@masterteam/gateway-auth 0.0.1 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"masterteam-gateway-auth.mjs","sources":["../../../../packages/masterteam/gateway-auth/src/gateway-auth.utils.ts","../../../../packages/masterteam/gateway-auth/src/gateway-sso-session.service.ts","../../../../packages/masterteam/gateway-auth/src/masterteam-gateway-auth.ts"],"sourcesContent":["import {\n GatewayApiDateValue,\n GatewayAuthTokens,\n GatewayMappedTokens,\n GatewayMappedUser,\n GatewayRefreshData,\n GatewaySsoProvider,\n GatewayUserDetails,\n} from './gateway-auth.models';\n\nexport const GATEWAY_AUTH_DEVICE_TOKEN = 'web-app';\n\nexport const GATEWAY_AUTH_ENDPOINTS = {\n login: 'auth/login',\n verifyMfa: 'auth/2fa/verify',\n resendMfa: 'auth/2fa/resend',\n refresh: 'auth/refresh',\n logout: 'auth/logout',\n ssoProviders: 'auth/sso/providers',\n ssoExchange: 'auth/sso/exchange',\n ssoTokenExchange: 'auth/sso/token-exchange',\n nafathStart: (providerKey: string) =>\n `auth/sso/nafath/${encodeURIComponent(providerKey)}/start`,\n nafathStatus: (providerKey: string) =>\n `auth/sso/nafath/${encodeURIComponent(providerKey)}/status`,\n ssoStart: (providerKey: string) =>\n `auth/sso/${encodeURIComponent(providerKey)}/start`,\n} as const;\n\nexport function isExpired(expireAt?: string | null): boolean {\n if (!expireAt) {\n return false;\n }\n\n const timestamp = new Date(expireAt).getTime();\n return !Number.isFinite(timestamp) || timestamp <= Date.now();\n}\n\nexport function resolveApiDateValue(\n value?: GatewayApiDateValue | null,\n): string | null {\n return value?.actualValue ?? value?.rawValue ?? null;\n}\n\nexport function mapGatewayTokens(\n tokens: GatewayAuthTokens | GatewayRefreshData,\n): GatewayMappedTokens {\n return {\n accessToken: tokens.accessToken,\n refreshToken: tokens.refreshToken,\n accessTokenExpiresAt: resolveApiDateValue(tokens.accessTokenExpiresAt),\n refreshTokenExpiresAt: resolveApiDateValue(tokens.refreshTokenExpiresAt),\n };\n}\n\nexport function mapGatewayUser(\n user: GatewayUserDetails,\n tokenData: GatewayMappedTokens,\n delegations?: unknown[],\n): GatewayMappedUser {\n const photo =\n typeof user.photo === 'string' ? { fileName: user.photo } : user.photo;\n const imageFallback = user.image ? { fileName: user.image } : undefined;\n const resolvedPhoto = photo ?? imageFallback;\n\n return {\n user: {\n ...user,\n photo: resolvedPhoto,\n },\n token: tokenData.accessToken,\n accessToken: tokenData.accessToken,\n refreshToken: tokenData.refreshToken,\n accessTokenExpiresAt: tokenData.accessTokenExpiresAt ?? undefined,\n refreshTokenExpiresAt: tokenData.refreshTokenExpiresAt ?? undefined,\n delegations: delegations ?? [],\n twoFactorRequired: false,\n };\n}\n\nexport function hasGatewayTokens(\n tokens?: Partial<GatewayAuthTokens | GatewayRefreshData> | null,\n): boolean {\n return Boolean(tokens?.accessToken && tokens?.refreshToken);\n}\n\nexport function getGatewayErrorMessage(\n error: unknown,\n fallback: string,\n): string {\n const response = error as {\n error?: { message?: string; Message?: string; errors?: { message?: string } };\n message?: string;\n };\n\n return (\n response.error?.message ??\n response.error?.Message ??\n response.error?.errors?.message ??\n response.message ??\n fallback\n );\n}\n\nexport function normalizeGatewayBase(baseUrl?: string | null): string {\n if (!baseUrl) {\n return '';\n }\n\n return baseUrl.replace(/\\/+$/, '');\n}\n\nexport function buildGatewayUrl(\n gatewayApiBaseUrl: string | undefined | null,\n path: string,\n): string {\n if (/^https?:\\/\\//i.test(path)) {\n return path;\n }\n\n const normalizedBase = normalizeGatewayBase(gatewayApiBaseUrl);\n if (!normalizedBase) {\n return path;\n }\n\n const normalizedPath = path.replace(/^\\/+/, '');\n if (normalizedPath.startsWith('api/')) {\n try {\n const base = new URL(normalizedBase);\n return `${base.origin}/${normalizedPath}`;\n } catch {\n return `${normalizedBase}/${normalizedPath}`;\n }\n }\n\n return `${normalizedBase}/${normalizedPath}`;\n}\n\nexport interface BuildSsoStartUrlOptions {\n gatewayApiBaseUrl: string;\n provider: GatewaySsoProvider;\n returnUrl: string;\n clientState: string;\n platform?: 'web' | 'mobile';\n}\n\nexport function buildSsoStartUrl({\n gatewayApiBaseUrl,\n provider,\n returnUrl,\n clientState,\n platform = 'web',\n}: BuildSsoStartUrlOptions): string {\n const startPath = provider.startUrl || GATEWAY_AUTH_ENDPOINTS.ssoStart(provider.key);\n const url = new URL(buildGatewayUrl(gatewayApiBaseUrl, startPath));\n url.searchParams.set('platform', platform);\n url.searchParams.set('returnUrl', returnUrl);\n url.searchParams.set('clientState', clientState);\n return url.toString();\n}\n\nexport function createSecureClientState(): string {\n if (typeof crypto !== 'undefined' && crypto.randomUUID) {\n return crypto.randomUUID();\n }\n\n const bytes = new Uint8Array(16);\n if (typeof crypto !== 'undefined' && crypto.getRandomValues) {\n crypto.getRandomValues(bytes);\n return Array.from(bytes, (value) => value.toString(16).padStart(2, '0')).join(\n '',\n );\n }\n\n return `${Date.now().toString(36)}${Math.random().toString(36).slice(2)}`;\n}\n\n","import { createSecureClientState } from './gateway-auth.utils';\n\nconst PENDING_SSO_STATE_KEY = 'gatewayAuth.pendingSsoState';\n\nexport class GatewaySsoSession {\n createAndStoreState(): string {\n const state = createSecureClientState();\n this.storage?.setItem(PENDING_SSO_STATE_KEY, state);\n return state;\n }\n\n getPendingState(): string | null {\n return this.storage?.getItem(PENDING_SSO_STATE_KEY) ?? null;\n }\n\n clearPendingState(): void {\n this.storage?.removeItem(PENDING_SSO_STATE_KEY);\n }\n\n consumeExpectedState(state: string | null): boolean {\n const expectedState = this.getPendingState();\n this.clearPendingState();\n return Boolean(state && expectedState && state === expectedState);\n }\n\n clearCallbackQuery(path = '/auth/sso/callback'): void {\n if (typeof window === 'undefined' || !window.history?.replaceState) {\n return;\n }\n\n window.history.replaceState({}, document.title, path);\n }\n\n clearAll(): void {\n this.clearPendingState();\n }\n\n private get storage(): Storage | null {\n if (typeof sessionStorage === 'undefined') {\n return null;\n }\n\n return sessionStorage;\n }\n}\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n"],"names":[],"mappings":"AAUO,MAAM,yBAAyB,GAAG;AAElC,MAAM,sBAAsB,GAAG;AACpC,IAAA,KAAK,EAAE,YAAY;AACnB,IAAA,SAAS,EAAE,iBAAiB;AAC5B,IAAA,SAAS,EAAE,iBAAiB;AAC5B,IAAA,OAAO,EAAE,cAAc;AACvB,IAAA,MAAM,EAAE,aAAa;AACrB,IAAA,YAAY,EAAE,oBAAoB;AAClC,IAAA,WAAW,EAAE,mBAAmB;AAChC,IAAA,gBAAgB,EAAE,yBAAyB;IAC3C,WAAW,EAAE,CAAC,WAAmB,KAC/B,CAAA,gBAAA,EAAmB,kBAAkB,CAAC,WAAW,CAAC,CAAA,MAAA,CAAQ;IAC5D,YAAY,EAAE,CAAC,WAAmB,KAChC,CAAA,gBAAA,EAAmB,kBAAkB,CAAC,WAAW,CAAC,CAAA,OAAA,CAAS;IAC7D,QAAQ,EAAE,CAAC,WAAmB,KAC5B,CAAA,SAAA,EAAY,kBAAkB,CAAC,WAAW,CAAC,CAAA,MAAA,CAAQ;;AAGjD,SAAU,SAAS,CAAC,QAAwB,EAAA;IAChD,IAAI,CAAC,QAAQ,EAAE;AACb,QAAA,OAAO,KAAK;IACd;IAEA,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE;AAC9C,IAAA,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;AAC/D;AAEM,SAAU,mBAAmB,CACjC,KAAkC,EAAA;IAElC,OAAO,KAAK,EAAE,WAAW,IAAI,KAAK,EAAE,QAAQ,IAAI,IAAI;AACtD;AAEM,SAAU,gBAAgB,CAC9B,MAA8C,EAAA;IAE9C,OAAO;QACL,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;AACjC,QAAA,oBAAoB,EAAE,mBAAmB,CAAC,MAAM,CAAC,oBAAoB,CAAC;AACtE,QAAA,qBAAqB,EAAE,mBAAmB,CAAC,MAAM,CAAC,qBAAqB,CAAC;KACzE;AACH;SAEgB,cAAc,CAC5B,IAAwB,EACxB,SAA8B,EAC9B,WAAuB,EAAA;IAEvB,MAAM,KAAK,GACT,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,IAAI,CAAC,KAAK;AACxE,IAAA,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,SAAS;AACvE,IAAA,MAAM,aAAa,GAAG,KAAK,IAAI,aAAa;IAE5C,OAAO;AACL,QAAA,IAAI,EAAE;AACJ,YAAA,GAAG,IAAI;AACP,YAAA,KAAK,EAAE,aAAa;AACrB,SAAA;QACD,KAAK,EAAE,SAAS,CAAC,WAAW;QAC5B,WAAW,EAAE,SAAS,CAAC,WAAW;QAClC,YAAY,EAAE,SAAS,CAAC,YAAY;AACpC,QAAA,oBAAoB,EAAE,SAAS,CAAC,oBAAoB,IAAI,SAAS;AACjE,QAAA,qBAAqB,EAAE,SAAS,CAAC,qBAAqB,IAAI,SAAS;QACnE,WAAW,EAAE,WAAW,IAAI,EAAE;AAC9B,QAAA,iBAAiB,EAAE,KAAK;KACzB;AACH;AAEM,SAAU,gBAAgB,CAC9B,MAA+D,EAAA;IAE/D,OAAO,OAAO,CAAC,MAAM,EAAE,WAAW,IAAI,MAAM,EAAE,YAAY,CAAC;AAC7D;AAEM,SAAU,sBAAsB,CACpC,KAAc,EACd,QAAgB,EAAA;IAEhB,MAAM,QAAQ,GAAG,KAGhB;AAED,IAAA,QACE,QAAQ,CAAC,KAAK,EAAE,OAAO;QACvB,QAAQ,CAAC,KAAK,EAAE,OAAO;AACvB,QAAA,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO;AAC/B,QAAA,QAAQ,CAAC,OAAO;AAChB,QAAA,QAAQ;AAEZ;AAEM,SAAU,oBAAoB,CAAC,OAAuB,EAAA;IAC1D,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,OAAO,EAAE;IACX;IAEA,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;AACpC;AAEM,SAAU,eAAe,CAC7B,iBAA4C,EAC5C,IAAY,EAAA;AAEZ,IAAA,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;AAC9B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,cAAc,GAAG,oBAAoB,CAAC,iBAAiB,CAAC;IAC9D,IAAI,CAAC,cAAc,EAAE;AACnB,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;AAC/C,IAAA,IAAI,cAAc,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE;AACrC,QAAA,IAAI;AACF,YAAA,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC;AACpC,YAAA,OAAO,GAAG,IAAI,CAAC,MAAM,CAAA,CAAA,EAAI,cAAc,EAAE;QAC3C;AAAE,QAAA,MAAM;AACN,YAAA,OAAO,CAAA,EAAG,cAAc,CAAA,CAAA,EAAI,cAAc,EAAE;QAC9C;IACF;AAEA,IAAA,OAAO,CAAA,EAAG,cAAc,CAAA,CAAA,EAAI,cAAc,EAAE;AAC9C;AAUM,SAAU,gBAAgB,CAAC,EAC/B,iBAAiB,EACjB,QAAQ,EACR,SAAS,EACT,WAAW,EACX,QAAQ,GAAG,KAAK,GACQ,EAAA;AACxB,IAAA,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,IAAI,sBAAsB,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC;AACpF,IAAA,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC;IAClE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;IAC1C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC;IAC5C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC;AAChD,IAAA,OAAO,GAAG,CAAC,QAAQ,EAAE;AACvB;SAEgB,uBAAuB,GAAA;IACrC,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,UAAU,EAAE;AACtD,QAAA,OAAO,MAAM,CAAC,UAAU,EAAE;IAC5B;AAEA,IAAA,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC;IAChC,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,eAAe,EAAE;AAC3D,QAAA,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC;AAC7B,QAAA,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,KAAK,KAAK,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAC3E,EAAE,CACH;IACH;IAEA,OAAO,CAAA,EAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA,EAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA,CAAE;AAC3E;;AC7KA,MAAM,qBAAqB,GAAG,6BAA6B;MAE9C,iBAAiB,CAAA;IAC5B,mBAAmB,GAAA;AACjB,QAAA,MAAM,KAAK,GAAG,uBAAuB,EAAE;QACvC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,qBAAqB,EAAE,KAAK,CAAC;AACnD,QAAA,OAAO,KAAK;IACd;IAEA,eAAe,GAAA;QACb,OAAO,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,qBAAqB,CAAC,IAAI,IAAI;IAC7D;IAEA,iBAAiB,GAAA;AACf,QAAA,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,qBAAqB,CAAC;IACjD;AAEA,IAAA,oBAAoB,CAAC,KAAoB,EAAA;AACvC,QAAA,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,EAAE;QAC5C,IAAI,CAAC,iBAAiB,EAAE;QACxB,OAAO,OAAO,CAAC,KAAK,IAAI,aAAa,IAAI,KAAK,KAAK,aAAa,CAAC;IACnE;IAEA,kBAAkB,CAAC,IAAI,GAAG,oBAAoB,EAAA;AAC5C,QAAA,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,YAAY,EAAE;YAClE;QACF;AAEA,QAAA,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC;IACvD;IAEA,QAAQ,GAAA;QACN,IAAI,CAAC,iBAAiB,EAAE;IAC1B;AAEA,IAAA,IAAY,OAAO,GAAA;AACjB,QAAA,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE;AACzC,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,OAAO,cAAc;IACvB;AACD;;AC5CD;;AAEG;;;;"}
|
|
1
|
+
{"version":3,"file":"masterteam-gateway-auth.mjs","sources":["../../../../packages/masterteam/gateway-auth/src/gateway-auth.utils.ts","../../../../packages/masterteam/gateway-auth/src/gateway-auth.actions.ts","../../../../packages/masterteam/gateway-auth/src/gateway-auth.options.ts","../../../../packages/masterteam/gateway-auth/src/gateway-sso-session.service.ts","../../../../packages/masterteam/gateway-auth/src/gateway-auth.state.model.ts","../../../../packages/masterteam/gateway-auth/src/gateway-auth.state.ts","../../../../packages/masterteam/gateway-auth/src/gateway-auth.facade.ts","../../../../packages/masterteam/gateway-auth/src/gateway-auth.interceptor.ts","../../../../packages/masterteam/gateway-auth/src/components/gateway-mfa/gateway-mfa.ts","../../../../packages/masterteam/gateway-auth/src/components/gateway-mfa/gateway-mfa.html","../../../../packages/masterteam/gateway-auth/src/components/gateway-sso-callback/gateway-sso-callback.ts","../../../../packages/masterteam/gateway-auth/src/components/gateway-sso-callback/gateway-sso-callback.html","../../../../packages/masterteam/gateway-auth/src/components/gateway-sso-buttons/gateway-sso-buttons.ts","../../../../packages/masterteam/gateway-auth/src/components/gateway-sso-buttons/gateway-sso-buttons.html","../../../../packages/masterteam/gateway-auth/src/masterteam-gateway-auth.ts"],"sourcesContent":["import {\n GatewayApiDateValue,\n GatewayAuthTokens,\n GatewayMappedTokens,\n GatewayMappedUser,\n GatewayRefreshData,\n GatewaySsoProvider,\n GatewayUserDetails,\n} from './gateway-auth.models';\n\nexport const GATEWAY_AUTH_DEVICE_TOKEN = 'web-app';\n\nexport const GATEWAY_AUTH_ENDPOINTS = {\n login: 'auth/login',\n verifyMfa: 'auth/2fa/verify',\n resendMfa: 'auth/2fa/resend',\n refresh: 'auth/refresh',\n logout: 'auth/logout',\n ssoProviders: 'auth/sso/providers',\n ssoExchange: 'auth/sso/exchange',\n ssoTokenExchange: 'auth/sso/token-exchange',\n nafathStart: (providerKey: string) =>\n `auth/sso/nafath/${encodeURIComponent(providerKey)}/start`,\n nafathStatus: (providerKey: string) =>\n `auth/sso/nafath/${encodeURIComponent(providerKey)}/status`,\n ssoStart: (providerKey: string) =>\n `auth/sso/${encodeURIComponent(providerKey)}/start`,\n} as const;\n\nexport function isExpired(expireAt?: string | null): boolean {\n if (!expireAt) {\n return false;\n }\n\n const timestamp = new Date(expireAt).getTime();\n return !Number.isFinite(timestamp) || timestamp <= Date.now();\n}\n\nexport function resolveApiDateValue(\n value?: GatewayApiDateValue | null,\n): string | null {\n return value?.actualValue ?? value?.rawValue ?? null;\n}\n\nexport function mapGatewayTokens(\n tokens: GatewayAuthTokens | GatewayRefreshData,\n): GatewayMappedTokens {\n return {\n accessToken: tokens.accessToken,\n refreshToken: tokens.refreshToken,\n accessTokenExpiresAt: resolveApiDateValue(tokens.accessTokenExpiresAt),\n refreshTokenExpiresAt: resolveApiDateValue(tokens.refreshTokenExpiresAt),\n };\n}\n\nexport function mapGatewayUser(\n user: GatewayUserDetails,\n tokenData: GatewayMappedTokens,\n delegations?: unknown[],\n): GatewayMappedUser {\n const photo =\n typeof user.photo === 'string' ? { fileName: user.photo } : user.photo;\n const imageFallback = user.image ? { fileName: user.image } : undefined;\n const resolvedPhoto = photo ?? imageFallback;\n\n return {\n user: {\n ...user,\n photo: resolvedPhoto,\n },\n token: tokenData.accessToken,\n accessToken: tokenData.accessToken,\n refreshToken: tokenData.refreshToken,\n accessTokenExpiresAt: tokenData.accessTokenExpiresAt ?? undefined,\n refreshTokenExpiresAt: tokenData.refreshTokenExpiresAt ?? undefined,\n delegations: delegations ?? [],\n twoFactorRequired: false,\n };\n}\n\nexport function hasGatewayTokens(\n tokens?: Partial<GatewayAuthTokens | GatewayRefreshData> | null,\n): boolean {\n return Boolean(tokens?.accessToken && tokens?.refreshToken);\n}\n\nexport function getGatewayErrorMessage(\n error: unknown,\n fallback: string,\n): string {\n const response = error as {\n error?: {\n message?: string;\n Message?: string;\n errors?: { message?: string };\n };\n message?: string;\n };\n\n return (\n response.error?.message ??