@mercuryo-ai/magicpay-sdk 0.1.0-test.2

package/LICENSE.md

@@ -0,0 +1,56 @@
+# Proprietary Commercial SDK License
+
+This license governs the use and distribution of the `@mercuryo-ai/magicpay-sdk`
+package and its accompanying documentation materials (collectively, the
+"SDK").
+
+The SDK is licensed, not sold. Subject to your compliance with this license,
+the SDK distributor and copyright holder (the "Licensor") grants you a
+limited, non-exclusive, non-transferable, non-sublicensable license to:
+
+- install and use the SDK internally;
+- reproduce the SDK as reasonably necessary to build, test, deploy, and run
+  your applications or internal services;
+- integrate the SDK into your applications and internal systems solely to
+  interoperate with MagicPay-powered workflows and services.
+
+Except as expressly permitted above, you may not:
+
+- use the SDK, or any part of it, to build, offer, operate, or support any
+  competing product or service that is substantially similar to MagicPay or
+  materially substitutes for MagicPay;
+- sell, resell, rent, lease, sublicense, assign, or otherwise transfer rights
+  to the SDK;
+- distribute, publish, or make the SDK available as a standalone package,
+  toolkit, SDK, developer product, or reusable component for third parties;
+- publish, disclose, or redistribute the SDK source code, except as strictly
+  required by applicable law;
+- remove or obscure copyright, trademark, attribution, or license notices
+  included with the SDK.
+
+You may distribute your own applications that incorporate or call the SDK only
+as part of your broader application or service, and not in a manner that makes
+the SDK itself available for third-party reuse as a standalone developer
+offering.
+
+All rights not expressly granted are reserved by the Licensor.
+
+The SDK may include or depend on third-party software components that are made
+available under separate license terms. Your use of those components remains
+subject to their applicable third-party licenses.
+
+This license automatically terminates if you breach it. Upon termination, you
+must stop using the SDK and delete all copies in your possession or control,
+except to the extent retention is required by law.
+
+THE SDK IS PROVIDED "AS IS", WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE, TITLE, OR NON-INFRINGEMENT. TO THE MAXIMUM
+EXTENT PERMITTED BY APPLICABLE LAW, THE LICENSOR WILL NOT BE LIABLE FOR ANY
+INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES,
+OR FOR ANY LOSS OF PROFITS, REVENUE, DATA, GOODWILL, OR BUSINESS INTERRUPTION,
+ARISING OUT OF OR RELATED TO THE SDK OR THIS LICENSE. TO THE MAXIMUM EXTENT
+PERMITTED BY APPLICABLE LAW, THE LICENSOR'S TOTAL LIABILITY ARISING OUT OF OR
+RELATED TO THE SDK OR THIS LICENSE WILL NOT EXCEED THE AMOUNT YOU PAID, IF ANY,
+FOR THE SDK DURING THE TWELVE MONTHS PRECEDING THE EVENT GIVING RISE TO THE
+CLAIM.

package/README.md

@@ -0,0 +1,426 @@
+# @mercuryo-ai/magicpay-sdk
+
+MagicPay SDK is the TypeScript and Node client for MagicPay workflow sessions and
+secret request flows. It gives a trusted runtime a consistent way to read
+session state, fetch a stored-secret catalog, create a secret request, poll for
+approval, and claim a one-time secret payload. The root package is the MagicPay
+domain surface. AgentBrowse-specific form matching and protected-fill helpers
+live in a separate `@mercuryo-ai/magicpay-sdk/agentbrowse` subpath.
+
+## Install
+
+Install the MagicPay SDK:
+
+```bash
+npm i @mercuryo-ai/magicpay-sdk
+```
+
+For AgentBrowse-based browser execution, install both packages:
+
+```bash
+npm i @mercuryo-ai/magicpay-sdk @mercuryo-ai/agentbrowse
+```
+
+## API Access
+
+MagicPay API base URL:
+
+```text
+https://agents-api.mercuryo.io/functions/v1/api
+```
+
+Create an API key in your MagicPay control plane and pass both values into
+`createMagicPayClient(...)`.
