@intuitionrobotics/user-account 0.47.59 → 1.0.1

package/dist/app-backend/modules/AccountModule.js

@@ -0,0 +1,341 @@
+import { __stringify, auditBy, currentTimeMillies, Day, Dispatcher, generateHex, hashPasswordWithSalt, Minute, Module, validate, validateEmail, batchActionParallel } from "@intuitionrobotics/ts-common";
+import { FirebaseModule, FirestoreCollection, FirestoreTransaction } from "@intuitionrobotics/firebase/backend";
+import { FrontType, HeaderKey_SessionId, QueryParam_Email, QueryParam_JWT, QueryParam_RedirectUrl, QueryParam_SessionId } from "./_imports.js";
+import { ApiException, ApiResponse, HeaderKey } from "@intuitionrobotics/thunderstorm/backend";
+import { SecretsModule } from "./SecretsModule.js";
+import { SamlModule } from "./SamlModule.js";
+import { HeaderKey_JWT } from "@intuitionrobotics/thunderstorm";
+export const Header_SessionId = new HeaderKey(HeaderKey_SessionId, 404);
+export const Collection_Sessions = "user-account--sessions";
+export const Collection_Accounts = "user-account--accounts";
+const dispatch_onUserLogin = new Dispatcher("__onUserLogin");
+const dispatch_onNewUserRegistered = new Dispatcher("__onNewUserRegistered");
+function getUIAccount(account) {
+    const { email, _id, createdTimestamp } = account;
+    return { email, _id, createdTimestamp };
+}
+export class AccountsModule_Class extends Module {
+    constructor() {
+        super("AccountsModule");
+        this.setDefaultConfig({ sessionTTLms: { web: Day, app: Day, jwt: 30 * Minute }, jwtSecretKey: "TS_AUTH_SECRET" });
+    }
+    async __queryRequestInfo(request) {
+        let data;
+        try {
+            data = await this.validateSession(request, []);
+        }
+        catch (_e) {
+        }
+        return {
+            key: this.getName(),
+            data: data
+        };
+    }
+    sessions;
+    accounts;
+    init() {
+        const firestore = FirebaseModule.createAdminSession(this.config.projectId).getFirestore();
+        this.sessions = firestore.getCollection(Collection_Sessions, ["userId"]);
+        this.accounts = firestore.getCollection(Collection_Accounts, ["email"]);
+    }
+    async getUser(_email) {
+        const email = _email.toLowerCase();
+        return this.accounts.queryUnique({
+            where: { email },
+            select: ["email",
+                "_id"]
+        });
+    }
+    async getUsers(_emails) {
+        return batchActionParallel(_emails, 10, async (batchedEmails) => {
+            return this.accounts.query({
+                where: {
+                    email: {
+                        $in: batchedEmails.map(e => e.toLowerCase())
+                    }
+                },
+                select: ["email", "_id"]
+            });
+        });
+    }
+    async listUsers() {
+        return this.accounts.getAll(["_id",
+            "email"]);
+    }
+    async listSessions() {
+        return this.sessions.getAll(["userId",
+            "timestamp"]);
+    }
+    async getSession(_email) {
+        const email = _email.toLowerCase();
+        return this.accounts.queryUnique({ where: { email } });
+    }
+    async querySessions(_email) {
+        const account = await this.getSession(_email);
+        if (!account)
+            return;
+        const sessions = await this.sessions.query({
+            select: ["userId",
+                "timestamp",
+                "version",
+                "frontType"], where: { userId: account._id }
+        });
+        return sessions.map((session) => {
+            return {
+                ...session,
+                isExpired: this.TTLExpired(session)
+            };
+        });
+    }
+    async create(request, response) {
+        const account = await this.createAccount(request);
+        const session = await this.login(request, response);
+        await dispatch_onNewUserRegistered.dispatchModuleAsync(getUIAccount(account));
+        return session;
+    }
+    async upsert(request) {
+        let callback = () => Promise.resolve([]);
+        const account = await this.accounts.runInTransaction(async (transaction) => {
+            const existAccount = await transaction.queryUnique(this.accounts, { where: { email: request.email } });
+            if (existAccount)
+                return this.changePassword(request.email, request.password, transaction);
+            callback = async () => dispatch_onNewUserRegistered.dispatchModuleAsync(getUIAccount(account));
+            return this.createImpl(request, transaction);
+        });
+        await this.loginValidate(request);
+        await callback();
+        return getUIAccount(account);
+    }
+    async addNewAccount(email, password, password_check) {
+        let account;
+        if (password && password_check) {
+            account = await this.createAccount({ password, password_check, email });
+            await dispatch_onNewUserRegistered.dispatchModuleAsync(getUIAccount(account));
+        }
+        else
+            account = await this.createSAML(email);
+        return getUIAccount(account);
+    }
+    async changePassword(userEmail, newPassword, _transaction) {
+        const email = userEmail.toLowerCase();
+        const processor = async (transaction) => {
+            const account = await transaction.queryUnique(this.accounts, { where: { email } });
+            if (!account)
+                throw new ApiException(422, "User with email does not exist");
+            if (!account.saltedPassword || !account.salt)
+                throw new ApiException(401, "Account login using SAML");
+            account.saltedPassword = hashPasswordWithSalt(account.salt, newPassword);
+            account._audit = auditBy(email, 'Changed password');
+            return transaction.upsert(this.accounts, account);
+        };
+        if (_transaction)
+            return processor(_transaction);
+        return this.accounts.runInTransaction(processor);
+    }
+    async createAccount(request) {
+        request.email = request.email.toLowerCase();
+        validate(request.email, validateEmail);
+        return this.accounts.runInTransaction(async (transaction) => {
+            const account = await transaction.queryUnique(this.accounts, { where: { email: request.email } });
+            if (account)
+                throw new ApiException(422, "User with email already exists");
+            return this.createImpl(request, transaction);
+        });
+    }
+    createImpl(request, transaction) {
+        const salt = generateHex(32);
+        const account = {
+            _id: generateHex(32),
+            _audit: auditBy(request.email),
+            createdTimestamp: currentTimeMillies(),
+            email: request.email,
+            salt,
+            saltedPassword: hashPasswordWithSalt(salt, request.password)
+        };
+        return transaction.insert(this.accounts, account);
+    }
+    async logout(sessionId) {
+        const query = { where: { sessionId } };
+        await this.sessions.deleteUnique(query);
+    }
+    async logoutAccount(accountId) {
+        await this.sessions.delete({ where: { userId: accountId } });
+    }
+    async login(request, response) {
+        return this.loginValidate(request, response);
+    }
+    async loginValidate(request, response) {
+        request.email = request.email.toLowerCase();
+        const query = { where: { email: request.email } };
+        const account = await this.accounts.queryUnique(query);
+        if (!account)
+            throw new ApiException(401, "account does not exists");