\n response.error?.Message ??\n response.error?.errors?.message ??\n response.message ??\n fallback\n );\n}\n\nexport function normalizeGatewayBase(baseUrl?: string | null): string {\n if (!baseUrl) {\n return '';\n }\n\n return baseUrl.replace(/\\/+$/, '');\n}\n\nexport function buildGatewayUrl(\n gatewayApiBaseUrl: string | undefined | null,\n path: string,\n): string {\n if (/^https?:\\/\\//i.test(path)) {\n return path;\n }\n\n const normalizedBase = normalizeGatewayBase(gatewayApiBaseUrl);\n if (!normalizedBase) {\n return path;\n }\n\n const normalizedPath = path.replace(/^\\/+/, '');\n if (normalizedPath.startsWith('api/')) {\n try {\n const base = new URL(normalizedBase);\n return `${base.origin}/${normalizedPath}`;\n } catch {\n return `${normalizedBase}/${normalizedPath}`;\n }\n }\n\n return `${normalizedBase}/${normalizedPath}`;\n}\n\nexport interface BuildSsoStartUrlOptions {\n gatewayApiBaseUrl: string;\n provider: GatewaySsoProvider;\n returnUrl: string;\n clientState: string;\n platform?: 'web' | 'mobile';\n}\n\nexport function buildSsoStartUrl({\n gatewayApiBaseUrl,\n provider,\n returnUrl,\n clientState,\n platform = 'web',\n}: BuildSsoStartUrlOptions): string {\n const startPath =\n provider.startUrl || GATEWAY_AUTH_ENDPOINTS.ssoStart(provider.key);\n const url = new URL(buildGatewayUrl(gatewayApiBaseUrl, startPath));\n url.searchParams.set('platform', platform);\n url.searchParams.set('returnUrl', returnUrl);\n url.searchParams.set('clientState', clientState);\n return url.toString();\n}\n\nexport function createSecureClientState(): string {\n if (typeof crypto !== 'undefined' && crypto.randomUUID) {\n return crypto.randomUUID();\n }\n\n const bytes = new Uint8Array(16);\n if (typeof crypto !== 'undefined' && crypto.getRandomValues) {\n crypto.getRandomValues(bytes);\n return Array.from(bytes, (value) =>\n value.toString(16).padStart(2, '0'),\n ).join('');\n }\n\n return `${Date.now().toString(36)}${Math.random().toString(36).slice(2)}`;\n}\n","import {\n AuthLoginData,\n AuthTokens,\n LoginRequest,\n SsoProvider,\n User,\n} from './gateway-auth.state.model';\n\nexport class Login {\n static readonly type = '[Auth] Login';\n constructor(public payload: LoginRequest) {}\n}\n\nexport class VerifyMfa {\n static readonly type = '[Auth] Verify MFA';\n constructor(public code: string) {}\n}\n\nexport class ResendMfa {\n static readonly type = '[Auth] Resend MFA';\n}\n\nexport class LoadSsoProviders {\n static readonly type = '[Auth] Load SSO Providers';\n}\n\nexport class StartSso {\n static readonly type = '[Auth] Start SSO';\n constructor(public provider: SsoProvider) {}\n}\n\nexport class ExchangeSsoCode {\n static readonly type = '[Auth] Exchange SSO Code';\n constructor(\n public code: string,\n public state: string,\n ) {}\n}\n\nexport class LoginSuccess {\n static readonly type = '[Auth] Login Success';\n constructor(public session: AuthLoginData) {}\n}\n\nexport class LoginFailure {\n static readonly type = '[Auth] Login Failure';\n constructor(public error: string) {}\n}\n\nexport class Logout {\n static readonly type = '[Auth] Logout';\n constructor(public remote: boolean = false) {}\n}\n\nexport class UpdateUserData {\n static readonly type = '[Auth] Update User Data';\n constructor(public user: User) {}\n}\n\nexport class UpdateTokens {\n static readonly type = '[Auth] Update Tokens';\n constructor(public tokens: AuthTokens) {}\n}\n\nexport class ClearError {\n static readonly type = '[Auth] Clear Error';\n}\n\nexport class ClearPendingMfa {\n static readonly type = '[Auth] Clear Pending MFA';\n}\n","import { InjectionToken } from '@angular/core';\nimport { HttpRequest } from '@angular/common/http';\nimport { StateContext } from '@ngxs/store';\nimport { Observable } from 'rxjs';\nimport { GatewayLoginResponse, GatewayPlatform } from './gateway-auth.models';\nimport { AuthStateModel } from './gateway-auth.state.model';\n\nexport type GatewayAuthHookResult =\n | void\n | null\n | Observable<unknown>\n | Promise<unknown>;\n\nexport interface GatewayAuthOptions {\n getGatewayApiBaseUrl: () => string | null | undefined;\n getApplicationApiBaseUrl?: () => string | null | undefined;\n shouldUseGatewayApiBaseUrl?: (request: HttpRequest<unknown>) => boolean;\n deviceToken?: string;\n platform?: GatewayPlatform;\n loginRoute?: string;\n mfaRoute?: string;\n ssoCallbackPath?: string;\n defaultAuthenticatedRoute?: string | (() => string | null | undefined);\n preserveSsoProvidersOnLogout?: boolean;\n afterLogin?: (\n session: GatewayLoginResponse,\n ctx: StateContext<AuthStateModel>,\n ) => GatewayAuthHookResult;\n beforeLocalLogout?: (\n ctx: StateContext<AuthStateModel>,\n ) => GatewayAuthHookResult;\n}\n\nexport const GATEWAY_AUTH_OPTIONS = new InjectionToken<GatewayAuthOptions>(\n 'GATEWAY_AUTH_OPTIONS',\n {\n factory: () => ({\n getGatewayApiBaseUrl: () => null,\n deviceToken: 'web-app',\n platform: 'web',\n loginRoute: '/auth/login',\n mfaRoute: '/auth/mfa',\n ssoCallbackPath: '/auth/sso/callback',\n defaultAuthenticatedRoute: '/',\n preserveSsoProvidersOnLogout: true,\n }),\n },\n);\n","import { createSecureClientState } from './gateway-auth.utils';\n\nconst PENDING_SSO_STATE_KEY = 'gatewayAuth.pendingSsoState';\n\nexport class GatewaySsoSession {\n createAndStoreState(): string {\n const state = createSecureClientState();\n this.storage?.setItem(PENDING_SSO_STATE_KEY, state);\n return state;\n }\n\n getPendingState(): string | null {\n return this.storage?.getItem(PENDING_SSO_STATE_KEY) ?? null;\n }\n\n clearPendingState(): void {\n this.storage?.removeItem(PENDING_SSO_STATE_KEY);\n }\n\n consumeExpectedState(state: string | null): boolean {\n const expectedState = this.getPendingState();\n this.clearPendingState();\n return Boolean(state && expectedState && state === expectedState);\n }\n\n clearCallbackQuery(path = '/auth/sso/callback'): void {\n if (typeof window === 'undefined' || !window.history?.replaceState) {\n return;\n }\n\n window.history.replaceState({}, document.title, path);\n }\n\n clearAll(): void {\n this.clearPendingState();\n }\n\n private get storage(): Storage | null {\n if (typeof sessionStorage === 'undefined') {\n return null;\n }\n\n return sessionStorage;\n }\n}\n","import {\n GatewayAuthTokens,\n GatewayLoginRequest,\n GatewayLoginResponse,\n GatewayMappedUser,\n GatewayRefreshData,\n GatewayResponse,\n GatewaySsoProvider,\n GatewayTwoFactorChallenge,\n GatewayUserDetails,\n} from './gateway-auth.models';\n\nexport type UserDetails = GatewayUserDetails;\nexport type User = GatewayMappedUser;\nexport type LoginRequest = GatewayLoginRequest;\nexport type ApiDateValue = NonNullable<\n GatewayAuthTokens['accessTokenExpiresAt']\n>;\nexport type AuthTokens = GatewayAuthTokens;\nexport type AuthLoginData = GatewayLoginResponse;\nexport type AuthRefreshData = GatewayRefreshData;\nexport type TwoFactorChallenge = GatewayTwoFactorChallenge;\nexport type SsoProvider = GatewaySsoProvider;\nexport type Response<T> = GatewayResponse<T>;\n\nexport interface AuthStateModel {\n user: User | null;\n token: string | null;\n refreshToken: string | null;\n accessTokenExpiresAt: string | null;\n refreshTokenExpiresAt: string | null;\n loading: boolean;\n mfaResendLoading: boolean;\n ssoLoading: boolean;\n ssoCallbackLoading: boolean;\n error: string | null;\n twoFactorRequired: boolean;\n pendingMfa: TwoFactorChallenge | null;\n ssoProviders: SsoProvider[];\n}\n\nexport const AUTH_STATE_DEFAULTS: AuthStateModel = {\n user: null,\n token: null,\n refreshToken: null,\n accessTokenExpiresAt: null,\n refreshTokenExpiresAt: null,\n loading: false,\n mfaResendLoading: false,\n ssoLoading: false,\n ssoCallbackLoading: false,\n error: null,\n twoFactorRequired: false,\n pendingMfa: null,\n ssoProviders: [],\n};\n\nexport function sanitizePersistedAuthState(\n obj: Partial<AuthStateModel> | null,\n) {\n return {\n ...AUTH_STATE_DEFAULTS,\n ...(obj ?? {}),\n loading: false,\n mfaResendLoading: false,\n ssoLoading: false,\n ssoCallbackLoading: false,\n error: null,\n twoFactorRequired: false,\n pendingMfa: null,\n ssoProviders: [],\n };\n}\n","import { HttpClient } from '@angular/common/http';\nimport { Injectable, inject } from '@angular/core';\nimport { Router } from '@angular/router';\nimport { Action, Selector, State, StateContext } from '@ngxs/store';\nimport { EMPTY, Observable, from, isObservable, of } from 'rxjs';\nimport { catchError, mergeMap, tap } from 'rxjs/operators';\nimport {\n ClearError,\n ClearPendingMfa,\n ExchangeSsoCode,\n LoadSsoProviders,\n Login,\n LoginFailure,\n LoginSuccess,\n Logout,\n ResendMfa,\n StartSso,\n UpdateTokens,\n UpdateUserData,\n VerifyMfa,\n} from './gateway-auth.actions';\nimport {\n GATEWAY_AUTH_OPTIONS,\n GatewayAuthHookResult,\n GatewayAuthOptions,\n} from './gateway-auth.options';\nimport {\n GatewayLoginResponse,\n GatewayResponse,\n GatewaySsoProvidersData,\n GatewayTwoFactorChallenge,\n} from './gateway-auth.models';\nimport {\n buildGatewayUrl,\n buildSsoStartUrl,\n GATEWAY_AUTH_DEVICE_TOKEN,\n GATEWAY_AUTH_ENDPOINTS,\n getGatewayErrorMessage,\n hasGatewayTokens,\n mapGatewayTokens,\n mapGatewayUser,\n} from './gateway-auth.utils';\nimport { GatewaySsoSession } from './gateway-sso-session.service';\nimport {\n AUTH_STATE_DEFAULTS,\n AuthLoginData,\n AuthStateModel,\n SsoProvider,\n User,\n} from './gateway-auth.state.model';\n\n@State<AuthStateModel>({\n name: 'auth',\n defaults: AUTH_STATE_DEFAULTS,\n})\n@Injectable()\nexport class GatewayAuthState {\n private readonly http = inject(HttpClient);\n private readonly options = inject(GATEWAY_AUTH_OPTIONS);\n private readonly router = inject(Router);\n private readonly ssoSession = new GatewaySsoSession();\n\n @Selector()\n static user(state: AuthStateModel): User | null {\n return state.user;\n }\n\n @Selector()\n static loading(state: AuthStateModel): boolean {\n return state.loading;\n }\n\n @Selector()\n static mfaResendLoading(state: AuthStateModel): boolean {\n return state.mfaResendLoading;\n }\n\n @Selector()\n static ssoLoading(state: AuthStateModel): boolean {\n return state.ssoLoading;\n }\n\n @Selector()\n static ssoCallbackLoading(state: AuthStateModel): boolean {\n return state.ssoCallbackLoading;\n }\n\n @Selector()\n static error(state: AuthStateModel): string | null {\n return state.error;\n }\n\n @Selector()\n static token(state: AuthStateModel): string | null {\n return state.token;\n }\n\n @Selector()\n static refreshToken(state: AuthStateModel): string | null {\n return state.refreshToken;\n }\n\n @Selector()\n static accessTokenExpiresAt(state: AuthStateModel): string | null {\n return state.accessTokenExpiresAt;\n }\n\n @Selector()\n static refreshTokenExpiresAt(state: AuthStateModel): string | null {\n return state.refreshTokenExpiresAt;\n }\n\n @Selector()\n static twoFactorRequired(state: AuthStateModel): boolean {\n return state.twoFactorRequired;\n }\n\n @Selector()\n static pendingMfa(state: AuthStateModel) {\n return state.pendingMfa;\n }\n\n @Selector()\n static ssoProviders(state: AuthStateModel): SsoProvider[] {\n return state.ssoProviders;\n }\n\n @Selector()\n static isAdmin(state: AuthStateModel): boolean {\n return state.user?.isAdmin || false;\n }\n\n @Selector()\n static userDetails(state: AuthStateModel) {\n return state.user?.user || null;\n }\n\n @Action(Login)\n login(ctx: StateContext<AuthStateModel>, action: Login) {\n ctx.patchState({\n loading: true,\n error: null,\n pendingMfa: null,\n twoFactorRequired: false,\n });\n\n return this.http\n .post<GatewayResponse<GatewayLoginResponse>>(\n this.gatewayUrl(GATEWAY_AUTH_ENDPOINTS.login),\n {\n userName: action.payload.userName,\n password: action.payload.password,\n isEncrypted: action.payload.isEncrypted ?? false,\n deviceToken: action.payload.deviceToken || this.deviceToken,\n recaptchaToken: action.payload.recaptchaToken,\n recaptchaAction: action.payload.recaptchaAction,\n },\n )\n .pipe(\n mergeMap((response) => this.handleLoginResponse(ctx, response.data)),\n