npm - @marvalt/madapter - Versions diffs - 1.1.0 → 2.1.1 - Mend

@marvalt/madapter 1.1.0 → 2.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (30) hide show

package/dist/client/mautic-client.d.ts +1 -8
package/dist/client/mautic-client.d.ts.map +1 -1
package/dist/generators/mautic-generator.d.ts.map +1 -1
package/dist/index.cjs +73 -90
package/dist/index.cjs.map +1 -1
package/dist/index.d.ts +62 -17
package/dist/index.d.ts.map +1 -1
package/dist/index.esm.js +74 -92
package/dist/index.esm.js.map +1 -1
package/dist/react/components/TurnstileWidget.d.ts +47 -0
package/dist/react/components/TurnstileWidget.d.ts.map +1 -0
package/dist/server/index.d.ts +19 -0
package/dist/server/index.d.ts.map +1 -0
package/dist/server/mautic-proxy.d.ts +28 -0
package/dist/server/mautic-proxy.d.ts.map +1 -0
package/dist/server/turnstile.d.ts +24 -0
package/dist/server/turnstile.d.ts.map +1 -0
package/dist/server.cjs +293 -0
package/dist/server.cjs.map +1 -0
package/dist/server.esm.js +290 -0
package/dist/server.esm.js.map +1 -0
package/dist/types/config.d.ts +12 -6
package/dist/types/config.d.ts.map +1 -1
package/dist/utils/config.d.ts +3 -3
package/dist/utils/config.d.ts.map +1 -1
package/package.json +9 -2
package/scripts/postinstall.cjs +127 -0
package/scripts/postinstall.js +114 -0
package/templates/MAUTIC_SECURITY.md +308 -0
package/templates/mautic-submit.ts +19 -0

package/dist/react/components/TurnstileWidget.d.ts ADDED Viewed

@@ -0,0 +1,47 @@
+/**
+ * @license GPL-3.0-or-later
+ *
+ * This file is part of the MarVAlt Open SDK.
+ * Copyright (c) 2025 Vibune Pty Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ */
+import React from 'react';
+declare global {
+    interface Window {
+        turnstile?: {
+            render: (element: HTMLElement, options: TurnstileOptions) => string;
+            remove: (widgetId: string) => void;
+            reset: (widgetId: string) => void;
+        };
+    }
+}
+interface TurnstileOptions {
+    sitekey: string;
+    callback?: (token: string) => void;
+    'error-callback'?: () => void;
+    'expired-callback'?: () => void;
+    theme?: 'light' | 'dark' | 'auto';
+    size?: 'normal' | 'compact';
+    tabindex?: number;
+}
+export interface TurnstileWidgetProps {
+    siteKey: string;
+    onSuccess: (token: string) => void;
+    onError?: () => void;
+    onExpire?: () => void;
+    theme?: 'light' | 'dark' | 'auto';
+    size?: 'normal' | 'compact';
+    tabIndex?: number;
+}
+export declare const TurnstileWidget: React.FC<TurnstileWidgetProps>;
+export {};
+//# sourceMappingURL=TurnstileWidget.d.ts.map

package/dist/react/components/TurnstileWidget.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"TurnstileWidget.d.ts","sourceRoot":"","sources":["../../../src/react/components/TurnstileWidget.tsx"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAA4B,MAAM,OAAO,CAAC;AAEjD,OAAO,CAAC,MAAM,CAAC;IACb,UAAU,MAAM;QACd,SAAS,CAAC,EAAE;YACV,MAAM,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,gBAAgB,KAAK,MAAM,CAAC;YACpE,MAAM,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;YACnC,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,IAAI,CAAC;SACnC,CAAC;KACH;CACF;AAED,UAAU,gBAAgB;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IACnC,gBAAgB,CAAC,EAAE,MAAM,IAAI,CAAC;IAC9B,kBAAkB,CAAC,EAAE,MAAM,IAAI,CAAC;IAChC,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAAC;IAClC,IAAI,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IACnC,OAAO,CAAC,EAAE,MAAM,IAAI,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,IAAI,CAAC;IACtB,KAAK,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,MAAM,CAAC;IAClC,IAAI,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,eAAO,MAAM,eAAe,EAAE,KAAK,CAAC,EAAE,CAAC,oBAAoB,CAkE1D,CAAC"}

