@nauth-toolkit/core 0.1.13 → 0.1.17

package/dist/services/jwt.service.js

@@ -37,52 +37,175 @@ exports.JwtService = void 0;
 const nauth_exception_1 = require("../exceptions/nauth.exception");
 const error_codes_enum_1 = require("../enums/error-codes.enum");
 const crypto = __importStar(require("crypto"));
+/**
+ * JWT Service (Platform-Agnostic)
+ *
+ * Handles all JWT token operations using jose library for platform independence.
+ *
+ * **Features:**
+ * - Platform-agnostic (no framework dependencies)
+ * - Support for multiple algorithms (HS256, HS384, HS512, RS256, RS384, RS512)
+ * - Token rotation with family tracking
+ * - Token reuse detection
+ * - Symmetric and asymmetric key support
+ *
+ * **Security Features:**
+ * - HS256 as default algorithm (symmetric key)
+ * - HS256/HS384/HS512 for symmetric keys
+ * - RS256/RS384/RS512 for asymmetric keys
+ * - Token rotation on refresh
+ * - Token family tracking for reuse detection
+ * - Configurable expiration times
+ * - Standard JWT claims (iss, aud, sub, exp, iat)
+ *
+ * @example
+ * ```typescript
+ * const jwtService = new JwtService(config);
+ *
+ * // Generate token pair
+ * const tokens = await jwtService.generateTokenPair({
+ *   userId: 'user-123',
+ *   email: 'user@example.com',
+ *   sessionId: 'session-456',
+ * });
+ *
+ * // Validate token
+ * const result = await jwtService.validateAccessToken(tokens.accessToken);
+ * if (result.valid) {
+ *   console.log('User ID:', result.payload.sub);
+ * }
+ * ```
+ */
 class JwtService {
+    /** JWT configuration */
     config;
+    /** Cached access token key (for performance) */
     accessTokenKey = null;
+    /** Cached refresh token key (for performance) */
     refreshTokenKey = null;
+    /**
+     * Cached dynamic import of jose.
+     * Kept as a promise so concurrent calls share the same module load.
+     */
     joseModulePromise = null;
     constructor(jwtConfig) {
         this.config = jwtConfig;
         this.prepareKeys();
     }
+    // ============================================================================
+    // jose (ESM-only) loader
+    // ============================================================================
+    /**
+     * Lazy-load jose (ESM-only) in a CJS-compatible way.
+     * @private
+     */
     async getJose() {
         if (!this.joseModulePromise) {
             this.joseModulePromise = Promise.resolve().then(() => __importStar(require('jose')));
         }
         return await this.joseModulePromise;
     }
+    // ============================================================================
+    // Key Preparation
+    // ============================================================================
+    /**
+     * Prepare and cache signing keys for better performance
+     * @private
+     */
     prepareKeys() {
+        // Access token key
         if (this.config.accessToken.privateKey) {
+            // Use private key (for RS256, RS384, RS512)
             this.accessTokenKey = crypto.createPrivateKey(this.config.accessToken.privateKey);
         }
         else if (this.config.accessToken.secret) {
+            // For symmetric algorithms (HS256, HS384, HS512), use secret as Uint8Array
             this.accessTokenKey = new TextEncoder().encode(this.config.accessToken.secret);
         }
+        // Refresh token key (always uses secret for symmetric algorithms)
         if (this.config.refreshToken.secret) {
             this.refreshTokenKey = new TextEncoder().encode(this.config.refreshToken.secret);
         }
     }
+    /**
+     * Get algorithm for signing access tokens
+     *
+     * Automatically selects appropriate algorithm based on key material:
+     * - If privateKey is provided → uses configured algorithm (RS256, RS384, RS512)
+     * - If only secret is provided → uses configured algorithm or defaults to HS256
+     *
+     * @private
+     */
     getAlgorithm() {
+        // Default to HS256 if no algorithm is configured
         return this.config.algorithm || 'HS256';
     }
+    /**
+     * Get algorithm for signing refresh tokens
+     *
+     * Refresh tokens only support symmetric algorithms (HS256/HS384/HS512)
+     * because RefreshTokenConfig only provides a secret, not a privateKey.
