@nauth-toolkit/core 0.1.14 → 0.1.17

package/dist/services/mfa-base.service.js

@@ -6,6 +6,49 @@ const auth_audit_event_type_enum_1 = require("../enums/auth-audit-event-type.enu
 const nauth_exception_1 = require("../exceptions/nauth.exception");
 const error_codes_enum_1 = require("../enums/error-codes.enum");
 const mfa_method_enum_1 = require("../enums/mfa-method.enum");
+/**
+ * Base MFA Provider Service
+ *
+ * Abstract base class that provides common functionality for all MFA providers.
+ * Provider-specific services (TOTP, SMS, Passkey, etc.) should extend this class
+ * and implement the IMFAProviderService interface methods.
+ *
+ * This base class handles:
+ * - Device repository access
+ * - User repository access
+ * - Common device management operations
+ * - Backup codes generation and verification
+ * - MFA enforcement checks
+ * - Helper methods
+ *
+ * **Key Design:**
+ * - No hardcoded method names - works with any provider
+ * - Provider config accessed dynamically via `methodName`
+ * - Future developers can add new providers without modifying this class
+ *
+ * @example
+ * ```typescript
+ * @Injectable()
+ * export class TOTPMFAProviderService extends BaseMFAProviderService implements IMFAProviderService {
+ *   readonly methodName = 'totp';
+ *
+ *   constructor(
+ *     // ... base dependencies injected via super()
+ *     private readonly totpService: TOTPService,
+ *   ) {
+ *     super(/* ... base dependencies *\/);
+ *   }
+ *
+ *   async setup(user: IUser): Promise<unknown> {
+ *     // TOTP-specific setup logic
+ *   }
+ *
+ *   async verify(user: IUser, code: unknown): Promise<boolean> {
+ *     // TOTP verification logic
+ *   }
+ * }
+ * ```
+ */
 class BaseMFAProviderService {
     mfaDeviceRepository;
     userRepository;
@@ -15,7 +58,8 @@ class BaseMFAProviderService {
     challengeService;
     auditService;
     clientInfoService;
-    constructor(mfaDeviceRepository, userRepository, config, logger, passwordService, challengeService, auditService, clientInfoService) {
+    constructor(mfaDeviceRepository, userRepository, config, logger, passwordService, // Optional - from @nauth-toolkit/core
+    challengeService, auditService, clientInfoService) {
         this.mfaDeviceRepository = mfaDeviceRepository;
         this.userRepository = userRepository;
         this.config = config;
@@ -25,10 +69,28 @@ class BaseMFAProviderService {
         this.auditService = auditService;
         this.clientInfoService = clientInfoService;
     }
+    /**
+     * Check if this MFA method is allowed by configuration
+     *
+     * @returns True if method is allowed
+     */
     isMethodAllowed() {
         const allowedMethods = this.config.mfa?.allowedMethods || [...mfa_method_enum_1.MFADeviceMethods];
         return allowedMethods.includes(this.methodName);
     }
+    // sendChallenge is optional - only providers like SMS need it
+    // TOTP doesn't need it (user generates code locally)
+    // ============================================================================
+    // Device Management (Common Logic)
+    // ============================================================================
+    /**
+     * Get user's MFA devices
+     *
+     * @param userId - Internal user ID
+     * @returns Array of MFA devices
+     *
+     * @protected
+     */
     async getUserDevices(userId) {
         const devices = await this.mfaDeviceRepository.find({
             where: { userId },
@@ -36,8 +98,48 @@ class BaseMFAProviderService {
         });
         return devices;
     }
+    /**
+     * Create MFA device for user
+     *
+     * Creates a new MFA device with proper duplicate prevention and transaction safety.
+     * Uses database-level unique constraint (userId, type) to prevent race conditions.
+     *
+     * **Race Condition Prevention:**
+     * - Checks for existing device before creation
+     * - Wraps in transaction with pessimistic write lock on user row
+     * - Database unique constraint provides final safety net
+     *
+     * **Transaction Flow:**
+     * 1. Lock user row (prevents concurrent MFA setup)
+     * 2. Check for existing device of this type
+     * 3. Create device if none exists
+     * 4. Update user MFA flags
+     * 5. Commit transaction
+     *
+     * @param userId - Internal user ID
+     * @param deviceData - Device data to create
+     * @returns Created device (or existing device if already present)
+     * @protected
+     *
+     * @example
+     * ```typescript
+     * const device = await this.createDevice(user.id, {
+     *   name: 'SMS Phone',
+     *   phoneNumber: '+1234567890',
+     *   isActive: true,
+     *   isPrimary: !user.mfaEnabled,
+     * });
+     * ```
+     */
     async createDevice(userId, deviceData) {
+        // ============================================================================
+        // Transaction-Safe Device Creation with Race Condition Prevention
+        // ============================================================================
+        // Use TypeORM transaction manager to ensure atomicity across all database adapters
+        // Pessimistic write lock prevents concurrent MFA device creation for same user
         const device = await this.userRepository.manager.transaction(async (transactionalEntityManager) => {
+            // Step 1: Lock user row to prevent concurrent MFA setup
+            // This works across MySQL and PostgreSQL (TypeORM translates to FOR UPDATE)
             await transactionalEntityManager
                 .createQueryBuilder()
                 .select('user.id')
@@ -45,6 +147,8 @@ class BaseMFAProviderService {
                 .where('user.id = :userId', { userId })
                 .setLock('pessimistic_write')
                 .getOne();
+            // Step 2: Check for existing device of this type (within transaction)
+            // This prevents duplicates even if called concurrently
             const existingDevice = await transactionalEntityManager
                 .getRepository(this.mfaDeviceRepository.target)
                 .createQueryBuilder('device')
@@ -55,15 +159,20 @@ class BaseMFAProviderService {
                 this.logger?.log?.(`MFA device of type '${this.methodName}' already exists for user ${userId}, returning existing device`);
                 return existingDevice;
             }
+            // Step 3: Create new device (no duplicate exists)
             const newDevice = transactionalEntityManager.getRepository(this.mfaDeviceRepository.target).create({