package/dist/server/index.d.ts ADDED Viewed

@@ -0,0 +1,19 @@
+/**
+ * @license GPL-3.0-or-later
+ *
+ * This file is part of the MarVAlt Open SDK.
+ * Copyright (c) 2025 Vibune Pty Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ */
+export * from './mautic-proxy';
+export * from './turnstile';
+//# sourceMappingURL=index.d.ts.map

package/dist/server/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/server/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,cAAc,gBAAgB,CAAC;AAC/B,cAAc,aAAa,CAAC"}

package/dist/server/mautic-proxy.d.ts ADDED Viewed

@@ -0,0 +1,28 @@
+/**
+ * @license GPL-3.0-or-later
+ *
+ * This file is part of the MarVAlt Open SDK.
+ * Copyright (c) 2025 Vibune Pty Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ */
+/**
+ * Cloudflare Pages Function handler for Mautic API proxy
+ *
+ * Environment variables required:
+ * - VITE_MAUTIC_URL or MAUTIC_URL: Mautic instance URL
+ * - VITE_MAUTIC_API_PUBLIC_KEY or MAUTIC_API_PUBLIC_KEY: OAuth2 client ID
+ * - VITE_MAUTIC_API_SECRET_KEY or MAUTIC_API_SECRET_KEY: OAuth2 client secret
+ * - VITE_CF_ACCESS_CLIENT_ID or CF_ACCESS_CLIENT_ID: (Optional) Cloudflare Access client ID
+ * - VITE_CF_ACCESS_CLIENT_SECRET or CF_ACCESS_CLIENT_SECRET: (Optional) Cloudflare Access client secret
+ */
+export declare function handleMauticProxy(context: any): Promise<Response>;
+//# sourceMappingURL=mautic-proxy.d.ts.map

package/dist/server/mautic-proxy.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"mautic-proxy.d.ts","sourceRoot":"","sources":["../../src/server/mautic-proxy.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAkFH;;;;;;;;;GASG;AACH,wBAAsB,iBAAiB,CAAC,OAAO,EAAE,GAAG,qBAyMnD"}

package/dist/server/turnstile.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+/**
+ * @license GPL-3.0-or-later
+ *
+ * This file is part of the MarVAlt Open SDK.
+ * Copyright (c) 2025 Vibune Pty Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ */
+/**
+ * Verify Cloudflare Turnstile token server-side
+ * @param token - The Turnstile response token from the client
+ * @param secretKey - Your Turnstile secret key
+ * @returns Promise<boolean> - True if verification succeeds
+ */
+export declare function verifyTurnstile(token: string, secretKey: string): Promise<boolean>;
+//# sourceMappingURL=turnstile.d.ts.map

package/dist/server/turnstile.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"turnstile.d.ts","sourceRoot":"","sources":["../../src/server/turnstile.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AASH;;;;;GAKG;AACH,wBAAsB,eAAe,CACnC,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,OAAO,CAAC,CAoClB"}

