@lucern/sdk 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (176) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/dist/accessControl.d.ts +1 -0
  3. package/dist/accessControl.js +213 -26
  4. package/dist/accessControl.js.map +1 -1
  5. package/dist/adminClient.d.ts +1 -0
  6. package/dist/adminClient.js +213 -26
  7. package/dist/adminClient.js.map +1 -1
  8. package/dist/answersClient.d.ts +1 -0
  9. package/dist/answersClient.js +213 -26
  10. package/dist/answersClient.js.map +1 -1
  11. package/dist/audiencesClient.d.ts +1 -0
  12. package/dist/audiencesClient.js +213 -26
  13. package/dist/audiencesClient.js.map +1 -1
  14. package/dist/auditClient.d.ts +1 -0
  15. package/dist/auditClient.js +213 -26
  16. package/dist/auditClient.js.map +1 -1
  17. package/dist/authDeviceClient.d.ts +1 -0
  18. package/dist/beliefs/index.d.ts +1 -0
  19. package/dist/beliefs/index.js +214 -27
  20. package/dist/beliefs/index.js.map +1 -1
  21. package/dist/beliefsClient.d.ts +1 -0
  22. package/dist/beliefsClient.js +213 -26
  23. package/dist/beliefsClient.js.map +1 -1
  24. package/dist/client.d.ts +1 -0
  25. package/dist/client.js +214 -27
  26. package/dist/client.js.map +1 -1
  27. package/dist/clientConfig.d.ts +1 -0
  28. package/dist/clientEvidenceCompat.d.ts +1 -0
  29. package/dist/clientKnowledgeNamespaces.d.ts +1 -0
  30. package/dist/clientLocalHelpers.d.ts +1 -0
  31. package/dist/clientLocalHelpers.js +2 -0
  32. package/dist/clientLocalHelpers.js.map +1 -1
  33. package/dist/clientPlatformNamespaces.d.ts +1 -0
  34. package/dist/clientRuntime.d.ts +1 -0
  35. package/dist/clientWorkflowNamespaces.d.ts +1 -0
  36. package/dist/contextClient.d.ts +1 -0
  37. package/dist/contextClient.js +213 -26
  38. package/dist/contextClient.js.map +1 -1
  39. package/dist/contradictions/index.d.ts +1 -0
  40. package/dist/contradictions/index.js +214 -27
  41. package/dist/contradictions/index.js.map +1 -1
  42. package/dist/control-plane.d.ts +1 -0
  43. package/dist/control-plane.js +213 -26
  44. package/dist/control-plane.js.map +1 -1
  45. package/dist/coreClient.d.ts +25 -1
  46. package/dist/coreClient.js +217 -27
  47. package/dist/coreClient.js.map +1 -1
  48. package/dist/decisions/index.d.ts +1 -0
  49. package/dist/decisions/index.js +214 -27
  50. package/dist/decisions/index.js.map +1 -1
  51. package/dist/decisionsClient.d.ts +1 -0
  52. package/dist/decisionsClient.js +213 -26
  53. package/dist/decisionsClient.js.map +1 -1
  54. package/dist/edges/index.d.ts +1 -0
  55. package/dist/edges/index.js +214 -27
  56. package/dist/edges/index.js.map +1 -1
  57. package/dist/embeddingsClient.d.ts +1 -0
  58. package/dist/embeddingsClient.js +213 -26
  59. package/dist/embeddingsClient.js.map +1 -1
  60. package/dist/eventingClient.d.ts +1 -0
  61. package/dist/eventingClient.js +213 -26
  62. package/dist/eventingClient.js.map +1 -1
  63. package/dist/eventsCore.d.ts +1 -0
  64. package/dist/eventsCore.js +213 -26
  65. package/dist/eventsCore.js.map +1 -1
  66. package/dist/evidence/index.d.ts +1 -0
  67. package/dist/evidence/index.js +214 -27
  68. package/dist/evidence/index.js.map +1 -1
  69. package/dist/evidenceClient.d.ts +1 -0
  70. package/dist/evidenceClient.js +213 -26
  71. package/dist/evidenceClient.js.map +1 -1
  72. package/dist/functionSurface.d.ts +1 -0
  73. package/dist/functionSurface.js +213 -26
  74. package/dist/functionSurface.js.map +1 -1
  75. package/dist/functionSurfaceClient.d.ts +1 -0
  76. package/dist/functionSurfaceClient.js +213 -26
  77. package/dist/functionSurfaceClient.js.map +1 -1
  78. package/dist/gatewayFacades.d.ts +1 -0
  79. package/dist/gatewayFacades.factories.d.ts +1 -0
  80. package/dist/gatewayFacades.factories.js +213 -26
  81. package/dist/gatewayFacades.factories.js.map +1 -1
  82. package/dist/gatewayFacades.js +213 -26
  83. package/dist/gatewayFacades.js.map +1 -1
  84. package/dist/graphAnalysisClient.d.ts +1 -0
  85. package/dist/graphAnalysisClient.js +213 -26
  86. package/dist/graphAnalysisClient.js.map +1 -1
  87. package/dist/graphClient.d.ts +1 -0
  88. package/dist/graphClient.js +213 -26
  89. package/dist/graphClient.js.map +1 -1
  90. package/dist/graphRecommendationsClient.d.ts +1 -0
  91. package/dist/graphRecommendationsClient.js +213 -26
  92. package/dist/graphRecommendationsClient.js.map +1 -1
  93. package/dist/graphStateClassifierClient.d.ts +1 -0
  94. package/dist/graphStateClassifierClient.js +213 -26
  95. package/dist/graphStateClassifierClient.js.map +1 -1
  96. package/dist/harnessClient.d.ts +1 -0
  97. package/dist/harnessClient.js +213 -26
  98. package/dist/harnessClient.js.map +1 -1
  99. package/dist/identityClient.d.ts +1 -0
  100. package/dist/identityClient.js +213 -26
  101. package/dist/identityClient.js.map +1 -1
  102. package/dist/index.d.ts +2 -1
  103. package/dist/index.js +237 -28
  104. package/dist/index.js.map +1 -1
  105. package/dist/jobsClient.d.ts +1 -0
  106. package/dist/jobsClient.js +213 -26
  107. package/dist/jobsClient.js.map +1 -1
  108. package/dist/learningClient.d.ts +1 -0
  109. package/dist/learningClient.js +213 -26
  110. package/dist/learningClient.js.map +1 -1
  111. package/dist/lenses/index.d.ts +1 -0
  112. package/dist/lenses/index.js +214 -27
  113. package/dist/lenses/index.js.map +1 -1
  114. package/dist/mcpClient.d.ts +1 -0
  115. package/dist/mcpClient.js +213 -26
  116. package/dist/mcpClient.js.map +1 -1
  117. package/dist/modelRuntimeClient.d.ts +1 -0
  118. package/dist/modelRuntimeClient.js +213 -26
  119. package/dist/modelRuntimeClient.js.map +1 -1
  120. package/dist/nodes/index.d.ts +1 -0
  121. package/dist/nodes/index.js +214 -27
  122. package/dist/nodes/index.js.map +1 -1
  123. package/dist/ontologies/index.d.ts +1 -0
  124. package/dist/ontologies/index.js +214 -27
  125. package/dist/ontologies/index.js.map +1 -1
  126. package/dist/ontologyClient.d.ts +1 -0
  127. package/dist/ontologyClient.js +213 -26
  128. package/dist/ontologyClient.js.map +1 -1
  129. package/dist/ontologyLinksClient.d.ts +1 -0
  130. package/dist/ontologyLinksClient.js +213 -26
  131. package/dist/ontologyLinksClient.js.map +1 -1
  132. package/dist/orgGraphSearchClient.d.ts +1 -0
  133. package/dist/orgGraphSearchClient.js +213 -26
  134. package/dist/orgGraphSearchClient.js.map +1 -1
  135. package/dist/packsClient.d.ts +1 -0
  136. package/dist/packsClient.js +213 -26
  137. package/dist/packsClient.js.map +1 -1
  138. package/dist/policyClient.d.ts +1 -0
  139. package/dist/policyClient.js +213 -26
  140. package/dist/policyClient.js.map +1 -1
  141. package/dist/proof-attestation.json +45 -0
  142. package/dist/questions/index.d.ts +1 -0
  143. package/dist/questions/index.js +214 -27
  144. package/dist/questions/index.js.map +1 -1
  145. package/dist/reportsClient.d.ts +1 -0
  146. package/dist/reportsClient.js +213 -26
  147. package/dist/reportsClient.js.map +1 -1
  148. package/dist/schemaClient.d.ts +1 -0
  149. package/dist/schemaClient.js +213 -26
  150. package/dist/schemaClient.js.map +1 -1
  151. package/dist/sdkSurface.d.ts +1 -0
  152. package/dist/sourcesClient.d.ts +1 -0
  153. package/dist/sourcesClient.js +213 -26
  154. package/dist/sourcesClient.js.map +1 -1
  155. package/dist/telemetryClient.d.ts +1 -0
  156. package/dist/telemetryClient.js +213 -26
  157. package/dist/telemetryClient.js.map +1 -1
  158. package/dist/toolRegistryClient.d.ts +1 -0
  159. package/dist/toolRegistryClient.js +213 -26
  160. package/dist/toolRegistryClient.js.map +1 -1
  161. package/dist/topics/index.d.ts +1 -0
  162. package/dist/topics/index.js +214 -27
  163. package/dist/topics/index.js.map +1 -1
  164. package/dist/topicsClient.d.ts +1 -0
  165. package/dist/topicsClient.js +213 -26
  166. package/dist/topicsClient.js.map +1 -1
  167. package/dist/version.d.ts +1 -1
  168. package/dist/version.js +1 -1
  169. package/dist/version.js.map +1 -1
  170. package/dist/workflowClient.d.ts +1 -0
  171. package/dist/workflowClient.js +213 -26
  172. package/dist/workflowClient.js.map +1 -1
  173. package/dist/worktrees/index.d.ts +1 -0
  174. package/dist/worktrees/index.js +214 -27
  175. package/dist/worktrees/index.js.map +1 -1
  176. package/package.json +6 -5
@@ -1,5 +1,7 @@
1
+ import { createTelemetryExporterFromEnv, emitTelemetrySignal } from '@lucern/transport-core';
1
2
  import { redactDiagnosticValue } from '@lucern/transport-core/redaction';
2
3
  import { classifyRetry } from '@lucern/transport-core/transport';
4
+ import { Effect, Exit, Cause } from 'effect';
3
5
 
4
6
  // src/coreClient.ts
5
7
 
@@ -171,6 +173,33 @@ function createCanonicalAuthHeaders(authContext) {
171
173
  }
172
174
 
173
175
  // src/coreClient.ts
176
+ var DEFAULT_GATEWAY_TIMEOUT_MS = 15e3;
177
+ var DEFAULT_GATEWAY_MAX_RETRIES = 2;
178
+ var DEFAULT_ENV_TIMEOUT_MS = "LUCERN_REQUEST_TIMEOUT_MS";
179
+ var DEFAULT_ENV_MAX_RETRIES = "LUCERN_GATEWAY_MAX_RETRIES";
180
+ var ENV_TIMEOUT_BY_METHOD_PREFIX = "LUCERN_REQUEST_TIMEOUT_MS_";
181
+ var GatewayTimeoutError = class extends Error {
182
+ retryable = true;
183
+ timeoutMs;
184
+ constructor(timeoutMs) {
185
+ super(`Request timed out after ${timeoutMs}ms`);
186
+ this.name = "AbortError";
187
+ this.timeoutMs = timeoutMs;
188
+ }
189
+ };
190
+ var GatewayTransportError = class extends Error {
191
+ retryable;
192
+ cause;
193
+ constructor(message, options) {
194
+ super(message);
195
+ this.name = "GatewayTransportError";
196
+ this.retryable = options?.retryable ?? true;
197
+ this.cause = options?.cause;
198
+ }
199
+ };
200
+ function isGatewayRetryableError(error) {
201
+ return error instanceof GatewayTimeoutError && error.retryable || error instanceof GatewayTransportError && error.retryable || false;
202
+ }
174
203
  var LucernApiError = class extends Error {
175
204
  code;
176
205
  status;
@@ -217,6 +246,99 @@ function generatePortableRequestId() {
217
246
  8
218
247
  ).join("")}-${hex.slice(8, 10).join("")}-${hex.slice(10).join("")}`;
219
248
  }
249
+ function resolveEnvironment() {
250
+ const processEnv = typeof globalThis === "object" && globalThis !== null && "process" in globalThis ? globalThis.process : void 0;
251
+ const env = processEnv !== void 0 && typeof processEnv === "object" && processEnv !== null && typeof processEnv.env === "object" ? processEnv.env : void 0;
252
+ return {
253
+ get: (name) => {
254
+ const value = env?.[name];
255
+ return typeof value === "string" && value.length > 0 ? value : void 0;
256
+ }
257
+ };
258
+ }
259
+ function telemetryEnvironmentRecord(environment) {
260
+ const names = [
261
+ "LUCERN_TELEMETRY_ENABLED",
262
+ "AXIOM_TELEMETRY_ENABLED",
263
+ "LUCERN_AXIOM_TOKEN",
264
+ "AXIOM_TOKEN",
265
+ "LUCERN_AXIOM_EVENTS_DATASET",
266
+ "LUCERN_AXIOM_DATASET",
267
+ "AXIOM_EVENTS_DATASET",
268
+ "AXIOM_DATASET",
269
+ "LUCERN_AXIOM_API_URL",
270
+ "AXIOM_URL",
271
+ "LUCERN_ENVIRONMENT",
272
+ "NODE_ENV",
273
+ "LUCERN_RELEASE",
274
+ "SENTRY_RELEASE",
275
+ "VERCEL_GIT_COMMIT_SHA"
276
+ ];
277
+ return Object.fromEntries(
278
+ names.map((name) => [name, environment.get(name)])
279
+ );
280
+ }
281
+ function resolveRequestProfile(config, environment) {
282
+ const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());
283
+ const parsedMaxRetries = parseIntegerFromString(
284
+ config.maxRetries,
285
+ environment.get(DEFAULT_ENV_MAX_RETRIES)
286
+ );
287
+ const parsedTimeoutMs = parseIntegerFromString(
288
+ config.timeoutMs,
289
+ environment.get(DEFAULT_ENV_TIMEOUT_MS)
290
+ );
291
+ const methodTimeouts = {
292
+ ...config.timeoutMsByMethod
293
+ };
294
+ for (const method of ["GET", "POST", "PUT", "PATCH", "DELETE"]) {
295
+ const envKey = `${ENV_TIMEOUT_BY_METHOD_PREFIX}${method}`;
296
+ const raw = environment.get(envKey);
297
+ if (!raw || methodTimeouts[method] !== void 0) {
298
+ continue;
299
+ }
300
+ const parsed = parseIntegerFromString(void 0, raw);
301
+ if (typeof parsed === "number") {
302
+ methodTimeouts[method] = parsed;
303
+ }
304
+ }
305
+ return {
306
+ maxRetries: parsedMaxRetries ?? DEFAULT_GATEWAY_MAX_RETRIES,
307
+ timeoutMs: parsedTimeoutMs ?? DEFAULT_GATEWAY_TIMEOUT_MS,
308
+ timeoutMsByMethod: methodTimeouts,
309
+ requestIdFactory
310
+ };
311
+ }
312
+ function createGatewayRuntime(config, environment) {
313
+ return {
314
+ fetch: config.fetchImpl ?? fetch,
315
+ now: () => Date.now(),
316
+ sleep: (ms) => delay(ms),
317
+ env: environment,
318
+ redaction: resolveRequestRedactionValue,
319
+ profile: resolveRequestProfile(config, environment)
320
+ };
321
+ }
322
+ function parseIntegerFromString(value, rawValue) {
323
+ if (typeof value === "number" && Number.isInteger(value) && value >= 0) {
324
+ return value;
325
+ }
326
+ if (typeof rawValue !== "string" || !rawValue.trim()) {
327
+ return void 0;
328
+ }
329
+ const parsed = Number.parseInt(rawValue, 10);
330
+ return Number.isInteger(parsed) && parsed >= 0 ? parsed : void 0;
331
+ }
332
+ function resolveRequestRedactionValue(value) {
333
+ return redactDiagnosticValue(value);
334
+ }
335
+ function resolveGatewayBaseUrl(configBaseUrl, environment) {
336
+ const envBaseUrl = environment.get("LUCERN_API_URL") ?? environment.get("LUCERN_BASE_URL") ?? environment.get("LUCERN_GATEWAY_BASE_URL");
337
+ return (configBaseUrl ?? envBaseUrl ?? "").replace(/\/+$/, "");
338
+ }
339
+ function normalizeGatewayEnvironment(value) {
340
+ return value === "sandbox" || value === "production" ? value : void 0;
341
+ }
220
342
  function fallbackErrorCode(status) {
221
343
  if (status === 401) {
222
344
  return "AUTHENTICATION_REQUIRED";
@@ -255,10 +377,8 @@ function computeRetryDelayMs(args) {
255
377
  const jitterWindow = Math.max(250, Math.round(baseDelay * 0.25));
256
378
  return baseDelay + Math.round(Math.random() * jitterWindow);
257
379
  }
258
- function timeoutError(timeoutMs) {
259
- const error = new Error(`Request timed out after ${timeoutMs}ms`);
260
- error.name = "AbortError";
261
- return error;
380
+ function classifyGatewayErrorForRetry(error) {
381
+ return isGatewayRetryableError(error) || classifyRetry({ error }).retryable;
262
382
  }
263
383
  function isRecord(value) {
264
384
  return value !== null && typeof value === "object" && !Array.isArray(value);
@@ -313,10 +433,18 @@ function cleanHeaderValue(value) {
313
433
  return normalized ? normalized : void 0;
314
434
  }
315
435
  function createGatewayRequestClient(config = {}) {
316
- const fetchImpl = config.fetchImpl ?? fetch;
317
- const baseUrl = config.baseUrl?.replace(/\/+$/, "") ?? "";
318
- const maxRetries = config.maxRetries ?? 2;
319
- const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());
436
+ const env = resolveEnvironment();
437
+ const runtime = createGatewayRuntime(config, env);
438
+ const baseUrl = resolveGatewayBaseUrl(config.baseUrl, env);
439
+ const maxRetries = runtime.profile.maxRetries;
440
+ const requestIdFactory = runtime.profile.requestIdFactory;
441
+ const requestTimeoutByMethod = runtime.profile.timeoutMsByMethod;
442
+ const defaultRequestTimeoutMs = runtime.profile.timeoutMs;
443
+ const normalizedEnvironment = normalizeGatewayEnvironment(config.environment);
444
+ const telemetryExporter = config.telemetryEnabled === false ? null : config.telemetryExporter ?? createTelemetryExporterFromEnv(telemetryEnvironmentRecord(env), {
445
+ service: "lucern-sdk",
446
+ environment: normalizedEnvironment
447
+ });
320
448
  async function resolveAuthHeaders() {
321
449
  const provided = config.getAuthHeaders ? await config.getAuthHeaders() : {};
322
450
  const headers = new Headers(provided);
@@ -328,7 +456,7 @@ function createGatewayRequestClient(config = {}) {
328
456
  };
329
457
  setIfAbsent("x-lucern-key", config.apiKey);
330
458
  setIfAbsent("x-lucern-session-token", config.userToken);
331
- setIfAbsent("x-lucern-environment", config.environment);
459
+ setIfAbsent("x-lucern-environment", normalizedEnvironment);
332
460
  setIfAbsent("x-lucern-clerk-id", config.clerkId);
333
461
  setIfAbsent("x-lucern-user-id", config.userId ?? config.clerkId);
334
462
  setIfAbsent("x-lucern-deployment-host", config.deploymentHost);
@@ -343,19 +471,73 @@ function createGatewayRequestClient(config = {}) {
343
471
  return mergeHeaderRecord(base, createCanonicalAuthHeaders(authContext));
344
472
  }
345
473
  async function fetchWithTimeout(url, init, timeoutMs) {
474
+ const normalizeTransportError = (error, isTimeout) => {
475
+ if (isTimeout) {
476
+ return new GatewayTimeoutError(timeoutMs);
