@intuitionrobotics/user-account 0.47.59 → 1.0.0

package/app-backend/modules/AccountModule.js

@@ -1,395 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.AccountModule = exports.AccountsModule_Class = exports.Collection_Accounts = exports.Collection_Sessions = exports.Header_SessionId = void 0;
-const ts_common_1 = require("@intuitionrobotics/ts-common");
-const backend_1 = require("@intuitionrobotics/firebase/backend");
-const _imports_1 = require("./_imports");
-const backend_2 = require("@intuitionrobotics/thunderstorm/backend");
-const SecretsModule_1 = require("./SecretsModule");
-const SamlModule_1 = require("./SamlModule");
-const thunderstorm_1 = require("@intuitionrobotics/thunderstorm");
-exports.Header_SessionId = new backend_2.HeaderKey(_imports_1.HeaderKey_SessionId, 404);
-exports.Collection_Sessions = "user-account--sessions";
-exports.Collection_Accounts = "user-account--accounts";
-const dispatch_onUserLogin = new ts_common_1.Dispatcher("__onUserLogin");
-const dispatch_onNewUserRegistered = new ts_common_1.Dispatcher("__onNewUserRegistered");
-function getUIAccount(account) {
-    const { email, _id, createdTimestamp } = account;
-    return { email, _id, createdTimestamp };
-}
-class AccountsModule_Class extends ts_common_1.Module {
-    constructor() {
-        super("AccountsModule");
-        this.isAuthRequest = (request) => request.header(SecretsModule_1.SecretsModule.AUTHENTICATION_KEY) !== undefined;
-        this.validateSession = (request, scopes, response) => __awaiter(this, void 0, void 0, function* () {
-            if (this.isAuthRequest(request))
-                return this.validateAuthenticationHeader(request, scopes, response);
-            return yield this.validateSessionId(exports.Header_SessionId.get(request));
-        });
-        this.TTLExpired = (session) => {
-            const delta = (0, ts_common_1.currentTimeMillies)() - session.timestamp;
-            let sessionTTLms = this.config.sessionTTLms.web;
-            if (session.frontType === _imports_1.FrontType.App)
-                return false;
-            return delta > sessionTTLms || delta < 0;
-        };
-        this.setDefaultConfig({ sessionTTLms: { web: ts_common_1.Day, app: ts_common_1.Day, jwt: 30 * ts_common_1.Minute }, jwtSecretKey: "TS_AUTH_SECRET" });
-    }
-    __queryRequestInfo(request) {
-        return __awaiter(this, void 0, void 0, function* () {
-            let data;
-            try {
-                data = yield this.validateSession(request, []);
-            }
-            catch (e) {
-            }
-            return {
-                key: this.getName(),
-                data: data
-            };
-        });
-    }
-    init() {
-        const firestore = backend_1.FirebaseModule.createAdminSession(this.config.projectId).getFirestore();
-        this.sessions = firestore.getCollection(exports.Collection_Sessions, ["userId"]);
-        this.accounts = firestore.getCollection(exports.Collection_Accounts, ["email"]);
-    }
-    getUser(_email) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const email = _email.toLowerCase();
-            return this.accounts.queryUnique({
-                where: { email },
-                select: ["email",
-                    "_id"]
-            });
-        });
-    }
-    getUsers(_emails) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return (0, ts_common_1.batchActionParallel)(_emails, 10, (batchedEmails) => __awaiter(this, void 0, void 0, function* () {
-                return this.accounts.query({
-                    where: {
-                        email: {
-                            $in: batchedEmails.map(e => e.toLowerCase())
-                        }
-                    },
-                    select: ["email", "_id"]
-                });
-            }));
-        });
-    }
-    listUsers() {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.accounts.getAll(["_id",
-                "email"]);
-        });
-    }
-    listSessions() {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.sessions.getAll(["userId",
-                "timestamp"]);
-        });
-    }
-    getSession(_email) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const email = _email.toLowerCase();
-            return this.accounts.queryUnique({ where: { email } });
-        });
-    }
-    querySessions(_email) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const account = yield this.getSession(_email);
-            if (!account)
-                return;
-            const sessions = yield this.sessions.query({
-                select: ["userId",
-                    "timestamp",
-                    "version",
-                    "frontType"], where: { userId: account._id }
-            });
-            return sessions.map((session) => {
-                return Object.assign(Object.assign({}, session), { isExpired: this.TTLExpired(session) });
-            });
-        });
-    }
-    create(request, response) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const account = yield this.createAccount(request);
-            const session = yield this.login(request, response);
-            yield dispatch_onNewUserRegistered.dispatchModuleAsync(getUIAccount(account));
-            return session;
-        });
-    }
-    upsert(request) {
-        return __awaiter(this, void 0, void 0, function* () {
-            let callback = () => Promise.resolve([]);
-            const account = yield this.accounts.runInTransaction((transaction) => __awaiter(this, void 0, void 0, function* () {
-                const existAccount = yield transaction.queryUnique(this.accounts, { where: { email: request.email } });
