@mathrunet/masamune_cloudflare 3.1.5 → 3.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +1 -1
- package/dist/index.d.ts +8 -1
- package/dist/index.js +8 -1
- package/dist/index.js.map +1 -1
- package/dist/lib/adapters/firebase_auth_adapter.d.ts +76 -0
- package/dist/lib/adapters/firebase_auth_adapter.js +86 -0
- package/dist/lib/adapters/firebase_auth_adapter.js.map +1 -0
- package/dist/lib/adapters/none_auth_adapter.d.ts +10 -0
- package/dist/lib/adapters/none_auth_adapter.js +18 -0
- package/dist/lib/adapters/none_auth_adapter.js.map +1 -0
- package/dist/lib/adapters/rules_middleware.d.ts +45 -0
- package/dist/lib/adapters/rules_middleware.js +42 -0
- package/dist/lib/adapters/rules_middleware.js.map +1 -0
- package/dist/lib/middlewares/index.d.ts +3 -2
- package/dist/lib/middlewares/index.js +7 -2
- package/dist/lib/middlewares/index.js.map +1 -1
- package/dist/lib/middlewares/rules_middleware.d.ts +29 -0
- package/dist/lib/middlewares/rules_middleware.js +36 -0
- package/dist/lib/middlewares/rules_middleware.js.map +1 -0
- package/dist/lib/src/rules/path_matcher.d.ts +31 -0
- package/dist/lib/src/rules/path_matcher.js +105 -0
- package/dist/lib/src/rules/path_matcher.js.map +1 -0
- package/dist/lib/src/rules/rules_engine.d.ts +72 -0
- package/dist/lib/src/rules/rules_engine.js +174 -0
- package/dist/lib/src/rules/rules_engine.js.map +1 -0
- package/dist/lib/src/rules/rules_loader.d.ts +73 -0
- package/dist/lib/src/rules/rules_loader.js +93 -0
- package/dist/lib/src/rules/rules_loader.js.map +1 -0
- package/dist/lib/src/worker_adapter_base.d.ts +14 -0
- package/dist/lib/src/worker_adapter_base.js +12 -0
- package/dist/lib/src/worker_adapter_base.js.map +1 -0
- package/dist/lib/src/workers_auth_adapter_base.d.ts +36 -0
- package/dist/lib/src/workers_auth_adapter_base.js +21 -0
- package/dist/lib/src/workers_auth_adapter_base.js.map +1 -0
- package/dist/lib/src/workers_base.d.ts +17 -4
- package/dist/lib/src/workers_base.js +23 -5
- package/dist/lib/src/workers_base.js.map +1 -1
- package/dist/lib/src/workers_rule_adapter_base.d.ts +27 -0
- package/dist/lib/src/workers_rule_adapter_base.js +28 -0
- package/dist/lib/src/workers_rule_adapter_base.js.map +1 -0
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
package/dist/index.d.ts
CHANGED
|
@@ -13,9 +13,16 @@ import { WorkersBase, WorkersOptions } from "./lib/src/workers_base";
|
|
|
13
13
|
export * from "@mathrunet/masamune";
|
|
14
14
|
export * from "./lib/api";
|
|
15
15
|
export * from "./lib/src/workers_base";
|
|
16
|
-
export * from "./lib/src/
|
|
16
|
+
export * from "./lib/src/workers_auth_adapter_base";
|
|
17
|
+
export * from "./lib/src/workers_rule_adapter_base";
|
|
17
18
|
export * from "./lib/src/workers_data";
|
|
18
19
|
export * from "./lib/src/request_process_workders_base";
|
|
20
|
+
export * from "./lib/src/rules/rules_loader";
|
|
21
|
+
export * from "./lib/src/rules/path_matcher";
|
|
22
|
+
export * from "./lib/src/rules/rules_engine";
|
|
23
|
+
export * from "./lib/adapters/firebase_auth_adapter";
|
|
24
|
+
export * from "./lib/adapters/none_auth_adapter";
|
|
25
|
+
export * from "./lib/adapters/rules_middleware";
|
|
19
26
|
export * from "./lib/middlewares";
|
|
20
27
|
/**
|
|
21
28
|
* Methods for deploying to Cloudflare Workers.
|
package/dist/index.js
CHANGED
|
@@ -51,9 +51,16 @@ const hono = __importStar(require("hono"));
|
|
|
51
51
|
__exportStar(require("@mathrunet/masamune"), exports);
|
|
52
52
|
__exportStar(require("./lib/api"), exports);
|
|
53
53
|
__exportStar(require("./lib/src/workers_base"), exports);
|
|
54
|
-
__exportStar(require("./lib/src/
|
|
54
|
+
__exportStar(require("./lib/src/workers_auth_adapter_base"), exports);
|
|
55
|
+
__exportStar(require("./lib/src/workers_rule_adapter_base"), exports);
|
|
55
56
|
__exportStar(require("./lib/src/workers_data"), exports);
|
|
56
57
|
__exportStar(require("./lib/src/request_process_workders_base"), exports);
|
|
58
|
+
__exportStar(require("./lib/src/rules/rules_loader"), exports);
|
|
59
|
+
__exportStar(require("./lib/src/rules/path_matcher"), exports);
|
|
60
|
+
__exportStar(require("./lib/src/rules/rules_engine"), exports);
|
|
61
|
+
__exportStar(require("./lib/adapters/firebase_auth_adapter"), exports);
|
|
62
|
+
__exportStar(require("./lib/adapters/none_auth_adapter"), exports);
|
|
63
|
+
__exportStar(require("./lib/adapters/rules_middleware"), exports);
|
|
57
64
|
__exportStar(require("./lib/middlewares"), exports);
|
|
58
65
|
/**
|
|
59
66
|
* Methods for deploying to Cloudflare Workers.