                 userId,
                 type: this.methodName,
                 ...deviceData,
             });
+            // Step 4: Save device (unique constraint provides final safety net)
             const saved = await transactionalEntityManager.getRepository(this.mfaDeviceRepository.target).save(newDevice);
             this.logger?.log?.(`Created new MFA device: type='${this.methodName}', userId=${userId}, deviceId=${saved.id}`);
             return saved;
         });
+        // ============================================================================
+        // Audit: Record MFA device added
+        // ============================================================================
         if (this.auditService && this.clientInfoService) {
             try {
                 await this.auditService.recordEvent({
@@ -71,6 +180,7 @@ class BaseMFAProviderService {
                     eventType: auth_audit_event_type_enum_1.AuthAuditEventType.MFA_DEVICE_ADDED,
                     eventStatus: 'SUCCESS',
                     metadata: {
+                        // Client info automatically included from context
                         mfaMethod: this.methodName,
                         deviceId: device.id,
                         deviceName: device.name,
@@ -79,6 +189,7 @@ class BaseMFAProviderService {
                 });
             }
             catch (auditError) {
+                // Non-blocking: Log but continue
                 const errorMessage = auditError instanceof Error ? auditError.message : 'Unknown error';
                 this.logger?.error?.(`Failed to record MFA_DEVICE_ADDED audit event: ${errorMessage}`, {
                     error: auditError,
@@ -89,6 +200,14 @@ class BaseMFAProviderService {
         }
         return device;
     }
+    /**
+     * Find active device for user by method
+     *
+     * @param userId - Internal user ID
+     * @param deviceId - Optional device ID
+     * @returns Device if found, null otherwise
+     * @protected
+     */
     async findDevice(userId, deviceId) {
         const where = {
             userId,
@@ -104,6 +223,12 @@ class BaseMFAProviderService {
         });
         return device ? device : null;
     }
+    /**
+     * Update device usage statistics
+     *
+     * @param deviceId - Device ID
+     * @protected
+     */
     async updateDeviceUsage(deviceId) {
         const device = await this.mfaDeviceRepository.findOne({ where: { id: deviceId } });
         if (device) {
@@ -112,7 +237,20 @@ class BaseMFAProviderService {
             await this.mfaDeviceRepository.save(device);
         }
     }
+    /**
+     * Enable MFA for user
+     *
+     * Sets mfaEnabled flag and updates mfaMethods array.
+     * Called automatically when first device is registered.
+     * Automatically clears MFA_SETUP_REQUIRED challenges if they exist.
+     *
+     * @param user - User to enable MFA for
+     * @protected
+     */
     async enableMFAForUser(user) {
+        // Reload user from database to ensure we have the latest state
+        // This prevents overwriting fields like isPhoneVerified that may have been updated
+        // between when the user object was loaded and when MFA is enabled
         const userId = user.id;
         const userEntity = await this.userRepository.findOne({ where: { id: userId } });
         if (!userEntity) {
@@ -124,14 +262,30 @@ class BaseMFAProviderService {
             userEntityRecord.mfaEnabled = true;
             userEntityRecord.mfaEnforcedAt = new Date();
         }
+        // Update mfaMethods array
         const devices = await this.getUserDevices(userId);
         const methods = [...new Set(devices.filter((d) => d.isActive).map((d) => d.type))];
         userEntityRecord.mfaMethods = methods;
+        // Set preferred method if not set
         if (!userEntityRecord.preferredMfaMethod && methods.length > 0) {
             const primaryDevice = devices.find((d) => d.isPrimary && d.isActive);
             userEntityRecord.preferredMfaMethod = primaryDevice?.type || methods[0];
         }
         await this.userRepository.save(userEntity);
+        // If this is the first MFA device being set up, clear any MFA_SETUP_REQUIRED challenges
+        // This prevents phantom challenges when user sets up MFA while logged in
+        // if (isFirstDevice && this.challengeService) {
+        //   try {
+        //     await this.challengeService.deleteUserChallengeSessions(userId, AuthChallenge.MFA_SETUP_REQUIRED);
+        //     this.logger?.log?.(`Cleared MFA_SETUP_REQUIRED challenge for user ${user.sub} after MFA setup`);
+        //   } catch (error) {
+        //     // Log but don't fail MFA setup if challenge clearing fails
+        //     this.logger?.warn?.(`Failed to clear MFA_SETUP_REQUIRED challenge after MFA setup: ${error}`);
+        //   }
+        // }
+        // ============================================================================
+        // Audit: Record MFA enabled (only for first device)
+        // ============================================================================
         if (isFirstDevice && this.auditService && this.clientInfoService) {
             try {
                 await this.auditService?.recordEvent({
@@ -139,12 +293,14 @@ class BaseMFAProviderService {
                     eventType: auth_audit_event_type_enum_1.AuthAuditEventType.MFA_ENABLED,
                     eventStatus: 'SUCCESS',
                     metadata: {
+                        // Client info automatically included from context
                         mfaMethod: this.methodName,
                         mfaMethods: methods,
                     },
                 });
             }
             catch (auditError) {
+                // Non-blocking: Log but continue
                 const errorMessage = auditError instanceof Error ? auditError.message : 'Unknown error';
                 this.logger?.error?.(`Failed to record MFA_ENABLED audit event: ${errorMessage}`, {
                     error: auditError,
@@ -154,24 +310,43 @@ class BaseMFAProviderService {
             }
         }
     }
+    // ============================================================================
+    // Backup Codes (Common Logic)
+    // ============================================================================
+    /**
+     * Generate backup codes for user
+     *
+     * Creates single-use recovery codes that can be used when MFA devices are unavailable.
+     * Exposed as optional method in IMFAProviderService interface.