+        if (!account.saltedPassword || !account.salt)
+            throw new ApiException(401, "Account login using SAML");
+        if (account.saltedPassword !== hashPasswordWithSalt(account.salt, request.password))
+            throw new ApiException(401, "wrong username or password");
+        if (!account._id) {
+            account._id = generateHex(32);
+            await this.accounts.upsert(account);
+        }
+        let sessionWithAccountId;
+        if (response) {
+            sessionWithAccountId = await this.upsertSession(account, request.frontType);
+            this.setJWTinResp(response, sessionWithAccountId.jwt);
+        }
+        await dispatch_onUserLogin.dispatchModuleAsync(getUIAccount(account));
+        return sessionWithAccountId;
+    }
+    async loginSAML(__email) {
+        const _email = __email.toLowerCase();
+        const account = await this.createSAML(_email);
+        const sessionWithAccountId = await this.upsertSession(account);
+        await dispatch_onUserLogin.dispatchModuleAsync(getUIAccount(account));
+        return sessionWithAccountId;
+    }
+    async createSAML(__email) {
+        const _email = __email.toLowerCase();
+        const query = { where: { email: _email } };
+        let dispatchEvent = false;
+        const toRet = await this.accounts.runInTransaction(async (transaction) => {
+            const account = await transaction.queryUnique(this.accounts, query);
+            if (account?._id)
+                return account;
+            const _account = {
+                _id: generateHex(32),
+                _audit: auditBy(_email),
+                createdTimestamp: currentTimeMillies(),
+                email: _email,
+                ...account
+            };
+            dispatchEvent = true;
+            return transaction.upsert(this.accounts, _account);
+        });
+        if (dispatchEvent)
+            await dispatch_onNewUserRegistered.dispatchModuleAsync(getUIAccount(toRet));
+        return toRet;
+    }
+    isAuthRequest = (request) => request.header(SecretsModule.AUTHENTICATION_KEY) !== undefined;
+    verifyAccount(account) {
+        if (!account)
+            throw new ApiException(401, 'Missing account in token payload');
+        const email = account['email'];
+        if (!email || typeof email !== 'string')
+            throw new ApiException(401, 'Missing email in token payload');
+        const _id = account['_id'];
+        if (!_id || typeof _id !== 'string')
+            throw new ApiException(401, 'Missing _id in token payload');
+        return { _id, email };
+    }
+    async validateAuthenticationHeader(request, scopes, response) {
+        const token = SecretsModule.validateRequest(request, scopes);
+        const payload = token.payload;
+        const isExpired = SecretsModule.isExpired(token);
+        const sessionId = payload.sessionId;
+        if (!sessionId)
+            throw new ApiException(401, `Missing session id in token ${JSON.stringify(payload)}`);
+        if (!isExpired) {
+            const account = payload.account;
+            this.verifyAccount(account);
+            return account;
+        }
+        const dbAccount = await this.validateSessionId(sessionId);
+        if (response) {
+            const jwt = this.generateJWT(dbAccount, sessionId);
+            this.setJWTinResp(response, jwt);
+        }
+        return dbAccount;
+    }
+    setJWTinResp(response, jwt) {
+        // Set in header response
+        response.setHeaders({ [HeaderKey_JWT]: jwt });
+    }
+    generateJWT(account, sessionId) {
+        return SecretsModule.generateJwt({
+            account,
+            sessionId,
+            exp: currentTimeMillies() + this.config.sessionTTLms.jwt
+        }, this.config.jwtSecretKey);
+    }
+    validateSession = async (request, scopes, response) => {
+        if (this.isAuthRequest(request))
+            return this.validateAuthenticationHeader(request, scopes, response);
+        return await this.validateSessionId(Header_SessionId.get(request));
+    };
+    async validateSessionId(sessionId) {
+        const query = { where: { sessionId } };
+        const session = await this.sessions.queryUnique(query);
+        if (!session)
+            throw new ApiException(401, `Invalid session id: ${sessionId}`);
+        if (this.TTLExpired(session))
+            throw new ApiException(401, "Session timed out");
+        return await this.getUserEmailFromSession(session);
+    }
+    async getUserEmailFromSession(session) {
+        const account = await this.accounts.queryUnique({ where: { _id: session.userId } });
+        if (!account) {
+            await this.sessions.deleteItem(session);
+            throw new ApiException(403, `No user found for session: ${__stringify(session)}`);
+        }
+        return getUIAccount(account);
+    }
+    async getUserEmailFromUserId(userId) {
+        const account = await this.accounts.queryUnique({ where: { _id: userId } });
+        if (!account)
+            throw new ApiException(403, `No user found for session: ${userId}`);
+        return getUIAccount(account);
+    }
+    TTLExpired = (session) => {
+        const delta = currentTimeMillies() - session.timestamp;
+        const sessionTTLms = this.config.sessionTTLms.web;
+        if (session.frontType === FrontType.App)
+            return false;
+        return delta > sessionTTLms || delta < 0;
+    };
+    async getAccountFromParams(p) {
+        if (typeof p === "string")
+            return this.getUserEmailFromUserId(p);
+        return getUIAccount(p);
+    }
+    async upsertSession(p, frontType) {
+        const account = await this.getAccountFromParams(p);
+        const session = await this.getSessionFromAccount(account, frontType);
+        const sessionId = session.sessionId;
+        return { sessionId, jwt: this.generateJWT(account, sessionId), email: account.email, _id: account._id, createdTimestamp: account.createdTimestamp };
+    }
+    ;
+    async getSessionFromAccount(account, frontType) {
+        const session = await this.sessions.queryUnique({ where: { userId: account._id } });
+        if (session && !this.TTLExpired(session))
+            return session;
+        const _session = {
+            sessionId: generateHex(64),
+            timestamp: currentTimeMillies(),
+            userId: account._id,
+        };
+        if (frontType)
+            _session.frontType = frontType;
+        return this.sessions.upsert(_session);
+    }
+    async assertApi(body, response) {
+        const options = {
+            request_body: body
+        };
+        try {
+            const data = await SamlModule.assert(options);
+            this.logDebug(`Got data from assertion ${__stringify(data)}`);
+            const email = data.userId;
+            const loginData = await AccountModule.loginSAML(email);
+            let redirectUrl = data.loginContext[QueryParam_RedirectUrl];
+            redirectUrl = redirectUrl.replace(new RegExp(QueryParam_SessionId.toUpperCase(), "g"), loginData.sessionId);
+            redirectUrl = redirectUrl.replace(new RegExp(QueryParam_Email.toUpperCase(), "g"), email);
+            redirectUrl = redirectUrl.replace(new RegExp(QueryParam_JWT.toUpperCase(), "g"), loginData.jwt);
+            return await response.redirect(302, redirectUrl);
+        }
+        catch (error) {
+            throw new ApiException(401, 'Error authenticating user', error);
+        }
+    }
+}
+export const AccountModule = new AccountsModule_Class();
+//# sourceMappingURL=AccountModule.js.map