package/dist/server.cjs ADDED Viewed

@@ -0,0 +1,293 @@
+'use strict';
+/**
+ * @license GPL-3.0-or-later
+ *
+ * This file is part of the MarVAlt Open SDK.
+ * Copyright (c) 2025 Vibune Pty Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ */
+/**
+ * Verify Cloudflare Turnstile token server-side
+ * @param token - The Turnstile response token from the client
+ * @param secretKey - Your Turnstile secret key
+ * @returns Promise<boolean> - True if verification succeeds
+ */
+async function verifyTurnstile(token, secretKey) {
+    if (!token || !secretKey) {
+        console.error('Missing Turnstile token or secret key');
+        return false;
+    }
+    try {
+        const response = await fetch('https://challenges.cloudflare.com/turnstile/v0/siteverify', {
+            method: 'POST',
+            headers: { 'Content-Type': 'application/json' },
+            body: JSON.stringify({
+                secret: secretKey,
+                response: token,
+            }),
+        });
+        if (!response.ok) {
+            console.error('Turnstile verification request failed:', response.status);
+            return false;
+        }
+        const data = await response.json();
+        if (!data.success) {
+            console.warn('Turnstile verification failed:', data['error-codes']);
+            return false;
+        }
+        return true;
+    }
+    catch (error) {
+        console.error('Turnstile verification error:', error);
+        return false;
+    }
+}
+/**
+ * @license GPL-3.0-or-later
+ *
+ * This file is part of the MarVAlt Open SDK.
+ * Copyright (c) 2025 Vibune Pty Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the GNU General Public License for more details.
+ */
+// In-memory token cache (per worker instance)
+let cachedToken = null;
+async function getOAuth2Token(mauticUrl, clientId, clientSecret, cfAccessClientId, cfAccessClientSecret) {
+    // Check cache (with 5-minute buffer before expiry)
+    if (cachedToken && cachedToken.expires_at > Date.now() + 300000) {
+        console.log('🔑 Using cached OAuth2 token');
+        return cachedToken.access_token;
+    }
+    console.log('🔑 Fetching new OAuth2 token...');
+    const tokenUrl = `${mauticUrl}/oauth/v2/token`;
+    const body = new URLSearchParams({
+        grant_type: 'client_credentials',
+        client_id: clientId,
+        client_secret: clientSecret,
+    });
+    const headers = {
+        'Content-Type': 'application/x-www-form-urlencoded',
+    };
+    // Add CF Access headers if available
+    if (cfAccessClientId && cfAccessClientSecret) {
+        headers['CF-Access-Client-Id'] = cfAccessClientId;
+        headers['CF-Access-Client-Secret'] = cfAccessClientSecret;
+        console.log('🔐 Added CF Access headers to OAuth2 request');
+    }
+    const response = await fetch(tokenUrl, {
+        method: 'POST',
+        headers,
+        body: body.toString(),
+    });
+    if (!response.ok) {
+        const errorText = await response.text();
+        throw new Error(`OAuth2 token request failed: ${response.status} ${errorText}`);
+    }
+    const data = await response.json();
+    // Cache token
+    cachedToken = {
+        access_token: data.access_token,
+        expires_at: Date.now() + (data.expires_in * 1000),
+    };
+    console.log('✅ OAuth2 token cached');
+    return cachedToken.access_token;
+}
+/**
+ * Cloudflare Pages Function handler for Mautic API proxy
+ *
+ * Environment variables required:
+ * - VITE_MAUTIC_URL or MAUTIC_URL: Mautic instance URL
+ * - VITE_MAUTIC_API_PUBLIC_KEY or MAUTIC_API_PUBLIC_KEY: OAuth2 client ID
+ * - VITE_MAUTIC_API_SECRET_KEY or MAUTIC_API_SECRET_KEY: OAuth2 client secret
+ * - VITE_CF_ACCESS_CLIENT_ID or CF_ACCESS_CLIENT_ID: (Optional) Cloudflare Access client ID
+ * - VITE_CF_ACCESS_CLIENT_SECRET or CF_ACCESS_CLIENT_SECRET: (Optional) Cloudflare Access client secret
+ */
+async function handleMauticProxy(context) {
+    const { request, env } = context;
+    try {