+     *
+     * @param user - User to generate codes for
+     * @returns Generated backup codes (plain text - shown only once)
+     */
     async generateBackupCodes(user) {
         const userEntity = user;
         const config = this.config.mfa?.backup;
         const codeCount = config?.codeCount || 10;
         const codeLength = config?.codeLength || 8;
+        // Generate random codes
         const codes = [];
         for (let i = 0; i < codeCount; i++) {
             const code = this.generateRandomCode(codeLength);
             codes.push(code);
         }
+        // Check if password service is available
         if (!this.passwordService || typeof this.passwordService.hashPassword !== 'function') {
             throw new nauth_exception_1.NAuthException(error_codes_enum_1.AuthErrorCode.VALIDATION_FAILED, 'Password service is not available');
         }
+        // Hash codes for storage
         const passwordService = this.passwordService;
         const hashedCodes = await Promise.all(codes.map((code) => passwordService.hashPassword(code)));
+        // Store hashed codes
         userEntity.backupCodes = hashedCodes;
         await this.userRepository.save(userEntity);
         this.logger?.log?.(`Generated ${codeCount} backup codes for user: ${user.sub}`);
+        // ============================================================================
+        // Audit: Record backup codes generation
+        // ============================================================================
         if (this.auditService && this.clientInfoService) {
             try {
                 await this.auditService?.recordEvent({
@@ -179,12 +354,14 @@ class BaseMFAProviderService {
                     eventType: auth_audit_event_type_enum_1.AuthAuditEventType.MFA_BACKUP_CODES_GENERATED,
                     eventStatus: 'INFO',
                     metadata: {
+                        // Client info automatically included from context
                         codeCount,
                         codeLength,
                     },
                 });
             }
             catch (auditError) {
+                // Non-blocking: Log but continue
                 const errorMessage = auditError instanceof Error ? auditError.message : 'Unknown error';
                 this.logger?.error?.(`Failed to record MFA_BACKUP_CODES_GENERATED audit event: ${errorMessage}`, {
                     error: auditError,
@@ -194,6 +371,16 @@ class BaseMFAProviderService {
         }
         return codes;
     }
+    /**
+     * Verify backup code
+     *
+     * Validates backup code and removes it after use (single-use).
+     *
+     * @param user - User being authenticated
+     * @param code - Backup code to verify
+     * @returns True if code is valid
+     * @protected
+     */
     async verifyBackupCode(user, code) {
         const userEntity = user;
         const backupCodes = userEntity.backupCodes;
@@ -201,19 +388,25 @@ class BaseMFAProviderService {
             this.logger?.warn?.('No backup codes available');
             return false;
         }
+        // Check if password service is available
         if (!this.passwordService ||
             typeof this.passwordService.verifyPassword !== 'function') {
             this.logger?.warn?.('Backup code verification attempted but password service is not available');
             return false;
         }
+        // Check code against all stored hashed codes
         const passwordService = this.passwordService;
         for (let i = 0; i < backupCodes.length; i++) {
             const isValid = await passwordService.verifyPassword(code, backupCodes[i]);
             if (isValid) {
+                // Remove used code
                 backupCodes.splice(i, 1);
                 userEntity.backupCodes = backupCodes;
                 await this.userRepository.save(userEntity);
                 this.logger?.log?.(`Backup code verified and removed for user: ${user.sub}`);
+                // ============================================================================
+                // Audit: Record backup code usage
+                // ============================================================================
                 if (this.auditService && this.clientInfoService) {
                     try {
                         await this.auditService?.recordEvent({
@@ -222,11 +415,13 @@ class BaseMFAProviderService {
                             eventStatus: 'SUCCESS',
                             authMethod: 'backup',
                             metadata: {
+                                // Client info automatically included from context
                                 remainingCodes: backupCodes.length,
                             },
                         });
                     }
                     catch (auditError) {
+                        // Non-blocking: Log but continue
                         const errorMessage = auditError instanceof Error ? auditError.message : 'Unknown error';
                         this.logger?.error?.(`Failed to record MFA_BACKUP_CODE_USED audit event: ${errorMessage}`, {
                             error: auditError,
@@ -240,8 +435,18 @@ class BaseMFAProviderService {
         this.logger?.warn?.('Backup code verification failed');
         return false;
     }
+    // ============================================================================
+    // Helper Methods
+    // ============================================================================
+    /**
+     * Generate random alphanumeric code
+     *
+     * @param length - Code length
+     * @returns Random code
+     * @protected
+     */
     generateRandomCode(length) {
-        const chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789';
+        const chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789'; // Exclude ambiguous characters
         let code = '';
         const bytes = (0, crypto_1.randomBytes)(length);
         for (let i = 0; i < length; i++) {
@@ -249,12 +454,35 @@ class BaseMFAProviderService {
         }
         return code;
     }
+    /**
+     * Mask phone number for display
+     *
+     * @param phone - Phone number
+     * @returns Masked phone number
+     * @protected
+     */
     maskPhone(phone) {
         const digits = phone.replace(/\D/g, '');
         if (digits.length < 4)
             return phone;
         return `***-***-${digits.slice(-4)}`;
     }
+    /**
+     * Mask email address for display
+     *
+     * Masks the local part of the email while showing the domain.
+     * Example: user@example.com → u***r@example.com
+     *
+     * @param email - Email address
+     * @returns Masked email address
+     * @protected
+     *
+     * @example
+     * ```typescript
+     * const masked = this.maskEmail('user@example.com');
+     * // Returns: 'u***r@example.com'
+     * ```
+     */
     maskEmail(email) {
         const [localPart, domain] = email.split('@');
         if (!localPart || !domain)
@@ -264,8 +492,30 @@ class BaseMFAProviderService {
         }
         return `${localPart[0]}***${localPart[localPart.length - 1]}@${domain}`;
     }
+    /**
+     * Check if MFA is required for a user
+     *
+     * Determines MFA requirement based on:
+     * - User-level MFA exemption (admin override)
+     * - Global enforcement policy (OPTIONAL, REQUIRED, ADAPTIVE)
+     * - Grace period for REQUIRED enforcement
+     * - User's MFA enrollment date
+     *
+     * ADAPTIVE enforcement currently behaves like REQUIRED (placeholder for future risk-based logic)
+     *
+     * @param user - User to check
+     * @returns True if MFA is required
+     * @protected
+     */
     async isMFARequired(user) {
+        // ============================================================================
+        // SECURITY: Check user-level MFA exemption FIRST
+        // ============================================================================
+        // Exemption allows bypassing MFA requirements
+        // This is checked early to ensure exempt users can always login
+        // Handle different database representations (boolean true, MySQL tinyint 1, etc.)
