAO,CAAA;IAAM,WAAA;IAAqB,YAAA;IAAsB,OAAA;EAAA,GAAoB,CAAA;EAcnK,oBAAA,CAAqB,OAAA;IACzB,KAAA;IACA,QAAA;IACA,UAAA;EAAA,IACE,OAAA,CAAQ,MAAA,YAAkB,WAAA,4BAAuC,WAAA;EA4B/D,oBAAA,CAAqB,OAAA;IACzB,KAAA;IACA,QAAA;IACA,UAAA;IACA,sBAAA;IACA,uBAAA;EAAA,IACE,OAAA,CAAQ,MAAA,YAAkB,WAAA,iCAA4C,WAAA,iCAA4C,WAAA;EA0DhH,kBAAA,CAAA,GAAkB,OAAA;;;;EAqBlB,mBAAA,CAAoB,IAAA,UAAc,OAAA;IAAY,UAAA;EAAA,IAAyB,OAAA,CAAQ,MAAA,YAAkB,WAAA,4BAAuC,WAAA;EAkV/F;;;;;;;;;;;;;;;;;;;;EA1RzC,cAAA,CAAe,OAAA;IACnB,MAAA;IACA,eAAA;IACA,WAAA;IACA,cAAA;IACA,UAAA,IAAc,GAAA,UAAa,SAAA;IAC3B,gBAAA;EAAA,IACE,OAAA,CAAQ,MAAA,SAAe,WAAA,mBAA8B,WAAA,0BAAqC,WAAA;EAmFxF,aAAA,CAAc,IAAA,UAAc,IAAA,UAAc,OAAA;IAAY,UAAA;EAAA,IAAyB,OAAA,CAAQ,MAAA,YAAkB,WAAA,4BAAuC,WAAA;EAiChJ,iBAAA,CAAA,GAAqB,OAAA,CAAQ,MAAA,YAAkB,WAAA,kCAA6C,WAAA,sBAAiC,WAAA;EA2C7H,iBAAA,CACJ,OAAA;IACE,+BAAA;EAAA,IACD,OAAA;EAAA,UAwDa,QAAA,CAAS,OAAA,EAAS,eAAA,EAAiB,OAAA;IAAY,WAAA,GAAc,GAAA;EAAA,IAAiB,OAAA;EAAA,UAe9E,8BAAA,CAAA,GAAkC,OAAA;EAmB5C,OAAA,CAAQ,OAAA;IAAY,WAAA,GAAc,GAAA;IAAc,UAAA,GAAa,cAAA;EAAA,IAAmB,OAAA;EAOhF,cAAA,CAAe,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA,IAAmB,OAAA;EAQjE,cAAA,CAAe,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA;EAQlC,eAAA,CAAgB,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA,IAAmB,OAAA;EAQlE,eAAA,CAAgB,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA;EAQnC,sBAAA,CAAuB,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA,IAAmB,OAAA;EAIzE,sBAAA,CAAuB,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA;EAI1C,cAAA,CAAe,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA,IAAmB,OAAA;IAAU,cAAA;EAAA;EAM3E,cAAA,CAAe,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA;IAAqB,cAAA;EAAA;EAMvD,WAAA,CAAY,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA,IAAmB,OAAA;IAAU,WAAA;IAA4B,YAAA;EAAA;EAQpG,WAAA,CAAY,OAAA;IAAY,UAAA,GAAa,cAAA;EAAA;IAAqB,WAAA;IAA4B,YAAA;EAAA;EAQhF,UAAA,CAAA,GAAc,OAAA,CAAQ,OAAA;EAK5B,UAAA,CAAA,GAAc,OAAA;EAAA,UAKE,kBAAA,CAAmB,OAAA,EAAS,eAAA,GAAkB,OAAA,CAAQ,iBAAA;EAAA,UAS5D,iBAAA,CAAkB,OAAA,EAAS,eAAA,GAAkB,iBAAA;EAAA,UAQvC,cAAA,CAAe,OAAA,EAAS,eAAA,EAAiB,UAAA,EAAY,yBAAA;IAA8B,WAAA;IAAqB,MAAA;EAAA,IAAmB,OAAA,CAAQ,iBAAA;EAAA,UAWnI,YAAA,CAAa,OAAA,EAAS,eAAA,GAAe,OAAA;EAAA,UAKrC,eAAA,CAAgB,OAAA,EAAS,eAAA,GAAe,OAAA;EAAA,UASxC,aAAA,CAAA,GAAa,OAAA;EAAA,UAIb,eAAA,CAAA,GAAe,OAAA;EAAA,UAIf,qBAAA,CAAsB,OAAA,EAAS,eAAA,GAAe,OAAA;EAAA,YAIlD,0BAAA;8EAEgE,IAAA,EAChE,kBAAA,CAAmB,aAAA,EAAe,SAAA,MACvC,cAAA,CAAe,aAAA,EAAe,SAAA;EAAA;EAAA,KAuBhC,0BAAA;wBAEiB,kBAAA,CAAmB,aAAA,EAAe,SAAA;sCAuBlB,OAAA,CAAQ,eAAA;;;;;;;;;;;;;;;;;;;;;;;;;;2CAMC,OAAA;MAAa,SAAA;IAAA,MAAoB,OAAA,CAAA,MAAA,CAAA,QAAA,EAAA,KAAA;4CAGhC,OAAA;MAAa,SAAA;IAAA,MAAoB,OAAA,CAAA,MAAA,CAAA,QAAA,EAAA,KAAA;mCAG9C,eAAA;gCAIjB,cAAA,EACI,WAAA,EAAW,WAAA,qCACe,OAAA,CAAA,QAAA;;qBAAA,+BAAA,CAAA,WAAA;;;;;kCAKR,GAAA,EAAG,OAAA;MAAc,OAAA;IAAA,MAAmB,OAAA;2CAG3B,WAAA,EAAW,OAAA,GAAY,iBAAA,KAAiB,OAAA;;;MAMlD,WAAA;MAAqB,YAAA;IAAA,MAAsB,OAAA;EAAA;AAAA"}