@kya-os/mcp-i-cloudflare 1.5.1-canary.6 → 1.5.1-canary.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapter.d.ts +8 -0
- package/dist/adapter.d.ts.map +1 -1
- package/dist/adapter.js +102 -87
- package/dist/adapter.js.map +1 -1
- package/dist/constants/storage-keys.d.ts +89 -0
- package/dist/constants/storage-keys.d.ts.map +1 -0
- package/dist/constants/storage-keys.js +142 -0
- package/dist/constants/storage-keys.js.map +1 -0
- package/dist/index.d.ts +7 -3
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +9 -3
- package/dist/index.js.map +1 -1
- package/dist/runtime/oauth-handler.d.ts +6 -0
- package/dist/runtime/oauth-handler.d.ts.map +1 -1
- package/dist/runtime/oauth-handler.js +96 -21
- package/dist/runtime/oauth-handler.js.map +1 -1
- package/dist/services/admin.service.d.ts +4 -0
- package/dist/services/admin.service.d.ts.map +1 -1
- package/dist/services/admin.service.js +170 -77
- package/dist/services/admin.service.js.map +1 -1
- package/dist/services/consent-page-renderer.d.ts +8 -2
- package/dist/services/consent-page-renderer.d.ts.map +1 -1
- package/dist/services/consent-page-renderer.js +42 -8
- package/dist/services/consent-page-renderer.js.map +1 -1
- package/dist/services/consent.service.d.ts +90 -0
- package/dist/services/consent.service.d.ts.map +1 -1
- package/dist/services/consent.service.js +571 -99
- package/dist/services/consent.service.js.map +1 -1
- package/dist/services/delegation.service.d.ts.map +1 -1
- package/dist/services/delegation.service.js +54 -19
- package/dist/services/delegation.service.js.map +1 -1
- package/dist/services/oauth-security.service.d.ts +92 -0
- package/dist/services/oauth-security.service.d.ts.map +1 -0
- package/dist/services/oauth-security.service.js +260 -0
- package/dist/services/oauth-security.service.js.map +1 -0
- package/dist/services/rate-limit.service.d.ts +59 -0
- package/dist/services/rate-limit.service.d.ts.map +1 -0
- package/dist/services/rate-limit.service.js +146 -0
- package/dist/services/rate-limit.service.js.map +1 -0
- package/dist/utils/day0-config.d.ts +51 -0
- package/dist/utils/day0-config.d.ts.map +1 -0
- package/dist/utils/day0-config.js +72 -0
- package/dist/utils/day0-config.js.map +1 -0
- package/package.json +1 -1
|
@@ -5,11 +5,38 @@
|
|
|
5
5
|
* Only enabled when config.admin.enabled === true
|
|
6
6
|
*/
|
|
7
7
|
import { DEFAULT_AGENTSHIELD_URL } from "../constants";
|
|
8
|
+
import { MCP_CORS_HEADERS, PREFLIGHT_CORS_HEADERS } from "@kya-os/mcp-i-core";
|
|
9
|
+
import { clearCacheRequestSchema } from "@kya-os/contracts/agentshield-api";
|
|
8
10
|
export class AdminService {
|
|
9
11
|
env;
|
|
10
12
|
constructor(env) {
|
|
11
13
|
this.env = env;
|
|
12
14
|
}
|
|
15
|
+
/**
|
|
16
|
+
* Create a consistent error response in AgentShield API format
|
|
17
|
+
*/
|
|
18
|
+
createErrorResponse(code, message, status, details) {
|
|
19
|
+
const errorData = {
|
|
20
|
+
code,
|
|
21
|
+
message,
|
|
22
|
+
...(details && { details }),
|
|
23
|
+
};
|
|
24
|
+
const apiResponse = {
|
|
25
|
+
success: false,
|
|
26
|
+
data: errorData,
|
|
27
|
+
metadata: {
|
|
28
|
+
requestId: crypto.randomUUID(),
|
|
29
|
+
timestamp: new Date().toISOString(),
|
|
30
|
+
},
|
|
31
|
+
};
|
|
32
|
+
return new Response(JSON.stringify(apiResponse), {
|
|
33
|
+
status,
|
|
34
|
+
headers: {
|
|
35
|
+
"Content-Type": "application/json",
|
|
36
|
+
...MCP_CORS_HEADERS,
|
|
37
|
+
},
|
|
38
|
+
});
|
|
39
|
+
}
|
|
13
40
|
/**
|
|
14
41
|
* Handle admin requests
|
|
15
42
|
* @param request - Incoming request
|
|
@@ -19,31 +46,30 @@ export class AdminService {
|
|
|
19
46
|
const url = new URL(request.url);
|
|
20
47
|
// Only POST /admin/clear-cache is supported
|
|
21
48
|
if (url.pathname === "/admin/clear-cache") {
|
|
49
|
+
// Handle OPTIONS preflight requests
|
|
50
|
+
if (request.method === "OPTIONS") {
|
|
51
|
+
return new Response(null, {
|
|
52
|
+
status: 200,
|
|
53
|
+
headers: {
|
|
54
|
+
...PREFLIGHT_CORS_HEADERS,
|
|
55
|
+
},
|
|
56
|
+
});
|
|
57
|
+
}
|
|
22
58
|
if (request.method !== "POST") {
|
|
23
|
-
return
|
|
24
|
-
success: false,
|
|
25
|
-
error: "Method not allowed. Use POST.",
|
|
59
|
+
return this.createErrorResponse("method_not_allowed", "Method not allowed. Use POST.", 405, {
|
|
26
60
|
endpoint: url.pathname,
|
|
27
61
|
method: request.method,
|
|
28
62
|
allowed_methods: ["POST"],
|
|
29
|
-
}), {
|
|
30
|
-
status: 405,
|
|
31
|
-
headers: { "Content-Type": "application/json" },
|
|
32
63
|
});
|
|
33
64
|
}
|
|
34
65
|
return this.handleClearCache(request);
|
|
35
66
|
}
|
|
36
67
|
// Provide helpful error message for unknown admin routes
|
|
37
|
-
return
|
|
38
|
-
success: false,
|
|
39
|
-
error: "Admin endpoint not found",
|
|
68
|
+
return this.createErrorResponse("endpoint_not_found", "Admin endpoint not found", 404, {
|
|
40
69
|
endpoint: url.pathname,
|
|
41
70
|
available_endpoints: ["/admin/clear-cache"],
|
|
42
71
|
method: request.method,
|
|
43
72
|
hint: "Only POST /admin/clear-cache is supported. Ensure admin endpoints are enabled in runtime config.",
|
|
44
|
-
}), {
|
|
45
|
-
status: 404,
|
|
46
|
-
headers: { "Content-Type": "application/json" },
|
|
47
73
|
});
|
|
48
74
|
}
|
|
49
75
|
/**
|
|
@@ -51,77 +77,64 @@ export class AdminService {
|
|
|
51
77
|
*/
|
|
52
78
|
async handleClearCache(request) {
|
|
53
79
|
try {
|
|
54
|
-
// Parse request body
|
|
55
|
-
const body =
|
|
56
|
-
const
|
|
57
|
-
if (!
