@neutralauth/internal-auth 0.10.11

package/dist/react/index.js

@@ -0,0 +1,190 @@
+import { Fragment as _Fragment, jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
+import { Component, useCallback, useEffect, useMemo, useState } from "react";
+import { Authenticated, ConvexProviderWithAuth, useConvexAuth, useQuery, } from "convex/react";
+/**
+ * A wrapper React component which provides a {@link react.ConvexReactClient}
+ * authenticated with Better Auth.
+ *
+ * @public
+ */
+export function ConvexBetterAuthProvider({ children, client, authClient, initialToken, }) {
+    const useBetterAuth = useUseAuthFromBetterAuth(authClient, initialToken);
+    useEffect(() => {
+        (async () => {
+            const url = new URL(window.location?.href);
+            const token = url.searchParams.get("ott");
+            if (token) {
+                const authClientWithCrossDomain = authClient;
+                url.searchParams.delete("ott");
+                const result = await authClientWithCrossDomain.crossDomain.oneTimeToken.verify({
+                    token,
+                });
+                const session = result.data?.session;
+                if (session) {
+                    await authClient.getSession({
+                        fetchOptions: {
+                            headers: {
+                                Authorization: `Bearer ${session.token}`,
+                            },
+                        },
+                    });
+                    authClientWithCrossDomain.updateSession();
+                }
+                window.history.replaceState({}, "", url);
+            }
+        })();
+    }, [authClient]);
+    return (_jsx(ConvexProviderWithAuth, { client: client, useAuth: useBetterAuth, children: _jsx(_Fragment, { children: children }) }));
+}
+let initialTokenUsed = false;
+function useUseAuthFromBetterAuth(authClient, initialToken) {
+    const [cachedToken, setCachedToken] = useState(initialTokenUsed ? null : (initialToken ?? null));
+    useEffect(() => {
+        if (!initialTokenUsed) {
+            initialTokenUsed = true;
+        }
+    }, []);
+    return useMemo(() => function useAuthFromBetterAuth() {
+        const { data: session, isPending: isSessionPending } = authClient.useSession();
+        const sessionId = session?.session?.id;
+        useEffect(() => {
+            if (!session && !isSessionPending && cachedToken) {
+                setCachedToken(null);
+            }
+        }, [session, isSessionPending]);
+        const fetchAccessToken = useCallback(async ({ forceRefreshToken = false, } = {}) => {
+            if (cachedToken && !forceRefreshToken) {
+                return cachedToken;
+            }
+            try {
+                const { data } = await authClient.convex.token();
+                const token = data?.token || null;
+                setCachedToken(token);
+                return token;
+            }
+            catch {
+                setCachedToken(null);
+                return null;
+            }
+        }, 
+        // Build a new fetchAccessToken to trigger setAuth() whenever the
+        // session changes.
+        // eslint-disable-next-line react-hooks/exhaustive-deps
+        [sessionId]);
+        return useMemo(() => ({
+            isLoading: isSessionPending && !cachedToken,
+            isAuthenticated: Boolean(session?.session) || cachedToken !== null,
+            fetchAccessToken,
+        }), 
+        // eslint-disable-next-line react-hooks/exhaustive-deps
+        [isSessionPending, sessionId, fetchAccessToken, cachedToken]);
+    }, [authClient]);
+}
+class ErrorBoundary extends Component {
+    constructor(props) {
+        super(props);
+        this.state = {};
+    }
+    static defaultProps = {
+        renderFallback: () => null,
+    };
+    static getDerivedStateFromError(error) {
+        return { error };
+    }
+    async componentDidCatch(error) {
+        if (this.props.isAuthError(error)) {
+            await this.props.onUnauth();
+        }
+    }
+    render() {
+        if (this.state.error && this.props.isAuthError(this.state.error)) {
+            return this.props.renderFallback?.();
+        }
+        return this.props.children;
+    }
+}
+// Subscribe to the session validated user to keep this check reactive to
+// actual user auth state at the provider level (rather than just jwt validity state).
+const UserSubscription = ({ getAuthUserFn, }) => {
+    useQuery(getAuthUserFn);
+    return null;
+};
+/**
+ * _Experimental_
+ *
+ * A wrapper React component which provides error handling for auth related errors.
+ * This is typically used to redirect the user to the login page when they are
+ * unauthenticated, and does so reactively based on the getAuthUserFn query.
+ *
+ * @example
+ * ```ts
+ * // convex/auth.ts
+ * export const { getAuthUser } = authComponent.clientApi();
+ *
+ * // auth-client.tsx
+ * import { AuthBoundary } from "@convex-dev/react";
+ * import { api } from '../../convex/_generated/api'
+ * import { isAuthError } from '../lib/utils'
+ *
+ * export const ClientAuthBoundary = ({ children }: PropsWithChildren) => {
+ *   return (
+ *     <AuthBoundary
+ *       onUnauth={() => redirect("/sign-in")}
+ *       authClient={authClient}
+ *       getAuthUserFn={api.auth.getAuthUser}
+ *       isAuthError={isAuthError}
+ * >
+ *   <>{children}</>
+ * </AuthBoundary>
+ * )
+ * ```
+ * @param props.children - Children to render.