-                if (existAccount)
-                    return this.changePassword(request.email, request.password, transaction);
-                callback = () => __awaiter(this, void 0, void 0, function* () { return dispatch_onNewUserRegistered.dispatchModuleAsync(getUIAccount(account)); });
-                return this.createImpl(request, transaction);
-            }));
-            yield this.loginValidate(request);
-            yield callback();
-            return getUIAccount(account);
-        });
-    }
-    addNewAccount(email, password, password_check) {
-        return __awaiter(this, void 0, void 0, function* () {
-            let account;
-            if (password && password_check) {
-                account = yield this.createAccount({ password, password_check, email });
-                yield dispatch_onNewUserRegistered.dispatchModuleAsync(getUIAccount(account));
-            }
-            else
-                account = yield this.createSAML(email);
-            return getUIAccount(account);
-        });
-    }
-    changePassword(userEmail, newPassword, _transaction) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const email = userEmail.toLowerCase();
-            const processor = (transaction) => __awaiter(this, void 0, void 0, function* () {
-                const account = yield transaction.queryUnique(this.accounts, { where: { email } });
-                if (!account)
-                    throw new backend_2.ApiException(422, "User with email does not exist");
-                if (!account.saltedPassword || !account.salt)
-                    throw new backend_2.ApiException(401, "Account login using SAML");
-                account.saltedPassword = (0, ts_common_1.hashPasswordWithSalt)(account.salt, newPassword);
-                account._audit = (0, ts_common_1.auditBy)(email, 'Changed password');
-                return transaction.upsert(this.accounts, account);
-            });
-            if (_transaction)
-                return processor(_transaction);
-            return this.accounts.runInTransaction(processor);
-        });
-    }
-    createAccount(request) {
-        return __awaiter(this, void 0, void 0, function* () {
-            request.email = request.email.toLowerCase();
-            (0, ts_common_1.validate)(request.email, ts_common_1.validateEmail);
-            return this.accounts.runInTransaction((transaction) => __awaiter(this, void 0, void 0, function* () {
-                const account = yield transaction.queryUnique(this.accounts, { where: { email: request.email } });
-                if (account)
-                    throw new backend_2.ApiException(422, "User with email already exists");
-                return this.createImpl(request, transaction);
-            }));
-        });
-    }
-    createImpl(request, transaction) {
-        const salt = (0, ts_common_1.generateHex)(32);
-        const account = {
-            _id: (0, ts_common_1.generateHex)(32),
-            _audit: (0, ts_common_1.auditBy)(request.email),
-            createdTimestamp: (0, ts_common_1.currentTimeMillies)(),
-            email: request.email,
-            salt,
-            saltedPassword: (0, ts_common_1.hashPasswordWithSalt)(salt, request.password)
-        };
-        return transaction.insert(this.accounts, account);
-    }
-    logout(sessionId) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const query = { where: { sessionId } };
-            yield this.sessions.deleteUnique(query);
-        });
-    }
-    logoutAccount(accountId) {
-        return __awaiter(this, void 0, void 0, function* () {
-            yield this.sessions.delete({ where: { userId: accountId } });
-        });
-    }
-    login(request, response) {
-        return __awaiter(this, void 0, void 0, function* () {
-            return this.loginValidate(request, response);
-        });
-    }
-    loginValidate(request, response) {
-        return __awaiter(this, void 0, void 0, function* () {
-            request.email = request.email.toLowerCase();
-            const query = { where: { email: request.email } };
-            const account = yield this.accounts.queryUnique(query);
-            if (!account)
-                throw new backend_2.ApiException(401, "account does not exists");
-            if (!account.saltedPassword || !account.salt)
-                throw new backend_2.ApiException(401, "Account login using SAML");
-            if (account.saltedPassword !== (0, ts_common_1.hashPasswordWithSalt)(account.salt, request.password))
-                throw new backend_2.ApiException(401, "wrong username or password");
-            if (!account._id) {
-                account._id = (0, ts_common_1.generateHex)(32);
-                yield this.accounts.upsert(account);
-            }
-            let sessionWithAccountId;
-            if (response) {
-                sessionWithAccountId = yield this.upsertSession(account, request.frontType);
-                this.setJWTinResp(response, sessionWithAccountId.jwt);
-            }
-            yield dispatch_onUserLogin.dispatchModuleAsync(getUIAccount(account));
-            return sessionWithAccountId;
-        });
-    }
-    loginSAML(__email) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const _email = __email.toLowerCase();
-            const account = yield this.createSAML(_email);
-            const sessionWithAccountId = yield this.upsertSession(account);
-            yield dispatch_onUserLogin.dispatchModuleAsync(getUIAccount(account));
-            return sessionWithAccountId;
-        });
-    }
-    createSAML(__email) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const _email = __email.toLowerCase();