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2CA,wBAMC;AAjDD;;;;;;;;;GASG;AACH,2CAA6B;AAG7B,sDAAoC;AACpC,4CAA0B;AAC1B,yDAAuC;AACvC,sEAAoD;AACpD,sEAAoD;AACpD,yDAAuC;AACvC,0EAAwD;AACxD,+DAA6C;AAC7C,+DAA6C;AAC7C,+DAA6C;AAC7C,uEAAqD;AACrD,mEAAiD;AACjD,kEAAgD;AAChD,oDAAkC;AAElC;;;;;;;;;;;;;;GAcG;AACH,SAAgB,MAAM,CAAC,cAA6B,EAAE,UAA0B,EAAE;IAC9E,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;IAC5B,KAAK,MAAM,MAAM,IAAI,cAAc,EAAE,CAAC;QAClC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,OAAO,GAAG,CAAC;AACf,CAAC"}
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
import { EmulatorEnv, KeyStorer } from "firebase-auth-cloudflare-workers";
|
|
2
|
+
import { Context, MiddlewareHandler } from "hono";
|
|
3
|
+
import { WorkersAuthAdapterBase } from "../src/workers_auth_adapter_base";
|
|
4
|
+
/**
|
|
5
|
+
* Options for Firebase Authentication adapter.
|
|
6
|
+
*
|
|
7
|
+
* Firebase Authenticationアダプターのオプション。
|
|
8
|
+
*/
|
|
9
|
+
export interface FirebaseAuthOptions {
|
|
10
|
+
/**
|
|
11
|
+
* Firebase project ID.
|
|
12
|
+
*
|
|
13
|
+
* FirebaseプロジェクトID。
|
|
14
|
+
*/
|
|
15
|
+
projectId: string;
|
|
16
|
+
/**
|
|
17
|
+
* Store for Firebase public keys.
|
|
18
|
+
*
|
|
19
|
+
* Firebase公開鍵の保存先。
|
|
20
|
+
*/
|
|
21
|
+
keyStore?: KeyStorer | undefined;
|
|
22
|
+
/**
|
|
23
|
+
* Whether to check if the ID token was revoked.
|
|
24
|
+
*
|
|
25
|
+
* IDトークンの失効を確認するかどうか。
|
|
26
|
+
*/
|
|
27
|
+
checkRevoked?: boolean | undefined;
|
|
28
|
+
/**
|
|
29
|
+
* Emulator environment settings.
|
|
30
|
+
*
|
|
31
|
+
* エミュレーター環境設定。
|
|
32
|
+
*/
|
|
33
|
+
emulatorEnv?: EmulatorEnv | undefined;
|
|
34
|
+
/**
|
|
35
|
+
* Seconds to tolerate clock skew.
|
|
36
|
+
*
|
|
37
|
+
* 時刻ずれを許容する秒数。
|
|
38
|
+
*/
|
|
39
|
+
clockSkewSeconds?: number | undefined;
|
|
40
|
+
/**
|
|
41
|
+
* Authorization header name.
|
|
42
|
+
*
|
|
43
|
+
* Authorizationヘッダー名。
|
|
44
|
+
*/
|
|
45
|
+
authorizationHeader?: string | undefined;
|
|
46
|
+
/**
|
|
47
|
+
* Response returned when authentication fails.
|
|
48
|
+
*
|
|
49
|
+
* 認証失敗時に返すレスポンス。
|
|
50
|
+
*/
|
|
51
|
+
unauthorizedResponse?: (context: Context, error?: unknown) => Response | Promise<Response>;
|
|
52
|
+
}
|
|
53
|
+
/**
|
|
54
|
+
* Firebase public key store using the Cloudflare Cache API.
|
|
55
|
+
*
|
|
56
|
+
* Cloudflare Cache APIを利用したFirebase公開鍵ストア。
|
|
57
|
+
*/
|
|
58
|
+
export declare class FirebaseCacheApiKeyStorer implements KeyStorer {
|
|
59
|
+
constructor(projectId: string, cacheName?: string);
|
|
60
|
+
private readonly cacheKey;
|
|
61
|
+
private readonly cacheName;
|
|
62
|
+
get<ExpectedValue = unknown>(): Promise<ExpectedValue | null>;
|
|
63
|
+
put(value: string, expirationTtl: number): Promise<void>;
|
|
64
|
+
}
|
|
65
|
+
/**
|
|
66
|
+
* Middleware for Firebase Authentication.
|
|
67
|
+
*
|
|
68
|
+
* Firebase Authentication用のミドルウェア。
|
|
69
|
+
*/
|
|
70
|
+
export declare class FirebaseAuthAdapter extends WorkersAuthAdapterBase {
|
|
71
|
+
constructor(options: FirebaseAuthOptions);
|
|
72
|
+
private readonly options;
|
|
73
|
+
build(): MiddlewareHandler;
|
|
74
|
+
private getBearerToken;
|
|
75
|
+
private unauthorized;
|
|
76
|
+
}
|
|
@@ -0,0 +1,86 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.FirebaseAuthAdapter = exports.FirebaseCacheApiKeyStorer = void 0;
|
|
4
|
+
const firebase_auth_cloudflare_workers_1 = require("firebase-auth-cloudflare-workers");
|
|
5
|
+
const workers_auth_adapter_base_1 = require("../src/workers_auth_adapter_base");
|
|
6
|
+
/**
|
|
7
|
+
* Firebase public key store using the Cloudflare Cache API.