+ * @param props.onUnauth - Function to call when the user is
+ * unauthenticated. Typically a redirect to the login page.
+ * @param props.authClient - Better Auth authClient to use.
+ * @param props.renderFallback - Fallback component to render when the user is
+ * unauthenticated. Defaults to null. Generally not rendered as error handling
+ * is typically a redirect.
+ * @param props.getAuthUserFn - Reference to a Convex query that returns user.
+ * The component provides a query for this via `export const { getAuthUser } = authComponent.clientApi()`.
+ * @param props.isAuthError - Function to check if the error is auth related.
+ */
+export const AuthBoundary = ({ children, 
+/**
+ * The function to call when the user is unauthenticated. Typically a redirect
+ * to the login page.
+ */
+onUnauth, 
+/**
+ * The Better Auth authClient to use.
+ */
+authClient, 
+/**
+ * The fallback to render when the user is unauthenticated. Defaults to null.
+ * Generally not rendered as error handling is typically a redirect.
+ */
+renderFallback, 
+/**
+ * The function to call to get the auth user.
+ */
+getAuthUserFn, 
+/**
+ * The function to call to check if the error is auth related.
+ */
+isAuthError, }) => {
+    const { isAuthenticated, isLoading } = useConvexAuth();
+    const handleUnauth = useCallback(async () => {
+        // Auth request that will clear cookies if session is invalid
+        await authClient.getSession();
+        await onUnauth();
+    }, [onUnauth]);
+    useEffect(() => {
+        void (async () => {
+            if (!isLoading && !isAuthenticated) {
+                await handleUnauth();
+            }
+        })();
+    }, [isLoading, isAuthenticated]);
+    return (_jsxs(ErrorBoundary, { onUnauth: handleUnauth, isAuthError: isAuthError, renderFallback: renderFallback, children: [_jsx(Authenticated, { children: _jsx(UserSubscription, { getAuthUserFn: getAuthUserFn }) }), children] }));
+};
+//# sourceMappingURL=index.js.map

package/dist/react/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/react/index.tsx"],"names":[],"mappings":";AACA,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,OAAO,CAAC;AAE7E,OAAO,EACL,aAAa,EACb,sBAAsB,EACtB,aAAa,EACb,QAAQ,GACT,MAAM,cAAc,CAAC;AAsCtB;;;;;GAKG;AACH,MAAM,UAAU,wBAAwB,CAAC,EACvC,QAAQ,EACR,MAAM,EACN,UAAU,EACV,YAAY,GAMb;IACC,MAAM,aAAa,GAAG,wBAAwB,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;IACzE,SAAS,CAAC,GAAG,EAAE;QACb,CAAC,KAAK,IAAI,EAAE;YACV,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;YAC3C,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,yBAAyB,GAC7B,UAA2D,CAAC;gBAC9D,GAAG,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAC/B,MAAM,MAAM,GACV,MAAM,yBAAyB,CAAC,WAAW,CAAC,YAAY,CAAC,MAAM,CAAC;oBAC9D,KAAK;iBACN,CAAC,CAAC;gBACL,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC;gBACrC,IAAI,OAAO,EAAE,CAAC;oBACZ,MAAM,UAAU,CAAC,UAAU,CAAC;wBAC1B,YAAY,EAAE;4BACZ,OAAO,EAAE;gCACP,aAAa,EAAE,UAAU,OAAO,CAAC,KAAK,EAAE;6BACzC;yBACF;qBACF,CAAC,CAAC;oBACH,yBAAyB,CAAC,aAAa,EAAE,CAAC;gBAC5C,CAAC;gBACD,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,GAAG,CAAC,CAAC;YAC3C,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;IACP,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;IACjB,OAAO,CACL,KAAC,sBAAsB,IAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,YAC5D,4BAAG,QAAQ,GAAI,GACQ,CAC1B,CAAC;AACJ,CAAC;AAED,IAAI,gBAAgB,GAAG,KAAK,CAAC;AAE7B,SAAS,wBAAwB,CAC/B,UAAsB,EACtB,YAA4B;IAE5B,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC,GAAG,QAAQ,CAC5C,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,IAAI,IAAI,CAAC,CACjD,CAAC;IACF,SAAS,CAAC,GAAG,EAAE;QACb,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,gBAAgB,GAAG,IAAI,CAAC;QAC1B,CAAC;IACH,CAAC,EAAE,EAAE,CAAC,CAAC;IAEP,OAAO,OAAO,CACZ,GAAG,EAAE,CACH,SAAS,qBAAqB;QAC5B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,gBAAgB,EAAE,GAClD,UAAU,CAAC,UAAU,EAAE,CAAC;QAC1B,MAAM,SAAS,GAAG,OAAO,EAAE,OAAO,EAAE,EAAE,CAAC;QACvC,SAAS,CAAC,GAAG,EAAE;YACb,IAAI,CAAC,OAAO,IAAI,CAAC,gBAAgB,IAAI,WAAW,EAAE,CAAC;gBACjD,cAAc,CAAC,IAAI,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,EAAE,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC;QAChC,MAAM,gBAAgB,GAAG,WAAW,CAClC,KAAK,EAAE,EACL,iBAAiB,GAAG,KAAK,MACU,EAAE,EAAE,EAAE;YACzC,IAAI,WAAW,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACtC,OAAO,WAAW,CAAC;YACrB,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;gBACjD,MAAM,KAAK,GAAG,IAAI,EAAE,KAAK,IAAI,IAAI,CAAC;gBAClC,cAAc,CAAC,KAAK,CAAC,CAAC;gBACtB,OAAO,KAAK,CAAC;YACf,CAAC;YAAC,MAAM,CAAC;gBACP,cAAc,CAAC,IAAI,CAAC,CAAC;gBACrB,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QACD,iEAAiE;QACjE,mBAAmB;QACnB,uDAAuD;QACvD,CAAC,SAAS,CAAC,CACZ,CAAC;QACF,OAAO,OAAO,CACZ,GAAG,EAAE,CAAC,CAAC;YACL,SAAS,EAAE,gBAAgB,IAAI,CAAC,WAAW;YAC3C,eAAe,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,WAAW,KAAK,IAAI;YAClE,gBAAgB;SACjB,CAAC;QACF,uDAAuD;QACvD,CAAC,gBAAgB,EAAE,SAAS,EAAE,gBAAgB,EAAE,WAAW,CAAC,CAC7D,CAAC;IACJ,CAAC,EACH,CAAC,UAAU,CAAC,CACb,CAAC;AACJ,CAAC;AAYD,MAAM,aAAc,SAAQ,SAAiD;IAC3E,YAAY,KAAyB;QACnC,KAAK,CAAC,KAAK,CAAC,CAAC;QACb,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;IAClB,CAAC;IACD,MAAM,CAAC,YAAY,GAAgC;QACjD,cAAc,EAAE,GAAG,EAAE,CAAC,IAAI;KAC3B,CAAC;IACF,MAAM,CAAC,wBAAwB,CAAC,KAAY;QAC1C,OAAO,EAAE,KAAK,EAAE,CAAC;IACnB,CAAC;IACD,KAAK,CAAC,iBAAiB,CAAC,KAAY;QAClC,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC9B,CAAC;IACH,CAAC;IACD,MAAM;QACJ,IAAI,IAAI,CAAC,KAAK,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC;YACjE,OAAO,IAAI,CAAC,KAAK,CAAC,cAAc,EAAE,EAAE,CAAC;QACvC,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC;IAC7B,CAAC;;AAGH,yEAAyE;AACzE,sFAAsF;AACtF,MAAM,gBAAgB,GAAG,CAAC,EACxB,aAAa,GAGd,EAAE,EAAE;IACH,QAAQ,CAAC,aAAa,CAAC,CAAC;IACxB,OAAO,IAAI,CAAC;AACd,CAAC,CAAC;AAEF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuCG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,EAC3B,QAAQ;AACR;;;GAGG;AACH,QAAQ;AACR;;GAEG;AACH,UAAU;AACV;;;GAGG;AACH,cAAc;AACd;;GAEG;AACH,aAAa;AACb;;GAEG;AACH,WAAW,GAOX,EAAE,EAAE;IACJ,MAAM,EAAE,eAAe,EAAE,SAAS,EAAE,GAAG,aAAa,EAAE,CAAC;IACvD,MAAM,YAAY,GAAG,WAAW,CAAC,KAAK,IAAI,EAAE;QAC1C,6DAA6D;QAC7D,MAAM,UAAU,CAAC,UAAU,EAAE,CAAC;QAC9B,MAAM,QAAQ,EAAE,CAAC;IACnB,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEf,SAAS,CAAC,GAAG,EAAE;QACb,KAAK,CAAC,KAAK,IAAI,EAAE;YACf,IAAI,CAAC,SAAS,IAAI,CAAC,eAAe,EAAE,CAAC;gBACnC,MAAM,YAAY,EAAE,CAAC;YACvB,CAAC;QACH,CAAC,CAAC,EAAE,CAAC;IACP,CAAC,EAAE,CAAC,SAAS,EAAE,eAAe,CAAC,CAAC,CAAC;IAEjC,OAAO,CACL,MAAC,aAAa,IACZ,QAAQ,EAAE,YAAY,EACtB,WAAW,EAAE,WAAW,EACxB,cAAc,EAAE,cAAc,aAE9B,KAAC,aAAa,cACZ,KAAC,gBAAgB,IAAC,aAAa,EAAE,aAAa,GAAI,GACpC,EACf,QAAQ,IACK,CACjB,CAAC;AACJ,CAAC,CAAC"}