catchError((error) => {\n ctx.dispatch(\n new LoginFailure(getGatewayErrorMessage(error, 'Login failed')),\n );\n return of(null);\n }),\n );\n }\n\n @Action(VerifyMfa)\n verifyMfa(ctx: StateContext<AuthStateModel>, action: VerifyMfa) {\n const pendingMfa = ctx.getState().pendingMfa;\n if (!pendingMfa) {\n ctx.dispatch(new LoginFailure('The verification session expired.'));\n this.navigateToLogin();\n return EMPTY;\n }\n\n ctx.patchState({ loading: true, error: null });\n\n return this.http\n .post<GatewayResponse<GatewayLoginResponse>>(\n this.gatewayUrl(GATEWAY_AUTH_ENDPOINTS.verifyMfa),\n {\n userId: pendingMfa.userId,\n tempSessionId: pendingMfa.tempSessionId,\n code: action.code,\n deviceToken: this.deviceToken,\n },\n )\n .pipe(\n mergeMap((response) => this.handleLoginResponse(ctx, response.data)),\n catchError((error) => {\n const message = getGatewayErrorMessage(\n error,\n 'Invalid verification code',\n );\n const shouldClearMfa = error?.status === 403;\n ctx.patchState({\n loading: false,\n error: message,\n pendingMfa: shouldClearMfa ? null : pendingMfa,\n twoFactorRequired: !shouldClearMfa,\n });\n if (shouldClearMfa) {\n this.navigateToLogin();\n }\n return of(null);\n }),\n );\n }\n\n @Action(ResendMfa)\n resendMfa(ctx: StateContext<AuthStateModel>) {\n const pendingMfa = ctx.getState().pendingMfa;\n if (!pendingMfa) {\n ctx.dispatch(new LoginFailure('The verification session expired.'));\n this.navigateToLogin();\n return EMPTY;\n }\n\n ctx.patchState({ mfaResendLoading: true, error: null });\n\n return this.http\n .post<GatewayResponse<GatewayTwoFactorChallenge>>(\n this.gatewayUrl(GATEWAY_AUTH_ENDPOINTS.resendMfa),\n {\n userId: pendingMfa.userId,\n tempSessionId: pendingMfa.tempSessionId,\n },\n )\n .pipe(\n tap((response) => {\n ctx.patchState({\n pendingMfa: response.data,\n twoFactorRequired: true,\n mfaResendLoading: false,\n error: null,\n });\n }),\n catchError((error) => {\n ctx.patchState({\n mfaResendLoading: false,\n error: getGatewayErrorMessage(error, 'Failed to resend code'),\n });\n return of(null);\n }),\n );\n }\n\n @Action(LoadSsoProviders)\n loadSsoProviders(ctx: StateContext<AuthStateModel>) {\n ctx.patchState({ ssoLoading: true });\n\n return this.http\n .get<GatewayResponse<GatewaySsoProvidersData>>(\n this.gatewayUrl(GATEWAY_AUTH_ENDPOINTS.ssoProviders),\n {\n params: { platform: this.options.platform ?? 'web' },\n },\n )\n .pipe(\n tap((response) => {\n ctx.patchState({\n ssoProviders: (response.data?.providers ?? []).filter(\n (provider) => provider.enabled,\n ),\n ssoLoading: false,\n });\n }),\n catchError(() => {\n ctx.patchState({\n ssoProviders: [],\n ssoLoading: false,\n });\n return of(null);\n }),\n );\n }\n\n @Action(StartSso)\n startSso(ctx: StateContext<AuthStateModel>, action: StartSso) {\n if (action.provider.flow !== 'browser_redirect') {\n ctx.patchState({\n error: 'This SSO provider is not available for browser sign-in.',\n });\n return;\n }\n\n const gatewayApiBaseUrl = this.options.getGatewayApiBaseUrl();\n if (!gatewayApiBaseUrl || typeof window === 'undefined') {\n ctx.patchState({ error: 'SSO is not configured.' });\n return;\n }\n\n const clientState = this.ssoSession.createAndStoreState();\n const callbackPath = this.options.ssoCallbackPath ?? '/auth/sso/callback';\n const startUrl = buildSsoStartUrl({\n gatewayApiBaseUrl,\n provider: action.provider,\n returnUrl: `${window.location.origin}${callbackPath}`,\n clientState,\n platform: this.options.platform ?? 'web',\n });\n\n window.location.assign(startUrl);\n }\n\n @Action(ExchangeSsoCode)\n exchangeSsoCode(ctx: StateContext<AuthStateModel>, action: ExchangeSsoCode) {\n ctx.patchState({ ssoCallbackLoading: true, error: null });\n\n return this.http\n .post<GatewayResponse<GatewayLoginResponse>>(\n this.gatewayUrl(GATEWAY_AUTH_ENDPOINTS.ssoExchange),\n {\n code: action.code,\n state: action.state,\n deviceToken: this.deviceToken,\n },\n )\n .pipe(\n mergeMap((response) => this.handleLoginResponse(ctx, response.data)),\n catchError((error) => {\n ctx.patchState({\n ssoCallbackLoading: false,\n error: getGatewayErrorMessage(\n error,\n 'SSO sign-in failed. Please try again.',\n ),\n });\n return of(null);\n }),\n );\n }\n\n @Action(LoginSuccess)\n loginSuccess(ctx: StateContext<AuthStateModel>, action: LoginSuccess) {\n return this.handleLoginResponse(ctx, action.session);\n }\n\n @Action(LoginFailure)\n loginFailure(ctx: StateContext<AuthStateModel>, action: LoginFailure) {\n ctx.patchState({\n loading: false,\n ssoCallbackLoading: false,\n error: action.error,\n user: null,\n token: null,\n refreshToken: null,\n accessTokenExpiresAt: null,\n refreshTokenExpiresAt: null,\n pendingMfa: null,\n twoFactorRequired: false,\n });\n }\n\n @Action(Logout)\n logout(ctx: StateContext<AuthStateModel>, action: Logout) {\n const { token, refreshToken, ssoProviders } = ctx.getState();\n this.ssoSession.clearAll();\n this.toObservable(this.options.beforeLocalLogout?.(ctx)).subscribe();\n ctx.patchState({\n ...AUTH_STATE_DEFAULTS,\n ssoProviders: this.options.preserveSsoProvidersOnLogout\n ? ssoProviders\n : [],\n });\n this.navigateToLogin();\n\n if (action.remote && token) {\n this.http\n .post<GatewayResponse<boolean>>(\n this.gatewayUrl(GATEWAY_AUTH_ENDPOINTS.logout),\n {\n refreshToken,\n deviceToken: this.deviceToken,\n },\n {\n headers: {\n Authorization: `Bearer ${token}`,\n noMessage: 'true',\n },\n },\n )\n .pipe(catchError(() => EMPTY))\n .subscribe();\n }\n }\n\n @Action(UpdateUserData)\n updateUserData(ctx: StateContext<AuthStateModel>, action: UpdateUserData) {\n ctx.patchState({\n user: action.user,\n });\n }\n\n @Action(UpdateTokens)\n updateTokens(ctx: StateContext<AuthStateModel>, action: UpdateTokens) {\n const tokenData = mapGatewayTokens(action.tokens);\n const state = ctx.getState();\n const updatedUser = state.user\n ? {\n ...state.user,\n token: tokenData.accessToken ?? state.user.token,\n accessToken: tokenData.accessToken ?? state.user.accessToken,\n refreshToken: tokenData.refreshToken ?? state.user.refreshToken,\n accessTokenExpiresAt: tokenData.accessTokenExpiresAt ?? undefined,\n refreshTokenExpiresAt: tokenData.refreshTokenExpiresAt ?? undefined,\n }\n : state.user;\n\n ctx.patchState({\n token: tokenData.accessToken,\n refreshToken: tokenData.refreshToken,\n accessTokenExpiresAt: tokenData.accessTokenExpiresAt,\n refreshTokenExpiresAt: tokenData.refreshTokenExpiresAt,\n user: updatedUser,\n });\n }\n\n @Action(ClearError)\n clearError(ctx: StateContext<AuthStateModel>) {\n ctx.patchState({ error: null });\n }\n\n @Action(ClearPendingMfa)\n clearPendingMfa(ctx: StateContext<AuthStateModel>) {\n ctx.patchState({ pendingMfa: null, twoFactorRequired: false });\n }\n\n private handleLoginResponse(\n ctx: StateContext<AuthStateModel>,\n session: GatewayLoginResponse | AuthLoginData,\n ): Observable<unknown> {\n if (session.requiresTwoFactor) {\n ctx.patchState({\n user: null,\n token: null,\n refreshToken: null,\n accessTokenExpiresAt: null,\n refreshTokenExpiresAt: null,\n pendingMfa: session.twoFactor,\n twoFactorRequired: true,\n loading: false,\n ssoCallbackLoading: false,\n error: null,\n });\n this.router.navigate([this.options.mfaRoute ?? '/auth/mfa'], {\n replaceUrl: true,\n });\n return of(null);\n }\n\n if (!hasGatewayTokens(session.tokens)) {\n ctx.dispatch(new LoginFailure('Login failed'));\n return of(null);\n }\n\n const tokenData = mapGatewayTokens(session.tokens);\n const user = mapGatewayUser(session.user, tokenData, session.delegations);\n\n ctx.patchState({\n user,\n token: tokenData.accessToken,\n refreshToken: tokenData.refreshToken,\n accessTokenExpiresAt: tokenData.accessTokenExpiresAt,\n refreshTokenExpiresAt: tokenData.refreshTokenExpiresAt,\n loading: false,\n ssoCallbackLoading: false,\n error: null,\n pendingMfa: null,\n twoFactorRequired: false,\n });\n\n return this.toObservable(this.options.afterLogin?.(session, ctx)).pipe(\n tap(() => {\n this.router.navigateByUrl(this.resolveAuthenticatedRoute(), {\n replaceUrl: true,\n });\n }),\n );\n }\n\n private get deviceToken(): string {\n return this.options.deviceToken ?? GATEWAY_AUTH_DEVICE_TOKEN;\n }\n\n private gatewayUrl(path: string): string {\n return buildGatewayUrl(this.options.getGatewayApiBaseUrl(), path);\n }\n\n private navigateToLogin(): void {\n this.router.navigate([this.options.loginRoute ?? '/auth/login'], {\n replaceUrl: true,\n });\n }\n\n private resolveAuthenticatedRoute(): string {\n const tree = this.router.parseUrl(this.router.url);\n const returnUrl = this.sanitizeLocalRoute(\n tree.queryParams['returnUrl'] as string | undefined,\n );\n if (returnUrl !== null) {\n return returnUrl;\n }\n\n const configuredRoute =\n typeof this.options.defaultAuthenticatedRoute === 'function'\n ? this.options.defaultAuthenticatedRoute()\n : this.options.defaultAuthenticatedRoute;\n return this.sanitizeLocalRoute(configuredRoute) ?? '/';\n }\n\n private sanitizeLocalRoute(route?: string | null): string | null {\n if (!route) {\n return null;\n }\n if (/^https?:\\/\\//i.test(route)) {\n return null;\n }\n return route.startsWith('/') ? route : `/${route}`;\n }\n\n private toObservable(result: GatewayAuthHookResult): Observable<unknown> {\n if (!result) {\n return of(null);\n }\n if (isObservable(result)) {\n return result;\n }\n if (result instanceof Promise) {\n return from(result);\n }\n return of(result);\n }\n}\n","import { Injectable, computed, inject } from '@angular/core';\nimport { select, Store } from '@ngxs/store';\nimport {\n ClearError,\n ClearPendingMfa,\n ExchangeSsoCode,\n LoadSsoProviders,\n Login,\n Logout,\n ResendMfa,\n StartSso,\n UpdateTokens,\n UpdateUserData,\n VerifyMfa,\n} from './gateway-auth.actions';\nimport { GatewayAuthState } from './gateway-auth.state';\nimport {\n AuthTokens,\n LoginRequest,\n SsoProvider,\n User,\n} from './gateway-auth.state.model';\nimport { isExpired } from './gateway-auth.utils';\n\n@Injectable({\n providedIn: 'root',\n})\nexport class GatewayAuthFacade {\n private readonly store = inject(Store);\n\n readonly user = select(GatewayAuthState.user);\n readonly loading = select(GatewayAuthState.loading);\n readonly mfaResendLoading = select(GatewayAuthState.mfaResendLoading);\n readonly ssoLoading = select(GatewayAuthState.ssoLoading);\n readonly ssoCallbackLoading = select(GatewayAuthState.ssoCallbackLoading);\n readonly error = select(GatewayAuthState.error);\n readonly token = select(GatewayAuthState.token);\n readonly refreshToken = select(GatewayAuthState.refreshToken);\n readonly accessTokenExpiresAt = select(GatewayAuthState.accessTokenExpiresAt);\n readonly refreshTokenExpiresAt = select(\n GatewayAuthState.refreshTokenExpiresAt,\n );\n readonly twoFactorRequired = select(GatewayAuthState.twoFactorRequired);\n readonly pendingMfa = select(GatewayAuthState.pendingMfa);\n readonly ssoProviders = select(GatewayAuthState.ssoProviders);\n readonly isAdmin = select(GatewayAuthState.isAdmin);\n readonly userDetails = select(GatewayAuthState.userDetails);\n\n readonly hasError = computed(() => this.error() !== null);\n readonly isReady = computed(() => !this.loading() && this.error() === null);\n readonly userDisplayName = computed(\n () => this.user()?.user?.displayName || '',\n );\n readonly userEmail = computed(() => this.user()?.user?.email || '');\n readonly hasUser = computed(() => this.user() !== null);\n readonly hasPendingMfa = computed(() => this.pendingMfa() !== null);\n\n readonly isAuthenticated = computed(() => {\n const token = this.token();\n const accessExpiresAt = this.accessTokenExpiresAt();\n if (token && !isExpired(accessExpiresAt)) {\n return true;\n }\n const refreshToken = this.refreshToken();\n const refreshExpiresAt = this.refreshTokenExpiresAt();\n return !!refreshToken && !isExpired(refreshExpiresAt);\n });\n\n login(loginRequest: LoginRequest): void {\n this.store.dispatch(new Login(loginRequest));\n }\n\n verifyMfa(code: string): void {\n this.store.dispatch(new VerifyMfa(code));\n }\n\n resendMfa(): void {\n this.store.dispatch(new ResendMfa());\n }\n\n loadSsoProviders(): void {\n this.store.dispatch(new LoadSsoProviders());\n }\n\n startSso(provider: SsoProvider): void {\n this.store.dispatch(new StartSso(provider));\n }\n\n exchangeSsoCode(code: string, state: string): void {\n this.store.dispatch(new ExchangeSsoCode(code, state));\n }\n\n logout(remote: boolean = false): void {\n this.store.dispatch(new Logout(remote));\n }\n\n updateUserData(user: User): void {\n this.store.dispatch(new UpdateUserData(user));\n }\n\n updateTokens(tokens: AuthTokens): void {\n this.store.dispatch(new UpdateTokens(tokens));\n }\n\n clearError(): void {\n this.store.dispatch(new ClearError());\n }\n\n clearPendingMfa(): void {\n this.store.dispatch(new ClearPendingMfa());\n }\n\n hasRole(role: string): boolean {\n const userRoles = this.user()?.user?.roles;\n return Array.isArray(userRoles) ? userRoles.includes(role) : false;\n }\n\n hasGroup(group: string): boolean {\n const userGroups = this.user()?.user?.groups;\n return Array.isArray(userGroups) ? userGroups.includes(group) : false;\n }\n\n isTokenExpired(): boolean {\n const accessExpiresAt = this.accessTokenExpiresAt();\n return accessExpiresAt ? isExpired(accessExpiresAt) : false;\n }\n}\n","import {\n HttpBackend,\n HttpClient,\n HttpContextToken,\n HttpInterceptorFn,\n HttpRequest,\n} from '@angular/common/http';\nimport { inject } from '@angular/core';\nimport {\n catchError,\n finalize,\n map,\n Observable,\n shareReplay,\n switchMap,\n tap,\n throwError,\n} from 'rxjs';\nimport { GatewayAuthFacade } from './gateway-auth.facade';\nimport { GATEWAY_AUTH_OPTIONS } from './gateway-auth.options';\nimport { GatewayRefreshData, GatewayResponse } from './gateway-auth.models';\nimport { AuthTokens } from './gateway-auth.state.model';\nimport {\n buildGatewayUrl,\n GATEWAY_AUTH_ENDPOINTS,\n isExpired,\n} from './gateway-auth.utils';\n\nexport const GATEWAY_AUTH_RETRY_CONTEXT = new HttpContextToken<boolean>(\n () => false,\n);\n\nconst GATEWAY_AUTH_ENDPOINT_PATHS = new Set<string>([\n GATEWAY_AUTH_ENDPOINTS.login,\n GATEWAY_AUTH_ENDPOINTS.refresh,\n GATEWAY_AUTH_ENDPOINTS.logout,\n]);\n\nconst GATEWAY_AUTH_ENDPOINT_PREFIXES = ['auth/2fa/', 'auth/sso/'] as const;\n\nconst isAbsoluteUrl = (url: string): boolean => /^https?:\\/\\//i.test(url);\n\nconst isAssetRequest = (url: string): boolean =>\n url.startsWith('/assets') || url.startsWith('assets');\n\nconst normalizeBase = (baseUrl?: string | null): string =>\n baseUrl?.replace(/\\/+$/, '') ?? '';\n\nconst buildAbsoluteUrl = (\n baseUrl: string | null | undefined,\n url: string,\n): string => {\n if (isAbsoluteUrl(url) || !baseUrl) {\n return url;\n }\n\n return `${normalizeBase(baseUrl)}/${url.replace(/^\\/+/, '')}`;\n};\n\nconst normalizePath = (path: string): string => {\n const trimmed = path.replace(/^\\/+/, '');\n const withoutQuery = trimmed.split('?')