|
|
58
|
-
return
|
|
59
|
-
success: false,
|
|
60
|
-
error: "Bad Request - agent_did required in body",
|
|
61
|
-
}), {
|
|
62
|
-
status: 400,
|
|
63
|
-
headers: { "Content-Type": "application/json" },
|
|
64
|
-
});
|
|
80
|
+
// Parse and validate request body
|
|
81
|
+
const body = await request.json().catch(() => ({}));
|
|
82
|
+
const validationResult = clearCacheRequestSchema.safeParse(body);
|
|
83
|
+
if (!validationResult.success) {
|
|
84
|
+
return this.createErrorResponse("validation_error", "Bad Request - agent_did required in body", 400, { validation_errors: validationResult.error.errors });
|
|
65
85
|
}
|
|
86
|
+
const { agent_did: agentDid } = validationResult.data;
|
|
87
|
+
// Get projectId early - used for both API validation and cache key determination
|
|
88
|
+
const projectId = this.env.AGENTSHIELD_PROJECT_ID;
|
|
66
89
|
// Extract API key from Authorization header
|
|
67
90
|
const authHeader = request.headers.get("Authorization");
|
|
68
91
|
if (!authHeader || !authHeader.startsWith("Bearer ")) {
|
|
69
|
-
return
|
|
70
|
-
success: false,
|
|
71
|
-
error: "Unauthorized - Missing or invalid Authorization header",
|
|
72
|
-
}), {
|
|
73
|
-
status: 401,
|
|
74
|
-
headers: { "Content-Type": "application/json" },
|
|
75
|
-
});
|
|
92
|
+
return this.createErrorResponse("unauthorized", "Unauthorized - Missing or invalid Authorization header", 401);
|
|
76
93
|
}
|
|
77
94
|
const apiKey = authHeader.slice(7); // Remove "Bearer " prefix
|
|
78
95
|
// Validate API key by making a test call to AgentShield
|
|
96
|
+
// Use same endpoint/header logic as ToolProtectionService
|
|
79
97
|
const agentShieldUrl = this.env.AGENTSHIELD_API_URL || DEFAULT_AGENTSHIELD_URL;
|
|
80
|
-
|
|
98
|
+
let validationUrl;
|
|
99
|
+
let headers = {
|
|
100
|
+
"Content-Type": "application/json",
|
|
101
|
+
};
|
|
102
|
+
if (projectId) {
|
|
103
|
+
// ✅ New endpoint format
|
|
104
|
+
validationUrl = `${agentShieldUrl}/api/v1/bouncer/projects/${encodeURIComponent(projectId)}/tool-protections`;
|
|
105
|
+
headers["X-API-Key"] = apiKey;
|
|
106
|
+
headers["X-Project-Id"] = projectId;
|
|
107
|
+
}
|
|
108
|
+
else {
|
|
109
|
+
// ⚠️ Old endpoint format (backward compatibility)
|
|
110
|
+
validationUrl = `${agentShieldUrl}/api/v1/bouncer/config?agent_did=${encodeURIComponent(agentDid)}`;
|
|
111
|
+
headers["Authorization"] = `Bearer ${apiKey}`;
|
|
112
|
+
}
|
|
81
113
|
try {
|
|
82
114
|
const validationResponse = await fetch(validationUrl, {
|
|
83
115
|
method: "GET",
|
|
84
|
-
headers
|
|
85
|
-
"Content-Type": "application/json",
|
|
86
|
-
Authorization: `Bearer ${apiKey}`,
|
|
87
|
-
},
|
|
116
|
+
headers,
|
|
88
117
|
});
|
|
89
118
|
if (!validationResponse.ok) {
|
|
90
119
|
console.warn("[Admin] API key validation failed:", validationResponse.status);
|
|
91
|
-
return
|
|
92
|
-
success: false,
|
|
93
|
-
error: "Unauthorized - Invalid API key",
|
|
94
|
-
}), {
|
|
95
|
-
status: 401,
|
|
96
|
-
headers: { "Content-Type": "application/json" },
|
|
97
|
-
});
|
|
120
|
+
return this.createErrorResponse("invalid_api_key", "Unauthorized - Invalid API key", 401);
|
|
98
121
|
}
|
|
99
122
|
// API key is valid, proceed to clear cache
|
|
100
123
|
console.log("[Admin] API key validated successfully");
|
|
101
124
|
}
|
|
102
125
|
catch (error) {
|
|
103
126
|
console.error("[Admin] API key validation error:", error);
|
|
104
|
-
return
|
|
105
|
-
|
|
106
|
-
error: "Failed to validate API key with AgentShield",
|
|
107
|
-
}), {
|
|
108
|
-
status: 500,
|
|
109
|
-
headers: { "Content-Type": "application/json" },
|
|
127
|
+
return this.createErrorResponse("validation_failed", "Failed to validate API key with AgentShield", 500, {
|
|
128
|
+
error_message: error instanceof Error ? error.message : String(error),
|
|
110
129
|
});
|
|
111
130
|
}
|
|
112
131
|
// Clear cache from KV
|
|
113
132
|
// Use project-scoped cache key if projectId is available (preferred)
|
|
114
133
|
// Otherwise fall back to agent-scoped cache key
|
|
115
|
-
const projectId = this.env.AGENTSHIELD_PROJECT_ID;
|
|
116
134
|
const kvNamespace = this.env.TOOL_PROTECTION_KV;
|
|
117
135
|
if (!kvNamespace) {
|
|
118
|
-
return
|
|
119
|
-
success: false,
|
|
120
|
-
error: "Tool protection KV namespace not configured",
|
|
136
|
+
return this.createErrorResponse("configuration_error", "Tool protection KV namespace not configured", 500, {
|
|
121
137
|
hint: "Ensure TOOL_PROTECTION_KV is bound in wrangler.toml",
|
|
122
|
-
}), {
|
|
123
|
-
status: 500,
|
|
124
|
-
headers: { "Content-Type": "application/json" },
|
|
125
138
|
});
|
|
126
139
|
}
|
|
127
140
|
// Determine cache key format (matches ToolProtectionService logic)
|
|
@@ -133,28 +146,100 @@ export class AdminService {
|
|
|
133
146
|
const cacheKey = `tool-protection:${cacheKeyBase}`;
|
|
134
147
|
// Also clear the old agent-scoped key if using project-scoped (for migration)
|
|
135
148
|
const oldCacheKey = projectId
|
|
136
|
-
? `tool-protection:${agentDid}`
|
|
149
|
+
? `tool-protection:agent:${agentDid}`
|
|
137
150
|
: null;
|
|
138
151
|
// Log before and after for debugging
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
152
|
+
let before = null;
|
|
153
|
+
let beforeOld = null;
|
|
154
|
+
let deleteErrors = [];
|
|
155
|
+
try {
|
|
156
|
+
before = await kvNamespace.get(cacheKey);
|
|
157
|
+
}
|
|
158
|
+
catch (error) {
|
|
159
|
+
console.warn("[Admin] Failed to check cache key before deletion:", error);
|
|
160
|
+
}
|
|
143
161
|
if (oldCacheKey) {
|
|
144
|