package/dist/react-start/index.d.ts

@@ -0,0 +1,13 @@
+import type { FunctionReference, FunctionReturnType, OptionalRestArgs } from "convex/server";
+import type { GetTokenOptions } from "../utils/index.js";
+export declare const convexBetterAuthReactStart: (opts: Omit<GetTokenOptions, "forceRefresh"> & {
+    convexUrl: string;
+    convexSiteUrl: string;
+}) => {
+    getToken: () => Promise<string | undefined>;
+    handler: (request: Request) => Promise<Response>;
+    fetchAuthQuery: <Query extends FunctionReference<"query">>(query: Query, ...args: OptionalRestArgs<Query>) => Promise<FunctionReturnType<Query>>;
+    fetchAuthMutation: <Mutation extends FunctionReference<"mutation">>(mutation: Mutation, ...args: OptionalRestArgs<Mutation>) => Promise<FunctionReturnType<Mutation>>;
+    fetchAuthAction: <Action extends FunctionReference<"action">>(action: Action, ...args: OptionalRestArgs<Action>) => Promise<FunctionReturnType<Action>>;
+};
+//# sourceMappingURL=index.d.ts.map

package/dist/react-start/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/react-start/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,iBAAiB,EACjB,kBAAkB,EAClB,gBAAgB,EACjB,MAAM,eAAe,CAAC;AAGvB,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAuEzD,eAAO,MAAM,0BAA0B,GACrC,MAAM,IAAI,CAAC,eAAe,EAAE,cAAc,CAAC,GAAG;IAC5C,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,CAAC;CACvB;;uBAwCoB,OAAO;qBACH,KAAK,SAAS,iBAAiB,CAAC,OAAO,CAAC,SACtD,KAAK,WACH,gBAAgB,CAAC,KAAK,CAAC,KAC/B,OAAO,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC;wBAMX,QAAQ,SAAS,iBAAiB,CAAC,UAAU,CAAC,YAC5D,QAAQ,WACT,gBAAgB,CAAC,QAAQ,CAAC,KAClC,OAAO,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC;sBAMhB,MAAM,SAAS,iBAAiB,CAAC,QAAQ,CAAC,UACxD,MAAM,WACL,gBAAgB,CAAC,MAAM,CAAC,KAChC,OAAO,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;CAOzC,CAAC"}

package/dist/react-start/index.js

@@ -0,0 +1,101 @@
+import { stripIndent } from "common-tags";
+import { ConvexHttpClient } from "convex/browser";
+import { getToken } from "../utils/index.js";
+import React from "react";
+// Caching supported for React 19+ only
+const cache = React.cache ||
+    ((fn) => {
+        return (...args) => fn(...args);
+    });
+function setupClient(options) {
+    const client = new ConvexHttpClient(options.convexUrl);
+    if (options.token !== undefined) {
+        client.setAuth(options.token);
+    }
+    // @ts-expect-error - setFetchOptions is internal
+    client.setFetchOptions({ cache: "no-store" });
+    return client;
+}
+const parseConvexSiteUrl = (url) => {
+    if (!url) {
+        throw new Error(stripIndent `
+      CONVEX_SITE_URL is not set.
+      This is automatically set in the Convex backend, but must be set in the TanStack Start environment.
+      For local development, this can be set in the .env.local file.
+    `);
+    }
+    if (url.endsWith(".convex.cloud")) {
+        throw new Error(stripIndent `
+      CONVEX_SITE_URL should be set to your Convex Site URL, which ends in .convex.site.
+      Currently set to ${url}.