[0] || '';\n return withoutQuery.startsWith('api/') ? withoutQuery.slice(4) : withoutQuery;\n};\n\nexport function resolveGatewayAuthPath(\n url: string,\n gatewayApiBaseUrl?: string | null,\n): string {\n if (isAbsoluteUrl(url)) {\n try {\n return normalizePath(new URL(url).pathname);\n } catch {\n return normalizePath(url);\n }\n }\n\n if (gatewayApiBaseUrl && url.startsWith(gatewayApiBaseUrl)) {\n return normalizePath(url.slice(gatewayApiBaseUrl.length));\n }\n\n return normalizePath(url);\n}\n\nexport function isGatewayAuthRequestUrl(\n url: string,\n gatewayApiBaseUrl?: string | null,\n): boolean {\n const path = resolveGatewayAuthPath(url, gatewayApiBaseUrl).toLowerCase();\n\n return (\n GATEWAY_AUTH_ENDPOINT_PATHS.has(path) ||\n GATEWAY_AUTH_ENDPOINT_PREFIXES.some((prefix) => path.startsWith(prefix))\n );\n}\n\nlet inflightRefresh$: Observable<AuthTokens> | null = null;\n\nconst refreshTokens$ = (\n http: HttpClient,\n gatewayApiBaseUrl: string | null | undefined,\n refreshToken: string,\n auth: GatewayAuthFacade,\n deviceToken: string,\n): Observable<AuthTokens> => {\n if (!inflightRefresh$) {\n const url = buildGatewayUrl(\n gatewayApiBaseUrl,\n GATEWAY_AUTH_ENDPOINTS.refresh,\n );\n\n inflightRefresh$ = http\n .post<GatewayResponse<GatewayRefreshData>>(url, {\n refreshToken,\n deviceToken,\n })\n .pipe(\n map((response) => response.data),\n map((tokens) => {\n if (!tokens?.accessToken || !tokens.refreshToken) {\n throw new Error('Invalid refresh response');\n }\n return tokens as AuthTokens;\n }),\n tap((tokens) => auth.updateTokens(tokens)),\n shareReplay({ bufferSize: 1, refCount: true }),\n finalize(() => {\n inflightRefresh$ = null;\n }),\n );\n }\n\n return inflightRefresh$;\n};\n\nconst prepareRequest = (\n req: HttpRequest<unknown>,\n token: string | null,\n markRetried: boolean,\n baseUrl: string | null | undefined,\n) => {\n let modifiedReq = req;\n\n if (token) {\n modifiedReq = modifiedReq.clone({\n setHeaders: {\n Authorization: `Bearer ${token}`,\n },\n });\n }\n\n if (!isAbsoluteUrl(modifiedReq.url) && !isAssetRequest(modifiedReq.url)) {\n modifiedReq = modifiedReq.clone({\n url: buildAbsoluteUrl(baseUrl, modifiedReq.url),\n });\n }\n\n if (markRetried) {\n modifiedReq = modifiedReq.clone({\n context: modifiedReq.context.set(GATEWAY_AUTH_RETRY_CONTEXT, true),\n });\n }\n\n return modifiedReq;\n};\n\nexport const gatewayAuthInterceptor: HttpInterceptorFn = (req, next) => {\n if (isAssetRequest(req.url)) {\n return next(req);\n }\n\n const auth = inject(GatewayAuthFacade);\n const options = inject(GATEWAY_AUTH_OPTIONS);\n const http = new HttpClient(inject(HttpBackend));\n\n const gatewayApiBaseUrl = options.getGatewayApiBaseUrl();\n const appApiBaseUrl = options.getApplicationApiBaseUrl?.();\n const useGatewayBaseUrl = options.shouldUseGatewayApiBaseUrl?.(req) ?? false;\n const baseUrl = useGatewayBaseUrl ? gatewayApiBaseUrl : appApiBaseUrl;\n const deviceToken = options.deviceToken ?? 'web-app';\n\n const accessToken = auth.token();\n const refreshToken = auth.refreshToken();\n const accessTokenExpiresAt = auth.accessTokenExpiresAt();\n const refreshTokenExpiresAt = auth.refreshTokenExpiresAt();\n const accessTokenValid = !!accessToken && !isExpired(accessTokenExpiresAt);\n const canRefresh = !!refreshToken && !isExpired(refreshTokenExpiresAt);\n const alreadyRetried = req.context.get(GATEWAY_AUTH_RETRY_CONTEXT);\n const isAuthRequest = isGatewayAuthRequestUrl(req.url, gatewayApiBaseUrl);\n const tokenToAttach = !isAuthRequest && accessTokenValid ? accessToken : null;\n\n if (!isAuthRequest && !accessTokenValid && canRefresh) {\n return refreshTokens$(\n http,\n gatewayApiBaseUrl,\n refreshToken,\n auth,\n deviceToken,\n ).pipe(\n switchMap((tokens) =>\n next(prepareRequest(req, tokens.accessToken, true, baseUrl)),\n ),\n catchError((error) => {\n auth.logout();\n return throwError(() => error);\n }),\n );\n }\n\n return next(prepareRequest(req, tokenToAttach, false, baseUrl)).pipe(\n catchError((error) => {\n if (error?.status === 401 && !isAuthRequest && !alreadyRetried) {\n const latestRefreshToken = auth.refreshToken();\n const latestRefreshTokenExpiresAt = auth.refreshTokenExpiresAt();\n const canRefreshNow =\n !!latestRefreshToken && !isExpired(latestRefreshTokenExpiresAt);\n\n if (canRefreshNow) {\n return refreshTokens$(\n http,\n gatewayApiBaseUrl,\n latestRefreshToken,\n auth,\n deviceToken,\n ).pipe(\n switchMap((tokens) =>\n next(prepareRequest(req, tokens.accessToken, true, baseUrl)),\n ),\n catchError((refreshError) => {\n auth.logout();\n return throwError(() => refreshError);\n }),\n );\n }\n }\n\n if (error?.status === 401 && !isAuthRequest) {\n auth.logout();\n }\n\n return throwError(() => error);\n }),\n );\n};\n","import { CommonModule } from '@angular/common';\nimport {\n ChangeDetectionStrategy,\n Component,\n computed,\n inject,\n OnInit,\n} from '@angular/core';\nimport { FormBuilder, ReactiveFormsModule, Validators } from '@angular/forms';\nimport { Router } from '@angular/router';\nimport { Button } from '@masterteam/components/button';\nimport { TextField } from '@masterteam/components/text-field';\nimport { Icon } from '@masterteam/icons';\nimport { GatewayAuthFacade } from '../../gateway-auth.facade';\nimport { GATEWAY_AUTH_OPTIONS } from '../../gateway-auth.options';\n\n@Component({\n selector: 'mt-gateway-mfa',\n imports: [CommonModule, ReactiveFormsModule, Button, TextField, Icon],\n templateUrl: './gateway-mfa.html',\n styleUrls: ['./gateway-mfa.css'],\n changeDetection: ChangeDetectionStrategy.OnPush,\n})\nexport default class GatewayMfa implements OnInit {\n private readonly auth = inject(GatewayAuthFacade);\n private readonly fb = inject(FormBuilder);\n private readonly router = inject(Router);\n private readonly options = inject(GATEWAY_AUTH_OPTIONS);\n\n readonly pendingMfa = this.auth.pendingMfa;\n readonly loading = this.auth.loading;\n readonly resendLoading = this.auth.mfaResendLoading;\n readonly error = this.auth.error;\n\n readonly deliveryChannel = computed(\n () => this.pendingMfa()?.deliveryChannel || 'your configured channel',\n );\n readonly expiresAt = computed(() => this.pendingMfa()?.expiresAtUtc ?? null);\n\n readonly form = this.fb.group({\n code: ['', [Validators.required, Validators.pattern(/^[0-9]{4,8}$/)]],\n });\n\n ngOnInit(): void {\n if (!this.pendingMfa()) {\n this.router.navigate([this.options.loginRoute ?? '/auth/login'], {\n replaceUrl: true,\n });\n }\n }\n\n verify(): void {\n if (this.form.invalid) {\n this.form.markAllAsTouched();\n return;\n }\n\n const code = this.form.controls.code.value ?? '';\n this.form.reset();\n this.auth.verifyMfa(code);\n }\n\n resend(): void {\n this.form.reset();\n this.auth.resendMfa();\n }\n\n backToLogin(): void {\n this.auth.clearPendingMfa();\n this.router.navigate([this.options.loginRoute ?? '/auth/login'], {\n replaceUrl: true,\n });\n }\n}\n","<div\n class=\"min-h-screen w-screen flex items-center justify-center p-6 bg-surface-50\"\n>\n <div\n class=\"w-full max-w-md rounded-xl bg-white p-8 shadow-sm border border-surface-200\"\n >\n <div class=\"flex justify-center mb-6\">\n <div\n class=\"h-12 w-12 rounded-full bg-primary/10 flex items-center justify-center\"\n >\n <mt-icon\n icon=\"security.lock-01\"\n class=\"text-primary text-2xl\"\n ></mt-icon>\n </div>\n </div>\n\n <div class=\"text-center space-y-2 mb-6\">\n <h1 class=\"text-2xl font-semibold text-surface-950\">Verification code</h1>\n <p class=\"text-sm text-surface-600\">\n Enter the code sent through {{ deliveryChannel() }}.\n </p>\n @if (expiresAt(); as expiry) {\n <p class=\"text-xs text-surface-500\">\n Expires at {{ expiry | date: \"shortTime\" }}\n </p>\n }\n </div>\n\n <form [formGroup]=\"form\" (ngSubmit)=\"verify()\" class=\"space-y-4\">\n <mt-text-field\n label=\"Code\"\n formControlName=\"code\"\n [pInputs]=\"{ inputMode: 'numeric', autocomplete: 'one-time-code' }\"\n />\n\n @if (error(); as errorMessage) {\n <p class=\"text-sm text-red-500 text-center\">{{ errorMessage }}</p>\n }\n\n <mt-button\n label=\"Verify\"\n type=\"submit\"\n severity=\"primary\"\n size=\"large\"\n fluid\n [loading]=\"loading()\"\n [disabled]=\"form.invalid || loading()\"\n />\n </form>\n\n <div class=\"flex items-center justify-between gap-3 pt-5\">\n <mt-button\n label=\"Back\"\n type=\"button\"\n text\n [disabled]=\"loading()\"\n (onClick)=\"backToLogin()\"\n />\n <mt-button\n label=\"Resend code\"\n type=\"button\"\n variant=\"outlined\"\n [loading]=\"resendLoading()\"\n [disabled]=\"loading() || resendLoading()\"\n (onClick)=\"resend()\"\n />\n </div>\n </div>\n</div>\n","import { CommonModule } from '@angular/common';\nimport {\n ChangeDetectionStrategy,\n Component,\n inject,\n OnInit,\n signal,\n} from '@angular/core';\nimport { ActivatedRoute, Router } from '@angular/router';\nimport { Button } from '@masterteam/components/button';\nimport { Icon } from '@masterteam/icons';\nimport { GatewayAuthFacade } from '../../gateway-auth.facade';\nimport { GATEWAY_AUTH_OPTIONS } from '../../gateway-auth.options';\nimport { GatewaySsoSession } from '../../gateway-sso-session.service';\n\n@Component({\n selector: 'mt-gateway-sso-callback',\n imports: [CommonModule, Button, Icon],\n templateUrl: './gateway-sso-callback.html',\n styleUrls: ['./gateway-sso-callback.css'],\n changeDetection: ChangeDetectionStrategy.OnPush,\n})\nexport default class GatewaySsoCallback implements OnInit {\n private readonly route = inject(ActivatedRoute);\n private readonly router = inject(Router);\n private readonly auth = inject(GatewayAuthFacade);\n private readonly options = inject(GATEWAY_AUTH_OPTIONS);\n private readonly ssoSession = new GatewaySsoSession();\n\n readonly loading = this.auth.ssoCallbackLoading;\n readonly exchangeError = this.auth.error;\n readonly callbackError = signal<string | null>(null);\n\n ngOnInit(): void {\n const params = this.route.snapshot.queryParamMap;\n const error = params.get('error');\n const errorCode = params.get('errorCode');\n const code = params.get('code');\n const state = params.get('state');\n\n this.ssoSession.clearCallbackQuery(\n this.options.ssoCallbackPath ?? '/auth/sso/callback',\n );\n\n if (!this.ssoSession.consumeExpectedState(state)) {\n this.callbackError.set(this.safeSsoMessage('invalid_state'));\n return;\n }\n\n if (error) {\n this.callbackError.set(this.safeSsoMessage(errorCode ?? 'sso_failed'));\n return;\n }\n\n if (!code || !state) {\n this.callbackError.set(this.safeSsoMessage('invalid_state'));\n return;\n }\n\n this.auth.exchangeSsoCode(code, state);\n }\n\n retry(): void {\n this.router.navigate([this.options.loginRoute ?? '/auth/login'], {\n replaceUrl: true,\n });\n }\n\n private safeSsoMessage(errorCode: string): string {\n const messages: Record<string, string> = {\n invalid_state: 'The sign-in session expired. Please try again.',\n sso_exchange_expired: 'The sign-in session expired. Please try again.',\n sso_exchange_used:\n 'This sign-in session was already used. Please try again.',\n sso_user_not_found: 'Your account is not configured for SSO.',\n sso_provisioning_not_allowed: 'Your account is not configured for SSO.',\n };\n\n return messages[errorCode] ?? 'SSO sign-in failed. Please try again.';\n }\n}\n","<div\n class=\"min-h-screen w-screen flex items-center justify-center p-6 bg-surface-50\"\n>\n <div\n class=\"w-full max-w-md rounded-xl bg-white p-8 shadow-sm border border-surface-200 text-center\"\n >\n @if (callbackError() || exchangeError(); as errorMessage) {\n <div class=\"space-y-5\">\n <mt-icon\n icon=\"alert.alert-circle\"\n class=\"text-red-500 text-4xl\"\n ></mt-icon>\n <div class=\"space-y-2\">\n <h1 class=\"text-xl font-semibold text-surface-950\">\n SSO sign-in failed\n </h1>\n <p class=\"text-sm text-surface-600\">{{ errorMessage }}</p>\n </div>\n <mt-button\n label=\"Back to sign in\"\n severity=\"primary\"\n (onClick)=\"retry()\"\n ></mt-button>\n </div>\n } @else {\n <div class=\"space-y-5\">\n <mt-icon\n icon=\"general.loading-02\"\n class=\"text-primary text-4xl animate-spin animate-duration-2000\"\n >\n </mt-icon>\n <div class=\"space-y-2\">\n <h1 class=\"text-xl font-semibold text-surface-950\">\n Completing sign-in\n </h1>\n <p class=\"text-sm text-surface-600\">\n Please wait while we finish the secure sign-in.