+     *
+     * Automatically selects appropriate symmetric algorithm:
+     * - If configured algorithm is symmetric (HS256/HS384/HS512) → uses it
+     * - If configured algorithm is asymmetric (RS256, RS384, RS512) → falls back to HS256
+     * - Defaults to HS256 if no algorithm is configured
+     *
+     * @private
+     */
     getRefreshTokenAlgorithm() {
         const configuredAlgorithm = this.config.algorithm || 'HS256';
+        // Refresh tokens only support symmetric algorithms (HS256, HS384, HS512)
+        // because RefreshTokenConfig only has a secret, not a privateKey
         if (configuredAlgorithm === 'HS256' || configuredAlgorithm === 'HS384' || configuredAlgorithm === 'HS512') {
             return configuredAlgorithm;
         }
+        // For asymmetric algorithms (RS256, RS384, RS512), fall back to HS256
+        // This ensures compatibility with the symmetric refreshTokenKey
         return 'HS256';
     }
+    // ============================================================================
+    // Token Generation
+    // ============================================================================
+    /**
+     * Generate both access and refresh tokens
+     *
+     * Creates a pair of tokens with the same token family for rotation tracking.
+     * The token family allows detection of token reuse attacks.
+     *
+     * @param data - User and session information
+     * @returns Token pair with access and refresh tokens
+     *
+     * @example
+     * ```typescript
+     * const tokens = await jwtService.generateTokenPair({
+     *   userId: 'user-123',
+     *   email: 'user@example.com',
+     *   sessionId: 'session-456',
+     * });
+     *
+     * // Store tokens and send to client
+     * res.json({
+     *   accessToken: tokens.accessToken,
+     *   refreshToken: tokens.refreshToken,
+     *   expiresIn: tokens.expiresIn,
+     * });
+     * ```
+     */
     async generateTokenPair(data) {
+        // Generate or reuse token family ID for rotation tracking
         const tokenFamily = data.tokenFamily || this.generateTokenFamily();
+        // Generate access token (short-lived)
         const accessToken = await this.generateAccessToken({
             ...data,
             tokenFamily,
         });
+        // Generate refresh token (long-lived)
         const refreshToken = await this.generateRefreshToken({
             ...data,
             tokenFamily,
         });
+        // Calculate expiration time in seconds
         const expiresIn = this.parseExpiresIn(this.config.accessToken.expiresIn);
         return {
             accessToken,
@@ -90,6 +213,15 @@ class JwtService {
             expiresIn,
         };
     }
+    /**
+     * Generate an access token
+     *
+     * Access tokens are short-lived (typically 15 minutes) and used for API authentication.
+     * They contain user identity and authorization information.
+     *
+     * @param data - Token payload data
+     * @returns Signed JWT access token
+     */
     async generateAccessToken(data) {
         if (!this.accessTokenKey) {
             throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, 'Access token key not configured. Provide secret or privateKey.');
@@ -106,9 +238,11 @@ class JwtService {
             .setProtectedHeader({ alg: algorithm })
             .setIssuedAt()
             .setExpirationTime(this.config.accessToken.expiresIn);
+        // Add issuer if configured
         if (this.config.issuer) {
             jwt = jwt.setIssuer(this.config.issuer);
         }
+        // Add audience if configured
         if (this.config.audience) {
             if (Array.isArray(this.config.audience)) {
                 jwt = jwt.setAudience(this.config.audience);
@@ -119,11 +253,25 @@ class JwtService {
         }
         return await jwt.sign(this.accessTokenKey);
     }
+    /**
+     * Generate a refresh token
+     *
+     * Refresh tokens are long-lived (typically 30 days) and used to obtain new access tokens.
+     * They should be stored securely and rotated on each use.
+     *
+     * NOTE: Refresh tokens always use a symmetric algorithm (HS256/HS384/HS512)
+     * because RefreshTokenConfig only provides a secret, not a privateKey.
+     * This ensures compatibility between the algorithm and key type.
