@lit-protocol/vincent-app-sdk 0.0.4-mma

package/dist/src/internal/LitNodeClient/LitNodeClientInstance.js

@@ -0,0 +1,67 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LitNodeClientInstance = void 0;
+const lit_node_client_1 = require("@lit-protocol/lit-node-client");
+class LitNodeClientInstance {
+    constructor({ network }) {
+        this.isConnected = false;
+        this.connectHandle = null;
+        this.litNodeClientInstance = new lit_node_client_1.LitNodeClient({
+            debug: true,
+            litNetwork: network,
+        });
+    }
+    async connect() {
+        if (!this.isConnected) {
+            // Coalesce concurrent calls
+            if (this.connectHandle) {
+                return this.connectHandle;
+            }
+            // Stash a handle so concurrent calls to connect are coaelesced into 1
+            this.connectHandle = this.litNodeClientInstance.connect().then(() => true);
+            try {
+                // Don't return until we know the result of pending connect attempt
+                await this.connectHandle;
+                this.isConnected = true;
+            }
+            catch (e) {
+                // We allow multiple calls to (retries!) to `connect()` even in case where one succeeded
+                // if `isConnected` is false (e.g. a prior attempt failed)
+                this.isConnected = false;
+                throw e;
+            }
+            finally {
+                this.connectHandle = null;
+            }
+            return this.isConnected;
+        }
+        return true;
+    }
+    async disconnect() {
+        if (!this.isConnected && this.connectHandle) {
+            // Wait for connect attempt to finish so we don't end up just re-adding the listener when it finishes.
+            try {
+                await this.connectHandle;
+                // eslint-disable-next-line @typescript-eslint/no-unused-vars
+            }
+            catch (e) {
+                /* Ignore errors on connect; we're disconnecting! */
+            }
+        }
+        try {
+            await this.litNodeClientInstance.disconnect();
+        }
+        catch (e) {
+            /* We did our best */
+            console.log('Failed to disconnect from LitNodeClientInstance.', e.message);
+        }
+        finally {
+            this.isConnected = false;
+        }
+    }
+    get litNodeClient() {
+        return this.litNodeClientInstance;
+    }
+}
+exports.LitNodeClientInstance = LitNodeClientInstance;
+//# sourceMappingURL=LitNodeClientInstance.js.map

package/dist/src/internal/LitNodeClient/LitNodeClientInstance.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"LitNodeClientInstance.js","sourceRoot":"","sources":["../../../../src/internal/LitNodeClient/LitNodeClientInstance.ts"],"names":[],"mappings":";;;AAEA,mEAA8D;AAE9D,MAAa,qBAAqB;IAOhC,YAAY,EAAE,OAAO,EAAkC;QAJ/C,gBAAW,GAAG,KAAK,CAAC;QAEpB,kBAAa,GAA4B,IAAI,CAAC;QAGpD,IAAI,CAAC,qBAAqB,GAAG,IAAI,+BAAa,CAAC;YAC7C,KAAK,EAAE,IAAI;YACX,UAAU,EAAE,OAAO;SACpB,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,OAAO;QACX,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YACtB,4BAA4B;YAC5B,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;gBACvB,OAAO,IAAI,CAAC,aAAa,CAAC;YAC5B,CAAC;YAED,sEAAsE;YACtE,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;YAE3E,IAAI,CAAC;gBACH,mEAAmE;gBACnE,MAAM,IAAI,CAAC,aAAa,CAAC;gBACzB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;YAC1B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,wFAAwF;gBACxF,0DAA0D;gBAC1D,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;gBACzB,MAAM,CAAC,CAAC;YACV,CAAC;oBAAS,CAAC;gBACT,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAC5B,CAAC;YACD,OAAO,IAAI,CAAC,WAAW,CAAC;QAC1B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,UAAU;QACd,IAAI,CAAC,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YAC5C,sGAAsG;YACtG,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,aAAa,CAAC;gBACzB,6DAA6D;YAC/D,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,oDAAoD;YACtD,CAAC;QACH,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,qBAAqB,CAAC,UAAU,EAAE,CAAC;QAChD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,qBAAqB;YACrB,OAAO,CAAC,GAAG,CAAC,kDAAkD,EAAG,CAAW,CAAC,OAAO,CAAC,CAAC;QACxF,CAAC;gBAAS,CAAC;YACT,IAAI,CAAC,WAAW,GAAG,KAAK,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,IAAI,aAAa;QACf,OAAO,IAAI,CAAC,qBAAqB,CAAC;IACpC,CAAC;CACF;AAlED,sDAkEC"}