         const mfaExempt = user.mfaExempt;
+        // Check for boolean true (handle numeric 1 case at runtime if needed)
         if (mfaExempt === true || mfaExempt === 1) {
             return false;
         }
@@ -278,16 +528,20 @@ class BaseMFAProviderService {
             return false;
         }
         if (enforcement === 'REQUIRED' || enforcement === 'ADAPTIVE') {
+            // Check grace period
             const gracePeriod = mfaConfig.gracePeriod || 7;
             const gracePeriodEnd = new Date();
             gracePeriodEnd.setDate(gracePeriodEnd.getDate() - gracePeriod);
+            // If user has enrolled in MFA, check if they're within grace period
             const userWithDates = user;
             if (userWithDates.mfaEnforcedAt) {
                 return userWithDates.mfaEnforcedAt <= gracePeriodEnd;
             }
+            // User hasn't enrolled - check account creation date
             if (userWithDates.createdAt) {
                 return userWithDates.createdAt <= gracePeriodEnd;
             }
+            // No dates available - require MFA immediately
             return true;
         }
         return false;

package/dist/services/mfa-base.service.js.map

@@ -1 +1 @@
-{"version":3,"file":"mfa-base.service.js","sourceRoot":"","sources":["../../src/services/mfa-base.service.ts"],"names":[],"mappings":";;;AAEA,mCAAqC;AAKrC,oFAAyE;AAEzE,mEAA+D;AAC/D,gEAA0D;AAE1D,8DAA6E;AA8C7E,MAAsB,sBAAsB;IAIrB;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IARrB,YACqB,mBAA8C,EAC9C,cAAoC,EACpC,MAAmB,EACnB,MAAmB,EACnB,eAAyB,EACzB,gBAAmC,EACnC,YAA+B,EAC/B,iBAAqC;QAPrC,wBAAmB,GAAnB,mBAAmB,CAA2B;QAC9C,mBAAc,GAAd,cAAc,CAAsB;QACpC,WAAM,GAAN,MAAM,CAAa;QACnB,WAAM,GAAN,MAAM,CAAa;QACnB,oBAAe,GAAf,eAAe,CAAU;QACzB,qBAAgB,GAAhB,gBAAgB,CAAmB;QACnC,iBAAY,GAAZ,YAAY,CAAmB;QAC/B,sBAAiB,GAAjB,iBAAiB,CAAoB;IACvD,CAAC;IAOJ,eAAe;QACb,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,cAAc,IAAI,CAAC,GAAG,kCAAgB,CAAC,CAAC;QAChF,OAAO,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,UAA6B,CAAC,CAAC;IACrE,CAAC;IAqBS,KAAK,CAAC,cAAc,CAAC,MAAc;QAC3C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;YAClD,KAAK,EAAE,EAAE,MAAM,EAAE;YACjB,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE;SACrB,CAAC,CAAC;QAE9B,OAAO,OAAkC,CAAC;IAC5C,CAAC;IAmCS,KAAK,CAAC,YAAY,CAAC,MAAc,EAAE,UAA+B;QAM1E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,EAAE,0BAA0B,EAAE,EAAE;YAGhG,MAAM,0BAA0B;iBAC7B,kBAAkB,EAAE;iBACpB,MAAM,CAAC,SAAS,CAAC;iBACjB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC;iBACxC,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,CAAC;iBACtC,OAAO,CAAC,mBAAmB,CAAC;iBAC5B,MAAM,EAAE,CAAC;YAIZ,MAAM,cAAc,GAAG,MAAM,0BAA0B;iBACpD,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC;iBAC9C,kBAAkB,CAAC,QAAQ,CAAC;iBAC5B,KAAK,CAAC,yBAAyB,EAAE,EAAE,MAAM,EAAE,CAAC;iBAC5C,QAAQ,CAAC,qBAAqB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC;iBAC1D,MAAM,EAAE,CAAC;YAEZ,IAAI,cAAc,EAAE,CAAC;gBACnB,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAChB,uBAAuB,IAAI,CAAC,UAAU,6BAA6B,MAAM,6BAA6B,CACvG,CAAC;gBACF,OAAO,cAAuC,CAAC;YACjD,CAAC;YAGD,MAAM,SAAS,GAAG,0BAA0B,CAAC,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;gBACjG,MAAM;gBACN,IAAI,EAAE,IAAI,CAAC,UAAU;gBACrB,GAAG,UAAU;aACa,CAAC,CAAC;YAG9B,MAAM,KAAK,GAAG,MAAM,0BAA0B,CAAC,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAE9G,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,iCAAiC,IAAI,CAAC,UAAU,aAAa,MAAM,cAAc,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;YAEhH,OAAO,KAA8B,CAAC;QACxC,CAAC,CAAC,CAAC;QAKH,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAChD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC;oBAClC,MAAM;oBACN,SAAS,EAAE,+CAAkB,CAAC,gBAAgB;oBAC9C,WAAW,EAAE,SAAS;oBACtB,QAAQ,EAAE;wBAER,SAAS,EAAE,IAAI,CAAC,UAAU;wBAC1B,QAAQ,EAAE,MAAM,CAAC,EAAE;wBACnB,UAAU,EAAE,MAAM,CAAC,IAAI;wBACvB,SAAS,EAAE,MAAM,CAAC,SAAS;qBAC5B;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBAEpB,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,kDAAkD,YAAY,EAAE,EAAE;oBACrF,KAAK,EAAE,UAAU;oBACjB,MAAM;oBACN,UAAU,EAAE,IAAI,CAAC,UAAU;iBAC5B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAUS,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,QAAiB;QAC1D,MAAM,KAAK,GAA4B;YACrC,MAAM;YACN,IAAI,EAAE,IAAI,CAAC,UAAU;YACrB,QAAQ,EAAE,IAAI;SACf,CAAC;QAEF,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,CAAC,EAAE,GAAG,QAAQ,CAAC;QACtB,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC;YACpD,KAAK;YACL,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE;SACtB,CAAC,CAAC;QAE9B,OAAO,MAAM,CAAC,CAAC,CAAE,MAAgC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,CAAC;IAQS,KAAK,CAAC,iBAAiB,CAAC,QAAgB;QAChD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;QACnF,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;YAC/B,MAAM,CAAC,UAAU,GAAG,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAYS,KAAK,CAAC,gBAAgB,CAAC,IAAW;QAI1C,MAAM,MAAM,GAAI,IAA2C,CAAC,EAAY,CAAC;QACzE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAChF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,kCAAkC,CAAC,CAAC;QACxF,CAAC;QAED,MAAM,gBAAgB,GAAG,UAAgD,CAAC;QAC1E,MAAM,aAAa,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC;QAEnD,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC;YACjC,gBAAgB,CAAC,UAAU,GAAG,IAAI,CAAC;YACnC,gBAAgB,CAAC,aAAa,GAAG,IAAI,IAAI,EAAE,CAAC;QAC9C,CAAC;QAGD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnF,gBAAgB,CAAC,UAAU,GAAG,OAAO,CAAC;QAGtC,IAAI,CAAC,gBAAgB,CAAC,kBAAkB,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,QAAQ,CAAC,CAAC;YACrE,gBAAgB,CAAC,kBAAkB,GAAG,aAAa,EAAE,IAAI,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;QAC1E,CAAC;QAED,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAiB3C,IAAI,aAAa,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACjE,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;oBACnC,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,SAAS,EAAE,+CAAkB,CAAC,WAAW;oBACzC,WAAW,EAAE,SAAS;oBACtB,QAAQ,EAAE;wBAER,SAAS,EAAE,IAAI,CAAC,UAAU;wBAC1B,UAAU,EAAE,OAAO;qBACpB;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBAEpB,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,6CAA6C,YAAY,EAAE,EAAE;oBAChF,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,UAAU,EAAE,IAAI,CAAC,UAAU;iBAC5B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAeD,KAAK,CAAC,mBAAmB,CAAC,IAAW;QACnC,MAAM,UAAU,GAAG,IAA0C,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC;QACvC,MAAM,SAAS,GAAG,MAAM,EAAE,SAAS,IAAI,EAAE,CAAC;QAC1C,MAAM,UAAU,GAAG,MAAM,EAAE,UAAU,IAAI,CAAC,CAAC;QAG3C,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACjD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnB,CAAC;QAGD,IAAI,CAAC,IAAI,CAAC,eAAe,IAAI,OAAQ,IAAI,CAAC,eAA2C,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YAClH,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,iBAAiB,EAAE,mCAAmC,CAAC,CAAC;QACjG,CAAC;QAGD,MAAM,eAAe,GAAG,IAAI,CAAC,eAA0E,CAAC;QACxG,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,eAAe,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAG/F,UAAU,CAAC,WAAW,GAAG,WAAW,CAAC;QACrC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,aAAa,SAAS,2BAA2B,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QAKhF,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAChD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;oBACnC,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,SAAS,EAAE,+CAAkB,CAAC,0BAA0B;oBACxD,WAAW,EAAE,MAAM;oBACnB,QAAQ,EAAE;wBAER,SAAS;wBACT,UAAU;qBACX;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBAEpB,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,4DAA4D,YAAY,EAAE,EAAE;oBAC/F,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,IAAI,CAAC,EAAE;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAYS,KAAK,CAAC,gBAAgB,CAAC,IAAW,EAAE,IAAY;QACxD,MAAM,UAAU,GAAG,IAA0C,CAAC;QAE9D,MAAM,WAAW,GAAG,UAAU,CAAC,WAAmC,CAAC;QACnE,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,2BAA2B,CAAC,CAAC;YACjD,OAAO,KAAK,CAAC;QACf,CAAC;QAGD,IACE,CAAC,IAAI,CAAC,eAAe;YACrB,OAAQ,IAAI,CAAC,eAA2C,CAAC,cAAc,KAAK,UAAU,EACtF,CAAC;YACD,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,0EAA0E,CAAC,CAAC;YAChG,OAAO,KAAK,CAAC;QACf,CAAC;QAGD,MAAM,eAAe,GAAG,IAAI,CAAC,eAE5B,CAAC;QACF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5C,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3E,IAAI,OAAO,EAAE,CAAC;gBAEZ,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBACzB,UAAU,CAAC,WAAW,GAAG,WAAW,CAAC;gBACrC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAE3C,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,8CAA8C,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBAK7E,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAChD,IAAI,CAAC;wBACH,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;4BACnC,MAAM,EAAE,IAAI,CAAC,EAAE;4BACf,SAAS,EAAE,+CAAkB,CAAC,oBAAoB;4BAClD,WAAW,EAAE,SAAS;4BACtB,UAAU,EAAE,QAAQ;4BACpB,QAAQ,EAAE;gCAER,cAAc,EAAE,WAAW,CAAC,MAAM;6BACnC;yBACF,CAAC,CAAC;oBACL,CAAC;oBAAC,OAAO,UAAU,EAAE,CAAC;wBAEpB,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;wBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,sDAAsD,YAAY,EAAE,EAAE;