+     *
+     * @param data - Token payload data
+     * @returns Signed JWT refresh token
+     */
     async generateRefreshToken(data) {
         if (!this.refreshTokenKey) {
             throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.INTERNAL_ERROR, 'Refresh token secret not configured.');
         }
         const jose = await this.getJose();
+        // Use refresh token-specific algorithm (always symmetric)
         const algorithm = this.getRefreshTokenAlgorithm();
         const jwt = new jose.SignJWT({
             sub: data.userId,
@@ -137,24 +285,58 @@ class JwtService {
             .setExpirationTime(this.config.refreshToken.expiresIn);
         return await jwt.sign(this.refreshTokenKey);
     }
+    // ============================================================================
+    // Token Validation
+    // ============================================================================
+    /**
+     * Validate an access token
+     *
+     * Verifies:
+     * - Token signature is valid
+     * - Token hasn't expired
+     * - Token type is 'access'
+     * - Token structure is correct
+     *
+     * @param token - JWT access token to validate
+     * @returns Validation result with payload or error
+     *
+     * @example
+     * ```typescript
+     * const result = await jwtService.validateAccessToken(token);
+     *
+     * if (!result.valid) {
+     *   if (result.errorType === 'expired') {
+     *     // Attempt to refresh token
+     *   } else {
+     *     // Invalid token, reject request
+     *   }
+     * }
+     * ```
+     */
     async validateAccessToken(token) {
         try {
             const jose = await this.getJose();
+            // Determine key for verification
             let verificationKey;
             if (this.config.accessToken.publicKey) {
+                // Use public key for asymmetric verification (RS256, RS384, RS512)
                 verificationKey = crypto.createPublicKey(this.config.accessToken.publicKey);
             }
             else if (this.accessTokenKey) {
+                // Use secret for symmetric verification (HS256, HS512)
                 verificationKey = this.accessTokenKey;
             }
             else {
                 throw new Error('No verification key available');
             }
+            // Verify and decode token
             const { payload } = await jose.jwtVerify(token, verificationKey, {
                 issuer: this.config.issuer,
                 audience: this.config.audience,
             });
+            // Cast payload to JwtPayload
             const jwtPayload = payload;
+            // Ensure token type is correct
             if (jwtPayload.type !== 'access') {
                 return {
                     valid: false,
@@ -171,14 +353,26 @@ class JwtService {
             return this.handleValidationError(error);
         }
     }
+    /**
+     * Validate a refresh token
+     *
+     * Similar to access token validation but checks for 'refresh' type.
+     * Also verifies token hasn't been used before (if rotation is enabled).
+     *
+     * @param token - JWT refresh token to validate
+     * @returns Validation result with payload or error
+     */
     async validateRefreshToken(token) {
         try {
             if (!this.refreshTokenKey) {
                 throw new Error('Refresh token key not configured');
             }
             const jose = await this.getJose();
+            // Verify and decode token
             const { payload } = await jose.jwtVerify(token, this.refreshTokenKey);
+            // Cast payload to JwtPayload
             const jwtPayload = payload;
+            // Ensure token type is correct
             if (jwtPayload.type !== 'refresh') {
                 return {
                     valid: false,
@@ -195,8 +389,19 @@ class JwtService {
             return this.handleValidationError(error);
         }
     }
+    /**
+     * Decode a token without verification
+     *
+     * WARNING: This method does NOT validate the token signature or expiration.
+     * Only use for non-security-critical operations like logging or analytics.
+     *
+     * @param token - JWT token to decode
+     * @returns Decoded payload or null if malformed
+     */
     decodeToken(token) {
         try {
+            // This is intentionally NOT signature-validated.
+            // Avoid jose here to keep this method synchronous and safe in CJS builds.
             const parts = token.split('.');
             if (parts.length < 2)
                 return null;
@@ -208,35 +413,104 @@ class JwtService {
             return null;
         }
     }
+    /**
+     * Convert base64url-encoded strings to standard base64 for decoding.