+    `);
+    }
+    return url;
+};
+const handler = (request, opts) => {
+    const requestUrl = new URL(request.url);
+    const nextUrl = `${opts.convexSiteUrl}${requestUrl.pathname}${requestUrl.search}`;
+    const headers = new Headers(request.headers);
+    headers.set("accept-encoding", "application/json");
+    headers.set("host", new URL(opts.convexSiteUrl).host);
+    return fetch(nextUrl, {
+        method: request.method,
+        headers,
+        redirect: "manual",
+        body: request.body,
+        // @ts-expect-error - duplex is required for streaming request bodies in modern fetch
+        duplex: "half",
+    });
+};
+export const convexBetterAuthReactStart = (opts) => {
+    const siteUrl = parseConvexSiteUrl(opts.convexSiteUrl);
+    const cachedGetToken = cache(async (opts) => {
+        const { getRequestHeaders } = await import("@tanstack/react-start/server");
+        const headers = getRequestHeaders();
+        return getToken(siteUrl, headers, opts);
+    });
+    const callWithToken = async (fn) => {
+        const token = (await cachedGetToken(opts)) ?? {};
+        try {
+            return await fn(token?.token);
+        }
+        catch (error) {
+            if (!opts?.jwtCache?.enabled ||
+                token.isFresh ||
+                opts.jwtCache?.isAuthError(error)) {
+                throw error;
+            }
+            const newToken = await cachedGetToken({
+                ...opts,
+                forceRefresh: true,
+            });
+            return await fn(newToken.token);
+        }
+    };
+    return {
+        getToken: async () => {
+            const token = await cachedGetToken(opts);
+            return token.token;
+        },
+        handler: (request) => handler(request, opts),
+        fetchAuthQuery: async (query, ...args) => {
+            return callWithToken((token) => {
+                const client = setupClient({ ...opts, token });
+                return client.query(query, ...args);
+            });
+        },
+        fetchAuthMutation: async (mutation, ...args) => {
+            return callWithToken((token) => {
+                const client = setupClient({ ...opts, token });
+                return client.mutation(mutation, ...args);
+            });
+        },
+        fetchAuthAction: async (action, ...args) => {
+            return callWithToken((token) => {
+                const client = setupClient({ ...opts, token });
+                return client.action(action, ...args);
+            });
+        },
+    };
+};
+//# sourceMappingURL=index.js.map

package/dist/react-start/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/react-start/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAM1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAE7C,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,uCAAuC;AACvC,MAAM,KAAK,GACR,KAEC,CAAC,KAAK;IACR,CAAC,CAAC,EAA2B,EAAE,EAAE;QAC/B,OAAO,CAAC,GAAG,IAAW,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;AAkBL,SAAS,WAAW,CAAC,OAAsB;IACzC,MAAM,MAAM,GAAG,IAAI,gBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACvD,IAAI,OAAO,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;QAChC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC;IACD,iDAAiD;IACjD,MAAM,CAAC,eAAe,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;IAC9C,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,kBAAkB,GAAG,CAAC,GAAW,EAAE,EAAE;IACzC,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,WAAW,CAAA;;;;KAI1B,CAAC,CAAC;IACL,CAAC;IACD,IAAI,GAAG,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;QAClC,MAAM,IAAI,KAAK,CAAC,WAAW,CAAA;;yBAEN,GAAG;KACvB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,MAAM,OAAO,GAAG,CAAC,OAAgB,EAAE,IAA+B,EAAE,EAAE;IACpE,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,aAAa,GAAG,UAAU,CAAC,QAAQ,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC;IAClF,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,kBAAkB,CAAC,CAAC;IACnD,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC;IACtD,OAAO,KAAK,CAAC,OAAO,EAAE;QACpB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO;QACP,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,qFAAqF;QACrF,MAAM,EAAE,MAAM;KACf,CAAC,CAAC;AACL,