-            const query = { where: { email: _email } };
-            let dispatchEvent = false;
-            const toRet = yield this.accounts.runInTransaction((transaction) => __awaiter(this, void 0, void 0, function* () {
-                const account = yield transaction.queryUnique(this.accounts, query);
-                if (account === null || account === void 0 ? void 0 : account._id)
-                    return account;
-                const _account = Object.assign({ _id: (0, ts_common_1.generateHex)(32), _audit: (0, ts_common_1.auditBy)(_email), createdTimestamp: (0, ts_common_1.currentTimeMillies)(), email: _email }, account);
-                dispatchEvent = true;
-                return transaction.upsert(this.accounts, _account);
-            }));
-            if (dispatchEvent)
-                yield dispatch_onNewUserRegistered.dispatchModuleAsync(getUIAccount(toRet));
-            return toRet;
-        });
-    }
-    verifyAccount(account) {
-        if (!account)
-            throw new backend_2.ApiException(401, 'Missing account in token payload');
-        const email = account['email'];
-        if (!email || typeof email !== 'string')
-            throw new backend_2.ApiException(401, 'Missing email in token payload');
-        const _id = account['_id'];
-        if (!_id || typeof _id !== 'string')
-            throw new backend_2.ApiException(401, 'Missing _id in token payload');
-        return { _id, email };
-    }
-    validateAuthenticationHeader(request, scopes, response) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const token = SecretsModule_1.SecretsModule.validateRequest(request, scopes);
-            const payload = token.payload;
-            const isExpired = SecretsModule_1.SecretsModule.isExpired(token);
-            const sessionId = payload.sessionId;
-            if (!sessionId)
-                throw new backend_2.ApiException(401, `Missing session id in token ${JSON.stringify(payload)}`);
-            if (!isExpired) {
-                const account = payload.account;
-                this.verifyAccount(account);
-                return account;
-            }
-            const dbAccount = yield this.validateSessionId(sessionId);
-            if (response) {
-                const jwt = this.generateJWT(dbAccount, sessionId);
-                this.setJWTinResp(response, jwt);
-            }
-            return dbAccount;
-        });
-    }
-    setJWTinResp(response, jwt) {
-        // Set in header response
-        response.setHeaders({ [thunderstorm_1.HeaderKey_JWT]: jwt });
-    }
-    generateJWT(account, sessionId) {
-        return SecretsModule_1.SecretsModule.generateJwt({
-            account,
-            sessionId,
-            exp: (0, ts_common_1.currentTimeMillies)() + this.config.sessionTTLms.jwt
-        }, this.config.jwtSecretKey);
-    }
-    validateSessionId(sessionId) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const query = { where: { sessionId } };
-            const session = yield this.sessions.queryUnique(query);
-            if (!session)
-                throw new backend_2.ApiException(401, `Invalid session id: ${sessionId}`);
-            if (this.TTLExpired(session))
-                throw new backend_2.ApiException(401, "Session timed out");
-            return yield this.getUserEmailFromSession(session);
-        });
-    }
-    getUserEmailFromSession(session) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const account = yield this.accounts.queryUnique({ where: { _id: session.userId } });
-            if (!account) {
-                yield this.sessions.deleteItem(session);
-                throw new backend_2.ApiException(403, `No user found for session: ${(0, ts_common_1.__stringify)(session)}`);
-            }
-            return getUIAccount(account);
-        });
-    }
-    getUserEmailFromUserId(userId) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const account = yield this.accounts.queryUnique({ where: { _id: userId } });
-            if (!account)
-                throw new backend_2.ApiException(403, `No user found for session: ${userId}`);
-            return getUIAccount(account);
-        });
-    }
-    getAccountFromParams(p) {
-        return __awaiter(this, void 0, void 0, function* () {
-            if (typeof p === "string")
-                return this.getUserEmailFromUserId(p);
-            return getUIAccount(p);
-        });
-    }
-    upsertSession(p, frontType) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const account = yield this.getAccountFromParams(p);
-            const session = yield this.getSessionFromAccount(account, frontType);
-            const sessionId = session.sessionId;
-            return { sessionId, jwt: this.generateJWT(account, sessionId), email: account.email, _id: account._id, createdTimestamp: account.createdTimestamp };
-        });
-    }
-    ;
-    getSessionFromAccount(account, frontType) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const session = yield this.sessions.queryUnique({ where: { userId: account._id } });
-            if (session && !this.TTLExpired(session))
-                return session;
-            const _session = {
-                sessionId: (0, ts_common_1.generateHex)(64),
-                timestamp: (0, ts_common_1.currentTimeMillies)(),
-                userId: account._id,
-            };
-            if (frontType)
-                _session.frontType = frontType;
-            return this.sessions.upsert(_session);
-        });
-    }
-    assertApi(body, response) {
-        return __awaiter(this, void 0, void 0, function* () {