477
+ }
478
+ return error instanceof GatewayTimeoutError || error instanceof GatewayTransportError ? error : new GatewayTransportError(
479
+ error instanceof Error ? error.message : "Gateway transport error",
480
+ {
481
+ cause: error,
482
+ retryable: classifyGatewayErrorForRetry(error)
483
+ }
484
+ );
485
+ };
346
486
  const controller = new AbortController();
347
487
  const timer = setTimeout(() => controller.abort(), timeoutMs);
488
+ const requestEffect = Effect.tryPromise({
489
+ try: () => runtime.fetch(url, { ...init, signal: controller.signal }),
490
+ catch: (error) => normalizeTransportError(error, controller.signal.aborted)
491
+ });
348
492
  try {
349
- return await fetchImpl(url, { ...init, signal: controller.signal });
350
- } catch (error) {
351
- if (controller.signal.aborted) {
352
- throw timeoutError(timeoutMs);
493
+ const exit = await Effect.runPromiseExit(requestEffect);
494
+ if (Exit.isSuccess(exit)) {
495
+ return exit.value;
353
496
  }
354
- throw error;
497
+ const failure = Array.from(Cause.failures(exit.cause))[0];
498
+ if (failure !== void 0) {
499
+ throw failure;
500
+ }
501
+ throw Cause.squash(exit.cause);
355
502
  } finally {
356
503
  clearTimeout(timer);
357
504
  }
358
505
  }
506
+ async function emitSdkResponseTelemetry(context) {
507
+ const retry = classifyRetry({
508
+ status: context.status,
509
+ error: context.error,
510
+ retryAfter: context.retryAfterMs !== null && context.retryAfterMs !== void 0 ? String(context.retryAfterMs / 1e3) : void 0
511
+ });
512
+ await emitTelemetrySignal(telemetryExporter, {
513
+ signalType: "trace",
514
+ surface: "sdk-retry",
515
+ eventName: context.willRetry ? "sdk.retry" : context.error ? "sdk.request.error" : "sdk.request.complete",
516
+ severity: context.error ? context.willRetry ? "warn" : "error" : "info",
517
+ durationMs: context.durationMs,
518
+ metricName: "sdk.request.duration_ms",
519
+ metricValue: context.durationMs,
520
+ correlationId: context.correlationId ?? context.requestId,
521
+ policyTraceId: context.policyTraceId ?? null,
522
+ tenantId: context.headers.get("x-lucern-tenant-id") ?? context.headers.get("x-lucern-tenant") ?? void 0,
523
+ workspaceId: context.headers.get("x-lucern-workspace-id") ?? context.headers.get("x-lucern-workspace") ?? void 0,
524
+ attributes: {
525
+ service: "lucern-sdk",
526
+ operation: "gateway.request",
527
+ path: context.path,
528
+ httpMethod: context.method,
529
+ httpStatus: context.status,
530
+ attempt: context.attempt,
531
+ maxRetries: context.maxRetries,
532
+ retryReason: retry.reason,
533
+ retryAfterMs: context.retryAfterMs ?? retry.retryAfterMs,
534
+ willRetry: context.willRetry,
535
+ retryable: retry.retryable,
536
+ errorName: context.error instanceof Error ? context.error.name : void 0,
537
+ errorMessage: context.error instanceof Error ? context.error.message : void 0
538
+ }
539
+ });
540
+ }
359
541
  async function parsePayload(response) {
360
542
  const text = await response.text();
361
543
  if (!text) {
@@ -371,11 +553,11 @@ function createGatewayRequestClient(config = {}) {
371
553
  if (typeof requestTimeoutMs === "number") {
372
554
  return requestTimeoutMs;
373
555
  }
374
- const methodTimeoutMs = config.timeoutMsByMethod?.[method];
556
+ const methodTimeoutMs = requestTimeoutByMethod?.[method];
375
557
  if (typeof methodTimeoutMs === "number") {
376
558
  return methodTimeoutMs;
377
559
  }
378
- return config.timeoutMs ?? 15e3;
560
+ return defaultRequestTimeoutMs;
379
561
  }
380
562
  function tryParseGatewayEnvelopeJson(text) {
381
563
  const trimmed = text.trim();
@@ -396,8 +578,8 @@ function createGatewayRequestClient(config = {}) {
396
578
  const legacyError = failure && isRecord(failure.error) ? failure.error : failure?.legacyError;
397
579
  const correlationId = failure?.correlationId ?? args.response.headers.get("x-lucern-correlation-id")?.trim() ?? args.requestId;
398
580
  const policyTraceId = failure?.policyTraceId ?? args.response.headers.get("x-lucern-policy-trace-id")?.trim() ?? null;
399
- const details = redactJsonDiagnosticValue(
400
- failure?.details ?? legacyError?.details
581
+ const details = runtime.redaction(
582
+ redactJsonDiagnosticValue(failure?.details ?? legacyError?.details)
401
583
  );
402
584
  const policySummary = readPolicySummaryFromDetails(details);
403
585
  const failureMessage = typeof failure?.error === "string" ? failure.error : legacyError?.message;
@@ -467,7 +649,7 @@ function createGatewayRequestClient(config = {}) {
467
649
  failure
468
650
  });
469
651
  const willRetry = attempt < maxRetries && retry.retryable;
470
- await config.onResponse?.({
652
+ const responseContext2 = {
471
653
  ...hookRequestContext,
472
654
  durationMs: Date.now() - startedAt,
473
655
  status: response.status,
@@ -477,7 +659,9 @@ function createGatewayRequestClient(config = {}) {
477
659
  policyTraceId: apiError.policyTraceId ?? null,
478
660
  retryAfterMs,
479
661
  willRetry
480
- });
662
+ };
663
+ await config.onResponse?.(responseContext2);
664
+ await emitSdkResponseTelemetry(responseContext2);
481
665
  if (willRetry) {
482
666
  lastError = apiError;
483
667
  await delay(
@@ -492,7 +676,7 @@ function createGatewayRequestClient(config = {}) {
492
676
  throw apiError;
493
677
  }
494
678
  const successPayload = payload;
495
- await config.onResponse?.({
679
+ const responseContext = {
496
680
  ...hookRequestContext,
497
681
  durationMs: Date.now() - startedAt,
498
682
  status: response.status,
@@ -502,22 +686,25 @@ function createGatewayRequestClient(config = {}) {
502
686
  idempotentReplay: successPayload.idempotentReplay,
503
687
  retryAfterMs,
504
688
  willRetry: false
505
- });
689
+ };
690
+ await config.onResponse?.(responseContext);
691
+ await emitSdkResponseTelemetry(responseContext);
506
692
  return successPayload;
507
693
  } catch (fetchError) {
508
694
  if (fetchError instanceof LucernApiError) {
509
695
  throw fetchError;
510
696
  }
511
- const retry = classifyRetry({ error: fetchError });
512
- const willRetry = attempt < maxRetries && retry.retryable;
513
- await config.onResponse?.({
697
+ const willRetry = attempt < maxRetries && classifyGatewayErrorForRetry(fetchError);
698
+ const responseContext = {
514
699
  ...hookRequestContext,
515
700
  durationMs: Date.now() - startedAt,
516
701
  error: fetchError,
517
702
  correlationId: requestId,
518
703
  policyTraceId: null,
519
704
  willRetry
520
- });
705
+ };
706
+ await config.onResponse?.(responseContext);
707
+ await emitSdkResponseTelemetry(responseContext);
521
708
  lastError = fetchError;
522
709
  if (willRetry) {
523
710
  await delay(computeRetryDelayMs({ attempt }));
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/authContext.ts","../src/coreClient.ts","../src/answersClient.ts"],"names":[],"mappings":";;;;;;AA+DO,IAAM,yBAAA,GAAN,cAAwC,KAAA,CAAM;AAAA,EAC1C,MAAA;AAAA,EAET,WAAA,CAAY,QAAoC,OAAA,EAAiB;AAC/D,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,2BAAA;AACZ,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,EAChB;AACF,CAAA;AAEA,SAAS,YAAY,KAAA,EAAsD;AACzE,EAAA,MAAM,UAAA,GAAa,OAAO,IAAA,EAAK;AAC/B,EAAA,OAAO,aAAa,UAAA,GAAa,MAAA;AACnC;AAEA,SAAS,gBAAgB,MAAA,EAAiD;AACxE,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,EAAC;AAAA,EACV;AACA,EAAA,OAAO,OACJ,GAAA,CAAI,CAAC,UAAU,KAAA,CAAM,IAAA,EAAM,CAAA,CAC3B,MAAA;AAAA,IACC,CAAC,KAAA,EAAO,KAAA,EAAO,IAAA,KACb,KAAA,CAAM,SAAS,CAAA,IAAK,IAAA,CAAK,OAAA,CAAQ,KAAK,CAAA,KAAM;AAAA,GAChD;AACJ;AAEA,SAAS,aAAA,CACP,KAAA,EACA,MAAA,EACA,KAAA,EACQ;AACR,EAAA,MAAM,UAAA,GAAa,YAAY,KAAK,CAAA;AACpC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,MAAA;AAAA,MACA,gDAAgD,KAAK,CAAA,CAAA;AAAA,KACvD;AAAA,EACF;AACA,EAAA,OAAO,UAAA;AACT;AAEA,SAAS,qBACP,aAAA,EACsB;AACtB,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,mBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACA,EAAA,OAAO,aAAA;AACT;AAEA,SAAS,gBAAgB,QAAA,EAAwD;AAC/E,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,mBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACA,EAAA,OAAO,QAAA;AACT;AAEA,SAAS,kBAAkB,IAAA,EAIxB;AACD,EAAA,MAAM,MAAA,GAAS,WAAA,CAAY,IAAA,CAAK,MAAM,CAAA;AACtC,EAAA,IAAI,MAAA,IAAU,MAAA,KAAW,IAAA,CAAK,QAAA,EAAU;AACtC,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,eAAA;AAAA,MACA,CAAA,yDAAA,EAA4D,KAAK,KAAK,CAAA,CAAA;AAAA,KACxE;AAAA,EACF;AACF;AAEO,SAAS,oCACd,KAAA,EAC+B;AAC/B,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,mBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,IAAI,KAAA,CAAM,mBAAmB,MAAA,EAAQ;AACnC,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,WAAA,GAAc,aAAA;AAAA,IAClB,KAAA,CAAM,WAAA;AAAA,IACN,mBAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,MAAM,QAAA,GAAW,aAAA,CAAc,KAAA,CAAM,QAAA,EAAU,kBAAkB,UAAU,CAAA;AAC3E,EAAA,MAAM,WAAA,GAAc,aAAA;AAAA,IAClB,KAAA,CAAM,WAAA;AAAA,IACN,mBAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,KAAA,CAAM,KAAK,CAAA;AACzC,EAAA,MAAM,MAAA,GAAS,eAAA,CAAgB,KAAA,CAAM,MAAM,CAAA;AAC3C,EAAA,MAAM,aAAA,GAAgB,oBAAA,CAAqB,KAAA,CAAM,aAAa,CAAA;AAC9D,EAAA,MAAM,QAAA,GAAW,eAAA,CAAgB,KAAA,CAAM,QAAQ,CAAA;AAC/C,EAAA,MAAM,wBAAA,GACJ,QAAA,KAAa,kBAAA,IAAsB,KAAA,CAAM,MAAA,GAAS,CAAA;AACpD,EAAA,IACE,MAAM,MAAA,KAAW,CAAA,IAChB,OAAO,MAAA,KAAW,CAAA,IAAK,CAAC,wBAAA,EACzB;AACA,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,oBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,OAAO,CAAA,IAAK,WAAA;AACtD,EAAA,MAAM,MAAA,GAAS,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,MAAM,CAAA,IAAK,QAAA;AACpD,EAAA,MAAM,SAAA,GAAY,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,SAAS,CAAA,IAAK,WAAA;AAE1D,EAAA,iBAAA,CAAkB;AAAA,IAChB,KAAA,EAAO,SAAA;AAAA,IACP,QAAA,EAAU,WAAA;AAAA,IACV,MAAA,EAAQ;AAAA,GACT,CAAA;AACD,EAAA,iBAAA,CAAkB,EAAE,KAAA,EAAO,QAAA,EAAU,UAAU,QAAA,EAAU,MAAA,EAAQ,QAAQ,CAAA;AACzE,EAAA,iBAAA,CAAkB;AAAA,IAChB,KAAA,EAAO,WAAA;AAAA,IACP,QAAA,EAAU,WAAA;AAAA,IACV,MAAA,EAAQ;AAAA,GACT,CAAA;AAED,EAAA,MAAM,OAAA,GAAU,MAAM,MAAA,EAAQ,OAAA,GACzB,EAAE,GAAG,KAAA,CAAM,MAAA,CAAO,OAAA,EAAQ,GAC3B,MAAA;AAEJ,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,WAAA,CAAY,KAAA,CAAM,OAAO,CAAA;AAAA,IAClC,WAAA;AAAA,IACA,QAAA;AAAA,IACA,WAAA;AAAA,IACA,aAAA;AAAA,IACA,QAAA;AAAA,IACA,KAAA;AAAA,IACA,MAAA;AAAA,IACA,eAAA,EAAiB,MAAM,eAAA,GAAkB,CAAC,GAAG,KAAA,CAAM,eAAe,IAAI,EAAC;AAAA,IACvE,aAAA,EAAe,WAAA,CAAY,KAAA,CAAM,aAAa,CAAA;AAAA,IAC9C,aAAA,EAAe,WAAA,CAAY,KAAA,CAAM,aAAa,CAAA;AAAA,IAC9C,YAAA,EAAc,WAAA,CAAY,KAAA,CAAM,YAAY,CAAA;AAAA,IAC5C,MAAA,EAAQ;AAAA,MACN,OAAA;AAAA,MACA,MAAA;AAAA,MACA,SAAA;AAAA,MACA,QAAA,EAAU,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,QAAQ,CAAA;AAAA,MAC5C,MAAA,EAAQ,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,MAAM,CAAA;AAAA,MACxC,QAAA,EAAU,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,QAAQ,CAAA;AAAA,MAC5C;AAAA;AACF,GACF;AACF;AAEO,SAAS,2BACd,WAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAkC;AAAA,IACtC,yBAAyB,WAAA,CAAY,WAAA;AAAA,IACrC,2BAA2B,WAAA,CAAY,aAAA;AAAA,IACvC,mBAAmB,WAAA,CAAY,QAAA;AAAA,IAC/B,sBAAsB,WAAA,CAAY,QAAA;AAAA,IAClC,sBAAsB,WAAA,CAAY,WAAA;AAAA,IAClC,yBAAyB,WAAA,CAAY,WAAA;AAAA,IACrC,sBAAsB,WAAA,CAAY,QAAA;AAAA,IAClC,gBAAA,EAAkB,WAAA,CAAY,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AAAA,IAC5C,iBAAA,EAAmB,WAAA,CAAY,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA;AAAA,IAC9C,yBAAA,EAA2B,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,MAAM;AAAA,GAC9D;AAEA,EAAA,IAAI,YAAY,OAAA,EAAS;AACvB,IAAA,OAAA,CAAQ,mBAAmB,IAAI,WAAA,CAAY,OAAA;AAC3C,IAAA,OAAA,CAAQ,kBAAkB,IAAI,WAAA,CAAY,OAAA;AAAA,EAC5C;AACA,EAAA,IAAI,WAAA,CAAY,eAAA,CAAgB,MAAA,GAAS,CAAA,EAAG;AAC1C,IAAA,OAAA,CAAQ,2BAA2B,IAAI,IAAA,CAAK,SAAA;AAAA,MAC1C,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACA,EAAA,IAAI,YAAY,aAAA,EAAe;AAC7B,IAAA,OAAA,CAAQ,0BAA0B,IAAI,WAAA,CAAY,aAAA;AAAA,EACpD;AACA,EAAA,IAAI,YAAY,aAAA,EAAe;AAC7B,IAAA,OAAA,CAAQ,kBAAkB,IAAI,WAAA,CAAY,aAAA;AAC1C,IAAA,OAAA,CAAQ,yBAAyB,IAAI,WAAA,CAAY,aAAA;AAAA,EACnD;AACA,EAAA,IAAI,YAAY,YAAA,EAAc;AAC5B,IAAA,OAAA,CAAQ,wBAAwB,IAAI,WAAA,CAAY,YAAA;AAAA,EAClD;AAEA,EAAA,OAAO,OAAA;AACT;;;AC3MO,IAAM,cAAA,GAAN,cAA6B,KAAA,CAAM;AAAA,EACxB,IAAA;AAAA,EACA,MAAA;AAAA,EACA,SAAA;AAAA,EACA,UAAA;AAAA,EACA,OAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,aAAA;AAAA,EAEhB,YAAY,IAAA,EAUT;AACD,IAAA,KAAA,CAAM,KAAK,OAAO,CAAA;AAClB,IAAA,IAAA,CAAK,IAAA,GAAO,gBAAA;AACZ,IAAA,IAAA,CAAK,OAAO,IAAA,CAAK,IAAA;AACjB,IAAA,IAAA,CAAK,SAAS,IAAA,CAAK,MAAA;AACnB,IAAA,IAAA,CAAK,YAAY,IAAA,CAAK,SAAA;AACtB,IAAA,IAAA,CAAK,aAAa,IAAA,CAAK,UAAA;AACvB,IAAA,IAAA,CAAK,UAAU,IAAA,CAAK,OAAA;AACpB,IAAA,IAAA,CAAK,YAAY,IAAA,CAAK,SAAA;AACtB,IAAA,IAAA,CAAK,gBAAgB,IAAA,CAAK,aAAA;AAC1B,IAAA,IAAA,CAAK,gBAAgB,IAAA,CAAK,aAAA;AAAA,EAC5B;AACF,CAAA;AA2HA,SAAS,gBAAgB,MAAA,EAA4B;AACnD,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,OAAO,UAAA,CAAW,MAAA,EAAQ,eAAA,KAAoB,UAAA,EAAY;AAC5D,IAAA,UAAA,CAAW,MAAA,CAAO,gBAAgB,KAAK,CAAA;AACvC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,KAAA,IAAS,KAAA,GAAQ,CAAA,EAAG,KAAA,GAAQ,MAAA,EAAQ,SAAS,CAAA,EAAG;AAC9C,IAAA,KAAA,CAAM,KAAK,CAAA,GAAI,IAAA,CAAK,MAAM,IAAA,CAAK,MAAA,KAAW,GAAG,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,yBAAA,GAAoC;AAC3C,EAAA,IAAI,OAAO,UAAA,CAAW,MAAA,EAAQ,UAAA,KAAe,UAAA,EAAY;AACvD,IAAA,OAAO,UAAA,CAAW,OAAO,UAAA,EAAW;AAAA,EACtC;AAEA,EAAA,MAAM,KAAA,GAAQ,gBAAgB,EAAE,CAAA;AAChC,EAAA,KAAA,CAAM,CAAC,CAAA,GAAK,KAAA,CAAM,CAAC,IAAI,EAAA,GAAQ,EAAA;AAC/B,EAAA,KAAA,CAAM,CAAC,CAAA,GAAK,KAAA,CAAM,CAAC,IAAI,EAAA,GAAQ,GAAA;AAC/B,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,IAAA,CAAK,KAAA,EAAO,CAAC,KAAA,KAAU,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAC5E,EAAA,OAAO,GAAG,GAAA,CAAI,KAAA,CAAM,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAC,IAAI,GAAA,CAAI,KAAA,CAAM,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAC,IAAI,GAAA,CAAI,KAAA;AAAA,IACpE,CAAA;AAAA,IACA;AAAA,GACF,CAAE,KAAK,EAAE,CAAC,IAAI,GAAA,CAAI,KAAA,CAAM,GAAG,EAAE,CAAA,CAAE,KAAK,EAAE,CAAC,IAAI,GAAA,CAAI,KAAA,CAAM,EAAE,CAAA,CAAE,IAAA,CAAK,EAAE,CAAC,CAAA,CAAA;AACnE;AAOA,SAAS,kBAAkB,MAAA,EAAwB;AACjD,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,yBAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,WAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,WAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,gBAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,UAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,qBAAA;AAAA,EACT;AACA,EAAA,IAAI,UAAU,GAAA,EAAK;AACjB,IAAA,OAAO,gBAAA;AAAA,EACT;AACA,EAAA,OAAO,gBAAA;AACT;AAEA,SAAS,MAAM,EAAA,EAA2B;AACxC,EAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,YAAY,UAAA,CAAW,OAAA,EAAS,EAAE,CAAC,CAAA;AACzD;AAEA,SAAS,oBAAoB,IAAA,EAIlB;AACT,EAAA,MAAM,SAAA,GACJ,IAAA,CAAK,MAAA,KAAW,GAAA,GACZ,IAAA,CAAK,GAAA;AAAA,IACH,KAAK,YAAA,IAAgB,CAAA;AAAA,IACrB,KAAK,GAAA,CAAI,GAAA,GAAO,CAAA,IAAK,IAAA,CAAK,SAAS,GAAM;AAAA,MAE3C,IAAA,CAAK,GAAA,CAAI,MAAO,CAAA,IAAK,IAAA,CAAK,SAAS,GAAI,CAAA;AAE7C,EAAA,IAAI,IAAA,CAAK,WAAW,GAAA,EAAK;AACvB,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,MAAM,YAAA,GAAe,KAAK,GAAA,CAAI,GAAA,EAAK,KAAK,KAAA,CAAM,SAAA,GAAY,IAAI,CAAC,CAAA;AAC/D,EAAA,OAAO,YAAY,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,MAAA,KAAW,YAAY,CAAA;AAC5D;AAEA,SAAS,aAAa,SAAA,EAA0B;AAC9C,EAAA,MAAM,KAAA,GAAQ,IAAI,KAAA,CAAM,CAAA,wBAAA,EAA2B,SAAS,CAAA,EAAA,CAAI,CAAA;AAChE,EAAA,KAAA,CAAM,IAAA,GAAO,YAAA;AACb,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,SAAS,KAAA,EAAkD;AAClE,EAAA,OAAO,KAAA,KAAU,QAAQ,OAAO,KAAA,KAAU,YAAY,CAAC,KAAA,CAAM,QAAQ,KAAK,CAAA;AAC5E;AAEA,SAAS,6BAA6B,OAAA,EAAoC;AACxE,EAAA,IAAI,CAAC,QAAA,CAAS,OAAO,CAAA,EAAG;AACtB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,gBAAgB,OAAA,CAAQ,OAAA;AAC9B,EAAA,IAAI,OAAO,aAAA,KAAkB,QAAA,IAAY,cAAc,IAAA,EAAK,CAAE,SAAS,CAAA,EAAG;AACxE,IAAA,OAAO,cAAc,IAAA,EAAK;AAAA,EAC5B;AAEA,EAAA,MAAM,SAAS,OAAA,CAAQ,MAAA;AACvB,EAAA,IAAI,CAAC,QAAA,CAAS,MAAM,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,cAAc,MAAA,CAAO,WAAA;AAC3B,EAAA,IAAI,CAAC,QAAA,CAAS,WAAW,CAAA,EAAG;AAC1B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,gBAAgB,WAAA,CAAY,OAAA;AAClC,EAAA,IAAI,OAAO,aAAA,KAAkB,QAAA,IAAY,cAAc,IAAA,EAAK,CAAE,SAAS,CAAA,EAAG;AACxE,IAAA,OAAO,cAAc,IAAA,EAAK;AAAA,EAC5B;AAEA,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,0BAA0B,KAAA,EAAqD;AACtF,EAAA,OAAO,KAAA,KAAU,MAAA,GACb,MAAA,GACC,qBAAA,CAAsB,KAAK,CAAA;AAClC;AAEA,eAAe,6BACb,WAAA,EACgD;AAChD,EAAA,IAAI,OAAO,gBAAgB,UAAA,EAAY;AACrC,IAAA,OAAO,MAAM,WAAA,EAAY;AAAA,EAC3B;AACA,EAAA,OAAO,WAAA;AACT;AAEA,SAAS,iBAAA,CACP,MACA,QAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,IAAI,CAAA;AAChC,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,QAAQ,CAAA,EAAG;AACnD,IAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAChC,IAAA,IAAI,QAAA,KAAa,IAAA,IAAQ,QAAA,KAAa,KAAA,EAAO;AAC3C,MAAA,MAAM,IAAI,yBAAA;AAAA,QACR,eAAA;AAAA,QACA,6DAA6D,GAAG,CAAA,QAAA;AAAA,OAClE;AAAA,IACF;AACA,IAAA,OAAA,CAAQ,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,EACxB;AACA,EAAA,OAAO,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,OAAA,EAAS,CAAA;AAC7C;AAEA,SAAS,iBAAiB,KAAA,EAAsD;AAC9E,EAAA,MAAM,UAAA,GAAa,OAAO,IAAA,EAAK;AAC/B,EAAA,OAAO,aAAa,UAAA,GAAa,MAAA;AACnC;AAKO,SAAS,0BAAA,CAA2B,MAAA,GAA8B,EAAC,EAAG;AAC3E,EAAA,MAAM,SAAA,GAAY,OAAO,SAAA,IAAa,KAAA;AACtC,EAAA,MAAM,UAAU,MAAA,CAAO,OAAA,EAAS,OAAA,CAAQ,MAAA,EAAQ,EAAE,CAAA,IAAK,EAAA;AACvD,EAAA,MAAM,UAAA,GAAa,OAAO,UAAA,IAAc,CAAA;AACxC,EAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,gBAAA,KAAqB,MAAM,yBAAA,EAA0B,CAAA;AAErF,EAAA,eAAe,kBAAA,GAAsD;AACnE,IAAA,MAAM,WAAW,MAAA,CAAO,cAAA,GAAiB,MAAM,MAAA,CAAO,cAAA,KAAmB,EAAC;AAC1E,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,QAAQ,CAAA;AACpC,IAAA,MAAM,WAAA,GAAc,CAAC,IAAA,EAAc,KAAA,KAA8B;AAC/D,MAAA,MAAM,UAAA,GAAa,iBAAiB,KAAK,CAAA;AACzC,MAAA,IAAI,UAAA,IAAc,CAAC,OAAA,CAAQ,GAAA,CAAI,IAAI,CAAA,EAAG;AACpC,QAAA,OAAA,CAAQ,GAAA,CAAI,MAAM,UAAU,CAAA;AAAA,MAC9B;AAAA,IACF,CAAA;AAEA,IAAA,WAAA,CAAY,cAAA,EAAgB,OAAO,MAAM,CAAA;AACzC,IAAA,WAAA,CAAY,wBAAA,EAA0B,OAAO,SAAS,CAAA;AACtD,IAAA,WAAA,CAAY,sBAAA,EAAwB,OAAO,WAAW,CAAA;AACtD,IAAA,WAAA,CAAY,mBAAA,EAAqB,OAAO,OAAO,CAAA;AAC/C,IAAA,WAAA,CAAY,kBAAA,EAAoB,MAAA,CAAO,MAAA,IAAU,MAAA,CAAO,OAAO,CAAA;AAC/D,IAAA,WAAA,CAAY,0BAAA,EAA4B,OAAO,cAAc,CAAA;AAE7D,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,SAAS,CAAA;AACjD,IAAA,MAAM,mBAAmB,MAAM,4BAAA;AAAA,MAC7B,MAAA,CAAO;AAAA,KACT;AACA,IAAA,IAAI,CAAC,gBAAA,IAAoB,CAAC,MAAA,CAAO,2BAAA,EAA6B;AAC5D,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,MAAM,WAAA,GAAc,oCAAoC,gBAAgB,CAAA;AACxE,IAAA,OAAO,iBAAA,CAAkB,IAAA,EAAM,0BAAA,CAA2B,WAAW,CAAC,CAAA;AAAA,EACxE;AAEA,EAAA,eAAe,gBAAA,CACb,GAAA,EACA,IAAA,EACA,SAAA,EACmB;AACnB,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,QAAQ,UAAA,CAAW,MAAM,UAAA,CAAW,KAAA,IAAS,SAAS,CAAA;AAC5D,IAAA,IAAI;AACF,MAAA,OAAO,MAAM,UAAU,GAAA,EAAK,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,UAAA,CAAW,MAAA,EAAQ,CAAA;AAAA,IACpE,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,UAAA,CAAW,OAAO,OAAA,EAAS;AAC7B,QAAA,MAAM,aAAa,SAAS,CAAA;AAAA,MAC9B;AACA,MAAA,MAAM,KAAA;AAAA,IACR,CAAA,SAAE;AACA,MAAA,YAAA,CAAa,KAAK,CAAA;AAAA,IACpB;AAAA,EACF;AAEA,EAAA,eAAe,aACb,QAAA,EAC4C;AAC5C,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,MAAM,MAAA,GAAS,4BAA4B,IAAI,CAAA;AAC/C,IAAA,IAAI,CAAC,OAAO,EAAA,EAAI;AACd,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO,QAAA,CAAS,MAAA,CAAO,KAAK,CAAA,GACvB,OAAO,KAAA,GACR,IAAA;AAAA,EACN;AAEA,EAAA,SAAS,gBAAA,CACP,QACA,gBAAA,EACQ;AACR,IAAA,IAAI,OAAO,qBAAqB,QAAA,EAAU;AACxC,MAAA,OAAO,gBAAA;AAAA,IACT;AACA,IAAA,MAAM,eAAA,GAAkB,MAAA,CAAO,iBAAA,GAAoB,MAAM,CAAA;AACzD,IAAA,IAAI,OAAO,oBAAoB,QAAA,EAAU;AACvC,MAAA,OAAO,eAAA;AAAA,IACT;AACA,IAAA,OAAO,OAAO,SAAA,IAAa,IAAA;AAAA,EAC7B;AAEA,EAAA,SAAS,4BAA4B,IAAA,EAAgC;AACnE,IAAA,MAAM,OAAA,GAAU,KAAK,IAAA,EAAK;AAC1B,IAAA,IAAI,CAAC,QAAQ,UAAA,CAAW,GAAG,KAAK,CAAC,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,EAAG;AACxD,MAAA,OAAO,EAAE,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,UAAA,EAAW;AAAA,IACzC;AACA,IAAA,IAAI;AACF,MAAA,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,OAAO,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA,EAAE;AAAA,IAChD,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,iBAAiB,WAAA,EAAa;AAChC,QAAA,OAAO,EAAE,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,gBAAgB,KAAA,EAAM;AAAA,MACpD;AACA,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF;AAEA,EAAA,SAAS,cAAc,IAAA,EAIJ;AACjB,IAAA,MAAM,UAAU,IAAA,CAAK,OAAA;AACrB,IAAA,MAAM,WAAA,GACJ,WAAW,QAAA,CAAS,OAAA,CAAQ,KAAK,CAAA,GAAI,OAAA,CAAQ,QAAQ,OAAA,EAAS,WAAA;AAChE,IAAA,MAAM,aAAA,GACJ,OAAA,EAAS,aAAA,IACT,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,yBAAyB,CAAA,EAAG,IAAA,EAAK,IAC3D,IAAA,CAAK,SAAA;AACP,IAAA,MAAM,aAAA,GACJ,OAAA,EAAS,aAAA,IACT,IAAA,CAAK,QAAA,CAAS,QAAQ,GAAA,CAAI,0BAA0B,CAAA,EAAG,IAAA,EAAK,IAC5D,IAAA;AACF,IAAA,MAAM,OAAA,GAAU,yBAAA;AAAA,MACd,OAAA,EAAS,WAAW,WAAA,EAAa;AAAA,KACnC;AACA,IAAA,MAAM,aAAA,GAAgB,6BAA6B,OAAO,CAAA;AAC1D,IAAA,MAAM,iBACJ,OAAO,OAAA,EAAS,UAAU,QAAA,GACtB,OAAA,CAAQ,QACR,WAAA,EAAa,OAAA;AAEnB,IAAA,OAAO,IAAI,cAAA,CAAe;AAAA,MACxB,IAAA,EACE,SAAS,IAAA,IACT,WAAA,EAAa,QACb,iBAAA,CAAkB,IAAA,CAAK,SAAS,MAAM,CAAA;AAAA,MACxC,SACE,aAAA,IACA,cAAA,KACC,IAAA,CAAK,QAAA,CAAS,KACX,mDAAA,GACA,8BAAA,CAAA;AAAA,MACN,MAAA,EAAQ,KAAK,QAAA,CAAS,MAAA;AAAA,MACtB,WAAW,OAAA,EAAS,SAAA;AAAA,MACpB,YAAY,OAAA,EAAS,UAAA;AAAA,MACrB,OAAA;AAAA,MACA,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,aAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,eAAe,QAAW,IAAA,EAOa;AACrC,IAAA,MAAM,WAAA,GAAc,MAAM,kBAAA,EAAmB;AAC7C,IAAA,MAAM,MAAA,GAAS,KAAK,MAAA,IAAU,KAAA;AAC9B,IAAA,MAAM,SAAA,GAAY,gBAAA,CAAiB,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA;AACzD,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,MAC1B,cAAA,EAAgB,kBAAA;AAAA,MAChB,GAAG;AAAA,KACJ,CAAA;AACD,IAAA,IAAI,KAAK,cAAA,EAAgB;AACvB,MAAA,OAAA,CAAQ,GAAA,CAAI,iBAAA,EAAmB,IAAA,CAAK,cAAc,CAAA;AAAA,IACpD;AACA,IAAA,MAAM,SAAA,GACJ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,GAAG,IAAA,EAAK,IACtC,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA,EAAG,IAAA,EAAK,IAClC,IAAA,CAAK,aACL,gBAAA,EAAiB;AACnB,IAAA,IAAI,CAAC,QAAQ,GAAA,CAAI,kBAAkB,KAAK,CAAC,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA,EAAG;AACpE,MAAA,OAAA,CAAQ,GAAA,CAAI,oBAAoB,SAAS,CAAA;AAAA,IAC3C;AAEA,IAAA,MAAM,GAAA,GAAM,CAAA,EAAG,OAAO,CAAA,EAAG,KAAK,IAAI,CAAA,CAAA;AAClC,IAAA,MAAM,iBAAiB,IAAA,CAAK,IAAA,GAAO,KAAK,SAAA,CAAU,IAAA,CAAK,IAAI,CAAA,GAAI,MAAA;AAC/D,IAAA,MAAM,IAAA,GAAoB;AAAA,MACxB,MAAA;AAAA,MACA,OAAA;AAAA,MACA,IAAA,EAAM;AAAA,KACR;AAEA,IAAA,IAAI,SAAA;AAEJ,IAAA,KAAA,IAAS,OAAA,GAAU,CAAA,EAAG,OAAA,IAAW,UAAA,EAAY,OAAA,EAAA,EAAW;AACtD,MAAA,MAAM,kBAAA,GAAgD;AAAA,QACpD,SAAA;AAAA,QACA,OAAA;AAAA,QACA,UAAA;AAAA,QACA,MAAA;AAAA,QACA,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,GAAA;AAAA,QACA,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAO,CAAA;AAAA,QAC5B,IAAA,EAAM,cAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,MAAM,MAAA,CAAO,YAAY,kBAAkB,CAAA;AAC3C,MAAA,MAAM,SAAA,GAAY,KAAK,GAAA,EAAI;AAC3B,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,gBAAA,CAAiB,GAAA,EAAK,MAAM,SAAS,CAAA;AAC5D,QAAA,MAAM,aAAA,GAAgB,SAAS,KAAA,EAAM;AACrC,QAAA,MAAM,OAAA,GAAU,MAAM,YAAA,CAAgB,QAAQ,CAAA;AAC9C,QAAA,MAAM,QAAQ,aAAA,CAAc;AAAA,UAC1B,QAAQ,QAAA,CAAS,MAAA;AAAA,UACjB,UAAA,EAAY,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,aAAa;AAAA,SAC/C,CAAA;AACD,QAAA,MAAM,YAAA,GAAe,MAAM,YAAA,IAAgB,IAAA;AAE3C,QAAA,IAAI,CAAC,QAAA,CAAS,EAAA,IAAM,CAAC,SAAS,OAAA,EAAS;AACrC,UAAA,MAAM,OAAA,GACJ,OAAA,IAAW,CAAC,OAAA,CAAQ,UAAW,OAAA,GAAqC,IAAA;AACtE,UAAA,MAAM,WAAW,aAAA,CAAc;AAAA,YAC7B,SAAA;AAAA,YACA,QAAA;AAAA,YACA;AAAA,WACD,CAAA;AACD,UAAA,MAAM,SAAA,GAAY,OAAA,GAAU,UAAA,IAAc,KAAA,CAAM,SAAA;AAEhD,UAAA,MAAM,OAAO,UAAA,GAAa;AAAA,YACxB,GAAG,kBAAA;AAAA,YACH,UAAA,EAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAAA,YACzB,QAAQ,QAAA,CAAS,MAAA;AAAA,YACjB,QAAA,EAAU,aAAA;AAAA,YACV,KAAA,EAAO,QAAA;AAAA,YACP,aAAA,EAAe,SAAS,aAAA,IAAiB,SAAA;AAAA,YACzC,aAAA,EAAe,SAAS,aAAA,IAAiB,IAAA;AAAA,YACzC,YAAA;AAAA,YACA;AAAA,WACD,CAAA;AAED,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,SAAA,GAAY,QAAA;AACZ,YAAA,MAAM,KAAA;AAAA,cACJ,mBAAA,CAAoB;AAAA,gBAClB,OAAA;AAAA,gBACA,QAAQ,QAAA,CAAS,MAAA;AAAA,gBACjB;AAAA,eACD;AAAA,aACH;AACA,YAAA;AAAA,UACF;AAEA,UAAA,MAAM,QAAA;AAAA,QACR;AAEA,QAAA,MAAM,cAAA,GAAiB,OAAA;AACvB,QAAA,MAAM,OAAO,UAAA,GAAa;AAAA,UACxB,GAAG,kBAAA;AAAA,UACH,UAAA,EAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAAA,UACzB,QAAQ,QAAA,CAAS,MAAA;AAAA,UACjB,QAAA,EAAU,aAAA;AAAA,UACV,aAAA,EACE,eAAe,aAAA,IACf,QAAA,CAAS,QAAQ,GAAA,CAAI,yBAAyB,CAAA,EAAG,IAAA,EAAK,IACtD,SAAA;AAAA,UACF,aAAA,EACE,eAAe,aAAA,IACf,QAAA,CAAS,QAAQ,GAAA,CAAI,0BAA0B,CAAA,EAAG,IAAA,EAAK,IACvD,IAAA;AAAA,UACF,kBAAkB,cAAA,CAAe,gBAAA;AAAA,UACjC,YAAA;AAAA,UACA,SAAA,EAAW;AAAA,SACZ,CAAA;AAED,QAAA,OAAO,cAAA;AAAA,MACT,SAAS,UAAA,EAAY;AACnB,QAAA,IAAI,sBAAsB,cAAA,EAAgB;AACxC,UAAA,MAAM,UAAA;AAAA,QACR;AACA,QAAA,MAAM,KAAA,GAAQ,aAAA,CAAc,EAAE,KAAA,EAAO,YAAY,CAAA;AACjD,QAAA,MAAM,SAAA,GAAY,OAAA,GAAU,UAAA,IAAc,KAAA,CAAM,SAAA;AAChD,QAAA,MAAM,OAAO,UAAA,GAAa;AAAA,UACxB,GAAG,kBAAA;AAAA,UACH,UAAA,EAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAAA,UACzB,KAAA,EAAO,UAAA;AAAA,UACP,aAAA,EAAe,SAAA;AAAA,UACf,aAAA,EAAe,IAAA;AAAA,UACf;AAAA,SACD,CAAA;AACD,QAAA,SAAA,GAAY,UAAA;AACZ,QAAA,IAAI,SAAA,EAAW;AACb,UAAA,MAAM,KAAA,CAAM,mBAAA,CAAoB,EAAE,OAAA,EAAS,CAAC,CAAA;AAAA,QAC9C;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAM,SAAA,YAAqB,KAAA,GACvB,SAAA,GACA,IAAI,MAAM,4CAA4C,CAAA;AAAA,EAC5D;AAEA,EAAA,OAAO;AAAA,IACL;AAAA,GACF;AACF;;;ACnpBO,SAAS,mBAAA,CAAoB,MAAA,GAA8B,EAAC,EAAG;AACpE,EAAA,MAAM,OAAA,GAAU,2BAA2B,MAAM,CAAA;AAEjD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAML,MAAM,IAAI,UAAA,EAAoB;AAC5B,MAAA,OAAO,QAAQ,OAAA,CAAiC;AAAA,QAC9C,IAAA,EAAM,CAAA,2BAAA,EAA8B,kBAAA,CAAmB,UAAU,CAAC,CAAA,OAAA;AAAA,OACnE,CAAA;AAAA,IACH;AAAA,GACF;AACF","file":"answersClient.js","sourcesContent":["import type {\n SessionAuthMode,\n SessionDelegationHop,\n SessionPrincipalType,\n} from \"./contracts/auth-session.contract\";\nimport type { JsonObject } from \"./types\";\n\nexport type LucernSdkAuthFailureReason =\n | \"principal_missing\"\n | \"tenant_missing\"\n | \"membership_missing\"\n | \"workspace_missing\"\n | \"clerk_alias_missing\"\n | \"clerk_alias_unrecognized\"\n | \"policy_denied\"\n | \"policy_unavailable\"\n | \"policy_unknown\";\n\nexport type PermitReadyAuthContext = {\n subject: string;\n tenant: string;\n workspace: string;\n resource?: string;\n action?: string;\n relation?: string;\n context?: JsonObject;\n};\n\nexport type LucernSdkAuthPolicyDecision = \"allow\" | \"deny\" | \"unknown\";\n\nexport type LucernSdkAuthContextInput = {\n clerkId?: string;\n principalId?: string;\n tenantId?: string;\n workspaceId?: string | null;\n principalType?: SessionPrincipalType;\n authMode?: SessionAuthMode;\n roles?: readonly string[];\n scopes?: readonly string[];\n delegationChain?: readonly SessionDelegationHop[];\n policyTraceId?: string;\n correlationId?: string;\n membershipId?: string;\n policyDecision?: LucernSdkAuthPolicyDecision;\n permit?: Partial<PermitReadyAuthContext>;\n};\n\nexport type CanonicalLucernSdkAuthContext = {\n clerkId?: string;\n principalId: string;\n tenantId: string;\n workspaceId: string;\n principalType: SessionPrincipalType;\n authMode: SessionAuthMode;\n roles: string[];\n scopes: string[];\n delegationChain: SessionDelegationHop[];\n policyTraceId?: string;\n correlationId?: string;\n membershipId?: string;\n permit: PermitReadyAuthContext;\n};\n\nexport class LucernSdkAuthContextError extends Error {\n readonly reason: LucernSdkAuthFailureReason;\n\n constructor(reason: LucernSdkAuthFailureReason, message: string) {\n super(message);\n this.name = \"LucernSdkAuthContextError\";\n this.reason = reason;\n }\n}\n\nfunction cleanString(value: string | null | undefined): string | undefined {\n const normalized = value?.trim();\n return normalized ? normalized : undefined;\n}\n\nfunction cleanStringList(values: readonly string[] | undefined): string[] {\n if (!values) {\n return [];\n }\n return values\n .map((value) => value.trim())\n .filter(\n (value, index, list) =>\n value.length > 0 && list.indexOf(value) === index\n );\n}\n\nfunction requireString(\n value: string | null | undefined,\n reason: LucernSdkAuthFailureReason,\n label: string\n): string {\n const normalized = cleanString(value);\n if (!normalized) {\n throw new LucernSdkAuthContextError(\n reason,\n `Canonical Lucern SDK auth context is missing ${label}.`\n );\n }\n return normalized;\n}\n\nfunction requirePrincipalType(\n principalType: SessionPrincipalType | undefined\n): SessionPrincipalType {\n if (!principalType) {\n throw new LucernSdkAuthContextError(\n \"principal_missing\",\n \"Canonical Lucern SDK auth context is missing principalType.\"\n );\n }\n return principalType;\n}\n\nfunction requireAuthMode(authMode: SessionAuthMode | undefined): SessionAuthMode {\n if (!authMode) {\n throw new LucernSdkAuthContextError(\n \"principal_missing\",\n \"Canonical Lucern SDK auth context is missing authMode.\"\n );\n }\n return authMode;\n}\n\nfunction ensurePermitMatch(args: {\n field: keyof PermitReadyAuthContext;\n expected: string;\n actual?: string;\n}) {\n const actual = cleanString(args.actual);\n if (actual && actual !== args.expected) {\n throw new LucernSdkAuthContextError(\n \"policy_denied\",\n `Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`\n );\n }\n}\n\nexport function normalizeCanonicalLucernAuthContext(\n input: LucernSdkAuthContextInput | undefined\n): CanonicalLucernSdkAuthContext {\n if (!input) {\n throw new LucernSdkAuthContextError(\n \"principal_missing\",\n \"Canonical Lucern SDK auth context is required.\"\n );\n }\n\n if (input.policyDecision === \"deny\") {\n throw new LucernSdkAuthContextError(\n \"policy_denied\",\n \"Canonical Lucern SDK auth context carries a denied policy decision.\"\n );\n }\n\n const principalId = requireString(\n input.principalId,\n \"principal_missing\",\n \"principalId\"\n );\n const tenantId = requireString(input.tenantId, \"tenant_missing\", \"tenantId\");\n const workspaceId = requireString(\n input.workspaceId,\n \"workspace_missing\",\n \"workspaceId\"\n );\n const roles = cleanStringList(input.roles);\n const scopes = cleanStringList(input.scopes);\n const principalType = requirePrincipalType(input.principalType);\n const authMode = requireAuthMode(input.authMode);\n const roleBasedInteractiveAuth =\n authMode === \"interactive_user\" && roles.length > 0;\n if (\n roles.length === 0 ||\n (scopes.length === 0 && !roleBasedInteractiveAuth)\n ) {\n throw new LucernSdkAuthContextError(\n \"membership_missing\",\n \"Canonical Lucern SDK auth context requires non-empty roles and scopes.\"\n );\n }\n\n const subject = cleanString(input.permit?.subject) ?? principalId;\n const tenant = cleanString(input.permit?.tenant) ?? tenantId;\n const workspace = cleanString(input.permit?.workspace) ?? workspaceId;\n\n ensurePermitMatch({\n field: \"subject\",\n expected: principalId,\n actual: subject,\n });\n ensurePermitMatch({ field: \"tenant\", expected: tenantId, actual: tenant });\n ensurePermitMatch({\n field: \"workspace\",\n expected: workspaceId,\n actual: workspace,\n });\n\n const context = input.permit?.context\n ? ({ ...input.permit.context } as JsonObject)\n : undefined;\n\n return {\n clerkId: cleanString(input.clerkId),\n principalId,\n tenantId,\n workspaceId,\n principalType,\n authMode,\n roles,\n scopes,\n delegationChain: input.delegationChain ? [...input.delegationChain] : [],\n policyTraceId: cleanString(input.policyTraceId),\n correlationId: cleanString(input.correlationId),\n membershipId: cleanString(input.membershipId),\n permit: {\n subject,\n tenant,\n workspace,\n resource: cleanString(input.permit?.resource),\n action: cleanString(input.permit?.action),\n relation: cleanString(input.permit?.relation),\n context,\n },\n };\n}\n\nexport function createCanonicalAuthHeaders(\n authContext: CanonicalLucernSdkAuthContext\n): Record<string, string> {\n const headers: Record<string, string> = {\n \"x-lucern-principal-id\": authContext.principalId,\n \"x-lucern-principal-type\": authContext.principalType,\n \"x-lucern-tenant\": authContext.tenantId,\n \"x-lucern-tenant-id\": authContext.tenantId,\n \"x-lucern-workspace\": authContext.workspaceId,\n \"x-lucern-workspace-id\": authContext.workspaceId,\n \"x-lucern-auth-mode\": authContext.authMode,\n \"x-lucern-roles\": authContext.roles.join(\",\"),\n \"x-lucern-scopes\": authContext.scopes.join(\",\"),\n \"x-lucern-permit-context\": JSON.stringify(authContext.permit),\n };\n\n if (authContext.clerkId) {\n headers[\"x-lucern-clerk-id\"] = authContext.clerkId;\n headers[\"x-lucern-user-id\"] = authContext.clerkId;\n }\n if (authContext.delegationChain.length > 0) {\n headers[\"x-lucern-delegation-chain\"] = JSON.stringify(\n authContext.delegationChain\n );\n }\n if (authContext.policyTraceId) {\n headers[\"x-lucern-policy-trace-id\"] = authContext.policyTraceId;\n }\n if (authContext.correlationId) {\n headers[\"x-correlation-id\"] = authContext.correlationId;\n headers[\"x-lucern-correlation-id\"] = authContext.correlationId;\n }\n if (authContext.membershipId) {\n headers[\"x-lucern-membership-id\"] = authContext.membershipId;\n }\n\n return headers;\n}\n","import { redactDiagnosticValue } from \"@lucern/transport-core/redaction\";\nimport { classifyRetry } from \"@lucern/transport-core/transport\";\n\nimport {\n createCanonicalAuthHeaders,\n LucernSdkAuthContextError,\n normalizeCanonicalLucernAuthContext,\n type LucernSdkAuthContextInput,\n} from \"./authContext\";\nimport type { JsonObject, JsonValue } from \"./types\";\n\n/** Tenant and workspace identifiers used to scope gateway requests. */\nexport type GatewayScope = {\n tenantId?: string;\n workspaceId?: string;\n};\n\n/** Successful response envelope from the platform gateway with correlation metadata. */\nexport type PlatformGatewaySuccess<T> = {\n success: true;\n data: T;\n correlationId: string;\n policyTraceId: string | null;\n idempotentReplay: boolean;\n};\n\n/** Failed response envelope with structured error codes and optional invariant references. */\nexport type PlatformGatewayFailure = {\n success: false;\n /**\n * Error string is the canonical envelope field.