\n </p>\n </div>\n </div>\n }\n </div>\n</div>\n","import {\n ChangeDetectionStrategy,\n Component,\n inject,\n input,\n} from '@angular/core';\nimport { Button } from '@masterteam/components/button';\nimport { GatewayAuthFacade } from '../../gateway-auth.facade';\nimport { SsoProvider } from '../../gateway-auth.state.model';\n\n@Component({\n selector: 'mt-gateway-sso-buttons',\n imports: [Button],\n templateUrl: './gateway-sso-buttons.html',\n styleUrl: './gateway-sso-buttons.css',\n changeDetection: ChangeDetectionStrategy.OnPush,\n})\nexport default class GatewaySsoButtons {\n private readonly authFacade = inject(GatewayAuthFacade);\n\n readonly dividerLabel = input('or');\n readonly providers = this.authFacade.ssoProviders;\n readonly loading = this.authFacade.ssoLoading;\n\n constructor() {\n this.authFacade.loadSsoProviders();\n }\n\n startSso(provider: SsoProvider): void {\n this.authFacade.startSso(provider);\n }\n}\n","@if (providers().length > 0) {\n <div class=\"gateway-sso-divider\">\n <span></span>\n <span>{{ dividerLabel() }}</span>\n <span></span>\n </div>\n\n <div class=\"gateway-sso-list\">\n @for (provider of providers(); track provider.key) {\n <mt-button\n [label]=\"provider.displayName\"\n size=\"large\"\n variant=\"outlined\"\n fluid\n type=\"button\"\n [disabled]=\"loading()\"\n (onClick)=\"startSso(provider)\"\n />\n }\n </div>\n}\n","/**\n * Generated bundle index. Do not edit.\n */\n\nexport * from './public-api';\n"],"names":["tap","catchError"],"mappings":";;;;;;;;;;;;;;;AAUO,MAAM,yBAAyB,GAAG;AAElC,MAAM,sBAAsB,GAAG;AACpC,IAAA,KAAK,EAAE,YAAY;AACnB,IAAA,SAAS,EAAE,iBAAiB;AAC5B,IAAA,SAAS,EAAE,iBAAiB;AAC5B,IAAA,OAAO,EAAE,cAAc;AACvB,IAAA,MAAM,EAAE,aAAa;AACrB,IAAA,YAAY,EAAE,oBAAoB;AAClC,IAAA,WAAW,EAAE,mBAAmB;AAChC,IAAA,gBAAgB,EAAE,yBAAyB;IAC3C,WAAW,EAAE,CAAC,WAAmB,KAC/B,CAAA,gBAAA,EAAmB,kBAAkB,CAAC,WAAW,CAAC,CAAA,MAAA,CAAQ;IAC5D,YAAY,EAAE,CAAC,WAAmB,KAChC,CAAA,gBAAA,EAAmB,kBAAkB,CAAC,WAAW,CAAC,CAAA,OAAA,CAAS;IAC7D,QAAQ,EAAE,CAAC,WAAmB,KAC5B,CAAA,SAAA,EAAY,kBAAkB,CAAC,WAAW,CAAC,CAAA,MAAA,CAAQ;;AAGjD,SAAU,SAAS,CAAC,QAAwB,EAAA;IAChD,IAAI,CAAC,QAAQ,EAAE;AACb,QAAA,OAAO,KAAK;IACd;IAEA,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,CAAC,OAAO,EAAE;AAC9C,IAAA,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,IAAI,IAAI,CAAC,GAAG,EAAE;AAC/D;AAEM,SAAU,mBAAmB,CACjC,KAAkC,EAAA;IAElC,OAAO,KAAK,EAAE,WAAW,IAAI,KAAK,EAAE,QAAQ,IAAI,IAAI;AACtD;AAEM,SAAU,gBAAgB,CAC9B,MAA8C,EAAA;IAE9C,OAAO;QACL,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;AACjC,QAAA,oBAAoB,EAAE,mBAAmB,CAAC,MAAM,CAAC,oBAAoB,CAAC;AACtE,QAAA,qBAAqB,EAAE,mBAAmB,CAAC,MAAM,CAAC,qBAAqB,CAAC;KACzE;AACH;SAEgB,cAAc,CAC5B,IAAwB,EACxB,SAA8B,EAC9B,WAAuB,EAAA;IAEvB,MAAM,KAAK,GACT,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,IAAI,CAAC,KAAK;AACxE,IAAA,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,GAAG,EAAE,QAAQ,EAAE,IAAI,CAAC,KAAK,EAAE,GAAG,SAAS;AACvE,IAAA,MAAM,aAAa,GAAG,KAAK,IAAI,aAAa;IAE5C,OAAO;AACL,QAAA,IAAI,EAAE;AACJ,YAAA,GAAG,IAAI;AACP,YAAA,KAAK,EAAE,aAAa;AACrB,SAAA;QACD,KAAK,EAAE,SAAS,CAAC,WAAW;QAC5B,WAAW,EAAE,SAAS,CAAC,WAAW;QAClC,YAAY,EAAE,SAAS,CAAC,YAAY;AACpC,QAAA,oBAAoB,EAAE,SAAS,CAAC,oBAAoB,IAAI,SAAS;AACjE,QAAA,qBAAqB,EAAE,SAAS,CAAC,qBAAqB,IAAI,SAAS;QACnE,WAAW,EAAE,WAAW,IAAI,EAAE;AAC9B,QAAA,iBAAiB,EAAE,KAAK;KACzB;AACH;AAEM,SAAU,gBAAgB,CAC9B,MAA+D,EAAA;IAE/D,OAAO,OAAO,CAAC,MAAM,EAAE,WAAW,IAAI,MAAM,EAAE,YAAY,CAAC;AAC7D;AAEM,SAAU,sBAAsB,CACpC,KAAc,EACd,QAAgB,EAAA;IAEhB,MAAM,QAAQ,GAAG,KAOhB;AAED,IAAA,QACE,QAAQ,CAAC,KAAK,EAAE,OAAO;QACvB,QAAQ,CAAC,KAAK,EAAE,OAAO;AACvB,QAAA,QAAQ,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO;AAC/B,QAAA,QAAQ,CAAC,OAAO;AAChB,QAAA,QAAQ;AAEZ;AAEM,SAAU,oBAAoB,CAAC,OAAuB,EAAA;IAC1D,IAAI,CAAC,OAAO,EAAE;AACZ,QAAA,OAAO,EAAE;IACX;IAEA,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;AACpC;AAEM,SAAU,eAAe,CAC7B,iBAA4C,EAC5C,IAAY,EAAA;AAEZ,IAAA,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;AAC9B,QAAA,OAAO,IAAI;IACb;AAEA,IAAA,MAAM,cAAc,GAAG,oBAAoB,CAAC,iBAAiB,CAAC;IAC9D,IAAI,CAAC,cAAc,EAAE;AACnB,QAAA,OAAO,IAAI;IACb;IAEA,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;AAC/C,IAAA,IAAI,cAAc,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE;AACrC,QAAA,IAAI;AACF,YAAA,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC;AACpC,YAAA,OAAO,GAAG,IAAI,CAAC,MAAM,CAAA,CAAA,EAAI,cAAc,EAAE;QAC3C;AAAE,QAAA,MAAM;AACN,YAAA,OAAO,CAAA,EAAG,cAAc,CAAA,CAAA,EAAI,cAAc,EAAE;QAC9C;IACF;AAEA,IAAA,OAAO,CAAA,EAAG,cAAc,CAAA,CAAA,EAAI,cAAc,EAAE;AAC9C;AAUM,SAAU,gBAAgB,CAAC,EAC/B,iBAAiB,EACjB,QAAQ,EACR,SAAS,EACT,WAAW,EACX,QAAQ,GAAG,KAAK,GACQ,EAAA;AACxB,IAAA,MAAM,SAAS,GACb,QAAQ,CAAC,QAAQ,IAAI,sBAAsB,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC;AACpE,IAAA,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,iBAAiB,EAAE,SAAS,CAAC,CAAC;IAClE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC;IAC1C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,WAAW,EAAE,SAAS,CAAC;IAC5C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,WAAW,CAAC;AAChD,IAAA,OAAO,GAAG,CAAC,QAAQ,EAAE;AACvB;SAEgB,uBAAuB,GAAA;IACrC,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,UAAU,EAAE;AACtD,QAAA,OAAO,MAAM,CAAC,UAAU,EAAE;IAC5B;AAEA,IAAA,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,EAAE,CAAC;IAChC,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,eAAe,EAAE;AAC3D,QAAA,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC;AAC7B,QAAA,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,KAAK,KAC7B,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CACpC,CAAC,IAAI,CAAC,EAAE,CAAC;IACZ;IAEA,OAAO,CAAA,EAAG,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAA,EAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA,CAAE;AAC3E;;MC5Ka,KAAK,CAAA;AAEG,IAAA,OAAA;AADnB,IAAA,OAAgB,IAAI,GAAG,cAAc;AACrC,IAAA,WAAA,CAAmB,OAAqB,EAAA;QAArB,IAAA,CAAA,OAAO,GAAP,OAAO;IAAiB;;MAGhC,SAAS,CAAA;AAED,IAAA,IAAA;AADnB,IAAA,OAAgB,IAAI,GAAG,mBAAmB;AAC1C,IAAA,WAAA,CAAmB,IAAY,EAAA;QAAZ,IAAA,CAAA,IAAI,GAAJ,IAAI;IAAW;;MAGvB,SAAS,CAAA;AACpB,IAAA,OAAgB,IAAI,GAAG,mBAAmB;;MAG/B,gBAAgB,CAAA;AAC3B,IAAA,OAAgB,IAAI,GAAG,2BAA2B;;MAGvC,QAAQ,CAAA;AAEA,IAAA,QAAA;AADnB,IAAA,OAAgB,IAAI,GAAG,kBAAkB;AACzC,IAAA,WAAA,CAAmB,QAAqB,EAAA;QAArB,IAAA,CAAA,QAAQ,GAAR,QAAQ;IAAgB;;MAGhC,eAAe,CAAA;AAGjB,IAAA,IAAA;AACA,IAAA,KAAA;AAHT,IAAA,OAAgB,IAAI,GAAG,0BAA0B;IACjD,WAAA,CACS,IAAY,EACZ,KAAa,EAAA;QADb,IAAA,CAAA,IAAI,GAAJ,IAAI;QACJ,IAAA,CAAA,KAAK,GAAL,KAAK;IACX;;MAGQ,YAAY,CAAA;AAEJ,IAAA,OAAA;AADnB,IAAA,OAAgB,IAAI,GAAG,sBAAsB;AAC7C,IAAA,WAAA,CAAmB,OAAsB,EAAA;QAAtB,IAAA,CAAA,OAAO,GAAP,OAAO;IAAkB;;MAGjC,YAAY,CAAA;AAEJ,IAAA,KAAA;AADnB,IAAA,OAAgB,IAAI,GAAG,sBAAsB;AAC7C,IAAA,WAAA,CAAmB,KAAa,EAAA;QAAb,IAAA,CAAA,KAAK,GAAL,KAAK;IAAW;;MAGxB,MAAM,CAAA;AAEE,IAAA,MAAA;AADnB,IAAA,OAAgB,IAAI,GAAG,eAAe;AACtC,IAAA,WAAA,CAAmB,SAAkB,KAAK,EAAA;QAAvB,IAAA,CAAA,MAAM,GAAN,MAAM;IAAoB;;MAGlC,cAAc,CAAA;AAEN,IAAA,IAAA;AADnB,IAAA,OAAgB,IAAI,GAAG,yBAAyB;AAChD,IAAA,WAAA,CAAmB,IAAU,EAAA;QAAV,IAAA,CAAA,IAAI,GAAJ,IAAI;IAAS;;MAGrB,YAAY,CAAA;AAEJ,IAAA,MAAA;AADnB,IAAA,OAAgB,IAAI,GAAG,sBAAsB;AAC7C,IAAA,WAAA,CAAmB,MAAkB,EAAA;QAAlB,IAAA,CAAA,MAAM,GAAN,MAAM;IAAe;;MAG7B,UAAU,CAAA;AACrB,IAAA,OAAgB,IAAI,GAAG,oBAAoB;;MAGhC,eAAe,CAAA;AAC1B,IAAA,OAAgB,IAAI,GAAG,0BAA0B;;;MCpCtC,oBAAoB,GAAG,IAAI,cAAc,CACpD,sBAAsB,EACtB;AACE,IAAA,OAAO,EAAE,OAAO;AACd,QAAA,oBAAoB,EAAE,MAAM,IAAI;AAChC,QAAA,WAAW,EAAE,SAAS;AACtB,QAAA,QAAQ,EAAE,KAAK;AACf,QAAA,UAAU,EAAE,aAAa;AACzB,QAAA,QAAQ,EAAE,WAAW;AACrB,QAAA,eAAe,EAAE,oBAAoB;AACrC,QAAA,yBAAyB,EAAE,GAAG;AAC9B,QAAA,4BAA4B,EAAE,IAAI;KACnC,CAAC;AACH,CAAA;;AC5CH,MAAM,qBAAqB,GAAG,6BAA6B;MAE9C,iBAAiB,CAAA;IAC5B,mBAAmB,GAAA;AACjB,QAAA,MAAM,KAAK,GAAG,uBAAuB,EAAE;QACvC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,qBAAqB,EAAE,KAAK,CAAC;AACnD,QAAA,OAAO,KAAK;IACd;IAEA,eAAe,GAAA;QACb,OAAO,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,qBAAqB,CAAC,IAAI,IAAI;IAC7D;IAEA,iBAAiB,GAAA;AACf,QAAA,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,qBAAqB,CAAC;IACjD;AAEA,IAAA,oBAAoB,CAAC,KAAoB,EAAA;AACvC,QAAA,MAAM,aAAa,GAAG,IAAI,CAAC,eAAe,EAAE;QAC5C,IAAI,CAAC,iBAAiB,EAAE;QACxB,OAAO,OAAO,CAAC,KAAK,IAAI,aAAa,IAAI,KAAK,KAAK,aAAa,CAAC;IACnE;IAEA,kBAAkB,CAAC,IAAI,GAAG,oBAAoB,EAAA;AAC5C,QAAA,IAAI,OAAO,MAAM,KAAK,WAAW,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,YAAY,EAAE;YAClE;QACF;AAEA,QAAA,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,QAAQ,CAAC,KAAK,EAAE,IAAI,CAAC;IACvD;IAEA,QAAQ,GAAA;QACN,IAAI,CAAC,iBAAiB,EAAE;IAC1B;AAEA,IAAA,IAAY,OAAO,GAAA;AACjB,QAAA,IAAI,OAAO,cAAc,KAAK,WAAW,EAAE;AACzC,YAAA,OAAO,IAAI;QACb;AAEA,QAAA,OAAO,cAAc;IACvB;AACD;;ACHM,MAAM,mBAAmB,GAAmB;AACjD,IAAA,IAAI,EAAE,IAAI;AACV,IAAA,KAAK,EAAE,IAAI;AACX,IAAA,YAAY,EAAE,IAAI;AAClB,IAAA,oBAAoB,EAAE,IAAI;AAC1B,IAAA,qBAAqB,EAAE,IAAI;AAC3B,IAAA,OAAO,EAAE,KAAK;AACd,IAAA,gBAAgB,EAAE,KAAK;AACvB,IAAA,UAAU,EAAE,KAAK;AACjB,IAAA,kBAAkB,EAAE,KAAK;AACzB,IAAA,KAAK,EAAE,IAAI;AACX,IAAA,iBAAiB,EAAE,KAAK;AACxB,IAAA,UAAU,EAAE,IAAI;AAChB,IAAA,YAAY,EAAE,EAAE;;AAGZ,SAAU,0BAA0B,CACxC,GAAmC,EAAA;IAEnC,OAAO;AACL,QAAA,GAAG,mBAAmB;AACtB,QAAA,IAAI,GAAG,IAAI,EAAE,CAAC;AACd,QAAA,OAAO,EAAE,KAAK;AACd,QAAA,gBAAgB,EAAE,KAAK;AACvB,QAAA,UAAU,EAAE,KAAK;AACjB,QAAA,kBAAkB,EAAE,KAAK;AACzB,QAAA,KAAK,EAAE,IAAI;AACX,QAAA,iBAAiB,EAAE,KAAK;AACxB,QAAA,UAAU,EAAE,IAAI;AAChB,QAAA,YAAY,EAAE,EAAE;KACjB;AACH;;;;;;;;AChBO,IAAM,gBAAgB,GAAtB,MAAM,gBAAgB,CAAA;AACV,IAAA,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC;AACzB,IAAA,OAAO,GAAG,MAAM,CAAC,oBAAoB,CAAC;AACtC,IAAA,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;AACvB,IAAA,UAAU,GAAG,IAAI,iBAAiB,EAAE;AAG9C,IAAP,OAAO,IAAI,CAAC,KAAqB,EAAA;QAC/B,OAAO,KAAK,CAAC,IAAI;IACnB;AAGO,IAAP,OAAO,OAAO,CAAC,KAAqB,EAAA;QAClC,OAAO,KAAK,CAAC,OAAO;IACtB;AAGO,IAAP,OAAO,gBAAgB,CAAC,KAAqB,EAAA;QAC3C,OAAO,KAAK,CAAC,gBAAgB;IAC/B;AAGO,IAAP,OAAO,UAAU,CAAC,KAAqB,EAAA;QACrC,OAAO,KAAK,CAAC,UAAU;IACzB;AAGO,IAAP,OAAO,kBAAkB,CAAC,KAAqB,EAAA;QAC7C,OAAO,KAAK,CAAC,kBAAkB;IACjC;AAGO,IAAP,OAAO,KAAK,CAAC,KAAqB,EAAA;QAChC,OAAO,KAAK,CAAC,KAAK;IACpB;AAGO,IAAP,OAAO,KAAK,CAAC,KAAqB,EAAA;QAChC,OAAO,KAAK,CAAC,KAAK;IACpB;AAGO,IAAP,OAAO,YAAY,CAAC,KAAqB,EAAA;QACvC,OAAO,KAAK,CAAC,YAAY;IAC3B;AAGO,IAAP,OAAO,oBAAoB,CAAC,KAAqB,EAAA;QAC/C,OAAO,KAAK,CAAC,oBAAoB;IACnC;AAGO,IAAP,OAAO,qBAAqB,CAAC,KAAqB,EAAA;QAChD,OAAO,KAAK,CAAC,qBAAqB;IACpC;AAGO,IAAP,OAAO,iBAAiB,CAAC,KAAqB,EAAA;QAC5C,OAAO,KAAK,CAAC,iBAAiB;IAChC;AAGO,IAAP,OAAO,UAAU,CAAC,KAAqB,EAAA;QACrC,OAAO,KAAK,CAAC,UAAU;IACzB;AAGO,IAAP,OAAO,YAAY,CAAC,KAAqB,EAAA;QACvC,OAAO,KAAK,CAAC,YAAY;IAC3B;AAGO,IAAP,OAAO,OAAO,CAAC,KAAqB,EAAA;AAClC,QAAA,OAAO,KAAK,CAAC,IAAI,EAAE,OAAO,IAAI,KAAK;IACrC;AAGO,IAAP,OAAO,WAAW,CAAC,KAAqB,EAAA;AACtC,QAAA,OAAO,KAAK,CAAC,IAAI,EAAE,IAAI,IAAI,IAAI;IACjC;IAGA,KAAK,CAAC,GAAiC,EAAE,MAAa,EAAA;QACpD,GAAG,CAAC,UAAU,CAAC;AACb,YAAA,OAAO,EAAE,IAAI;AACb,YAAA,KAAK,EAAE,IAAI;AACX,YAAA,UAAU,EAAE,IAAI;AAChB,YAAA,iBAAiB,EAAE,KAAK;AACzB,SAAA,CAAC;QAEF,OAAO,IAAI,CAAC;aACT,IAAI,CACH,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,KAAK,CAAC,EAC7C;AACE,YAAA,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ;AACjC,YAAA,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ;AACjC,YAAA,WAAW,EAAE,MAAM,CAAC,OAAO,CAAC,WAAW,IAAI,KAAK;YAChD,WAAW,EAAE,MAAM,CAAC,OAAO,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW;AAC3D,YAAA,cAAc,EAAE,MAAM,CAAC,OAAO,CAAC,cAAc;AAC7C,YAAA,eAAe,EAAE,MAAM,CAAC,OAAO,CAAC,eAAe;SAChD;aAEF,IAAI,CACH,QAAQ,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,mBAAmB,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,EACpE,UAAU,CAAC,CAAC,KAAK,KAAI;AACnB,YAAA,GAAG,CAAC,QAAQ,CACV,IAAI,YAAY,CAAC,sBAAsB,CAAC,KAAK,EAAE,cAAc,CAAC,CAAC,CAChE;AACD,YAAA,OAAO,EAAE,CAAC,IAAI,CAAC;QACjB,CAAC,CAAC,CACH;IACL;IAGA,SAAS,CAAC,GAAiC,EAAE,MAAiB,EAAA;QAC5D,MAAM,UAAU,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC,UAAU;QAC5C,IAAI,CAAC,UAAU,EAAE;YACf,GAAG,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,mCAAmC,CAAC,CAAC;YACnE,IAAI,CAAC,eAAe,EAAE;AACtB,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,GAAG,CAAC,UAAU,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAE9C,OAAO,IAAI,CAAC;aACT,IAAI,CACH,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,SAAS,CAAC,EACjD;YACE,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,aAAa,EAAE,UAAU,CAAC,aAAa;YACvC,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B;aAEF,IAAI,CACH,QAAQ,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,mBAAmB,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,EACpE,UAAU,CAAC,CAAC,KAAK,KAAI;YACnB,MAAM,OAAO,GAAG,sBAAsB,CACpC,KAAK,EACL,2BAA2B,CAC5B;AACD,YAAA,MAAM,cAAc,GAAG,KAAK,EAAE,MAAM,KAAK,GAAG;YAC5C,GAAG,CAAC,UAAU,CAAC;AACb,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,KAAK,EAAE,OAAO;gBACd,UAAU,EAAE,cAAc,GAAG,IAAI,GAAG,UAAU;gBAC9C,iBAAiB,EAAE,CAAC,cAAc;AACnC,aAAA,CAAC;YACF,IAAI,cAAc,EAAE;gBAClB,IAAI,CAAC,eAAe,EAAE;YACxB;AACA,YAAA,OAAO,EAAE,CAAC,IAAI,CAAC;QACjB,CAAC,CAAC,CACH;IACL;AAGA,IAAA,SAAS,CAAC,GAAiC,EAAA;QACzC,MAAM,UAAU,GAAG,GAAG,CAAC,QAAQ,EAAE,CAAC,UAAU;QAC5C,IAAI,CAAC,UAAU,EAAE;YACf,GAAG,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,mCAAmC,CAAC,CAAC;YACnE,IAAI,CAAC,eAAe,EAAE;AACtB,YAAA,OAAO,KAAK;QACd;AAEA,QAAA,GAAG,CAAC,UAAU,CAAC,EAAE,gBAAgB,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAEvD,OAAO,IAAI,CAAC;aACT,IAAI,CACH,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,SAAS,CAAC,EACjD;YACE,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,aAAa,EAAE,UAAU,CAAC,aAAa;SACxC;AAEF,aAAA,IAAI,CACH,GAAG,CAAC,CAAC,QAAQ,KAAI;YACf,GAAG,CAAC,UAAU,CAAC;gBACb,UAAU,EAAE,QAAQ,CAAC,IAAI;AACzB,gBAAA,iBAAiB,EAAE,IAAI;AACvB,gBAAA,gBAAgB,EAAE,KAAK;AACvB,gBAAA,KAAK,EAAE,IAAI;AACZ,aAAA,CAAC;AACJ,QAAA,CAAC,CAAC,EACF,UAAU,CAAC,CAAC,KAAK,KAAI;YACnB,GAAG,CAAC,UAAU,CAAC;AACb,gBAAA,gBAAgB,EAAE,KAAK;AACvB,gBAAA,KAAK,EAAE,sBAAsB,CAAC,KAAK,EAAE,uBAAuB,CAAC;AAC9D,aAAA,CAAC;AACF,YAAA,OAAO,EAAE,CAAC,IAAI,CAAC;QACjB,CAAC,CAAC,CACH;IACL;AAGA,IAAA,gBAAgB,CAAC,GAAiC,EAAA;QAChD,GAAG,CAAC,UAAU,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;QAEpC,OAAO,IAAI,CAAC;aACT,GAAG,CACF,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,YAAY,CAAC,EACpD;YACE,MAAM,EAAE,EAAE,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,KAAK,EAAE;SACrD;AAEF,aAAA,IAAI,CACH,GAAG,CAAC,CAAC,QAAQ,KAAI;YACf,GAAG,CAAC,UAAU,CAAC;gBACb,YAAY,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,SAAS,IAAI,EAAE,EAAE,MAAM,CACnD,CAAC,QAAQ,KAAK,QAAQ,CAAC,OAAO,CAC/B;AACD,gBAAA,UAAU,EAAE,KAAK;AAClB,