-            const options = {
-                request_body: body
-            };
-            try {
-                const data = yield SamlModule_1.SamlModule.assert(options);
-                this.logDebug(`Got data from assertion ${(0, ts_common_1.__stringify)(data)}`);
-                const email = data.userId;
-                const loginData = yield exports.AccountModule.loginSAML(email);
-                let redirectUrl = data.loginContext[_imports_1.QueryParam_RedirectUrl];
-                redirectUrl = redirectUrl.replace(new RegExp(_imports_1.QueryParam_SessionId.toUpperCase(), "g"), loginData.sessionId);
-                redirectUrl = redirectUrl.replace(new RegExp(_imports_1.QueryParam_Email.toUpperCase(), "g"), email);
-                redirectUrl = redirectUrl.replace(new RegExp(_imports_1.QueryParam_JWT.toUpperCase(), "g"), loginData.jwt);
-                return yield response.redirect(302, redirectUrl);
-            }
-            catch (error) {
-                throw new backend_2.ApiException(401, 'Error authenticating user', error);
-            }
-        });
-    }
-}
-exports.AccountsModule_Class = AccountsModule_Class;
-exports.AccountModule = new AccountsModule_Class();
-//# sourceMappingURL=AccountModule.js.map

package/app-backend/modules/AccountModule.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"AccountModule.js","sourceRoot":"","sources":["../../../src/main/app-backend/modules/AccountModule.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,4DAasC;AAGtC,iEAA8G;AAC9G,yCAkBoB;AACpB,qEAMiD;AACjD,mDAA8C;AAC9C,6CAAwC;AACxC,kEAA8D;AAEjD,QAAA,gBAAgB,GAAG,IAAI,mBAAS,CAAC,8BAAmB,EAAE,GAAG,CAAC,CAAC;AAQ3D,QAAA,mBAAmB,GAAG,wBAAwB,CAAC;AAC/C,QAAA,mBAAmB,GAAG,wBAAwB,CAAC;AAU5D,MAAM,oBAAoB,GAAG,IAAI,sBAAU,CAA+B,eAAe,CAAC,CAAC;AAC3F,MAAM,4BAA4B,GAAG,IAAI,sBAAU,CAA+C,uBAAuB,CAAC,CAAC;AAE3H,SAAS,YAAY,CAAC,OAAmB;IACrC,MAAM,EAAC,KAAK,EAAE,GAAG,EAAE,gBAAgB,EAAC,GAAG,OAAO,CAAC;IAC/C,OAAO,EAAC,KAAK,EAAE,GAAG,EAAE,gBAAgB,EAAC,CAAC;AAC1C,CAAC;AAED,MAAa,oBACT,SAAQ,kBAAc;IAEtB;QACI,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAoPpB,kBAAa,GAAG,CAAC,OAAuB,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,6BAAa,CAAC,kBAAkB,CAAC,KAAK,SAAS,CAAC;QAqDpH,oBAAe,GAAG,CAAO,OAAuB,EAAE,MAAgB,EAAE,QAAsB,EAAgC,EAAE;YACxH,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;gBAC3B,OAAO,IAAI,CAAC,4BAA4B,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAA;YAEvE,OAAO,MAAM,IAAI,CAAC,iBAAiB,CAAC,wBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;QACvE,CAAC,CAAA,CAAC;QAkCM,eAAU,GAAG,CAAC,OAAmB,EAAE,EAAE;YACzC,MAAM,KAAK,GAAG,IAAA,8BAAkB,GAAE,GAAG,OAAO,CAAC,SAAS,CAAC;YACvD,IAAI,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC;YAEhD,IAAI,OAAO,CAAC,SAAS,KAAK,oBAAS,CAAC,GAAG;gBACnC,OAAO,KAAK,CAAC;YAEjB,OAAO,KAAK,GAAG,YAAY,IAAI,KAAK,GAAG,CAAC,CAAC;QAC7C,CAAC,CAAC;QAvVE,IAAI,CAAC,gBAAgB,CAAC,EAAC,YAAY,EAAE,EAAC,GAAG,EAAE,eAAG,EAAE,GAAG,EAAE,eAAG,EAAE,GAAG,EAAE,EAAE,GAAG,kBAAM,EAAC,EAAE,YAAY,EAAE,gBAAgB,EAAC,CAAC,CAAC;IAClH,CAAC;IAEK,kBAAkB,CAAC,OAAuB;;YAC5C,IAAI,IAA4B,CAAC;YACjC,IAAI,CAAC;gBACD,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YACnD,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;YACb,CAAC;YAED,OAAO;gBACH,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE;gBACnB,IAAI,EAAE,IAAI;aACb,CAAC;QACN,CAAC;KAAA;IAKS,IAAI;QACV,MAAM,SAAS,GAAG,wBAAc,CAAC,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,YAAY,EAAE,CAAC;QAC1F,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,aAAa,CAAa,2BAAmB,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QACrF,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,aAAa,CAAa,2BAAmB,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IACxF,CAAC;IAEK,OAAO,CAAC,MAAc;;YACxB,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAC7B,KAAK,EAAE,EAAC,KAAK,EAAC;gBACd,MAAM,EAAE,CAAC,OAAO;oBACZ,KAAK,CAAC;aACb,CAAC,CAAC;QACP,CAAC;KAAA;IAEK,QAAQ,CAAC,OAAiB;;YAC5B,OAAO,IAAA,+BAAmB,EAAC,OAAO,EAAE,EAAE,EAAE,CAAO,aAAa,EAAE,EAAE;gBAC5D,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;oBACvB,KAAK,EAAE;wBACH,KAAK,EAAE;4BACH,GAAG,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;yBAC/C;qBACJ;oBACD,MAAM,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC;iBAC3B,CAAC,CAAC;YACP,CAAC,CAAA,CAAC,CAAA;QACN,CAAC;KAAA;IAEK,SAAS;;YACX,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,KAAK;gBAC9B,OAAO,CAAC,CAAC,CAAC;QAClB,CAAC;KAAA;IAEK,YAAY;;YACd,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,QAAQ;gBACjC,WAAW,CAAC,CAAC,CAAC;QACtB,CAAC;KAAA;IAEK,UAAU,CAAC,MAAc;;YAC3B,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;YACnC,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAC,KAAK,EAAE,EAAC,KAAK,EAAC,EAAC,CAAC,CAAC;QACvD,CAAC;KAAA;IAEK,aAAa,CAAC,MAAc;;YAC9B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC9C,IAAI,CAAC,OAAO;gBACR,OAAO;YAEX,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;gBACvC,MAAM,EAAE,CAAC,QAAQ;oBACb,WAAW;oBACX,SAAS;oBACT,WAAW,CAAC,EAAE,KAAK,EAAE,EAAC,MAAM,EAAE,OAAO,CAAC,GAAG,EAAC;aACjD,CAAC,CAAC;YACH,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAmB,EAAE,EAAE;gBACxC,uCACO,OAAO,KACV,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IACtC;YACL,CAAC,CAAC,CAAC;QACP,CAAC;KAAA;IAEK,MAAM,CAAC,OAA8B,EAAE,QAAqB;;YAC9D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YAElD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YACpD,MAAM,4BAA4B,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9E,OAAO,OAAO,CAAC;QACnB,CAAC;KAAA;IAEK,MAAM,CAAC,OAA8B;;YACvC,IAAI,QAAQ,GAA4B,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;YACjE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAO,WAAW,EAAE,EAAE;gBACvE,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAC,KAAK,EAAE,EAAC,KAAK,EAAE,OAAO,CAAC,KAAK,EAAC,EAAC,CAAC,CAAC;gBACnG,IAAI,YAAY;oBACZ,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;gBAE7E,QAAQ,GAAG,GAAS,EAAE,gDAAC,OAAA,4BAA4B,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAA,GAAA,CAAC;gBAC/F,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YACjD,CAAC,CAAA,CAAC,CAAC;YAEH,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YAClC,MAAM,QAAQ,EAAE,CAAA;YAChB,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;KAAA;IAEK,aAAa,CAAC,KAAa,EAAE,QAAiB,EAAE,cAAuB;;YACzE,IAAI,OAAmB,CAAC;YACxB,IAAI,QAAQ,IAAI,cAAc,EAAE,CAAC;gBAC7B,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,EAAC,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAC,CAAC,CAAC;gBACtE,MAAM,4BAA4B,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YAClF,CAAC;;gBACG,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;YAE3C,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;KAAA;IAEK,cAAc,CAAC,SAAiB,EAAE,WAAmB,EAAE,YAAmC;;YAC5F,MAAM,KAAK,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;YACtC,MAAM,SAAS,GAAG,CAAO,WAAiC,EAAE,EAAE;gBAC1D,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAC,KAAK,EAAE,EAAC,KAAK,EAAC,EAAC,CAAC,CAAC;gBAC/E,IAAI,CAAC,OAAO;oBACR,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAC;gBAElE,IAAI,CAAC,OAAO,CAAC,cAAc,IAAI,CAAC,OAAO,CAAC,IAAI;oBACxC,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,0BAA0B,CAAC,CAAC;gBAE5D,OAAO,CAAC,cAAc,GAAG,IAAA,gCAAoB,EAAC,OAAO,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;gBACzE,OAAO,CAAC,MAAM,GAAG,IAAA,mBAAO,EAAC,KAAK,EAAE,kBAAkB,CAAC,CAAC;gBAEpD,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACtD,CAAC,CAAA,CAAC;YAEF,IAAI,YAAY;gBACZ,OAAO,SAAS,CAAC,YAAY,CAAC,CAAA;YAElC,OAAO,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;QACrD,CAAC;KAAA;IAEK,aAAa,CAAC,OAA8B;;YAC9C,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;YAC5C,IAAA,oBAAQ,EAAC,OAAO,CAAC,KAAK,EAAE,yBAAa,CAAC,CAAC;YAEvC,OAAO,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAO,WAAiC,EAAE,EAAE;gBAC9E,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAC,KAAK,EAAE,EAAC,KAAK,EAAE,OAAO,CAAC,KAAK,EAAC,EAAC,CAAC,CAAC;gBAC9F,IAAI,OAAO;oBACP,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAC;gBAElE,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;YAChD,CAAC,CAAA,CAAC,CAAC;QACP,CAAC;KAAA;IAEO,UAAU,CAAC,OAA8B,EAAE,WAAiC;QAChF,MAAM,IAAI,GAAG,IAAA,uBAAW,EAAC,EAAE,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG;YACZ,GAAG,EAAE,IAAA,uBAAW,EAAC,EAAE,CAAC;YACpB,MAAM,EAAE,IAAA,mBAAO,EAAC,OAAO,CAAC,KAAK,CAAC;YAC9B,gBAAgB,EAAE,IAAA,8BAAkB,GAAE;YACtC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,IAAI;YACJ,cAAc,EAAE,IAAA,gCAAoB,EAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC;SAC/D,CAAC;QAEF,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAEK,MAAM,CAAC,SAAiB;;YAC1B,MAAM,KAAK,GAAG,EAAC,KAAK,EAAE,EAAC,SAAS,EAAC,EAAC,CAAC;YACnC,MAAM,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;QAC5C,CAAC;KAAA;IAEK,aAAa,CAAC,SAAiB;;YACjC,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAC,KAAK,EAAE,EAAC,MAAM,EAAE,SAAS,EAAC,EAAC,CAAC,CAAA;QAC5D,CAAC;KAAA;IAEK,KAAK,CAAC,OAA6B,EAAE,QAAqB;;YAC5D,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACjD,CAAC;KAAA;IAIa,aAAa,CAAC,OAA6B,EAAE,QAAsB;;YAC7E,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;YAC5C,MAAM,KAAK,GAAG,EAAC,KAAK,EAAE,EAAC,KAAK,EAAE,OAAO,CAAC,KAAK,EAAC,EAAC,CAAC;YAC9C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACvD,IAAI,CAAC,OAAO;gBACR,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;YAE3D,IAAI,CAAC,OAAO,CAAC,cAAc,IAAI,CAAC,OAAO,CAAC,IAAI;gBACxC,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,0BAA0B,CAAC,CAAC;YAE5D,IAAI,OAAO,CAAC,cAAc,KAAK,IAAA,gCAAoB,EAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC;gBAC/E,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;YAE9D,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;gBACf,OAAO,CAAC,GAAG,GAAG,IAAA,uBAAW,EAAC,EAAE,CAAC,CAAC;gBAC9B,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACxC,CAAC;YAED,IAAI,oBAA+C,CAAA;YACnD,IAAI,QAAQ,EAAE,CAAC;gBACX,oBAAoB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;gBAC5E,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,oBAAoB,CAAC,GAAG,CAAC,CAAC;YAC1D,CAAC;YACD,MAAM,oBAAoB,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACtE,OAAO,oBAAoB,CAAC;QAChC,CAAC;KAAA;IAEK,SAAS,CAAC,OAAe;;YAC3B,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;YACrC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAE9C,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YAC/D,MAAM,oBAAoB,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YACtE,OAAO,oBAAoB,CAAC;QAChC,CAAC;KAAA;IAEa,UAAU,CAAC,OAAe;;YACpC,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;YACrC,MAAM,KAAK,GAAG,EAAC,KAAK,EAAE,EAAC,KAAK,EAAE,MAAM,EAAC,EAAC,CAAC;YACvC,IAAI,aAAa,GAAG,KAAK,CAAC;YAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAa,CAAO,WAAW,EAAE,EAAE;gBACjF,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;gBACpE,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,GAAG;oBACZ,OAAO,OAAO,CAAC;gBAEnB,MAAM,QAAQ,mBACV,GAAG,EAAE,IAAA,uBAAW,EAAC,EAAE,CAAC,EACpB,MAAM,EAAE,IAAA,mBAAO,EAAC,MAAM,CAAC,EACvB,gBAAgB,EAAE,IAAA,8BAAkB,GAAE,EACtC,KAAK,EAAE,MAAM,IACV,OAAO,CACb,CAAC;gBAEF,aAAa,GAAG,IAAI,CAAC;gBACrB,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YACvD,CAAC,CAAA,CAAC,CAAC;YAEH,IAAI,aAAa;gBACb,MAAM,4BAA4B,CAAC,mBAAmB,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC;YAEhF,OAAO,KAAK,CAAC;QACjB,CAAC;KAAA;IAIO,aAAa,CAAC,OAAY;QAC9B,IAAI,CAAC,OAAO;YACR,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,kCAAkC,CAAC,CAAA;QAEnE,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/B,