-
|
|
162
|
+
try {
|
|
163
|
+
beforeOld = await kvNamespace.get(oldCacheKey);
|
|
164
|
+
}
|
|
165
|
+
catch (error) {
|
|
166
|
+
console.warn("[Admin] Failed to check old cache key before deletion:", error);
|
|
167
|
+
}
|
|
168
|
+
}
|
|
169
|
+
// Delete both keys with error handling
|
|
170
|
+
try {
|
|
171
|
+
await kvNamespace.delete(cacheKey);
|
|
172
|
+
console.log("[Admin] Successfully deleted cache key:", cacheKey);
|
|
173
|
+
}
|
|
174
|
+
catch (error) {
|
|
175
|
+
const errorMsg = error instanceof Error ? error.message : String(error);
|
|
176
|
+
deleteErrors.push(`Failed to delete ${cacheKey}: ${errorMsg}`);
|
|
177
|
+
console.error("[Admin] Failed to delete cache key:", cacheKey, error);
|
|
145
178
|
}
|
|
146
|
-
|
|
147
|
-
|
|
179
|
+
if (oldCacheKey) {
|
|
180
|
+
try {
|
|
181
|
+
await kvNamespace.delete(oldCacheKey);
|
|
182
|
+
console.log("[Admin] Successfully deleted old cache key:", oldCacheKey);
|
|
183
|
+
}
|
|
184
|
+
catch (error) {
|
|
185
|
+
const errorMsg = error instanceof Error ? error.message : String(error);
|
|
186
|
+
deleteErrors.push(`Failed to delete ${oldCacheKey}: ${errorMsg}`);
|
|
187
|
+
console.error("[Admin] Failed to delete old cache key:", oldCacheKey, error);
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
// Verify deletion
|
|
191
|
+
let after = null;
|
|
192
|
+
let verificationSucceeded = false;
|
|
193
|
+
try {
|
|
194
|
+
after = await kvNamespace.get(cacheKey);
|
|
195
|
+
verificationSucceeded = true;
|
|
196
|
+
}
|
|
197
|
+
catch (error) {
|
|
198
|
+
console.warn("[Admin] Failed to verify cache deletion:", error);
|
|
199
|
+
// Verification failed - we cannot determine if cache was cleared
|
|
200
|
+
// Set cleared to false to indicate unknown status
|
|
201
|
+
verificationSucceeded = false;
|
|
202
|
+
}
|
|
203
|
+
// Only consider cache cleared if verification succeeded AND after is null
|
|
204
|
+
// If verification failed, we don't know the status, so set cleared to false
|
|
205
|
+
const cleared = verificationSucceeded && !after;
|
|
206
|
+
const hadValue = !!before;
|
|
207
|
+
const hadOldValue = !!beforeOld;
|
|
208
|
+
console.log("[Admin] Cache clear operation completed", {
|
|
148
209
|
agentDid: agentDid.slice(0, 20) + "...",
|
|
149
210
|
projectId: projectId || "none",
|
|
150
211
|
cacheKey,
|
|
151
212
|
oldCacheKey: oldCacheKey || "none",
|
|
152
|
-
hadValue
|
|
153
|
-
hadOldValue
|
|
154
|
-
cleared
|
|
213
|
+
hadValue,
|
|
214
|
+
hadOldValue,
|
|
215
|
+
cleared,
|
|
216
|
+
verificationSucceeded,
|
|
217
|
+
deleteErrors: deleteErrors.length > 0 ? deleteErrors : undefined,
|
|
155
218
|
});
|
|
156
|
-
|
|
157
|
-
|
|
219
|
+
// If there were errors but we still cleared the main key, consider it a partial success
|
|
220
|
+
if (deleteErrors.length > 0 && !cleared) {
|
|
221
|
+
return this.createErrorResponse("partial_failure", "Partial cache clear failure", 500, {
|
|
222
|
+
delete_errors: deleteErrors,
|
|
223
|
+
cache_key: cacheKey,
|
|
224
|
+
old_cache_key: oldCacheKey || null,
|
|
225
|
+
had_value: hadValue,
|
|
226
|
+
had_old_value: hadOldValue,
|
|
227
|
+
cleared: cleared,
|
|
228
|
+
verification_succeeded: verificationSucceeded,
|
|
229
|
+
});
|
|
230
|
+
}
|
|
231
|
+
// If verification failed, we cannot confirm deletion status
|
|
232
|
+
if (!verificationSucceeded) {
|
|
233
|
+
return this.createErrorResponse("verification_failed", "Cache deletion attempted but verification failed - status unknown", 500, {
|
|
234
|
+
cache_key: cacheKey,
|
|
235
|
+
old_cache_key: oldCacheKey || null,
|
|
236
|
+
had_value: hadValue,
|
|
237
|
+
had_old_value: hadOldValue,
|
|
238
|
+
delete_errors: deleteErrors.length > 0 ? deleteErrors : undefined,
|
|
239
|
+
});
|
|
240
|
+
}
|
|
241
|
+
// Build typed response data
|
|
242
|
+
const responseData = {
|
|
158
243
|
message: "Cache cleared successfully. Next tool call will fetch fresh config from AgentShield.",
|
|
159
244
|
agent_did: agentDid,
|
|
160
245
|
project_id: projectId || null,
|
|
@@ -163,20 +248,28 @@ export class AdminService {
|
|
|
163
248
|
had_value: !!before,
|
|
164
249
|
had_old_value: !!beforeOld,
|
|
165
250
|
cleared: !after,
|
|
166
|
-
}
|
|
251
|
+
};
|
|
252
|
+
// Wrap in AgentShield API response format
|
|
253
|
+
const apiResponse = {
|
|
254
|
+
success: true,
|
|
255
|
+
data: responseData,
|
|
256
|
+
metadata: {
|
|
257
|
+
requestId: crypto.randomUUID(),
|
|
258
|
+
timestamp: new Date().toISOString(),
|
|
259
|
+
},
|
|
260
|
+
};
|
|
261
|
+
return new Response(JSON.stringify(apiResponse), {
|
|
167
262
|
status: 200,
|
|
168
|
-
headers: {
|
|
263
|
+
headers: {
|
|
264
|
+
"Content-Type": "application/json",
|
|
265
|
+
...MCP_CORS_HEADERS,
|
|
266
|
+
},
|
|
169
267
|
});
|
|
170
268
|
}
|
|
171
269
|
catch (error) {
|
|
172
270
|
console.error("[Admin] Failed to clear cache:", error);
|
|
173
|
-
return
|
|
174
|
-
|
|
175
|
-
error: "Internal error clearing cache",
|
|
176
|
-
details: error instanceof Error ? error.message : String(error),
|
|
177
|
-
}), {
|
|
178
|
-
status: 500,
|
|
179
|
-
headers: { "Content-Type": "application/json" },
|
|
271
|
+
return this.createErrorResponse("internal_error", "Internal error clearing cache", 500, {
|
|
272
|
+
error_message: error instanceof Error ? error.message : String(error),
|
|
180
273
|
});
|
|
181
274
|
}
|
|
182
275