package/dist/app-backend/modules/AccountModule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"AccountModule.js","sourceRoot":"","sources":["../../../src/main/app-backend/modules/AccountModule.ts"],"names":[],"mappings":"AAAA,OAAO,EACH,WAAW,EACX,OAAO,EACP,kBAAkB,EAClB,GAAG,EACH,UAAU,EACV,WAAW,EACX,oBAAoB,EACpB,MAAM,EACN,MAAM,EACN,QAAQ,EACR,aAAa,EACb,mBAAmB,EACtB,MAAM,8BAA8B,CAAC;AAGtC,OAAO,EAAC,cAAc,EAAE,mBAAmB,EAAE,oBAAoB,EAAC,MAAM,qCAAqC,CAAC;AAC9G,OAAO,EAGH,SAAS,EACT,mBAAmB,EAEnB,gBAAgB,EAChB,cAAc,EACd,sBAAsB,EACtB,oBAAoB,EASvB,MAAM,eAAe,CAAC;AACvB,OAAO,EACH,YAAY,EACZ,WAAW,EAEX,SAAS,EAEZ,MAAM,yCAAyC,CAAC;AACjD,OAAO,EAAC,aAAa,EAAC,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAC,UAAU,EAAC,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAC,aAAa,EAAC,MAAM,iCAAiC,CAAC;AAE9D,MAAM,CAAC,MAAM,gBAAgB,GAAG,IAAI,SAAS,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;AAQxE,MAAM,CAAC,MAAM,mBAAmB,GAAG,wBAAwB,CAAC;AAC5D,MAAM,CAAC,MAAM,mBAAmB,GAAG,wBAAwB,CAAC;AAU5D,MAAM,oBAAoB,GAAG,IAAI,UAAU,CAA+B,eAAe,CAAC,CAAC;AAC3F,MAAM,4BAA4B,GAAG,IAAI,UAAU,CAA+C,uBAAuB,CAAC,CAAC;AAE3H,SAAS,YAAY,CAAC,OAAmB;IACrC,MAAM,EAAC,KAAK,EAAE,GAAG,EAAE,gBAAgB,EAAC,GAAG,OAAO,CAAC;IAC/C,OAAO,EAAC,KAAK,EAAE,GAAG,EAAE,gBAAgB,EAAC,CAAC;AAC1C,CAAC;AAED,MAAM,OAAO,oBACT,SAAQ,MAAc;IAEtB;QACI,KAAK,CAAC,gBAAgB,CAAC,CAAC;QACxB,IAAI,CAAC,gBAAgB,CAAC,EAAC,YAAY,EAAE,EAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,GAAG,MAAM,EAAC,EAAE,YAAY,EAAE,gBAAgB,EAAC,CAAC,CAAC;IAClH,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,OAAuB;QAC5C,IAAI,IAA4B,CAAC;QACjC,IAAI,CAAC;YACD,IAAI,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACnD,CAAC;QAAC,OAAO,EAAE,EAAE,CAAC;QACd,CAAC;QAED,OAAO;YACH,GAAG,EAAE,IAAI,CAAC,OAAO,EAAE;YACnB,IAAI,EAAE,IAAI;SACb,CAAC;IACN,CAAC;IAEO,QAAQ,CAAmC;IAC3C,QAAQ,CAAmC;IAEzC,IAAI;QACV,MAAM,SAAS,GAAG,cAAc,CAAC,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,YAAY,EAAE,CAAC;QAC1F,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,aAAa,CAAa,mBAAmB,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;QACrF,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,aAAa,CAAa,mBAAmB,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IACxF,CAAC;IAED,KAAK,CAAC,OAAO,CAAC,MAAc;QACxB,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QACnC,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC7B,KAAK,EAAE,EAAC,KAAK,EAAC;YACd,MAAM,EAAE,CAAC,OAAO;gBACZ,KAAK,CAAC;SACb,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,OAAiB;QAC5B,OAAO,mBAAmB,CAAC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,aAAa,EAAE,EAAE;YAC5D,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;gBACvB,KAAK,EAAE;oBACH,KAAK,EAAE;wBACH,GAAG,EAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;qBAC/C;iBACJ;gBACD,MAAM,EAAE,CAAC,OAAO,EAAE,KAAK,CAAC;aAC3B,CAAC,CAAC;QACP,CAAC,CAAC,CAAA;IACN,CAAC;IAED,KAAK,CAAC,SAAS;QACX,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,KAAK;YAC9B,OAAO,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,YAAY;QACd,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,QAAQ;YACjC,WAAW,CAAC,CAAC,CAAC;IACtB,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,MAAc;QAC3B,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QACnC,OAAO,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAC,KAAK,EAAE,EAAC,KAAK,EAAC,EAAC,CAAC,CAAC;IACvD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,MAAc;QAC9B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAC9C,IAAI,CAAC,OAAO;YACR,OAAO;QAEX,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;YACvC,MAAM,EAAE,CAAC,QAAQ;gBACb,WAAW;gBACX,SAAS;gBACT,WAAW,CAAC,EAAE,KAAK,EAAE,EAAC,MAAM,EAAE,OAAO,CAAC,GAAG,EAAC;SACjD,CAAC,CAAC;QACH,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAmB,EAAE,EAAE;YACxC,OAAO;gBACH,GAAG,OAAO;gBACV,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;aACtC,CAAA;QACL,CAAC,CAAC,CAAC;IACP,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA8B,EAAE,QAAqB;QAC9D,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAElD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACpD,MAAM,4BAA4B,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;QAC9E,OAAO,OAAO,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAA8B;QACvC,IAAI,QAAQ,GAA4B,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QACjE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE;YACvE,MAAM,YAAY,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAC,KAAK,EAAE,EAAC,KAAK,EAAE,OAAO,CAAC,KAAK,EAAC,EAAC,CAAC,CAAC;YACnG,IAAI,YAAY;gBACZ,OAAO,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;YAE7E,QAAQ,GAAG,KAAK,IAAI,EAAE,CAAC,4BAA4B,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;YAC/F,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,QAAQ,EAAE,CAAA;QAChB,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,KAAa,EAAE,QAAiB,EAAE,cAAuB;QACzE,IAAI,OAAmB,CAAC;QACxB,IAAI,QAAQ,IAAI,cAAc,EAAE,CAAC;YAC7B,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,EAAC,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAC,CAAC,CAAC;YACtE,MAAM,4BAA4B,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;QAClF,CAAC;;YACG,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QAE3C,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,SAAiB,EAAE,WAAmB,EAAE,YAAmC;QAC5F,MAAM,KAAK,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,KAAK,EAAE,WAAiC,EAAE,EAAE;YAC1D,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAC,KAAK,EAAE,EAAC,KAAK,EAAC,EAAC,CAAC,CAAC;YAC/E,IAAI,CAAC,OAAO;gBACR,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAC;YAElE,IAAI,CAAC,OAAO,CAAC,cAAc,IAAI,CAAC,OAAO,CAAC,IAAI;gBACxC,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,0BAA0B,CAAC,CAAC;YAE5D,OAAO,CAAC,cAAc,GAAG,oBAAoB,CAAC,OAAO,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YACzE,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAC;YAEpD,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACtD,CAAC,CAAC;QAEF,IAAI,YAAY;YACZ,OAAO,SAAS,CAAC,YAAY,CAAC,CAAA;QAElC,OAAO,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC;IACrD,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,OAA8B;QAC9C,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QAC5C,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;QAEvC,OAAO,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,KAAK,EAAE,WAAiC,EAAE,EAAE;YAC9E,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAC,KAAK,EAAE,EAAC,KAAK,EAAE,OAAO,CAAC,KAAK,EAAC,EAAC,CAAC,CAAC;YAC9F,IAAI,OAAO;gBACP,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAC;YAElE,OAAO,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;QAChD,CAAC,CAAC,CAAC;IACP,CAAC;IAEO,UAAU,CAAC,OAA8B,EAAE,WAAiC;QAChF,MAAM,IAAI,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG;YACZ,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;YACpB,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC;YAC9B,gBAAgB,EAAE,kBAAkB,EAAE;YACtC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,IAAI;YACJ,cAAc,EAAE,oBAAoB,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC;SAC/D,CAAC;QAEF,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,SAAiB;QAC1B,MAAM,KAAK,GAAG,EAAC,KAAK,EAAE,EAAC,SAAS,EAAC,EAAC,CAAC;QACnC,MAAM,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;IAC5C,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,SAAiB;QACjC,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAC,KAAK,EAAE,EAAC,MAAM,EAAE,SAAS,EAAC,EAAC,CAAC,CAAA;IAC5D,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,OAA6B,EAAE,QAAqB;QAC5D,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACjD,CAAC;IAIO,KAAK,CAAC,aAAa,CAAC,OAA6B,EAAE,QAAsB;QAC7E,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QAC5C,MAAM,KAAK,GAAG,EAAC,KAAK,EAAE,EAAC,KAAK,EAAE,OAAO,CAAC,KAAK,EAAC,EAAC,CAAC;QAC9C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACvD,IAAI,CAAC,OAAO;YACR,