|
|
8
|
+
*
|
|
9
|
+
* Cloudflare Cache APIを利用したFirebase公開鍵ストア。
|
|
10
|
+
*/
|
|
11
|
+
class FirebaseCacheApiKeyStorer {
|
|
12
|
+
constructor(projectId, cacheName = "firebase-pubkeys-v1") {
|
|
13
|
+
this.cacheKey = new Request(`https://cache.internal/firebase/pubkeys/${projectId}`);
|
|
14
|
+
this.cacheName = cacheName;
|
|
15
|
+
}
|
|
16
|
+
cacheKey;
|
|
17
|
+
cacheName;
|
|
18
|
+
async get() {
|
|
19
|
+
const cache = await caches.open(this.cacheName);
|
|
20
|
+
const hit = await cache.match(this.cacheKey);
|
|
21
|
+
if (!hit) {
|
|
22
|
+
return null;
|
|
23
|
+
}
|
|
24
|
+
return await hit.json();
|
|
25
|
+
}
|
|
26
|
+
async put(value, expirationTtl) {
|
|
27
|
+
const cache = await caches.open(this.cacheName);
|
|
28
|
+
await cache.put(this.cacheKey, new Response(value, {
|
|
29
|
+
headers: {
|
|
30
|
+
"content-type": "application/json",
|
|
31
|
+
"cache-control": `public, max-age=${expirationTtl}`,
|
|
32
|
+
},
|
|
33
|
+
}));
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
exports.FirebaseCacheApiKeyStorer = FirebaseCacheApiKeyStorer;
|
|
37
|
+
/**
|
|
38
|
+
* Middleware for Firebase Authentication.
|
|
39
|
+
*
|
|
40
|
+
* Firebase Authentication用のミドルウェア。
|
|
41
|
+
*/
|
|
42
|
+
class FirebaseAuthAdapter extends workers_auth_adapter_base_1.WorkersAuthAdapterBase {
|
|
43
|
+
constructor(options) {
|
|
44
|
+
super();
|
|
45
|
+
this.options = options;
|
|
46
|
+
}
|
|
47
|
+
options;
|
|
48
|
+
build() {
|
|
49
|
+
return async (context, next) => {
|
|
50
|
+
const token = this.getBearerToken(context);
|
|
51
|
+
if (!token) {
|
|
52
|
+
return await this.unauthorized(context);
|
|
53
|
+
}
|
|
54
|
+
try {
|
|
55
|
+
const keyStore = this.options.keyStore ?? new FirebaseCacheApiKeyStorer(this.options.projectId);
|
|
56
|
+
const auth = firebase_auth_cloudflare_workers_1.Auth.getOrInitialize(this.options.projectId, keyStore);
|
|
57
|
+
const decoded = await auth.verifyIdToken(token, this.options.checkRevoked, this.options.emulatorEnv, this.options.clockSkewSeconds);
|
|
58
|
+
this.setAuthContext(context, {
|
|
59
|
+
uid: decoded.uid,
|
|
60
|
+
token: decoded,
|
|
61
|
+
});
|
|
62
|
+
await next();
|
|
63
|
+
}
|
|
64
|
+
catch (error) {
|
|
65
|
+
return await this.unauthorized(context, error);
|
|
66
|
+
}
|
|
67
|
+
};
|
|
68
|
+
}
|
|
69
|
+
getBearerToken(context) {
|
|
70
|
+
const headerName = this.options.authorizationHeader ?? "Authorization";
|
|
71
|
+
const authorization = context.req.header(headerName);
|
|
72
|
+
if (!authorization) {
|
|
73
|
+
return undefined;
|
|
74
|
+
}
|
|
75
|
+
const match = authorization.match(/^Bearer\s+(.+)$/i);
|
|
76
|
+
return match?.[1];
|
|
77
|
+
}
|
|
78
|
+
async unauthorized(context, error) {
|
|
79
|
+
if (this.options.unauthorizedResponse) {
|
|
80
|
+
return await this.options.unauthorizedResponse(context, error);
|
|
81
|
+
}
|
|
82
|
+
return context.json({ error: "Unauthorized" }, 401);
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
exports.FirebaseAuthAdapter = FirebaseAuthAdapter;
|
|
86
|
+
//# sourceMappingURL=firebase_auth_adapter.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"firebase_auth_adapter.js","sourceRoot":"","sources":["../../../src/lib/adapters/firebase_auth_adapter.ts"],"names":[],"mappings":";;;AAAA,uFAK0C;AAE1C,gFAA0E;AA0D1E;;;;GAIG;AACH,MAAa,yBAAyB;IAClC,YACI,SAAiB,EACjB,YAAoB,qBAAqB;QAEzC,IAAI,CAAC,QAAQ,GAAG,IAAI,OAAO,CAAC,2CAA2C,SAAS,EAAE,CAAC,CAAC;QACpF,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;IAC/B,CAAC;IAEgB,QAAQ,CAAU;IAClB,SAAS,CAAS;IAEnC,KAAK,CAAC,GAAG;QACL,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC7C,IAAI,CAAC,GAAG,EAAE,CAAC;YACP,OAAO,IAAI,CAAC;QAChB,CAAC;QACD,OAAO,MAAM,GAAG,CAAC,IAAI,EAAmB,CAAC;IAC7C,CAAC;IAED,KAAK,CAAC,GAAG,CAAC,KAAa,EAAE,aAAqB;QAC1C,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,KAAK,CAAC,GAAG,CACX,IAAI,CAAC,QAAQ,EACb,IAAI,QAAQ,CAAC,KAAK,EAAE;YAChB,OAAO,EAAE;gBACL,cAAc,EAAE,kBAAkB;gBAClC,eAAe,EAAE,mBAAmB,aAAa,EAAE;aACtD;SACJ,CAAC,CACL,CAAC;IACN,CAAC;CACJ;AAjCD,8DAiCC;AAED;;;;GAIG;AACH,MAAa,mBAAoB,SAAQ,kDAAsB;IAC3D,YAAY,OAA4B;QACpC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAEgB,OAAO,CAAsB;IAE9