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,0BAA0B,GAAG,CACxC,IAGC,EACD,EAAE;IACF,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAEvD,MAAM,cAAc,GAAG,KAAK,CAAC,KAAK,EAAE,IAAqB,EAAE,EAAE;QAC3D,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,MAAM,CAAC,8BAA8B,CAAC,CAAC;QAC3E,MAAM,OAAO,GAAG,iBAAiB,EAAE,CAAC;QACpC,OAAO,QAAQ,CAAC,OAAO,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,MAAM,aAAa,GAAG,KAAK,EAIzB,EAAuD,EACtB,EAAE;QACnC,MAAM,KAAK,GAAG,CAAC,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;QACjD,IAAI,CAAC;YACH,OAAO,MAAM,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAChC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IACE,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO;gBACxB,KAAK,CAAC,OAAO;gBACb,IAAI,CAAC,QAAQ,EAAE,WAAW,CAAC,KAAK,CAAC,EACjC,CAAC;gBACD,MAAM,KAAK,CAAC;YACd,CAAC;YACD,MAAM,QAAQ,GAAG,MAAM,cAAc,CAAC;gBACpC,GAAG,IAAI;gBACP,YAAY,EAAE,IAAI;aACnB,CAAC,CAAC;YACH,OAAO,MAAM,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QAClC,CAAC;IACH,CAAC,CAAC;IAEF,OAAO;QACL,QAAQ,EAAE,KAAK,IAAI,EAAE;YACnB,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC;YACzC,OAAO,KAAK,CAAC,KAAK,CAAC;QACrB,CAAC;QACD,OAAO,EAAE,CAAC,OAAgB,EAAE,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC;QACrD,cAAc,EAAE,KAAK,EACnB,KAAY,EACZ,GAAG,IAA6B,EACI,EAAE;YACtC,OAAO,aAAa,CAAC,CAAC,KAAc,EAAE,EAAE;gBACtC,MAAM,MAAM,GAAG,WAAW,CAAC,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;gBAC/C,OAAO,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,IAAI,CAAC,CAAC;YACtC,CAAC,CAAC,CAAC;QACL,CAAC;QACD,iBAAiB,EAAE,KAAK,EACtB,QAAkB,EAClB,GAAG,IAAgC,EACI,EAAE;YACzC,OAAO,aAAa,CAAC,CAAC,KAAc,EAAE,EAAE;gBACtC,MAAM,MAAM,GAAG,WAAW,CAAC,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;gBAC/C,OAAO,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,GAAG,IAAI,CAAC,CAAC;YAC5C,CAAC,CAAC,CAAC;QACL,CAAC;QACD,eAAe,EAAE,KAAK,EACpB,MAAc,EACd,GAAG,IAA8B,EACI,EAAE;YACvC,OAAO,aAAa,CAAC,CAAC,KAAc,EAAE,EAAE;gBACtC,MAAM,MAAM,GAAG,WAAW,CAAC,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;gBAC/C,OAAO,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;QACL,CAAC;KACF,CAAC;AACJ,CAAC,CAAC"}

package/dist/utils/index.d.ts

@@ -0,0 +1,33 @@
+import type { Auth } from "better-auth";
+import type { betterAuth } from "better-auth/minimal";
+import type { AuthProvider, DefaultFunctionArgs, FunctionReference, GenericActionCtx, GenericDataModel, GenericMutationCtx, GenericQueryCtx } from "convex/server";
+import type { Jwk } from "better-auth/plugins/jwt";
+export type CreateAuth<DataModel extends GenericDataModel, A extends ReturnType<typeof betterAuth> = Auth> = (ctx: GenericCtx<DataModel>) => A;
+export type EventFunction<T extends DefaultFunctionArgs> = FunctionReference<"mutation", "internal" | "public", T>;
+export type GenericCtx<DataModel extends GenericDataModel = GenericDataModel> = GenericQueryCtx<DataModel> | GenericMutationCtx<DataModel> | GenericActionCtx<DataModel>;
+export type RunMutationCtx<DataModel extends GenericDataModel> = (GenericMutationCtx<DataModel> | GenericActionCtx<DataModel>) & {
+    runMutation: GenericMutationCtx<DataModel>["runMutation"];
+};
+export declare const isQueryCtx: <DataModel extends GenericDataModel>(ctx: GenericCtx<DataModel>) => ctx is GenericQueryCtx<DataModel>;
+export declare const isMutationCtx: <DataModel extends GenericDataModel>(ctx: GenericCtx<DataModel>) => ctx is GenericMutationCtx<DataModel>;
+export declare const isActionCtx: <DataModel extends GenericDataModel>(ctx: GenericCtx<DataModel>) => ctx is GenericActionCtx<DataModel>;
+export declare const isRunMutationCtx: <DataModel extends GenericDataModel>(ctx: GenericCtx<DataModel>) => ctx is RunMutationCtx<DataModel>;
+export declare const requireQueryCtx: <DataModel extends GenericDataModel>(ctx: GenericCtx<DataModel>) => GenericQueryCtx<DataModel>;
+export declare const requireMutationCtx: <DataModel extends GenericDataModel>(ctx: GenericCtx<DataModel>) => GenericMutationCtx<DataModel>;
+export declare const requireActionCtx: <DataModel extends GenericDataModel>(ctx: GenericCtx<DataModel>) => GenericActionCtx<DataModel>;
+export declare const requireRunMutationCtx: <DataModel extends GenericDataModel>(ctx: GenericCtx<DataModel>) => RunMutationCtx<DataModel>;