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,yBAAyB,CAAC,CAAC;QAE3D,IAAI,CAAC,OAAO,CAAC,cAAc,IAAI,CAAC,OAAO,CAAC,IAAI;YACxC,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,0BAA0B,CAAC,CAAC;QAE5D,IAAI,OAAO,CAAC,cAAc,KAAK,oBAAoB,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC;YAC/E,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;QAE9D,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACf,OAAO,CAAC,GAAG,GAAG,WAAW,CAAC,EAAE,CAAC,CAAC;YAC9B,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACxC,CAAC;QAED,IAAI,oBAA+C,CAAA;QACnD,IAAI,QAAQ,EAAE,CAAC;YACX,oBAAoB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;YAC5E,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAC1D,CAAC;QACD,MAAM,oBAAoB,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;QACtE,OAAO,oBAAoB,CAAC;IAChC,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,OAAe;QAC3B,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAE9C,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC/D,MAAM,oBAAoB,CAAC,mBAAmB,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC;QACtE,OAAO,oBAAoB,CAAC;IAChC,CAAC;IAEO,KAAK,CAAC,UAAU,CAAC,OAAe;QACpC,MAAM,MAAM,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,EAAC,KAAK,EAAE,EAAC,KAAK,EAAE,MAAM,EAAC,EAAC,CAAC;QACvC,IAAI,aAAa,GAAG,KAAK,CAAC;QAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAa,KAAK,EAAE,WAAW,EAAE,EAAE;YACjF,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;YACpE,IAAI,OAAO,EAAE,GAAG;gBACZ,OAAO,OAAO,CAAC;YAEnB,MAAM,QAAQ,GAAe;gBACzB,GAAG,EAAE,WAAW,CAAC,EAAE,CAAC;gBACpB,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC;gBACvB,gBAAgB,EAAE,kBAAkB,EAAE;gBACtC,KAAK,EAAE,MAAM;gBACb,GAAG,OAAO;aACb,CAAC;YAEF,aAAa,GAAG,IAAI,CAAC;YACrB,OAAO,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;QAEH,IAAI,aAAa;YACb,MAAM,4BAA4B,CAAC,mBAAmB,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC;QAEhF,OAAO,KAAK,CAAC;IACjB,CAAC;IAEO,aAAa,GAAG,CAAC,OAAuB,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,kBAAkB,CAAC,KAAK,SAAS,CAAC;IAE5G,aAAa,CAAC,OAAY;QAC9B,IAAI,CAAC,OAAO;YACR,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,kCAAkC,CAAC,CAAA;QAEnE,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAC/B,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ;YACnC,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,gCAAgC,CAAC,CAAA;QAEjE,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;QAC3B,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ;YAC/B,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,8BAA8B,CAAC,CAAA;QAE/D,OAAO,EAAC,GAAG,EAAE,KAAK,EAAC,CAAA;IACvB,CAAC;IAED,KAAK,CAAC,4BAA4B,CAAC,OAAuB,EAAE,MAAgB,EAAE,QAAsB;QAChG,MAAM,KAAK,GAAG,aAAa,CAAC,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAC9B,MAAM,SAAS,GAAG,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACjD,MAAM,SAAS,GAAW,OAAO,CAAC,SAAS,CAAC;QAC5C,IAAI,CAAC,SAAS;YACV,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,+BAA+B,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC,CAAA;QAEzF,IAAI,CAAC,SAAS,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;YAChC,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YAC5B,OAAO,OAAO,CAAA;QAClB,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC;QAC1D,IAAI,QAAQ,EAAE,CAAC;YACX,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;YACnD,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QACrC,CAAC;QAED,OAAO,SAAS,CAAC;IACrB,CAAC;IAED,YAAY,CAAC,QAAqB,EAAE,GAAW;QAC3C,yBAAyB;QACzB,QAAQ,CAAC,UAAU,CAAC,EAAC,CAAC,aAAa,CAAC,EAAE,GAAG,EAAC,CAAC,CAAA;IAC/C,CAAC;IAEM,WAAW,CAAC,OAAmB,EAAE,SAAiB;QACrD,OAAO,aAAa,CAAC,WAAW,CAAC;YAC7B,OAAO;YACP,SAAS;YACT,GAAG,EAAE,kBAAkB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG;SAC3D,EAAE,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAA;IAChC,CAAC;IAED,eAAe,GAAG,KAAK,EAAE,OAAuB,EAAE,MAAgB,EAAE,QAAsB,EAAgC,EAAE;QACxH,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC;YAC3B,OAAO,IAAI,CAAC,4BAA4B,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAA;QAEvE,OAAO,MAAM,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;IACvE,CAAC,CAAC;IAEF,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACrC,MAAM,KAAK,GAAG,EAAC,KAAK,EAAE,EAAC,SAAS,EAAC,EAAC,CAAC;QAEnC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACvD,IAAI,CAAC,OAAO;YACR,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,uBAAuB,SAAS,EAAE,CAAC,CAAC;QAEpE,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;YACxB,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;QAErD,OAAO,MAAM,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,CAAC;IACvD,CAAC;IAEO,KAAK,CAAC,uBAAuB,CAAC,OAAmB;QACrD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAC,KAAK,EAAE,EAAC,GAAG,EAAE,OAAO,CAAC,MAAM,EAAC,EAAC,CAAC,CAAC;QAChF,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;YACxC,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,8BAA8B,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACtF,CAAC;QAED,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAEO,KAAK,CAAC,sBAAsB,CAAC,MAAc;QAC/C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAC,KAAK,EAAE,EAAC,GAAG,EAAE,MAAM,EAAC,EAAC,CAAC,CAAC;QACxE,IAAI,CAAC,OAAO;YACR,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,8BAA8B,MAAM,EAAE,CAAC,CAAC;QAExE,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAGO,UAAU,GAAG,CAAC,OAAmB,EAAE,EAAE;QACzC,MAAM,KAAK,GAAG,kBAAkB,EAAE,GAAG,OAAO,CAAC,SAAS,CAAC;QACvD,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC;QAElD,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,CAAC,GAAG;YACnC,OAAO,KAAK,CAAC;QAEjB,OAAO,KAAK,GAAG,YAAY,IAAI,KAAK,GAAG,CAAC,CAAC;IAC7C,CAAC,CAAC;IAEM,KAAK,CAAC,oBAAoB,CAAC,CAAsB;QACrD,IAAI,OAAO,CAAC,KAAK,QAAQ;YACrB,OAAO,IAAI,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;QAE1C,OAAO,YAAY,CAAC,CAAC,CAAC,CAAC;IAC3B,CAAC;IAEM,KAAK,CAAC,aAAa,CAAC,CAAsB,EAAE,SAAqB;QACpE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC;QACnD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAErE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACpC,OAAO,EAAC,SAAS,EAAE,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE,gBAAgB,EAAE,OAAO,CAAC,gBAAgB,EAAC,CAAC;IACtJ,CAAC;IAAA,CAAC;IAEM,KAAK,CAAC,qBAAqB,CAAC,OAAmB,EAAE,SAAqB;QAC1E,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAC,KAAK,EAAE,EAAC,MAAM,EAAE,OAAO,CAAC,GAAG,EAAC,EAAC,CAAC,CAAC;QAChF,IAAI,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;YACpC,OAAO,OAAO,CAAC;QAEnB,MAAM,QAAQ,GAAe;YACzB,SAAS,EAAE,WAAW,CAAC,EAAE,CAAC;YAC1B,SAAS,EAAE,kBAAkB,EAAE;YAC/B,MAAM,EAAE,OAAO,CAAC,GAAG;SACtB,CAAC;QAEF,IAAI,SAAS;YACT,QAAQ,CAAC,SAAS,GAAG,SAAS,CAAC;QAEnC,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC1C,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,IAAoB,EAAE,QAAqB;QACvD,MAAM,OAAO,GAAkC;YAC3C,YAAY,EAAE,IAAI;SACrB,CAAC;QAEF,IAAI,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAC9C,IAAI,CAAC,QAAQ,CAAC,2BAA2B,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAE9D,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC;YAC1B,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YAEvD,IAAI,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC,sBAAsB,CAAC,CAAC;YAE5D,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,oBAAoB,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC;YAC5G,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,gBAAgB,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;YAC1F,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,cAAc,CAAC,WAAW,EAAE,EAAE,GAAG,CAAC,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC;YAEhG,OAAO,MAAM,QAAQ,CAAC,QAAQ,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;QACrD,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,IAAI,YAAY,CAAC,GAAG,EAAE,2BAA2B,EAAE,KAAK,CAAC,CAAC;QACpE,CAAC;IACL,CAAC;CAEJ;AAGD,MAAM,CAAC,MAAM,aAAa,GAAG,IAAI,oBAAoB,EAAE,CAAC"}