+        // Parse the endpoint from query parameter (proxy interface)
+        const url = new URL(request.url);
+        const endpoint = url.searchParams.get('endpoint');
+        if (!endpoint) {
+            return new Response('Missing endpoint parameter', { status: 400 });
+        }
+        // ============================================
+        // SECURITY LAYER 1: Origin Validation
+        // ============================================
+        const origin = request.headers.get('Origin');
+        const referer = request.headers.get('Referer');
+        // Get allowed origins from environment (comma-separated)
+        const allowedOriginsStr = env.ALLOWED_ORIGINS || env.VITE_ALLOWED_ORIGINS || '';
+        const allowedOrigins = allowedOriginsStr
+            .split(',')
+            .map((o) => o.trim())
+            .filter(Boolean);
+        // Default to localhost if no origins configured (development mode)
+        if (allowedOrigins.length === 0) {
+            allowedOrigins.push('http://localhost:8080', 'http://localhost:5173');
+            console.log('⚠️  No ALLOWED_ORIGINS configured, defaulting to localhost');
+        }
+        const isAllowedOrigin = allowedOrigins.some((allowed) => origin?.startsWith(allowed) || referer?.startsWith(allowed));
+        // Block if origin/referer present but not allowed
+        if ((origin || referer) && !isAllowedOrigin) {
+            console.warn('🚫 Blocked request from unauthorized origin:', origin || referer);
+            return new Response(JSON.stringify({
+                error: 'Forbidden origin',
+                message: 'This endpoint can only be accessed from authorized domains'
+            }), {
+                status: 403,
+                headers: { 'Content-Type': 'application/json' }
+            });
+        }
+        // ============================================
+        // SECURITY LAYER 2: Endpoint Whitelisting
+        // ============================================
+        const allowedPatterns = [
+            /^\/form\/submit/, // Form submissions
+            /^\/forms\/\d+\/submit/, // Legacy form endpoint
+            /^\/mtc\.js$/, // Tracking script (optional)
+            /^\/mtc\//, // Tracking API (optional)
+            /^\/mtracking\.gif$/, // Tracking pixel (optional)
+        ];
+        const isAllowedEndpoint = allowedPatterns.some(pattern => pattern.test(endpoint));
+        if (!isAllowedEndpoint) {
+            console.warn('🚫 Blocked unauthorized endpoint:', endpoint);
+            return new Response(JSON.stringify({
+                error: 'Forbidden endpoint',
+                message: 'Only form submission endpoints are allowed'
+            }), {
+                status: 403,
+                headers: { 'Content-Type': 'application/json' }
+            });
+        }
+        // ============================================
+        // SECURITY LAYER 3: Turnstile Verification
+        // ============================================
+        const turnstileSecretKey = env.TURNSTILE_SECRET_KEY || env.VITE_TURNSTILE_SECRET_KEY;
+        const turnstileEnabled = !!turnstileSecretKey;
+        // Only verify Turnstile for POST requests (form submissions)
+        if (turnstileEnabled && request.method === 'POST') {
+            const turnstileToken = request.headers.get('cf-turnstile-response');
+            if (!turnstileToken) {
+                console.warn('🚫 Missing Turnstile token for POST request');
+                return new Response(JSON.stringify({
+                    error: 'Missing verification',
+                    message: 'Bot verification required'
+                }), {
+                    status: 403,
+                    headers: { 'Content-Type': 'application/json' }
+                });
+            }
+            const isValid = await verifyTurnstile(turnstileToken, turnstileSecretKey);
+            if (!isValid) {
+                console.warn('🚫 Invalid Turnstile token');
+                return new Response(JSON.stringify({
