@lumiapassport/core 1.3.0 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/dist/auth/index.cjs +17 -35
  2. package/dist/auth/index.cjs.map +1 -1
  3. package/dist/auth/index.d.cts +11 -2
  4. package/dist/auth/index.d.ts +11 -2
  5. package/dist/auth/index.js +17 -35
  6. package/dist/auth/index.js.map +1 -1
  7. package/dist/index.cjs +17 -35
  8. package/dist/index.cjs.map +1 -1
  9. package/dist/index.js +17 -35
  10. package/dist/index.js.map +1 -1
  11. package/dist/internal/error-tracking.cjs +129 -0
  12. package/dist/internal/error-tracking.cjs.map +1 -0
  13. package/dist/internal/error-tracking.d.cts +27 -0
  14. package/dist/internal/error-tracking.d.ts +27 -0
  15. package/dist/internal/error-tracking.js +105 -0
  16. package/dist/internal/error-tracking.js.map +1 -0
  17. package/package.json +14 -5
package/dist/auth/index.cjs CHANGED
@@ -249,33 +249,14 @@ var JwtTokenManager = class {
249
249
  try {
250
250
  if (this.tokens) {
251
251
  const tokenString = JSON.stringify(this.tokens);
252
- console.log("[JWT] Saving to storage with key:", TOKEN_STORAGE_KEY);
253
- console.log("[JWT] Token data being saved:", {
254
- hasAccessToken: !!this.tokens.accessToken,
255
- hasRefreshToken: !!this.tokens.refreshToken,
256
- userId: this.tokens.userId,
257
- expiresAt: this.tokens.expiresAt,
258
- tokenStringLength: tokenString.length
259
- });
260
252
  await this.storage.setItem(TOKEN_STORAGE_KEY, tokenString);
261
253
  await this.storage.setItem(USER_ID_KEY, this.tokens.userId);
262
- console.log("[JWT] Tokens saved to storage");
263
- } else {
264
- console.warn("[JWT] No tokens to save");
265
254
  }
266
255
  } catch (error) {
267
256
  console.error("[JWT] Failed to save tokens to storage:", error);
268
257
  }
269
258
  }
270
259
  async setTokens(response) {
271
- console.log("[JWT] \u2705 setTokens() called - Stack trace:");
272
- console.trace("[JWT] Set tokens stack trace");
273
- console.log("[JWT] Setting tokens from response:", {
274
- hasAccessToken: !!response.accessToken,
275
- hasRefreshToken: !!response.refreshToken,
276
- userId: response.userId,
277
- expiresIn: response.expiresIn
278
- });
279
260
  const expiresAt = Date.now() + response.expiresIn * 1e3;
280
261
  this.tokens = {
281
262
  accessToken: response.accessToken,
@@ -286,11 +267,10 @@ var JwtTokenManager = class {
286
267
  hasKeyshare: response.hasKeyshare,
287
268
  isNewUser: response.isNewUser,
288
269
  avatar: response.avatar ?? null,
289
- displayName: response.displayName ?? null
270
+ displayName: response.displayName ?? null,
271
+ providers: response.providers ?? []
290
272
  };
291
- console.log("[JWT] Tokens object created");
292
273
  await this.saveTokensToStorage();
293
- console.log("[JWT] Tokens saved to storage successfully");
294
274
  }
295
275
  getAccessToken() {
296
276
  if (!this.tokens) return null;
@@ -311,6 +291,9 @@ var JwtTokenManager = class {
311
291
  getDisplayName() {
312
292
  return this.tokens?.displayName || null;
313
293
  }
294
+ getProviders() {
295
+ return this.tokens?.providers ?? [];
296
+ }
314
297
  getTokens() {
315
298
  return this.tokens;
316
299
  }
@@ -352,9 +335,6 @@ var JwtTokenManager = class {
352
335
  return !!this.tokens.refreshToken;
353
336
  }
354
337
  async clearTokens() {
355
- console.log("[JWT] \u26A0\uFE0F clearTokens() called - Stack trace:");
356
- console.trace("[JWT] Clear tokens stack trace");
357
- console.log("[JWT] Clearing tokens from memory and storage");
358
338
  this.tokens = null;
359
339
  await this.storage.removeItem(TOKEN_STORAGE_KEY);
360
340
  await this.storage.removeItem(USER_ID_KEY);
@@ -522,11 +502,7 @@ async function verifyToken(manager = jwtTokenManager) {
522
502
  }
523
503
  }
524
504
  async function ensureValidToken(manager = jwtTokenManager) {
525
- console.log("[JWT] ensureValidToken() called - Stack trace:");
526
- console.trace("[JWT] ensureValidToken stack trace");
527
- console.log("[JWT] Checking token validity...");
528
505
  if (manager.isAuthenticated() && !manager.isTokenExpired()) {
529
- console.log("[JWT] Access token is valid");
530
506
  return true;
531
507
  }
532
508
  console.log("[JWT] Access token expired or missing, attempting refresh...");
@@ -574,7 +550,7 @@ async function authenticatedFetch(url, options = {}, manager = jwtTokenManager)
574
550
  }
575
551
  return response;
576
552
  }
577
- async function loginWithUserId(userId) {
553
+ async function loginWithUserId(userId, options) {
578
554
  const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/login`), {
579
555
  method: "POST",
580
556
  headers: { "Content-Type": "application/json" },
@@ -585,10 +561,12 @@ async function loginWithUserId(userId) {
585
561
  throw new Error(`Login failed: ${response.status} ${errorText}`);
586
562
  }
587
563
  const loginResponse = await response.json();
588
- await jwtTokenManager.setTokens(loginResponse);
564
+ if (!options?.skipTokenSave) {
565
+ await jwtTokenManager.setTokens(loginResponse);
566
+ }
589
567
  return loginResponse;
590
568
  }
591
- async function loginWithEmail(email, code) {
569
+ async function loginWithEmail(email, code, options) {
592
570
  const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/email/verify-code`), {
593
571
  method: "POST",
594
572
  headers: { "Content-Type": "application/json" },
@@ -599,10 +577,12 @@ async function loginWithEmail(email, code) {
599
577
  throw new Error(`Email verification failed: ${response.status} ${errorText}`);
600
578
  }
601
579
  const loginResponse = await response.json();
602
- await jwtTokenManager.setTokens(loginResponse);
580
+ if (!options?.skipTokenSave) {
581
+ await jwtTokenManager.setTokens(loginResponse);
582
+ }
603
583
  return loginResponse;
604
584
  }
605
- async function loginWithTelegram(telegramData) {
585
+ async function loginWithTelegram(telegramData, options) {
606
586
  const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/telegram/login`), {
607
587
  method: "POST",
608
588
  headers: { "Content-Type": "application/json" },
@@ -613,7 +593,9 @@ async function loginWithTelegram(telegramData) {
613
593
  throw new Error(`Telegram login failed: ${response.status} ${errorText}`);
614
594
  }
615
595
  const loginResponse = await response.json();
616
- await jwtTokenManager.setTokens(loginResponse);
596
+ if (!options?.skipTokenSave) {
597
+ await jwtTokenManager.setTokens(loginResponse);
598
+ }
617
599
  return loginResponse;
618
600
  }
619
601
  async function syncKeyshareStatus(manager = jwtTokenManager) {
package/dist/auth/index.cjs.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../../src/auth/base64url.ts","../../src/auth/storage.ts","../../src/utils/project-id.ts","../../src/auth/jwt.ts"],"names":[],"mappings":";;;AAUO,SAAS,uBAAuB,MAAA,EAA6B;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAChF;AAOO,SAAS,sBAAsB,SAAA,EAA+B;AACnE,EAAA,MAAM,MAAA,GAAS,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC7D,EAAA,MAAM,MAAM,MAAA,CAAO,MAAA,GAAS,IAAI,CAAA,GAAK,MAAA,CAAO,SAAS,CAAA,GAAK,CAAA;AAC1D,EAAA,MAAM,MAAA,GAAS,MAAA,GAAS,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA;AACtC,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAChC;AACA,EAAA,OAAO,KAAA;AACT;AAOO,SAAS,oBAAoB,MAAA,EAA6B;AAC/D,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,KAAK,MAAM,CAAA;AACpB;;;ACbO,IAAM,gBAAN,MAA4C;AAAA,EACzC,OAAA,uBAAc,GAAA,EAAoB;AAAA,EAE1C,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAClC;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC7B;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAA,GAAiB;AACf,IAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,KAAK,OAAA,CAAQ,IAAA;AAAA,EACtB;AACF;AAMO,IAAM,sBAAN,MAAkD;AAAA,EAC/C,QAAA,GAAiC,IAAA;AAAA,EAEzC,WAAA,GAAc;AAEZ,IAAA,IAAI,CAAC,IAAA,CAAK,uBAAA,EAAwB,EAAG;AACnC,MAAA,OAAA,CAAQ,KAAK,sEAAsE,CAAA;AACnF,MAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAAA,IACpC;AAAA,EACF;AAAA,EAEQ,uBAAA,GAAmC;AACzC,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,OAAA,GAAU,GAAA,GAAM,GAAA,CAAI,YAAA,GAAe,KAAA,CAAA;AACzC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAO,KAAA;AAAA,MACT;AAEA,MAAA,MAAM,OAAA,GAAU,wBAAA;AAChB,MAAA,OAAA,CAAQ,OAAA,CAAQ,SAAS,MAAM,CAAA;AAC/B,MAAA,OAAA,CAAQ,WAAW,OAAO,CAAA;AAC1B,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAA,CAAQ,GAAA,CAAI,qCAAqC,GAAG,CAAA;AACpD,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,MAAA,OAAO,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AAAA,IAClC;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,KAAA,GAAQ,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA,IAAK,IAAA;AACjD,MAAA,OAAA,CAAQ,IAAI,mCAAA,EAAqC;AAAA,QAC/C,GAAA;AAAA,QACA,QAAA,EAAU,CAAC,CAAC,KAAA;AAAA,QACZ,aAAa,KAAA,EAAO,MAAA;AAAA,QACpB,OAAA,EAAS,KAAK,YAAA,GAAe,MAAA,CAAO,KAAK,GAAA,CAAI,YAAY,IAAI;AAAC,OAC/D,CAAA;AACD,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8CAA8C,KAAK,CAAA;AACjE,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,OAAA,CAAQ,IAAI,2BAAA,EAA6B,EAAE,KAAK,WAAA,EAAa,KAAA,CAAM,QAAQ,CAAA;AAC3E,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,MAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAChC,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACrC,MAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAG1D,MAAA,MAAM,YAAA,GAAe,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA;AACnD,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAA,CAAQ,MAAM,0EAAgE,CAAA;AAAA,MAChF,CAAA,MAAA,IAAW,iBAAiB,KAAA,EAAO;AACjC,QAAA,OAAA,CAAQ,MAAM,yEAA+D,CAAA;AAAA,MAC/E,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,8CAAyC,CAAA;AAAA,MACvD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAE/D,MAAA,IAAI,CAAC,KAAK,QAAA,EAAU;AAClB,QAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAClC,QAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,IAAA,CAAK,QAAA,CAAS,WAAW,GAAG,CAAA;AAC5B,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,WAAW,GAAG,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,+CAA+C,KAAK,CAAA;AAAA,IACpE;AAAA,EACF;AACF;AAWA,eAAsB,UAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAClC,EAAA,OAAO,MAAA,YAAkB,OAAA,GAAU,MAAM,MAAA,GAAS,MAAA;AACpD;AAKA,eAAsB,UAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACzC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;AAKA,eAAsB,aAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AACrC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;ACtMO,SAAS,YAAA,GAAmC;AAOjD,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,OAAS,WAAmB,MAAA,CAAe,oBAAA;AAAA,EAC7C;AAEA,EAAA,OAAO,MAAA;AACT;AAOO,SAAS,iBAAA,CAAkB,KAAa,SAAA,EAA4B;AACzE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,aAAa,YAAA,EAAa;AACtC,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,MAAM,SAAA,GAAY,GAAA,CAAI,QAAA,CAAS,GAAG,IAAI,GAAA,GAAM,GAAA;AAC5C,MAAA,OAAO,GAAG,GAAG,CAAA,EAAG,SAAS,CAAA,UAAA,EAAa,kBAAA,CAAmB,GAAG,CAAC,CAAA,CAAA;AAAA,IAC/D;AAAA,EACF,SAAS,KAAA,EAAO;AAAA,EAEhB;AACA,EAAA,OAAO,GAAA;AACT;;;ACtCA,IAAM,iBAAA,GAAoB,2BAAA;AAC1B,IAAM,WAAA,GAAc,gCAAA;AAQpB,IAAI,cAAA;AAMG,SAAS,mBAAmB,MAAA,EAGhC;AACD,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA;AAAA,EAChC;AAGF;AAGA,IAAM,aAAA,GAA6D,mCAAA;AAEnE,SAAS,SAAA,GAAoB;AAI3B,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,cAAA,EAAe;AAAA,EACxB;AAGA,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,MAAM,QAAA,GAAa,WAAmB,MAAA,CAAe,kBAAA;AACrD,IAAA,IAAI,UAAU,MAAA,EAAQ;AACpB,MAAA,OAAO,QAAA,CAAS,MAAA;AAAA,IAClB;AAAA,EACF;AAGA,EAAmB;AACjB,IAAA,OAAO,aAAA;AAAA,EACT;AAIF;AAiDO,IAAM,kBAAN,MAAsB;AAAA,EACnB,MAAA,GAA2B,IAAA;AAAA,EAC3B,OAAA;AAAA,EACA,cAAA,GAA0C,IAAA;AAAA;AAAA,EAElD,YAAY,OAAA,EAAwB;AAClC,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA,IAAW,IAAI,mBAAA,EAAoB;AAClD,IAAA,OAAA,CAAQ,IAAI,uCAAuC,CAAA;AACnD,IAAA,IAAA,CAAK,qBAAA,EAAsB;AAAA,EAC7B;AAAA,EAEA,MAAc,qBAAA,GAAuC;AACnD,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,OAAA,CAAQ,QAAQ,iBAAiB,CAAA;AAC3D,MAAA,OAAA,CAAQ,GAAA,CAAI,oCAAA,EAAsC,CAAC,CAAC,MAAM,CAAA;AAE1D,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,MAAM,CAAA;AAC/B,QAAA,OAAA,CAAQ,IAAI,sBAAA,EAAwB;AAAA,UAClC,cAAA,EAAgB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,WAAA;AAAA,UAC/B,eAAA,EAAiB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,YAAA;AAAA,UAChC,MAAA,EAAQ,KAAK,MAAA,EAAQ,MAAA;AAAA,UACrB,SAAA,EAAW,KAAK,MAAA,EAAQ,SAAA;AAAA,UACxB,WAAA,EAAa,KAAK,GAAA,EAAI;AAAA,UACtB,YAAA,EAAc,IAAA,CAAK,MAAA,EAAQ,SAAA,GAAA,CAAa,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,IAAK,GAAA,GAAO;AAAA,SACtF,CAAA;AAED,QAAA,IAAI,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,cAAA,EAAe,EAAG;AACxC,UAAA,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAG3C,UAAA,IAAI,IAAA,CAAK,OAAO,YAAA,EAAc;AAC5B,YAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAAA,UAE/E,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,YAAA,MAAM,KAAK,WAAA,EAAY;AAAA,UACzB;AAAA,QACF,CAAA,MAAO;AACL,UAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,QAC3D;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAAA,MAChD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAC/D,MAAA,MAAM,KAAK,WAAA,EAAY;AAAA,IACzB;AAAA,EACF;AAAA,EAEA,MAAc,mBAAA,GAAqC;AACjD,IAAA,IAAI;AACF,MAAA,IAAI,KAAK,MAAA,EAAQ;AACf,QAAA,MAAM,WAAA,GAAc,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