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"admin.service.js","sourceRoot":"","sources":["../../src/services/admin.service.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"admin.service.js","sourceRoot":"","sources":["../../src/services/admin.service.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,uBAAuB,EAAE,MAAM,cAAc,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,MAAM,oBAAoB,CAAC;AAO9E,OAAO,EAAE,uBAAuB,EAAE,MAAM,mCAAmC,CAAC;AAE5E,MAAM,OAAO,YAAY;IACf,GAAG,CAAgB;IAE3B,YAAY,GAAkB;QAC5B,IAAI,CAAC,GAAG,GAAG,GAAG,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,mBAAmB,CACzB,IAAY,EACZ,OAAe,EACf,MAAc,EACd,OAAiC;QAEjC,MAAM,SAAS,GAAgC;YAC7C,IAAI;YACJ,OAAO;YACP,GAAG,CAAC,OAAO,IAAI,EAAE,OAAO,EAAE,CAAC;SAC5B,CAAC;QAEF,MAAM,WAAW,GAAwD;YACvE,OAAO,EAAE,KAAK;YACd,IAAI,EAAE,SAAS;YACf,QAAQ,EAAE;gBACR,SAAS,EAAE,MAAM,CAAC,UAAU,EAAE;gBAC9B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC;QAEF,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE;YAC/C,MAAM;YACN,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,GAAG,gBAAgB;aACpB;SACF,CAAC,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,MAAM,CAAC,OAAgB;QAC3B,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAEjC,4CAA4C;QAC5C,IAAI,GAAG,CAAC,QAAQ,KAAK,oBAAoB,EAAE,CAAC;YAC1C,oCAAoC;YACpC,IAAI,OAAO,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBACjC,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;oBACxB,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE;wBACP,GAAG,sBAAsB;qBAC1B;iBACF,CAAC,CAAC;YACL,CAAC;YAED,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,mBAAmB,CAC7B,oBAAoB,EACpB,+BAA+B,EAC/B,GAAG,EACH;oBACE,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,MAAM,EAAE,OAAO,CAAC,MAAM;oBACtB,eAAe,EAAE,CAAC,MAAM,CAAC;iBAC1B,CACF,CAAC;YACJ,CAAC;YAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC;QACxC,CAAC;QAED,yDAAyD;QACzD,OAAO,IAAI,CAAC,mBAAmB,CAC7B,oBAAoB,EACpB,0BAA0B,EAC1B,GAAG,EACH;YACE,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,mBAAmB,EAAE,CAAC,oBAAoB,CAAC;YAC3C,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,IAAI,EAAE,kGAAkG;SACzG,CACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,gBAAgB,CAAC,OAAgB;QAC7C,IAAI,CAAC;YACH,kCAAkC;YAClC,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACpD,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAEjE,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC;gBAC9B,OAAO,IAAI,CAAC,mBAAmB,CAC7B,kBAAkB,EAClB,0CAA0C,EAC1C,GAAG,EACH,EAAE,iBAAiB,EAAE,gBAAgB,CAAC,KAAK,CAAC,MAAM,EAAE,CACrD,CAAC;YACJ,CAAC;YAED,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,gBAAgB,CAAC,IAAI,CAAC;YAEtD,iFAAiF;YACjF,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,sBAAsB,CAAC;YAElD,4CAA4C;YAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YACxD,IAAI,CAAC,UAAU,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBACrD,OAAO,IAAI,CAAC,mBAAmB,CAC7B,cAAc,EACd,wDAAwD,EACxD,GAAG,CACJ,CAAC;YACJ,CAAC;YAED,MAAM,MAAM,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B;YAE9D,wDAAwD;YACxD,0DAA0D;YAC1D,MAAM,cAAc,GAClB,IAAI,CAAC,GAAG,CAAC,mBAAmB,IAAI,uBAAuB,CAAC;YAC1D,IAAI,aAAqB,CAAC;YAC1B,IAAI,OAAO,GAA2B;gBACpC,cAAc,EAAE,kBAAkB;aACnC,CAAC;YAEF,IAAI,SAAS,EAAE,CAAC;gBACd,wBAAwB;gBACxB,aAAa,GAAG,GAAG,cAAc,4BAA4B,kBAAkB,CAAC,SAAS,CAAC,mBAAmB,CAAC;gBAC9G,OAAO,CAAC,WAAW,CAAC,GAAG,MAAM,CAAC;gBAC9B,OAAO,CAAC,cAAc,CAAC,GAAG,SAAS,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,kDAAkD;gBAClD,aAAa,GAAG,GAAG,cAAc,oCAAoC,kBAAkB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACpG,OAAO,CAAC,eAAe,CAAC,GAAG,UAAU,MAAM,EAAE,CAAC;YAChD,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,kBAAkB,GAAG,MAAM,KAAK,CAAC,aAAa,EAAE;oBACpD,MAAM,EAAE,KAAK;oBACb,OAAO;iBACR,CAAC,CAAC;gBAEH,IAAI,CAAC,kBAAkB,CAAC,EAAE,EAAE,CAAC;oBAC3B,OAAO,CAAC,IAAI,CACV,oCAAoC,EACpC,kBAAkB,CAAC,MAAM,CAC1B,CAAC;oBACF,OAAO,IAAI,CAAC,mBAAmB,CAC7B,iBAAiB,EACjB,gCAAgC,EAChC,GAAG,CACJ,CAAC;gBACJ,CAAC;gBAED,2CAA2C;gBAC3C,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;YACxD,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,mCAAmC,EAAE,KAAK,CAAC,CAAC;gBAC1D,OAAO,IAAI,CAAC,mBAAmB,CAC7B,mBAAmB,EACnB,6CAA6C,EAC7C,GAAG,EACH;oBACE,aAAa,EACX,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;iBACzD,CACF,CAAC;YACJ,CAAC;YAED,sBAAsB;YACtB,qEAAqE;YACrE,gDAAgD;YAChD,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC;YAEhD,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,IAAI,CAAC,mBAAmB,CAC7B,qBAAqB,EACrB,6CAA6C,EAC7C,GAAG,EACH;oBACE,IAAI,EAAE,qDAAqD;iBAC5D,CACF,CAAC;YACJ,CAAC;YAED,mEAAmE;YACnE,sEAAsE;YACtE,iDAAiD;YACjD,MAAM,YAAY,GAAG,SAAS;gBAC5B,CAAC,CAAC,2BAA2B,SAAS,EAAE;gBACxC,CAAC,CAAC,SAAS,QAAQ,EAAE,CAAC;YACxB,MAAM,QAAQ,GAAG,mBAAmB,YAAY,EAAE,CAAC;YAEnD,8EAA8E;YAC9E,MAAM,WAAW,GAAG,SAAS;gBAC3B,CAAC,CAAC,yBAAyB,QAAQ,EAAE;gBACrC,CAAC,CAAC,IAAI,CAAC;YAET,qCAAqC;YACrC,IAAI,MAAM,GAAQ,IAAI,CAAC;YACvB,IAAI,SAAS,GAAQ,IAAI,CAAC;YAC1B,IAAI,YAAY,GAAa,EAAE,CAAC;YAEhC,IAAI,CAAC;gBACH,MAAM,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC3C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CACV,oDAAoD,EACpD,KAAK,CACN,CAAC;YACJ,CAAC;YAED,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC;oBACH,SAAS,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;gBACjD,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,OAAO,CAAC,IAAI,CACV,wDAAwD,EACxD,KAAK,CACN,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,uCAAuC;YACvC,IAAI,CAAC;gBACH,MAAM,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACnC,OAAO,CAAC,GAAG,CAAC,yCAAyC,EAAE,QAAQ,CAAC,CAAC;YACnE,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACxE,YAAY,CAAC,IAAI,CAAC,oBAAoB,QAAQ,KAAK,QAAQ,EAAE,CAAC,CAAC;gBAC/D,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;YACxE,CAAC;YAED,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC;oBACH,MAAM,WAAW,