+                    error: 'Verification failed',
+                    message: 'Bot verification failed'
+                }), {
+                    status: 403,
+                    headers: { 'Content-Type': 'application/json' }
+                });
+            }
+            console.log('✅ Turnstile verification passed');
+        }
+        else if (turnstileEnabled) {
+            console.log('ℹ️  Turnstile enabled but skipped for non-POST request');
+        }
+        // Get server-side credentials (prefer non-VITE_ prefixed env vars)
+        const mauticUrl = env.MAUTIC_URL || env.VITE_MAUTIC_URL;
+        const clientId = env.MAUTIC_API_PUBLIC_KEY || env.VITE_MAUTIC_API_PUBLIC_KEY;
+        const clientSecret = env.MAUTIC_API_SECRET_KEY || env.VITE_MAUTIC_API_SECRET_KEY;
+        const cfAccessClientId = env.CF_ACCESS_CLIENT_ID || env.VITE_CF_ACCESS_CLIENT_ID;
+        const cfAccessClientSecret = env.CF_ACCESS_CLIENT_SECRET || env.VITE_CF_ACCESS_CLIENT_SECRET;
+        if (!mauticUrl || !clientId || !clientSecret) {
+            console.error('❌ Mautic credentials not configured', {
+                mauticUrl: !!mauticUrl,
+                clientId: !!clientId,
+                clientSecret: !!clientSecret
+            });
+            return new Response('Mautic credentials not configured', { status: 500 });
+        }
+        // Get OAuth2 token
+        const accessToken = await getOAuth2Token(mauticUrl, clientId, clientSecret, cfAccessClientId, cfAccessClientSecret);
+        // Determine if this is a form submission (goes to /form/submit)
+        // or an API call (goes to /api/endpoint)
+        const isFormSubmission = endpoint.startsWith('/form/submit');
+        const targetUrl = isFormSubmission
+            ? `${mauticUrl}${endpoint}` // Form submissions don't use /api prefix
+            : `${mauticUrl}/api${endpoint}`; // API calls use /api prefix
+        // Prepare headers
+        const headers = {
+            'Authorization': `Bearer ${accessToken}`,
+        };
+        // Copy relevant headers from original request
+        const contentType = request.headers.get('Content-Type');
+        if (contentType) {
+            headers['Content-Type'] = contentType;
+        }
+        // Add CF Access headers if available
+        if (cfAccessClientId && cfAccessClientSecret) {
+            headers['CF-Access-Client-Id'] = cfAccessClientId;
+            headers['CF-Access-Client-Secret'] = cfAccessClientSecret;
+        }
+        // Prepare request init
+        const init = {
+            method: request.method,
+            headers,
+        };
+        // Include body for POST/PATCH/PUT requests
+        if (request.method !== 'GET' && request.method !== 'HEAD') {
+            init.body = await request.text();
+        }
+        console.log(`📤 Proxying ${request.method} request to Mautic:`, {
+            endpoint,
+            targetUrl,
+            isFormSubmission
+        });
+        // Forward request to Mautic
+        const response = await fetch(targetUrl, init);
+        console.log(`📥 Mautic response: ${response.status} ${response.statusText}`);
+        // Return response to client
+        const responseBody = await response.text();
+        return new Response(responseBody, {
+            status: response.status,
+            statusText: response.statusText,
+            headers: {
+                'Content-Type': response.headers.get('Content-Type') || 'application/json',
+            },
+        });
+    }
+    catch (error) {
+        console.error('❌ Mautic proxy error:', error);
+        return new Response(JSON.stringify({
+            success: false,
+            error: error?.message || 'Unknown error',
+        }), {
+            status: 500,
+            headers: { 'Content-Type': 'application/json' },
+        });
+    }
+}
+exports.handleMauticProxy = handleMauticProxy;
+exports.verifyTurnstile = verifyTurnstile;
+//# sourceMappingURL=server.cjs.map