package/dist/src/internal/LitNodeClient/getLitNodeClient.d.ts

@@ -0,0 +1,7 @@
+import type { LitNodeClient } from '@lit-protocol/lit-node-client';
+import type { LIT_NETWORKS_KEYS } from '@lit-protocol/types';
+export declare function getLitNodeClientInstance({ network, }: {
+    network: LIT_NETWORKS_KEYS;
+}): Promise<LitNodeClient>;
+export declare function disconnectLitNodeClientInstance(): Promise<boolean>;
+//# sourceMappingURL=getLitNodeClient.d.ts.map

package/dist/src/internal/LitNodeClient/getLitNodeClient.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"getLitNodeClient.d.ts","sourceRoot":"","sources":["../../../../src/internal/LitNodeClient/getLitNodeClient.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAM7D,wBAAsB,wBAAwB,CAAC,EAC7C,OAAO,GACR,EAAE;IACD,OAAO,EAAE,iBAAiB,CAAC;CAC5B,GAAG,OAAO,CAAC,aAAa,CAAC,CAYzB;AAED,wBAAsB,+BAA+B,qBAMpD"}

package/dist/src/internal/LitNodeClient/getLitNodeClient.js

@@ -0,0 +1,25 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getLitNodeClientInstance = getLitNodeClientInstance;
+exports.disconnectLitNodeClientInstance = disconnectLitNodeClientInstance;
+const LitNodeClientInstance_1 = require("./LitNodeClientInstance");
+let instance = null;
+async function getLitNodeClientInstance({ network, }) {
+    if (instance) {
+        // connect() is idempotent; if we're retrying from outside, attempt to connect again
+        // This is a no-op if already connected 🎉 but if a prior attempt fails, it'll try again.
+        await instance.connect();
+        return instance.litNodeClient;
+    }
+    instance = new LitNodeClientInstance_1.LitNodeClientInstance({ network });
+    await instance.connect();
+    return instance.litNodeClient;
+}
+async function disconnectLitNodeClientInstance() {
+    if (instance) {
+        await instance.disconnect();
+        instance = null;
+    }
+    return true;
+}
+//# sourceMappingURL=getLitNodeClient.js.map

package/dist/src/internal/LitNodeClient/getLitNodeClient.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"getLitNodeClient.js","sourceRoot":"","sources":["../../../../src/internal/LitNodeClient/getLitNodeClient.ts"],"names":[],"mappings":";;AAOA,4DAgBC;AAED,0EAMC;AA5BD,mEAAgE;AAEhE,IAAI,QAAQ,GAAiC,IAAI,CAAC;AAE3C,KAAK,UAAU,wBAAwB,CAAC,EAC7C,OAAO,GAGR;IACC,IAAI,QAAQ,EAAE,CAAC;QACb,oFAAoF;QACpF,yFAAyF;QACzF,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;QACzB,OAAO,QAAQ,CAAC,aAAa,CAAC;IAChC,CAAC;IAED,QAAQ,GAAG,IAAI,6CAAqB,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IAClD,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;IAEzB,OAAO,QAAQ,CAAC,aAAa,CAAC;AAChC,CAAC;AAEM,KAAK,UAAU,+BAA+B;IACnD,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,QAAQ,CAAC,UAAU,EAAE,CAAC;QAC5B,QAAQ,GAAG,IAAI,CAAC;IAClB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/src/jwt/accessors.d.ts

@@ -0,0 +1,8 @@
+import type { IRelayPKP } from '@lit-protocol/types';
+import type { VincentJWT, VincentJWTAppSpecific } from './types';
+export declare function getAppInfo(decodedJWT: VincentJWTAppSpecific): {
+    appId: number;
+    version: number;
+};
+export declare function getPKPInfo(decodedJWT: VincentJWT): IRelayPKP;
+//# sourceMappingURL=accessors.d.ts.map

package/dist/src/jwt/accessors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"accessors.d.ts","sourceRoot":"","sources":["../../../src/jwt/accessors.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,qBAAqB,CAAC;AAErD,OAAO,KAAK,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAIjE,wBAAgB,UAAU,CAAC,UAAU,EAAE,qBAAqB,GAAG;IAC7D,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,CAMA;AAED,wBAAgB,UAAU,CAAC,UAAU,EAAE,UAAU,GAAG,SAAS,CAE5D"}