C,KAAK;QACD,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;YAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;YAC3C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACT,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;YAC5C,CAAC;YACD,IAAI,CAAC;gBACD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,IAAI,IAAI,yBAAyB,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;gBAChG,MAAM,IAAI,GAAG,uCAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBACpE,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,aAAa,CACpC,KAAK,EACL,IAAI,CAAC,OAAO,CAAC,YAAY,EACzB,IAAI,CAAC,OAAO,CAAC,WAAW,EACxB,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAChC,CAAC;gBACF,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE;oBACzB,GAAG,EAAE,OAAO,CAAC,GAAG;oBAChB,KAAK,EAAE,OAA0B;iBACpC,CAAC,CAAC;gBACH,MAAM,IAAI,EAAE,CAAC;YACjB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACb,OAAO,MAAM,IAAI,CAAC,YAAY,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YACnD,CAAC;QACL,CAAC,CAAC;IACN,CAAC;IAEO,cAAc,CAAC,OAAgB;QACnC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,mBAAmB,IAAI,eAAe,CAAC;QACvE,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACrD,IAAI,CAAC,aAAa,EAAE,CAAC;YACjB,OAAO,SAAS,CAAC;QACrB,CAAC;QACD,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACtD,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,CAAC;IACtB,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,OAAgB,EAAE,KAAe;QACxD,IAAI,IAAI,CAAC,OAAO,CAAC,oBAAoB,EAAE,CAAC;YACpC,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,oBAAoB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACnE,CAAC;QACD,OAAO,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,cAAc,EAAE,EAAE,GAAG,CAAC,CAAC;IACxD,CAAC;CACJ;AAlDD,kDAkDC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import { MiddlewareHandler } from "hono";
|
|
2
|
+
import { WorkersAuthAdapterBase } from "../src/workers_auth_adapter_base";
|
|
3
|
+
/**
|
|
4
|
+
* Adapter that does not perform authentication.
|
|
5
|
+
*
|
|
6
|
+
* 認証を行わないアダプター。
|
|
7
|
+
*/
|
|
8
|
+
export declare class NoneAuthAdapter extends WorkersAuthAdapterBase {
|
|
9
|
+
build(): MiddlewareHandler;
|
|
10
|
+
}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.NoneAuthAdapter = void 0;
|
|
4
|
+
const workers_auth_adapter_base_1 = require("../src/workers_auth_adapter_base");
|
|
5
|
+
/**
|
|
6
|
+
* Adapter that does not perform authentication.
|
|
7
|
+
*
|
|
8
|
+
* 認証を行わないアダプター。
|
|
9
|
+
*/
|
|
10
|
+
class NoneAuthAdapter extends workers_auth_adapter_base_1.WorkersAuthAdapterBase {
|
|
11
|
+
build() {
|
|
12
|
+
return async (_, next) => {
|
|
13
|
+
await next();
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
}
|
|
17
|
+
exports.NoneAuthAdapter = NoneAuthAdapter;
|
|
18
|
+
//# sourceMappingURL=none_auth_adapter.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"none_auth_adapter.js","sourceRoot":"","sources":["../../../src/lib/adapters/none_auth_adapter.ts"],"names":[],"mappings":";;;AACA,gFAA0E;AAE1E;;;;GAIG;AACH,MAAa,eAAgB,SAAQ,kDAAsB;IACvD,KAAK;QACD,OAAO,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;YACrB,MAAM,IAAI,EAAE,CAAC;QACjB,CAAC,CAAC;IACN,CAAC;CACJ;AAND,0CAMC"}
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
import { Context, MiddlewareHandler } from "hono";
|
|
2
|
+
import { RulesEngine, RulesEvaluationInput, RulesEvaluationResult } from "../src/rules/rules_engine";
|
|
3
|
+
import { WorkersRuleAdapterBase } from "../src/workers_rule_adapter_base";
|
|
4
|
+
/**
|
|
5
|
+
* Input builder for rules adapter.
|
|
6
|
+
*
|
|
7
|
+
* rulesアダプター用の入力生成関数。
|
|
8
|
+
*/
|
|
9
|
+
export type RulesEvaluationInputBuilder = (context: Context) => RulesEvaluationInput | Promise<RulesEvaluationInput>;
|
|
10
|
+
/**
|
|
11
|
+
* Options for RulesEngineRuleAdapter.
|
|
12
|
+
*
|
|
13
|
+
* RulesEngineRuleAdapterのオプション。
|
|
14
|
+
*/
|
|
15
|
+
export interface RulesEngineRuleOptions {
|
|
16
|
+
/**
|
|
17
|
+
* Rules engine to evaluate access rules.
|
|
18
|
+
*
|
|
19
|
+
* アクセスルールを評価するrulesエンジン。
|
|
20
|
+
*/
|
|
21
|
+
engine: RulesEngine;
|
|
22
|
+
/**
|
|
23
|
+
* Builder that produces rules evaluation input from the request context.