+     * @private
+     */
     base64UrlToBase64(input) {
+        // Replace URL-safe chars, then pad to a multiple of 4.
         const base64 = input.replace(/-/g, '+').replace(/_/g, '/');
         const padLength = (4 - (base64.length % 4)) % 4;
         return `${base64}${'='.repeat(padLength)}`;
     }
+    // ============================================================================
+    // Token Utilities
+    // ============================================================================
+    /**
+     * Generate a unique token family identifier
+     *
+     * Token families are used to track token rotation and detect reuse attacks.
+     * All tokens in the same "family" (original + rotated versions) share this ID.
+     *
+     * SECURITY FIX #10: Increased from 16 bytes (128 bits) to 32 bytes (256 bits)
+     *
+     * @returns Random token family ID (256 bits)
+     */
     generateTokenFamily() {
-        return crypto.randomBytes(32).toString('hex');
+        return crypto.randomBytes(32).toString('hex'); // 256 bits
     }
+    /**
+     * Hash a token for storage
+     *
+     * Tokens should be hashed before storing in the database for security.
+     * This prevents token exposure if the database is compromised.
+     *
+     * @param token - Token to hash
+     * @returns SHA-256 hash of the token
+     */
     hashToken(token) {
         return crypto.createHash('sha256').update(token).digest('hex');
     }
+    /**
+     * Get access token expiry time in seconds
+     *
+     * @returns Access token expiry time in seconds
+     *
+     * @example
+     * ```typescript
+     * const expiry = jwtService.getAccessTokenExpiry();
+     * console.log(expiry); // 900 (15 minutes)
+     * ```
+     */
     getAccessTokenExpiry() {
         return this.parseExpiresIn(this.config.accessToken.expiresIn);
     }
+    /**
+     * Get refresh token TTL in seconds
+     *
+     * Used for setting expiration on used-token tracking in storage.
+     *
+     * @returns TTL in seconds
+     */
     getRefreshTokenTTL() {
         return this.parseExpiresIn(this.config.refreshToken.expiresIn);
     }
+    /**
+     * Extract token from Authorization header
+     *
+     * Supports standard "Bearer <token>" format
+     *
+     * @param authHeader - Authorization header value
+     * @returns Extracted token or null
+     *
+     * @example
+     * ```typescript
+     * const token = jwtService.extractTokenFromHeader('Bearer eyJhbGc...');
+     * // Returns: 'eyJhbGc...'
+     * ```
+     */
     extractTokenFromHeader(authHeader) {
         if (!authHeader)
             return null;
         const [type, token] = authHeader.split(' ');
+        // Verify Bearer scheme
         if (type !== 'Bearer')
             return null;
         return token || null;
     }
+    // ============================================================================
+    // Private Helper Methods
+    // ============================================================================
+    /**
+     * Parse expiration time from string or number
+     * @param expiresIn - Expiration time (e.g., '15m', 900, '1h')
+     * @returns Expiration time in seconds
+     */
     parseExpiresIn(expiresIn) {
         if (typeof expiresIn === 'number') {
             return expiresIn;
         }
+        // Parse time strings (e.g., '15m', '1h', '30d')
         const units = {
             s: 1,
             m: 60,
@@ -250,10 +524,17 @@ class JwtService {
         const [, value, unit] = match;
         return parseInt(value, 10) * units[unit];
     }
+    /**
+     * Handle JWT validation errors and convert to standardized result
+     * @param error - Error from JWT verification
+     * @returns Standardized validation result
+     */
     handleValidationError(error) {
         if (error instanceof Error) {
+            // jose errors have a 'code' property
             const errorWithCode = error;
             const errorCode = errorWithCode.code;
+            // Token expired (jose errors)
             if (error.message.includes('expired') || errorCode === 'ERR_JWT_EXPIRED') {