+
+## Entrypoints
+
+| Entrypoint | Purpose |
+| --- | --- |
+| `@mercuryo-ai/magicpay-sdk` | Networked MagicPay client and consumer-facing types. |
+| `@mercuryo-ai/magicpay-sdk/core` | Pure domain helpers for session state and secret request status interpretation. |
+| `@mercuryo-ai/magicpay-sdk/agentbrowse` | Bridge helpers for AgentBrowse observed forms and protected fill execution. |
+
+## Runtime Model
+
+MagicPay SDK is runtime-agnostic. The root package works with any trusted
+runtime that can create a MagicPay request input and consume a claimed secret
+payload. AgentBrowse is one browser runtime integration path. Claimed secret
+values can be consumed by browser automation, API clients, MCP tools, or custom
+agent runtimes.
+
+## Integration Modes
+
+MagicPay SDK supports two explicit integration modes.
+
+### Mode A. Runtime-Agnostic Secret Flow
+
+Use only the root `@mercuryo-ai/magicpay-sdk` entrypoint when your runtime already
+knows how it wants to consume a claimed secret payload.
+
+In this mode you:
+
+- create or read sessions;
+- fetch catalogs;
+- create secret requests;
+- poll until approval or another terminal status;
+- claim the one-time payload;
+- hand the payload to your own browser automation, API client, MCP tool, or
+  other runtime.
+
+This mode does not require AgentBrowse imports.
+
+### Mode B. Explicit AgentBrowse Bridge
+
+Use `@mercuryo-ai/magicpay-sdk/agentbrowse` only when your runtime already uses
+`@mercuryo-ai/agentbrowse` and wants a typed bridge from observed forms to MagicPay
+request inputs and protected-fill execution.
+
+In this mode you:
+
+- observe protected forms with AgentBrowse;
+- build MagicPay request input from an observed form;
+- enrich observed forms with catalog candidates;
+- prepare protected-fill input from a fulfilled MagicPay claim.
+
+AgentBrowse stays an explicit optional dependency. The root SDK does not
+implicitly enable or require it.
+
+## Glossary
+
+| Term | Meaning |
+| --- | --- |
+| `session` | One MagicPay workflow session. |
+| `catalog` | Stored secrets available for a host inside a session. |
+| `storedSecretRef` | The saved secret you want MagicPay to provide for a request. |
+| `secret request` | A request for a one-time secret payload tied to a workflow step. |
+| `claim` | The one-time retrieval of approved secret values. |
+| `fillRef` | Stable identifier for the protected fill target tied to a request. |
+| `pageRef` | Stable identifier for the observed page that contains the fill target. |
+| `scopeRef` | Stable identifier for a protected surface inside the page. |
+
+## Main Flow
+
+```mermaid
+flowchart LR
+  A[sessionId] --> B[fetchCatalog]
+  B --> C[pick storedSecretRef]
+  C --> D{input source}
+  D -->|manual| E[build request input]
+  D -->|AgentBrowse| F[buildRequestInputForObservedForm]
+  E --> G[client.secrets.createRequest]
+  F --> G
+  G --> H[pollUntil]
+  H -->|fulfilled| I[claim]
+  H -->|denied / expired / failed / canceled| J[branch in your app]
+  I --> K{payload consumer}
+  K -->|custom runtime| L[consume secret values]
+  K -->|AgentBrowse| M[prepareProtectedFillFromClaim]
+  M --> N[fillProtectedForm]
+```
+
+## Quick Start
+
+### Root Client
+
+Use the root package when your runtime already knows the request context it
+wants to send to MagicPay. This is Mode A: runtime-agnostic secret flow.
+
+```ts
+import { createMagicPayClient } from '@mercuryo-ai/magicpay-sdk';
+
+// Create a networked MagicPay client for your runtime.
+const client = createMagicPayClient({
+  gateway: {
+    apiKey: process.env.MAGICPAY_API_KEY!,
+    apiUrl: 'https://agents-api.mercuryo.io/functions/v1/api',
+  },
+});
+
+const sessionId = 'sess_123';
+const pageUrl = 'https://checkout.airline.example/payment';
+
+// Load the stored-secret catalog for the current host.