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;oBACtC,OAAO,CAAC,GAAG,CACT,6CAA6C,EAC7C,WAAW,CACZ,CAAC;gBACJ,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,QAAQ,GACZ,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;oBACzD,YAAY,CAAC,IAAI,CAAC,oBAAoB,WAAW,KAAK,QAAQ,EAAE,CAAC,CAAC;oBAClE,OAAO,CAAC,KAAK,CACX,yCAAyC,EACzC,WAAW,EACX,KAAK,CACN,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,kBAAkB;YAClB,IAAI,KAAK,GAAQ,IAAI,CAAC;YACtB,IAAI,qBAAqB,GAAG,KAAK,CAAC;YAClC,IAAI,CAAC;gBACH,KAAK,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;gBACxC,qBAAqB,GAAG,IAAI,CAAC;YAC/B,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,0CAA0C,EAAE,KAAK,CAAC,CAAC;gBAChE,iEAAiE;gBACjE,kDAAkD;gBAClD,qBAAqB,GAAG,KAAK,CAAC;YAChC,CAAC;YAED,0EAA0E;YAC1E,4EAA4E;YAC5E,MAAM,OAAO,GAAG,qBAAqB,IAAI,CAAC,KAAK,CAAC;YAChD,MAAM,QAAQ,GAAG,CAAC,CAAC,MAAM,CAAC;YAC1B,MAAM,WAAW,GAAG,CAAC,CAAC,SAAS,CAAC;YAEhC,OAAO,CAAC,GAAG,CAAC,yCAAyC,EAAE;gBACrD,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;gBACvC,SAAS,EAAE,SAAS,IAAI,MAAM;gBAC9B,QAAQ;gBACR,WAAW,EAAE,WAAW,IAAI,MAAM;gBAClC,QAAQ;gBACR,WAAW;gBACX,OAAO;gBACP,qBAAqB;gBACrB,YAAY,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;aACjE,CAAC,CAAC;YAEH,wFAAwF;YACxF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBACxC,OAAO,IAAI,CAAC,mBAAmB,CAC7B,iBAAiB,EACjB,6BAA6B,EAC7B,GAAG,EACH;oBACE,aAAa,EAAE,YAAY;oBAC3B,SAAS,EAAE,QAAQ;oBACnB,aAAa,EAAE,WAAW,IAAI,IAAI;oBAClC,SAAS,EAAE,QAAQ;oBACnB,aAAa,EAAE,WAAW;oBAC1B,OAAO,EAAE,OAAO;oBAChB,sBAAsB,EAAE,qBAAqB;iBAC9C,CACF,CAAC;YACJ,CAAC;YAED,4DAA4D;YAC5D,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAC3B,OAAO,IAAI,CAAC,mBAAmB,CAC7B,qBAAqB,EACrB,mEAAmE,EACnE,GAAG,EACH;oBACE,SAAS,EAAE,QAAQ;oBACnB,aAAa,EAAE,WAAW,IAAI,IAAI;oBAClC,SAAS,EAAE,QAAQ;oBACnB,aAAa,EAAE,WAAW;oBAC1B,aAAa,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,SAAS;iBAClE,CACF,CAAC;YACJ,CAAC;YAED,4BAA4B;YAC5B,MAAM,YAAY,GAAuB;gBACvC,OAAO,EACL,sFAAsF;gBACxF,SAAS,EAAE,QAAQ;gBACnB,UAAU,EAAE,SAAS,IAAI,IAAI;gBAC7B,SAAS,EAAE,QAAQ;gBACnB,aAAa,EAAE,WAAW,IAAI,IAAI;gBAClC,SAAS,EAAE,CAAC,CAAC,MAAM;gBACnB,aAAa,EAAE,CAAC,CAAC,SAAS;gBAC1B,OAAO,EAAE,CAAC,KAAK;aAChB,CAAC;YAEF,0CAA0C;YAC1C,MAAM,WAAW,GAA+C;gBAC9D,OAAO,EAAE,IAAI;gBACb,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE;oBACR,SAAS,EAAE,MAAM,CAAC,UAAU,EAAE;oBAC9B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;iBACpC;aACF,CAAC;YAEF,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE;gBAC/C,MAAM,EAAE,GAAG;gBACX,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,GAAG,gBAAgB;iBACpB;aACF,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,gCAAgC,EAAE,KAAK,CAAC,CAAC;YACvD,OAAO,IAAI,CAAC,mBAAmB,CAC7B,gBAAgB,EAChB,+BAA+B,EAC/B,GAAG,EACH;gBACE,aAAa,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;aACtE,CACF,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
|
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
*
|
|
14
14
|
* Related Spec: MCP-I Phase 0 Implementation Plan, Task B.4
|
|
15
15
|
*/
|
|
16
|
-
import type { ConsentPageConfig } from "@kya-os/contracts/consent";
|
|
16
|
+
import type { ConsentPageConfig, OAuthIdentity } from "@kya-os/contracts/consent";
|
|
17
17
|
/**
|
|
18
18
|
* Consent Page Renderer
|
|
19
19
|
*
|
|
@@ -24,9 +24,13 @@ export declare class ConsentPageRenderer {
|
|
|
24
24
|
* Render consent page HTML
|
|
25
25
|
*
|
|
26
26
|
* @param config - Consent page configuration (will be sanitized)
|
|
27
|
+
* @param oauthIdentity - Optional OAuth identity from cookie (Phase 4 PR #4)
|
|
27
28
|
* @returns HTML string
|
|
28
29
|
*/
|
|
29
|
-
render(config: ConsentPageConfig
|
|
30
|
+
render(config: ConsentPageConfig & {
|
|
31
|
+
oauthRequired?: boolean;
|
|
32
|
+
oauthUrl?: string;
|
|
33
|
+
}, oauthIdentity?: OAuthIdentity): string;
|
|
30
34
|
/**
|
|
31
35
|
* Render success page HTML
|
|
32
36
|
*
|
|
@@ -123,6 +127,7 @@ export declare class ConsentPageRenderer {
|
|
|
123
127
|
* Render form
|
|
124
128
|
*
|
|
125
129
|
* @param config - Sanitized configuration
|
|
130
|
+
* @param oauthIdentity - Optional OAuth identity (Phase 4 PR #4)
|
|
126
131
|
* @returns HTML string
|
|
127
132
|
*/
|
|
128
133
|
private renderForm;
|
|
@@ -130,6 +135,7 @@ export declare class ConsentPageRenderer {
|
|
|
130
135
|
* Render JavaScript for form handling
|
|
131
136
|
*
|
|
132
137
|
* @param config - Sanitized configuration
|
|
138
|
+
* @param _oauthIdentity - Optional OAuth identity (Phase 4 PR #4) - not used directly, extracted from form
|
|
133
139
|
* @returns HTML string
|
|
134
140
|
*/
|
|
135
141
|
private renderScript;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent-page-renderer.d.ts","sourceRoot":"","sources":["../../src/services/consent-page-renderer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,KAAK,EACV,iBAAiB,
|
|
1
|
+
{"version":3,"file":"consent-page-renderer.d.ts","sourceRoot":"","sources":["../../src/services/consent-page-renderer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,KAAK,EACV,iBAAiB,EAIjB,aAAa,EACd,MAAM,2BAA2B,CAAC;AAEnC;;;;GAIG;AACH,qBAAa,mBAAmB;IAC9B;;;;;;OAMG;IACH,MAAM,CACJ,MAAM,EAAE,iBAAiB,GAAG;QAAE,aAAa,CAAC,EAAE,OAAO,CAAC;QAAC,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,EAC1E,aAAa,CAAC,EAAE,aAAa,GAC5B,MAAM;IAyBT;;;;;OAKG;IACH,aAAa,CAAC,MAAM,EAAE;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,SAAS,CAAC,EAAE,OAAO,CAAA;KAAE,GAAG,MAAM;IA6B5E;;;;;;;OAOG;IACH,OAAO,CAAC,UAAU;IAYlB;;;;;OAKG;IACH,OAAO,CAAC,WAAW;IAanB;;;;;OAKG;IACH,OAAO,CAAC,aAAa;IASrB;;;;;;;;OAQG;IACH,OAAO,CAAC,cAAc;IA0BtB;;;;;OAKG;IACH,OAAO,CAAC,gBAAgB;IAkCxB;;;;;OAKG;IACH,OAAO,CAAC,aAAa;IASrB;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB;IAkB3B;;;;;OAKG;IACH,OAAO,CAAC,YAAY;IAuBpB;;;;;OAKG;IACH,OAAO,CAAC,YAAY;IA0BpB;;;;;OAKG;IACH,OAAO,CAAC,WAAW;IAqBnB;;;;;OAKG;IACH,OAAO,CAAC,kBAAkB;IA6D1B;;;;;;OAMG;IACH,OAAO,CAAC,UAAU;IAqDlB;;;;;;OAMG;IACH,OAAO,CAAC,YAAY;CAoJrB"}