package/dist/src/jwt/accessors.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getAppInfo = getAppInfo;
+exports.getPKPInfo = getPKPInfo;
+const typeGuards_1 = require("./typeGuards");
+function getAppInfo(decodedJWT) {
+    if (!(0, typeGuards_1.isAppSpecificJWT)(decodedJWT)) {
+        throw new Error('JWT is not app specific');
+    }
+    return { appId: decodedJWT.payload.app.id, version: decodedJWT.payload.app.version };
+}
+function getPKPInfo(decodedJWT) {
+    return decodedJWT.payload.pkp;
+}
+//# sourceMappingURL=accessors.js.map

package/dist/src/jwt/accessors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"accessors.js","sourceRoot":"","sources":["../../../src/jwt/accessors.ts"],"names":[],"mappings":";;AAMA,gCASC;AAED,gCAEC;AAfD,6CAAgD;AAEhD,SAAgB,UAAU,CAAC,UAAiC;IAI1D,IAAI,CAAC,IAAA,6BAAgB,EAAC,UAAU,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,OAAO,EAAE,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;AACvF,CAAC;AAED,SAAgB,UAAU,CAAC,UAAsB;IAC/C,OAAO,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC;AAChC,CAAC"}

package/dist/src/jwt/core/create.d.ts

@@ -0,0 +1,24 @@
+import type { JWTConfig } from '../types';
+/**
+ * Creates a JWT signed by a PKP wallet using the ES256K algorithm
+ *
+ * This function creates a JWT with the provided payload, adding standard claims
+ * like iat (issued at), exp (expiration), and iss (issuer). It also includes the
+ * PKP public key in the payload, which is used for verification.
+ *
+ * @param config - Configuration object containing all parameters for JWT creation
+ * @returns A promise that resolves to the signed JWT string
+ * @hidden
+ * @example
+ * ```typescript
+ * const jwt = await createPKPSignedJWT({
+ *   pkpWallet: pkpWallet,
+ *   pkp: pkpInfo,
+ *   payload: { name: "Lit Protocol User", customField: "value" },
+ *   expiresInMinutes: 30, // expires in 30 minutes
+ *   audience: "example.com" // audience domain
+ * });
+ * ```
+ */
+export declare function create(config: JWTConfig): Promise<string>;
+//# sourceMappingURL=create.d.ts.map

package/dist/src/jwt/core/create.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"create.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,SAAS,EAAyB,MAAM,UAAU,CAAC;AA8CjE;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAsB,MAAM,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAoC/D"}

package/dist/src/jwt/core/create.js

@@ -0,0 +1,95 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.create = create;
+const tslib_1 = require("tslib");
+const didJWT = tslib_1.__importStar(require("did-jwt"));
+const ethers_1 = require("ethers");
+const utils_1 = require("ethers/lib/utils");
+const base64_1 = require("./utils/base64");
+/**
+ * Creates a signer function compatible with did-jwt that uses a PKP wallet for signing
+ *
+ * This function returns a signing function that conforms to the did-jwt library's
+ * signer interface. When called, it signs data using the PKP wallet, formatting
+ * the signature according to ES256K requirements (without recovery parameter).
+ *
+ * @param pkpWallet - The PKP Ethers wallet instance that will be used for signing
+ * @returns A signing function that takes data and returns a base64url-encoded signature
+ * @private
+ * @example
+ * ```typescript
+ * const pkpWallet = new PKPEthersWallet({ ... });
+ * const signer = createPKPSigner(pkpWallet);
+ * const signature = await signer('data to sign');
+ * ```
+ */
+function createPKPSigner(pkpWallet) {
+    /**
+     * The actual signer function conforming to the did-jwt signer interface
+     *
+     * @param data - The data to sign, either as a string or Uint8Array
+     * @returns A promise that resolves to the base64url-encoded signature
+     */
+    return async (data) => {
+        const dataBytes = typeof data === 'string' ? Uint8Array.from(Buffer.from(data, 'utf8')) : data;
+        const sig = await pkpWallet.signMessage(dataBytes);
+        const { r, s } = ethers_1.ethers.utils.splitSignature(sig);
+        const rBytes = (0, utils_1.arrayify)(r);
+        const sBytes = (0, utils_1.arrayify)(s);
+        // ES256K signature is r and s concatenated (64 bytes total)
+        const sigBytes = new Uint8Array(64);
+        sigBytes.set(rBytes, 0);
+        sigBytes.set(sBytes, 32);
+        return (0, base64_1.toBase64Url)(sigBytes);
+    };
+}
+/**
+ * Creates a JWT signed by a PKP wallet using the ES256K algorithm
+ *
+ * This function creates a JWT with the provided payload, adding standard claims
+ * like iat (issued at), exp (expiration), and iss (issuer). It also includes the
+ * PKP public key in the payload, which is used for verification.
+ *
+ * @param config - Configuration object containing all parameters for JWT creation
+ * @returns A promise that resolves to the signed JWT string
+ * @hidden
+ * @example
+ * ```typescript
+ * const jwt = await createPKPSignedJWT({
+ *   pkpWallet: pkpWallet,
+ *   pkp: pkpInfo,
+ *   payload: { name: "Lit Protocol User", customField: "value" },
+ *   expiresInMinutes: 30, // expires in 30 minutes
+ *   audience: "example.com" // audience domain
+ * });
+ * ```
+ */
+async function create(config) {
+    const { app, pkpWallet, pkp, payload, expiresInMinutes, audience, authentication } = config;
+    const signer = createPKPSigner(pkpWallet);
+    // iat and exp are expressed in seconds https://datatracker.ietf.org/doc/html/rfc7519
+    const iat = Math.floor(Date.now() / 1000);
+    const exp = iat + expiresInMinutes * 60;
+    const walletAddress = await pkpWallet.getAddress();
+    const fullPayload = {
+        ...payload,
+        aud: audience,
+        iat,
+        exp,
+        iss: `did:ethr:${walletAddress}`,
+        pkp,
+        app,
+        authentication: {
+            type: authentication.type,
+            ...(authentication.value ? { value: authentication.value } : {}),
+        },
+    };
+    const jwt = await didJWT.createJWT(fullPayload, {
+        issuer: `did:ethr:${walletAddress}`,
+        signer,
+    }, {
+        alg: 'ES256K',
+    });
+    return jwt;
+}
+//# sourceMappingURL=create.js.map