,MAAM,CAAA;AAC9C,QAAA,OAAA,CAAQ,GAAA,CAAI,qCAAqC,iBAAiB,CAAA;AAClE,QAAA,OAAA,CAAQ,IAAI,+BAAA,EAAiC;AAAA,UAC3C,cAAA,EAAgB,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,WAAA;AAAA,UAC9B,eAAA,EAAiB,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,YAAA;AAAA,UAC/B,MAAA,EAAQ,KAAK,MAAA,CAAO,MAAA;AAAA,UACpB,SAAA,EAAW,KAAK,MAAA,CAAO,SAAA;AAAA,UACvB,mBAAmB,WAAA,CAAY;AAAA,SAChC,CAAA;AAED,QAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,iBAAA,EAAmB,WAAW,CAAA;AACzD,QAAA,MAAM,KAAK,OAAA,CAAQ,OAAA,CAAQ,WAAA,EAAa,IAAA,CAAK,OAAO,MAAM,CAAA;AAE1D,QAAA,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAAA,MAC7C,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,KAAK,yBAAyB,CAAA;AAAA,MACxC;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAAA,IAChE;AAAA,EACF;AAAA,EAEA,MAAM,UAAU,QAAA,EAAwC;AACtD,IAAA,OAAA,CAAQ,IAAI,gDAA2C,CAAA;AACvD,IAAA,OAAA,CAAQ,MAAM,8BAA8B,CAAA;AAC5C,IAAA,OAAA,CAAQ,IAAI,qCAAA,EAAuC;AAAA,MACjD,cAAA,EAAgB,CAAC,CAAC,QAAA,CAAS,WAAA;AAAA,MAC3B,eAAA,EAAiB,CAAC,CAAC,QAAA,CAAS,YAAA;AAAA,MAC5B,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,WAAW,QAAA,CAAS;AAAA,KACrB,CAAA;AAED,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAS,SAAA,GAAY,GAAA;AACpD,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,cAAc,QAAA,CAAS,YAAA;AAAA,MACvB,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,SAAA;AAAA,MACA,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,WAAA,EAAa,SAAS,WAAA,IAAe;AAAA,KACvC;AAEA,IAAA,OAAA,CAAQ,IAAI,6BAA6B,CAAA;AACzC,IAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,IAAA,OAAA,CAAQ,IAAI,4CAA4C,CAAA;AAAA,EAC1D;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA;AAEzB,IAAA,OAAO,KAAK,MAAA,CAAO,WAAA;AAAA,EACrB;AAAA,EAEA,eAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,YAAA,IAAgB,IAAA;AAAA,EACtC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,SAAA,GAA8B;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAAqC;AAC9D,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,WAAA,EAA2C;AACjE,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,cAAA,GAA0B;AACxB,IAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,MAAA,OAAA,CAAQ,IAAI,gDAAgD,CAAA;AAC5D,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,MAAM,SAAA,GAAY,KAAK,MAAA,CAAO,SAAA;AAC9B,IAAA,MAAM,SAAA,GAAY,MAAO,SAAA,GAAY,MAAA;AAErC,IAAA,OAAA,CAAQ,IAAI,2BAAA,EAA6B;AAAA,MACvC,WAAA,EAAa,GAAA;AAAA,MACb,SAAA;AAAA,MACA,MAAA;AAAA,MACA,YAAA,EAAA,CAAe,YAAY,GAAA,IAAO,GAAA;AAAA,MAClC;AAAA,KACD,CAAA;AAED,IAAA,OAAO,SAAA;AAAA,EACT;AAAA,EAEA,eAAA,GAA2B;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,KAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,cAAA,EAAe,EAAG;AAC1B,MAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,WAAA;AAAA,IACvB;AAGA,IAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,YAAA;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,OAAA,CAAQ,IAAI,wDAA8C,CAAA;AAC1D,IAAA,OAAA,CAAQ,MAAM,gCAAgC,CAAA;AAC9C,IAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAE3D,IAAA,IAAA,CAAK,MAAA,GAAS,IAAA;AACd,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,iBAAiB,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,kBAAA,GAAuC;AAE3C,IAAA,IAAI,KAAK,cAAA,EAAgB;AACvB,MAAA,OAAA,CAAQ,IAAI,sEAAsE,CAAA;AAClF,MAAA,OAAO,IAAA,CAAK,cAAA;AAAA,IACd;AAEA,IAAA,MAAM,YAAA,GAAe,KAAK,eAAA,EAAgB;AAC1C,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAA,CAAQ,KAAK,8CAA8C,CAAA;AAC3D,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAG3D,IAAA,IAAA,CAAK,kBAAkB,YAAY;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,mBAAmB,CAAA,EAAG;AAAA,UACjF,MAAA,EAAQ,MAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,UAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,cAAc;AAAA,SACtC,CAAA;AAED,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,UAAA,OAAA,CAAQ,GAAA,CAAI,yCAAA,EAA2C,QAAA,CAAS,MAAM,CAAA;AAEtE,UAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,YAAA,IAAI;AACF,cAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,cAAA,OAAA,CAAQ,GAAA,CAAI,oCAAoC,SAAS,CAAA;AAGzD,cAAA,QAAQ,UAAU,UAAA;AAAY,gBAC5B,KAAK,mBAAA;AACH,kBAAA,OAAA,CAAQ,IAAI,wDAAwD,CAAA;AACpE,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA,gBAET,KAAK,eAAA;AAAA,gBACL;AACE,kBAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAC1D,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA;AACX,YACF,SAAS,UAAA,EAAY;AACnB,cAAA,OAAA,CAAQ,IAAA,CAAK,qDAAqD,UAAU,CAAA;AAC5E,cAAA,MAAM,KAAK,WAAA,EAAY;AACvB,cAAA,OAAO,KAAA;AAAA,YACT;AAAA,UACF,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,6EAA6E,CAAA;AACzF,YAAA,OAAO,KAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,MAAM,eAAA,GAAkB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC5C,QAAA,OAAA,CAAQ,GAAA,CAAI,gDAAA,EAAkD,eAAA,CAAgB,SAAA,EAAW,SAAS,CAAA;AAElG,QAAA,IAAI,KAAK,MAAA,EAAQ;AAEf,UAAA,IAAA,CAAK,MAAA,CAAO,cAAc,eAAA,CAAgB,WAAA;AAC1C,UAAA,IAAA,CAAK,MAAA,CAAO,eAAe,eAAA,CAAgB,YAAA;AAC3C,UAAA,IAAA,CAAK,MAAA,CAAO,YAAY,eAAA,CAAgB,SAAA;AACxC,UAAA,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,gBAAgB,SAAA,GAAY,GAAA;AACjE,UAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,UAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,OAAA,CAAQ,MAAM,oCAAoC,CAAA;AAClD,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,sCAAsC,KAAK,CAAA;AAEzD,QAAA,OAAO,KAAA;AAAA,MACT,CAAA,SAAE;AAEA,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AACtB,QAAA,OAAA,CAAQ,IAAI,kDAAkD,CAAA;AAAA,MAChE;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,OAAO,IAAA,CAAK,cAAA;AAAA,EACd;AAAA,EAEA,aAAA,GAA+B;AAC7B,IAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,EAAe;AAClC,IAAA,OAAO,KAAA,GAAQ,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,GAAK,IAAA;AAAA,EACrC;AACF;AAGO,IAAM,eAAA,GAAkB,IAAI,eAAA;AAK5B,SAAS,sBAAsB,OAAA,EAAwC;AAC5E,EAAA,OAAO,IAAI,gBAAgB,OAAO,CAAA;AACpC;AAIA,eAAsB,MAAA,CAAO,UAA2B,eAAA,EAAgC;AACtF,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAM,iBAAA,CAAkB,CAAA,EAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,QAC/D,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,aAAA,EAAe,UAAA;AAAA,UACf,cAAA,EAAgB;AAAA;AAClB,OACD,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,uBAAuB,KAAK,CAAA;AAAA,EAC5C,CAAA,SAAE;AACA,IAAA,MAAM,QAAQ,WAAA,EAAY;AAAA,EAC5B;AACF;AAEA,eAAsB,WAAA,CAAY,UAA2B,eAAA,EAAiD;AAC5G,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAA,CAAQ,IAAI,iDAAiD,CAAA;AAC7D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,MAChF,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,EAAE,aAAA,EAAe,UAAA;AAAW,KACtC,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,OAAA,CAAQ,GAAA,CAAI,kCAAA,EAAoC,QAAA,CAAS,MAAM,CAAA;AAE/D,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,UAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,SAAS,CAAA;AAGjD,UAAA,QAAQ,UAAU,UAAA;AAAY,YAC5B,KAAK,eAAA;AACH,cAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,cAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,cAAA,IAAI,cAAA,EAAgB;AAClB,gBAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AACvE,gBAAA,OAAO,MAAM,YAAY,OAAO,CAAA;AAAA,cAClC,CAAA,MAAO;AACL,gBAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AACzD,gBAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,gBAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,cACxB;AAAA,YAEF,KAAK,mBAAA;AACH,cAAA,OAAA,CAAQ,IAAI,qDAAqD,CAAA;AACjE,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,YAExB,KAAK,eAAA;AAAA,YACL;AACE,cAAA,OAAA,CAAQ,IAAI,sCAAsC,CAAA;AAClD,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA;AAC1B,QACF,SAAS,UAAA,EAAY;AACnB,UAAA,OAAA,CAAQ,IAAA,CAAK,6CAA6C,UAAU,CAAA;AACpE,UAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,UAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,QACxB;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,yDAAyD,CAAA;AACrE,QAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,MACxB;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,IAAA,OAAA,CAAQ,GAAA,CAAI,wCAAwC,cAAc,CAAA;AAElE,IAAA,IAAI,eAAe,KAAA,EAAO;AACxB,MAAA,IAAI,OAAO,cAAA,CAAe,WAAA,KAAgB,SAAA,EAAW;AACnD,QAAA,MAAM,OAAA,CAAQ,oBAAA,CAAqB,cAAA,CAAe,WAAW,CAAA;AAAA,MAC/D;AAEA,MAAA,IAAI,OAAA,CAAQ,WAAU,EAAG;AACvB,QAAA,IAAI,cAAA,CAAe,gBAAgB,KAAA,CAAA,EAAW;AAC5C,UAAA,MAAM,OAAA,CAAQ,iBAAA,CAAkB,cAAA,CAAe,WAAW,CAAA;AAAA,QAC5D;AAAA,MAEF;AAAA,IACF;AAEA,IAAA,OAAO,cAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAC9D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AACF;AAEA,eAAsB,gBAAA,CAAiB,UAA2B,eAAA,EAAmC;AACnG,EAAA,OAAA,CAAQ,IAAI,gDAAgD,CAAA;AAC5D,EAAA,OAAA,CAAQ,MAAM,oCAAoC,CAAA;AAClD,EAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAG9C,EAAA,IAAI,QAAQ,eAAA,EAAgB,IAAK,CAAC,OAAA,CAAQ,gBAAe,EAAG;AAC1D,IAAA,OAAA,CAAQ,IAAI,6BAA6B,CAAA;AACzC,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,8DAA8D,CAAA;AAG1E,EAAA,MAAM,YAAA,GAAe,QAAQ,eAAA,EAAgB;AAC7C,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,OAAA,CAAQ,IAAI,mEAAmE,CAAA;AAC/E,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,OAAA,CAAQ,GAAA,CAAI,iCAAiC,cAAc,CAAA;AAC3D,IAAA,OAAO,cAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAC7E,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,mBACpB,GAAA,EACA,OAAA,GAAuB,EAAC,EACxB,UAA2B,eAAA,EACR;AACnB,EAAA,MAAM,aAAA,GAAgB,MAAM,gBAAA,CAAiB,OAAO,CAAA;AACpD,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,EAC3D;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,EACvD;AAEA,EAAA,MAAM,gBAAA,GAAmB,kBAAkB,GAAG,CAAA;AAC9C,EAAA,MAAM,cAAA,GAA8B;AAAA,IAClC,GAAG,OAAA;AAAA,IACH,OAAA,EAAS;AAAA,MACP,GAAG,OAAA,CAAQ,OAAA;AAAA,MACX,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB;AAAA;AAClB,GACF;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,gBAAA,EAAkB,cAAc,CAAA;AAG7D,EAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,EAAc;AAC5C,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,cAAA,CAAe,OAAA,GAAU;AAAA,UACvB,GAAG,cAAA,CAAe,OAAA;AAAA,UAClB,aAAA,EAAe;AAAA,SACjB;AACA,QAAA,OAAO,KAAA,CAAM,kBAAkB,cAAc,CAAA;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,QAAA;AACT;AAIA,eAAsB,gBAAgB,MAAA,EAAwC;AAC5E,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,iBAAiB,CAAA,EAAG;AAAA,IAC/E,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,QAAQ;AAAA,GAChC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,cAAc,CAAA;AAClE,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,cAAA,EAAiB,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EACjE;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAC7C,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,cAAA,CAAe,OAAe,IAAA,EAAsC;AACxF,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,6BAA6B,CAAA,EAAG;AAAA,IAC3F,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,MAAM,IAAA,CAAK,SAAA,CAAU,EAAE,KAAA,EAAO,MAAM;AAAA,GACrC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,2BAA2B,CAAA;AAC/E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC9E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAC7C,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,kBAAkB,YAAA,EAQb;AACzB,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,0BAA0B,CAAA,EAAG;AAAA,IACxF,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,YAAY;AAAA,GAClC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,uBAAuB,CAAA;AAC3E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uBAAA,EAA0B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAC7C,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,kBAAA,CAAmB,UAA2B,eAAA,EAAmC;AACrG,EAAA,IAAI;AACF,IAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,OAAO,CAAA;AAC9C,IAAA,IAAI,YAAA,EAAc,KAAA,IAAS,OAAO,YAAA,CAAa,gBAAgB,SAAA,EAAW;AACxE,MAAA,OAAO,YAAA,CAAa,WAAA;AAAA,IACtB;AACA,IAAA,OAAO,KAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF","file":"index.cjs","sourcesContent":["/**\n * Base64URL encoding/decoding utilities\n * Used for WebAuthn and JWT operations\n */\n\n/**\n * Convert ArrayBuffer to Base64URL string\n * @param buffer - ArrayBuffer to convert\n * @returns Base64URL encoded string\n */\nexport function arrayBufferToBase64url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/g, '');\n}\n\n/**\n * Convert Base64URL string to Uint8Array\n * @param base64url - Base64URL string to convert\n * @returns Uint8Array\n */\nexport function base64urlToUint8Array(base64url: string): Uint8Array {\n const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');\n const pad = base64.length % 4 ? 4 - (base64.length % 4) : 0;\n const padded = base64 + '='.repeat(pad);\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n}\n\n/**\n * Convert ArrayBuffer to standard Base64 string (not URL-safe)\n * @param buffer - ArrayBuffer to convert\n * @returns Base64 encoded string\n */\nexport function arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n","/**\n * Storage abstraction layer for tokens and keyshares\n * Allows the core package to work in both browser and Node.js environments\n */\n\n/**\n * Storage interface for storing key-value pairs\n * Can be implemented for different storage backends (localStorage, Redis, memory, etc.)