\n * Object form is legacy-only compatibility for older gateway responses.\n */\n error:\n | string\n | {\n code: string;\n message: string;\n details?: JsonValue;\n };\n code?: string;\n invariant?: string | null;\n suggestion?: string | null;\n details?: JsonValue;\n legacyError?: {\n code: string;\n message: string;\n details?: JsonValue;\n };\n correlationId: string;\n policyTraceId: string | null;\n};\n\n/** Discriminated union of success and failure gateway responses. */\nexport type PlatformGatewayEnvelope<T> =\n | PlatformGatewaySuccess<T>\n | PlatformGatewayFailure;\n\n/**\n * Structured error thrown when a platform API request fails.\n *\n * Includes HTTP status, machine-readable error code, optional invariant\n * reference, and actionable suggestions for common failure modes.\n */\nexport class LucernApiError extends Error {\n public readonly code: string;\n public readonly status: number;\n public readonly invariant?: string | null;\n public readonly suggestion?: string | null;\n public readonly details?: JsonValue;\n public readonly requestId?: string;\n public readonly correlationId?: string;\n public readonly policyTraceId?: string | null;\n\n constructor(args: {\n code: string;\n message: string;\n status: number;\n invariant?: string | null;\n suggestion?: string | null;\n details?: JsonValue;\n requestId?: string;\n correlationId?: string;\n policyTraceId?: string | null;\n }) {\n super(args.message);\n this.name = \"LucernApiError\";\n this.code = args.code;\n this.status = args.status;\n this.invariant = args.invariant;\n this.suggestion = args.suggestion;\n this.details = args.details;\n this.requestId = args.requestId;\n this.correlationId = args.correlationId;\n this.policyTraceId = args.policyTraceId;\n }\n}\n\n/** Supported HTTP methods for gateway requests. */\nexport type GatewayHttpMethod = \"GET\" | \"POST\" | \"PUT\" | \"PATCH\" | \"DELETE\";\n\ntype FetchLike = (\n input: RequestInfo | URL,\n init?: RequestInit\n) => Promise<Response>;\n\ntype JsonParseAttempt =\n | { ok: true; value: unknown }\n | { ok: false; reason: \"non-json\" | \"invalid-json\"; error?: SyntaxError };\n\n/** Context passed to the `onRequest` hook before each gateway request attempt. */\nexport type GatewayRequestHookContext = {\n requestId: string;\n attempt: number;\n maxRetries: number;\n method: GatewayHttpMethod;\n path: string;\n url: string;\n headers: Headers;\n body?: string;\n timeoutMs: number;\n};\n\n/** Context passed to the `onResponse` hook after each gateway request attempt (including retries and failures). */\nexport type GatewayResponseHookContext = GatewayRequestHookContext & {\n durationMs: number;\n status?: number;\n response?: Response;\n error?: unknown;\n correlationId?: string;\n policyTraceId?: string | null;\n idempotentReplay?: boolean;\n retryAfterMs?: number | null;\n willRetry: boolean;\n};\n\nexport type GatewayClientEnvironment = \"sandbox\" | \"production\";\n\n/**\n * Low-level transport configuration for the platform gateway client.\n *\n * Most developers should use {@link createLucernClient} instead, which wraps\n * this config with higher-level conveniences like `apiKey` and `environment`.\n */\nexport type GatewayClientConfig = {\n baseUrl?: string;\n fetchImpl?: FetchLike;\n /** Lucern tenant API key or service API key. Sent as `x-lucern-key`. */\n apiKey?: string;\n /**\n * Lucern platform session token. This is not a Clerk JWT.\n * Server-side tenant proxies should normally send `apiKey` plus `clerkId`.\n */\n userToken?: string;\n /** Gateway environment label for legacy sandbox/production routing. */\n environment?: GatewayClientEnvironment;\n /** Clerk subject for the current end user. */\n clerkId?: string;\n /** Optional explicit user subject. Defaults to `clerkId` when omitted. */\n userId?: string;\n /** Optional deployment host hint for front-door routing. */\n deploymentHost?: string;\n getAuthHeaders?:\n | (() => Promise<Record<string, string>>)\n | (() => Record<string, string>);\n /**\n * Canonical Master Control identity tuple applied to every SDK request.\n * Use this for tenant/workspace-scoped graph and identity operations.\n */\n authContext?:\n | LucernSdkAuthContextInput\n | (() => Promise<LucernSdkAuthContextInput | undefined>)\n | (() => LucernSdkAuthContextInput | undefined);\n /** When true, requests fail before fetch if `authContext` is absent. */\n requireCanonicalAuthContext?: boolean;\n /** Max retries for transient errors (5xx, network). Defaults to 2. */\n maxRetries?: number;\n /** Request timeout in ms. Defaults to 15000. */\n timeoutMs?: number;\n /** Optional timeout overrides by HTTP method. */\n timeoutMsByMethod?: Partial<Record<GatewayHttpMethod, number>>;\n /** Optional request ID factory used for correlation headers. */\n requestIdFactory?: () => string;\n /** Invoked before each request attempt, including retries. */\n onRequest?:\n | ((context: GatewayRequestHookContext) => void)\n | ((context: GatewayRequestHookContext) => Promise<void>);\n /** Invoked after each request attempt, including retries and failures. */\n onResponse?:\n | ((context: GatewayResponseHookContext) => void)\n | ((context: GatewayResponseHookContext) => Promise<void>);\n};\n\n/**\n * Serialize a gateway query object into a URL query string.\n */\nexport function toQueryString(\n scope: GatewayScope & Record<string, string | number | boolean | undefined>\n): string {\n const params = new URLSearchParams();\n if (scope.tenantId) {\n params.set(\"tenantId\", scope.tenantId);\n }\n if (scope.workspaceId) {\n params.set(\"workspaceId\", scope.workspaceId);\n }\n for (const [key, value] of Object.entries(scope)) {\n if (key === \"tenantId\" || key === \"workspaceId\") {\n continue;\n }\n if (value === undefined) {\n continue;\n }\n params.set(key, String(value));\n }\n const serialized = params.toString();\n return serialized.length > 0 ? `?${serialized}` : \"\";\n}\n\nfunction fillRandomBytes(length: number): Uint8Array {\n const bytes = new Uint8Array(length);\n if (typeof globalThis.crypto?.getRandomValues === \"function\") {\n globalThis.crypto.getRandomValues(bytes);\n return bytes;\n }\n\n for (let index = 0; index < length; index += 1) {\n bytes[index] = Math.floor(Math.random() * 256);\n }\n return bytes;\n}\n\nfunction generatePortableRequestId(): string {\n if (typeof globalThis.crypto?.randomUUID === \"function\") {\n return globalThis.crypto.randomUUID();\n }\n\n const bytes = fillRandomBytes(16);\n bytes[6] = (bytes[6] & 0x0f) | 0x40;\n bytes[8] = (bytes[8] & 0x3f) | 0x80;\n const hex = Array.from(bytes, (value) => value.toString(16).padStart(2, \"0\"));\n return `${hex.slice(0, 4).join(\"\")}-${hex.slice(4, 6).join(\"\")}-${hex.slice(\n 6,\n 8\n ).join(\"\")}-${hex.slice(8, 10).join(\"\")}-${hex.slice(10).join(\"\")}`;\n}\n\n/**\n * Generate a random idempotency key for retry-safe writes.\n */\nexport const randomIdempotencyKey = generatePortableRequestId;\n\nfunction fallbackErrorCode(status: number): string {\n if (status === 401) {\n return \"AUTHENTICATION_REQUIRED\";\n }\n if (status === 403) {\n return \"FORBIDDEN\";\n }\n if (status === 404) {\n return \"NOT_FOUND\";\n }\n if (status === 408) {\n return \"UPSTREAM_ERROR\";\n }\n if (status === 409) {\n return \"CONFLICT\";\n }\n if (status === 429) {\n return \"RATE_LIMIT_EXCEEDED\";\n }\n if (status >= 500) {\n return \"UPSTREAM_ERROR\";\n }\n return \"INTERNAL_ERROR\";\n}\n\nfunction delay(ms: number): Promise<void> {\n return new Promise((resolve) => setTimeout(resolve, ms));\n}\n\nfunction computeRetryDelayMs(args: {\n attempt: number;\n status?: number;\n retryAfterMs?: number | null;\n}): number {\n const baseDelay =\n args.status === 429\n ? Math.max(\n args.retryAfterMs ?? 0,\n Math.min(1000 * 2 ** args.attempt, 10_000)\n )\n : Math.min(1000 * 2 ** args.attempt, 4000);\n\n if (args.status !== 429) {\n return baseDelay;\n }\n\n const jitterWindow = Math.max(250, Math.round(baseDelay * 0.25));\n return baseDelay + Math.round(Math.random() * jitterWindow);\n}\n\nfunction timeoutError(timeoutMs: number): Error {\n const error = new Error(`Request timed out after ${timeoutMs}ms`);\n error.name = \"AbortError\";\n return error;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return value !== null && typeof value === \"object\" && !Array.isArray(value);\n}\n\nfunction readPolicySummaryFromDetails(details?: JsonValue): string | null {\n if (!isRecord(details)) {\n return null;\n }\n\n const directSummary = details.summary;\n if (typeof directSummary === \"string\" && directSummary.trim().length > 0) {\n return directSummary.trim();\n }\n\n const policy = details.policy;\n if (!isRecord(policy)) {\n return null;\n }\n\n const explanation = policy.explanation;\n if (!isRecord(explanation)) {\n return null;\n }\n\n const nestedSummary = explanation.summary;\n if (typeof nestedSummary === \"string\" && nestedSummary.trim().length > 0) {\n return nestedSummary.trim();\n }\n\n return null;\n}\n\nfunction redactJsonDiagnosticValue(value: JsonValue | undefined): JsonValue | undefined {\n return value === undefined\n ? undefined\n : (redactDiagnosticValue(value) as JsonValue);\n}\n\nasync function resolveConfiguredAuthContext(\n authContext: GatewayClientConfig[\"authContext\"]\n): Promise<LucernSdkAuthContextInput | undefined> {\n if (typeof authContext === \"function\") {\n return await authContext();\n }\n return authContext;\n}\n\nfunction mergeHeaderRecord(\n base: Record<string, string>,\n addition: Record<string, string>\n): Record<string, string> {\n const headers = new Headers(base);\n for (const [key, value] of Object.entries(addition)) {\n const existing = headers.get(key);\n if (existing !== null && existing !== value) {\n throw new LucernSdkAuthContextError(\n \"policy_denied\",\n `Canonical Lucern SDK auth context conflicts with existing ${key} header.`\n );\n }\n headers.set(key, value);\n }\n return Object.fromEntries(headers.entries());\n}\n\nfunction cleanHeaderValue(value: string | null | undefined): string | undefined {\n const normalized = value?.trim();\n return normalized ? normalized : undefined;\n}\n\n/**\n * Create the transport client used by all SDK modules.\n */\nexport function createGatewayRequestClient(config: GatewayClientConfig = {}) {\n const fetchImpl = config.fetchImpl ?? fetch;\n const baseUrl = config.baseUrl?.replace(/\\/+$/, \"\") ?? \"\";\n const maxRetries = config.maxRetries ?? 2;\n const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());\n\n async function resolveAuthHeaders(): Promise<Record<string, string>> {\n const provided = config.getAuthHeaders ? await config.getAuthHeaders() : {};\n const headers = new Headers(provided);\n const setIfAbsent = (name: string, value: string | undefined) => {\n const normalized = cleanHeaderValue(value);\n if (normalized && !headers.has(name)) {\n headers.set(name, normalized);\n }\n };\n\n setIfAbsent(\"x-lucern-key\", config.apiKey);\n setIfAbsent(\"x-lucern-session-token\", config.userToken);\n setIfAbsent(\"x-lucern-environment\", config.environment);\n setIfAbsent(\"x-lucern-clerk-id\", config.clerkId);\n setIfAbsent(\"x-lucern-user-id\", config.userId ?? config.clerkId);\n setIfAbsent(\"x-lucern-deployment-host\", config.deploymentHost);\n\n const base = Object.fromEntries(headers.entries());\n const authContextInput = await resolveConfiguredAuthContext(\n config.authContext\n );\n if (!authContextInput && !config.requireCanonicalAuthContext) {\n return base;\n }\n const authContext = normalizeCanonicalLucernAuthContext(authContextInput);\n return mergeHeaderRecord(base, createCanonicalAuthHeaders(authContext));\n }\n\n async function fetchWithTimeout(\n url: string,\n init: RequestInit,\n timeoutMs: number\n ): Promise<Response> {\n const controller = new AbortController();\n const timer = setTimeout(() => controller.abort(), timeoutMs);\n try {\n return await fetchImpl(url, { ...init, signal: controller.signal });\n } catch (error) {\n if (controller.signal.aborted) {\n throw timeoutError(timeoutMs);\n }\n throw error;\n } finally {\n clearTimeout(timer);\n }\n }\n\n async function parsePayload<T>(\n response: Response\n ): Promise<PlatformGatewayEnvelope<T> | null> {\n const text = await response.text();\n if (!text) {\n return null;\n }\n const parsed = tryParseGatewayEnvelopeJson(text);\n if (!parsed.ok) {\n return null;\n }\n return isRecord(parsed.value)\n ? (parsed.value as PlatformGatewayEnvelope<T>)\n : null;\n }\n\n function resolveTimeoutMs(\n method: GatewayHttpMethod,\n requestTimeoutMs?: number\n ): number {\n if (typeof requestTimeoutMs === \"number\") {\n return requestTimeoutMs;\n }\n const methodTimeoutMs = config.timeoutMsByMethod?.[method];\n if (typeof methodTimeoutMs === \"number\") {\n return methodTimeoutMs;\n }\n return config.timeoutMs ?? 15_000;\n }\n\n function tryParseGatewayEnvelopeJson(text: string): JsonParseAttempt {\n const trimmed = text.trim();\n if (!trimmed.startsWith(\"{\") && !trimmed.startsWith(\"[\")) {\n return { ok: false, reason: \"non-json\" };\n }\n try {\n return { ok: true, value: JSON.parse(trimmed) };\n } catch (error) {\n if (error instanceof SyntaxError) {\n return { ok: false, reason: \"invalid-json\", error };\n }\n throw error;\n }\n }\n\n function buildApiError(args: {\n requestId: string;\n response: Response;\n failure?: PlatformGatewayFailure | null;\n }): LucernApiError {\n const failure = args.failure;\n const legacyError =\n failure && isRecord(failure.error) ? failure.error : failure?.legacyError;\n const correlationId =\n failure?.correlationId ??\n args.response.headers.get(\"x-lucern-correlation-id\")?.trim() ??\n args.requestId;\n const policyTraceId =\n failure?.policyTraceId ??\n args.response.headers.get(\"x-lucern-policy-trace-id\")?.trim() ??\n null;\n const details = redactJsonDiagnosticValue(\n failure?.details ?? legacyError?.details\n );\n const policySummary = readPolicySummaryFromDetails(details);\n const failureMessage =\n typeof failure?.error === \"string\"\n ? failure.error\n : legacyError?.message;\n\n return new LucernApiError({\n code:\n failure?.code ??\n legacyError?.code ??\n fallbackErrorCode(args.response.status),\n message:\n policySummary ??\n failureMessage ??\n (args.response.ok\n ? \"Platform API returned an invalid success payload.\"\n : \"Platform API request failed.\"),\n status: args.response.status,\n invariant: failure?.invariant,\n suggestion: failure?.suggestion,\n details,\n requestId: args.requestId,\n correlationId,\n policyTraceId,\n });\n }\n\n async function request<T>(args: {\n path: string;\n method?: GatewayHttpMethod;\n body?: JsonObject;\n idempotencyKey?: string;\n requestId?: string;\n timeoutMs?: number;\n }): Promise<PlatformGatewaySuccess<T>> {\n const authHeaders = await resolveAuthHeaders();\n const method = args.method ?? \"GET\";\n const timeoutMs = resolveTimeoutMs(method, args.timeoutMs);\n const headers = new Headers({\n \"content-type\": \"application/json\",\n ...authHeaders,\n });\n if (args.idempotencyKey) {\n headers.set(\"idempotency-key\", args.idempotencyKey);\n }\n const requestId =\n headers.get(\"x-correlation-id\")?.trim() ||\n headers.get(\"x-request-id\")?.trim() ||\n args.requestId ||\n requestIdFactory();\n if (!headers.has(\"x-correlation-id\") && !headers.has(\"x-request-id\")) {\n headers.set(\"x-correlation-id\", requestId);\n }\n\n const url = `${baseUrl}${args.path}`;\n const serializedBody = args.body ? JSON.stringify(args.body) : undefined;\n const init: RequestInit = {\n method,\n headers,\n body: serializedBody,\n };\n\n let lastError: unknown;\n\n for (let attempt = 0; attempt <= maxRetries; attempt++) {\n const hookRequestContext: GatewayRequestHookContext = {\n requestId,\n attempt,\n maxRetries,\n method,\n path: args.path,\n url,\n headers: new Headers(headers),\n body: serializedBody,\n timeoutMs,\n };\n await config.onRequest?.