                 return {
                     valid: false,
@@ -261,6 +542,7 @@ class JwtService {
                     errorType: 'expired',
                 };
             }
+            // Invalid signature or malformed token
             if (error.message.includes('signature') || error.message.includes('invalid') || errorCode === 'ERR_JWT_INVALID') {
                 return {
                     valid: false,
@@ -269,6 +551,7 @@ class JwtService {
                 };
             }
         }
+        // Unknown error
         return {
             valid: false,
             error: 'Token validation failed',

package/dist/services/jwt.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../src/services/jwt.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,mEAA+D;AAC/D,gEAA0D;AAC1D,+CAAiC;AAoHjC,MAAa,UAAU;IAEJ,MAAM,CAAY;IAG3B,cAAc,GAAyC,IAAI,CAAC;IAG5D,eAAe,GAAyC,IAAI,CAAC;IAM7D,iBAAiB,GAA+B,IAAI,CAAC;IAE7D,YAAY,SAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;QACxB,IAAI,CAAC,WAAW,EAAE,CAAC;IACrB,CAAC;IAUO,KAAK,CAAC,OAAO;QACnB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,IAAI,CAAC,iBAAiB,GAAG,kDAAO,MAAM,GAAwB,CAAC;QACjE,CAAC;QACD,OAAO,MAAM,IAAI,CAAC,iBAAiB,CAAC;IACtC,CAAC;IAUO,WAAW;QAEjB,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;YAEvC,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QACpF,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;YAE1C,IAAI,CAAC,cAAc,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACjF,CAAC;QAGD,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;YACpC,IAAI,CAAC,eAAe,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QACnF,CAAC;IACH,CAAC;IAWO,YAAY;QAElB,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,OAAO,CAAC;IAC1C,CAAC;IAeO,wBAAwB;QAC9B,MAAM,mBAAmB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,OAAO,CAAC;QAI7D,IAAI,mBAAmB,KAAK,OAAO,IAAI,mBAAmB,KAAK,OAAO,IAAI,mBAAmB,KAAK,OAAO,EAAE,CAAC;YAC1G,OAAO,mBAAmB,CAAC;QAC7B,CAAC;QAID,OAAO,OAAO,CAAC;IACjB,CAAC;IA+BD,KAAK,CAAC,iBAAiB,CAAC,IAKvB;QAEC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAGnE,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;YACjD,GAAG,IAAI;YACP,WAAW;SACZ,CAAC,CAAC;QAGH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC;YACnD,GAAG,IAAI;YACP,WAAW;SACZ,CAAC,CAAC;QAGH,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAEzE,OAAO;YACL,WAAW;YACX,YAAY;YACZ,SAAS;SACV,CAAC;IACJ,CAAC;IAWD,KAAK,CAAC,mBAAmB,CAAC,IAKzB;QACC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,cAAc,EAC5B,gEAAgE,CACjE,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAClC,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QACtC,IAAI,GAAG,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC;YACzB,GAAG,EAAE,IAAI,CAAC,MAAM;YAChB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,QAAQ;YACd,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC;aACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC;aACtC,WAAW,EAAE;aACb,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAGxD,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACvB,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC;QAGD,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACzB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACxC,GAAG,GAAG,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC9C,CAAC;iBAAM,CAAC;gBACN,GAAG,GAAG,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC7C,CAAC;IAeD,KAAK,CAAC,oBAAoB,CAAC,IAK1B;QACC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,cAAc,EAAE,sCAAsC,CAAC,CAAC;QACjG,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAElC,MAAM,SAAS,GAAG,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAClD,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC;YAC3B,GAAG,EAAE,IAAI,CAAC,MAAM;YAChB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,SAAS;YACf,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC;aACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC;aACtC,WAAW,EAAE;aACb,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAEzD,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC9C,CAAC;IA+BD,KAAK,CAAC,mBAAmB,CAAC,KAAa;QACrC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