\n */\nexport interface TokenStorage {\n /**\n * Get item from storage\n * @param key - Storage key\n * @returns Value or null if not found\n */\n getItem(key: string): Promise<string | null> | string | null;\n\n /**\n * Set item in storage\n * @param key - Storage key\n * @param value - Value to store\n */\n setItem(key: string, value: string): Promise<void> | void;\n\n /**\n * Remove item from storage\n * @param key - Storage key\n */\n removeItem(key: string): Promise<void> | void;\n}\n\n/**\n * In-memory storage adapter\n * Useful for server-side usage where persistence is not required\n */\nexport class MemoryStorage implements TokenStorage {\n private storage = new Map<string, string>();\n\n getItem(key: string): string | null {\n return this.storage.get(key) || null;\n }\n\n setItem(key: string, value: string): void {\n this.storage.set(key, value);\n }\n\n removeItem(key: string): void {\n this.storage.delete(key);\n }\n\n /**\n * Clear all items from memory storage\n */\n clear(): void {\n this.storage.clear();\n }\n\n /**\n * Get all keys in storage\n */\n keys(): string[] {\n return Array.from(this.storage.keys());\n }\n\n /**\n * Get number of items in storage\n */\n get size(): number {\n return this.storage.size;\n }\n}\n\n/**\n * LocalStorage adapter for browser environments\n * Falls back to memory storage if localStorage is not available\n */\nexport class LocalStorageAdapter implements TokenStorage {\n private fallback: MemoryStorage | null = null;\n\n constructor() {\n // Check if localStorage is available\n if (!this.isLocalStorageAvailable()) {\n console.warn('[Storage] localStorage not available, falling back to memory storage');\n this.fallback = new MemoryStorage();\n }\n }\n\n private isLocalStorageAvailable(): boolean {\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const storage = win ? win.localStorage : undefined;\n if (!storage) {\n return false;\n }\n // Test if we can actually use localStorage (some browsers block it in private mode)\n const testKey = '__lumia_storage_test__';\n storage.setItem(testKey, 'test');\n storage.removeItem(testKey);\n return true;\n } catch {\n return false;\n }\n }\n\n getItem(key: string): string | null {\n console.log('[Storage] getItem called for key:', key);\n if (this.fallback) {\n console.log('[Storage] Using fallback memory storage');\n return this.fallback.getItem(key);\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const value = win?.localStorage?.getItem(key) || null;\n console.log('[Storage] Read from localStorage:', {\n key,\n hasValue: !!value,\n valueLength: value?.length,\n allKeys: win?.localStorage ? Object.keys(win.localStorage) : []\n });\n return value;\n } catch (error) {\n console.error('[Storage] Error reading from localStorage:', error);\n return null;\n }\n }\n\n setItem(key: string, value: string): void {\n console.log('[Storage] setItem called:', { key, valueLength: value.length });\n if (this.fallback) {\n console.log('[Storage] Using fallback memory storage for write');\n this.fallback.setItem(key, value);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.setItem(key, value);\n console.log('[Storage] Successfully wrote to localStorage');\n\n // Verify write\n const verification = win?.localStorage?.getItem(key);\n if (!verification) {\n console.error('[Storage] ⚠️ VERIFICATION FAILED: Value not found after write!');\n } else if (verification !== value) {\n console.error('[Storage] ⚠️ VERIFICATION FAILED: Value mismatch after write!');\n } else {\n console.log('[Storage] ✅ Write verified successfully');\n }\n } catch (error) {\n console.error('[Storage] Error writing to localStorage:', error);\n // Initialize fallback if localStorage fails\n if (!this.fallback) {\n this.fallback = new MemoryStorage();\n this.fallback.setItem(key, value);\n }\n }\n }\n\n removeItem(key: string): void {\n if (this.fallback) {\n this.fallback.removeItem(key);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.removeItem(key);\n } catch (error) {\n console.error('[Storage] Error removing from localStorage:', error);\n }\n }\n}\n\n/**\n * Keyshare storage interface (same as TokenStorage but with a different name for clarity)\n */\nexport interface KeyshareStorage extends TokenStorage {}\n\n/**\n * Helper to normalize storage operations to always be async\n * This allows mixing sync and async storage implementations\n */\nexport async function storageGet(\n storage: TokenStorage,\n key: string\n): Promise<string | null> {\n const result = storage.getItem(key);\n return result instanceof Promise ? await result : result;\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageSet(\n storage: TokenStorage,\n key: string,\n value: string\n): Promise<void> {\n const result = storage.setItem(key, value);\n if (result instanceof Promise) {\n await result;\n }\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageRemove(\n storage: TokenStorage,\n key: string\n): Promise<void> {\n const result = storage.removeItem(key);\n if (result instanceof Promise) {\n await result;\n }\n}\n","/**\n * Project ID management for Lumia Passport Core\n * Adapted to work in both browser and Node.js environments\n */\n\nlet globalProjectId: string | undefined;\n\n/**\n * Set the global project ID\n * @param projectId - The project ID to set\n */\nexport function setProjectId(projectId: string): void {\n globalProjectId = projectId;\n}\n\n/**\n * Get the current project ID\n * Priority: 1. Explicitly set via setProjectId(), 2. window.__LUMIA_PROJECT_ID__ (browser only)\n */\nexport function getProjectId(): string | undefined {\n // First check explicitly set projectId\n if (globalProjectId) {\n return globalProjectId;\n }\n\n // Fallback to window global (browser only)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n return ((globalThis as any).window as any).__LUMIA_PROJECT_ID__;\n }\n\n return undefined;\n}\n\n/**\n * Add projectId to URL query parameters\n * @param url - The URL to add projectId to\n * @param projectId - Optional explicit projectId (uses getProjectId() if not provided)\n */\nexport function addProjectIdToUrl(url: string, projectId?: string): string {\n try {\n const pid = projectId || getProjectId();\n if (pid) {\n const separator = url.includes('?') ? '&' : '?';\n return `${url}${separator}projectId=${encodeURIComponent(pid)}`;\n }\n } catch (error) {\n // Silently fail and return original URL\n }\n return url;\n}\n\n/**\n * Clear the globally set project ID\n */\nexport function clearProjectId(): void {\n globalProjectId = undefined;\n}\n","/**\n * JWT Token Management\n * Adapted from lumia-passport-ui-kit/src/internal/auth/jwt.ts\n * Browser-specific features (passkey auth) remain in UI kit\n */\n\nimport type { TokenStorage } from './storage';\nimport { LocalStorageAdapter } from './storage';\nimport { addProjectIdToUrl } from '../utils/project-id';\n\n// Token storage keys\nconst TOKEN_STORAGE_KEY = 'lumia-passport-jwt-tokens';\nconst USER_ID_KEY = 'lumia-passport-current-user-id';\n\n// Build-time injected URLs (tsup.define)\ndeclare const __LUMIA_TSS_URL__: string;\ndeclare const __LUMIA_BUNDLER_URL__: string;\ndeclare const __LUMIA_SHARE_VAULT_URL__: string;\n\n// Service URL provider - will be set by config\nlet tssUrlProvider: (() => string) | undefined;\n\n/**\n * Configure JWT module with service URLs\n * Call this from createLumiaPassportCore (backend usage)\n */\nexport function configureJwtModule(config: {\n tssUrl?: string;\n projectId?: string;\n}) {\n if (config.tssUrl) {\n tssUrlProvider = () => config.tssUrl!;\n }\n // Note: projectId is now handled via addProjectIdToUrl from utils/project-id\n // which reads from window.__LUMIA_PROJECT_ID__ or can be set via setProjectId()\n}\n\n// Build-time default from .env (will be replaced by tsup define)\nconst BUILD_TSS_URL = (typeof __LUMIA_TSS_URL__ !== 'undefined' && __LUMIA_TSS_URL__) || '';\n\nfunction getTssUrl(): string {\n // Priority: runtime config > window.__LUMIA_SERVICES__ > build-time default > hardcoded fallback\n\n // 1. Runtime config (backend usage via configureJwtModule)\n if (tssUrlProvider) {\n return tssUrlProvider();\n }\n\n // 2. Browser runtime config from LumiaPassportProvider (window.__LUMIA_SERVICES__)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n const services = ((globalThis as any).window as any).__LUMIA_SERVICES__;\n if (services?.tssUrl) {\n return services.tssUrl;\n }\n }\n\n // 3. Build-time injected default (from .env during pnpm build)\n if (BUILD_TSS_URL) {\n return BUILD_TSS_URL;\n }\n\n // 4. Hardcoded fallback\n return 'http://localhost:9256';\n}\n\n// addProjectIdToUrl is imported from '../utils/project-id'\n// It automatically reads from window.__LUMIA_PROJECT_ID__ or global setProjectId()\n\n// Types\nexport interface JwtTokens {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n expiresAt: number;\n hasKeyshare?: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n}\n\nexport interface LoginResponse {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n hasKeyshare: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n}\n\nexport interface RefreshResponse {\n accessToken: string;\n refreshToken: string;\n expiresIn: number;\n}\n\nexport interface VerifyResponse {\n valid: boolean;\n userId?: string;\n sessionId?: string;\n exp?: number;\n hasKeyshare?: boolean;\n displayName?: string | null;\n avatar?: string | null;\n}\n\n/**\n * JWT Token Manager\n * Handles token storage, refresh, and validation\n */\nexport class JwtTokenManager {\n private tokens: JwtTokens | null = null;\n private storage: TokenStorage;\n private refreshPromise: Promise<boolean> | null = null; // Mutex for refresh operations\n\n constructor(storage?: TokenStorage) {\n this.storage = storage || new LocalStorageAdapter();\n console.log('[JWT] JwtTokenManager initializing...');\n this.loadTokensFromStorage();\n }\n\n private async loadTokensFromStorage(): Promise<void> {\n try {\n const stored = await this.storage.getItem(TOKEN_STORAGE_KEY);\n console.log('[JWT] Loading tokens from storage:', !!stored);\n\n if (stored) {\n this.tokens = JSON.parse(stored);\n console.log('[JWT] Parsed tokens:', {\n hasAccessToken: !!this.tokens?.accessToken,\n hasRefreshToken: !!this.tokens?.refreshToken,\n userId: this.tokens?.userId,\n expiresAt: this.tokens?.expiresAt,\n currentTime: Date.now(),\n timeToExpiry: this.tokens?.expiresAt ? (this.tokens.expiresAt - Date.now()) / 1000 : 'N/A'\n });\n\n if (this.tokens && this.isTokenExpired()) {\n console.log('[JWT] Access token is expired');\n\n // Check if we have a refresh token to attempt renewal\n if (this.tokens.refreshToken) {\n console.log('[JWT] Refresh token available, will attempt renewal when needed');\n // Keep tokens - they will be refreshed on the first API call via ensureValidToken()\n } else {\n console.log('[JWT] No refresh token available, clearing tokens');\n await this.clearTokens();\n }\n } else {\n console.log('[JWT] Access token is valid, keeping tokens');\n }\n } else {\n console.log('[JWT] No tokens found in storage');\n }\n } catch (error) {\n console.error('[JWT] Error loading tokens from storage:', error);\n await this.clearTokens();\n }\n }\n\n private async saveTokensToStorage(): Promise<void> {\n try {\n if (this.tokens) {\n const tokenString = JSON.stringify(this.tokens);\n console.log('[JWT] Saving to storage with key:', TOKEN_STORAGE_KEY);\n console.log('[JWT] Token data being saved:', {\n hasAccessToken: !!this.tokens.accessToken,\n hasRefreshToken: !!this.tokens.refreshToken,\n userId: this.tokens.userId,\n expiresAt: this.tokens.expiresAt,\n tokenStringLength: tokenString.length\n });\n\n await this.storage.setItem(TOKEN_STORAGE_KEY, tokenString);\n await this.storage.setItem(USER_ID_KEY, this.tokens.userId);\n\n console.log('[JWT] Tokens saved to storage');\n } else {\n console.warn('[JWT] No tokens to save');\n }\n } catch (error) {\n console.error('[JWT] Failed to save tokens to storage:', error);\n }\n }\n\n async setTokens(response: LoginResponse): Promise<void> {\n console.log('[JWT] ✅ setTokens() called - Stack trace:');\n console.trace('[JWT] Set tokens stack trace');\n console.log('[JWT] Setting tokens from response:', {\n hasAccessToken: !!response.accessToken,\n hasRefreshToken: !!response.refreshToken,\n userId: response.userId,\n expiresIn: response.expiresIn\n });\n\n const expiresAt = Date.now() + response.expiresIn * 1000;\n this.tokens = {\n accessToken: response.accessToken,\n refreshToken: response.refreshToken,\n userId: response.userId,\n expiresIn: response.expiresIn,\n expiresAt,\n hasKeyshare: response.hasKeyshare,\n isNewUser: response.isNewUser,\n avatar: response.avatar ?? null,\n displayName: response.displayName ?? null\n };\n\n console.log('[JWT] Tokens object created');\n await this.saveTokensToStorage();\n console.log('[JWT] Tokens saved to storage successfully');\n }\n\n getAccessToken(): string | null {\n if (!this.tokens) return null;\n // Return access token even if expired - ensureValidToken() will handle refresh\n return this.tokens.accessToken;\n }\n\n getRefreshToken(): string | null {\n return this.tokens?.refreshToken || null;\n }\n\n getUserId(): string | null {\n return this.tokens?.userId || null;\n }\n\n getHasKeyshare(): boolean | null {\n return this.tokens?.hasKeyshare ?? null;\n }\n\n getAvatar(): string | null {\n return this.tokens?.avatar || null;\n }\n\n getDisplayName(): string | null {\n return this.tokens?.displayName || null;\n }\n\n getTokens(): JwtTokens | null {\n return this.tokens;\n }\n\n async updateKeyshareStatus(hasKeyshare: boolean): Promise<void> {\n if (this.tokens) {\n this.tokens.hasKeyshare = hasKeyshare;\n await this.saveTokensToStorage();\n }\n }\n\n async updateDisplayName(displayName: string | null): Promise<void> {\n if (this.tokens) {\n this.tokens.displayName = displayName;\n await this.saveTokensToStorage();\n }\n }\n\n isTokenExpired(): boolean {\n if (!this.tokens) {\n console.log('[JWT] No tokens available, considering expired');\n return true;\n }\n\n const buffer = 30 * 1000; // 30 seconds buffer\n const now = Date.now();\n const expiresAt = this.tokens.expiresAt;\n const isExpired = now > (expiresAt - buffer);\n\n console.log('[JWT] Token expiry check:', {\n currentTime: now,\n expiresAt: expiresAt,\n buffer: buffer,\n timeToExpiry: (expiresAt - now) / 1000,\n isExpired: isExpired\n });\n\n return isExpired;\n }\n\n isAuthenticated(): boolean {\n // Consider authenticated if we have either valid access token OR refresh token\n if (!this.tokens) return false;\n\n if (!this.isTokenExpired()) {\n return !!this.tokens.accessToken;\n }\n\n // If access token is expired but we have refresh token, we're still authenticated\n return !!this.tokens.refreshToken;\n }\n\n async clearTokens(): Promise<void> {\n console.log('[JWT] ⚠️ clearTokens() called - Stack trace:');\n console.trace('[JWT] Clear tokens stack trace');\n console.log('[JWT] Clearing tokens from memory and storage');\n\n this.tokens = null;\n await this.storage.removeItem(TOKEN_STORAGE_KEY);\n await this.storage.removeItem(USER_ID_KEY);\n }\n\n async refreshAccessToken(): Promise<boolean> {\n // If refresh is already in progress, wait for it to complete\n if (this.refreshPromise) {\n console.log('[JWT] Refresh already in progress, waiting for existing operation...');\n return this.refreshPromise;\n }\n\n const refreshToken = this.getRefreshToken();\n if (!refreshToken) {\n console.warn('[JWT] No refresh token available for refresh');\n return false;\n }\n\n console.log('[JWT] Starting new token refresh operation...');\n\n // Create and store the refresh promise (mutex pattern)\n this.refreshPromise = (async () => {\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/refresh`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ refreshToken })\n });\n\n if (!response.ok) {\n console.log('[JWT] Token refresh failed with status:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] Refresh 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Refresh token session not found, clearing tokens');\n await this.clearTokens();\n return false;\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid refresh token, clearing tokens');\n await this.clearTokens();\n return false;\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse refresh 401 error response:', parseError);\n await this.clearTokens();\n return false;\n }\n } else {\n console.log('[JWT] Non-401 error during refresh, keeping tokens (might be network error)');\n return false;\n }\n }\n\n const refreshResponse = await response.json() as RefreshResponse;\n console.log('[JWT] Token refresh successful, new expiry in:', refreshResponse.expiresIn, 'seconds');\n\n if (this.tokens) {\n // Update both access and refresh tokens (token rotation)\n this.tokens.accessToken = refreshResponse.accessToken;\n this.tokens.refreshToken = refreshResponse.refreshToken;\n this.tokens.expiresIn = refreshResponse.expiresIn;\n this.tokens.expiresAt = Date.now() + refreshResponse.expiresIn * 1000;\n await this.saveTokensToStorage();\n console.log('[JWT] Refreshed tokens saved to storage');\n return true;\n }\n\n console.error('[JWT] No existing tokens to update');\n return false;\n } catch (error) {\n console.error('[JWT] Token refresh network error:', error);\n // Don't clear tokens on network errors - might be temporary\n return false;\n } finally {\n // Clear the mutex when operation completes (success or failure)\n this.refreshPromise = null;\n console.log('[JWT] Refresh operation completed, mutex cleared');\n }\n })();\n\n return this.refreshPromise;\n }\n\n getAuthHeader(): string | null {\n const token = this.getAccessToken();\n return token ? `Bearer ${token}` : null;\n }\n}\n\n// Default instance with LocalStorage\nexport const jwtTokenManager = new JwtTokenManager();\n\n/**\n * Create a custom JWT token manager with specific storage\n */\nexport function createJwtTokenManager(storage: TokenStorage): JwtTokenManager {\n return new JwtTokenManager(storage);\n}\n\n// Authentication functions\n\nexport async function logout(manager: JwtTokenManager = jwtTokenManager): Promise<void> {\n try {\n const authHeader = manager.getAuthHeader();\n if (authHeader) {\n await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/logout`), {\n method: 'POST',\n headers: {\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n });\n }\n } catch (error) {\n console.error('[JWT] Logout error:', error);\n } finally {\n await manager.clearTokens();\n }\n}\n\nexport async function verifyToken(manager: JwtTokenManager = jwtTokenManager): Promise<VerifyResponse | null> {\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n console.log('[JWT] No auth header available for verification');\n return { valid: false };\n }\n\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/verify`), {\n method: 'GET',\n headers: { Authorization: authHeader }\n });\n\n if (!response.ok) {\n console.log('[JWT] Token verification failed:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'TOKEN_EXPIRED':\n console.log('[JWT] Access token expired, attempting refresh...');\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n console.log('[JWT] Token refreshed successfully, retrying verification');\n return await verifyToken(manager);\n } else {\n console.log('[JWT] Token refresh failed, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Session not found or revoked, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid token, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse 401 error response:', parseError);\n await manager.clearTokens();\n return { valid: false };\n }\n } else {\n console.log('[JWT] Non-401 error during verification, keeping tokens');\n return { valid: false };\n }\n }\n\n const verifyResponse = await response.json() as VerifyResponse;\n console.log('[JWT] Token verification successful:', verifyResponse);\n\n if (verifyResponse.valid) {\n if (typeof verifyResponse.hasKeyshare === 'boolean') {\n await manager.updateKeyshareStatus(verifyResponse.hasKeyshare);\n }\n // Update displayName and avatar if present\n if (manager.getTokens()) {\n if (verifyResponse.displayName !== undefined) {\n await manager.updateDisplayName(verifyResponse.displayName);\n }\n // Avatar update would need similar method\n }\n }\n\n return verifyResponse;\n } catch (error) {\n console.error('[JWT] Token verification network error:', error);\n return { valid: false };\n }\n}\n\nexport async function ensureValidToken(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n console.log('[JWT] ensureValidToken() called - Stack trace:');\n console.trace('[JWT] ensureValidToken stack trace');\n console.log('[JWT] Checking token validity...');\n\n // Check if current access token is valid (not expired)\n if (manager.isAuthenticated() && !manager.isTokenExpired()) {\n console.log('[JWT] Access token is valid');\n return true;\n }\n\n console.log('[JWT] Access token expired or missing, attempting refresh...');\n\n // Try to refresh using refresh token\n const refreshToken = manager.getRefreshToken();\n if (refreshToken) {\n console.log('[JWT] Refresh token available, attempting to refresh access token');\n const refreshSuccess = await manager.refreshAccessToken();\n console.log('[JWT] Refresh attempt result:', refreshSuccess);\n return refreshSuccess;\n }\n\n console.log('[JWT] No refresh token available, user needs to re-authenticate');\n return false;\n}\n\nexport async function authenticatedFetch(\n url: string,\n options: RequestInit = {},\n manager: JwtTokenManager = jwtTokenManager\n): Promise<Response> {\n const hasValidToken = await ensureValidToken(manager);\n if (!hasValidToken) {\n throw new Error('No valid authentication token available');\n }\n\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n throw new Error('Failed to get authentication header');\n }\n\n const urlWithProjectId = addProjectIdToUrl(url);\n const requestOptions: RequestInit = {\n ...options,\n headers: {\n ...options.headers,\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n };\n\n const response = await fetch(urlWithProjectId, requestOptions);\n\n // Handle 401 by attempting token refresh\n if (response.status === 401) {\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n const newAuthHeader = manager.getAuthHeader();\n if (newAuthHeader) {\n requestOptions.headers = {\n ...requestOptions.headers,\n Authorization: newAuthHeader\n };\n return fetch(urlWithProjectId, requestOptions);\n }\n }\n }\n\n return response;\n}\n\n// Login functions (non-passkey)\n\nexport async function loginWithUserId(userId: string): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ userId })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Login failed');\n throw new Error(`Login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n await jwtTokenManager.setTokens(loginResponse);\n return loginResponse;\n}\n\nexport async function loginWithEmail(email: string, code: string): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/email/verify-code`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ email, code })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Email verification failed');\n throw new Error(`Email verification failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n await jwtTokenManager.setTokens(loginResponse);\n return loginResponse;\n}\n\nexport async function loginWithTelegram(telegramData: {\n id: number;\n first_name: string;\n last_name?: string;\n username?: string;\n photo_url?: string;\n auth_date: number;\n hash: string;\n}): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/telegram/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(telegramData)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Telegram login failed');\n throw new Error(`Telegram login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n await jwtTokenManager.setTokens(loginResponse);\n return loginResponse;\n}\n\nexport async function syncKeyshareStatus(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n try {\n const verification = await verifyToken(manager);\n if (verification?.valid && typeof verification.hasKeyshare === 'boolean') {\n return verification.hasKeyshare;\n }\n return false;\n } catch {\n return false;\n }\n}\n"]}
1
+ {"version":3,"sources":["../../src/auth/base64url.ts","../../src/auth/storage.ts","../../src/utils/project-id.ts","../../src/auth/jwt.ts"],"names":[],"mappings":";;;AAUO,SAAS,uBAAuB,MAAA,EAA6B;AAClE,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,IAAA,CAAK,MAAM,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,KAAA,EAAO,GAAG,CAAA,CAAE,OAAA,CAAQ,QAAQ,EAAE,CAAA;AAChF;AAOO,SAAS,sBAAsB,SAAA,EAA+B;AACnE,EAAA,MAAM,MAAA,GAAS,UAAU,OAAA,CAAQ,IAAA,EAAM,GAAG,CAAA,CAAE,OAAA,CAAQ,MAAM,GAAG,CAAA;AAC7D,EAAA,MAAM,MAAM,MAAA,CAAO,MAAA,GAAS,IAAI,CAAA,GAAK,MAAA,CAAO,SAAS,CAAA,GAAK,CAAA;AAC1D,EAAA,MAAM,MAAA,GAAS,MAAA,GAAS,GAAA,CAAI,MAAA,CAAO,GAAG,CAAA;AACtC,EAAA,MAAM,MAAA,GAAS,KAAK,MAAM,CAAA;AAC1B,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAA,CAAO,MAAM,CAAA;AAC1C,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,MAAA,CAAO,QAAQ,CAAA,EAAA,EAAK;AACtC,IAAA,KAAA,CAAM,CAAC,CAAA,GAAI,MAAA,CAAO,UAAA,CAAW,CAAC,CAAA;AAAA,EAChC;AACA,EAAA,OAAO,KAAA;AACT;AAOO,SAAS,oBAAoB,MAAA,EAA6B;AAC/D,EAAA,MAAM,KAAA,GAAQ,IAAI,UAAA,CAAW,MAAM,CAAA;AACnC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,KAAA,IAAS,CAAA,GAAI,CAAA,EAAG,CAAA,GAAI,KAAA,CAAM,YAAY,CAAA,EAAA,EAAK;AACzC,IAAA,MAAA,IAAU,MAAA,CAAO,YAAA,CAAa,KAAA,CAAM,CAAC,CAAC,CAAA;AAAA,EACxC;AACA,EAAA,OAAO,KAAK,MAAM,CAAA;AACpB;;;ACbO,IAAM,gBAAN,MAA4C;AAAA,EACzC,OAAA,uBAAc,GAAA,EAAoB;AAAA,EAE1C,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAO,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAG,CAAA,IAAK,IAAA;AAAA,EAClC;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,IAAA,CAAK,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AAAA,EAC7B;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAA,CAAK,OAAA,CAAQ,OAAO,GAAG,CAAA;AAAA,EACzB;AAAA;AAAA;AAAA;AAAA,EAKA,KAAA,GAAc;AACZ,IAAA,IAAA,CAAK,QAAQ,KAAA,EAAM;AAAA,EACrB;AAAA;AAAA;AAAA;AAAA,EAKA,IAAA,GAAiB;AACf,IAAA,OAAO,KAAA,CAAM,IAAA,CAAK,IAAA,CAAK,OAAA,CAAQ,MAAM,CAAA;AAAA,EACvC;AAAA;AAAA;AAAA;AAAA,EAKA,IAAI,IAAA,GAAe;AACjB,IAAA,OAAO,KAAK,OAAA,CAAQ,IAAA;AAAA,EACtB;AACF;AAMO,IAAM,sBAAN,MAAkD;AAAA,EAC/C,QAAA,GAAiC,IAAA;AAAA,EAEzC,WAAA,GAAc;AAEZ,IAAA,IAAI,CAAC,IAAA,CAAK,uBAAA,EAAwB,EAAG;AACnC,MAAA,OAAA,CAAQ,KAAK,sEAAsE,CAAA;AACnF,MAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAAA,IACpC;AAAA,EACF;AAAA,EAEQ,uBAAA,GAAmC;AACzC,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,OAAA,GAAU,GAAA,GAAM,GAAA,CAAI,YAAA,GAAe,KAAA,CAAA;AACzC,MAAA,IAAI,CAAC,OAAA,EAAS;AACZ,QAAA,OAAO,KAAA