4BACzF,KAAK,EAAE,UAAU;4BACjB,MAAM,EAAE,IAAI,CAAC,EAAE;yBAChB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAED,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,iCAAiC,CAAC,CAAC;QACvD,OAAO,KAAK,CAAC;IACf,CAAC;IAaS,kBAAkB,CAAC,MAAc;QACzC,MAAM,KAAK,GAAG,kCAAkC,CAAC;QACjD,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,MAAM,CAAC,CAAC;QAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IASS,SAAS,CAAC,KAAa;QAC/B,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACpC,OAAO,WAAW,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACvC,CAAC;IAkBS,SAAS,CAAC,KAAa;QAC/B,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7C,IAAI,CAAC,SAAS,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QACxC,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YAC1B,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,OAAO,MAAM,EAAE,CAAC;QACxC,CAAC;QACD,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,MAAM,EAAE,CAAC;IAC1E,CAAC;IAiBS,KAAK,CAAC,aAAa,CAAC,IAAW;QAOvC,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEjC,IAAI,SAAS,KAAK,IAAI,IAAK,SAAqB,KAAK,CAAC,EAAE,CAAC;YACvD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;QAElC,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,CAAC;YACxB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,WAAW,GAAG,SAAS,CAAC,WAAW,IAAI,UAAU,CAAC;QAExD,IAAI,WAAW,KAAK,UAAU,EAAE,CAAC;YAC/B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,WAAW,KAAK,UAAU,IAAI,WAAW,KAAK,UAAU,EAAE,CAAC;YAE7D,MAAM,WAAW,GAAG,SAAS,CAAC,WAAW,IAAI,CAAC,CAAC;YAC/C,MAAM,cAAc,GAAG,IAAI,IAAI,EAAE,CAAC;YAClC,cAAc,CAAC,OAAO,CAAC,cAAc,CAAC,OAAO,EAAE,GAAG,WAAW,CAAC,CAAC;YAG/D,MAAM,aAAa,GAAG,IAAyD,CAAC;YAChF,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;gBAChC,OAAO,aAAa,CAAC,aAAa,IAAI,cAAc,CAAC;YACvD,CAAC;YAGD,IAAI,aAAa,CAAC,SAAS,EAAE,CAAC;gBAC5B,OAAO,aAAa,CAAC,SAAS,IAAI,cAAc,CAAC;YACnD,CAAC;YAGD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAxiBD,wDAwiBC"}
+{"version":3,"file":"mfa-base.service.js","sourceRoot":"","sources":["../../src/services/mfa-base.service.ts"],"names":[],"mappings":";;;AAEA,mCAAqC;AAKrC,oFAAyE;AAEzE,mEAA+D;AAC/D,gEAA0D;AAE1D,8DAA6E;AAG7E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA0CG;AACH,MAAsB,sBAAsB;IAIrB;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IARrB,YACqB,mBAA8C,EAC9C,cAAoC,EACpC,MAAmB,EACnB,MAAmB,EACnB,eAAyB,EAAE,sCAAsC;IACjE,gBAAmC,EACnC,YAA+B,EAC/B,iBAAqC;QAPrC,wBAAmB,GAAnB,mBAAmB,CAA2B;QAC9C,mBAAc,GAAd,cAAc,CAAsB;QACpC,WAAM,GAAN,MAAM,CAAa;QACnB,WAAM,GAAN,MAAM,CAAa;QACnB,oBAAe,GAAf,eAAe,CAAU;QACzB,qBAAgB,GAAhB,gBAAgB,CAAmB;QACnC,iBAAY,GAAZ,YAAY,CAAmB;QAC/B,sBAAiB,GAAjB,iBAAiB,CAAoB;IACvD,CAAC;IAEJ;;;;OAIG;IACH,eAAe;QACb,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,cAAc,IAAI,CAAC,GAAG,kCAAgB,CAAC,CAAC;QAChF,OAAO,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,UAA6B,CAAC,CAAC;IACrE,CAAC;IAMD,8DAA8D;IAC9D,qDAAqD;IAErD,+EAA+E;IAC/E,mCAAmC;IACnC,+EAA+E;IAE/E;;;;;;;OAOG;IACO,KAAK,CAAC,cAAc,CAAC,MAAc;QAC3C,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC;YAClD,KAAK,EAAE,EAAE,MAAM,EAAE;YACjB,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE;SACrB,CAAC,CAAC;QAE9B,OAAO,OAAkC,CAAC;IAC5C,CAAC;IAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;IACO,KAAK,CAAC,YAAY,CAAC,MAAc,EAAE,UAA+B;QAC1E,+EAA+E;QAC/E,kEAAkE;QAClE,+EAA+E;QAC/E,mFAAmF;QACnF,+EAA+E;QAC/E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,WAAW,CAAC,KAAK,EAAE,0BAA0B,EAAE,EAAE;YAChG,wDAAwD;YACxD,4EAA4E;YAC5E,MAAM,0BAA0B;iBAC7B,kBAAkB,EAAE;iBACpB,MAAM,CAAC,SAAS,CAAC;iBACjB,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC;iBACxC,KAAK,CAAC,mBAAmB,EAAE,EAAE,MAAM,EAAE,CAAC;iBACtC,OAAO,CAAC,mBAAmB,CAAC;iBAC5B,MAAM,EAAE,CAAC;YAEZ,sEAAsE;YACtE,uDAAuD;YACvD,MAAM,cAAc,GAAG,MAAM,0BAA0B;iBACpD,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC;iBAC9C,kBAAkB,CAAC,QAAQ,CAAC;iBAC5B,KAAK,CAAC,yBAAyB,EAAE,EAAE,MAAM,EAAE,CAAC;iBAC5C,QAAQ,CAAC,qBAAqB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,UAAU,EAAE,CAAC;iBAC1D,MAAM,EAAE,CAAC;YAEZ,IAAI,cAAc,EAAE,CAAC;gBACnB,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAChB,uBAAuB,IAAI,CAAC,UAAU,6BAA6B,MAAM,6BAA6B,CACvG,CAAC;gBACF,OAAO,cAAuC,CAAC;YACjD,CAAC;YAED,kDAAkD;YAClD,MAAM,SAAS,GAAG,0BAA0B,CAAC,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;gBACjG,MAAM;gBACN,IAAI,EAAE,IAAI,CAAC,UAAU;gBACrB,GAAG,UAAU;aACa,CAAC,CAAC;YAE9B,oEAAoE;YACpE,MAAM,KAAK,GAAG,MAAM,0BAA0B,CAAC,aAAa,CAAC,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAE9G,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,iCAAiC,IAAI,CAAC,UAAU,aAAa,MAAM,cAAc,