YAElC,IAAI,eAA8C,CAAC;YAEnD,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,CAAC;gBAEtC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;YAC9E,CAAC;iBAAM,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBAE/B,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC;YACxC,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACnD,CAAC;YAGD,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,eAAe,EAAE;gBAC/D,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;gBAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;aAC/B,CAAC,CAAC;YAGH,MAAM,UAAU,GAAG,OAAgC,CAAC;YAGpD,IAAI,UAAU,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACjC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,oBAAoB;oBAC3B,SAAS,EAAE,SAAS;iBACrB,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,UAAU;aACpB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAWD,KAAK,CAAC,oBAAoB,CAAC,KAAa;QACtC,IAAI,CAAC;YACH,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;YACtD,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YAElC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;YAGtE,MAAM,UAAU,GAAG,OAAgC,CAAC;YAGpD,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAClC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,oBAAoB;oBAC3B,SAAS,EAAE,SAAS;iBACrB,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,UAAU;aACpB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAWD,WAAW,CAAC,KAAa;QACvB,IAAI,CAAC;YAGH,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;gBAAE,OAAO,IAAI,CAAC;YAElC,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7F,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAY,CAAC;YAClD,OAAO,MAAoB,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAMO,iBAAiB,CAAC,KAAa;QAErC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAC3D,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChD,OAAO,GAAG,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;IAC7C,CAAC;IAgBD,mBAAmB;QACjB,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAWD,SAAS,CAAC,KAAa;QACrB,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjE,CAAC;IAaD,oBAAoB;QAClB,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IAChE,CAAC;IASD,kBAAkB;QAChB,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACjE,CAAC;IAgBD,sBAAsB,CAAC,UAAmB;QACxC,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QAE7B,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAG5C,IAAI,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEnC,OAAO,KAAK,IAAI,IAAI,CAAC;IACvB,CAAC;IAWO,cAAc,CAAC,SAA0B;QAC/C,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,SAAS,CAAC;QACnB,CAAC;QAGD,MAAM,KAAK,GAA2B;YACpC,CAAC,EAAE,CAAC;YACJ,CAAC,EAAE,EAAE;YACL,CAAC,EAAE,IAAI;YACP,CAAC,EAAE,KAAK;SACT,CAAC;QAEF,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QACjD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,iBAAiB,EAAE,6BAA6B,SAAS,EAAE,CAAC,CAAC;QACtG,CAAC;QAED,MAAM,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,GAAG,KAAK,CAAC;QAC9B,OAAO,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;IAC3C,CAAC;IAOO,qBAAqB,CAAC,KAAc;QAC1C,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAE3B,MAAM,aAAa,GAAG,KAAkC,CAAC;YACzD,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC;YAGrC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;gBACzE,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,mBAAmB;oBAC1B,SAAS,EAAE,SAAS;iBACrB,CAAC;YACJ,CAAC;YAGD,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;gBAChH,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,eAAe;oBACtB,SAAS,EAAE,SAAS;iBACrB,CAAC;YACJ,CAAC;QACH,CAAC;QAGD,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,yBAAyB;YAChC,SAAS,EAAE,WAAW;SACvB,CAAC;IACJ,CAAC;CACF;AAtiBD,gCAsiBC"}