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ;YACnC,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAA;QAEjE,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;QAC3B,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;YAC/B,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,8BAA8B,CAAC,CAAA;QAE/D,OAAO,EAAC,GAAG,EAAE,KAAK,EAAC,CAAA;IACvB,CAAC;IAEK,4BAA4B,CAAC,OAAuB,EAAE,MAAgB,EAAE,QAAsB;;YAChG,MAAM,KAAK,GAAG,6BAAa,CAAC,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC7D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;YAC9B,MAAM,SAAS,GAAG,6BAAa,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YACjD,MAAM,SAAS,GAAW,OAAO,CAAC,SAAS,CAAC;YAC5C,IAAI,CAAC,SAAS;gBACV,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,+BAA+B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;YAEzF,IAAI,CAAC,SAAS,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;gBAChC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;gBAC5B,OAAO,OAAO,CAAA;YAClB,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;YAC1D,IAAI,QAAQ,EAAE,CAAC;gBACX,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;gBACnD,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YACrC,CAAC;YAED,OAAO,SAAS,CAAC;QACrB,CAAC;KAAA;IAED,YAAY,CAAC,QAAqB,EAAE,GAAW;QAC3C,yBAAyB;QACzB,QAAQ,CAAC,UAAU,CAAC,EAAC,CAAC,4BAAa,CAAC,EAAE,GAAG,EAAC,CAAC,CAAA;IAC/C,CAAC;IAEM,WAAW,CAAC,OAAmB,EAAE,SAAiB;QACrD,OAAO,6BAAa,CAAC,WAAW,CAAC;YAC7B,OAAO;YACP,SAAS;YACT,GAAG,EAAE,IAAA,8BAAkB,GAAE,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG;SAC3D,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;IAChC,CAAC;IASK,iBAAiB,CAAC,SAAiB;;YACrC,MAAM,KAAK,GAAG,EAAC,KAAK,EAAE,EAAC,SAAS,EAAC,EAAC,CAAC;YAEnC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACvD,IAAI,CAAC,OAAO;gBACR,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,uBAAuB,SAAS,EAAE,CAAC,CAAC;YAEpE,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;gBACxB,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;YAErD,OAAO,MAAM,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;QACvD,CAAC;KAAA;IAEa,uBAAuB,CAAC,OAAmB;;YACrD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAC,KAAK,EAAE,EAAC,GAAG,EAAE,OAAO,CAAC,MAAM,EAAC,EAAC,CAAC,CAAC;YAChF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACX,MAAM,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACxC,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,8BAA8B,IAAA,uBAAW,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YACtF,CAAC;YAED,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;KAAA;IAEa,sBAAsB,CAAC,MAAc;;YAC/C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAC,KAAK,EAAE,EAAC,GAAG,EAAE,MAAM,EAAC,EAAC,CAAC,CAAC;YACxE,IAAI,CAAC,OAAO;gBACR,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,8BAA8B,MAAM,EAAE,CAAC,CAAC;YAExE,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;KAAA;IAaa,oBAAoB,CAAC,CAAsB;;YACrD,IAAI,OAAO,CAAC,KAAK,QAAQ;gBACrB,OAAO,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;YAE1C,OAAO,YAAY,CAAC,CAAC,CAAC,CAAC;QAC3B,CAAC;KAAA;IAEY,aAAa,CAAC,CAAsB,EAAE,SAAqB;;YACpE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC;YACnD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YAErE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;YACpC,OAAO,EAAC,SAAS,EAAE,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,EAAC,CAAC;QACtJ,CAAC;KAAA;IAAA,CAAC;IAEY,qBAAqB,CAAC,OAAmB,EAAE,SAAqB;;YAC1E,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAC,KAAK,EAAE,EAAC,MAAM,EAAE,OAAO,CAAC,GAAG,EAAC,EAAC,CAAC,CAAC;YAChF,IAAI,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;gBACpC,OAAO,OAAO,CAAC;YAEnB,MAAM,QAAQ,GAAe;gBACzB,SAAS,EAAE,IAAA,uBAAW,EAAC,EAAE,CAAC;gBAC1B,SAAS,EAAE,IAAA,8BAAkB,GAAE;gBAC/B,MAAM,EAAE,OAAO,CAAC,GAAG;aACtB,CAAC;YAEF,IAAI,SAAS;gBACT,QAAQ,CAAC,SAAS,GAAG,SAAS,CAAC;YAEnC,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;KAAA;IAEK,SAAS,CAAC,IAAoB,EAAE,QAAqB;;YACvD,MAAM,OAAO,GAAkC;gBAC3C,YAAY,EAAE,IAAI;aACrB,CAAC;YAEF,IAAI,CAAC;gBACD,MAAM,IAAI,GAAG,MAAM,uBAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBAC9C,IAAI,CAAC,QAAQ,CAAC,2BAA2B,IAAA,uBAAW,EAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAE9D,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC;gBAC1B,MAAM,SAAS,GAAG,MAAM,qBAAa,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAEvD,IAAI,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,iCAAsB,CAAC,CAAC;gBAE5D,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,+BAAoB,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;gBAC5G,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,2BAAgB,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;gBAC1F,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,yBAAc,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC;gBAEhG,OAAO,MAAM,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;YACrD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACb,MAAM,IAAI,sBAAY,CAAC,GAAG,EAAE,2BAA2B,EAAE,KAAK,CAAC,CAAC;YACpE,CAAC;QACL,CAAC;KAAA;CAEJ;AAtZD,oDAsZC;AAGY,QAAA,aAAa,GAAG,IAAI,oBAAoB,EAAE,CAAC"}

package/app-backend/modules/JWTBuilder.js

@@ -1,116 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.JWTBuilder = exports.TYP_DEFAULT = exports.AUDIENCE = exports.JWT_ID = exports.ISSUED_AT = exports.NOT_BEFORE = exports.EXPIRES_AT = exports.SUBJECT = exports.ISSUER = exports.KEY_ID = exports.TYPE = exports.CONTENT_TYPE = exports.ALGORITHM = void 0;
-const ts_common_1 = require("@intuitionrobotics/ts-common");
-const jws_1 = require("jws");
-const SecretsModule_1 = require("./SecretsModule");
-//Header
-exports.ALGORITHM = "alg";
-exports.CONTENT_TYPE = "cty";
-exports.TYPE = "typ";
-exports.KEY_ID = "kid";
-//Payload
-exports.ISSUER = "iss";
-exports.SUBJECT = "sub";