package/dist/src/jwt/core/create.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"create.js","sourceRoot":"","sources":["../../../../src/jwt/core/create.ts"],"names":[],"mappings":";;AAyEA,wBAoCC;;AA7GD,wDAAkC;AAClC,mCAAgC;AAChC,4CAA4C;AAM5C,2CAA6C;AAE7C;;;;;;;;;;;;;;;;GAgBG;AACH,SAAS,eAAe,CAAC,SAA0B;IACjD;;;;;OAKG;IACH,OAAO,KAAK,EAAE,IAAyB,EAAmB,EAAE;QAC1D,MAAM,SAAS,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE/F,MAAM,GAAG,GAAG,MAAM,SAAS,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QACnD,MAAM,EAAE,CAAC,EAAE,CAAC,EAAE,GAAG,eAAM,CAAC,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC;QAElD,MAAM,MAAM,GAAG,IAAA,gBAAQ,EAAC,CAAC,CAAC,CAAC;QAC3B,MAAM,MAAM,GAAG,IAAA,gBAAQ,EAAC,CAAC,CAAC,CAAC;QAE3B,4DAA4D;QAC5D,MAAM,QAAQ,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC;QACpC,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACxB,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAEzB,OAAO,IAAA,oBAAW,EAAC,QAAQ,CAAC,CAAC;IAC/B,CAAC,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACI,KAAK,UAAU,MAAM,CAAC,MAAiB;IAC5C,MAAM,EAAE,GAAG,EAAE,SAAS,EAAE,GAAG,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,MAAM,CAAC;IAC5F,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IAE1C,qFAAqF;IACrF,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,GAAG,GAAG,gBAAgB,GAAG,EAAE,CAAC;IAExC,MAAM,aAAa,GAAG,MAAM,SAAS,CAAC,UAAU,EAAE,CAAC;IAEnD,MAAM,WAAW,GAA0B;QACzC,GAAG,OAAO;QACV,GAAG,EAAE,QAAQ;QACb,GAAG;QACH,GAAG;QACH,GAAG,EAAE,YAAY,aAAa,EAAE;QAChC,GAAG;QACH,GAAG;QACH,cAAc,EAAE;YACd,IAAI,EAAE,cAAc,CAAC,IAAI;YACzB,GAAG,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACjE;KACF,CAAC;IAEF,MAAM,GAAG,GAAG,MAAM,MAAM,CAAC,SAAS,CAChC,WAAW,EACX;QACE,MAAM,EAAE,YAAY,aAAa,EAAE;QACnC,MAAM;KACP,EACD;QACE,GAAG,EAAE,QAAQ;KACd,CACF,CAAC;IAEF,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/src/jwt/core/isExpired.d.ts