|
|
24
|
+
*
|
|
25
|
+
* リクエストコンテキストからrules評価入力を生成するビルダー。
|
|
26
|
+
*/
|
|
27
|
+
getEvaluationInput: RulesEvaluationInputBuilder;
|
|
28
|
+
/**
|
|
29
|
+
* Response returned when access is denied.
|
|
30
|
+
*
|
|
31
|
+
* アクセスが拒否された場合に返すレスポンス。
|
|
32
|
+
*/
|
|
33
|
+
deniedResponse?: (context: Context, result: RulesEvaluationResult) => Response | Promise<Response>;
|
|
34
|
+
}
|
|
35
|
+
/**
|
|
36
|
+
* Middleware adapter that evaluates rules using a RulesEngine.
|
|
37
|
+
*
|
|
38
|
+
* RulesEngineを用いてrulesを評価するミドルウェアアダプター。
|
|
39
|
+
*/
|
|
40
|
+
export declare class RulesEngineRuleAdapter extends WorkersRuleAdapterBase {
|
|
41
|
+
constructor(options: RulesEngineRuleOptions);
|
|
42
|
+
private readonly options;
|
|
43
|
+
build(): MiddlewareHandler;
|
|
44
|
+
private denied;
|
|
45
|
+
}
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.RulesEngineRuleAdapter = void 0;
|
|
4
|
+
const workers_rule_adapter_base_1 = require("../src/workers_rule_adapter_base");
|
|
5
|
+
/**
|
|
6
|
+
* Middleware adapter that evaluates rules using a RulesEngine.
|
|
7
|
+
*
|
|
8
|
+
* RulesEngineを用いてrulesを評価するミドルウェアアダプター。
|
|
9
|
+
*/
|
|
10
|
+
class RulesEngineRuleAdapter extends workers_rule_adapter_base_1.WorkersRuleAdapterBase {
|
|
11
|
+
constructor(options) {
|
|
12
|
+
super();
|
|
13
|
+
this.options = options;
|
|
14
|
+
}
|
|
15
|
+
options;
|
|
16
|
+
build() {
|
|
17
|
+
return async (context, next) => {
|
|
18
|
+
const authentication = context.get("authentication");
|
|
19
|
+
const input = await this.options.getEvaluationInput(context);
|
|
20
|
+
const result = await this.options.engine.evaluate({
|
|
21
|
+
...input,
|
|
22
|
+
authentication: input.authentication ?? authentication,
|
|
23
|
+
});
|
|
24
|
+
if (!result.allowed) {
|
|
25
|
+
return await this.denied(context, result);
|
|
26
|
+
}
|
|
27
|
+
this.setRulesContext(context, result);
|
|
28
|
+
await next();
|
|
29
|
+
};
|
|
30
|
+
}
|
|
31
|
+
async denied(context, result) {
|
|
32
|
+
if (this.options.deniedResponse) {
|
|
33
|
+
return await this.options.deniedResponse(context, result);
|
|
34
|
+
}
|
|
35
|
+
return context.json({
|
|
36
|
+
error: "denied",
|
|
37
|
+
rule: result.rulePath,
|
|
38
|
+
}, 403);
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
exports.RulesEngineRuleAdapter = RulesEngineRuleAdapter;
|
|
42
|
+
//# sourceMappingURL=rules_middleware.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rules_middleware.js","sourceRoot":"","sources":["../../../src/lib/adapters/rules_middleware.ts"],"names":[],"mappings":";;;AAOA,gFAA0E;AA0C1E;;;;GAIG;AACH,MAAa,sBAAuB,SAAQ,kDAAsB;IAC9D,YAAY,OAA+B;QACvC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAEgB,OAAO,CAAyB;IAEjD,KAAK;QACD,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;YAC3B,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAmC,CAAC;YACvF,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;YAC7D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC;gBAC9C,GAAG,KAAK;gBACR,cAAc,EAAE,KAAK,CAAC,cAAc,IAAI,cAAc;aACzD,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBAClB,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAC9C,CAAC;YACD,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACtC,MAAM,IAAI,EAAE,CAAC;QACjB,CAAC,CAAC;IACN,CAAC;IAEO,KAAK,CAAC,MAAM,CAChB,OAAgB,EAChB,MAA6B;QAE7B,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;YAC9B,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC9D,CAAC;QACD,OAAO,OAAO,CAAC,IAAI,CAAC;YAChB,KAAK,EAAE,QAAQ;YACf,IAAI,EAAE,MAAM,CAAC,QAAQ;SACxB,EAAE,GAAG,CAAC,CAAC;IACZ,CAAC;CACJ;AApCD,wDAoCC"}
|
|
@@ -1,2 +1,3 @@
|
|
|
1
|
-
export * from "
|
|
2
|
-
export
|
|
1
|
+
export * from "../adapters/rules_middleware";
|
|
2
|
+
export { FirebaseAuthAdapter as FirebaseAuthenticationMiddleware, FirebaseAuthOptions as FirebaseAuthenticationMiddlewareOptions, FirebaseCacheApiKeyStorer, } from "../adapters/firebase_auth_adapter";
|
|
3
|
+
export { NoneAuthAdapter as NoAuthenticationMiddleware, } from "../adapters/none_auth_adapter";
|
|
@@ -14,6 +14,11 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
14
14
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
15
15
|
};
|
|
16
16
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
-
|
|
18
|
-
__exportStar(require("
|
|
17
|
+
exports.NoAuthenticationMiddleware = exports.FirebaseCacheApiKeyStorer = exports.FirebaseAuthenticationMiddleware = void 0;
|
|
18
|
+
__exportStar(require("../adapters/rules_middleware"), exports);
|
|
19
|
+
var firebase_auth_adapter_1 = require("../adapters/firebase_auth_adapter");
|
|
20
|
+
Object.defineProperty(exports, "FirebaseAuthenticationMiddleware", { enumerable: true, get: function () { return firebase_auth_adapter_1.FirebaseAuthAdapter; } });
|
|
21
|
+
Object.defineProperty(exports, "FirebaseCacheApiKeyStorer", { enumerable: true, get: function () { return firebase_auth_adapter_1.FirebaseCacheApiKeyStorer; } });
|
|
22
|
+
var none_auth_adapter_1 = require("../adapters/none_auth_adapter");
|
|
23
|
+
Object.defineProperty(exports, "NoAuthenticationMiddleware", { enumerable: true, get: function () { return none_auth_adapter_1.NoneAuthAdapter; } });
|
|
19
24
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/lib/middlewares/index.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/lib/middlewares/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;AAAA,+DAA6C;AAC7C,2EAI2C;AAHvC,yIAAA,mBAAmB,OAAoC;AAEvD,kIAAA,yBAAyB,OAAA;AAE7B,mEAEuC;AADnC,+HAAA,eAAe,OAA8B"}
|
|
@@ -0,0 +1,29 @@
|
|
|
1
|
+
import { Context, MiddlewareHandler } from "hono";
|
|
2
|
+
import { RulesEngine, RulesEvaluationInput, RulesEvaluationResult } from "../src/rules/rules_engine";
|
|
3
|
+
/**
|
|
4
|
+
* Input builder for rules middleware.