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC;YAEhH,OAAO,KAA8B,CAAC;QACxC,CAAC,CAAC,CAAC;QAEH,+EAA+E;QAC/E,iCAAiC;QACjC,+EAA+E;QAC/E,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAChD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC;oBAClC,MAAM;oBACN,SAAS,EAAE,+CAAkB,CAAC,gBAAgB;oBAC9C,WAAW,EAAE,SAAS;oBACtB,QAAQ,EAAE;wBACR,kDAAkD;wBAClD,SAAS,EAAE,IAAI,CAAC,UAAU;wBAC1B,QAAQ,EAAE,MAAM,CAAC,EAAE;wBACnB,UAAU,EAAE,MAAM,CAAC,IAAI;wBACvB,SAAS,EAAE,MAAM,CAAC,SAAS;qBAC5B;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBACpB,iCAAiC;gBACjC,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,kDAAkD,YAAY,EAAE,EAAE;oBACrF,KAAK,EAAE,UAAU;oBACjB,MAAM;oBACN,UAAU,EAAE,IAAI,CAAC,UAAU;iBAC5B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;;;;OAOG;IACO,KAAK,CAAC,UAAU,CAAC,MAAc,EAAE,QAAiB;QAC1D,MAAM,KAAK,GAA4B;YACrC,MAAM;YACN,IAAI,EAAE,IAAI,CAAC,UAAU;YACrB,QAAQ,EAAE,IAAI;SACf,CAAC;QAEF,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,CAAC,EAAE,GAAG,QAAQ,CAAC;QACtB,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC;YACpD,KAAK;YACL,KAAK,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE;SACtB,CAAC,CAAC;QAE9B,OAAO,MAAM,CAAC,CAAC,CAAE,MAAgC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3D,CAAC;IAED;;;;;OAKG;IACO,KAAK,CAAC,iBAAiB,CAAC,QAAgB;QAChD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;QACnF,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC;YAC/B,MAAM,CAAC,UAAU,GAAG,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACjD,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACO,KAAK,CAAC,gBAAgB,CAAC,IAAW;QAC1C,+DAA+D;QAC/D,mFAAmF;QACnF,kEAAkE;QAClE,MAAM,MAAM,GAAI,IAA2C,CAAC,EAAY,CAAC;QACzE,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;QAChF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,SAAS,EAAE,kCAAkC,CAAC,CAAC;QACxF,CAAC;QAED,MAAM,gBAAgB,GAAG,UAAgD,CAAC;QAC1E,MAAM,aAAa,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC;QAEnD,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC;YACjC,gBAAgB,CAAC,UAAU,GAAG,IAAI,CAAC;YACnC,gBAAgB,CAAC,aAAa,GAAG,IAAI,IAAI,EAAE,CAAC;QAC9C,CAAC;QAED,0BAA0B;QAC1B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACnF,gBAAgB,CAAC,UAAU,GAAG,OAAO,CAAC;QAEtC,kCAAkC;QAClC,IAAI,CAAC,gBAAgB,CAAC,kBAAkB,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/D,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,QAAQ,CAAC,CAAC;YACrE,gBAAgB,CAAC,kBAAkB,GAAG,aAAa,EAAE,IAAI,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;QAC1E,CAAC;QAED,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAE3C,wFAAwF;QACxF,yEAAyE;QACzE,gDAAgD;QAChD,UAAU;QACV,yGAAyG;QACzG,uGAAuG;QACvG,sBAAsB;QACtB,kEAAkE;QAClE,qGAAqG;QACrG,MAAM;QACN,IAAI;QAEJ,+EAA+E;QAC/E,oDAAoD;QACpD,+EAA+E;QAC/E,IAAI,aAAa,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACjE,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;oBACnC,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,SAAS,EAAE,+CAAkB,CAAC,WAAW;oBACzC,WAAW,EAAE,SAAS;oBACtB,QAAQ,EAAE;wBACR,kDAAkD;wBAClD,SAAS,EAAE,IAAI,CAAC,UAAU;wBAC1B,UAAU,EAAE,OAAO;qBACpB;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBACpB,iCAAiC;gBACjC,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,6CAA6C,YAAY,EAAE,EAAE;oBAChF,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,UAAU,EAAE,IAAI,CAAC,UAAU;iBAC5B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,+EAA+E;IAC/E,8BAA8B;IAC9B,+EAA+E;IAE/E;;;;;;;;OAQG;IACH,KAAK,CAAC,mBAAmB,CAAC,IAAW;QACnC,MAAM,UAAU,GAAG,IAA0C,CAAC;QAC9D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM,CAAC;QACvC,MAAM,SAAS,GAAG,MAAM,EAAE,SAAS,IAAI,EAAE,CAAC;QAC1C,MAAM,UAAU,GAAG,MAAM,EAAE,UAAU,IAAI,CAAC,CAAC;QAE3C,wBAAwB;QACxB,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,IAAI,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACjD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnB,CAAC;QAED,yCAAyC;QACzC,IAAI,CAAC,IAAI,CAAC,eAAe,IAAI,OAAQ,IAAI,CAAC,eAA2C,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YAClH,MAAM,IAAI,gCAAc,CAAC,gCAAa,CAAC,iBAAiB,EAAE,mCAAmC,CAAC,CAAC;QACjG,CAAC;QAED,yBAAyB;QACzB,MAAM,eAAe,GAAG,IAAI,CAAC,eAA0E,CAAC;QACxG,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,eAAe,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAE/F,qBAAqB;QACrB,UAAU,CAAC,WAAW,GAAG,WAAW,CAAC;QACrC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAE3C,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,aAAa,SAAS,2BAA2B,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;QAEhF,+EAA+E;QAC/E,wCAAwC;QACxC,+EAA+E;QAC/E,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAChD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