package/{app-backend → dist/app-backend}/modules/JWTBuilder.d.ts

@@ -1,5 +1,5 @@
-import { ObjectTS } from "@intuitionrobotics/ts-common";
-import { Algorithm } from "jws";
+import { type ObjectTS } from "@intuitionrobotics/ts-common";
+import { type Algorithm } from "jws";
 export declare const ALGORITHM = "alg";
 export declare const CONTENT_TYPE = "cty";
 export declare const TYPE = "typ";
@@ -36,3 +36,4 @@ export declare class JWTBuilder {
     private assertAlg;
     build(secret: string): string;
 }
+//# sourceMappingURL=JWTBuilder.d.ts.map

package/dist/app-backend/modules/JWTBuilder.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"JWTBuilder.d.ts","sourceRoot":"","sources":["../../../src/main/app-backend/modules/JWTBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EAGN,KAAK,QAAQ,EACb,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAEN,KAAK,SAAS,EAGd,MAAM,KAAK,CAAC;AAIb,eAAO,MAAM,SAAS,QAAQ,CAAC;AAC/B,eAAO,MAAM,YAAY,QAAQ,CAAC;AAClC,eAAO,MAAM,IAAI,QAAQ,CAAC;AAC1B,eAAO,MAAM,MAAM,QAAQ,CAAC;AAG5B,eAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,eAAO,MAAM,OAAO,QAAQ,CAAC;AAC7B,eAAO,MAAM,UAAU,QAAQ,CAAC;AAChC,eAAO,MAAM,UAAU,QAAQ,CAAC;AAChC,eAAO,MAAM,SAAS,QAAQ,CAAC;AAC/B,eAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,eAAO,MAAM,QAAQ,QAAQ,CAAC;AAE9B,eAAO,MAAM,WAAW,EAAE,MAAc,CAAC;AAEzC,qBAAa,UAAU;IACtB,OAAO,CAAC,OAAO,CAAgB;IAC/B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;gBAEpB,GAAG,EAAE,SAAS;IAS1B,SAAS,CAAC,MAAM,EAAE,QAAQ;IAK1B,QAAQ,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG;IAKhC,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG;IAOjC,cAAc,GAAI,KAAK,MAAM,UAG3B;IAEF,OAAO,GAAI,KAAK,MAAM,UAGpB;IAEF,QAAQ,GAAI,KAAK,MAAM,UAGrB;IAIF,SAAS,CAAC,GAAG,EAAE,MAAM;IAKrB,MAAM,CAAC,GAAG,EAAE,MAAM;IAKlB,aAAa,CAAC,GAAG,EAAE,MAAM;IAKzB,YAAY,CAAC,GAAG,EAAE,MAAM;IAKxB,OAAO,CAAC,WAAW;IAInB,QAAQ,CAAC,GAAG,EAAE,MAAM;IAKpB,WAAW,CAAC,GAAG,EAAE,MAAM;IAOvB,OAAO,CAAC,SAAS;IAIjB,OAAO,CAAC,YAAY;IAIpB,OAAO,CAAC,aAAa;IAIrB,OAAO,CAAC,OAAO;IAIf,OAAO,CAAC,SAAS;IAMjB,KAAK,CAAC,MAAM,EAAE,MAAM;CAiBpB"}