;AAAA,MACT;AAEA,MAAA,MAAM,OAAA,GAAU,wBAAA;AAChB,MAAA,OAAA,CAAQ,OAAA,CAAQ,SAAS,MAAM,CAAA;AAC/B,MAAA,OAAA,CAAQ,WAAW,OAAO,CAAA;AAC1B,MAAA,OAAO,IAAA;AAAA,IACT,CAAA,CAAA,MAAQ;AACN,MAAA,OAAO,KAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,QAAQ,GAAA,EAA4B;AAClC,IAAA,OAAA,CAAQ,GAAA,CAAI,qCAAqC,GAAG,CAAA;AACpD,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,MAAA,OAAO,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAG,CAAA;AAAA,IAClC;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,MAAM,KAAA,GAAQ,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA,IAAK,IAAA;AACjD,MAAA,OAAA,CAAQ,IAAI,mCAAA,EAAqC;AAAA,QAC/C,GAAA;AAAA,QACA,QAAA,EAAU,CAAC,CAAC,KAAA;AAAA,QACZ,aAAa,KAAA,EAAO,MAAA;AAAA,QACpB,OAAA,EAAS,KAAK,YAAA,GAAe,MAAA,CAAO,KAAK,GAAA,CAAI,YAAY,IAAI;AAAC,OAC/D,CAAA;AACD,MAAA,OAAO,KAAA;AAAA,IACT,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,8CAA8C,KAAK,CAAA;AACjE,MAAA,OAAO,IAAA;AAAA,IACT;AAAA,EACF;AAAA,EAEA,OAAA,CAAQ,KAAa,KAAA,EAAqB;AACxC,IAAA,OAAA,CAAQ,IAAI,2BAAA,EAA6B,EAAE,KAAK,WAAA,EAAa,KAAA,CAAM,QAAQ,CAAA;AAC3E,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,MAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAChC,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACrC,MAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAG1D,MAAA,MAAM,YAAA,GAAe,GAAA,EAAK,YAAA,EAAc,OAAA,CAAQ,GAAG,CAAA;AACnD,MAAA,IAAI,CAAC,YAAA,EAAc;AACjB,QAAA,OAAA,CAAQ,MAAM,0EAAgE,CAAA;AAAA,MAChF,CAAA,MAAA,IAAW,iBAAiB,KAAA,EAAO;AACjC,QAAA,OAAA,CAAQ,MAAM,yEAA+D,CAAA;AAAA,MAC/E,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,8CAAyC,CAAA;AAAA,MACvD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAE/D,MAAA,IAAI,CAAC,KAAK,QAAA,EAAU;AAClB,QAAA,IAAA,CAAK,QAAA,GAAW,IAAI,aAAA,EAAc;AAClC,QAAA,IAAA,CAAK,QAAA,CAAS,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AAAA,MAClC;AAAA,IACF;AAAA,EACF;AAAA,EAEA,WAAW,GAAA,EAAmB;AAC5B,IAAA,IAAI,KAAK,QAAA,EAAU;AACjB,MAAA,IAAA,CAAK,QAAA,CAAS,WAAW,GAAG,CAAA;AAC5B,MAAA;AAAA,IACF;AACA,IAAA,IAAI;AAEF,MAAA,MAAM,GAAA,GAAM,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA;AACrE,MAAA,GAAA,EAAK,YAAA,EAAc,WAAW,GAAG,CAAA;AAAA,IACnC,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,+CAA+C,KAAK,CAAA;AAAA,IACpE;AAAA,EACF;AACF;AAWA,eAAsB,UAAA,CACpB,SACA,GAAA,EACwB;AACxB,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAG,CAAA;AAClC,EAAA,OAAO,MAAA,YAAkB,OAAA,GAAU,MAAM,MAAA,GAAS,MAAA;AACpD;AAKA,eAAsB,UAAA,CACpB,OAAA,EACA,GAAA,EACA,KAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,OAAA,CAAQ,GAAA,EAAK,KAAK,CAAA;AACzC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;AAKA,eAAsB,aAAA,CACpB,SACA,GAAA,EACe;AACf,EAAA,MAAM,MAAA,GAAS,OAAA,CAAQ,UAAA,CAAW,GAAG,CAAA;AACrC,EAAA,IAAI,kBAAkB,OAAA,EAAS;AAC7B,IAAA,MAAM,MAAA;AAAA,EACR;AACF;ACtMO,SAAS,YAAA,GAAmC;AAOjD,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,OAAS,WAAmB,MAAA,CAAe,oBAAA;AAAA,EAC7C;AAEA,EAAA,OAAO,MAAA;AACT;AAOO,SAAS,iBAAA,CAAkB,KAAa,SAAA,EAA4B;AACzE,EAAA,IAAI;AACF,IAAA,MAAM,GAAA,GAAM,aAAa,YAAA,EAAa;AACtC,IAAA,IAAI,GAAA,EAAK;AACP,MAAA,MAAM,SAAA,GAAY,GAAA,CAAI,QAAA,CAAS,GAAG,IAAI,GAAA,GAAM,GAAA;AAC5C,MAAA,OAAO,GAAG,GAAG,CAAA,EAAG,SAAS,CAAA,UAAA,EAAa,kBAAA,CAAmB,GAAG,CAAC,CAAA,CAAA;AAAA,IAC/D;AAAA,EACF,SAAS,KAAA,EAAO;AAAA,EAEhB;AACA,EAAA,OAAO,GAAA;AACT;;;ACtCA,IAAM,iBAAA,GAAoB,2BAAA;AAC1B,IAAM,WAAA,GAAc,gCAAA;AAQpB,IAAI,cAAA;AAMG,SAAS,mBAAmB,MAAA,EAGhC;AACD,EAAA,IAAI,OAAO,MAAA,EAAQ;AACjB,IAAA,cAAA,GAAiB,MAAM,MAAA,CAAO,MAAA;AAAA,EAChC;AAGF;AAGA,IAAM,aAAA,GAA6D,mCAAA;AAEnE,SAAS,SAAA,GAAoB;AAI3B,EAAA,IAAI,cAAA,EAAgB;AAClB,IAAA,OAAO,cAAA,EAAe;AAAA,EACxB;AAGA,EAAA,IAAI,OAAO,UAAA,KAAe,WAAA,IAAgB,UAAA,CAAmB,MAAA,EAAQ;AACnE,IAAA,MAAM,QAAA,GAAa,WAAmB,MAAA,CAAe,kBAAA;AACrD,IAAA,IAAI,UAAU,MAAA,EAAQ;AACpB,MAAA,OAAO,QAAA,CAAS,MAAA;AAAA,IAClB;AAAA,EACF;AAGA,EAAmB;AACjB,IAAA,OAAO,aAAA;AAAA,EACT;AAIF;AAmDO,IAAM,kBAAN,MAAsB;AAAA,EACnB,MAAA,GAA2B,IAAA;AAAA,EAC3B,OAAA;AAAA,EACA,cAAA,GAA0C,IAAA;AAAA;AAAA,EAElD,YAAY,OAAA,EAAwB;AAClC,IAAA,IAAA,CAAK,OAAA,GAAU,OAAA,IAAW,IAAI,mBAAA,EAAoB;AAClD,IAAA,OAAA,CAAQ,IAAI,uCAAuC,CAAA;AACnD,IAAA,IAAA,CAAK,qBAAA,EAAsB;AAAA,EAC7B;AAAA,EAEA,MAAc,qBAAA,GAAuC;AACnD,IAAA,IAAI;AACF,MAAA,MAAM,MAAA,GAAS,MAAM,IAAA,CAAK,OAAA,CAAQ,QAAQ,iBAAiB,CAAA;AAC3D,MAAA,OAAA,CAAQ,GAAA,CAAI,oCAAA,EAAsC,CAAC,CAAC,MAAM,CAAA;AAE1D,MAAA,IAAI,MAAA,EAAQ;AACV,QAAA,IAAA,CAAK,MAAA,GAAS,IAAA,CAAK,KAAA,CAAM,MAAM,CAAA;AAC/B,QAAA,OAAA,CAAQ,IAAI,sBAAA,EAAwB;AAAA,UAClC,cAAA,EAAgB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,WAAA;AAAA,UAC/B,eAAA,EAAiB,CAAC,CAAC,IAAA,CAAK,MAAA,EAAQ,YAAA;AAAA,UAChC,MAAA,EAAQ,KAAK,MAAA,EAAQ,MAAA;AAAA,UACrB,SAAA,EAAW,KAAK,MAAA,EAAQ,SAAA;AAAA,UACxB,WAAA,EAAa,KAAK,GAAA,EAAI;AAAA,UACtB,YAAA,EAAc,IAAA,CAAK,MAAA,EAAQ,SAAA,GAAA,CAAa,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,IAAK,GAAA,GAAO;AAAA,SACtF,CAAA;AAED,QAAA,IAAI,IAAA,CAAK,MAAA,IAAU,IAAA,CAAK,cAAA,EAAe,EAAG;AACxC,UAAA,OAAA,CAAQ,IAAI,+BAA+B,CAAA;AAG3C,UAAA,IAAI,IAAA,CAAK,OAAO,YAAA,EAAc;AAC5B,YAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAAA,UAE/E,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,YAAA,MAAM,KAAK,WAAA,EAAY;AAAA,UACzB;AAAA,QACF,CAAA,MAAO;AACL,UAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AAAA,QAC3D;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,kCAAkC,CAAA;AAAA,MAChD;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,4CAA4C,KAAK,CAAA;AAC/D,MAAA,MAAM,KAAK,WAAA,EAAY;AAAA,IACzB;AAAA,EACF;AAAA,EAEA,MAAc,mBAAA,GAAqC;AACjD,IAAA,IAAI;AACF,MAAA,IAAI,KAAK,MAAA,EAAQ;AACf,QAAA,MAAM,WAAA,GAAc,IAAA,CAAK,SAAA,CAAU,IAAA,CAAK,MAAM,CAAA;AAC9C,QAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,OAAA,CAAQ,iBAAA,EAAmB,WAAW,CAAA;AACzD,QAAA,MAAM,KAAK,OAAA,CAAQ,OAAA,CAAQ,WAAA,EAAa,IAAA,CAAK,OAAO,MAAM,CAAA;AAAA,MAC5D;AAAA,IACF,SAAS,KAAA,EAAO;AACd,MAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAAA,IAChE;AAAA,EACF;AAAA,EAEA,MAAM,UAAU,QAAA,EAAwC;AACtD,IAAA,MAAM,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,SAAS,SAAA,GAAY,GAAA;AACpD,IAAA,IAAA,CAAK,MAAA,GAAS;AAAA,MACZ,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,cAAc,QAAA,CAAS,YAAA;AAAA,MACvB,QAAQ,QAAA,CAAS,MAAA;AAAA,MACjB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,SAAA;AAAA,MACA,aAAa,QAAA,CAAS,WAAA;AAAA,MACtB,WAAW,QAAA,CAAS,SAAA;AAAA,MACpB,MAAA,EAAQ,SAAS,MAAA,IAAU,IAAA;AAAA,MAC3B,WAAA,EAAa,SAAS,WAAA,IAAe,IAAA;AAAA,MACrC,SAAA,EAAW,QAAA,CAAS,SAAA,IAAa;AAAC,KACpC;AAEA,IAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,EACjC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,IAAA;AAEzB,IAAA,OAAO,KAAK,MAAA,CAAO,WAAA;AAAA,EACrB;AAAA,EAEA,eAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,YAAA,IAAgB,IAAA;AAAA,EACtC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAiC;AAC/B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,SAAA,GAA2B;AACzB,IAAA,OAAO,IAAA,CAAK,QAAQ,MAAA,IAAU,IAAA;AAAA,EAChC;AAAA,EAEA,cAAA,GAAgC;AAC9B,IAAA,OAAO,IAAA,CAAK,QAAQ,WAAA,IAAe,IAAA;AAAA,EACrC;AAAA,EAEA,YAAA,GAAyB;AACvB,IAAA,OAAO,IAAA,CAAK,MAAA,EAAQ,SAAA,IAAa,EAAC;AAAA,EACpC;AAAA,EAEA,SAAA,GAA8B;AAC5B,IAAA,OAAO,IAAA,CAAK,MAAA;AAAA,EACd;AAAA,EAEA,MAAM,qBAAqB,WAAA,EAAqC;AAC9D,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,MAAM,kBAAkB,WAAA,EAA2C;AACjE,IAAA,IAAI,KAAK,MAAA,EAAQ;AACf,MAAA,IAAA,CAAK,OAAO,WAAA,GAAc,WAAA;AAC1B,MAAA,MAAM,KAAK,mBAAA,EAAoB;AAAA,IACjC;AAAA,EACF;AAAA,EAEA,cAAA,GAA0B;AACxB,IAAA,IAAI,CAAC,KAAK,MAAA,EAAQ;AAChB,MAAA,OAAA,CAAQ,IAAI,gDAAgD,CAAA;AAC5D,MAAA,OAAO,IAAA;AAAA,IACT;AAEA,IAAA,MAAM,SAAS,EAAA,GAAK,GAAA;AACpB,IAAA,MAAM,GAAA,GAAM,KAAK,GAAA,EAAI;AACrB,IAAA,MAAM,SAAA,GAAY,KAAK,MAAA,CAAO,SAAA;AAC9B,IAAA,MAAM,SAAA,GAAY,MAAO,SAAA,GAAY,MAAA;AAErC,IAAA,OAAA,CAAQ,IAAI,2BAAA,EAA6B;AAAA,MACvC,WAAA,EAAa,GAAA;AAAA,MACb,SAAA;AAAA,MACA,MAAA;AAAA,MACA,YAAA,EAAA,CAAe,YAAY,GAAA,IAAO,GAAA;AAAA,MAClC;AAAA,KACD,CAAA;AAED,IAAA,OAAO,SAAA;AAAA,EACT;AAAA,EAEA,eAAA,GAA2B;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,MAAA,EAAQ,OAAO,KAAA;AAEzB,IAAA,IAAI,CAAC,IAAA,CAAK,cAAA,EAAe,EAAG;AAC1B,MAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,WAAA;AAAA,IACvB;AAGA,IAAA,OAAO,CAAC,CAAC,IAAA,CAAK,MAAA,CAAO,YAAA;AAAA,EACvB;AAAA,EAEA,MAAM,WAAA,GAA6B;AACjC,IAAA,IAAA,CAAK,MAAA,GAAS,IAAA;AACd,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,iBAAiB,CAAA;AAC/C,IAAA,MAAM,IAAA,CAAK,OAAA,CAAQ,UAAA,CAAW,WAAW,CAAA;AAAA,EAC3C;AAAA,EAEA,MAAM,kBAAA,GAAuC;AAE3C,IAAA,IAAI,KAAK,cAAA,EAAgB;AACvB,MAAA,OAAA,CAAQ,IAAI,sEAAsE,CAAA;AAClF,MAAA,OAAO,IAAA,CAAK,cAAA;AAAA,IACd;AAEA,IAAA,MAAM,YAAA,GAAe,KAAK,eAAA,EAAgB;AAC1C,IAAA,IAAI,CAAC,YAAA,EAAc;AACjB,MAAA,OAAA,CAAQ,KAAK,8CAA8C,CAAA;AAC3D,MAAA,OAAO,KAAA;AAAA,IACT;AAEA,IAAA,OAAA,CAAQ,IAAI,+CAA+C,CAAA;AAG3D,IAAA,IAAA,CAAK,kBAAkB,YAAY;AACjC,MAAA,IAAI;AACF,QAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,mBAAmB,CAAA,EAAG;AAAA,UACjF,MAAA,EAAQ,MAAA;AAAA,UACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,UAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,cAAc;AAAA,SACtC,CAAA;AAED,QAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,UAAA,OAAA,CAAQ,GAAA,CAAI,yCAAA,EAA2C,QAAA,CAAS,MAAM,CAAA;AAEtE,UAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,YAAA,IAAI;AACF,cAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,cAAA,OAAA,CAAQ,GAAA,CAAI,oCAAoC,SAAS,CAAA;AAGzD,cAAA,QAAQ,UAAU,UAAA;AAAY,gBAC5B,KAAK,mBAAA;AACH,kBAAA,OAAA,CAAQ,IAAI,wDAAwD,CAAA;AACpE,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA,gBAET,KAAK,eAAA;AAAA,gBACL;AACE,kBAAA,OAAA,CAAQ,IAAI,8CAA8C,CAAA;AAC1D,kBAAA,MAAM,KAAK,WAAA,EAAY;AACvB,kBAAA,OAAO,KAAA;AAAA;AACX,YACF,SAAS,UAAA,EAAY;AACnB,cAAA,OAAA,CAAQ,IAAA,CAAK,qDAAqD,UAAU,CAAA;AAC5E,cAAA,MAAM,KAAK,WAAA,EAAY;AACvB,cAAA,OAAO,KAAA;AAAA,YACT;AAAA,UACF,CAAA,MAAO;AACL,YAAA,OAAA,CAAQ,IAAI,6EAA6E,CAAA;AACzF,YAAA,OAAO,KAAA;AAAA,UACT;AAAA,QACF;AAEA,QAAA,MAAM,eAAA,GAAkB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC5C,QAAA,OAAA,CAAQ,GAAA,CAAI,gDAAA,EAAkD,eAAA,CAAgB,SAAA,EAAW,SAAS,CAAA;AAElG,QAAA,IAAI,KAAK,MAAA,EAAQ;AAEf,UAAA,IAAA,CAAK,MAAA,CAAO,cAAc,eAAA,CAAgB,WAAA;AAC1C,UAAA,IAAA,CAAK,MAAA,CAAO,eAAe,eAAA,CAAgB,YAAA;AAC3C,UAAA,IAAA,CAAK,MAAA,CAAO,YAAY,eAAA,CAAgB,SAAA;AACxC,UAAA,IAAA,CAAK,OAAO,SAAA,GAAY,IAAA,CAAK,GAAA,EAAI,GAAI,gBAAgB,SAAA,GAAY,GAAA;AACjE,UAAA,MAAM,KAAK,mBAAA,EAAoB;AAC/B,UAAA,OAAA,CAAQ,IAAI,yCAAyC,CAAA;AACrD,UAAA,OAAO,IAAA;AAAA,QACT;AAEA,QAAA,OAAA,CAAQ,MAAM,oCAAoC,CAAA;AAClD,QAAA,OAAO,KAAA;AAAA,MACT,SAAS,KAAA,EAAO;AACd,QAAA,OAAA,CAAQ,KAAA,CAAM,sCAAsC,KAAK,CAAA;AAEzD,QAAA,OAAO,KAAA;AAAA,MACT,CAAA,SAAE;AAEA,QAAA,IAAA,CAAK,cAAA,GAAiB,IAAA;AACtB,QAAA,OAAA,CAAQ,IAAI,kDAAkD,CAAA;AAAA,MAChE;AAAA,IACF,CAAA,GAAG;AAEH,IAAA,OAAO,IAAA,CAAK,cAAA;AAAA,EACd;AAAA,EAEA,aAAA,GAA+B;AAC7B,IAAA,MAAM,KAAA,GAAQ,KAAK,cAAA,EAAe;AAClC,IAAA,OAAO,KAAA,GAAQ,CAAA,OAAA,EAAU,KAAK,CAAA,CAAA,GAAK,IAAA;AAAA,EACrC;AACF;AAGO,IAAM,eAAA,GAAkB,IAAI,eAAA;AAK5B,SAAS,sBAAsB,OAAA,EAAwC;AAC5E,EAAA,OAAO,IAAI,gBAAgB,OAAO,CAAA;AACpC;AAIA,eAAsB,MAAA,CAAO,UAA2B,eAAA,EAAgC;AACtF,EAAA,IAAI;AACF,IAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,IAAA,IAAI,UAAA,EAAY;AACd,MAAA,MAAM,MAAM,iBAAA,CAAkB,CAAA,EAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,QAC/D,MAAA,EAAQ,MAAA;AAAA,QACR,OAAA,EAAS;AAAA,UACP,aAAA,EAAe,UAAA;AAAA,UACf,cAAA,EAAgB;AAAA;AAClB,OACD,CAAA;AAAA,IACH;AAAA,EACF,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,uBAAuB,KAAK,CAAA;AAAA,EAC5C,CAAA,SAAE;AACA,IAAA,MAAM,QAAQ,WAAA,EAAY;AAAA,EAC5B;AACF;AAEA,eAAsB,WAAA,CAAY,UAA2B,eAAA,EAAiD;AAC5G,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,OAAA,CAAQ,IAAI,iDAAiD,CAAA;AAC7D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,kBAAkB,CAAA,EAAG;AAAA,MAChF,MAAA,EAAQ,KAAA;AAAA,MACR,OAAA,EAAS,EAAE,aAAA,EAAe,UAAA;AAAW,KACtC,CAAA;AAED,IAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,MAAA,OAAA,CAAQ,GAAA,CAAI,kCAAA,EAAoC,QAAA,CAAS,MAAM,CAAA;AAE/D,MAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,QAAA,IAAI;AACF,UAAA,MAAM,SAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,UAAA,OAAA,CAAQ,GAAA,CAAI,4BAA4B,SAAS,CAAA;AAGjD,UAAA,QAAQ,UAAU,UAAA;AAAY,YAC5B,KAAK,eAAA;AACH,cAAA,OAAA,CAAQ,IAAI,mDAAmD,CAAA;AAC/D,cAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,cAAA,IAAI,cAAA,EAAgB;AAClB,gBAAA,OAAA,CAAQ,IAAI,2DAA2D,CAAA;AACvE,gBAAA,OAAO,MAAM,YAAY,OAAO,CAAA;AAAA,cAClC,CAAA,MAAO;AACL,gBAAA,OAAA,CAAQ,IAAI,6CAA6C,CAAA;AACzD,gBAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,gBAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,cACxB;AAAA,YAEF,KAAK,mBAAA;AACH,cAAA,OAAA,CAAQ,IAAI,qDAAqD,CAAA;AACjE,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,YAExB,KAAK,eAAA;AAAA,YACL;AACE,cAAA,OAAA,CAAQ,IAAI,sCAAsC,CAAA;AAClD,cAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,cAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA;AAC1B,QACF,SAAS,UAAA,EAAY;AACnB,UAAA,OAAA,CAAQ,IAAA,CAAK,6CAA6C,UAAU,CAAA;AACpE,UAAA,MAAM,QAAQ,WAAA,EAAY;AAC1B,UAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,QACxB;AAAA,MACF,CAAA,MAAO;AACL,QAAA,OAAA,CAAQ,IAAI,yDAAyD,CAAA;AACrE,QAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,MACxB;AAAA,IACF;AAEA,IAAA,MAAM,cAAA,GAAiB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC3C,IAAA,OAAA,CAAQ,GAAA,CAAI,wCAAwC,cAAc,CAAA;AAElE,IAAA,IAAI,eAAe,KAAA,EAAO;AACxB,MAAA,IAAI,OAAO,cAAA,CAAe,WAAA,KAAgB,SAAA,EAAW;AACnD,QAAA,MAAM,OAAA,CAAQ,oBAAA,CAAqB,cAAA,CAAe,WAAW,CAAA;AAAA,MAC/D;AAEA,MAAA,IAAI,OAAA,CAAQ,WAAU,EAAG;AACvB,QAAA,IAAI,cAAA,CAAe,gBAAgB,KAAA,CAAA,EAAW;AAC5C,UAAA,MAAM,OAAA,CAAQ,iBAAA,CAAkB,cAAA,CAAe,WAAW,CAAA;AAAA,QAC5D;AAAA,MAEF;AAAA,IACF;AAEA,IAAA,OAAO,cAAA;AAAA,EACT,SAAS,KAAA,EAAO;AACd,IAAA,OAAA,CAAQ,KAAA,CAAM,2CAA2C,KAAK,CAAA;AAC9D,IAAA,OAAO,EAAE,OAAO,KAAA,EAAM;AAAA,EACxB;AACF;AAEA,eAAsB,gBAAA,CAAiB,UAA2B,eAAA,EAAmC;AAEnG,EAAA,IAAI,QAAQ,eAAA,EAAgB,IAAK,CAAC,OAAA,CAAQ,gBAAe,EAAG;AAC1D,IAAA,OAAO,IAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,8DAA8D,CAAA;AAG1E,EAAA,MAAM,YAAA,GAAe,QAAQ,eAAA,EAAgB;AAC7C,EAAA,IAAI,YAAA,EAAc;AAChB,IAAA,OAAA,CAAQ,IAAI,mEAAmE,CAAA;AAC/E,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,OAAA,CAAQ,GAAA,CAAI,iCAAiC,cAAc,CAAA;AAC3D,IAAA,OAAO,cAAA;AAAA,EACT;AAEA,EAAA,OAAA,CAAQ,IAAI,iEAAiE,CAAA;AAC7E,EAAA,OAAO,KAAA;AACT;AAEA,eAAsB,mBACpB,GAAA,EACA,OAAA,GAAuB,EAAC,EACxB,UAA2B,eAAA,EACR;AACnB,EAAA,MAAM,aAAA,GAAgB,MAAM,gBAAA,CAAiB,OAAO,CAAA;AACpD,EAAA,IAAI,CAAC,aAAA,EAAe;AAClB,IAAA,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAAA,EAC3D;AAEA,EAAA,MAAM,UAAA,GAAa,QAAQ,aAAA,EAAc;AACzC,EAAA,IAAI,CAAC,UAAA,EAAY;AACf,IAAA,MAAM,IAAI,MAAM,qCAAqC,CAAA;AAAA,EACvD;AAEA,EAAA,MAAM,gBAAA,GAAmB,kBAAkB,GAAG,CAAA;AAC9C,EAAA,MAAM,cAAA,GAA8B;AAAA,IAClC,GAAG,OAAA;AAAA,IACH,OAAA,EAAS;AAAA,MACP,GAAG,OAAA,CAAQ,OAAA;AAAA,MACX,aAAA,EAAe,UAAA;AAAA,MACf,cAAA,EAAgB;AAAA;AAClB,GACF;AAEA,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,gBAAA,EAAkB,cAAc,CAAA;AAG7D,EAAA,IAAI,QAAA,CAAS,WAAW,GAAA,EAAK;AAC3B,IAAA,MAAM,cAAA,GAAiB,MAAM,OAAA,CAAQ,kBAAA,EAAmB;AACxD,IAAA,IAAI,cAAA,EAAgB;AAClB,MAAA,MAAM,aAAA,GAAgB,QAAQ,aAAA,EAAc;AAC5C,MAAA,IAAI,aAAA,EAAe;AACjB,QAAA,cAAA,CAAe,OAAA,GAAU;AAAA,UACvB,GAAG,cAAA,CAAe,OAAA;AAAA,UAClB,aAAA,EAAe;AAAA,SACjB;AACA,QAAA,OAAO,KAAA,CAAM,kBAAkB,cAAc,CAAA;AAAA,MAC/C;AAAA,IACF;AAAA,EACF;AAEA,EAAA,OAAO,QAAA;AACT;AAIA,eAAsB,eAAA,CAAgB,QAAgB,OAAA,EAA+D;AACnH,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,iBAAiB,CAAA,EAAG;AAAA,IAC/E,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,EAAE,QAAQ;AAAA,GAChC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,cAAc,CAAA;AAClE,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,cAAA,EAAiB,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EACjE;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,cAAA,CAAe,KAAA,EAAe,IAAA,EAAc,OAAA,EAA+D;AAC/H,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,6BAA6B,CAAA,EAAG;AAAA,IAC3F,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,MAAM,IAAA,CAAK,SAAA,CAAU,EAAE,KAAA,EAAO,MAAM;AAAA,GACrC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,2BAA2B,CAAA;AAC/E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,2BAAA,EAA8B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC9E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,iBAAA,CAAkB,cAQrC,OAAA,EAA+D;AAChE,EAAA,MAAM,QAAA,GAAW,MAAM,KAAA,CAAM,iBAAA,CAAkB,GAAG,SAAA,EAAW,0BAA0B,CAAA,EAAG;AAAA,IACxF,MAAA,EAAQ,MAAA;AAAA,IACR,OAAA,EAAS,EAAE,cAAA,EAAgB,kBAAA,EAAmB;AAAA,IAC9C,IAAA,EAAM,IAAA,CAAK,SAAA,CAAU,YAAY;AAAA,GAClC,CAAA;AAED,EAAA,IAAI,CAAC,SAAS,EAAA,EAAI;AAChB,IAAA,MAAM,YAAY,MAAM,QAAA,CAAS,MAAK,CAAE,KAAA,CAAM,MAAM,uBAAuB,CAAA;AAC3E,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,uBAAA,EAA0B,SAAS,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAA;AAAA,EAC1E;AAEA,EAAA,MAAM,aAAA,GAAgB,MAAM,QAAA,CAAS,IAAA,EAAK;AAC1C,EAAA,IAAI,CAAC,SAAS,aAAA,EAAe;AAC3B,IAAA,MAAM,eAAA,CAAgB,UAAU,aAAa,CAAA;AAAA,EAC/C;AACA,EAAA,OAAO,aAAA;AACT;AAEA,eAAsB,kBAAA,CAAmB,UAA2B,eAAA,EAAmC;AACrG,EAAA,IAAI;AACF,IAAA,MAAM,YAAA,GAAe,MAAM,WAAA,CAAY,OAAO,CAAA;AAC9C,IAAA,IAAI,YAAA,EAAc,KAAA,IAAS,OAAO,YAAA,CAAa,gBAAgB,SAAA,EAAW;AACxE,MAAA,OAAO,YAAA,CAAa,WAAA;AAAA,IACtB;AACA,IAAA,OAAO,KAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO,KAAA;AAAA,EACT;AACF","file":"index.cjs","sourcesContent":["/**\n * Base64URL encoding/decoding utilities\n * Used for WebAuthn and JWT operations\n */\n\n/**\n * Convert ArrayBuffer to Base64URL string\n * @param buffer - ArrayBuffer to convert\n * @returns Base64URL encoded string\n */\nexport function arrayBufferToBase64url(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary).replace(/\\+/g, '-').replace(/\\//g, '_').replace(/=+$/g, '');\n}\n\n/**\n * Convert Base64URL string to Uint8Array\n * @param base64url - Base64URL string to convert\n * @returns Uint8Array\n */\nexport function base64urlToUint8Array(base64url: string): Uint8Array {\n const base64 = base64url.replace(/-/g, '+').replace(/_/g, '/');\n const pad = base64.length % 4 ? 4 - (base64.length % 4) : 0;\n const padded = base64 + '='.repeat(pad);\n const binary = atob(padded);\n const bytes = new Uint8Array(binary.length);\n for (let i = 0; i < binary.length; i++) {\n bytes[i] = binary.charCodeAt(i);\n }\n return bytes;\n}\n\n/**\n * Convert ArrayBuffer to standard Base64 string (not URL-safe)\n * @param buffer - ArrayBuffer to convert\n * @returns Base64 encoded string\n */\nexport function arrayBufferToBase64(buffer: ArrayBuffer): string {\n const bytes = new Uint8Array(buffer);\n let binary = '';\n for (let i = 0; i < bytes.byteLength; i++) {\n binary += String.fromCharCode(bytes[i]);\n }\n return btoa(binary);\n}\n","/**\n * Storage abstraction layer for tokens and keyshares\n * Allows the core package to work in both browser and Node.js environments\n */\n\n/**\n * Storage interface for storing key-value pairs\n * Can be implemented for different storage backends (localStorage, Redis, memory, etc.)\n */\nexport interface TokenStorage {\n /**\n * Get item from storage\n * @param key - Storage key\n * @returns Value or null if not found\n */\n getItem(key: string): Promise<string | null> | string | null;\n\n /**\n * Set item in storage\n * @param key - Storage key\n * @param value - Value to store\n */\n setItem(key: string, value: string): Promise<void> | void;\n\n /**\n * Remove item from storage\n * @param key - Storage key\n */\n removeItem(key: string): Promise<void> | void;\n}\n\n/**\n * In-memory storage adapter\n * Useful for server-side usage where persistence is not required\n */\nexport class MemoryStorage implements TokenStorage {\n private storage = new Map<string, string>();\n\n getItem(key: string): string | null {\n return this.storage.get(key) || null;\n }\n\n setItem(key: string, value: string): void {\n this.storage.set(key, value);\n }\n\n removeItem(key: string): void {\n this.storage.delete(key);\n }\n\n /**\n * Clear all items from memory storage\n */\n clear(): void {\n this.storage.clear();\n }\n\n /**\n * Get all keys in storage\n */\n keys(): string[] {\n return Array.from(this.storage.keys());\n }\n\n /**\n * Get number of items in storage\n */\n get size(): number {\n return this.storage.size;\n }\n}\n\n/**\n * LocalStorage adapter for browser environments\n * Falls back to memory storage if localStorage is not available\n */\nexport class LocalStorageAdapter implements TokenStorage {\n private fallback: MemoryStorage | null = null;\n\n constructor() {\n // Check if localStorage is available\n if (!this.isLocalStorageAvailable()) {\n console.warn('[Storage] localStorage not available, falling back to memory storage');\n this.fallback = new MemoryStorage();\n }\n }\n\n private isLocalStorageAvailable(): boolean {\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const storage = win ? win.localStorage : undefined;\n if (!storage) {\n return false;\n }\n // Test if we can actually use localStorage (some browsers block it in private mode)\n const testKey = '__lumia_storage_test__';\n storage.setItem(testKey, 'test');\n storage.removeItem(testKey);\n return true;\n } catch {\n return false;\n }\n }\n\n getItem(key: string): string | null {\n console.log('[Storage] getItem called for key:', key);\n if (this.fallback) {\n console.log('[Storage] Using fallback memory storage');\n return this.fallback.getItem(key);\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n const value = win?.localStorage?.getItem(key) || null;\n console.log('[Storage] Read from localStorage:', {\n key,\n hasValue: !!value,\n valueLength: value?.length,\n allKeys: win?.localStorage ? Object.keys(win.localStorage) : []\n });\n return value;\n } catch (error) {\n console.error('[Storage] Error reading from localStorage:', error);\n return null;\n }\n }\n\n setItem(key: string, value: string): void {\n console.log('[Storage] setItem called:', { key, valueLength: value.length });\n if (this.fallback) {\n console.log('[Storage] Using fallback memory storage for write');\n this.fallback.setItem(key, value);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.setItem(key, value);\n console.log('[Storage] Successfully wrote to localStorage');\n\n // Verify write\n const verification = win?.localStorage?.getItem(key);\n if (!verification) {\n console.error('[Storage] ⚠️ VERIFICATION FAILED: Value not found after write!');\n } else if (verification !== value) {\n console.error('[Storage] ⚠️ VERIFICATION FAILED: Value mismatch after write!');\n } else {\n console.log('[Storage] ✅ Write verified successfully');\n }\n } catch (error) {\n console.error('[Storage] Error writing to localStorage:', error);\n // Initialize fallback if localStorage fails\n if (!this.fallback) {\n this.fallback = new MemoryStorage();\n this.fallback.setItem(key, value);\n }\n }\n }\n\n removeItem(key: string): void {\n if (this.fallback) {\n this.fallback.removeItem(key);\n return;\n }\n try {\n // @ts-ignore - accessing global window object\n const win = typeof globalThis !== 'undefined' && (globalThis as any).window;\n win?.localStorage?.removeItem(key);\n } catch (error) {\n console.error('[Storage] Error removing from localStorage:', error);\n }\n }\n}\n\n/**\n * Keyshare storage interface (same as TokenStorage but with a different name for clarity)\n */\nexport interface KeyshareStorage extends TokenStorage {}\n\n/**\n * Helper to normalize storage operations to always be async\n * This allows mixing sync and async storage implementations\n */\nexport async function storageGet(\n storage: TokenStorage,\n key: string\n): Promise<string | null> {\n const result = storage.getItem(key);\n return result instanceof Promise ? await result : result;\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageSet(\n storage: TokenStorage,\n key: string,\n value: string\n): Promise<void> {\n const result = storage.setItem(key, value);\n if (result instanceof Promise) {\n await result;\n }\n}\n\n/**\n * Helper to normalize storage operations to always be async\n */\nexport async function storageRemove(\n storage: TokenStorage,\n key: string\n): Promise<void> {\n const result = storage.removeItem(key);\n if (result instanceof Promise) {\n await result;\n }\n}\n","/**\n * Project ID management for Lumia Passport Core\n * Adapted to work in both browser and Node.js environments\n */\n\nlet globalProjectId: string | undefined;\n\n/**\n * Set the global project ID\n * @param projectId - The project ID to set\n */\nexport function setProjectId(projectId: string): void {\n globalProjectId = projectId;\n}\n\n/**\n * Get the current project ID\n * Priority: 1. Explicitly set via setProjectId(), 2. window.__LUMIA_PROJECT_ID__ (browser only)\n */\nexport function getProjectId(): string | undefined {\n // First check explicitly set projectId\n if (globalProjectId) {\n return globalProjectId;\n }\n\n // Fallback to window global (browser only)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n return ((globalThis as any).window as any).__LUMIA_PROJECT_ID__;\n }\n\n return undefined;\n}\n\n/**\n * Add projectId to URL query parameters\n * @param url - The URL to add projectId to\n * @param projectId - Optional explicit projectId (uses getProjectId() if not provided)\n */\nexport function addProjectIdToUrl(url: string, projectId?: string): string {\n try {\n const pid = projectId || getProjectId();\n if (pid) {\n const separator = url.includes('?') ? '&' : '?';\n return `${url}${separator}projectId=${encodeURIComponent(pid)}`;\n }\n } catch (error) {\n // Silently fail and return original URL\n }\n return url;\n}\n\n/**\n * Clear the globally set project ID\n */\nexport function clearProjectId(): void {\n globalProjectId = undefined;\n}\n","/**\n * JWT Token Management\n * Adapted from lumia-passport-ui-kit/src/internal/auth/jwt.ts\n * Browser-specific features (passkey auth) remain in UI kit\n */\n\nimport type { TokenStorage } from './storage';\nimport { LocalStorageAdapter } from './storage';\nimport { addProjectIdToUrl } from '../utils/project-id';\n\n// Token storage keys\nconst TOKEN_STORAGE_KEY = 'lumia-passport-jwt-tokens';\nconst USER_ID_KEY = 'lumia-passport-current-user-id';\n\n// Build-time injected URLs (tsup.define)\ndeclare const __LUMIA_TSS_URL__: string;\ndeclare const __LUMIA_BUNDLER_URL__: string;\ndeclare const __LUMIA_SHARE_VAULT_URL__: string;\n\n// Service URL provider - will be set by config\nlet tssUrlProvider: (() => string) | undefined;\n\n/**\n * Configure JWT module with service URLs\n * Call this from createLumiaPassportCore (backend usage)\n */\nexport function configureJwtModule(config: {\n tssUrl?: string;\n projectId?: string;\n}) {\n if (config.tssUrl) {\n tssUrlProvider = () => config.tssUrl!;\n }\n // Note: projectId is now handled via addProjectIdToUrl from utils/project-id\n // which reads from window.