(hookRequestContext);\n const startedAt = Date.now();\n try {\n const response = await fetchWithTimeout(url, init, timeoutMs);\n const responseClone = response.clone();\n const payload = await parsePayload<T>(response);\n const retry = classifyRetry({\n status: response.status,\n retryAfter: response.headers.get(\"Retry-After\"),\n });\n const retryAfterMs = retry.retryAfterMs ?? null;\n\n if (!response.ok || !payload?.success) {\n const failure =\n payload && !payload.success ? (payload as PlatformGatewayFailure) : null;\n const apiError = buildApiError({\n requestId,\n response,\n failure,\n });\n const willRetry = attempt < maxRetries && retry.retryable;\n\n await config.onResponse?.({\n ...hookRequestContext,\n durationMs: Date.now() - startedAt,\n status: response.status,\n response: responseClone,\n error: apiError,\n correlationId: apiError.correlationId ?? requestId,\n policyTraceId: apiError.policyTraceId ?? null,\n retryAfterMs,\n willRetry,\n });\n\n if (willRetry) {\n lastError = apiError;\n await delay(\n computeRetryDelayMs({\n attempt,\n status: response.status,\n retryAfterMs,\n })\n );\n continue;\n }\n\n throw apiError;\n }\n\n const successPayload = payload as PlatformGatewaySuccess<T>;\n await config.onResponse?.({\n ...hookRequestContext,\n durationMs: Date.now() - startedAt,\n status: response.status,\n response: responseClone,\n correlationId:\n successPayload.correlationId ??\n response.headers.get(\"x-lucern-correlation-id\")?.trim() ??\n requestId,\n policyTraceId:\n successPayload.policyTraceId ??\n response.headers.get(\"x-lucern-policy-trace-id\")?.trim() ??\n null,\n idempotentReplay: successPayload.idempotentReplay,\n retryAfterMs,\n willRetry: false,\n });\n\n return successPayload;\n } catch (fetchError) {\n if (fetchError instanceof LucernApiError) {\n throw fetchError;\n }\n const retry = classifyRetry({ error: fetchError });\n const willRetry = attempt < maxRetries && retry.retryable;\n await config.onResponse?.({\n ...hookRequestContext,\n durationMs: Date.now() - startedAt,\n error: fetchError,\n correlationId: requestId,\n policyTraceId: null,\n willRetry,\n });\n lastError = fetchError;\n if (willRetry) {\n await delay(computeRetryDelayMs({ attempt }));\n }\n }\n }\n\n throw lastError instanceof Error\n ? lastError\n : new Error(\"Platform API request failed after retries.\");\n }\n\n return {\n request,\n };\n}\n","import {\n createGatewayRequestClient,\n type GatewayClientConfig,\n} from \"./coreClient\";\n\n/** Configuration for the answers client. */\nexport type AnswersClientConfig = GatewayClientConfig;\n\n/**\n * Create the answers client for retrieving question answers.\n * @param config - Gateway transport configuration.\n * @returns An object with a `get` method to fetch the answer for a question.\n */\nexport function createAnswersClient(config: AnswersClientConfig = {}) {\n const gateway = createGatewayRequestClient(config);\n\n return {\n /**\n * Get the current answer for a question.\n * @param questionId - The question node identifier.\n * @returns The answer record for the given question.\n */\n async get(questionId: string) {\n return gateway.request<Record<string, unknown>>({\n path: `/api/platform/v1/questions/${encodeURIComponent(questionId)}/answer`,\n });\n },\n };\n}\n"]}
1
+ {"version":3,"sources":["../src/authContext.ts","../src/coreClient.ts","../src/answersClient.ts"],"names":["responseContext"],"mappings":";;;;;;;;AA+DO,IAAM,yBAAA,GAAN,cAAwC,KAAA,CAAM;AAAA,EAC1C,MAAA;AAAA,EAET,WAAA,CAAY,QAAoC,OAAA,EAAiB;AAC/D,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,2BAAA;AACZ,IAAA,IAAA,CAAK,MAAA,GAAS,MAAA;AAAA,EAChB;AACF,CAAA;AAEA,SAAS,YAAY,KAAA,EAAsD;AACzE,EAAA,MAAM,UAAA,GAAa,OAAO,IAAA,EAAK;AAC/B,EAAA,OAAO,aAAa,UAAA,GAAa,MAAA;AACnC;AAEA,SAAS,gBAAgB,MAAA,EAAiD;AACxE,EAAA,IAAI,CAAC,MAAA,EAAQ;AACX,IAAA,OAAO,EAAC;AAAA,EACV;AACA,EAAA,OAAO,OACJ,GAAA,CAAI,CAAC,UAAU,KAAA,CAAM,IAAA,EAAM,CAAA,CAC3B,MAAA;AAAA,IACC,CAAC,KAAA,EAAO,KAAA,EAAO,IAAA,KACb,KAAA,CAAM,SAAS,CAAA,IAAK,IAAA,CAAK,OAAA,CAAQ,KAAK,CAAA,KAAM;AAAA,GAChD;AACJ;AAEA,SAAS,aAAA,CACP,KAAA,EACA,MAAA,EACA,KAAA,EACQ;AACR,EAAA,MAAM,UAAA,GAAa,YAAY,KAAK,CAAA;AACpC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,MAAA;AAAA,MACA,gDAAgD,KAAK,CAAA,CAAA;AAAA,KACvD;AAAA,EACF;AACA,EAAA,OAAO,UAAA;AACT;AAEA,SAAS,qBACP,aAAA,EACsB;AACtB,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,mBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACA,EAAA,OAAO,aAAA;AACT;AAEA,SAAS,gBAAgB,QAAA,EAAwD;AAC/E,EAAA,IAAI,CAAC,QAAA,EAAU;AACb,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,mBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AACA,EAAA,OAAO,QAAA;AACT;AAEA,SAAS,kBAAkB,IAAA,EAIxB;AACD,EAAA,MAAM,MAAA,GAAS,WAAA,CAAY,IAAA,CAAK,MAAM,CAAA;AACtC,EAAA,IAAI,MAAA,IAAU,MAAA,KAAW,IAAA,CAAK,QAAA,EAAU;AACtC,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,eAAA;AAAA,MACA,CAAA,yDAAA,EAA4D,KAAK,KAAK,CAAA,CAAA;AAAA,KACxE;AAAA,EACF;AACF;AAEO,SAAS,oCACd,KAAA,EAC+B;AAC/B,EAAA,IAAI,CAAC,KAAA,EAAO;AACV,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,mBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,IAAI,KAAA,CAAM,mBAAmB,MAAA,EAAQ;AACnC,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,eAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,WAAA,GAAc,aAAA;AAAA,IAClB,KAAA,CAAM,WAAA;AAAA,IACN,mBAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,MAAM,QAAA,GAAW,aAAA,CAAc,KAAA,CAAM,QAAA,EAAU,kBAAkB,UAAU,CAAA;AAC3E,EAAA,MAAM,WAAA,GAAc,aAAA;AAAA,IAClB,KAAA,CAAM,WAAA;AAAA,IACN,mBAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,MAAM,KAAA,GAAQ,eAAA,CAAgB,KAAA,CAAM,KAAK,CAAA;AACzC,EAAA,MAAM,MAAA,GAAS,eAAA,CAAgB,KAAA,CAAM,MAAM,CAAA;AAC3C,EAAA,MAAM,aAAA,GAAgB,oBAAA,CAAqB,KAAA,CAAM,aAAa,CAAA;AAC9D,EAAA,MAAM,QAAA,GAAW,eAAA,CAAgB,KAAA,CAAM,QAAQ,CAAA;AAC/C,EAAA,MAAM,wBAAA,GACJ,QAAA,KAAa,kBAAA,IAAsB,KAAA,CAAM,MAAA,GAAS,CAAA;AACpD,EAAA,IACE,MAAM,MAAA,KAAW,CAAA,IAChB,OAAO,MAAA,KAAW,CAAA,IAAK,CAAC,wBAAA,EACzB;AACA,IAAA,MAAM,IAAI,yBAAA;AAAA,MACR,oBAAA;AAAA,MACA;AAAA,KACF;AAAA,EACF;AAEA,EAAA,MAAM,OAAA,GAAU,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,OAAO,CAAA,IAAK,WAAA;AACtD,EAAA,MAAM,MAAA,GAAS,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,MAAM,CAAA,IAAK,QAAA;AACpD,EAAA,MAAM,SAAA,GAAY,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,SAAS,CAAA,IAAK,WAAA;AAE1D,EAAA,iBAAA,CAAkB;AAAA,IAChB,KAAA,EAAO,SAAA;AAAA,IACP,QAAA,EAAU,WAAA;AAAA,IACV,MAAA,EAAQ;AAAA,GACT,CAAA;AACD,EAAA,iBAAA,CAAkB,EAAE,KAAA,EAAO,QAAA,EAAU,UAAU,QAAA,EAAU,MAAA,EAAQ,QAAQ,CAAA;AACzE,EAAA,iBAAA,CAAkB;AAAA,IAChB,KAAA,EAAO,WAAA;AAAA,IACP,QAAA,EAAU,WAAA;AAAA,IACV,MAAA,EAAQ;AAAA,GACT,CAAA;AAED,EAAA,MAAM,OAAA,GAAU,MAAM,MAAA,EAAQ,OAAA,GACzB,EAAE,GAAG,KAAA,CAAM,MAAA,CAAO,OAAA,EAAQ,GAC3B,MAAA;AAEJ,EAAA,OAAO;AAAA,IACL,OAAA,EAAS,WAAA,CAAY,KAAA,CAAM,OAAO,CAAA;AAAA,IAClC,WAAA;AAAA,IACA,QAAA;AAAA,IACA,WAAA;AAAA,IACA,aAAA;AAAA,IACA,QAAA;AAAA,IACA,KAAA;AAAA,IACA,MAAA;AAAA,IACA,eAAA,EAAiB,MAAM,eAAA,GAAkB,CAAC,GAAG,KAAA,CAAM,eAAe,IAAI,EAAC;AAAA,IACvE,aAAA,EAAe,WAAA,CAAY,KAAA,CAAM,aAAa,CAAA;AAAA,IAC9C,aAAA,EAAe,WAAA,CAAY,KAAA,CAAM,aAAa,CAAA;AAAA,IAC9C,YAAA,EAAc,WAAA,CAAY,KAAA,CAAM,YAAY,CAAA;AAAA,IAC5C,MAAA,EAAQ;AAAA,MACN,OAAA;AAAA,MACA,MAAA;AAAA,MACA,SAAA;AAAA,MACA,QAAA,EAAU,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,QAAQ,CAAA;AAAA,MAC5C,MAAA,EAAQ,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,MAAM,CAAA;AAAA,MACxC,QAAA,EAAU,WAAA,CAAY,KAAA,CAAM,MAAA,EAAQ,QAAQ,CAAA;AAAA,MAC5C;AAAA;AACF,GACF;AACF;AAEO,SAAS,2BACd,WAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAkC;AAAA,IACtC,yBAAyB,WAAA,CAAY,WAAA;AAAA,IACrC,2BAA2B,WAAA,CAAY,aAAA;AAAA,IACvC,mBAAmB,WAAA,CAAY,QAAA;AAAA,IAC/B,sBAAsB,WAAA,CAAY,QAAA;AAAA,IAClC,sBAAsB,WAAA,CAAY,WAAA;AAAA,IAClC,yBAAyB,WAAA,CAAY,WAAA;AAAA,IACrC,sBAAsB,WAAA,CAAY,QAAA;AAAA,IAClC,gBAAA,EAAkB,WAAA,CAAY,KAAA,CAAM,IAAA,CAAK,GAAG,CAAA;AAAA,IAC5C,iBAAA,EAAmB,WAAA,CAAY,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA;AAAA,IAC9C,yBAAA,EAA2B,IAAA,CAAK,SAAA,CAAU,WAAA,CAAY,MAAM;AAAA,GAC9D;AAEA,EAAA,IAAI,YAAY,OAAA,EAAS;AACvB,IAAA,OAAA,CAAQ,mBAAmB,IAAI,WAAA,CAAY,OAAA;AAC3C,IAAA,OAAA,CAAQ,kBAAkB,IAAI,WAAA,CAAY,OAAA;AAAA,EAC5C;AACA,EAAA,IAAI,WAAA,CAAY,eAAA,CAAgB,MAAA,GAAS,CAAA,EAAG;AAC1C,IAAA,OAAA,CAAQ,2BAA2B,IAAI,IAAA,CAAK,SAAA;AAAA,MAC1C,WAAA,CAAY;AAAA,KACd;AAAA,EACF;AACA,EAAA,IAAI,YAAY,aAAA,EAAe;AAC7B,IAAA,OAAA,CAAQ,0BAA0B,IAAI,WAAA,CAAY,aAAA;AAAA,EACpD;AACA,EAAA,IAAI,YAAY,aAAA,EAAe;AAC7B,IAAA,OAAA,CAAQ,kBAAkB,IAAI,WAAA,CAAY,aAAA;AAC1C,IAAA,OAAA,CAAQ,yBAAyB,IAAI,WAAA,CAAY,aAAA;AAAA,EACnD;AACA,EAAA,IAAI,YAAY,YAAA,EAAc;AAC5B,IAAA,OAAA,CAAQ,wBAAwB,IAAI,WAAA,CAAY,YAAA;AAAA,EAClD;AAEA,EAAA,OAAO,OAAA;AACT;;;AChOA,IAAM,0BAAA,GAA6B,IAAA;AACnC,IAAM,2BAAA,GAA8B,CAAA;AACpC,IAAM,sBAAA,GAAyB,2BAAA;AAC/B,IAAM,uBAAA,GAA0B,4BAAA;AAChC,IAAM,4BAAA,GAA+B,4BAAA;AA2C9B,IAAM,mBAAA,GAAN,cAAkC,KAAA,CAAM;AAAA,EAC7B,SAAA,GAAY,IAAA;AAAA,EACZ,SAAA;AAAA,EAEhB,YAAY,SAAA,EAAmB;AAC7B,IAAA,KAAA,CAAM,CAAA,wBAAA,EAA2B,SAAS,CAAA,EAAA,CAAI,CAAA;AAC9C,IAAA,IAAA,CAAK,IAAA,GAAO,YAAA;AACZ,IAAA,IAAA,CAAK,SAAA,GAAY,SAAA;AAAA,EACnB;AACF,CAAA;AAEO,IAAM,qBAAA,GAAN,cAAoC,KAAA,CAAM;AAAA,EAC/B,SAAA;AAAA,EACA,KAAA;AAAA,EAEhB,WAAA,CAAY,SAAiB,OAAA,EAAoD;AAC/E,IAAA,KAAA,CAAM,OAAO,CAAA;AACb,IAAA,IAAA,CAAK,IAAA,GAAO,uBAAA;AACZ,IAAA,IAAA,CAAK,SAAA,GAAY,SAAS,SAAA,IAAa,IAAA;AACvC,IAAA,IAAA,CAAK,QAAQ,OAAA,EAAS,KAAA;AAAA,EACxB;AACF,CAAA;AAYO,SAAS,wBAAwB,KAAA,EAAyB;AAC/D,EAAA,OACG,iBAAiB,mBAAA,IAAuB,KAAA,CAAM,aAC9C,KAAA,YAAiB,qBAAA,IAAyB,MAAM,SAAA,IACjD,KAAA;AAEJ;AAQO,IAAM,cAAA,GAAN,cAA6B,KAAA,CAAM;AAAA,EACxB,IAAA;AAAA,EACA,MAAA;AAAA,EACA,SAAA;AAAA,EACA,UAAA;AAAA,EACA,OAAA;AAAA,EACA,SAAA;AAAA,EACA,aAAA;AAAA,EACA,aAAA;AAAA,EAEhB,YAAY,IAAA,EAUT;AACD,IAAA,KAAA,CAAM,KAAK,OAAO,CAAA;AAClB,IAAA,IAAA,CAAK,IAAA,GAAO,gBAAA;AACZ,IAAA,IAAA,CAAK,OAAO,IAAA,CAAK,IAAA;AACjB,IAAA,IAAA,CAAK,SAAS,IAAA,CAAK,MAAA;AACnB,IAAA,IAAA,CAAK,YAAY,IAAA,CAAK,SAAA;AACtB,IAAA,IAAA,CAAK,aAAa,IAAA,CAAK,UAAA;AACvB,IAAA,IAAA,CAAK,UAAU,IAAA,CAAK,OAAA;AACpB,IAAA,IAAA,CAAK,YAAY,IAAA,CAAK,SAAA;AACtB,IAAA,IAAA,CAAK,gBAAgB,IAAA,CAAK,aAAA;AAC1B,IAAA,IAAA,CAAK,gBAAgB,IAAA,CAAK,aAAA;AAAA,EAC5B;AACF,CAAA;AAkIA,SAAS,gBAAgB,MAAA,EAA4B;AACnD,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,OAAO,UAAA,CAAW,MAAA,EAAQ,eAAA,KAAoB,UAAA,EAAY;AAC5D,IAAA,UAAA,CAAW,MAAA,CAAO,gBAAgB,KAAK,CAAA;AACvC,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,KAAA,IAAS,KAAA,GAAQ,CAAA,EAAG,KAAA,GAAQ,MAAA,EAAQ,SAAS,CAAA,EAAG;AAC9C,IAAA,KAAA,CAAM,KAAK,CAAA,GAAI,IAAA,CAAK,MAAM,IAAA,CAAK,MAAA,KAAW,GAAG,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,KAAA;AACT;AAEA,SAAS,yBAAA,GAAoC;AAC3C,EAAA,IAAI,OAAO,UAAA,CAAW,MAAA,EAAQ,UAAA,KAAe,UAAA,EAAY;AACvD,IAAA,OAAO,UAAA,CAAW,OAAO,UAAA,EAAW;AAAA,EACtC;AAEA,EAAA,MAAM,KAAA,GAAQ,gBAAgB,EAAE,CAAA;AAChC,EAAA,KAAA,CAAM,CAAC,CAAA,GAAK,KAAA,CAAM,CAAC,IAAI,EAAA,GAAQ,EAAA;AAC/B,EAAA,KAAA,CAAM,CAAC,CAAA,GAAK,KAAA,CAAM,CAAC,IAAI,EAAA,GAAQ,GAAA;AAC/B,EAAA,MAAM,GAAA,GAAM,KAAA,CAAM,IAAA,CAAK,KAAA,EAAO,CAAC,KAAA,KAAU,KAAA,CAAM,QAAA,CAAS,EAAE,CAAA,CAAE,QAAA,CAAS,CAAA,EAAG,GAAG,CAAC,CAAA;AAC5E,EAAA,OAAO,GAAG,GAAA,CAAI,KAAA,CAAM,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAC,IAAI,GAAA,CAAI,KAAA,CAAM,GAAG,CAAC,CAAA,CAAE,KAAK,EAAE,CAAC,IAAI,GAAA,CAAI,KAAA;AAAA,IACpE,CAAA;AAAA,IACA;AAAA,GACF,CAAE,KAAK,EAAE,CAAC,IAAI,GAAA,CAAI,KAAA,CAAM,GAAG,EAAE,CAAA,CAAE,KAAK,EAAE,CAAC,IAAI,GAAA,CAAI,KAAA,CAAM,EAAE,CAAA,CAAE,IAAA,CAAK,EAAE,CAAC,CAAA,CAAA;AACnE;AAEA,SAAS,kBAAA,GAAyC;AAChD,EAAA,MAAM,UAAA,GACJ,OAAO,UAAA,KAAe,QAAA,IACtB,eAAe,IAAA,IACf,SAAA,IAAa,UAAA,GACR,UAAA,CAA8D,OAAA,GAC/D,MAAA;AACN,EAAA,MAAM,GAAA,GACJ,UAAA,KAAe,MAAA,IACf,OAAO,UAAA,KAAe,QAAA,IACtB,UAAA,KAAe,IAAA,IACf,OAAO,UAAA,CAAW,GAAA,KAAQ,QAAA,GACtB,WAAW,GAAA,GACX,MAAA;AAEN,EAAA,OAAO;AAAA,IACL,GAAA,EAAK,CAAC,IAAA,KAAS;AACb,MAAA,MAAM,KAAA,GAAQ,MAAM,IAAI,CAAA;AACxB,MAAA,OAAO,OAAO,KAAA,KAAU,QAAA,IAAY,KAAA,CAAM,MAAA,GAAS,IAAI,KAAA,GAAQ,MAAA;AAAA,IACjE;AAAA,GACF;AACF;AAEA,SAAS,2BACP,WAAA,EACoC;AACpC,EAAA,MAAM,KAAA,GAAQ;AAAA,IACZ,0BAAA;AAAA,IACA,yBAAA;AAAA,IACA,oBAAA;AAAA,IACA,aAAA;AAAA,IACA,6BAAA;AAAA,IACA,sBAAA;AAAA,IACA,sBAAA;AAAA,IACA,eAAA;AAAA,IACA,sBAAA;AAAA,IACA,WAAA;AAAA,IACA,oBAAA;AAAA,IACA,UAAA;AAAA,IACA,gBAAA;AAAA,IACA,gBAAA;AAAA,IACA;AAAA,GACF;AACA,EAAA,OAAO,MAAA,CAAO,WAAA;AAAA,IACZ,KAAA,CAAM,GAAA,CAAI,CAAC,IAAA,KAAS,CAAC,MAAM,WAAA,CAAY,GAAA,CAAI,IAAI,CAAC,CAAC;AAAA,GACnD;AACF;AAEA,SAAS,qBAAA,CACP,QAIA,WAAA,EACuB;AACvB,EAAA,MAAM,gBAAA,GAAmB,MAAA,CAAO,gBAAA,KAAqB,MAAM,yBAAA,EAA0B,CAAA;AACrF,EAAA,MAAM,gBAAA,GAAmB,sBAAA;AAAA,IACvB,MAAA,CAAO,UAAA;AAAA,IACP,WAAA,CAAY,IAAI,uBAAuB;AAAA,GACzC;AACA,EAAA,MAAM,eAAA,GAAkB,sBAAA;AAAA,IACtB,MAAA,CAAO,SAAA;AAAA,IACP,WAAA,CAAY,IAAI,sBAAsB;AAAA,GACxC;AAEA,EAAA,MAAM,cAAA,GAA6D;AAAA,IACjE,GAAG,MAAA,CAAO;AAAA,GACZ;AACA,EAAA,KAAA,MAAW,UAAU,CAAC,KAAA,EAAO,QAAQ,KAAA,EAAO,OAAA,EAAS,QAAQ,CAAA,EAAY;AACvE,IAAA,MAAM,MAAA,GAAS,CAAA,EAAG,4BAA4B,CAAA,EAAG,MAAM,CAAA,CAAA;AACvD,IAAA,MAAM,GAAA,GAAM,WAAA,CAAY,GAAA,CAAI,MAAM,CAAA;AAClC,IAAA,IAAI,CAAC,GAAA,IAAO,cAAA,CAAe,MAAM,MAAM,MAAA,EAAW;AAChD,MAAA;AAAA,IACF;AACA,IAAA,MAAM,MAAA,GAAS,sBAAA,CAAuB,MAAA,EAAW,GAAG,CAAA;AACpD,IAAA,IAAI,OAAO,WAAW,QAAA,EAAU;AAC9B,MAAA,cAAA,CAAe,MAAM,CAAA,GAAI,MAAA;AAAA,IAC3B;AAAA,EACF;AAEA,EAAA,OAAO;AAAA,IACL,YAAY,gBAAA,IAAoB,2BAAA;AAAA,IAChC,WAAW,eAAA,IAAmB,0BAAA;AAAA,IAC9B,iBAAA,EAAmB,cAAA;AAAA,IACnB;AAAA,GACF;AACF;AAEA,SAAS,oBAAA,CACP,QACA,WAAA,EACwB;AACxB,EAAA,OAAO;AAAA,IACL,KAAA,EAAO,OAAO,SAAA,IAAa,KAAA;AAAA,IAC3B,GAAA,EAAK,MAAM,IAAA,CAAK,GAAA,EAAI;AAAA,IACpB,KAAA,EAAO,CAAC,EAAA,KAAO,KAAA,CAAM,EAAE,CAAA;AAAA,IACvB,GAAA,EAAK,WAAA;AAAA,IACL,SAAA,EAAW,4BAAA;AAAA,IACX,OAAA,EAAS,qBAAA,CAAsB,MAAA,EAAQ,WAAW;AAAA,GACpD;AACF;AAEA,SAAS,sBAAA,CACP,OACA,QAAA,EACoB;AACpB,EAAA,IAAI,OAAO,UAAU,QAAA,IAAY,MAAA,CAAO,UAAU,KAAK,CAAA,IAAK,SAAS,CAAA,EAAG;AACtE,IAAA,OAAO,KAAA;AAAA,EACT;AAEA,EAAA,IAAI,OAAO,QAAA,KAAa,QAAA,IAAY,CAAC,QAAA,CAAS,MAAK,EAAG;AACpD,IAAA,OAAO,MAAA;AAAA,EACT;AAEA,EAAA,MAAM,MAAA,GAAS,MAAA,CAAO,QAAA,CAAS,QAAA,EAAU,EAAE,CAAA;AAC3C,EAAA,OAAO,OAAO,SAAA,CAAU,MAAM,CAAA,IAAK,MAAA,IAAU,IAAI,MAAA,GAAS,MAAA;AAC5D;AAEA,SAAS,6BAAgC,KAAA,EAAa;AACpD,EAAA,OAAO,sBAAsB,KAAK,CAAA;AACpC;AAEA,SAAS,qBAAA,CACP,eACA,WAAA,EACQ;AACR,EAAA,MAAM,UAAA,GACJ,WAAA,CAAY,GAAA,CAAI,gBAAgB,CAAA,IAChC,WAAA,CAAY,GAAA,CAAI,iBAAiB,CAAA,IACjC,WAAA,CAAY,GAAA,CAAI,yBAAyB,CAAA;AAE3C,EAAA,OAAA,CAAQ,aAAA,IAAiB,UAAA,IAAc,EAAA,EAAI,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAC/D;AAEA,SAAS,4BAA4B,KAAA,EAEvB;AACZ,EAAA,OAAO,KAAA,KAAU,SAAA,IAAa,KAAA,KAAU,YAAA,GAAe,KAAA,GAAQ,MAAA;AACjE;AAOA,SAAS,kBAAkB,MAAA,EAAwB;AACjD,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,yBAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,WAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,WAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,gBAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,UAAA;AAAA,EACT;AACA,EAAA,IAAI,WAAW,GAAA,EAAK;AAClB,IAAA,OAAO,qBAAA;AAAA,EACT;AACA,EAAA,IAAI,UAAU,GAAA,EAAK;AACjB,IAAA,OAAO,gBAAA;AAAA,EACT;AACA,EAAA,OAAO,gBAAA;AACT;AAEA,SAAS,MAAM,EAAA,EAA2B;AACxC,EAAA,OAAO,IAAI,OAAA,CAAQ,CAAC,YAAY,UAAA,CAAW,OAAA,EAAS,EAAE,CAAC,CAAA;AACzD;AAEA,SAAS,oBAAoB,IAAA,EAIlB;AACT,EAAA,MAAM,SAAA,GACJ,IAAA,CAAK,MAAA,KAAW,GAAA,GACZ,IAAA,CAAK,GAAA;AAAA,IACH,KAAK,YAAA,IAAgB,CAAA;AAAA,IACrB,KAAK,GAAA,CAAI,GAAA,GAAO,CAAA,IAAK,IAAA,CAAK,SAAS,GAAM;AAAA,MAE3C,IAAA,CAAK,GAAA,CAAI,MAAO,CAAA,IAAK,IAAA,CAAK,SAAS,GAAI,CAAA;AAE7C,EAAA,IAAI,IAAA,CAAK,WAAW,GAAA,EAAK;AACvB,IAAA,OAAO,SAAA;AAAA,EACT;AAEA,EAAA,MAAM,YAAA,GAAe,KAAK,GAAA,CAAI,GAAA,EAAK,KAAK,KAAA,CAAM,SAAA,GAAY,IAAI,CAAC,CAAA;AAC/D,EAAA,OAAO,YAAY,IAAA,CAAK,KAAA,CAAM,IAAA,CAAK,MAAA,KAAW,YAAY,CAAA;AAC5D;AAEA,SAAS,6BAA6B,KAAA,EAAyB;AAC7D,EAAA,OAAO,wBAAwB,KAAK,CAAA,IAAK,cAAc,EAAE,KAAA,EAAO,CAAA,CAAE,SAAA;AACpE;AAEA,SAAS,SAAS,KAAA,EAAkD;AAClE,EAAA,OAAO,KAAA,KAAU,QAAQ,OAAO,KAAA,KAAU,YAAY,CAAC,KAAA,CAAM,QAAQ,KAAK,CAAA;AAC5E;AAEA,SAAS,6BAA6B,OAAA,EAAoC;AACxE,EAAA,IAAI,CAAC,QAAA,CAAS,OAAO,CAAA,EAAG;AACtB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,gBAAgB,OAAA,CAAQ,OAAA;AAC9B,EAAA,IAAI,OAAO,aAAA,KAAkB,QAAA,IAAY,cAAc,IAAA,EAAK,CAAE,SAAS,CAAA,EAAG;AACxE,IAAA,OAAO,cAAc,IAAA,EAAK;AAAA,EAC5B;AAEA,EAAA,MAAM,SAAS,OAAA,CAAQ,MAAA;AACvB,EAAA,IAAI,CAAC,QAAA,CAAS,MAAM,CAAA,EAAG;AACrB,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,cAAc,MAAA,CAAO,WAAA;AAC3B,EAAA,IAAI,CAAC,QAAA,CAAS,WAAW,CAAA,EAAG;AAC1B,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,MAAM,gBAAgB,WAAA,CAAY,OAAA;AAClC,EAAA,IAAI,OAAO,aAAA,KAAkB,QAAA,IAAY,cAAc,IAAA,EAAK,CAAE,SAAS,CAAA,EAAG;AACxE,IAAA