package/dist/app-backend/modules/JWTBuilder.js

@@ -0,0 +1,113 @@
+import { BadImplementationException, currentTimeMillies } from "@intuitionrobotics/ts-common";
+import { sign, ALGORITHMS } from "jws";
+import { SecretsModule } from "./SecretsModule.js";
+//Header
+export const ALGORITHM = "alg";
+export const CONTENT_TYPE = "cty";
+export const TYPE = "typ";
+export const KEY_ID = "kid";
+//Payload
+export const ISSUER = "iss";
+export const SUBJECT = "sub";
+export const EXPIRES_AT = "exp";
+export const NOT_BEFORE = "nbf";
+export const ISSUED_AT = "iat";
+export const JWT_ID = "jti";
+export const AUDIENCE = "aud";
+export const TYP_DEFAULT = "JWT";
+export class JWTBuilder {
+    payload = {};
+    header;
+    constructor(alg) {
+        this.assertAlg(alg);
+        this.header = {
+            [ALGORITHM]: alg
+        };
+    }
+    // Generic
+    addClaims(claims) {
+        Object.keys(claims).forEach(k => this.addClaim(k, claims[k]));
+        return this;
+    }
+    addClaim(key, value) {
+        this.payload[key] = value;
+        return this;
+    }
+    addHeader(key, value) {
+        this.header[key] = value;
+        return this;
+    }
+    // End Generic
+    setContentType = (cty) => {
+        this.header[CONTENT_TYPE] = cty;
+        return this;
+    };
+    setType = (typ) => {
+        this.header[TYPE] = typ;
+        return this;
+    };
+    setKeyID = (kid) => {
+        this.header[KEY_ID] = kid;
+        return this;
+    };
+    // Payload
+    setIssuer(iss) {
+        this.payload[ISSUER] = iss;
+        return this;
+    }
+    setSub(iss) {
+        this.payload[SUBJECT] = iss;
+        return this;
+    }
+    setExpiration(exp) {
+        this.payload[EXPIRES_AT] = exp;
+        return this;
+    }
+    setNotBefore(nbf) {
+        this.payload[NOT_BEFORE] = nbf;
+        return this;
+    }
+    setIssuedAt() {
+        this.payload[ISSUED_AT] = Math.floor(currentTimeMillies() / 1000);
+    }
+    setJWTID(jti) {
+        this.payload[JWT_ID] = jti;
+        return this;
+    }
+    setAudience(aud) {
+        this.payload[AUDIENCE] = aud;
+        return this;
+    }
+    // End Payload
+    getIssuer() {
+        return this.payload[ISSUER];
+    }
+    getAlgorithm() {
+        return this.header[ALGORITHM];
+    }
+    getExpiration() {
+        return this.payload[EXPIRES_AT];
+    }
+    getType() {
+        return this.header[TYPE];
+    }
+    assertAlg(alg) {
+        const foundAlg = ALGORITHMS.find(a => a === alg);
+        if (!foundAlg)
+            throw new BadImplementationException(`Algorithm with name ${alg} is not valid`);
+    }
+    build(secret) {
+        this.setIssuedAt();
+        if (!this.getType())
+            this.setType(TYP_DEFAULT);
+        if (!this.getIssuer())
+            // TODO move the config to the module which I need to create
+            this.setIssuer(SecretsModule.getIss());
+        if (!this.getExpiration())
+            throw new BadImplementationException("Missing expiration, cannot build a valid JWT without this value");
+        if (!this.getAlgorithm())
+            throw new BadImplementationException("Missing algorithm, cannot build a valid JWT without this value");
+        return sign({ secret, payload: this.payload, header: this.header });
+    }
+}
+//# sourceMappingURL=JWTBuilder.js.map