|
|
@@ -23,9 +23,10 @@ export class ConsentPageRenderer {
|
|
|
23
23
|
* Render consent page HTML
|
|
24
24
|
*
|
|
25
25
|
* @param config - Consent page configuration (will be sanitized)
|
|
26
|
+
* @param oauthIdentity - Optional OAuth identity from cookie (Phase 4 PR #4)
|
|
26
27
|
* @returns HTML string
|
|
27
28
|
*/
|
|
28
|
-
render(config) {
|
|
29
|
+
render(config, oauthIdentity) {
|
|
29
30
|
const sanitized = this.sanitizeConfig(config);
|
|
30
31
|
return `<!DOCTYPE html>
|
|
31
32
|
<html lang="en">
|
|
@@ -42,9 +43,9 @@ export class ConsentPageRenderer {
|
|
|
42
43
|
${this.renderScopes(sanitized.scopes)}
|
|
43
44
|
${this.renderTerms(sanitized.terms)}
|
|
44
45
|
${this.renderCustomFields(sanitized.customFields)}
|
|
45
|
-
${this.renderForm(sanitized)}
|
|
46
|
+
${this.renderForm(sanitized, oauthIdentity)}
|
|
46
47
|
</div>
|
|
47
|
-
${this.renderScript(sanitized)}
|
|
48
|
+
${this.renderScript(sanitized, oauthIdentity)}
|
|
48
49
|
</body>
|
|
49
50
|
</html>`;
|
|
50
51
|
}
|
|
@@ -250,7 +251,7 @@ export class ConsentPageRenderer {
|
|
|
250
251
|
// Escape logoUrl for HTML attribute to prevent XSS
|
|
251
252
|
const logoUrlEscaped = branding?.logoUrl
|
|
252
253
|
? this.escapeHtml(branding.logoUrl)
|
|
253
|
-
:
|
|
254
|
+
: "";
|
|
254
255
|
const logoHtml = branding?.logoUrl
|
|
255
256
|
? `<img src="${logoUrlEscaped}" alt="${branding.companyName || "Logo"}" class="h-12 w-auto mb-4" />`
|
|
256
257
|
: "";
|
|
@@ -307,7 +308,7 @@ export class ConsentPageRenderer {
|
|
|
307
308
|
? `<p class="text-sm text-gray-600 mb-4">${terms.text}</p>`
|
|
308
309
|
: "";
|
|
309
310
|
// Escape URL for HTML attribute to prevent XSS
|
|
310
|
-
const termsUrlEscaped = terms.url ? this.escapeHtml(terms.url) :
|
|
311
|
+
const termsUrlEscaped = terms.url ? this.escapeHtml(terms.url) : "";
|
|
311
312
|
const termsLink = terms.url
|
|
312
313
|
? `<a href="${termsUrlEscaped}" target="_blank" rel="noopener noreferrer" class="text-blue-600 hover:underline text-sm">View Terms</a>`
|
|
313
314
|
: "";
|
|
@@ -384,9 +385,10 @@ export class ConsentPageRenderer {
|
|
|
384
385
|
* Render form
|
|
385
386
|
*
|
|
386
387
|
* @param config - Sanitized configuration
|
|
388
|
+
* @param oauthIdentity - Optional OAuth identity (Phase 4 PR #4)
|
|
387
389
|
* @returns HTML string
|
|
388
390
|
*/
|
|
389
|
-
renderForm(config) {
|
|
391
|
+
renderForm(config, oauthIdentity) {
|
|
390
392
|
const scopesJson = JSON.stringify(config.scopes);
|
|
391
393
|
const agentDid = config.agentDid;
|
|
392
394
|
const sessionId = config.sessionId;
|
|
@@ -397,8 +399,13 @@ export class ConsentPageRenderer {
|
|
|
397
399
|
// Use single quotes for scopes value to avoid escaping JSON quotes
|
|
398
400
|
// The JSON string contains double quotes, so we use single quotes for the HTML attribute
|
|
399
401
|
const scopesJsonEscaped = scopesJson.replace(/'/g, "'"); // Only escape single quotes
|
|
402
|
+
// Phase 4 PR #4: Add hidden input for OAuth identity (if available)
|
|
403
|
+
const oauthIdentityField = oauthIdentity
|
|
404
|
+
? `<input type="hidden" name="oauth_identity_json" value="${this.escapeHtml(JSON.stringify(oauthIdentity))}" />`
|
|
405
|
+
: "";
|
|
400
406
|
return `
|
|
401
407
|
<form id="consent-form" method="POST" action="${serverUrlEscaped}/consent/approve" class="space-y-4">
|
|
408
|
+
${oauthIdentityField}
|
|
402
409
|
<input type="hidden" name="tool" value="${tool}" />
|
|
403
410
|
<input type="hidden" name="scopes" value='${scopesJsonEscaped}' />
|
|
404
411
|
<input type="hidden" name="agent_did" value="${agentDid}" />
|
|
@@ -430,12 +437,17 @@ export class ConsentPageRenderer {
|
|
|
430
437
|
* Render JavaScript for form handling
|
|
431
438
|
*
|
|
432
439
|
* @param config - Sanitized configuration
|
|
440
|
+
* @param _oauthIdentity - Optional OAuth identity (Phase 4 PR #4) - not used directly, extracted from form
|
|
433
441
|
* @returns HTML string
|
|
434
442
|
*/
|
|
435
|
-
renderScript(config) {
|
|
443
|
+
renderScript(config, _oauthIdentity) {
|
|
436
444
|
// serverUrl is already validated, but we need to escape it for JavaScript string
|
|
437
445
|
// Use JSON.stringify to safely embed the URL in JavaScript
|
|
438
446
|
const serverUrlJs = JSON.stringify(config.serverUrl);
|
|
447
|
+
const oauthRequiredJs = config.oauthRequired ? "true" : "false";
|
|
448
|
+
const oauthUrlJs = config.oauthUrl
|
|
449
|
+
? JSON.stringify(config.oauthUrl)
|
|
450
|
+
: "null";
|
|
439
451
|
return `
|
|
440
452
|
<script>
|
|
441
453
|
(function() {
|
|
@@ -443,10 +455,19 @@ export class ConsentPageRenderer {
|
|
|
443
455
|
if (!form) return;
|
|
444
456
|
|
|
445
457
|
const serverUrl = ${serverUrlJs};
|
|
458
|
+
const oauthRequired = ${oauthRequiredJs};
|
|
459
|
+
const oauthUrl = ${oauthUrlJs};
|
|
446
460
|
|
|
447
461
|
form.addEventListener('submit', async function(e) {
|
|
448
462
|
e.preventDefault();
|
|
449
463
|
|
|
464
|
+
// Check if OAuth is required before submitting
|
|
465
|
+
if (oauthRequired && oauthUrl) {
|
|
466
|
+
console.log('OAuth required, redirecting to OAuth provider');
|
|
467
|
+
window.location.href = oauthUrl;
|
|
468
|
+
return;
|
|
469
|
+
}
|
|
470
|
+
|
|
450
471
|
const formData = new FormData(form);
|
|
451
472
|