aAAA,CAAC;AACJ,QAAA,CAAC,CAAC,EACF,UAAU,CAAC,MAAK;YACd,GAAG,CAAC,UAAU,CAAC;AACb,gBAAA,YAAY,EAAE,EAAE;AAChB,gBAAA,UAAU,EAAE,KAAK;AAClB,aAAA,CAAC;AACF,YAAA,OAAO,EAAE,CAAC,IAAI,CAAC;QACjB,CAAC,CAAC,CACH;IACL;IAGA,QAAQ,CAAC,GAAiC,EAAE,MAAgB,EAAA;QAC1D,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,kBAAkB,EAAE;YAC/C,GAAG,CAAC,UAAU,CAAC;AACb,gBAAA,KAAK,EAAE,yDAAyD;AACjE,aAAA,CAAC;YACF;QACF;QAEA,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE;QAC7D,IAAI,CAAC,iBAAiB,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE;YACvD,GAAG,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,CAAC;YACnD;QACF;QAEA,MAAM,WAAW,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,EAAE;QACzD,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,oBAAoB;QACzE,MAAM,QAAQ,GAAG,gBAAgB,CAAC;YAChC,iBAAiB;YACjB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,SAAS,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAA,EAAG,YAAY,CAAA,CAAE;YACrD,WAAW;AACX,YAAA,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,KAAK;AACzC,SAAA,CAAC;AAEF,QAAA,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC;IAClC;IAGA,eAAe,CAAC,GAAiC,EAAE,MAAuB,EAAA;AACxE,QAAA,GAAG,CAAC,UAAU,CAAC,EAAE,kBAAkB,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QAEzD,OAAO,IAAI,CAAC;aACT,IAAI,CACH,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,WAAW,CAAC,EACnD;YACE,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,KAAK,EAAE,MAAM,CAAC,KAAK;YACnB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B;aAEF,IAAI,CACH,QAAQ,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,mBAAmB,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,EACpE,UAAU,CAAC,CAAC,KAAK,KAAI;YACnB,GAAG,CAAC,UAAU,CAAC;AACb,gBAAA,kBAAkB,EAAE,KAAK;AACzB,gBAAA,KAAK,EAAE,sBAAsB,CAC3B,KAAK,EACL,uCAAuC,CACxC;AACF,aAAA,CAAC;AACF,YAAA,OAAO,EAAE,CAAC,IAAI,CAAC;QACjB,CAAC,CAAC,CACH;IACL;IAGA,YAAY,CAAC,GAAiC,EAAE,MAAoB,EAAA;QAClE,OAAO,IAAI,CAAC,mBAAmB,CAAC,GAAG,EAAE,MAAM,CAAC,OAAO,CAAC;IACtD;IAGA,YAAY,CAAC,GAAiC,EAAE,MAAoB,EAAA;QAClE,GAAG,CAAC,UAAU,CAAC;AACb,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,kBAAkB,EAAE,KAAK;YACzB,KAAK,EAAE,MAAM,CAAC,KAAK;AACnB,YAAA,IAAI,EAAE,IAAI;AACV,YAAA,KAAK,EAAE,IAAI;AACX,YAAA,YAAY,EAAE,IAAI;AAClB,YAAA,oBAAoB,EAAE,IAAI;AAC1B,YAAA,qBAAqB,EAAE,IAAI;AAC3B,YAAA,UAAU,EAAE,IAAI;AAChB,YAAA,iBAAiB,EAAE,KAAK;AACzB,SAAA,CAAC;IACJ;IAGA,MAAM,CAAC,GAAiC,EAAE,MAAc,EAAA;AACtD,QAAA,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,QAAQ,EAAE;AAC5D,QAAA,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE;AAC1B,QAAA,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,iBAAiB,GAAG,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE;QACpE,GAAG,CAAC,UAAU,CAAC;AACb,YAAA,GAAG,mBAAmB;AACtB,YAAA,YAAY,EAAE,IAAI,CAAC,OAAO,CAAC;AACzB,kBAAE;AACF,kBAAE,EAAE;AACP,SAAA,CAAC;QACF,IAAI,CAAC,eAAe,EAAE;AAEtB,QAAA,IAAI,MAAM,CAAC,MAAM,IAAI,KAAK,EAAE;AAC1B,YAAA,IAAI,CAAC;iBACF,IAAI,CACH,IAAI,CAAC,UAAU,CAAC,sBAAsB,CAAC,MAAM,CAAC,EAC9C;gBACE,YAAY;gBACZ,WAAW,EAAE,IAAI,CAAC,WAAW;aAC9B,EACD;AACE,gBAAA,OAAO,EAAE;oBACP,aAAa,EAAE,CAAA,OAAA,EAAU,KAAK,CAAA,CAAE;AAChC,oBAAA,SAAS,EAAE,MAAM;AAClB,iBAAA;aACF;iBAEF,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;AAC5B,iBAAA,SAAS,EAAE;QAChB;IACF;IAGA,cAAc,CAAC,GAAiC,EAAE,MAAsB,EAAA;QACtE,GAAG,CAAC,UAAU,CAAC;YACb,IAAI,EAAE,MAAM,CAAC,IAAI;AAClB,SAAA,CAAC;IACJ;IAGA,YAAY,CAAC,GAAiC,EAAE,MAAoB,EAAA;QAClE,MAAM,SAAS,GAAG,gBAAgB,CAAC,MAAM,CAAC,MAAM,CAAC;AACjD,QAAA,MAAM,KAAK,GAAG,GAAG,CAAC,QAAQ,EAAE;AAC5B,QAAA,MAAM,WAAW,GAAG,KAAK,CAAC;AACxB,cAAE;gBACE,GAAG,KAAK,CAAC,IAAI;gBACb,KAAK,EAAE,SAAS,CAAC,WAAW,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK;gBAChD,WAAW,EAAE,SAAS,CAAC,WAAW,IAAI,KAAK,CAAC,IAAI,CAAC,WAAW;gBAC5D,YAAY,EAAE,SAAS,CAAC,YAAY,IAAI,KAAK,CAAC,IAAI,CAAC,YAAY;AAC/D,gBAAA,oBAAoB,EAAE,SAAS,CAAC,oBAAoB,IAAI,SAAS;AACjE,gBAAA,qBAAqB,EAAE,SAAS,CAAC,qBAAqB,IAAI,SAAS;AACpE;AACH,cAAE,KAAK,CAAC,IAAI;QAEd,GAAG,CAAC,UAAU,CAAC;YACb,KAAK,EAAE,SAAS,CAAC,WAAW;YAC5B,YAAY,EAAE,SAAS,CAAC,YAAY;YACpC,oBAAoB,EAAE,SAAS,CAAC,oBAAoB;YACpD,qBAAqB,EAAE,SAAS,CAAC,qBAAqB;AACtD,YAAA,IAAI,EAAE,WAAW;AAClB,SAAA,CAAC;IACJ;AAGA,IAAA,UAAU,CAAC,GAAiC,EAAA;QAC1C,GAAG,CAAC,UAAU,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACjC;AAGA,IAAA,eAAe,CAAC,GAAiC,EAAA;AAC/C,QAAA,GAAG,CAAC,UAAU,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAC;IAChE;IAEQ,mBAAmB,CACzB,GAAiC,EACjC,OAA6C,EAAA;AAE7C,QAAA,IAAI,OAAO,CAAC,iBAAiB,EAAE;YAC7B,GAAG,CAAC,UAAU,CAAC;AACb,gBAAA,IAAI,EAAE,IAAI;AACV,gBAAA,KAAK,EAAE,IAAI;AACX,gBAAA,YAAY,EAAE,IAAI;AAClB,gBAAA,oBAAoB,EAAE,IAAI;AAC1B,gBAAA,qBAAqB,EAAE,IAAI;gBAC3B,UAAU,EAAE,OAAO,CAAC,SAAS;AAC7B,gBAAA,iBAAiB,EAAE,IAAI;AACvB,gBAAA,OAAO,EAAE,KAAK;AACd,gBAAA,kBAAkB,EAAE,KAAK;AACzB,gBAAA,KAAK,EAAE,IAAI;AACZ,aAAA,CAAC;AACF,YAAA,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,WAAW,CAAC,EAAE;AAC3D,gBAAA,UAAU,EAAE,IAAI;AACjB,aAAA,CAAC;AACF,YAAA,OAAO,EAAE,CAAC,IAAI,CAAC;QACjB;QAEA,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;YACrC,GAAG,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,cAAc,CAAC,CAAC;AAC9C,YAAA,OAAO,EAAE,CAAC,IAAI,CAAC;QACjB;QAEA,MAAM,SAAS,GAAG,gBAAgB,CAAC,OAAO,CAAC,MAAM,CAAC;AAClD,QAAA,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,WAAW,CAAC;QAEzE,GAAG,CAAC,UAAU,CAAC;YACb,IAAI;YACJ,KAAK,EAAE,SAAS,CAAC,WAAW;YAC5B,YAAY,EAAE,SAAS,CAAC,YAAY;YACpC,oBAAoB,EAAE,SAAS,CAAC,oBAAoB;YACpD,qBAAqB,EAAE,SAAS,CAAC,qBAAqB;AACtD,YAAA,OAAO,EAAE,KAAK;AACd,YAAA,kBAAkB,EAAE,KAAK;AACzB,YAAA,KAAK,EAAE,IAAI;AACX,YAAA,UAAU,EAAE,IAAI;AAChB,YAAA,iBAAiB,EAAE,KAAK;AACzB,SAAA,CAAC;QAEF,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,GAAG,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CACpE,GAAG,CAAC,MAAK;YACP,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,yBAAyB,EAAE,EAAE;AAC1D,gBAAA,UAAU,EAAE,IAAI;AACjB,aAAA,CAAC;QACJ,CAAC,CAAC,CACH;IACH;AAEA,IAAA,IAAY,WAAW,GAAA;AACrB,QAAA,OAAO,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,yBAAyB;IAC9D;AAEQ,IAAA,UAAU,CAAC,IAAY,EAAA;QAC7B,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,EAAE,IAAI,CAAC;IACnE;IAEQ,eAAe,GAAA;AACrB,QAAA,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,aAAa,CAAC,EAAE;AAC/D,YAAA,UAAU,EAAE,IAAI;AACjB,SAAA,CAAC;IACJ;IAEQ,yBAAyB,GAAA;AAC/B,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;AAClD,QAAA,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CACvC,IAAI,CAAC,WAAW,CAAC,WAAW,CAAuB,CACpD;AACD,QAAA,IAAI,SAAS,KAAK,IAAI,EAAE;AACtB,YAAA,OAAO,SAAS;QAClB;QAEA,MAAM,eAAe,GACnB,OAAO,IAAI,CAAC,OAAO,CAAC,yBAAyB,KAAK;AAChD,cAAE,IAAI,CAAC,OAAO,CAAC,yBAAyB;AACxC,cAAE,IAAI,CAAC,OAAO,CAAC,yBAAyB;QAC5C,OAAO,IAAI,CAAC,kBAAkB,CAAC,eAAe,CAAC,IAAI,GAAG;IACxD;AAEQ,IAAA,kBAAkB,CAAC,KAAqB,EAAA;QAC9C,IAAI,CAAC,KAAK,EAAE;AACV,YAAA,OAAO,IAAI;QACb;AACA,QAAA,IAAI,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE;AAC/B,YAAA,OAAO,IAAI;QACb;AACA,QAAA,OAAO,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,KAAK,GAAG,CAAA,CAAA,EAAI,KAAK,EAAE;IACpD;AAEQ,IAAA,YAAY,CAAC,MAA6B,EAAA;QAChD,IAAI,CAAC,MAAM,EAAE;AACX,YAAA,OAAO,EAAE,CAAC,IAAI,CAAC;QACjB;AACA,QAAA,IAAI,YAAY,CAAC,MAAM,CAAC,EAAE;AACxB,YAAA,OAAO,MAAM;QACf;AACA,QAAA,IAAI,MAAM,YAAY,OAAO,EAAE;AAC7B,YAAA,OAAO,IAAI,CAAC,MAAM,CAAC;QACrB;AACA,QAAA,OAAO,EAAE,CAAC,MAAM,CAAC;IACnB;uGA/dW,gBAAgB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;2GAAhB,gBAAgB,EAAA,CAAA;;AAkF3B,UAAA,CAAA;IADC,MAAM,CAAC,KAAK;AA8BZ,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,OAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,SAAS;AAyChB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,WAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,SAAS;AAoChB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,WAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,gBAAgB;AA4BvB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,kBAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,QAAQ;AA0Bf,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,UAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,eAAe;AA0BtB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,iBAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,YAAY;AAGnB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,cAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,YAAY;AAcnB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,cAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,MAAM;AA+Bb,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,QAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,cAAc;AAKrB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,gBAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,YAAY;AAsBnB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,cAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,UAAU;AAGjB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,YAAA,EAAA,IAAA,CAAA;AAGD,UAAA,CAAA;IADC,MAAM,CAAC,eAAe;AAGtB,CAAA,EAAA,gBAAA,CAAA,SAAA,EAAA,iBAAA,EAAA,IAAA,CAAA;AA9WM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,MAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,SAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,kBAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,YAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,oBAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,OAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,OAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,cAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,sBAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,uBAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,mBAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,YAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,cAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,SAAA,EAAA,IAAA,CAAA;AAGM,UAAA,CAAA;AADN,IAAA,QAAQ;AAGR,CAAA,EAAA,gBAAA,EAAA,aAAA,EAAA,IAAA,CAAA;AA/EU,gBAAgB,GAAA,UAAA,CAAA;AAL5B,IAAA,KAAK,CAAiB;AACrB,QAAA,IAAI,EAAE,MAAM;AACZ,QAAA,QAAQ,EAAE,mBAAmB;KAC9B;AAEY,CAAA,EAAA,gBAAgB,CAge5B;2FAheY,gBAAgB,EAAA,UAAA,EAAA,CAAA;kBAD5B;;;MC5BY,iBAAiB,CAAA;AACX,IAAA,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;AAE7B,IAAA,IAAI,GAAG,MAAM,CAAC,gBAAgB,CAAC,IAAI,CAAC;AACpC,IAAA,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC,OAAO,CAAC;AAC1C,IAAA,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAC,gBAAgB,CAAC;AAC5D,IAAA,UAAU,GAAG,MAAM,CAAC,gBAAgB,CAAC,UAAU,CAAC;AAChD,IAAA,kBAAkB,GAAG,MAAM,CAAC,gBAAgB,CAAC,kBAAkB,CAAC;AAChE,IAAA,KAAK,GAAG,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC;AACtC,IAAA,KAAK,GAAG,MAAM,CAAC,gBAAgB,CAAC,KAAK,CAAC;AACtC,IAAA,YAAY,GAAG,MAAM,CAAC,gBAAgB,CAAC,YAAY,CAAC;AACpD,IAAA,oBAAoB,GAAG,MAAM,CAAC,gBAAgB,CAAC,oBAAoB,CAAC;AACpE,IAAA,qBAAqB,GAAG,MAAM,CACrC,gBAAgB,CAAC,qBAAqB,CACvC;AACQ,IAAA,iBAAiB,GAAG,MAAM,CAAC,gBAAgB,CAAC,iBAAiB,CAAC;AAC9D,IAAA,UAAU,GAAG,MAAM,CAAC,gBAAgB,CAAC,UAAU,CAAC;AAChD,IAAA,YAAY,GAAG,MAAM,CAAC,gBAAgB,CAAC,YAAY,CAAC;AACpD,IAAA,OAAO,GAAG,MAAM,CAAC,gBAAgB,CAAC,OAAO,CAAC;AAC1C,IAAA,WAAW,GAAG,MAAM,CAAC,gBAAgB,CAAC,WAAW,CAAC;AAElD,IAAA,QAAQ,GAAG,QAAQ,CAAC,MAAM,IAAI,CAAC,KAAK,EAAE,KAAK,IAAI,+EAAC;AAChD,IAAA,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,IAAI,CAAC,KAAK,EAAE,KAAK,IAAI,8EAAC;AAClE,IAAA,eAAe,GAAG,QAAQ,CACjC,MAAM,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,WAAW,IAAI,EAAE,sFAC3C;AACQ,IAAA,SAAS,GAAG,QAAQ,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK,IAAI,EAAE,gFAAC;AAC1D,IAAA,OAAO,GAAG,QAAQ,CAAC,MAAM,IAAI,CAAC,IAAI,EAAE,KAAK,IAAI,8EAAC;AAC9C,IAAA,aAAa,GAAG,QAAQ,CAAC,MAAM,IAAI,CAAC,UAAU,EAAE,KAAK,IAAI,oFAAC;AAE1D,IAAA,eAAe,GAAG,QAAQ,CAAC,MAAK;AACvC,QAAA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE;AAC1B,QAAA,MAAM,eAAe,GAAG,IAAI,CAAC,oBAAoB,EAAE;QACnD,IAAI,KAAK,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,EAAE;AACxC,YAAA,OAAO,IAAI;QACb;AACA,QAAA,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,EAAE;AACxC,QAAA,MAAM,gBAAgB,GAAG,IAAI,CAAC,qBAAqB,EAAE;QACrD,OAAO,CAAC,CAAC,YAAY,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC;AACvD,IAAA,CAAC,sFAAC;AAEF,IAAA,KAAK,CAAC,YAA0B,EAAA;QAC9B,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,YAAY,CAAC,CAAC;IAC9C;AAEA,IAAA,SAAS,CAAC,IAAY,EAAA;QACpB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC;IAC1C;IAEA,SAAS,GAAA;QACP,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,SAAS,EAAE,CAAC;IACtC;IAEA,gBAAgB,GAAA;QACd,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,gBAAgB,EAAE,CAAC;IAC7C;AAEA,IAAA,QAAQ,CAAC,QAAqB,EAAA;QAC5B,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC7C;IAEA,eAAe,CAAC,IAAY,EAAE,KAAa,EAAA;AACzC,QAAA,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,eAAe,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACvD;IAEA,MAAM,CAAC,SAAkB,KAAK,EAAA;QAC5B,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,CAAC;IACzC;AAEA,IAAA,cAAc,CAAC,IAAU,EAAA;QACvB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC;IAC/C;AAEA,IAAA,YAAY,CAAC,MAAkB,EAAA;QAC7B,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;IAC/C;IAEA,UAAU,GAAA;QACR,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,UAAU,EAAE,CAAC;IACvC;IAEA,eAAe,GAAA;QACb,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,eAAe,EAAE,CAAC;IAC5C;AAEA,IAAA,OAAO,CAAC,IAAY,EAAA;QAClB,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,KAAK;AAC1C,QAAA,OAAO,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,KAAK;IACpE;AAEA,IAAA,QAAQ,CAAC,KAAa,EAAA;QACpB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM;AAC5C,QAAA,OAAO,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,KAAK;IACvE;IAEA,cAAc,GAAA;AACZ,QAAA,MAAM,eAAe,GAAG,IAAI,CAAC,oBAAoB,EAAE;AACnD,QAAA,OAAO,eAAe,GAAG,SAAS,CAAC,eAAe,CAAC,GAAG,KAAK;IAC7D;uGAlGW,iBAAiB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,UAAA,EAAA,CAAA;AAAjB,IAAA,OAAA,KAAA,GAAA,EAAA,CAAA,qBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,QAAA,EAAA,EAAA,EAAA,IAAA,EAAA,iBAAiB,cAFhB,MAAM,EAAA,CAAA;;2FAEP,iBAAiB,EAAA,UAAA,EAAA,CAAA;kBAH7B,UAAU;AAAC,YAAA,IAAA,EAAA,CAAA;AACV,oBAAA,UAAU,EAAE,MAAM;AACnB,iBAAA;;;ACEM,MAAM,0BAA0B,GAAG,IAAI,gBAAgB,CAC5D,MAAM,KAAK;AAGb