,OAAO,cAAc,IAAA,EAAK;AAAA,EAC5B;AAEA,EAAA,OAAO,IAAA;AACT;AAEA,SAAS,0BAA0B,KAAA,EAAqD;AACtF,EAAA,OAAO,KAAA,KAAU,MAAA,GACb,MAAA,GACC,qBAAA,CAAsB,KAAK,CAAA;AAClC;AAEA,eAAe,6BACb,WAAA,EACgD;AAChD,EAAA,IAAI,OAAO,gBAAgB,UAAA,EAAY;AACrC,IAAA,OAAO,MAAM,WAAA,EAAY;AAAA,EAC3B;AACA,EAAA,OAAO,WAAA;AACT;AAEA,SAAS,iBAAA,CACP,MACA,QAAA,EACwB;AACxB,EAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,IAAI,CAAA;AAChC,EAAA,KAAA,MAAW,CAAC,GAAA,EAAK,KAAK,KAAK,MAAA,CAAO,OAAA,CAAQ,QAAQ,CAAA,EAAG;AACnD,IAAA,MAAM,QAAA,GAAW,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA;AAChC,IAAA,IAAI,QAAA,KAAa,IAAA,IAAQ,QAAA,KAAa,KAAA,EAAO;AAC3C,MAAA,MAAM,IAAI,yBAAA;AAAA,QACR,eAAA;AAAA,QACA,6DAA6D,GAAG,CAAA,QAAA;AAAA,OAClE;AAAA,IACF;AACA,IAAA,OAAA,CAAQ,GAAA,CAAI,KAAK,KAAK,CAAA;AAAA,EACxB;AACA,EAAA,OAAO,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,OAAA,EAAS,CAAA;AAC7C;AAEA,SAAS,iBAAiB,KAAA,EAAsD;AAC9E,EAAA,MAAM,UAAA,GAAa,OAAO,IAAA,EAAK;AAC/B,EAAA,OAAO,aAAa,UAAA,GAAa,MAAA;AACnC;AAKO,SAAS,0BAAA,CAA2B,MAAA,GAA8B,EAAC,EAAG;AAC3E,EAAA,MAAM,MAAM,kBAAA,EAAmB;AAC/B,EAAA,MAAM,OAAA,GAAU,oBAAA,CAAqB,MAAA,EAAQ,GAAG,CAAA;AAChD,EAAA,MAAM,OAAA,GAAU,qBAAA,CAAsB,MAAA,CAAO,OAAA,EAAS,GAAG,CAAA;AACzD,EAAA,MAAM,UAAA,GAAa,QAAQ,OAAA,CAAQ,UAAA;AACnC,EAAA,MAAM,gBAAA,GAAmB,QAAQ,OAAA,CAAQ,gBAAA;AACzC,EAAA,MAAM,sBAAA,GAAyB,QAAQ,OAAA,CAAQ,iBAAA;AAC/C,EAAA,MAAM,uBAAA,GAA0B,QAAQ,OAAA,CAAQ,SAAA;AAChD,EAAA,MAAM,qBAAA,GAAwB,2BAAA,CAA4B,MAAA,CAAO,WAAW,CAAA;AAC5E,EAAA,MAAM,iBAAA,GACJ,MAAA,CAAO,gBAAA,KAAqB,KAAA,GACxB,IAAA,GACC,OAAO,iBAAA,IACR,8BAAA,CAA+B,0BAAA,CAA2B,GAAG,CAAA,EAAG;AAAA,IAC9D,OAAA,EAAS,YAAA;AAAA,IACT,WAAA,EAAa;AAAA,GACd,CAAA;AAEP,EAAA,eAAe,kBAAA,GAAsD;AACnE,IAAA,MAAM,WAAW,MAAA,CAAO,cAAA,GAAiB,MAAM,MAAA,CAAO,cAAA,KAAmB,EAAC;AAC1E,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ,QAAQ,CAAA;AACpC,IAAA,MAAM,WAAA,GAAc,CAAC,IAAA,EAAc,KAAA,KAA8B;AAC/D,MAAA,MAAM,UAAA,GAAa,iBAAiB,KAAK,CAAA;AACzC,MAAA,IAAI,UAAA,IAAc,CAAC,OAAA,CAAQ,GAAA,CAAI,IAAI,CAAA,EAAG;AACpC,QAAA,OAAA,CAAQ,GAAA,CAAI,MAAM,UAAU,CAAA;AAAA,MAC9B;AAAA,IACF,CAAA;AAEA,IAAA,WAAA,CAAY,cAAA,EAAgB,OAAO,MAAM,CAAA;AACzC,IAAA,WAAA,CAAY,wBAAA,EAA0B,OAAO,SAAS,CAAA;AACtD,IAAA,WAAA,CAAY,wBAAwB,qBAAqB,CAAA;AACzD,IAAA,WAAA,CAAY,mBAAA,EAAqB,OAAO,OAAO,CAAA;AAC/C,IAAA,WAAA,CAAY,kBAAA,EAAoB,MAAA,CAAO,MAAA,IAAU,MAAA,CAAO,OAAO,CAAA;AAC/D,IAAA,WAAA,CAAY,0BAAA,EAA4B,OAAO,cAAc,CAAA;AAE7D,IAAA,MAAM,IAAA,GAAO,MAAA,CAAO,WAAA,CAAY,OAAA,CAAQ,SAAS,CAAA;AACjD,IAAA,MAAM,mBAAmB,MAAM,4BAAA;AAAA,MAC7B,MAAA,CAAO;AAAA,KACT;AACA,IAAA,IAAI,CAAC,gBAAA,IAAoB,CAAC,MAAA,CAAO,2BAAA,EAA6B;AAC5D,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,MAAM,WAAA,GAAc,oCAAoC,gBAAgB,CAAA;AACxE,IAAA,OAAO,iBAAA,CAAkB,IAAA,EAAM,0BAAA,CAA2B,WAAW,CAAC,CAAA;AAAA,EACxE;AAEA,EAAA,eAAe,gBAAA,CACb,GAAA,EACA,IAAA,EACA,SAAA,EACmB;AACnB,IAAA,MAAM,uBAAA,GAA0B,CAC9B,KAAA,EACA,SAAA,KAC4B;AAC5B,MAAA,IAAI,SAAA,EAAW;AACb,QAAA,OAAO,IAAI,oBAAoB,SAAS,CAAA;AAAA,MAC1C;AACA,MAAA,OAAO,KAAA,YAAiB,mBAAA,IACtB,KAAA,YAAiB,qBAAA,GACf,QACA,IAAI,qBAAA;AAAA,QACF,KAAA,YAAiB,KAAA,GAAQ,KAAA,CAAM,OAAA,GAAU,yBAAA;AAAA,QACzC;AAAA,UACE,KAAA,EAAO,KAAA;AAAA,UACP,SAAA,EAAW,6BAA6B,KAAK;AAAA;AAC/C,OACF;AAAA,IACN,CAAA;AAEA,IAAA,MAAM,UAAA,GAAa,IAAI,eAAA,EAAgB;AACvC,IAAA,MAAM,QAAQ,UAAA,CAAW,MAAM,UAAA,CAAW,KAAA,IAAS,SAAS,CAAA;AAC5D,IAAA,MAAM,aAAA,GAAgB,OAAO,UAAA,CAAW;AAAA,MACtC,GAAA,EAAK,MAAM,OAAA,CAAQ,KAAA,CAAM,GAAA,EAAK,EAAE,GAAG,IAAA,EAAM,MAAA,EAAQ,UAAA,CAAW,MAAA,EAAQ,CAAA;AAAA,MACpE,OAAO,CAAC,KAAA,KAAU,wBAAwB,KAAA,EAAO,UAAA,CAAW,OAAO,OAAO;AAAA,KAC3E,CAAA;AACD,IAAA,IAAI;AACF,MAAA,MAAM,IAAA,GAAO,MAAM,MAAA,CAAO,cAAA,CAAe,aAAa,CAAA;AACtD,MAAA,IAAI,IAAA,CAAK,SAAA,CAAU,IAAI,CAAA,EAAG;AACxB,QAAA,OAAO,IAAA,CAAK,KAAA;AAAA,MACd;AACA,MAAA,MAAM,OAAA,GAAU,MAAM,IAAA,CAAK,KAAA,CAAM,SAAS,IAAA,CAAK,KAAK,CAAC,CAAA,CAAE,CAAC,CAAA;AACxD,MAAA,IAAI,YAAY,KAAA,CAAA,EAAW;AACzB,QAAA,MAAM,OAAA;AAAA,MACR;AACA,MAAA,MAAM,KAAA,CAAM,MAAA,CAAO,IAAA,CAAK,KAAK,CAAA;AAAA,IAC/B,CAAA,SAAE;AACA,MAAA,YAAA,CAAa,KAAK,CAAA;AAAA,IACpB;AAAA,EACF;AAEA,EAAA,eAAe,yBACb,OAAA,EACe;AACf,IAAA,MAAM,QAAQ,aAAA,CAAc;AAAA,MAC1B,QAAQ,OAAA,CAAQ,MAAA;AAAA,MAChB,OAAO,OAAA,CAAQ,KAAA;AAAA,MACf,UAAA,EACE,OAAA,CAAQ,YAAA,KAAiB,IAAA,IAAQ,OAAA,CAAQ,YAAA,KAAiB,MAAA,GACtD,MAAA,CAAO,OAAA,CAAQ,YAAA,GAAe,GAAI,CAAA,GAClC;AAAA,KACP,CAAA;AACD,IAAA,MAAM,oBAAoB,iBAAA,EAAmB;AAAA,MAC3C,UAAA,EAAY,OAAA;AAAA,MACZ,OAAA,EAAS,WAAA;AAAA,MACT,WAAW,OAAA,CAAQ,SAAA,GACf,WAAA,GACA,OAAA,CAAQ,QACN,mBAAA,GACA,sBAAA;AAAA,MACN,UAAU,OAAA,CAAQ,KAAA,GAAS,OAAA,CAAQ,SAAA,GAAY,SAAS,OAAA,GAAW,MAAA;AAAA,MACnE,YAAY,OAAA,CAAQ,UAAA;AAAA,MACpB,UAAA,EAAY,yBAAA;AAAA,MACZ,aAAa,OAAA,CAAQ,UAAA;AAAA,MACrB,aAAA,EAAe,OAAA,CAAQ,aAAA,IAAiB,OAAA,CAAQ,SAAA;AAAA,MAChD,aAAA,EAAe,QAAQ,aAAA,IAAiB,IAAA;AAAA,MACxC,QAAA,EACE,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,oBAAoB,KACxC,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,iBAAiB,CAAA,IACrC,MAAA;AAAA,MACF,WAAA,EACE,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,uBAAuB,KAC3C,OAAA,CAAQ,OAAA,CAAQ,GAAA,CAAI,oBAAoB,CAAA,IACxC,MAAA;AAAA,MACF,UAAA,EAAY;AAAA,QACV,OAAA,EAAS,YAAA;AAAA,QACT,SAAA,EAAW,iBAAA;AAAA,QACX,MAAM,OAAA,CAAQ,IAAA;AAAA,QACd,YAAY,OAAA,CAAQ,MAAA;AAAA,QACpB,YAAY,OAAA,CAAQ,MAAA;AAAA,QACpB,SAAS,OAAA,CAAQ,OAAA;AAAA,QACjB,YAAY,OAAA,CAAQ,UAAA;AAAA,QACpB,aAAa,KAAA,CAAM,MAAA;AAAA,QACnB,YAAA,EAAc,OAAA,CAAQ,YAAA,IAAgB,KAAA,CAAM,YAAA;AAAA,QAC5C,WAAW,OAAA,CAAQ,SAAA;AAAA,QACnB,WAAW,KAAA,CAAM,SAAA;AAAA,QACjB,WACE,OAAA,CAAQ,KAAA,YAAiB,KAAA,GAAQ,OAAA,CAAQ,MAAM,IAAA,GAAO,MAAA;AAAA,QACxD,cACE,OAAA,CAAQ,KAAA,YAAiB,KAAA,GAAQ,OAAA,CAAQ,MAAM,OAAA,GAAU;AAAA;AAC7D,KACD,CAAA;AAAA,EACH;AAEA,EAAA,eAAe,aACb,QAAA,EAC4C;AAC5C,IAAA,MAAM,IAAA,GAAO,MAAM,QAAA,CAAS,IAAA,EAAK;AACjC,IAAA,IAAI,CAAC,IAAA,EAAM;AACT,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,MAAM,MAAA,GAAS,4BAA4B,IAAI,CAAA;AAC/C,IAAA,IAAI,CAAC,OAAO,EAAA,EAAI;AACd,MAAA,OAAO,IAAA;AAAA,IACT;AACA,IAAA,OAAO,QAAA,CAAS,MAAA,CAAO,KAAK,CAAA,GACvB,OAAO,KAAA,GACR,IAAA;AAAA,EACN;AAEA,EAAA,SAAS,gBAAA,CACP,QACA,gBAAA,EACQ;AACR,IAAA,IAAI,OAAO,qBAAqB,QAAA,EAAU;AACxC,MAAA,OAAO,gBAAA;AAAA,IACT;AACA,IAAA,MAAM,eAAA,GAAkB,yBAAyB,MAAM,CAAA;AACvD,IAAA,IAAI,OAAO,oBAAoB,QAAA,EAAU;AACvC,MAAA,OAAO,eAAA;AAAA,IACT;AACA,IAAA,OAAO,uBAAA;AAAA,EACT;AAEA,EAAA,SAAS,4BAA4B,IAAA,EAAgC;AACnE,IAAA,MAAM,OAAA,GAAU,KAAK,IAAA,EAAK;AAC1B,IAAA,IAAI,CAAC,QAAQ,UAAA,CAAW,GAAG,KAAK,CAAC,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA,EAAG;AACxD,MAAA,OAAO,EAAE,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,UAAA,EAAW;AAAA,IACzC;AACA,IAAA,IAAI;AACF,MAAA,OAAO,EAAE,EAAA,EAAI,IAAA,EAAM,OAAO,IAAA,CAAK,KAAA,CAAM,OAAO,CAAA,EAAE;AAAA,IAChD,SAAS,KAAA,EAAO;AACd,MAAA,IAAI,iBAAiB,WAAA,EAAa;AAChC,QAAA,OAAO,EAAE,EAAA,EAAI,KAAA,EAAO,MAAA,EAAQ,gBAAgB,KAAA,EAAM;AAAA,MACpD;AACA,MAAA,MAAM,KAAA;AAAA,IACR;AAAA,EACF;AAEA,EAAA,SAAS,cAAc,IAAA,EAIJ;AACjB,IAAA,MAAM,UAAU,IAAA,CAAK,OAAA;AACrB,IAAA,MAAM,WAAA,GACJ,WAAW,QAAA,CAAS,OAAA,CAAQ,KAAK,CAAA,GAAI,OAAA,CAAQ,QAAQ,OAAA,EAAS,WAAA;AAChE,IAAA,MAAM,aAAA,GACJ,OAAA,EAAS,aAAA,IACT,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,yBAAyB,CAAA,EAAG,IAAA,EAAK,IAC3D,IAAA,CAAK,SAAA;AACP,IAAA,MAAM,aAAA,GACJ,OAAA,EAAS,aAAA,IACT,IAAA,CAAK,QAAA,CAAS,QAAQ,GAAA,CAAI,0BAA0B,CAAA,EAAG,IAAA,EAAK,IAC5D,IAAA;AACF,IAAA,MAAM,UAAU,OAAA,CAAQ,SAAA;AAAA,MACtB,yBAAA,CAA0B,OAAA,EAAS,OAAA,IAAW,WAAA,EAAa,OAAO;AAAA,KACpE;AACA,IAAA,MAAM,aAAA,GAAgB,6BAA6B,OAAO,CAAA;AAC1D,IAAA,MAAM,iBACJ,OAAO,OAAA,EAAS,UAAU,QAAA,GACtB,OAAA,CAAQ,QACR,WAAA,EAAa,OAAA;AAEnB,IAAA,OAAO,IAAI,cAAA,CAAe;AAAA,MACxB,IAAA,EACE,SAAS,IAAA,IACT,WAAA,EAAa,QACb,iBAAA,CAAkB,IAAA,CAAK,SAAS,MAAM,CAAA;AAAA,MACxC,SACE,aAAA,IACA,cAAA,KACC,IAAA,CAAK,QAAA,CAAS,KACX,mDAAA,GACA,8BAAA,CAAA;AAAA,MACN,MAAA,EAAQ,KAAK,QAAA,CAAS,MAAA;AAAA,MACtB,WAAW,OAAA,EAAS,SAAA;AAAA,MACpB,YAAY,OAAA,EAAS,UAAA;AAAA,MACrB,OAAA;AAAA,MACA,WAAW,IAAA,CAAK,SAAA;AAAA,MAChB,aAAA;AAAA,MACA;AAAA,KACD,CAAA;AAAA,EACH;AAEA,EAAA,eAAe,QAAW,IAAA,EAOa;AACrC,IAAA,MAAM,WAAA,GAAc,MAAM,kBAAA,EAAmB;AAC7C,IAAA,MAAM,MAAA,GAAS,KAAK,MAAA,IAAU,KAAA;AAC9B,IAAA,MAAM,SAAA,GAAY,gBAAA,CAAiB,MAAA,EAAQ,IAAA,CAAK,SAAS,CAAA;AACzD,IAAA,MAAM,OAAA,GAAU,IAAI,OAAA,CAAQ;AAAA,MAC1B,cAAA,EAAgB,kBAAA;AAAA,MAChB,GAAG;AAAA,KACJ,CAAA;AACD,IAAA,IAAI,KAAK,cAAA,EAAgB;AACvB,MAAA,OAAA,CAAQ,GAAA,CAAI,iBAAA,EAAmB,IAAA,CAAK,cAAc,CAAA;AAAA,IACpD;AACA,IAAA,MAAM,SAAA,GACJ,OAAA,CAAQ,GAAA,CAAI,kBAAkB,GAAG,IAAA,EAAK,IACtC,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA,EAAG,IAAA,EAAK,IAClC,IAAA,CAAK,aACL,gBAAA,EAAiB;AACnB,IAAA,IAAI,CAAC,QAAQ,GAAA,CAAI,kBAAkB,KAAK,CAAC,OAAA,CAAQ,GAAA,CAAI,cAAc,CAAA,EAAG;AACpE,MAAA,OAAA,CAAQ,GAAA,CAAI,oBAAoB,SAAS,CAAA;AAAA,IAC3C;AAEA,IAAA,MAAM,GAAA,GAAM,CAAA,EAAG,OAAO,CAAA,EAAG,KAAK,IAAI,CAAA,CAAA;AAClC,IAAA,MAAM,iBAAiB,IAAA,CAAK,IAAA,GAAO,KAAK,SAAA,CAAU,IAAA,CAAK,IAAI,CAAA,GAAI,MAAA;AAC/D,IAAA,MAAM,IAAA,GAAoB;AAAA,MACxB,MAAA;AAAA,MACA,OAAA;AAAA,MACA,IAAA,EAAM;AAAA,KACR;AAEA,IAAA,IAAI,SAAA;AAEJ,IAAA,KAAA,IAAS,OAAA,GAAU,CAAA,EAAG,OAAA,IAAW,UAAA,EAAY,OAAA,EAAA,EAAW;AACtD,MAAA,MAAM,kBAAA,GAAgD;AAAA,QACpD,SAAA;AAAA,QACA,OAAA;AAAA,QACA,UAAA;AAAA,QACA,MAAA;AAAA,QACA,MAAM,IAAA,CAAK,IAAA;AAAA,QACX,GAAA;AAAA,QACA,OAAA,EAAS,IAAI,OAAA,CAAQ,OAAO,CAAA;AAAA,QAC5B,IAAA,EAAM,cAAA;AAAA,QACN;AAAA,OACF;AACA,MAAA,MAAM,MAAA,CAAO,YAAY,kBAAkB,CAAA;AAC3C,MAAA,MAAM,SAAA,GAAY,KAAK,GAAA,EAAI;AAC3B,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,gBAAA,CAAiB,GAAA,EAAK,MAAM,SAAS,CAAA;AAC5D,QAAA,MAAM,aAAA,GAAgB,SAAS,KAAA,EAAM;AACrC,QAAA,MAAM,OAAA,GAAU,MAAM,YAAA,CAAgB,QAAQ,CAAA;AAC9C,QAAA,MAAM,QAAQ,aAAA,CAAc;AAAA,UAC1B,QAAQ,QAAA,CAAS,MAAA;AAAA,UACjB,UAAA,EAAY,QAAA,CAAS,OAAA,CAAQ,GAAA,CAAI,aAAa;AAAA,SAC/C,CAAA;AACD,QAAA,MAAM,YAAA,GAAe,MAAM,YAAA,IAAgB,IAAA;AAE3C,QAAA,IAAI,CAAC,QAAA,CAAS,EAAA,IAAM,CAAC,SAAS,OAAA,EAAS;AACrC,UAAA,MAAM,OAAA,GACJ,OAAA,IAAW,CAAC,OAAA,CAAQ,UAAW,OAAA,GAAqC,IAAA;AACtE,UAAA,MAAM,WAAW,aAAA,CAAc;AAAA,YAC7B,SAAA;AAAA,YACA,QAAA;AAAA,YACA;AAAA,WACD,CAAA;AACD,UAAA,MAAM,SAAA,GAAY,OAAA,GAAU,UAAA,IAAc,KAAA,CAAM,SAAA;AAChD,UAAA,MAAMA,gBAAAA,GAA8C;AAAA,YAClD,GAAG,kBAAA;AAAA,YACH,UAAA,EAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAAA,YACzB,QAAQ,QAAA,CAAS,MAAA;AAAA,YACjB,QAAA,EAAU,aAAA;AAAA,YACV,KAAA,EAAO,QAAA;AAAA,YACP,aAAA,EAAe,SAAS,aAAA,IAAiB,SAAA;AAAA,YACzC,aAAA,EAAe,SAAS,aAAA,IAAiB,IAAA;AAAA,YACzC,YAAA;AAAA,YACA;AAAA,WACF;AAEA,UAAA,MAAM,MAAA,CAAO,aAAaA,gBAAe,CAAA;AACzC,UAAA,MAAM,yBAAyBA,gBAAe,CAAA;AAE9C,UAAA,IAAI,SAAA,EAAW;AACb,YAAA,SAAA,GAAY,QAAA;AACZ,YAAA,MAAM,KAAA;AAAA,cACJ,mBAAA,CAAoB;AAAA,gBAClB,OAAA;AAAA,gBACA,QAAQ,QAAA,CAAS,MAAA;AAAA,gBACjB;AAAA,eACD;AAAA,aACH;AACA,YAAA;AAAA,UACF;AAEA,UAAA,MAAM,QAAA;AAAA,QACR;AAEA,QAAA,MAAM,cAAA,GAAiB,OAAA;AACvB,QAAA,MAAM,eAAA,GAA8C;AAAA,UAClD,GAAG,kBAAA;AAAA,UACH,UAAA,EAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAAA,UACzB,QAAQ,QAAA,CAAS,MAAA;AAAA,UACjB,QAAA,EAAU,aAAA;AAAA,UACV,aAAA,EACE,eAAe,aAAA,IACf,QAAA,CAAS,QAAQ,GAAA,CAAI,yBAAyB,CAAA,EAAG,IAAA,EAAK,IACtD,SAAA;AAAA,UACF,aAAA,EACE,eAAe,aAAA,IACf,QAAA,CAAS,QAAQ,GAAA,CAAI,0BAA0B,CAAA,EAAG,IAAA,EAAK,IACvD,IAAA;AAAA,UACF,kBAAkB,cAAA,CAAe,gBAAA;AAAA,UACjC,YAAA;AAAA,UACA,SAAA,EAAW;AAAA,SACb;AACA,QAAA,MAAM,MAAA,CAAO,aAAa,eAAe,CAAA;AACzC,QAAA,MAAM,yBAAyB,eAAe,CAAA;AAE9C,QAAA,OAAO,cAAA;AAAA,MACT,SAAS,UAAA,EAAY;AACnB,QAAA,IAAI,sBAAsB,cAAA,EAAgB;AACxC,UAAA,MAAM,UAAA;AAAA,QACR;AACA,QAAA,MAAM,SAAA,GACJ,OAAA,GAAU,UAAA,IAAc,4BAAA,CAA6B,UAAU,CAAA;AACjE,QAAA,MAAM,eAAA,GAA8C;AAAA,UAClD,GAAG,kBAAA;AAAA,UACH,UAAA,EAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAA;AAAA,UACzB,KAAA,EAAO,UAAA;AAAA,UACP,aAAA,EAAe,SAAA;AAAA,UACf,aAAA,EAAe,IAAA;AAAA,UACf;AAAA,SACF;AACA,QAAA,MAAM,MAAA,CAAO,aAAa,eAAe,CAAA;AACzC,QAAA,MAAM,yBAAyB,eAAe,CAAA;AAC9C,QAAA,SAAA,GAAY,UAAA;AACZ,QAAA,IAAI,SAAA,EAAW;AACb,UAAA,MAAM,KAAA,CAAM,mBAAA,CAAoB,EAAE,OAAA,EAAS,CAAC,CAAA;AAAA,QAC9C;AAAA,MACF;AAAA,IACF;AAEA,IAAA,MAAM,SAAA,YAAqB,KAAA,GACvB,SAAA,GACA,IAAI,MAAM,4CAA4C,CAAA;AAAA,EAC5D;AAEA,EAAA,OAAO;AAAA,IACL;AAAA,GACF;AACF;;;AC98BO,SAAS,mBAAA,CAAoB,MAAA,GAA8B,EAAC,EAAG;AACpE,EAAA,MAAM,OAAA,GAAU,2BAA2B,MAAM,CAAA;AAEjD,EAAA,OAAO;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,IAML,MAAM,IAAI,UAAA,EAAoB;AAC5B,MAAA,OAAO,QAAQ,OAAA,CAAiC;AAAA,QAC9C,IAAA,EAAM,CAAA,2BAAA,EAA8B,kBAAA,CAAmB,UAAU,CAAC,CAAA,OAAA;AAAA,OACnE,CAAA;AAAA,IACH;AAAA,GACF;AACF","file":"answersClient.js","sourcesContent":["import type {\n SessionAuthMode,\n SessionDelegationHop,\n SessionPrincipalType,\n} from \"./contracts/auth-session.contract\";\nimport type { JsonObject } from \"./types\";\n\nexport type LucernSdkAuthFailureReason =\n | \"principal_missing\"\n | \"tenant_missing\"\n | \"membership_missing\"\n | \"workspace_missing\"\n | \"clerk_alias_missing\"\n | \"clerk_alias_unrecognized\"\n | \"policy_denied\"\n | \"policy_unavailable\"\n | \"policy_unknown\";\n\nexport type PermitReadyAuthContext = {\n subject: string;\n tenant: string;\n workspace: string;\n resource?: string;\n action?: string;\n relation?: string;\n context?: JsonObject;\n};\n\nexport type LucernSdkAuthPolicyDecision = \"allow\" | \"deny\" | \"unknown\";\n\nexport type LucernSdkAuthContextInput = {\n clerkId?: string;\n principalId?: string;\n tenantId?: string;\n workspaceId?: string | null;\n principalType?: SessionPrincipalType;\n authMode?: SessionAuthMode;\n roles?: readonly string[];\n scopes?: readonly string[];\n delegationChain?: readonly SessionDelegationHop[];\n policyTraceId?: string;\n correlationId?: string;\n membershipId?: string;\n policyDecision?: LucernSdkAuthPolicyDecision;\n permit?: Partial<PermitReadyAuthContext>;\n};\n\nexport type CanonicalLucernSdkAuthContext = {\n clerkId?: string;\n principalId: string;\n tenantId: string;\n workspaceId: string;\n principalType: SessionPrincipalType;\n authMode: SessionAuthMode;\n roles: string[];\n scopes: string[];\n delegationChain: SessionDelegationHop[];\n policyTraceId?: string;\n correlationId?: string;\n membershipId?: string;\n permit: PermitReadyAuthContext;\n};\n\nexport class LucernSdkAuthContextError extends Error {\n readonly reason: LucernSdkAuthFailureReason;\n\n constructor(reason: LucernSdkAuthFailureReason, message: string) {\n super(message);\n this.name = \"LucernSdkAuthContextError\";\n this.reason = reason;\n }\n}\n\nfunction cleanString(value: string | null | undefined): string | undefined {\n const normalized = value?.trim();\n return normalized ? normalized : undefined;\n}\n\nfunction cleanStringList(values: readonly string[] | undefined): string[] {\n if (!values) {\n return [];\n }\n return values\n .map((value) => value.trim())\n .filter(\n (value, index, list) =>\n value.length > 0 && list.indexOf(value) === index\n );\n}\n\nfunction requireString(\n value: string | null | undefined,\n reason: LucernSdkAuthFailureReason,\n label: string\n): string {\n const normalized = cleanString(value);\n if (!normalized) {\n throw new LucernSdkAuthContextError(\n reason,\n `Canonical Lucern SDK auth context is missing ${label}.`\n );\n }\n return normalized;\n}\n\nfunction requirePrincipalType(\n principalType: SessionPrincipalType | undefined\n): SessionPrincipalType {\n if (!principalType) {\n throw new LucernSdkAuthContextError(\n \"principal_missing\",\n \"Canonical Lucern SDK auth context is missing principalType.\"\n );\n }\n return principalType;\n}\n\nfunction requireAuthMode(authMode: SessionAuthMode | undefined): SessionAuthMode {\n if (!authMode) {\n throw new LucernSdkAuthContextError(\n \"principal_missing\",\n \"Canonical Lucern SDK auth context is missing authMode.\"\n );\n }\n return authMode;\n}\n\nfunction ensurePermitMatch(args: {\n field: keyof PermitReadyAuthContext;\n expected: string;\n actual?: string;\n}) {\n const actual = cleanString(args.actual);\n if (actual && actual !== args.expected) {\n throw new LucernSdkAuthContextError(\n \"policy_denied\",\n `Canonical Lucern SDK auth context has conflicting Permit ${args.field}.`\n );\n }\n}\n\nexport function normalizeCanonicalLucernAuthContext(\n input: LucernSdkAuthContextInput | undefined\n): CanonicalLucernSdkAuthContext {\n if (!input) {\n throw new LucernSdkAuthContextError(\n \"principal_missing\",\n \"Canonical Lucern SDK auth context is required.\"\n );\n }\n\n if (input.policyDecision === \"deny\") {\n throw new LucernSdkAuthContextError(\n \"policy_denied\",\n \"Canonical Lucern SDK auth context carries a denied policy decision.\"\n );\n }\n\n const principalId = requireString(\n input.principalId,\n \"principal_missing\",\n \"principalId\"\n );\n const tenantId = requireString(input.tenantId, \"tenant_missing\", \"tenantId\");\n const workspaceId = requireString(\n input.workspaceId,\n \"workspace_missing\",\n \"workspaceId\"\n );\n const roles = cleanStringList(input.roles);\n const scopes = cleanStringList(input.scopes);\n const principalType = requirePrincipalType(input.principalType);\n const authMode = requireAuthMode(input.authMode);\n const roleBasedInteractiveAuth =\n authMode === \"interactive_user\" && roles.length > 0;\n if (\n roles.length === 0 ||\n (scopes.length === 0 && !roleBasedInteractiveAuth)\n ) {\n throw new LucernSdkAuthContextError(\n \"membership_missing\",\n \"Canonical Lucern SDK auth context requires non-empty roles and scopes.