+export type GetTokenOptions = {
+    forceRefresh?: boolean;
+    cookiePrefix?: string;
+    jwtCache?: {
+        enabled: boolean;
+        expirationToleranceSeconds?: number;
+        isAuthError: (error: unknown) => boolean;
+    };
+};
+export declare const getToken: (siteUrl: string, headers: Headers, opts?: GetTokenOptions) => Promise<{
+    isFresh: boolean;
+    token: string | undefined;
+}>;
+export declare const parseJwks: (providerConfig: AuthProvider) => Jwk | undefined;
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAEtD,OAAO,KAAK,EACV,YAAY,EACZ,mBAAmB,EACnB,iBAAiB,EACjB,gBAAgB,EAChB,gBAAgB,EAChB,kBAAkB,EAClB,eAAe,EAChB,MAAM,eAAe,CAAC;AAGvB,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,yBAAyB,CAAC;AAEnD,MAAM,MAAM,UAAU,CACpB,SAAS,SAAS,gBAAgB,EAClC,CAAC,SAAS,UAAU,CAAC,OAAO,UAAU,CAAC,GAAG,IAAI,IAC5C,CAAC,GAAG,EAAE,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;AAEtC,MAAM,MAAM,aAAa,CAAC,CAAC,SAAS,mBAAmB,IAAI,iBAAiB,CAC1E,UAAU,EACV,UAAU,GAAG,QAAQ,EACrB,CAAC,CACF,CAAC;AAEF,MAAM,MAAM,UAAU,CAAC,SAAS,SAAS,gBAAgB,GAAG,gBAAgB,IACxE,eAAe,CAAC,SAAS,CAAC,GAC1B,kBAAkB,CAAC,SAAS,CAAC,GAC7B,gBAAgB,CAAC,SAAS,CAAC,CAAC;AAEhC,MAAM,MAAM,cAAc,CAAC,SAAS,SAAS,gBAAgB,IAAI,CAC7D,kBAAkB,CAAC,SAAS,CAAC,GAC7B,gBAAgB,CAAC,SAAS,CAAC,CAC9B,GAAG;IACF,WAAW,EAAE,kBAAkB,CAAC,SAAS,CAAC,CAAC,aAAa,CAAC,CAAC;CAC3D,CAAC;AAEF,eAAO,MAAM,UAAU,GAAI,SAAS,SAAS,gBAAgB,EAC3D,KAAK,UAAU,CAAC,SAAS,CAAC,KACzB,GAAG,IAAI,eAAe,CAAC,SAAS,CAElC,CAAC;AAEF,eAAO,MAAM,aAAa,GAAI,SAAS,SAAS,gBAAgB,EAC9D,KAAK,UAAU,CAAC,SAAS,CAAC,KACzB,GAAG,IAAI,kBAAkB,CAAC,SAAS,CAErC,CAAC;AAEF,eAAO,MAAM,WAAW,GAAI,SAAS,SAAS,gBAAgB,EAC5D,KAAK,UAAU,CAAC,SAAS,CAAC,KACzB,GAAG,IAAI,gBAAgB,CAAC,SAAS,CAEnC,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,SAAS,SAAS,gBAAgB,EACjE,KAAK,UAAU,CAAC,SAAS,CAAC,KACzB,GAAG,IAAI,cAAc,CAAC,SAAS,CAEjC,CAAC;AAEF,eAAO,MAAM,eAAe,GAAI,SAAS,SAAS,gBAAgB,EAChE,KAAK,UAAU,CAAC,SAAS,CAAC,KACzB,eAAe,CAAC,SAAS,CAK3B,CAAC;AAEF,eAAO,MAAM,kBAAkB,GAAI,SAAS,SAAS,gBAAgB,EACnE,KAAK,UAAU,CAAC,SAAS,CAAC,KACzB,kBAAkB,CAAC,SAAS,CAK9B,CAAC;AAEF,eAAO,MAAM,gBAAgB,GAAI,SAAS,SAAS,gBAAgB,EACjE,KAAK,UAAU,CAAC,SAAS,CAAC,KACzB,gBAAgB,CAAC,SAAS,CAK5B,CAAC;AAEF,eAAO,MAAM,qBAAqB,GAAI,SAAS,SAAS,gBAAgB,EACtE,KAAK,UAAU,CAAC,SAAS,CAAC,KACzB,cAAc,CAAC,SAAS,CAK1B,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE;QACT,OAAO,EAAE,OAAO,CAAC;QACjB,0BAA0B,CAAC,EAAE,MAAM,CAAC;QACpC,WAAW,EAAE,CAAC,KAAK,EAAE,OAAO,KAAK,OAAO,CAAC;KAC1C,CAAC;CACH,CAAC;AAEF,eAAO,MAAM,QAAQ,GACnB,SAAS,MAAM,EACf,SAAS,OAAO,EAChB,OAAO,eAAe;;;EAqCvB,CAAC;AAEF,eAAO,MAAM,SAAS,GAAI,gBAAgB,YAAY,oBAkBrD,CAAC"}

package/dist/utils/index.js

@@ -0,0 +1,91 @@
+import { betterFetch } from "@better-fetch/fetch";
+import { getSessionCookie } from "better-auth/cookies";
+import { JWT_COOKIE_NAME } from "../plugins/convex/index.js";
+import * as jose from "jose";
+export const isQueryCtx = (ctx) => {
+    return "db" in ctx;
+};
+export const isMutationCtx = (ctx) => {
+    return "db" in ctx && "scheduler" in ctx;
+};
+export const isActionCtx = (ctx) => {
+    return "runAction" in ctx;
+};
+export const isRunMutationCtx = (ctx) => {
+    return "runMutation" in ctx;
+};
+export const requireQueryCtx = (ctx) => {
+    if (!isQueryCtx(ctx)) {
+        throw new Error("Query context required");
+    }
+    return ctx;
+};
+export const requireMutationCtx = (ctx) => {
+    if (!isMutationCtx(ctx)) {
+        throw new Error("Mutation context required");
+    }
+    return ctx;
+};
+export const requireActionCtx = (ctx) => {
+    if (!isActionCtx(ctx)) {
+        throw new Error("Action context required");
+    }
+    return ctx;
+};
+export const requireRunMutationCtx = (ctx) => {
+    if (!isRunMutationCtx(ctx)) {
+        throw new Error("Mutation or action context required");
+    }
+    return ctx;
+};
+export const getToken = async (siteUrl, headers, opts) => {
+    const fetchToken = async () => {
+        const { data } = await betterFetch("/api/auth/convex/token", {
+            baseURL: siteUrl,
+            headers,
+        });
+        return { isFresh: true, token: data?.token };
+    };
+    if (!opts?.jwtCache?.enabled || opts.forceRefresh) {
+        return await fetchToken();
+    }
+    const token = getSessionCookie(new Headers(headers), {