+const catalog = await client.secrets.fetchCatalog(sessionId, pageUrl);
+
+// Create a request for one stored secret and the exact fields this step needs.
+const created = await client.secrets.createRequest({
+  sessionId,
+  clientRequestId: 'checkout-card-1',
+  fillRef: 'checkout_card',
+  purpose: 'payment_card',
+  merchantName: 'Airline Example',
+  page: {
+    url: pageUrl,
+    title: 'Payment',
+  },
+  secretHint: {
+    storedSecretRef: 'secret_card_primary',
+    kind: 'payment_card',
+    host: catalog.host,
+    scopeRef: 'payment_surface',
+    fields: ['pan', 'exp_month', 'exp_year', 'cvv'],
+  },
+});
+
+// Wait for approval or another terminal outcome.
+const ready = await client.secrets.pollUntil(sessionId, created.requestId);
+if (!ready.success) {
+  throw new Error(ready.reason);
+}
+if (ready.result.snapshot.status !== 'fulfilled') {
+  throw new Error(`Request ended as ${ready.result.snapshot.status}`);
+}
+
+// Claim the one-time secret payload after approval.
+const claim = await client.secrets.claim(sessionId, created.requestId);
+if (!claim.success) {
+  throw new Error(claim.reason);
+}
+
+// Use the claimed values in your runtime.
+console.log(claim.result.secret.values);
+```
+
+### AgentBrowse Bridge
+
+Use the AgentBrowse subpath when your runtime starts from `observe(...)` and
+then wants to request and fill a secret through MagicPay. This is Mode B:
+explicit AgentBrowse bridge.
+
+```ts
+import { act, observe } from '@mercuryo-ai/agentbrowse';
+import {
+  fillProtectedForm,
+  type ProtectedFillForm,
+} from '@mercuryo-ai/agentbrowse/protected-fill';
+import { createMagicPayClient } from '@mercuryo-ai/magicpay-sdk';
+import {
+  buildRequestInputForObservedForm,
+  enrichObservedFormsForUrl,
+  prepareProtectedFillFromClaim,
+} from '@mercuryo-ai/magicpay-sdk/agentbrowse';
+
+// Create the MagicPay client that will own the approval flow.
+const client = createMagicPayClient({
+  gateway: {
+    apiKey: process.env.MAGICPAY_API_KEY!,
+    apiUrl: 'https://agents-api.mercuryo.io/functions/v1/api',
+  },
+});
+
+const sessionId = 'sess_123';
+
+// Observe the current page and collect protected fill forms.
+const observation = await observe(browserSession, 'Find the login form');
+if (!observation.success || !observation.url || !Array.isArray(observation.fillableForms)) {
+  throw new Error('AgentBrowse did not return observed forms.');
+}
+
+const observedForms = observation.fillableForms as ProtectedFillForm[];
+
+// Load the stored-secret catalog for the observed host.
+const catalog = await client.secrets.fetchCatalog(sessionId, observation.url);
+
+// Attach catalog candidates to the observed forms.
+const enrichedForms = enrichObservedFormsForUrl(
+  observedForms,
+  { [catalog.host]: catalog },
+  observation.url
+);
+const loginForm =
+  enrichedForms.find((form) => form.purpose === 'login') ?? enrichedForms[0] ?? null;
+if (!loginForm) {
+  throw new Error('No protected fill form was observed.');
+}
+
+// Convert the observed form into a MagicPay secret request input.
+const requestInput = buildRequestInputForObservedForm({
+  sessionId,
+  merchantName: 'Airline Example',
+  storedSecretRef: 'secret_login_primary',
+  urlOrHost: observation.url,
+  catalog,
+  fillableForm: loginForm,
+  page: {
+    ref: loginForm.pageRef,
+    url: observation.url,
+    ...(observation.title ? { title: observation.title } : {}),
+  },
+});
+
+if (!requestInput.success) {
+  throw new Error(requestInput.reason);
+}
+
+// Create the approval request and wait until it is fulfilled.