|
|
5
|
+
*
|
|
6
|
+
* rulesミドルウェア用の入力生成関数。
|
|
7
|
+
*/
|
|
8
|
+
export type RulesMiddlewareInputBuilder = (context: Context) => RulesEvaluationInput | Promise<RulesEvaluationInput>;
|
|
9
|
+
/**
|
|
10
|
+
* Options for rules middleware.
|
|
11
|
+
*
|
|
12
|
+
* rulesミドルウェアのオプション。
|
|
13
|
+
*/
|
|
14
|
+
export interface RulesMiddlewareOptions {
|
|
15
|
+
engine: RulesEngine;
|
|
16
|
+
getEvaluationInput: RulesMiddlewareInputBuilder;
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Create rules middleware.
|
|
20
|
+
*
|
|
21
|
+
* rulesミドルウェアを作成します。
|
|
22
|
+
*/
|
|
23
|
+
export declare function rulesMiddleware(options: RulesMiddlewareOptions): MiddlewareHandler;
|
|
24
|
+
/**
|
|
25
|
+
* Get rules evaluation result from Hono context.
|
|
26
|
+
*
|
|
27
|
+
* Hono contextからrules評価結果を取得します。
|
|
28
|
+
*/
|
|
29
|
+
export declare function getRulesEvaluationResult(context: Context): RulesEvaluationResult | undefined;
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.rulesMiddleware = rulesMiddleware;
|
|
4
|
+
exports.getRulesEvaluationResult = getRulesEvaluationResult;
|
|
5
|
+
/**
|
|
6
|
+
* Create rules middleware.
|
|
7
|
+
*
|
|
8
|
+
* rulesミドルウェアを作成します。
|
|
9
|
+
*/
|
|
10
|
+
function rulesMiddleware(options) {
|
|
11
|
+
return async (context, next) => {
|
|
12
|
+
const authentication = context.get("authentication");
|
|
13
|
+
const input = await options.getEvaluationInput(context);
|
|
14
|
+
const result = await options.engine.evaluate({
|
|
15
|
+
...input,
|
|
16
|
+
authentication: input.authentication ?? authentication,
|
|
17
|
+
});
|
|
18
|
+
if (!result.allowed) {
|
|
19
|
+
return context.json({
|
|
20
|
+
error: "denied",
|
|
21
|
+
rule: result.rulePath,
|
|
22
|
+
}, 403);
|
|
23
|
+
}
|
|
24
|
+
context.set("rules", result);
|
|
25
|
+
await next();
|
|
26
|
+
};
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Get rules evaluation result from Hono context.
|
|
30
|
+
*
|
|
31
|
+
* Hono contextからrules評価結果を取得します。
|
|
32
|
+
*/
|
|
33
|
+
function getRulesEvaluationResult(context) {
|
|
34
|
+
return context.get("rules");
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=rules_middleware.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rules_middleware.js","sourceRoot":"","sources":["../../../src/lib/middlewares/rules_middleware.ts"],"names":[],"mappings":";;AAgCA,0CAiBC;AAOD,4DAEC;AA/BD;;;;GAIG;AACH,SAAgB,eAAe,CAAC,OAA+B;IAC3D,OAAO,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAmC,CAAC;QACvF,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC;YACzC,GAAG,KAAK;YACR,cAAc,EAAE,KAAK,CAAC,cAAc,IAAI,cAAc;SACzD,CAAC,CAAC;QACH,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAClB,OAAO,OAAO,CAAC,IAAI,CAAC;gBAChB,KAAK,EAAE,QAAQ;gBACf,IAAI,EAAE,MAAM,CAAC,QAAQ;aACxB,EAAE,GAAG,CAAC,CAAC;QACZ,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC7B,MAAM,IAAI,EAAE,CAAC;IACjB,CAAC,CAAC;AACN,CAAC;AAED;;;;GAIG;AACH,SAAgB,wBAAwB,CAAC,OAAgB;IACrD,OAAO,OAAO,CAAC,GAAG,CAAC,OAAO,CAAsC,CAAC;AACrE,CAAC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Result of matching a rule path against a request path.