,MAAM,2BAA2B,GAAG,IAAI,GAAG,CAAS;AAClD,IAAA,sBAAsB,CAAC,KAAK;AAC5B,IAAA,sBAAsB,CAAC,OAAO;AAC9B,IAAA,sBAAsB,CAAC,MAAM;AAC9B,CAAA,CAAC;AAEF,MAAM,8BAA8B,GAAG,CAAC,WAAW,EAAE,WAAW,CAAU;AAE1E,MAAM,aAAa,GAAG,CAAC,GAAW,KAAc,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC;AAEzE,MAAM,cAAc,GAAG,CAAC,GAAW,KACjC,GAAG,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC;AAEvD,MAAM,aAAa,GAAG,CAAC,OAAuB,KAC5C,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,EAAE;AAEpC,MAAM,gBAAgB,GAAG,CACvB,OAAkC,EAClC,GAAW,KACD;IACV,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE;AAClC,QAAA,OAAO,GAAG;IACZ;AAEA,IAAA,OAAO,CAAA,EAAG,aAAa,CAAC,OAAO,CAAC,CAAA,CAAA,EAAI,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,EAAE;AAC/D,CAAC;AAED,MAAM,aAAa,GAAG,CAAC,IAAY,KAAY;IAC7C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC;AACxC,IAAA,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;AAChD,IAAA,OAAO,YAAY,CAAC,UAAU,CAAC,MAAM,CAAC,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,YAAY;AAC/E,CAAC;AAEK,SAAU,sBAAsB,CACpC,GAAW,EACX,iBAAiC,EAAA;AAEjC,IAAA,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE;AACtB,QAAA,IAAI;YACF,OAAO,aAAa,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC;QAC7C;AAAE,QAAA,MAAM;AACN,YAAA,OAAO,aAAa,CAAC,GAAG,CAAC;QAC3B;IACF;IAEA,IAAI,iBAAiB,IAAI,GAAG,CAAC,UAAU,CAAC,iBAAiB,CAAC,EAAE;QAC1D,OAAO,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC3D;AAEA,IAAA,OAAO,aAAa,CAAC,GAAG,CAAC;AAC3B;AAEM,SAAU,uBAAuB,CACrC,GAAW,EACX,iBAAiC,EAAA;IAEjC,MAAM,IAAI,GAAG,sBAAsB,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC,WAAW,EAAE;AAEzE,IAAA,QACE,2BAA2B,CAAC,GAAG,CAAC,IAAI,CAAC;AACrC,QAAA,8BAA8B,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;AAE5E;AAEA,IAAI,gBAAgB,GAAkC,IAAI;AAE1D,MAAM,cAAc,GAAG,CACrB,IAAgB,EAChB,iBAA4C,EAC5C,YAAoB,EACpB,IAAuB,EACvB,WAAmB,KACO;IAC1B,IAAI,CAAC,gBAAgB,EAAE;QACrB,MAAM,GAAG,GAAG,eAAe,CACzB,iBAAiB,EACjB,sBAAsB,CAAC,OAAO,CAC/B;AAED,QAAA,gBAAgB,GAAG;aAChB,IAAI,CAAsC,GAAG,EAAE;YAC9C,YAAY;YACZ,WAAW;SACZ;AACA,aAAA,IAAI,CACH,GAAG,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,IAAI,CAAC,EAChC,GAAG,CAAC,CAAC,MAAM,KAAI;YACb,IAAI,CAAC,MAAM,EAAE,WAAW,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;AAChD,gBAAA,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC;YAC7C;AACA,YAAA,OAAO,MAAoB;AAC7B,QAAA,CAAC,CAAC,EACFA,KAAG,CAAC,CAAC,MAAM,KAAK,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,EAC1C,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC9C,QAAQ,CAAC,MAAK;YACZ,gBAAgB,GAAG,IAAI;QACzB,CAAC,CAAC,CACH;IACL;AAEA,IAAA,OAAO,gBAAgB;AACzB,CAAC;AAED,MAAM,cAAc,GAAG,CACrB,GAAyB,EACzB,KAAoB,EACpB,WAAoB,EACpB,OAAkC,KAChC;IACF,IAAI,WAAW,GAAG,GAAG;IAErB,IAAI,KAAK,EAAE;AACT,QAAA,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC;AAC9B,YAAA,UAAU,EAAE;gBACV,aAAa,EAAE,CAAA,OAAA,EAAU,KAAK,CAAA,CAAE;AACjC,aAAA;AACF,SAAA,CAAC;IACJ;AAEA,IAAA,IAAI,CAAC,aAAa,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE;AACvE,QAAA,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC;YAC9B,GAAG,EAAE,gBAAgB,CAAC,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC;AAChD,SAAA,CAAC;IACJ;IAEA,IAAI,WAAW,EAAE;AACf,QAAA,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC;YAC9B,OAAO,EAAE,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,EAAE,IAAI,CAAC;AACnE,SAAA,CAAC;IACJ;AAEA,IAAA,OAAO,WAAW;AACpB,CAAC;MAEY,sBAAsB,GAAsB,CAAC,GAAG,EAAE,IAAI,KAAI;AACrE,IAAA,IAAI,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;AAC3B,QAAA,OAAO,IAAI,CAAC,GAAG,CAAC;IAClB;AAEA,IAAA,MAAM,IAAI,GAAG,MAAM,CAAC,iBAAiB,CAAC;AACtC,IAAA,MAAM,OAAO,GAAG,MAAM,CAAC,oBAAoB,CAAC;IAC5C,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;AAEhD,IAAA,MAAM,iBAAiB,GAAG,OAAO,CAAC,oBAAoB,EAAE;AACxD,IAAA,MAAM,aAAa,GAAG,OAAO,CAAC,wBAAwB,IAAI;IAC1D,MAAM,iBAAiB,GAAG,OAAO,CAAC,0BAA0B,GAAG,GAAG,CAAC,IAAI,KAAK;IAC5E,MAAM,OAAO,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,aAAa;AACrE,IAAA,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,SAAS;AAEpD,IAAA,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,EAAE;AAChC,IAAA,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,EAAE;AACxC,IAAA,MAAM,oBAAoB,GAAG,IAAI,CAAC,oBAAoB,EAAE;AACxD,IAAA,MAAM,qBAAqB,GAAG,IAAI,CAAC,qBAAqB,EAAE;IAC1D,MAAM,gBAAgB,GAAG,CAAC,CAAC,WAAW,IAAI,CAAC,SAAS,CAAC,oBAAoB,CAAC;IAC1E,MAAM,UAAU,GAAG,CAAC,CAAC,YAAY,IAAI,CAAC,SAAS,CAAC,qBAAqB,CAAC;IACtE,MAAM,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC;IAClE,MAAM,aAAa,GAAG,uBAAuB,CAAC,GAAG,CAAC,GAAG,EAAE,iBAAiB,CAAC;AACzE,IAAA,MAAM,aAAa,GAAG,CAAC,aAAa,IAAI,gBAAgB,GAAG,WAAW,GAAG,IAAI;IAE7E,IAAI,CAAC,aAAa,IAAI,CAAC,gBAAgB,IAAI,UAAU,EAAE;QACrD,OAAO,cAAc,CACnB,IAAI,EACJ,iBAAiB,EACjB,YAAY,EACZ,IAAI,EACJ,WAAW,CACZ,CAAC,IAAI,CACJ,SAAS,CAAC,CAAC,MAAM,KACf,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,WAAW,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAC7D,EACDC,YAAU,CAAC,CAAC,KAAK,KAAI;YACnB,IAAI,CAAC,MAAM,EAAE;AACb,YAAA,OAAO,UAAU,CAAC,MAAM,KAAK,CAAC;QAChC,CAAC,CAAC,CACH;IACH;IAEA,OAAO,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,aAAa,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,IAAI,CAClEA,YAAU,CAAC,CAAC,KAAK,KAAI;AACnB,QAAA,IAAI,KAAK,EAAE,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,IAAI,CAAC,cAAc,EAAE;AAC9D,YAAA,MAAM,kBAAkB,GAAG,IAAI,CAAC,YAAY,EAAE;AAC9C,YAAA,MAAM,2BAA2B,GAAG,IAAI,CAAC,qBAAqB,EAAE;YAChE,MAAM,aAAa,GACjB,CAAC,CAAC,kBAAkB,IAAI,CAAC,SAAS,CAAC,2BAA2B,CAAC;YAEjE,IAAI,aAAa,EAAE;gBACjB,OAAO,cAAc,CACnB,IAAI,EACJ,iBAAiB,EACjB,kBAAkB,EAClB,IAAI,EACJ,WAAW,CACZ,CAAC,IAAI,CACJ,SAAS,CAAC,CAAC,MAAM,KACf,IAAI,CAAC,cAAc,CAAC,GAAG,EAAE,MAAM,CAAC,WAAW,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAC7D,EACDA,YAAU,CAAC,CAAC,YAAY,KAAI;oBAC1B,IAAI,CAAC,MAAM,EAAE;AACb,oBAAA,OAAO,UAAU,CAAC,MAAM,YAAY,CAAC;gBACvC,CAAC,CAAC,CACH;YACH;QACF;QAEA,IAAI,KAAK,EAAE,MAAM,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE;YAC3C,IAAI,CAAC,MAAM,EAAE;QACf;AAEA,QAAA,OAAO,UAAU,CAAC,MAAM,KAAK,CAAC;IAChC,CAAC,CAAC,CACH;AACH;;AC5Nc,MAAO,UAAU,CAAA;AACZ,IAAA,IAAI,GAAG,MAAM,CAAC,iBAAiB,CAAC;AAChC,IAAA,EAAE,GAAG,MAAM,CAAC,WAAW,CAAC;AACxB,IAAA,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;AACvB,IAAA,OAAO,GAAG,MAAM,CAAC,oBAAoB,CAAC;AAE9C,IAAA,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU;AACjC,IAAA,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO;AAC3B,IAAA,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,gBAAgB;AAC1C,IAAA,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK;AAEvB,IAAA,eAAe,GAAG,QAAQ,CACjC,MAAM,IAAI,CAAC,UAAU,EAAE,EAAE,eAAe,IAAI,yBAAyB,sFACtE;AACQ,IAAA,SAAS,GAAG,QAAQ,CAAC,MAAM,IAAI,CAAC,UAAU,EAAE,EAAE,YAAY,IAAI,IAAI,gFAAC;AAEnE,IAAA,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,KAAK,CAAC;AAC5B,QAAA,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,EAAE,UAAU,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC;AACtE,KAAA,CAAC;IAEF,QAAQ,GAAA;AACN,QAAA,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,EAAE;AACtB,YAAA,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,aAAa,CAAC,EAAE;AAC/D,gBAAA,UAAU,EAAE,IAAI;AACjB,aAAA,CAAC;QACJ;IACF;IAEA,MAAM,GAAA;AACJ,QAAA,IAAI,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE;AACrB,YAAA,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE;YAC5B;QACF;AAEA,QAAA,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,IAAI,EAAE;AAChD,QAAA,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;AACjB,QAAA,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;IAC3B;IAEA,MAAM,GAAA;AACJ,QAAA,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE;AACjB,QAAA,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE;IACvB;IAEA,WAAW,GAAA;AACT,QAAA,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;AAC3B,QAAA,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,aAAa,CAAC,EAAE;AAC/D,YAAA,UAAU,EAAE,IAAI;AACjB,SAAA,CAAC;IACJ;uGAjDmB,UAAU,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;2FAAV,UAAU,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,gBAAA,EAAA,QAAA,EAAA,EAAA,EAAA,QAAA,ECvB/B,ugEAsEA,EAAA,MAAA,EAAA,CAAA,wBAAA,CAAA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EDpDY,YAAY,EAAA,EAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,EAAE,mBAAmB,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,aAAA,EAAA,QAAA,EAAA,8CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,eAAA,EAAA,QAAA,EAAA,2CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,oBAAA,EAAA,QAAA,EAAA,sGAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,kBAAA,EAAA,QAAA,EAAA,aAAA,EAAA,MAAA,EAAA,CAAA,WAAA,CAAA,EAAA,OAAA,EAAA,CAAA,UAAA,CAAA,EAAA,QAAA,EAAA,CAAA,QAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAA,EAAA,CAAA,eAAA,EAAA,QAAA,EAAA,mBAAA,EAAA,MAAA,EAAA,CAAA,iBAAA,EAAA,UAAA,EAAA,SAAA,CAAA,EAAA,OAAA,EAAA,CAAA,eAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,MAAM,EAAA,QAAA,EAAA,WAAA,EAAA,MAAA,EAAA,CAAA,MAAA,EAAA,OAAA,EAAA,SAAA,EAAA,OAAA,EAAA,MAAA,EAAA,YAAA,EAAA,UAAA,EAAA,OAAA,EAAA,SAAA,EAAA,eAAA,EAAA,MAAA,EAAA,SAAA,EAAA,WAAA,EAAA,OAAA,EAAA,QAAA,EAAA,SAAA,EAAA,MAAA,EAAA,OAAA,EAAA,UAAA,EAAA,MAAA,EAAA,UAAA,EAAA,SAAA,EAAA,SAAA,CAAA,EAAA,OAAA,EAAA,CAAA,SAAA,EAAA,SAAA,EAAA,QAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,SAAS,EAAA,QAAA,EAAA,eAAA,EAAA,MAAA,EAAA,CAAA,OAAA,EAAA,MAAA,EAAA,OAAA,EAAA,aAAA,EAAA,OAAA,EAAA,MAAA,EAAA,UAAA,EAAA,SAAA,EAAA,UAAA,EAAA,MAAA,EAAA,cAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,IAAI,EAAA,QAAA,EAAA,SAAA,EAAA,MAAA,EAAA,CAAA,MAAA,CAAA,EAAA,EAAA,EAAA,IAAA,EAAA,MAAA,EAAA,IAAA,EAAA,EAAA,CAAA,QAAA,EAAA,IAAA,EAAA,MAAA,EAAA,CAAA,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,CAAA;;2FAKjD,UAAU,EAAA,UAAA,EAAA,CAAA;kBAP9B,SAAS;AACE,YAAA,IAAA,EAAA,CAAA,EAAA,QAAA,EAAA,gBAAgB,EAAA,OAAA,EACjB,CAAC,YAAY,EAAE,mBAAmB,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,EAAA,eAAA,EAGpD,uBAAuB,CAAC,MAAM,EAAA,QAAA,EAAA,ugEAAA,EAAA,MAAA,EAAA,CAAA,wBAAA,CAAA,EAAA;;;AECnC,MAAO,kBAAkB,CAAA;AACpB,IAAA,KAAK,GAAG,MAAM,CAAC,cAAc,CAAC;AAC9B,IAAA,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;AACvB,IAAA,IAAI,GAAG,MAAM,CAAC,iBAAiB,CAAC;AAChC,IAAA,OAAO,GAAG,MAAM,CAAC,oBAAoB,CAAC;AACtC,IAAA,UAAU,GAAG,IAAI,iBAAiB,EAAE;AAE5C,IAAA,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,kBAAkB;AACtC,IAAA,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK;AAC/B,IAAA,aAAa,GAAG,MAAM,CAAgB,IAAI,oFAAC;IAEpD,QAAQ,GAAA;QACN,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa;QAChD,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC;QACjC,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC;QACzC,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC;QAC/B,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC;AAEjC,QAAA,IAAI,CAAC,UAAU,CAAC,kBAAkB,CAChC,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,oBAAoB,CACrD;QAED,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,oBAAoB,CAAC,KAAK,CAAC,EAAE;AAChD,YAAA,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;YAC5D;QACF;QAEA,IAAI,KAAK,EAAE;AACT,YAAA,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,SAAS,IAAI,YAAY,CAAC,CAAC;YACtE;QACF;AAEA,QAAA,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE;AACnB,YAAA,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;YAC5D;QACF;QAEA,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,KAAK,CAAC;IACxC;IAEA,KAAK,GAAA;AACH,QAAA,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,aAAa,CAAC,EAAE;AAC/D,YAAA,UAAU,EAAE,IAAI;AACjB,SAAA,CAAC;IACJ;AAEQ,IAAA,cAAc,CAAC,SAAiB,EAAA;AACtC,QAAA,MAAM,QAAQ,GAA2B;AACvC,YAAA,aAAa,EAAE,gDAAgD;AAC/D,YAAA,oBAAoB,EAAE,gDAAgD;AACtE,YAAA,iBAAiB,EACf,0DAA0D;AAC5D,YAAA,kBAAkB,EAAE,yCAAyC;AAC7D,YAAA,4BAA4B,EAAE,yCAAyC;SACxE;AAED,QAAA,OAAO,QAAQ,CAAC,SAAS,CAAC,IAAI,uCAAuC;IACvE;uGAzDmB,kBAAkB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;AAAlB,IAAA,OAAA,IAAA,GAAA,EAAA,CAAA,oBAAA,CAAA,EAAA,UAAA,EAAA,QAAA,EAAA,OAAA,EAAA,QAAA,EAAA,IAAA,EAAA,kBAAkB,mFCtBvC,61CA2CA,EAAA,MAAA,EAAA,CAAA,wBAAA,CAAA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,UAAA,EAAA,IAAA,ED1BY,YAAY,EAAA,EAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EAAE,MAAM,4VAAE,IAAI,EAAA,QAAA,EAAA,SAAA,EAAA,MAAA,EAAA,CAAA,MAAA,CAAA,EAAA,CAAA,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,CAAA;;2FAKjB,kBAAkB,EAAA,UAAA,EAAA,CAAA;kBAPtC,SAAS;+BACE,yBAAyB,EAAA,OAAA,EAC1B,CAAC,YAAY,EAAE,MAAM,EAAE,IAAI,CAAC,EAAA,eAAA,EAGpB,uBAAuB,CAAC,MAAM,EAAA,QAAA,EAAA,61CAAA,EAAA,MAAA,EAAA,CAAA,wBAAA,CAAA,EAAA;;;AEHnC,MAAO,iBAAiB,CAAA;AACnB,IAAA,UAAU,GAAG,MAAM,CAAC,iBAAiB,CAAC;AAE9C,IAAA,YAAY,GAAG,KAAK,CAAC,IAAI,mFAAC;AAC1B,IAAA,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,YAAY;AACxC,IAAA,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,UAAU;AAE7C,IAAA,WAAA,GAAA;AACE,QAAA,IAAI,CAAC,UAAU,CAAC,gBAAgB,EAAE;IACpC;AAEA,IAAA,QAAQ,CAAC,QAAqB,EAAA;AAC5B,QAAA,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC;IACpC;uGAbmB,iBAAiB,EAAA,IAAA,EAAA,EAAA,EAAA,MAAA,EAAA,EAAA,CAAA,eAAA,CAAA,SAAA,EAAA,CAAA;2FAAjB,iBAAiB,EAAA,YAAA,EAAA,IAAA,EAAA,QAAA,EAAA,wBAAA,EAAA,MAAA,EAAA,EAAA,YAAA,EAAA,EAAA,iBAAA,EAAA,cAAA,EAAA,UAAA,EAAA,cAAA,EAAA,QAAA,EAAA,IAAA,EAAA,UAAA,EAAA,KAAA,EAAA,iBAAA,EAAA,IAAA,EAAA,EAAA,EAAA,QAAA,EAAA,EAAA,EAAA,QAAA,ECjBtC,ogBAqBA,EAAA,MAAA,EAAA,CAAA,8YAAA,CAAA,EAAA,YAAA,EAAA,CAAA,EAAA,IAAA,EAAA,WAAA,EAAA,IAAA,EDTY,MAAM,EAAA,QAAA,EAAA,WAAA,EAAA,MAAA,EAAA,CAAA,MAAA,EAAA,OAAA,EAAA,SAAA,EAAA,OAAA,EAAA,MAAA,EAAA,YAAA,EAAA,UAAA,EAAA,OAAA,EAAA,SAAA,EAAA,eAAA,EAAA,MAAA,EAAA,SAAA,EAAA,WAAA,EAAA,OAAA,EAAA,QAAA,EAAA,SAAA,EAAA,MAAA,EAAA,OAAA,EAAA,UAAA,EAAA,MAAA,EAAA,UAAA,EAAA,SAAA,EAAA,SAAA,CAAA,EAAA,OAAA,EAAA,CAAA,SAAA,EAAA,SAAA,EAAA,QAAA,CAAA,EAAA,CAAA,EAAA,eAAA,EAAA,EAAA,CAAA,uBAAA,CAAA,MAAA,EAAA,CAAA;;2FAKG,iBAAiB,EAAA,UAAA,EAAA,CAAA;kBAPrC,SAAS;AACE,YAAA,IAAA,EAAA,CAAA,EAAA,QAAA,EAAA,wBAAwB,WACzB,CAAC,MAAM,CAAC,EAAA,eAAA,EAGA,uBAAuB,CAAC,MAAM,EAAA,QAAA,EAAA,ogBAAA,EAAA,MAAA,EAAA,CAAA,8YAAA,CAAA,EAAA;;;AEfjD;;AAEG;;;;"}
|
package/package.json
CHANGED
|
@@ -1,12 +1,21 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@masterteam/gateway-auth",
|
|
3
|
-
"version": "0.0.