-exports.EXPIRES_AT = "exp";
-exports.NOT_BEFORE = "nbf";
-exports.ISSUED_AT = "iat";
-exports.JWT_ID = "jti";
-exports.AUDIENCE = "aud";
-exports.TYP_DEFAULT = "JWT";
-class JWTBuilder {
-    constructor(alg) {
-        this.payload = {};
-        // End Generic
-        this.setContentType = (cty) => {
-            this.header[exports.CONTENT_TYPE] = cty;
-            return this;
-        };
-        this.setType = (typ) => {
-            this.header[exports.TYPE] = typ;
-            return this;
-        };
-        this.setKeyID = (kid) => {
-            this.header[exports.KEY_ID] = kid;
-            return this;
-        };
-        this.assertAlg(alg);
-        this.header = {
-            [exports.ALGORITHM]: alg
-        };
-    }
-    // Generic
-    addClaims(claims) {
-        Object.keys(claims).forEach(k => this.addClaim(k, claims[k]));
-        return this;
-    }
-    addClaim(key, value) {
-        this.payload[key] = value;
-        return this;
-    }
-    addHeader(key, value) {
-        this.header[key] = value;
-        return this;
-    }
-    // Payload
-    setIssuer(iss) {
-        this.payload[exports.ISSUER] = iss;
-        return this;
-    }
-    setSub(iss) {
-        this.payload[exports.SUBJECT] = iss;
-        return this;
-    }
-    setExpiration(exp) {
-        this.payload[exports.EXPIRES_AT] = exp;
-        return this;
-    }
-    setNotBefore(nbf) {
-        this.payload[exports.NOT_BEFORE] = nbf;
-        return this;
-    }
-    setIssuedAt() {
-        this.payload[exports.ISSUED_AT] = Math.floor((0, ts_common_1.currentTimeMillies)() / 1000);
-    }
-    setJWTID(jti) {
-        this.payload[exports.JWT_ID] = jti;
-        return this;
-    }
-    setAudience(aud) {
-        this.payload[exports.AUDIENCE] = aud;
-        return this;
-    }
-    // End Payload
-    getIssuer() {
-        return this.payload[exports.ISSUER];
-    }
-    getAlgorithm() {
-        return this.header[exports.ALGORITHM];
-    }
-    getExpiration() {
-        return this.payload[exports.EXPIRES_AT];
-    }
-    getType() {
-        return this.header[exports.TYPE];
-    }
-    assertAlg(alg) {
-        const foundAlg = jws_1.ALGORITHMS.find(a => a === alg);
-        if (!foundAlg)
-            throw new ts_common_1.BadImplementationException(`Algorithm with name ${alg} is not valid`);
-    }
-    build(secret) {
-        this.setIssuedAt();
-        if (!this.getType())
-            this.setType(exports.TYP_DEFAULT);
-        if (!this.getIssuer())
-            // TODO move the config to the module which I need to create
-            this.setIssuer(SecretsModule_1.SecretsModule.getIss());
-        if (!this.getExpiration())
-            throw new ts_common_1.BadImplementationException("Missing expiration, cannot build a valid JWT without this value");
-        if (!this.getAlgorithm())
-            throw new ts_common_1.BadImplementationException("Missing algorithm, cannot build a valid JWT without this value");
-        return (0, jws_1.sign)({ secret, payload: this.payload, header: this.header });
-    }
-}
-exports.JWTBuilder = JWTBuilder;
-//# sourceMappingURL=JWTBuilder.js.map

package/app-backend/modules/JWTBuilder.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"JWTBuilder.js","sourceRoot":"","sources":["../../../src/main/app-backend/modules/JWTBuilder.ts"],"names":[],"mappings":";;;AAAA,4DAIsC;AACtC,6BAKa;AACb,mDAA8C;AAE9C,QAAQ;AACK,QAAA,SAAS,GAAG,KAAK,CAAC;AAClB,QAAA,YAAY,GAAG,KAAK,CAAC;AACrB,QAAA,IAAI,GAAG,KAAK,CAAC;AACb,QAAA,MAAM,GAAG,KAAK,CAAC;AAE5B,SAAS;AACI,QAAA,MAAM,GAAG,KAAK,CAAC;AACf,QAAA,OAAO,GAAG,KAAK,CAAC;AAChB,QAAA,UAAU,GAAG,KAAK,CAAC;AACnB,QAAA,UAAU,GAAG,KAAK,CAAC;AACnB,QAAA,SAAS,GAAG,KAAK,CAAC;AAClB,QAAA,MAAM,GAAG,KAAK,CAAC;AACf,QAAA,QAAQ,GAAG,KAAK,CAAC;AAEjB,QAAA,WAAW,GAAW,KAAK,CAAC;AAEzC,MAAa,UAAU;IAItB,YAAY,GAAc;QAHlB,YAAO,GAAa,EAAE,CAAC;QA2B/B,cAAc;QAEd,mBAAc,GAAG,CAAC,GAAW,EAAE,EAAE;YAChC,IAAI,CAAC,MAAM,CAAC,oBAAY,CAAC,GAAG,GAAG,CAAC;YAChC,OAAO,IAAI,CAAC;QACb,CAAC,CAAC;QAEF,YAAO,GAAG,CAAC,GAAW,EAAE,EAAE;YACzB,IAAI,CAAC,MAAM,CAAC,YAAI,CAAC,GAAG,GAAG,CAAC;YACxB,OAAO,IAAI,CAAC;QACb,CAAC,CAAC;QAEF,aAAQ,GAAG,CAAC,GAAW,EAAE,EAAE;YAC1B,IAAI,CAAC,MAAM,CAAC,cAAM,CAAC,GAAG,GAAG,CAAC;YAC1B,OAAO,IAAI,CAAC;QACb,CAAC,CAAC;QAtCD,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,MAAM,GAAG;YACb,CAAC,iBAAS,CAAC,EAAE,GAAG;SAChB,CAAA;IACF,CAAC;IAED,UAAU;IAEV,SAAS,CAAC,MAAgB;QACzB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAC7D,OAAO,IAAI,CAAC;IACb,CAAC;IAED,QAAQ,CAAC,GAAW,EAAE,KAAU;QAC/B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC1B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,SAAS,CAAC,GAAW,EAAE,KAAU;QAChC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACzB,OAAO,IAAI,CAAC;IACb,CAAC;IAmBD,UAAU;IAEV,SAAS,CAAC,GAAW;QACpB,IAAI,CAAC,OAAO,CAAC,cAAM,CAAC,GAAG,GAAG,CAAC;QAC3B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,MAAM,CAAC,GAAW;QACjB,IAAI,CAAC,OAAO,CAAC,eAAO,CAAC,GAAG,GAAG,CAAC;QAC5B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAW;QACxB,IAAI,CAAC,OAAO,CAAC,kBAAU,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,YAAY,CAAC,GAAW;QACvB,IAAI,CAAC,OAAO,CAAC,kBAAU,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,IAAI,CAAC;IACb,CAAC;IAEO,WAAW;QAClB,IAAI,CAAC,OAAO,CAAC,iBAAS,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,8BAAkB,GAAE,GAAG,IAAI,CAAC,CAAC;IACnE,CAAC;IAED,QAAQ,CAAC,GAAW;QACnB,IAAI,CAAC,OAAO,CAAC,cAAM,CAAC,GAAG,GAAG,CAAC;QAC3B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,WAAW,CAAC,GAAW;QACtB,IAAI,CAAC,OAAO,CAAC,gBAAQ,CAAC,GAAG,GAAG,CAAC;QAC7B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,cAAc;IAEN,SAAS;QAChB,OAAO,IAAI,CAAC,OAAO,CAAC,cAAM,CAAC,CAAC;IAC7B,CAAC;IAEO,YAAY;QACnB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAS,CAAC,CAAC;IAC/B,CAAC;IAEO,aAAa;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,kBAAU,CAAC,CAAC;IACjC,CAAC;IAEO,OAAO;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,YAAI,CAAC,CAAC;IAC1B,CAAC;IAEO,SAAS,CAAC,GAAc;QAC/B,MAAM,QAAQ,GAA0B,gBAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC;QACxE,IAAI,CAAC,QAAQ;YACZ,MAAM,IAAI,sCAA0B,CAAC,uBAAuB,GAAG,eAAe,CAAC,CAAC;IAClF,CAAC;IAED,KAAK,CAAC,MAAc;QACnB,IAAI,CAAC,WAAW,EAAE,CAAA;QAClB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YAClB,IAAI,CAAC,OAAO,CAAC,mBAAW,CAAC,CAAC;QAE3B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACpB,4DAA4D;YAC5D,IAAI,CAAC,SAAS,CAAC,6BAAa,CAAC,MAAM,EAAE,CAAC,CAAA;QAEvC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE;YACxB,MAAM,IAAI,sCAA0B,CAAC,iEAAiE,CAAC,CAAA;QAExG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE;YACvB,MAAM,IAAI,sCAA0B,CAAC,gEAAgE,CAAC,CAAA;QAEvG,OAAO,IAAA,UAAI,EAAC,EAAC,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAC,CAAC,CAAC;IACnE,CAAC;CACD;AA1HD,gCA0HC"}

package/app-backend/modules/SamlModule.js

@@ -1,60 +0,0 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SamlModule = exports.SamlModule_Class = void 0;
-const saml2_js_1 = require("saml2-js");
-const ts_common_1 = require("@intuitionrobotics/ts-common");
-class SamlModule_Class extends ts_common_1.Module {
-    constructor() {
-        super("SamlModule");
-        this.loginRequest = (loginContext) => __awaiter(this, void 0, void 0, function* () {
-            return new Promise((resolve, rejected) => {
-                const sp = new saml2_js_1.ServiceProvider(this.config.spConfig);
-                const options = {
-                    relay_state: (0, ts_common_1.__stringify)(loginContext)
-                };
-                sp.create_login_request_url(this.identityProvider, options, (error, loginUrl, requestId) => {
-                    if (error)
-                        return rejected(error);
-                    resolve(loginUrl);
-                });
-            });
-        });
-        this.assert = (options) => __awaiter(this, void 0, void 0, function* () {
-            return new Promise((resolve, rejected) => {
-                const sp = new saml2_js_1.ServiceProvider(this.config.spConfig);
-                sp.post_assert(this.identityProvider, options, (error, response) => __awaiter(this, void 0, void 0, function* () {
-                    if (error)
-                        return rejected(error);
-                    const userId = response.user.name_id;
-                    const relay_state = options.request_body.RelayState;
-                    if (!relay_state)
-                        return rejected(`LoginContext lost along the way for userId '${userId}'`);
-                    resolve({
-                        userId: userId,
-                        loginContext: JSON.parse(relay_state),
-                        fullResponse: response
-                    });
-                }));
-            });
-        });
-    }
-    init() {
-        if (!this.config.idConfig)
-            throw new ts_common_1.ImplementationMissingException("Config must contain idConfig");
-        if (!this.config.spConfig)
-            throw new ts_common_1.ImplementationMissingException("Config must contain spConfig");
-        this.identityProvider = new saml2_js_1.IdentityProvider(this.config.idConfig);
-    }
-}
-exports.SamlModule_Class = SamlModule_Class;
-exports.SamlModule = new SamlModule_Class();
-//# sourceMappingURL=SamlModule.js.map

package/app-backend/modules/SamlModule.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"SamlModule.js","sourceRoot":"","sources":["../../../src/main/app-backend/modules/SamlModule.ts"],"names":[],"mappings":";;;;;;;;;;;;AACA,uCAMkB;AAClB,4DAIsC;AAgCtC,MAAa,gBACZ,SAAQ,kBAAkB;IAI1B;QACC,KAAK,CAAC,YAAY,CAAC,CAAC;QAarB,iBAAY,GAAG,CAAO,YAAqC,EAAE,EAAE;YAC9D,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,QAAQ,EAAE,EAAE;gBAChD,MAAM,EAAE,GAAG,IAAI,0BAAe,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACrD,MAAM,OAAO,GAAG;oBACf,WAAW,EAAE,IAAA,uBAAW,EAAC,YAAY,CAAC;iBACtC,CAAC;gBACF,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,gBAAgB,EAAE,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE;oBAC1F,IAAI,KAAK;wBACR,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;oBAExB,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACnB,CAAC,CAAC,CAAC;YACJ,CAAC,CAAC,CAAC;QAEJ,CAAC,CAAA,CAAC;QAEF,WAAM,GAAG,CAAO,OAAsC,EAA+B,EAAE;YAAC,OAAA,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,QAAQ,EAAE,EAAE;gBAC7I,MAAM,EAAE,GAAG,IAAI,0BAAe,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACrD,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,gBAAgB,EAAE,OAAO,EAAE,CAAO,KAAK,EAAE,QAA4B,EAAE,EAAE;oBAC5F,IAAI,KAAK;wBACR,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;oBAExB,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;oBACrC,MAAM,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,UAAU,CAAC;oBACpD,IAAI,CAAC,WAAW;wBACf,OAAO,QAAQ,CAAC,+CAA+C,MAAM,GAAG,CAAC,CAAC;oBAE3E,OAAO,CAAC;wBACC,MAAM,EAAE,MAAM;wBACd,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;wBACrC,YAAY,EAAE,QAAQ;qBACtB,CAAC,CAAC;gBACZ,CAAC,CAAA,CAAC,CAAC;YACJ,CAAC,CAAC,CAAA;UAAA,CAAC;IA7CH,CAAC;IAES,IAAI;QACb,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ;YACxB,MAAM,IAAI,0CAA8B,CAAC,8BAA8B,CAAC,CAAC;QAE1E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ;YACxB,MAAM,IAAI,0CAA8B,CAAC,8BAA8B,CAAC,CAAC;QAE1E,IAAI,CAAC,gBAAgB,GAAG,IAAI,2BAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACpE,CAAC;CAoCD;AArDD,4CAqDC;AAEY,QAAA,UAAU,GAAG,IAAI,gBAAgB,EAAE,CAAC"}