package/dist/app-backend/modules/JWTBuilder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"JWTBuilder.js","sourceRoot":"","sources":["../../../src/main/app-backend/modules/JWTBuilder.ts"],"names":[],"mappings":"AAAA,OAAO,EACN,0BAA0B,EAC1B,kBAAkB,EAElB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACN,IAAI,EAEJ,UAAU,EAEV,MAAM,KAAK,CAAC;AACb,OAAO,EAAC,aAAa,EAAC,MAAM,oBAAoB,CAAC;AAEjD,QAAQ;AACR,MAAM,CAAC,MAAM,SAAS,GAAG,KAAK,CAAC;AAC/B,MAAM,CAAC,MAAM,YAAY,GAAG,KAAK,CAAC;AAClC,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,CAAC;AAC1B,MAAM,CAAC,MAAM,MAAM,GAAG,KAAK,CAAC;AAE5B,SAAS;AACT,MAAM,CAAC,MAAM,MAAM,GAAG,KAAK,CAAC;AAC5B,MAAM,CAAC,MAAM,OAAO,GAAG,KAAK,CAAC;AAC7B,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,CAAC;AAChC,MAAM,CAAC,MAAM,UAAU,GAAG,KAAK,CAAC;AAChC,MAAM,CAAC,MAAM,SAAS,GAAG,KAAK,CAAC;AAC/B,MAAM,CAAC,MAAM,MAAM,GAAG,KAAK,CAAC;AAC5B,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,CAAC;AAE9B,MAAM,CAAC,MAAM,WAAW,GAAW,KAAK,CAAC;AAEzC,MAAM,OAAO,UAAU;IACd,OAAO,GAAa,EAAE,CAAC;IACd,MAAM,CAAS;IAEhC,YAAY,GAAc;QACzB,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACpB,IAAI,CAAC,MAAM,GAAG;YACb,CAAC,SAAS,CAAC,EAAE,GAAG;SAChB,CAAA;IACF,CAAC;IAED,UAAU;IAEV,SAAS,CAAC,MAAgB;QACzB,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAC7D,OAAO,IAAI,CAAC;IACb,CAAC;IAED,QAAQ,CAAC,GAAW,EAAE,KAAU;QAC/B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QAC1B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,SAAS,CAAC,GAAW,EAAE,KAAU;QAChC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;QACzB,OAAO,IAAI,CAAC;IACb,CAAC;IAED,cAAc;IAEd,cAAc,GAAG,CAAC,GAAW,EAAE,EAAE;QAChC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,GAAG,CAAC;QAChC,OAAO,IAAI,CAAC;IACb,CAAC,CAAC;IAEF,OAAO,GAAG,CAAC,GAAW,EAAE,EAAE;QACzB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC;QACxB,OAAO,IAAI,CAAC;IACb,CAAC,CAAC;IAEF,QAAQ,GAAG,CAAC,GAAW,EAAE,EAAE;QAC1B,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC;QAC1B,OAAO,IAAI,CAAC;IACb,CAAC,CAAC;IAEF,UAAU;IAEV,SAAS,CAAC,GAAW;QACpB,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC;QAC3B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,MAAM,CAAC,GAAW;QACjB,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,GAAG,CAAC;QAC5B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,aAAa,CAAC,GAAW;QACxB,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,YAAY,CAAC,GAAW;QACvB,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,GAAG,CAAC;QAC/B,OAAO,IAAI,CAAC;IACb,CAAC;IAEO,WAAW;QAClB,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,EAAE,GAAG,IAAI,CAAC,CAAC;IACnE,CAAC;IAED,QAAQ,CAAC,GAAW;QACnB,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC;QAC3B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,WAAW,CAAC,GAAW;QACtB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC;QAC7B,OAAO,IAAI,CAAC;IACb,CAAC;IAED,cAAc;IAEN,SAAS;QAChB,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC7B,CAAC;IAEO,YAAY;QACnB,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC/B,CAAC;IAEO,aAAa;QACpB,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IACjC,CAAC;IAEO,OAAO;QACd,OAAO,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAEO,SAAS,CAAC,GAAc;QAC/B,MAAM,QAAQ,GAA0B,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC;QACxE,IAAI,CAAC,QAAQ;YACZ,MAAM,IAAI,0BAA0B,CAAC,uBAAuB,GAAG,eAAe,CAAC,CAAC;IAClF,CAAC;IAED,KAAK,CAAC,MAAc;QACnB,IAAI,CAAC,WAAW,EAAE,CAAA;QAClB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YAClB,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAE3B,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;YACpB,4DAA4D;YAC5D,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAA;QAEvC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE;YACxB,MAAM,IAAI,0BAA0B,CAAC,iEAAiE,CAAC,CAAA;QAExG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE;YACvB,MAAM,IAAI,0BAA0B,CAAC,gEAAgE,CAAC,CAAA;QAEvG,OAAO,IAAI,CAAC,EAAC,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAC,CAAC,CAAC;IACnE,CAAC;CACD"}

package/{app-backend → dist/app-backend}/modules/SamlModule.d.ts

@@ -1,6 +1,6 @@
-import { IdentityProvider, IdentityProviderOptions, SAMLAssertResponse, ServiceProviderOptions } from "saml2-js";
+import { IdentityProvider, type IdentityProviderOptions, type SAMLAssertResponse, type ServiceProviderOptions } from "saml2-js";
 import { Module } from "@intuitionrobotics/ts-common";
-import { RequestBody_SamlAssertOptions, RequestParams_LoginSAML } from "./_imports";
+import { type RequestBody_SamlAssertOptions, type RequestParams_LoginSAML } from "./_imports.js";
 type SamlConfig = {
     idConfig: IdentityProviderOptions;
     spConfig: ServiceProviderOptions;
@@ -19,3 +19,4 @@ export declare class SamlModule_Class extends Module<SamlConfig> {
 }
 export declare const SamlModule: SamlModule_Class;
 export {};
+//# sourceMappingURL=SamlModule.d.ts.map

package/dist/app-backend/modules/SamlModule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SamlModule.d.ts","sourceRoot":"","sources":["../../../src/main/app-backend/modules/SamlModule.ts"],"names":[],"mappings":"AACA,OAAO,EACN,gBAAgB,EAChB,KAAK,uBAAuB,EAC5B,KAAK,kBAAkB,EAEvB,KAAK,sBAAsB,EAC3B,MAAM,UAAU,CAAC;AAClB,OAAO,EAGN,MAAM,EACN,MAAM,8BAA8B,CAAC;AACtC,OAAO,EACN,KAAK,6BAA6B,EAClC,KAAK,uBAAuB,EAC5B,MAAM,eAAe,CAAC;AAEvB,KAAK,UAAU,GAAG;IACjB,QAAQ,EAAE,uBAAuB,CAAC;IAClC,QAAQ,EAAE,sBAAsB,CAAA;CAChC,CAAC;AAiBF,KAAK,kBAAkB,GAAG;IACzB,YAAY,EAAE,kBAAkB,CAAA;IAChC,MAAM,EAAE,MAAM,CAAA;IACd,YAAY,EAAE,uBAAuB,CAAA;CACrC,CAAA;AAED,qBAAa,gBACZ,SAAQ,MAAM,CAAC,UAAU,CAAC;IAEnB,gBAAgB,EAAG,gBAAgB,CAAC;;IAM3C,SAAS,CAAC,IAAI,IAAI,IAAI;IAUtB,YAAY,GAAU,cAAc,uBAAuB,qBAczD;IAEF,MAAM,GAAU,SAAS,6BAA6B,KAAG,OAAO,CAAC,kBAAkB,CAAC,CAiBjF;CACH;AAED,eAAO,MAAM,UAAU,kBAAyB,CAAC"}

package/dist/app-backend/modules/SamlModule.js

@@ -0,0 +1,47 @@
+import { IdentityProvider, ServiceProvider } from "saml2-js";
+import { __stringify, ImplementationMissingException, Module } from "@intuitionrobotics/ts-common";
+import {} from "./_imports.js";
+export class SamlModule_Class extends Module {
+    identityProvider;
+    constructor() {
+        super("SamlModule");
+    }
+    init() {
+        if (!this.config.idConfig)
+            throw new ImplementationMissingException("Config must contain idConfig");
+        if (!this.config.spConfig)
+            throw new ImplementationMissingException("Config must contain spConfig");
+        this.identityProvider = new IdentityProvider(this.config.idConfig);
+    }
+    loginRequest = async (loginContext) => {
+        return new Promise((resolve, rejected) => {
+            const sp = new ServiceProvider(this.config.spConfig);
+            const options = {
+                relay_state: __stringify(loginContext)
+            };
+            sp.create_login_request_url(this.identityProvider, options, (error, loginUrl, _requestId) => {
+                if (error)
+                    return rejected(error);
+                resolve(loginUrl);
+            });
+        });
+    };
+    assert = async (options) => new Promise((resolve, rejected) => {
+        const sp = new ServiceProvider(this.config.spConfig);
+        sp.post_assert(this.identityProvider, options, async (error, response) => {
+            if (error)
+                return rejected(error);
+            const userId = response.user.name_id;
+            const relay_state = options.request_body.RelayState;
+            if (!relay_state)
+                return rejected(`LoginContext lost along the way for userId '${userId}'`);
+            resolve({
+                userId: userId,
+                loginContext: JSON.parse(relay_state),
+                fullResponse: response
+            });
+        });
+    });
+}
+export const SamlModule = new SamlModule_Class();
+//# sourceMappingURL=SamlModule.js.map