+        cookieName: JWT_COOKIE_NAME,
+        cookiePrefix: opts?.cookiePrefix,
+    });
+    if (!token) {
+        return await fetchToken();
+    }
+    try {
+        const claims = jose.decodeJwt(token);
+        const exp = claims?.exp;
+        const now = Math.floor(new Date().getTime() / 1000);
+        const isExpired = exp
+            ? now > exp + (opts?.jwtCache?.expirationToleranceSeconds ?? 60)
+            : true;
+        if (!isExpired) {
+            return { isFresh: false, token };
+        }
+    }
+    catch (error) {
+        // eslint-disable-next-line no-console
+        console.error("Error decoding JWT", error);
+    }
+    return await fetchToken();
+};
+export const parseJwks = (providerConfig) => {
+    const staticJwksString = "jwks" in providerConfig && providerConfig.jwks?.startsWith("data:text/")
+        ? atob(providerConfig.jwks.split("base64,")[1])
+        : undefined;
+    if (!staticJwksString) {
+        return;
+    }
+    const parsed = JSON.parse(staticJwksString?.slice(1, -1).replaceAll(/[\s\\]/g, "") || "{}");
+    const staticJwks = {
+        ...parsed,
+        privateKey: `"${parsed.privateKey}"`,
+        publicKey: `"${parsed.publicKey}"`,
+    };
+    return staticJwks;
+};
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAGlD,OAAO,EAAE,gBAAgB,EAAE,MAAM,qBAAqB,CAAC;AAUvD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AA0B7B,MAAM,CAAC,MAAM,UAAU,GAAG,CACxB,GAA0B,EACS,EAAE;IACrC,OAAO,IAAI,IAAI,GAAG,CAAC;AACrB,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,aAAa,GAAG,CAC3B,GAA0B,EACY,EAAE;IACxC,OAAO,IAAI,IAAI,GAAG,IAAI,WAAW,IAAI,GAAG,CAAC;AAC3C,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,WAAW,GAAG,CACzB,GAA0B,EACU,EAAE;IACtC,OAAO,WAAW,IAAI,GAAG,CAAC;AAC5B,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,GAA0B,EACQ,EAAE;IACpC,OAAO,aAAa,IAAI,GAAG,CAAC;AAC9B,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAC7B,GAA0B,EACE,EAAE;IAC9B,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;IAC5C,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAChC,GAA0B,EACK,EAAE;IACjC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAC9B,GAA0B,EACG,EAAE;IAC/B,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;IAC7C,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,qBAAqB,GAAG,CACnC,GAA0B,EACC,EAAE;IAC7B,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC,CAAC;AAYF,MAAM,CAAC,MAAM,QAAQ,GAAG,KAAK,EAC3B,OAAe,EACf,OAAgB,EAChB,IAAsB,EACtB,EAAE;IACF,MAAM,UAAU,GAAG,KAAK,IAAI,EAAE;QAC5B,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,WAAW,CAChC,wBAAwB,EACxB;YACE,OAAO,EAAE,OAAO;YAChB,OAAO;SACR,CACF,CAAC;QACF,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;IAC/C,CAAC,CAAC;IACF,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,OAAO,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;QAClD,OAAO,MAAM,UAAU,EAAE,CAAC;IAC5B,CAAC;IACD,MAAM,KAAK,GAAG,gBAAgB,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;QACnD,UAAU,EAAE,eAAe;QAC3B,YAAY,EAAE,IAAI,EAAE,YAAY;KACjC,CAAC,CAAC;IACH,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,MAAM,UAAU,EAAE,CAAC;IAC5B,CAAC;IACD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,MAAM,EAAE,GAAG,CAAC;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,GAAG;YACnB,CAAC,CAAC,GAAG,GAAG,GAAG,GAAG,CAAC,IAAI,EAAE,QAAQ,EAAE,0BAA0B,IAAI,EAAE,CAAC;YAChE,CAAC,CAAC,IAAI,CAAC;QACT,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;QACnC,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,sCAAsC;QACtC,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,KAAK,CAAC,CAAC;IAC7C,CAAC;IACD,OAAO,MAAM,UAAU,EAAE,CAAC;AAC5B,CAAC,CAAC;AAEF,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,cAA4B,EAAE,EAAE;IACxD,MAAM,gBAAgB,GACpB,MAAM,IAAI,cAAc,IAAI,cAAc,CAAC,IAAI,EAAE,UAAU,CAAC,YAAY,CAAC;QACvE,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC,CAAC,SAAS,CAAC;IAEhB,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO;IACT,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CACvB,gBAAgB,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,IAAI,CACjE,CAAC;IACF,MAAM,UAAU,GAAG;QACjB,GAAG,MAAM;QACT,UAAU,EAAE,IAAI,MAAM,CAAC,UAAU,GAAG;QACpC,SAAS,EAAE,IAAI,MAAM,CAAC,SAAS,GAAG;KAC5B,CAAC;IACT,OAAO,UAAU,CAAC;AACpB,CAAC,CAAC"}