|
|
3
|
+
*
|
|
4
|
+
* ルールパスとリクエストパスのマッチ結果。
|
|
5
|
+
*/
|
|
6
|
+
export interface RulePathMatch {
|
|
7
|
+
matched: boolean;
|
|
8
|
+
rulePath: string;
|
|
9
|
+
literalSegments: number;
|
|
10
|
+
wildcardSegments: number;
|
|
11
|
+
deepWildcardSegments: number;
|
|
12
|
+
matchedSegments: number;
|
|
13
|
+
}
|
|
14
|
+
/**
|
|
15
|
+
* Match rule path to request path.
|
|
16
|
+
*
|
|
17
|
+
* ルールパスをリクエストパスに照合します。
|
|
18
|
+
*/
|
|
19
|
+
export declare function matchRulePath(rulePath: string, requestPath: string): RulePathMatch;
|
|
20
|
+
/**
|
|
21
|
+
* Compare matches by specificity.
|
|
22
|
+
*
|
|
23
|
+
* マッチ結果を具体度で比較します。
|
|
24
|
+
*/
|
|
25
|
+
export declare function compareRulePathMatch(a: RulePathMatch, b: RulePathMatch): number;
|
|
26
|
+
/**
|
|
27
|
+
* Sort matches from the most specific to the least specific.
|
|
28
|
+
*
|
|
29
|
+
* マッチ結果を具体度の高い順に並べます。
|
|
30
|
+
*/
|
|
31
|
+
export declare function sortRulePathMatches(matches: RulePathMatch[]): RulePathMatch[];
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.matchRulePath = matchRulePath;
|
|
4
|
+
exports.compareRulePathMatch = compareRulePathMatch;
|
|
5
|
+
exports.sortRulePathMatches = sortRulePathMatches;
|
|
6
|
+
const rules_loader_1 = require("./rules_loader");
|
|
7
|
+
/**
|
|
8
|
+
* Match rule path to request path.
|
|
9
|
+
*
|
|
10
|
+
* ルールパスをリクエストパスに照合します。
|
|
11
|
+
*/
|
|
12
|
+
function matchRulePath(rulePath, requestPath) {
|
|
13
|
+
(0, rules_loader_1.validateRulePath)(rulePath);
|
|
14
|
+
const ruleSegments = splitPath(rulePath);
|
|
15
|
+
const requestSegments = splitPath(requestPath);
|
|
16
|
+
let literalSegments = 0;
|
|
17
|
+
let wildcardSegments = 0;
|
|
18
|
+
let deepWildcardSegments = 0;
|
|
19
|
+
for (let i = 0; i < ruleSegments.length; i++) {
|
|
20
|
+
const ruleSegment = ruleSegments[i];
|
|
21
|
+
if (ruleSegment === "**") {
|
|
22
|
+
deepWildcardSegments = 1;
|
|
23
|
+
return {
|
|
24
|
+
matched: true,
|
|
25
|
+
rulePath,
|
|
26
|
+
literalSegments,
|
|
27
|
+
wildcardSegments,
|
|
28
|
+
deepWildcardSegments,
|
|
29
|
+
matchedSegments: requestSegments.length,
|
|
30
|
+
};
|
|
31
|
+
}
|
|
32
|
+
const requestSegment = requestSegments[i];
|
|
33
|
+
if (requestSegment === undefined) {
|
|
34
|
+
return createUnmatched(rulePath);
|
|
35
|
+
}
|
|
36
|
+
if (ruleSegment === "*") {
|
|
37
|
+
wildcardSegments++;
|
|
38
|
+
continue;
|
|
39
|
+
}
|
|
40
|
+
if (ruleSegment !== requestSegment) {
|
|
41
|
+
return createUnmatched(rulePath);
|
|
42
|
+
}
|
|
43
|
+
literalSegments++;
|
|
44
|
+
}
|
|
45
|
+
if (ruleSegments.length !== requestSegments.length) {
|
|
46
|
+
return createUnmatched(rulePath);
|
|
47
|
+
}
|
|
48
|
+
return {
|
|
49
|
+
matched: true,
|
|
50
|
+
rulePath,
|
|
51
|
+
literalSegments,
|
|
52
|
+
wildcardSegments,
|
|
53
|
+
deepWildcardSegments,
|
|
54
|
+
matchedSegments: requestSegments.length,
|
|
55
|
+
};
|
|
56
|
+
}
|
|
57
|
+
/**
|
|
58
|
+
* Compare matches by specificity.
|
|
59
|
+
*
|
|
60
|
+
* マッチ結果を具体度で比較します。
|
|
61
|
+
*/
|
|
62
|
+
function compareRulePathMatch(a, b) {
|
|
63
|
+
if (a.literalSegments !== b.literalSegments) {
|
|
64
|
+
return b.literalSegments - a.literalSegments;
|
|
65
|
+
}
|
|
66
|
+
if (a.deepWildcardSegments !== b.deepWildcardSegments) {
|
|
67
|
+
return a.deepWildcardSegments - b.deepWildcardSegments;
|
|
68
|
+
}
|
|
69
|
+
if (a.wildcardSegments !== b.wildcardSegments) {
|
|
70
|
+
return a.wildcardSegments - b.wildcardSegments;
|
|
71
|
+
}
|
|
72
|
+
if (a.matchedSegments !== b.matchedSegments) {
|
|
73
|
+
return b.matchedSegments - a.matchedSegments;
|
|
74
|
+
}
|
|
75
|
+
return a.rulePath.localeCompare(b.rulePath);
|
|
76
|
+
}
|
|
77
|
+
/**
|
|
78
|
+
* Sort matches from the most specific to the least specific.