@@ -0,0 +1,9 @@
+import type { VincentJWT } from '../types';
+/** Checks if a JWT is expired based on its 'exp' claim
+ *
+ * @returns true if expired, false otherwise
+ * @param decodedJWT
+ * @category API
+ */
+export declare function isExpired(decodedJWT: VincentJWT): boolean;
+//# sourceMappingURL=isExpired.d.ts.map

package/dist/src/jwt/core/isExpired.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"isExpired.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/isExpired.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAE3C;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAWzD"}

package/dist/src/jwt/core/isExpired.js

@@ -0,0 +1,20 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isExpired = isExpired;
+/** Checks if a JWT is expired based on its 'exp' claim
+ *
+ * @returns true if expired, false otherwise
+ * @param decodedJWT
+ * @category API
+ */
+function isExpired(decodedJWT) {
+    const { payload } = decodedJWT;
+    // Tokens that never expire are treated as expired for security.
+    if (!payload.exp) {
+        return true;
+    }
+    // JWT exp is in seconds, Date.now() is in milliseconds
+    const currentTime = Math.floor(Date.now() / 1000);
+    return currentTime >= payload.exp;
+}
+//# sourceMappingURL=isExpired.js.map

package/dist/src/jwt/core/isExpired.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"isExpired.js","sourceRoot":"","sources":["../../../../src/jwt/core/isExpired.ts"],"names":[],"mappings":";;AAQA,8BAWC;AAjBD;;;;;GAKG;AACH,SAAgB,SAAS,CAAC,UAAsB;IAC9C,MAAM,EAAE,OAAO,EAAE,GAAG,UAAU,CAAC;IAE/B,gEAAgE;IAChE,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,uDAAuD;IACvD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAClD,OAAO,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC;AACpC,CAAC"}

package/dist/src/jwt/core/utils/base64.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Decodes a base64 or base64url string into a Uint8Array.
+ * Works in Node.js, Deno, browsers, and Web Workers.
+ *
+ * No Buffer polyfill requirement.
+ */
+export declare function fromBase64(base64: string): Uint8Array;
+/**
+ * Converts a Uint8Array to a base64url-encoded string.
+ * Works in all JS environments (Node.js, Deno, browser, Web Workers).
+ * No Buffer polyfill requirement.
+ */
+export declare function toBase64Url(bytes: Uint8Array): string;
+//# sourceMappingURL=base64.d.ts.map

package/dist/src/jwt/core/utils/base64.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base64.d.ts","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/base64.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,MAAM,GAAG,UAAU,CAuBrD;AAED;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CAkBrD"}

package/dist/src/jwt/core/utils/base64.js

@@ -0,0 +1,54 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.fromBase64 = fromBase64;
+exports.toBase64Url = toBase64Url;
+/**
+ * Decodes a base64 or base64url string into a Uint8Array.
+ * Works in Node.js, Deno, browsers, and Web Workers.
+ *
+ * No Buffer polyfill requirement.
+ */
+function fromBase64(base64) {
+    // Normalize base64url → base64
+    const normalized = base64
+        .replace(/-/g, '+')
+        .replace(/_/g, '/')
+        .padEnd(Math.ceil(base64.length / 4) * 4, '=');
+    // Node.js
+    if (typeof Buffer !== 'undefined' && typeof Buffer.from === 'function') {
+        return new Uint8Array(Buffer.from(normalized, 'base64'));
+    }
+    // Browser / Web Worker / Deno
+    if (typeof atob !== 'undefined') {
+        const binary = atob(normalized);
+        const bytes = new Uint8Array(binary.length);
+        for (let i = 0; i < binary.length; i++) {
+            bytes[i] = binary.charCodeAt(i);
+        }
+        return bytes;
+    }
+    throw new Error('No base64 decoding method available in this environment.');
+}
+/**
+ * Converts a Uint8Array to a base64url-encoded string.
+ * Works in all JS environments (Node.js, Deno, browser, Web Workers).
+ * No Buffer polyfill requirement.
+ */
+function toBase64Url(bytes) {
+    // Node.js
+    if (typeof Buffer !== 'undefined' && typeof Buffer.from === 'function') {
+        return Buffer.from(bytes)
+            .toString('base64')
+            .replace(/\+/g, '-')
+            .replace(/\//g, '_')
+            .replace(/=+$/, '');
+    }
+    // Browser / Deno / Web Worker
+    if (typeof btoa !== 'undefined') {
+        const binString = String.fromCharCode(...bytes);
+        const base64 = btoa(binString);
+        return base64.replace(/\+/g, '-').replace(/\//g, '_').replace(/=+$/, '');
+    }
+    throw new Error('No base64 encoding method available in this environment.');
+}
+//# sourceMappingURL=base64.js.map