+const created = await client.secrets.createRequest(requestInput.input);
+const ready = await client.secrets.pollUntil(sessionId, created.requestId);
+if (!ready.success) {
+  throw new Error(ready.reason);
+}
+if (ready.result.snapshot.status !== 'fulfilled') {
+  throw new Error(`Request ended as ${ready.result.snapshot.status}`);
+}
+
+// Claim the one-time payload once the request is approved.
+const claim = await client.secrets.claim(sessionId, created.requestId);
+if (!claim.success) {
+  throw new Error(claim.reason);
+}
+
+// Convert the claim into AgentBrowse protected-fill input.
+const prepared = prepareProtectedFillFromClaim({
+  fillableForm: loginForm,
+  catalog,
+  claim: claim.result,
+  request: created.snapshot,
+});
+
+// Fill the protected fields in the browser.
+const browserFill = await fillProtectedForm({
+  session: browserSession,
+  fillableForm: prepared.fillableForm,
+  protectedValues: prepared.protectedValues,
+  fieldPolicies: prepared.fieldPolicies,
+});
+
+if (!browserFill.success) {
+  throw new Error(browserFill.reason);
+}
+
+// Re-observe after the protected fill. The submit button is a fresh action target,
+// so reacquire it from the live page instead of guessing from older inventory.
+const submitObservation = await observe(
+  browserSession,
+  'Find the single actionable submit target that sends the filled login form.'
+);
+if (!submitObservation.success || submitObservation.targets.length === 0) {
+  throw new Error(submitObservation.reason ?? submitObservation.message);
+}
+
+// Goal-based observe narrows the inventory to the submit action we care about.
+const submitTarget = submitObservation.targets[0];
+if (!submitTarget?.ref || submitTarget.capability !== 'actionable') {
+  throw new Error('AgentBrowse did not return an actionable submit target.');
+}
+
+const submitAction = await act(browserSession, submitTarget.ref, 'click');
+if (!submitAction.success) {
+  throw new Error(submitAction.reason ?? submitAction.message);
+}
+```
+
+### Claim And Use Secrets Outside The Browser
+
+Use the claimed payload directly when your runtime wants to authenticate to an
+API, call a provider SDK, or pass a secret into an MCP tool flow.
+
+```ts
+import { createMagicPayClient } from '@mercuryo-ai/magicpay-sdk';
+
+// Create the MagicPay client for the claim step.
+const client = createMagicPayClient({
+  gateway: {
+    apiKey: process.env.MAGICPAY_API_KEY!,
+    apiUrl: 'https://agents-api.mercuryo.io/functions/v1/api',
+  },
+});
+
+// Claim the approved secret payload.
+const claim = await client.secrets.claim('sess_123', 'req_123');
+if (!claim.success) {
+  throw new Error(claim.reason);
+}
+
+// Forward the claimed values to the API you want to call.
+const response = await fetch('https://api.airline.example/login', {
+  method: 'POST',
+  headers: { 'content-type': 'application/json' },
+  body: JSON.stringify({
+    username: claim.result.secret.values.username,
+    password: claim.result.secret.values.password,
+  }),
+});
+
+if (!response.ok) {
+  throw new Error(`Provider login failed with ${response.status}`);
+}
+```
+
+## Polling Defaults
+
+`client.secrets.pollUntil(...)` uses a conservative profile by default:
+
+- timeout: `180_000` ms
+- initial interval: `10_000` ms
+- max interval: `30_000` ms
+- backoff multiplier: `1.2`
+
+Override these values when your application needs a different approval window.