|
|
452
473
|
// Safely parse scopes JSON
|
|
@@ -473,6 +494,18 @@ export class ConsentPageRenderer {
|
|
|
473
494
|
}
|
|
474
495
|
}
|
|
475
496
|
|
|
497
|
+
// Phase 4 PR #4: Extract OAuth identity from hidden input field
|
|
498
|
+
let extractedOAuthIdentity = null;
|
|
499
|
+
try {
|
|
500
|
+
const oauthIdentityJson = formData.get('oauth_identity_json');
|
|
501
|
+
if (oauthIdentityJson && typeof oauthIdentityJson === 'string') {
|
|
502
|
+
extractedOAuthIdentity = JSON.parse(oauthIdentityJson);
|
|
503
|
+
}
|
|
504
|
+
} catch (error) {
|
|
505
|
+
console.warn('Failed to parse OAuth identity:', error);
|
|
506
|
+
// Non-fatal - continue without OAuth identity
|
|
507
|
+
}
|
|
508
|
+
|
|
476
509
|
const data = {
|
|
477
510
|
tool: formData.get('tool'),
|
|
478
511
|
scopes: scopes,
|
|
@@ -480,7 +513,8 @@ export class ConsentPageRenderer {
|
|
|
480
513
|
session_id: formData.get('session_id'),
|
|
481
514
|
project_id: formData.get('project_id'),
|
|
482
515
|
termsAccepted: formData.get('termsAccepted') === 'on',
|
|
483
|
-
customFields: {}
|
|
516
|
+
customFields: {},
|
|
517
|
+
oauth_identity: extractedOAuthIdentity
|
|
484
518
|
};
|
|
485
519
|
|
|
486
520
|
// Collect custom fields
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"consent-page-renderer.js","sourceRoot":"","sources":["../../src/services/consent-page-renderer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;
|
|
1
|
+
{"version":3,"file":"consent-page-renderer.js","sourceRoot":"","sources":["../../src/services/consent-page-renderer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAUH;;;;GAIG;AACH,MAAM,OAAO,mBAAmB;IAC9B;;;;;;OAMG;IACH,MAAM,CACJ,MAA0E,EAC1E,aAA6B;QAE7B,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAE9C,OAAO;;;;;;qBAMU,SAAS,CAAC,IAAI;;;;;MAK7B,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;MAC5B,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,MAAM,CAAC;MACnC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,KAAK,CAAC;MACjC,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,YAAY,CAAC;MAC/C,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,aAAa,CAAC;;IAE3C,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,aAAa,CAAC;;QAEvC,CAAC;IACP,CAAC;IAED;;;;;OAKG;IACH,aAAa,CAAC,MAAqD;QACjE,MAAM,qBAAqB,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QACnE,MAAM,eAAe,GAAG,MAAM,CAAC,SAAS;YACtC,CAAC,CAAC,iEAAiE;YACnE,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO;;;;;;;;;;;;;;;;uGAgB4F,qBAAqB;MACtH,eAAe;;;QAGb,CAAC;IACP,CAAC;IAED;;;;;;;OAOG;IACK,UAAU,CAAC,IAAY;QAC7B,MAAM,GAAG,GAA2B;YAClC,GAAG,EAAE,OAAO;YACZ,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,MAAM;YACX,GAAG,EAAE,QAAQ;YACb,GAAG,EAAE,QAAQ;YACb,GAAG,EAAE,QAAQ;SACd,CAAC;QACF,OAAO,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAED;;;;;OAKG;IACK,WAAW,CAAC,GAAW;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAC5B,kCAAkC;YAClC,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBAChE,OAAO,GAAG,CAAC,CAAC,2DAA2D;YACzE,CAAC;YACD,OAAO,GAAG,CAAC,CAAC,sDAAsD;QACpE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,GAAG,CAAC,CAAC,+BAA+B;QAC7C,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACK,aAAa,CAAC,KAAa;QACjC,oCAAoC;QACpC,IAAI,mBAAmB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;YACpC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,sBAAsB;QACtB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;;;OAQG;IACK,cAAc,CAAC,MAAyB;QAC9C,gEAAgE;QAChE,sEAAsE;QACtE,MAAM,kBAAkB,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAE9D,OAAO;YACL,GAAG,MAAM;YACT,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC;YAClC,eAAe,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,eAAe,CAAC;YACxD,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC5D,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC;YAC1C,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC;YAC5C,SAAS,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC;YAC5C,SAAS,EAAE,kBAAkB,EAAE,0CAA0C;YACzE,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACvB,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,QAAQ,CAAC;gBACxC,CAAC,CAAC,SAAS;YACb,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS;YAClE,YAAY,EAAE,MAAM,CAAC,YAAY;gBAC/B,CAAC,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAqB,EAAE,EAAE,CAChD,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,CAC5B;gBACH,CAAC,CAAC,SAAS;SACd,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACK,gBAAgB,CAAC,QAAyB;QAChD,uEAAuE;QACvE,IAAI,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC;QAC/B,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;YAC5C,iFAAiF;YACjF,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC;gBAClC,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBAChE,OAAO,GAAG,SAAS,CAAC,CAAC,iCAAiC;gBACxD,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,GAAG,SAAS,CAAC,CAAC,4BAA4B;YACnD,CAAC;QACH,CAAC;QAED,OAAO;YACL,GAAG,QAAQ;YACX,YAAY,EAAE,QAAQ,CAAC,YAAY;gBACjC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,YAAY,CAAC;gBAC3C,CAAC,CAAC,SAAS;YACb,OAAO;YACP,WAAW,EAAE,QAAQ,CAAC,WAAW;gBAC/B,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC;gBACvC,CAAC,CAAC,SAAS;YACb,KAAK,EACH,QAAQ,CAAC,KAAK,KAAK,OAAO;gBAC1B,QAAQ,CAAC,KAAK,KAAK,MAAM;gBACzB,QAAQ,CAAC,KAAK,KAAK,MAAM;gBACvB,CAAC,CAAC,QAAQ,CAAC,KAAK;gBAChB,CAAC,CAAC,SAAS;SAChB,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACK,aAAa,CAAC,KAAmB;QACvC,OAAO;YACL,GAAG,KAAK;YACR,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;YAC1D,GAAG,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS;YACxD,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