+{"version":3,"file":"jwt.service.js","sourceRoot":"","sources":["../../src/services/jwt.service.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AACA,mEAA+D;AAC/D,gEAA0D;AAC1D,+CAAiC;AA6EjC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,MAAa,UAAU;IACrB,wBAAwB;IACP,MAAM,CAAY;IAEnC,gDAAgD;IACxC,cAAc,GAAyC,IAAI,CAAC;IAEpE,iDAAiD;IACzC,eAAe,GAAyC,IAAI,CAAC;IAErE;;;OAGG;IACK,iBAAiB,GAA+B,IAAI,CAAC;IAE7D,YAAY,SAAoB;QAC9B,IAAI,CAAC,MAAM,GAAG,SAAS,CAAC;QACxB,IAAI,CAAC,WAAW,EAAE,CAAC;IACrB,CAAC;IAED,+EAA+E;IAC/E,yBAAyB;IACzB,+EAA+E;IAE/E;;;OAGG;IACK,KAAK,CAAC,OAAO;QACnB,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5B,IAAI,CAAC,iBAAiB,GAAG,kDAAO,MAAM,GAAwB,CAAC;QACjE,CAAC;QACD,OAAO,MAAM,IAAI,CAAC,iBAAiB,CAAC;IACtC,CAAC;IAED,+EAA+E;IAC/E,kBAAkB;IAClB,+EAA+E;IAE/E;;;OAGG;IACK,WAAW;QACjB,mBAAmB;QACnB,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;YACvC,4CAA4C;YAC5C,IAAI,CAAC,cAAc,GAAG,MAAM,CAAC,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QACpF,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC;YAC1C,2EAA2E;YAC3E,IAAI,CAAC,cAAc,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACjF,CAAC;QAED,kEAAkE;QAClE,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;YACpC,IAAI,CAAC,eAAe,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QACnF,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACK,YAAY;QAClB,iDAAiD;QACjD,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,OAAO,CAAC;IAC1C,CAAC;IAED;;;;;;;;;;;;OAYG;IACK,wBAAwB;QAC9B,MAAM,mBAAmB,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,OAAO,CAAC;QAE7D,yEAAyE;QACzE,iEAAiE;QACjE,IAAI,mBAAmB,KAAK,OAAO,IAAI,mBAAmB,KAAK,OAAO,IAAI,mBAAmB,KAAK,OAAO,EAAE,CAAC;YAC1G,OAAO,mBAAmB,CAAC;QAC7B,CAAC;QAED,sEAAsE;QACtE,gEAAgE;QAChE,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,+EAA+E;IAC/E,mBAAmB;IACnB,+EAA+E;IAE/E;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,KAAK,CAAC,iBAAiB,CAAC,IAKvB;QACC,0DAA0D;QAC1D,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAEnE,sCAAsC;QACtC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC;YACjD,GAAG,IAAI;YACP,WAAW;SACZ,CAAC,CAAC;QAEH,sCAAsC;QACtC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC;YACnD,GAAG,IAAI;YACP,WAAW;SACZ,CAAC,CAAC;QAEH,uCAAuC;QACvC,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAEzE,OAAO;YACL,WAAW;YACX,YAAY;YACZ,SAAS;SACV,CAAC;IACJ,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,mBAAmB,CAAC,IAKzB;QACC,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;YACzB,MAAM,IAAI,gCAAc,CACtB,gCAAa,CAAC,cAAc,EAC5B,gEAAgE,CACjE,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAClC,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;QACtC,IAAI,GAAG,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC;YACzB,GAAG,EAAE,IAAI,CAAC,MAAM;YAChB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,QAAQ;YACd,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC;aACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC;aACtC,WAAW,EAAE;aACb,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;QAExD,2BAA2B;QAC3B,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACvB,GAAG,GAAG,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC;QAED,6BAA6B;QAC7B,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YACzB,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACxC,GAAG,GAAG,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC9C,CAAC;iBAAM,CAAC;gBACN,GAAG,GAAG,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC9C,CAAC;QACH,CAAC;QAED,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC7C,CAAC;IAED;;;;;;;;;;;;OAYG;IACH,KAAK,CAAC,oBAAoB,CAAC,IAK1B;QACC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,cAAc,EAAE,sCAAsC,CAAC,CAAC;QACjG,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QAClC,0DAA0D;QAC1D,MAAM,SAAS,GAAG,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAClD,MAAM,GAAG,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC;YAC3B,GAAG,EAAE,IAAI,CAAC,MAAM;YAChB,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,IAAI,EAAE,SAAS;YACf,SAAS,EAAE,IAAI,CAAC,SAAS;YACzB,WAAW,EAAE,IAAI,CAAC,WAAW;SAC9B,CAAC;aACC,kBAAkB,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC;aACtC,WAAW,EAAE;aACb,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;QAEzD,OAAO,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC9C,CAAC;IAED,+EAA+E;IAC/E,mBAAmB;IACnB,+EAA+E;IAE/E;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,KAAK,CAAC,mBAAmB,CAAC,KAAa;QACrC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YAClC,iCAAiC;YACjC,IAAI,eAA8C,CAAC;YAEnD,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,EAAE,CAAC;gBACtC,