+
+## Error Reference
+
+### `buildRequestInputForObservedForm(...)`
+
+| Kind | When it happens | What to do |
+| --- | --- | --- |
+| `host_resolution_failed` | No usable host could be resolved from the page URL, host, or catalog. | Pass a valid page URL or a catalog with a host. |
+| `stored_secret_not_available` | The chosen `storedSecretRef` is not available for the observed form and host. | Fetch the catalog again or choose a different stored secret. |
+
+### `client.secrets.poll(...)` and `client.secrets.pollUntil(...)`
+
+| Kind | When it happens | What to do |
+| --- | --- | --- |
+| `not_found` | The request ID does not exist in the session. | Recreate the request or refresh local state. |
+| `aborted` | The caller aborted the poll. | Decide whether to resume or stop. |
+| `other` | MagicPay returned another transport or backend failure. | Inspect `status`, `errorCode`, and logs. |
+| `timeout` | `pollUntil(...)` exceeded its timeout. | Continue polling later or surface a timeout to the user. |
+
+### `client.secrets.claim(...)`
+
+| Kind | When it happens | What to do |
+| --- | --- | --- |
+| `not_fulfilled` | The request is not approved yet. | Keep polling or ask the user to approve it. |
+| `already_claimed` | The one-time secret payload was already claimed. | Create a new secret request. |
+| `aborted` | The caller aborted the claim request. | Retry only if the application still needs the payload. |
+| `other` | MagicPay returned another transport or backend failure. | Inspect `status`, `errorCode`, and logs. |
+
+## `nextAction` Reference
+
+`describeSecretRequestStatus(...)` and `pollUntil(...)` return a status contract with
+`nextAction` values that are useful for orchestration:
+
+| `nextAction` | Meaning |
+| --- | --- |
+| `poll-secret` | Approval is still pending. |
+| `fill-secret` | The request is fulfilled and can be claimed. |
+| `ask-user` | A human decision or recovery step is needed. |
+| `request-secret` | Create a new request instead of continuing the current one. |
+
+## Testing
+
+Pass `fetchImpl` into `createMagicPayClient(...)` to fully control network
+responses in tests.
+
+```ts
+import { createMagicPayClient } from '@mercuryo-ai/magicpay-sdk';
+
+const client = createMagicPayClient({
+  gateway: {
+    apiKey: 'test_api_key',
+    apiUrl: 'https://agents-api.mercuryo.io/functions/v1/api',
+  },
+  fetchImpl: async (url, init = {}) => {
+    const method = (init.method ?? 'GET').toUpperCase();
+    if (method === 'GET' && String(url).includes('/secrets/catalog')) {
+      return new Response(JSON.stringify([]), {
+        status: 200,
+        headers: { 'content-type': 'application/json' },
+      });
+    }
+    throw new Error(`Unexpected ${method} ${url}`);
+  },
+});
+```
+
+See [`docs/examples.md`](./docs/examples.md) for more complete recipes.

package/dist/agentbrowse.d.ts

@@ -0,0 +1,66 @@
+import type { ProtectedFieldPolicies, ProtectedFillForm } from '@mercuryo-ai/agentbrowse';
+import type { ClaimSecretRequestResult, CreateSecretRequestInput, SecretCatalog, SecretCatalogByHost, SecretRequestSnapshot, StoredSecretFieldKey, StoredSecretFieldPolicies, StoredSecretKind, StoredSecretScope } from './secret-flow.js';