;SACpE,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACK,mBAAmB,CAAC,KAAyB;QACnD,OAAO;YACL,GAAG,KAAK;YACR,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC;YACjC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC;YACnC,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC5B,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,WAAW,CAAC;gBACpC,CAAC,CAAC,SAAS;YACb,OAAO,EAAE,KAAK,CAAC,OAAO;gBACpB,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,GAAqC,EAAE,EAAE,CAAC,CAAC;oBAC5D,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC;oBACjC,KAAK,EAAE,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC;iBAClC,CAAC,CAAC;gBACL,CAAC,CAAC,SAAS;YACb,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;SACpE,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACK,YAAY,CAAC,MAAyB;QAC5C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,mDAAmD;QACnD,MAAM,cAAc,GAAG,QAAQ,EAAE,OAAO;YACtC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;YACnC,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,QAAQ,GAAG,QAAQ,EAAE,OAAO;YAChC,CAAC,CAAC,aAAa,cAAc,UAAU,QAAQ,CAAC,WAAW,IAAI,MAAM,+BAA+B;YACpG,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,WAAW,GAAG,QAAQ,EAAE,WAAW;YACvC,CAAC,CAAC,yCAAyC,QAAQ,CAAC,WAAW,MAAM;YACrE,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,YAAY,GAAG,QAAQ,EAAE,YAAY,IAAI,SAAS,CAAC;QAEzD,OAAO;;QAEH,QAAQ;QACR,WAAW;0DACuC,YAAY,gBAAgB,MAAM,CAAC,IAAI;iCAChE,MAAM,CAAC,eAAe;WAC5C,CAAC;IACV,CAAC;IAED;;;;;OAKG;IACK,YAAY,CAAC,MAAgB;QACnC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,OAAO,gGAAgG,CAAC;QAC1G,CAAC;QAED,MAAM,UAAU,GAAG,MAAM;aACtB,GAAG,CACF,CAAC,KAAK,EAAE,EAAE,CAAC;;;;;8CAK2B,KAAK;YACvC,CACL;aACA,IAAI,CAAC,EAAE,CAAC,CAAC;QAEZ,OAAO;;;;UAID,UAAU;;WAET,CAAC;IACV,CAAC;IAED;;;;;OAKG;IACK,WAAW,CAAC,KAAoB;QACtC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,SAAS,GAAG,KAAK,CAAC,IAAI;YAC1B,CAAC,CAAC,yCAAyC,KAAK,CAAC,IAAI,MAAM;YAC3D,CAAC,CAAC,EAAE,CAAC;QACP,+CAA+C;QAC/C,MAAM,eAAe,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACpE,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG;YACzB,CAAC,CAAC,YAAY,eAAe,0GAA0G;YACvI,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO;;QAEH,SAAS;QACT,SAAS;WACN,CAAC;IACV,CAAC;IAED;;;;;OAKG;IACK,kBAAkB,CAAC,MAA6B;QACtD,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnC,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,MAAM,SAAS,GAAG,MAAM;aACrB,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;YACb,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YACtD,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,YAAY,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACtE,MAAM,eAAe,GAAG,KAAK,CAAC,WAAW;gBACvC,CAAC,CAAC,gBAAgB,KAAK,CAAC,WAAW,GAAG;gBACtC,CAAC,CAAC,EAAE,CAAC;YAEP,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;gBAC9B,OAAO;;;2CAG0B,KAAK,CAAC,IAAI,KAAK,YAAY;kDACpB,KAAK,CAAC,KAAK;;eAE9C,CAAC;YACR,CAAC;iBAAM,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnC,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO;oBAC3B,CAAC,CAAC,KAAK,CAAC,OAAO;yBACV,GAAG,CACF,CAAC,GAAqC,EAAE,EAAE,CACxC,kBAAkB,GAAG,CAAC,KAAK,KAAK,GAAG,CAAC,KAAK,WAAW,CACvD;yBACA,IAAI,CAAC,EAAE,CAAC;oBACb,CAAC,CAAC,EAAE,CAAC;gBACP,OAAO;;wEAEuD,KAAK,CAAC,KAAK;0BACzD,KAAK,CAAC,IAAI,KAAK,YAAY;cACvC,OAAO;;eAEN,CAAC;YACR,CAAC;iBAAM,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;gBACrC,OAAO;;wEAEuD,KAAK,CAAC,KAAK;4BACvD,KAAK,CAAC,IAAI,KAAK,YAAY,IAAI,eAAe;eAC3D,CAAC;YACR,CAAC;iBAAM,CAAC;gBACN,aAAa;gBACb,OAAO;;wEAEuD,KAAK,CAAC,KAAK;qCAC9C,KAAK,CAAC,IAAI,KAAK,YAAY,IAAI,eAAe,IAAI,WAAW;eACnF,CAAC;YACR,CAAC;QACH,CAAC,CAAC;aACD,IAAI,CAAC,EAAE,CAAC,CAAC;QAEZ,OAAO;;;QAGH,SAAS;WACN,CAAC;IACV,CAAC;IAED;;;;;;OAMG;IACK,UAAU,CAChB,MAAyB,EACzB,aAA6B;QAE7B,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACjD,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;QACjC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QACnC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QACzB,qDAAqD;QACrD,MAAM,gBAAgB,GAAG,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC3D,mEAAmE;QACnE,yFAAyF;QACzF,MAAM,iBAAiB,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC,4BAA4B;QAE1F,oEAAoE;QACpE,MAAM,kBAAkB,GAAG,aAAa;YACtC,CAAC,CAAC,0DAA0D,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,MAAM;YAChH,CAAC,CAAC,EAAE,CAAC;QAEP,OAAO;oDACyC,gBAAgB;QAC5D,kBAAkB;gDACsB,IAAI;kDACF,iBAAiB;qDACd,QAAQ;sDACP,SAAS;sDACT,SAAS;;QAGvD,MAAM,CAAC,KAAK,EAAE,QAAQ;YACpB,CAAC,CAAC;;;;;;;OAOL;YACG,CAAC,CAAC,EACN;;;;;;;;;;YAUM,CAAC;IACX,CAAC;IAED;;;;;;OAMG;IACK,YAAY,CAClB,MAA0E,EAC1E,cAA8B;QAE9B,iFAAiF;QACjF,2DAA2D;QAC3D,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACrD,MAAM,eAAe,GAAG,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;QAChE,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ;YAChC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC;YACjC,CAAC,CAAC,MAAM,CAAC;QAEX,OAAO;;;;;;sBAMW,WAAW;0BACP,eAAe;qBACpB,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MA+DzB,MAAM,CAAC,YAAY;YACjB,EAAE,GAAG,CAAC,CAAC,KAAyB,EAAE,EAAE;YAClC,qEAAqE;YACrE,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAC/C,IAAI,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;gBAC9B,OAAO,qBAAqB,WAAW,oBAAoB,WAAW,aAAa,CAAC;YACtF,CAAC;iBAAM,CAAC;gBACN,OAAO,SAAS,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,wBAAwB,WAAW,UAAU,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,4BAA4B,WAAW,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,QAAQ,CAAC;YACjP,CAAC;QACH,CAAC,CAAC;aACD,IAAI,CAAC,QAAQ,CAAC,IAAI,EACvB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;UAoDM,CAAC;IACT,CAAC;CACF"}
|