mEAAmE;gBACnE,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;YAC9E,CAAC;iBAAM,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBAC/B,uDAAuD;gBACvD,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC;YACxC,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;YACnD,CAAC;YAED,0BAA0B;YAC1B,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,eAAe,EAAE;gBAC/D,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;gBAC1B,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ;aAC/B,CAAC,CAAC;YAEH,6BAA6B;YAC7B,MAAM,UAAU,GAAG,OAAgC,CAAC;YAEpD,+BAA+B;YAC/B,IAAI,UAAU,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACjC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,oBAAoB;oBAC3B,SAAS,EAAE,SAAS;iBACrB,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,UAAU;aACpB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACH,KAAK,CAAC,oBAAoB,CAAC,KAAa;QACtC,IAAI,CAAC;YACH,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC1B,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;YACtD,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;YAClC,0BAA0B;YAC1B,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,eAAe,CAAC,CAAC;YAEtE,6BAA6B;YAC7B,MAAM,UAAU,GAAG,OAAgC,CAAC;YAEpD,+BAA+B;YAC/B,IAAI,UAAU,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAClC,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,oBAAoB;oBAC3B,SAAS,EAAE,SAAS;iBACrB,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,IAAI;gBACX,OAAO,EAAE,UAAU;aACpB,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED;;;;;;;;OAQG;IACH,WAAW,CAAC,KAAa;QACvB,IAAI,CAAC;YACH,iDAAiD;YACjD,0EAA0E;YAC1E,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;gBAAE,OAAO,IAAI,CAAC;YAElC,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7F,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAY,CAAC;YAClD,OAAO,MAAoB,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;OAGG;IACK,iBAAiB,CAAC,KAAa;QACrC,uDAAuD;QACvD,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAC3D,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAChD,OAAO,GAAG,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;IAC7C,CAAC;IAED,+EAA+E;IAC/E,kBAAkB;IAClB,+EAA+E;IAE/E;;;;;;;;;OASG;IACH,mBAAmB;QACjB,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,WAAW;IAC5D,CAAC;IAED;;;;;;;;OAQG;IACH,SAAS,CAAC,KAAa;QACrB,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjE,CAAC;IAED;;;;;;;;;;OAUG;IACH,oBAAoB;QAClB,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;IAChE,CAAC;IAED;;;;;;OAMG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;IACjE,CAAC;IAED;;;;;;;;;;;;;OAaG;IACH,sBAAsB,CAAC,UAAmB;QACxC,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QAE7B,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAE5C,uBAAuB;QACvB,IAAI,IAAI,KAAK,QAAQ;YAAE,OAAO,IAAI,CAAC;QAEnC,OAAO,KAAK,IAAI,IAAI,CAAC;IACvB,CAAC;IAED,+EAA+E;IAC/E,yBAAyB;IACzB,+EAA+E;IAE/E;;;;OAIG;IACK,cAAc,CAAC,SAA0B;QAC/C,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,gDAAgD;QAChD,MAAM,KAAK,GAA2B;YACpC,CAAC,EAAE,CAAC;YACJ,CAAC,EAAE,EAAE;YACL,CAAC,EAAE,IAAI;YACP,CAAC,EAAE,KAAK;SACT,CAAC;QAEF,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QACjD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,iBAAiB,EAAE,6BAA6B,SAAS,EAAE,CAAC,CAAC;QACtG,CAAC;QAED,MAAM,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,GAAG,KAAK,CAAC;QAC9B,OAAO,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;IAC3C,CAAC;IAED;;;;OAIG;IACK,qBAAqB,CAAC,KAAc;QAC1C,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,qCAAqC;YACrC,MAAM,aAAa,GAAG,KAAkC,CAAC;YACzD,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC;YAErC,8BAA8B;YAC9B,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;gBACzE,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,mBAAmB;oBAC1B,SAAS,EAAE,SAAS;iBACrB,CAAC;YACJ,CAAC;YAED,uCAAuC;YACvC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,KAAK,iBAAiB,EAAE,CAAC;gBAChH,OAAO;oBACL,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,eAAe;oBACtB,SAAS,EAAE,SAAS;iBACrB,CAAC;YACJ,CAAC;QACH,CAAC;QAED,gBAAgB;QAChB,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,yBAAyB;YAChC,SAAS,EAAE,WAAW;SACvB,CAAC;IACJ,CAAC;CACF;AAtiBD,gCAsiBC"}