+export interface ObservedFormStoredSecretCandidate {
+    storedSecretRef: string;
+    kind: StoredSecretKind;
+    scope: StoredSecretScope;
+    displayName: string;
+    matchConfidence: 'high' | 'medium' | 'low';
+    intentRequired: boolean;
+    fieldKeys?: StoredSecretFieldKey[];
+    fieldPolicies?: StoredSecretFieldPolicies;
+}
+export type ObservedFormWithStoredSecrets<TForm extends ProtectedFillForm = ProtectedFillForm> = TForm & {
+    storedSecretCandidates: ObservedFormStoredSecretCandidate[];
+};
+export type BuildRequestInputForObservedFormFailureKind = 'host_resolution_failed' | 'stored_secret_not_available';
+export type BuildRequestInputForObservedFormOutcome<TForm extends ProtectedFillForm = ProtectedFillForm> = {
+    success: true;
+    host: string;
+    catalog: SecretCatalog;
+    candidate: ObservedFormStoredSecretCandidate;
+    input: CreateSecretRequestInput;
+    fillableForm: TForm;
+} | {
+    success: false;
+    kind: BuildRequestInputForObservedFormFailureKind;
+    reason: string;
+    host: string | null;
+    catalog: SecretCatalog | null;
+    fillableForm: TForm;
+};
+export type PreparedProtectedFill<TForm extends ProtectedFillForm = ProtectedFillForm> = {
+    fillableForm: TForm;
+    storedSecretCandidate: ObservedFormStoredSecretCandidate | null;
+    protectedValues: ClaimSecretRequestResult['secret']['values'];
+    storedSecretRef: string | null;
+    fieldPolicies?: ProtectedFieldPolicies;
+};
+export declare function buildObservedFormStoredSecretCandidates(form: Pick<ProtectedFillForm, 'purpose' | 'fields'>, catalog: SecretCatalog | null): ObservedFormStoredSecretCandidate[];
+export declare function findObservedFormStoredSecretCandidate(form: Pick<ProtectedFillForm, 'purpose' | 'fields'>, catalog: SecretCatalog | null, storedSecretRef: string | undefined): ObservedFormStoredSecretCandidate | null;
+export declare function enrichObservedFormWithStoredSecrets<TForm extends ProtectedFillForm>(form: TForm, catalog: SecretCatalog | null): ObservedFormWithStoredSecrets<TForm>;
+export declare function enrichObservedFormsWithStoredSecrets<TForm extends ProtectedFillForm>(forms: ReadonlyArray<TForm>, catalog: SecretCatalog | null): Array<ObservedFormWithStoredSecrets<TForm>>;
+export declare function enrichObservedFormsForUrl<TForm extends ProtectedFillForm>(forms: ReadonlyArray<TForm>, catalogByHost: SecretCatalogByHost | undefined, urlOrHost: string): Array<ObservedFormWithStoredSecrets<TForm>>;
+export declare function buildRequestInputForObservedForm<TForm extends ProtectedFillForm>(params: {
+    sessionId: string;
+    clientRequestId?: string;
+    merchantName: string;
+    fillableForm: TForm;
+    storedSecretRef: string;
+    urlOrHost?: string;
+    catalog?: SecretCatalog | null;
+    page?: {
+        ref?: string;
+        url?: string;
+        title?: string;
+    };
+    run?: CreateSecretRequestInput['run'];
+    step?: CreateSecretRequestInput['step'];
+}): BuildRequestInputForObservedFormOutcome<TForm>;
+export declare function prepareProtectedFillFromClaim<TForm extends ProtectedFillForm>(params: {
+    fillableForm: TForm;