|
|
3
|
+
"version": "0.0.3",
|
|
4
4
|
"publishConfig": {
|
|
5
5
|
"directory": "../../../dist/masterteam/gateway-auth",
|
|
6
6
|
"linkDirectory": true,
|
|
7
7
|
"access": "public"
|
|
8
8
|
},
|
|
9
|
-
"peerDependencies": {
|
|
9
|
+
"peerDependencies": {
|
|
10
|
+
"@angular/common": "^21.2.8",
|
|
11
|
+
"@angular/core": "^21.2.8",
|
|
12
|
+
"@angular/forms": "^21.2.8",
|
|
13
|
+
"@angular/router": "^21.2.8",
|
|
14
|
+
"@ngxs/store": "^20.1.0",
|
|
15
|
+
"rxjs": "^7.8.2",
|
|
16
|
+
"@masterteam/components": "^0.0.164",
|
|
17
|
+
"@masterteam/icons": "^0.0.15"
|
|
18
|
+
},
|
|
10
19
|
"repository": {
|
|
11
20
|
"type": "git",
|
|
12
21
|
"url": "https://github.com/MasterteamSA/components.git"
|
|
@@ -1,3 +1,11 @@
|
|
|
1
|
+
import { HttpContextToken, HttpInterceptorFn, HttpRequest } from '@angular/common/http';
|
|
2
|
+
import * as _angular_core from '@angular/core';
|
|
3
|
+
import { InjectionToken, OnInit } from '@angular/core';
|
|
4
|
+
import { StateContext } from '@ngxs/store';
|
|
5
|
+
import { Observable } from 'rxjs';
|
|
6
|
+
import * as _masterteam_gateway_auth from '@masterteam/gateway-auth';
|
|
7
|
+
import * as _angular_forms from '@angular/forms';
|
|
8
|
+
|
|
1
9
|
interface GatewayResponse<T> {
|
|
2
10
|
endpoint: string;
|
|
3
11
|
status: number;
|
|
@@ -208,6 +216,11 @@ interface BuildSsoStartUrlOptions {
|
|
|
208
216
|
declare function buildSsoStartUrl({ gatewayApiBaseUrl, provider, returnUrl, clientState, platform, }: BuildSsoStartUrlOptions): string;
|
|
209
217
|
declare function createSecureClientState(): string;
|
|
210
218
|
|
|
219
|
+
declare const GATEWAY_AUTH_RETRY_CONTEXT: HttpContextToken<boolean>;
|
|
220
|
+
declare function resolveGatewayAuthPath(url: string, gatewayApiBaseUrl?: string | null): string;
|
|
221
|
+
declare function isGatewayAuthRequestUrl(url: string, gatewayApiBaseUrl?: string | null): boolean;
|
|
222
|
+
declare const gatewayAuthInterceptor: HttpInterceptorFn;
|
|
223
|
+
|
|
211
224
|
declare class GatewaySsoSession {
|
|
212
225
|
createAndStoreState(): string;
|
|
213
226
|
getPendingState(): string | null;
|
|
@@ -218,5 +231,258 @@ declare class GatewaySsoSession {
|
|
|
218
231
|
private get storage();
|
|
219
232
|
}
|
|
220
233
|
|
|
221
|
-
|
|
222
|
-
|
|
234
|
+
type UserDetails = GatewayUserDetails;
|
|
235
|
+
type User = GatewayMappedUser;
|
|
236
|
+
type LoginRequest = GatewayLoginRequest;
|
|
237
|
+
type ApiDateValue = NonNullable<GatewayAuthTokens['accessTokenExpiresAt']>;
|
|
238
|
+
type AuthTokens = GatewayAuthTokens;
|
|
239
|
+
type AuthLoginData = GatewayLoginResponse;
|
|
240
|
+
type AuthRefreshData = GatewayRefreshData;
|
|
241
|
+
type TwoFactorChallenge = GatewayTwoFactorChallenge;
|
|
242
|
+
type SsoProvider = GatewaySsoProvider;
|
|
243
|
+
type Response<T> = GatewayResponse<T>;
|
|
244
|
+
interface AuthStateModel {
|
|
245
|
+
user: User | null;
|
|
246
|
+
token: string | null;
|
|
247
|
+
refreshToken: string | null;
|
|
248
|
+
accessTokenExpiresAt: string | null;
|
|
249
|
+
refreshTokenExpiresAt: string | null;
|
|
250
|
+
loading: boolean;
|
|
251
|
+
mfaResendLoading: boolean;
|
|
252
|
+
ssoLoading: boolean;
|
|
253
|
+
ssoCallbackLoading: boolean;
|
|
254
|
+
error: string | null;
|
|
255
|
+
twoFactorRequired: boolean;
|
|
256
|
+
pendingMfa: TwoFactorChallenge | null;
|
|
257
|
+
ssoProviders: SsoProvider[];
|
|
258
|
+
}
|
|
259
|
+
declare const AUTH_STATE_DEFAULTS: AuthStateModel;
|
|
260
|
+
declare function sanitizePersistedAuthState(obj: Partial<AuthStateModel> | null): {
|
|
261
|
+
loading: boolean;
|
|
262
|
+
mfaResendLoading: boolean;
|
|
263
|
+
ssoLoading: boolean;
|
|
264
|
+
ssoCallbackLoading: boolean;
|
|
265
|
+
error: null;
|
|
266
|
+
twoFactorRequired: boolean;
|
|
267
|
+
pendingMfa: null;
|
|
268
|
+
ssoProviders: never[];
|
|
269
|
+
user: User | null;
|
|
270
|
+
token: string | null;
|
|
271
|
+
refreshToken: string | null;
|
|
272
|
+
accessTokenExpiresAt: string | null;
|
|
273
|
+
refreshTokenExpiresAt: string | null;
|
|
274
|
+
};
|
|
275
|
+
|
|
276
|
+
type GatewayAuthHookResult = void | null | Observable<unknown> | Promise<unknown>;
|
|
277
|
+
interface GatewayAuthOptions {
|
|
278
|
+
getGatewayApiBaseUrl: () => string | null | undefined;
|
|
279
|
+
getApplicationApiBaseUrl?: () => string | null | undefined;
|
|
280
|
+
shouldUseGatewayApiBaseUrl?: (request: HttpRequest<unknown>) => boolean;
|
|
281
|
+
deviceToken?: string;
|
|
282
|
+
platform?: GatewayPlatform;
|
|
283
|
+
loginRoute?: string;
|
|
284
|
+
mfaRoute?: string;
|
|
285
|
+
ssoCallbackPath?: string;
|
|
286
|
+
defaultAuthenticatedRoute?: string | (() => string | null | undefined);
|
|
287
|
+
preserveSsoProvidersOnLogout?: boolean;
|
|
288
|
+
afterLogin?: (session: GatewayLoginResponse, ctx: StateContext<AuthStateModel>) => GatewayAuthHookResult;
|
|
289
|
+
beforeLocalLogout?: (ctx: StateContext<AuthStateModel>) => GatewayAuthHookResult;
|
|
290
|
+
}
|
|
291
|
+
declare const GATEWAY_AUTH_OPTIONS: InjectionToken<GatewayAuthOptions>;
|
|
292
|
+
|
|
293
|
+
declare class Login {
|
|
294
|
+
payload: LoginRequest;
|
|
295
|
+
static readonly type = "[Auth] Login";
|
|
296
|
+
constructor(payload: LoginRequest);
|
|
297
|
+
}
|
|
298
|
+
declare class VerifyMfa {
|
|
299
|
+
code: string;
|
|
300
|
+
static readonly type = "[Auth] Verify MFA";
|
|
301
|
+
constructor(code: string);
|
|
302
|
+
}
|
|
303
|
+
declare class ResendMfa {
|
|
304
|
+
static readonly type = "[Auth] Resend MFA";
|
|
305
|
+
}
|
|
306
|
+
declare class LoadSsoProviders {
|
|
307
|
+
static readonly type = "[Auth] Load SSO Providers";
|
|
308
|
+
}
|
|
309
|
+
declare class StartSso {
|
|
310
|
+
provider: SsoProvider;
|
|
311
|
+
static readonly type = "[Auth] Start SSO";
|
|
312
|
+
constructor(provider: SsoProvider);
|
|
313
|
+
}
|
|
314
|
+
declare class ExchangeSsoCode {
|
|
315
|
+
code: string;
|
|
316
|
+
state: string;
|
|
317
|
+
static readonly type = "[Auth] Exchange SSO Code";
|
|
318
|
+
constructor(code: string, state: string);
|
|
319
|
+
}
|
|
320
|
+
declare class LoginSuccess {
|
|
321
|
+
session: AuthLoginData;
|
|
322
|
+
static readonly type = "[Auth] Login Success";
|
|
323
|
+
constructor(session: AuthLoginData);
|
|
324
|
+
}
|
|
325
|
+
declare class LoginFailure {
|
|
326
|
+
error: string;
|
|
327
|
+
static readonly type = "[Auth] Login Failure";
|
|
328
|
+
constructor(error: string);
|
|
329
|
+
}
|
|
330
|
+
declare class Logout {
|
|
331
|
+
remote: boolean;
|
|
332
|
+
static readonly type = "[Auth] Logout";
|
|
333
|
+
constructor(remote?: boolean);
|
|
334
|
+
}
|
|
335
|
+
declare class UpdateUserData {
|
|
336
|
+
user: User;
|
|
337
|
+
static readonly type = "[Auth] Update User Data";
|
|
338
|
+
constructor(user: User);
|
|
339
|
+
}
|
|
340
|
+
declare class UpdateTokens {
|
|
341
|
+
tokens: AuthTokens;
|
|
342
|
+
static readonly type = "[Auth] Update Tokens";
|
|
343
|
+
constructor(tokens: AuthTokens);
|
|
344
|
+
}
|
|
345
|
+
declare class ClearError {
|
|
346
|
+
static readonly type = "[Auth] Clear Error";
|
|
347
|
+
}
|
|
348
|
+
declare class ClearPendingMfa {
|
|
349
|
+
static readonly type = "[Auth] Clear Pending MFA";
|
|
350
|
+
}
|
|
351
|
+
|
|
352
|
+
declare class GatewayAuthState {
|
|
353
|
+
private readonly http;
|
|
354
|
+
private readonly options;
|
|
355
|
+
private readonly router;
|
|
356
|
+
private readonly ssoSession;
|
|
357
|
+
static user(state: AuthStateModel): User | null;
|
|
358
|
+
static loading(state: AuthStateModel): boolean;
|
|
359
|
+
static mfaResendLoading(state: AuthStateModel): boolean;
|
|
360
|
+
static ssoLoading(state: AuthStateModel): boolean;
|
|
361
|
+
static ssoCallbackLoading(state: AuthStateModel): boolean;
|
|
362
|
+
static error(state: AuthStateModel): string | null;
|
|
363
|
+
static token(state: AuthStateModel): string | null;
|
|
364
|
+
static refreshToken(state: AuthStateModel): string | null;
|
|
365
|
+
static accessTokenExpiresAt(state: AuthStateModel): string | null;
|
|
366
|
+
static refreshTokenExpiresAt(state: AuthStateModel): string | null;
|
|
367
|
+
static twoFactorRequired(state: AuthStateModel): boolean;
|
|
368
|
+
static pendingMfa(state: AuthStateModel): GatewayTwoFactorChallenge | null;
|
|
369
|
+
static ssoProviders(state: AuthStateModel): SsoProvider[];
|
|
370
|
+
static isAdmin(state: AuthStateModel): boolean;
|
|
371
|
+
static userDetails(state: AuthStateModel): _masterteam_gateway_auth.GatewayUserDetails | null;
|
|
372
|
+
login(ctx: StateContext<AuthStateModel>, action: Login): Observable<unknown>;
|
|
373
|
+
verifyMfa(ctx: StateContext<AuthStateModel>, action: VerifyMfa): Observable<unknown>;
|
|
374
|
+
resendMfa(ctx: StateContext<AuthStateModel>): Observable<GatewayResponse<GatewayTwoFactorChallenge> | null>;
|
|
375
|
+
loadSsoProviders(ctx: StateContext<AuthStateModel>): Observable<GatewayResponse<GatewaySsoProvidersData> | null>;
|
|
376
|
+
startSso(ctx: StateContext<AuthStateModel>, action: StartSso): void;
|
|
377
|
+
exchangeSsoCode(ctx: StateContext<AuthStateModel>, action: ExchangeSsoCode): Observable<unknown>;
|
|
378
|
+
loginSuccess(ctx: StateContext<AuthStateModel>, action: LoginSuccess): Observable<unknown>;
|
|
379
|
+
loginFailure(ctx: StateContext<AuthStateModel>, action: LoginFailure): void;
|
|
380
|
+
logout(ctx: StateContext<AuthStateModel>, action: Logout): void;
|
|
381
|
+
updateUserData(ctx: StateContext<AuthStateModel>, action: UpdateUserData): void;
|
|
382
|
+
updateTokens(ctx: StateContext<AuthStateModel>, action: UpdateTokens): void;
|
|
383
|
+
clearError(ctx: StateContext<AuthStateModel>): void;
|
|
384
|
+
clearPendingMfa(ctx: StateContext<AuthStateModel>): void;
|
|
385
|
+
private handleLoginResponse;
|
|
386
|
+
private get deviceToken();
|
|
387
|
+
private gatewayUrl;
|
|
388
|
+
private navigateToLogin;
|
|
389
|
+
private resolveAuthenticatedRoute;
|
|
390
|
+
private sanitizeLocalRoute;
|
|
391
|
+
private toObservable;
|
|
392
|
+
static ɵfac: _angular_core.ɵɵFactoryDeclaration<GatewayAuthState, never>;
|
|
393
|
+
static ɵprov: _angular_core.ɵɵInjectableDeclaration<GatewayAuthState>;
|
|
394
|
+
}
|
|
395
|
+
|
|
396
|
+
declare class GatewayAuthFacade {
|
|
397
|
+
private readonly store;
|
|
398
|
+
readonly user: _angular_core.Signal<_masterteam_gateway_auth.GatewayMappedUser | null>;
|
|
399
|
+
readonly loading: _angular_core.Signal<boolean>;
|
|
400
|
+
readonly mfaResendLoading: _angular_core.Signal<boolean>;
|
|
401
|
+
readonly ssoLoading: _angular_core.Signal<boolean>;
|
|
402
|
+
readonly ssoCallbackLoading: _angular_core.Signal<boolean>;
|
|
403
|
+
readonly error: _angular_core.Signal<string | null>;
|
|
404
|
+
readonly token: _angular_core.Signal<string | null>;
|
|
405
|
+
readonly refreshToken: _angular_core.Signal<string | null>;
|
|
406
|
+
readonly accessTokenExpiresAt: _angular_core.Signal<string | null>;
|
|
407
|
+
readonly refreshTokenExpiresAt: _angular_core.Signal<string | null>;
|
|
408
|
+
readonly twoFactorRequired: _angular_core.Signal<boolean>;
|
|
409
|
+
readonly pendingMfa: _angular_core.Signal<_masterteam_gateway_auth.GatewayTwoFactorChallenge | null>;
|
|
410
|
+
readonly ssoProviders: _angular_core.Signal<_masterteam_gateway_auth.GatewaySsoProvider[]>;
|
|
411
|
+
readonly isAdmin: _angular_core.Signal<boolean>;
|
|
412
|
+
readonly userDetails: _angular_core.Signal<_masterteam_gateway_auth.GatewayUserDetails | null>;
|
|
413
|
+
readonly hasError: _angular_core.Signal<boolean>;
|
|
414
|
+
readonly isReady: _angular_core.Signal<boolean>;
|
|
415
|
+
readonly userDisplayName: _angular_core.Signal<string>;
|
|
416
|
+
readonly userEmail: _angular_core.Signal<string>;
|
|
417
|
+
readonly hasUser: _angular_core.Signal<boolean>;
|
|
418
|
+
readonly hasPendingMfa: _angular_core.Signal<boolean>;
|
|
419
|
+
readonly isAuthenticated: _angular_core.Signal<boolean>;
|
|
420
|
+
login(loginRequest: LoginRequest): void;
|
|
421
|
+
verifyMfa(code: string): void;
|
|
422
|
+
resendMfa(): void;
|
|
423
|
+
loadSsoProviders(): void;
|
|
424
|
+
startSso(provider: SsoProvider): void;
|
|
425
|
+
exchangeSsoCode(code: string, state: string): void;
|
|
426
|
+
logout(remote?: boolean): void;
|
|
427
|
+
updateUserData(user: User): void;
|
|
428
|
+
updateTokens(tokens: AuthTokens): void;
|
|
429
|
+
clearError(): void;
|
|
430
|
+
clearPendingMfa(): void;
|
|
431
|
+
hasRole(role: string): boolean;
|
|
432
|
+
hasGroup(group: string): boolean;
|
|
433
|
+
isTokenExpired(): boolean;
|
|
434
|
+
static ɵfac: _angular_core.ɵɵFactoryDeclaration<GatewayAuthFacade, never>;
|
|
435
|
+
static ɵprov: _angular_core.ɵɵInjectableDeclaration<GatewayAuthFacade>;
|
|
436
|
+
}
|
|
437
|
+
|
|
438
|
+
declare class GatewayMfa implements OnInit {
|
|
439
|
+
private readonly auth;
|
|
440
|
+
private readonly fb;
|
|
441
|
+
private readonly router;
|
|
442
|
+
private readonly options;
|
|
443
|
+
readonly pendingMfa: _angular_core.Signal<_masterteam_gateway_auth.GatewayTwoFactorChallenge | null>;
|
|
444
|
+
readonly loading: _angular_core.Signal<boolean>;
|
|
445
|
+
readonly resendLoading: _angular_core.Signal<boolean>;
|
|
446
|
+
readonly error: _angular_core.Signal<string | null>;
|
|
447
|
+
readonly deliveryChannel: _angular_core.Signal<string>;
|
|
448
|
+
readonly expiresAt: _angular_core.Signal<string | null>;
|
|
449
|
+
readonly form: _angular_forms.FormGroup<{
|
|
450
|
+
code: _angular_forms.FormControl<string | null>;
|
|
451
|
+
}>;
|
|
452
|
+
ngOnInit(): void;
|
|
453
|
+
verify(): void;
|
|
454
|
+
resend(): void;
|
|
455
|
+
backToLogin(): void;
|
|
456
|
+
static ɵfac: _angular_core.ɵɵFactoryDeclaration<GatewayMfa, never>;
|
|
457
|
+
static ɵcmp: _angular_core.ɵɵComponentDeclaration<GatewayMfa, "mt-gateway-mfa", never, {}, {}, never, never, true, never>;
|
|
458
|
+
}
|
|
459
|
+
|
|
460
|
+
declare class GatewaySsoCallback implements OnInit {
|
|
461
|
+
private readonly route;
|
|
462
|
+
private readonly router;
|
|
463
|
+
private readonly auth;
|
|
464
|
+
private readonly options;
|
|
465
|
+
private readonly ssoSession;
|
|
466
|
+
readonly loading: _angular_core.Signal<boolean>;
|
|
467
|
+
readonly exchangeError: _angular_core.Signal<string | null>;
|
|
468
|
+
readonly callbackError: _angular_core.WritableSignal<string | null>;
|
|
469
|
+
ngOnInit(): void;
|
|
470
|
+
retry(): void;
|
|
471
|
+
private safeSsoMessage;
|
|
472
|
+
static ɵfac: _angular_core.ɵɵFactoryDeclaration<GatewaySsoCallback, never>;
|
|
473
|
+
static ɵcmp: _angular_core.ɵɵComponentDeclaration<GatewaySsoCallback, "mt-gateway-sso-callback", never, {}, {}, never, never, true, never>;
|
|
474
|
+
}
|
|
475
|
+
|
|
476
|
+
declare class GatewaySsoButtons {
|
|
477
|
+
private readonly authFacade;
|
|
478
|
+
readonly dividerLabel: _angular_core.InputSignal<string>;
|
|
479
|
+
readonly providers: _angular_core.Signal<_masterteam_gateway_auth.GatewaySsoProvider[]>;
|
|
480
|
+
readonly loading: _angular_core.Signal<boolean>;
|
|
481
|
+
constructor();
|
|
482
|
+
startSso(provider: SsoProvider): void;
|
|
483
|
+
static ɵfac: _angular_core.ɵɵFactoryDeclaration<GatewaySsoButtons, never>;
|
|
484
|
+
static ɵcmp: _angular_core.ɵɵComponentDeclaration<GatewaySsoButtons, "mt-gateway-sso-buttons", never, { "dividerLabel": { "alias": "dividerLabel"; "required": false; "isSignal": true; }; }, {}, never, never, true, never>;
|
|
485
|
+
}
|
|
486
|
+
|
|
487
|
+
export { AUTH_STATE_DEFAULTS, ClearError, ClearPendingMfa, ExchangeSsoCode, GATEWAY_AUTH_DEVICE_TOKEN, GATEWAY_AUTH_ENDPOINTS, GATEWAY_AUTH_OPTIONS, GATEWAY_AUTH_RETRY_CONTEXT, GatewayAuthFacade, GatewayAuthState, GatewayMfa, GatewaySsoButtons, GatewaySsoCallback, GatewaySsoSession, LoadSsoProviders, Login, LoginFailure, LoginSuccess, Logout, ResendMfa, StartSso, UpdateTokens, UpdateUserData, VerifyMfa, buildGatewayUrl, buildSsoStartUrl, createSecureClientState, gatewayAuthInterceptor, getGatewayErrorMessage, hasGatewayTokens, isExpired, isGatewayAuthRequestUrl, mapGatewayTokens, mapGatewayUser, normalizeGatewayBase, resolveApiDateValue, resolveGatewayAuthPath, sanitizePersistedAuthState };
|
|
488
|
+
export type { ApiDateValue, AuthLoginData, AuthRefreshData, AuthStateModel, AuthTokens, BuildSsoStartUrlOptions, GatewayApiDateValue, GatewayAuthHookResult, GatewayAuthOptions, GatewayAuthTokens, GatewayExternalTokenExchangeRequest, GatewayLoginRequest, GatewayLoginResponse, GatewayLogoutRequest, GatewayMappedTokens, GatewayMappedUser, GatewayNafathStartData, GatewayNafathStartRequest, GatewayNafathStatusData, GatewayNafathStatusRequest, GatewayPlatform, GatewayRefreshData, GatewayRefreshRequest, GatewayResendMfaRequest, GatewayResponse, GatewaySsoExchangeRequest, GatewaySsoFlow, GatewaySsoProtocol, GatewaySsoProvider, GatewaySsoProvidersData, GatewayTwoFactorChallenge, GatewayUserDetails, GatewayVerifyMfaRequest, LoginRequest, Response, SsoProvider, TwoFactorChallenge, User, UserDetails };
|