;oBACnC,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,SAAS,EAAE,+CAAkB,CAAC,0BAA0B;oBACxD,WAAW,EAAE,MAAM;oBACnB,QAAQ,EAAE;wBACR,kDAAkD;wBAClD,SAAS;wBACT,UAAU;qBACX;iBACF,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,UAAU,EAAE,CAAC;gBACpB,iCAAiC;gBACjC,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;gBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,4DAA4D,YAAY,EAAE,EAAE;oBAC/F,KAAK,EAAE,UAAU;oBACjB,MAAM,EAAE,IAAI,CAAC,EAAE;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;;;;;;;;OASG;IACO,KAAK,CAAC,gBAAgB,CAAC,IAAW,EAAE,IAAY;QACxD,MAAM,UAAU,GAAG,IAA0C,CAAC;QAE9D,MAAM,WAAW,GAAG,UAAU,CAAC,WAAmC,CAAC;QACnE,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7C,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,2BAA2B,CAAC,CAAC;YACjD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,yCAAyC;QACzC,IACE,CAAC,IAAI,CAAC,eAAe;YACrB,OAAQ,IAAI,CAAC,eAA2C,CAAC,cAAc,KAAK,UAAU,EACtF,CAAC;YACD,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,0EAA0E,CAAC,CAAC;YAChG,OAAO,KAAK,CAAC;QACf,CAAC;QAED,6CAA6C;QAC7C,MAAM,eAAe,GAAG,IAAI,CAAC,eAE5B,CAAC;QACF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5C,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAC3E,IAAI,OAAO,EAAE,CAAC;gBACZ,mBAAmB;gBACnB,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBACzB,UAAU,CAAC,WAAW,GAAG,WAAW,CAAC;gBACrC,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBAE3C,IAAI,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,8CAA8C,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;gBAE7E,+EAA+E;gBAC/E,kCAAkC;gBAClC,+EAA+E;gBAC/E,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAChD,IAAI,CAAC;wBACH,MAAM,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC;4BACnC,MAAM,EAAE,IAAI,CAAC,EAAE;4BACf,SAAS,EAAE,+CAAkB,CAAC,oBAAoB;4BAClD,WAAW,EAAE,SAAS;4BACtB,UAAU,EAAE,QAAQ;4BACpB,QAAQ,EAAE;gCACR,kDAAkD;gCAClD,cAAc,EAAE,WAAW,CAAC,MAAM;6BACnC;yBACF,CAAC,CAAC;oBACL,CAAC;oBAAC,OAAO,UAAU,EAAE,CAAC;wBACpB,iCAAiC;wBACjC,MAAM,YAAY,GAAG,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;wBACxF,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,sDAAsD,YAAY,EAAE,EAAE;4BACzF,KAAK,EAAE,UAAU;4BACjB,MAAM,EAAE,IAAI,CAAC,EAAE;yBAChB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;gBAED,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,iCAAiC,CAAC,CAAC;QACvD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,+EAA+E;IAC/E,iBAAiB;IACjB,+EAA+E;IAE/E;;;;;;OAMG;IACO,kBAAkB,CAAC,MAAc;QACzC,MAAM,KAAK,GAAG,kCAAkC,CAAC,CAAC,+BAA+B;QACjF,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,MAAM,KAAK,GAAG,IAAA,oBAAW,EAAC,MAAM,CAAC,CAAC;QAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAChC,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;QACzC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACO,SAAS,CAAC,KAAa;QAC/B,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACpC,OAAO,WAAW,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACvC,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACO,SAAS,CAAC,KAAa;QAC/B,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7C,IAAI,CAAC,SAAS,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;QACxC,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YAC1B,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,OAAO,MAAM,EAAE,CAAC;QACxC,CAAC;QACD,OAAO,GAAG,SAAS,CAAC,CAAC,CAAC,MAAM,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,MAAM,EAAE,CAAC;IAC1E,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACO,KAAK,CAAC,aAAa,CAAC,IAAW;QACvC,+EAA+E;QAC/E,iDAAiD;QACjD,+EAA+E;QAC/E,8CAA8C;QAC9C,gEAAgE;QAChE,kFAAkF;QAClF,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QACjC,sEAAsE;QACtE,IAAI,SAAS,KAAK,IAAI,IAAK,SAAqB,KAAK,CAAC,EAAE,CAAC;YACvD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;QAElC,IAAI,CAAC,SAAS,EAAE,OAAO,EAAE,CAAC;YACxB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,WAAW,GAAG,SAAS,CAAC,WAAW,IAAI,UAAU,CAAC;QAExD,IAAI,WAAW,KAAK,UAAU,EAAE,CAAC;YAC/B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,WAAW,KAAK,UAAU,IAAI,WAAW,KAAK,UAAU,EAAE,CAAC;YAC7D,qBAAqB;YACrB,MAAM,WAAW,GAAG,SAAS,CAAC,WAAW,IAAI,CAAC,CAAC;YAC/C,MAAM,cAAc,GAAG,IAAI,IAAI,EAAE,CAAC;YAClC,cAAc,CAAC,OAAO,CAAC,cAAc,CAAC,OAAO,EAAE,GAAG,WAAW,CAAC,CAAC;YAE/D,oEAAoE;YACpE,MAAM,aAAa,GAAG,IAAyD,CAAC;YAChF,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;gBAChC,OAAO,aAAa,CAAC,aAAa,IAAI,cAAc,CAAC;YACvD,CAAC;YAED,qDAAqD;YACrD,IAAI,aAAa,CAAC,SAAS,EAAE,CAAC;gBAC5B,OAAO,aAAa,CAAC,SAAS,IAAI,cAAc,CAAC;YACnD,CAAC;YAED,+CAA+C;YAC/C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAxiBD,wDAwiBC"}