+    catalog: SecretCatalog | null;
+    claim: ClaimSecretRequestResult;
+    request?: Pick<SecretRequestSnapshot, 'storedSecretRef'> | null;
+}): PreparedProtectedFill<TForm>;
+//# sourceMappingURL=agentbrowse.d.ts.map

package/dist/agentbrowse.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agentbrowse.d.ts","sourceRoot":"","sources":["../src/agentbrowse.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,sBAAsB,EACtB,iBAAiB,EAClB,MAAM,0BAA0B,CAAC;AAClC,OAAO,KAAK,EACV,wBAAwB,EACxB,wBAAwB,EACxB,aAAa,EACb,mBAAmB,EACnB,qBAAqB,EACrB,oBAAoB,EACpB,yBAAyB,EACzB,gBAAgB,EAChB,iBAAiB,EAClB,MAAM,kBAAkB,CAAC;AAG1B,MAAM,WAAW,iCAAiC;IAChD,eAAe,EAAE,MAAM,CAAC;IACxB,IAAI,EAAE,gBAAgB,CAAC;IACvB,KAAK,EAAE,iBAAiB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IAC3C,cAAc,EAAE,OAAO,CAAC;IACxB,SAAS,CAAC,EAAE,oBAAoB,EAAE,CAAC;IACnC,aAAa,CAAC,EAAE,yBAAyB,CAAC;CAC3C;AAED,MAAM,MAAM,6BAA6B,CAAC,KAAK,SAAS,iBAAiB,GAAG,iBAAiB,IAC3F,KAAK,GAAG;IACN,sBAAsB,EAAE,iCAAiC,EAAE,CAAC;CAC7D,CAAC;AAEJ,MAAM,MAAM,2CAA2C,GACnD,wBAAwB,GACxB,6BAA6B,CAAC;AAElC,MAAM,MAAM,uCAAuC,CACjD,KAAK,SAAS,iBAAiB,GAAG,iBAAiB,IAEjD;IACE,OAAO,EAAE,IAAI,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,aAAa,CAAC;IACvB,SAAS,EAAE,iCAAiC,CAAC;IAC7C,KAAK,EAAE,wBAAwB,CAAC;IAChC,YAAY,EAAE,KAAK,CAAC;CACrB,GACD;IACE,OAAO,EAAE,KAAK,CAAC;IACf,IAAI,EAAE,2CAA2C,CAAC;IAClD,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,aAAa,GAAG,IAAI,CAAC;IAC9B,YAAY,EAAE,KAAK,CAAC;CACrB,CAAC;AAEN,MAAM,MAAM,qBAAqB,CAAC,KAAK,SAAS,iBAAiB,GAAG,iBAAiB,IAAI;IACvF,YAAY,EAAE,KAAK,CAAC;IACpB,qBAAqB,EAAE,iCAAiC,GAAG,IAAI,CAAC;IAChE,eAAe,EAAE,wBAAwB,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC9D,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,aAAa,CAAC,EAAE,sBAAsB,CAAC;CACxC,CAAC;AAyFF,wBAAgB,uCAAuC,CACrD,IAAI,EAAE,IAAI,CAAC,iBAAiB,EAAE,SAAS,GAAG,QAAQ,CAAC,EACnD,OAAO,EAAE,aAAa,GAAG,IAAI,GAC5B,iCAAiC,EAAE,CAyBrC;AAED,wBAAgB,qCAAqC,CACnD,IAAI,EAAE,IAAI,CAAC,iBAAiB,EAAE,SAAS,GAAG,QAAQ,CAAC,EACnD,OAAO,EAAE,aAAa,GAAG,IAAI,EAC7B,eAAe,EAAE,MAAM,GAAG,SAAS,GAClC,iCAAiC,GAAG,IAAI,CAU1C;AAED,wBAAgB,mCAAmC,CAAC,KAAK,SAAS,iBAAiB,EACjF,IAAI,EAAE,KAAK,EACX,OAAO,EAAE,aAAa,GAAG,IAAI,GAC5B,6BAA6B,CAAC,KAAK,CAAC,CAKtC;AAED,wBAAgB,oCAAoC,CAAC,KAAK,SAAS,iBAAiB,EAClF,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAC3B,OAAO,EAAE,aAAa,GAAG,IAAI,GAC5B,KAAK,CAAC,6BAA6B,CAAC,KAAK,CAAC,CAAC,CAE7C;AAED,wBAAgB,yBAAyB,CAAC,KAAK,SAAS,iBAAiB,EACvE,KAAK,EAAE,aAAa,CAAC,KAAK,CAAC,EAC3B,aAAa,EAAE,mBAAmB,GAAG,SAAS,EAC9C,SAAS,EAAE,MAAM,GAChB,KAAK,CAAC,6BAA6B,CAAC,KAAK,CAAC,CAAC,CAK7C;AAED,wBAAgB,gCAAgC,CAAC,KAAK,SAAS,iBAAiB,EAAE,MAAM,EAAE;IACxF,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,KAAK,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,aAAa,GAAG,IAAI,CAAC;IAC/B,IAAI,CAAC,EAAE;QACL,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,GAAG,CAAC,EAAE,wBAAwB,CAAC,KAAK,CAAC,CAAC;IACtC,IAAI,CAAC,EAAE,wBAAwB,CAAC,MAAM,CAAC,CAAC;CACzC,GAAG,uCAAuC,CAAC,KAAK,CAAC,CA2EjD;AAED,wBAAgB,6BAA6B,CAAC,KAAK,SAAS,iBAAiB,EAAE,MAAM,EAAE;IACrF,YAAY,EAAE,KAAK,CAAC;IACpB,OAAO,EAAE,aAAa,GAAG,IAAI,CAAC;IAC9B,KAAK,EAAE,wBAAwB,CAAC;IAChC,OAAO,CAAC,EAAE,IAAI,CAAC,qBAAqB,EAAE,iBAAiB,CAAC,GAAG,IAAI,CAAC;CACjE,GAAG,qBAAqB,CAAC,KAAK,CAAC,CAqB/B"}