__LUMIA_PROJECT_ID__ or can be set via setProjectId()\n}\n\n// Build-time default from .env (will be replaced by tsup define)\nconst BUILD_TSS_URL = (typeof __LUMIA_TSS_URL__ !== 'undefined' && __LUMIA_TSS_URL__) || '';\n\nfunction getTssUrl(): string {\n // Priority: runtime config > window.__LUMIA_SERVICES__ > build-time default > hardcoded fallback\n\n // 1. Runtime config (backend usage via configureJwtModule)\n if (tssUrlProvider) {\n return tssUrlProvider();\n }\n\n // 2. Browser runtime config from LumiaPassportProvider (window.__LUMIA_SERVICES__)\n if (typeof globalThis !== 'undefined' && (globalThis as any).window) {\n const services = ((globalThis as any).window as any).__LUMIA_SERVICES__;\n if (services?.tssUrl) {\n return services.tssUrl;\n }\n }\n\n // 3. Build-time injected default (from .env during pnpm build)\n if (BUILD_TSS_URL) {\n return BUILD_TSS_URL;\n }\n\n // 4. Hardcoded fallback\n return 'http://localhost:9256';\n}\n\n// addProjectIdToUrl is imported from '../utils/project-id'\n// It automatically reads from window.__LUMIA_PROJECT_ID__ or global setProjectId()\n\n// Types\nexport interface JwtTokens {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n expiresAt: number;\n hasKeyshare?: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface LoginResponse {\n accessToken: string;\n refreshToken: string;\n userId: string;\n expiresIn: number;\n hasKeyshare: boolean;\n isNewUser?: boolean;\n avatar?: string | null;\n displayName?: string | null;\n providers?: string[]; // List of connected auth providers (email, passkey, wallet, etc.)\n}\n\nexport interface RefreshResponse {\n accessToken: string;\n refreshToken: string;\n expiresIn: number;\n}\n\nexport interface VerifyResponse {\n valid: boolean;\n userId?: string;\n sessionId?: string;\n exp?: number;\n hasKeyshare?: boolean;\n displayName?: string | null;\n avatar?: string | null;\n}\n\n/**\n * JWT Token Manager\n * Handles token storage, refresh, and validation\n */\nexport class JwtTokenManager {\n private tokens: JwtTokens | null = null;\n private storage: TokenStorage;\n private refreshPromise: Promise<boolean> | null = null; // Mutex for refresh operations\n\n constructor(storage?: TokenStorage) {\n this.storage = storage || new LocalStorageAdapter();\n console.log('[JWT] JwtTokenManager initializing...');\n this.loadTokensFromStorage();\n }\n\n private async loadTokensFromStorage(): Promise<void> {\n try {\n const stored = await this.storage.getItem(TOKEN_STORAGE_KEY);\n console.log('[JWT] Loading tokens from storage:', !!stored);\n\n if (stored) {\n this.tokens = JSON.parse(stored);\n console.log('[JWT] Parsed tokens:', {\n hasAccessToken: !!this.tokens?.accessToken,\n hasRefreshToken: !!this.tokens?.refreshToken,\n userId: this.tokens?.userId,\n expiresAt: this.tokens?.expiresAt,\n currentTime: Date.now(),\n timeToExpiry: this.tokens?.expiresAt ? (this.tokens.expiresAt - Date.now()) / 1000 : 'N/A'\n });\n\n if (this.tokens && this.isTokenExpired()) {\n console.log('[JWT] Access token is expired');\n\n // Check if we have a refresh token to attempt renewal\n if (this.tokens.refreshToken) {\n console.log('[JWT] Refresh token available, will attempt renewal when needed');\n // Keep tokens - they will be refreshed on the first API call via ensureValidToken()\n } else {\n console.log('[JWT] No refresh token available, clearing tokens');\n await this.clearTokens();\n }\n } else {\n console.log('[JWT] Access token is valid, keeping tokens');\n }\n } else {\n console.log('[JWT] No tokens found in storage');\n }\n } catch (error) {\n console.error('[JWT] Error loading tokens from storage:', error);\n await this.clearTokens();\n }\n }\n\n private async saveTokensToStorage(): Promise<void> {\n try {\n if (this.tokens) {\n const tokenString = JSON.stringify(this.tokens);\n await this.storage.setItem(TOKEN_STORAGE_KEY, tokenString);\n await this.storage.setItem(USER_ID_KEY, this.tokens.userId);\n }\n } catch (error) {\n console.error('[JWT] Failed to save tokens to storage:', error);\n }\n }\n\n async setTokens(response: LoginResponse): Promise<void> {\n const expiresAt = Date.now() + response.expiresIn * 1000;\n this.tokens = {\n accessToken: response.accessToken,\n refreshToken: response.refreshToken,\n userId: response.userId,\n expiresIn: response.expiresIn,\n expiresAt,\n hasKeyshare: response.hasKeyshare,\n isNewUser: response.isNewUser,\n avatar: response.avatar ?? null,\n displayName: response.displayName ?? null,\n providers: response.providers ?? []\n };\n\n await this.saveTokensToStorage();\n }\n\n getAccessToken(): string | null {\n if (!this.tokens) return null;\n // Return access token even if expired - ensureValidToken() will handle refresh\n return this.tokens.accessToken;\n }\n\n getRefreshToken(): string | null {\n return this.tokens?.refreshToken || null;\n }\n\n getUserId(): string | null {\n return this.tokens?.userId || null;\n }\n\n getHasKeyshare(): boolean | null {\n return this.tokens?.hasKeyshare ?? null;\n }\n\n getAvatar(): string | null {\n return this.tokens?.avatar || null;\n }\n\n getDisplayName(): string | null {\n return this.tokens?.displayName || null;\n }\n\n getProviders(): string[] {\n return this.tokens?.providers ?? [];\n }\n\n getTokens(): JwtTokens | null {\n return this.tokens;\n }\n\n async updateKeyshareStatus(hasKeyshare: boolean): Promise<void> {\n if (this.tokens) {\n this.tokens.hasKeyshare = hasKeyshare;\n await this.saveTokensToStorage();\n }\n }\n\n async updateDisplayName(displayName: string | null): Promise<void> {\n if (this.tokens) {\n this.tokens.displayName = displayName;\n await this.saveTokensToStorage();\n }\n }\n\n isTokenExpired(): boolean {\n if (!this.tokens) {\n console.log('[JWT] No tokens available, considering expired');\n return true;\n }\n\n const buffer = 30 * 1000; // 30 seconds buffer\n const now = Date.now();\n const expiresAt = this.tokens.expiresAt;\n const isExpired = now > (expiresAt - buffer);\n\n console.log('[JWT] Token expiry check:', {\n currentTime: now,\n expiresAt: expiresAt,\n buffer: buffer,\n timeToExpiry: (expiresAt - now) / 1000,\n isExpired: isExpired\n });\n\n return isExpired;\n }\n\n isAuthenticated(): boolean {\n // Consider authenticated if we have either valid access token OR refresh token\n if (!this.tokens) return false;\n\n if (!this.isTokenExpired()) {\n return !!this.tokens.accessToken;\n }\n\n // If access token is expired but we have refresh token, we're still authenticated\n return !!this.tokens.refreshToken;\n }\n\n async clearTokens(): Promise<void> {\n this.tokens = null;\n await this.storage.removeItem(TOKEN_STORAGE_KEY);\n await this.storage.removeItem(USER_ID_KEY);\n }\n\n async refreshAccessToken(): Promise<boolean> {\n // If refresh is already in progress, wait for it to complete\n if (this.refreshPromise) {\n console.log('[JWT] Refresh already in progress, waiting for existing operation...');\n return this.refreshPromise;\n }\n\n const refreshToken = this.getRefreshToken();\n if (!refreshToken) {\n console.warn('[JWT] No refresh token available for refresh');\n return false;\n }\n\n console.log('[JWT] Starting new token refresh operation...');\n\n // Create and store the refresh promise (mutex pattern)\n this.refreshPromise = (async () => {\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/refresh`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ refreshToken })\n });\n\n if (!response.ok) {\n console.log('[JWT] Token refresh failed with status:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] Refresh 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Refresh token session not found, clearing tokens');\n await this.clearTokens();\n return false;\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid refresh token, clearing tokens');\n await this.clearTokens();\n return false;\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse refresh 401 error response:', parseError);\n await this.clearTokens();\n return false;\n }\n } else {\n console.log('[JWT] Non-401 error during refresh, keeping tokens (might be network error)');\n return false;\n }\n }\n\n const refreshResponse = await response.json() as RefreshResponse;\n console.log('[JWT] Token refresh successful, new expiry in:', refreshResponse.expiresIn, 'seconds');\n\n if (this.tokens) {\n // Update both access and refresh tokens (token rotation)\n this.tokens.accessToken = refreshResponse.accessToken;\n this.tokens.refreshToken = refreshResponse.refreshToken;\n this.tokens.expiresIn = refreshResponse.expiresIn;\n this.tokens.expiresAt = Date.now() + refreshResponse.expiresIn * 1000;\n await this.saveTokensToStorage();\n console.log('[JWT] Refreshed tokens saved to storage');\n return true;\n }\n\n console.error('[JWT] No existing tokens to update');\n return false;\n } catch (error) {\n console.error('[JWT] Token refresh network error:', error);\n // Don't clear tokens on network errors - might be temporary\n return false;\n } finally {\n // Clear the mutex when operation completes (success or failure)\n this.refreshPromise = null;\n console.log('[JWT] Refresh operation completed, mutex cleared');\n }\n })();\n\n return this.refreshPromise;\n }\n\n getAuthHeader(): string | null {\n const token = this.getAccessToken();\n return token ? `Bearer ${token}` : null;\n }\n}\n\n// Default instance with LocalStorage\nexport const jwtTokenManager = new JwtTokenManager();\n\n/**\n * Create a custom JWT token manager with specific storage\n */\nexport function createJwtTokenManager(storage: TokenStorage): JwtTokenManager {\n return new JwtTokenManager(storage);\n}\n\n// Authentication functions\n\nexport async function logout(manager: JwtTokenManager = jwtTokenManager): Promise<void> {\n try {\n const authHeader = manager.getAuthHeader();\n if (authHeader) {\n await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/logout`), {\n method: 'POST',\n headers: {\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n });\n }\n } catch (error) {\n console.error('[JWT] Logout error:', error);\n } finally {\n await manager.clearTokens();\n }\n}\n\nexport async function verifyToken(manager: JwtTokenManager = jwtTokenManager): Promise<VerifyResponse | null> {\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n console.log('[JWT] No auth header available for verification');\n return { valid: false };\n }\n\n try {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/verify`), {\n method: 'GET',\n headers: { Authorization: authHeader }\n });\n\n if (!response.ok) {\n console.log('[JWT] Token verification failed:', response.status);\n\n if (response.status === 401) {\n try {\n const errorData: any = await response.json();\n console.log('[JWT] 401 Error details:', errorData);\n\n // Handle backend error codes\n switch (errorData.error_code) {\n case 'TOKEN_EXPIRED':\n console.log('[JWT] Access token expired, attempting refresh...');\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n console.log('[JWT] Token refreshed successfully, retrying verification');\n return await verifyToken(manager);\n } else {\n console.log('[JWT] Token refresh failed, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n\n case 'SESSION_NOT_FOUND':\n console.log('[JWT] Session not found or revoked, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n\n case 'INVALID_TOKEN':\n default:\n console.log('[JWT] Invalid token, clearing tokens');\n await manager.clearTokens();\n return { valid: false };\n }\n } catch (parseError) {\n console.warn('[JWT] Could not parse 401 error response:', parseError);\n await manager.clearTokens();\n return { valid: false };\n }\n } else {\n console.log('[JWT] Non-401 error during verification, keeping tokens');\n return { valid: false };\n }\n }\n\n const verifyResponse = await response.json() as VerifyResponse;\n console.log('[JWT] Token verification successful:', verifyResponse);\n\n if (verifyResponse.valid) {\n if (typeof verifyResponse.hasKeyshare === 'boolean') {\n await manager.updateKeyshareStatus(verifyResponse.hasKeyshare);\n }\n // Update displayName and avatar if present\n if (manager.getTokens()) {\n if (verifyResponse.displayName !