package/dist/src/jwt/core/utils/base64.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base64.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/base64.ts"],"names":[],"mappings":";;AAMA,gCAuBC;AAOD,kCAkBC;AAtDD;;;;;GAKG;AACH,SAAgB,UAAU,CAAC,MAAc;IACvC,+BAA+B;IAC/B,MAAM,UAAU,GAAG,MAAM;SACtB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;SAClB,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC;SAClB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;IAEjD,UAAU;IACV,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QACvE,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,8BAA8B;IAC9B,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC5C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACvC,KAAK,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;QAClC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;AAC9E,CAAC;AAED;;;;GAIG;AACH,SAAgB,WAAW,CAAC,KAAiB;IAC3C,UAAU;IACV,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,OAAO,MAAM,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QACvE,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC;aACtB,QAAQ,CAAC,QAAQ,CAAC;aAClB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;aACnB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IACxB,CAAC;IAED,8BAA8B;IAC9B,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC,GAAG,KAAK,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;QAC/B,OAAO,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC3E,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;AAC9E,CAAC"}

package/dist/src/jwt/core/utils/definedObject.d.ts

@@ -0,0 +1,2 @@
+export declare function isDefinedObject(value: unknown): value is object;
+//# sourceMappingURL=definedObject.d.ts.map

package/dist/src/jwt/core/utils/definedObject.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"definedObject.d.ts","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/definedObject.ts"],"names":[],"mappings":"AAAA,wBAAgB,eAAe,CAAC,KAAK,EAAE,OAAO,GAAG,KAAK,IAAI,MAAM,CAE/D"}

package/dist/src/jwt/core/utils/definedObject.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isDefinedObject = isDefinedObject;
+function isDefinedObject(value) {
+    return typeof value === 'object' && value !== null;
+}
+//# sourceMappingURL=definedObject.js.map

package/dist/src/jwt/core/utils/definedObject.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"definedObject.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/definedObject.ts"],"names":[],"mappings":";;AAAA,0CAEC;AAFD,SAAgB,eAAe,CAAC,KAAc;IAC5C,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,CAAC;AACrD,CAAC"}

package/dist/src/jwt/core/utils/index.d.ts

@@ -0,0 +1,5 @@
+export { isDefinedObject } from './definedObject';
+export { validateJWTTime } from './validateJWTTime';
+export { splitJWT } from './splitJWT';
+export { processJWTSignature } from './processJWTSignature';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/jwt/core/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AACtC,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC"}

package/dist/src/jwt/core/utils/index.js

@@ -0,0 +1,12 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processJWTSignature = exports.splitJWT = exports.validateJWTTime = exports.isDefinedObject = void 0;
+var definedObject_1 = require("./definedObject");
+Object.defineProperty(exports, "isDefinedObject", { enumerable: true, get: function () { return definedObject_1.isDefinedObject; } });
+var validateJWTTime_1 = require("./validateJWTTime");
+Object.defineProperty(exports, "validateJWTTime", { enumerable: true, get: function () { return validateJWTTime_1.validateJWTTime; } });
+var splitJWT_1 = require("./splitJWT");
+Object.defineProperty(exports, "splitJWT", { enumerable: true, get: function () { return splitJWT_1.splitJWT; } });
+var processJWTSignature_1 = require("./processJWTSignature");
+Object.defineProperty(exports, "processJWTSignature", { enumerable: true, get: function () { return processJWTSignature_1.processJWTSignature; } });
+//# sourceMappingURL=index.js.map

package/dist/src/jwt/core/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/index.ts"],"names":[],"mappings":";;;AAAA,iDAAkD;AAAzC,gHAAA,eAAe,OAAA;AACxB,qDAAoD;AAA3C,kHAAA,eAAe,OAAA;AACxB,uCAAsC;AAA7B,oGAAA,QAAQ,OAAA;AACjB,6DAA4D;AAAnD,0HAAA,mBAAmB,OAAA"}

package/dist/src/jwt/core/utils/processJWTSignature.d.ts

@@ -0,0 +1,8 @@
+/** Processes a JWT signature from base64url to binary
+ * @ignore
+ *
+ * @param signature - The base64url encoded signature string
+ * @returns A Uint8Array of the binary signature
+ */
+export declare function processJWTSignature(signature: string): Uint8Array;
+//# sourceMappingURL=processJWTSignature.d.ts.map

package/dist/src/jwt/core/utils/processJWTSignature.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"processJWTSignature.d.ts","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/processJWTSignature.ts"],"names":[],"mappings":"AAEA;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,UAAU,CAEjE"}

package/dist/src/jwt/core/utils/processJWTSignature.js

@@ -0,0 +1,14 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.processJWTSignature = processJWTSignature;
+const base64_1 = require("./base64");
+/** Processes a JWT signature from base64url to binary
+ * @ignore
+ *
+ * @param signature - The base64url encoded signature string
+ * @returns A Uint8Array of the binary signature
+ */
+function processJWTSignature(signature) {
+    return (0, base64_1.fromBase64)(signature);
+}
+//# sourceMappingURL=processJWTSignature.js.map