package/dist/server.cjs.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"server.cjs","sources":["../src/server/turnstile.ts","../src/server/mautic-proxy.ts"],"sourcesContent":[null,null],"names":[],"mappings":";;AAAA;;;;;;;;;;;;;;;AAeG;AASH;;;;;AAKG;AACI,eAAe,eAAe,CACnC,KAAa,EACb,SAAiB,EAAA;AAEjB,IAAA,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,EAAE;AACxB,QAAA,OAAO,CAAC,KAAK,CAAC,uCAAuC,CAAC;AACtD,QAAA,OAAO,KAAK;IACd;AAEA,IAAA,IAAI;AACF,QAAA,MAAM,QAAQ,GAAG,MAAM,KAAK,CAC1B,2DAA2D,EAC3D;AACE,YAAA,MAAM,EAAE,MAAM;AACd,YAAA,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;AAC/C,YAAA,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;AACnB,gBAAA,MAAM,EAAE,SAAS;AACjB,gBAAA,QAAQ,EAAE,KAAK;aAChB,CAAC;AACH,SAAA,CACF;AAED,QAAA,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;YAChB,OAAO,CAAC,KAAK,CAAC,wCAAwC,EAAE,QAAQ,CAAC,MAAM,CAAC;AACxE,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,MAAM,IAAI,GAAsB,MAAM,QAAQ,CAAC,IAAI,EAAE;AAErD,QAAA,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;YACjB,OAAO,CAAC,IAAI,CAAC,gCAAgC,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;AACnE,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,OAAO,IAAI;IACb;IAAE,OAAO,KAAK,EAAE;AACd,QAAA,OAAO,CAAC,KAAK,CAAC,+BAA+B,EAAE,KAAK,CAAC;AACrD,QAAA,OAAO,KAAK;IACd;AACF;;ACrEA;;;;;;;;;;;;;;;AAeG;AAwBH;AACA,IAAI,WAAW,GAAwD,IAAI;AAE3E,eAAe,cAAc,CAC3B,SAAiB,EACjB,QAAgB,EAChB,YAAoB,EACpB,gBAAyB,EACzB,oBAA6B,EAAA;;AAG7B,IAAA,IAAI,WAAW,IAAI,WAAW,CAAC,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,EAAE;AAC/D,QAAA,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC;QAC3C,OAAO,WAAW,CAAC,YAAY;IACjC;AAEA,IAAA,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC;AAC9C,IAAA,MAAM,QAAQ,GAAG,CAAA,EAAG,SAAS,iBAAiB;AAC9C,IAAA,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;AAC/B,QAAA,UAAU,EAAE,oBAAoB;AAChC,QAAA,SAAS,EAAE,QAAQ;AACnB,QAAA,aAAa,EAAE,YAAY;AAC5B,KAAA,CAAC;AAEF,IAAA,MAAM,OAAO,GAA2B;AACtC,QAAA,cAAc,EAAE,mCAAmC;KACpD;;AAGD,IAAA,IAAI,gBAAgB,IAAI,oBAAoB,EAAE;AAC5C,QAAA,OAAO,CAAC,qBAAqB,CAAC,GAAG,gBAAgB;AACjD,QAAA,OAAO,CAAC,yBAAyB,CAAC,GAAG,oBAAoB;AACzD,QAAA,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC;IAC7D;AAEA,IAAA,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;AACrC,QAAA,MAAM,EAAE,MAAM;QACd,OAAO;AACP,QAAA,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;AACtB,KAAA,CAAC;AAEF,IAAA,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE;AAChB,QAAA,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE;QACvC,MAAM,IAAI,KAAK,CAAC,CAAA,6BAAA,EAAgC,QAAQ,CAAC,MAAM,CAAA,CAAA,EAAI,SAAS,CAAA,CAAE,CAAC;IACjF;AAEA,IAAA,MAAM,IAAI,GAAwB,MAAM,QAAQ,CAAC,IAAI,EAAE;;AAGvD,IAAA,WAAW,GAAG;QACZ,YAAY,EAAE,IAAI,CAAC,YAAY;AAC/B,QAAA,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;KAClD;AAED,IAAA,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