\"\n );\n }\n\n const subject = cleanString(input.permit?.subject) ?? principalId;\n const tenant = cleanString(input.permit?.tenant) ?? tenantId;\n const workspace = cleanString(input.permit?.workspace) ?? workspaceId;\n\n ensurePermitMatch({\n field: \"subject\",\n expected: principalId,\n actual: subject,\n });\n ensurePermitMatch({ field: \"tenant\", expected: tenantId, actual: tenant });\n ensurePermitMatch({\n field: \"workspace\",\n expected: workspaceId,\n actual: workspace,\n });\n\n const context = input.permit?.context\n ? ({ ...input.permit.context } as JsonObject)\n : undefined;\n\n return {\n clerkId: cleanString(input.clerkId),\n principalId,\n tenantId,\n workspaceId,\n principalType,\n authMode,\n roles,\n scopes,\n delegationChain: input.delegationChain ? [...input.delegationChain] : [],\n policyTraceId: cleanString(input.policyTraceId),\n correlationId: cleanString(input.correlationId),\n membershipId: cleanString(input.membershipId),\n permit: {\n subject,\n tenant,\n workspace,\n resource: cleanString(input.permit?.resource),\n action: cleanString(input.permit?.action),\n relation: cleanString(input.permit?.relation),\n context,\n },\n };\n}\n\nexport function createCanonicalAuthHeaders(\n authContext: CanonicalLucernSdkAuthContext\n): Record<string, string> {\n const headers: Record<string, string> = {\n \"x-lucern-principal-id\": authContext.principalId,\n \"x-lucern-principal-type\": authContext.principalType,\n \"x-lucern-tenant\": authContext.tenantId,\n \"x-lucern-tenant-id\": authContext.tenantId,\n \"x-lucern-workspace\": authContext.workspaceId,\n \"x-lucern-workspace-id\": authContext.workspaceId,\n \"x-lucern-auth-mode\": authContext.authMode,\n \"x-lucern-roles\": authContext.roles.join(\",\"),\n \"x-lucern-scopes\": authContext.scopes.join(\",\"),\n \"x-lucern-permit-context\": JSON.stringify(authContext.permit),\n };\n\n if (authContext.clerkId) {\n headers[\"x-lucern-clerk-id\"] = authContext.clerkId;\n headers[\"x-lucern-user-id\"] = authContext.clerkId;\n }\n if (authContext.delegationChain.length > 0) {\n headers[\"x-lucern-delegation-chain\"] = JSON.stringify(\n authContext.delegationChain\n );\n }\n if (authContext.policyTraceId) {\n headers[\"x-lucern-policy-trace-id\"] = authContext.policyTraceId;\n }\n if (authContext.correlationId) {\n headers[\"x-correlation-id\"] = authContext.correlationId;\n headers[\"x-lucern-correlation-id\"] = authContext.correlationId;\n }\n if (authContext.membershipId) {\n headers[\"x-lucern-membership-id\"] = authContext.membershipId;\n }\n\n return headers;\n}\n","import {\n createTelemetryExporterFromEnv,\n emitTelemetrySignal,\n type LucernTelemetryExporter,\n} from \"@lucern/transport-core\";\nimport { redactDiagnosticValue } from \"@lucern/transport-core/redaction\";\nimport { classifyRetry } from \"@lucern/transport-core/transport\";\nimport { Cause, Effect, Exit } from \"effect\";\n\nimport {\n createCanonicalAuthHeaders,\n LucernSdkAuthContextError,\n normalizeCanonicalLucernAuthContext,\n type LucernSdkAuthContextInput,\n} from \"./authContext\";\nimport type { JsonObject, JsonValue } from \"./types\";\n\n/** Tenant and workspace identifiers used to scope gateway requests. */\nexport type GatewayScope = {\n tenantId?: string;\n workspaceId?: string;\n};\n\ntype GatewayEnvironment = {\n get: (name: string) => string | undefined;\n};\n\ntype GatewayRequestProfile = {\n readonly maxRetries: number;\n readonly timeoutMs: number;\n readonly timeoutMsByMethod?: Partial<Record<GatewayHttpMethod, number>>;\n readonly requestIdFactory: () => string;\n};\n\ntype GatewayRuntimeServices = {\n fetch: FetchLike;\n now: () => number;\n sleep: (ms: number) => Promise<void>;\n env: GatewayEnvironment;\n redaction: <T>(value: T) => T;\n profile: GatewayRequestProfile;\n};\n\nconst DEFAULT_GATEWAY_TIMEOUT_MS = 15_000;\nconst DEFAULT_GATEWAY_MAX_RETRIES = 2;\nconst DEFAULT_ENV_TIMEOUT_MS = \"LUCERN_REQUEST_TIMEOUT_MS\";\nconst DEFAULT_ENV_MAX_RETRIES = \"LUCERN_GATEWAY_MAX_RETRIES\";\nconst ENV_TIMEOUT_BY_METHOD_PREFIX = \"LUCERN_REQUEST_TIMEOUT_MS_\";\n\n/** Successful response envelope from the platform gateway with correlation metadata. */\nexport type PlatformGatewaySuccess<T> = {\n success: true;\n data: T;\n correlationId: string;\n policyTraceId: string | null;\n idempotentReplay: boolean;\n};\n\n/** Failed response envelope with structured error codes and optional invariant references. */\nexport type PlatformGatewayFailure = {\n success: false;\n /**\n * Error string is the canonical envelope field.\n * Object form is legacy-only compatibility for older gateway responses.\n */\n error:\n | string\n | {\n code: string;\n message: string;\n details?: JsonValue;\n };\n code?: string;\n invariant?: string | null;\n suggestion?: string | null;\n details?: JsonValue;\n legacyError?: {\n code: string;\n message: string;\n details?: JsonValue;\n };\n correlationId: string;\n policyTraceId: string | null;\n};\n\n/** Discriminated union of success and failure gateway responses. */\nexport type PlatformGatewayEnvelope<T> =\n | PlatformGatewaySuccess<T>\n | PlatformGatewayFailure;\n\nexport class GatewayTimeoutError extends Error {\n public readonly retryable = true;\n public readonly timeoutMs: number;\n\n constructor(timeoutMs: number) {\n super(`Request timed out after ${timeoutMs}ms`);\n this.name = \"AbortError\";\n this.timeoutMs = timeoutMs;\n }\n}\n\nexport class GatewayTransportError extends Error {\n public readonly retryable: boolean;\n public readonly cause?: unknown;\n\n constructor(message: string, options?: { cause?: unknown; retryable?: boolean }) {\n super(message);\n this.name = \"GatewayTransportError\";\n this.retryable = options?.retryable ?? true;\n this.cause = options?.cause;\n }\n}\n\nexport type GatewayRecoverableError =\n | GatewayTimeoutError\n | GatewayTransportError;\n\nexport function isGatewayRecoverableError(\n error: unknown,\n): error is GatewayRecoverableError {\n return error instanceof GatewayTimeoutError || error instanceof GatewayTransportError;\n}\n\nexport function isGatewayRetryableError(error: unknown): boolean {\n return (\n (error instanceof GatewayTimeoutError && error.retryable) ||\n (error instanceof GatewayTransportError && error.retryable) ||\n false\n );\n}\n\n/**\n * Structured error thrown when a platform API request fails.\n *\n * Includes HTTP status, machine-readable error code, optional invariant\n * reference, and actionable suggestions for common failure modes.\n */\nexport class LucernApiError extends Error {\n public readonly code: string;\n public readonly status: number;\n public readonly invariant?: string | null;\n public readonly suggestion?: string | null;\n public readonly details?: JsonValue;\n public readonly requestId?: string;\n public readonly correlationId?: string;\n public readonly policyTraceId?: string | null;\n\n constructor(args: {\n code: string;\n message: string;\n status: number;\n invariant?: string | null;\n suggestion?: string | null;\n details?: JsonValue;\n requestId?: string;\n correlationId?: string;\n policyTraceId?: string | null;\n }) {\n super(args.message);\n this.name = \"LucernApiError\";\n this.code = args.code;\n this.status = args.status;\n this.invariant = args.invariant;\n this.suggestion = args.suggestion;\n this.details = args.details;\n this.requestId = args.requestId;\n this.correlationId = args.correlationId;\n this.policyTraceId = args.policyTraceId;\n }\n}\n\n/** Supported HTTP methods for gateway requests. */\nexport type GatewayHttpMethod = \"GET\" | \"POST\" | \"PUT\" | \"PATCH\" | \"DELETE\";\n\ntype FetchLike = (\n input: RequestInfo | URL,\n init?: RequestInit\n) => Promise<Response>;\n\ntype JsonParseAttempt =\n | { ok: true; value: unknown }\n | { ok: false; reason: \"non-json\" | \"invalid-json\"; error?: SyntaxError };\n\n/** Context passed to the `onRequest` hook before each gateway request attempt. */\nexport type GatewayRequestHookContext = {\n requestId: string;\n attempt: number;\n maxRetries: number;\n method: GatewayHttpMethod;\n path: string;\n url: string;\n headers: Headers;\n body?: string;\n timeoutMs: number;\n};\n\n/** Context passed to the `onResponse` hook after each gateway request attempt (including retries and failures). */\nexport type GatewayResponseHookContext = GatewayRequestHookContext & {\n durationMs: number;\n status?: number;\n response?: Response;\n error?: unknown;\n correlationId?: string;\n policyTraceId?: string | null;\n idempotentReplay?: boolean;\n retryAfterMs?: number | null;\n willRetry: boolean;\n};\n\nexport type GatewayClientEnvironment = \"sandbox\" | \"production\";\n\n/**\n * Low-level transport configuration for the platform gateway client.\n *\n * Most developers should use {@link createLucernClient} instead, which wraps\n * this config with higher-level conveniences like `apiKey` and `environment`.\n */\nexport type GatewayClientConfig = {\n baseUrl?: string;\n fetchImpl?: FetchLike;\n /** Lucern tenant API key or service API key. Sent as `x-lucern-key`. */\n apiKey?: string;\n /**\n * Lucern platform session token. This is not a Clerk JWT.\n * Server-side tenant proxies should normally send `apiKey` plus `clerkId`.\n */\n userToken?: string;\n /** Gateway environment label for legacy sandbox/production routing. */\n environment?: GatewayClientEnvironment;\n /** Clerk subject for the current end user. */\n clerkId?: string;\n /** Optional explicit user subject. Defaults to `clerkId` when omitted. */\n userId?: string;\n /** Optional deployment host hint for front-door routing. */\n deploymentHost?: string;\n getAuthHeaders?:\n | (() => Promise<Record<string, string>>)\n | (() => Record<string, string>);\n /**\n * Canonical Master Control identity tuple applied to every SDK request.\n * Use this for tenant/workspace-scoped graph and identity operations.\n */\n authContext?:\n | LucernSdkAuthContextInput\n | (() => Promise<LucernSdkAuthContextInput | undefined>)\n | (() => LucernSdkAuthContextInput | undefined);\n /** When true, requests fail before fetch if `authContext` is absent. */\n requireCanonicalAuthContext?: boolean;\n /** Max retries for transient errors (5xx, network). Defaults to 2. */\n maxRetries?: number;\n /** Request timeout in ms. Defaults to 15000. */\n timeoutMs?: number;\n /** Optional timeout overrides by HTTP method. */\n timeoutMsByMethod?: Partial<Record<GatewayHttpMethod, number>>;\n /** Optional request ID factory used for correlation headers. */\n requestIdFactory?: () => string;\n /**\n * Optional operational telemetry sink. When omitted, the SDK resolves an\n * Axiom exporter from Infisical-injected environment variables if present.\n */\n telemetryExporter?: LucernTelemetryExporter | null;\n /** Set false to disable SDK operational telemetry even when env is present. */\n telemetryEnabled?: boolean;\n /** Invoked before each request attempt, including retries. */\n onRequest?:\n | ((context: GatewayRequestHookContext) => void)\n | ((context: GatewayRequestHookContext) => Promise<void>);\n /** Invoked after each request attempt, including retries and failures. */\n onResponse?:\n | ((context: GatewayResponseHookContext) => void)\n | ((context: GatewayResponseHookContext) => Promise<void>);\n};\n\n/**\n * Serialize a gateway query object into a URL query string.\n */\nexport function toQueryString(\n scope: GatewayScope & Record<string, string | number | boolean | undefined>\n): string {\n const params = new URLSearchParams();\n if (scope.tenantId) {\n params.set(\"tenantId\", scope.tenantId);\n }\n if (scope.workspaceId) {\n params.set(\"workspaceId\", scope.workspaceId);\n }\n for (const [key, value] of Object.entries(scope)) {\n if (key === \"tenantId\" || key === \"workspaceId\") {\n continue;\n }\n if (value === undefined) {\n continue;\n }\n params.set(key, String(value));\n }\n const serialized = params.toString();\n return serialized.length > 0 ? `?${serialized}` : \"\";\n}\n\nfunction fillRandomBytes(length: number): Uint8Array {\n const bytes = new Uint8Array(length);\n if (typeof globalThis.crypto?.getRandomValues === \"function\") {\n globalThis.crypto.getRandomValues(bytes);\n return bytes;\n }\n\n for (let index = 0; index < length; index += 1) {\n bytes[index] = Math.floor(Math.random() * 256);\n }\n return bytes;\n}\n\nfunction generatePortableRequestId(): string {\n if (typeof globalThis.crypto?.randomUUID === \"function\") {\n return globalThis.crypto.randomUUID();\n }\n\n const bytes = fillRandomBytes(16);\n bytes[6] = (bytes[6] & 0x0f) | 0x40;\n bytes[8] = (bytes[8] & 0x3f) | 0x80;\n const hex = Array.from(bytes, (value) => value.toString(16).padStart(2, \"0\"));\n return `${hex.slice(0, 4).join(\"\")}-${hex.slice(4, 6).join(\"\")}-${hex.slice(\n 6,\n 8\n ).join(\"\")}-${hex.slice(8, 10).join(\"\")}-${hex.slice(10).join(\"\")}`;\n}\n\nfunction resolveEnvironment(): GatewayEnvironment {\n const processEnv =\n typeof globalThis === \"object\" &&\n globalThis !== null &&\n \"process\" in globalThis\n ? (globalThis as { process?: { env?: Record<string, string> } }).process\n : undefined;\n const env =\n processEnv !== undefined &&\n typeof processEnv === \"object\" &&\n processEnv !== null &&\n typeof processEnv.env === \"object\"\n ? processEnv.env\n : undefined;\n\n return {\n get: (name) => {\n const value = env?.[name];\n return typeof value === \"string\" && value.length > 0 ? value : undefined;\n },\n };\n}\n\nfunction telemetryEnvironmentRecord(\n environment: GatewayEnvironment,\n): Record<string, string | undefined> {\n const names = [\n \"LUCERN_TELEMETRY_ENABLED\",\n \"AXIOM_TELEMETRY_ENABLED\",\n \"LUCERN_AXIOM_TOKEN\",\n \"AXIOM_TOKEN\",\n \"LUCERN_AXIOM_EVENTS_DATASET\",\n \"LUCERN_AXIOM_DATASET\",\n \"AXIOM_EVENTS_DATASET\",\n \"AXIOM_DATASET\",\n \"LUCERN_AXIOM_API_URL\",\n \"AXIOM_URL\",\n \"LUCERN_ENVIRONMENT\",\n \"NODE_ENV\",\n \"LUCERN_RELEASE\",\n \"SENTRY_RELEASE\",\n \"VERCEL_GIT_COMMIT_SHA\",\n ];\n return Object.fromEntries(\n names.map((name) => [name, environment.get(name)]),\n );\n}\n\nfunction resolveRequestProfile(\n config: Pick<\n GatewayClientConfig,\n \"maxRetries\" | \"timeoutMs\" | \"timeoutMsByMethod\" | \"requestIdFactory\"\n >,\n environment: GatewayEnvironment,\n): GatewayRequestProfile {\n const requestIdFactory = config.requestIdFactory ?? (() => generatePortableRequestId());\n const parsedMaxRetries = parseIntegerFromString(\n config.maxRetries,\n environment.get(DEFAULT_ENV_MAX_RETRIES),\n );\n const parsedTimeoutMs = parseIntegerFromString(\n config.timeoutMs,\n environment.get(DEFAULT_ENV_TIMEOUT_MS),\n );\n\n const methodTimeouts: Partial<Record<GatewayHttpMethod, number>> = {\n ...config.timeoutMsByMethod,\n };\n for (const method of [\"GET\", \"POST\", \"PUT\", \"PATCH\", \"DELETE\"] as const) {\n const envKey = `${ENV_TIMEOUT_BY_METHOD_PREFIX}${method}`;\n const raw = environment.get(envKey);\n if (!raw || methodTimeouts[method] !== undefined) {\n continue;\n }\n const parsed = parseIntegerFromString(undefined, raw);\n if (typeof parsed === \"number\") {\n methodTimeouts[method] = parsed;\n }\n }\n\n return {\n maxRetries: parsedMaxRetries ?? DEFAULT_GATEWAY_MAX_RETRIES,\n timeoutMs: parsedTimeoutMs ?? DEFAULT_GATEWAY_TIMEOUT_MS,\n timeoutMsByMethod: methodTimeouts,\n requestIdFactory,\n };\n}\n\nfunction createGatewayRuntime(\n config: GatewayClientConfig,\n environment: GatewayEnvironment,\n): GatewayRuntimeServices {\n return {\n fetch: config.fetchImpl ?? fetch,\n now: () => Date.now(),\n sleep: (ms) => delay(ms),\n env: environment,\n redaction: resolveRequestRedactionValue,\n profile: resolveRequestProfile(config, environment),\n };\n}\n\nfunction parseIntegerFromString(\n value?: number,\n rawValue?: string,\n): number | undefined {\n if (typeof value === \"number\" && Number.isInteger(value) && value >= 0) {\n return value;\n }\n\n if (typeof rawValue !== \"string\" || !rawValue.trim()) {\n return undefined;\n }\n\n const parsed = Number.parseInt(rawValue, 10);\n return Number.isInteger(parsed) && parsed >= 0 ? parsed : undefined;\n}\n\nfunction resolveRequestRedactionValue<T>(value: T): T {\n return redactDiagnosticValue(value) as T;\n}\n\nfunction resolveGatewayBaseUrl(\n configBaseUrl: string | undefined,\n environment: GatewayEnvironment,\n): string {\n const envBaseUrl =\n environment.get(\"LUCERN_API_URL\") ??