package/dist/app-backend/modules/SamlModule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"SamlModule.js","sourceRoot":"","sources":["../../../src/main/app-backend/modules/SamlModule.ts"],"names":[],"mappings":"AACA,OAAO,EACN,gBAAgB,EAGhB,eAAe,EAEf,MAAM,UAAU,CAAC;AAClB,OAAO,EACN,WAAW,EACX,8BAA8B,EAC9B,MAAM,EACN,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAGN,MAAM,eAAe,CAAC;AA4BvB,MAAM,OAAO,gBACZ,SAAQ,MAAkB;IAEnB,gBAAgB,CAAoB;IAE3C;QACC,KAAK,CAAC,YAAY,CAAC,CAAC;IACrB,CAAC;IAES,IAAI;QACb,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ;YACxB,MAAM,IAAI,8BAA8B,CAAC,8BAA8B,CAAC,CAAC;QAE1E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ;YACxB,MAAM,IAAI,8BAA8B,CAAC,8BAA8B,CAAC,CAAC;QAE1E,IAAI,CAAC,gBAAgB,GAAG,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACpE,CAAC;IAED,YAAY,GAAG,KAAK,EAAE,YAAqC,EAAE,EAAE;QAC9D,OAAO,IAAI,OAAO,CAAS,CAAC,OAAO,EAAE,QAAQ,EAAE,EAAE;YAChD,MAAM,EAAE,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACrD,MAAM,OAAO,GAAG;gBACf,WAAW,EAAE,WAAW,CAAC,YAAY,CAAC;aACtC,CAAC;YACF,EAAE,CAAC,wBAAwB,CAAC,IAAI,CAAC,gBAAgB,EAAE,OAAO,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE;gBAC3F,IAAI,KAAK;oBACR,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;gBAExB,OAAO,CAAC,QAAQ,CAAC,CAAC;YACnB,CAAC,CAAC,CAAC;QACJ,CAAC,CAAC,CAAC;IAEJ,CAAC,CAAC;IAEF,MAAM,GAAG,KAAK,EAAE,OAAsC,EAA+B,EAAE,CAAC,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,QAAQ,EAAE,EAAE;QAC7I,MAAM,EAAE,GAAG,IAAI,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrD,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,gBAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,QAA4B,EAAE,EAAE;YAC5F,IAAI,KAAK;gBACR,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC;YAExB,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;YACrC,MAAM,WAAW,GAAG,OAAO,CAAC,YAAY,CAAC,UAAU,CAAC;YACpD,IAAI,CAAC,WAAW;gBACf,OAAO,QAAQ,CAAC,+CAA+C,MAAM,GAAG,CAAC,CAAC;YAE3E,OAAO,CAAC;gBACC,MAAM,EAAE,MAAM;gBACd,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC;gBACrC,YAAY,EAAE,QAAQ;aACtB,CAAC,CAAC;QACZ,CAAC,CAAC,CAAC;IACJ,CAAC,CAAC,CAAC;CACH;AAED,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,gBAAgB,EAAE,CAAC"}

package/{app-backend → dist/app-backend}/modules/SecretsModule.d.ts

@@ -1,7 +1,7 @@
-import { Module, ObjectTS } from "@intuitionrobotics/ts-common";
-import { ApiException, ExpressRequest } from "@intuitionrobotics/thunderstorm/backend";
+import { Module, type ObjectTS } from "@intuitionrobotics/ts-common";
+import { ApiException, type ExpressRequest } from "@intuitionrobotics/thunderstorm/backend";
 import * as jws from "jws";
-import { Algorithm, Signature } from "jws";
+import { type Algorithm, type Signature } from "jws";
 export declare class TokenExpiredException extends ApiException {
     constructor(message: string, cause?: Error);
 }
@@ -36,3 +36,4 @@ export declare class SecretsModule_Class extends Module<Config> {
 }
 export declare const SecretsModule: SecretsModule_Class;
 export {};
+//# sourceMappingURL=SecretsModule.d.ts.map

package/dist/app-backend/modules/SecretsModule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SecretsModule.d.ts","sourceRoot":"","sources":["../../../src/main/app-backend/modules/SecretsModule.ts"],"names":[],"mappings":"AAAA,OAAO,EAKH,MAAM,EACN,KAAK,QAAQ,EAChB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAC,YAAY,EAAE,KAAK,cAAc,EAAC,MAAM,yCAAyC,CAAC;AAC1F,OAAO,KAAK,GAAG,MAAM,KAAK,CAAC;AAC3B,OAAO,EAAC,KAAK,SAAS,EAAE,KAAK,SAAS,EAAC,MAAM,KAAK,CAAC;AAInD,qBAAa,qBACT,SAAQ,YAAY;gBACR,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK;CAG7C;AAED,KAAK,MAAM,GAAG;IACV,OAAO,CAAC,EAAE;QACN,CAAC,CAAC,EAAE,MAAM,GAAG,GAAG,CAAA;KACnB,CAAC;IACF,aAAa,EAAE,MAAM,CAAA;IACrB,MAAM,CAAC,EAAE,MAAM,CAAA;CAClB,CAAA;AAED,KAAK,MAAM,GAAG;IACV,GAAG,EAAE,MAAM,CAAA;IACX,KAAK,EAAE,MAAM,CAAA;CAChB,CAAA;AAED,qBAAa,mBACT,SAAQ,MAAM,CAAC,MAAM,CAAC;IACtB,OAAO,CAAC,WAAW,CAAW;IAEvB,qBAAqB,SAAyB;IAC9C,kBAAkB,SAAsB;;IAO/C,SAAS,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM;IAWrB,aAAa,GAAI,KAAK,MAAM,KAAG,MAAM,CAE1C;IAEF,OAAO,CAAC,SAAS,CAQf;IAEF,iCAAiC,CAAC,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE;IAY3E,eAAe,CAAC,OAAO,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE;IA6BzD,cAAc,CAAC,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE;IAOnD,gBAAgB,CAAC,OAAO,EAAE,cAAc;IAuBxC,SAAS,GAAI,OAAO,SAAS,aAElC;IAEK,aAAa,CAAC,KAAK,EAAE,SAAS;IAkBrC,WAAW,GAAI,SAAS,QAAQ,EAAE,KAAK,MAAM,EAAE,YAAW,SAAmB,YAS3E;IAEK,MAAM,eAKX;IAEF,SAAS,GAAI,KAAK,MAAM,0BAEvB;CACJ;AAED,eAAO,MAAM,aAAa,qBAA4B,CAAA"}