;IACpC,OAAO,WAAW,CAAC,YAAY;AACjC;AAEA;;;;;;;;;AASG;AACI,eAAe,iBAAiB,CAAC,OAAY,EAAA;AAClD,IAAA,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,GAAG,OAAO;AAEhC,IAAA,IAAI;;QAEF,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;QAChC,MAAM,QAAQ,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC;QAEjD,IAAI,CAAC,QAAQ,EAAE;YACb,OAAO,IAAI,QAAQ,CAAC,4BAA4B,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;QACpE;;;;QAKA,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC;QAC5C,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC;;QAG9C,MAAM,iBAAiB,GAAG,GAAG,CAAC,eAAe,IAAI,GAAG,CAAC,oBAAoB,IAAI,EAAE;QAC/E,MAAM,cAAc,GAAG;aACpB,KAAK,CAAC,GAAG;aACT,GAAG,CAAC,CAAC,CAAS,KAAK,CAAC,CAAC,IAAI,EAAE;aAC3B,MAAM,CAAC,OAAO,CAAC;;AAGlB,QAAA,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE;AAC/B,YAAA,cAAc,CAAC,IAAI,CAAC,uBAAuB,EAAE,uBAAuB,CAAC;AACrE,YAAA,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC;QAC3E;QAEA,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,OAAe,KAC1D,MAAM,EAAE,UAAU,CAAC,OAAO,CAAC,IAAI,OAAO,EAAE,UAAU,CAAC,OAAO,CAAC,CAC5D;;QAGD,IAAI,CAAC,MAAM,IAAI,OAAO,KAAK,CAAC,eAAe,EAAE;YAC3C,OAAO,CAAC,IAAI,CAAC,8CAA8C,EAAE,MAAM,IAAI,OAAO,CAAC;AAC/E,YAAA,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;AACjC,gBAAA,KAAK,EAAE,kBAAkB;AACzB,gBAAA,OAAO,EAAE;AACV,aAAA,CAAC,EAAE;AACF,gBAAA,MAAM,EAAE,GAAG;AACX,gBAAA,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB;AAC9C,aAAA,CAAC;QACJ;;;;AAKA,QAAA,MAAM,eAAe,GAAG;AACtB,YAAA,iBAAiB;AACjB,YAAA,uBAAuB;AACvB,YAAA,aAAa;AACb,YAAA,UAAU;AACV,YAAA,oBAAoB;SACrB;AAED,QAAA,MAAM,iBAAiB,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEjF,IAAI,CAAC,iBAAiB,EAAE;AACtB,YAAA,OAAO,CAAC,IAAI,CAAC,mCAAmC,EAAE,QAAQ,CAAC;AAC3D,YAAA,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;AACjC,gBAAA,KAAK,EAAE,oBAAoB;AAC3B,gBAAA,OAAO,EAAE;AACV,aAAA,CAAC,EAAE;AACF,gBAAA,MAAM,EAAE,GAAG;AACX,gBAAA,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB;AAC9C,aAAA,CAAC;QACJ;;;;QAKA,MAAM,kBAAkB,GAAG,GAAG,CAAC,oBAAoB,IAAI,GAAG,CAAC,yBAAyB;AACpF,QAAA,MAAM,gBAAgB,GAAG,CAAC,CAAC,kBAAkB;;QAG7C,IAAI,gBAAgB,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE;YACjD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC;YAEnE,IAAI,CAAC,cAAc,EAAE;AACnB,gBAAA,OAAO,CAAC,IAAI,CAAC,6CAA6C,CAAC;AAC3D,gBAAA,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;AACjC,oBAAA,KAAK,EAAE,sBAAsB;AAC7B,oBAAA,OAAO,EAAE;AACV,iBAAA,CAAC,EAAE;AACF,oBAAA,MAAM,EAAE,GAAG;AACX,oBAAA,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB;AAC9C,iBAAA,CAAC;YACJ;YAEA,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,cAAc,EAAE,kBAAkB,CAAC;YAEzE,IAAI,CAAC,OAAO,EAAE;AACZ,gBAAA,OAAO,CAAC,IAAI,CAAC,4BAA4B,CAAC;AAC1C,gBAAA,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;AACjC,oBAAA,KAAK,EAAE,qBAAqB;AAC5B,oBAAA,OAAO,EAAE;AACV,iBAAA,CAAC,EAAE;AACF,oBAAA,MAAM,EAAE,GAAG;AACX,oBAAA,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB;AAC9C,iBAAA,CAAC;YACJ;AAEA,YAAA,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC;QAChD;aAAO,IAAI,gBAAgB,EAAE;AAC3B,YAAA,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC;QACvE;;QAGA,MAAM,SAAS,GAAG,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,eAAe;QACvD,MAAM,QAAQ,GAAG,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,0BAA0B;QAC5E,MAAM,YAAY,GAAG,GAAG,CAAC,qBAAqB,IAAI,GAAG,CAAC,0BAA0B;QAChF,MAAM,gBAAgB,GAAG,GAAG,CAAC,mBAAmB,IAAI,GAAG,CAAC,wBAAwB;QAChF,MAAM,oBAAoB,GAAG,GAAG,CAAC,uBAAuB,IAAI,GAAG,CAAC,4BAA4B;QAE5F,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,IAAI,CAAC,YAAY,EAAE;AAC5C,YAAA,OAAO,CAAC,KAAK,CAAC,qCAAqC,EAAE;gBACnD,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,YAAY,EAAE,CAAC,CAAC;AACjB,aAAA,CAAC;YACF,OAAO,IAAI,QAAQ,CAAC,mCAAmC,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC;QAC3E;;AAGA,QAAA,MAAM,WAAW,GAAG,MAAM,cAAc,CACtC,SAAS,EACT,QAAQ,EACR,YAAY,EACZ,gBAAgB,EAChB,oBAAoB,CACrB;;;QAID,MAAM,gBAAgB,GAAG,QAAQ,CAAC,UAAU,CAAC,cAAc,CAAC;QAC5D,MAAM,SAAS,GAAG;AAChB,cAAE,CAAA,EAAG,SAAS,GAAG,QAAQ,CAAA,CAAE;cACzB,GAAG,SAAS,CAAA,IAAA,EAAO,QAAQ,CAAA,CAAE,CAAC;;AAGlC,QAAA,MAAM,OAAO,GAA2B;YACtC,eAAe,EAAE,CAAA,OAAA,EAAU,WAAW,CAAA,CAAE;SACzC;;QAGD,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC;QACvD,IAAI,WAAW,EAAE;AACf,YAAA,OAAO,CAAC,cAAc,CAAC,GAAG,WAAW;QACvC;;AAGA,QAAA,IAAI,gBAAgB,IAAI,oBAAoB,EAAE;AAC5C,YAAA,OAAO,CAAC,qBAAqB,CAAC,GAAG,gBAAgB;AACjD,YAAA,OAAO,CAAC,yBAAyB,CAAC,GAAG,oBAAoB;QAC3D;;AAGA,QAAA,MAAM,IAAI,GAAgB;YACxB,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,OAAO;SACR;;AAGD,QAAA,IAAI,OAAO,CAAC,MAAM,KAAK,KAAK,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE;YACzD,IAAI,CAAC,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE;QAClC;QAEA,OAAO,CAAC,GAAG,CAAC,CAAA,YAAA,EAAe,OAAO,CAAC,MAAM,qBAAqB,EAAE;YAC9D,QAAQ;YACR,SAAS;YACT;AACD,SAAA,CAAC;;QAGF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE,IAAI,CAAC;AAE7C,QAAA,OAAO,CAAC,GAAG,CAAC,CAAA,oBAAA,EAAuB,QAAQ,CAAC,MAAM,CAAA,CAAA,EAAI,QAAQ,CAAC,UAAU,CAAA,CAAE,CAAC;;AAG5E,QAAA,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE;AAC1C,QAAA,OAAO,IAAI,QAAQ,CAAC,YAAY,EAAE;YAChC,MAAM,EAAE,QAAQ,CAAC,MAAM;YACvB,UAAU,EAAE,QAAQ,CAAC,UAAU;AAC/B,YAAA,OAAO,EAAE;gBACP,cAAc,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,kBAAkB;AAC3E,aAAA;AACF,SAAA,CAAC;IAEJ;IAAE,OAAO,KAAU,EAAE;AACnB,QAAA,OAAO,CAAC,KAAK,CAAC,uBAAuB,EAAE,KAAK,CAAC;AAC7C,QAAA,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;AACjC,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,KAAK,EAAE,KAAK,EAAE,OAAO,IAAI,eAAe;AACzC,SAAA,CAAC,EAAE;AACF,YAAA,MAAM,EAAE,GAAG;AACX,YAAA,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;AAChD,SAAA,CAAC;IACJ;AACF;;;;;"}