|
|
79
|
+
*
|
|
80
|
+
* マッチ結果を具体度の高い順に並べます。
|
|
81
|
+
*/
|
|
82
|
+
function sortRulePathMatches(matches) {
|
|
83
|
+
return [...matches].sort(compareRulePathMatch);
|
|
84
|
+
}
|
|
85
|
+
function splitPath(path) {
|
|
86
|
+
if (path.length === 0 || path.startsWith("/") || path.endsWith("/")) {
|
|
87
|
+
return [];
|
|
88
|
+
}
|
|
89
|
+
const segments = path.split("/");
|
|
90
|
+
if (segments.some((segment) => segment.length === 0)) {
|
|
91
|
+
return [];
|
|
92
|
+
}
|
|
93
|
+
return segments;
|
|
94
|
+
}
|
|
95
|
+
function createUnmatched(rulePath) {
|
|
96
|
+
return {
|
|
97
|
+
matched: false,
|
|
98
|
+
rulePath,
|
|
99
|
+
literalSegments: 0,
|
|
100
|
+
wildcardSegments: 0,
|
|
101
|
+
deepWildcardSegments: 0,
|
|
102
|
+
matchedSegments: 0,
|
|
103
|
+
};
|
|
104
|
+
}
|
|
105
|
+
//# sourceMappingURL=path_matcher.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"path_matcher.js","sourceRoot":"","sources":["../../../../src/lib/src/rules/path_matcher.ts"],"names":[],"mappings":";;AAqBA,sCA6CC;AAOD,oDAcC;AAOD,kDAEC;AAhGD,iDAAkD;AAgBlD;;;;GAIG;AACH,SAAgB,aAAa,CAAC,QAAgB,EAAE,WAAmB;IAC/D,IAAA,+BAAgB,EAAC,QAAQ,CAAC,CAAC;IAC3B,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;IACzC,MAAM,eAAe,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IAC/C,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,gBAAgB,GAAG,CAAC,CAAC;IACzB,IAAI,oBAAoB,GAAG,CAAC,CAAC;IAE7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC3C,MAAM,WAAW,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;QACpC,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;YACvB,oBAAoB,GAAG,CAAC,CAAC;YACzB,OAAO;gBACH,OAAO,EAAE,IAAI;gBACb,QAAQ;gBACR,eAAe;gBACf,gBAAgB;gBAChB,oBAAoB;gBACpB,eAAe,EAAE,eAAe,CAAC,MAAM;aAC1C,CAAC;QACN,CAAC;QACD,MAAM,cAAc,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;QAC1C,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;YAC/B,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;QACD,IAAI,WAAW,KAAK,GAAG,EAAE,CAAC;YACtB,gBAAgB,EAAE,CAAC;YACnB,SAAS;QACb,CAAC;QACD,IAAI,WAAW,KAAK,cAAc,EAAE,CAAC;YACjC,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;QACrC,CAAC;QACD,eAAe,EAAE,CAAC;IACtB,CAAC;IACD,IAAI,YAAY,CAAC,MAAM,KAAK,eAAe,CAAC,MAAM,EAAE,CAAC;QACjD,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC;IACD,OAAO;QACH,OAAO,EAAE,IAAI;QACb,QAAQ;QACR,eAAe;QACf,gBAAgB;QAChB,oBAAoB;QACpB,eAAe,EAAE,eAAe,CAAC,MAAM;KAC1C,CAAC;AACN,CAAC;AAED;;;;GAIG;AACH,SAAgB,oBAAoB,CAAC,CAAgB,EAAE,CAAgB;IACnE,IAAI,CAAC,CAAC,eAAe,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;QAC1C,OAAO,CAAC,CAAC,eAAe,GAAG,CAAC,CAAC,eAAe,CAAC;IACjD,CAAC;IACD,IAAI,CAAC,CAAC,oBAAoB,KAAK,CAAC,CAAC,oBAAoB,EAAE,CAAC;QACpD,OAAO,CAAC,CAAC,oBAAoB,GAAG,CAAC,CAAC,oBAAoB,CAAC;IAC3D,CAAC;IACD,IAAI,CAAC,CAAC,gBAAgB,KAAK,CAAC,CAAC,gBAAgB,EAAE,CAAC;QAC5C,OAAO,CAAC,CAAC,gBAAgB,GAAG,CAAC,CAAC,gBAAgB,CAAC;IACnD,CAAC;IACD,IAAI,CAAC,CAAC,eAAe,KAAK,CAAC,CAAC,eAAe,EAAE,CAAC;QAC1C,OAAO,CAAC,CAAC,eAAe,GAAG,CAAC,CAAC,eAAe,CAAC;IACjD,CAAC;IACD,OAAO,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;AAChD,CAAC;AAED;;;;GAIG;AACH,SAAgB,mBAAmB,CAAC,OAAwB;IACxD,OAAO,CAAC,GAAG,OAAO,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,SAAS,CAAC,IAAY;IAC3B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClE,OAAO,EAAE,CAAC;IACd,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;QACnD,OAAO,EAAE,CAAC;IACd,CAAC;IACD,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED,SAAS,eAAe,CAAC,QAAgB;IACrC,OAAO;QACH,OAAO,EAAE,KAAK;QACd,QAAQ;QACR,eAAe,EAAE,CAAC;QAClB,gBAAgB,EAAE,CAAC;QACnB,oBAAoB,EAAE,CAAC;QACvB,eAAe,EAAE,CAAC;KACrB,CAAC;AACN,CAAC"}
|