package/dist/src/jwt/core/utils/processJWTSignature.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"processJWTSignature.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/processJWTSignature.ts"],"names":[],"mappings":";;AAQA,kDAEC;AAVD,qCAAsC;AAEtC;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,SAAiB;IACnD,OAAO,IAAA,mBAAU,EAAC,SAAS,CAAC,CAAC;AAC/B,CAAC"}

package/dist/src/jwt/core/utils/splitJWT.d.ts

@@ -0,0 +1,11 @@
+/** Splits a JWT into its signed data portion and signature
+ * @ignore
+ *
+ * @param jwt - The JWT string
+ * @returns An object with signedData and signature
+ */
+export declare function splitJWT(jwt: string): {
+    signedData: string;
+    signature: string;
+};
+//# sourceMappingURL=splitJWT.d.ts.map

package/dist/src/jwt/core/utils/splitJWT.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"splitJWT.d.ts","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/splitJWT.ts"],"names":[],"mappings":"AAEA;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAU/E"}

package/dist/src/jwt/core/utils/splitJWT.js

@@ -0,0 +1,21 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.splitJWT = splitJWT;
+const did_jwt_1 = require("did-jwt");
+/** Splits a JWT into its signed data portion and signature
+ * @ignore
+ *
+ * @param jwt - The JWT string
+ * @returns An object with signedData and signature
+ */
+function splitJWT(jwt) {
+    const parts = jwt.split('.');
+    if (parts.length !== 3) {
+        throw new Error(`${did_jwt_1.JWT_ERROR.INVALID_JWT}: JWT format: must contain 3 parts separated by "."`);
+    }
+    return {
+        signedData: `${parts[0]}.${parts[1]}`,
+        signature: parts[2],
+    };
+}
+//# sourceMappingURL=splitJWT.js.map

package/dist/src/jwt/core/utils/splitJWT.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"splitJWT.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/splitJWT.ts"],"names":[],"mappings":";;AAQA,4BAUC;AAlBD,qCAAoC;AAEpC;;;;;GAKG;AACH,SAAgB,QAAQ,CAAC,GAAW;IAClC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,GAAG,mBAAS,CAAC,WAAW,qDAAqD,CAAC,CAAC;IACjG,CAAC;IAED,OAAO;QACL,UAAU,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE;QACrC,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;KACpB,CAAC;AACJ,CAAC"}

package/dist/src/jwt/core/utils/validateJWTTime.d.ts

@@ -0,0 +1,12 @@
+/** Validates JWT time claims (iat and nbf)
+ * @ignore
+ *
+ * @param payload - The decoded JWT payload
+ * @param currentTime The time to compare the claims against
+ * @returns true if time claims are valid, false otherwise
+ */
+export declare function validateJWTTime(payload: {
+    nbf?: number;
+    iat?: number;
+}, currentTime: number): boolean;
+//# sourceMappingURL=validateJWTTime.d.ts.map

package/dist/src/jwt/core/utils/validateJWTTime.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validateJWTTime.d.ts","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/validateJWTTime.ts"],"names":[],"mappings":"AAEA;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,OAAO,EAAE;IAAE,GAAG,CAAC,EAAE,MAAM,CAAC;IAAC,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,EACvC,WAAW,EAAE,MAAM,GAClB,OAAO,CAeT"}

package/dist/src/jwt/core/utils/validateJWTTime.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateJWTTime = validateJWTTime;
+const did_jwt_1 = require("did-jwt");
+/** Validates JWT time claims (iat and nbf)
+ * @ignore
+ *
+ * @param payload - The decoded JWT payload
+ * @param currentTime The time to compare the claims against
+ * @returns true if time claims are valid, false otherwise
+ */
+function validateJWTTime(payload, currentTime) {
+    // Check 'not before' claim if present
+    if (payload.nbf && currentTime < payload.nbf) {
+        throw new Error(`${did_jwt_1.JWT_ERROR.INVALID_JWT}: Token not yet valid (nbf claim is in the future)`);
+    }
+    // Check 'issued at' claim if present
+    // Allow a small leeway (30 seconds) for clock skew
+    if (payload.iat && currentTime < payload.iat - 30) {
+        throw new Error(`${did_jwt_1.JWT_ERROR.INVALID_JWT}: Token issued in the future (iat claim is ahead of current time)`);
+    }
+    return true;
+}
+//# sourceMappingURL=validateJWTTime.js.map

package/dist/src/jwt/core/utils/validateJWTTime.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validateJWTTime.js","sourceRoot":"","sources":["../../../../../src/jwt/core/utils/validateJWTTime.ts"],"names":[],"mappings":";;AASA,0CAkBC;AA3BD,qCAAoC;AAEpC;;;;;;GAMG;AACH,SAAgB,eAAe,CAC7B,OAAuC,EACvC,WAAmB;IAEnB,sCAAsC;IACtC,IAAI,OAAO,CAAC,GAAG,IAAI,WAAW,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAC7C,MAAM,IAAI,KAAK,CAAC,GAAG,mBAAS,CAAC,WAAW,oDAAoD,CAAC,CAAC;IAChG,CAAC;IAED,qCAAqC;IACrC,mDAAmD;IACnD,IAAI,OAAO,CAAC,GAAG,IAAI,WAAW,GAAG,OAAO,CAAC,GAAG,GAAG,EAAE,EAAE,CAAC;QAClD,MAAM,IAAI,KAAK,CACb,GAAG,mBAAS,CAAC,WAAW,mEAAmE,CAC5F,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}

package/dist/src/jwt/core/validate.d.ts

@@ -0,0 +1,29 @@
+import type { VincentJWT, VincentJWTAppSpecific } from '../types';
+export declare function verify({ jwt, expectedAudience, }: {
+    jwt: string;
+    expectedAudience: string;
+    requiredAppId: undefined;
+}): VincentJWT;
+export declare function verify({ jwt, expectedAudience, requiredAppId, }: {
+    jwt: string;
+    expectedAudience: string;
+    requiredAppId: number;
+}): VincentJWTAppSpecific;
+export declare function verify({ jwt, expectedAudience, requiredAppId, }: {
+    jwt: string;
+    expectedAudience: string;
+    requiredAppId: number | undefined;
+}): VincentJWT | VincentJWTAppSpecific;
+export declare function decode({ jwt, requiredAppId, }: {
+    jwt: string;
+    requiredAppId: undefined;
+}): VincentJWT;
+export declare function decode({ jwt, requiredAppId, }: {
+    jwt: string;
+    requiredAppId: number;
+}): VincentJWTAppSpecific;
+export declare function decode({ jwt, requiredAppId, }: {
+    jwt: string;
+    requiredAppId: number | undefined;
+}): VincentJWT | VincentJWTAppSpecific;
+//# sourceMappingURL=validate.d.ts.map

package/dist/src/jwt/core/validate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../../../../src/jwt/core/validate.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAC;AAMlE,wBAAgB,MAAM,CAAC,EACrB,GAAG,EACH,gBAAgB,GACjB,EAAE;IACD,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB,EAAE,MAAM,CAAC;IACzB,aAAa,EAAE,SAAS,CAAC;CAC1B,GAAG,UAAU,CAAC;AAEf,wBAAgB,MAAM,CAAC,EACrB,GAAG,EACH,gBAAgB,EAChB,aAAa,GACd,EAAE;IACD,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB,EAAE,MAAM,CAAC;IACzB,aAAa,EAAE,MAAM,CAAC;CACvB,GAAG,qBAAqB,CAAC;AAE1B,wBAAgB,MAAM,CAAC,EACrB,GAAG,EACH,gBAAgB,EAChB,aAAa,GACd,EAAE;IACD,GAAG,EAAE,MAAM,CAAC;IACZ,gBAAgB,EAAE,MAAM,CAAC;IACzB,aAAa,EAAE,MAAM,GAAG,SAAS,CAAC;CACnC,GAAG,UAAU,GAAG,qBAAqB,CAAC;AA4GvC,wBAAgB,MAAM,CAAC,EACrB,GAAG,EACH,aAAa,GACd,EAAE;IACD,GAAG,EAAE,MAAM,CAAC;IACZ,aAAa,EAAE,SAAS,CAAC;CAC1B,GAAG,UAAU,CAAC;AAEf,wBAAgB,MAAM,CAAC,EACrB,GAAG,EACH,aAAa,GACd,EAAE;IACD,GAAG,EAAE,MAAM,CAAC;IACZ,aAAa,EAAE,MAAM,CAAC;CACvB,GAAG,qBAAqB,CAAC;AAE1B,wBAAgB,MAAM,CAAC,EACrB,GAAG,EACH,aAAa,GACd,EAAE;IACD,GAAG,EAAE,MAAM,CAAC;IACZ,aAAa,EAAE,MAAM,GAAG,SAAS,CAAC;CACnC,GAAG,UAAU,GAAG,qBAAqB,CAAC"}