== undefined) {\n await manager.updateDisplayName(verifyResponse.displayName);\n }\n // Avatar update would need similar method\n }\n }\n\n return verifyResponse;\n } catch (error) {\n console.error('[JWT] Token verification network error:', error);\n return { valid: false };\n }\n}\n\nexport async function ensureValidToken(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n // Check if current access token is valid (not expired)\n if (manager.isAuthenticated() && !manager.isTokenExpired()) {\n return true;\n }\n\n console.log('[JWT] Access token expired or missing, attempting refresh...');\n\n // Try to refresh using refresh token\n const refreshToken = manager.getRefreshToken();\n if (refreshToken) {\n console.log('[JWT] Refresh token available, attempting to refresh access token');\n const refreshSuccess = await manager.refreshAccessToken();\n console.log('[JWT] Refresh attempt result:', refreshSuccess);\n return refreshSuccess;\n }\n\n console.log('[JWT] No refresh token available, user needs to re-authenticate');\n return false;\n}\n\nexport async function authenticatedFetch(\n url: string,\n options: RequestInit = {},\n manager: JwtTokenManager = jwtTokenManager\n): Promise<Response> {\n const hasValidToken = await ensureValidToken(manager);\n if (!hasValidToken) {\n throw new Error('No valid authentication token available');\n }\n\n const authHeader = manager.getAuthHeader();\n if (!authHeader) {\n throw new Error('Failed to get authentication header');\n }\n\n const urlWithProjectId = addProjectIdToUrl(url);\n const requestOptions: RequestInit = {\n ...options,\n headers: {\n ...options.headers,\n Authorization: authHeader,\n 'Content-Type': 'application/json'\n }\n };\n\n const response = await fetch(urlWithProjectId, requestOptions);\n\n // Handle 401 by attempting token refresh\n if (response.status === 401) {\n const refreshSuccess = await manager.refreshAccessToken();\n if (refreshSuccess) {\n const newAuthHeader = manager.getAuthHeader();\n if (newAuthHeader) {\n requestOptions.headers = {\n ...requestOptions.headers,\n Authorization: newAuthHeader\n };\n return fetch(urlWithProjectId, requestOptions);\n }\n }\n }\n\n return response;\n}\n\n// Login functions (non-passkey)\n\nexport async function loginWithUserId(userId: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ userId })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Login failed');\n throw new Error(`Login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithEmail(email: string, code: string, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/email/verify-code`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify({ email, code })\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Email verification failed');\n throw new Error(`Email verification failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function loginWithTelegram(telegramData: {\n id: number;\n first_name: string;\n last_name?: string;\n username?: string;\n photo_url?: string;\n auth_date: number;\n hash: string;\n}, options?: { skipTokenSave?: boolean }): Promise<LoginResponse> {\n const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/telegram/login`), {\n method: 'POST',\n headers: { 'Content-Type': 'application/json' },\n body: JSON.stringify(telegramData)\n });\n\n if (!response.ok) {\n const errorText = await response.text().catch(() => 'Telegram login failed');\n throw new Error(`Telegram login failed: ${response.status} ${errorText}`);\n }\n\n const loginResponse = await response.json() as LoginResponse;\n if (!options?.skipTokenSave) {\n await jwtTokenManager.setTokens(loginResponse);\n }\n return loginResponse;\n}\n\nexport async function syncKeyshareStatus(manager: JwtTokenManager = jwtTokenManager): Promise<boolean> {\n try {\n const verification = await verifyToken(manager);\n if (verification?.valid && typeof verification.hasKeyshare === 'boolean') {\n return verification.hasKeyshare;\n }\n return false;\n } catch {\n return false;\n }\n}\n"]}
package/dist/auth/index.d.cts CHANGED
@@ -125,6 +125,7 @@ interface JwtTokens {
125
125
  isNewUser?: boolean;
126
126
  avatar?: string | null;
127
127
  displayName?: string | null;
128
+ providers?: string[];
128
129
  }
129
130
  interface LoginResponse {
130
131
  accessToken: string;
@@ -135,6 +136,7 @@ interface LoginResponse {
135
136
  isNewUser?: boolean;
136
137
  avatar?: string | null;
137
138
  displayName?: string | null;
139
+ providers?: string[];
138
140
  }
139
141
  interface RefreshResponse {
140
142
  accessToken: string;
@@ -168,6 +170,7 @@ declare class JwtTokenManager {
168
170
  getHasKeyshare(): boolean | null;
169
171
  getAvatar(): string | null;
170
172
  getDisplayName(): string | null;
173
+ getProviders(): string[];
171
174
  getTokens(): JwtTokens | null;
172
175
  updateKeyshareStatus(hasKeyshare: boolean): Promise<void>;
173
176
  updateDisplayName(displayName: string | null): Promise<void>;
@@ -186,8 +189,12 @@ declare function logout(manager?: JwtTokenManager): Promise<void>;
186
189
  declare function verifyToken(manager?: JwtTokenManager): Promise<VerifyResponse | null>;
187
190
  declare function ensureValidToken(manager?: JwtTokenManager): Promise<boolean>;
188
191
  declare function authenticatedFetch(url: string, options?: RequestInit, manager?: JwtTokenManager): Promise<Response>;
189
- declare function loginWithUserId(userId: string): Promise<LoginResponse>;
190
- declare function loginWithEmail(email: string, code: string): Promise<LoginResponse>;
192
+ declare function loginWithUserId(userId: string, options?: {
193
+ skipTokenSave?: boolean;
194
+ }): Promise<LoginResponse>;
195
+ declare function loginWithEmail(email: string, code: string, options?: {
196
+ skipTokenSave?: boolean;
197
+ }): Promise<LoginResponse>;
191
198
  declare function loginWithTelegram(telegramData: {
192
199
  id: number;
193
200
  first_name: string;
@@ -196,6 +203,8 @@ declare function loginWithTelegram(telegramData: {
196
203
  photo_url?: string;
197
204
  auth_date: number;
198
205
  hash: string;
206
+ }, options?: {
207
+ skipTokenSave?: boolean;
199
208
  }): Promise<LoginResponse>;
200
209
  declare function syncKeyshareStatus(manager?: JwtTokenManager): Promise<boolean>;
201
210
 
package/dist/auth/index.d.ts CHANGED
@@ -125,6 +125,7 @@ interface JwtTokens {
125
125
  isNewUser?: boolean;
126
126
  avatar?: string | null;
127
127
  displayName?: string | null;
128
+ providers?: string[];
128
129
  }
129
130
  interface LoginResponse {
130
131
  accessToken: string;
@@ -135,6 +136,7 @@ interface LoginResponse {
135
136
  isNewUser?: boolean;
136
137
  avatar?: string | null;
137
138
  displayName?: string | null;
139
+ providers?: string[];
138
140
  }
139
141
  interface RefreshResponse {
140
142
  accessToken: string;
@@ -168,6 +170,7 @@ declare class JwtTokenManager {
168
170
  getHasKeyshare(): boolean | null;
169
171
  getAvatar(): string | null;
170
172
  getDisplayName(): string | null;
173
+ getProviders(): string[];
171
174
  getTokens(): JwtTokens | null;
172
175
  updateKeyshareStatus(hasKeyshare: boolean): Promise<void>;
173
176
  updateDisplayName(displayName: string | null): Promise<void>;
@@ -186,8 +189,12 @@ declare function logout(manager?: JwtTokenManager): Promise<void>;
186
189
  declare function verifyToken(manager?: JwtTokenManager): Promise<VerifyResponse | null>;
187
190
  declare function ensureValidToken(manager?: JwtTokenManager): Promise<boolean>;
188
191
  declare function authenticatedFetch(url: string, options?: RequestInit, manager?: JwtTokenManager): Promise<Response>;
189
- declare function loginWithUserId(userId: string): Promise<LoginResponse>;
190
- declare function loginWithEmail(email: string, code: string): Promise<LoginResponse>;
192
+ declare function loginWithUserId(userId: string, options?: {
193
+ skipTokenSave?: boolean;
194
+ }): Promise<LoginResponse>;
195
+ declare function loginWithEmail(email: string, code: string, options?: {
196
+ skipTokenSave?: boolean;
197
+ }): Promise<LoginResponse>;
191
198
  declare function loginWithTelegram(telegramData: {
192
199
  id: number;
193
200
  first_name: string;
@@ -196,6 +203,8 @@ declare function loginWithTelegram(telegramData: {
196
203
  photo_url?: string;
197
204
  auth_date: number;
198
205
  hash: string;
206
+ }, options?: {
207
+ skipTokenSave?: boolean;
199
208
  }): Promise<LoginResponse>;
200
209
  declare function syncKeyshareStatus(manager?: JwtTokenManager): Promise<boolean>;
201
210
 
package/dist/auth/index.js CHANGED
@@ -247,33 +247,14 @@ var JwtTokenManager = class {
247
247
  try {
248
248
  if (this.tokens) {
249
249
  const tokenString = JSON.stringify(this.tokens);
250
- console.log("[JWT] Saving to storage with key:", TOKEN_STORAGE_KEY);
251
- console.log("[JWT] Token data being saved:", {
252
- hasAccessToken: !!this.tokens.accessToken,
253
- hasRefreshToken: !!this.tokens.refreshToken,
254
- userId: this.tokens.userId,
255
- expiresAt: this.tokens.expiresAt,
256
- tokenStringLength: tokenString.length
257
- });
258
250
  await this.storage.setItem(TOKEN_STORAGE_KEY, tokenString);
259
251
  await this.storage.setItem(USER_ID_KEY, this.tokens.userId);
260
- console.log("[JWT] Tokens saved to storage");
261
- } else {
262
- console.warn("[JWT] No tokens to save");
263
252
  }
264
253
  } catch (error) {
265
254
  console.error("[JWT] Failed to save tokens to storage:", error);
266
255
  }
267
256
  }
268
257
  async setTokens(response) {
269
- console.log("[JWT] \u2705 setTokens() called - Stack trace:");
270
- console.trace("[JWT] Set tokens stack trace");
271
- console.log("[JWT] Setting tokens from response:", {
272
- hasAccessToken: !!response.accessToken,
273
- hasRefreshToken: !!response.refreshToken,
274
- userId: response.userId,
275
- expiresIn: response.expiresIn
276
- });
277
258
  const expiresAt = Date.now() + response.expiresIn * 1e3;
278
259
  this.tokens = {
279
260
  accessToken: response.accessToken,
@@ -284,11 +265,10 @@ var JwtTokenManager = class {
284
265
  hasKeyshare: response.hasKeyshare,
285
266
  isNewUser: response.isNewUser,
286
267
  avatar: response.avatar ?? null,
287
- displayName: response.displayName ?? null
268
+ displayName: response.displayName ?? null,
269
+ providers: response.providers ?? []
288
270
  };
289
- console.log("[JWT] Tokens object created");
290
271
  await this.saveTokensToStorage();
291
- console.log("[JWT] Tokens saved to storage successfully");
292
272
  }
293
273
  getAccessToken() {
294
274
  if (!this.tokens) return null;
@@ -309,6 +289,9 @@ var JwtTokenManager = class {
309
289
  getDisplayName() {
310
290
  return this.tokens?.displayName || null;
311
291
  }
292
+ getProviders() {
293
+ return this.tokens?.providers ?? [];
294
+ }
312
295
  getTokens() {
313
296
  return this.tokens;
314
297
  }
@@ -350,9 +333,6 @@ var JwtTokenManager = class {
350
333
  return !!this.tokens.refreshToken;
351
334
  }
352
335
  async clearTokens() {
353
- console.log("[JWT] \u26A0\uFE0F clearTokens() called - Stack trace:");
354
- console.trace("[JWT] Clear tokens stack trace");
355
- console.log("[JWT] Clearing tokens from memory and storage");
356
336
  this.tokens = null;
357
337
  await this.storage.removeItem(TOKEN_STORAGE_KEY);
358
338
  await this.storage.removeItem(USER_ID_KEY);
@@ -520,11 +500,7 @@ async function verifyToken(manager = jwtTokenManager) {
520
500
  }
521
501
  }
522
502
  async function ensureValidToken(manager = jwtTokenManager) {
523
- console.log("[JWT] ensureValidToken() called - Stack trace:");
524
- console.trace("[JWT] ensureValidToken stack trace");
525
- console.log("[JWT] Checking token validity...");
526
503
  if (manager.isAuthenticated() && !manager.isTokenExpired()) {
527
- console.log("[JWT] Access token is valid");
528
504
  return true;
529
505
  }
530
506
  console.log("[JWT] Access token expired or missing, attempting refresh...");
@@ -572,7 +548,7 @@ async function authenticatedFetch(url, options = {}, manager = jwtTokenManager)
572
548
  }
573
549
  return response;
574
550
  }
575
- async function loginWithUserId(userId) {
551
+ async function loginWithUserId(userId, options) {
576
552
  const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/login`), {
577
553
  method: "POST",
578
554
  headers: { "Content-Type": "application/json" },
@@ -583,10 +559,12 @@ async function loginWithUserId(userId) {
583
559
  throw new Error(`Login failed: ${response.status} ${errorText}`);
584
560
  }
585
561
  const loginResponse = await response.json();
586
- await jwtTokenManager.setTokens(loginResponse);
562
+ if (!options?.skipTokenSave) {
563
+ await jwtTokenManager.setTokens(loginResponse);
564
+ }
587
565
  return loginResponse;
588
566
  }
589
- async function loginWithEmail(email, code) {
567
+ async function loginWithEmail(email, code, options) {
590
568
  const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/email/verify-code`), {
591
569
  method: "POST",
592
570
  headers: { "Content-Type": "application/json" },
@@ -597,10 +575,12 @@ async function loginWithEmail(email, code) {
597
575
  throw new Error(`Email verification failed: ${response.status} ${errorText}`);
598
576
  }
599
577
  const loginResponse = await response.json();
600
- await jwtTokenManager.setTokens(loginResponse);
578
+ if (!options?.skipTokenSave) {
579
+ await jwtTokenManager.setTokens(loginResponse);
580
+ }
601
581
  return loginResponse;
602
582
  }
603
- async function loginWithTelegram(telegramData) {
583
+ async function loginWithTelegram(telegramData, options) {
604
584
  const response = await fetch(addProjectIdToUrl(`${getTssUrl()}/api/auth/telegram/login`), {
605
585
  method: "POST",
606
586
  headers: { "Content-Type": "application/json" },
@@ -611,7 +591,9 @@ async function loginWithTelegram(telegramData) {
611
591
  throw new Error(`Telegram login failed: ${response.status} ${errorText}`);
612
592
  }
613
593
  const loginResponse = await response.json();
614
- await jwtTokenManager.setTokens(loginResponse);
594
+ if (!options?.skipTokenSave) {
595
+ await jwtTokenManager.setTokens(loginResponse);
596
+ }
615
597
  return loginResponse;
616
598
  }
617
599
  async function syncKeyshareStatus(manager = jwtTokenManager) {