\n environment.get(\"LUCERN_BASE_URL\") ??\n environment.get(\"LUCERN_GATEWAY_BASE_URL\");\n\n return (configBaseUrl ?? envBaseUrl ?? \"\").replace(/\\/+$/, \"\");\n}\n\nfunction normalizeGatewayEnvironment(value: GatewayClientEnvironment | undefined):\n | GatewayClientEnvironment\n | undefined {\n return value === \"sandbox\" || value === \"production\" ? value : undefined;\n}\n\n/**\n * Generate a random idempotency key for retry-safe writes.\n */\nexport const randomIdempotencyKey = generatePortableRequestId;\n\nfunction fallbackErrorCode(status: number): string {\n if (status === 401) {\n return \"AUTHENTICATION_REQUIRED\";\n }\n if (status === 403) {\n return \"FORBIDDEN\";\n }\n if (status === 404) {\n return \"NOT_FOUND\";\n }\n if (status === 408) {\n return \"UPSTREAM_ERROR\";\n }\n if (status === 409) {\n return \"CONFLICT\";\n }\n if (status === 429) {\n return \"RATE_LIMIT_EXCEEDED\";\n }\n if (status >= 500) {\n return \"UPSTREAM_ERROR\";\n }\n return \"INTERNAL_ERROR\";\n}\n\nfunction delay(ms: number): Promise<void> {\n return new Promise((resolve) => setTimeout(resolve, ms));\n}\n\nfunction computeRetryDelayMs(args: {\n attempt: number;\n status?: number;\n retryAfterMs?: number | null;\n}): number {\n const baseDelay =\n args.status === 429\n ? Math.max(\n args.retryAfterMs ?? 0,\n Math.min(1000 * 2 ** args.attempt, 10_000)\n )\n : Math.min(1000 * 2 ** args.attempt, 4000);\n\n if (args.status !== 429) {\n return baseDelay;\n }\n\n const jitterWindow = Math.max(250, Math.round(baseDelay * 0.25));\n return baseDelay + Math.round(Math.random() * jitterWindow);\n}\n\nfunction classifyGatewayErrorForRetry(error: unknown): boolean {\n return isGatewayRetryableError(error) || classifyRetry({ error }).retryable;\n}\n\nfunction isRecord(value: unknown): value is Record<string, unknown> {\n return value !== null && typeof value === \"object\" && !Array.isArray(value);\n}\n\nfunction readPolicySummaryFromDetails(details?: JsonValue): string | null {\n if (!isRecord(details)) {\n return null;\n }\n\n const directSummary = details.summary;\n if (typeof directSummary === \"string\" && directSummary.trim().length > 0) {\n return directSummary.trim();\n }\n\n const policy = details.policy;\n if (!isRecord(policy)) {\n return null;\n }\n\n const explanation = policy.explanation;\n if (!isRecord(explanation)) {\n return null;\n }\n\n const nestedSummary = explanation.summary;\n if (typeof nestedSummary === \"string\" && nestedSummary.trim().length > 0) {\n return nestedSummary.trim();\n }\n\n return null;\n}\n\nfunction redactJsonDiagnosticValue(value: JsonValue | undefined): JsonValue | undefined {\n return value === undefined\n ? undefined\n : (redactDiagnosticValue(value) as JsonValue);\n}\n\nasync function resolveConfiguredAuthContext(\n authContext: GatewayClientConfig[\"authContext\"]\n): Promise<LucernSdkAuthContextInput | undefined> {\n if (typeof authContext === \"function\") {\n return await authContext();\n }\n return authContext;\n}\n\nfunction mergeHeaderRecord(\n base: Record<string, string>,\n addition: Record<string, string>\n): Record<string, string> {\n const headers = new Headers(base);\n for (const [key, value] of Object.entries(addition)) {\n const existing = headers.get(key);\n if (existing !== null && existing !== value) {\n throw new LucernSdkAuthContextError(\n \"policy_denied\",\n `Canonical Lucern SDK auth context conflicts with existing ${key} header.`\n );\n }\n headers.set(key, value);\n }\n return Object.fromEntries(headers.entries());\n}\n\nfunction cleanHeaderValue(value: string | null | undefined): string | undefined {\n const normalized = value?.trim();\n return normalized ? normalized : undefined;\n}\n\n/**\n * Create the transport client used by all SDK modules.\n */\nexport function createGatewayRequestClient(config: GatewayClientConfig = {}) {\n const env = resolveEnvironment();\n const runtime = createGatewayRuntime(config, env);\n const baseUrl = resolveGatewayBaseUrl(config.baseUrl, env);\n const maxRetries = runtime.profile.maxRetries;\n const requestIdFactory = runtime.profile.requestIdFactory;\n const requestTimeoutByMethod = runtime.profile.timeoutMsByMethod;\n const defaultRequestTimeoutMs = runtime.profile.timeoutMs;\n const normalizedEnvironment = normalizeGatewayEnvironment(config.environment);\n const telemetryExporter =\n config.telemetryEnabled === false\n ? null\n : (config.telemetryExporter ??\n createTelemetryExporterFromEnv(telemetryEnvironmentRecord(env), {\n service: \"lucern-sdk\",\n environment: normalizedEnvironment,\n }));\n\n async function resolveAuthHeaders(): Promise<Record<string, string>> {\n const provided = config.getAuthHeaders ? await config.getAuthHeaders() : {};\n const headers = new Headers(provided);\n const setIfAbsent = (name: string, value: string | undefined) => {\n const normalized = cleanHeaderValue(value);\n if (normalized && !headers.has(name)) {\n headers.set(name, normalized);\n }\n };\n\n setIfAbsent(\"x-lucern-key\", config.apiKey);\n setIfAbsent(\"x-lucern-session-token\", config.userToken);\n setIfAbsent(\"x-lucern-environment\", normalizedEnvironment);\n setIfAbsent(\"x-lucern-clerk-id\", config.clerkId);\n setIfAbsent(\"x-lucern-user-id\", config.userId ?? config.clerkId);\n setIfAbsent(\"x-lucern-deployment-host\", config.deploymentHost);\n\n const base = Object.fromEntries(headers.entries());\n const authContextInput = await resolveConfiguredAuthContext(\n config.authContext\n );\n if (!authContextInput && !config.requireCanonicalAuthContext) {\n return base;\n }\n const authContext = normalizeCanonicalLucernAuthContext(authContextInput);\n return mergeHeaderRecord(base, createCanonicalAuthHeaders(authContext));\n }\n\n async function fetchWithTimeout(\n url: string,\n init: RequestInit,\n timeoutMs: number\n ): Promise<Response> {\n const normalizeTransportError = (\n error: unknown,\n isTimeout: boolean,\n ): GatewayRecoverableError => {\n if (isTimeout) {\n return new GatewayTimeoutError(timeoutMs);\n }\n return error instanceof GatewayTimeoutError ||\n error instanceof GatewayTransportError\n ? error\n : new GatewayTransportError(\n error instanceof Error ? error.message : \"Gateway transport error\",\n {\n cause: error,\n retryable: classifyGatewayErrorForRetry(error),\n }\n );\n };\n\n const controller = new AbortController();\n const timer = setTimeout(() => controller.abort(), timeoutMs);\n const requestEffect = Effect.tryPromise({\n try: () => runtime.fetch(url, { ...init, signal: controller.signal }),\n catch: (error) => normalizeTransportError(error, controller.signal.aborted),\n });\n try {\n const exit = await Effect.runPromiseExit(requestEffect);\n if (Exit.isSuccess(exit)) {\n return exit.value;\n }\n const failure = Array.from(Cause.failures(exit.cause))[0];\n if (failure !== undefined) {\n throw failure;\n }\n throw Cause.squash(exit.cause);\n } finally {\n clearTimeout(timer);\n }\n }\n\n async function emitSdkResponseTelemetry(\n context: GatewayResponseHookContext,\n ): Promise<void> {\n const retry = classifyRetry({\n status: context.status,\n error: context.error,\n retryAfter:\n context.retryAfterMs !== null && context.retryAfterMs !== undefined\n ? String(context.retryAfterMs / 1000)\n : undefined,\n });\n await emitTelemetrySignal(telemetryExporter, {\n signalType: \"trace\",\n surface: \"sdk-retry\",\n eventName: context.willRetry\n ? \"sdk.retry\"\n : context.error\n ? \"sdk.request.error\"\n : \"sdk.request.complete\",\n severity: context.error ? (context.willRetry ? \"warn\" : \"error\") : \"info\",\n durationMs: context.durationMs,\n metricName: \"sdk.request.duration_ms\",\n metricValue: context.durationMs,\n correlationId: context.correlationId ?? context.requestId,\n policyTraceId: context.policyTraceId ?? null,\n tenantId:\n context.headers.get(\"x-lucern-tenant-id\") ??\n context.headers.get(\"x-lucern-tenant\") ??\n undefined,\n workspaceId:\n context.headers.get(\"x-lucern-workspace-id\") ??\n context.headers.get(\"x-lucern-workspace\") ??\n undefined,\n attributes: {\n service: \"lucern-sdk\",\n operation: \"gateway.request\",\n path: context.path,\n httpMethod: context.method,\n httpStatus: context.status,\n attempt: context.attempt,\n maxRetries: context.maxRetries,\n retryReason: retry.reason,\n retryAfterMs: context.retryAfterMs ?? retry.retryAfterMs,\n willRetry: context.willRetry,\n retryable: retry.retryable,\n errorName:\n context.error instanceof Error ? context.error.name : undefined,\n errorMessage:\n context.error instanceof Error ? context.error.message : undefined,\n },\n });\n }\n\n async function parsePayload<T>(\n response: Response\n ): Promise<PlatformGatewayEnvelope<T> | null> {\n const text = await response.text();\n if (!text) {\n return null;\n }\n const parsed = tryParseGatewayEnvelopeJson(text);\n if (!parsed.ok) {\n return null;\n }\n return isRecord(parsed.value)\n ? (parsed.value as PlatformGatewayEnvelope<T>)\n : null;\n }\n\n function resolveTimeoutMs(\n method: GatewayHttpMethod,\n requestTimeoutMs?: number\n ): number {\n if (typeof requestTimeoutMs === \"number\") {\n return requestTimeoutMs;\n }\n const methodTimeoutMs = requestTimeoutByMethod?.[method];\n if (typeof methodTimeoutMs === \"number\") {\n return methodTimeoutMs;\n }\n return defaultRequestTimeoutMs;\n }\n\n function tryParseGatewayEnvelopeJson(text: string): JsonParseAttempt {\n const trimmed = text.trim();\n if (!trimmed.startsWith(\"{\") && !trimmed.startsWith(\"[\")) {\n return { ok: false, reason: \"non-json\" };\n }\n try {\n return { ok: true, value: JSON.parse(trimmed) };\n } catch (error) {\n if (error instanceof SyntaxError) {\n return { ok: false, reason: \"invalid-json\", error };\n }\n throw error;\n }\n }\n\n function buildApiError(args: {\n requestId: string;\n response: Response;\n failure?: PlatformGatewayFailure | null;\n }): LucernApiError {\n const failure = args.failure;\n const legacyError =\n failure && isRecord(failure.error) ? failure.error : failure?.legacyError;\n const correlationId =\n failure?.correlationId ??\n args.response.headers.get(\"x-lucern-correlation-id\")?.trim() ??\n args.requestId;\n const policyTraceId =\n failure?.policyTraceId ??\n args.response.headers.get(\"x-lucern-policy-trace-id\")?.trim() ??\n null;\n const details = runtime.redaction(\n redactJsonDiagnosticValue(failure?.details ?? legacyError?.details)\n );\n const policySummary = readPolicySummaryFromDetails(details);\n const failureMessage =\n typeof failure?.error === \"string\"\n ? failure.error\n : legacyError?.message;\n\n return new LucernApiError({\n code:\n failure?.code ??\n legacyError?.code ??\n fallbackErrorCode(args.response.status),\n message:\n policySummary ??\n failureMessage ??\n (args.response.ok\n ? \"Platform API returned an invalid success payload.\"\n : \"Platform API request failed.\"),\n status: args.response.status,\n invariant: failure?.invariant,\n suggestion: failure?.suggestion,\n details,\n requestId: args.requestId,\n correlationId,\n policyTraceId,\n });\n }\n\n async function request<T>(args: {\n path: string;\n method?: GatewayHttpMethod;\n body?: JsonObject;\n idempotencyKey?: string;\n requestId?: string;\n timeoutMs?: number;\n }): Promise<PlatformGatewaySuccess<T>> {\n const authHeaders = await resolveAuthHeaders();\n const method = args.method ?? \"GET\";\n const timeoutMs = resolveTimeoutMs(method, args.timeoutMs);\n const headers = new Headers({\n \"content-type\": \"application/json\",\n ...authHeaders,\n });\n if (args.idempotencyKey) {\n headers.set(\"idempotency-key\", args.idempotencyKey);\n }\n const requestId =\n headers.get(\"x-correlation-id\")?.trim() ||\n headers.get(\"x-request-id\")?.trim() ||\n args.requestId ||\n requestIdFactory();\n if (!headers.has(\"x-correlation-id\") && !headers.has(\"x-request-id\")) {\n headers.set(\"x-correlation-id\", requestId);\n }\n\n const url = `${baseUrl}${args.path}`;\n const serializedBody = args.body ? JSON.stringify(args.body) : undefined;\n const init: RequestInit = {\n method,\n headers,\n body: serializedBody,\n };\n\n let lastError: unknown;\n\n for (let attempt = 0; attempt <= maxRetries; attempt++) {\n const hookRequestContext: GatewayRequestHookContext = {\n requestId,\n attempt,\n maxRetries,\n method,\n path: args.path,\n url,\n headers: new Headers(headers),\n body: serializedBody,\n timeoutMs,\n };\n await config.onRequest?.(hookRequestContext);\n const startedAt = Date.now();\n try {\n const response = await fetchWithTimeout(url, init, timeoutMs);\n const responseClone = response.clone();\n const payload = await parsePayload<T>(response);\n const retry = classifyRetry({\n status: response.status,\n retryAfter: response.headers.get(\"Retry-After\"),\n });\n const retryAfterMs = retry.retryAfterMs ?? null;\n\n if (!response.ok || !payload?.success) {\n const failure =\n payload && !payload.success ? (payload as PlatformGatewayFailure) : null;\n const apiError = buildApiError({\n requestId,\n response,\n failure,\n });\n const willRetry = attempt < maxRetries && retry.retryable;\n const responseContext: GatewayResponseHookContext = {\n ...hookRequestContext,\n durationMs: Date.now() - startedAt,\n status: response.status,\n response: responseClone,\n error: apiError,\n correlationId: apiError.correlationId ?? requestId,\n policyTraceId: apiError.policyTraceId ?? null,\n retryAfterMs,\n willRetry,\n };\n\n await config.onResponse?.(responseContext);\n await emitSdkResponseTelemetry(responseContext);\n\n if (willRetry) {\n lastError = apiError;\n await delay(\n computeRetryDelayMs({\n attempt,\n status: response.status,\n retryAfterMs,\n })\n );\n continue;\n }\n\n throw apiError;\n }\n\n const successPayload = payload as PlatformGatewaySuccess<T>;\n const responseContext: GatewayResponseHookContext = {\n ...hookRequestContext,\n durationMs: Date.now() - startedAt,\n status: response.status,\n response: responseClone,\n correlationId:\n successPayload.correlationId ??\n response.headers.get(\"x-lucern-correlation-id\")?.trim() ??\n requestId,\n policyTraceId:\n successPayload.policyTraceId ??\n response.headers.get(\"x-lucern-policy-trace-id\")?.trim() ??\n null,\n idempotentReplay: successPayload.idempotentReplay,\n retryAfterMs,\n willRetry: false,\n };\n await config.onResponse?.(responseContext);\n await emitSdkResponseTelemetry(responseContext);\n\n return successPayload;\n } catch (fetchError) {\n if (fetchError instanceof LucernApiError) {\n throw fetchError;\n }\n const willRetry =\n attempt < maxRetries && classifyGatewayErrorForRetry(fetchError);\n const responseContext: GatewayResponseHookContext = {\n ...hookRequestContext,\n durationMs: Date.now() - startedAt,\n error: fetchError,\n correlationId: requestId,\n policyTraceId: null,\n willRetry,\n };\n await config.onResponse?.(responseContext);\n await emitSdkResponseTelemetry(responseContext);\n lastError = fetchError;\n if (willRetry) {\n await delay(computeRetryDelayMs({ attempt }));\n }\n }\n }\n\n throw lastError instanceof Error\n ? lastError\n : new Error(\"Platform API request failed after retries.\");\n }\n\n return {\n request,\n };\n}\n","import {\n createGatewayRequestClient,\n type GatewayClientConfig,\n} from \"./coreClient\";\n\n/** Configuration for the answers client. */\nexport type AnswersClientConfig = GatewayClientConfig;\n\n/**\n * Create the answers client for retrieving question answers.\n * @param config - Gateway transport configuration.\n * @returns An object with a `get` method to fetch the answer for a question.\n */\nexport function createAnswersClient(config: AnswersClientConfig = {}) {\n const gateway = createGatewayRequestClient(config);\n\n return {\n /**\n * Get the current answer for a question.\n * @param questionId - The question node identifier.\n * @returns The answer record for the given question.\n */\n async get(questionId: string) {\n return gateway.request<Record<string, unknown>>({\n path: `/api/platform/v1/questions/${encodeURIComponent(questionId)}/answer`,\n });\n },\n };\n}\n"]}
@@ -1,5 +1,6 @@
1
1
  import { GatewayScope, GatewayClientConfig, PlatformGatewaySuccess } from './coreClient.js';
2
2
  import { JsonObject, ListResult } from './types.js';
3
+ import '@lucern/transport-core';
3
4
  import './authContext.js';
4
5
  import './contracts/auth-session.contract.js';
5
6
  import './contracts/workflow-runtime.contract.js';